Bloc de notas/notepad.exe ocupa muchísima memoria

Hola, recientemente he descubierto que mi ordenador mantiene en segundo plano el bloc de notas, sin yo tenerlo abierto, ocupando la friolera de +2GB de memoria, y ya he buscado algo sobre eso diciendo que podría ser un virus etc. Me preguntaba si alguien supiese de alguna manera de solucionarlo. He estado viendo otros temas de compañeros que tienen el mismo problema, en mi caso se mantiene al abrir el admin de tareas y si lo cierro se vuelve abrir al poco, soy consciente de que se ha vuelto a abrir por el ventilador que se vuelve loco.

A continuación dejo algunos datos y fotos que puedan ser de interés:

-El modelo es un portatil MSI GE63 Raider RGB 8SE-032ES Intel Core i7-8750H/16GB/1TB + 256GB SSD/RTX 2060/15.6"

-Los únicos programas que he descargado en el ordenador son relacionados con arquitectura, de la página oficial de Autodesk, y de Adobe, que esos si son de bajados de internet tipos tutoriales de youtube. El único programa aparte de esos es uTorrent, que lo utilizo para descargar películas únicamente.

Muchas gracias de antemano por la ayuda!!

No me deja crear el tema con una imagen así que pongo el link de la imagen del administrador de tareas: https://ibb.co/FshL5gY

Buenas @raja bienvenido al Foro.

Vamos a ver si somos capaces de conseguirlo, esta variante esta siendo muy “peleona”. :face_with_raised_eyebrow:

Para revisar tu maquina, sigue estos pasos, en el orden indicado y leyendo todo lo explicado. :+1:

:one: Desactiva temporalmente el Antivirus :arrow_forward: Cómo deshabilitar temporalmente su Antivirus, mientras estemos realizando TODOS los pasos.

Vamos a descargar en TU ESCRITORIO(y NO en otro lugar :face_with_monocle:) todas las herramientas que vamos a utilizar en este procedimiento (pero no las ejecutes todavía) :


:two: Ejecutas las herramientas de una en una y en el orden indicado :



CCleaner.-

  • Instalas y Ejecutas CCleaner siguiendo los pasos indicados en el manual.

  • Úsalo primero en su opción de Limpiador para borrar cookies, temporales de Internet y todos los archivos que te muestre como obsoletos.

  • Después usa su opción de Registro para limpiar todo el registro de Windows(haciendo copia de seguridad).

Malwarebytes.-

  • Instalas y Ejecutas MBAM siguiendo los pasos indicados en el manual.

  • Realiza un Análisis Personalizado. :white_check_mark:

  • Seleccionando TODOS a Cuarentena para enviarlo a la cuarentena y Reinicias el sistema.

  • En el apartado del programa :arrow_forward: Historial de detecciones :arrow_backward: encontrarás el informe de MBAM, que debes copiar y pegar en tu próxima respuesta, para poder analizarlo.

AdwCleaner.-

  • Ejecuta Adwcleaner.exe.

  • Pulsamos en el botón Analizar ahora, y espera a que se realice el proceso, inmediatamente pulsa siempre sobre el botón Iniciar Reparación.

  • Espera a que se complete y sigue las instrucciones, si te pidiera Reiniciar el sistema Aceptas.

  • El log/informe lo encontramos en la pestaña “Informes”, volviendo a abrir el programa si fuese necesario, para poder copiarlo y pegarlo en tu próxima respuesta.

  • El informe también se puede encontrar en C:\AdwCleaner\Logs\AdwCleaner[C00].txt

Junkware Removal Tool.-

  • Ejecuta JRT.exe.

  • Y pulsar cualquier tecla para continuar, esperar pacientemente a que termine el proceso.

  • Si en algún momento te pide Reiniciar hazlo.

  • Al finalizar, un registro/informe (JRT.txt) se guardara en el escritorio y se abrirá automáticamente.

  • Copia y pega el contenido de JRT.txt en tu próxima respuesta.

Farbar Recovery Scan Tool.-

  • Ejecuta FRST.exe.

  • En el mensaje de la ventana del Disclaimer, pulsamos Yes

  • En la ventana principal pulsamos en el botón Scan y esperamos a que concluya el proceso.

  • Se abrirán dos(2) archivos(Logs), Frst.txt y Addition.txt, estos quedaran grabados en el escritorio.

:three: Poner los informes en tu próxima respuesta de :

  • Malwarebytes, AdwCleaner, JRT, FRST + Addition.txt, y en ese orden. :+1:

Debes copiarlos y pegarlos con todo su contenido y usaras varios mensajes si recibes un mensaje de error indicando que es muy largo(mas de 50.000 caracteres aprox.).

Y nos cuentas como funciona tu equipo en relación al problema planteado. :face_with_monocle:

Saludos Javier.

Hola Javier, muchas gracias por la respuesta, estaba siguiendo los pasos según me has indicado, pero no me deja instalar Malwarebyte, me sale una pequeña ventana diciendo que se ha producido un error y se cierra la instalación. ¿A qué se puede deber?

adjunto foto: https://ibb.co/Gp7PTcV

Hola @raja.

Has tenido en algun momento instalado Malwarebytes en version actual o anteriores…??

En este ordenador jamás, tiene como 3 mese únicamente y no había tenido ningún problema hasta ahora, conseguí instalar el programa al final, y lleva casi 3 horas analizando cosas, no es demasiado? xD

Vale ya está todo hecho, adunto todos los informes en varias respuestas:

Malwarebytes
www.malwarebytes.com

-Detalles del registro-
Fecha del análisis: 14/12/19
Hora del análisis: 18:42
Archivo de registro: 1ea156be-1e99-11ea-93db-00d86106a886.json

-Información del software-
Versión: 4.0.4.49
Versión de los componentes: 1.0.781
Versión del paquete de actualización: 1.0.16168
Licencia: Prueba

-Información del sistema-
SO: Windows 10 (Build 17134.1130)
CPU: x64
Sistema de archivos: NTFS
Usuario: MSI\rjael

-Resumen del análisis-
Tipo de análisis: Análisis personalizado
Análisis iniciado por:: Manual
Resultado: Completado
Objetos analizados: 979016
Amenazas detectadas: 0
Amenazas en cuarentena: 0
Tiempo transcurrido: 2 hr, 59 min, 3 seg

-Opciones de análisis-
Memoria: Activado
Inicio: Activado
Sistema de archivos: Activado
Archivo: Activado
Rootkits: Activado
Heurística: Activado
PUP: Detectar
PUM: Detectar

-Detalles del análisis-
Proceso: 0
(No hay elementos maliciosos detectados)

Módulo: 0
(No hay elementos maliciosos detectados)

Clave del registro: 0
(No hay elementos maliciosos detectados)

Valor del registro: 0
(No hay elementos maliciosos detectados)

Datos del registro: 0
(No hay elementos maliciosos detectados)

Secuencia de datos: 0
(No hay elementos maliciosos detectados)

Carpeta: 0
(No hay elementos maliciosos detectados)

Archivo: 0
(No hay elementos maliciosos detectados)

Sector físico: 0
(No hay elementos maliciosos detectados)

WMI: 0
(No hay elementos maliciosos detectados)


(end)
# -------------------------------
# Malwarebytes AdwCleaner 8.0.0.0
# -------------------------------
# Build:    11-21-2019
# Database: 2019-11-20.1 (Local)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start:    12-14-2019
# Duration: 00:00:13
# OS:       Windows 10 Home
# Scanned:  35226
# Detected: 0


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Preinstalled Software ] *****

No Preinstalled Software found.



########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.4 (07.09.2017)
Operating System: Windows 10 Home x64 
Ran by rjael (Administrator) on 14/12/2019 at 21:48:46,44
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 0 




Registry: 0 





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 14/12/2019 at 21:50:47,76
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

FRST 1º PARTE

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14-12-2019
Ran by rjael (administrator) on MSI (Micro-Star International Co., Ltd. GE63 Raider RGB 8SE) (14-12-2019 21:51:35)
Running from C:\Users\rjael\Desktop
Loaded Profiles: rjael (Available Profiles: rjael)
Platform: Windows 10 Home Version 1803 17134.1130 (X64) Language: Español (España, internacional)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Autodesk, Inc. -> Autodesk Inc.) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe
(Autodesk, Inc. -> Autodesk) C:\Program Files (x86)\Common Files\Autodesk Shared\AdskLicensing\9.2.2.2501\AdskLicensingService\AdskLicensingService.exe
(A-Volute -> Nahimic) C:\Windows\System32\NahimicService.exe
(A-Volute -> Nahimic) C:\Windows\System32\NahimicSvc64.exe
(A-Volute -> Nahimic) C:\Windows\SysWOW64\NahimicSvc32.exe
(Flexera Software LLC -> Flexera Software LLC) C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe
(Flexera Software LLC -> Flexera) C:\Program Files (x86)\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService.exe
(IDSA Production signing key -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe
(IDSA Production signing key -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAUpdateService.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dc_comp.inf_amd64_31c60cc38cfcca28\igfxCUIService.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dc_base.inf_amd64_2546eb804e2c7090\IntelCpHDCPSvc.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dc_base.inf_amd64_2546eb804e2c7090\IntelCpHeciSvc.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iastorac.inf_amd64_5061a185bda56841\RstMwService.exe
(Intel(R) Software Development Products -> ) C:\Program Files\Intel\SUR\QUEENCREEK\SurSvc.exe
(Intel(R) Software Development Products -> ) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv.exe
(Intel(R) Software Development Products -> ) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe
(Intel(R) Software Development Products -> Intel Corporation) C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Micro-Star International Co., Ltd.) [File not signed] C:\Windows\SysWOW64\MSIService.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvmisi.inf_amd64_3857b202135defee\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvmisi.inf_amd64_3857b202135defee\Display.NvContainer\NVDisplay.Container.exe
(Piriform Software Ltd -> Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(PORTRAIT DISPLAYS, INC. -> Portrait Displays, Inc.) C:\Program Files\Portrait Displays\MSI True Color\MsiTrueColorService.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe
(Rivet Networks LLC -> CloudBees, Inc.) C:\Windows\System32\drivers\RivetNetworks\Killer\xTendUtilityService.exe
(Rivet Networks LLC -> Rivet Networks LLC) C:\Windows\System32\drivers\RivetNetworks\Killer\xTendUtility.exe
(Rivet Networks LLC -> Rivet Networks) C:\Windows\System32\drivers\RivetNetworks\Killer\KillerNetworkService.exe
(Robert McNeel and Associates -> Robert McNeel & Associates) C:\Program Files (x86)\McNeelUpdate\5.0\McNeelUpdateService.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPEnhService.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPHelper.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [319520 2018-08-30] (Intel(R) Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [RtkAudUService] => C:\Windows\System32\RtkAudUService64.exe [821320 2018-12-02] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [MsiTrueColor] => C:\Program Files\Portrait Displays\MSI True Color\MsiTrueColor.exe [5870416 2017-11-29] (PORTRAIT DISPLAYS, INC. -> Portrait Displays, Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2872400 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [TabletDriver] => C:\Huion Tablet\Huion Tablet.exe [2821128 2017-06-26] (Shenzhen Huion Animation Technology Co., Ltd. -> HUION Animation Technology Co.,ltd)
HKLM\...\Run: [pac] => C:\Program Files\Autodesk\Personal Accelerator for Revit\RevitAccelerator.exe [223544 2019-05-24] (Autodesk, Inc. -> Autodesk)
HKLM-x32\...\Run: [Autodesk Desktop App] => C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe [665384 2019-12-05] (Autodesk, Inc. -> Autodesk, Inc.)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [1870928 2017-02-17] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Intel Driver & Support Assistant] => C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe [139624 2019-11-14] (IDSA Production signing key -> Intel)
HKU\S-1-5-21-3658204241-1447177482-3472820348-1001\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [886352 2017-02-17] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
HKU\S-1-5-21-3658204241-1447177482-3472820348-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [24552064 2019-12-14] (Piriform Software Ltd -> Piriform Ltd)
HKU\S-1-5-21-3658204241-1447177482-3472820348-1001\...\Policies\Explorer: [] 
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\79.0.3945.79\Installer\chrmstp.exe [2019-12-13] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SteelSeries Engine 3.lnk [2019-10-23]
ShortcutTarget: SteelSeries Engine 3.lnk -> C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesEngine3.exe (SteelSeries ApS -> SteelSeries ApS)
Startup: C:\Users\rjael\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\GenuineService.lnk [2019-09-25]
ShortcutTarget: GenuineService.lnk -> C:\Users\rjael\Autodesk\Genuine Service\GenuineService.exe (Autodesk, Inc. -> Autodesk)

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0A9FB745-DFBA-492E-AD94-B02BB005E4CA} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3301928 2019-10-25] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {2453674A-1808-433D-A5F4-3395BA850740} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
Task: {25A24FC3-3EC5-4358-828F-50E4DF9A5920} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2872400 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {42CA55B6-563D-4346-A7E5-F3791457B250} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1240656 2019-09-10] (Adobe Inc. -> Adobe Systems)
Task: {59F84E0F-4BBF-4E27-86B8-C2D0D33A26EC} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1133368 2019-10-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {5FB8064D-82CD-4E6A-ADD2-230FD137D962} - System32\Tasks\NahimicSvc64Run => C:\Windows\System32\NahimicSvc64.exe [881880 2018-12-02] (A-Volute -> Nahimic)
Task: {60BABB01-5402-45AB-939E-A4DD2C5212E5} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-09-25] (Google Inc -> Google LLC)
Task: {64C50B6A-D370-4830-93BA-9983ED89D346} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [913720 2019-10-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {69816D47-44FE-4C54-ADE7-DE13FED04A9C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-09-25] (Google Inc -> Google LLC)
Task: {779AB554-A29D-42FE-851B-973AE22251AB} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1133368 2019-10-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {7A9A12F2-1ABA-439E-AAA1-90FF8BE02542} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [18744 2019-04-15] (Intel(R) Software Development Products -> Intel Corporation)
Task: {83737BB0-57C4-4A7F-871A-780ACC33D777} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [913720 2019-10-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {84A380C0-BA15-4868-9B23-767DAF5EAB77} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [18744 2019-04-15] (Intel(R) Software Development Products -> Intel Corporation)
Task: {8A3C77AF-983F-4E9A-8B66-76F92C2D5EAF} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-09-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {8fdd1c21-a9ab-4949-a97d-55c623bcd814} - no filepath
Task: {9FBCB88B-2D3F-45C2-8706-C6009C80A5ED} - System32\Tasks\NahimicTask64 => C:\Windows\System32\.\NahimicSvc64.exe [881880 2018-12-02] (A-Volute -> Nahimic)
Task: {A0000C06-4FFA-4387-BA04-DD2F952148CD} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [608384 2019-12-14] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {A7E099CD-A672-43DB-9EFB-D280FDF3B4C8} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1133368 2019-10-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {abc60fae-3d43-4518-9c1c-60db37e10a1a} - no filepath
Task: {B050CE60-A8A6-496E-9063-F58C993FE096} - System32\Tasks\USER_ESRV_SVC_QUEENCREEK => "C:\Windows\System32\Wscript.exe" //B //NoLogo "C:\Program Files\Intel\SUR\QUEENCREEK\x64\task.vbs"
Task: {B2B67354-8C04-492F-B67C-95601DE64469} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [654456 2019-10-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {B3B5762E-6FB9-4A28-A99F-298062FD375A} - System32\Tasks\MSI_Help_Desk_Agent => C:\Program Files (x86)\MSI\Help Desk\MSI Update Agent.exe [433784 2018-09-28] (Micro-Star International CO., LTD. -> Micro-Star International Co., Ltd.)
Task: {BC1F9EC1-2B10-4712-9C15-B843D198E322} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1133368 2019-10-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D1A2B7D3-2F09-4525-8B83-19A7B64E2135} - System32\Tasks\NahimicSvc32Run => C:\Windows\SysWOW64\NahimicSvc32.exe [676568 2018-12-02] (A-Volute -> Nahimic)
Task: {DF33BA8A-7F9C-4090-A224-C000934AADF9} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [18458752 2019-12-14] (Piriform Software Ltd -> Piriform Ltd)
Task: {F2A8ACEA-D2BA-4DAC-A5C0-18F23B431B9F} - System32\Tasks\MSI_Dragon Center => C:\Program Files (x86)\MSI\Dragon Center\Dragon Center.exe [5890344 2018-11-02] (Micro-Star International CO., LTD. -> Micro-Star International Co., Ltd.)
Task: {FAB57BD5-8234-4740-A664-20ED7BA16A2F} - System32\Tasks\Dragon_Center_updater => C:\ProgramData\MSI\Dragon [Argument = Center\DragonCenter_Updater.exe DragonCenter]
Task: {FB8E4E6A-4274-4B7E-B2F8-78CF71FC259E} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-09-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {FC8857D0-DF13-4C3F-AEF2-F77518210E11} - System32\Tasks\NahimicTask32 => C:\Windows\System32\..\SysWOW64\NahimicSvc32.exe [676568 2018-12-02] (A-Volute -> Nahimic)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{4e22d85e-be93-4f4b-aaa3-d2cfaf7c068a}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{a39fa96d-d4a3-4e5c-8898-b488d27ce917}: [DhcpNameServer] 192.168.18.1

Internet Explorer:
==================
HKU\S-1-5-21-3658204241-1447177482-3472820348-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://oem17win10.msn.com/?pc=NMTE
HKU\S-1-5-21-3658204241-1447177482-3472820348-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://oem17win10.msn.com/?pc=NMTE
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2017-02-17] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2017-02-17] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2017-02-17] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2017-02-17] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2017-02-17] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2017-02-17] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)

FireFox:
========
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.[email protected]] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn
FF Extension: (Adobe Acrobat DC - Create PDF) - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn [2019-12-14] [Legacy]
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-01-23] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-14] (Google LLC -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-14] (Google LLC -> Google LLC)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2017-02-17] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-01-23] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin HKU\S-1-5-21-3658204241-1447177482-3472820348-1001: tdameritrade.com/thinkorswim -> C:\Program Files\thinkorswim\npthinkorswim.dll [2019-12-14] (TD Ameritrade -> TD Ameritrade)
FF Plugin HKU\S-1-5-21-3658204241-1447177482-3472820348-1001: tdameritrade.com/tossc -> C:\Program Files\thinkorswim\nptossc.dll [2019-12-14] (TD Ameritrade -> TD Ameritrade)

Chrome: 
=======
CHR HomePage: Default -> hxxp://go.microsoft.com/fwlink/?LinkId=69157
CHR StartupUrls: Default -> "hxxp://www.google.es/"
CHR Profile: C:\Users\rjael\AppData\Local\Google\Chrome\User Data\Default [2019-12-14]
CHR DownloadDir: C:\Users\rjael\Desktop
CHR Extension: (Presentaciones) - C:\Users\rjael\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-09-25]
CHR Extension: (Documentos) - C:\Users\rjael\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-09-25]
CHR Extension: (Google Drive) - C:\Users\rjael\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-09-25]
CHR Extension: (Pop up blocker for Chrome™ - Poper Blocker) - C:\Users\rjael\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkkbcggnhapdmkeljlodobbkopceiche [2019-09-25]
CHR Extension: (YouTube) - C:\Users\rjael\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-09-25]
CHR Extension: (Conversor de Monedas PRO) - C:\Users\rjael\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkpedpjjafnceedhomeijlphmjbblmdj [2019-10-25]
CHR Extension: (Hojas de cálculo) - C:\Users\rjael\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-09-25]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\rjael\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-09-25]
CHR Extension: (AdBlock: el mejor bloqueador de anuncios) - C:\Users\rjael\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2019-12-07]
CHR Extension: (Google Play) - C:\Users\rjael\AppData\Local\Google\Chrome\User Data\Default\Extensions\komhbcfkdcgmcdoenjcjheifdiabikfi [2019-09-25]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\rjael\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-03]
CHR Extension: (Gmail) - C:\Users\rjael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-09-25]
CHR Extension: (Chrome Media Router) - C:\Users\rjael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-12-13]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdAppMgrSvc; C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe [1047416 2019-12-05] (Autodesk, Inc. -> Autodesk Inc.)
R2 AdskLicensingService; C:\Program Files (x86)\Common Files\Autodesk Shared\AdskLicensing\Current\AdskLicensingService\AdskLicensingService.exe [16926864 2019-08-08] (Autodesk, Inc. -> Autodesk)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3147344 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2914896 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 DSAService; C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe [37736 2019-11-14] (IDSA Production signing key -> Intel)
R3 DSAUpdateService; C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAUpdateService.exe [142696 2019-11-14] (IDSA Production signing key -> Intel)
R2 ESRV_SVC_QUEENCREEK; C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe [877368 2019-08-16] (Intel(R) Software Development Products -> )
S3 iaStorAfsService; C:\Windows\System32\iaStorAfsService.exe [2789792 2018-08-27] (Intel(R) Rapid Storage Technology -> Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\SocketHeciServer.exe [762056 2018-05-16] (Intel(R) Trust Services -> Intel(R) Corporation)
S3 Intel(R) SUR QC SAM; C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [18744 2019-04-15] (Intel(R) Software Development Products -> Intel Corporation)
S2 Intel(R) TPM Provisioning Service; C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\TPMProvisioningService.exe [714952 2018-05-16] (Intel(R) Trust Services -> Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [218176 2018-06-07] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation)
R2 Killer Network Service; C:\Windows\System32\drivers\RivetNetworks\Killer\KillerNetworkService.exe [2650928 2018-11-27] (Rivet Networks LLC -> Rivet Networks)
S3 KNDBWMService; C:\Windows\System32\drivers\RivetNetworks\Killer\KNDBWMService.exe [72992 2018-11-27] (Rivet Networks LLC -> CloudBees, Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [6960640 2019-12-14] (Malwarebytes Inc -> Malwarebytes)
R2 McNeelUpdate; C:\Program Files (x86)\McNeelUpdate\5.0\McNeelUpdateService.exe [66416 2018-01-23] (Robert McNeel and Associates -> Robert McNeel & Associates)
R2 Micro Star SCM; C:\Windows\SysWOW64\MSIService.exe [160768 2009-07-10] (Micro-Star International Co., Ltd.) [File not signed]
R2 MSITrueColorService; C:\Program Files\Portrait Displays\MSI True Color\MsiTrueColorService.exe [192848 2017-11-29] (PORTRAIT DISPLAYS, INC. -> Portrait Displays, Inc.)
R2 NahimicService; C:\Windows\System32\NahimicService.exe [1216216 2018-12-02] (A-Volute -> Nahimic)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-09-27] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-09-27] (NVIDIA Corporation -> NVIDIA Corporation)
R2 RstMwService; C:\Windows\System32\DriverStore\FileRepository\iastorac.inf_amd64_5061a185bda56841\RstMwService.exe [1970592 2018-08-27] (Intel(R) Rapid Storage Technology -> Intel Corporation)
R2 RtkAudioUniversalService; C:\Windows\System32\RtkAudUService64.exe [821320 2018-12-02] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
R2 SynTPEnhService; C:\Windows\System32\SynTPEnhService.exe [390696 2018-12-02] (Synaptics Incorporated -> Synaptics Incorporated)
R2 SystemUsageReportSvc_QUEENCREEK; C:\Program Files\Intel\SUR\QUEENCREEK\SurSvc.exe [204088 2019-08-16] (Intel(R) Software Development Products -> )
S3 USER_ESRV_SVC_QUEENCREEK; C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe [877368 2019-08-16] (Intel(R) Software Development Products -> )
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4413440 2019-03-14] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [107160 2019-02-16] (Microsoft Corporation -> Microsoft Corporation)
S2 xTendSoftAPService; C:\Windows\System32\drivers\RivetNetworks\Killer\xTendSoftAPService.exe [73008 2018-11-27] (Rivet Networks LLC -> CloudBees, Inc.)
R2 xTendUtilityService; C:\Windows\System32\drivers\RivetNetworks\Killer\xTendUtilityService.exe [73008 2018-11-27] (Rivet Networks LLC -> CloudBees, Inc.)
R2 NVDisplay.ContainerLocalSystem; C:\Windows\System32\DriverStore\FileRepository\nvmisi.inf_amd64_3857b202135defee\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\Windows\System32\DriverStore\FileRepository\nvmisi.inf_amd64_3857b202135defee\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 BstkDrv_msi2; C:\Program Files (x86)\BlueStacks_msi2\BstkDrv.sys [269408 2018-06-27] (Bluestack Systems, Inc. -> Bluestack System Inc. )
R3 e2xw10x64; C:\Windows\System32\drivers\e2xw10x64.sys [164816 2018-11-26] (Rivet Networks LLC -> Qualcomm Atheros, Inc.)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [153312 2019-12-14] (Malwarebytes Corporation -> Malwarebytes)
R3 iaLPSS2_GPIO2; C:\Windows\System32\drivers\iaLPSS2_GPIO2.sys [123520 2018-05-03] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation)
R0 iaStorAC; C:\Windows\System32\drivers\iaStorAC.sys [1094048 2018-08-27] (Intel(R) Rapid Storage Technology -> Intel Corporation)
S3 iaStorAfs; C:\Windows\System32\drivers\iaStorAfs.sys [74656 2018-08-27] (Intel(R) Rapid Storage Technology -> Intel Corporation)
R3 ibtusb; C:\Windows\System32\DriverStore\FileRepository\ibtusb.inf_amd64_c0c348653dda2299\ibtusb.sys [182432 2018-12-02] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
R3 KfeCoSvc; C:\Windows\System32\drivers\RivetNetworks\Killer\KfeCo10X64.sys [151880 2018-11-27] (Rivet Networks LLC -> Rivet Networks, LLC.)
S3 KillerEth; C:\Windows\System32\drivers\e2xw10x64.sys [164816 2018-11-26] (Rivet Networks LLC -> Qualcomm Atheros, Inc.)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [216544 2019-12-14] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [20936 2019-12-14] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [224408 2019-12-14] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMProtection; C:\Windows\system32\DRIVERS\mbam.sys [73584 2019-12-14] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [278344 2019-12-14] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMWebProtection; C:\Windows\system32\DRIVERS\mwac.sys [116832 2019-12-14] (Malwarebytes Corporation -> Malwarebytes)
R3 Netwtw08; C:\Windows\System32\drivers\Netwtw08.sys [9003984 2018-11-14] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
R3 nvlddmkm; C:\Windows\System32\DriverStore\FileRepository\nvmisi.inf_amd64_3857b202135defee\nvlddmkm.sys [23231744 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30336 2019-07-23] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NVSWCFilter; C:\Windows\System32\drivers\nvswcfilter.sys [36384 2018-12-02] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [69840 2019-04-17] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvhci; C:\Windows\System32\drivers\nvvhci.sys [75600 2019-08-23] (NVIDIA Corporation -> NVIDIA Corporation)
R3 RTSUER; C:\Windows\system32\Drivers\RtsUer.sys [424384 2018-12-02] (Realtek Semiconductor Corp. -> Realsil Semiconductor Corporation)
R3 semav6msr64; C:\Windows\system32\drivers\semav6msr64.sys [41816 2019-08-16] (Intel Corporation -> )
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [47656 2018-12-02] (Synaptics Incorporated -> Synaptics Incorporated)
R3 SmbDrvI; C:\Windows\System32\drivers\Smb_driver_Intel.sys [48168 2018-12-02] (Synaptics Incorporated -> Synaptics Incorporated)
S3 ssbthid; C:\Windows\System32\drivers\ssbthid.sys [43824 2018-11-09] (SteelSeries ApS -> )
R3 ssdevfactory; C:\Windows\System32\drivers\ssdevfactory.sys [46776 2019-05-24] (SteelSeries ApS -> )
R3 sshid; C:\Windows\System32\drivers\sshid.sys [47824 2019-05-24] (SteelSeries ApS -> SteelSeries ApS)
R3 ssps2; C:\Windows\System32\drivers\ssps2.sys [41104 2019-08-29] (SteelSeries ApS -> )
S3 STTub30; C:\Windows\System32\Drivers\STTub30.sys [54104 2018-11-09] (STMicroelectronics -> STMicroelectronics)
R3 UcmCxUcsiNvppc; C:\Windows\System32\drivers\UcmCxUcsiNvppc.sys [715680 2019-09-27] (NVIDIA Corporation -> NVIDIA Corporation)
R3 vmulti; C:\Windows\System32\drivers\vmulti.sys [10752 2014-09-17] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44616 2018-04-12] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [331680 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [44032 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
R3 WINIO; C:\Program Files (x86)\MSI\Dragon Center\winio64.sys [15160 2015-06-12] (Micro-Star Int'l Co. Ltd. -> )

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-12-14 21:51 - 2019-12-14 21:52 - 000032602 _____ C:\Users\rjael\Desktop\FRST.txt
2019-12-14 21:50 - 2019-12-14 21:50 - 000000547 _____ C:\Users\rjael\Desktop\JRT.txt
2019-12-14 21:48 - 2019-12-14 21:50 - 000000000 ____D C:\Users\rjael\AppData\LocalLow\IGDump
2019-12-14 21:47 - 2019-12-14 21:48 - 000001326 _____ C:\Users\rjael\Desktop\AdwCleaner[C00].txt
2019-12-14 21:46 - 2019-12-14 21:46 - 000278344 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2019-12-14 21:46 - 2019-12-14 21:46 - 000224408 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2019-12-14 21:46 - 2019-12-14 21:46 - 000116832 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2019-12-14 21:46 - 2019-12-14 21:46 - 000073584 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2019-12-14 21:44 - 2019-12-14 21:45 - 000000000 ____D C:\AdwCleaner
2019-12-14 21:43 - 2019-12-14 21:43 - 000001542 _____ C:\Users\rjael\Desktop\malwarebytes.txt
2019-12-14 20:56 - 2019-12-14 21:09 - 000000000 ____D C:\Users\rjael\.thinkorswim
2019-12-14 20:55 - 2019-12-14 20:56 - 000000000 ____D C:\Program Files\thinkorswim
2019-12-14 20:55 - 2019-12-14 20:55 - 000001971 _____ C:\Users\Public\Desktop\thinkorswim.lnk
2019-12-14 20:55 - 2019-12-14 20:55 - 000001971 _____ C:\ProgramData\Desktop\thinkorswim.lnk
2019-12-14 20:55 - 2019-12-14 20:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\thinkorswim
2019-12-14 20:39 - 2019-12-14 20:46 - 054390736 _____ (thinkorswim, Inc) C:\Users\rjael\Desktop\thinkorswim_x64_installer.exe
2019-12-14 18:38 - 2019-12-14 18:38 - 000216544 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
2019-12-14 18:38 - 2019-12-14 18:38 - 000153312 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2019-12-14 18:38 - 2019-12-14 18:38 - 000020936 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamElam.sys
2019-12-14 18:38 - 2019-12-14 18:38 - 000002028 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2019-12-14 18:38 - 2019-12-14 18:38 - 000002028 _____ C:\ProgramData\Desktop\Malwarebytes.lnk
2019-12-14 18:38 - 2019-12-14 18:38 - 000000000 ____D C:\Users\rjael\AppData\Local\mbamtray
2019-12-14 18:38 - 2019-12-14 18:38 - 000000000 ____D C:\Users\rjael\AppData\Local\mbam
2019-12-14 18:38 - 2019-12-14 18:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-12-14 18:38 - 2019-12-14 18:38 - 000000000 ____D C:\ProgramData\Malwarebytes
2019-12-14 18:27 - 2019-12-14 18:27 - 001883976 _____ (Malwarebytes) C:\Users\rjael\Desktop\MBSetup-009996.009996.exe
2019-12-14 18:25 - 2019-12-14 18:25 - 000000000 ____D C:\Program Files\Malwarebytes
2019-12-14 18:23 - 2019-12-14 18:23 - 000017536 _____ C:\Users\rjael\Desktop\cc_20191214_182346.reg
2019-12-14 18:16 - 2019-12-14 21:46 - 000000000 ____D C:\Program Files\CCleaner
2019-12-14 18:16 - 2019-12-14 20:19 - 000004210 _____ C:\Windows\system32\Tasks\CCleaner Update
2019-12-14 18:16 - 2019-12-14 18:16 - 000002864 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC
2019-12-14 18:16 - 2019-12-14 18:16 - 000000870 _____ C:\Users\Public\Desktop\CCleaner.lnk
2019-12-14 18:16 - 2019-12-14 18:16 - 000000870 _____ C:\ProgramData\Desktop\CCleaner.lnk
2019-12-14 18:16 - 2019-12-14 18:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2019-12-14 18:13 - 2019-12-14 18:14 - 002264064 _____ (Farbar) C:\Users\rjael\Desktop\FRST64.exe
2019-12-14 18:12 - 2019-12-14 18:12 - 008218800 _____ (Malwarebytes) C:\Users\rjael\Desktop\adwcleaner_8.0.0.exe
2019-12-14 18:12 - 2019-12-14 18:12 - 001790024 _____ (Malwarebytes) C:\Users\rjael\Desktop\JRT.exe
2019-12-14 18:11 - 2019-12-14 18:11 - 025441808 _____ (Piriform Software Ltd) C:\Users\rjael\Desktop\ccsetup562.exe
2019-12-14 17:59 - 2019-12-14 17:59 - 000000000 ____D C:\Users\rjael\Documents\TC
2019-12-14 17:55 - 2019-12-14 21:15 - 000000000 ____D C:\Users\rjael\AppData\Roaming\TC2000v16
2019-12-14 17:55 - 2019-12-14 17:55 - 000001968 _____ C:\Users\rjael\Desktop\TC2000 v19.lnk
2019-12-14 17:55 - 2019-12-14 17:55 - 000000000 ____D C:\Users\rjael\AppData\Roaming\Worden Brothers, Inc
2019-12-14 17:55 - 2019-12-14 17:55 - 000000000 ____D C:\Users\rjael\AppData\Roaming\Microsoft\Windows\Start Menu\TC2000
2019-12-14 17:55 - 2019-12-14 17:55 - 000000000 ____D C:\Users\rjael\AppData\Local\Caphyon
2019-12-14 16:19 - 2019-12-14 21:51 - 000000000 ____D C:\FRST
2019-12-14 13:33 - 2019-12-08 16:30 - 011843728 _____ (NVIDIA Corporation) C:\Windows\system32\nvptxJitCompiler.dll
2019-12-14 13:33 - 2019-12-08 16:30 - 001729232 _____ C:\Windows\system32\vulkaninfo-1-999-0-0-0.exe
2019-12-14 13:33 - 2019-12-08 16:30 - 001729232 _____ C:\Windows\system32\vulkaninfo.exe
2019-12-14 13:33 - 2019-12-08 16:30 - 001329360 _____ C:\Windows\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2019-12-14 13:33 - 2019-12-08 16:30 - 001329360 _____ C:\Windows\SysWOW64\vulkaninfo.exe
2019-12-14 13:33 - 2019-12-08 16:30 - 001078992 _____ C:\Windows\system32\vulkan-1-999-0-0-0.dll
2019-12-14 13:33 - 2019-12-08 16:30 - 001078992 _____ C:\Windows\system32\vulkan-1.dll
2019-12-14 13:33 - 2019-12-08 16:30 - 000937680 _____ C:\Windows\SysWOW64\vulkan-1-999-0-0-0.dll
2019-12-14 13:33 - 2019-12-08 16:30 - 000937680 _____ C:\Windows\SysWOW64\vulkan-1.dll
2019-12-14 13:33 - 2019-12-08 16:30 - 000451440 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2019-12-14 13:33 - 2019-12-08 16:30 - 000352504 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2019-12-14 13:33 - 2019-12-08 16:29 - 010167744 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvptxJitCompiler.dll
2019-12-14 13:33 - 2019-12-08 16:29 - 001001408 _____ (NVIDIA Corporation) C:\Windows\system32\nvml.dll
2019-12-14 13:33 - 2019-12-08 16:29 - 000824256 _____ (NVIDIA Corporation) C:\Windows\system32\nvmcumd.dll
2019-12-14 13:33 - 2019-12-08 16:29 - 000676608 _____ C:\Windows\system32\nvofapi64.dll
2019-12-14 13:33 - 2019-12-08 16:29 - 000545296 _____ C:\Windows\SysWOW64\nvofapi.dll
2019-12-14 13:33 - 2019-12-08 16:28 - 017462400 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2019-12-14 13:33 - 2019-12-08 16:28 - 015030896 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2019-12-14 13:33 - 2019-12-08 16:28 - 005382232 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2019-12-14 13:33 - 2019-12-08 16:28 - 004717656 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2019-12-14 13:33 - 2019-12-08 16:28 - 002076064 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2019-12-14 13:33 - 2019-12-08 16:28 - 001568504 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2019-12-14 13:33 - 2019-12-08 16:28 - 001483712 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2019-12-14 13:33 - 2019-12-08 16:28 - 001371648 _____ (NVIDIA Corporation) C:\Windows\system32\nvfatbinaryLoader.dll
2019-12-14 13:33 - 2019-12-08 16:28 - 001146880 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2019-12-14 13:33 - 2019-12-08 16:28 - 001064840 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvfatbinaryLoader.dll
2019-12-14 13:33 - 2019-12-08 16:28 - 000812800 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2019-12-14 13:33 - 2019-12-08 16:28 - 000684992 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2019-12-14 13:33 - 2019-12-08 16:28 - 000659152 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2019-12-14 13:33 - 2019-12-08 16:28 - 000573176 _____ (NVIDIA Corporation) C:\Windows\system32\nvidia-smi.exe
2019-12-14 13:33 - 2019-12-08 16:28 - 000557072 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2019-12-14 13:33 - 2019-12-08 16:28 - 000452720 _____ (NVIDIA Corporation) C:\Windows\system32\nvdebugdump.exe
2019-12-14 13:33 - 2019-12-08 16:27 - 040510424 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2019-12-14 13:33 - 2019-12-08 16:27 - 035380264 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2019-12-14 13:33 - 2019-12-08 16:27 - 000858712 _____ (NVIDIA Corporation) C:\Windows\system32\MCU.exe
2019-12-14 13:33 - 2019-12-07 05:31 - 000075706 _____ C:\Windows\system32\nvinfo.pb
2019-12-10 12:17 - 2019-12-10 12:17 - 000000000 ____D C:\Users\rjael\Downloads\Fotos TDA
2019-12-04 12:47 - 2019-12-04 12:47 - 003360265 _____ C:\Users\rjael\Downloads\Curriculum (1).pdf
2019-12-04 12:37 - 2019-12-04 12:37 - 003360265 _____ C:\Users\rjael\Downloads\Curriculum.pdf
2019-12-01 10:43 - 2019-12-09 10:05 - 000000000 ____D C:\Jts
2019-12-01 10:43 - 2019-12-01 10:43 - 000000008 ___RH C:\Users\rjael\hwid
2019-12-01 10:43 - 2019-12-01 10:43 - 000000000 ____D C:\Users\rjael\.i4j_jres
2019-12-01 10:43 - 2019-12-01 10:43 - 000000000 ____D C:\ProgramData\Oracle
2019-11-27 10:08 - 2019-11-27 10:08 - 000000000 ____D C:\Users\rjael\Creative Cloud Files
2019-11-26 13:55 - 2019-11-26 13:55 - 000000000 ____D C:\Users\rjael\AppData\Local\dynamoplayer-3
2019-11-26 13:55 - 2019-11-26 13:55 - 000000000 ____D C:\Users\rjael\AppData\Local\Chromium
2019-11-26 09:41 - 2019-12-14 18:22 - 000000346 _____ C:\Users\rjael\Desktop\ECUACIÓN ROUNDDOWN REVIT TABLAS DE PLANIFICACION AREA.txt
2019-11-25 08:54 - 2019-11-25 08:54 - 000228896 _____ C:\Users\rjael\Downloads\eduroam-w10.exe
2019-11-24 19:29 - 2019-11-26 22:10 - 004215445 _____ C:\Users\rjael\Downloads\Curriculum.ai
2019-11-23 08:57 - 2019-11-23 08:57 - 000000000 ____D C:\Windows\system32\Tasks\MEGA
2019-11-22 19:39 - 2019-11-22 19:39 - 000000000 ____D C:\Users\rjael\AppData\Local\Mega Limited
2019-11-22 13:22 - 2019-11-08 08:45 - 000079360 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2019-11-22 13:22 - 2019-11-08 07:03 - 000077824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2019-11-22 13:22 - 2019-11-08 03:30 - 000785776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2019-11-22 13:22 - 2019-10-02 06:04 - 002774120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2019-11-22 13:22 - 2019-10-02 05:47 - 002260928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2019-11-22 13:22 - 2019-10-02 05:14 - 000578048 _____ (Microsoft Corporation) C:\Windows\system32\wpnprv.dll
2019-11-22 13:21 - 2019-11-08 08:44 - 000123392 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2019-11-22 13:21 - 2019-11-08 08:43 - 000046592 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2019-11-22 13:21 - 2019-11-08 08:41 - 000119808 _____ (Microsoft Corporation) C:\Windows\system32\wercplsupport.dll
2019-11-22 13:21 - 2019-11-08 07:00 - 000038912 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2019-11-22 13:21 - 2019-11-08 03:40 - 000060216 _____ (Microsoft Corporation) C:\Windows\system32\hvhostsvc.dll
2019-11-22 13:21 - 2019-11-08 03:39 - 000227848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2019-11-22 13:21 - 2019-11-08 03:38 - 001188000 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2019-11-22 13:21 - 2019-11-08 03:38 - 000605712 _____ (Microsoft Corporation) C:\Windows\system32\securekernel.exe
2019-11-22 13:21 - 2019-11-08 03:38 - 000376120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msrpc.sys
2019-11-22 13:21 - 2019-11-08 03:13 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\udhisapi.dll
2019-11-22 13:21 - 2019-11-08 03:13 - 000055296 _____ (Microsoft Corporation) C:\Windows\system32\msscntrs.dll
2019-11-22 13:21 - 2019-11-08 03:12 - 000159232 _____ (Microsoft Corporation) C:\Windows\system32\dssvc.dll
2019-11-22 13:21 - 2019-11-08 03:12 - 000059392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\udhisapi.dll
2019-11-22 13:21 - 2019-11-08 03:11 - 000074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dtdump.exe
2019-11-22 13:21 - 2019-11-08 03:07 - 000176640 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
2019-11-22 13:21 - 2019-10-02 11:11 - 000045568 _____ (Microsoft Corporation) C:\Windows\system32\compact.exe
2019-11-22 13:21 - 2019-10-02 11:09 - 000177664 _____ (Microsoft Corporation) C:\Windows\system32\prntvpt.dll
2019-11-22 13:21 - 2019-10-02 11:07 - 000899584 _____ (Microsoft Corporation) C:\Windows\system32\uDWM.dll
2019-11-22 13:21 - 2019-10-02 10:12 - 000041472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\compact.exe
2019-11-22 13:21 - 2019-10-02 10:11 - 000145408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\prntvpt.dll
2019-11-22 13:21 - 2019-10-02 06:05 - 000092472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bindflt.sys
2019-11-22 13:21 - 2019-10-02 06:00 - 000036368 _____ (Microsoft Corporation) C:\Windows\system32\DeviceCensus.exe
2019-11-22 13:21 - 2019-10-02 05:51 - 000192312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2019-11-22 13:21 - 2019-10-02 05:50 - 000536832 _____ (Microsoft Corporation) C:\Windows\system32\policymanager.dll
2019-11-22 13:21 - 2019-10-02 05:48 - 000791352 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms2.sys
2019-11-22 13:21 - 2019-10-02 05:48 - 000545808 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2019-11-22 13:21 - 2019-10-02 05:48 - 000413200 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2019-11-22 13:21 - 2019-10-02 05:48 - 000402744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fltMgr.sys
2019-11-22 13:21 - 2019-10-02 05:35 - 000465832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\policymanager.dll
2019-11-22 13:21 - 2019-10-02 05:28 - 000085504 _____ (Microsoft Corporation) C:\Windows\system32\LocationFrameworkInternalPS.dll
2019-11-22 13:21 - 2019-10-02 05:14 - 001222656 _____ (Microsoft Corporation) C:\Windows\system32\NotificationController.dll
2019-11-22 13:21 - 2019-10-02 05:14 - 000328192 _____ (Microsoft Corporation) C:\Windows\system32\AppxAllUserStore.dll
2019-11-22 13:21 - 2019-10-02 05:14 - 000267264 _____ (Microsoft Corporation) C:\Windows\system32\wpnservice.dll
2019-11-22 13:21 - 2019-10-02 05:11 - 000234496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxAllUserStore.dll
2019-11-22 13:21 - 2019-09-13 11:40 - 000402944 _____ (Microsoft Corporation) C:\Windows\system32\bdesvc.dll
2019-11-22 13:21 - 2019-09-13 05:47 - 000275768 _____ (Microsoft Corporation) C:\Windows\system32\browserbroker.dll
2019-11-22 13:21 - 2019-09-13 05:47 - 000081720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\npfs.sys
2019-11-22 13:21 - 2019-09-13 05:47 - 000039736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msfs.sys
2019-11-22 13:21 - 2019-09-13 05:21 - 000097792 _____ (Microsoft Corporation) C:\Windows\system32\usoapi.dll
2019-11-22 13:21 - 2019-09-13 05:21 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\edpnotify.exe
2019-11-22 13:21 - 2019-09-13 05:20 - 000166912 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2019-11-22 13:21 - 2019-09-13 05:17 - 000206336 _____ (Microsoft Corporation) C:\Windows\system32\dpapisrv.dll
2019-11-22 13:21 - 2019-09-13 05:13 - 001154048 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2019-11-22 13:21 - 2019-09-13 05:13 - 000927232 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.dll
2019-11-22 13:21 - 2019-09-13 05:11 - 000735744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsSpellCheckingFacility.dll
2019-11-22 13:20 - 2019-11-08 08:43 - 000110080 _____ (Microsoft Corporation) C:\Windows\system32\AxInstSv.dll
2019-11-22 13:20 - 2019-11-08 08:42 - 000091136 _____ (Microsoft Corporation) C:\Windows\system32\wsqmcons.exe
2019-11-22 13:20 - 2019-11-08 08:40 - 004055552 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2019-11-22 13:20 - 2019-11-08 08:38 - 001364992 _____ (Microsoft Corporation) C:\Windows\system32\bcastdvruserservice.dll
2019-11-22 13:20 - 2019-11-08 08:38 - 000210944 _____ (Microsoft Corporation) C:\Windows\system32\DWWIN.EXE
2019-11-22 13:20 - 2019-11-08 06:57 - 000176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWWIN.EXE
2019-11-22 13:20 - 2019-11-08 06:55 - 004056064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2019-11-22 13:20 - 2019-11-08 03:40 - 000568312 _____ (Microsoft Corporation) C:\Windows\system32\tcblaunch.exe
2019-11-22 13:20 - 2019-11-08 03:38 - 000466744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2019-11-22 13:20 - 2019-11-08 03:22 - 022016000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgehtml.dll
2019-11-22 13:20 - 2019-11-08 03:19 - 025855488 _____ (Microsoft Corporation) C:\Windows\system32\edgehtml.dll
2019-11-22 13:20 - 2019-11-08 03:13 - 000109568 _____ (Microsoft Corporation) C:\Windows\system32\ApiSetHost.AppExecutionAlias.dll
2019-11-22 13:20 - 2019-11-08 03:12 - 000119296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tunnel.sys
2019-11-22 13:20 - 2019-11-08 03:12 - 000082432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ApiSetHost.AppExecutionAlias.dll
2019-11-22 13:20 - 2019-11-08 03:11 - 000032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\werdiagcontroller.dll
2019-11-22 13:20 - 2019-11-08 03:10 - 001827328 _____ (Microsoft Corporation) C:\Windows\system32\Windows.CloudStore.dll
2019-11-22 13:20 - 2019-11-08 03:10 - 000773120 _____ (Microsoft Corporation) C:\Windows\system32\netlogon.dll
2019-11-22 13:20 - 2019-11-08 03:10 - 000452096 _____ (Microsoft Corporation) C:\Windows\system32\upnphost.dll
2019-11-22 13:20 - 2019-11-08 03:09 - 000659456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netlogon.dll
2019-11-22 13:20 - 2019-11-08 03:09 - 000332800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\upnphost.dll
2019-11-22 13:20 - 2019-11-08 03:07 - 000145408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2019-11-22 13:20 - 2019-11-08 01:46 - 000001312 _____ C:\Windows\system32\tcbres.wim
2019-11-22 13:20 - 2019-10-02 11:48 - 000678400 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2019-11-22 13:20 - 2019-10-02 11:47 - 000878592 _____ (Microsoft Corporation) C:\Windows\system32\CPFilters.dll
2019-11-22 13:20 - 2019-10-02 11:45 - 002871608 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2019-11-22 13:20 - 2019-10-02 11:29 - 001517480 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2019-11-22 13:20 - 2019-10-02 11:09 - 000409088 _____ (Microsoft Corporation) C:\Windows\system32\SettingsEnvironment.Desktop.dll
2019-11-22 13:20 - 2019-10-02 10:24 - 001320640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2019-11-22 13:20 - 2019-10-02 09:41 - 000704000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CPFilters.dll
2019-11-22 13:20 - 2019-10-02 09:25 - 000249856 _____ (Gracenote, Inc.) C:\Windows\SysWOW64\gnsdk_fp.dll
2019-11-22 13:20 - 2019-10-02 06:19 - 000374584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pci.sys
2019-11-22 13:20 - 2019-10-02 06:01 - 002468048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2019-11-22 13:20 - 2019-10-02 06:01 - 000491208 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2019-11-22 13:20 - 2019-10-02 06:00 - 000433168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdbss.sys
2019-11-22 13:20 - 2019-10-02 05:49 - 000550512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2019-11-22 13:20 - 2019-10-02 05:48 - 001990056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2019-11-22 13:20 - 2019-10-02 05:48 - 001023800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ClipSp.sys
2019-11-22 13:20 - 2019-10-02 05:40 - 000415544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aepic.dll
2019-11-22 13:20 - 2019-10-02 05:27 - 002126336 _____ (Microsoft Corporation) C:\Windows\system32\LocationFramework.dll
2019-11-22 13:20 - 2019-10-02 05:25 - 000156160 _____ (Microsoft Corporation) C:\Windows\system32\umpo.dll
2019-11-22 13:20 - 2019-10-02 05:23 - 000755712 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Core.TextInput.dll
2019-11-22 13:20 - 2019-10-02 05:22 - 000506368 _____ (Microsoft Corporation) C:\Windows\system32\edgeIso.dll
2019-11-22 13:20 - 2019-10-02 05:18 - 000187904 _____ (Microsoft Corporation) C:\Windows\system32\policymanagerprecheck.dll
2019-11-22 13:20 - 2019-09-13 11:40 - 000351232 _____ (Microsoft Corporation) C:\Windows\system32\Narrator.exe
2019-11-22 13:20 - 2019-09-13 05:48 - 000170296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2019-11-22 13:20 - 2019-09-13 05:20 - 000342528 _____ (Microsoft Corporation) C:\Windows\system32\browserexport.exe
2019-11-22 13:20 - 2019-09-13 05:20 - 000182272 _____ (Microsoft Corporation) C:\Windows\system32\BitLockerCsp.dll
2019-11-22 13:20 - 2019-09-13 05:17 - 000114176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BitLockerCsp.dll
2019-11-22 13:20 - 2019-09-13 05:17 - 000068096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usoapi.dll
2019-11-22 13:20 - 2019-09-13 05:16 - 000311296 _____ (Microsoft Corporation) C:\Windows\system32\WiFiDisplay.dll
2019-11-22 13:20 - 2019-09-13 05:14 - 001809408 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2019-11-22 13:20 - 2019-09-13 05:14 - 000257536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WiFiDisplay.dll
2019-11-22 13:20 - 2019-09-13 05:12 - 001634304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2019-11-22 13:20 - 2019-06-13 12:58 - 000071480 _____ (Microsoft Corporation) C:\Windows\system32\win32appinventorycsp.dll
2019-11-22 13:19 - 2019-11-08 09:20 - 000747320 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2019-11-22 13:19 - 2019-11-08 09:20 - 000638264 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2019-11-22 13:19 - 2019-11-08 09:20 - 000465208 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2019-11-22 13:19 - 2019-11-08 09:01 - 000490136 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2019-11-22 13:19 - 2019-11-08 08:46 - 000064000 _____ (Microsoft Corporation) C:\Windows\system32\iemigplugin.dll
2019-11-22 13:19 - 2019-11-08 08:43 - 000131072 _____ (Microsoft Corporation) C:\Windows\splwow64.exe
2019-11-22 13:19 - 2019-11-08 08:40 - 000593408 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2019-11-22 13:19 - 2019-11-08 06:58 - 000548864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll
2019-11-22 13:19 - 2019-11-08 03:40 - 001224720 _____ (Microsoft Corporation) C:\Windows\system32\hvix64.exe
2019-11-22 13:19 - 2019-11-08 03:40 - 001027600 _____ (Microsoft Corporation) C:\Windows\system32\hvax64.exe
2019-11-22 13:19 - 2019-11-08 03:40 - 000135176 _____ (Microsoft Corporation) C:\Windows\system32\hvloader.dll
2019-11-22 13:19 - 2019-11-08 03:39 - 000249088 _____ (Microsoft Corporation) 

FRST 2º PARTE

C:\Windows\system32\weretw.dll
2019-11-22 13:19 - 2019-11-08 03:38 - 001098056 _____ (Microsoft Corporation) C:\Windows\system32\msvproc.dll
2019-11-22 13:19 - 2019-11-08 03:38 - 000713272 _____ (Microsoft Corporation) C:\Windows\system32\MSVideoDSP.dll
2019-11-22 13:19 - 2019-11-08 03:30 - 001130776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvproc.dll
2019-11-22 13:19 - 2019-11-08 03:30 - 000581256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVideoDSP.dll
2019-11-22 13:19 - 2019-11-08 03:14 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll
2019-11-22 13:19 - 2019-11-08 03:13 - 000069120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\winhvr.sys
2019-11-22 13:19 - 2019-11-08 03:13 - 000051712 _____ (Microsoft Corporation) C:\Windows\system32\TpmTasks.dll
2019-11-22 13:19 - 2019-11-08 03:12 - 000395776 _____ (Microsoft Corporation) C:\Windows\system32\Search.ProtocolHandler.MAPI2.dll
2019-11-22 13:19 - 2019-11-08 03:11 - 000288768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2019-11-22 13:19 - 2019-10-02 11:50 - 002019840 _____ (Microsoft Corporation) C:\Windows\system32\ResetEngine.dll
2019-11-22 13:19 - 2019-10-02 11:46 - 000740864 _____ (Microsoft Corporation) C:\Windows\system32\LogonController.dll
2019-11-22 13:19 - 2019-10-02 11:46 - 000324408 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2019-11-22 13:19 - 2019-10-02 11:45 - 001726264 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2019-11-22 13:19 - 2019-10-02 11:45 - 000811320 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2019-11-22 13:19 - 2019-10-02 11:45 - 000174080 _____ (Microsoft Corporation) C:\Windows\system32\ResetEngOnline.dll
2019-11-22 13:19 - 2019-10-02 11:45 - 000164152 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2019-11-22 13:19 - 2019-10-02 11:34 - 000540984 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2019-11-22 13:19 - 2019-10-02 11:07 - 001262592 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettings.Handlers.dll
2019-11-22 13:19 - 2019-10-02 06:01 - 000722744 _____ (Microsoft Corporation) C:\Windows\system32\wimgapi.dll
2019-11-22 13:19 - 2019-10-02 06:01 - 000527160 _____ (Microsoft Corporation) C:\Windows\system32\wimserv.exe
2019-11-22 13:19 - 2019-10-02 06:01 - 000514576 _____ (Microsoft Corporation) C:\Windows\system32\dcntel.dll
2019-11-22 13:19 - 2019-10-02 06:01 - 000513336 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2019-11-22 13:19 - 2019-10-02 05:49 - 000088016 _____ (Microsoft Corporation) C:\Windows\system32\taskhostw.exe
2019-11-22 13:19 - 2019-10-02 05:48 - 000103736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2019-11-22 13:19 - 2019-10-02 05:28 - 000137728 _____ (Microsoft Corporation) C:\Windows\system32\InputLocaleManager.dll
2019-11-22 13:19 - 2019-10-02 05:28 - 000115200 _____ (Microsoft Corporation) C:\Windows\system32\updatecsp.dll
2019-11-22 13:19 - 2019-10-02 05:26 - 000908800 _____ (Microsoft Corporation) C:\Windows\system32\MSMPEG2ENC.DLL
2019-11-22 13:19 - 2019-10-02 05:26 - 000468480 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2019-11-22 13:19 - 2019-10-02 05:24 - 000857088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSMPEG2ENC.DLL
2019-11-22 13:19 - 2019-10-02 05:24 - 000582144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Core.TextInput.dll
2019-11-22 13:19 - 2019-10-02 05:24 - 000414720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2019-11-22 13:19 - 2019-10-02 05:21 - 000150528 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_BackgroundApps.dll
2019-11-22 13:19 - 2019-10-02 05:19 - 000154112 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_AppExecutionAlias.dll
2019-11-22 13:19 - 2019-10-02 05:19 - 000140288 _____ (Microsoft Corporation) C:\Windows\system32\mdmmigrator.dll
2019-11-22 13:19 - 2019-10-02 05:18 - 000361472 _____ (Microsoft Corporation) C:\Windows\system32\DeviceEnroller.exe
2019-11-22 13:19 - 2019-10-02 05:18 - 000203264 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_CapabilityAccess.dll
2019-11-22 13:19 - 2019-10-02 05:17 - 000302080 _____ (Microsoft Corporation) C:\Windows\system32\dmenterprisediagnostics.dll
2019-11-22 13:19 - 2019-10-02 05:17 - 000271872 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll
2019-11-22 13:19 - 2019-10-02 05:16 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\dwm.exe
2019-11-22 13:19 - 2019-10-02 05:15 - 001023488 _____ (Microsoft Corporation) C:\Windows\system32\ShareHost.dll
2019-11-22 13:19 - 2019-10-02 05:13 - 000663040 _____ (Microsoft Corporation) C:\Windows\system32\ActivationManager.dll
2019-11-22 13:19 - 2019-09-13 11:56 - 000341392 _____ (Microsoft Corporation) C:\Windows\system32\AudioSrvPolicyManager.dll
2019-11-22 13:19 - 2019-09-13 11:44 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2019-11-22 13:19 - 2019-09-13 11:44 - 000124416 _____ (Microsoft Corporation) C:\Windows\system32\musdialoghandlers.dll
2019-11-22 13:19 - 2019-09-13 05:21 - 000041472 _____ (Microsoft Corporation) C:\Windows\system32\UsoClient.exe
2019-11-22 13:19 - 2019-09-13 05:18 - 000273920 _____ (Microsoft Corporation) C:\Windows\system32\WpcTok.exe
2019-11-22 13:19 - 2019-09-13 05:15 - 000504832 _____ (Microsoft Corporation) C:\Windows\system32\NetSetupShim.dll
2019-11-22 13:19 - 2019-09-13 05:15 - 000403456 _____ (Microsoft Corporation) C:\Windows\system32\DavSyncProvider.dll
2019-11-22 13:19 - 2019-09-13 05:13 - 001371136 _____ (Microsoft Corporation) C:\Windows\system32\MiracastReceiver.dll
2019-11-22 13:19 - 2019-09-13 05:12 - 000372736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NetSetupShim.dll
2019-11-22 13:19 - 2019-09-13 05:11 - 000346112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DavSyncProvider.dll
2019-11-22 13:19 - 2019-09-10 08:17 - 023862272 _____ (Microsoft Corporation) C:\Windows\system32\Hydrogen.dll
2019-11-22 13:19 - 2019-08-13 15:42 - 000331776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgeIso.dll
2019-11-22 13:19 - 2019-07-09 04:23 - 001213264 _____ (Microsoft Corporation) C:\Windows\system32\ClipUp.exe
2019-11-22 13:18 - 2019-11-08 09:01 - 000790720 _____ (Microsoft Corporation) C:\Windows\system32\fontdrvhost.exe
2019-11-22 13:18 - 2019-11-08 09:01 - 000396296 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2019-11-22 13:18 - 2019-11-08 09:00 - 001641160 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2019-11-22 13:18 - 2019-11-08 07:15 - 000322576 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2019-11-22 13:18 - 2019-11-08 07:14 - 001628704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2019-11-22 13:18 - 2019-11-08 07:14 - 000662840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontdrvhost.exe
2019-11-22 13:18 - 2019-11-08 03:40 - 000076088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hvservice.sys
2019-11-22 13:18 - 2019-11-08 03:39 - 001960800 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2019-11-22 13:18 - 2019-11-08 03:39 - 000727584 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2019-11-22 13:18 - 2019-11-08 03:39 - 000435728 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2019-11-22 13:18 - 2019-11-08 03:31 - 001658136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2019-11-22 13:18 - 2019-11-08 03:31 - 000379432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2019-11-22 13:18 - 2019-11-08 03:12 - 001308160 _____ (Microsoft Corporation) C:\Windows\system32\MSVPXENC.dll
2019-11-22 13:18 - 2019-11-08 03:12 - 000202752 _____ (Microsoft Corporation) C:\Windows\system32\wersvc.dll
2019-11-22 13:18 - 2019-11-08 03:11 - 000894464 _____ (Microsoft Corporation) C:\Windows\system32\webplatstorageserver.dll
2019-11-22 13:18 - 2019-11-08 03:11 - 000808448 _____ (Microsoft Corporation) C:\Windows\system32\EdgeManager.dll
2019-11-22 13:18 - 2019-11-08 03:11 - 000787456 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll
2019-11-22 13:18 - 2019-11-08 03:10 - 001295360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVPXENC.dll
2019-11-22 13:18 - 2019-11-08 03:10 - 000578560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webplatstorageserver.dll
2019-11-22 13:18 - 2019-11-08 03:07 - 000796672 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
2019-11-22 13:18 - 2019-11-08 03:07 - 000735744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
2019-11-22 13:18 - 2019-10-02 12:14 - 000349216 _____ (Microsoft Corporation) C:\Windows\system32\MusNotifyIcon.exe
2019-11-22 13:18 - 2019-10-02 12:08 - 001047568 _____ (Microsoft Corporation) C:\Windows\system32\ReAgent.dll
2019-11-22 13:18 - 2019-10-02 11:27 - 000117240 _____ (Microsoft Corporation) C:\Windows\system32\OpenWith.exe
2019-11-22 13:18 - 2019-10-02 11:06 - 000599040 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll
2019-11-22 13:18 - 2019-10-02 11:05 - 000544768 _____ (Microsoft Corporation) C:\Windows\system32\VAN.dll
2019-11-22 13:18 - 2019-10-02 10:23 - 000106560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\OpenWith.exe
2019-11-22 13:18 - 2019-10-02 10:08 - 000472576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VAN.dll
2019-11-22 13:18 - 2019-10-02 10:07 - 000486400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll
2019-11-22 13:18 - 2019-10-02 09:53 - 000917816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ReAgent.dll
2019-11-22 13:18 - 2019-10-02 06:02 - 000210448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wof.sys
2019-11-22 13:18 - 2019-10-02 06:02 - 000194352 _____ (Microsoft Corporation) C:\Windows\system32\skci.dll
2019-11-22 13:18 - 2019-10-02 06:00 - 002371504 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2019-11-22 13:18 - 2019-10-02 06:00 - 000039032 _____ (Microsoft Corporation) C:\Windows\system32\NtlmShared.dll
2019-11-22 13:18 - 2019-10-02 05:50 - 000148288 _____ (Microsoft Corporation) C:\Windows\system32\userenv.dll
2019-11-22 13:18 - 2019-10-02 05:50 - 000095224 _____ (Microsoft Corporation) C:\Windows\system32\wldp.dll
2019-11-22 13:18 - 2019-10-02 05:49 - 000769288 _____ (Microsoft Corporation) C:\Windows\system32\taskschd.dll
2019-11-22 13:18 - 2019-10-02 05:49 - 000722744 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_StorageSense.dll
2019-11-22 13:18 - 2019-10-02 05:48 - 002331480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2019-11-22 13:18 - 2019-10-02 05:48 - 000430304 _____ (Microsoft Corporation) C:\Windows\system32\ws2_32.dll
2019-11-22 13:18 - 2019-10-02 05:48 - 000033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NtlmShared.dll
2019-11-22 13:18 - 2019-10-02 05:47 - 000607248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wimgapi.dll
2019-11-22 13:18 - 2019-10-02 05:47 - 000129088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2019-11-22 13:18 - 2019-10-02 05:34 - 000526512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\taskschd.dll
2019-11-22 13:18 - 2019-10-02 05:34 - 000129360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\userenv.dll
2019-11-22 13:18 - 2019-10-02 05:34 - 000081040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wldp.dll
2019-11-22 13:18 - 2019-10-02 05:32 - 000412696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ws2_32.dll
2019-11-22 13:18 - 2019-10-02 05:28 - 002929152 _____ (Microsoft Corporation) C:\Windows\system32\xpsservices.dll
2019-11-22 13:18 - 2019-10-02 05:27 - 000929280 _____ (Microsoft Corporation) C:\Windows\system32\MusUpdateHandlers.dll
2019-11-22 13:18 - 2019-10-02 05:27 - 000487936 _____ (Microsoft Corporation) C:\Windows\system32\MusNotification.exe
2019-11-22 13:18 - 2019-10-02 05:27 - 000369152 _____ (Microsoft Corporation) C:\Windows\system32\MusNotificationUx.exe
2019-11-22 13:18 - 2019-10-02 05:25 - 001862656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xpsservices.dll
2019-11-22 13:18 - 2019-10-02 05:23 - 004938240 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2019-11-22 13:18 - 2019-10-02 05:23 - 004517376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2019-11-22 13:18 - 2019-10-02 05:23 - 000629248 _____ (Microsoft Corporation) C:\Windows\system32\updatehandlers.dll
2019-11-22 13:18 - 2019-10-02 05:22 - 001418240 _____ (Microsoft Corporation) C:\Windows\system32\usocore.dll
2019-11-22 13:18 - 2019-10-02 05:19 - 000002560 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2019-11-22 13:18 - 2019-10-02 05:18 - 000204288 _____ (Microsoft Corporation) C:\Windows\system32\enrollmentapi.dll
2019-11-22 13:18 - 2019-10-02 05:18 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\CoreShellExtFramework.dll
2019-11-22 13:18 - 2019-10-02 05:16 - 000272896 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.AppDefaults.dll
2019-11-22 13:18 - 2019-10-02 05:14 - 001804288 _____ (Microsoft Corporation) C:\Windows\system32\wpncore.dll
2019-11-22 13:18 - 2019-10-02 05:14 - 000523776 _____ (Microsoft Corporation) C:\Windows\system32\dmenrollengine.dll
2019-11-22 13:18 - 2019-10-02 05:14 - 000172544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\enrollmentapi.dll
2019-11-22 13:18 - 2019-10-02 05:14 - 000002560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2019-11-22 13:18 - 2019-10-02 05:13 - 000889344 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2019-11-22 13:18 - 2019-10-02 05:09 - 000537600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ActivationManager.dll
2019-11-22 13:18 - 2019-10-02 05:09 - 000445952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dmenrollengine.dll
2019-11-22 13:18 - 2019-09-13 12:03 - 000586680 _____ (Microsoft Corporation) C:\Windows\system32\AppResolver.dll
2019-11-22 13:18 - 2019-09-13 11:41 - 001644032 _____ (Microsoft Corporation) C:\Windows\system32\Wpc.dll
2019-11-22 13:18 - 2019-09-13 11:41 - 001127936 _____ (Microsoft Corporation) C:\Windows\system32\nettrace.dll
2019-11-22 13:18 - 2019-09-13 11:40 - 001725952 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Immersive.dll
2019-11-22 13:18 - 2019-09-13 11:40 - 000765440 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2019-11-22 13:18 - 2019-09-13 10:18 - 000470512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppResolver.dll
2019-11-22 13:18 - 2019-09-13 10:01 - 001300480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wpc.dll
2019-11-22 13:18 - 2019-09-13 10:01 - 000622592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2019-11-22 13:18 - 2019-09-13 10:00 - 001530880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Immersive.dll
2019-11-22 13:18 - 2019-09-13 05:58 - 007900880 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2019-11-22 13:18 - 2019-09-13 05:56 - 005821448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2019-11-22 13:18 - 2019-09-13 05:49 - 000274792 _____ (Microsoft Corporation) C:\Windows\system32\LsaIso.exe
2019-11-22 13:18 - 2019-09-13 05:48 - 000710240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2019-11-22 13:18 - 2019-09-13 05:21 - 000100352 _____ (Microsoft Corporation) C:\Windows\system32\fveskybackup.dll
2019-11-22 13:18 - 2019-09-13 05:19 - 000514560 _____ (Microsoft Corporation) C:\Windows\system32\nltest.exe
2019-11-22 13:18 - 2019-09-13 05:18 - 000567808 _____ (Microsoft Corporation) C:\Windows\system32\daxexec.dll
2019-11-22 13:18 - 2019-09-13 05:17 - 000761344 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2019-11-22 13:18 - 2019-09-13 05:16 - 000910336 _____ (Microsoft Corporation) C:\Windows\system32\WpcWebFilter.dll
2019-11-22 13:18 - 2019-09-13 05:15 - 002913792 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2019-11-22 13:18 - 2019-09-13 05:15 - 000840192 _____ (Microsoft Corporation) C:\Windows\system32\WpcRefreshTask.dll
2019-11-22 13:18 - 2019-09-13 05:14 - 001854976 _____ (Microsoft Corporation) C:\Windows\system32\wevtsvc.dll
2019-11-22 13:18 - 2019-09-13 05:14 - 000602112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2019-11-22 13:18 - 2019-09-13 05:14 - 000392704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\daxexec.dll
2019-11-22 13:18 - 2019-09-13 05:13 - 000910848 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2019-11-22 13:18 - 2019-09-13 05:12 - 000627712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WpcWebFilter.dll
2019-11-22 13:18 - 2019-09-13 05:11 - 000979456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MiracastReceiver.dll
2019-11-22 13:18 - 2019-09-13 05:11 - 000782336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2019-11-22 13:17 - 2019-11-08 09:00 - 001632320 _____ (Microsoft Corporation) C:\Windows\system32\gdi32full.dll
2019-11-22 13:17 - 2019-11-08 09:00 - 001616608 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll
2019-11-22 13:17 - 2019-11-08 08:43 - 012835328 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2019-11-22 13:17 - 2019-11-08 08:40 - 003614720 _____ (Microsoft Corporation) C:\Windows\system32\win32kfull.sys
2019-11-22 13:17 - 2019-11-08 08:38 - 001289216 _____ (Microsoft Corporation) C:\Windows\system32\werconcpl.dll
2019-11-22 13:17 - 2019-11-08 08:38 - 000488960 _____ (Microsoft Corporation) C:\Windows\system32\werui.dll
2019-11-22 13:17 - 2019-11-08 07:16 - 001453624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32full.dll
2019-11-22 13:17 - 2019-11-08 07:00 - 012036096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2019-11-22 13:17 - 2019-11-08 06:56 - 002882048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32kfull.sys
2019-11-22 13:17 - 2019-11-08 06:56 - 000425984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\werui.dll
2019-11-22 13:17 - 2019-11-08 06:02 - 001008640 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.MixedRealityCapture.dll
2019-11-22 13:17 - 2019-11-08 03:42 - 001035040 _____ (Microsoft Corporation) C:\Windows\system32\ApplyTrustOffline.exe
2019-11-22 13:17 - 2019-11-08 03:40 - 005627280 _____ (Microsoft Corporation) C:\Windows\system32\StartTileData.dll
2019-11-22 13:17 - 2019-11-08 03:39 - 000776792 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2019-11-22 13:17 - 2019-11-08 03:39 - 000500752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2019-11-22 13:17 - 2019-11-08 03:39 - 000494904 _____ (Microsoft Corporation) C:\Windows\system32\WerFault.exe
2019-11-22 13:17 - 2019-11-08 03:39 - 000440768 _____ (Microsoft Corporation) C:\Windows\system32\Faultrep.dll
2019-11-22 13:17 - 2019-11-08 03:39 - 000209936 _____ (Microsoft Corporation) C:\Windows\system32\wermgr.exe
2019-11-22 13:17 - 2019-11-08 03:39 - 000159864 _____ (Microsoft Corporation) C:\Windows\system32\WerFaultSecure.exe
2019-11-22 13:17 - 2019-11-08 03:38 - 009080120 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2019-11-22 13:17 - 2019-11-08 03:38 - 007519896 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Protection.PlayReady.dll
2019-11-22 13:17 - 2019-11-08 03:38 - 007447904 _____ (Microsoft Corporation) C:\Windows\system32\windows.storage.dll
2019-11-22 13:17 - 2019-11-08 03:38 - 002711352 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2019-11-22 13:17 - 2019-11-08 03:38 - 002571336 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2019-11-22 13:17 - 2019-11-08 03:38 - 001459328 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2019-11-22 13:17 - 2019-11-08 03:38 - 001260776 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2019-11-22 13:17 - 2019-11-08 03:38 - 001141712 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2019-11-22 13:17 - 2019-11-08 03:38 - 000983936 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2019-11-22 13:17 - 2019-11-08 03:32 - 000435216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFault.exe
2019-11-22 13:17 - 2019-11-08 03:32 - 000385272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Faultrep.dll
2019-11-22 13:17 - 2019-11-08 03:32 - 000191800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wermgr.exe
2019-11-22 13:17 - 2019-11-08 03:32 - 000146920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFaultSecure.exe
2019-11-22 13:17 - 2019-11-08 03:31 - 006053808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\windows.storage.dll
2019-11-22 13:17 - 2019-11-08 03:31 - 000665432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2019-11-22 13:17 - 2019-11-08 03:30 - 006570576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-11-22 13:17 - 2019-11-08 03:30 - 001979960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2019-11-22 13:17 - 2019-11-08 03:17 - 022736384 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2019-11-22 13:17 - 2019-11-08 03:16 - 006661632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2019-11-22 13:17 - 2019-11-08 03:15 - 019386368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2019-11-22 13:17 - 2019-11-08 03:15 - 008189440 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2019-11-22 13:17 - 2019-11-08 03:14 - 004383232 _____ (Microsoft Corporation) C:\Windows\system32\EdgeContent.dll
2019-11-22 13:17 - 2019-11-08 03:13 - 003403264 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll
2019-11-22 13:17 - 2019-11-08 03:13 - 002700288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2019-11-22 13:17 - 2019-11-08 03:12 - 000227328 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe
2019-11-22 13:17 - 2019-11-08 03:11 - 007573504 _____ (Microsoft Corporation) C:\Windows\system32\Chakra.dll
2019-11-22 13:17 - 2019-11-08 03:11 - 003392000 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2019-11-22 13:17 - 2019-11-08 03:10 - 005769728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakra.dll
2019-11-22 13:17 - 2019-11-08 03:10 - 003091968 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2019-11-22 13:17 - 2019-11-08 03:10 - 002258944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2019-11-22 13:17 - 2019-11-08 03:10 - 000608768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EdgeManager.dll
2019-11-22 13:17 - 2019-11-08 03:09 - 002738688 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2019-11-22 13:17 - 2019-11-08 03:09 - 002179072 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.onecore.dll
2019-11-22 13:17 - 2019-11-08 03:09 - 001920512 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2019-11-22 13:17 - 2019-11-08 03:08 - 003203072 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2019-11-22 13:17 - 2019-11-08 03:08 - 002603008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2019-11-22 13:17 - 2019-11-08 03:08 - 002166272 _____ (Microsoft Corporation) C:\Windows\system32\win32kbase.sys
2019-11-22 13:17 - 2019-11-08 03:08 - 001563648 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.desktop.dll
2019-11-22 13:17 - 2019-11-08 03:08 - 001058304 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2019-11-22 13:17 - 2019-11-08 03:08 - 000856576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2019-11-22 13:17 - 2019-11-08 03:07 - 000783360 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2019-11-22 13:17 - 2019-11-08 03:07 - 000673792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2019-11-22 13:17 - 2019-11-08 03:07 - 000545792 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2019-11-22 13:17 - 2019-11-08 03:07 - 000532992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2019-11-22 13:17 - 2019-11-08 03:07 - 000406528 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2019-11-22 13:17 - 2019-11-08 03:07 - 000345088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2019-11-22 13:17 - 2019-11-05 08:09 - 000868864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.MixedRealityCapture.dll
2019-11-22 13:17 - 2019-11-01 03:10 - 001312256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjet40.dll
2019-11-22 13:17 - 2019-10-02 12:10 - 004527072 _____ (Microsoft Corporation) C:\Windows\system32\sppsvc.exe
2019-11-22 13:17 - 2019-10-02 12:08 - 002394960 _____ (Microsoft Corporation) C:\Windows\system32\WMVCORE.DLL
2019-11-22 13:17 - 2019-10-02 11:53 - 004852736 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_nt.dll
2019-11-22 13:17 - 2019-10-02 11:52 - 008627200 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2019-11-22 13:17 - 2019-10-02 11:50 - 000810496 _____ C:\Windows\system32\MBR2GPT.EXE
2019-11-22 13:17 - 2019-10-02 11:48 - 000625152 _____ (Microsoft Corporation) C:\Windows\system32\BootMenuUX.dll
2019-11-22 13:17 - 2019-10-02 11:47 - 000957440 _____ (Microsoft Corporation) C:\Windows\system32\sppcext.dll
2019-11-22 13:17 - 2019-10-02 11:45 - 001180672 _____ (Microsoft Corporation) C:\Windows\system32\reseteng.dll
2019-11-22 13:17 - 2019-10-02 11:34 - 004098912 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2019-11-22 13:17 - 2019-10-02 11:28 - 021411976 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2019-11-22 13:17 - 2019-10-02 11:13 - 013572096 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2019-11-22 13:17 - 2019-10-02 11:13 - 006594048 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2019-11-22 13:17 - 2019-10-02 11:12 - 004718080 _____ (Microsoft Corporation) C:\Windows\system32\twinui.pcshell.dll
2019-11-22 13:17 - 2019-10-02 11:09 - 000347136 _____ (Microsoft Corporation) C:\Windows\system32\AcGenral.dll
2019-11-22 13:17 - 2019-10-02 11:06 - 000672768 _____ (Microsoft Corporation) C:\Windows\system32\sud.dll
2019-11-22 13:17 - 2019-10-02 10:22 - 020402960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2019-11-22 13:17 - 2019-10-02 10:22 - 003751824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2019-11-22 13:17 - 2019-10-02 10:16 - 005662720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2019-11-22 13:17 - 2019-10-02 10:11 - 012500992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2019-11-22 13:17 - 2019-10-02 10:07 - 000645632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sud.dll
2019-11-22 13:17 - 2019-10-02 10:06 - 002406912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AcGenral.dll
2019-11-22 13:17 - 2019-10-02 09:52 - 002206424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVCORE.DLL
2019-11-22 13:17 - 2019-10-02 09:44 - 007991296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2019-11-22 13:17 - 2019-10-02 09:41 - 000901120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sppcext.dll
2019-11-22 13:17 - 2019-10-02 06:21 - 002417744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2019-11-22 13:17 - 2019-10-02 06:20 - 003180080 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2019-11-22 13:17 - 2019-10-02 06:02 - 004404720 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
2019-11-22 13:17 - 2019-10-02 06:01 - 001288928 _____ (Microsoft Corporation) C:\Windows\system32\mfmpeg2srcsnk.dll
2019-11-22 13:17 - 2019-10-02 05:59 - 001784696 _____ (Microsoft Corporation) C:\Windows\system32\mfasfsrcsnk.dll
2019-11-22 13:17 - 2019-10-02 05:59 - 000930616 _____ (Microsoft Corporation) C:\Windows\system32\WWAHost.exe
2019-11-22 13:17 - 2019-10-02 05:59 - 000260800 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2019-11-22 13:17 - 2019-10-02 05:58 - 000795360 _____ (Microsoft Corporation) C:\Windows\system32\pkeyhelper.dll
2019-11-22 13:17 - 2019-10-02 05:50 - 006979128 _____ (Microsoft Corporation) C:\Windows\system32\OneCoreUAPCommonProxyStub.dll
2019-11-22 13:17 - 2019-10-02 05:49 - 002810680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2019-11-22 13:17 - 2019-10-02 05:49 - 001662480 _____ (Microsoft Corporation) C:\Windows\system32\ContentDeliveryManager.Utilities.dll
2019-11-22 13:17 - 2019-10-02 05:48 - 002421776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2019-11-22 13:17 - 2019-10-02 05:48 - 001922056 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\refs.sys
2019-11-22 13:17 - 2019-10-02 05:47 - 004789944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll
2019-11-22 13:17 - 2019-10-02 05:47 - 001380312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfasfsrcsnk.dll
2019-11-22 13:17 - 2019-10-02 05:47 - 001020280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmpeg2srcsnk.dll
2019-11-22 13:17 - 2019-10-02 05:47 - 000829752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe
2019-11-22 13:17 - 2019-10-02 05:33 - 003330880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\OneCoreUAPCommonProxyStub.dll
2019-11-22 13:17 - 2019-10-02 05:33 - 001254712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ContentDeliveryManager.Utilities.dll
2019-11-22 13:17 - 2019-10-02 05:28 - 004771840 _____ (Microsoft Corporation) C:\Windows\system32\InputService.dll
2019-11-22 13:17 - 2019-10-02 05:27 - 003554304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InputService.dll
2019-11-22 13:17 - 2019-10-02 05:26 - 016598528 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2019-11-22 13:17 - 2019-10-02 05:25 - 001540096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpserverbase.dll
2019-11-22 13:17 - 2019-10-02 05:23 - 001724928 _____ (Microsoft Corporation) C:\Windows\system32\rdpserverbase.dll
2019-11-22 13:17 - 2019-10-02 05:22 - 001110016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthport.sys
2019-11-22 13:17 - 2019-10-02 05:21 - 013878784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2019-11-22 13:17 - 2019-10-02 05:20 - 001647616 _____ (Microsoft Corporation) C:\Windows\system32\enterprisecsps.dll
2019-11-22 13:17 - 2019-10-02 05:16 - 002379264 _____ (Microsoft Corporation) C:\Windows\system32\WebRuntimeManager.dll
2019-11-22 13:17 - 2019-10-02 05:16 - 001676800 _____ (Microsoft Corporation) C:\Windows\system32\CoreShell.dll
2019-11-22 13:17 - 2019-10-02 05:16 - 000277504 _____ (Microsoft Corporation) C:\Windows\system32\ComposableShellProxyStub.dll
2019-11-22 13:17 - 2019-10-02 05:15 - 000517632 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_Notifications.dll
2019-11-22 13:17 - 2019-10-02 05:11 - 000848384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ShareHost.dll
2019-11-22 13:17 - 2019-10-02 05:10 - 000134656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ComposableShellProxyStub.dll
2019-11-22 13:17 - 2019-09-13 11:57 - 001375456 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2019-11-22 13:17 - 2019-09-13 11:40 - 000806400 _____ (Microsoft Corporation) C:\Windows\system32\fvewiz.dll
2019-11-22 13:17 - 2019-09-13 11:40 - 000326656 _____ (Microsoft Corporation) C:\Windows\system32\fvecpl.dll
2019-11-22 13:17 - 2019-09-13 11:39 - 002085888 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2019-11-22 13:17 - 2019-09-13 11:39 - 000305664 _____ (Microsoft Corporation) C:\Windows\system32\fveui.dll
2019-11-22 13:17 - 2019-09-13 10:17 - 001026280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2019-11-22 13:17 - 2019-09-13 09:59 - 002017280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2019-11-22 13:17 - 2019-09-13 05:58 - 001613096 _____ (Microsoft Corporation) C:\Windows\system32\D3D12.dll
2019-11-22 13:17 - 2019-09-13 05:56 - 001299472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3D12.dll
2019-11-22 13:17 - 2019-09-13 05:48 - 003290584 _____ (Microsoft Corporation) C:\Windows\system32\combase.dll
2019-11-22 13:17 - 2019-09-13 05:48 - 001363536 _____ (Microsoft Corporation) C:\Windows\system32\WinTypes.dll
2019-11-22 13:17 - 2019-09-13 05:47 - 001947168 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2019-11-22 13:17 - 2019-09-13 05:36 - 002478152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\combase.dll
2019-11-22 13:17 - 2019-09-13 05:35 - 001559272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2019-11-22 13:17 - 2019-09-13 05:17 - 003148288 _____ (Microsoft Corporation) C:\Windows\system32\CertEnroll.dll
2019-11-22 13:17 - 2019-09-13 05:15 - 001549824 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2019-11-22 13:17 - 2019-09-13 05:15 - 000357888 _____ (Microsoft Corporation) C:\Windows\system32\fveapibase.dll
2019-11-22 13:17 - 2019-09-13 05:13 - 002893312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CertEnroll.dll
2019-11-22 13:17 - 2019-09-13 05:13 - 000845824 _____ (Microsoft Corporation) C:\Windows\system32\fveapi.dll
2019-11-22 13:17 - 2019-09-13 05:12 - 000312320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fveapibase.dll
2019-11-22 13:17 - 2019-09-13 05:11 - 000667136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fveapi.dll
2019-11-22 13:17 - 2019-09-10 08:16 - 019525632 _____ (Microsoft Corporation) C:\Windows\system32\HologramCompositor.dll
2019-11-22 13:17 - 2019-09-10 02:20 - 000353792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrd3x40.dll
2019-11-22 13:17 - 2019-09-10 02:20 - 000241152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msltus40.dll
2019-11-21 20:44 - 2019-11-21 20:45 - 000000000 ____D C:\Users\rjael\Downloads\curriculum dos
2019-11-20 21:21 - 2019-11-20 22:02 - 000000000 ____D C:\Windows\system32\Tasks\Remediation
2019-11-20 19:43 - 2019-11-20 19:43 - 000000152 _____ C:\Windows\ODBC.INI
2019-11-20 19:42 - 2019-11-20 19:42 - 000000185 _____ C:\Windows\ODBCINST.INI
2019-11-20 19:40 - 2019-11-20 19:40 - 000000000 ____D C:\Program Files\NREL
2019-11-20 16:57 - 2019-12-08 16:27 - 004224176 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-12-14 21:51 - 2019-10-19 20:58 - 000003834 _____ C:\Windows\system32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473
2019-12-14 21:50 - 2018-08-08 16:39 - 000760282 _____ C:\Windows\system32\perfh019.dat
2019-12-14 21:50 - 2018-08-08 16:39 - 000151640 _____ C:\Windows\system32\perfc019.dat
2019-12-14 21:50 - 2018-08-08 16:37 - 000766396 _____ C:\Windows\system32\prfh0816.dat
2019-12-14 21:50 - 2018-08-08 16:37 - 000152334 _____ C:\Windows\system32\prfc0816.dat
2019-12-14 21:50 - 2018-08-08 16:34 - 000776132 _____ C:\Windows\system32\perfh013.dat
2019-12-14 21:50 - 2018-08-08 16:34 - 000154220 _____ C:\Windows\system32\perfc013.dat
2019-12-14 21:50 - 2018-08-08 16:29 - 000769006 _____ C:\Windows\system32\perfh010.dat
2019-12-14 21:50 - 2018-08-08 16:29 - 000145974 _____ C:\Windows\system32\perfc010.dat
2019-12-14 21:50 - 2018-08-08 16:27 - 000780144 _____ C:\Windows\system32\perfh00C.dat
2019-12-14 21:50 - 2018-08-08 16:27 - 000149674 _____ C:\Windows\system32\perfc00C.dat
2019-12-14 21:50 - 2018-08-08 16:23 - 000788962 _____ C:\Windows\system32\perfh00A.dat
2019-12-14 21:50 - 2018-08-08 16:23 - 000156056 _____ C:\Windows\system32\perfc00A.dat
2019-12-14 21:50 - 2018-08-08 16:21 - 000542680 _____ C:\Windows\system32\perfh008.dat
2019-12-14 21:50 - 2018-08-08 16:21 - 000089036 _____ C:\Windows\system32\perfc008.dat
2019-12-14 21:50 - 2018-08-08 16:19 - 000731834 _____ C:\Windows\system32\perfh007.dat
2019-12-14 21:50 - 2018-08-08 16:19 - 000149982 _____ C:\Windows\system32\perfc007.dat
2019-12-14 21:50 - 2018-08-08 16:02 - 007886488 _____ C:\Windows\system32\PerfStringBackup.INI
2019-12-14 21:50 - 2018-04-12 00:36 - 000000000 ____D C:\Windows\INF
2019-12-14 21:49 - 2019-09-25 12:38 - 000003152 _____ C:\Windows\system32\Tasks\NahimicSvc64Run
2019-12-14 21:49 - 2019-09-25 12:38 - 000003152 _____ C:\Windows\system32\Tasks\NahimicSvc32Run
2019-12-14 21:49 - 2018-12-03 23:56 - 000000000 ____D C:\ProgramData\NVIDIA
2019-12-14 21:48 - 2019-10-19 23:19 - 000013887 _____ C:\ProgramData\NVDisplayContainerWatchdog.log_backup1
2019-12-14 21:47 - 2019-09-25 13:08 - 000000000 ____D C:\ProgramData\Autodesk
2019-12-14 21:46 - 2019-11-05 20:18 - 000001207 _____ C:\ProgramData\NvcDispCorePlugin.log_backup1
2019-12-14 21:46 - 2019-10-28 18:20 - 000011007 _____ C:\ProgramData\DisplaySessionContainer1.log_backup1
2019-12-14 21:46 - 2019-10-19 23:19 - 000011625 _____ C:\ProgramData\NVDisplay.ContainerLocalSystem.log_backup1
2019-12-14 21:46 - 2019-09-25 12:38 - 000003112 _____ C:\Windows\system32\Tasks\NahimicTask32
2019-12-14 21:46 - 2019-09-25 12:38 - 000003092 _____ C:\Windows\system32\Tasks\NahimicTask64
2019-12-14 21:46 - 2019-09-25 12:38 - 000000000 __SHD C:\Users\rjael\IntelGraphicsProfiles
2019-12-14 21:46 - 2018-08-08 15:57 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-12-14 21:46 - 2018-04-12 00:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-12-14 21:45 - 2018-04-11 22:04 - 000786432 _____ C:\Windows\system32\config\BBI
2019-12-14 21:34 - 2019-10-27 11:10 - 000000000 ____D C:\Users\rjael\AppData\Roaming\Visual Studio Setup
2019-12-14 21:34 - 2018-08-10 04:19 - 000000000 ____D C:\Program Files (x86)\MSBuild
2019-12-14 21:32 - 2019-09-26 10:15 - 000000000 ____D C:\ProgramData\SketchUp
2019-12-14 21:31 - 2019-09-26 11:02 - 000000000 ____D C:\Program Files\Common Files\Adobe
2019-12-14 21:31 - 2019-09-26 11:02 - 000000000 ____D C:\Program Files\Adobe
2019-12-14 21:31 - 2019-09-25 12:38 - 000000000 ____D C:\Users\rjael\AppData\Roaming\Adobe
2019-12-14 21:19 - 2019-09-25 13:32 - 000000000 ____D C:\Users\rjael\AppData\Local\CrashDumps
2019-12-14 20:56 - 2019-09-25 12:34 - 000000000 ____D C:\Users\rjael
2019-12-14 20:34 - 2018-08-08 15:56 - 000000000 ____D C:\Windows\system32\SleepStudy
2019-12-14 18:38 - 2019-10-07 13:27 - 000000000 ____D C:\Users\rjael\AppData\Local\cache
2019-12-14 18:38 - 2018-04-12 00:38 - 000000000 ___HD C:\Windows\ELAMBKUP
2019-12-14 18:19 - 2018-08-08 16:55 - 000000000 ____D C:\Windows\Panther
2019-12-14 18:11 - 2019-10-03 12:41 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2019-12-14 18:11 - 2019-10-03 12:41 - 000000000 ___HD C:\ProgramData\Documents\AdobeGCData
2019-12-14 15:40 - 2019-11-02 18:40 - 000000000 ____D C:\Users\rjael\AppData\LocalLow\uTorrent
2019-12-14 15:40 - 2019-10-26 22:27 - 000000000 ____D C:\Users\rjael\AppData\Local\BitTorrentHelper
2019-12-14 15:37 - 2019-09-25 12:38 - 000000000 ___RD C:\Users\rjael\3D Objects
2019-12-14 15:37 - 2018-08-08 15:58 - 000000000 __RHD C:\Users\Public\AccountPictures
2019-12-14 15:37 - 2018-04-12 00:38 - 000000000 ____D C:\Windows\AppReadiness
2019-12-14 15:34 - 2018-08-08 15:56 - 000389592 _____ C:\Windows\system32\FNTCACHE.DAT
2019-12-14 15:33 - 2018-04-12 00:38 - 000017800 _____ C:\Windows\system32\OEMDefaultAssociations.xml
2019-12-14 15:33 - 2018-04-12 00:38 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2019-12-14 15:33 - 2018-04-12 00:38 - 000000000 ____D C:\Windows\TextInput
2019-12-14 15:33 - 2018-04-12 00:38 - 000000000 ____D C:\Windows\SysWOW64\oobe
2019-12-14 15:33 - 2018-04-12 00:38 - 000000000 ____D C:\Windows\SysWOW64\lv-LV
2019-12-14 15:33 - 2018-04-12 00:38 - 000000000 ____D C:\Windows\SysWOW64\lt-LT
2019-12-14 15:33 - 2018-04-12 00:38 - 000000000 ____D C:\Windows\SysWOW64\et-EE
2019-12-14 15:33 - 2018-04-12 00:38 - 000000000 ____D C:\Windows\SysWOW64\Dism
2019-12-14 15:33 - 2018-04-12 00:38 - 000000000 ____D C:\Windows\system32\SystemResetPlatform
2019-12-14 15:33 - 2018-04-12 00:38 - 000000000 ____D C:\Windows\system32\oobe
2019-12-14 15:33 - 2018-04-12 00:38 - 000000000 ____D C:\Windows\system32\lv-LV
2019-12-14 15:33 - 2018-04-12 00:38 - 000000000 ____D C:\Windows\system32\lt-LT
2019-12-14 15:33 - 2018-04-12 00:38 - 000000000 ____D C:\Windows\system32\et-EE
2019-12-14 15:33 - 2018-04-12 00:38 - 000000000 ____D C:\Windows\system32\appraiser
2019-12-14 15:33 - 2018-04-12 00:38 - 000000000 ____D C:\Windows\ShellExperiences
2019-12-14 15:33 - 2018-04-12 00:38 - 000000000 ____D C:\Windows\PolicyDefinitions
2019-12-14 15:33 - 2018-04-12 00:38 - 000000000 ____D C:\Windows\bcastdvr
2019-12-14 15:33 - 2018-04-11 22:04 - 000000000 ____D C:\Windows\system32\Dism
2019-12-14 15:25 - 2018-04-12 00:30 - 000000000 ____D C:\Windows\CbsTemp
2019-12-14 15:14 - 2019-09-25 12:38 - 000000000 ____D C:\Users\rjael\AppData\Local\Packages
2019-12-14 15:05 - 2019-10-19 23:19 - 000017132 _____ C:\ProgramData\DisplaySessionContainer44.log_backup1
2019-12-14 15:01 - 2019-09-26 09:15 - 000000000 ____D C:\Users\rjael\AppData\Local\NVIDIA
2019-12-14 10:26 - 2019-09-25 12:40 - 000003622 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2019-12-14 10:26 - 2019-09-25 12:40 - 000003498 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2019-12-13 20:06 - 2019-11-09 18:40 - 000016253 _____ C:\ProgramData\DisplaySessionContainer43.log_backup1
2019-12-13 12:41 - 2019-11-09 13:27 - 000013863 _____ C:\ProgramData\DisplaySessionContainer42.log_backup1
2019-12-13 08:12 - 2019-09-25 12:42 - 000002306 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-12-13 08:12 - 2019-09-25 12:42 - 000002265 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-12-13 08:12 - 2019-09-25 12:42 - 000002265 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2019-12-12 22:15 - 2019-11-08 21:30 - 000016946 _____ C:\ProgramData\DisplaySessionContainer41.log_backup1
2019-12-11 21:00 - 2019-11-08 17:19 - 000013881 _____ C:\ProgramData\DisplaySessionContainer40.log_backup1
2019-12-11 14:37 - 2019-11-07 15:33 - 000013060 _____ C:\ProgramData\DisplaySessionContainer39.log_backup1
2019-12-11 14:32 - 2019-09-25 12:44 - 000000001 _____ C:\Users\Public\Documents\dgc_DC.txt
2019-12-11 14:32 - 2019-09-25 12:44 - 000000001 _____ C:\ProgramData\Documents\dgc_DC.txt
2019-12-10 22:53 - 2019-11-07 08:42 - 000013480 _____ C:\ProgramData\DisplaySessionContainer38.log_backup1
2019-12-10 16:15 - 2019-11-06 22:48 - 000013882 _____ C:\ProgramData\DisplaySessionContainer37.log_backup1
2019-12-10 14:16 - 2019-11-06 18:51 - 000013881 _____ C:\ProgramData\DisplaySessionContainer36.log_backup1
2019-12-10 11:28 - 2019-11-05 23:11 - 000013863 _____ C:\ProgramData\DisplaySessionContainer35.log_backup1
2019-12-09 21:02 - 2019-11-05 21:19 - 000013868 _____ C:\ProgramData\DisplaySessionContainer34.log_backup1
2019-12-09 17:44 - 2019-11-05 19:03 - 000013061 _____ C:\ProgramData\DisplaySessionContainer33.log_backup1
2019-12-09 11:22 - 2019-11-05 16:46 - 000013888 _____ C:\ProgramData\DisplaySessionContainer32.log_backup1
2019-12-08 16:27 - 2019-10-23 22:14 - 004957288 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2019-12-08 11:31 - 2019-11-05 15:33 - 000013862 _____ C:\ProgramData\DisplaySessionContainer31.log_backup1
2019-12-07 20:03 - 2019-11-05 11:26 - 000013468 _____ C:\ProgramData\DisplaySessionContainer30.log_backup1
2019-12-05 16:26 - 2019-11-04 22:09 - 000013470 _____ C:\ProgramData\DisplaySessionContainer29.log_backup1
2019-12-04 17:14 - 2019-11-04 18:06 - 000013878 _____ C:\ProgramData\DisplaySessionContainer28.log_backup1
2019-12-03 21:53 - 2019-11-04 14:18 - 000013875 _____ C:\ProgramData\DisplaySessionContainer27.log_backup1
2019-12-03 15:33 - 2019-11-04 10:47 - 000013459 _____ C:\ProgramData\DisplaySessionContainer26.log_backup1
2019-12-03 12:50 - 2019-11-01 17:10 - 000000000 ____D C:\Users\rjael\AppData\Local\ElevatedDiagnostics
2019-12-02 21:27 - 2019-11-03 22:33 - 000013126 _____ C:\ProgramData\DisplaySessionContainer25.log_backup1
2019-12-02 09:33 - 2019-11-03 16:43 - 000013075 _____ C:\ProgramData\DisplaySessionContainer24.log_backup1
2019-12-01 21:50 - 2019-11-03 13:41 - 000013470 _____ C:\ProgramData\DisplaySessionContainer23.log_backup1
2019-12-01 20:11 - 2019-11-02 20:53 - 000013894 _____ C:\ProgramData\DisplaySessionContainer22.log_backup1
2019-12-01 12:40 - 2019-11-02 19:33 - 000014195 _____ C:\ProgramData\DisplaySessionContainer21.log_backup1
2019-11-30 20:03 - 2019-11-02 17:21 - 000013145 _____ C:\ProgramData\DisplaySessionContainer20.log_backup1
2019-11-30 16:56 - 2019-11-02 13:12 - 000013886 _____ C:\ProgramData\DisplaySessionContainer19.log_backup1
2019-11-29 19:43 - 2019-11-01 23:10 - 000013861 _____ C:\ProgramData\DisplaySessionContainer18.log_backup1
2019-11-28 21:33 - 2019-11-01 20:03 - 000013060 _____ C:\ProgramData\DisplaySessionContainer17.log_backup1
2019-11-28 10:53 - 2019-11-01 12:54 - 000013064 _____ C:\ProgramData\DisplaySessionContainer16.log_backup1
2019-11-27 23:27 - 2019-10-31 21:46 - 000013060 _____ C:\ProgramData\DisplaySessionContainer15.log_backup1
2019-11-27 17:58 - 2019-10-31 20:29 - 000014198 _____ C:\ProgramData\DisplaySessionContainer14.log_backup1
2019-11-26 16:35 - 2019-10-31 16:52 - 000014188 _____ C:\ProgramData\DisplaySessionContainer12.log_backup1
2019-11-26 13:40 - 2019-09-25 19:53 - 000000000 ____D C:\ProgramData\RevitInterProcess
2019-11-26 13:30 - 2019-10-30 22:08 - 000013882 _____ C:\ProgramData\DisplaySessionContainer11.log_backup1
2019-11-26 11:14 - 2019-10-30 20:32 - 000013470 _____ C:\ProgramData\DisplaySessionContainer10.log_backup1
2019-11-25 21:34 - 2019-10-30 16:33 - 000014274 _____ C:\ProgramData\DisplaySessionContainer9.log_backup1
2019-11-25 20:07 - 2019-09-25 12:42 - 000003356 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3658204241-1447177482-3472820348-1001
2019-11-25 20:07 - 2019-09-25 12:39 - 000000000 ___RD C:\Users\rjael\OneDrive
2019-11-25 20:07 - 2019-09-25 12:34 - 000002408 _____ C:\Users\rjael\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-11-25 11:27 - 2019-10-30 15:12 - 000014198 _____ C:\ProgramData\DisplaySessionContainer8.log_backup1
2019-11-25 09:50 - 2019-09-25 12:49 - 000000000 ____D C:\Users\rjael\AppData\Local\D3DSCache
2019-11-25 09:41 - 2019-09-25 19:53 - 000079128 _____ C:\Users\rjael\AppData\Local\GDIPFONTCACHEV1.DAT
2019-11-25 08:53 - 2018-04-12 00:38 - 000000000 ____D C:\Windows\system32\NDF
2019-11-24 21:54 - 2019-10-30 14:28 - 000013880 _____ C:\ProgramData\DisplaySessionContainer7.log_backup1
2019-11-24 13:33 - 2019-10-29 22:01 - 000013467 _____ C:\ProgramData\DisplaySessionContainer6.log_backup1
2019-11-24 13:33 - 2019-09-26 11:03 - 000000000 ____D C:\Users\rjael\Documents\Adobe
2019-11-24 13:31 - 2019-09-26 11:01 - 000000000 ____D C:\ProgramData\Adobe
2019-11-23 19:08 - 2019-10-29 16:38 - 000013467 _____ C:\ProgramData\DisplaySessionContainer5.log_backup1
2019-11-23 11:09 - 2019-10-29 10:46 - 000012725 _____ C:\ProgramData\DisplaySessionContainer4.log_backup1
2019-11-22 22:30 - 2019-10-28 21:58 - 000013883 _____ C:\ProgramData\DisplaySessionContainer3.log_backup1
2019-11-22 13:16 - 2019-09-26 01:00 - 000000000 ____D C:\Program Files\CUAssistant
2019-11-20 22:29 - 2018-12-03 23:51 - 000000000 ____D C:\ProgramData\Package Cache
2019-11-20 22:15 - 2019-10-19 15:08 - 000001517 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Driver & Support Assistant.lnk
2019-11-20 22:04 - 2018-12-04 00:29 - 000000000 ____D C:\ProgramData\Norton
2019-11-20 22:02 - 2018-04-11 22:04 - 000032768 _____ C:\Windows\system32\config\ELAM
2019-11-20 19:42 - 2019-09-25 13:29 - 000000000 ____D C:\Program Files\Common Files\Autodesk Shared
2019-11-20 19:42 - 2019-09-25 13:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk
2019-11-20 19:42 - 2019-09-25 13:14 - 000000000 ____D C:\Program Files\Autodesk
2019-11-20 19:40 - 2019-10-21 21:23 - 000002055 _____ C:\Users\Public\Desktop\Revit 2020.lnk
2019-11-20 19:40 - 2019-10-21 21:23 - 000002055 _____ C:\ProgramData\Desktop\Revit 2020.lnk
2019-11-20 19:40 - 2019-09-25 13:14 - 000000000 ____D C:\Users\rjael\AppData\Roaming\Autodesk
2019-11-17 22:04 - 2019-10-31 18:05 - 000014197 _____ C:\ProgramData\DisplaySessionContainer13.log_backup1
2019-11-15 16:18 - 2018-12-03 23:52 - 000000000 ____D C:\Program Files (x86)\Intel

==================== Files in the root of some directories ========

2019-11-24 19:10 - 2019-11-24 19:10 - 000000000 _____ () C:\Users\rjael\AppData\Local\FEF22A15.jpg
2019-10-04 15:11 - 2019-10-04 15:11 - 000000000 _____ () C:\Users\rjael\AppData\Local\oobelibMkey.log

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

addition

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-12-2019
Ran by rjael (14-12-2019 21:52:22)
Running from C:\Users\rjael\Desktop
Windows 10 Home Version 1803 17134.1130 (X64) (2019-09-25 11:27:53)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrador (S-1-5-21-3658204241-1447177482-3472820348-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3658204241-1447177482-3472820348-503 - Limited - Disabled)
Invitado (S-1-5-21-3658204241-1447177482-3472820348-501 - Limited - Disabled)
rjael (S-1-5-21-3658204241-1447177482-3472820348-1001 - Administrator - Enabled) => C:\Users\rjael
WDAGUtilityAccount (S-1-5-21-3658204241-1447177482-3472820348-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

ACA & MEP 2020 Object Enabler (HKLM\...\{28B89EEF-3004-0000-5102-CF3F3A09B77D}) (Version: 8.2.45.0 - Autodesk) Hidden
ACAD Private (HKLM\...\{28B89EEF-3001-0000-3102-CF3F3A09B77D}) (Version: 23.1.47.0 - Autodesk) Hidden
Actualización de NVIDIA 38.0.2.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 38.0.2.0 - NVIDIA Corporation) Hidden
Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 15.023.20070 - Adobe Systems Incorporated)
Adobe Illustrator CC 2019 (HKLM-x32\...\ILST_23_0_2) (Version: 23.0.2 - Adobe Systems Incorporated)
Adobe InDesign 2019 (HKLM-x32\...\IDSN_14_0_3) (Version: 14.0.3 - Adobe Systems Incorporated)
Adobe Photoshop CC 2019 (HKLM-x32\...\PHSP_20_0_4) (Version: 20.0.4 - Adobe Systems Incorporated)
Adobe Photoshop Lightroom 5.6 64-bit (HKLM\...\{D19E99C2-6D9D-4075-B446-B4387EAF70A5}) (Version: 5.6.0 - Adobe Systems Incorporated)
Aplicación de escritorio de Autodesk (HKLM-x32\...\Autodesk Desktop App) (Version: 7.0.21.17 - Autodesk)
Aplicaciones destacadas de Autodesk 2020 (HKLM-x32\...\{D0194D24-57D6-4FC8-9B80-3B60BFEBA23A}) (Version: 3.0.0 - Autodesk)
AutoCAD 2020 - Español (Spanish) (HKLM\...\{28B89EEF-3001-040A-2102-CF3F3A09B77D}) (Version: 23.1.47.0 - Autodesk) Hidden
AutoCAD 2020  Language Pack - Español (Spanish) (HKLM\...\{28B89EEF-3001-040A-1102-CF3F3A09B77D}) (Version: 23.1.102.0 - Autodesk) Hidden
AutoCAD 2020 (HKLM\...\{28B89EEF-3001-0000-0102-CF3F3A09B77D}) (Version: 23.1.104.0 - Autodesk) Hidden
Autodesk 3ds Max 2020 (HKLM\...\{BD028CEF-A20D-42fe-BC8A-31EF3A60F194}) (Version: 22.0.0.757 - Autodesk) Hidden
Autodesk 3ds Max 2020 (HKLM\...\Autodesk 3ds Max 2020) (Version: 22.0.0.757 - Autodesk)
Autodesk Advance Steel 2020 Extension for Autodesk Revit (HKLM\...\{052C920C-2000-0010-0409-920502E2CB58}) (Version: 20.0.145.0 - Autodesk) Hidden
Autodesk Advance Steel 2020 Extension for Autodesk Revit (HKLM\...\Autodesk Advance Steel 2020 Extension for Autodesk Revit) (Version: 20.0.145.0 - Autodesk)
Autodesk Advanced Material Library Base Resolution Image Library 2019 (HKLM-x32\...\{105181A1-013C-4EE7-A368-999FD7ED950A}) (Version: 17.11.3.0 - Autodesk)
Autodesk Advanced Material Library Base Resolution Image Library 2020 (HKLM-x32\...\{FF27FA47-6E0F-4654-A435-19916B297565}) (Version: 18.11.1.0 - Autodesk)
Autodesk Advanced Material Library Low Resolution Image Library 2019 (HKLM-x32\...\{ACC0DD09-7E20-4792-87D5-BDBE40206584}) (Version: 17.11.3.0 - Autodesk)
Autodesk Advanced Material Library Low Resolution Image Library 2020 (HKLM-x32\...\{042B92EF-929A-40B1-9578-DA8363208D02}) (Version: 18.11.1.0 - Autodesk)
Autodesk Advanced Material Library Medium Resolution Image Library 2020 (HKLM-x32\...\{0F682C15-79B0-4E6F-A2F4-56BC8CD43F1F}) (Version: 18.11.1.0 - Autodesk)
Autodesk App Manager 2020 (HKLM-x32\...\{093769E2-0281-4626-88B1-43180365CCDF}) (Version: 3.0.0 - Autodesk)
Autodesk AutoCAD 2020 - Español (Spanish) (HKLM\...\AutoCAD 2020 - Español (Spanish)) (Version: 23.1.47.0 - Autodesk)
Autodesk AutoCAD 2020.1 Update (HKLM-x32\...\{f4f9ba0b-3001-0000-0102-f66cecb07000}) (Version: 23.1.70.0 - Autodesk) Hidden
Autodesk AutoCAD 2020.1.2 Update (HKLM-x32\...\{f4f9ba0b-3001-0000-0102-f66cecb10400}) (Version: 23.1.104.0 - Autodesk)
Autodesk Certificate Package  (x64) - 7.1.4 (HKLM\...\{1C891560-9ECD-4234-8BBD-752AFE0682D7}) (Version: 7.1.4.0 - Autodesk)
Autodesk Civil View for 3ds Max 2020 64-bit (HKLM\...\{36D39F27-7B90-4F5C-82D7-924D7128760C}) (Version: 22.0.0.0 - Autodesk)
Autodesk Cloud Models for Revit 2020 (HKLM\...\{AA384BE4-2001-0010-0000-97E7D7D00B18}) (Version: 20.2.0.48 - Autodesk) Hidden
Autodesk Cloud Models for Revit 2020 (HKLM\...\Autodesk Cloud Models for Revit 2020) (Version: 20.2.0.48 - Autodesk)
Autodesk Collaboration for Revit 2019 (HKLM\...\{AA384BE4-1901-0010-0000-97E7D7D00B17}) (Version: 19.2.20.24 - Autodesk) Hidden
Autodesk Collaboration for Revit 2019 (HKLM\...\Autodesk Collaboration for Revit 2019) (Version: 19.2.20.24 - Autodesk)
Autodesk Download Manager (HKLM-x32\...\{E3ABBE37-EC80-4D03-AEFD-613EE5BBC458}) (Version: 6.2.3.0 - Autodesk, Inc.)
Autodesk Genuine Service (HKLM-x32\...\{317D67F2-9027-4E85-9ED1-ADF4D765AE02}) (Version: 3.0.11 - Autodesk)
Autodesk Inventor Server Engine for 3ds Max 2020 (HKLM\...\{6705B770-D46A-46BC-831F-2F63DA2936B1}) (Version: 21.0 - Autodesk)
Autodesk License Service (x64) - 7.1.4 (HKLM\...\{F53D6D10-7A75-4A39-8C53-A3D855C7C50A}) (Version: 7.1.4.0 - Autodesk)
Autodesk Material Library 2019 (HKLM-x32\...\{8F69EE2C-DC34-4746-9B47-7511147BD4B0}) (Version: 17.11.3.0 - Autodesk)
Autodesk Material Library 2020 (HKLM-x32\...\{B9312A51-41B5-479D-9F72-E7448A2D89AF}) (Version: 18.11.1.0 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2019 (HKLM-x32\...\{3AAA4C1B-51DA-487D-81A3-4234DBB9A8F9}) (Version: 17.11.3.0 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2020 (HKLM-x32\...\{0E976988-E753-4C81-BD96-434CE305B176}) (Version: 18.11.1.0 - Autodesk)
Autodesk Material Library Low Resolution Image Library 2019 (HKLM-x32\...\{77F779B8-3262-4014-97E9-36D6933A1904}) (Version: 17.11.3.0 - Autodesk)
Autodesk Material Library Low Resolution Image Library 2020 (HKLM-x32\...\{7979E1F2-682E-4A3C-B674-B3336F35D472}) (Version: 18.11.1.0 - Autodesk)
Autodesk Material Library Medium Resolution Image Library 2020 (HKLM-x32\...\{B52B3C0C-F56D-44CB-AC81-F86BCBB7550F}) (Version: 18.11.1.0 - Autodesk)
Autodesk Revit 2019 (HKLM\...\Autodesk Revit 2019) (Version: 19.2.20.24 - Autodesk)
Autodesk Revit 2019 (HKLM\...\Revit 2019) (Version:  - )
Autodesk Revit 2019 MEP Fabrication Configuration - Imperial (HKLM\...\{7B1D0D58-E2A9-400B-9663-86FD56CB44B9}) (Version: 2.2 - Autodesk)
Autodesk Revit 2019 MEP Fabrication Configuration - Metric (HKLM\...\{8E6AEB11-ECE7-475A-BB7D-1D6719B2F8BA}) (Version: 2.2 - Autodesk)
Autodesk Revit 2019.2.2 (HKLM\...\Autodesk Revit 2019 SP8) (Version: 19.2.20.24 - Autodesk)
Autodesk Revit 2019.2.2 Hotfix (HKLM-x32\...\{44f28e71-881c-4c15-97c1-88777448781e}) (Version: 19.2.20.1 - Autodesk) Hidden
Autodesk Revit 2020 (HKLM\...\Revit 2020) (Version: 20.2.0.48 - Autodesk)
Autodesk Revit 2020 Revit MEP Imperial Content (HKLM\...\{38AEB114-D437-4695-B390-6D03723F32E0}) (Version: 2.2 - Autodesk)
Autodesk Revit 2020 Revit MEP Metric Content (HKLM\...\{6504036D-FF6D-41E0-B3FE-3193E9BC2047}) (Version: 2.2 - Autodesk)
Autodesk Revit 2020.2 (HKLM\...\Autodesk Revit 2020 SP3) (Version: 20.2.0.48 - Autodesk)
Autodesk Revit 2020.2 Update (HKLM-x32\...\{045e4c61-c10a-4dde-8485-7eacbb34f46e}) (Version: 20.2.0.0 - Autodesk) Hidden
Autodesk Revit Content Libraries 2019 (HKLM\...\Autodesk Revit Content Libraries 2019) (Version: 19.0.1.1 - Autodesk)
Autodesk Revit Content Libraries 2019 (HKLM\...\Revit Content Libraries 2019) (Version:  - )
Autodesk Revit Content Libraries 2020 (HKLM\...\Revit Content Libraries 2020) (Version: 20.0.0.377 - Autodesk)
Autodesk Revit Interoperability for 3ds Max 2020 (HKLM\...\{0BB716E0-2000-0610-0000-097DC2F354DF}) (Version: 20.0.0.364 - Autodesk) Hidden
Autodesk Revit Interoperability for 3ds Max 2020 (HKLM\...\Autodesk Revit Interoperability for 3ds Max 2020) (Version: 20.0.0.364 - Autodesk)
Autodesk Revit Model Review 2019 (HKLM\...\{715812E8-1901-0010-0000-BBB894911B46}) (Version: 19.2.1.1 - Autodesk) Hidden
Autodesk Revit Model Review 2019 (HKLM\...\Autodesk Revit Model Review 2019) (Version: 19.2.1.1 - Autodesk)
Autodesk Revit Model Review 2020 (HKLM\...\{715812E8-2001-0010-0000-BBB894911B46}) (Version: 20.0.0.377 - Autodesk) Hidden
Autodesk Revit Model Review 2020 (HKLM\...\Autodesk Revit Model Review 2020) (Version: 20.0.0.377 - Autodesk)
Autodesk Revit Site Designer Extension 2019 (HKLM\...\{48F4AD4C-1901-0010-0000-0A7B3B0A5D16}) (Version: 19.0.0.405 - Autodesk) Hidden
Autodesk Revit Site Designer Extension 2019 (HKLM\...\Autodesk Revit Site Designer Extension 2019) (Version: 19.0.0.405 - Autodesk)
Autodesk Revit Site Designer Extension 2020 (HKLM\...\{48F4AD4C-2001-0010-0000-0A7B3B0A5D16}) (Version: 20.0.0.377 - Autodesk) Hidden
Autodesk Revit Site Designer Extension 2020 (HKLM\...\Autodesk Revit Site Designer Extension 2020) (Version: 20.0.0.377 - Autodesk)
Autodesk Single Sign On Component (HKLM\...\{43D6A09F-C6C9-426A-8651-9EF8990B0A65}) (Version: 11.0.0.1800 - Autodesk)
Autodesk Workflows 2019 (HKLM\...\{F9857F69-9B57-4DF2-8930-7A4D5F8D5635}) (Version: 17.11.1.0 - Autodesk, Inc.)
Batch Print for Autodesk Revit 2019 (HKLM\...\{82AF00E4-1901-0010-0000-FCE0F87063F9}) (Version: 19.2.1.1 - Autodesk) Hidden
Batch Print for Autodesk Revit 2019 (HKLM\...\Batch Print for Autodesk Revit 2019) (Version: 19.2.1.1 - Autodesk)
Batch Print for Autodesk Revit 2020 (HKLM\...\{82AF00E4-2001-0010-0000-FCE0F87063F9}) (Version: 20.0.0.377 - Autodesk) Hidden
Batch Print for Autodesk Revit 2020 (HKLM\...\Batch Print for Autodesk Revit 2020) (Version: 20.0.0.377 - Autodesk)
Battery Calibration (HKLM-x32\...\{634AC01E-49DB-4AD2-B87C-90D4DCC6AFA1}) (Version: 1.0.1807.0401 - Micro-Star International Co., Ltd.) Hidden
Battery Calibration (HKLM-x32\...\InstallShield_{634AC01E-49DB-4AD2-B87C-90D4DCC6AFA1}) (Version: 1.0.1807.0401 - Micro-Star International Co., Ltd.)
BurnRecovery (HKLM-x32\...\{92A6B009-1343-4C44-AFB1-8849137CA3F0}) (Version: 5.0.1807.301 - Application) Hidden
BurnRecovery (HKLM-x32\...\InstallShield_{92A6B009-1343-4C44-AFB1-8849137CA3F0}) (Version: 5.0.1807.301 - Application)
CCleaner (HKLM\...\CCleaner) (Version: 5.62 - Piriform)
Dragon Center (HKLM-x32\...\{C65B26BC-5A6F-4135-9678-55A877655471}) (Version: 2.4.1811.0201 - Micro-Star International Co., Ltd.) Hidden
Dragon Center (HKLM-x32\...\InstallShield_{C65B26BC-5A6F-4135-9678-55A877655471}) (Version: 2.4.1811.0201 - Micro-Star International Co., Ltd.)
Dynamo Core 1.3.4 (HKLM\...\{D4CCA021-5685-4A3D-9D17-6BF8C5053E0D}) (Version: 1.3.4.6666 - Dynamo)
Dynamo Revit 1.3.4 (HKLM\...\{60761FA6-E5EC-4DC2-A6D8-051DCC2A4C66}) (Version: 1.3.4.6666 - Dynamo)
eTransmit for Autodesk Revit 2019 (HKLM\...\{4477F08B-1901-0010-0000-9A09D834DFF5}) (Version: 19.2.1.1 - Autodesk) Hidden
eTransmit for Autodesk Revit 2019 (HKLM\...\eTransmit for Autodesk Revit 2019) (Version: 19.2.1.1 - Autodesk)
eTransmit for Autodesk Revit 2020 (HKLM\...\{4477F08B-2001-0010-0000-9A09D834DFF5}) (Version: 20.0.0.377 - Autodesk) Hidden
eTransmit for Autodesk Revit 2020 (HKLM\...\eTransmit for Autodesk Revit 2020) (Version: 20.0.0.377 - Autodesk)
FormIt Converter For Revit 2020 (HKLM\...\{7A22DBAA-79A6-4C7B-98FA-9157A97EF6DA}) (Version: 1.9.6.0 - Autodesk)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 79.0.3945.79 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.421 - Google LLC) Hidden
Guardar en la versión web y para dispositivos móviles de Autodesk (HKLM\...\{26FB18F7-B553-430D-94F6-C2389A91235F}) (Version: 3.0.21 - Autodesk)
Help Desk (HKLM-x32\...\{7E8181AF-9679-49B3-B133-C265709B6927}) (Version: 2.0.1809.2701 - Micro-Star International Co., Ltd.) Hidden
Help Desk (HKLM-x32\...\InstallShield_{7E8181AF-9679-49B3-B133-C265709B6927}) (Version: 2.0.1809.2701 - Micro-Star International Co., Ltd.)
Intel Driver && Support Assistant (HKLM-x32\...\{31990087-E845-4714-B8D2-750497D90341}) (Version: 19.11.46.6 - Intel) Hidden
Intel(R) C++ Redistributables on Intel(R) 64 (HKLM-x32\...\{F70BCE36-25F2-4475-A918-6209B3D85BF3}) (Version: 15.0.179 - Intel Corporation)
Intel(R) Chipset Device Software (HKLM-x32\...\{eb0d4a41-3065-42b0-a868-c60d42d3ea98}) (Version: 10.1.17695.8086 - Intel(R) Corporation) Hidden
Intel(R) Computing Improvement Program (HKLM\...\{A9133872-C9FE-45CC-8F01-D1947B0F09EA}) (Version: 2.4.04755 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 1823.12.0.1137 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 16.7.1.1012 - Intel Corporation)
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1727.1 - Intel Corporation)
Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.50.295.0 - Intel Corporation) Hidden
Intel(R) Trusted Connect Services Client (HKLM-x32\...\{c700a043-5a4c-4d61-aa88-6c4191f25b64}) (Version: 1.50.295.0 - Intel Corporation) Hidden
Intel® Driver & Support Assistant (HKLM-x32\...\{9d54562c-195e-463a-9d06-3c71c3998dfb}) (Version: 19.11.46.6 - Intel)
Intel® Optane™ Pinning Explorer Extensions (HKLM\...\{BC6B5201-1998-4071-BC49-565666694E4C}) (Version: 16.7.1.1012 - Intel Corporation)
Killer Performance Driver Suite UWD (HKLM\...\{3FD24063-66FD-48B9-A58C-2081CAA0CBC2}) (Version: 2.0.1125 - Rivet Networks)
Malwarebytes version 4.0.4.49 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.0.4.49 - Malwarebytes)
MAXtoA for 3ds Max 2020 (HKLM\...\{78DCBB3E-D0F1-4471-985A-6695707E93A7}) (Version: 2.4.43.0 - Solid Angle)
Microsoft OneDrive (HKU\S-1-5-21-3658204241-1447177482-3472820348-1001\...\OneDriveSetup.exe) (Version: 19.192.0926.0012 - Microsoft Corporation)
Microsoft SQL Server 2014 Express LocalDB  (HKLM\...\{52EBC484-44A1-4DC5-824A-0A503735ABD8}) (Version: 12.1.4100.1 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.22.27821 (HKLM-x32\...\{6361b579-2795-4886-b2a8-53d5239b6452}) (Version: 14.22.27821.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.22.27821 (HKLM-x32\...\{5bfc1380-fd35-4b85-9715-7351535d077e}) (Version: 14.22.27821.0 - Microsoft Corporation)
MSI App Player (HKLM-x32\...\BlueStacks_msi2) (Version: 4.3.10.3014 - BlueStack Systems, Inc.)
MSI True Color (HKLM\...\{B4A2776D-59CD-4193-A19D-DE15CB7FC5AA}) (Version: 2.1.2.0 - Portrait Displays, Inc.)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.19 - NVIDIA Corporation) Hidden
NVIDIA Controlador de audio HD 1.3.38.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.21 - NVIDIA Corporation)
NVIDIA Controlador de gráficos 441.66 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 441.66 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.20.1.57 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.1.57 - NVIDIA Corporation)
NVIDIA mental ray and IRay feature plugins for 3ds Max 2020 (HKLM\...\{56B041A5-F592-4B9A-AD5D-68915B926AE9}) (Version: 22.0.0.0 - Autodesk)
NVIDIA Software del sistema PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
OpenStudio CLI For Revit 2020 (HKLM\...\{C8E65AFE-98F1-4EB7-B605-918298521AEA}) (Version: 0.1.9 - NREL)
Paquete de controladores de Windows - Graphics Tablet (WinUsb) USBDevice  (04/10/2014 8.33.30.0) (HKLM\...\142118DF51345EA02D2B1583E102C8FB95FD6D52) (Version: 04/10/2014 8.33.30.0 - Graphics Tablet)
Personal Accelerator for Revit (HKLM\...\{DDFEC564-E652-40AF-97B7-26D30D5E9B90}) (Version: 21.0.11.0 - Autodesk) Hidden
Personal Accelerator for Revit (HKLM\...\Personal Accelerator for Revit) (Version: 21.0.11.0 - Autodesk)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.17134.31242 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8544 - Realtek Semiconductor Corp.)
Revit 2019 (HKLM\...\{7346B4A0-1900-0510-0000-705C0D862004}) (Version: 19.2.20.24 - Autodesk) Hidden
Revit 2020 (HKLM\...\{7346B4A0-2000-0510-0000-705C0D862004}) (Version: 20.2.0.48 - Autodesk) Hidden
Revit Content Libraries 2019 (HKLM\...\{941030D0-1900-0410-0000-818BB38A95FC}) (Version: 19.0.1.1 - Autodesk) Hidden
Revit Content Libraries 2020 (HKLM\...\{941030D0-2000-0410-0000-818BB38A95FC}) (Version: 20.0.0.377 - Autodesk) Hidden
Rhino 6 (HKLM\...\{CFFBFDF3-E150-4258-B515-9135D585F5AB}) (Version: 6.1.18023.13161 - Robert McNeel & Associates) Hidden
Rhino 6 (HKLM-x32\...\{71fc06dd-f614-427f-bf74-69d303e7330e}) (Version: 6.1.18023.13161 - Robert McNeel & Associates)
Rhino Installer Engine (HKLM\...\{390006C5-C28F-483C-9EFC-DE55B73D23F6}) (Version: 6.1.18023.13161 - Robert McNeel & Associates) Hidden
Rhinoceros 6 Language Pack Installer (es-ES) (HKLM\...\{77EC11FB-04A4-41C5-94D3-8687329BA17E}) (Version: 6.1.18023.13161 - Robert McNeel & Associates) Hidden
Roombook Areabook Buildingbook for Revit 2019 (HKLM\...\{58CA1D9B-D3D9-4292-AE6A-2F5952ADEE2E}) (Version: 19.1.0.4 - Autodesk, Inc.)
Roombook Areabook Buildingbook for Revit 2020 (HKLM\...\{9A2364F1-C286-4D2E-A2AD-536BA9930A19}) (Version: 20.0.0.1 - Autodesk, Inc.)
SteelSeries Engine 3.16.2 (HKLM\...\SteelSeries Engine 3) (Version: 3.16.2 - SteelSeries ApS)
TC2000 v19 (HKLM-x32\...\{A6A526E4-A376-4772-897D-508FB2473C91}) (Version: 1.0.0 - Worden Brothers, Inc.) Hidden
TC2000 v19 (HKU\S-1-5-21-3658204241-1447177482-3472820348-1001\...\TC2000 v19 1.0.0) (Version: 1.0.0 - Worden Brothers, Inc.)
thinkorswim (HKLM\...\9968-4488-2169-7623) (Version: desktop - thinkorswim, Inc)
UninstallTabletDeviceDriver (HKLM\...\{39089688-F09E-4DAD-8C80-647D3DF68630}_is1) (Version: v13.14.13.170626 - )
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden
Update for Windows 10 for x64-based Systems (KB4480730) (HKLM\...\{3BAE4496-6F6C-4330-A8AA-B93D3D346FA5}) (Version: 2.53.0.0 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{6DA2B636-698A-3294-BF4A-B5E11B238CDD}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{8CCEA24C-51AE-3B71-9092-7D0C44DDA2DF}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{C3A57BB3-9AA6-3F6F-9395-6C062BDD5FC4}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{F6F09DD8-F39B-3A16-ADB9-C9E6B56903F9}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{04B34E21-5BEE-3D2B-8D3D-E3E80D253F64}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{14866AAD-1F23-39AC-A62B-7091ED1ADE64}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{4B90093A-5D9C-3956-8ABB-95848BE6EFAD}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{B42E259C-E4D4-37F1-A1B2-EB9C4FC5A04D}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
WinRAR 5.71 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.71.0 - win.rar GmbH)
Worksharing Monitor for Autodesk Revit 2019 (HKLM\...\{5063E738-1901-0010-0000-7B7B9AB0B696}) (Version: 19.2.1.1 - Autodesk) Hidden
Worksharing Monitor for Autodesk Revit 2019 (HKLM\...\Worksharing Monitor for Autodesk Revit 2019) (Version: 19.2.1.1 - Autodesk)
Worksharing Monitor for Autodesk Revit 2020 (HKLM\...\{5063E738-2001-0010-0000-7B7B9AB0B696}) (Version: 20.0.0.377 - Autodesk) Hidden
Worksharing Monitor for Autodesk Revit 2020 (HKLM\...\Worksharing Monitor for Autodesk Revit 2020) (Version: 20.0.0.377 - Autodesk)

Packages:
=========
Candy Crush Friends -> C:\Program Files\WindowsApps\king.com.CandyCrushFriends_1.21.5.0_x86__kgqvnymyfvs32 [2019-09-25] (king.com)
Candy Crush Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSaga_1.1600.3.0_x86__kgqvnymyfvs32 [2019-09-25] (king.com)
Correo y Calendario -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.12026.20218.0_x64__8wekyb3d8bbwe [2019-09-25] (Microsoft Corporation) [MS Ad]
Escritorio remoto de Microsoft -> C:\Program Files\WindowsApps\Microsoft.RemoteDesktop_10.1.1107.0_x86__8wekyb3d8bbwe [2019-09-25] (Microsoft Corporation)
Killer Control Center -> C:\Program Files\WindowsApps\RivetNetworks.KillerControlCenter_2.0.2323.0_x64__rh07ty8m5nkag [2019-09-25] (Rivet Networks LLC) [Startup Task]
LinkedIn -> C:\Program Files\WindowsApps\7EE7776C.LinkedInforWindows_2.1.7098.0_neutral__w1wdnht996qgy [2019-09-25] (LinkedIn)
Microsoft Access 2016 -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Access_16010.9126.2116.0_x86__8wekyb3d8bbwe [2018-08-08] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-09-25] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-09-25] (Microsoft Corporation) [MS Ad]
Microsoft Excel 2016 -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Excel_16010.9126.2116.0_x86__8wekyb3d8bbwe [2018-08-08] (Microsoft Corporation)
Microsoft Jigsaw -> C:\Program Files\WindowsApps\Microsoft.MicrosoftJigsaw_1.9.1907.2503_x86__8wekyb3d8bbwe [2019-09-25] (Microsoft Studios) [MS Ad]
Microsoft Mahjong -> C:\Program Files\WindowsApps\Microsoft.MicrosoftMahjong_3.9.4100.0_x64__8wekyb3d8bbwe [2019-09-25] (Microsoft Studios) [MS Ad]
Microsoft Minesweeper -> C:\Program Files\WindowsApps\Microsoft.MicrosoftMinesweeper_2.7.4300.0_x86__8wekyb3d8bbwe [2019-09-25] (Microsoft Studios) [MS Ad]
Microsoft News: Noticias destacadas en español -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.32.12463.0_x64__8wekyb3d8bbwe [2019-09-25] (Microsoft Corporation) [MS Ad]
Microsoft Office Desktop Apps -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop_16010.9126.2116.0_x86__8wekyb3d8bbwe [2018-08-08] (Microsoft Corporation)
Microsoft Outlook 2016 -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Outlook_16010.9126.2116.0_x86__8wekyb3d8bbwe [2018-08-08] (Microsoft Corporation)
Microsoft PowerPoint 2016 -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.PowerPoint_16010.9126.2116.0_x86__8wekyb3d8bbwe [2018-08-08] (Microsoft Corporation)
Microsoft Publisher 2016 -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Publisher_16010.9126.2116.0_x86__8wekyb3d8bbwe [2018-08-08] (Microsoft Corporation)
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.4.8204.0_x64__8wekyb3d8bbwe [2019-09-25] (Microsoft Studios) [MS Ad]
Microsoft Sudoku -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSudoku_1.7.10190.0_x86__8wekyb3d8bbwe [2019-09-25] (Microsoft Studios) [MS Ad]
Microsoft Ultimate Word Games -> C:\Program Files\WindowsApps\Microsoft.Studios.Wordament_3.6.9050.0_x64__8wekyb3d8bbwe [2019-09-25] (Microsoft Studios) [MS Ad]
Microsoft Word 2016 -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Word_16010.9126.2116.0_x86__8wekyb3d8bbwe [2018-08-08] (Microsoft Corporation)
MSN El Tiempo -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.32.12463.0_x64__8wekyb3d8bbwe [2019-09-25] (Microsoft Corporation) [MS Ad]
Music Maker Jam -> C:\Program Files\WindowsApps\MAGIX.MusicMakerJam_2.3.1042.1_x64__a2t3txkz9j1jw [2018-12-03] (MAGIX)
Nahimic -> C:\Program Files\WindowsApps\A-Volute.Nahimic_1.3.2.0_x64__w2gh52qy24etm [2019-09-25] (A-Volute)
Norton Studio -> C:\Program Files\WindowsApps\SymantecCorporation.NortonStudio_2.2.0.0_x86__v68kp9n051hdp [2019-09-25] (Symantec Corporation)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.955.0_x64__56jybvy8sckqj [2019-09-25] (NVIDIA Corp.)
PhotoDirector8 for MSI -> C:\Program Files\WindowsApps\CyberLink.PhotoDirector8forMSI_8.0.4020.0_x64__jtmmp2jxy9gb6 [2018-12-03] (CyberLink)
PowerDirector for MSI -> C:\Program Files\WindowsApps\CyberLink.PowerDirectorforMSI_15.0.4024.0_x64__jtmmp2jxy9gb6 [2018-12-03] (CyberLink)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.1.136.0_x64__dt26b99r8h8gj [2019-09-25] (Realtek Semiconductor Corp)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.115.448.0_x86__zpdnekdrzrea0 [2019-09-25] (Spotify AB) [Startup Task]
SynMsiDApp -> C:\Program Files\WindowsApps\SynapticsIncorporated.SynMsiDApp_19005.31005.0.0_x64__807d65c4rvak2 [2019-09-25] (Synaptics Incorporated)
Traductor -> C:\Program Files\WindowsApps\Microsoft.BingTranslator_5.6.0.0_x64__8wekyb3d8bbwe [2019-09-26] (Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3658204241-1447177482-3472820348-1001_Classes\CLSID\{233525e0-5434-46ef-b464-fd7e45e2e145}\localserver32 -> C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe (IDSA Production signing key -> Intel)
CustomCLSID: HKU\S-1-5-21-3658204241-1447177482-3472820348-1001_Classes\CLSID\{4AC6DFE1-607B-45B2-B289-D7FBCD44169C}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2020\acad.exe (Autodesk, Inc. -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3658204241-1447177482-3472820348-1001_Classes\CLSID\{74D0CE91-F931-4FAC-BEA9-EE32E43EAD37}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2020\acad.exe (Autodesk, Inc. -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3658204241-1447177482-3472820348-1001_Classes\CLSID\{D1DE6864-2236-48B7-99C3-D29C757903A4}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2020\acad.exe (Autodesk, Inc. -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3658204241-1447177482-3472820348-1001_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2020\es-ES\acadficn.dll (Autodesk Asia Pte. Ltd. -> Autodesk, Inc.)
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} =>  -> No File
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} =>  -> No File
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} =>  -> No File
ShellIconOverlayIdentifiers: [  OptaneIconOverlay] -> {A3AF6F6C-8BED-3D93-8B5D-33427B5D38E9} => C:\Program Files\Intel\OptaneShellExtensions\OptaneShellExt.dll [2018-08-24] () [File not signed]
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2019-01-30] (Autodesk, Inc. -> Autodesk, Inc.)
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} =>  -> No File
ContextMenuHandlers1: [AcShellExtension.AcContextMenuHandler] -> {2E7A2C6C-B938-40a4-BA1C-C7EC982DC202} => C:\Program Files\Common Files\Autodesk Shared\AcShellEx\AcShellExtension.dll [2019-01-30] (Autodesk, Inc. -> Autodesk)
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2015-03-17] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} =>  -> No File
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} =>  -> No File
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-12-14] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} =>  -> No File
ContextMenuHandlers3: [OptaneContextMenu] -> {AD7EBB13-617D-3270-8FA8-46583499C4FB} => C:\Program Files\Intel\OptaneShellExtensions\OptaneShellExt.dll [2018-08-24] () [File not signed]
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} =>  -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\Windows\System32\DriverStore\FileRepository\cui_dc_comp.inf_amd64_31c60cc38cfcca28\igfxDTCM.dll [2018-12-02] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\System32\DriverStore\FileRepository\nvmisi.inf_amd64_3857b202135defee\nvshext.dll [2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2015-03-17] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-12-14] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\rjael\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\d249d9ddd424b688\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default

==================== Loaded Modules (Whitelisted) =============

2018-08-24 20:41 - 2018-08-24 20:41 - 000126976 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\OptaneShellExtensions\iaStorAfsServiceApi.dll
2019-09-25 12:38 - 2018-09-04 11:12 - 000642560 _____ (Nahimic) [File not signed] C:\ProgramData\A-Volute\A-Volute.Nahimic\Modules\Scheduled\DynamicSonicMapperConfiguratorDaemonModule.dll
2019-09-25 12:38 - 2018-09-04 11:12 - 000193536 _____ (Nahimic) [File not signed] C:\ProgramData\A-Volute\A-Volute.Nahimic\Modules\Scheduled\GfxOverlayDaemonModule.dll
2019-09-25 12:38 - 2018-09-04 11:12 - 000400384 _____ (Nahimic) [File not signed] C:\ProgramData\A-Volute\A-Volute.Nahimic\Modules\Scheduled\GfxStreamServerDaemonModule.dll
2019-09-25 12:38 - 2018-09-04 11:12 - 000226304 _____ (Nahimic) [File not signed] C:\ProgramData\A-Volute\A-Volute.Nahimic\Modules\Scheduled\x64\GfxOverlayDaemonModule.dll
2019-08-16 14:29 - 2019-08-16 14:29 - 001902080 _____ (SQLite Development Team) [File not signed] C:\Program Files\Intel\SUR\QUEENCREEK\x64\sqlite3.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxlctlfudivq`qsp`20hfm [0]
AlternateDataStreams: C:\Users\rjael\OneDrive:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.SyncRootIdentity [118]

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) =================

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

HKU\S-1-5-21-3658204241-1447177482-3472820348-1001\Software\Classes\.scr: AutoCADScriptFile => C:\Windows\system32\notepad.exe "%1"

==================== Internet Explorer trusted/restricted ==========

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2018-04-12 00:38 - 2018-04-12 00:36 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> %INTEL_DEV_REDIST%redist\intel64\compiler;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\iCLS\;C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\Common Files\Autodesk Shared\;C:\Program Files\Microsoft SQL Server\120\Tools\Binn\;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\Program Files\Common Files\Autodesk Shared\Advance\
HKU\S-1-5-21-3658204241-1447177482-3472820348-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\rjael\Downloads\buildings-1245953_1920.jpg
DNS Servers: Media is not connected to internet.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{E33BD4A4-3BB6-4C51-9698-112E3A4771B5}] => (Allow) C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Outlook_16010.9126.2116.0_x86__8wekyb3d8bbwe\Office16\OUTLOOK.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{65CDC1D4-2D59-45CE-897F-1EB4624227E5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{EBADDA66-A030-468C-B7FB-B3F47C32413C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{1A8284AD-E43B-45F5-888E-47135873B39C}] => (Allow) C:\Program Files (x86)\BlueStacks_msi2\HD-Player.exe (BlueStack Systems, Inc.) [File not signed]
FirewallRules: [{FF9960D5-FC52-432F-87AE-B750A17D8542}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.115.448.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{89698674-EEA0-486D-B1C1-E0E8DA5B1E2C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.115.448.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{84D73C0B-BD09-45BF-8333-4ECAACFDA38C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.115.448.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{A9E1989B-6395-4C7A-ADF5-CEDF03F0AE0B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.115.448.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{089DD362-CAAD-45C9-A780-2F1A2FF5D658}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.115.448.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{2FFBED5C-6B1D-4497-BF82-2F9C2C67FBEB}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.115.448.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{C9FEFBF3-543B-43C0-A107-46A179659275}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.115.448.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{C9F21B12-4FEE-427A-847E-23D539539579}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.115.448.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{D21E8E6F-D109-45AF-B560-F83A07092BF8}] => (Allow) C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Outlook_16051.11929.20300.0_x86__8wekyb3d8bbwe\Office16\OUTLOOK.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{AB8A9BE7-F420-4EFB-A0D4-91205EE641F7}] => (Block) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel(R) Software Development Products -> )
FirewallRules: [{85FB3219-941B-4699-8A9B-0C301A7E732D}] => (Block) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel(R) Software Development Products -> )
FirewallRules: [{328A4554-81D3-48E7-9A28-3DD6FB9A8B66}] => (Allow) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel(R) Software Development Products -> )
FirewallRules: [{95EFE000-C432-4765-9F84-08BF0A19BB2F}] => (Allow) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel(R) Software Development Products -> )
FirewallRules: [{BC8B1447-7333-4A6D-9F52-8A5B7783CAFF}] => (Allow) C:\Users\rjael\AppData\Roaming\uTorrent\uTorrent.exe No File
FirewallRules: [{752447F0-E837-4BDD-B7AA-BECD0BCF7816}] => (Allow) C:\Users\rjael\AppData\Roaming\uTorrent\uTorrent.exe No File
FirewallRules: [{CDA697C1-66A1-404A-A2F3-24C70FB49A0B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{05683D48-1DA6-4C84-B244-2511378CB7B5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{92892915-DFFE-44AE-9BC7-02B44519F6BD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{B6C0A9A8-EB8D-46DC-8B52-9C64D988D25E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{01B29484-9D0A-471D-9CBE-3A20C4C6D14D}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

ATTENTION: System Restore is disabled (Total:237.18 GB) (Free:69.25 GB) (29%)

==================== Faulty Device Manager Devices ============

Name: 260ci WIA Driver (USB)
Description: 260ci WIA Driver (USB)
Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Manufacturer: Kyocera
Service: usbscan
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Event log errors: ========================

Application errors:
==================
Error: (12/14/2019 09:50:20 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Error del procedimiento de apertura para el servicio "WmiApRpl" en el archivo DLL "C:\Windows\system32\wbem\wmiaprpl.dll". Los datos de rendimiento para este servicio no estarán disponibles. Los primeros cuatro bytes (DWORD) de la sección de datos contienen el código de error.

Error: (12/14/2019 09:50:20 PM) (Source: PerfNet) (EventID: 2004) (User: )
Description: No se puede abrir el objeto de rendimiento del servicio del servidor. Los primeros cuatro bytes (DWORD) de la sección de datos contienen el código de estado.

Error: (12/14/2019 09:50:20 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Error del procedimiento de apertura para el servicio "Lsa" en el archivo DLL "C:\Windows\System32\Secur32.dll". Los datos de rendimiento para este servicio no estarán disponibles. Los primeros cuatro bytes (DWORD) de la sección de datos contienen el código de error.

Error: (12/14/2019 09:19:24 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: mbam.exe, versión: 4.0.0.456, marca de tiempo: 0x5df16485
Nombre del módulo con errores: Qt5Core.dll, versión: 5.13.2.0, marca de tiempo: 0x5dcd60b9
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x00198d49
Identificador del proceso con errores: 0x2fdc
Hora de inicio de la aplicación con errores: 0x01d5b2bbc56fac89
Ruta de acceso de la aplicación con errores: C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
Ruta de acceso del módulo con errores: C:\Program Files\Malwarebytes\Anti-Malware\Qt5Core.dll
Identificador del informe: aa24c1f1-87ea-440f-b7c6-52bb85c7c8fc
Nombre completo del paquete con errores: 
Identificador de aplicación relativa del paquete con errores:

Error: (12/14/2019 06:22:50 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: El programa notepad.exe, versión 10.0.17134.1, dejó de interactuar con Windows y se cerró. Para ver si hay más información disponible acerca del problema, comprueba el historial de problemas en la sección Seguridad y mantenimiento del Panel de control.

Identificador de proceso: 3d70

Hora de inicio: 01d5b2a27db068ee

Hora de finalización: 4294967295

Ruta de la aplicación: C:\Windows\System32\notepad.exe

Identificador de informe: 681a8225-3a47-4c51-bd79-4c9e27c67c7c

Nombre completo de paquete con errores: 

Identificador de aplicación relativa del paquete con errores:

Error: (12/14/2019 03:44:53 PM) (Source: COM) (EventID: 10031) (User: )
Description: Se realizó una comprobación de directiva de anulación de serialización al anular la serialización de un objeto con serialización personalizada; se rechazó la clase {41FD88F7-F295-4D39-91AC-A85F3149A05B}

Error: (12/14/2019 03:44:53 PM) (Source: COM) (EventID: 10031) (User: )
Description: Se realizó una comprobación de directiva de anulación de serialización al anular la serialización de un objeto con serialización personalizada; se rechazó la clase {41FD88F7-F295-4D39-91AC-A85F3149A05B}

Error: (12/14/2019 03:44:21 PM) (Source: COM) (EventID: 10031) (User: )
Description: Se realizó una comprobación de directiva de anulación de serialización al anular la serialización de un objeto con serialización personalizada; se rechazó la clase {41FD88F7-F295-4D39-91AC-A85F3149A05B}


System errors:
=============
Error: (12/14/2019 09:48:59 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: El servicio Realtek Audio Universal Service terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 0 milisegundos: Reiniciar el servicio.

Error: (12/14/2019 09:48:58 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: El servicio NVIDIA LocalSystem Container terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 6000 milisegundos: Reiniciar el servicio.

Error: (12/14/2019 09:48:58 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: El servicio NVIDIA Display Container LS terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 6000 milisegundos: Reiniciar el servicio.

Error: (12/14/2019 09:46:54 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: La configuración de permisos específico de la aplicación no concede el permiso Iniciar Local para la aplicación de servidor COM con CLSID 
Windows.SecurityCenter.WscDataProtection
 y APPID 
No disponible
 al usuario NT AUTHORITY\SYSTEM con SID (S-1-5-18) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.

Error: (12/14/2019 09:46:54 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: La configuración de permisos específico de la aplicación no concede el permiso Iniciar Local para la aplicación de servidor COM con CLSID 
Windows.SecurityCenter.WscBrokerManager
 y APPID 
No disponible
 al usuario NT AUTHORITY\SYSTEM con SID (S-1-5-18) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.

Error: (12/14/2019 09:46:18 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 y APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 al usuario NT AUTHORITY\SERVICIO LOCAL con SID (S-1-5-19) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.

Error: (12/14/2019 09:46:18 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 y APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 al usuario NT AUTHORITY\SERVICIO LOCAL con SID (S-1-5-19) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.

Error: (12/14/2019 09:45:46 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: El módulo de extensibilidad de WLAN se detuvo inesperadamente.

Ruta de acceso del módulo: C:\Windows\system32\IntelWifiIhv08.dll


Windows Defender:
===================================
Date: 2019-12-03 21:38:39.365
Description: 
Antivirus de Windows Defender detectó malware u otro software potencialmente no deseado.
Para obtener más información consulte lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=Worm:Win32/Autorun.AHY&threatid=2147689518&enterprise=0
Nombre: Worm:Win32/Autorun.AHY
Id.: 2147689518
Gravedad: Grave
Categoría: Gusano
Ruta de acceso: autoruninf:_E:\autorun.inf|open;autoruninf:_E:\autorun.inf|shellverb;file:_E:\autorun.inf;file:_E:\MusaLLaT.exe
Origen de detección: Equipo local
Tipo de detección: FastPath
Fuente de detección: Sistema
Usuario: NT AUTHORITY\SYSTEM
Nombre de proceso: Unknown
Versión de firma: AV: 1.305.3282.0, AS: 1.305.3282.0, NIS: 1.305.3282.0
Versión de motor: AM: 1.1.16500.1, NIS: 1.1.16500.1

Date: 2019-12-03 21:04:36.189
Description: 
El examen de Antivirus de Windows Defender se detuvo antes de completarse.
Id. de examen: {A3422A20-8711-4F8F-9402-1F0E9F7989CC}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM

Date: 2019-12-03 15:31:33.801
Description: 
Antivirus de Windows Defender detectó malware u otro software potencialmente no deseado.
Para obtener más información consulte lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=Worm:Win32/Autorun.AHY&threatid=2147689518&enterprise=0
Nombre: Worm:Win32/Autorun.AHY
Id.: 2147689518
Gravedad: Grave
Categoría: Gusano
Ruta de acceso: file:_E:\Audiovisual\Films\Films.exe
Origen de detección: Equipo local
Tipo de detección: FastPath
Fuente de detección: Protección en tiempo real
Usuario: MSI\rjael
Nombre de proceso: C:\Windows\explorer.exe
Versión de firma: AV: 1.305.3133.0, AS: 1.305.3133.0, NIS: 1.305.3133.0
Versión de motor: AM: 1.1.16500.1, NIS: 1.1.16500.1

Date: 2019-12-03 15:26:37.511
Description: 
Antivirus de Windows Defender detectó malware u otro software potencialmente no deseado.
Para obtener más información consulte lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=Worm:Win32/Autorun.AHY&threatid=2147689518&enterprise=0
Nombre: Worm:Win32/Autorun.AHY
Id.: 2147689518
Gravedad: Grave
Categoría: Gusano
Ruta de acceso: file:_E:\Audiovisual\Películas\Películas.exe
Origen de detección: Equipo local
Tipo de detección: FastPath
Fuente de detección: Protección en tiempo real
Usuario: MSI\rjael
Nombre de proceso: C:\Windows\explorer.exe
Versión de firma: AV: 1.305.3133.0, AS: 1.305.3133.0, NIS: 1.305.3133.0
Versión de motor: AM: 1.1.16500.1, NIS: 1.1.16500.1

Date: 2019-12-03 15:20:05.500
Description: 
Antivirus de Windows Defender detectó malware u otro software potencialmente no deseado.
Para obtener más información consulte lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=Worm:Win32/Autorun.AHY&threatid=2147689518&enterprise=0
Nombre: Worm:Win32/Autorun.AHY
Id.: 2147689518
Gravedad: Grave
Categoría: Gusano
Ruta de acceso: containerfile:_E:\Özel Dosyalar.exe;file:_E:\Özel Dosyalar.exe;file:_E:\Özel Dosyalar.exe->(UPX)
Origen de detección: Equipo local
Tipo de detección: FastPath
Fuente de detección: Sistema
Usuario: NT AUTHORITY\SYSTEM
Nombre de proceso: C:\Windows\explorer.exe
Versión de firma: AV: 1.305.3133.0, AS: 1.305.3133.0, NIS: 1.305.3133.0
Versión de motor: AM: 1.1.16500.1, NIS: 1.1.16500.1

Date: 2019-12-14 15:57:33.046
Description: 
Antivirus de Windows Defender encontró un error al intentar actualizar las firmas.
Nueva versión de firma: 
Versión de firma anterior: 1.307.451.0
Origen de actualización: Servidor de Microsoft Update
Tipo de firma: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\SYSTEM
Versión de motor actual: 
Versión de motor anterior: 1.1.16600.7
Código de error: 0x80072ee2
Descripción del error: Se superó el tiempo de espera para la operación 

Date: 2019-12-13 16:37:10.689
Description: 
Antivirus de Windows Defender encontró un error al intentar actualizar las firmas.
Nueva versión de firma: 
Versión de firma anterior: 1.307.267.0
Origen de actualización: Servidor de Microsoft Update
Tipo de firma: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\SYSTEM
Versión de motor actual: 
Versión de motor anterior: 1.1.16600.7
Código de error: 0x80072ee2
Descripción del error: Se superó el tiempo de espera para la operación 

Date: 2019-12-13 08:23:49.357
Description: 
Antivirus de Windows Defender encontró un error al intentar actualizar las firmas.
Nueva versión de firma: 
Versión de firma anterior: 1.307.267.0
Origen de actualización: Servidor de Microsoft Update
Tipo de firma: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\SYSTEM
Versión de motor actual: 
Versión de motor anterior: 1.1.16600.7
Código de error: 0x80072ee2
Descripción del error: Se superó el tiempo de espera para la operación 

Date: 2019-12-12 18:33:06.009
Description: 
Antivirus de Windows Defender encontró un error al intentar actualizar las firmas.
Nueva versión de firma: 
Versión de firma anterior: 1.307.267.0
Origen de actualización: Servidor de Microsoft Update
Tipo de firma: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\SYSTEM
Versión de motor actual: 
Versión de motor anterior: 1.1.16600.7
Código de error: 0x80072ee2
Descripción del error: Se superó el tiempo de espera para la operación 

Date: 2019-12-12 14:40:08.433
Description: 
Antivirus de Windows Defender encontró un error al intentar actualizar las firmas.
Nueva versión de firma: 
Versión de firma anterior: 1.307.267.0
Origen de actualización: Servidor de Microsoft Update
Tipo de firma: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\SYSTEM
Versión de motor actual: 
Versión de motor anterior: 1.1.16600.7
Código de error: 0x80072ee2
Descripción del error: Se superó el tiempo de espera para la operación 

CodeIntegrity:
===================================

Date: 2019-12-14 21:41:31.774
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.

Date: 2019-12-14 21:41:23.718
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.

Date: 2019-12-14 21:41:17.934
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.

Date: 2019-12-14 21:41:17.710
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.

Date: 2019-12-14 21:41:13.567
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.

Date: 2019-12-14 21:41:13.119
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.

Date: 2019-12-14 21:41:10.937
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.

Date: 2019-12-14 21:41:10.905
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.

==================== Memory info =========================== 

BIOS: American Megatrends Inc. E16P7IMS.106 12/11/2018
Motherboard: Micro-Star International Co., Ltd. MS-16P7
Processor: Intel(R) Core(TM) i7-8750H CPU @ 2.20GHz
Percentage of memory in use: 19%
Total physical RAM: 16228.5 MB
Available physical RAM: 13140.4 MB
Total Virtual: 18660.5 MB
Available Virtual: 14285.22 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:237.18 GB) (Free:69.25 GB) NTFS
Drive d: (Data) (Fixed) (Total:912.78 GB) (Free:812.11 GB) NTFS

\\?\Volume{d2239ecd-c45f-4111-bf81-90477578f84e}\ (WinRE tools) (Fixed) (Total:0.88 GB) (Free:0.5 GB) NTFS
\\?\Volume{c3aae267-ef90-4ad9-896d-da9a7f1f93f7}\ (BIOS_RVY) (Fixed) (Total:18.73 GB) (Free:0.68 GB) NTFS
\\?\Volume{b6509bc5-b4a4-4658-abfe-076fda31c108}\ (SYSTEM) (Fixed) (Total:0.29 GB) (Free:0.26 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 238.5 GB) (Disk ID: AC9B7113)

Partition: GPT.

==========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: AC9B70ED)

Partition: GPT.

==================== End of Addition.txt =======================

Bien… y ahora sigue estos pasos, :arrow_forward: MUY Importante :arrow_backward: Realiza una copia de seguridad del registro :

  • Para hacerlo descarga :arrow_forward: DelFix.exe(en tu escritorio).

  • Doble clic para ejecutarlo.(Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona -Ejecutar como Administrador-).

  • Atención, ahora marca/selecciona únicamente la casilla :white_check_mark: Create registry backup, las demás casillas NO. :face_with_monocle:

  • Pulsar en Run.

Se abrirá el informe (DelFix.txt), guárdalo por si fuera necesario y cierra la herramienta.

:warning: Con los demás programas cerrados ve a :arrow_forward: Inicio :arrow_forward: Ejecutar :arrow_forward: y escribe Notepad.exe.

  • Ahora debes copiar y pegar los códigos/líneas que están en el interior del recuadro de más abajo, dentro del Notepad.
START
CREATERESTOREPOINT:
CLOSEPROCESSES:
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => -> No File
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => -> No File
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => -> No File
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => -> No File
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => -> No File
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => -> No File
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> No File
ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> No File
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> No File
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxlctlfudivq`qsp`20hfm [0]
AlternateDataStreams: C:\Users\rjael\OneDrive:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.SyncRootIdentity [118]
HKU\S-1-5-21-3658204241-1447177482-3472820348-1001\Software\Classes\.scr: AutoCADScriptFile => C:\Windows\system32\notepad.exe "%1"
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-3658204241-1447177482-3472820348-1001\...\Policies\Explorer: []
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\79.0.3945.79\Installer\chrmstp.exe [2019-12-13] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SteelSeries Engine 3.lnk [2019-10-23]
ShortcutTarget: SteelSeries Engine 3.lnk -> C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesEngine3.exe (SteelSeries ApS -> SteelSeries ApS)
Startup: C:\Users\rjael\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\GenuineService.lnk [2019-09-25]
Task: {8fdd1c21-a9ab-4949-a97d-55c623bcd814} - no filepath
Task: {abc60fae-3d43-4518-9c1c-60db37e10a1a} - no filepath
Task: {B050CE60-A8A6-496E-9063-F58C993FE096} - System32\Tasks\USER_ESRV_SVC_QUEENCREEK => "C:\Windows\System32\Wscript.exe" //B //NoLogo "C:\Program Files\Intel\SUR\QUEENCREEK\x64\task.vbs"
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-14] (Google LLC -> Google LLC)
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif]
2019-12-14 21:51 - 2019-10-19 20:58 - 000003834 _____ C:\Windows\system32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473
2019-12-14 21:49 - 2019-09-25 12:38 - 000003152 _____ C:\Windows\system32\Tasks\NahimicSvc64Run
2019-12-14 21:49 - 2019-09-25 12:38 - 000003152 _____ C:\Windows\system32\Tasks\NahimicSvc32Run
2019-12-14 21:46 - 2019-09-25 12:38 - 000003112 _____ C:\Windows\system32\Tasks\NahimicTask32
2019-12-14 21:46 - 2019-09-25 12:38 - 000003092 _____ C:\Windows\system32\Tasks\NahimicTask64
2019-10-04 15:11 - 2019-10-04 15:11 - 000000000 _____ () C:\Users\rjael\AppData\Local\oobelibMkey.log
HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
END

Guárdalo bajo el nombre de FIXLIST.TXT en el escritorio :arrow_backward: Esto es muy importante.

:o: Nota :o: Es importante que la herramienta FRST.exe(Farbar Recovery Scanner Tool) y FIXLIST.TXT se encuentren en la misma ubicación (escritorio) o si no, no trabajara.

Y ahora usa el 2º MÉTODO: de esta Faq de Windows 8(aplicable a Windows 10) :arrow_forward: ¿Cómo iniciar Windows 8/8.1 en Modo Seguro?, para trabajar desde ese modo de windows.

  • Ejecuta FRST.exe.(Si usas Windows Vista/7/8 o 10, presiona clic derecho y seleccionas -Ejecutar como Administrador-).

  • Presionar el botón FIX y aguardar a que termine.

  • La Herramienta guardara el reporte de reparación en el escritorio (FIXLOG.TXT).

Pegar el contenido de este fichero en tu próxima respuesta. :+1:

Reiniciar el equipo y comprobar su funcionamiento en relación al problema planteado y comentarlo.

Saludos.

Aquí está el fixlog resultante.

Fix result of Farbar Recovery Scan Tool (x64) Version: 14-12-2019
Ran by rjael (15-12-2019 19:16:14) Run:1
Running from C:\Users\rjael\Desktop
Loaded Profiles: rjael (Available Profiles: rjael)
Boot Mode: Safe Mode (with Networking)
==============================================

fixlist content:
*****************
START
CREATERESTOREPOINT:
CLOSEPROCESSES:
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => -> No File
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => -> No File
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => -> No File
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => -> No File
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => -> No File
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => -> No File
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> No File
ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> No File
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> No File
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxlctlfudivq`qsp`20hfm [0]
AlternateDataStreams: C:\Users\rjael\OneDrive:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.SyncRootIdentity [118]
HKU\S-1-5-21-3658204241-1447177482-3472820348-1001\Software\Classes\.scr: AutoCADScriptFile => C:\Windows\system32\notepad.exe "%1"
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-3658204241-1447177482-3472820348-1001\...\Policies\Explorer: []
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\79.0.3945.79\Installer\chrmstp.exe [2019-12-13] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SteelSeries Engine 3.lnk [2019-10-23]
ShortcutTarget: SteelSeries Engine 3.lnk -> C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesEngine3.exe (SteelSeries ApS -> SteelSeries ApS)
Startup: C:\Users\rjael\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\GenuineService.lnk [2019-09-25]
Task: {8fdd1c21-a9ab-4949-a97d-55c623bcd814} - no filepath
Task: {abc60fae-3d43-4518-9c1c-60db37e10a1a} - no filepath
Task: {B050CE60-A8A6-496E-9063-F58C993FE096} - System32\Tasks\USER_ESRV_SVC_QUEENCREEK => "C:\Windows\System32\Wscript.exe" //B //NoLogo "C:\Program Files\Intel\SUR\QUEENCREEK\x64\task.vbs"
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-14] (Google LLC -> Google LLC)
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif]
2019-12-14 21:51 - 2019-10-19 20:58 - 000003834 _____ C:\Windows\system32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473
2019-12-14 21:49 - 2019-09-25 12:38 - 000003152 _____ C:\Windows\system32\Tasks\NahimicSvc64Run
2019-12-14 21:49 - 2019-09-25 12:38 - 000003152 _____ C:\Windows\system32\Tasks\NahimicSvc32Run
2019-12-14 21:46 - 2019-09-25 12:38 - 000003112 _____ C:\Windows\system32\Tasks\NahimicTask32
2019-12-14 21:46 - 2019-09-25 12:38 - 000003092 _____ C:\Windows\system32\Tasks\NahimicTask64
2019-10-04 15:11 - 2019-10-04 15:11 - 000000000 _____ () C:\Users\rjael\AppData\Local\oobelibMkey.log
HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
END
*****************

Error: Restore point can only be created in normal mode.
Processes closed successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ MEGA (Pending) => invalid subkey removed.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ MEGA (Synced) => invalid subkey removed.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ MEGA (Syncing) => invalid subkey removed.
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ MEGA (Pending) => invalid subkey removed.
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ MEGA (Synced) => invalid subkey removed.
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ MEGA (Syncing) => invalid subkey removed.
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\MEGA (Context menu) => removed successfully
HKLM\Software\Classes\Drive\ShellEx\ContextMenuHandlers\MEGA (Context menu) => removed successfully
HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\MEGA (Context menu) => removed successfully
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\MEGA (Context menu) => removed successfully
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
C:\ProgramData\Reprise => ":wupeogjxlctlfudivq`qsp`20hfm" ADS removed successfully
C:\Users\rjael\OneDrive => ":${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.SyncRootIdentity" ADS could not remove.
HKU\S-1-5-21-3658204241-1447177482-3472820348-1001\Software\Classes\AutoCADScriptFile => removed successfully
HKU\S-1-5-21-3658204241-1447177482-3472820348-1001\Software\Classes\.scr => removed successfully
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\" => removed successfully
"HKU\S-1-5-21-3658204241-1447177482-3472820348-1001\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\" => removed successfully
HKLM\Software\Microsoft\Active Setup\Installed Components\{8A69D345-D564-463c-AFF1-A69D9E530F96} => removed successfully
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SteelSeries Engine 3.lnk => moved successfully
C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesEngine3.exe => moved successfully
C:\Users\rjael\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\GenuineService.lnk => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8fdd1c21-a9ab-4949-a97d-55c623bcd814}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{abc60fae-3d43-4518-9c1c-60db37e10a1a}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{B050CE60-A8A6-496E-9063-F58C993FE096}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B050CE60-A8A6-496E-9063-F58C993FE096}" => removed successfully
C:\Windows\System32\Tasks\USER_ESRV_SVC_QUEENCREEK => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\USER_ESRV_SVC_QUEENCREEK" => removed successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-14] (Google LLC" => not found
C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll => moved successfully
HKLM\SOFTWARE\Google\Chrome\Extensions\iikflkcanblccfahdhdonehdalibjnif => removed successfully
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\efaidnbmnnnibpcajpcglclefindmkaj => removed successfully
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\iikflkcanblccfahdhdonehdalibjnif => removed successfully
C:\Windows\system32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => moved successfully
C:\Windows\system32\Tasks\NahimicSvc64Run => moved successfully
C:\Windows\system32\Tasks\NahimicSvc32Run => moved successfully
C:\Windows\system32\Tasks\NahimicTask32 => moved successfully
C:\Windows\system32\Tasks\NahimicTask64 => moved successfully
C:\Users\rjael\AppData\Local\oobelibMkey.log => moved successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

========= RemoveProxy: =========

"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully
"HKU\S-1-5-21-3658204241-1447177482-3472820348-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\S-1-5-21-3658204241-1447177482-3472820348-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully


========= End of RemoveProxy: =========


========= netsh winsock reset =========


El cat logo Winsock se restableci¢ correctamente.
Debe reiniciar el equipo para completar el restablecimiento.


========= End of CMD: =========


========= ipconfig /renew =========


Configuraci¢n IP de Windows

No se puede realizar ninguna operaci¢n en Ethernet 2 mientras los medios
est‚n desconectados.

========= End of CMD: =========


========= ipconfig /flushdns =========


Configuraci¢n IP de Windows

Se vaci¢ correctamente la cach‚ de resoluci¢n de DNS.

========= End of CMD: =========


========= bitsadmin /reset /allusers =========


BITSADMIN version 3.0
BITS administration utility.
(C) Copyright Microsoft Corp.

Unable to connect to BITS - 0x8007043c
El servicio no puede iniciarse en modo a prueba de errores



========= End of CMD: =========


========= netsh advfirewall reset =========

Aceptar


========= End of CMD: =========


========= netsh advfirewall set allprofiles state ON =========

Aceptar


========= End of CMD: =========


========= netsh int ipv4 reset =========

Reenv¡o de compartimiento se restableci¢ correctamente.
Compartimiento se restableci¢ correctamente.
Protocolo de control se restableci¢ correctamente.
Solicitud de secuencia eco se restableci¢ correctamente.
Global se restableci¢ correctamente.
Interfaz se restableci¢ correctamente.
Direcci¢n de difusi¢n por proximidad (a se restableci¢ correctamente.
Direcciones de multidifusi¢n se restableci¢ correctamente.
Direcci¢n de unidifusi¢n se restableci¢ correctamente.
Vecino se restableci¢ correctamente.
Ruta de acceso se restableci¢ correctamente.
Posible se restableci¢ correctamente.
Directiva de prefijo se restableci¢ correctamente.
Vecino de proxy se restableci¢ correctamente.
Ruta se restableci¢ correctamente.
Prefijo de sitio se restableci¢ correctamente.
Subinterfaz se restableci¢ correctamente.
Patr¢n de reactivaci¢n se restableci¢ correctamente.
Resolver vecino se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
Error al restablecer .
Acceso denegado.

 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.


========= End of CMD: =========


========= netsh int ipv6 reset =========

Reenv¡o de compartimiento se restableci¢ correctamente.
Compartimiento se restableci¢ correctamente.
Protocolo de control se restableci¢ correctamente.
Solicitud de secuencia eco se restableci¢ correctamente.
Global se restableci¢ correctamente.
Interfaz se restableci¢ correctamente.
Direcci¢n de difusi¢n por proximidad (a se restableci¢ correctamente.
Direcciones de multidifusi¢n se restableci¢ correctamente.
Direcci¢n de unidifusi¢n se restableci¢ correctamente.
Vecino se restableci¢ correctamente.
Ruta de acceso se restableci¢ correctamente.
Posible se restableci¢ correctamente.
Directiva de prefijo se restableci¢ correctamente.
Vecino de proxy se restableci¢ correctamente.
Ruta se restableci¢ correctamente.
Prefijo de sitio se restableci¢ correctamente.
Subinterfaz se restableci¢ correctamente.
Patr¢n de reactivaci¢n se restableci¢ correctamente.
Resolver vecino se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
Error al restablecer .
Acceso denegado.

 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.


========= End of CMD: =========


=========== EmptyTemp: ==========

BITS transfer queue => 10772480 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 13864941 B
Java, Flash, Steam htmlcache => 82888472 B
Windows/system/drivers => 2838073 B
Edge => 36352 B
Chrome => 27405219 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 997953892 B
systemprofile32 => 997953892 B
LocalService => 997954774 B
NetworkService => 997957628 B
rjael => 1416169230 B

RecycleBin => 5310522 B
EmptyTemp: => 5.2 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 01:12:24 ====

Hola.

Perfecto… y cómo sigue el problema que tenias inicialmente…??

1 me gusta

Pues desde que hice esto último que me dijiste, no me ha vuelto a saltar el problema, parece que está solucionado! Mil gracias a ti Javier y al equipo de forospyware, sois unos máquinas!!! :smiley: :smiley:

1 me gusta

Excelente.:+1:

Pero antes de darlo por solucionado… quiero que APAGUES totalmente el equipo y lo vuelvas a encender al menos TRES veces.

Y compruebes SI todo sigue en orden para poderte dar posteriormente los pasos finales

Saludos.

Este tema se cerró automáticamente 2 días después de la última publicación. No se permiten nuevas respuestas.