Ayuda pantallazo negro


#1

Hola! buenas tardes ante todo, hace unos meses que mi computadora empezó a tirar este mensaje , haga lo que este haciendo jugando, Internet, o trabajando con la misma , que puede estar pasando??? les dejo el link de la imagen ya que hice el tutorial del robot pero no hay forma que me habilite subir imágenes a los post…

https://prnt.sc/lirvbg

Gracias de ante mano


#2

Hola @Carlos_Frioni

Esa pantalla en que momento te sale.??


#3

Buenas! cuando inicio luego de unos 10 o 15 minutos mas o menos , me baja lo que este haciendo y aparece eso.


#4

Entendido…entonces lo primero que haremos es verificar infecciones en tu equipo.

Para revisar tu máquina, sigue estos pasos, en el orden indicado y leyendo todo lo explicado. :+1:

:one: Desactiva temporalmente el Antivirus :arrow_forward: Cómo deshabilitar temporalmente su Antivirus, mientras estemos realizando TODOS los pasos.

Vamos a descargar en TU ESCRITORIO(y NO en otro lugar :face_with_monocle:) todas las herramientas que vamos a utilizar en este procedimiento (pero no las ejecutes todavía) :


:two: Ejecutas las herramientas de una en una y en el orden indicado :



CCleaner.-

  • Instalas y Ejecutas CCleaner siguiendo los pasos indicados en el manual.

  • Úsalo primero en su opción de Limpiador para borrar cookies, temporales de Internet y todos los archivos que te muestre como obsoletos.

  • Después usa su opción de Registro para limpiar todo el registro de Windows(haciendo copia de seguridad).

Malwarebytes.-

  • Instalas y Ejecutas MBAM siguiendo los pasos indicados en el manual.

  • Realiza un Análisis Completo. :white_check_mark:

  • Seleccionando TODOS a Cuarentena para enviarlo a la cuarentena y Reinicias el sistema.

  • En el apartado del manual :arrow_forward:Historial :arrow_backward: encontrarás el informe del MBAM, que debes copiar y pegar en tu próxima respuesta, para analizarlo.

AdwCleaner.-

  • Ejecuta Adwcleaner.exe.

  • Pulsamos en el botón Analizar ahora, y espera a que se realice el proceso, inmediatamente pulsa siempre sobre el botón Iniciar Reparación.

  • Espera a que se complete y sigue las instrucciones, si te pidiera Reiniciar el sistema Aceptas.

  • El log/informe lo encontramos en la pestaña “Informes”, volviendo a abrir el programa si fuese necesario, para poder copiarlo y pegarlo en tu próxima respuesta.

  • El informe también se puede encontrar en C:\AdwCleaner\Logs\AdwCleaner[C00].txt

Junkware Removal Tool.-

  • Ejecuta JRT.exe.

  • Y pulsar cualquier tecla para continuar, esperar pacientemente a que termine el proceso.

  • Si en algún momento te pide Reiniciar hazlo.

  • Al finalizar, un registro/informe (JRT.txt) se guardara en el escritorio y se abrirá automáticamente.

  • Copia y pega el contenido de JRT.txt en tu próxima respuesta.

Farbar Recovery Scan Tool.-

  • Ejecuta FRST.exe.

  • En el mensaje de la ventana del Disclaimer, pulsamos Yes

  • En la ventana principal pulsamos en el botón Scan y esperamos a que concluya el proceso.

  • Se abrirán dos(2) archivos(Logs), Frst.txt y Addition.txt, estos quedaran grabados en el escritorio.

:three: Poner los informes en tu próxima respuesta de :

  • Malwarebytes, AdwCleaner, JRT, FRST + Addition.txt, y en ese orden. :+1:

Debes copiarlos y pegarlos con todo su contenido y usaras varios mensajes si recibes un mensaje de error indicando que es muy largo(mas de 50.000 caracteres aprox.).

Y nos cuentas como funciona tu equipo en relación al problema planteado. :face_with_monocle:

Saludos Javier.


#5
Malwarebytes

-Detalles del registro-
Fecha del análisis: 15/11/18
Hora del análisis: 14:53
Archivo de registro: 6124e3f0-e8ff-11e8-9133-309c231f0964.json

-Información del software-
Versión: 3.6.1.2711
Versión de los componentes: 1.0.482
Versión del paquete de actualización: 1.0.7841
Licencia: Gratis

-Información del sistema-
SO: Windows 10 (Build 17134.345)
CPU: x64
Sistema de archivos: NTFS
Usuario: DESKTOP-RS5F028\Usuario

-Resumen del análisis-
Tipo de análisis: Análisis de amenazas
Análisis iniciado por:: Manual
Resultado: Completado
Objetos analizados: 296925
Amenazas detectadas: 125
Amenazas en cuarentena: 125
Tiempo transcurrido: 2 min, 58 seg

-Opciones de análisis-
Memoria: Activado
Inicio: Activado
Sistema de archivos: Activado
Archivo: Activado
Rootkits: Desactivado
Heurística: Activado
PUP: Detectar
PUM: Detectar

-Detalles del análisis-
Proceso: 0
(No hay elementos maliciosos detectados)

Módulo: 0
(No hay elementos maliciosos detectados)

Clave del registro: 9
PUP.Optional.Uniblue, HKLM\SOFTWARE\CLASSES\pc-mechanic, En cuarentena, [1344], [327238],1.0.7841
PUP.Optional.MailRu, HKU\S-1-5-21-3672655569-367168397-436325234-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{FFEBBF0A-C22C-4172-89FF-45215A135AC7}, En cuarentena, [242], [382913],1.0.7841
PUP.Optional.InstallCore, HKU\S-1-5-21-3672655569-367168397-436325234-1001\SOFTWARE\CSASTATS\ic, En cuarentena, [404], [586068],1.0.7841
PUP.Optional.MailRu, HKU\S-1-5-21-3672655569-367168397-436325234-1001\SOFTWARE\GOOGLE\CHROME\NATIVEMESSAGINGHOSTS\ru.mail.go.ext_info_host, En cuarentena, [242], [485554],1.0.7841
PUP.Optional.InstallCore, HKU\S-1-5-21-3672655569-367168397-436325234-1001\SOFTWARE\PRODUCTSETUP, En cuarentena, [404], [481004],1.0.7841
PUP.Optional.MailRu, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\bhjhnafpiilpffhglajcaepjbnbjemci, En cuarentena, [242], [448286],1.0.7841
PUP.Optional.MailRu, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\hcadgijmedbfgciegjomfpjcdchlhnif, En cuarentena, [242], [403165],1.0.7841
PUP.Optional.RussAd, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\lhemechcanjmilllmccjbjldonmnnjjj, En cuarentena, [299], [450941],1.0.7841
PUP.Optional.DefaultSearch, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\nladljmabboanhihfkjacnnkgjhnokhj, En cuarentena, [281], [550469],1.0.7841

Valor del registro: 8
PUP.Optional.MailRu, HKU\S-1-5-21-3672655569-367168397-436325234-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{FFEBBF0A-C22C-4172-89FF-45215A135AC7}|URL, En cuarentena, [242], [382913],1.0.7841
PUP.Optional.MailRu, HKU\S-1-5-21-3672655569-367168397-436325234-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{FFEBBF0A-C22C-4172-89FF-45215A135AC7}|FAVICONURLFALLBACK, En cuarentena, [242], [382913],1.0.7841
PUP.Optional.MailRu, HKU\S-1-5-21-3672655569-367168397-436325234-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{FFEBBF0A-C22C-4172-89FF-45215A135AC7}|SUGGESTIONSURL, En cuarentena, [242], [382913],1.0.7841
PUP.Optional.InstallCore, HKU\S-1-5-21-3672655569-367168397-436325234-1001\SOFTWARE\PRODUCTSETUP|TB, En cuarentena, [404], [481004],1.0.7841
PUP.Optional.MailRu, HKU\S-1-5-21-3672655569-367168397-436325234-1001\SOFTWARE\GOOGLE\CHROME\PREFERENCEMACS\Default\extensions.settings|BHJHNAFPIILPFFHGLAJCAEPJBNBJEMCI, En cuarentena, [242], [448286],1.0.7841
PUP.Optional.MailRu, HKU\S-1-5-21-3672655569-367168397-436325234-1001\SOFTWARE\GOOGLE\CHROME\PREFERENCEMACS\Default\extensions.settings|HCADGIJMEDBFGCIEGJOMFPJCDCHLHNIF, En cuarentena, [242], [403165],1.0.7841
PUP.Optional.RussAd, HKU\S-1-5-21-3672655569-367168397-436325234-1001\SOFTWARE\GOOGLE\CHROME\PREFERENCEMACS\Default\extensions.settings|LHEMECHCANJMILLLMCCJBJLDONMNNJJJ, En cuarentena, [299], [450941],1.0.7841
PUP.Optional.DefaultSearch, HKU\S-1-5-21-3672655569-367168397-436325234-1001\SOFTWARE\GOOGLE\CHROME\PREFERENCEMACS\Default\extensions.settings|NLADLJMABBOANHIHFKJACNNKGJHNOKHJ, En cuarentena, [281], [550469],1.0.7841

Datos del registro: 0
(No hay elementos maliciosos detectados)

Secuencia de datos: 0
(No hay elementos maliciosos detectados)

Carpeta: 17
PUP.Optional.MailRu, C:\PROGRAM FILES (X86)\MAIL.RU, En cuarentena, [242], [384138],1.0.7841
PUP.Optional.DefaultSearch, C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.10.4_0\img\browsericons, En cuarentena, [281], [550469],1.0.7841
PUP.Optional.DefaultSearch, C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.10.4_0\_locales\de, En cuarentena, [281], [550469],1.0.7841
PUP.Optional.DefaultSearch, C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.10.4_0\_locales\en, En cuarentena, [281], [550469],1.0.7841
PUP.Optional.DefaultSearch, C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.10.4_0\_locales\es, En cuarentena, [281], [550469],1.0.7841
PUP.Optional.DefaultSearch, C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.10.4_0\_locales\fr, En cuarentena, [281], [550469],1.0.7841
PUP.Optional.DefaultSearch, C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.10.4_0\css\fonts, En cuarentena, [281], [550469],1.0.7841
PUP.Optional.DefaultSearch, C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.10.4_0\_metadata, En cuarentena, [281], [550469],1.0.7841
PUP.Optional.DefaultSearch, C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.10.4_0\_locales, En cuarentena, [281], [550469],1.0.7841
PUP.Optional.DefaultSearch, C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.10.4_0\js\lib, En cuarentena, [281], [550469],1.0.7841
PUP.Optional.DefaultSearch, C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.10.4_0\css, En cuarentena, [281], [550469],1.0.7841
PUP.Optional.DefaultSearch, C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.10.4_0\img, En cuarentena, [281], [550469],1.0.7841
PUP.Optional.DefaultSearch, C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.10.4_0\js, En cuarentena, [281], [550469],1.0.7841
PUP.Optional.DefaultSearch, C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.10.4_0, En cuarentena, [281], [550469],1.0.7841
PUP.Optional.DefaultSearch, C:\USERS\USUARIO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Extensions\NLADLJMABBOANHIHFKJACNNKGJHNOKHJ, En cuarentena, [281], [550469],1.0.7841
PUP.Optional.DefaultSearch, C:\USERS\USUARIO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Local Extension Settings\NLADLJMABBOANHIHFKJACNNKGJHNOKHJ, En cuarentena, [281], [550469],1.0.7841
PUP.Optional.DefaultSearch, C:\USERS\USUARIO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Extension Settings\NLADLJMABBOANHIHFKJACNNKGJHNOKHJ, En cuarentena, [281], [550469],1.0.7841

Archivo: 91
PUP.Optional.MailRu, C:\USERS\USUARIO\APPDATA\ROAMING\MICROSOFT\INTERNET EXPLORER\QUICK LAUNCH\MAIL.RU.LNK, En cuarentena, [242], [384473],1.0.7841
PUP.Optional.MailRu.Generic, C:\USERS\USUARIO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\G01ZYFPW.DEFAULT\EXTENSIONS\[email protected], En cuarentena, [4623], [462926],1.0.7841
PUP.Optional.MailRu.Generic, C:\USERS\USUARIO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\G01ZYFPW.DEFAULT\EXTENSIONS\[email protected], En cuarentena, [4623], [462926],1.0.7841
PUP.Optional.MailRu, C:\USERS\USUARIO\FAVORITES\Mail.Ru Агент - используй для общения!.url, En cuarentena, [242], [471428],1.0.7841
PUP.Optional.MailRu, C:\USERS\USUARIO\FAVORITES\Mail.Ru.url, En cuarentena, [242], [471428],1.0.7841
PUP.Optional.MailRu, C:\USERS\USUARIO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\G01ZYFPW.DEFAULT\EXTENSIONS\{A38384B3-2D1D-4F36-BC22-0F7AE402BCD7}.XPI, En cuarentena, [242], [458842],1.0.7841
PUP.Optional.MailRu, C:\USERS\USUARIO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Sustituido, [242], [448286],1.0.7841
PUP.Optional.MailRu, C:\USERS\USUARIO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Sustituido, [242], [403165],1.0.7841
PUP.Optional.RussAd, C:\USERS\USUARIO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Sustituido, [299], [450941],1.0.7841
PUP.Optional.DefaultSearch, C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.10.4_0\css\fonts\adaware.eot, En cuarentena, [281], [550469],1.0.7841
PUP.Optional.DefaultSearch, C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.10.4_0\css\fonts\adaware.svg, En cuarentena, [281], [550469],1.0.7841
PUP.Optional.DefaultSearch, C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.10.4_0\css\fonts\adaware.ttf, En cuarentena, [281], [550469],1.0.7841
PUP.Optional.DefaultSearch, C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.10.4_0\css\fonts\adaware.woff, En cuarentena, [281], [550469],1.0.7841
PUP.Optional.DefaultSearch, C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.10.4_0\css\fonts\canaro-book.ttf, En cuarentena, [281], [550469],1.0.7841
PUP.Optional.DefaultSearch, C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.10.4_0\css\fonts\canaro-bookitalic.ttf, En cuarentena, [281], [550469],1.0.7841
PUP.Optional.DefaultSearch, C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.10.4_0\css\fonts\canaro-light.ttf, En cuarentena, [281], [550469],1.0.7841
PUP.Optional.DefaultSearch, C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.10.4_0\css\fonts\canaro-lightitalic.ttf, En cuarentena, [281], [550469],1.0.7841
PUP.Optional.DefaultSearch, C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.10.4_0\css\fonts\canaro-medium.ttf, En cuarentena, [281], [550469],1.0.7841
PUP.Optional.DefaultSearch, C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.10.4_0\css\fonts\canaro-mediumitalic.ttf, En cuarentena, [281], [550469],1.0.7841
PUP.Optional.DefaultSearch, C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.10.4_0\css\fonts\canaro-semibold.ttf, En cuarentena, [281], [550469],1.0.7841
PUP.Optional.DefaultSearch, C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.10.4_0\css\fonts\canaro-semibolditalic.ttf, En cuarentena, [281], [550469],1.0.7841
PUP.Optional.DefaultSearch, C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.10.4_0\css\fonts\fontawesome-webfont.ttf, En cuarentena, [281], [550469],1.0.7841
PUP.Optional.DefaultSearch, C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.10.4_0\css\fonts\segoeui.ttf, En cuarentena, [281], [550469],1.0.7841
PUP.Optional.DefaultSearch, C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.10.4_0\css\auto-complete.css, En cuarentena, [281], [550469],1.0.7841
PUP.Optional.DefaultSearch, C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.10.4_0\css\flexbox.css, En cuarentena, [281], [550469],1.0.7841
PUP.Optional.DefaultSearch, C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.10.4_0\css\new-tab.css, En cuarentena, [281], [550469],1.0.7841
PUP.Optional.DefaultSearch, C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.10.4_0\css\normalize.css, En cuarentena, [281], [550469],1.0.7841
PUP.Optional.DefaultSearch, C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.10.4_0\css\roboto.css, En cuarentena, [281], [550469],1.0.7841
PUP.Optional.DefaultSearch, C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.10.4_0\img\browsericons\icon19.png, En cuarentena, [281], [550469],1.0.7841
PUP.Optional.DefaultSearch, C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.10.4_0\img\browsericons\icon38.png, En cuarentena, [281], [550469],1.0.7841
PUP.Optional.DefaultSearch, C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.10.4_0\img\abstract_default.jpg, En cuarentena, [281], [550469],1.0.7841
PUP.Optional.DefaultSearch, C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.10.4_0\img\adaware_secure_search.png, En cuarentena, [281], [550469],1.0.7841
PUP.Optional.DefaultSearch, C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.10.4_0\img\animals_default.jpg, En cuarentena, [281], [550469],1.0.7841
PUP.Optional.DefaultSearch, C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.10.4_0\img\dot.png, En cuarentena, [281], [550469],1.0.7841
PUP.Optional.DefaultSearch, C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.10.4_0\img\dot_color.png, En cuarentena, [281], [550469],1.0.7841
PUP.Optional.DefaultSearch, C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.10.4_0\img\dropdown_arrow.png, En cuarentena, [281], [550469],1.0.7841
PUP.Optional.DefaultSearch, C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.10.4_0\img\icon_128.png, En cuarentena, [281], [550469],1.0.7841
PUP.Optional.DefaultSearch, C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.10.4_0\img\icon_16.png, En cuarentena, [281], [550469],1.0.7841
PUP.Optional.DefaultSearch, C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.10.4_0\img\icon_check.png, En cuarentena, [281], [550469],1.0.7841
PUP.Optional.DefaultSearch, C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.10.4_0\img\magnifier_icon.png, En cuarentena, [281], [550469],1.0.7841
PUP.Optional.DefaultSearch, C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.10.4_0\img\nature_default.jpg, En cuarentena, [281], [550469],1.0.7841
PUP.Optional.DefaultSearch, C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.10.4_0\img\settings_icon.png, En cuarentena, [281], [550469],1.0.7841
PUP.Optional.DefaultSearch, C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.10.4_0\img\urban_default.jpg, En cuarentena, [281], [550469],1.0.7841
PUP.Optional.DefaultSearch, C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.10.4_0\js\lib\auto-complete.js, En cuarentena, [281], [550469],1.0.7841
PUP.Optional.DefaultSearch, C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.10.4_0\js\lib\publicsuffixlist.js, En cuarentena, [281], [550469],1.0.7841
PUP.Optional.DefaultSearch, C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.10.4_0\js\adaware-telemetry.js, En cuarentena, [281], [550469],1.0.7841
PUP.Optional.DefaultSearch, C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.10.4_0\js\adaware-utils.js, En cuarentena, [281], [550469],1.0.7841
PUP.Optional.DefaultSearch, C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.10.4_0\js\background.js, En cuarentena, [281], [550469],1.0.7841
PUP.Optional.DefaultSearch, C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.10.4_0\js\contentscript.js, En cuarentena, [281], [550469],1.0.7841
PUP.Optional.DefaultSearch, C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.10.4_0\js\i18n.js, En cuarentena, [281], [550469],1.0.7841
PUP.Optional.DefaultSearch, C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.10.4_0\js\load-new.js, En cuarentena, [281], [550469],1.0.7841
PUP.Optional.DefaultSearch, C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.10.4_0\js\messaging.js, En cuarentena, [281], [550469],1.0.7841
PUP.Optional.DefaultSearch, C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.10.4_0\js\new-tab.js, En cuarentena, [281], [550469],1.0.7841
PUP.Optional.DefaultSearch, C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.10.4_0\js\pagestore.js, En cuarentena, [281], [550469],1.0.7841
PUP.Optional.DefaultSearch, C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.10.4_0\js\polyfill.js, En cuarentena, [281], [550469],1.0.7841
PUP.Optional.DefaultSearch, C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.10.4_0\js\start.js, En cuarentena, [281], [550469],1.0.7841
PUP.Optional.DefaultSearch, C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.10.4_0\js\storage.js, En cuarentena, [281], [550469],1.0.7841
PUP.Optional.DefaultSearch, C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.10.4_0\js\tab.js, En cuarentena, [281], [550469],1.0.7841
PUP.Optional.DefaultSearch, C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.10.4_0\js\traffic.js, En cuarentena, [281], [550469],1.0.7841
PUP.Optional.DefaultSearch, C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.10.4_0\js\uritools.js, En cuarentena, [281], [550469],1.0.7841
PUP.Optional.DefaultSearch, C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.10.4_0\js\vapi-background.js, En cuarentena, [281], [550469],1.0.7841
PUP.Optional.DefaultSearch, C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.10.4_0\js\vapi-client.js, En cuarentena, [281], [550469],1.0.7841
PUP.Optional.DefaultSearch, C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.10.4_0\js\vapi-common.js, En cuarentena, [281], [550469],1.0.7841
PUP.Optional.DefaultSearch, C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.10.4_0\_locales\de\messages.json, En cuarentena, [281], [550469],1.0.7841
PUP.Optional.DefaultSearch, C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.10.4_0\_locales\en\messages.json, En cuarentena, [281], [550469],1.0.7841
PUP.Optional.DefaultSearch, C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.10.4_0\_locales\es\messages.json, En cuarentena, [281], [550469],1.0.7841
PUP.Optional.DefaultSearch, C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.10.4_0\_locales\fr\messages.json, En cuarentena, [281], [550469],1.0.7841
PUP.Optional.DefaultSearch, C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.10.4_0\_metadata\verified_contents.json, En cuarentena, [281], [550469],1.0.7841
PUP.Optional.DefaultSearch, C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.10.4_0\background.html, En cuarentena, [281], [550469],1.0.7841
PUP.Optional.DefaultSearch, C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.10.4_0\LICENSE.txt, En cuarentena, [281], [550469],1.0.7841
PUP.Optional.DefaultSearch, C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.10.4_0\load-new.html, En cuarentena, [281], [550469],1.0.7841
PUP.Optional.DefaultSearch, C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.10.4_0\manifest.json, En cuarentena, [281], [550469],1.0.7841
PUP.Optional.DefaultSearch, C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.10.4_0\new-tab.html, En cuarentena, [281], [550469],1.0.7841
PUP.Optional.DefaultSearch, C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\nladljmabboanhihfkjacnnkgjhnokhj\000003.log, En cuarentena, [281], [550469],1.0.7841
PUP.Optional.DefaultSearch, C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\nladljmabboanhihfkjacnnkgjhnokhj\CURRENT, En cuarentena, [281], [550469],1.0.7841
PUP.Optional.DefaultSearch, C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\nladljmabboanhihfkjacnnkgjhnokhj\LOCK, En cuarentena, [281], [550469],1.0.7841
PUP.Optional.DefaultSearch, C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\nladljmabboanhihfkjacnnkgjhnokhj\LOG, En cuarentena, [281], [550469],1.0.7841
PUP.Optional.DefaultSearch, C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\nladljmabboanhihfkjacnnkgjhnokhj\MANIFEST-000001, En cuarentena, [281], [550469],1.0.7841
PUP.Optional.DefaultSearch, C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\nladljmabboanhihfkjacnnkgjhnokhj\000003.log, En cuarentena, [281], [550469],1.0.7841
PUP.Optional.DefaultSearch, C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\nladljmabboanhihfkjacnnkgjhnokhj\CURRENT, En cuarentena, [281], [550469],1.0.7841
PUP.Optional.DefaultSearch, C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\nladljmabboanhihfkjacnnkgjhnokhj\LOCK, En cuarentena, [281], [550469],1.0.7841
PUP.Optional.DefaultSearch, C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\nladljmabboanhihfkjacnnkgjhnokhj\LOG, En cuarentena, [281], [550469],1.0.7841
PUP.Optional.DefaultSearch, C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\nladljmabboanhihfkjacnnkgjhnokhj\MANIFEST-000001, En cuarentena, [281], [550469],1.0.7841
PUP.Optional.DefaultSearch, C:\USERS\USUARIO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Sustituido, [281], [550469],1.0.7841
PUP.Optional.DefaultSearch, C:\USERS\USUARIO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Preferences, Sustituido, [281], [550469],1.0.7841
PUP.Optional.MailRu, C:\USERS\USUARIO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\G01ZYFPW.DEFAULT\PREFS.JS, Sustituido, [242], [382918],1.0.7841
PUP.Optional.DefaultSearch, C:\USERS\USUARIO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Sustituido, [281], [469798],1.0.7841
Adware.MailRu.BatBitRst, C:\USERS\USUARIO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Data\SyncData.sqlite3, Sustituido, [310], [481467],1.0.7841
Adware.MailRu.BatBitRst, C:\USERS\USUARIO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Sustituido, [310], [481467],1.0.7841
PUP.Optional.MailRu, C:\USERS\USUARIO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Sustituido, [242], [454830],1.0.7841
PUP.Optional.MailRu, C:\USERS\USUARIO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Sustituido, [242], [454830],1.0.7841

Sector físico: 0
(No hay elementos maliciosos detectados)

WMI: 0
(No hay elementos maliciosos detectados)


(end)

#6
# -------------------------------
# Malwarebytes AdwCleaner 7.2.4.0
# -------------------------------
# Build:    09-25-2018
# Database: 2018-09-21.1 (Local)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start:    11-15-2018
# Duration: 00:00:14
# OS:       Windows 10 Pro
# Scanned:  42056
# Detected: 22


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

PUP.Optional.Legacy             C:\Users\Public\Documents\Downloaded Installers
PUP.Optional.Mail.Ru            C:\ProgramData\Mail.Ru
PUP.Optional.Mail.Ru            C:\Users\Usuario\AppData\Local\Mail.Ru
PUP.Optional.SlimCleanerPlus    C:\Users\Usuario\AppData\Local\slimware utilities inc

***** [ Files ] *****

PUP.Optional.Legacy             C:\Windows\System32\drivers\swdumon.sys

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

PUP.Optional.InstallCore        HKCU\Software\csastats
PUP.Optional.Legacy             HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|Web Companion
PUP.Optional.Legacy             HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{2B51C83A-465D-4EA9-9CDC-1ED95ED09AC6}
PUP.Optional.Legacy             HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A38C15B2D5649AE4C9CDE19DE50DA96C
PUP.Optional.Legacy             HKLM\Software\Classes\Installer\Products\A38C15B2D5649AE4C9CDE19DE50DA96C
PUP.Optional.Legacy             HKLM\Software\Classes\Installer\Features\A38C15B2D5649AE4C9CDE19DE50DA96C
PUP.Optional.Legacy             HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{C0C3A6C6-03BC-4195-8FCB-AEA091301353}
PUP.Optional.Legacy             HKCU\Software\Microsoft\Internet Explorer\Main|Start Page
PUP.Optional.Mail.Ru            HKCU\Software\AppDataLow\Software\Mail.Ru
PUP.Optional.Mail.Ru            HKCU\Software\Mail.Ru
PUP.Optional.Mail.Ru            HKLM\Software\Wow6432Node\Mail.Ru
PUP.Optional.Mail.Ru            HKCU\Software\Mozilla\NativeMessagingHosts\ru.mail.go.ext_info_host
PUP.Optional.Mail.Ru            HKLM\Software\Classes\IESearchPlugin.MailRuBHO
PUP.Optional.SlimCleanerPlus    HKLM\Software\Wow6432Node\SlimWare Utilities Inc
PUP.Optional.WebCompanion       HKCU\Software\Lavasoft\Web Companion
PUP.Optional.WebCompanion       HKLM\Software\Wow6432Node\Lavasoft\Web Companion
PUP.Optional.WebCompanion       HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.



########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########
--
# -------------------------------
# Malwarebytes AdwCleaner 7.2.4.0
# -------------------------------
# Build:    09-25-2018
# Database: 2018-09-21.1 (Local)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start:    11-15-2018
# Duration: 00:00:02
# OS:       Windows 10 Pro
# Cleaned:  22
# Failed:   0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted       C:\Users\Public\Documents\Downloaded Installers
Deleted       C:\ProgramData\Mail.Ru
Deleted       C:\Users\Usuario\AppData\Local\Mail.Ru
Deleted       C:\Users\Usuario\AppData\Local\slimware utilities inc

***** [ Files ] *****

Deleted       C:\Windows\System32\drivers\swdumon.sys

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted       HKCU\Software\csastats
Deleted       HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|Web Companion
Deleted       HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{2B51C83A-465D-4EA9-9CDC-1ED95ED09AC6}
Deleted       HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A38C15B2D5649AE4C9CDE19DE50DA96C
Deleted       HKLM\Software\Classes\Installer\Products\A38C15B2D5649AE4C9CDE19DE50DA96C
Deleted       HKLM\Software\Classes\Installer\Features\A38C15B2D5649AE4C9CDE19DE50DA96C
Deleted       HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{C0C3A6C6-03BC-4195-8FCB-AEA091301353}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Main|Start Page
Deleted       HKCU\Software\AppDataLow\Software\Mail.Ru
Deleted       HKCU\Software\Mail.Ru
Deleted       HKLM\Software\Wow6432Node\Mail.Ru
Deleted       HKCU\Software\Mozilla\NativeMessagingHosts\ru.mail.go.ext_info_host
Deleted       HKLM\Software\Classes\IESearchPlugin.MailRuBHO
Deleted       HKLM\Software\Wow6432Node\SlimWare Utilities Inc
Deleted       HKCU\Software\Lavasoft\Web Companion
Deleted       HKLM\Software\Wow6432Node\Lavasoft\Web Companion
Deleted       HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [3158 octets] - [15/11/2018 15:08:42]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

#7
    Junkware Removal Tool (JRT) by Malwarebytes
    Version: 8.1.4 (07.09.2017)
    Operating System: Windows 10 Enterprise x64 
    Ran by Usuario (Administrator) on jue. 15/11/2018 at 15:13:15,99
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


    File System: 5 

    Successfully deleted: C:\ProgramData\mntemp (File) 
    Successfully deleted: C:\WINDOWS\system32\Tasks\update-S-1-5-21-3672655569-367168397-436325234-1001 (Task)
    Successfully deleted: C:\WINDOWS\system32\Tasks\update-sys (Task)
    Successfully deleted: C:\WINDOWS\Tasks\update-S-1-5-21-3672655569-367168397-436325234-1001.job (Task) 
    Successfully deleted: C:\WINDOWS\Tasks\update-sys.job (Task) 

    Deleted the following from C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\g01zyfpw.default\prefs.js
    user_pref([email protected], 855451);
    user_pref([email protected], 855551);


    Registry: 1 

    Successfully deleted: HKLM\SYSTEM\CurrentControlSet\services\SWDUMon (Registry Key) 


    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Scan was completed on jue. 15/11/2018 at 15:25:05,67
    End of JRT log
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

#8
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14.11.2018
Ran by Usuario (administrator) on DESKTOP-RS5F028 (15-11-2018 15:26:27)
Running from C:\Users\Usuario\Downloads
Loaded Profiles: Usuario (Available Profiles: Usuario)
Platform: Windows 10 Pro Version 1803 17134.407 (X64) Language: Español (España, internacional)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\DriverStore\FileRepository\c0328911.inf_amd64_a81756cbffedb936\B328940\atiesrxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(Intel(R) Corporation) C:\Program Files\Intel\Intel(R) Online Connect Access\IntelTechnologyAccessService.exe
(Intel(R) Corporation) C:\Program Files\Intel\Intel(R) Online Connect Access\LegacyCsLoaderService.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(AVAST Software) C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupSvc.exe
(arvato digital services llc) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.34.81.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler64.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Online Connect\ioc.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.154.333\AvastBrowserCrashHandler.exe
(AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.154.333\AvastBrowserCrashHandler64.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amddvr.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amdow.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-11] (Microsoft Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [316392 2018-05-11] (Adobe Systems, Incorporated)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [321096 2017-06-09] (Intel Corporation)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [242392 2018-11-14] (AVAST Software)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2383040 2016-10-12] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [225944 2017-04-11] ()
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-11] (Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-11] (Microsoft Corporation)
HKU\S-1-5-21-3672655569-367168397-436325234-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4836032 2017-08-14] (Disc Soft Ltd)
HKU\S-1-5-21-3672655569-367168397-436325234-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [19476424 2018-11-06] (Piriform Software Ltd)
IFEO\dtagent.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\dtlauncher.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\OSppSvc.exe: [Debugger] [email protected]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Avast Cleanup Premium.lnk [2018-10-09]
ShortcutTarget: Avast Cleanup Premium.lnk -> C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupUI.exe (AVAST Software)
GroupPolicy: Restriction ? <==== ATTENTION
GroupPolicy\User: Restriction ? <==== ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 200.42.4.207 200.49.130.41
Tcpip\..\Interfaces\{4cb0f35d-d329-454f-a745-c4d1d1b4db63}: [DhcpNameServer] 200.42.4.207 200.49.130.41

Internet Explorer:
==================
HKU\S-1-5-21-3672655569-367168397-436325234-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?bcutc=sp-006&q={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?bcutc=sp-006&q={searchTerms}
SearchScopes: HKLM-x32 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?bcutc=sp-006&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3672655569-367168397-436325234-1001 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?bcutc=sp-006&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3672655569-367168397-436325234-1001 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?bcutc=sp-006&q={searchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2018-02-15] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2018-05-15] (Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2017-09-12] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2018-05-15] (Microsoft Corporation)

Edge: 
======
Edge HomeButtonPage: HKU\S-1-5-21-3672655569-367168397-436325234-1001 -> hxxp://hao.360.cn/?src=lm&ls=n4134a09b9b

FireFox:
========
FF DefaultProfile: g01zyfpw.default
FF ProfilePath: C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\g01zyfpw.default [2018-11-15]
FF Homepage: Mozilla\Firefox\Profiles\g01zyfpw.default -> hxxps://ar.search.yahoo.com/yhs/web?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__hp_WCYID10454__180530__yaff
FF NewTab: Mozilla\Firefox\Profiles\g01zyfpw.default -> hxxps://ar.search.yahoo.com/yhs/web?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__hp_WCYID10454__180530__yaff
FF SearchPlugin: C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\g01zyfpw.default\searchplugins\yahoo-lavasoft-ff59.xml [2018-05-30]
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2016-10-12] (Adobe Systems)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2017-09-12] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-19] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-19] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-09-20] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2016-10-12] (Adobe Systems)

Chrome: 
=======
CHR StartupUrls: Default -> "hxxps://www.google.com.ar/webhp?ie=UTF-8&rct=j","hxxp://www.google.com/","hxxps://www.google.com/"
CHR Profile: C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default [2018-11-15]
CHR Extension: (Presentaciones) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-12]
CHR Extension: (Documentos) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-12]
CHR Extension: (Google Drive) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-10-09]
CHR Extension: (YouTube) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-10-09]
CHR Extension: (Adblock para Youtube™) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmedhionkhpnakcndndgjdbohmhepckk [2018-09-17]
CHR Extension: (Avast Passwords) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\emhginjpijfggbofeediiojmdlmlkoik [2018-11-14]
CHR Extension: (Avast SafePrice | Comparaciones, ofertas y cupones) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2018-11-15]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-20]
CHR Extension: (AdBlock) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2018-10-31]
CHR Extension: (Avast Online Security) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2018-11-14]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-03]
CHR Extension: (Gmail) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-10-09]
CHR Extension: (Chrome Media Router) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-10-24]
CHR Profile: C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\System Profile [2018-11-15]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [744640 2016-10-12] (Adobe Systems Incorporated)
S4 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [2321384 2018-05-11] (Adobe Systems, Incorporated)
S4 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2128872 2018-05-11] (Adobe Systems, Incorporated)
R2 AMD External Events Utility; C:\WINDOWS\System32\DriverStore\FileRepository\c0328911.inf_amd64_a81756cbffedb936\B328940\atiesrxx.exe [481656 2018-05-22] (AMD)
S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [8188768 2018-11-14] (AVAST Software)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-11-14] (AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [325024 2018-11-14] (AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [338632 2018-11-14] (AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-11-14] (AVAST Software)
S3 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [57504 2018-11-14] (AVAST Software)
R2 CleanupPSvc; C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupSvc.exe [9121248 2018-11-14] (AVAST Software)
S4 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [2291904 2017-08-14] (Disc Soft Ltd)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [17992 2017-06-09] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [987432 2016-07-26] (Intel(R) Corporation)
U3 Intel(R) Online Connect; C:\Program Files\Intel\Intel(R) Online Connect\ioc.exe [25824 2016-10-04] (Intel Corporation)
S2 Intel(R) Online Connect Helper; C:\Program Files\Intel\Intel(R) Online Connect\iocHelperService.exe [22752 2016-10-04] (Intel Corporation)
S3 Intel(R) Online Connect Software Asset Manager; C:\Program Files (x86)\Intel\Intel(R) Online Connect Access\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [18152 2016-09-29] (Intel Corporation)
R2 Intel(R) TechnologyAccessLegacyCSLoader; C:\Program Files\Intel\Intel(R) Online Connect Access\LegacyCsLoaderService.exe [173288 2016-10-05] (Intel(R) Corporation)
R2 Intel(R) TechnologyAccessService; C:\Program Files\Intel\Intel(R) Online Connect Access\IntelTechnologyAccessService.exe [496872 2016-10-05] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [177440 2016-10-20] (Intel Corporation)
S2 [email protected]; C:\Windows\[email protected] [26112 2017-10-08] () [File not signed]
S2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6347056 2018-09-19] (Malwarebytes)
R2 PSI_SVC_2; C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [277360 2014-04-30] (arvato digital services llc)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [4737448 2018-07-14] (Microsoft Corporation)
S4 ssh-agent; C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [495616 2018-03-10] ()
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1810.5-0\NisSrv.exe [3917016 2018-11-14] (Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1810.5-0\MsMpEng.exe [114208 2018-11-14] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S0 amdkmafd; C:\WINDOWS\System32\drivers\amdkmafd.sys [58136 2018-05-22] (Advanced Micro Devices, Inc.)
R3 amdkmdag; C:\WINDOWS\System32\DriverStore\FileRepository\c0328911.inf_amd64_a81756cbffedb936\B328940\atikmdag.sys [44682104 2018-05-22] (Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\WINDOWS\System32\DriverStore\FileRepository\c0328911.inf_amd64_a81756cbffedb936\B328940\atikmpag.sys [552824 2018-05-22] (Advanced Micro Devices, Inc.)
R0 amdkmpfd; C:\WINDOWS\System32\drivers\amdkmpfd.sys [101224 2018-05-22] (Advanced Micro Devices, Inc.)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [201408 2018-11-14] (AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdrivera.sys [230512 2018-11-14] (AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsha.sys [201928 2018-11-14] (AVAST Software)
R0 aswblog; C:\WINDOWS\System32\drivers\aswbloga.sys [346760 2018-11-14] (AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniva.sys [59664 2018-11-14] (AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [15360 2018-11-14] (AVAST Software)
S3 aswHwid; C:\WINDOWS\System32\drivers\aswHwid.sys [47064 2018-11-14] (AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42456 2018-11-14] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [163376 2018-11-14] (AVAST Software)
R1 aswNetSec; C:\WINDOWS\System32\drivers\aswNetSec.sys [483384 2018-11-14] (AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [111968 2018-11-14] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [88112 2018-11-14] (AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [1028840 2018-11-14] (AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [467904 2018-11-14] (AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [208640 2018-11-14] (AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [381144 2018-11-14] (AVAST Software)
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [111080 2018-04-26] (Advanced Micro Devices)
S3 dot4; C:\WINDOWS\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\WINDOWS\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows (R) Win 7 DDK provider)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2017-10-09] (Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2017-10-09] (Disc Soft Ltd)
R1 ndisrd; C:\WINDOWS\system32\DRIVERS\ndisrfl.sys [59792 2016-09-13] (Intel Corporation)
S3 ptun0901; C:\WINDOWS\System32\drivers\ptun0901.sys [27136 2014-08-08] (The OpenVPN Project)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [984032 2017-06-05] (Realtek )
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [42584 1999-12-31] (Synaptics Incorporated)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [46184 2018-11-14] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [328696 2018-11-14] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [60408 2018-11-14] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-11-15 15:26 - 2018-11-15 15:26 - 000019118 _____ C:\Users\Usuario\Downloads\FRST.txt
2018-11-15 15:26 - 2018-11-15 15:26 - 000000000 ____D C:\FRST
2018-11-15 15:25 - 2018-11-15 15:25 - 000001264 _____ C:\Users\Usuario\Desktop\JRT.txt
2018-11-15 15:08 - 2018-11-15 15:08 - 000000000 ____D C:\AdwCleaner
2018-11-15 14:52 - 2018-11-15 14:52 - 000001912 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2018-11-15 14:52 - 2018-11-15 14:52 - 000000000 ____D C:\Users\Usuario\AppData\Local\mbamtray
2018-11-15 14:52 - 2018-11-15 14:52 - 000000000 ____D C:\Users\Usuario\AppData\Local\mbam
2018-11-15 14:52 - 2018-11-15 14:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2018-11-15 14:52 - 2018-11-15 14:52 - 000000000 ____D C:\ProgramData\Malwarebytes
2018-11-15 14:52 - 2018-11-15 14:52 - 000000000 ____D C:\Program Files\Malwarebytes
2018-11-15 14:52 - 2018-10-18 08:44 - 000152688 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2018-11-15 14:51 - 2018-11-15 14:51 - 000132122 _____ C:\Users\Usuario\Documents\cc_20181115_145114.reg
2018-11-15 14:49 - 2018-11-15 14:49 - 000000863 _____ C:\Users\Public\Desktop\CCleaner.lnk
2018-11-15 14:49 - 2018-11-15 14:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2018-11-15 14:49 - 2018-11-15 14:49 - 000000000 ____D C:\Program Files\CCleaner
2018-11-15 14:45 - 2018-11-15 14:45 - 079876624 _____ (Malwarebytes ) C:\Users\Usuario\Downloads\mb3-setup-consumer-3.6.1.2711-1.0.482-1.0.7841.exe
2018-11-15 14:44 - 2018-11-15 14:45 - 018071560 _____ (Piriform Software Ltd) C:\Users\Usuario\Downloads\ccsetup549.exe
2018-11-15 14:44 - 2018-11-15 14:44 - 002416128 _____ (Farbar) C:\Users\Usuario\Downloads\FRST64.exe
2018-11-15 14:43 - 2018-11-15 14:43 - 007592144 _____ (Malwarebytes) C:\Users\Usuario\Downloads\adwcleaner_7.2.4.0.exe
2018-11-15 14:42 - 2018-11-15 14:42 - 001790024 _____ (Malwarebytes) C:\Users\Usuario\Downloads\JRT.exe
2018-11-15 13:35 - 2018-11-01 08:46 - 002394960 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVCORE.DLL
2018-11-15 13:35 - 2018-11-01 08:45 - 004527776 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2018-11-15 13:35 - 2018-11-01 08:45 - 001617320 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2018-11-15 13:35 - 2018-11-01 08:45 - 001376672 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2018-11-15 13:35 - 2018-11-01 08:31 - 006602240 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2018-11-15 13:35 - 2018-11-01 08:29 - 012710400 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2018-11-15 13:35 - 2018-11-01 08:28 - 004491264 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2018-11-15 13:35 - 2018-11-01 08:28 - 003649024 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2018-11-15 13:35 - 2018-11-01 08:27 - 000878592 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2018-11-15 13:35 - 2018-11-01 08:26 - 001364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2018-11-15 13:35 - 2018-11-01 07:09 - 001027000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2018-11-15 13:35 - 2018-11-01 06:59 - 005669888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2018-11-15 13:35 - 2018-11-01 06:56 - 011902464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll

#9
2018-11-15 13:35 - 2018-11-01 06:54 - 003397632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2018-11-15 13:35 - 2018-11-01 06:52 - 002892800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2018-11-15 13:35 - 2018-11-01 06:15 - 023861760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2018-11-15 13:35 - 2018-11-01 06:13 - 019525120 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2018-11-15 13:35 - 2018-11-01 04:39 - 001035256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2018-11-15 13:35 - 2018-11-01 04:28 - 001221432 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2018-11-15 13:35 - 2018-11-01 04:28 - 001029944 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2018-11-15 13:35 - 2018-11-01 04:27 - 001017152 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2adec.dll
2018-11-15 13:35 - 2018-11-01 04:27 - 000491200 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2018-11-15 13:35 - 2018-11-01 04:26 - 007432120 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2018-11-15 13:35 - 2018-11-01 04:26 - 003291640 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2018-11-15 13:35 - 2018-11-01 04:26 - 003180080 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2018-11-15 13:35 - 2018-11-01 04:25 - 009089848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2018-11-15 13:35 - 2018-11-01 04:25 - 007520088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2018-11-15 13:35 - 2018-11-01 04:25 - 004404912 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2018-11-15 13:35 - 2018-11-01 04:25 - 002822456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2018-11-15 13:35 - 2018-11-01 04:25 - 002571320 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2018-11-15 13:35 - 2018-11-01 04:25 - 002371296 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2018-11-15 13:35 - 2018-11-01 04:25 - 001934808 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2018-11-15 13:35 - 2018-11-01 04:25 - 001784680 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2018-11-15 13:35 - 2018-11-01 04:25 - 001456728 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2018-11-15 13:35 - 2018-11-01 04:25 - 001288920 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2018-11-15 13:35 - 2018-11-01 04:25 - 001209888 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2018-11-15 13:35 - 2018-11-01 04:25 - 001190248 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2018-11-15 13:35 - 2018-11-01 04:09 - 025855488 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2018-11-15 13:35 - 2018-11-01 04:03 - 003397120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2018-11-15 13:35 - 2018-11-01 04:01 - 022716416 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2018-11-15 13:35 - 2018-11-01 04:01 - 009084928 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2018-11-15 13:35 - 2018-11-01 04:01 - 007057408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2018-11-15 13:35 - 2018-11-01 04:00 - 008189440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2018-11-15 13:35 - 2018-11-01 04:00 - 006031360 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2018-11-15 13:35 - 2018-11-01 04:00 - 003392000 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2018-11-15 13:35 - 2018-11-01 03:58 - 007573504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2018-11-15 13:35 - 2018-11-01 03:58 - 004867072 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2018-11-15 13:35 - 2018-11-01 03:58 - 004383744 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2018-11-15 13:35 - 2018-11-01 03:57 - 003381248 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapRouter.dll
2018-11-15 13:35 - 2018-11-01 03:57 - 002825728 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapGeocoder.dll
2018-11-15 13:35 - 2018-11-01 03:57 - 001804288 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2018-11-15 13:35 - 2018-11-01 03:57 - 000894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2018-11-15 13:35 - 2018-11-01 03:57 - 000808448 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2018-11-15 13:35 - 2018-11-01 03:56 - 002929664 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsservices.dll
2018-11-15 13:35 - 2018-11-01 03:56 - 002172928 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2018-11-15 13:35 - 2018-11-01 03:56 - 001768448 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2018-11-15 13:35 - 2018-11-01 03:56 - 001395200 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2018-11-15 13:35 - 2018-11-01 03:55 - 002738688 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2018-11-15 13:35 - 2018-11-01 03:55 - 001058304 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2018-11-15 13:35 - 2018-11-01 03:54 - 001264640 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2018-11-15 13:35 - 2018-11-01 03:54 - 001023488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2018-11-15 13:35 - 2018-11-01 03:54 - 000943616 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingOnlineServices.dll
2018-11-15 13:35 - 2018-11-01 03:54 - 000916480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2018-11-15 13:35 - 2018-11-01 03:54 - 000884736 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2018-11-15 13:35 - 2018-11-01 03:54 - 000606208 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2018-11-15 13:35 - 2018-11-01 03:53 - 002248192 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2018-11-15 13:35 - 2018-11-01 03:53 - 001373696 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2018-11-15 13:35 - 2018-11-01 03:53 - 001159680 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2018-11-15 13:35 - 2018-11-01 02:08 - 002417952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2018-11-15 13:35 - 2018-11-01 01:50 - 000861712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2adec.dll
2018-11-15 13:35 - 2018-11-01 01:48 - 006039064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2018-11-15 13:35 - 2018-11-01 01:48 - 004790184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2018-11-15 13:35 - 2018-11-01 01:48 - 002478872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2018-11-15 13:35 - 2018-11-01 01:48 - 002331480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2018-11-15 13:35 - 2018-11-01 01:48 - 001805656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2018-11-15 13:35 - 2018-11-01 01:48 - 001011872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2018-11-15 13:35 - 2018-11-01 01:48 - 000384520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\coml2.dll
2018-11-15 13:35 - 2018-11-01 01:47 - 006570368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2018-11-15 13:35 - 2018-11-01 01:47 - 001980776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2018-11-15 13:35 - 2018-11-01 01:47 - 001379792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2018-11-15 13:35 - 2018-11-01 01:47 - 001020064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2018-11-15 13:35 - 2018-11-01 01:40 - 022015488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2018-11-15 13:35 - 2018-11-01 01:35 - 019403776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2018-11-15 13:35 - 2018-11-01 01:34 - 002700288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2018-11-15 13:35 - 2018-11-01 01:33 - 006661632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2018-11-15 13:35 - 2018-11-01 01:33 - 003711488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2018-11-15 13:35 - 2018-11-01 01:32 - 006647296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2018-11-15 13:35 - 2018-11-01 01:31 - 005307904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2018-11-15 13:35 - 2018-11-01 01:30 - 005883904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2018-11-15 13:35 - 2018-11-01 01:30 - 005775872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2018-11-15 13:35 - 2018-11-01 01:29 - 002258944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2018-11-15 13:35 - 2018-11-01 01:29 - 000608768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2018-11-15 13:35 - 2018-11-01 01:27 - 001627648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2018-11-15 13:35 - 2018-11-01 01:27 - 000534016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2018-11-15 13:35 - 2018-10-21 10:04 - 002267448 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystems64.dll
2018-11-15 13:35 - 2018-10-21 10:00 - 021386368 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2018-11-15 13:35 - 2018-10-21 10:00 - 001639560 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2018-11-15 13:35 - 2018-10-21 10:00 - 001516120 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2018-11-15 13:35 - 2018-10-21 09:46 - 013572096 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2018-11-15 13:35 - 2018-10-21 09:46 - 004393472 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2018-11-15 13:35 - 2018-10-21 09:42 - 001127936 _____ (Microsoft Corporation) C:\WINDOWS\system32\nettrace.dll
2018-11-15 13:35 - 2018-10-21 09:41 - 001180672 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2018-11-15 13:35 - 2018-10-21 08:41 - 001540408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppVEntSubsystems32.dll
2018-11-15 13:35 - 2018-10-21 08:38 - 001322376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2018-11-15 13:35 - 2018-10-21 08:37 - 020381808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2018-11-15 13:35 - 2018-10-21 08:37 - 001626656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2018-11-15 13:35 - 2018-10-21 08:28 - 012501504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2018-11-15 13:35 - 2018-10-21 04:48 - 005602456 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2018-11-15 13:35 - 2018-10-21 04:46 - 000717112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_StorageSense.dll
2018-11-15 13:35 - 2018-10-21 04:45 - 003283512 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll
2018-11-15 13:35 - 2018-10-21 04:45 - 001946208 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2018-11-15 13:35 - 2018-10-21 04:45 - 000607136 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2018-11-15 13:35 - 2018-10-21 04:28 - 016592384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2018-11-15 13:35 - 2018-10-21 04:22 - 004710912 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2018-11-15 13:35 - 2018-10-21 04:21 - 001589248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2018-11-15 13:35 - 2018-10-21 04:19 - 002487088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2018-11-15 13:35 - 2018-10-21 04:19 - 001620776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2018-11-15 13:35 - 2018-10-21 04:19 - 000505616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2018-11-15 13:35 - 2018-10-21 04:17 - 001826816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
2018-11-15 13:35 - 2018-10-21 04:17 - 001668096 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdprt.dll
2018-11-15 13:35 - 2018-10-21 04:17 - 000625152 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2018-11-15 13:35 - 2018-10-21 04:17 - 000311296 _____ (Microsoft Corporation) C:\WINDOWS\system32\BthAvrcp.dll
2018-11-15 13:35 - 2018-10-21 04:16 - 002584576 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2018-11-15 13:35 - 2018-10-21 04:16 - 002368512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2018-11-15 13:35 - 2018-10-21 04:16 - 000847360 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2018-11-15 13:35 - 2018-10-21 04:15 - 003212800 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2018-11-15 13:35 - 2018-10-21 04:15 - 002904064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2018-11-15 13:35 - 2018-10-21 04:15 - 000743936 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintRenderAPIHost.DLL
2018-11-15 13:35 - 2018-10-21 04:14 - 002224640 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2018-11-15 13:35 - 2018-10-21 04:14 - 001919488 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2018-11-15 13:35 - 2018-10-21 04:14 - 001854976 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2018-11-15 13:35 - 2018-10-21 04:14 - 001034752 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2018-11-15 13:35 - 2018-10-21 04:09 - 013873664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2018-11-15 13:35 - 2018-10-21 04:02 - 002966528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2018-11-15 13:35 - 2018-10-21 03:57 - 002611200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2018-11-15 13:34 - 2018-11-01 08:49 - 000348160 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2018-11-15 13:34 - 2018-11-01 08:32 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2018-11-15 13:34 - 2018-11-01 08:30 - 000122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2018-11-15 13:34 - 2018-11-01 08:30 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\msisip.dll
2018-11-15 13:34 - 2018-11-01 08:29 - 000073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\SMSRouter.dll
2018-11-15 13:34 - 2018-11-01 08:28 - 000253952 _____ (Microsoft Corporation) C:\WINDOWS\system32\prnntfy.dll
2018-11-15 13:34 - 2018-11-01 08:27 - 001121792 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2018-11-15 13:34 - 2018-11-01 08:26 - 000503296 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2018-11-15 13:34 - 2018-11-01 08:26 - 000463872 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpshell.exe
2018-11-15 13:34 - 2018-11-01 08:26 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2018-11-15 13:34 - 2018-11-01 08:26 - 000327168 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpinit.exe
2018-11-15 13:34 - 2018-11-01 08:25 - 000577024 _____ (Microsoft Corporation) C:\WINDOWS\system32\SppExtComObj.Exe
2018-11-15 13:34 - 2018-11-01 06:56 - 000226304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\prnntfy.dll
2018-11-15 13:34 - 2018-11-01 06:56 - 000024576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msisip.dll
2018-11-15 13:34 - 2018-11-01 06:54 - 000344576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2018-11-15 13:34 - 2018-11-01 06:53 - 000908288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSWorkspace.dll
2018-11-15 13:34 - 2018-11-01 04:38 - 000269336 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave_secure.dll
2018-11-15 13:34 - 2018-11-01 04:37 - 000272408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave.dll
2018-11-15 13:34 - 2018-11-01 04:28 - 001062712 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2018-11-15 13:34 - 2018-11-01 04:28 - 000566568 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2018-11-15 13:34 - 2018-11-01 04:28 - 000134968 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2018-11-15 13:34 - 2018-11-01 04:28 - 000076088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2018-11-15 13:34 - 2018-11-01 04:26 - 001363536 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2018-11-15 13:34 - 2018-11-01 04:25 - 001257880 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2018-11-15 13:34 - 2018-11-01 04:25 - 001140672 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2018-11-15 13:34 - 2018-11-01 04:25 - 000982592 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2018-11-15 13:34 - 2018-11-01 04:25 - 000885968 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2018-11-15 13:34 - 2018-11-01 04:25 - 000793080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2018-11-15 13:34 - 2018-11-01 04:25 - 000713472 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2018-11-15 13:34 - 2018-11-01 04:25 - 000594224 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2018-11-15 13:34 - 2018-11-01 04:25 - 000463672 _____ (Microsoft Corporation) C:\WINDOWS\system32\coml2.dll
2018-11-15 13:34 - 2018-11-01 04:25 - 000413720 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2018-11-15 13:34 - 2018-11-01 04:25 - 000412984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2018-11-15 13:34 - 2018-11-01 04:25 - 000375824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msrpc.sys
2018-11-15 13:34 - 2018-11-01 04:25 - 000268088 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2018-11-15 13:34 - 2018-11-01 04:25 - 000261000 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2018-11-15 13:34 - 2018-11-01 04:03 - 000034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmtask.exe
2018-11-15 13:34 - 2018-11-01 04:02 - 000047104 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmapi.dll
2018-11-15 13:34 - 2018-11-01 04:02 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\CSystemEventsBrokerClient.dll
2018-11-15 13:34 - 2018-11-01 04:00 - 000433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2018-11-15 13:34 - 2018-11-01 04:00 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2018-11-15 13:34 - 2018-11-01 03:59 - 000322048 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2018-11-15 13:34 - 2018-11-01 03:59 - 000241152 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
2018-11-15 13:34 - 2018-11-01 03:59 - 000192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrrun.dll
2018-11-15 13:34 - 2018-11-01 03:59 - 000176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WPTaskScheduler.dll
2018-11-15 13:34 - 2018-11-01 03:59 - 000107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\dab.dll
2018-11-15 13:34 - 2018-11-01 03:58 - 000530432 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2018-11-15 13:34 - 2018-11-01 03:58 - 000273408 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2018-11-15 13:34 - 2018-11-01 03:58 - 000154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2018-11-15 13:34 - 2018-11-01 03:58 - 000149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2018-11-15 13:34 - 2018-11-01 03:57 - 002364928 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpcServices.dll
2018-11-15 13:34 - 2018-11-01 03:57 - 001708544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSPhotography.dll
2018-11-15 13:34 - 2018-11-01 03:57 - 000898560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2018-11-15 13:34 - 2018-11-01 03:57 - 000835584 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneService.dll
2018-11-15 13:34 - 2018-11-01 03:57 - 000726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2018-11-15 13:34 - 2018-11-01 03:57 - 000356352 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmsvc.dll
2018-11-15 13:34 - 2018-11-01 03:57 - 000281600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2018-11-15 13:34 - 2018-11-01 03:57 - 000265728 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2018-11-15 13:34 - 2018-11-01 03:56 - 000506880 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofmsvc.dll
2018-11-15 13:34 - 2018-11-01 03:55 - 000684544 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2018-11-15 13:34 - 2018-11-01 03:54 - 001679360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2018-11-15 13:34 - 2018-11-01 03:54 - 001551360 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2018-11-15 13:34 - 2018-11-01 03:54 - 001225216 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2018-11-15 13:34 - 2018-11-01 03:54 - 000895488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2018-11-15 13:34 - 2018-11-01 03:54 - 000796672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2018-11-15 13:34 - 2018-11-01 03:53 - 000889344 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2018-11-15 13:34 - 2018-11-01 03:53 - 000542208 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2018-11-15 13:34 - 2018-11-01 03:53 - 000406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2018-11-15 13:34 - 2018-11-01 02:39 - 000001310 _____ C:\WINDOWS\system32\tcbres.wim
2018-11-15 13:34 - 2018-11-01 01:50 - 000786288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2018-11-15 13:34 - 2018-11-01 01:48 - 000880248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2018-11-15 13:34 - 2018-11-01 01:47 - 000581600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
2018-11-15 13:34 - 2018-11-01 01:47 - 000567256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2018-11-15 13:34 - 2018-11-01 01:47 - 000129304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2018-11-15 13:34 - 2018-11-01 01:31 - 000288768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2018-11-15 13:34 - 2018-11-01 01:30 - 002449408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapRouter.dll
2018-11-15 13:34 - 2018-11-01 01:30 - 001361408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSPhotography.dll
2018-11-15 13:34 - 2018-11-01 01:30 - 000561152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2018-11-15 13:34 - 2018-11-01 01:30 - 000392704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2018-11-15 13:34 - 2018-11-01 01:30 - 000310272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2018-11-15 13:34 - 2018-11-01 01:29 - 001986560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapGeocoder.dll
2018-11-15 13:34 - 2018-11-01 01:29 - 001862656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsservices.dll
2018-11-15 13:34 - 2018-11-01 01:29 - 000848384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
2018-11-15 13:34 - 2018-11-01 01:29 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2018-11-15 13:34 - 2018-11-01 01:29 - 000165376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrrun.dll
2018-11-15 13:34 - 2018-11-01 01:28 - 001348096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpcServices.dll
2018-11-15 13:34 - 2018-11-01 01:28 - 001000448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2018-11-15 13:34 - 2018-11-01 01:28 - 000978944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2018-11-15 13:34 - 2018-11-01 01:27 - 000856576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2018-11-15 13:34 - 2018-11-01 01:27 - 000713216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingOnlineServices.dll
2018-11-15 13:34 - 2018-11-01 01:27 - 000678400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2018-11-15 13:34 - 2018-11-01 01:26 - 000795648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.OnlineId.dll
2018-11-15 13:34 - 2018-11-01 01:26 - 000735744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2018-11-15 13:34 - 2018-11-01 01:26 - 000345088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2018-11-15 13:34 - 2018-10-21 10:00 - 000790416 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2018-11-15 13:34 - 2018-10-21 10:00 - 000396304 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2018-11-15 13:34 - 2018-10-21 09:59 - 000766480 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingWinRT.dll
2018-11-15 13:34 - 2018-10-21 09:59 - 000236728 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeManagerObj.dll
2018-11-15 13:34 - 2018-10-21 09:45 - 000123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2018-11-15 13:34 - 2018-10-21 09:44 - 000623104 _____ (Microsoft Corporation) C:\WINDOWS\system32\osk.exe
2018-11-15 13:34 - 2018-10-21 09:44 - 000085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\INETRES.dll
2018-11-15 13:34 - 2018-10-21 09:43 - 000345600 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcGenral.dll
2018-11-15 13:34 - 2018-10-21 09:43 - 000276992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wisp.dll
2018-11-15 13:34 - 2018-10-21 09:43 - 000182784 _____ (Microsoft Corporation) C:\WINDOWS\system32\LanguageComponentsInstaller.dll
2018-11-15 13:34 - 2018-10-21 09:42 - 000765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2018-11-15 13:34 - 2018-10-21 09:42 - 000592896 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserLanguagesCpl.dll
2018-11-15 13:34 - 2018-10-21 09:42 - 000181248 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeHelper.dll
2018-11-15 13:34 - 2018-10-21 08:41 - 000023056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hvsicontainerservice.dll
2018-11-15 13:34 - 2018-10-21 08:38 - 000662312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2018-11-15 13:34 - 2018-10-21 08:38 - 000660480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicensingWinRT.dll
2018-11-15 13:34 - 2018-10-21 08:38 - 000221216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditionUpgradeManagerObj.dll
2018-11-15 13:34 - 2018-10-21 08:28 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\INETRES.dll
2018-11-15 13:34 - 2018-10-21 08:23 - 000622080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll
2018-11-15 13:34 - 2018-10-21 08:23 - 000523264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserLanguagesCpl.dll
2018-11-15 13:34 - 2018-10-21 08:22 - 002405888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcGenral.dll
2018-11-15 13:34 - 2018-10-21 08:22 - 000224256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wisp.dll
2018-11-15 13:34 - 2018-10-21 06:29 - 001008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MixedRealityCapture.dll
2018-11-15 13:34 - 2018-10-21 05:44 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MixedRealityCapture.dll
2018-11-15 13:34 - 2018-10-21 04:47 - 000368440 _____ (Microsoft Corporation) C:\WINDOWS\system32\thumbcache.dll
2018-11-15 13:34 - 2018-10-21 04:46 - 000709936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2018-11-15 13:34 - 2018-10-21 04:46 - 000611640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2018-11-15 13:34 - 2018-10-21 04:46 - 000560136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2018-11-15 13:34 - 2018-10-21 04:46 - 000497864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Enumeration.dll
2018-11-15 13:34 - 2018-10-21 04:46 - 000171024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2018-11-15 13:34 - 2018-10-21 04:45 - 002719032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2018-11-15 13:34 - 2018-10-21 04:45 - 001098064 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2018-11-15 13:34 - 2018-10-21 04:45 - 000185120 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspicli.dll
2018-11-15 13:34 - 2018-10-21 04:45 - 000175624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spacedump.sys
2018-11-15 13:34 - 2018-10-21 04:45 - 000139792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecdd.sys
2018-11-15 13:34 - 2018-10-21 04:45 - 000058088 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsass.exe
2018-11-15 13:34 - 2018-10-21 04:21 - 000123424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sspicli.dll
2018-11-15 13:34 - 2018-10-21 04:20 - 000424000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Enumeration.dll
2018-11-15 13:34 - 2018-10-21 04:20 - 000295224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\thumbcache.dll
2018-11-15 13:34 - 2018-10-21 04:20 - 000161792 _____ (Microsoft Corporation) C:\WINDOWS\system32\spacebridge.dll
2018-11-15 13:34 - 2018-10-21 04:20 - 000141312 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2018-11-15 13:34 - 2018-10-21 04:20 - 000050688 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcimage.dll
2018-11-15 13:34 - 2018-10-21 04:19 - 001130768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2018-11-15 13:34 - 2018-10-21 04:19 - 000514560 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe
2018-11-15 13:34 - 2018-10-21 04:19 - 000463360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2018-11-15 13:34 - 2018-10-21 04:19 - 000409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2018-11-15 13:34 - 2018-10-21 04:19 - 000228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winnat.sys
2018-11-15 13:34 - 2018-10-21 04:19 - 000228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Diagnostics.dll
2018-11-15 13:34 - 2018-10-21 04:19 - 000137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2018-11-15 13:34 - 2018-10-21 04:19 - 000112128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthhfenum.sys
2018-11-15 13:34 - 2018-10-21 04:19 - 000086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ofdeploy.exe
2018-11-15 13:34 - 2018-10-21 04:19 - 000060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\BthAvrcpAppSvc.dll
2018-11-15 13:34 - 2018-10-21 04:19 - 000036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhf.sys
2018-11-15 13:34 - 2018-10-21 04:19 - 000028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspisrv.dll
2018-11-15 13:34 - 2018-10-21 04:18 - 000761344 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2018-11-15 13:34 - 2018-10-21 04:18 - 000461824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Activities.dll
2018-11-15 13:34 - 2018-10-21 04:18 - 000395264 _____ (Microsoft Corporation) C:\WINDOWS\system32\BthAvctpSvc.dll
2018-11-15 13:34 - 2018-10-21 04:18 - 000275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\scecli.dll
2018-11-15 13:34 - 2018-10-21 04:18 - 000274432 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAFWSD.dll
2018-11-15 13:34 - 2018-10-21 04:18 - 000130048 _____ (Microsoft Corporation) C:\WINDOWS\system32\officecsp.dll
2018-11-15 13:34 - 2018-10-21 04:18 - 000030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\seclogon.dll
2018-11-15 13:34 - 2018-10-21 04:17 - 000787456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2018-11-15 13:34 - 2018-10-21 04:17 - 000473600 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2018-11-15 13:34 - 2018-10-21 04:17 - 000271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafBth.dll
2018-11-15 13:34 - 2018-10-21 04:16 - 001535488 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2018-11-15 13:34 - 2018-10-21 04:16 - 000514048 _____ (Microsoft Corporation) C:\WINDOWS\system32\BTAGService.dll
2018-11-15 13:34 - 2018-10-21 04:16 - 000323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2018-11-15 13:34 - 2018-10-21 04:15 - 000401920 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2018-11-15 13:34 - 2018-10-21 04:14 - 000932352 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2018-11-15 13:34 - 2018-10-21 04:14 - 000632320 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpsvc.dll
2018-11-15 13:34 - 2018-10-21 04:14 - 000453632 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpusersvc.dll
2018-11-15 13:34 - 2018-10-21 04:14 - 000311296 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
2018-11-15 13:34 - 2018-10-21 04:02 - 000157184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spacebridge.dll
2018-11-15 13:34 - 2018-10-21 04:01 - 001189376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2018-11-15 13:34 - 2018-10-21 04:01 - 000168448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Diagnostics.dll
2018-11-15 13:34 - 2018-10-21 04:00 - 000214528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scecli.dll
2018-11-15 13:34 - 2018-10-21 03:59 - 000602112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2018-11-15 13:34 - 2018-10-21 03:58 - 001124352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdprt.dll
2018-11-15 13:34 - 2018-10-21 03:58 - 000415744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2018-11-15 13:34 - 2018-10-21 03:58 - 000230912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2018-11-15 13:34 - 2018-10-21 02:59 - 000806320 _____ C:\WINDOWS\SysWOW64\locale.nls
2018-11-15 13:34 - 2018-10-21 02:59 - 000806320 _____ C:\WINDOWS\system32\locale.nls
2018-11-15 13:34 - 2018-04-28 01:02 - 000144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2018-11-15 12:43 - 2018-11-15 12:43 - 000108567 _____ C:\Users\Usuario\Downloads\WhatsApp Image 2018-11-14 at 18.54.53.jpeg
2018-11-14 19:01 - 2018-11-14 19:01 - 000002568 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2018-11-14 19:01 - 2018-11-14 19:01 - 000002533 _____ C:\Users\Public\Desktop\Avast Secure Browser.lnk
2018-11-14 19:00 - 2018-11-14 19:00 - 000003596 _____ C:\WINDOWS\System32\Tasks\AvastUpdateTaskMachineUA
2018-11-14 19:00 - 2018-11-14 19:00 - 000003472 _____ C:\WINDOWS\System32\Tasks\AvastUpdateTaskMachineCore
2018-11-14 18:59 - 2018-11-14 18:59 - 000001979 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Premier.lnk
2018-11-14 18:59 - 2018-11-14 18:59 - 000001967 _____ C:\Users\Public\Desktop\Avast Premier.lnk
2018-11-14 18:58 - 2018-11-15 15:18 - 000004264 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
2018-11-14 18:57 - 2018-11-14 18:57 - 001028840 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2018-11-14 18:57 - 2018-11-14 18:57 - 000483384 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetSec.sys
2018-11-14 18:57 - 2018-11-14 18:57 - 000467904 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2018-11-14 18:57 - 2018-11-14 18:57 - 000381144 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2018-11-14 18:57 - 2018-11-14 18:57 - 000378584 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2018-11-14 18:57 - 2018-11-14 18:57 - 000346760 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbloga.sys
2018-11-14 18:57 - 2018-11-14 18:57 - 000230512 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdrivera.sys
2018-11-14 18:57 - 2018-11-14 18:57 - 000208640 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2018-11-14 18:57 - 2018-11-14 18:57 - 000201928 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsha.sys
2018-11-14 18:57 - 2018-11-14 18:57 - 000201408 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2018-11-14 18:57 - 2018-11-14 18:57 - 000163376 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2018-11-14 18:57 - 2018-11-14 18:57 - 000111968 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2018-11-14 18:57 - 2018-11-14 18:57 - 000088112 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2018-11-14 18:57 - 2018-11-14 18:57 - 000059664 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniva.sys
2018-11-14 18:57 - 2018-11-14 18:57 - 000047064 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2018-11-14 18:57 - 2018-11-14 18:57 - 000042456 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2018-11-14 18:57 - 2018-11-14 18:57 - 000015360 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswElam.sys
2018-11-14 18:56 - 2018-11-14 18:56 - 000000000 ____D C:\Program Files\AVAST Software
2018-10-31 12:07 - 2018-09-21 01:08 - 002765344 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2018-10-31 12:07 - 2018-09-21 00:39 - 003320320 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2018-10-31 12:07 - 2018-09-20 01:08 - 004191232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2018-10-31 12:07 - 2018-09-20 00:40 - 003090432 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2018-10-31 12:07 - 2018-09-20 00:37 - 004615680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2018-10-31 12:07 - 2018-09-08 05:07 - 002868536 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2018-10-31 12:07 - 2018-09-08 05:07 - 001610552 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2018-10-31 12:07 - 2018-09-08 05:07 - 000792376 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2018-10-31 12:07 - 2018-09-08 05:07 - 000689464 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2018-10-31 12:07 - 2018-09-08 05:07 - 000612360 _____ (Microsoft Corporation)
C:\WINDOWS\SysWOW64\wsp_fs.dll

#10
2018-10-31 12:07 - 2018-09-08 04:40 - 001724928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2018-10-31 12:07 - 2018-09-08 04:39 - 002052096 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
2018-10-31 12:07 - 2018-09-08 04:39 - 001787904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
2018-10-31 12:07 - 2018-09-08 04:38 - 001288192 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2018-10-31 12:07 - 2018-09-08 04:38 - 000882688 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmartcardCredentialProvider.dll
2018-10-31 12:07 - 2018-09-08 03:59 - 001530368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2018-10-31 12:07 - 2018-09-08 03:59 - 001452544 _____ (Microsoft Corporation) 
2018-10-31 12:07 - 2018-09-08 03:58 - 001308672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll
2018-10-31 12:07 - 2018-09-08 01:08 - 000462880 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2018-10-31 12:07 - 2018-09-08 00:44 - 000829752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2018-10-31 12:07 - 2018-09-08 00:43 - 001174448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2018-10-31 12:07 - 2018-09-08 00:30 - 003601920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Service.dll
2018-10-31 12:07 - 2018-09-08 00:29 - 004771840 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2018-10-31 12:07 - 2018-09-08 00:27 - 003348992 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2018-10-31 12:07 - 2018-09-08 00:26 - 002328064 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmsipc.dll
2018-10-31 12:07 - 2018-09-08 00:25 - 003553792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2018-10-31 12:07 - 2018-09-08 00:25 - 002789376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2018-10-31 12:07 - 2018-09-08 00:24 - 001457664 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2018-10-31 12:07 - 2018-09-08 00:23 - 001655296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmsipc.dll
2018-10-31 12:06 - 2018-10-31 12:06 - 000004299 _____ C:\Users\Usuario\Downloads\SeguroRoboATM.pdf
2018-10-31 12:06 - 2018-09-21 06:23 - 000257848 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVFileSystemMetadata.dll
2018-10-31 12:06 - 2018-09-21 06:21 - 001786168 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntVirtualization.dll
2018-10-31 12:06 - 2018-09-21 06:21 - 001626936 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVIntegration.dll
2018-10-31 12:06 - 2018-09-21 06:21 - 001422648 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystemController.dll
2018-10-31 12:06 - 2018-09-21 06:21 - 001038136 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPolicy.dll
2018-10-31 12:06 - 2018-09-21 06:21 - 000954368 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVManifest.dll
2018-10-31 12:06 - 2018-09-21 06:21 - 000830264 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVOrchestration.dll
2018-10-31 12:06 - 2018-09-21 06:21 - 000825144 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntStreamingManager.dll
2018-10-31 12:06 - 2018-09-21 06:21 - 000749880 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVReporting.dll
2018-10-31 12:06 - 2018-09-21 06:21 - 000670008 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVCatalog.dll
2018-10-31 12:06 - 2018-09-21 06:21 - 000652288 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPublishing.dll
2018-10-31 12:06 - 2018-09-21 06:21 - 000495416 _____ (Microsoft Corporation) C:\WINDOWS\system32\TransportDSA.dll
2018-10-31 12:06 - 2018-09-21 06:21 - 000399672 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVScripting.dll
2018-10-31 12:06 - 2018-09-21 06:21 - 000231424 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVShNotify.exe
2018-10-31 12:06 - 2018-09-21 06:21 - 000228152 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVStreamMap.dll
2018-10-31 12:06 - 2018-09-21 06:21 - 000201528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVStreamingUX.dll
2018-10-31 12:06 - 2018-09-21 06:21 - 000180736 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVDllSurrogate.exe
2018-10-31 12:06 - 2018-09-21 06:21 - 000173056 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVNice.exe
2018-10-31 12:06 - 2018-09-21 06:21 - 000034304 _____ C:\WINDOWS\system32\SyncAppvPublishingServer.exe
2018-10-31 12:06 - 2018-09-21 06:01 - 000171520 _____ (Microsoft Corporation) C:\WINDOWS\system32\itss.dll
2018-10-31 12:06 - 2018-09-21 05:12 - 000150016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\itss.dll
2018-10-31 12:06 - 2018-09-21 01:14 - 000661056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\evr.dll
2018-10-31 12:06 - 2018-09-21 01:13 - 000480568 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2018-10-31 12:06 - 2018-09-21 01:11 - 000753056 _____ (Microsoft Corporation) C:\WINDOWS\system32\evr.dll
2018-10-31 12:06 - 2018-09-21 01:09 - 002253696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2018-10-31 12:06 - 2018-09-21 01:09 - 001427968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll
2018-10-31 12:06 - 2018-09-21 01:08 - 001566720 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2018-10-31 12:06 - 2018-09-21 01:07 - 000604664 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2018-10-31 12:06 - 2018-09-21 00:57 - 002900992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2018-10-31 12:06 - 2018-09-21 00:56 - 000331264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2018-10-31 12:06 - 2018-09-21 00:54 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2018-10-31 12:06 - 2018-09-21 00:53 - 001006080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2018-10-31 12:06 - 2018-09-21 00:43 - 001627136 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2018-10-31 12:06 - 2018-09-21 00:37 - 001211904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2018-10-31 12:06 - 2018-09-21 00:36 - 000505344 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2018-10-31 12:06 - 2018-09-20 06:37 - 001634944 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2018-10-31 12:06 - 2018-09-20 06:17 - 002874368 _____ (Microsoft Corporation) C:\WINDOWS\system32\themeui.dll
2018-10-31 12:06 - 2018-09-20 06:17 - 001856000 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2018-10-31 12:06 - 2018-09-20 06:16 - 000127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpshell.dll
2018-10-31 12:06 - 2018-09-20 05:46 - 001454440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2018-10-31 12:06 - 2018-09-20 05:29 - 002824704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themeui.dll
2018-10-31 12:06 - 2018-09-20 05:29 - 001586176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2018-10-31 12:06 - 2018-09-20 05:28 - 000102400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpshell.dll
2018-10-31 12:06 - 2018-09-20 01:29 - 001989232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2018-10-31 12:06 - 2018-09-20 01:29 - 001513032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2018-10-31 12:06 - 2018-09-20 01:29 - 000357056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2018-10-31 12:06 - 2018-09-20 01:11 - 000074240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dtdump.exe
2018-10-31 12:06 - 2018-09-20 01:10 - 000500536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2018-10-31 12:06 - 2018-09-20 01:10 - 000355840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoMetadataHandler.dll
2018-10-31 12:06 - 2018-09-20 01:09 - 002462888 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2018-10-31 12:06 - 2018-09-20 01:09 - 002421248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2018-10-31 12:06 - 2018-09-20 01:09 - 001767096 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2018-10-31 12:06 - 2018-09-20 01:09 - 001540096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpserverbase.dll
2018-10-31 12:06 - 2018-09-20 00:43 - 000052736 _____ C:\WINDOWS\system32\runexehelper.exe
2018-10-31 12:06 - 2018-09-20 00:42 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\utcutil.dll
2018-10-31 12:06 - 2018-09-20 00:38 - 001724416 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpserverbase.dll
2018-10-31 12:06 - 2018-09-20 00:38 - 000433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoMetadataHandler.dll
2018-10-31 12:06 - 2018-09-19 22:28 - 000343552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2018-10-31 12:06 - 2018-09-08 05:12 - 000452112 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2018-10-31 12:06 - 2018-09-08 05:07 - 000309560 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2018-10-31 12:06 - 2018-09-08 05:07 - 000144696 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2018-10-31 12:06 - 2018-09-08 05:07 - 000069944 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll
2018-10-31 12:06 - 2018-09-08 05:02 - 000645112 _____ (Microsoft Corporation) C:\WINDOWS\system32\advapi32.dll
2018-10-31 12:06 - 2018-09-08 05:02 - 000540984 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2018-10-31 12:06 - 2018-09-08 04:57 - 000204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\basecsp.dll
2018-10-31 12:06 - 2018-09-08 04:44 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdBth.dll
2018-10-31 12:06 - 2018-09-08 04:43 - 000047616 _____ (Microsoft Corporation) C:\WINDOWS\system32\SCardBi.dll
2018-10-31 12:06 - 2018-09-08 04:42 - 000256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\scksp.dll
2018-10-31 12:06 - 2018-09-08 04:42 - 000188928 _____ (Microsoft Corporation) C:\WINDOWS\system32\certprop.dll
2018-10-31 12:06 - 2018-09-08 04:42 - 000169984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.XamlHost.dll
2018-10-31 12:06 - 2018-09-08 04:42 - 000114176 _____ (Microsoft Corporation) C:\WINDOWS\system32\bthci.dll
2018-10-31 12:06 - 2018-09-08 04:41 - 000258560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SCardSvr.dll
2018-10-31 12:06 - 2018-09-08 04:40 - 000677888 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2018-10-31 12:06 - 2018-09-08 04:40 - 000593408 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptui.dll
2018-10-31 12:06 - 2018-09-08 04:40 - 000522240 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2018-10-31 12:06 - 2018-09-08 04:40 - 000402944 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2018-10-31 12:06 - 2018-09-08 04:40 - 000249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\bthprops.cpl
2018-10-31 12:06 - 2018-09-08 04:39 - 005505024 _____ (Microsoft Corporation) C:\WINDOWS\system32\aclui.dll
2018-10-31 12:06 - 2018-09-08 04:39 - 000615936 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2018-10-31 12:06 - 2018-09-08 04:38 - 001004544 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2018-10-31 12:06 - 2018-09-08 04:38 - 000986112 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2018-10-31 12:06 - 2018-09-08 04:38 - 000836608 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2018-10-31 12:06 - 2018-09-08 04:37 - 000091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcbuilder.exe
2018-10-31 12:06 - 2018-09-08 04:16 - 000482080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\advapi32.dll
2018-10-31 12:06 - 2018-09-08 04:13 - 000181288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\basecsp.dll
2018-10-31 12:06 - 2018-09-08 04:03 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdBth.dll
2018-10-31 12:06 - 2018-09-08 04:02 - 000236032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scksp.dll
2018-10-31 12:06 - 2018-09-08 04:00 - 000548864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptui.dll
2018-10-31 12:06 - 2018-09-08 03:59 - 000485376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll
2018-10-31 12:06 - 2018-09-08 03:59 - 000133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.XamlHost.dll
2018-10-31 12:06 - 2018-09-08 03:58 - 000897536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2018-10-31 12:06 - 2018-09-08 03:58 - 000775680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2018-10-31 12:06 - 2018-09-08 03:57 - 005391360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aclui.dll
2018-10-31 12:06 - 2018-09-08 03:57 - 000625664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SmartcardCredentialProvider.dll
2018-10-31 12:06 - 2018-09-08 03:57 - 000423936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2018-10-31 12:06 - 2018-09-08 03:57 - 000223744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bthprops.cpl
2018-10-31 12:06 - 2018-09-08 03:56 - 000080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mcbuilder.exe
2018-10-31 12:06 - 2018-09-08 00:59 - 000433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2018-10-31 12:06 - 2018-09-08 00:59 - 000361544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2018-10-31 12:06 - 2018-09-08 00:58 - 000744976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2018-10-31 12:06 - 2018-09-08 00:58 - 000376120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2018-10-31 12:06 - 2018-09-08 00:57 - 001016984 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2018-10-31 12:06 - 2018-09-08 00:57 - 000930616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2018-10-31 12:06 - 2018-09-08 00:57 - 000482384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase_enclave.dll
2018-10-31 12:06 - 2018-09-08 00:57 - 000368448 _____ (Microsoft Corporation) C:\WINDOWS\system32\sechost.dll
2018-10-31 12:06 - 2018-09-08 00:51 - 000380728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2018-10-31 12:06 - 2018-09-08 00:45 - 000286824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2018-10-31 12:06 - 2018-09-08 00:43 - 000269104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sechost.dll
2018-10-31 12:06 - 2018-09-08 00:32 - 000025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Dumpstorport.sys
2018-10-31 12:06 - 2018-09-08 00:31 - 000342528 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserexport.exe
2018-10-31 12:06 - 2018-09-08 00:31 - 000272384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Proxy.dll
2018-10-31 12:06 - 2018-09-08 00:30 - 000189440 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothApis.dll
2018-10-31 12:06 - 2018-09-08 00:30 - 000115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidbth.sys
2018-10-31 12:06 - 2018-09-08 00:30 - 000101888 _____ (Microsoft Corporation) C:\WINDOWS\system32\BthRadioMedia.dll
2018-10-31 12:06 - 2018-09-08 00:29 - 000358912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\exfat.sys
2018-10-31 12:06 - 2018-09-08 00:29 - 000241152 _____ (Microsoft Corporation) C:\WINDOWS\system32\HttpsDataSource.dll
2018-10-31 12:06 - 2018-09-08 00:29 - 000183808 _____ (Microsoft Corporation) C:\WINDOWS\system32\bthserv.dll
2018-10-31 12:06 - 2018-09-08 00:29 - 000174080 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2018-10-31 12:06 - 2018-09-08 00:28 - 000481280 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngccredprov.dll
2018-10-31 12:06 - 2018-09-08 00:28 - 000153088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft.Bluetooth.Proxy.dll
2018-10-31 12:06 - 2018-09-08 00:27 - 000983040 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll
2018-10-31 12:06 - 2018-09-08 00:27 - 000596992 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll
2018-10-31 12:06 - 2018-09-08 00:27 - 000499200 _____ (Microsoft Corporation) C:\WINDOWS\system32\winipcfile.dll
2018-10-31 12:06 - 2018-09-08 00:27 - 000301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProximityService.dll
2018-10-31 12:06 - 2018-09-08 00:26 - 000814592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2018-10-31 12:06 - 2018-09-08 00:26 - 000784896 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2018-10-31 12:06 - 2018-09-08 00:26 - 000471552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TileDataRepository.dll
2018-10-31 12:06 - 2018-09-08 00:26 - 000387584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ngccredprov.dll
2018-10-31 12:06 - 2018-09-08 00:26 - 000365568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2018-10-31 12:06 - 2018-09-08 00:26 - 000359424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winipcfile.dll
2018-10-31 12:06 - 2018-09-08 00:26 - 000142848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BluetoothApis.dll
2018-10-31 12:06 - 2018-09-08 00:25 - 000882688 _____ (Microsoft Corporation) C:\WINDOWS\system32\winipcsecproc.dll
2018-10-31 12:06 - 2018-09-08 00:25 - 000466432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2018-10-31 12:06 - 2018-09-08 00:25 - 000341504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Proximity.dll
2018-10-31 12:06 - 2018-09-08 00:24 - 000899072 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2018-10-31 12:06 - 2018-09-08 00:24 - 000845824 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2018-10-31 12:06 - 2018-09-08 00:24 - 000463360 _____ (Microsoft Corporation) C:\WINDOWS\system32\das.dll
2018-10-31 12:06 - 2018-09-08 00:23 - 000807936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winipcsecproc.dll
2018-10-31 12:06 - 2018-09-08 00:23 - 000667136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapi.dll
2018-10-31 12:06 - 2018-09-08 00:23 - 000314368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Proximity.dll
2018-10-31 12:06 - 2018-09-08 00:22 - 000778240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-11-15 15:20 - 2018-04-11 20:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2018-11-15 15:18 - 2018-10-09 00:01 - 000004286 _____ C:\WINDOWS\System32\Tasks\Avast Cleanup Update
2018-11-15 15:18 - 2018-05-15 23:21 - 000004210 _____ C:\WINDOWS\System32\Tasks\CCleaner Update
2018-11-15 15:09 - 2018-05-15 23:21 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-11-15 15:09 - 2018-04-11 18:04 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2018-11-15 15:09 - 2017-10-08 21:09 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2018-11-15 15:08 - 2018-05-15 23:19 - 001772030 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-11-15 15:08 - 2018-04-12 13:19 - 000787638 _____ C:\WINDOWS\system32\perfh00A.dat
2018-11-15 15:08 - 2018-04-12 13:19 - 000155768 _____ C:\WINDOWS\system32\perfc00A.dat
2018-11-15 15:08 - 2018-04-11 20:36 - 000000000 ____D C:\WINDOWS\INF
2018-11-15 15:07 - 2017-10-09 13:35 - 000000000 ____D C:\Users\Usuario\AppData\Local\AVAST Software
2018-11-15 15:05 - 2018-04-11 20:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-11-15 15:05 - 2017-11-11 14:31 - 000000000 ___RD C:\Users\Usuario\3D Objects
2018-11-15 15:05 - 2017-10-08 18:51 - 000000000 __RHD C:\Users\Public\AccountPictures
2018-11-15 15:04 - 2018-10-09 12:26 - 005373184 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2018-11-15 15:01 - 2018-04-11 20:38 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2018-11-15 15:01 - 2018-04-11 20:38 - 000000000 ___SD C:\WINDOWS\system32\F12
2018-11-15 15:01 - 2018-04-11 20:38 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2018-11-15 15:01 - 2018-04-11 20:38 - 000000000 ____D C:\WINDOWS\TextInput
2018-11-15 15:01 - 2018-04-11 20:38 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2018-11-15 15:01 - 2018-04-11 20:38 - 000000000 ____D C:\WINDOWS\ShellExperiences
2018-11-15 15:01 - 2018-04-11 20:38 - 000000000 ____D C:\WINDOWS\bcastdvr
2018-11-15 14:50 - 2018-05-18 12:44 - 000000000 ____D C:\Users\Usuario\AppData\Local\D3DSCache
2018-11-15 14:49 - 2018-08-07 18:06 - 000000000 ____D C:\Users\Usuario\AppData\Local\CrashDumps
2018-11-15 14:00 - 2018-05-15 23:05 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-11-15 13:43 - 2017-10-08 20:07 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2018-11-15 13:41 - 2018-04-11 20:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-11-15 13:34 - 2017-03-18 18:03 - 000000167 _____ C:\WINDOWS\win.ini
2018-11-15 13:31 - 2017-10-09 07:18 - 000000000 ____D C:\WINDOWS\system32\MRT
2018-11-15 13:27 - 2017-06-23 03:27 - 137810048 ____C (Microsoft Corporation) C:\WINDOWS\system32\mrt.exe
2018-11-15 12:45 - 2018-04-11 20:38 - 000000000 ___HD C:\Program Files\WindowsApps
2018-11-15 12:34 - 2017-10-09 06:49 - 000002299 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-11-15 12:34 - 2017-10-09 06:49 - 000002258 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-11-15 12:22 - 2018-05-15 23:21 - 000004220 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{2083C400-6E28-4B69-9631-E83CD0C40232}
2018-11-15 12:22 - 2017-10-09 16:22 - 000000000 ____D C:\Users\Usuario\AppData\Local\Adobe
2018-11-14 19:00 - 2018-10-09 00:01 - 000000000 ____D C:\Program Files (x86)\AVAST Software
2018-11-14 18:59 - 2017-10-09 07:00 - 000000000 ____D C:\Users\Usuario\AppData\Roaming\AVAST Software
2018-11-14 18:57 - 2018-04-11 20:38 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2018-11-14 18:56 - 2017-10-08 20:11 - 000000000 ____D C:\ProgramData\AVAST Software
2018-11-14 18:54 - 2018-06-18 21:03 - 000000000 ____D C:\ProgramData\updater2
2018-11-14 18:53 - 2017-11-11 14:16 - 000000000 ____D C:\Users\Usuario\AppData\Local\Packages
2018-11-14 18:50 - 2018-03-02 12:25 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2018-11-14 18:44 - 2017-10-08 20:11 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2018-11-14 18:42 - 2018-02-06 13:45 - 000000000 ____D C:\Users\Usuario\Desktop\Nueva carpeta (2)
2018-11-14 17:49 - 2017-11-11 13:22 - 000559880 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2018-11-05 14:34 - 2018-07-13 13:47 - 000835168 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2018-11-05 14:34 - 2018-07-13 13:47 - 000179808 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2018-10-31 12:30 - 2018-04-11 20:38 - 000000000 ___RD C:\Program Files\Windows Defender
2018-10-31 12:30 - 2018-04-11 20:38 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2018-10-31 12:30 - 2018-04-11 20:38 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2018-10-24 11:39 - 2018-06-28 21:31 - 000000000 ____D C:\ProgramData\Packages
2018-10-24 11:35 - 2017-10-08 18:54 - 000000000 ____D C:\ProgramData\KMSAutoS
2018-10-22 22:50 - 2018-06-14 14:58 - 000002202 _____ C:\WINDOWS\System32\Tasks\StartCN
2018-10-22 22:50 - 2018-06-14 14:58 - 000002116 _____ C:\WINDOWS\System32\Tasks\StartDVR
2018-10-22 22:50 - 2018-06-14 14:52 - 000002798 _____ C:\WINDOWS\System32\Tasks\ACC
2018-10-22 22:50 - 2018-05-15 23:21 - 000003484 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2018-10-22 22:50 - 2018-05-15 23:21 - 000003482 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2018-10-22 22:50 - 2018-05-15 23:21 - 000003260 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2018-10-22 22:50 - 2018-05-15 23:21 - 000003118 _____ C:\WINDOWS\System32\Tasks\Intel PTT EK Recertification
2018-10-22 22:50 - 2018-05-15 23:21 - 000003116 _____ C:\WINDOWS\System32\Tasks\klcp_update
2018-10-22 22:50 - 2018-05-15 23:21 - 000003108 _____ C:\WINDOWS\System32\Tasks\KMSAutoNet
2018-10-22 22:50 - 2018-05-15 23:21 - 000003074 _____ C:\WINDOWS\System32\Tasks\IntelIOC-Upgrade-f1c8187b-2653-47cd-a9be-b554b98f68a7
2018-10-22 22:50 - 2018-05-15 23:21 - 000003042 _____ C:\WINDOWS\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473
2018-10-22 22:50 - 2018-05-15 23:21 - 000002852 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3672655569-367168397-436325234-1001
2018-10-22 22:50 - 2018-05-15 23:21 - 000002774 _____ C:\WINDOWS\System32\Tasks\AdobeAAMUpdater-1.0-DESKTOP-RS5F028-Usuario
2018-10-22 22:50 - 2018-05-15 23:21 - 000002708 _____ C:\WINDOWS\System32\Tasks\IntelIOC-Upgrade-f1c8187b-2653-47cd-a9be-b554b98f68a7-Logon
2018-10-22 22:50 - 2018-05-15 23:21 - 000002594 _____ C:\WINDOWS\System32\Tasks\CorelUpdateHelperTaskCore
2018-10-22 22:50 - 2018-05-15 23:21 - 000002216 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2018-10-22 22:50 - 2018-05-15 23:21 - 000000000 ____D C:\WINDOWS\System32\Tasks\AVAST Software
2018-10-22 22:34 - 2018-05-15 23:08 - 000002403 _____ C:\Users\Usuario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-10-22 22:34 - 2017-10-08 18:53 - 000000000 ___RD C:\Users\Usuario\OneDrive

==================== Files in the root of some directories =======

2017-10-09 16:57 - 2018-07-13 15:04 - 000000034 _____ () C:\Users\Usuario\AppData\Roaming\AdobeWLCMCache.dat
2017-12-27 16:07 - 2017-12-27 16:07 - 000000000 ____H () C:\Users\Usuario\AppData\Local\BIT7881.tmp
2017-10-12 20:15 - 2017-10-12 20:15 - 000000003 _____ () C:\Users\Usuario\AppData\Local\updater.log
2017-10-12 20:15 - 2017-10-12 20:15 - 000000425 _____ () C:\Users\Usuario\AppData\Local\UserProducts.xml
2017-12-27 16:06 - 2017-12-27 16:06 - 000000000 _____ () C:\Users\Usuario\AppData\Local\{5A4B5EBD-725C-4A09-87B8-D653F89A9269}

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-05-15 23:05

==================== End of FRST.txt ============================

#11
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14.11.2018
Ran by Usuario (15-11-2018 15:27:16)
Running from C:\Users\Usuario\Downloads
Windows 10 Pro Version 1803 17134.407 (X64) (2018-05-16 02:23:13)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrador (S-1-5-21-3672655569-367168397-436325234-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3672655569-367168397-436325234-503 - Limited - Disabled)
Invitado (S-1-5-21-3672655569-367168397-436325234-501 - Limited - Disabled)
Usuario (S-1-5-21-3672655569-367168397-436325234-1001 - Administrator - Enabled) => C:\Users\Usuario
WDAGUtilityAccount (S-1-5-21-3672655569-367168397-436325234-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Disabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Disabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
FW: Avast Antivirus (Disabled) {B693136B-F6EE-DD1C-A0EF-229B8B0B29C4}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-3672655569-367168397-436325234-1001\...\uTorrent) (Version: 3.5.3.44428 - BitTorrent Inc.)
Adobe Acrobat Reader DC - Español (HKLM-x32\...\{AC76BA86-7AD7-1034-7B44-AC0F074E4100}) (Version: 19.008.20081 - Adobe Systems Incorporated)
Adobe After Effects CC 2017 (HKLM-x32\...\AEFT_14_0_0) (Version: 14.0.0 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.9.0.327 - Adobe Systems Incorporated)
Adobe Illustrator CC 2017 (HKLM-x32\...\ILST_21_0_0) (Version: 21.0.0 - Adobe Systems Incorporated)
Adobe Photoshop CC 2017 (HKLM-x32\...\PHSP_18_0) (Version: 18.0.0 - Adobe Systems Incorporated)
AIMP (HKLM-x32\...\AIMP) (Version: v4.13.1897, 26.06.2017 - AIMP DevTeam)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 18.5.1 - Advanced Micro Devices, Inc.)
Avast Cleanup Premium (HKLM-x32\...\{075CC190-59EE-499F-828B-0B5C098C8C15}_is1) (Version: 18.2.5964 - AVAST Software)
Avast Premier (HKLM-x32\...\Avast Antivirus) (Version: 18.7.2354 - AVAST Software)
Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 69.1.867.101 - AVAST Software)
Avast Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.4.154.333 - AVAST Software) Hidden
Battlefield 1 (HKLM-x32\...\Battlefield 1_is1) (Version:  - )
CCleaner (HKLM\...\CCleaner) (Version: 5.49 - Piriform)
Corel Graphics - Windows Shell Extension (HKLM\...\_{3CAAE169-6001-48ED-B2C6-5B6F511552FD}) (Version: 18.0.0.448 - Corel Corporation)
Corel Graphics - Windows Shell Extension (HKLM\...\{3CAAE169-6001-48ED-B2C6-5B6F511552FD}) (Version: 18.0.448 - Corel Corporation) Hidden
Corel Graphics - Windows Shell Extension 32 Bit Keys (HKLM\...\{C8730B1A-133D-4546-8E21-9EC186341F20}) (Version: 18.0.448 - Corel Corporation) Hidden
Corel Update Manager (HKLM\...\{B8C05FFE-C36F-4F17-AD20-739E4BC65AC9}) (Version: 2.9.389 - Corel corporation) Hidden
CorelDRAW Graphics Suite X8 - BR (x64) (HKLM\...\{67D57366-EFCC-46DA-BB1F-BBE89B377177}) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - Capture (x64) (HKLM\...\{1253ED86-69FD-4A7B-BDF2-96A522583A88}) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - Common (x64) (HKLM\...\{72922AB6-F920-4C98-985D-EC90CE0918D4}) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - Connect (x64) (HKLM\...\{9782A612-03A7-488F-A598-33558163D8F8}) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - CS (x64) (HKLM\...\{300DB480-7301-436A-A312-B695B2BC6D71}) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - CT (x64) (HKLM\...\{43C4A17D-93D9-41C6-8ACA-370EA390ED2A}) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - Custom Data (x64) (HKLM\...\{02C85FBD-87D3-4352-BF2E-AFE897CD5559}) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - CZ (x64) (HKLM\...\{A67AEE14-0435-4B8C-A367-F5EDE6CAF9F6}) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - DE (x64) (HKLM\...\{4AA43BE3-D21B-44D7-B9CD-86692DEF3706}) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - Draw (x64) (HKLM\...\{A66E09BB-9892-421D-9EB9-311D12AA5244}) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - EN (x64) (HKLM\...\{A0845CAD-ED13-46A4-A050-5ACE4631FDEC}) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - ES (x64) (HKLM\...\{B1452C41-DC90-4B58-8320-ABB515E87FFB}) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - Filters (x64) (HKLM\...\{6E6D1438-33CC-413B-BC96-3497B1271CDD}) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - Font Manager (x64) (HKLM\...\{5FB5FF89-0938-49D9-850B-53B78B84A7E4}) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - FR (x64) (HKLM\...\{0A182180-3BAF-4B94-BFD0-CF082CC5FF0D}) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - IPM (x64) (HKLM\...\{A040C72A-0ADC-4FB9-9DB4-19B18F6053F1}) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - IPM Content (x64) (HKLM\...\{FB081BA0-08D2-4C8C-9E55-788A90430BE3}) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - IT (x64) (HKLM\...\{8285FEBA-D373-493F-BC78-934F84A0A298}) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - JP (x64) (HKLM\...\{F5A1D3E4-416E-4723-AD35-86A372B99174}) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - NL (x64) (HKLM\...\{A7922CC8-0EBD-497B-B381-5B3992905327}) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - PHOTO-PAINT (x64) (HKLM\...\{04D8C47E-C0FE-4CA5-8878-91ECD9552109}) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - PL (x64) (HKLM\...\{6F03D92C-48DB-4182-8A51-BEF8FE64B72C}) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - Redist (x64) (HKLM\...\{50D1BD2D-6D8C-45A8-9DB5-CDAB7227DB36}) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - RU (x64) (HKLM\...\{B83D220A-33AB-4AF5-963A-887BD971270E}) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - Setup Files (x64) (HKLM\...\{4B3FC55D-E999-4BEC-AF29-1091E574961F}) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - VBA (x64) (HKLM\...\{48DD8181-A983-447B-9660-A55A935CA751}) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - VideoBrowser (x64) (HKLM\...\{81EBD8D4-9142-4D33-BF34-D99EFC1180F5}) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - Workspaces (x64) (HKLM\...\{1D4B870D-A5A8-4B88-9520-ED8EFD545AA1}) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - Writing Tools (x64) (HKLM\...\{23A2ABD8-8231-48AD-AD71-FF0566A7DD8F}) (Version: 18.0 -  Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 (64-Bit) (HKLM\...\_{4B3FC55D-E999-4BEC-AF29-1091E574961F}) (Version: 18.0.0.448 - Corel Corporation)
CorelDRAW Graphics Suite X8 (HKLM\...\{ECFAF1D6-342D-4AE2-B6BF-82B22F9FE8DE}) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 -TR (x64) (HKLM\...\{ACC8C1B0-E560-4B42-AA52-9CAD14883B29}) (Version: 18.0 - Corel Corporation) Hidden
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.6.0.0283 - Disc Soft Ltd)
Eines de correcció del Microsoft Office 2013: català (HKLM-x32\...\{90150000-001F-0403-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Ferramentas de verificación de Microsoft Office 2013 - Galego (HKLM-x32\...\{90150000-001F-0456-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Geeks3D FurMark 1.17.0.0 (HKLM-x32\...\{2397CAD4-2263-4CD0-96BE-E43A980B9C9A}_is1) (Version:  - Geeks3D)
Ghostscript GPL 8.64 (Msi Setup) (HKLM-x32\...\_{06CD45E6-FF5E-4D8E-BC01-B276A90DADF2}) (Version: 8.64 - Corel Corporation)
Ghostscript GPL 8.64 (Msi Setup) (HKLM-x32\...\{06CD45E6-FF5E-4D8E-BC01-B276A90DADF2}) (Version: 8.64 - Corel Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 70.0.3538.102 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
Intel(R) C++ Redistributables for Windows* on Intel(R) 64 (HKLM-x32\...\{D2437C5C-2D8C-40D2-8059-689AD7239FA3}) (Version: 11.1.048 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.6.0.1036 - Intel Corporation)
Intel(R) Online Connect Software Asset Manager (HKLM-x32\...\{AE956AB9-CD98-4F1E-8B9E-C3C66E290D64}) (Version: 3.4.2072 - Intel Corporation) Hidden
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 15.7.0.1014 - Intel Corporation)
K-Lite Mega Codec Pack 13.8.0 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 13.8.0 - KLCP)
LibreOffice 5.3.6.1 (HKLM-x32\...\{A253D1A0-E992-4275-A420-CD1E84437BDF}) (Version: 5.3.6.1 - The Document Foundation)
Lightshot-5.4.0.10 (HKLM-x32\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 5.4.0.10 - Skillbrains)
Malwarebytes versión 3.6.1.2711 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.6.1.2711 - Malwarebytes)
MegaDownloader 1.7 (HKLM\...\{C12C2297-65A4-4E64-9AE1-29F0D947FDA0}}_is1) (Version: 1.7 - AppsForMega.info)
Microsoft Office Professional Plus 2013 (HKLM-x32\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3672655569-367168397-436325234-1001\...\OneDriveSetup.exe) (Version: 18.172.0826.0010 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24123 (HKLM-x32\...\{206898cc-4b41-4d98-ac28-9f9ae57f91fe}) (Version: 14.0.24123.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2015 (HKLM-x32\...\{dd8b09df-3ef8-49f1-bd1a-65278435860b}) (Version: 14.0.23217 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
Nero 8 Lite 8.1.1.3 (HKLM-x32\...\Nero8Lite_is1) (Version: 8.1.1.3 - Updatepack.nl)
Outils de vérification linguistique 2013 de Microsoft Office - Français (HKLM-x32\...\{90150000-001F-040C-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Paquete de idioma de Microsoft Visual Studio 2010 Tools para Office Runtime (x64) - ESN (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - ESN) (Version: 10.0.50903 - Microsoft Corporation)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.18.526.2017 - Realtek)
Revisores de Texto do Microsoft Office 2013 – Português do Brasil (HKLM-x32\...\{90150000-001F-0416-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{7F6C4883-A18C-459A-82C1-A2F9403F2DA6}) (Version:  - Microsoft)
SketchUp 2017 (HKLM\...\{31645965-D0A5-4D0B-98C8-48A2C804AD7A}) (Version: 17.2.2555 - Trimble Navigation Limited)
Software para dispositivos de chipset Intel® (HKLM-x32\...\{bb0592a7-5772-4736-9d55-2402740085db}) (Version: 10.1.1.38 - Intel(R) Corporation) Hidden
Trapcode Suite 64-bit (HKLM\...\{DA06169F-8857-41A0-8FAE-F57C787CE9E2}) (Version: 12.1.2 - Red Giant) Hidden
Trapcode Suite 64-bit (HKLM-x32\...\InstallShield_{DA06169F-8857-41A0-8FAE-F57C787CE9E2}) (Version: 12.1.2 - Red Giant)
Vulkan Run Time Libraries 1.0.54.0 (HKLM\...\VulkanRT1.0.54.0) (Version: 1.0.54.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.54.0 (HKLM\...\VulkanRT1.0.54.0-2) (Version: 1.0.54.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.1.70.0 (HKLM\...\VulkanRT1.1.70.0) (Version: 1.1.70.0 - LunarG, Inc.) Hidden
WhatsApp (HKU\S-1-5-21-3672655569-367168397-436325234-1001\...\WhatsApp) (Version: 0.3.225 - WhatsApp)
WinRAR 5.60 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.60.0 - win.rar GmbH)
Wolfenstein II The New Colossus (HKLM-x32\...\Wolfenstein II The New Colossus_is1) (Version:  - )

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3672655569-367168397-436325234-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} =>  -> No File
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} =>  -> No File
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} =>  -> No File
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-06-10] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-06-10] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-06-10] ()
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-11-14] (AVAST Software)
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} =>  -> No File
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-06-10] ()
ContextMenuHandlers1: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files (x86)\AIMP\System\aimp_menu64.dll [2017-10-08] (AIMP DevTeam)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-11-14] (AVAST Software)
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} =>  -> No File
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-06-24] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-06-24] (Alexander Roshal)
ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} =>  -> No File
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-11-14] (AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes)
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} =>  -> No File
ContextMenuHandlers4: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files (x86)\AIMP\System\aimp_menu64.dll [2017-10-08] (AIMP DevTeam)
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} =>  -> No File
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2018-05-16] (Advanced Micro Devices, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} =>  -> No File
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-06-10] ()
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-11-14] (AVAST Software)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-06-24] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-06-24] (Alexander Roshal)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {142447EB-91EE-4300-BE78-7A6D2C3396D9} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-08-14] (Adobe Systems Incorporated)
Task: {175D9965-80F9-46F3-9A31-3013E8B779B8} - System32\Tasks\IntelIOC-Upgrade-f1c8187b-2653-47cd-a9be-b554b98f68a7-Logon => C:\Program Files (x86)\Intel\Intel(R) Online Connect Access\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [2016-09-29] (Intel Corporation)
Task: {29012FE6-E668-43AE-A95B-CAA981F7011B} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2018-11-14] (AVAST Software)
Task: {33C67861-8346-447F-A01E-C8EBFF5F1ED2} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2018-11-14] (AVAST Software)
Task: {355998AC-CB12-4180-BE50-ED33DC20D87D} - System32\Tasks\Avast Cleanup Update => C:\Program Files (x86)\AVAST Software\Avast Cleanup\TUNEUpdate.exe [2018-11-14] (AVAST Software)
Task: {44FA678D-DF0B-4E5C-824F-F3DC3BA10421} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2018-11-14] (AVAST Software)
Task: {45400B10-1BAF-4DA4-98D6-D7AF14496160} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-10-09] (Google Inc.)
Task: {65B85F6F-35B3-4459-A179-28255D5B7B25} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\WINDOWS\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-04-11] ()
Task: {65D53712-8B0E-4700-B0E0-F6115F74A38D} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [2018-05-16] (Advanced Micro Devices, Inc.)
Task: {679FCF51-3C62-4F3A-9185-A55DDB5215E3} - System32\Tasks\CorelUpdateHelperTaskCore => C:\Program Files (x86)\Corel\CUH\v2\CUH.exe [2018-06-21] (Corel Corporation)
Task: {68A7BF6E-D336-4FE8-B274-40155BA2F67D} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [2018-01-31] ()
Task: {6B8217F8-7B4F-44B9-85AA-AA2A091DD347} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-22] (Microsoft Corporation)
Task: {79F886A5-D58E-4267-8DB8-6FD6E0C4C8D5} - System32\Tasks\AdobeGCInvoker-1.0-DESKTOP-RS5F028-Usuario => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2018-05-11] (Adobe Systems, Incorporated)
Task: {8093B4A8-1ABE-4C14-BE45-F96B4B454113} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-11-06] (Piriform Ltd)
Task: {8DD994C3-1E7E-4C38-AC69-CC9FC3C880CA} - System32\Tasks\IntelIOC-Upgrade-f1c8187b-2653-47cd-a9be-b554b98f68a7 => C:\Program Files (x86)\Intel\Intel(R) Online Connect Access\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [2016-09-29] (Intel Corporation)
Task: {A19DB573-4203-41AD-91AF-33306A271062} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\dvrcmd.exe [2018-05-16] (Advanced Micro Devices, Inc.)
Task: {A98E11CE-B0F9-4D93-A596-96D2B6B49C33} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-22] (Microsoft Corporation)
Task: {B04E8DC8-B7F6-4C69-9DC6-D1864802AF97} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-11-06] (Piriform Software Ltd)
Task: {B228A387-9F87-4F57-8232-BB755659118A} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2018-10-31] (AVAST Software) <==== ATTENTION
Task: {B9E5BE33-3FA0-4740-98D3-0C4D155DC3BD} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe
Task: {C93885B5-73F9-43E5-AF9D-B5037D8925B0} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [2016-07-26] (Intel(R) Corporation)
Task: {CCF9C773-FE15-4F8E-9BCD-D2B2527AE678} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
Task: {D0F45CF7-CD06-4683-B05C-D4C34A130909} - System32\Tasks\KMSAutoNet => C:\ProgramData\KMSAutoS\KMSAuto Net.exe [2016-07-19] (MSFree Inc.)
Task: {DB3858D7-F59A-4786-9EA4-5F759A486AEC} - System32\Tasks\AdobeAAMUpdater-1.0-DESKTOP-RS5F028-Usuario => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2016-07-01] (Adobe Systems Incorporated)
Task: {F623CC9B-4B27-4539-8D42-142E6DA97D4C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-10-09] (Google Inc.)
Task: {F984F3D3-DD00-47C3-A0BC-144971253B25} - System32\Tasks\ACC => C:\Program Files\DriverSetupUtility\FUB\FUB_Send.bat [2015-06-22] ()

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2016-10-05 12:15 - 2016-10-05 12:15 - 000107752 _____ () C:\Program Files\Intel\Intel(R) Online Connect Access\libglog.dll
2016-10-05 12:15 - 2016-10-05 12:15 - 000412904 _____ () C:\Program Files\Intel\Intel(R) Online Connect Access\JsonCpp.dll
2018-04-11 20:34 - 2018-04-11 20:34 - 000491744 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2016-06-10 01:41 - 2016-06-10 01:41 - 000491184 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
2018-04-11 20:34 - 2018-04-11 20:34 - 000472064 _____ () C:\Windows\ShellExperiences\TileControl.dll
2018-04-11 20:34 - 2018-04-11 20:34 - 002759168 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll
2018-11-15 13:35 - 2018-11-01 03:55 - 002185216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2018-11-15 12:26 - 2018-11-15 12:27 - 000183808 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.34.81.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
2016-10-04 17:09 - 2016-10-04 17:09 - 000253664 _____ () C:\Program Files\Intel\Intel(R) Online Connect\CSLibWrapper.dll
2018-11-14 18:57 - 2018-11-14 18:57 - 000598232 _____ () c:\program files\avast software\avast\streamback.dll
2018-11-14 18:59 - 2018-11-14 18:59 - 067126928 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2016-10-20 01:28 - 2016-10-20 01:28 - 001243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxlctlfudivq`qsp`28hfm [0]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-3672655569-367168397-436325234-1001\...\localhost -> localhost

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2017-03-18 18:03 - 2017-03-18 18:01 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3672655569-367168397-436325234-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Usuario\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\945a6fb8-7e55-4464-8a89-23e12d1cc730.jpg
DNS Servers: Media is not connected to internet.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKLM\...\StartupApproved\Run32: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "SecurityHealth"
HKU\S-1-5-21-3672655569-367168397-436325234-1001\...\StartupApproved\Run: => "uTorrent"
HKU\S-1-5-21-3672655569-367168397-436325234-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-3672655569-367168397-436325234-1001\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{7B7EB8C0-2CA0-460D-8FF8-1C45A3AF716E}] => (Allow) C:\Windows\[email protected]
FirewallRules: [{92539F20-25A0-4208-815B-C0DA268F6650}] => (Allow) C:\Windows\[email protected]
FirewallRules: [{79AAF09A-78F9-4D4C-AEE7-8F6EDA1B40B5}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe
FirewallRules: [{499BF294-1143-40D5-B2CC-153BE45B3BF0}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe
FirewallRules: [{6DF06D1D-3C0F-405D-AEC2-A465F957D842}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{5C119831-78AE-4A04-B981-CB37D4C6F0CC}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{D5D509E3-6E00-4CD6-9E08-8DF947E08FA9}] => (Allow) C:\Users\Usuario\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{AB2FE4BA-415C-491B-A567-22D01A42C2CE}] => (Allow) C:\Users\Usuario\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{F0C1001E-890B-48A1-87B4-0C29624483B2}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe
FirewallRules: [{144BAA37-C417-416F-955E-DE570691D42E}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe
FirewallRules: [{54DF1985-D87A-4D3F-8F6A-66DF060ECDB3}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{E64D0FF9-39D0-4712-93A0-4ECABB0D7358}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [TCP Query User{22EFEB34-1F9A-4ECD-95AE-195CBC177D81}E:\juegos\battlefield 1\bf1.exe] => (Block) E:\juegos\battlefield 1\bf1.exe
FirewallRules: [UDP Query User{4B51A62C-7844-4FB0-B51A-52313BEC5291}E:\juegos\battlefield 1\bf1.exe] => (Block) E:\juegos\battlefield 1\bf1.exe
FirewallRules: [{D0085FFD-E23E-49E2-AB93-2A372F39F8B6}] => (Block) c:\Program Files\Corel\CorelDRAW Graphics Suite X8\Programs64\CorelDrw.exe
FirewallRules: [{0D816ABD-F732-451C-8E1F-2568FBD3F781}] => (Block) c:\Program Files\Corel\CorelDRAW Graphics Suite X8\Programs64\CorelPP.exe
FirewallRules: [{88195C84-E566-4846-B134-83902DC57DCE}] => (Allow) C:\Program Files (x86)\AVAST Software\Avast Cleanup\TUNEUpdate.exe
FirewallRules: [{A8989E30-FDA4-4628-BC11-A215513EB87E}] => (Allow) C:\Program Files (x86)\AVAST Software\Avast Cleanup\TUNEUpdate.exe
FirewallRules: [{DB4E08C7-2CBC-45EE-BF26-DC6C07F52C1F}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [{73BEA6EA-E35F-4805-8CED-86823DC7C57B}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [{CD282824-1BAA-45B4-908A-9D85C490E55F}] => (Allow) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
FirewallRules: [{AF56912E-5A48-463E-A201-3EF7AEB73574}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{BD79B177-9439-4965-BF3E-2A4BC992BCB1}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{8E92B328-AC29-445D-8030-CE1089DD49B2}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe

==================== Restore Points =========================

31-10-2018 12:05:41 Windows Update
14-11-2018 17:50:35 Windows Update

==================== Faulty Device Manager Devices =============

Name: Mouse PS/2 de Microsoft
Description: Mouse PS/2 de Microsoft
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================
Error: (11/15/2018 03:14:22 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Error del Servicio de instantáneas de volumen: error inesperado al llamar a la rutina QueryFullProcessImageNameW. HR = 0x80070006, Controlador no válido.
.


Operación:
   Ejecutando operación asincrónica

Contexto:
   Estado actual: DoSnapshotSet

Error: (11/15/2018 03:09:59 PM) (Source: KMS-QAD) (EventID: 1001) (User: )
Description: Event-ID 1001

Error: (11/15/2018 03:06:28 PM) (Source: Perflib) (EventID: 1023) (User: )
Description: Windows no puede cargar el archivo DLL del contador extensible rdyboost. Los primeros cuatro bytes (DWORD) de la sección de datos contienen el código de error de Windows.

Error: (11/15/2018 03:06:19 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Error del procedimiento de apertura para el servicio "BITS" en el archivo DLL "C:\Windows\System32\bitsperf.dll". Los datos de rendimiento para este servicio no estarán disponibles. Los primeros cuatro bytes (DWORD) de la sección de datos contienen el código de error.

Error: (11/15/2018 03:03:21 PM) (Source: KMS-QAD) (EventID: 1001) (User: )
Description: Event-ID 1001

Error: (11/14/2018 07:44:54 PM) (Source: KMS-QAD) (EventID: 1001) (User: )
Description: Event-ID 1001

Error: (11/14/2018 07:16:57 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Error del procedimiento de apertura para el servicio "WmiApRpl" en el archivo DLL "C:\WINDOWS\system32\wbem\wmiaprpl.dll". Los datos de rendimiento para este servicio no estarán disponibles. Los primeros cuatro bytes (DWORD) de la sección de datos contienen el código de error.

Error: (11/14/2018 07:16:56 PM) (Source: PerfNet) (EventID: 2004) (User: )
Description: No se puede abrir el objeto de rendimiento del servicio del servidor. Los primeros cuatro bytes (DWORD) de la sección de datos contienen el código de estado.


System errors:
=============
Error: (11/15/2018 03:09:59 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: El servicio [email protected] se cerró con el siguiente error: 
El formato del extremo no es válido.

Error: (11/15/2018 03:08:57 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: El servicio Avast Cleanup Premium terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 5000 milisegundos: Reiniciar el servicio.

Error: (11/15/2018 03:08:57 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: El servicio Intel(R) Online Connect Access terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 0 milisegundos: Reiniciar el servicio.

Error: (11/15/2018 03:08:57 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: El servicio Intel(R) Online Connect terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 0 milisegundos: Reiniciar el servicio.

Error: (11/15/2018 03:08:57 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: El servicio Adaptador de rendimiento de WMI terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 120000 milisegundos: Reiniciar el servicio.

Error: (11/15/2018 03:08:57 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: El servicio Intel(R) Online Connect Access Legacy CS Loader terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 0 milisegundos: Reiniciar el servicio.

Error: (11/15/2018 03:08:57 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio Intel(R) Dynamic Application Loader Host Interface Service se terminó de manera inesperada. Esto ha sucedido 1 veces.

Error: (11/15/2018 03:08:57 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio Corel License Validation Service V2, Powered by arvato se terminó de manera inesperada. Esto ha sucedido 1 veces.


Windows Defender:
===================================
Date: 2018-11-14 18:50:43.354
Description: 
Antivirus de Windows Defender detectó malware u otro software potencialmente no deseado.
Para obtener más información consulte lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win32/AutoKMS&threatid=2147685180&enterprise=0
Nombre: HackTool:Win32/AutoKMS
Id.: 2147685180
Gravedad: Alta
Categoría: Herramienta
Ruta de acceso: file:_C:\ProgramData\KMSAutoS\bin\KMSSS.exe
Origen de detección: Equipo local
Tipo de detección: Concreto
Fuente de detección: Sistema
Usuario: NT AUTHORITY\SYSTEM
Nombre de proceso: Unknown
Versión de firma: AV: 1.281.118.0, AS: 1.281.118.0, NIS: 1.281.118.0
Versión de motor: AM: 1.1.15400.5, NIS: 1.1.15400.5

Date: 2018-11-14 18:42:51.569
Description: 
Antivirus de Windows Defender detectó malware u otro software potencialmente no deseado.
Para obtener más información consulte lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win32/AutoKMS&threatid=2147685180&enterprise=0
Nombre: HackTool:Win32/AutoKMS
Id.: 2147685180
Gravedad: Media
Categoría: Herramienta
Ruta de acceso: file:_C:\ProgramData\KMSAutoS\bin\KMSSS.exe
Origen de detección: Equipo local
Tipo de detección: Concreto
Fuente de detección: Sistema
Usuario: NT AUTHORITY\SYSTEM
Nombre de proceso: Unknown
Versión de firma: AV: 1.263.113.0, AS: 1.263.113.0, NIS: 1.263.113.0
Versión de motor: AM: 1.1.14600.4, NIS: 1.1.14600.4

Date: 2018-11-14 17:57:40.001
Description: 
Antivirus de Windows Defender detectó malware u otro software potencialmente no deseado.
Para obtener más información consulte lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win32/AutoKMS&threatid=2147685180&enterprise=0
Nombre: HackTool:Win32/AutoKMS
Id.: 2147685180
Gravedad: Media
Categoría: Herramienta
Ruta de acceso: file:_C:\ProgramData\KMSAutoS\bin\KMSSS.exe
Origen de detección: Equipo local
Tipo de detección: Concreto
Fuente de detección: Sistema
Usuario: NT AUTHORITY\SYSTEM
Nombre de proceso: Unknown
Versión de firma: AV: 1.263.113.0, AS: 1.263.113.0, NIS: 1.263.113.0
Versión de motor: AM: 1.1.14600.4, NIS: 1.1.14600.4

Date: 2018-11-14 17:51:37.094
Description: 
Antivirus de Windows Defender detectó malware u otro software potencialmente no deseado.
Para obtener más información consulte lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win32/AutoKMS&threatid=2147685180&enterprise=0
Nombre: HackTool:Win32/AutoKMS
Id.: 2147685180
Gravedad: Media
Categoría: Herramienta
Ruta de acceso: file:_C:\ProgramData\KMSAutoS\bin\KMSSS.exe
Origen de detección: Equipo local
Tipo de detección: Concreto
Fuente de detección: Sistema
Usuario: NT AUTHORITY\SYSTEM
Nombre de proceso: Unknown
Versión de firma: AV: 1.263.113.0, AS: 1.263.113.0, NIS: 1.263.113.0
Versión de motor: AM: 1.1.14600.4, NIS: 1.1.14600.4

Date: 2018-11-14 17:30:21.643
Description: 
Antivirus de Windows Defender detectó malware u otro software potencialmente no deseado.
Para obtener más información consulte lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win32/AutoKMS&threatid=2147685180&enterprise=0
Nombre: HackTool:Win32/AutoKMS
Id.: 2147685180
Gravedad: Media
Categoría: Herramienta
Ruta de acceso: file:_C:\ProgramData\KMSAutoS\bin\KMSSS.exe
Origen de detección: Equipo local
Tipo de detección: Concreto
Fuente de detección: Sistema
Usuario: NT AUTHORITY\SYSTEM
Nombre de proceso: Unknown
Versión de firma: AV: 1.263.113.0, AS: 1.263.113.0, NIS: 1.263.113.0
Versión de motor: AM: 1.1.14600.4, NIS: 1.1.14600.4

Date: 2018-10-08 23:23:27.135
Description: 
Antivirus de Windows Defender encontró un error al intentar actualizar las firmas.
Nueva versión de firma: 
Versión de firma anterior: 1.263.113.0
Origen de actualización: Centro de protección contra malware de Microsoft
Tipo de firma: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\Servicio de red
Versión de motor actual: 
Versión de motor anterior: 1.1.14600.4
Código de error: 0x80072ee7
Descripción del error: No se pudo resolver el nombre de servidor o su dirección 

Date: 2018-10-08 23:23:27.135
Description: 
Antivirus de Windows Defender encontró un error al intentar actualizar las firmas.
Nueva versión de firma: 
Versión de firma anterior: 1.263.113.0
Origen de actualización: Centro de protección contra malware de Microsoft
Tipo de firma: AntiSpyware
Tipo de actualización: Completa
Usuario: NT AUTHORITY\Servicio de red
Versión de motor actual: 
Versión de motor anterior: 1.1.14600.4
Código de error: 0x80072ee7
Descripción del error: No se pudo resolver el nombre de servidor o su dirección 

Date: 2018-10-08 23:23:27.135
Description: 
Antivirus de Windows Defender encontró un error al intentar actualizar las firmas.
Nueva versión de firma: 
Versión de firma anterior: 1.263.113.0
Origen de actualización: Centro de protección contra malware de Microsoft
Tipo de firma: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\Servicio de red
Versión de motor actual: 
Versión de motor anterior: 1.1.14600.4
Código de error: 0x80072ee7
Descripción del error: No se pudo resolver el nombre de servidor o su dirección 

Date: 2018-10-08 23:23:26.573
Description: 
Antivirus de Windows Defender encontró un error al intentar actualizar las firmas.
Nueva versión de firma: 
Versión de firma anterior: 1.263.113.0
Origen de actualización: Servidor de Microsoft Update
Tipo de firma: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\SYSTEM
Versión de motor actual: 
Versión de motor anterior: 1.1.14600.4
Código de error: 0x80240438
Descripción del error: Se produjo un problema inesperado mientras se buscaban actualizaciones. Para obtener más información sobre cómo instalar o solucionar problemas en las actualizaciones, consulte Ayuda y soporte técnico. 

CodeIntegrity:
===================================

Date: 2018-10-22 22:32:29.718
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\ashShA64.dll that did not meet the Microsoft signing level requirements.

Date: 2018-10-22 22:32:29.342
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll that did not meet the Microsoft signing level requirements.

Date: 2018-10-22 22:32:29.339
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll that did not meet the Microsoft signing level requirements.

Date: 2018-10-22 22:32:29.336
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll that did not meet the Microsoft signing level requirements.

Date: 2018-05-15 23:40:10.846
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\AVAST Software\Avast\AvastSvc.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\aswLog.dll that did not meet the security requirements for Shared Sections.

Date: 2018-05-15 23:40:10.846
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\AVAST Software\Avast\AvastSvc.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\Aavm4h.dll that did not meet the security requirements for Shared Sections.

Date: 2018-05-15 23:40:02.790
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\AVAST Software\Avast\AvastSvc.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\aswLog.dll that did not meet the security requirements for Shared Sections.

Date: 2018-05-15 23:40:02.789
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\AVAST Software\Avast\AvastSvc.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\Aavm4h.dll that did not meet the security requirements for Shared Sections.

==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i5-7400 CPU @ 3.00GHz
Percentage of memory in use: 27%
Total physical RAM: 8156.15 MB
Available physical RAM: 5908.38 MB
Total Virtual: 10076.15 MB
Available Virtual: 6343.25 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:149.32 GB) (Free:45.63 GB) NTFS
Drive e: (Datos) (Fixed) (Total:781.25 GB) (Free:509.33 GB) NTFS

\\?\Volume{c35a0d3b-0000-0000-0000-100000000000}\ (Reservado para el sistema) (Fixed) (Total:0.49 GB) (Free:0.45 GB) NTFS
\\?\Volume{c35a0d3b-0000-0000-0000-907325000000}\ () (Fixed) (Total:0.46 GB) (Free:0.07 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: C35A0D3B)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=149.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=468 MB) - (Type=27)
Partition 4: (Not Active) - (Size=781.2 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

#12

Hola.

Ya arregle yo los informes, los habías puesto TODOS mal, NO te leíste las indicaciones. :roll_eyes:

Como sigue tu problema.??


#13

Si lo lei, aún no me acostumbro al foro se me hizo algo tedioso copiar y pegar , x el momento no hizo ese pantallazo, la voy a volver a iniciar más tarde a ver q sucede


#14

Pues APAGA totalmente tu equipo y enciendelo de nuevo para verificar si te vuelve a ocurrir.

Si después de 20 minutos aprox. NO te ocurre realizas un nuevo APAGADO total y compruebas de nuevo para comentarnos.

Saludos.