Pues eso, que le he estado dando al coco y nada que se quita, ayer corrì el Malwarebytes y el Superantispyware, y el adwarecleaner, tambien le hice un anàlisis de arranque del equipo de avast. informe malwarebytes.txt (43,6 KB) Superantispyware.txt (1,2 KB)
Siento subirlos asi, trate de ponerlos como texto pero no me dejaba. de verdad que necesito la ayuda, gracias!
Hola @Mateo_Diaz
Pon el reporte de AdwCleaner para revisarlo.
Descarga Farbar Recovery Scan Tool. seleccionando la versión adecuada para la arquitectura(32 o 64bits) de tu equipo. [color=#FF8C00][size=1]
¿Cómo saber si mi Windows es de 32 o 64 bits.?[/size][/color]
Pon los dos reportes generados.
Debes copiarlos y pegarlos con todo su contenido y usaras varios mensajes si recibes un mensaje de error indicando que es muy largo(mas de 50.000 caracteres aprox.).
Un saludo
Gracias por responder, Mira el informe de :
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 03.03.2019 01
Ran by David Mateo Diaz (04-03-2019 07:35:34)
Running from C:\Users\David Mateo Diaz\AppData\Local\Temp\scoped_dir2972_6030
Windows 10 Pro Version 1803 17134.590 (X64) (2018-12-27 20:08:08)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrador (S-1-5-21-4175682127-3877867951-1631616607-500 - Administrator - Disabled)
David Mateo Diaz (S-1-5-21-4175682127-3877867951-1631616607-1001 - Administrator - Enabled) => C:\Users\David Mateo Diaz
DefaultAccount (S-1-5-21-4175682127-3877867951-1631616607-503 - Limited - Disabled)
Invitado (S-1-5-21-4175682127-3877867951-1631616607-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-4175682127-3877867951-1631616607-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Acrobat Reader DC - Español (HKLM-x32\...\{AC76BA86-7AD7-1034-7B44-AC0F074E4100}) (Version: 19.010.20098 - Adobe Systems Incorporated)
Adobe Illustrator CC 2019 (HKLM-x32\...\ILST_23_0_1) (Version: 23.0.1 - Adobe Systems Incorporated)
Adobe InDesign CC 2019 (HKLM-x32\...\IDSN_14_0) (Version: 14.0 - Adobe Systems Incorporated)
Adobe Photoshop CC 2019 (HKLM-x32\...\PHSP_20_0_1) (Version: 20.0.1 - Adobe Systems Incorporated)
Atom (HKU\S-1-5-21-4175682127-3877867951-1631616607-1001\...\atom) (Version: 1.34.0 - GitHub Inc.)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 19.2.2364 - AVAST Software)
CCleaner (HKLM\...\CCleaner) (Version: 5.53 - Piriform)
CLIP STUDIO 1.8.0 (HKLM-x32\...\{49274EB8-4598-47E6-8039-9BB7CE07627E}) (Version: 1.8.0 - CELSYS)
CLIP STUDIO PAINT 1.8.2 (HKLM-x32\...\{1E4572D2-28BC-4BC9-B743-13DC6CFD71DB}) (Version: 1.8.2 - CELSYS)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.66.90.50 - Conexant)
DAZ Install Manager (64-bit) (HKU\S-1-5-21-4175682127-3877867951-1631616607-1001\...\DAZ Install Manager (64-bit) 1.2.0.6) (Version: 1.2.0.6 - DAZ 3D)
DAZ PostgreSQL CMS (HKLM-x32\...\DAZ PostgreSQL CMS 9.3.4.3) (Version: 9.3.4.3 - DAZ 3D)
DAZ Studio 4.10 (64bit) (HKLM-x32\...\DAZ Studio 4.10 (64bit) 4.10.0.123) (Version: 4.10.0.123 - DAZ 3D)
FileZilla Client 3.40.0 (HKLM-x32\...\FileZilla Client) (Version: 3.40.0 - Tim Kosse)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 72.0.3626.119 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.23 - Google Inc.) Hidden
Java 8 Update 171 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180171F0}) (Version: 8.0.1710.11 - Oracle Corporation)
Malwarebytes versión 3.7.1.2839 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.7.1.2839 - Malwarebytes)
Microsoft Office Professional Plus 2019 - en-us (HKLM\...\ProPlus2019Retail - en-us) (Version: 16.0.10730.20102 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-4175682127-3877867951-1631616607-1001\...\OneDriveSetup.exe) (Version: 19.002.0107.0008 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.12.25810 (HKLM-x32\...\{e2ee15e2-a480-4bc5-bfb7-e9803d1d9823}) (Version: 14.12.25810.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.12.25810 (HKLM-x32\...\{56e11d69-7cc9-40a5-a4f9-8f6190c4d84d}) (Version: 14.12.25810.0 - Microsoft Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.10730.20102 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.10730.20102 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.10730.20102 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.10730.20102 - Microsoft Corporation) Hidden
Opera Stable 58.0.3135.79 (HKU\S-1-5-21-4175682127-3877867951-1631616607-1001\...\Opera 58.0.3135.79) (Version: 58.0.3135.79 - Opera Software)
Patrician 3 (HKLM-x32\...\Patrician 3_is1) (Version: - GOG.com)
qBittorrent 4.1.5 (HKLM-x32\...\qBittorrent) (Version: 4.1.5 - The qBittorrent project)
SoulseekQt versión 2017.2.20 (HKLM-x32\...\{8A4E1646-488C-4E5B-AC31-F784400E8D2D}_is1) (Version: 2017.2.20 - Soulseek LLC)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 8.0.1030 - SUPERAntiSpyware.com)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{1FD817A6-63E1-4519-BFD4-228DABB7AB6B}) (Version: 2.55.0.0 - Microsoft Corporation)
VASSAL (3.2.17) (HKLM\...\VASSAL (3.2.17)) (Version: 3.2.17 - vassalengine.org)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.1 - VideoLAN)
WinRAR 5.61 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.61.0 - win.rar GmbH)
XAMPP (HKLM-x32\...\xampp) (Version: 7.3.1-0 - Bitnami)
ZBrush 2018 (HKLM\...\ZBrush 2018 2018) (Version: 2018 - Pixologic)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-4175682127-3877867951-1631616607-1001_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6} -> [OneDrive] => {a52bba46-e9e1-435f-b3d9-28daa648c0f6}
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-03-03] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-03-03] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-03-03] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-03-03] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0FADC628-6D51-473D-9E0E-176DFD49D431} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe (AVAST Software s.r.o. -> AVAST Software)
Task: {21137EC7-8AC3-4F08-8151-6A65284E1C8E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {2710E68A-304F-4205-8E54-64AB391427FB} - System32\Tasks\AdobeGCInvoker-1.0-DESKTOP-U32J61O-David Mateo Diaz => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
Task: {3AD8062D-9F7C-475F-A4D8-FAF872206C23} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe (Piriform Software Ltd -> Piriform Software Ltd)
Task: {3F3C184E-2AB5-4DD9-A59E-470CAADE721D} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {44A6A695-8C69-4E00-A182-9AE61D486A84} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
Task: {5D729E75-1504-4BCE-BE1D-E6E5348D8F8C} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {6190041C-6850-49AA-B83E-11981A2CA317} - System32\Tasks\SUPERAntiSpyware Scheduled Task 5cf59f15-f349-4972-9292-1bf32d262679 => C:\Program Files\SUPERAntiSpyware\SASTask.exe (SUPERAntiSpyware.com -> SUPERAdBlocker.com)
Task: {7AE7FB56-515E-44E1-A360-9D9A96420EB7} - System32\Tasks\Microsoft\Windows\Conexant\SA2 => C:\Program Files\CONEXANT\SAII\SACpl.exe (Conexant Systems, Inc. -> Conexant Systems, Inc.)
Task: {8233A1CB-E6AE-4FD8-81FD-1F06769F29B4} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {A7D4E9F3-FFFC-4A77-901E-2FE9278D93E9} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {CABE6235-E1CE-4D16-9619-30DC34D58EEF} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {CBB83983-533F-4DB1-AB83-2352AECAE519} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {CF747ACC-F1C3-4F5B-A002-B063710102DF} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {D4C5AACD-76B3-43C7-993F-5CF419492A94} - System32\Tasks\Microsoft\Windows\Conexant\AFA => C:\Program Files\CONEXANT\cAudioFilterAgent\SACpl.exe (Conexant Systems, Inc.) [File not signed]
Task: {DACE1BED-3180-4EAB-9C6E-46A7E21B1F1C} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
Task: {EB913835-C58E-4F2F-909D-3F16CED46C59} - System32\Tasks\SUPERAntiSpyware Scheduled Task eba11488-e388-482e-bcd0-248da9c79489 => C:\Program Files\SUPERAntiSpyware\SASTask.exe (SUPERAntiSpyware.com -> SUPERAdBlocker.com)
Task: {EDF3C310-7F15-4D68-8C14-65D1EE411E25} - System32\Tasks\Microsoft\Office\OfficeOsfInstaller => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\osfinstaller.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {F6A647A9-9954-40AE-B851-20972E3ECDC9} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {FFA35A86-DC4F-4223-B440-D46E33F6A6F6} - System32\Tasks\Opera scheduled Autoupdate 1545965948 => C:\Users\David Mateo Diaz\AppData\Local\Programs\Opera\launcher.exe (Opera Software AS -> Opera Software)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\SUPERAntiSpyware Scheduled Task 5cf59f15-f349-4972-9292-1bf32d262679.job => C:\Program Files\SUPERAntiSpyware\SASTask.exe C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
Task: C:\WINDOWS\Tasks\SUPERAntiSpyware Scheduled Task eba11488-e388-482e-bcd0-248da9c79489.job => C:\Program Files\SUPERAntiSpyware\SASTask.exe C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
Shortcut: C:\Users\David Mateo Diaz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DAZ 3D\DAZStudio4\Online Documentation.lnk -> hxxp:docs.daz3d.com\doku.php\public\software\dazstudi
Shortcut: C:\Users\David Mateo Diaz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DAZ 3D\DAZ Install Manager (64-bit)\DAZ Install Manager (64-bit) Read Me.lnk -> hxxp:docs.daz3d.com\doku.php\public\read_me\index\14811
Shortcut: C:\Users\David Mateo Diaz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BattleScribe\Help.lnk -> hxxp://www.battlescribe.net/?tab=hel
==================== Loaded Modules (Whitelisted) ==============
2019-03-03 20:22 - 2019-02-01 09:56 - 003084800 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Quick.dll
2019-03-03 20:22 - 2019-02-01 09:56 - 004571648 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Widgets.dll
2019-03-03 20:22 - 2019-02-01 09:56 - 000438272 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5WinExtras.dll
2019-03-03 20:22 - 2019-02-01 09:56 - 005139968 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Gui.dll
2019-03-03 20:22 - 2019-02-01 09:56 - 002950144 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Qml.dll
2019-03-03 20:22 - 2019-02-01 09:56 - 002234880 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Network.dll
2019-03-03 20:22 - 2019-02-01 09:55 - 005010944 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Core.dll
2019-03-03 20:22 - 2019-02-01 09:56 - 001181184 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\platforms\qwindows.dll
2019-03-03 20:22 - 2019-02-01 09:56 - 000124928 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\styles\qwindowsvistastyle.dll
2019-03-03 20:22 - 2019-02-01 09:56 - 000026112 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\imageformats\qico.dll
2019-03-03 20:22 - 2019-02-01 09:56 - 000020992 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\imageformats\qsvg.dll
2019-03-03 20:22 - 2019-02-01 09:56 - 000259584 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Svg.dll
2019-03-03 20:22 - 2019-02-01 09:56 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick.2\qtquick2plugin.dll
2019-03-03 20:22 - 2019-02-01 09:56 - 000729088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls\qtquickcontrolsplugin.dll
2019-03-03 20:22 - 2019-02-01 09:56 - 000073216 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Layouts\qquicklayoutsplugin.dll
2019-03-03 20:22 - 2019-02-01 09:56 - 000179712 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Dialogs\dialogplugin.dll
2019-03-03 20:22 - 2019-02-01 09:56 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Window.2\windowplugin.dll
2019-03-03 20:22 - 2019-02-01 09:56 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQml\Models.2\modelsplugin.dll
2019-03-03 20:22 - 2019-02-01 09:56 - 000101888 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\PrivateWidgets\widgetsplugin.dll
2019-03-03 20:22 - 2019-02-01 09:56 - 000035328 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\iconengines\qsvgicon.dll
2019-02-15 17:19 - 2019-02-15 17:19 - 002380800 _____ (Conexant Systems, Inc) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\SmartAudio\044a9c4b47619ae94437356d70005a24\SmartAudio.ni.exe
2019-02-15 17:20 - 2019-02-15 17:20 - 000369152 _____ ( ) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Interop.CxHef9fb4ae#\f09d5176043d2e50039405b0863240a9\Interop.CxHDAudioAPILib.ni.dll
2019-02-15 17:20 - 2019-02-15 17:20 - 000019968 _____ ( ) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Interop.CxUtilSvcLib\f1fb9f8388bf4ff334d21366baf4ebec\Interop.CxUtilSvcLib.ni.dll
2018-12-27 15:04 - 2016-12-19 11:25 - 001165824 _____ (Conexant Systems, Inc.) [File not signed] C:\Program Files\Conexant\SAII\CxHDAudioAPI.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2018-12-27 14:38 - 2019-03-03 19:37 - 000000470 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 space1.adminpressure.space
127.0.0.1 trackpressure.website
127.0.0.1 htagzdownload.pw
127.0.0.1 texttotalk.org
127.0.0.1 360devtraking.website
127.0.0.1 room1.360dev.info
127.0.0.1 djapp.info
127.0.0.1 technologievimy.com
127.0.0.1 sharefolder.online
127.0.0.1 install.portmdfmoon.com
127.0.0.1 adkqow01283.pw
127.0.0.1 telechargini.com
127.0.0.1 rothsideadome.pw
127.0.0.1 fffffk.xyz
127.0.0.1 smarttrackk.xyz
127.0.0.1 discretdan.com
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path: C:\Program Files (x86)\Common Files\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-4175682127-3877867951-1631616607-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\David Mateo Diaz\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\Alfons_mucha,_los_cigarillos_paris_son_los_mejores,_1897_(richard_fuxa_fundation)_03.jpg
DNS Servers: 10.100.6.4 - 10.100.6.5
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
If an entry is included in the fixlist, it will be removed.
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [TCP Query User{A3EEE6B3-5BBA-46F8-95F6-438F89B0AE9E}C:\program files (x86)\total war warhammer ii\warhammer2.exe] => (Allow) C:\program files (x86)\total war warhammer ii\warhammer2.exe (SEGA EUROPE LIMITED -> The Creative Assembly Ltd) [File not signed]
FirewallRules: [UDP Query User{22F02B85-8255-4C05-B486-82DDAFA37A73}C:\program files (x86)\total war warhammer ii\warhammer2.exe] => (Allow) C:\program files (x86)\total war warhammer ii\warhammer2.exe (SEGA EUROPE LIMITED -> The Creative Assembly Ltd) [File not signed]
FirewallRules: [{32E86A98-3CDD-4DAB-A1A7-6DBC1317C661}] => (Allow) D:\Program Files (x86)\qBittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [{043AD914-95DE-49A8-8559-F5DD8F43B85B}] => (Allow) D:\Program Files (x86)\qBittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [TCP Query User{7EA674EF-A5ED-4712-8FDD-641EA089D446}D:\downloads\java\jre1.8.0_191\bin\java.exe] => (Allow) D:\downloads\java\jre1.8.0_191\bin\java.exe No File
FirewallRules: [UDP Query User{9074D7B6-FF7D-4BD8-B845-1070E93845C0}D:\downloads\java\jre1.8.0_191\bin\java.exe] => (Allow) D:\downloads\java\jre1.8.0_191\bin\java.exe No File
FirewallRules: [{931C3D0F-4B0E-4878-90DA-916139C02BC1}] => (Allow) D:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{050B5E07-45F9-4042-BB46-19D2A9CCF398}] => (Allow) D:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{0160222C-F3C4-4AA4-B7F0-441913A7F04F}] => (Allow) D:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{921F8129-7235-4F3A-AB7D-DFA5D5B0CCE4}] => (Allow) D:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{E10B277E-BB0A-4366-B328-F9CD8EEE25B1}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Tabletop Simulator\Tabletop Simulator.exe () [File not signed]
FirewallRules: [{B78343BD-5EB9-436C-A4F4-AF02248815FE}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Tabletop Simulator\Tabletop Simulator.exe () [File not signed]
FirewallRules: [TCP Query User{A47ED626-477E-4527-83CC-162A8A56103F}D:\downloads\java\jre1.8.0_201\bin\java.exe] => (Allow) D:\downloads\java\jre1.8.0_201\bin\java.exe
FirewallRules: [UDP Query User{E83D40F3-6E6D-4CAE-ACF3-D7263624751F}D:\downloads\java\jre1.8.0_201\bin\java.exe] => (Allow) D:\downloads\java\jre1.8.0_201\bin\java.exe
FirewallRules: [{80F7B1F1-1758-4B56-80FD-5192864828AA}] => (Allow) D:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{7008776C-21EC-4503-A5CB-5DF90657F202}] => (Allow) D:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [TCP Query User{4AE40BD7-4596-4DBC-BC38-7C76D73D7E85}D:\program files (x86)\soulseekqt\soulseekqt.exe] => (Allow) D:\program files (x86)\soulseekqt\soulseekqt.exe () [File not signed]
FirewallRules: [UDP Query User{D73E5632-BA2E-498E-A183-D0231FED6EEF}D:\program files (x86)\soulseekqt\soulseekqt.exe] => (Allow) D:\program files (x86)\soulseekqt\soulseekqt.exe () [File not signed]
FirewallRules: [{CAD7BF39-CBCA-4543-95C2-DAF577774B4B}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.)
FirewallRules: [{107600ED-B2AE-4C61-9867-BF387DBB1354}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F559DC35-54DF-49AB-A39A-5016A916CB4A}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{66F8266F-635B-4AB5-AC2E-4FBC2B59BA17}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{5F310EC6-12CB-429D-B502-3321059F64C5}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{65568609-0A80-4B65-BFAE-F61DE7ED3A81}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{11BE07CB-4D86-4550-AD7F-6931EF45FA01}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
FirewallRules: [{A55AFDAE-1DD1-45C4-A903-D811D181BFC6}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
==================== Restore Points =========================
ATTENTION: System Restore is disabled
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (03/04/2019 05:34:44 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: El programa CCleaner64.exe, versión 5.53.0.7034, dejó de interactuar con Windows y se cerró. Para ver si hay más información disponible acerca del problema, comprueba el historial de problemas en la sección Seguridad y mantenimiento del Panel de control.
Identificador de proceso: 214c
Hora de inicio: 01d4d234204bb15a
Hora de finalización: 4294967295
Ruta de la aplicación: C:\Program Files\CCleaner\CCleaner64.exe
Identificador de informe: de9f5b85-bcbc-455d-8b27-797fca5eb467
Nombre completo de paquete con errores:
Identificador de aplicación relativa del paquete con errores:
Error: (03/03/2019 09:43:59 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: El programa CCleaner64.exe, versión 5.53.0.7034, dejó de interactuar con Windows y se cerró. Para ver si hay más información disponible acerca del problema, comprueba el historial de problemas en la sección Seguridad y mantenimiento del Panel de control.
Identificador de proceso: b14
Hora de inicio: 01d4d2336297ebba
Hora de finalización: 4294967295
Ruta de la aplicación: C:\Program Files\CCleaner\CCleaner64.exe
Identificador de informe: 2f131c99-e12f-4718-a364-92750755ddfb
Nombre completo de paquete con errores:
Identificador de aplicación relativa del paquete con errores:
Error: (03/03/2019 08:16:12 PM) (Source: RunBooster) (EventID: 1) (User: )
Description: Event-ID 1
Error: (03/03/2019 07:00:57 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Error de la activación de licencia (slui.exe) con el siguiente código:
hr=0x8007232B
Argumentos de línea de comandos:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=TimerEvent
Error: (03/03/2019 06:48:01 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Error al generar el contexto de activación para "C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.Manifest". Error en el archivo de manifiesto o directiva "C:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL" en la línea 1.
La identidad de componente encontrada en el manifiesto no coincide con la del componente solicitado.
La referencia es UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
La definición es UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Use sxstrace.exe para obtener un diagnóstico detallado.
Error: (03/03/2019 06:40:49 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Error de la activación de licencia (slui.exe) con el siguiente código:
hr=0x8007232B
Argumentos de línea de comandos:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=NetworkAvailable
Error: (03/03/2019 06:40:43 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Error de la activación de licencia (slui.exe) con el siguiente código:
hr=0x8007232B
Argumentos de línea de comandos:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=NetworkAvailable
Error: (03/03/2019 05:10:24 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Error de la activación de licencia (slui.exe) con el siguiente código:
hr=0x8007232B
Argumentos de línea de comandos:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=NetworkAvailable
System errors:
=============
Error: (03/04/2019 07:36:44 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-U32J61O)
Description: El servidor {9E175B6D-F52A-11D8-B9A5-505054503030} no se registró con DCOM dentro del tiempo de espera requerido.
Error: (03/04/2019 07:34:44 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-U32J61O)
Description: El servidor {E48EDA45-43C6-48E0-9323-A7B2067D9CD5} no se registró con DCOM dentro del tiempo de espera requerido.
Error: (03/04/2019 07:32:44 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-U32J61O)
Description: El servidor {9E175B6D-F52A-11D8-B9A5-505054503030} no se registró con DCOM dentro del tiempo de espera requerido.
Error: (03/04/2019 07:30:44 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-U32J61O)
Description: El servidor {9E175B6D-F52A-11D8-B9A5-505054503030} no se registró con DCOM dentro del tiempo de espera requerido.
Error: (03/04/2019 07:28:44 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-U32J61O)
Description: El servidor {9E175B6D-F52A-11D8-B9A5-505054503030} no se registró con DCOM dentro del tiempo de espera requerido.
Error: (03/04/2019 07:26:44 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-U32J61O)
Description: El servidor {9E175B6D-F52A-11D8-B9A5-505054503030} no se registró con DCOM dentro del tiempo de espera requerido.
Error: (03/04/2019 07:24:44 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-U32J61O)
Description: El servidor {9E175B6D-F52A-11D8-B9A5-505054503030} no se registró con DCOM dentro del tiempo de espera requerido.
Error: (03/04/2019 07:22:44 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-U32J61O)
Description: El servidor {9E175B6D-F52A-11D8-B9A5-505054503030} no se registró con DCOM dentro del tiempo de espera requerido.
Windows Defender:
===================================
Date: 2019-03-03 19:12:09.714
Description:
Antivirus de Windows Defender detectó malware u otro software potencialmente no deseado.
Para obtener más información consulte lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Occamy.C&threatid=2147726780&enterprise=0
Nombre: Trojan:Win32/Occamy.C
Id.: 2147726780
Gravedad: Grave
Categoría: Caballo de Troya
Ruta de acceso: file:_C:\Users\David Mateo Diaz\Desktop\KMS Tools Portable.Crack\KMSTools.exe
Origen de detección: Equipo local
Tipo de detección: FastPath
Fuente de detección: Protección en tiempo real
Usuario: DESKTOP-U32J61O\David Mateo Diaz
Nombre de proceso: C:\Windows\System32\PickerHost.exe
Versión de firma: AV: 1.289.363.0, AS: 1.289.363.0, NIS: 1.289.363.0
Versión de motor: AM: 1.1.15700.9, NIS: 1.1.15700.9
Date: 2019-03-03 19:10:14.527
Description:
Antivirus de Windows Defender detectó malware u otro software potencialmente no deseado.
Para obtener más información consulte lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=TrojanDropper:Win32/Kaymundler.B&threatid=2147709422&enterprise=0
Nombre: TrojanDropper:Win32/Kaymundler.B
Id.: 2147709422
Gravedad: Grave
Categoría: Instalador troyano de malware
Ruta de acceso: file:_C:\Program Files (x86)\KMSPico 10.2.1 Final\KMSPico_Installer.bat
Origen de detección: Equipo local
Tipo de detección: Concreto
Fuente de detección: Protección en tiempo real
Usuario: DESKTOP-U32J61O\David Mateo Diaz
Nombre de proceso: C:\Users\David Mateo Diaz\Downloads\KMSPico 10.2.1 [TeamDaz.NG]\KMSPico 10.2.1.exe
Versión de firma: AV: 1.289.363.0, AS: 1.289.363.0, NIS: 1.289.363.0
Versión de motor: AM: 1.1.15700.9, NIS: 1.1.15700.9
Date: 2019-03-03 19:09:36.338
Description:
Antivirus de Windows Defender detectó malware u otro software potencialmente no deseado.
Para obtener más información consulte lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=TrojanDropper:Win32/Kaymundler.B&threatid=2147709422&enterprise=0
Nombre: TrojanDropper:Win32/Kaymundler.B
Id.: 2147709422
Gravedad: Grave
Categoría: Instalador troyano de malware
Ruta de acceso: file:_C:\Program Files (x86)\KMSPico 10.2.1 Final\KMSPico_Installer.bat
Origen de detección: Equipo local
Tipo de detección: Concreto
Fuente de detección: Protección en tiempo real
Usuario: DESKTOP-U32J61O\David Mateo Diaz
Nombre de proceso: C:\Users\David Mateo Diaz\Downloads\KMSPico 10.2.1 [TeamDaz.NG]\KMSPico 10.2.1.exe
Versión de firma: AV: 1.289.363.0, AS: 1.289.363.0, NIS: 1.289.363.0
Versión de motor: AM: 1.1.15700.9, NIS: 1.1.15700.9
Date: 2019-03-03 19:09:36.229
Description:
Antivirus de Windows Defender detectó malware u otro software potencialmente no deseado.
Para obtener más información consulte lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=SoftwareBundler:Win32/Prepscram&threatid=226289&enterprise=0
Nombre: SoftwareBundler:Win32/Prepscram
Id.: 226289
Gravedad: Alta
Categoría: Software que instala varios programas
Ruta de acceso: file:_C:\Program Files (x86)\KMSPico 10.2.1 Final\KMSPico Setup.exe
Origen de detección: Equipo local
Tipo de detección: Concreto
Fuente de detección: Protección en tiempo real
Usuario: DESKTOP-U32J61O\David Mateo Diaz
Nombre de proceso: C:\Users\David Mateo Diaz\Downloads\KMSPico 10.2.1 [TeamDaz.NG]\KMSPico 10.2.1.exe
Versión de firma: AV: 1.289.363.0, AS: 1.289.363.0, NIS: 1.289.363.0
Versión de motor: AM: 1.1.15700.9, NIS: 1.1.15700.9
Date: 2019-03-03 19:09:07.180
Description:
Antivirus de Windows Defender detectó malware u otro software potencialmente no deseado.
Para obtener más información consulte lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=TrojanDropper:Win32/Kaymundler.B&threatid=2147709422&enterprise=0
Nombre: TrojanDropper:Win32/Kaymundler.B
Id.: 2147709422
Gravedad: Grave
Categoría: Instalador troyano de malware
Ruta de acceso: file:_C:\Program Files (x86)\KMSPico 10.2.1 Final\KMSPico_Installer.bat
Origen de detección: Equipo local
Tipo de detección: Concreto
Fuente de detección: Protección en tiempo real
Usuario: DESKTOP-U32J61O\David Mateo Diaz
Nombre de proceso: C:\Users\David Mateo Diaz\Downloads\KMSPico 10.2.1 [TeamDaz.NG]\KMSPico 10.2.1.exe
Versión de firma: AV: 1.289.363.0, AS: 1.289.363.0, NIS: 1.289.363.0
Versión de motor: AM: 1.1.15700.9, NIS: 1.1.15700.9
Date: 2019-02-14 17:56:42.886
Description:
Antivirus de Windows Defender encontró un error al intentar actualizar las firmas.
Nueva versión de firma:
Versión de firma anterior: 1.285.1510.0
Origen de actualización: Servidor de Microsoft Update
Tipo de firma: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\SYSTEM
Versión de motor actual:
Versión de motor anterior: 1.1.15600.4
Código de error: 0x80240016
Descripción del error: Se produjo un problema inesperado mientras se buscaban actualizaciones. Para obtener más información sobre cómo instalar o solucionar problemas en las actualizaciones, consulte Ayuda y soporte técnico.
Date: 2019-02-02 15:41:29.958
Description:
Antivirus de Windows Defender encontró un error al intentar actualizar las firmas.
Nueva versión de firma:
Versión de firma anterior: 1.285.646.0
Origen de actualización: Servidor de Microsoft Update
Tipo de firma: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\SYSTEM
Versión de motor actual:
Versión de motor anterior: 1.1.15600.4
Código de error: 0x8024402c
Descripción del error: Se produjo un problema inesperado mientras se buscaban actualizaciones. Para obtener más información sobre cómo instalar o solucionar problemas en las actualizaciones, consulte Ayuda y soporte técnico.
Date: 2018-12-30 11:03:56.823
Description:
La característica Protección en tiempo real de Antivirus de Windows Defender encontró un error:
Característica: Durante el acceso
Código de error: 0x80004005
Descripción del error: Error no especificado
Motivo: El controlador de filtro no examinó los elementos y está en el modo indirecto. Esto puede deberse a recursos insuficientes.
CodeIntegrity:
===================================
Date: 2019-03-03 20:40:59.574
Description:
Windows blocked file \Device\HarddiskVolume5\Windows\System32\scrobj.dll which has been disallowed for protected processes.
Date: 2019-03-03 20:40:59.560
Description:
Windows blocked file \Device\HarddiskVolume5\Windows\System32\scrobj.dll which has been disallowed for protected processes.
Date: 2019-03-03 20:40:59.547
Description:
Windows blocked file \Device\HarddiskVolume5\Windows\System32\scrobj.dll which has been disallowed for protected processes.
Date: 2019-03-03 20:40:59.529
Description:
Windows blocked file \Device\HarddiskVolume5\Windows\System32\scrobj.dll which has been disallowed for protected processes.
Date: 2019-03-03 20:39:38.427
Description:
Windows blocked file \Device\HarddiskVolume5\Windows\System32\scrobj.dll which has been disallowed for protected processes.
Date: 2019-03-03 20:39:38.411
Description:
Windows blocked file \Device\HarddiskVolume5\Windows\System32\scrobj.dll which has been disallowed for protected processes.
Date: 2019-03-03 20:39:38.395
Description:
Windows blocked file \Device\HarddiskVolume5\Windows\System32\scrobj.dll which has been disallowed for protected processes.
Date: 2019-03-03 20:39:38.371
Description:
Windows blocked file \Device\HarddiskVolume5\Windows\System32\scrobj.dll which has been disallowed for protected processes.
==================== Memory info ===========================
Processor: AMD A10-9620P RADEON R5, 10 COMPUTE CORES 4C+6G
Percentage of memory in use: 56%
Total physical RAM: 7117.52 MB
Available physical RAM: 3083.97 MB
Total Virtual: 14797.52 MB
Available Virtual: 10782.91 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:110.39 GB) (Free:16.42 GB) NTFS
Drive d: (Nuevo vol) (Fixed) (Total:931.51 GB) (Free:325.16 GB) NTFS
\\?\Volume{55f09f83-a859-4a57-9d81-dd502b704c03}\ (Recuperación) (Fixed) (Total:0.44 GB) (Free:0.42 GB) NTFS
\\?\Volume{1ba4b553-eb16-48ad-8426-ca6d33d6b3c2}\ () (Fixed) (Total:0.85 GB) (Free:0.34 GB) NTFS
\\?\Volume{9716c7fe-9d0a-48df-b6d6-250065333df4}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)
Partition: GPT.
========================================================
Disk: 1 (Protective MBR) (Size: 111.8 GB) (Disk ID: 00000000)
Partition: GPT.
==================== End of Addition.txt ====# -------------------------------
# Malwarebytes AdwCleaner 7.2.7.0
# -------------------------------
# Build: 01-30-2019
# Database: 2019-02-28.3 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 03-03-2019
# Duration: 00:00:02
# OS: Windows 10 Pro
# Cleaned: 11
# Failed: 0
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
Deleted C:\Program Files\RunBooster
Deleted C:\Windows\Temp\Smartbar
***** [ Files ] *****
No malicious files cleaned.
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
Deleted HKLM\Software\Wow6432Node\Microleaves
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\RunBooster
Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\ShutdownTime_is1
Deleted HKCU\Software\SetupCompany
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\quick_cleaner
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\436F6625D7B77354DBCD89DDC6CFAB1A
Deleted HKLM\Software\Classes\Installer\Products\436F6625D7B77354DBCD89DDC6CFAB1A
Deleted HKLM\Software\Classes\Installer\Features\436F6625D7B77354DBCD89DDC6CFAB1A
Deleted HKCU\Software\OneSystemCare
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [2182 octets] - [03/03/2019 21:35:34]Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 03.03.2019 01
Ran by David Mateo Diaz (administrator) on DESKTOP-U32J61O (04-03-2019 07:59:07)
Running from C:\Users\David Mateo Diaz\Downloads
Loaded Profiles: David Mateo Diaz (Available Profiles: David Mateo Diaz)
Platform: Windows 10 Pro Version 1803 17134.590 (X64) Language: Español (España, internacional)
Default browser: Opera
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\c0328911.inf_amd64_a81756cbffedb936\B328940\atiesrxx.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\c0328911.inf_amd64_a81756cbffedb936\B328940\atieclxx.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Adobe Systems Incorporated -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(SUPERAntiSpyware.com -> SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(Conexant Systems, Inc. -> Conexant Systems, Inc.) C:\Windows\System32\SASrv.exe
(Conexant Systems, Inc. -> Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(Adobe Systems Incorporated -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.40.70.0_x64__kzf8qxf38zg5c\SkypeApp.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.40.70.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
(Conexant Systems LLC -> Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\David Mateo Diaz\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Support.com, Inc. -> SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Conexant Systems LLC -> Conexant Systems, Inc) C:\Program Files\CONEXANT\SAII\SmartAudio.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\rempl\sedsvc.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Opera Software AS -> Opera Software) C:\Users\David Mateo Diaz\AppData\Local\Programs\Opera\58.0.3135.79\opera.exe
(Opera Software AS -> Opera Software) C:\Users\David Mateo Diaz\AppData\Local\Programs\Opera\58.0.3135.79\opera_crashreporter.exe
(Opera Software AS -> Opera Software) C:\Users\David Mateo Diaz\AppData\Local\Programs\Opera\58.0.3135.79\opera.exe
(Opera Software AS -> Opera Software) C:\Users\David Mateo Diaz\AppData\Local\Programs\Opera\58.0.3135.79\opera.exe
(Opera Software AS -> Opera Software) C:\Users\David Mateo Diaz\AppData\Local\Programs\Opera\58.0.3135.79\opera.exe
(Opera Software AS -> Opera Software) C:\Users\David Mateo Diaz\AppData\Local\Programs\Opera\58.0.3135.79\opera.exe
(Opera Software AS -> Opera Software) C:\Users\David Mateo Diaz\AppData\Local\Programs\Opera\58.0.3135.79\opera.exe
(Opera Software AS -> Opera Software) C:\Users\David Mateo Diaz\AppData\Local\Programs\Opera\58.0.3135.79\opera.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Opera Software AS -> Opera Software) C:\Users\David Mateo Diaz\AppData\Local\Programs\Opera\58.0.3135.79\opera.exe
(Opera Software AS -> Opera Software) C:\Users\David Mateo Diaz\AppData\Local\Programs\Opera\58.0.3135.79\opera.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.WindowsStore_11811.1001.18.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-11] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2675176 2018-12-13] (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [588704 2018-03-28] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [259976 2019-03-03] (AVAST Software s.r.o. -> AVAST Software)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-4175682127-3877867951-1631616607-1001\...\Run: [Steam] => D:\Program Files (x86)\Steam\steam.exe [3144480 2019-02-18] (Valve -> Valve Corporation)
HKU\S-1-5-21-4175682127-3877867951-1631616607-1001\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [9001904 2019-02-11] (Support.com, Inc. -> SUPERAntiSpyware)
HKU\S-1-5-21-4175682127-3877867951-1631616607-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [19646312 2019-02-12] (Piriform Software Ltd -> Piriform Software Ltd)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\72.0.3626.119\Installer\chrmstp.exe [2019-02-25] (Google LLC -> Google Inc.)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\64.0.3282.119\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 10.100.6.4 10.100.6.5
Tcpip\..\Interfaces\{86b50ad3-3591-4ea1-b384-39d5692359aa}: [DhcpNameServer] 10.100.6.4 10.100.6.5
Internet Explorer:
==================
SearchScopes: HKU\S-1-5-21-4175682127-3877867951-1631616607-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2019-03-03] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2019-03-03] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\ssv.dll [2019-01-01] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\jp2ssv.dll [2019-01-01] (Oracle America, Inc. -> Oracle Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-03-03] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-03-03] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-03-03] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-03-03] (Microsoft Corporation -> Microsoft Corporation)
FireFox:
========
FF Plugin: @videolan.org/vlc,version=3.0.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-02-27] (VideoLAN -> VideoLAN)
FF Plugin-x32: @java.com/DTPlugin,version=11.171.2 -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\dtplugin\npDeployJava1.dll [2019-01-01] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.171.2 -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\plugin2\npjp2.dll [2019-01-01] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2019-03-03] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2019-03-03] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2019-02-25] (Google Inc -> Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2019-02-25] (Google Inc -> Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-02-18] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Profile: C:\Users\David Mateo Diaz\AppData\Local\Google\Chrome\User Data\Default [2019-03-03]
CHR Extension: (Docs) - C:\Users\David Mateo Diaz\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-02-25]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
Opera:
=======
OPR Extension: (Instalar Extensiones de Chrome) - C:\Users\David Mateo Diaz\AppData\Roaming\Opera Software\Opera Stable\Extensions\kipjbhgniklcnglfaldilecjomjaddfi [2018-12-30]
OPR Extension: (4chan X) - C:\Users\David Mateo Diaz\AppData\Roaming\Opera Software\Opera Stable\Extensions\ohnjgmpcibpbafdlkimncjhflgedgpam [2019-01-28]
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [173472 2017-01-30] (SUPERAntiSpyware.com -> SUPERAntiSpyware.com)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [2917864 2018-12-13] (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2709480 2018-12-13] (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
R2 AMD External Events Utility; C:\WINDOWS\System32\DriverStore\FileRepository\c0328911.inf_amd64_a81756cbffedb936\B328940\atiesrxx.exe [481656 2018-05-22] (Advanced Micro Devices, Inc. -> AMD)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6758976 2019-03-03] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [357304 2019-03-03] (AVAST Software s.r.o. -> AVAST Software)
S3 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [57504 2019-03-03] (AVAST Software s.r.o. -> AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9658664 2018-09-08] (Microsoft Corporation -> Microsoft Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6562472 2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
R2 RtkBtManServ; C:\WINDOWS\RtkBtManServ.exe [293344 2017-07-12] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.)
R2 SAService; C:\WINDOWS\system32\SAsrv.exe [416576 2016-10-27] (Conexant Systems, Inc. -> Conexant Systems, Inc.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [4737448 2018-12-12] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1902.2-0\NisSrv.exe [4098064 2019-02-23] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1902.2-0\MsMpEng.exe [113992 2019-02-23] (Microsoft Corporation -> Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 3D07A1081ABA; C:\WINDOWS\3D07A1081ABA.sys [619880 2019-03-03] (韵羽健康管理咨询(上海)有限公司 -> VxDriver)
R3 amdgpio2; C:\WINDOWS\System32\drivers\amdgpio2.sys [34704 2016-08-12] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc)
R3 amdi2c; C:\WINDOWS\System32\drivers\amdi2c.sys [54160 2016-09-14] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc)
S3 amdkmcsp; C:\WINDOWS\System32\drivers\amdkmcsp.sys [95080 2017-06-12] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc. )
R3 amdkmdag; C:\WINDOWS\System32\DriverStore\FileRepository\c0328911.inf_amd64_a81756cbffedb936\B328940\atikmdag.sys [44682104 2018-05-22] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R3 AMDKMDAP; C:\WINDOWS\System32\DriverStore\FileRepository\c0328911.inf_amd64_a81756cbffedb936\B328940\atikmpag.sys [552824 2018-05-22] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R0 amdkmpfd; C:\WINDOWS\System32\drivers\amdkmpfd.sys [86936 2017-03-28] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R1 amdpsp; C:\WINDOWS\System32\drivers\amdpsp.sys [239976 2017-06-12] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc. )
R3 amduart; C:\WINDOWS\System32\drivers\amduart.sys [91672 2016-08-13] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc)
R0 amd_sata; C:\WINDOWS\System32\drivers\amd_sata.sys [92400 2016-08-13] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
R0 amd_xata; C:\WINDOWS\System32\drivers\amd_xata.sys [32496 2016-08-13] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
S3 AsusTP; C:\WINDOWS\System32\drivers\AsusTP.sys [101880 2016-09-01] (ASUSTeK Computer Inc. -> ASUS Corporation)
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [37104 2019-03-03] (AVAST Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [205400 2019-03-03] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [225680 2019-03-03] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [196072 2019-03-03] (AVAST Software s.r.o. -> AVAST Software)
R0 aswblog; C:\WINDOWS\System32\drivers\aswblog.sys [320696 2019-03-03] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [57960 2019-03-03] (AVAST Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [15488 2019-03-03] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [249672 2019-03-03] (AVAST Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42288 2019-03-03] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [167304 2019-03-03] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [112312 2019-03-03] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [87944 2019-03-03] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [1034432 2019-03-03] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [474456 2019-03-03] (AVAST Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [216784 2019-03-03] (AVAST Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [379952 2019-03-03] (AVAST Software s.r.o. -> AVAST Software)
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [111080 2018-04-26] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [153328 2019-01-08] (Malwarebytes Corporation -> Malwarebytes)
S3 FTDIBUS; C:\WINDOWS\system32\drivers\ftdibus.sys [98160 2014-09-09] (Future Technology Devices International Ltd -> FTDI Ltd.)
S3 FTSER2K; C:\WINDOWS\system32\drivers\ftser2k.sys [79872 2014-09-09] (Microsoft Windows Hardware Compatibility Publisher -> FTDI Ltd.)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [198512 2019-03-03] (Malwarebytes Corporation -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [20936 2019-02-01] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [127136 2019-03-04] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [72864 2019-03-04] (Malwarebytes Corporation -> Malwarebytes)
R0 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [274416 2019-03-03] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [114040 2019-03-04] (Malwarebytes Corporation -> Malwarebytes)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [964136 2016-12-19] (Realtek Semiconductor Corp. -> Realtek )
R3 RtkBtFilter; C:\WINDOWS\system32\DRIVERS\RtkBtfilter.sys [724448 2017-07-12] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corporation)
R3 RTWlanE; C:\WINDOWS\System32\drivers\rtwlane.sys [8009040 2017-12-21] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corporation )
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (Support.com, Inc. -> SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (Support.com, Inc. -> SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 silabenm; C:\WINDOWS\System32\drivers\silabenm.sys [23552 2014-12-01] (Microsoft Windows Hardware Compatibility Publisher -> Silicon Laboratories)
S3 silabser; C:\WINDOWS\System32\drivers\silabser.sys [79360 2014-12-01] (Microsoft Windows Hardware Compatibility Publisher -> Silicon Laboratories)
S3 VpdHid_1; C:\WINDOWS\System32\drivers\VpdHid_1.sys [20216 2014-11-26] (CLOUD H.Q. INVESTMENT HOLDINGS CO., LTD. -> 0)
S3 VpdHid_MouFiltr; C:\WINDOWS\System32\drivers\VpdHid_MouFiltr.sys [7168 2014-11-26] (CLOUD H.Q. INVESTMENT HOLDINGS CO., LTD. -> 0)
S3 WacHidRouterPro; C:\WINDOWS\System32\drivers\wachidrouter.sys [115680 2017-12-15] (Microsoft Windows Hardware Compatibility Publisher -> Wacom Technology, Corp.)
S3 wacomrouterfilter; C:\WINDOWS\System32\drivers\wacomrouterfilter.sys [17888 2017-12-15] (Microsoft Windows Hardware Compatibility Publisher -> Wacom Technology, Corp.)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [46472 2019-02-23] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [333792 2019-02-23] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [62432 2019-02-23] (Microsoft Windows -> Microsoft Corporation)
R2 WinDivert1.2; C:\WINDOWS\system32\drivers\WinDivert64.sys [37552 2019-03-03] (Nemea Mjukvaruutveckling AB -> Basil)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)==================== One month (created) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-03-04 07:59 - 2019-03-04 08:00 - 000022344 _____ C:\Users\David Mateo Diaz\Downloads\FRST.txt
2019-03-04 07:32 - 2019-03-04 07:59 - 000000000 ____D C:\FRST
2019-03-04 07:31 - 2019-03-04 07:31 - 002434560 _____ (Farbar) C:\Users\David Mateo Diaz\Downloads\FRST64.exe
2019-03-04 06:36 - 2019-03-04 06:36 - 000127136 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2019-03-04 06:36 - 2019-03-04 06:36 - 000114040 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2019-03-04 06:36 - 2019-03-04 06:36 - 000072864 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2019-03-03 21:38 - 2019-03-03 21:38 - 000003936 _____ C:\WINDOWS\System32\Tasks\CCleaner Update
2019-03-03 21:38 - 2019-03-03 21:38 - 000002910 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2019-03-03 21:38 - 2019-03-03 21:38 - 000000863 _____ C:\Users\Public\Desktop\CCleaner.lnk
2019-03-03 21:38 - 2019-03-03 21:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2019-03-03 21:38 - 2019-03-03 21:38 - 000000000 ____D C:\Program Files\CCleaner
2019-03-03 21:36 - 2019-03-03 21:36 - 000274416 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2019-03-03 21:34 - 2019-03-03 21:35 - 000000000 ____D C:\AdwCleaner
2019-03-03 21:31 - 2019-03-03 21:32 - 019384632 _____ (Piriform Software Ltd) C:\Users\David Mateo Diaz\Downloads\ccsetup553.exe
2019-03-03 21:21 - 2019-03-03 21:21 - 007316688 _____ (Malwarebytes) C:\Users\David Mateo Diaz\Downloads\adwcleaner_7.2.7.0.exe
2019-03-03 20:53 - 2019-03-03 20:53 - 000000000 ____D C:\SUPERDelete
2019-03-03 20:52 - 2019-03-03 21:36 - 000000564 _____ C:\WINDOWS\Tasks\SUPERAntiSpyware Scheduled Task eba11488-e388-482e-bcd0-248da9c79489.job
2019-03-03 20:52 - 2019-03-03 21:36 - 000000564 _____ C:\WINDOWS\Tasks\SUPERAntiSpyware Scheduled Task 5cf59f15-f349-4972-9292-1bf32d262679.job
2019-03-03 20:52 - 2019-03-03 20:52 - 000003826 _____ C:\WINDOWS\System32\Tasks\SUPERAntiSpyware Scheduled Task 5cf59f15-f349-4972-9292-1bf32d262679
2019-03-03 20:52 - 2019-03-03 20:52 - 000003744 _____ C:\WINDOWS\System32\Tasks\SUPERAntiSpyware Scheduled Task eba11488-e388-482e-bcd0-248da9c79489
2019-03-03 20:52 - 2019-03-03 20:52 - 000000000 ____D C:\Users\David Mateo Diaz\AppData\Roaming\SUPERAntiSpyware.com
2019-03-03 20:51 - 2019-03-03 20:52 - 000000000 ____D C:\Program Files\SUPERAntiSpyware
2019-03-03 20:51 - 2019-03-03 20:51 - 000001849 _____ C:\Users\Public\Desktop\SUPERAntiSpyware Professional.lnk
2019-03-03 20:51 - 2019-03-03 20:51 - 000000000 ____D C:\ProgramData\SUPERAntiSpyware.com
2019-03-03 20:51 - 2019-03-03 20:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2019-03-03 20:50 - 2019-03-03 20:51 - 038849448 _____ (SUPERAntiSpyware) C:\Users\David Mateo Diaz\Downloads\SUPERAntiSpywarePro.exe
2019-03-03 20:23 - 2019-03-03 20:23 - 000000000 ____D C:\Users\David Mateo Diaz\AppData\Local\mbam
2019-03-03 20:22 - 2019-03-03 20:22 - 000198512 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2019-03-03 20:22 - 2019-03-03 20:22 - 000001912 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2019-03-03 20:22 - 2019-03-03 20:22 - 000000000 ____D C:\Users\David Mateo Diaz\AppData\Local\mbamtray
2019-03-03 20:22 - 2019-03-03 20:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-03-03 20:22 - 2019-03-03 20:22 - 000000000 ____D C:\ProgramData\Malwarebytes
2019-03-03 20:22 - 2019-03-03 20:22 - 000000000 ____D C:\Program Files\Malwarebytes
2019-03-03 20:22 - 2019-02-01 11:20 - 000020936 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2019-03-03 20:22 - 2019-01-08 15:32 - 000153328 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2019-03-03 20:20 - 2019-03-03 20:21 - 064309056 _____ (Malwarebytes ) C:\Users\David Mateo Diaz\Downloads\mb3-setup-35891.35891-3.7.1.2839-1.0.538-1.0.9074.exe
2019-03-03 19:37 - 2019-03-03 19:37 - 000000000 ___HD C:\$AV_ASW
2019-03-03 19:36 - 2019-03-03 19:51 - 000000000 ____D C:\Users\David Mateo Diaz\AppData\Roaming\zzdupwh3d4m
2019-03-03 19:36 - 2019-03-03 19:51 - 000000000 ____D C:\Users\David Mateo Diaz\AppData\Roaming\seo42kbova3
2019-03-03 19:36 - 2019-03-03 19:50 - 000000000 ____D C:\Users\David Mateo Diaz\AppData\Roaming\12laox3wbbz
2019-03-03 19:35 - 2019-03-03 19:50 - 000000000 ____D C:\Users\David Mateo Diaz\AppData\Roaming\5iocodtjs2j
2019-03-03 19:35 - 2019-03-03 19:38 - 000000000 ____D C:\Users\David Mateo Diaz\AppData\Roaming\rmv0bmb1iic
2019-03-03 19:35 - 2019-03-03 19:35 - 000619880 _____ (VxDriver) C:\WINDOWS\3D07A1081ABA.sys
2019-03-03 19:35 - 2019-03-03 19:35 - 000037552 _____ (Basil) C:\WINDOWS\system32\Drivers\WinDivert64.sys
2019-03-03 19:34 - 2019-03-03 19:44 - 000000000 ____D C:\Program Files (x86)\qesdfv
2019-03-03 19:34 - 2019-03-03 19:34 - 000722944 _____ C:\Users\David Mateo Diaz\AppData\Local\sha.db
2019-03-03 19:34 - 2019-03-03 19:34 - 000140800 _____ C:\Users\David Mateo Diaz\AppData\Local\installer.dat
2019-03-03 19:34 - 2019-03-03 19:34 - 000000000 ____D C:\Users\David Mateo Diaz\AppData\Roaming\Mozilla
2019-03-03 19:32 - 2019-03-03 19:32 - 000000000 ____D C:\Users\David Mateo Diaz\AppData\Local\AdvinstAnalytics
2019-03-03 19:31 - 2019-03-03 19:31 - 000000000 ____D C:\ProgramData\{A4C9EB1F-976D-2DBE-158A-3DA1156D64F0}
2019-03-03 19:31 - 2019-03-03 19:31 - 000000000 ____D C:\ProgramData\{84789F88-E3FA-0D0F-82FE-8C818219D5D0}
2019-03-03 19:25 - 2019-03-03 19:25 - 000000000 ____D C:\Users\David Mateo Diaz\Downloads\pico
2019-03-03 19:24 - 2019-03-03 19:24 - 001276004 _____ C:\Users\David Mateo Diaz\Downloads\pico.rar
2019-03-03 19:18 - 2019-03-03 19:18 - 000002164 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Free Antivirus.lnk
2019-03-03 19:18 - 2019-03-03 19:18 - 000002152 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2019-03-03 19:18 - 2019-03-03 19:18 - 000000000 ____D C:\Users\David Mateo Diaz\AppData\Roaming\AVAST Software
2019-03-03 19:18 - 2019-03-03 19:18 - 000000000 ____D C:\Users\David Mateo Diaz\AppData\Local\AVAST Software
2019-03-03 19:16 - 2019-03-03 20:29 - 000004264 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
2019-03-03 19:16 - 2019-03-03 19:16 - 000474456 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2019-03-03 19:16 - 2019-03-03 19:16 - 000249672 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHdsKe.sys
2019-03-03 19:16 - 2019-03-03 19:16 - 000000000 ____D C:\WINDOWS\System32\Tasks\Avast Software
2019-03-03 19:16 - 2019-03-03 19:16 - 000000000 ____D C:\Program Files\Common Files\AVAST Software
2019-03-03 19:16 - 2019-03-03 19:15 - 001034432 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2019-03-03 19:16 - 2019-03-03 19:15 - 000379952 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2019-03-03 19:16 - 2019-03-03 19:15 - 000362888 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2019-03-03 19:16 - 2019-03-03 19:15 - 000320696 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswblog.sys
2019-03-03 19:16 - 2019-03-03 19:15 - 000225680 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2019-03-03 19:16 - 2019-03-03 19:15 - 000216784 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2019-03-03 19:16 - 2019-03-03 19:15 - 000205400 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2019-03-03 19:16 - 2019-03-03 19:15 - 000196072 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2019-03-03 19:16 - 2019-03-03 19:15 - 000167304 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2019-03-03 19:16 - 2019-03-03 19:15 - 000112312 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2019-03-03 19:16 - 2019-03-03 19:15 - 000087944 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2019-03-03 19:16 - 2019-03-03 19:15 - 000057960 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2019-03-03 19:16 - 2019-03-03 19:15 - 000042288 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2019-03-03 19:16 - 2019-03-03 19:15 - 000037104 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2019-03-03 19:16 - 2019-03-03 19:15 - 000015488 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswElam.sys
2019-03-03 19:14 - 2019-03-03 19:14 - 000000000 ____D C:\Program Files\AVAST Software
2019-03-03 19:13 - 2019-03-03 19:16 - 000000000 ____D C:\ProgramData\AVAST Software
2019-03-03 19:09 - 2019-03-04 06:35 - 000000000 ____D C:\Program Files (x86)\KMSPico 10.2.1 Final
2019-03-03 19:08 - 2019-03-03 19:54 - 000000000 ____D C:\Users\David Mateo Diaz\Downloads\KMSPico 10.2.1 [TeamDaz.NG]
2019-03-03 19:07 - 2019-03-03 19:07 - 003393677 _____ C:\Users\David Mateo Diaz\Downloads\KMSPico 10.2.1 [TeamDaz.NG].zip
2019-03-03 18:57 - 2019-03-03 18:57 - 000000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2019-03-03 18:57 - 2019-03-03 18:57 - 000000000 ____D C:\Program Files\Reference Assemblies
2019-03-03 18:57 - 2019-03-03 18:57 - 000000000 ____D C:\Program Files\MSBuild
2019-03-03 18:57 - 2019-03-03 18:57 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
2019-03-03 18:57 - 2019-03-03 18:57 - 000000000 ____D C:\Program Files (x86)\MSBuild
2019-03-03 18:56 - 2018-03-05 16:07 - 000778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2019-03-03 18:56 - 2018-03-05 16:07 - 000103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2019-03-03 18:56 - 2018-03-05 16:07 - 000035456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2019-03-03 18:56 - 2018-02-14 16:21 - 001166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2019-03-03 18:56 - 2018-02-14 16:21 - 000124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2019-03-03 18:56 - 2018-02-14 16:21 - 000035456 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2019-03-03 18:48 - 2019-03-03 18:48 - 000000000 ____D C:\Users\David Mateo Diaz\AppData\Roaming\Skype
2019-03-03 18:47 - 2019-03-03 18:47 - 000002498 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype for Business.lnk
2019-03-03 18:47 - 2019-03-03 18:47 - 000002493 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2019-03-03 18:47 - 2019-03-03 18:47 - 000002492 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2019-03-03 18:47 - 2019-03-03 18:47 - 000002456 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2019-03-03 18:47 - 2019-03-03 18:47 - 000002455 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2019-03-03 18:47 - 2019-03-03 18:47 - 000002449 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2019-03-03 18:47 - 2019-03-03 18:47 - 000002443 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
2019-03-03 18:47 - 2019-03-03 18:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
2019-03-03 18:41 - 2019-03-03 18:46 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2019-03-03 18:41 - 2019-03-03 18:41 - 000000000 ____D C:\Program Files\Microsoft Office 15
2019-03-03 07:52 - 2019-03-03 07:52 - 000096395 _____ C:\WINDOWS\uninstaller.dat
2019-03-02 11:38 - 2019-03-02 11:40 - 012368792 _____ C:\Users\David Mateo Diaz\Downloads\23149.rar
2019-02-27 17:46 - 2019-02-27 17:46 - 033006436 _____ C:\Users\David Mateo Diaz\Downloads\Galaxy_S7_mockup_dxbolyhos.zip
2019-02-25 22:46 - 2019-02-25 22:46 - 000000000 ____D C:\Users\David Mateo Diaz\AppData\Local\CrashDumps
2019-02-25 22:45 - 2019-02-25 22:45 - 000000000 ____D C:\Users\David Mateo Diaz\AppData\Local\Google
2019-02-25 22:44 - 2019-03-03 20:46 - 000002305 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-02-25 22:44 - 2019-03-03 20:46 - 000002258 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-02-25 22:44 - 2019-02-25 22:50 - 000003556 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2019-02-25 22:44 - 2019-02-25 22:50 - 000003432 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2019-02-25 22:43 - 2019-02-25 22:45 - 000000000 ____D C:\Program Files (x86)\Google
2019-02-25 22:43 - 2019-02-25 22:43 - 000004562 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2019-02-25 22:42 - 2019-02-25 22:42 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2019-02-25 22:42 - 2019-02-25 22:42 - 000002124 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk
2019-02-25 21:11 - 2019-02-25 21:18 - 000701487 _____ C:\Users\David Mateo Diaz\Downloads\mate pastor (1).ai
2019-02-25 20:15 - 2019-02-25 20:15 - 000943598 _____ C:\Users\David Mateo Diaz\Downloads\mate pastor.ai
2019-02-25 16:19 - 2019-02-25 16:19 - 000000000 ____D C:\Users\David Mateo Diaz\AppData\Local\SoulseekQt
2019-02-25 15:31 - 2019-02-25 15:31 - 001130392 _____ C:\Users\David Mateo Diaz\Downloads\Roboto.zip
2019-02-25 15:26 - 2019-02-25 15:26 - 000000000 ____D C:\Users\David Mateo Diaz\Documents\Soulseek Downloads
2019-02-25 15:17 - 2019-02-25 15:17 - 000000780 _____ C:\Users\Public\Desktop\SoulseekQt.lnk
2019-02-25 15:17 - 2019-02-25 15:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SoulseekQt
2019-02-25 15:13 - 2019-02-25 15:13 - 000059931 _____ C:\Users\David Mateo Diaz\Downloads\Avenir-Font.zip
2019-02-24 22:26 - 2019-02-24 22:26 - 002416728 _____ C:\Users\David Mateo Diaz\Desktop\alternativa loco.pdf
2019-02-23 11:59 - 2019-02-23 12:00 - 000024761 _____ C:\Users\David Mateo Diaz\Downloads\Scott Robertson - How to Render The Fundamentals of Light, Shadow and Reflectivity (Scan).torrent
2019-02-21 15:03 - 2019-02-21 15:03 - 000580016 _____ C:\Users\David Mateo Diaz\Downloads\Playfair_Display.zip
2019-02-21 14:36 - 2019-02-21 14:36 - 013382886 _____ C:\Users\David Mateo Diaz\Downloads\Calabozo final.psd
2019-02-21 14:27 - 2019-01-31 23:32 - 000000000 ____D C:\Users\David Mateo Diaz\Downloads\Source_Word_Professional_Reusme_Design
2019-02-21 13:43 - 2019-02-21 14:26 - 131677567 _____ C:\Users\David Mateo Diaz\Downloads\Source_Word_Professional_Reusme_Design.zip
2019-02-21 13:43 - 2018-11-06 01:52 - 000000000 ____D C:\Users\David Mateo Diaz\Downloads\Source_Business_Job_CV_Resume_Word_2793712
2019-02-21 13:39 - 2019-02-21 13:41 - 127369055 _____ C:\Users\David Mateo Diaz\Downloads\Source_Business_Job_CV_Resume_Word_2793712.zip
2019-02-21 07:29 - 2019-02-21 07:29 - 001056919 _____ C:\Users\David Mateo Diaz\Downloads\Bomba Antibunker.EPS
2019-02-20 20:23 - 2019-02-20 20:23 - 000013219 _____ C:\Users\David Mateo Diaz\Downloads\LOLEE CATEGORIAS DE ANALISIS.xlsx
2019-02-19 15:44 - 2019-02-19 15:44 - 002413037 _____ C:\Users\David Mateo Diaz\Downloads\5 mates preentrega 2.pdf
2019-02-19 15:30 - 2019-02-19 16:12 - 000722584 _____ C:\Users\David Mateo Diaz\Downloads\mate del tonto.ai
2019-02-19 10:07 - 2019-02-25 20:24 - 003318868 _____ C:\Users\David Mateo Diaz\Downloads\mate legal (1).ai
2019-02-19 09:49 - 2019-02-19 09:49 - 000085665 _____ C:\Users\David Mateo Diaz\Downloads\[Pornbay.org]Desiree Cousteau Mini Pack, containing(Deep Rub, Hot Lunch, Hot And Saucy Pizza Girls, Inside Desiree Cousteau, The Golden Age of Porn - Desiree Cousteau ).torrent
2019-02-18 20:00 - 2019-02-18 20:00 - 000387864 _____ C:\Users\David Mateo Diaz\Downloads\tinified (1).zip
2019-02-18 06:24 - 2019-02-25 20:24 - 001416621 _____ C:\Users\David Mateo Diaz\Downloads\mate legal.ai
2019-02-17 16:34 - 2019-02-17 16:34 - 000000846 _____ C:\Users\David Mateo Diaz\Desktop\Adobe InDesign CC 2019.lnk
2019-02-17 16:24 - 2019-02-18 06:24 - 003483782 _____ C:\Users\David Mateo Diaz\Downloads\mate del tonto y bristol.ai
2019-02-15 18:06 - 2019-02-15 18:06 - 000000000 ____D C:\Users\David Mateo Diaz\Downloads\yen.041016.117-Gumroad_Slim_Female_Basemesh
2019-02-15 11:32 - 2019-02-15 11:32 - 000057988 _____ C:\Users\David Mateo Diaz\Downloads\Caso IKEA.pdf
2019-02-15 10:49 - 2019-02-15 10:50 - 000512342 _____ C:\Users\David Mateo Diaz\Downloads\caso 1_los precios atractivos de ikea.pdf
2019-02-14 20:57 - 2019-02-14 21:17 - 123255312 _____ C:\Users\David Mateo Diaz\Downloads\yen.041016.117-Gumroad_Slim_Female_Basemesh (1).rar
2019-02-14 20:52 - 2019-02-14 20:52 - 000015099 _____ C:\Users\David Mateo Diaz\Downloads\Gumroad Slim Female Basemesh (1).torrent
2019-02-14 20:41 - 2019-02-14 20:41 - 000016753 _____ C:\Users\David Mateo Diaz\Downloads\VIDEOHIVE The Ultimate Story Pack AFTER EFFECTS.torrent
2019-02-14 20:19 - 2019-02-14 20:19 - 000015593 _____ C:\Users\David Mateo Diaz\Downloads\3D Scan Store - Male and Female Base Mesh Bundle.torrent
2019-02-14 20:19 - 2019-02-14 20:19 - 000015099 _____ C:\Users\David Mateo Diaz\Downloads\Gumroad Slim Female Basemesh.torrent
2019-02-14 19:32 - 2019-02-14 19:33 - 000000000 ____D C:\Users\Public\Documents\ZBrushData2018
2019-02-13 15:31 - 2019-02-13 15:31 - 004330141 _____ C:\Users\David Mateo Diaz\Downloads\montserrat.zip
2019-02-13 15:31 - 2019-02-13 15:31 - 000000000 ____D C:\Users\David Mateo Diaz\Downloads\montserrat
2019-02-13 15:29 - 2019-02-13 15:30 - 000000000 ____D C:\Users\David Mateo Diaz\Downloads\Source_ADL_Letterhead_Design_Bundle
2019-02-13 15:28 - 2019-02-13 15:28 - 022907313 _____ C:\Users\David Mateo Diaz\Downloads\Source_ADL_Letterhead_Design_Bundle.zip
2019-02-12 20:32 - 2019-02-05 21:38 - 000561152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2019-02-12 20:32 - 2019-01-11 21:28 - 000352768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2019-02-12 20:32 - 2019-01-09 00:44 - 000078688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wldp.dll
2019-02-12 20:32 - 2019-01-09 00:26 - 002966016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2019-02-12 20:32 - 2019-01-09 00:20 - 000916480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2019-02-12 20:32 - 2019-01-09 00:20 - 000135680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\smartscreenps.dll
2019-02-12 20:32 - 2019-01-09 00:19 - 000678400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2019-02-12 20:32 - 2019-01-09 00:19 - 000316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\GlobCollationHost.dll
2019-02-12 20:32 - 2019-01-09 00:18 - 000195584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GlobCollationHost.dll
2019-02-12 20:32 - 2019-01-07 22:06 - 001311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2019-02-12 20:31 - 2019-02-06 02:54 - 004527584 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2019-02-12 20:31 - 2019-02-06 02:53 - 001634704 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2019-02-12 20:31 - 2019-02-06 02:35 - 000058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
2019-02-12 20:31 - 2019-02-06 02:32 - 003648512 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2019-02-12 20:31 - 2019-02-06 02:30 - 004052992 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2019-02-12 20:31 - 2019-02-06 02:30 - 001662464 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2019-02-12 20:31 - 2019-02-06 02:30 - 001364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2019-02-12 20:31 - 2019-02-06 02:11 - 001454648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2019-02-12 20:31 - 2019-02-06 01:57 - 000044032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf3216.dll
2019-02-12 20:31 - 2019-02-06 01:52 - 004053504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2019-02-12 20:31 - 2019-02-06 01:52 - 002891776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2019-02-12 20:31 - 2019-02-06 01:52 - 001470976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2019-02-12 20:31 - 2019-02-05 22:01 - 001989040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2019-02-12 20:31 - 2019-02-05 22:01 - 001221432 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-02-12 20:31 - 2019-02-05 22:01 - 001029944 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-02-12 20:31 - 2019-02-05 22:01 - 000720480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2019-02-12 20:31 - 2019-02-05 22:01 - 000566568 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2019-02-12 20:31 - 2019-02-05 22:01 - 000134968 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2019-02-12 20:31 - 2019-02-05 22:01 - 000076088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2019-02-12 20:31 - 2019-02-05 22:01 - 000033576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NtlmShared.dll
2019-02-12 20:31 - 2019-02-05 22:00 - 009084432 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-02-12 20:31 - 2019-02-05 22:00 - 007520112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-02-12 20:31 - 2019-02-05 22:00 - 006572416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-02-12 20:31 - 2019-02-05 22:00 - 002719760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2019-02-12 20:31 - 2019-02-05 22:00 - 002465792 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2019-02-12 20:31 - 2019-02-05 22:00 - 002421264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2019-02-12 20:31 - 2019-02-05 22:00 - 001257904 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-02-12 20:31 - 2019-02-05 22:00 - 001140680 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2019-02-12 20:31 - 2019-02-05 22:00 - 001130568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2019-02-12 20:31 - 2019-02-05 22:00 - 001098272 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2019-02-12 20:31 - 2019-02-05 22:00 - 000945680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refsv1.sys
2019-02-12 20:31 - 2019-02-05 22:00 - 000899728 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2019-02-12 20:31 - 2019-02-05 22:00 - 000466960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2019-02-12 20:31 - 2019-02-05 22:00 - 000376120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2019-02-12 20:31 - 2019-02-05 22:00 - 000043536 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser_broker.exe
2019-02-12 20:31 - 2019-02-05 22:00 - 000038792 _____ (Microsoft Corporation) C:\WINDOWS\system32\NtlmShared.dll
2019-02-12 20:31 - 2019-02-05 21:59 - 001922064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refs.sys
2019-02-12 20:31 - 2019-02-05 21:59 - 001457248 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-02-12 20:31 - 2019-02-05 21:59 - 000983128 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2019-02-12 20:31 - 2019-02-05 21:59 - 000144288 _____ (Microsoft Corporation) C:\WINDOWS\system32\smss.exe
2019-02-12 20:31 - 2019-02-05 21:52 - 022014464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2019-02-12 20:31 - 2019-02-05 21:45 - 019404288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-02-12 20:31 - 2019-02-05 21:42 - 003711488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2019-02-12 20:31 - 2019-02-05 21:41 - 025853952 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-02-12 20:31 - 2019-02-05 21:41 - 005307392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2019-02-12 20:31 - 2019-02-05 21:40 - 005792256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-02-12 20:31 - 2019-02-05 21:40 - 000021504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\npmproxy.dll
2019-02-12 20:31 - 2019-02-05 21:38 - 000608768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2019-02-12 20:31 - 2019-02-05 21:37 - 004515840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2019-02-12 20:31 - 2019-02-05 21:37 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2019-02-12 20:31 - 2019-02-05 21:33 - 022714880 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-02-12 20:31 - 2019-02-05 21:29 - 004865536 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2019-02-12 20:31 - 2019-02-05 21:28 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidparse.sys
2019-02-12 20:31 - 2019-02-05 21:28 - 000039936 _____ (Microsoft Corporation) C:\WINDOWS\system32\npmproxy.dll
2019-02-12 20:31 - 2019-02-05 21:27 - 000894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2019-02-12 20:31 - 2019-02-05 21:27 - 000808448 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2019-02-12 20:31 - 2019-02-05 21:27 - 000358912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\exfat.sys
2019-02-12 20:31 - 2019-02-05 21:27 - 000266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2019-02-12 20:31 - 2019-02-05 21:26 - 007599616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-02-12 20:31 - 2019-02-05 21:26 - 000726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2019-02-12 20:31 - 2019-02-05 21:26 - 000324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\udfs.sys
2019-02-12 20:31 - 2019-02-05 21:26 - 000174592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2019-02-12 20:31 - 2019-02-05 21:26 - 000154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2019-02-12 20:31 - 2019-02-05 21:25 - 000736256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2019-02-12 20:31 - 2019-02-05 21:25 - 000507392 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofmsvc.dll
2019-02-12 20:31 - 2019-02-05 21:24 - 004937728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2019-02-12 20:31 - 2019-02-05 21:24 - 000466432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2019-02-12 20:31 - 2019-02-05 21:23 - 000393216 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2019-02-12 20:31 - 2019-02-05 21:22 - 000960512 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2019-02-12 20:31 - 2019-02-05 21:22 - 000885760 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2019-02-12 20:31 - 2019-02-05 21:21 - 000093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cdfs.sys
2019-02-12 20:31 - 2019-02-05 20:04 - 000001314 _____ C:\WINDOWS\system32\tcbres.wim
2019-02-12 20:31 - 2019-01-12 03:56 - 001008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MixedRealityCapture.dll
2019-02-12 20:31 - 2019-01-09 13:08 - 000309560 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2019-02-12 20:31 - 2019-01-09 12:57 - 000720536 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2019-02-12 20:31 - 2019-01-09 12:42 - 004716032 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2019-02-12 20:31 - 2019-01-09 12:41 - 012730368 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2019-02-12 20:31 - 2019-01-09 12:41 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2019-02-12 20:31 - 2019-01-09 12:40 - 000171520 _____ (Microsoft Corporation) C:\WINDOWS\system32\itss.dll
2019-02-12 20:31 - 2019-01-09 12:36 - 001054720 _____ (Microsoft Corporation) C:\WINDOWS\HelpPane.exe
2019-02-12 20:31 - 2019-01-09 12:35 - 002919936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2019-02-12 20:31 - 2019-01-09 05:14 - 000607744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2019-02-12 20:31 - 2019-01-09 04:55 - 011919872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2019-02-12 20:31 - 2019-01-09 04:55 - 000150016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\itss.dll
2019-02-12 20:31 - 2019-01-09 03:55 - 001285432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2019-02-12 20:31 - 2019-01-09 03:48 - 000527368 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2019-02-12 20:31 - 2019-01-09 00:59 - 000611848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2019-02-12 20:31 - 2019-01-09 00:43 - 006043496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2019-02-12 20:31 - 2019-01-09 00:43 - 004789944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2019-02-12 20:31 - 2019-01-09 00:43 - 002253480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2019-02-12 20:31 - 2019-01-09 00:43 - 001981280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2019-02-12 20:31 - 2019-01-09 00:43 - 001620264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2019-02-12 20:31 - 2019-01-09 00:43 - 000607376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2019-02-12 20:31 - 2019-01-09 00:43 - 000581592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
2019-02-12 20:31 - 2019-01-09 00:43 - 000287640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2019-02-12 20:31 - 2019-01-09 00:43 - 000129088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2019-02-12 20:31 - 2019-01-09 00:43 - 000127744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rmclient.dll
2019-02-12 20:31 - 2019-01-09 00:43 - 000071456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\svchost.exe
2019-02-12 20:31 - 2019-01-09 00:42 - 001035232 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-02-12 20:31 - 2019-01-09 00:42 - 000092704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bindflt.sys
2019-02-12 20:31 - 2019-01-09 00:40 - 002765336 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2019-02-12 20:31 - 2019-01-09 00:40 - 001063224 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2019-02-12 20:31 - 2019-01-09 00:40 - 000432952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2019-02-12 20:31 - 2019-01-09 00:40 - 000226104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2019-02-12 20:31 - 2019-01-09 00:40 - 000090872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll
2019-02-12 20:31 - 2019-01-09 00:39 - 007436016 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2019-02-12 20:31 - 2019-01-09 00:39 - 004404720 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2019-02-12 20:31 - 2019-01-09 00:39 - 002571632 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2019-02-12 20:31 - 2019-01-09 00:39 - 001943128 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2019-02-12 20:31 - 2019-01-09 00:39 - 000789696 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2019-02-12 20:31 - 2019-01-09 00:39 - 000713264 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2019-02-12 20:31 - 2019-01-09 00:39 - 000349656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2019-02-12 20:31 - 2019-01-09 00:39 - 000269624 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2019-02-12 20:31 - 2019-01-09 00:39 - 000260800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2019-02-12 20:31 - 2019-01-09 00:39 - 000175416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spacedump.sys
2019-02-12 20:31 - 2019-01-09 00:39 - 000164192 _____ (Microsoft Corporation) C:\WINDOWS\system32\rmclient.dll
2019-02-12 20:31 - 2019-01-09 00:39 - 000085472 _____ (Microsoft Corporation) C:\WINDOWS\system32\svchost.exe
2019-02-12 20:31 - 2019-01-09 00:33 - 016597504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2019-02-12 20:31 - 2019-01-09 00:32 - 013878272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2019-02-12 20:31 - 2019-01-09 00:29 - 008188928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2019-02-12 20:31 - 2019-01-09 00:29 - 002500096 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe
2019-02-12 20:31 - 2019-01-09 00:27 - 004710912 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2019-02-12 20:31 - 2019-01-09 00:27 - 004384256 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2019-02-12 20:31 - 2019-01-09 00:27 - 001587712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2019-02-12 20:31 - 2019-01-09 00:26 - 006661632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2019-02-12 20:31 - 2019-01-09 00:26 - 003396608 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-02-12 20:31 - 2019-01-09 00:25 - 000161792 _____ (Microsoft Corporation) C:\WINDOWS\system32\spacebridge.dll
2019-02-12 20:31 - 2019-01-09 00:24 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2019-02-12 20:31 - 2019-01-09 00:24 - 000174080 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_CapabilityAccess.dll
2019-02-12 20:31 - 2019-01-09 00:24 - 000157184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spacebridge.dll
2019-02-12 20:31 - 2019-01-09 00:23 - 002368000 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2019-02-12 20:31 - 2019-01-09 00:23 - 001708544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSPhotography.dll
2019-02-12 20:31 - 2019-01-09 00:23 - 001361408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSPhotography.dll
2019-02-12 20:31 - 2019-01-09 00:23 - 001189888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2019-02-12 20:31 - 2019-01-09 00:23 - 000898560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2019-02-12 20:31 - 2019-01-09 00:23 - 000145920 _____ (Microsoft Corporation) C:\WINDOWS\system32\srpapi.dll
2019-02-12 20:31 - 2019-01-09 00:23 - 000100864 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManagerClient.dll
2019-02-12 20:31 - 2019-01-09 00:23 - 000067072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CapabilityAccessManagerClient.dll
2019-02-12 20:31 - 2019-01-09 00:22 - 001551360 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-02-12 20:31 - 2019-01-09 00:22 - 001395200 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2019-02-12 20:31 - 2019-01-09 00:22 - 000624640 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2019-02-12 20:31 - 2019-01-09 00:22 - 000392704 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicSvc.dll
2019-02-12 20:31 - 2019-01-09 00:22 - 000333824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2019-02-12 20:31 - 2019-01-09 00:22 - 000266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManager.dll
2019-02-12 20:31 - 2019-01-09 00:22 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.NetworkOperators.HotspotAuthentication.dll
2019-02-12 20:31 - 2019-01-09 00:22 - 000126976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srpapi.dll
2019-02-12 20:31 - 2019-01-09 00:21 - 002173440 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-02-12 20:31 - 2019-01-09 00:21 - 000197632 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreenps.dll
2019-02-12 20:31 - 2019-01-09 00:21 - 000106496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.NetworkOperators.HotspotAuthentication.dll
2019-02-12 20:31 - 2019-01-09 00:20 - 001000448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2019-02-12 20:31 - 2019-01-09 00:20 - 000607232 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2019-02-12 20:31 - 2019-01-09 00:19 - 000507392 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2019-02-12 20:31 - 2019-01-09 00:19 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2019-02-12 20:31 - 2019-01-08 23:34 - 000806320 _____ C:\WINDOWS\SysWOW64\locale.nls
2019-02-12 20:31 - 2019-01-08 23:34 - 000806320 _____ C:\WINDOWS\system32\locale.nls
2019-02-12 20:31 - 2019-01-08 04:08 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MixedRealityCapture.dll
2019-02-12 20:31 - 2019-01-07 22:06 - 000313344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd2x40.dll
2019-02-12 20:31 - 2019-01-07 22:06 - 000000072 _____ C:\WINDOWS\system32\edgehtmlpluginpolicy.bin
2019-02-12 13:29 - 2019-02-12 13:29 - 000000157 _____ C:\Users\David Mateo Diaz\Downloads\index.html
2019-02-12 13:24 - 2019-02-12 13:25 - 000000000 ____D C:\Program Files\FileZilla FTP Client
2019-02-12 13:24 - 2019-02-12 13:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XAMPP
2019-02-12 13:24 - 2019-02-12 13:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2019-02-12 13:24 - 2019-02-12 13:23 - 000001294 _____ C:\Users\David Mateo Diaz\Desktop\filezilla - Acceso directo.lnk
2019-02-12 12:06 - 2019-02-12 12:06 - 000000863 _____ C:\Users\David Mateo Diaz\Downloads\Ftp [email protected] (1).xml
2019-02-12 12:06 - 2019-02-12 12:06 - 000000012 _____ C:\Users\David Mateo Diaz\Documents\contraseña free hosting.txt
2019-02-12 12:05 - 2019-02-12 12:05 - 000000863 _____ C:\Users\David Mateo Diaz\Downloads\Ftp [email protected]
2019-02-12 12:01 - 2019-02-12 13:45 - 000000000 ____D C:\Users\David Mateo Diaz\AppData\Roaming\FileZilla
2019-02-12 12:01 - 2019-02-12 13:25 - 000000000 ____D C:\Users\David Mateo Diaz\AppData\Local\FileZilla
2019-02-12 12:01 - 2019-02-12 12:01 - 007954904 _____ (Tim Kosse) C:\Users\David Mateo Diaz\Downloads\FileZilla_3.40.0_win64-setup.exe
2019-02-12 12:01 - 2019-02-12 12:01 - 000000845 _____ C:\Users\David Mateo Diaz\Downloads\Ftp dmateodiaz.xml
2019-02-10 19:23 - 2019-02-10 19:23 - 000485556 _____ C:\Users\David Mateo Diaz\Downloads\futura.zip
2019-02-10 17:08 - 2019-02-10 17:08 - 002211660 _____ C:\Users\David Mateo Diaz\Downloads\MagicaVoxel-0.99.3-alpha-win64.zip
2019-02-10 17:08 - 2019-02-10 17:08 - 000000000 ____D C:\Users\David Mateo Diaz\Downloads\MagicaVoxel-0.99.3-alpha-win64
2019-02-07 16:27 - 2019-02-07 16:27 - 000001584 _____ C:\Users\David Mateo Diaz\Documents\humans.dck
2019-02-07 16:25 - 2019-02-07 16:25 - 000000814 _____ C:\Users\David Mateo Diaz\Downloads\Modern_Humans_by_rapidluis08.mwDeck
2019-02-06 21:33 - 2019-02-06 21:53 - 123255312 _____ C:\Users\David Mateo Diaz\Downloads\yen.041016.117-Gumroad_Slim_Female_Basemesh.rar
2019-02-06 17:15 - 2019-02-06 17:15 - 000002263 _____ C:\Users\David Mateo Diaz\Documents\paradoxical storm.dck
2019-02-06 17:13 - 2019-02-06 17:13 - 000001358 _____ C:\Users\David Mateo Diaz\Downloads\Vintage_Paradoxical_Outcome_by_Bryan_Hockey.mwDeck
2019-02-05 22:24 - 2019-02-05 22:24 - 000036330 _____ C:\Users\David Mateo Diaz\Downloads\Domestika - Modelado de personajes en 3D con Zbrush (spanish) (--- - ---) (1).torrent
2019-02-05 22:23 - 2019-02-05 22:23 - 000019064 _____ C:\Users\David Mateo Diaz\Downloads\Domestika - Modelado realista con ZBrush.torrent
2019-02-05 21:47 - 2019-02-12 14:22 - 000000000 ____D C:\Users\David Mateo Diaz\.atom
2019-02-05 21:47 - 2019-02-05 21:54 - 000002300 _____ C:\Users\David Mateo Diaz\Desktop\Atom.lnk
2019-02-05 21:47 - 2019-02-05 21:54 - 000000000 ____D C:\Users\David Mateo Diaz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GitHub, Inc
2019-02-05 21:47 - 2019-02-05 21:54 - 000000000 ____D C:\Users\David Mateo Diaz\AppData\Roaming\Atom
2019-02-05 21:45 - 2019-02-05 21:51 - 000000000 ____D C:\Users\David Mateo Diaz\AppData\Local\atom
2019-02-05 21:45 - 2019-02-05 21:47 - 000000000 ____D C:\Users\David Mateo Diaz\AppData\Local\SquirrelTemp
2019-02-05 09:51 - 2019-02-05 09:51 - 000000846 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe InDesign CC 2019.lnk
2019-02-05 09:34 - 2019-02-05 09:34 - 005804519 _____ C:\Users\David Mateo Diaz\Downloads\fontawesome-free-5.7.1-desktop.zip
2019-02-05 09:29 - 2019-02-05 09:29 - 000035061 _____ C:\Users\David Mateo Diaz\Downloads\Adobe InDesign CC 2019 (v14.0.1) x86 Multilingual.torrent
2019-02-04 22:17 - 2019-02-04 22:17 - 000807996 _____ C:\Users\David Mateo Diaz\Downloads\hk-grotesk.zip
2019-02-04 21:16 - 2019-02-04 21:16 - 000000000 ____D C:\Users\David Mateo Diaz\Downloads\Semana 02 a 03 imagenes
2019-02-04 21:15 - 2019-02-04 21:16 - 053255593 _____ C:\Users\David Mateo Diaz\Downloads\Semana 02 a 03 imagenes.zip
2019-02-04 17:33 - 2019-02-04 17:34 - 000935871 _____ C:\Users\David Mateo Diaz\Downloads\tinified.zip
2019-02-04 17:19 - 2019-02-04 17:19 - 000036330 _____ C:\Users\David Mateo Diaz\Downloads\Domestika - Modelado de personajes en 3D con Zbrush (spanish) (--- - ---).torrent
2019-02-04 17:18 - 2012-10-15 11:59 - 000422268 _____ C:\Users\David Mateo Diaz\Downloads\Cheveuxdange.ttf
2019-02-04 17:17 - 2019-02-04 17:18 - 000257690 _____ C:\Users\David Mateo Diaz\Downloads\cheveuxdange.zip
2019-02-04 17:10 - 2019-02-04 17:10 - 009616713 _____ C:\Users\David Mateo Diaz\Downloads\Ficha Duolejo.psd
2019-02-04 17:06 - 2019-02-14 19:32 - 000001455 _____ C:\Users\David Mateo Diaz\Desktop\ZBrush - Acceso directo.lnk
2019-02-04 16:57 - 2019-02-04 16:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pixologic
2019-02-04 16:56 - 2019-02-04 16:56 - 000000000 ____D C:\Users\Public\Pixologic
2019-02-04 16:53 - 2019-02-04 16:53 - 000118211 _____ C:\Users\David Mateo Diaz\Downloads\Gumroad Sculpting a Stylized and Appealing Female Face in ZBrush (--- - ---).torrent
==================== One month (modified) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-03-04 07:47 - 2018-12-27 14:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-03-04 07:04 - 2018-12-27 21:50 - 000000000 ____D C:\Users\David Mateo Diaz\AppData\Local\D3DSCache
2019-03-04 06:43 - 2018-12-27 15:12 - 001768608 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-03-04 06:43 - 2018-12-27 14:43 - 000787744 _____ C:\WINDOWS\system32\perfh00A.dat
2019-03-04 06:43 - 2018-12-27 14:43 - 000155340 _____ C:\WINDOWS\system32\perfc00A.dat
2019-03-04 06:43 - 2018-12-27 14:36 - 000000000 ____D C:\WINDOWS\INF
2019-03-04 06:36 - 2018-12-27 15:01 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-03-04 06:35 - 2018-12-27 15:02 - 000065536 _____ C:\WINDOWS\psp_storage.bin
2019-03-04 06:35 - 2018-12-27 14:29 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2019-03-04 05:33 - 2018-12-27 15:01 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-03-03 20:29 - 2018-12-27 14:37 - 000000000 ___HD C:\Program Files\WindowsApps
2019-03-03 20:22 - 2018-12-27 14:38 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2019-03-03 20:16 - 2018-12-27 14:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-03-03 20:15 - 2018-12-27 15:01 - 000716560 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-03-03 19:49 - 2018-12-27 14:38 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2019-03-03 19:38 - 2019-01-01 13:11 - 000000000 ____D C:\Users\David Mateo Diaz\AppData\Roaming\qBittorrent
2019-03-03 19:32 - 2019-01-01 12:25 - 000000000 ____D C:\Program Files\VideoLAN
2019-03-03 18:58 - 2018-12-27 14:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-03-03 18:57 - 2018-12-27 14:38 - 000000000 ____D C:\WINDOWS\SysWOW64\MUI
2019-03-03 18:57 - 2018-12-27 14:38 - 000000000 ____D C:\WINDOWS\system32\MUI
2019-03-03 18:41 - 2018-12-27 14:37 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2019-03-02 18:34 - 2019-01-01 12:32 - 000000000 ____D C:\Users\David Mateo Diaz\AppData\Roaming\vlc
2019-03-02 15:30 - 2018-12-29 10:37 - 000000000 ____D C:\Users\David Mateo Diaz\AppData\Roaming\MusicBee
2019-03-02 11:30 - 2018-12-27 14:38 - 000000000 ____D C:\WINDOWS\system32\NDF
2019-03-01 10:25 - 2018-12-27 21:59 - 000004302 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1545965948
2019-03-01 10:25 - 2018-12-27 21:59 - 000001516 _____ C:\Users\David Mateo Diaz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Navegador Opera.lnk
2019-02-28 23:04 - 2018-12-27 21:49 - 000000000 ____D C:\Users\David Mateo Diaz
2019-02-28 21:31 - 2018-12-28 11:43 - 000000000 ____D C:\Program Files\rempl
2019-02-26 09:27 - 2019-01-02 20:22 - 000000000 ____D C:\ProgramData\Adobe
2019-02-25 22:45 - 2019-01-02 23:15 - 000000000 ____D C:\Users\David Mateo Diaz\AppData\LocalLow\Adobe
2019-02-25 22:45 - 2019-01-02 20:22 - 000000000 ____D C:\Users\David Mateo Diaz\AppData\Local\Adobe
2019-02-25 22:45 - 2018-12-27 21:50 - 000000000 ____D C:\Users\David Mateo Diaz\AppData\Roaming\Adobe
2019-02-25 22:41 - 2019-01-02 20:22 - 000000000 ____D C:\Program Files (x86)\Adobe
2019-02-23 10:44 - 2018-12-27 15:01 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2019-02-22 07:37 - 2019-01-06 00:50 - 000001456 _____ C:\Users\David Mateo Diaz\AppData\Local\Adobe Guardar para Web 13.0 Prefs
2019-02-21 15:30 - 2019-01-27 15:58 - 000000000 ____D C:\WINDOWS\Minidump
2019-02-18 17:01 - 2019-01-11 20:30 - 000001619 _____ C:\Users\David Mateo Diaz\Documents\kci.dck
2019-02-14 20:07 - 2019-01-02 23:07 - 000000000 ____D C:\Users\Public\Documents\My DAZ 3D Library
2019-02-12 23:01 - 2018-12-27 14:38 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2019-02-12 23:01 - 2018-12-27 14:38 - 000000000 ___SD C:\WINDOWS\system32\F12
2019-02-12 23:01 - 2018-12-27 14:38 - 000000000 ____D C:\WINDOWS\TextInput
2019-02-12 23:01 - 2018-12-27 14:38 - 000000000 ____D C:\WINDOWS\ShellExperiences
2019-02-12 23:01 - 2018-12-27 14:38 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-02-12 23:01 - 2018-12-27 14:37 - 000000000 ____D C:\Program Files\Windows Defender
2019-02-12 20:30 - 2018-12-28 11:53 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-02-12 20:29 - 2018-12-28 11:53 - 129330784 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-02-07 16:08 - 2018-12-27 22:12 - 000000000 ____D C:\ProgramData\Packages
2019-02-06 20:55 - 2018-12-27 22:00 - 000003400 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-4175682127-3877867951-1631616607-1001
2019-02-06 20:55 - 2018-12-27 21:52 - 000000000 ___RD C:\Users\David Mateo Diaz\OneDrive
2019-02-06 20:55 - 2018-12-27 21:49 - 000002434 _____ C:\Users\David Mateo Diaz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-02-05 09:51 - 2019-01-02 20:24 - 000000000 ____D C:\Program Files\Common Files\Adobe
2019-02-02 17:53 - 2018-12-27 14:41 - 000835480 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2019-02-02 17:53 - 2018-12-27 14:41 - 000179600 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
==================== Files in the root of some directories =======
2019-01-06 00:50 - 2019-02-22 07:37 - 000001456 _____ () C:\Users\David Mateo Diaz\AppData\Local\Adobe Guardar para Web 13.0 Prefs
2019-03-03 19:34 - 2019-03-03 19:34 - 000140800 _____ () C:\Users\David Mateo Diaz\AppData\Local\installer.dat
2019-01-04 19:10 - 2019-01-04 19:10 - 000000000 _____ () C:\Users\David Mateo Diaz\AppData\Local\oobelibMkey.log
2019-03-03 19:34 - 2019-03-03 19:34 - 000722944 _____ () C:\Users\David Mateo Diaz\AppData\Local\sha.db
Some files in TEMP:
====================
2019-03-03 19:00 - 2019-03-03 19:04 - 000000232 _____ () C:\Users\David Mateo Diaz\AppData\Local\Temp\KMSTools1.exe
2019-03-03 19:00 - 2019-03-03 19:04 - 000000232 _____ () C:\Users\David Mateo Diaz\AppData\Local\Temp\update.exe
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\dllhost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\dllhost.exe => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signedHola
Porqué tenemos el reporte FRST ejecutado desde la carpeta de Descarga y el de Addition desdeTemp\scoped_dir2972_6030 y en diferentes horas?
Mueve FRST al escritorio que desde donde deberías ejecutarlo, vuelve a analizar y traes los dos nuevos reportes.
Un saludo
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 03.03.2019 01
Ran by David Mateo Diaz (administrator) on DESKTOP-U32J61O (05-03-2019 11:06:52)
Running from C:\Users\David Mateo Diaz\Desktop
Loaded Profiles: David Mateo Diaz (Available Profiles: David Mateo Diaz)
Platform: Windows 10 Pro Version 1803 17134.590 (X64) Language: Español (España, internacional)
Default browser: Opera
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\c0328911.inf_amd64_a81756cbffedb936\B328940\atiesrxx.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\c0328911.inf_amd64_a81756cbffedb936\B328940\atieclxx.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(SUPERAntiSpyware.com -> SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Conexant Systems, Inc. -> Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Adobe Systems Incorporated -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Systems Incorporated -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Conexant Systems, Inc. -> Conexant Systems, Inc.) C:\Windows\System32\SASrv.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.40.70.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\David Mateo Diaz\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Support.com, Inc. -> SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvLaunch.exe
(Opera Software AS -> Opera Software) C:\Users\David Mateo Diaz\AppData\Local\Programs\Opera\58.0.3135.79\opera.exe
(Opera Software AS -> Opera Software) C:\Users\David Mateo Diaz\AppData\Local\Programs\Opera\58.0.3135.79\opera_crashreporter.exe
(Opera Software AS -> Opera Software) C:\Users\David Mateo Diaz\AppData\Local\Programs\Opera\58.0.3135.79\opera.exe
(Opera Software AS -> Opera Software) C:\Users\David Mateo Diaz\AppData\Local\Programs\Opera\58.0.3135.79\opera.exe
(Opera Software AS -> Opera Software) C:\Users\David Mateo Diaz\AppData\Local\Programs\Opera\58.0.3135.79\opera.exe
(Opera Software AS -> Opera Software) C:\Users\David Mateo Diaz\AppData\Local\Programs\Opera\58.0.3135.79\opera.exe
(Opera Software AS -> Opera Software) C:\Users\David Mateo Diaz\AppData\Local\Programs\Opera\58.0.3135.79\opera.exe
(Opera Software AS -> Opera Software) C:\Users\David Mateo Diaz\AppData\Local\Programs\Opera\58.0.3135.79\opera.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Opera Software AS -> Opera Software) C:\Users\David Mateo Diaz\AppData\Local\Programs\Opera\58.0.3135.79\opera.exe
(Opera Software AS -> Opera Software) C:\Users\David Mateo Diaz\AppData\Local\Programs\Opera\58.0.3135.79\opera.exe
(Conexant Systems LLC -> Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
(Opera Software AS -> Opera Software) C:\Users\David Mateo Diaz\AppData\Local\Programs\Opera\58.0.3135.79\opera.exe
(Opera Software AS -> Opera Software) C:\Users\David Mateo Diaz\AppData\Local\Programs\Opera\58.0.3135.79\opera.exe
(Opera Software AS -> Opera Software) C:\Users\David Mateo Diaz\AppData\Local\Programs\Opera\58.0.3135.79\opera.exe
(Opera Software AS -> Opera Software) C:\Users\David Mateo Diaz\AppData\Local\Programs\Opera\58.0.3135.79\opera.exe
(Conexant Systems LLC -> Conexant Systems, Inc) C:\Program Files\CONEXANT\SAII\SmartAudio.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-11] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2675176 2018-12-13] (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [588704 2018-03-28] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [259976 2019-03-03] (AVAST Software s.r.o. -> AVAST Software)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-4175682127-3877867951-1631616607-1001\...\Run: [Steam] => D:\Program Files (x86)\Steam\steam.exe [3144480 2019-02-18] (Valve -> Valve Corporation)
HKU\S-1-5-21-4175682127-3877867951-1631616607-1001\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [9001904 2019-02-11] (Support.com, Inc. -> SUPERAntiSpyware)
HKU\S-1-5-21-4175682127-3877867951-1631616607-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [19646312 2019-02-12] (Piriform Software Ltd -> Piriform Software Ltd)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\72.0.3626.121\Installer\chrmstp.exe [2019-03-05] (Google LLC -> Google Inc.)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\64.0.3282.119\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 190.248.0.1 200.31.208.101
Tcpip\..\Interfaces\{86b50ad3-3591-4ea1-b384-39d5692359aa}: [DhcpNameServer] 190.248.0.1 200.31.208.101
Internet Explorer:
==================
SearchScopes: HKU\S-1-5-21-4175682127-3877867951-1631616607-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2019-03-03] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2019-03-03] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\ssv.dll [2019-01-01] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\jp2ssv.dll [2019-01-01] (Oracle America, Inc. -> Oracle Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-03-03] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-03-03] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-03-03] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-03-03] (Microsoft Corporation -> Microsoft Corporation)
FireFox:
========
FF Plugin: @videolan.org/vlc,version=3.0.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-02-27] (VideoLAN -> VideoLAN)
FF Plugin-x32: @java.com/DTPlugin,version=11.171.2 -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\dtplugin\npDeployJava1.dll [2019-01-01] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.171.2 -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\plugin2\npjp2.dll [2019-01-01] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2019-03-03] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2019-03-03] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2019-02-25] (Google Inc -> Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2019-02-25] (Google Inc -> Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-02-18] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Profile: C:\Users\David Mateo Diaz\AppData\Local\Google\Chrome\User Data\Default [2019-03-05]
CHR Extension: (Docs) - C:\Users\David Mateo Diaz\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-02-25]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
Opera:
=======
OPR Extension: (Instalar Extensiones de Chrome) - C:\Users\David Mateo Diaz\AppData\Roaming\Opera Software\Opera Stable\Extensions\kipjbhgniklcnglfaldilecjomjaddfi [2018-12-30]
OPR Extension: (4chan X) - C:\Users\David Mateo Diaz\AppData\Roaming\Opera Software\Opera Stable\Extensions\ohnjgmpcibpbafdlkimncjhflgedgpam [2019-01-28]
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [173472 2017-01-30] (SUPERAntiSpyware.com -> SUPERAntiSpyware.com)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [2917864 2018-12-13] (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2709480 2018-12-13] (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
R2 AMD External Events Utility; C:\WINDOWS\System32\DriverStore\FileRepository\c0328911.inf_amd64_a81756cbffedb936\B328940\atiesrxx.exe [481656 2018-05-22] (Advanced Micro Devices, Inc. -> AMD)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6758976 2019-03-03] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [357304 2019-03-03] (AVAST Software s.r.o. -> AVAST Software)
S3 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [57504 2019-03-03] (AVAST Software s.r.o. -> AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9658664 2018-09-08] (Microsoft Corporation -> Microsoft Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6562472 2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
R2 RtkBtManServ; C:\WINDOWS\RtkBtManServ.exe [293344 2017-07-12] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.)
R2 SAService; C:\WINDOWS\system32\SAsrv.exe [416576 2016-10-27] (Conexant Systems, Inc. -> Conexant Systems, Inc.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [4737448 2018-12-12] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1902.2-0\NisSrv.exe [4098064 2019-02-23] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1902.2-0\MsMpEng.exe [113992 2019-02-23] (Microsoft Corporation -> Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 3D07A1081ABA; C:\WINDOWS\3D07A1081ABA.sys [619880 2019-03-03] (韵羽健康管理咨询(上海)有限公司 -> VxDriver)
R3 amdgpio2; C:\WINDOWS\System32\drivers\amdgpio2.sys [34704 2016-08-12] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc)
R3 amdi2c; C:\WINDOWS\System32\drivers\amdi2c.sys [54160 2016-09-14] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc)
S3 amdkmcsp; C:\WINDOWS\System32\drivers\amdkmcsp.sys [95080 2017-06-12] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc. )
R3 amdkmdag; C:\WINDOWS\System32\DriverStore\FileRepository\c0328911.inf_amd64_a81756cbffedb936\B328940\atikmdag.sys [44682104 2018-05-22] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R3 AMDKMDAP; C:\WINDOWS\System32\DriverStore\FileRepository\c0328911.inf_amd64_a81756cbffedb936\B328940\atikmpag.sys [552824 2018-05-22] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R0 amdkmpfd; C:\WINDOWS\System32\drivers\amdkmpfd.sys [86936 2017-03-28] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R1 amdpsp; C:\WINDOWS\System32\drivers\amdpsp.sys [239976 2017-06-12] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc. )
R3 amduart; C:\WINDOWS\System32\drivers\amduart.sys [91672 2016-08-13] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc)
R0 amd_sata; C:\WINDOWS\System32\drivers\amd_sata.sys [92400 2016-08-13] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
R0 amd_xata; C:\WINDOWS\System32\drivers\amd_xata.sys [32496 2016-08-13] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
S3 AsusTP; C:\WINDOWS\System32\drivers\AsusTP.sys [101880 2016-09-01] (ASUSTeK Computer Inc. -> ASUS Corporation)
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [37104 2019-03-03] (AVAST Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [205400 2019-03-03] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [225680 2019-03-03] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [196072 2019-03-03] (AVAST Software s.r.o. -> AVAST Software)
R0 aswblog; C:\WINDOWS\System32\drivers\aswblog.sys [320696 2019-03-03] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [57960 2019-03-03] (AVAST Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [15488 2019-03-03] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [249672 2019-03-03] (AVAST Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42288 2019-03-03] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [167304 2019-03-03] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [112312 2019-03-03] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [87944 2019-03-03] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [1034432 2019-03-03] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [474456 2019-03-03] (AVAST Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [216784 2019-03-03] (AVAST Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [379952 2019-03-03] (AVAST Software s.r.o. -> AVAST Software)
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [111080 2018-04-26] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [153328 2019-01-08] (Malwarebytes Corporation -> Malwarebytes)
S3 FTDIBUS; C:\WINDOWS\system32\drivers\ftdibus.sys [98160 2014-09-09] (Future Technology Devices International Ltd -> FTDI Ltd.)
S3 FTSER2K; C:\WINDOWS\system32\drivers\ftser2k.sys [79872 2014-09-09] (Microsoft Windows Hardware Compatibility Publisher -> FTDI Ltd.)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [198512 2019-03-05] (Malwarebytes Corporation -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [20936 2019-02-01] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [127136 2019-03-05] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [72864 2019-03-05] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [274416 2019-03-05] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [114040 2019-03-05] (Malwarebytes Corporation -> Malwarebytes)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [964136 2016-12-19] (Realtek Semiconductor Corp. -> Realtek )
R3 RtkBtFilter; C:\WINDOWS\system32\DRIVERS\RtkBtfilter.sys [724448 2017-07-12] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corporation)
R3 RTWlanE; C:\WINDOWS\System32\drivers\rtwlane.sys [8009040 2017-12-21] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corporation )
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (Support.com, Inc. -> SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (Support.com, Inc. -> SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 silabenm; C:\WINDOWS\System32\drivers\silabenm.sys [23552 2014-12-01] (Microsoft Windows Hardware Compatibility Publisher -> Silicon Laboratories)
S3 silabser; C:\WINDOWS\System32\drivers\silabser.sys [79360 2014-12-01] (Microsoft Windows Hardware Compatibility Publisher -> Silicon Laboratories)
S3 VpdHid_1; C:\WINDOWS\System32\drivers\VpdHid_1.sys [20216 2014-11-26] (CLOUD H.Q. INVESTMENT HOLDINGS CO., LTD. -> 0)
S3 VpdHid_MouFiltr; C:\WINDOWS\System32\drivers\VpdHid_MouFiltr.sys [7168 2014-11-26] (CLOUD H.Q. INVESTMENT HOLDINGS CO., LTD. -> 0)
R3 WacHidRouterPro; C:\WINDOWS\System32\drivers\wachidrouter.sys [115680 2017-12-15] (Microsoft Windows Hardware Compatibility Publisher -> Wacom Technology, Corp.)
R3 wacomrouterfilter; C:\WINDOWS\System32\drivers\wacomrouterfilter.sys [17888 2017-12-15] (Microsoft Windows Hardware Compatibility Publisher -> Wacom Technology, Corp.)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [46472 2019-02-23] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [333792 2019-02-23] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [62432 2019-02-23] (Microsoft Windows -> Microsoft Corporation)
R2 WinDivert1.2; C:\WINDOWS\system32\drivers\WinDivert64.sys [37552 2019-03-03] (Nemea Mjukvaruutveckling AB -> Basil)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-03-05 11:06 - 2019-03-05 11:08 - 000022012 _____ C:\Users\David Mateo Diaz\Desktop\FRST.txt
2019-03-05 11:06 - 2019-03-05 11:06 - 001388432 _____ C:\Users\Public\VOIP.dat
2019-03-05 11:05 - 2019-03-05 11:05 - 000274416 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2019-03-05 11:05 - 2019-03-05 11:05 - 000127136 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2019-03-05 11:05 - 2019-03-05 11:05 - 000114040 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2019-03-05 11:05 - 2019-03-05 11:05 - 000072864 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2019-03-05 10:01 - 2019-03-05 10:23 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2019-03-04 08:01 - 2019-03-04 08:04 - 000042469 _____ C:\Users\David Mateo Diaz\Downloads\Addition.txt
2019-03-04 07:59 - 2019-03-04 08:04 - 000071800 _____ C:\Users\David Mateo Diaz\Downloads\FRST.txt
2019-03-04 07:32 - 2019-03-05 11:06 - 000000000 ____D C:\FRST
2019-03-04 07:31 - 2019-03-04 07:31 - 002434560 _____ (Farbar) C:\Users\David Mateo Diaz\Desktop\FRST64.exe
2019-03-03 21:38 - 2019-03-05 07:28 - 000004210 _____ C:\WINDOWS\System32\Tasks\CCleaner Update
2019-03-03 21:38 - 2019-03-03 21:38 - 000002910 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2019-03-03 21:38 - 2019-03-03 21:38 - 000000863 _____ C:\Users\Public\Desktop\CCleaner.lnk
2019-03-03 21:38 - 2019-03-03 21:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2019-03-03 21:38 - 2019-03-03 21:38 - 000000000 ____D C:\Program Files\CCleaner
2019-03-03 21:34 - 2019-03-03 21:35 - 000000000 ____D C:\AdwCleaner
2019-03-03 21:31 - 2019-03-03 21:32 - 019384632 _____ (Piriform Software Ltd) C:\Users\David Mateo Diaz\Downloads\ccsetup553.exe
2019-03-03 21:21 - 2019-03-03 21:21 - 007316688 _____ (Malwarebytes) C:\Users\David Mateo Diaz\Downloads\adwcleaner_7.2.7.0.exe
2019-03-03 20:53 - 2019-03-03 20:53 - 000000000 ____D C:\SUPERDelete
2019-03-03 20:52 - 2019-03-03 21:36 - 000000564 _____ C:\WINDOWS\Tasks\SUPERAntiSpyware Scheduled Task eba11488-e388-482e-bcd0-248da9c79489.job
2019-03-03 20:52 - 2019-03-03 21:36 - 000000564 _____ C:\WINDOWS\Tasks\SUPERAntiSpyware Scheduled Task 5cf59f15-f349-4972-9292-1bf32d262679.job
2019-03-03 20:52 - 2019-03-03 20:52 - 000003826 _____ C:\WINDOWS\System32\Tasks\SUPERAntiSpyware Scheduled Task 5cf59f15-f349-4972-9292-1bf32d262679
2019-03-03 20:52 - 2019-03-03 20:52 - 000003744 _____ C:\WINDOWS\System32\Tasks\SUPERAntiSpyware Scheduled Task eba11488-e388-482e-bcd0-248da9c79489
2019-03-03 20:52 - 2019-03-03 20:52 - 000000000 ____D C:\Users\David Mateo Diaz\AppData\Roaming\SUPERAntiSpyware.com
2019-03-03 20:51 - 2019-03-03 20:52 - 000000000 ____D C:\Program Files\SUPERAntiSpyware
2019-03-03 20:51 - 2019-03-03 20:51 - 000001849 _____ C:\Users\Public\Desktop\SUPERAntiSpyware Professional.lnk
2019-03-03 20:51 - 2019-03-03 20:51 - 000000000 ____D C:\ProgramData\SUPERAntiSpyware.com
2019-03-03 20:51 - 2019-03-03 20:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2019-03-03 20:50 - 2019-03-03 20:51 - 038849448 _____ (SUPERAntiSpyware) C:\Users\David Mateo Diaz\Downloads\SUPERAntiSpywarePro.exe
2019-03-03 20:23 - 2019-03-03 20:23 - 000000000 ____D C:\Users\David Mateo Diaz\AppData\Local\mbam
2019-03-03 20:22 - 2019-03-05 10:23 - 000198512 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2019-03-03 20:22 - 2019-03-03 20:22 - 000001912 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2019-03-03 20:22 - 2019-03-03 20:22 - 000000000 ____D C:\Users\David Mateo Diaz\AppData\Local\mbamtray
2019-03-03 20:22 - 2019-03-03 20:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-03-03 20:22 - 2019-03-03 20:22 - 000000000 ____D C:\ProgramData\Malwarebytes
2019-03-03 20:22 - 2019-03-03 20:22 - 000000000 ____D C:\Program Files\Malwarebytes
2019-03-03 20:22 - 2019-02-01 11:20 - 000020936 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2019-03-03 20:22 - 2019-01-08 15:32 - 000153328 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2019-03-03 20:20 - 2019-03-03 20:21 - 064309056 _____ (Malwarebytes ) C:\Users\David Mateo Diaz\Downloads\mb3-setup-35891.35891-3.7.1.2839-1.0.538-1.0.9074.exe
2019-03-03 19:37 - 2019-03-03 19:37 - 000000000 ___HD C:\$AV_ASW
2019-03-03 19:36 - 2019-03-03 19:51 - 000000000 ____D C:\Users\David Mateo Diaz\AppData\Roaming\zzdupwh3d4m
2019-03-03 19:36 - 2019-03-03 19:51 - 000000000 ____D C:\Users\David Mateo Diaz\AppData\Roaming\seo42kbova3
2019-03-03 19:36 - 2019-03-03 19:50 - 000000000 ____D C:\Users\David Mateo Diaz\AppData\Roaming\12laox3wbbz
2019-03-03 19:35 - 2019-03-03 19:50 - 000000000 ____D C:\Users\David Mateo Diaz\AppData\Roaming\5iocodtjs2j
2019-03-03 19:35 - 2019-03-03 19:38 - 000000000 ____D C:\Users\David Mateo Diaz\AppData\Roaming\rmv0bmb1iic
2019-03-03 19:35 - 2019-03-03 19:35 - 000619880 _____ (VxDriver) C:\WINDOWS\3D07A1081ABA.sys
2019-03-03 19:35 - 2019-03-03 19:35 - 000037552 _____ (Basil) C:\WINDOWS\system32\Drivers\WinDivert64.sys
2019-03-03 19:34 - 2019-03-03 19:44 - 000000000 ____D C:\Program Files (x86)\qesdfv
2019-03-03 19:34 - 2019-03-03 19:34 - 000722944 _____ C:\Users\David Mateo Diaz\AppData\Local\sha.db
2019-03-03 19:34 - 2019-03-03 19:34 - 000140800 _____ C:\Users\David Mateo Diaz\AppData\Local\installer.dat
2019-03-03 19:34 - 2019-03-03 19:34 - 000000000 ____D C:\Users\David Mateo Diaz\AppData\Roaming\Mozilla
2019-03-03 19:32 - 2019-03-03 19:32 - 000000000 ____D C:\Users\David Mateo Diaz\AppData\Local\AdvinstAnalytics
2019-03-03 19:31 - 2019-03-03 19:31 - 000000000 ____D C:\ProgramData\{A4C9EB1F-976D-2DBE-158A-3DA1156D64F0}
2019-03-03 19:31 - 2019-03-03 19:31 - 000000000 ____D C:\ProgramData\{84789F88-E3FA-0D0F-82FE-8C818219D5D0}
2019-03-03 19:25 - 2019-03-03 19:25 - 000000000 ____D C:\Users\David Mateo Diaz\Downloads\pico
2019-03-03 19:24 - 2019-03-03 19:24 - 001276004 _____ C:\Users\David Mateo Diaz\Downloads\pico.rar
2019-03-03 19:18 - 2019-03-03 19:18 - 000002164 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Free Antivirus.lnk
2019-03-03 19:18 - 2019-03-03 19:18 - 000002152 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2019-03-03 19:18 - 2019-03-03 19:18 - 000000000 ____D C:\Users\David Mateo Diaz\AppData\Roaming\AVAST Software
2019-03-03 19:18 - 2019-03-03 19:18 - 000000000 ____D C:\Users\David Mateo Diaz\AppData\Local\AVAST Software
2019-03-03 19:16 - 2019-03-05 07:28 - 000004264 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
2019-03-03 19:16 - 2019-03-03 19:16 - 000474456 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2019-03-03 19:16 - 2019-03-03 19:16 - 000249672 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHdsKe.sys
2019-03-03 19:16 - 2019-03-03 19:16 - 000000000 ____D C:\WINDOWS\System32\Tasks\Avast Software
2019-03-03 19:16 - 2019-03-03 19:16 - 000000000 ____D C:\Program Files\Common Files\AVAST Software
2019-03-03 19:16 - 2019-03-03 19:15 - 001034432 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2019-03-03 19:16 - 2019-03-03 19:15 - 000379952 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2019-03-03 19:16 - 2019-03-03 19:15 - 000362888 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2019-03-03 19:16 - 2019-03-03 19:15 - 000320696 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswblog.sys
2019-03-03 19:16 - 2019-03-03 19:15 - 000225680 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2019-03-03 19:16 - 2019-03-03 19:15 - 000216784 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2019-03-03 19:16 - 2019-03-03 19:15 - 000205400 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2019-03-03 19:16 - 2019-03-03 19:15 - 000196072 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2019-03-03 19:16 - 2019-03-03 19:15 - 000167304 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2019-03-03 19:16 - 2019-03-03 19:15 - 000112312 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2019-03-03 19:16 - 2019-03-03 19:15 - 000087944 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2019-03-03 19:16 - 2019-03-03 19:15 - 000057960 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2019-03-03 19:16 - 2019-03-03 19:15 - 000042288 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2019-03-03 19:16 - 2019-03-03 19:15 - 000037104 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2019-03-03 19:16 - 2019-03-03 19:15 - 000015488 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswElam.sys
2019-03-03 19:14 - 2019-03-03 19:14 - 000000000 ____D C:\Program Files\AVAST Software
2019-03-03 19:13 - 2019-03-03 19:16 - 000000000 ____D C:\ProgramData\AVAST Software
2019-03-03 19:09 - 2019-03-04 06:35 - 000000000 ____D C:\Program Files (x86)\KMSPico 10.2.1 Final
2019-03-03 19:08 - 2019-03-03 19:54 - 000000000 ____D C:\Users\David Mateo Diaz\Downloads\KMSPico 10.2.1 [TeamDaz.NG]
2019-03-03 19:07 - 2019-03-03 19:07 - 003393677 _____ C:\Users\David Mateo Diaz\Downloads\KMSPico 10.2.1 [TeamDaz.NG].zip
2019-03-03 18:57 - 2019-03-03 18:57 - 000000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2019-03-03 18:57 - 2019-03-03 18:57 - 000000000 ____D C:\Program Files\Reference Assemblies
2019-03-03 18:57 - 2019-03-03 18:57 - 000000000 ____D C:\Program Files\MSBuild
2019-03-03 18:57 - 2019-03-03 18:57 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
2019-03-03 18:57 - 2019-03-03 18:57 - 000000000 ____D C:\Program Files (x86)\MSBuild
2019-03-03 18:56 - 2018-03-05 16:07 - 000778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2019-03-03 18:56 - 2018-03-05 16:07 - 000103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2019-03-03 18:56 - 2018-03-05 16:07 - 000035456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2019-03-03 18:56 - 2018-02-14 16:21 - 001166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2019-03-03 18:56 - 2018-02-14 16:21 - 000124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2019-03-03 18:56 - 2018-02-14 16:21 - 000035456 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2019-03-03 18:48 - 2019-03-03 18:48 - 000000000 ____D C:\Users\David Mateo Diaz\AppData\Roaming\Skype
2019-03-03 18:47 - 2019-03-03 18:47 - 000002498 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype for Business.lnk
2019-03-03 18:47 - 2019-03-03 18:47 - 000002493 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2019-03-03 18:47 - 2019-03-03 18:47 - 000002492 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2019-03-03 18:47 - 2019-03-03 18:47 - 000002456 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2019-03-03 18:47 - 2019-03-03 18:47 - 000002455 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2019-03-03 18:47 - 2019-03-03 18:47 - 000002449 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2019-03-03 18:47 - 2019-03-03 18:47 - 000002443 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
2019-03-03 18:47 - 2019-03-03 18:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
2019-03-03 18:41 - 2019-03-03 18:46 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2019-03-03 18:41 - 2019-03-03 18:41 - 000000000 ____D C:\Program Files\Microsoft Office 15
2019-03-03 07:52 - 2019-03-03 07:52 - 000096395 _____ C:\WINDOWS\uninstaller.dat
2019-03-02 11:38 - 2019-03-02 11:40 - 012368792 _____ C:\Users\David Mateo Diaz\Downloads\23149.rar
2019-02-27 17:46 - 2019-02-27 17:46 - 033006436 _____ C:\Users\David Mateo Diaz\Downloads\Galaxy_S7_mockup_dxbolyhos.zip
2019-02-25 22:46 - 2019-03-05 11:04 - 000000000 ____D C:\Users\David Mateo Diaz\AppData\Local\CrashDumps
2019-02-25 22:45 - 2019-02-25 22:45 - 000000000 ____D C:\Users\David Mateo Diaz\AppData\Local\Google
2019-02-25 22:44 - 2019-03-05 07:55 - 000002299 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-02-25 22:44 - 2019-03-05 07:55 - 000002258 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-02-25 22:44 - 2019-02-25 22:50 - 000003556 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2019-02-25 22:44 - 2019-02-25 22:50 - 000003432 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2019-02-25 22:43 - 2019-02-25 22:45 - 000000000 ____D C:\Program Files (x86)\Google
2019-02-25 22:43 - 2019-02-25 22:43 - 000004562 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2019-02-25 22:42 - 2019-02-25 22:42 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2019-02-25 22:42 - 2019-02-25 22:42 - 000002124 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk
2019-02-25 21:11 - 2019-02-25 21:18 - 000701487 _____ C:\Users\David Mateo Diaz\Downloads\mate pastor (1).ai
2019-02-25 20:15 - 2019-02-25 20:15 - 000943598 _____ C:\Users\David Mateo Diaz\Downloads\mate pastor.ai
2019-02-25 16:19 - 2019-02-25 16:19 - 000000000 ____D C:\Users\David Mateo Diaz\AppData\Local\SoulseekQt
2019-02-25 15:31 - 2019-02-25 15:31 - 001130392 _____ C:\Users\David Mateo Diaz\Downloads\Roboto.zip
2019-02-25 15:26 - 2019-02-25 15:26 - 000000000 ____D C:\Users\David Mateo Diaz\Documents\Soulseek Downloads
2019-02-25 15:17 - 2019-02-25 15:17 - 000000780 _____ C:\Users\Public\Desktop\SoulseekQt.lnk
2019-02-25 15:17 - 2019-02-25 15:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SoulseekQt
2019-02-25 15:13 - 2019-02-25 15:13 - 000059931 _____ C:\Users\David Mateo Diaz\Downloads\Avenir-Font.zip
2019-02-24 22:26 - 2019-02-24 22:26 - 002416728 _____ C:\Users\David Mateo Diaz\Desktop\alternativa loco.pdf
2019-02-23 11:59 - 2019-02-23 12:00 - 000024761 _____ C:\Users\David Mateo Diaz\Downloads\Scott Robertson - How to Render The Fundamentals of Light, Shadow and Reflectivity (Scan).torrent
2019-02-21 15:03 - 2019-02-21 15:03 - 000580016 _____ C:\Users\David Mateo Diaz\Downloads\Playfair_Display.zip
2019-02-21 14:36 - 2019-02-21 14:36 - 013382886 _____ C:\Users\David Mateo Diaz\Downloads\Calabozo final.psd
2019-02-21 14:27 - 2019-01-31 23:32 - 000000000 ____D C:\Users\David Mateo Diaz\Downloads\Source_Word_Professional_Reusme_Design
2019-02-21 13:43 - 2019-02-21 14:26 - 131677567 _____ C:\Users\David Mateo Diaz\Downloads\Source_Word_Professional_Reusme_Design.zip
2019-02-21 13:43 - 2018-11-06 01:52 - 000000000 ____D C:\Users\David Mateo Diaz\Downloads\Source_Business_Job_CV_Resume_Word_2793712
2019-02-21 13:39 - 2019-02-21 13:41 - 127369055 _____ C:\Users\David Mateo Diaz\Downloads\Source_Business_Job_CV_Resume_Word_2793712.zip
2019-02-21 07:29 - 2019-02-21 07:29 - 001056919 _____ C:\Users\David Mateo Diaz\Downloads\Bomba Antibunker.EPS
2019-02-20 20:23 - 2019-02-20 20:23 - 000013219 _____ C:\Users\David Mateo Diaz\Downloads\LOLEE CATEGORIAS DE ANALISIS.xlsx
2019-02-19 15:44 - 2019-02-19 15:44 - 002413037 _____ C:\Users\David Mateo Diaz\Downloads\5 mates preentrega 2.pdf
2019-02-19 15:30 - 2019-02-19 16:12 - 000722584 _____ C:\Users\David Mateo Diaz\Downloads\mate del tonto.ai
2019-02-19 10:07 - 2019-02-25 20:24 - 003318868 _____ C:\Users\David Mateo Diaz\Downloads\mate legal (1).ai
2019-02-19 09:49 - 2019-02-19 09:49 - 000085665 _____ C:\Users\David Mateo Diaz\Downloads\[Pornbay.org]Desiree Cousteau Mini Pack, containing(Deep Rub, Hot Lunch, Hot And Saucy Pizza Girls, Inside Desiree Cousteau, The Golden Age of Porn - Desiree Cousteau ).torrent
2019-02-18 20:00 - 2019-02-18 20:00 - 000387864 _____ C:\Users\David Mateo Diaz\Downloads\tinified (1).zip
2019-02-18 06:24 - 2019-02-25 20:24 - 001416621 _____ C:\Users\David Mateo Diaz\Downloads\mate legal.ai
2019-02-17 16:34 - 2019-02-17 16:34 - 000000846 _____ C:\Users\David Mateo Diaz\Desktop\Adobe InDesign CC 2019.lnk
2019-02-17 16:24 - 2019-02-18 06:24 - 003483782 _____ C:\Users\David Mateo Diaz\Downloads\mate del tonto y bristol.ai
2019-02-15 18:06 - 2019-02-15 18:06 - 000000000 ____D C:\Users\David Mateo Diaz\Downloads\yen.041016.117-Gumroad_Slim_Female_Basemesh
2019-02-15 11:32 - 2019-02-15 11:32 - 000057988 _____ C:\Users\David Mateo Diaz\Downloads\Caso IKEA.pdf
2019-02-15 10:49 - 2019-02-15 10:50 - 000512342 _____ C:\Users\David Mateo Diaz\Downloads\caso 1_los precios atractivos de ikea.pdf
2019-02-14 20:57 - 2019-02-14 21:17 - 123255312 _____ C:\Users\David Mateo Diaz\Downloads\yen.041016.117-Gumroad_Slim_Female_Basemesh (1).rar
2019-02-14 20:52 - 2019-02-14 20:52 - 000015099 _____ C:\Users\David Mateo Diaz\Downloads\Gumroad Slim Female Basemesh (1).torrent
2019-02-14 20:41 - 2019-02-14 20:41 - 000016753 _____ C:\Users\David Mateo Diaz\Downloads\VIDEOHIVE The Ultimate Story Pack AFTER EFFECTS.torrent
2019-02-14 20:19 - 2019-02-14 20:19 - 000015593 _____ C:\Users\David Mateo Diaz\Downloads\3D Scan Store - Male and Female Base Mesh Bundle.torrent
2019-02-14 20:19 - 2019-02-14 20:19 - 000015099 _____ C:\Users\David Mateo Diaz\Downloads\Gumroad Slim Female Basemesh.torrent
2019-02-14 19:32 - 2019-02-14 19:33 - 000000000 ____D C:\Users\Public\Documents\ZBrushData2018
2019-02-13 15:31 - 2019-02-13 15:31 - 004330141 _____ C:\Users\David Mateo Diaz\Downloads\montserrat.zip
2019-02-13 15:31 - 2019-02-13 15:31 - 000000000 ____D C:\Users\David Mateo Diaz\Downloads\montserrat
2019-02-13 15:29 - 2019-02-13 15:30 - 000000000 ____D C:\Users\David Mateo Diaz\Downloads\Source_ADL_Letterhead_Design_Bundle
2019-02-13 15:28 - 2019-02-13 15:28 - 022907313 _____ C:\Users\David Mateo Diaz\Downloads\Source_ADL_Letterhead_Design_Bundle.zip
2019-02-12 20:32 - 2019-02-05 21:38 - 000561152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2019-02-12 20:32 - 2019-01-11 21:28 - 000352768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2019-02-12 20:32 - 2019-01-09 00:44 - 000078688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wldp.dll
2019-02-12 20:32 - 2019-01-09 00:26 - 002966016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2019-02-12 20:32 - 2019-01-09 00:20 - 000916480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2019-02-12 20:32 - 2019-01-09 00:20 - 000135680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\smartscreenps.dll
2019-02-12 20:32 - 2019-01-09 00:19 - 000678400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2019-02-12 20:32 - 2019-01-09 00:19 - 000316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\GlobCollationHost.dll
2019-02-12 20:32 - 2019-01-09 00:18 - 000195584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GlobCollationHost.dll
2019-02-12 20:32 - 2019-01-07 22:06 - 001311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2019-02-12 20:31 - 2019-02-06 02:54 - 004527584 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2019-02-12 20:31 - 2019-02-06 02:53 - 001634704 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2019-02-12 20:31 - 2019-02-06 02:35 - 000058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
2019-02-12 20:31 - 2019-02-06 02:32 - 003648512 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2019-02-12 20:31 - 2019-02-06 02:30 - 004052992 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2019-02-12 20:31 - 2019-02-06 02:30 - 001662464 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2019-02-12 20:31 - 2019-02-06 02:30 - 001364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2019-02-12 20:31 - 2019-02-06 02:11 - 001454648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2019-02-12 20:31 - 2019-02-06 01:57 - 000044032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf3216.dll
2019-02-12 20:31 - 2019-02-06 01:52 - 004053504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2019-02-12 20:31 - 2019-02-06 01:52 - 002891776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2019-02-12 20:31 - 2019-02-06 01:52 - 001470976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2019-02-12 20:31 - 2019-02-05 22:01 - 001989040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2019-02-12 20:31 - 2019-02-05 22:01 - 001221432 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-02-12 20:31 - 2019-02-05 22:01 - 001029944 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-02-12 20:31 - 2019-02-05 22:01 - 000720480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2019-02-12 20:31 - 2019-02-05 22:01 - 000566568 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2019-02-12 20:31 - 2019-02-05 22:01 - 000134968 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2019-02-12 20:31 - 2019-02-05 22:01 - 000076088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2019-02-12 20:31 - 2019-02-05 22:01 - 000033576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NtlmShared.dll
2019-02-12 20:31 - 2019-02-05 22:00 - 009084432 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-02-12 20:31 - 2019-02-05 22:00 - 007520112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-02-12 20:31 - 2019-02-05 22:00 - 006572416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-02-12 20:31 - 2019-02-05 22:00 - 002719760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2019-02-12 20:31 - 2019-02-05 22:00 - 002465792 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2019-02-12 20:31 - 2019-02-05 22:00 - 002421264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2019-02-12 20:31 - 2019-02-05 22:00 - 001257904 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-02-12 20:31 - 2019-02-05 22:00 - 001140680 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2019-02-12 20:31 - 2019-02-05 22:00 - 001130568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2019-02-12 20:31 - 2019-02-05 22:00 - 001098272 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2019-02-12 20:31 - 2019-02-05 22:00 - 000945680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refsv1.sys
2019-02-12 20:31 - 2019-02-05 22:00 - 000899728 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2019-02-12 20:31 - 2019-02-05 22:00 - 000466960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2019-02-12 20:31 - 2019-02-05 22:00 - 000376120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2019-02-12 20:31 - 2019-02-05 22:00 - 000043536 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser_broker.exe
2019-02-12 20:31 - 2019-02-05 22:00 - 000038792 _____ (Microsoft Corporation) C:\WINDOWS\system32\NtlmShared.dll
2019-02-12 20:31 - 2019-02-05 21:59 - 001922064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refs.sys
2019-02-12 20:31 - 2019-02-05 21:59 - 001457248 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-02-12 20:31 - 2019-02-05 21:59 - 000983128 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2019-02-12 20:31 - 2019-02-05 21:59 - 000144288 _____ (Microsoft Corporation) C:\WINDOWS\system32\smss.exe
2019-02-12 20:31 - 2019-02-05 21:52 - 022014464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2019-02-12 20:31 - 2019-02-05 21:45 - 019404288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-02-12 20:31 - 2019-02-05 21:42 - 003711488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2019-02-12 20:31 - 2019-02-05 21:41 - 025853952 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-02-12 20:31 - 2019-02-05 21:41 - 005307392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2019-02-12 20:31 - 2019-02-05 21:40 - 005792256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-02-12 20:31 - 2019-02-05 21:40 - 000021504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\npmproxy.dll
2019-02-12 20:31 - 2019-02-05 21:38 - 000608768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2019-02-12 20:31 - 2019-02-05 21:37 - 004515840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2019-02-12 20:31 - 2019-02-05 21:37 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2019-02-12 20:31 - 2019-02-05 21:33 - 022714880 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-02-12 20:31 - 2019-02-05 21:29 - 004865536 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2019-02-12 20:31 - 2019-02-05 21:28 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidparse.sys
2019-02-12 20:31 - 2019-02-05 21:28 - 000039936 _____ (Microsoft Corporation) C:\WINDOWS\system32\npmproxy.dll
2019-02-12 20:31 - 2019-02-05 21:27 - 000894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2019-02-12 20:31 - 2019-02-05 21:27 - 000808448 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2019-02-12 20:31 - 2019-02-05 21:27 - 000358912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\exfat.sys
2019-02-12 20:31 - 2019-02-05 21:27 - 000266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2019-02-12 20:31 - 2019-02-05 21:26 - 007599616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-02-12 20:31 - 2019-02-05 21:26 - 000726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2019-02-12 20:31 - 2019-02-05 21:26 - 000324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\udfs.sys
2019-02-12 20:31 - 2019-02-05 21:26 - 000174592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2019-02-12 20:31 - 2019-02-05 21:26 - 000154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2019-02-12 20:31 - 2019-02-05 21:25 - 000736256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2019-02-12 20:31 - 2019-02-05 21:25 - 000507392 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofmsvc.dll
2019-02-12 20:31 - 2019-02-05 21:24 - 004937728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2019-02-12 20:31 - 2019-02-05 21:24 - 000466432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2019-02-12 20:31 - 2019-02-05 21:23 - 000393216 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2019-02-12 20:31 - 2019-02-05 21:22 - 000960512 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2019-02-12 20:31 - 2019-02-05 21:22 - 000885760 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2019-02-12 20:31 - 2019-02-05 21:21 - 000093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cdfs.sys
2019-02-12 20:31 - 2019-02-05 20:04 - 000001314 _____ C:\WINDOWS\system32\tcbres.wim
2019-02-12 20:31 - 2019-01-12 03:56 - 001008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MixedRealityCapture.dll
2019-02-12 20:31 - 2019-01-09 13:08 - 000309560 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2019-02-12 20:31 - 2019-01-09 12:57 - 000720536 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2019-02-12 20:31 - 2019-01-09 12:42 - 004716032 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2019-02-12 20:31 - 2019-01-09 12:41 - 012730368 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2019-02-12 20:31 - 2019-01-09 12:41 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2019-02-12 20:31 - 2019-01-09 12:40 - 000171520 _____ (Microsoft Corporation) C:\WINDOWS\system32\itss.dll
2019-02-12 20:31 - 2019-01-09 12:36 - 001054720 _____ (Microsoft Corporation) C:\WINDOWS\HelpPane.exe
2019-02-12 20:31 - 2019-01-09 12:35 - 002919936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2019-02-12 20:31 - 2019-01-09 05:14 - 000607744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2019-02-12 20:31 - 2019-01-09 04:55 - 011919872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2019-02-12 20:31 - 2019-01-09 04:55 - 000150016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\itss.dll
2019-02-12 20:31 - 2019-01-09 03:55 - 001285432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2019-02-12 20:31 - 2019-01-09 03:48 - 000527368 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2019-02-12 20:31 - 2019-01-09 00:59 - 000611848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2019-02-12 20:31 - 2019-01-09 00:43 - 006043496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2019-02-12 20:31 - 2019-01-09 00:43 - 004789944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2019-02-12 20:31 - 2019-01-09 00:43 - 002253480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2019-02-12 20:31 - 2019-01-09 00:43 - 001981280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2019-02-12 20:31 - 2019-01-09 00:43 - 001620264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2019-02-12 20:31 - 2019-01-09 00:43 - 000607376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2019-02-12 20:31 - 2019-01-09 00:43 - 000581592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
2019-02-12 20:31 - 2019-01-09 00:43 - 000287640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2019-02-12 20:31 - 2019-01-09 00:43 - 000129088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2019-02-12 20:31 - 2019-01-09 00:43 - 000127744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rmclient.dll
2019-02-12 20:31 - 2019-01-09 00:43 - 000071456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\svchost.exe
2019-02-12 20:31 - 2019-01-09 00:42 - 001035232 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-02-12 20:31 - 2019-01-09 00:42 - 000092704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bindflt.sys
2019-02-12 20:31 - 2019-01-09 00:40 - 002765336 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2019-02-12 20:31 - 2019-01-09 00:40 - 001063224 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2019-02-12 20:31 - 2019-01-09 00:40 - 000432952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2019-02-12 20:31 - 2019-01-09 00:40 - 000226104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2019-02-12 20:31 - 2019-01-09 00:40 - 000090872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll
2019-02-12 20:31 - 2019-01-09 00:39 - 007436016 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2019-02-12 20:31 - 2019-01-09 00:39 - 004404720 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2019-02-12 20:31 - 2019-01-09 00:39 - 002571632 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2019-02-12 20:31 - 2019-01-09 00:39 - 001943128 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2019-02-12 20:31 - 2019-01-09 00:39 - 000789696 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2019-02-12 20:31 - 2019-01-09 00:39 - 000713264 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2019-02-12 20:31 - 2019-01-09 00:39 - 000349656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2019-02-12 20:31 - 2019-01-09 00:39 - 000269624 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2019-02-12 20:31 - 2019-01-09 00:39 - 000260800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2019-02-12 20:31 - 2019-01-09 00:39 - 000175416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spacedump.sys
2019-02-12 20:31 - 2019-01-09 00:39 - 000164192 _____ (Microsoft Corporation) C:\WINDOWS\system32\rmclient.dll
2019-02-12 20:31 - 2019-01-09 00:39 - 000085472 _____ (Microsoft Corporation) C:\WINDOWS\system32\svchost.exe
2019-02-12 20:31 - 2019-01-09 00:33 - 016597504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2019-02-12 20:31 - 2019-01-09 00:32 - 013878272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2019-02-12 20:31 - 2019-01-09 00:29 - 008188928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2019-02-12 20:31 - 2019-01-09 00:29 - 002500096 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe
2019-02-12 20:31 - 2019-01-09 00:27 - 004710912 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2019-02-12 20:31 - 2019-01-09 00:27 - 004384256 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2019-02-12 20:31 - 2019-01-09 00:27 - 001587712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2019-02-12 20:31 - 2019-01-09 00:26 - 006661632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2019-02-12 20:31 - 2019-01-09 00:26 - 003396608 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-02-12 20:31 - 2019-01-09 00:25 - 000161792 _____ (Microsoft Corporation) C:\WINDOWS\system32\spacebridge.dll
2019-02-12 20:31 - 2019-01-09 00:24 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2019-02-12 20:31 - 2019-01-09 00:24 - 000174080 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_CapabilityAccess.dll
2019-02-12 20:31 - 2019-01-09 00:24 - 000157184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spacebridge.dll
2019-02-12 20:31 - 2019-01-09 00:23 - 002368000 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2019-02-12 20:31 - 2019-01-09 00:23 - 001708544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSPhotography.dll
2019-02-12 20:31 - 2019-01-09 00:23 - 001361408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSPhotography.dll
2019-02-12 20:31 - 2019-01-09 00:23 - 001189888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2019-02-12 20:31 - 2019-01-09 00:23 - 000898560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2019-02-12 20:31 - 2019-01-09 00:23 - 000145920 _____ (Microsoft Corporation) C:\WINDOWS\system32\srpapi.dll
2019-02-12 20:31 - 2019-01-09 00:23 - 000100864 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManagerClient.dll
2019-02-12 20:31 - 2019-01-09 00:23 - 000067072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CapabilityAccessManagerClient.dll
2019-02-12 20:31 - 2019-01-09 00:22 - 001551360 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-02-12 20:31 - 2019-01-09 00:22 - 001395200 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2019-02-12 20:31 - 2019-01-09 00:22 - 000624640 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2019-02-12 20:31 - 2019-01-09 00:22 - 000392704 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicSvc.dll
2019-02-12 20:31 - 2019-01-09 00:22 - 000333824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2019-02-12 20:31 - 2019-01-09 00:22 - 000266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManager.dll
2019-02-12 20:31 - 2019-01-09 00:22 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.NetworkOperators.HotspotAuthentication.dll
2019-02-12 20:31 - 2019-01-09 00:22 - 000126976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srpapi.dll
2019-02-12 20:31 - 2019-01-09 00:21 - 002173440 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-02-12 20:31 - 2019-01-09 00:21 - 000197632 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreenps.dll
2019-02-12 20:31 - 2019-01-09 00:21 - 000106496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.NetworkOperators.HotspotAuthentication.dll
2019-02-12 20:31 - 2019-01-09 00:20 - 001000448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2019-02-12 20:31 - 2019-01-09 00:20 - 000607232 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2019-02-12 20:31 - 2019-01-09 00:19 - 000507392 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2019-02-12 20:31 - 2019-01-09 00:19 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2019-02-12 20:31 - 2019-01-08 23:34 - 000806320 _____ C:\WINDOWS\SysWOW64\locale.nls
2019-02-12 20:31 - 2019-01-08 23:34 - 000806320 _____ C:\WINDOWS\system32\locale.nls
2019-02-12 20:31 - 2019-01-08 04:08 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MixedRealityCapture.dll
2019-02-12 20:31 - 2019-01-07 22:06 - 000313344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd2x40.dll
2019-02-12 20:31 - 2019-01-07 22:06 - 000000072 _____ C:\WINDOWS\system32\edgehtmlpluginpolicy.bin
2019-02-12 13:29 - 2019-02-12 13:29 - 000000157 _____ C:\Users\David Mateo Diaz\Downloads\index.html
2019-02-12 13:24 - 2019-02-12 13:25 - 000000000 ____D C:\Program Files\FileZilla FTP Client
2019-02-12 13:24 - 2019-02-12 13:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XAMPP
2019-02-12 13:24 - 2019-02-12 13:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2019-02-12 13:24 - 2019-02-12 13:23 - 000001294 _____ C:\Users\David Mateo Diaz\Desktop\filezilla - Acceso directo.lnk
2019-02-12 12:06 - 2019-02-12 12:06 - 000000863 _____ C:\Users\David Mateo Diaz\Downloads\Ftp [email protected] (1).xml
2019-02-12 12:06 - 2019-02-12 12:06 - 000000012 _____ C:\Users\David Mateo Diaz\Documents\contraseña free hosting.txt
2019-02-12 12:05 - 2019-02-12 12:05 - 000000863 _____ C:\Users\David Mateo Diaz\Downloads\Ftp [email protected]
2019-02-12 12:01 - 2019-03-05 11:04 - 000000000 ____D C:\Users\David Mateo Diaz\AppData\Roaming\FileZilla
2019-02-12 12:01 - 2019-02-12 13:25 - 000000000 ____D C:\Users\David Mateo Diaz\AppData\Local\FileZilla
2019-02-12 12:01 - 2019-02-12 12:01 - 007954904 _____ (Tim Kosse) C:\Users\David Mateo Diaz\Downloads\FileZilla_3.40.0_win64-setup.exe
2019-02-12 12:01 - 2019-02-12 12:01 - 000000845 _____ C:\Users\David Mateo Diaz\Downloads\Ftp dmateodiaz.xml
2019-02-10 19:23 - 2019-02-10 19:23 - 000485556 _____ C:\Users\David Mateo Diaz\Downloads\futura.zip
2019-02-10 17:08 - 2019-02-10 17:08 - 002211660 _____ C:\Users\David Mateo Diaz\Downloads\MagicaVoxel-0.99.3-alpha-win64.zip
2019-02-10 17:08 - 2019-02-10 17:08 - 000000000 ____D C:\Users\David Mateo Diaz\Downloads\MagicaVoxel-0.99.3-alpha-win64
2019-02-07 16:27 - 2019-02-07 16:27 - 000001584 _____ C:\Users\David Mateo Diaz\Documents\humans.dck
2019-02-07 16:25 - 2019-02-07 16:25 - 000000814 _____ C:\Users\David Mateo Diaz\Downloads\Modern_Humans_by_rapidluis08.mwDeck
2019-02-06 21:33 - 2019-02-06 21:53 - 123255312 _____ C:\Users\David Mateo Diaz\Downloads\yen.041016.117-Gumroad_Slim_Female_Basemesh.rar
2019-02-06 17:15 - 2019-02-06 17:15 - 000002263 _____ C:\Users\David Mateo Diaz\Documents\paradoxical storm.dck
2019-02-06 17:13 - 2019-02-06 17:13 - 000001358 _____ C:\Users\David Mateo Diaz\Downloads\Vintage_Paradoxical_Outcome_by_Bryan_Hockey.mwDeck
2019-02-05 22:24 - 2019-02-05 22:24 - 000036330 _____ C:\Users\David Mateo Diaz\Downloads\Domestika - Modelado de personajes en 3D con Zbrush (spanish) (--- - ---) (1).torrent
2019-02-05 22:23 - 2019-02-05 22:23 - 000019064 _____ C:\Users\David Mateo Diaz\Downloads\Domestika - Modelado realista con ZBrush.torrent
2019-02-05 21:47 - 2019-02-12 14:22 - 000000000 ____D C:\Users\David Mateo Diaz\.atom
2019-02-05 21:47 - 2019-02-05 21:54 - 000002300 _____ C:\Users\David Mateo Diaz\Desktop\Atom.lnk
2019-02-05 21:47 - 2019-02-05 21:54 - 000000000 ____D C:\Users\David Mateo Diaz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GitHub, Inc
2019-02-05 21:47 - 2019-02-05 21:54 - 000000000 ____D C:\Users\David Mateo Diaz\AppData\Roaming\Atom
2019-02-05 21:45 - 2019-02-05 21:51 - 000000000 ____D C:\Users\David Mateo Diaz\AppData\Local\atom
2019-02-05 21:45 - 2019-02-05 21:47 - 000000000 ____D C:\Users\David Mateo Diaz\AppData\Local\SquirrelTemp
2019-02-05 09:51 - 2019-02-05 09:51 - 000000846 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe InDesign CC 2019.lnk
2019-02-05 09:34 - 2019-02-05 09:34 - 005804519 _____ C:\Users\David Mateo Diaz\Downloads\fontawesome-free-5.7.1-desktop.zip
2019-02-05 09:29 - 2019-02-05 09:29 - 000035061 _____ C:\Users\David Mateo Diaz\Downloads\Adobe InDesign CC 2019 (v14.0.1) x86 Multilingual.torrent
2019-02-04 22:17 - 2019-02-04 22:17 - 000807996 _____ C:\Users\David Mateo Diaz\Downloads\hk-grotesk.zip
2019-02-04 21:16 - 2019-02-04 21:16 - 000000000 ____D C:\Users\David Mateo Diaz\Downloads\Semana 02 a 03 imagenes
2019-02-04 21:15 - 2019-02-04 21:16 - 053255593 _____ C:\Users\David Mateo Diaz\Downloads\Semana 02 a 03 imagenes.zip
2019-02-04 17:33 - 2019-02-04 17:34 - 000935871 _____ C:\Users\David Mateo Diaz\Downloads\tinified.zip
2019-02-04 17:19 - 2019-02-04 17:19 - 000036330 _____ C:\Users\David Mateo Diaz\Downloads\Domestika - Modelado de personajes en 3D con Zbrush (spanish) (--- - ---).torrent
2019-02-04 17:18 - 2012-10-15 11:59 - 000422268 _____ C:\Users\David Mateo Diaz\Downloads\Cheveuxdange.ttf
2019-02-04 17:17 - 2019-02-04 17:18 - 000257690 _____ C:\Users\David Mateo Diaz\Downloads\cheveuxdange.zip
2019-02-04 17:10 - 2019-02-04 17:10 - 009616713 _____ C:\Users\David Mateo Diaz\Downloads\Ficha Duolejo.psd
2019-02-04 17:06 - 2019-02-14 19:32 - 000001455 _____ C:\Users\David Mateo Diaz\Desktop\ZBrush - Acceso directo.lnk
2019-02-04 16:57 - 2019-02-04 16:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pixologic
2019-02-04 16:56 - 2019-02-04 16:56 - 000000000 ____D C:\Users\Public\Pixologic
2019-02-04 16:53 - 2019-02-04 16:53 - 000118211 _____ C:\Users\David Mateo Diaz\Downloads\Gumroad Sculpting a Stylized and Appealing Female Face in ZBrush (--- - ---).torrent
==================== One month (modified) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-03-05 11:05 - 2018-12-27 15:01 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-03-05 11:05 - 2018-12-27 14:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-03-05 11:04 - 2018-12-27 14:49 - 000000000 ____D C:\WINDOWS\Panther
2019-03-05 11:04 - 2018-12-27 14:38 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2019-03-05 11:04 - 2018-12-27 14:36 - 000000000 ____D C:\WINDOWS\INF
2019-03-05 11:04 - 2018-12-27 14:29 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2019-03-05 11:03 - 2019-02-01 08:27 - 000000000 ____D C:\Users\David Mateo Diaz\AppData\Local\ElevatedDiagnostics
2019-03-05 11:02 - 2018-12-27 15:01 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-03-05 10:29 - 2018-12-27 15:12 - 001768608 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-03-05 10:29 - 2018-12-27 14:43 - 000786502 _____ C:\WINDOWS\system32\perfh00A.dat
2019-03-05 10:29 - 2018-12-27 14:43 - 000155134 _____ C:\WINDOWS\system32\perfc00A.dat
2019-03-05 10:23 - 2018-12-27 15:02 - 000065536 _____ C:\WINDOWS\psp_storage.bin
2019-03-05 10:22 - 2018-12-27 21:50 - 000000000 ____D C:\Users\David Mateo Diaz\AppData\Local\D3DSCache
2019-03-05 09:50 - 2018-12-27 14:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-03-05 09:49 - 2018-12-29 10:37 - 000000000 ____D C:\Users\David Mateo Diaz\AppData\Roaming\MusicBee
2019-03-05 09:04 - 2018-12-27 14:37 - 000000000 ___HD C:\Program Files\WindowsApps
2019-03-03 20:22 - 2018-12-27 14:38 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2019-03-03 20:15 - 2018-12-27 15:01 - 000716560 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-03-03 19:38 - 2019-01-01 13:11 - 000000000 ____D C:\Users\David Mateo Diaz\AppData\Roaming\qBittorrent
2019-03-03 19:32 - 2019-01-01 12:25 - 000000000 ____D C:\Program Files\VideoLAN
2019-03-03 18:58 - 2018-12-27 14:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-03-03 18:57 - 2018-12-27 14:38 - 000000000 ____D C:\WINDOWS\SysWOW64\MUI
2019-03-03 18:57 - 2018-12-27 14:38 - 000000000 ____D C:\WINDOWS\system32\MUI
2019-03-03 18:41 - 2018-12-27 14:37 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2019-03-02 18:34 - 2019-01-01 12:32 - 000000000 ____D C:\Users\David Mateo Diaz\AppData\Roaming\vlc
2019-03-02 11:30 - 2018-12-27 14:38 - 000000000 ____D C:\WINDOWS\system32\NDF
2019-03-01 10:25 - 2018-12-27 21:59 - 000004302 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1545965948
2019-03-01 10:25 - 2018-12-27 21:59 - 000001516 _____ C:\Users\David Mateo Diaz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Navegador Opera.lnk
2019-02-28 23:04 - 2018-12-27 21:49 - 000000000 ____D C:\Users\David Mateo Diaz
2019-02-28 21:31 - 2018-12-28 11:43 - 000000000 ____D C:\Program Files\rempl
2019-02-26 09:27 - 2019-01-02 20:22 - 000000000 ____D C:\ProgramData\Adobe
2019-02-25 22:45 - 2019-01-02 23:15 - 000000000 ____D C:\Users\David Mateo Diaz\AppData\LocalLow\Adobe
2019-02-25 22:45 - 2019-01-02 20:22 - 000000000 ____D C:\Users\David Mateo Diaz\AppData\Local\Adobe
2019-02-25 22:45 - 2018-12-27 21:50 - 000000000 ____D C:\Users\David Mateo Diaz\AppData\Roaming\Adobe
2019-02-25 22:41 - 2019-01-02 20:22 - 000000000 ____D C:\Program Files (x86)\Adobe
2019-02-23 10:44 - 2018-12-27 15:01 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2019-02-22 07:37 - 2019-01-06 00:50 - 000001456 _____ C:\Users\David Mateo Diaz\AppData\Local\Adobe Guardar para Web 13.0 Prefs
2019-02-21 15:30 - 2019-01-27 15:58 - 000000000 ____D C:\WINDOWS\Minidump
2019-02-18 17:01 - 2019-01-11 20:30 - 000001619 _____ C:\Users\David Mateo Diaz\Documents\kci.dck
2019-02-14 20:07 - 2019-01-02 23:07 - 000000000 ____D C:\Users\Public\Documents\My DAZ 3D Library
2019-02-12 23:01 - 2018-12-27 14:38 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2019-02-12 23:01 - 2018-12-27 14:38 - 000000000 ___SD C:\WINDOWS\system32\F12
2019-02-12 23:01 - 2018-12-27 14:38 - 000000000 ____D C:\WINDOWS\TextInput
2019-02-12 23:01 - 2018-12-27 14:38 - 000000000 ____D C:\WINDOWS\ShellExperiences
2019-02-12 23:01 - 2018-12-27 14:38 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-02-12 23:01 - 2018-12-27 14:37 - 000000000 ____D C:\Program Files\Windows Defender
2019-02-12 20:30 - 2018-12-28 11:53 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-02-12 20:29 - 2018-12-28 11:53 - 129330784 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-02-07 16:08 - 2018-12-27 22:12 - 000000000 ____D C:\ProgramData\Packages
2019-02-06 20:55 - 2018-12-27 22:00 - 000003400 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-4175682127-3877867951-1631616607-1001
2019-02-06 20:55 - 2018-12-27 21:52 - 000000000 ___RD C:\Users\David Mateo Diaz\OneDrive
2019-02-06 20:55 - 2018-12-27 21:49 - 000002434 _____ C:\Users\David Mateo Diaz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-02-05 09:51 - 2019-01-02 20:24 - 000000000 ____D C:\Program Files\Common Files\Adobe
==================== Files in the root of some directories =======
2019-03-05 11:06 - 2019-03-05 11:06 - 001388432 _____ () C:\Users\Public\VOIP.dat
2019-01-06 00:50 - 2019-02-22 07:37 - 000001456 _____ () C:\Users\David Mateo Diaz\AppData\Local\Adobe Guardar para Web 13.0 Prefs
2019-03-03 19:34 - 2019-03-03 19:34 - 000140800 _____ () C:\Users\David Mateo Diaz\AppData\Local\installer.dat
2019-01-04 19:10 - 2019-01-04 19:10 - 000000000 _____ () C:\Users\David Mateo Diaz\AppData\Local\oobelibMkey.log
2019-03-03 19:34 - 2019-03-03 19:34 - 000722944 _____ () C:\Users\David Mateo Diaz\AppData\Local\sha.db
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\dllhost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\dllhost.exe => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2018-12-27 15:01
==================== End of FRST.txt ============================Este es el adicional
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 03.03.2019 01
Ran by David Mateo Diaz (05-03-2019 11:09:11)
Running from C:\Users\David Mateo Diaz\Desktop
Windows 10 Pro Version 1803 17134.590 (X64) (2018-12-27 20:08:08)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrador (S-1-5-21-4175682127-3877867951-1631616607-500 - Administrator - Disabled)
David Mateo Diaz (S-1-5-21-4175682127-3877867951-1631616607-1001 - Administrator - Enabled) => C:\Users\David Mateo Diaz
DefaultAccount (S-1-5-21-4175682127-3877867951-1631616607-503 - Limited - Disabled)
Invitado (S-1-5-21-4175682127-3877867951-1631616607-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-4175682127-3877867951-1631616607-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Acrobat Reader DC - Español (HKLM-x32\...\{AC76BA86-7AD7-1034-7B44-AC0F074E4100}) (Version: 19.010.20098 - Adobe Systems Incorporated)
Adobe Illustrator CC 2019 (HKLM-x32\...\ILST_23_0_1) (Version: 23.0.1 - Adobe Systems Incorporated)
Adobe InDesign CC 2019 (HKLM-x32\...\IDSN_14_0) (Version: 14.0 - Adobe Systems Incorporated)
Adobe Photoshop CC 2019 (HKLM-x32\...\PHSP_20_0_1) (Version: 20.0.1 - Adobe Systems Incorporated)
Atom (HKU\S-1-5-21-4175682127-3877867951-1631616607-1001\...\atom) (Version: 1.34.0 - GitHub Inc.)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 19.2.2364 - AVAST Software)
CCleaner (HKLM\...\CCleaner) (Version: 5.53 - Piriform)
CLIP STUDIO 1.8.0 (HKLM-x32\...\{49274EB8-4598-47E6-8039-9BB7CE07627E}) (Version: 1.8.0 - CELSYS)
CLIP STUDIO PAINT 1.8.2 (HKLM-x32\...\{1E4572D2-28BC-4BC9-B743-13DC6CFD71DB}) (Version: 1.8.2 - CELSYS)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.66.90.50 - Conexant)
DAZ Install Manager (64-bit) (HKU\S-1-5-21-4175682127-3877867951-1631616607-1001\...\DAZ Install Manager (64-bit) 1.2.0.6) (Version: 1.2.0.6 - DAZ 3D)
DAZ PostgreSQL CMS (HKLM-x32\...\DAZ PostgreSQL CMS 9.3.4.3) (Version: 9.3.4.3 - DAZ 3D)
DAZ Studio 4.10 (64bit) (HKLM-x32\...\DAZ Studio 4.10 (64bit) 4.10.0.123) (Version: 4.10.0.123 - DAZ 3D)
FileZilla Client 3.40.0 (HKLM-x32\...\FileZilla Client) (Version: 3.40.0 - Tim Kosse)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 72.0.3626.121 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.23 - Google Inc.) Hidden
Java 8 Update 171 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180171F0}) (Version: 8.0.1710.11 - Oracle Corporation)
Malwarebytes versión 3.7.1.2839 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.7.1.2839 - Malwarebytes)
Microsoft Office Professional Plus 2019 - en-us (HKLM\...\ProPlus2019Retail - en-us) (Version: 16.0.10730.20102 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-4175682127-3877867951-1631616607-1001\...\OneDriveSetup.exe) (Version: 19.002.0107.0008 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.12.25810 (HKLM-x32\...\{e2ee15e2-a480-4bc5-bfb7-e9803d1d9823}) (Version: 14.12.25810.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.12.25810 (HKLM-x32\...\{56e11d69-7cc9-40a5-a4f9-8f6190c4d84d}) (Version: 14.12.25810.0 - Microsoft Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.10730.20102 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.10730.20102 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.10730.20102 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.10730.20102 - Microsoft Corporation) Hidden
Opera Stable 58.0.3135.79 (HKU\S-1-5-21-4175682127-3877867951-1631616607-1001\...\Opera 58.0.3135.79) (Version: 58.0.3135.79 - Opera Software)
Patrician 3 (HKLM-x32\...\Patrician 3_is1) (Version: - GOG.com)
qBittorrent 4.1.5 (HKLM-x32\...\qBittorrent) (Version: 4.1.5 - The qBittorrent project)
SoulseekQt versión 2017.2.20 (HKLM-x32\...\{8A4E1646-488C-4E5B-AC31-F784400E8D2D}_is1) (Version: 2017.2.20 - Soulseek LLC)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 8.0.1030 - SUPERAntiSpyware.com)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{1FD817A6-63E1-4519-BFD4-228DABB7AB6B}) (Version: 2.55.0.0 - Microsoft Corporation)
VASSAL (3.2.17) (HKLM\...\VASSAL (3.2.17)) (Version: 3.2.17 - vassalengine.org)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.1 - VideoLAN)
WinRAR 5.61 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.61.0 - win.rar GmbH)
XAMPP (HKLM-x32\...\xampp) (Version: 7.3.1-0 - Bitnami)
ZBrush 2018 (HKLM\...\ZBrush 2018 2018) (Version: 2018 - Pixologic)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-4175682127-3877867951-1631616607-1001_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6} -> [OneDrive] => {a52bba46-e9e1-435f-b3d9-28daa648c0f6}
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-03-03] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-03-03] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-03-03] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-03-03] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0FADC628-6D51-473D-9E0E-176DFD49D431} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe (AVAST Software s.r.o. -> AVAST Software)
Task: {21137EC7-8AC3-4F08-8151-6A65284E1C8E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {2710E68A-304F-4205-8E54-64AB391427FB} - System32\Tasks\AdobeGCInvoker-1.0-DESKTOP-U32J61O-David Mateo Diaz => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
Task: {3AD8062D-9F7C-475F-A4D8-FAF872206C23} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe (Piriform Software Ltd -> Piriform Software Ltd)
Task: {3F3C184E-2AB5-4DD9-A59E-470CAADE721D} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {44A6A695-8C69-4E00-A182-9AE61D486A84} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
Task: {5D729E75-1504-4BCE-BE1D-E6E5348D8F8C} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {6190041C-6850-49AA-B83E-11981A2CA317} - System32\Tasks\SUPERAntiSpyware Scheduled Task 5cf59f15-f349-4972-9292-1bf32d262679 => C:\Program Files\SUPERAntiSpyware\SASTask.exe (SUPERAntiSpyware.com -> SUPERAdBlocker.com)
Task: {7AE7FB56-515E-44E1-A360-9D9A96420EB7} - System32\Tasks\Microsoft\Windows\Conexant\SA2 => C:\Program Files\CONEXANT\SAII\SACpl.exe (Conexant Systems, Inc. -> Conexant Systems, Inc.)
Task: {8233A1CB-E6AE-4FD8-81FD-1F06769F29B4} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {A7D4E9F3-FFFC-4A77-901E-2FE9278D93E9} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {CABE6235-E1CE-4D16-9619-30DC34D58EEF} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {CBB83983-533F-4DB1-AB83-2352AECAE519} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {CF747ACC-F1C3-4F5B-A002-B063710102DF} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {D4C5AACD-76B3-43C7-993F-5CF419492A94} - System32\Tasks\Microsoft\Windows\Conexant\AFA => C:\Program Files\CONEXANT\cAudioFilterAgent\SACpl.exe (Conexant Systems, Inc.) [File not signed]
Task: {DACE1BED-3180-4EAB-9C6E-46A7E21B1F1C} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
Task: {EB913835-C58E-4F2F-909D-3F16CED46C59} - System32\Tasks\SUPERAntiSpyware Scheduled Task eba11488-e388-482e-bcd0-248da9c79489 => C:\Program Files\SUPERAntiSpyware\SASTask.exe (SUPERAntiSpyware.com -> SUPERAdBlocker.com)
Task: {EDF3C310-7F15-4D68-8C14-65D1EE411E25} - System32\Tasks\Microsoft\Office\OfficeOsfInstaller => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\osfinstaller.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {F6A647A9-9954-40AE-B851-20972E3ECDC9} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {FFA35A86-DC4F-4223-B440-D46E33F6A6F6} - System32\Tasks\Opera scheduled Autoupdate 1545965948 => C:\Users\David Mateo Diaz\AppData\Local\Programs\Opera\launcher.exe (Opera Software AS -> Opera Software)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\SUPERAntiSpyware Scheduled Task 5cf59f15-f349-4972-9292-1bf32d262679.job => C:\Program Files\SUPERAntiSpyware\SASTask.exe C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
Task: C:\WINDOWS\Tasks\SUPERAntiSpyware Scheduled Task eba11488-e388-482e-bcd0-248da9c79489.job => C:\Program Files\SUPERAntiSpyware\SASTask.exe C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
Shortcut: C:\Users\David Mateo Diaz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DAZ 3D\DAZStudio4\Online Documentation.lnk -> hxxp:docs.daz3d.com\doku.php\public\software\dazstudi
Shortcut: C:\Users\David Mateo Diaz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DAZ 3D\DAZ Install Manager (64-bit)\DAZ Install Manager (64-bit) Read Me.lnk -> hxxp:docs.daz3d.com\doku.php\public\read_me\index\14811
Shortcut: C:\Users\David Mateo Diaz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BattleScribe\Help.lnk -> hxxp://www.battlescribe.net/?tab=hel
==================== Loaded Modules (Whitelisted) ==============
2019-03-03 20:22 - 2019-02-01 09:56 - 005139968 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Gui.dll
2019-03-03 20:22 - 2019-02-01 09:56 - 002950144 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Qml.dll
2019-03-03 20:22 - 2019-02-01 09:56 - 002234880 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Network.dll
2019-03-03 20:22 - 2019-02-01 09:55 - 005010944 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Core.dll
2019-03-03 20:22 - 2019-02-01 09:56 - 003084800 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Quick.dll
2019-03-03 20:22 - 2019-02-01 09:56 - 004571648 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Widgets.dll
2019-03-03 20:22 - 2019-02-01 09:56 - 000438272 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5WinExtras.dll
2019-03-03 20:22 - 2019-02-01 09:56 - 001181184 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\platforms\qwindows.dll
2019-03-03 20:22 - 2019-02-01 09:56 - 000124928 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\styles\qwindowsvistastyle.dll
2019-03-03 20:22 - 2019-02-01 09:56 - 000026112 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\imageformats\qico.dll
2019-03-03 20:22 - 2019-02-01 09:56 - 000020992 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\imageformats\qsvg.dll
2019-03-03 20:22 - 2019-02-01 09:56 - 000259584 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Svg.dll
2019-03-03 20:22 - 2019-02-01 09:56 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick.2\qtquick2plugin.dll
2019-03-03 20:22 - 2019-02-01 09:56 - 000729088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls\qtquickcontrolsplugin.dll
2019-03-03 20:22 - 2019-02-01 09:56 - 000073216 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Layouts\qquicklayoutsplugin.dll
2019-03-03 20:22 - 2019-02-01 09:56 - 000179712 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Dialogs\dialogplugin.dll
2019-03-03 20:22 - 2019-02-01 09:56 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Window.2\windowplugin.dll
2019-03-03 20:22 - 2019-02-01 09:56 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQml\Models.2\modelsplugin.dll
2019-03-03 20:22 - 2019-02-01 09:56 - 000101888 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\PrivateWidgets\widgetsplugin.dll
2019-02-15 17:19 - 2019-02-15 17:19 - 002380800 _____ (Conexant Systems, Inc) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\SmartAudio\044a9c4b47619ae94437356d70005a24\SmartAudio.ni.exe
2019-02-15 17:20 - 2019-02-15 17:20 - 000369152 _____ ( ) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Interop.CxHef9fb4ae#\f09d5176043d2e50039405b0863240a9\Interop.CxHDAudioAPILib.ni.dll
2019-02-15 17:20 - 2019-02-15 17:20 - 000019968 _____ ( ) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Interop.CxUtilSvcLib\f1fb9f8388bf4ff334d21366baf4ebec\Interop.CxUtilSvcLib.ni.dll
2018-12-27 15:04 - 2016-12-19 11:25 - 001165824 _____ (Conexant Systems, Inc.) [File not signed] C:\Program Files\Conexant\SAII\CxHDAudioAPI.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mbamchameleon => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mbamchameleon => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2018-12-27 14:38 - 2019-03-03 19:37 - 000000470 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 space1.adminpressure.space
127.0.0.1 trackpressure.website
127.0.0.1 htagzdownload.pw
127.0.0.1 texttotalk.org
127.0.0.1 360devtraking.website
127.0.0.1 room1.360dev.info
127.0.0.1 djapp.info
127.0.0.1 technologievimy.com
127.0.0.1 sharefolder.online
127.0.0.1 install.portmdfmoon.com
127.0.0.1 adkqow01283.pw
127.0.0.1 telechargini.com
127.0.0.1 rothsideadome.pw
127.0.0.1 fffffk.xyz
127.0.0.1 smarttrackk.xyz
127.0.0.1 discretdan.com
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path: C:\Program Files (x86)\Common Files\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-4175682127-3877867951-1631616607-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\David Mateo Diaz\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\Alfons_mucha,_los_cigarillos_paris_son_los_mejores,_1897_(richard_fuxa_fundation)_03.jpg
DNS Servers: 190.248.0.1 - 200.31.208.101
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
If an entry is included in the fixlist, it will be removed.
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [TCP Query User{A3EEE6B3-5BBA-46F8-95F6-438F89B0AE9E}C:\program files (x86)\total war warhammer ii\warhammer2.exe] => (Allow) C:\program files (x86)\total war warhammer ii\warhammer2.exe (SEGA EUROPE LIMITED -> The Creative Assembly Ltd) [File not signed]
FirewallRules: [UDP Query User{22F02B85-8255-4C05-B486-82DDAFA37A73}C:\program files (x86)\total war warhammer ii\warhammer2.exe] => (Allow) C:\program files (x86)\total war warhammer ii\warhammer2.exe (SEGA EUROPE LIMITED -> The Creative Assembly Ltd) [File not signed]
FirewallRules: [{32E86A98-3CDD-4DAB-A1A7-6DBC1317C661}] => (Allow) D:\Program Files (x86)\qBittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [{043AD914-95DE-49A8-8559-F5DD8F43B85B}] => (Allow) D:\Program Files (x86)\qBittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [TCP Query User{7EA674EF-A5ED-4712-8FDD-641EA089D446}D:\downloads\java\jre1.8.0_191\bin\java.exe] => (Allow) D:\downloads\java\jre1.8.0_191\bin\java.exe No File
FirewallRules: [UDP Query User{9074D7B6-FF7D-4BD8-B845-1070E93845C0}D:\downloads\java\jre1.8.0_191\bin\java.exe] => (Allow) D:\downloads\java\jre1.8.0_191\bin\java.exe No File
FirewallRules: [{931C3D0F-4B0E-4878-90DA-916139C02BC1}] => (Allow) D:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{050B5E07-45F9-4042-BB46-19D2A9CCF398}] => (Allow) D:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{0160222C-F3C4-4AA4-B7F0-441913A7F04F}] => (Allow) D:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{921F8129-7235-4F3A-AB7D-DFA5D5B0CCE4}] => (Allow) D:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{E10B277E-BB0A-4366-B328-F9CD8EEE25B1}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Tabletop Simulator\Tabletop Simulator.exe () [File not signed]
FirewallRules: [{B78343BD-5EB9-436C-A4F4-AF02248815FE}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Tabletop Simulator\Tabletop Simulator.exe () [File not signed]
FirewallRules: [TCP Query User{A47ED626-477E-4527-83CC-162A8A56103F}D:\downloads\java\jre1.8.0_201\bin\java.exe] => (Allow) D:\downloads\java\jre1.8.0_201\bin\java.exe
FirewallRules: [UDP Query User{E83D40F3-6E6D-4CAE-ACF3-D7263624751F}D:\downloads\java\jre1.8.0_201\bin\java.exe] => (Allow) D:\downloads\java\jre1.8.0_201\bin\java.exe
FirewallRules: [{80F7B1F1-1758-4B56-80FD-5192864828AA}] => (Allow) D:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{7008776C-21EC-4503-A5CB-5DF90657F202}] => (Allow) D:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [TCP Query User{4AE40BD7-4596-4DBC-BC38-7C76D73D7E85}D:\program files (x86)\soulseekqt\soulseekqt.exe] => (Allow) D:\program files (x86)\soulseekqt\soulseekqt.exe () [File not signed]
FirewallRules: [UDP Query User{D73E5632-BA2E-498E-A183-D0231FED6EEF}D:\program files (x86)\soulseekqt\soulseekqt.exe] => (Allow) D:\program files (x86)\soulseekqt\soulseekqt.exe () [File not signed]
FirewallRules: [{107600ED-B2AE-4C61-9867-BF387DBB1354}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F559DC35-54DF-49AB-A39A-5016A916CB4A}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{66F8266F-635B-4AB5-AC2E-4FBC2B59BA17}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{5F310EC6-12CB-429D-B502-3321059F64C5}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{65568609-0A80-4B65-BFAE-F61DE7ED3A81}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{11BE07CB-4D86-4550-AD7F-6931EF45FA01}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
FirewallRules: [{A55AFDAE-1DD1-45C4-A903-D811D181BFC6}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
FirewallRules: [{87E25721-0CAA-4832-90E4-C3523C62116C}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.)
==================== Restore Points =========================
ATTENTION: System Restore is disabled
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (03/04/2019 05:34:44 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: El programa CCleaner64.exe, versión 5.53.0.7034, dejó de interactuar con Windows y se cerró. Para ver si hay más información disponible acerca del problema, comprueba el historial de problemas en la sección Seguridad y mantenimiento del Panel de control.
Identificador de proceso: 214c
Hora de inicio: 01d4d234204bb15a
Hora de finalización: 4294967295
Ruta de la aplicación: C:\Program Files\CCleaner\CCleaner64.exe
Identificador de informe: de9f5b85-bcbc-455d-8b27-797fca5eb467
Nombre completo de paquete con errores:
Identificador de aplicación relativa del paquete con errores:
Error: (03/03/2019 09:43:59 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: El programa CCleaner64.exe, versión 5.53.0.7034, dejó de interactuar con Windows y se cerró. Para ver si hay más información disponible acerca del problema, comprueba el historial de problemas en la sección Seguridad y mantenimiento del Panel de control.
Identificador de proceso: b14
Hora de inicio: 01d4d2336297ebba
Hora de finalización: 4294967295
Ruta de la aplicación: C:\Program Files\CCleaner\CCleaner64.exe
Identificador de informe: 2f131c99-e12f-4718-a364-92750755ddfb
Nombre completo de paquete con errores:
Identificador de aplicación relativa del paquete con errores:
Error: (03/03/2019 08:16:12 PM) (Source: RunBooster) (EventID: 1) (User: )
Description: Event-ID 1
Error: (03/03/2019 07:00:57 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Error de la activación de licencia (slui.exe) con el siguiente código:
hr=0x8007232B
Argumentos de línea de comandos:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=TimerEvent
Error: (03/03/2019 06:48:01 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Error al generar el contexto de activación para "C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.Manifest". Error en el archivo de manifiesto o directiva "C:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL" en la línea 1.
La identidad de componente encontrada en el manifiesto no coincide con la del componente solicitado.
La referencia es UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
La definición es UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Use sxstrace.exe para obtener un diagnóstico detallado.
Error: (03/03/2019 06:40:49 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Error de la activación de licencia (slui.exe) con el siguiente código:
hr=0x8007232B
Argumentos de línea de comandos:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=NetworkAvailable
Error: (03/03/2019 06:40:43 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Error de la activación de licencia (slui.exe) con el siguiente código:
hr=0x8007232B
Argumentos de línea de comandos:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=NetworkAvailable
Error: (03/03/2019 05:10:24 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Error de la activación de licencia (slui.exe) con el siguiente código:
hr=0x8007232B
Argumentos de línea de comandos:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=NetworkAvailable
System errors:
=============
Error: (03/05/2019 11:09:55 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-U32J61O)
Description: El servidor {9E175B6D-F52A-11D8-B9A5-505054503030} no se registró con DCOM dentro del tiempo de espera requerido.
Error: (03/05/2019 11:07:55 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-U32J61O)
Description: El servidor {9E175B6D-F52A-11D8-B9A5-505054503030} no se registró con DCOM dentro del tiempo de espera requerido.
Error: (03/05/2019 11:06:10 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-U32J61O)
Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
y APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
al usuario DESKTOP-U32J61O\David Mateo Diaz con SID (S-1-5-21-4175682127-3877867951-1631616607-1001) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.
Error: (03/05/2019 11:06:10 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-U32J61O)
Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
y APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
al usuario DESKTOP-U32J61O\David Mateo Diaz con SID (S-1-5-21-4175682127-3877867951-1631616607-1001) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.
Error: (03/05/2019 11:05:15 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
y APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
al usuario NT AUTHORITY\SERVICIO LOCAL con SID (S-1-5-19) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.
Error: (03/05/2019 11:05:15 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
y APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
al usuario NT AUTHORITY\SERVICIO LOCAL con SID (S-1-5-19) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.
Error: (03/05/2019 11:04:36 AM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-U32J61O)
Description: Error de DCOM "1084" al intentar iniciar el servicio ShellHWDetection con argumentos "No disponible" para ejecutar el servidor:
{DD522ACC-F821-461A-A407-50B198B896DC}
Error: (03/05/2019 11:04:15 AM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-U32J61O)
Description: Error de DCOM "1084" al intentar iniciar el servicio WSearch con argumentos "No disponible" para ejecutar el servidor:
{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
Windows Defender:
===================================
Date: 2019-03-03 19:12:09.714
Description:
Antivirus de Windows Defender detectó malware u otro software potencialmente no deseado.
Para obtener más información consulte lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Occamy.C&threatid=2147726780&enterprise=0
Nombre: Trojan:Win32/Occamy.C
Id.: 2147726780
Gravedad: Grave
Categoría: Caballo de Troya
Ruta de acceso: file:_C:\Users\David Mateo Diaz\Desktop\KMS Tools Portable.Crack\KMSTools.exe
Origen de detección: Equipo local
Tipo de detección: FastPath
Fuente de detección: Protección en tiempo real
Usuario: DESKTOP-U32J61O\David Mateo Diaz
Nombre de proceso: C:\Windows\System32\PickerHost.exe
Versión de firma: AV: 1.289.363.0, AS: 1.289.363.0, NIS: 1.289.363.0
Versión de motor: AM: 1.1.15700.9, NIS: 1.1.15700.9
Date: 2019-03-03 19:10:14.527
Description:
Antivirus de Windows Defender detectó malware u otro software potencialmente no deseado.
Para obtener más información consulte lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=TrojanDropper:Win32/Kaymundler.B&threatid=2147709422&enterprise=0
Nombre: TrojanDropper:Win32/Kaymundler.B
Id.: 2147709422
Gravedad: Grave
Categoría: Instalador troyano de malware
Ruta de acceso: file:_C:\Program Files (x86)\KMSPico 10.2.1 Final\KMSPico_Installer.bat
Origen de detección: Equipo local
Tipo de detección: Concreto
Fuente de detección: Protección en tiempo real
Usuario: DESKTOP-U32J61O\David Mateo Diaz
Nombre de proceso: C:\Users\David Mateo Diaz\Downloads\KMSPico 10.2.1 [TeamDaz.NG]\KMSPico 10.2.1.exe
Versión de firma: AV: 1.289.363.0, AS: 1.289.363.0, NIS: 1.289.363.0
Versión de motor: AM: 1.1.15700.9, NIS: 1.1.15700.9
Date: 2019-03-03 19:09:36.338
Description:
Antivirus de Windows Defender detectó malware u otro software potencialmente no deseado.
Para obtener más información consulte lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=TrojanDropper:Win32/Kaymundler.B&threatid=2147709422&enterprise=0
Nombre: TrojanDropper:Win32/Kaymundler.B
Id.: 2147709422
Gravedad: Grave
Categoría: Instalador troyano de malware
Ruta de acceso: file:_C:\Program Files (x86)\KMSPico 10.2.1 Final\KMSPico_Installer.bat
Origen de detección: Equipo local
Tipo de detección: Concreto
Fuente de detección: Protección en tiempo real
Usuario: DESKTOP-U32J61O\David Mateo Diaz
Nombre de proceso: C:\Users\David Mateo Diaz\Downloads\KMSPico 10.2.1 [TeamDaz.NG]\KMSPico 10.2.1.exe
Versión de firma: AV: 1.289.363.0, AS: 1.289.363.0, NIS: 1.289.363.0
Versión de motor: AM: 1.1.15700.9, NIS: 1.1.15700.9
Date: 2019-03-03 19:09:36.229
Description:
Antivirus de Windows Defender detectó malware u otro software potencialmente no deseado.
Para obtener más información consulte lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=SoftwareBundler:Win32/Prepscram&threatid=226289&enterprise=0
Nombre: SoftwareBundler:Win32/Prepscram
Id.: 226289
Gravedad: Alta
Categoría: Software que instala varios programas
Ruta de acceso: file:_C:\Program Files (x86)\KMSPico 10.2.1 Final\KMSPico Setup.exe
Origen de detección: Equipo local
Tipo de detección: Concreto
Fuente de detección: Protección en tiempo real
Usuario: DESKTOP-U32J61O\David Mateo Diaz
Nombre de proceso: C:\Users\David Mateo Diaz\Downloads\KMSPico 10.2.1 [TeamDaz.NG]\KMSPico 10.2.1.exe
Versión de firma: AV: 1.289.363.0, AS: 1.289.363.0, NIS: 1.289.363.0
Versión de motor: AM: 1.1.15700.9, NIS: 1.1.15700.9
Date: 2019-03-03 19:09:07.180
Description:
Antivirus de Windows Defender detectó malware u otro software potencialmente no deseado.
Para obtener más información consulte lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=TrojanDropper:Win32/Kaymundler.B&threatid=2147709422&enterprise=0
Nombre: TrojanDropper:Win32/Kaymundler.B
Id.: 2147709422
Gravedad: Grave
Categoría: Instalador troyano de malware
Ruta de acceso: file:_C:\Program Files (x86)\KMSPico 10.2.1 Final\KMSPico_Installer.bat
Origen de detección: Equipo local
Tipo de detección: Concreto
Fuente de detección: Protección en tiempo real
Usuario: DESKTOP-U32J61O\David Mateo Diaz
Nombre de proceso: C:\Users\David Mateo Diaz\Downloads\KMSPico 10.2.1 [TeamDaz.NG]\KMSPico 10.2.1.exe
Versión de firma: AV: 1.289.363.0, AS: 1.289.363.0, NIS: 1.289.363.0
Versión de motor: AM: 1.1.15700.9, NIS: 1.1.15700.9
Date: 2019-02-14 17:56:42.886
Description:
Antivirus de Windows Defender encontró un error al intentar actualizar las firmas.
Nueva versión de firma:
Versión de firma anterior: 1.285.1510.0
Origen de actualización: Servidor de Microsoft Update
Tipo de firma: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\SYSTEM
Versión de motor actual:
Versión de motor anterior: 1.1.15600.4
Código de error: 0x80240016
Descripción del error: Se produjo un problema inesperado mientras se buscaban actualizaciones. Para obtener más información sobre cómo instalar o solucionar problemas en las actualizaciones, consulte Ayuda y soporte técnico.
Date: 2019-02-02 15:41:29.958
Description:
Antivirus de Windows Defender encontró un error al intentar actualizar las firmas.
Nueva versión de firma:
Versión de firma anterior: 1.285.646.0
Origen de actualización: Servidor de Microsoft Update
Tipo de firma: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\SYSTEM
Versión de motor actual:
Versión de motor anterior: 1.1.15600.4
Código de error: 0x8024402c
Descripción del error: Se produjo un problema inesperado mientras se buscaban actualizaciones. Para obtener más información sobre cómo instalar o solucionar problemas en las actualizaciones, consulte Ayuda y soporte técnico.
Date: 2018-12-30 11:03:56.823
Description:
La característica Protección en tiempo real de Antivirus de Windows Defender encontró un error:
Característica: Durante el acceso
Código de error: 0x80004005
Descripción del error: Error no especificado
Motivo: El controlador de filtro no examinó los elementos y está en el modo indirecto. Esto puede deberse a recursos insuficientes.
CodeIntegrity:
===================================
Date: 2019-03-03 20:40:59.574
Description:
Windows blocked file \Device\HarddiskVolume5\Windows\System32\scrobj.dll which has been disallowed for protected processes.
Date: 2019-03-03 20:40:59.560
Description:
Windows blocked file \Device\HarddiskVolume5\Windows\System32\scrobj.dll which has been disallowed for protected processes.
Date: 2019-03-03 20:40:59.547
Description:
Windows blocked file \Device\HarddiskVolume5\Windows\System32\scrobj.dll which has been disallowed for protected processes.
Date: 2019-03-03 20:40:59.529
Description:
Windows blocked file \Device\HarddiskVolume5\Windows\System32\scrobj.dll which has been disallowed for protected processes.
Date: 2019-03-03 20:39:38.427
Description:
Windows blocked file \Device\HarddiskVolume5\Windows\System32\scrobj.dll which has been disallowed for protected processes.
Date: 2019-03-03 20:39:38.411
Description:
Windows blocked file \Device\HarddiskVolume5\Windows\System32\scrobj.dll which has been disallowed for protected processes.
Date: 2019-03-03 20:39:38.395
Description:
Windows blocked file \Device\HarddiskVolume5\Windows\System32\scrobj.dll which has been disallowed for protected processes.
Date: 2019-03-03 20:39:38.371
Description:
Windows blocked file \Device\HarddiskVolume5\Windows\System32\scrobj.dll which has been disallowed for protected processes.
==================== Memory info ===========================
Processor: AMD A10-9620P RADEON R5, 10 COMPUTE CORES 4C+6G
Percentage of memory in use: 39%
Total physical RAM: 7117.52 MB
Available physical RAM: 4288.36 MB
Total Virtual: 14797.52 MB
Available Virtual: 12190.63 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:110.39 GB) (Free:17.3 GB) NTFS
Drive d: (Nuevo vol) (Fixed) (Total:931.51 GB) (Free:325.37 GB) NTFS
\\?\Volume{55f09f83-a859-4a57-9d81-dd502b704c03}\ (Recuperación) (Fixed) (Total:0.44 GB) (Free:0.42 GB) NTFS
\\?\Volume{1ba4b553-eb16-48ad-8426-ca6d33d6b3c2}\ () (Fixed) (Total:0.85 GB) (Free:0.34 GB) NTFS
\\?\Volume{9716c7fe-9d0a-48df-b6d6-250065333df4}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)
Partition: GPT.
========================================================
Disk: 1 (Protective MBR) (Size: 111.8 GB) (Disk ID: 00000000)
Partition: GPT.
==================== End of Addition.txt ============================Alguna novedad en el tema?
Hola
MUY Importante 
Realiza una copia de seguridad del registro :
Para hacerlo descarga DelFix.exe( en tu escritorio).
Doble clic para ejecutarlo.(Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona -Ejecutar como Administrador-).
Atención, ahora marca/selecciona únicamente la casilla "Create registry backup", las demás NO.
Pulsar en Run.
Se abrirá el informe (DelFix.txt), guárdalo por si fuera necesario y cierra la herramienta.
Con los demás programas cerrados ve a Inicio Ejecutar y escribe Notepad.exe.
START
CREATERESTOREPOINT:
CLOSEPROCESSES:
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [588704 2018-03-28] (Oracle America, Inc. -> Oracle Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
OPR Extension: (4chan X) - C:\Users\David Mateo Diaz\AppData\Roaming\Opera Software\Opera Stable\Extensions\ohnjgmpcibpbafdlkimncjhflgedgpam [2019-01-28]
R1 3D07A1081ABA; C:\WINDOWS\3D07A1081ABA.sys [619880 2019-03-03] (韵羽健康管理咨询(上海)有限公司 -> VxDriver)
R2 WinDivert1.2; C:\WINDOWS\system32\drivers\WinDivert64.sys [37552 2019-03-03] (Nemea Mjukvaruutveckling AB -> Basil)
Diaz\AppData\Roaming\zzdupwh3d4m
2019-03-03 19:36 - 2019-03-03 19:51 - 000000000 ____D C:\Users\David Mateo Diaz\AppData\Roaming\seo42kbova3
2019-03-03 19:36 - 2019-03-03 19:50 - 000000000 ____D C:\Users\David Mateo Diaz\AppData\Roaming\12laox3wbbz
2019-03-03 19:35 - 2019-03-03 19:50 - 000000000 ____D C:\Users\David Mateo Diaz\AppData\Roaming\5iocodtjs2j
2019-03-03 19:35 - 2019-03-03 19:38 - 000000000 ____D C:\Users\David Mateo Diaz\AppData\Roaming\rmv0bmb1iic
2019-03-03 19:35 - 2019-03-03 19:35 - 000619880 _____ (VxDriver) C:\WINDOWS\3D07A1081ABA.sys
2019-03-03 19:35 - 2019-03-03 19:35 - 000037552 _____ (Basil) C:\WINDOWS\system32\Drivers\WinDivert64.sys
2019-03-03 19:31 - 2019-03-03 19:31 - 000000000 ____D C:\ProgramData\{A4C9EB1F-976D-2DBE-158A-3DA1156D64F0}
2019-03-03 19:31 - 2019-03-03 19:31 - 000000000 ____D C:\ProgramData\{84789F88-E3FA-0D0F-82FE-8C818219D5D0}
Task: {D4C5AACD-76B3-43C7-993F-5CF419492A94} - System32\Tasks\Microsoft\Windows\Conexant\AFA => C:\Program Files\CONEXANT\cAudioFilterAgent\SACpl.exe (Conexant Systems, Inc.) [File not signed]
FirewallRules: [TCP Query User{A3EEE6B3-5BBA-46F8-95F6-438F89B0AE9E}C:\program files (x86)\total war warhammer ii\warhammer2.exe] => (Allow) C:\program files (x86)\total war warhammer ii\warhammer2.exe (SEGA EUROPE LIMITED -> The Creative Assembly Ltd) [File not signed]
FirewallRules: [UDP Query User{22F02B85-8255-4C05-B486-82DDAFA37A73}C:\program files (x86)\total war warhammer ii\warhammer2.exe] => (Allow) C:\program files (x86)\total war warhammer ii\warhammer2.exe (SEGA EUROPE LIMITED -> The Creative Assembly Ltd) [File not signed]
FirewallRules: [{32E86A98-3CDD-4DAB-A1A7-6DBC1317C661}] => (Allow) D:\Program Files (x86)\qBittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [{043AD914-95DE-49A8-8559-F5DD8F43B85B}] => (Allow) D:\Program Files (x86)\qBittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [TCP Query User{7EA674EF-A5ED-4712-8FDD-641EA089D446}D:\downloads\java\jre1.8.0_191\bin\java.exe] => (Allow) D:\downloads\java\jre1.8.0_191\bin\java.exe No File
FirewallRules: [UDP Query User{9074D7B6-FF7D-4BD8-B845-1070E93845C0}D:\downloads\java\jre1.8.0_191\bin\java.exe] => (Allow) D:\downloads\java\jre1.8.0_191\bin\java.exe No File
FirewallRules: [{0160222C-F3C4-4AA4-B7F0-441913A7F04F}] => (Allow) D:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{921F8129-7235-4F3A-AB7D-DFA5D5B0CCE4}] => (Allow) D:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{E10B277E-BB0A-4366-B328-F9CD8EEE25B1}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Tabletop Simulator\Tabletop Simulator.exe () [File not signed]
FirewallRules: [{B78343BD-5EB9-436C-A4F4-AF02248815FE}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Tabletop Simulator\Tabletop Simulator.exe () [File not signed]
FirewallRules: [TCP Query User{4AE40BD7-4596-4DBC-BC38-7C76D73D7E85}D:\program files (x86)\soulseekqt\soulseekqt.exe] => (Allow) D:\program files (x86)\soulseekqt\soulseekqt.exe () [File not signed]
FirewallRules: [UDP Query User{D73E5632-BA2E-498E-A183-D0231FED6EEF}D:\program files (x86)\soulseekqt\soulseekqt.exe] => (Allow) D:\program files (x86)\soulseekqt\soulseekqt.exe () [File not signed]
HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
ENDGuárdalo bajo el nombre de FIXLIST.TXT en el escritorio Esto es muy importante.
Nota Es importante que la herramienta FRST.exe (Farbar Recovery Scanner Tool) y FIXLIST.TXT se encuentren en la misma ubicación (escritorio) o si no, no trabajara.
Pega el contenido de este fichero en tu próxima respuesta.
Reiniciar el equipo y comprobar su funcionamiento en relación al problema planteado y comentarlo.
Un saludo
Hola, este es el fixlog. esta mañana antes de ejecutarlo, el anàlisis del malwarebytes me habia detectado otra vez unos malwares, te lo dejo abajo.
Fix result of Farbar Recovery Scan Tool (x64) Version: 03.03.2019
Ran by David Mateo Diaz (08-03-2019 08:11:53) Run:1
Running from C:\Users\David Mateo Diaz\Desktop
Loaded Profiles: David Mateo Diaz (Available Profiles: David Mateo Diaz)
Boot Mode: Normal
==============================================
fixlist content:
*****************
START
CREATERESTOREPOINT:
CLOSEPROCESSES:
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [588704 2018-03-28] (Oracle America, Inc. -> Oracle Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
OPR Extension: (4chan X) - C:\Users\David Mateo Diaz\AppData\Roaming\Opera Software\Opera Stable\Extensions\ohnjgmpcibpbafdlkimncjhflgedgpam [2019-01-28]
R1 3D07A1081ABA; C:\WINDOWS\3D07A1081ABA.sys [619880 2019-03-03] (韵羽健康管理咨询(上海)有限公司 -> VxDriver)
R2 WinDivert1.2; C:\WINDOWS\system32\drivers\WinDivert64.sys [37552 2019-03-03] (Nemea Mjukvaruutveckling AB -> Basil)
Diaz\AppData\Roaming\zzdupwh3d4m
2019-03-03 19:36 - 2019-03-03 19:51 - 000000000 ____D C:\Users\David Mateo Diaz\AppData\Roaming\seo42kbova3
2019-03-03 19:36 - 2019-03-03 19:50 - 000000000 ____D C:\Users\David Mateo Diaz\AppData\Roaming\12laox3wbbz
2019-03-03 19:35 - 2019-03-03 19:50 - 000000000 ____D C:\Users\David Mateo Diaz\AppData\Roaming\5iocodtjs2j
2019-03-03 19:35 - 2019-03-03 19:38 - 000000000 ____D C:\Users\David Mateo Diaz\AppData\Roaming\rmv0bmb1iic
2019-03-03 19:35 - 2019-03-03 19:35 - 000619880 _____ (VxDriver) C:\WINDOWS\3D07A1081ABA.sys
2019-03-03 19:35 - 2019-03-03 19:35 - 000037552 _____ (Basil) C:\WINDOWS\system32\Drivers\WinDivert64.sys
2019-03-03 19:31 - 2019-03-03 19:31 - 000000000 ____D C:\ProgramData\{A4C9EB1F-976D-2DBE-158A-3DA1156D64F0}
2019-03-03 19:31 - 2019-03-03 19:31 - 000000000 ____D C:\ProgramData\{84789F88-E3FA-0D0F-82FE-8C818219D5D0}
Task: {D4C5AACD-76B3-43C7-993F-5CF419492A94} - System32\Tasks\Microsoft\Windows\Conexant\AFA => C:\Program Files\CONEXANT\cAudioFilterAgent\SACpl.exe (Conexant Systems, Inc.) [File not signed]
FirewallRules: [TCP Query User{A3EEE6B3-5BBA-46F8-95F6-438F89B0AE9E}C:\program files (x86)\total war warhammer ii\warhammer2.exe] => (Allow) C:\program files (x86)\total war warhammer ii\warhammer2.exe (SEGA EUROPE LIMITED -> The Creative Assembly Ltd) [File not signed]
FirewallRules: [UDP Query User{22F02B85-8255-4C05-B486-82DDAFA37A73}C:\program files (x86)\total war warhammer ii\warhammer2.exe] => (Allow) C:\program files (x86)\total war warhammer ii\warhammer2.exe (SEGA EUROPE LIMITED -> The Creative Assembly Ltd) [File not signed]
FirewallRules: [{32E86A98-3CDD-4DAB-A1A7-6DBC1317C661}] => (Allow) D:\Program Files (x86)\qBittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [{043AD914-95DE-49A8-8559-F5DD8F43B85B}] => (Allow) D:\Program Files (x86)\qBittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [TCP Query User{7EA674EF-A5ED-4712-8FDD-641EA089D446}D:\downloads\java\jre1.8.0_191\bin\java.exe] => (Allow) D:\downloads\java\jre1.8.0_191\bin\java.exe No File
FirewallRules: [UDP Query User{9074D7B6-FF7D-4BD8-B845-1070E93845C0}D:\downloads\java\jre1.8.0_191\bin\java.exe] => (Allow) D:\downloads\java\jre1.8.0_191\bin\java.exe No File
FirewallRules: [{0160222C-F3C4-4AA4-B7F0-441913A7F04F}] => (Allow) D:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{921F8129-7235-4F3A-AB7D-DFA5D5B0CCE4}] => (Allow) D:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{E10B277E-BB0A-4366-B328-F9CD8EEE25B1}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Tabletop Simulator\Tabletop Simulator.exe () [File not signed]
FirewallRules: [{B78343BD-5EB9-436C-A4F4-AF02248815FE}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Tabletop Simulator\Tabletop Simulator.exe () [File not signed]
FirewallRules: [TCP Query User{4AE40BD7-4596-4DBC-BC38-7C76D73D7E85}D:\program files (x86)\soulseekqt\soulseekqt.exe] => (Allow) D:\program files (x86)\soulseekqt\soulseekqt.exe () [File not signed]
FirewallRules: [UDP Query User{D73E5632-BA2E-498E-A183-D0231FED6EEF}D:\program files (x86)\soulseekqt\soulseekqt.exe] => (Allow) D:\program files (x86)\soulseekqt\soulseekqt.exe () [File not signed]
HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
END
*****************
Error: (0) Failed to create a restore point.
Processes closed successfully.
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched" => removed successfully
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => removed successfully
HKLM\SOFTWARE\Policies\Google => removed successfully
C:\Users\David Mateo Diaz\AppData\Roaming\Opera Software\Opera Stable\Extensions\ohnjgmpcibpbafdlkimncjhflgedgpam => moved successfully
3D07A1081ABA => service not found.
WinDivert1.2 => Unable to stop service.
HKLM\System\CurrentControlSet\Services\WinDivert1.2 => removed successfully
WinDivert1.2 => service removed successfully
Diaz\AppData\Roaming\zzdupwh3d4m => Error: No automatic fix found for this entry.
C:\Users\David Mateo Diaz\AppData\Roaming\seo42kbova3 => moved successfully
C:\Users\David Mateo Diaz\AppData\Roaming\12laox3wbbz => moved successfully
C:\Users\David Mateo Diaz\AppData\Roaming\5iocodtjs2j => moved successfully
C:\Users\David Mateo Diaz\AppData\Roaming\rmv0bmb1iic => moved successfully
Could not move "C:\WINDOWS\3D07A1081ABA.sys" => Scheduled to move on reboot.
C:\WINDOWS\system32\Drivers\WinDivert64.sys => moved successfully
C:\ProgramData\{A4C9EB1F-976D-2DBE-158A-3DA1156D64F0} => moved successfully
C:\ProgramData\{84789F88-E3FA-0D0F-82FE-8C818219D5D0} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{D4C5AACD-76B3-43C7-993F-5CF419492A94}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D4C5AACD-76B3-43C7-993F-5CF419492A94}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Conexant\AFA => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Conexant\AFA" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{A3EEE6B3-5BBA-46F8-95F6-438F89B0AE9E}C:\program files (x86)\total war warhammer ii\warhammer2.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{22F02B85-8255-4C05-B486-82DDAFA37A73}C:\program files (x86)\total war warhammer ii\warhammer2.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{32E86A98-3CDD-4DAB-A1A7-6DBC1317C661}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{043AD914-95DE-49A8-8559-F5DD8F43B85B}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{7EA674EF-A5ED-4712-8FDD-641EA089D446}D:\downloads\java\jre1.8.0_191\bin\java.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{9074D7B6-FF7D-4BD8-B845-1070E93845C0}D:\downloads\java\jre1.8.0_191\bin\java.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{0160222C-F3C4-4AA4-B7F0-441913A7F04F}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{921F8129-7235-4F3A-AB7D-DFA5D5B0CCE4}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E10B277E-BB0A-4366-B328-F9CD8EEE25B1}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{B78343BD-5EB9-436C-A4F4-AF02248815FE}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{4AE40BD7-4596-4DBC-BC38-7C76D73D7E85}D:\program files (x86)\soulseekqt\soulseekqt.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{D73E5632-BA2E-498E-A183-D0231FED6EEF}D:\program files (x86)\soulseekqt\soulseekqt.exe" => removed successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
========= RemoveProxy: =========
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully
"HKU\S-1-5-21-4175682127-3877867951-1631616607-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\S-1-5-21-4175682127-3877867951-1631616607-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully
========= End of RemoveProxy: =========
========= netsh winsock reset =========
El cat logo Winsock se restableci¢ correctamente.
Debe reiniciar el equipo para completar el restablecimiento.
========= End of CMD: =========
========= ipconfig /renew =========
Configuraci¢n IP de Windows
No se puede realizar ninguna operaci¢n en Ethernet mientras los medios
est‚n desconectados.
No se puede realizar ninguna operaci¢n en Conexi¢n de rea local* 1 mientras los medios
est‚n desconectados.
No se puede realizar ninguna operaci¢n en Conexi¢n de rea local* 3 mientras los medios
est‚n desconectados.
Error al renovar la interfaz Wi-Fi: no se puede establecer contacto con el
servidor DHCP. La solicitud super¢ el tiempo de espera.
No se puede realizar ninguna operaci¢n en Conexi¢n de red Bluetooth mientras los medios
est‚n desconectados.
========= End of CMD: =========
========= ipconfig /flushdns =========
Configuraci¢n IP de Windows
Se vaci¢ correctamente la cach‚ de resoluci¢n de DNS.
========= End of CMD: =========
========= bitsadmin /reset /allusers =========
BITSADMIN version 3.0
BITS administration utility.
(C) Copyright Microsoft Corp.
Unable to cancel {0FDDD19C-8C64-43BD-B98E-95299B359770}.
Unable to cancel {456C4857-813F-448B-985E-E7C4CEB7567A}.
{C4E810C9-FB95-4511-B9E8-D8F4714D73A5} canceled.
{6687675E-C6EE-438F-B807-E073B19D022E} canceled.
2 out of 4 jobs canceled.
========= End of CMD: =========
========= netsh advfirewall reset =========
Aceptar
========= End of CMD: =========
========= netsh advfirewall set allprofiles state ON =========
Aceptar
========= End of CMD: =========
========= netsh int ipv4 reset =========
Reenv¡o de compartimiento se restableci¢ correctamente.
Compartimiento se restableci¢ correctamente.
Protocolo de control se restableci¢ correctamente.
Solicitud de secuencia eco se restableci¢ correctamente.
Global se restableci¢ correctamente.
Interfaz se restableci¢ correctamente.
Direcci¢n de difusi¢n por proximidad (a se restableci¢ correctamente.
Direcciones de multidifusi¢n se restableci¢ correctamente.
Direcci¢n de unidifusi¢n se restableci¢ correctamente.
Vecino se restableci¢ correctamente.
Ruta de acceso se restableci¢ correctamente.
Posible se restableci¢ correctamente.
Directiva de prefijo se restableci¢ correctamente.
Vecino de proxy se restableci¢ correctamente.
Ruta se restableci¢ correctamente.
Prefijo de sitio se restableci¢ correctamente.
Subinterfaz se restableci¢ correctamente.
Patr¢n de reactivaci¢n se restableci¢ correctamente.
Resolver vecino se restableci¢ correctamente.
se restableci¢ correctamente.
se restableci¢ correctamente.
se restableci¢ correctamente.
se restableci¢ correctamente.
Error al restablecer .
Acceso denegado.
se restableci¢ correctamente.
se restableci¢ correctamente.
se restableci¢ correctamente.
se restableci¢ correctamente.
se restableci¢ correctamente.
se restableci¢ correctamente.
se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.
========= End of CMD: =========
========= netsh int ipv6 reset =========
Reenv¡o de compartimiento se restableci¢ correctamente.
Compartimiento se restableci¢ correctamente.
Protocolo de control se restableci¢ correctamente.
Solicitud de secuencia eco se restableci¢ correctamente.
Global se restableci¢ correctamente.
Interfaz se restableci¢ correctamente.
Direcci¢n de difusi¢n por proximidad (a se restableci¢ correctamente.
Direcciones de multidifusi¢n se restableci¢ correctamente.
Direcci¢n de unidifusi¢n se restableci¢ correctamente.
Vecino se restableci¢ correctamente.
Ruta de acceso se restableci¢ correctamente.
Posible se restableci¢ correctamente.
Directiva de prefijo se restableci¢ correctamente.
Vecino de proxy se restableci¢ correctamente.
Ruta se restableci¢ correctamente.
Prefijo de sitio se restableci¢ correctamente.
Subinterfaz se restableci¢ correctamente.
Patr¢n de reactivaci¢n se restableci¢ correctamente.
Resolver vecino se restableci¢ correctamente.
se restableci¢ correctamente.
se restableci¢ correctamente.
se restableci¢ correctamente.
se restableci¢ correctamente.
Error al restablecer .
Acceso denegado.
se restableci¢ correctamente.
se restableci¢ correctamente.
se restableci¢ correctamente.
se restableci¢ correctamente.
se restableci¢ correctamente.
se restableci¢ correctamente.
se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.
========= End of CMD: =========
=========== EmptyTemp: ==========
BITS transfer queue => 10248192 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 42495330 B
Java, Flash, Steam htmlcache => 220007668 B
Windows/system/drivers => 5965534 B
Edge => 3584 B
Chrome => 1432490 B
Firefox => 0 B
Opera => 279681060 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 3658 B
LocalService => 0 B
NetworkService => 0 B
NetworkService => 0 B
David Mateo Diaz => 138798605 B
RecycleBin => 0 B
EmptyTemp: => 666.3 MB temporary data Removed.
================================
Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 08-03-2019 08:14:49)
C:\WINDOWS\3D07A1081ABA.sys => Is moved successfully
==== End of Fixlog 08:14:49 ====Malwarebytes
www.malwarebytes.com
-Detalles del registro-
Fecha del análisis: 8/3/19
Hora del análisis: 7:50
Archivo de registro: be844ece-41a0-11e9-a792-2cfda17debde.json
-Información del software-
Versión: 3.7.1.2839
Versión de los componentes: 1.0.538
Versión del paquete de actualización: 1.0.9590
Licencia: Prueba
-Información del sistema-
SO: Windows 10 (Build 17134.590)
CPU: x64
Sistema de archivos: NTFS
Usuario: System
-Resumen del análisis-
Tipo de análisis: Análisis de amenazas
Análisis iniciado por:: Programador de tareas
Resultado: Completado
Objetos analizados: 278963
Amenazas detectadas: 8
Amenazas en cuarentena: 8
Tiempo transcurrido: 15 min, 31 seg
-Opciones de análisis-
Memoria: Activado
Inicio: Activado
Sistema de archivos: Activado
Archivo: Activado
Rootkits: Desactivado
Heurística: Activado
PUP: Detectar
PUM: Detectar
-Detalles del análisis-
Proceso: 0
(No hay elementos maliciosos detectados)
Módulo: 0
(No hay elementos maliciosos detectados)
Clave del registro: 1
Trojan.Agent, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\3D07A1081ABA, En cuarentena, [419], [650316],1.0.9590
Valor del registro: 0
(No hay elementos maliciosos detectados)
Datos del registro: 0
(No hay elementos maliciosos detectados)
Secuencia de datos: 0
(No hay elementos maliciosos detectados)
Carpeta: 1
Adware.Csdimonetize.E, C:\PROGRAM FILES\VideoLAN\ICYEBQ98KESGPSQ4J9I, En cuarentena, [5139], [650310],1.0.9590
Archivo: 6
Adware.Csdimonetize.E, C:\PROGRAM FILES\VideoLAN\ICYEBQ98KESGPSQ4J9I\Kenessey.txt, En cuarentena, [5139], [650310],1.0.9590
Adware.Csdimonetize.E, C:\Program Files\VideoLAN\ICYEBQ98KESGPSQ4J9I\25j'q+K+5f.exe.config, En cuarentena, [5139], [650310],1.0.9590
Adware.Csdimonetize.E, C:\Program Files\VideoLAN\ICYEBQ98KESGPSQ4J9I\bvzJxqR8wB.exe.config, En cuarentena, [5139], [650310],1.0.9590
Adware.Csdimonetize.E, C:\Program Files\VideoLAN\ICYEBQ98KESGPSQ4J9I\HjxO8bXNLa.exe.config, En cuarentena, [5139], [650310],1.0.9590
Adware.Csdimonetize.E, C:\Program Files\VideoLAN\ICYEBQ98KESGPSQ4J9I\UpdateInstall.exe.config, En cuarentena, [5139], [650310],1.0.9590
Trojan.Agent, C:\WINDOWS\3D07A1081ABA.SYS, En cuarentena, [419], [650316],1.0.9590
Sector físico: 0
(No hay elementos maliciosos detectados)
WMI: 0
(No hay elementos maliciosos detectados)
(end)Con respecto a lo demás, no me han vuelto a salir pestañas o ventanas pop up de publicidad desde el martes, pero no he querido usar mi tarjeta en el pc por si acaso.
Muchas Gracias
Hola
Después de ejecutar el Fixlog sigue detectando algo Malwarebytes?
un saludo
Lo unico que me detecto fue el crack que habia descargado para el office, lo elimne con el malwarebytes. lo digo es por que los dias anteriores el malwarebytes me decía que no detectaba amenazas pero hoy antes de ejecutar el script si. entonces no se si aún quede algo. saludos
Hola
Pruebalo unos días para ver si sigue detectando amenazas después de haber ejecutado el Fixlog y nos comentas.
Un saludo
Pues hasta ahora todo bien, creo que se solucionó el problema. Muchas gracias!
no fue sino que escribiera eso para que el malwarebytes me detectara esto ahorita
Malwarebytes
www.malwarebytes.com
-Detalles del registro-
Fecha del evento de protección: 14/3/19
Hora del evento de protección: 18:53
Archivo de registro: 67c6b8ba-46b4-11e9-b983-2cfda17debde.json
-Información del software-
Versión: 3.7.1.2839
Versión de los componentes: 1.0.538
Versión del paquete de actualización: 1.0.9690
Licencia: Prueba
-Información del sistema-
SO: Windows 10 (Build 17134.590)
CPU: x64
Sistema de archivos: NTFS
Usuario: System
-Detalles del sitio web bloqueado-
Sitio web malicioso: 1
, , Bloqueado, [-1], [-1],0.0.0
-Datos de sitio web-
Categoría: PUP
Dominio: partners.cmptch.com
Dirección IP: 74.120.19.22
Puerto: [55790]
Tipo: Saliente
Archivo: C:\Users\David Mateo Diaz\AppData\Local\Programs\Opera\58.0.3135.79\opera.exe
(end)Hola
Perdona por el retraso, no me llegó el aviso de tu respuesta.
Después de estos días sigue algún problema?
Un saludo