Caracteres raros

Hola muy buenas a tod@s desde hace un tiempo me salen unos caracteres muy raros en los textos y a veces se me hace un poco complicado leer los textos. Creo que fallan las palabras con tílde y me salen cosas raras, pongo una captura de ejemplo.

En la parte superior derecha sale un recuadro azul donde debería de poner iniciar sesión y no es así pero deduzco que debería de poner eso.

y así en muchos textos y web, qué debo hacer…??

Gracias, Saludos Polesu.

Hola

Que sistema operativo tienes?

Esos caracteres, afectan a un navegador en concreto o a todos?

Hola buenas…uso el Windows 10 Home Mi navegador habitual es el mozila firefox y es el que mas fallos me da, acabo de probar con el Chrome y también me salen “errores” en los caracteres.

Gracias, saludos polesu

Realiza los siguientes pasos, , aunque ya hayas echo alguno, sin cambiar el orden

1) Descarga, actualiza y ejecuta Malwarebytes’ Anti-Malware,

Manual Malwarebytes, para que sepas usarlo y configurarlo.

  • Realiza un Análisis Personalizado,marcando Todas las casillas de la derecha y de la Izquierda actualizando si te lo pide.
  • Pulsar en “Eliminar Seleccionados” para enviarlo a la cuarentena y Reinicias el sistema.
  • Para acceder posteriormente al informe del análisis : Informes >> Registro de análisis >> Pulsar en >> Exportar >> Copiar al Portapapeles, y lo pegas en tu respuesta

2) Descarga Adwcleaner en el escritorio.

  • Desactiva tu antivirus :arrow_forward:Como deshabilitar temporalmente un antivirus y cualquier programa de seguridad.

  • Ejecuta Adwcleaner.exe (Si usas Windows Vista/7 u 8 presiona clic derecho y selecciona "Ejecutar como Administrador.")

  • Pulsar en el botón Analizar Ahora, y espera a que se realice el proceso, inmediatamente pulsa sobre el botón Iniciar Reparacion.

  • Espera a que se complete y sigue las instrucciones, si te pidiera Reiniciar el sistema Aceptas.

  • Si no encuentra nada, pulsamos “Omitir Reparación

  • El log lo encontramos en la pestaña “Informes”, volviendo a abrir el programa, si es necesario o en"C:\AdwCleaner\Logs\AdwCleaner[C0].txt"

Puedes mirar su manual >> Manual de Adwcleaner

3) Descarga Ccleaner

Instalalo y ejecútalo. En la pestaña limpiador dejas como esta configurada predeterminadamente, haces clic en analizar esperas que termine > clic en ejecutar limpiador. Clic en la pestaña Registro > clic en buscar problemas esperas que termine > clic en Reparar Seleccionadas y haces una copia de seguridad.

Pega los reportes de Malwarebytes, AdwCleaner y comentas como va el problema.


Malwarebytes
www.malwarebytes.com

-Detalles del registro-
Fecha del análisis: 21/6/19
Hora del análisis: 18:47
Archivo de registro: 4761dfb8-9444-11e9-96a0-fc4596f0a1a4.json

-Información del software-
Versión: 3.7.1.2839
Versión de los componentes: 1.0.586
Versión del paquete de actualización: 1.0.11184
Licencia: Prueba

-Información del sistema-
SO: Windows 10 (Build 17134.829)
CPU: x64
Sistema de archivos: NTFS
Usuario: LAPTOP-L5EFGI1N\RUBEN

-Resumen del análisis-
Tipo de análisis: Análisis personalizado
Análisis iniciado por:: Manual
Resultado: Completado
Objetos analizados: 600455
Amenazas detectadas: 27
Amenazas en cuarentena: 0
Tiempo transcurrido: 4 hr, 48 min, 41 seg

-Opciones de análisis-
Memoria: Activado
Inicio: Activado
Sistema de archivos: Activado
Archivo: Activado
Rootkits: Activado
Heurística: Activado
PUP: Detectar
PUM: Detectar

-Detalles del análisis-
Proceso: 0
(No hay elementos maliciosos detectados)

Módulo: 0
(No hay elementos maliciosos detectados)

Clave del registro: 16
PUP.Optional.SurfLive, HKU\S-1-5-21-721675818-2333492642-993102402-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{121C1664-60D7-4E86-A762-2140EF7D2F93}, Sin acciones por parte del usuario, [397], [465505],1.0.11184
PUP.Optional.InstallCore.Generic, HKLM\SOFTWARE\CLASSES\TYPELIB\{B0407D14-269B-4E52-893C-440DA17813C3}, Sin acciones por parte del usuario, [559], [621110],1.0.11184
PUP.Optional.InstallCore.Generic, HKLM\SOFTWARE\CLASSES\INTERFACE\{21A9C99D-CCD8-42BD-AFC9-B074ABCA319F}, Sin acciones por parte del usuario, [559], [621110],1.0.11184
PUP.Optional.InstallCore.Generic, HKLM\SOFTWARE\CLASSES\INTERFACE\{40BD26C6-3139-47F3-84E6-E33B002ED5DE}, Sin acciones por parte del usuario, [559], [621110],1.0.11184
PUP.Optional.InstallCore.Generic, HKLM\SOFTWARE\CLASSES\INTERFACE\{70AF754A-8580-4C00-B2BA-857037BE831F}, Sin acciones por parte del usuario, [559], [621110],1.0.11184
PUP.Optional.InstallCore.Generic, HKLM\SOFTWARE\CLASSES\INTERFACE\{963D710B-65FA-4C8F-A0F8-D1D6D7E39037}, Sin acciones por parte del usuario, [559], [621110],1.0.11184
PUP.Optional.InstallCore.Generic, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{21A9C99D-CCD8-42BD-AFC9-B074ABCA319F}, Sin acciones por parte del usuario, [559], [621110],1.0.11184
PUP.Optional.InstallCore.Generic, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{40BD26C6-3139-47F3-84E6-E33B002ED5DE}, Sin acciones por parte del usuario, [559], [621110],1.0.11184
PUP.Optional.InstallCore.Generic, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{70AF754A-8580-4C00-B2BA-857037BE831F}, Sin acciones por parte del usuario, [559], [621110],1.0.11184
PUP.Optional.InstallCore.Generic, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{963D710B-65FA-4C8F-A0F8-D1D6D7E39037}, Sin acciones por parte del usuario, [559], [621110],1.0.11184
PUP.Optional.InstallCore.Generic, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{21A9C99D-CCD8-42BD-AFC9-B074ABCA319F}, Sin acciones por parte del usuario, [559], [621110],1.0.11184
PUP.Optional.InstallCore.Generic, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{40BD26C6-3139-47F3-84E6-E33B002ED5DE}, Sin acciones por parte del usuario, [559], [621110],1.0.11184
PUP.Optional.InstallCore.Generic, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{70AF754A-8580-4C00-B2BA-857037BE831F}, Sin acciones por parte del usuario, [559], [621110],1.0.11184
PUP.Optional.InstallCore.Generic, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{963D710B-65FA-4C8F-A0F8-D1D6D7E39037}, Sin acciones por parte del usuario, [559], [621110],1.0.11184
PUP.Optional.InstallCore.Generic, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{B0407D14-269B-4E52-893C-440DA17813C3}, Sin acciones por parte del usuario, [559], [621110],1.0.11184
PUP.Optional.InstallCore.Generic, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{B0407D14-269B-4E52-893C-440DA17813C3}, Sin acciones por parte del usuario, [559], [621110],1.0.11184

Valor del registro: 1
PUP.Optional.SurfLive, HKU\S-1-5-21-721675818-2333492642-993102402-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{121C1664-60D7-4E86-A762-2140EF7D2F93}|URL, Sin acciones por parte del usuario, [397], [465505],1.0.11184

Datos del registro: 0
(No hay elementos maliciosos detectados)

Secuencia de datos: 0
(No hay elementos maliciosos detectados)

Carpeta: 0
(No hay elementos maliciosos detectados)

Archivo: 10
PUP.Optional.InstallCore.Generic, C:\PROGRAM FILES (X86)\DSNET CORP\ATUBE CATCHER 2.0\EWORKER.EXE, Sin acciones por parte del usuario, [559], [621110],1.0.11184
PUP.Optional.InstallCore.Generic, C:\USERS\MEDIA SERVICE\APPDATA\ROAMING\MICROSOFT\INTERNET EXPLORER\QUICK LAUNCH\User Pinned\TaskBar\aTube Catcher.lnk, Sin acciones por parte del usuario, [559], [621110],1.0.11184
PUP.Optional.InstallCore.Generic, C:\USERS\MEDIA SERVICE\DESKTOP\PROGRAMAS\aTube Catcher.lnk, Sin acciones por parte del usuario, [559], [621110],1.0.11184
PUP.Optional.InstallCore.Generic, C:\PROGRAM FILES (X86)\DSNET CORP\ATUBE CATCHER 2.0\YCT.EXE, Sin acciones por parte del usuario, [559], [621110],1.0.11184
Trojan.Agent.Generic, C:\USERS\MEDIA SERVICE\APPDATA\ROAMING\MICROSOFT\WINDOWS\START MENU\PROGRAMS\STARTUP\START.LNK, Sin acciones por parte del usuario, [3704], [394779],1.0.11184
PUP.Optional.InstallCore.Generic, C:\USERS\MEDIA SERVICE\DESKTOP\PROGRAMAS\ATUBE CATCHER ENERO 2019\ATUBE_CATCHER_2061800459.EXE, Sin acciones por parte del usuario, [559], [621110],1.0.11184
HackTool.Agent, C:\USERS\MEDIA SERVICE\DOWNLOADS\1\AFTER EFFECTS 64 BITS\AFS2017\AMTEMU.V0.9.1.WIN-PAINTER\AMTEMU.V0.9.1-PAINTER.EXE, Sin acciones por parte del usuario, [3931], [448498],1.0.11184
Generic.Malware/Suspicious, C:\USERS\MEDIA SERVICE\DOWNLOADS\RECUPERAR ARCHIVOS MICRO SD\VERSION PRO\EASEUS DARA RECOVERY WIZARD 11\KEYGEN\EDRW_KEYGEN.EXE, Sin acciones por parte del usuario, [0], [392686],1.0.11184
Generic.Malware/Suspicious, C:\USERS\MEDIA SERVICE\DOWNLOADS\RECUPERAR ARCHIVOS MICRO SD\VERSION PRO\EASEUS DATA RECOVERY WIZARD 11.RAR, Sin acciones por parte del usuario, [0], [392686],1.0.11184
PUP.Optional.InstallCore.Generic, C:\USERS\MEDIA SERVICE\DOWNLOADS\BAJAR VIDEOS\5555\RTMPDUMP.EXE, Sin acciones por parte del usuario, [559], [511908],1.0.11184

Sector físico: 0
(No hay elementos maliciosos detectados)

WMI: 0
(No hay elementos maliciosos detectados)


(end)
# -------------------------------
# Malwarebytes AdwCleaner 7.3.0.0
# -------------------------------
# Build:    04-04-2019
# Database: 2019-06-18.1 (Cloud)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start:    06-22-2019
# Duration: 00:00:04
# OS:       Windows 10 Home
# Cleaned:  11
# Failed:   0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted       C:\Program Files (x86)\mipony
Deleted       C:\Users\Media Service\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\mipony
Deleted       C:\Users\Media Service\AppData\Roaming\mipony
Deleted       C:\Users\Public\App Explorer

***** [ Files ] *****

Deleted       C:\Users\Media Service\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\MiPony.lnk

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted       HKCU\Software\Microsoft\Internet Explorer\Main|Start Page
Deleted       HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MiPony.exe
Deleted       HKLM\Software\Classes\mipony
Deleted       HKLM\Software\Classes\mpybrowser
Deleted       HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\App Paths\MiPony.exe
Deleted       HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\MiPony

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [2146 octets] - [22/06/2019 12:41:12]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

Muy buenas, después de hacer el paso de ccleaner sigue todo igual que antes, los caracteres siguen saliendo raros. Muestro captura de ejemplo en el enlace Manual Malwarebytes

Gracias, Saludos Polesu

Malwarebytes pone que " sin acciones por el usuario"

Asegurarte de que elimino todo, mirando en “cuarentena” , y si no estan ahi, debes repetir el análisis

Ademas pega estos logs

  • Desactiva Temporalmente tu antivirus y cualquier programa de seguridad.

  • Descarga a Tu Escritorio >> Esto es muy importante<<.,Fabar Recovery Scan Tool, considerando la versión adecuada para tu equipo. (32 o 64 bits) :arrow_forward: ¿Cómo saber si mi Windows es de 32 o 64 bits?

  • Doble clic para ejecutar Frst.exe. En la ventana del Disclaimer, presiona Yes.

  • En la nueva ventana que se abre, presiona el botón Scan y espera a que concluya el análisis.

  • Se abrirán dos (2) archivos (Logs), Frst.txt y Addition.txt, que estarán grabados en Tu escritorio.

En Tu próxima respuesta, copias y pegas los dos reportes Frst.txt y Addition.txt de FRST

Nota: Si el/los reportes solicitados no entraran en una sola respuesta porque superan la cantidad de caracteres permitidos, puedes utilizar dos o mas respuestas para pegarlos completamente.

Una duda mas…esos caracteres afectan a navegadores como Edge o Internet Explorer, u a otras aplicaciones o programas, incluido el propio sistema?

Este problema, te das cuenta cundo surgió??..una actualización de windows, una instalacion de algún programa, etc ( o desde que dia o fecha aprox.)

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 24-06-2019
Ran by RUBEN (administrator) on LAPTOP-L5EFGI1N (Acer Aspire A515-51G) (24-06-2019 22:17:28)
Running from C:\Users\Media Service\Downloads
Loaded Profiles: RUBEN &  (Available Profiles: defaultuser0 & RUBEN)
Platform: Windows 10 Home Version 1803 17134.829 (X64) Language: Español (España, internacional)
Default browser: IE
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.46.60.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
(Acer Incorporated -> ) C:\OEM\Preload\FUBService\FUBService.exe
(Acer Incorporated -> Acer Cloud Technology) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files (x86)\Acer\Acer Collection\ACEMon.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\ePowerButton_NB.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QAAdminAgent.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QAAgent.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QALockHandler.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QASvc.exe
(Adobe Systems Incorporated -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(David Carpenter -> ) C:\Program Files\Everything\Everything.exe
(Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation-Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Intel Corporation-Wireless Connectivity Solutions -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel Corporation-Wireless Connectivity Solutions -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation-Wireless Connectivity Solutions -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_ab736fe7f232ee1e\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_ab736fe7f232ee1e\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_ab736fe7f232ee1e\igfxext.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_ab736fe7f232ee1e\IntelCpHDCPSvc.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_ab736fe7f232ee1e\IntelCpHeciSvc.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.46.60.0_x64__kzf8qxf38zg5c\SkypeApp.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\rempl\sedlauncher.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_YATIIYE.EXE

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\nvspcap64.dll [1882168 2017-02-23] (NVIDIA Corporation -> NVIDIA Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18391088 2018-10-18] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_ASC] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1506352 2018-10-18] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_CTPreset] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1506352 2018-10-18] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [Everything] => C:\Program Files\Everything\Everything.exe [2197608 2017-06-07] (David Carpenter -> )
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [242392 2018-11-04] (AVAST Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2383040 2016-10-12] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc. -> Apple Inc.)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKU\S-1-5-21-721675818-2333492642-993102402-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-06242019220129635\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-721675818-2333492642-993102402-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27832264 2017-10-06] (Skype Software Sarl -> Skype Technologies S.A.)
HKU\S-1-5-21-721675818-2333492642-993102402-1001\...\Run: [EPLTarget\P0000000000000000] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATIIYE.EXE [283232 2014-12-18] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
HKU\S-1-5-21-721675818-2333492642-993102402-1001\...\Run: [GUDelayStartup] => C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe [43984 2018-03-16] (Glarysoft LTD -> Glarysoft Ltd)
HKU\S-1-5-21-721675818-2333492642-993102402-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [18630056 2018-09-10] (Piriform Ltd -> Piriform Ltd)
HKU\S-1-5-21-721675818-2333492642-993102402-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-721675818-2333492642-993102402-1001\...\Run: [EPLTarget\P0000000000000001] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATIIYE.EXE [283232 2014-12-18] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
HKU\S-1-5-21-721675818-2333492642-993102402-1001\...\Run: [Spotify] => C:\Users\Media Service\AppData\Roaming\Spotify\Spotify.exe [25941224 2019-01-24] (Spotify AB -> Spotify Ltd)
HKU\S-1-5-21-721675818-2333492642-993102402-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-06242019220131025\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27832264 2017-10-06] (Skype Software Sarl -> Skype Technologies S.A.)
HKU\S-1-5-21-721675818-2333492642-993102402-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-06242019220131025\...\Run: [EPLTarget\P0000000000000000] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATIIYE.EXE [283232 2014-12-18] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
HKU\S-1-5-21-721675818-2333492642-993102402-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-06242019220131025\...\Run: [GUDelayStartup] => C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe [43984 2018-03-16] (Glarysoft LTD -> Glarysoft Ltd)
HKU\S-1-5-21-721675818-2333492642-993102402-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-06242019220131025\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [18630056 2018-09-10] (Piriform Ltd -> Piriform Ltd)
HKU\S-1-5-21-721675818-2333492642-993102402-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-06242019220131025\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-721675818-2333492642-993102402-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-06242019220131025\...\Run: [EPLTarget\P0000000000000001] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATIIYE.EXE [283232 2014-12-18] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
HKU\S-1-5-21-721675818-2333492642-993102402-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-06242019220131025\...\Run: [Spotify] => C:\Users\Media Service\AppData\Roaming\Spotify\Spotify.exe [25941224 2019-01-24] (Spotify AB -> Spotify Ltd)
HKLM\...\Drivers32: [VIDC.FMVC] => C:\Windows\SysWOW64\fmcodec.dll [77824 2008-08-18] (Fox Magic Software) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\75.0.3770.100\Installer\chrmstp.exe [2019-06-21] (Google LLC -> Google LLC)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {09195D59-1D96-420D-872D-EB169072B9B5} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26167288 2019-06-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {0CCFD003-CFD5-4DDC-8C51-C3B8456BDDB0} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [648248 2017-02-23] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {0EC06DD4-359A-4F29-9B5F-BC2ABF0C5E15} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe [112664 2019-06-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {0ECDE335-3164-4893-9BB8-2B72D9D81C3A} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2281944 2019-06-05] (AVAST Software s.r.o. -> AVAST Software)
Task: {2EC34AED-8AEE-4BB8-8187-B590685B7877} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [464440 2017-02-23] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {30BA32FF-C736-4DBF-B6D2-945C6C3E1472} - System32\Tasks\AdobeGCInvoker-1.0-LAPTOP-L5EFGI1N-RUBEN => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe
Task: {34CE086F-4147-4265-AD60-89EF93ACCC17} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26167288 2019-06-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {35C71688-9F89-49E3-8854-5B26DBF40F20} - System32\Tasks\DashlaneUpgradeCheck => net [Argument = start "Dashlane Upgrade Service"]
Task: {36D3B91D-E424-4A1B-999F-0E54CE95E9BC} - System32\Tasks\AdobeAAMUpdater-1.0-LAPTOP-L5EFGI1N-RUBEN => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
Task: {36D8B090-4959-42F0-84A0-3411C1E93E46} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [13797712 2018-09-10] (Piriform Ltd -> Piriform Ltd)
Task: {47F70FD1-9D9F-4807-B569-8EFAB5A664C7} - System32\Tasks\GlaryInitialize 5 => C:\Program Files (x86)\Glary Utilities 5\Initialize.exe [135120 2018-03-16] (Glarysoft LTD -> Glarysoft Ltd)
Task: {532E6FDA-B8DB-4026-8F9D-AEE686A8A280} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [718904 2017-02-23] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {676DAC2F-C006-40AC-96BB-EF2ECDC653BC} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-02-05] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {7D337314-518F-4821-BEAB-97511BB44424} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [437816 2017-02-23] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {8381E1C4-00C9-4E2F-9D38-23FFF1C54213} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-09-28] (Google Inc -> Google Inc.)
Task: {8D9204EC-F6DC-4780-B073-206CB8A6A81F} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2763992 2018-11-04] (AVAST Software s.r.o. -> AVAST Software)
Task: {927DDFA7-BEC2-4A8D-8EA3-211118212191} - System32\Tasks\BacKGroundAgent => C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe [65752 2016-08-30] (Acer Incorporated -> Acer Incorporated)
Task: {9826C9E1-93EA-4D77-8643-35FE89149AB8} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [543536 2016-12-05] (Intel(R) Trust Services -> Intel(R) Corporation)
Task: {9A025675-3CBB-4FD9-A47C-66036CA05001} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {9F5223FE-91AC-4927-82B1-C4CB9B905CF4} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1448480 2019-06-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {A8D249E6-FFA5-46BC-BABA-D9E352E123E6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-09-28] (Google Inc -> Google Inc.)
Task: {B6280F3A-57D1-4EEE-B3C6-9BF1B9784018} - System32\Tasks\Acer Collection Application => C:\Program Files (x86)\Acer\Acer Collection\ACEStd.exe [479024 2017-03-02] (Acer Incorporated -> )
Task: {B694C4B6-1723-4F85-8FA6-4DBF22F7C255} - System32\Tasks\Acer Collection Monitor Application => C:\Program Files (x86)\Acer\Acer Collection\ACEMon.exe [417072 2017-03-02] (Acer Incorporated -> Acer Incorporated)
Task: {B75A45F3-8CA0-425E-8CD5-385698CFD1DB} - System32\Tasks\User Boot Experience Task => C:\OEM\Preload\FUBService\FUBService.exe [30976 2015-05-14] (Acer Incorporated -> )
Task: {B7706869-9A14-46B7-B192-99F458E0B705} - System32\Tasks\Quick Access => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [445744 2017-02-15] (Acer Incorporated -> Acer Incorporated)
Task: {B89E1DEE-05D6-41DE-AB5B-81A2D10D0BEA} - System32\Tasks\AcerCMUpdateTask2.1.16258 => C:\Program Files (x86)\Acer\Amundsen\2.1.16258\AWC.exe [152880 2016-09-20] (Acer Incorporated -> )
Task: {C6A80C72-3536-4178-87FF-32E188E9655C} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [718904 2017-02-23] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {CC3D6A4D-A8A6-44B4-975E-6EB5A57DEB63} - System32\Tasks\Power Button => C:\Program Files\Acer\Acer Quick Access\ePowerButton_NB.exe [2767664 2017-02-15] (Acer Incorporated -> Acer Incorporated)
Task: {D3AE8D5B-DE46-40A9-8DE9-F2ADEF5D8F0B} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe [112664 2019-06-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {D638BFB7-2983-4F0D-94DA-FB25C69B5066} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1448480 2019-06-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {DABDA065-3BBA-4A03-AF4E-4178667D94F9} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [648248 2017-02-23] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {DC17FEA8-1955-49F1-9514-55167027C6D1} - System32\Tasks\UbtFrameworkService => C:\Program Files\Acer\User Experience Improvement Program\Framework\TriggerFramework.exe [215856 2017-02-17] (Acer Incorporated -> TODO: <Company name>)
Task: {EB86BAB4-8D95-4EB8-A405-2F76AE144474} - System32\Tasks\Red Giant Link => C:\Program Files (x86)\Red Giant Link\Red Giant Link.exe [125656 2013-10-10] (Red Giant Software  LLC -> )
Task: {EDBB1DE9-B84F-439A-9BD2-B100311CD3FF} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_30_0_0_134_Plugin.exe [1447936 2018-08-01] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {F446B0A5-F067-470F-9EA1-95FBAE1F5995} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [947256 2017-02-23] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {F5EB56A0-9DF4-43B0-9BEF-8F623A5BA7FC} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [473904 2017-02-21] (Acer Incorporated -> Acer Incorporated)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{bdfa08e2-643a-44b5-9629-cf440d0b426f}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
HKU\S-1-5-21-721675818-2333492642-993102402-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer17win10.msn.com/?pc=ACTE
HKU\S-1-5-21-721675818-2333492642-993102402-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-06242019220131025\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer17win10.msn.com/?pc=ACTE
SearchScopes: HKU\S-1-5-21-721675818-2333492642-993102402-1001 -> DefaultScope {121C1664-60D7-4E86-A762-2140EF7D2F93} URL = 
SearchScopes: HKU\S-1-5-21-721675818-2333492642-993102402-1001 -> {3D34F487-B421-4BF6-9130-3E769C4CDF39} URL = 
SearchScopes: HKU\S-1-5-21-721675818-2333492642-993102402-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-06242019220131025 -> DefaultScope {121C1664-60D7-4E86-A762-2140EF7D2F93} URL = 
SearchScopes: HKU\S-1-5-21-721675818-2333492642-993102402-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-06242019220131025 -> {3D34F487-B421-4BF6-9130-3E769C4CDF39} URL = 
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2019-06-02] (Microsoft Corporation -> Microsoft Corporation)
Toolbar: HKLM-x32 - TextAloud - {F053C368-5458-45B2-9B4D-D8914BDDDBFF} - C:\Program Files (x86)\TextAloud\TAForIE.dll [2007-08-25] () [File not signed]
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-06-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-06-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-06-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-06-02] (Microsoft Corporation -> Microsoft Corporation)

Edge: 
======
Edge HomeButtonPage: HKU\S-1-5-21-721675818-2333492642-993102402-1001 -> hxxp://www.google.com

FireFox:
========
FF DefaultProfile: z19x5o42.default
FF ProfilePath: C:\Users\Media Service\AppData\Roaming\Mozilla\Firefox\Profiles\z19x5o42.default [2019-06-24]
FF Homepage: Mozilla\Firefox\Profiles\z19x5o42.default -> hxxps://www.google.es
FF NewTabOverride: Mozilla\Firefox\Profiles\z19x5o42.default -> Disabled: [email protected]
FF NewTabOverride: Mozilla\Firefox\Profiles\z19x5o42.default -> Disabled: [email protected]_GroupSpeedDial
FF Extension: (Image Picker) - C:\Users\Media Service\AppData\Roaming\Mozilla\Firefox\Profiles\z19x5o42.default\Extensions\[email protected] [2018-01-15] [Legacy]
FF Extension: (audio-prime) - C:\Users\Media Service\AppData\Roaming\Mozilla\Firefox\Profiles\z19x5o42.default\Extensions\[email protected] [2019-04-28]
FF Extension: (Español (España) Language Pack) - C:\Users\Media Service\AppData\Roaming\Mozilla\Firefox\Profiles\z19x5o42.default\Extensions\[email protected] [2018-06-27]
FF Extension: (NetVideoHunter) - C:\Users\Media Service\AppData\Roaming\Mozilla\Firefox\Profiles\z19x5o42.default\Extensions\[email protected] [2018-01-14] [Legacy]
FF Extension: (Mozilla Partner Defaults) - C:\Users\Media Service\AppData\Roaming\Mozilla\Firefox\Profiles\z19x5o42.default\Extensions\[email protected] [2017-09-29] [Legacy]
FF Extension: (Avast SafePrice) - C:\Users\Media Service\AppData\Roaming\Mozilla\Firefox\Profiles\z19x5o42.default\Extensions\[email protected] [2018-04-15] [UpdateUrl:hxxps://firefoxext.avcdn.net/firefoxext/avast/sp/update.json]
FF Extension: (Avast Online Security) - C:\Users\Media Service\AppData\Roaming\Mozilla\Firefox\Profiles\z19x5o42.default\Extensions\[email protected] [2019-04-29]
FF Extension: (Pearl Crescent Page Saver) - C:\Users\Media Service\AppData\Roaming\Mozilla\Firefox\Profiles\z19x5o42.default\Extensions\{c151d79e-e61b-4a90-a887-5a46d38fba99}.xpi [2017-11-15] [Legacy]
FF Extension: (Adblock Plus - bloqueador de anuncios gratis) - C:\Users\Media Service\AppData\Roaming\Mozilla\Firefox\Profiles\z19x5o42.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2019-04-22]
FF Extension: (No Name) - C:\Users\Media Service\AppData\Roaming\Mozilla\Firefox\Profiles\z19x5o42.default\extensions\{64161300-e22b-11db-8314-0800200c9a66}.xpi [not found]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_30_0_0_134.dll [2018-08-01] (Adobe Systems Incorporated -> )
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2016-10-12] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_30_0_0_134.dll [2018-08-01] (Adobe Systems Incorporated -> )
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2019-04-04] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2016-10-12] (Adobe Systems Incorporated -> Adobe Systems)

Chrome: 
=======
CHR HomePage: Default -> hxxps://www.google.com/
CHR StartupUrls: Default -> "hxxps://www.google.com/"
CHR Profile: C:\Users\Media Service\AppData\Local\Google\Chrome\User Data\Default [2019-06-22]
CHR Extension: (Presentaciones) - C:\Users\Media Service\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-01-16]
CHR Extension: (Documentos) - C:\Users\Media Service\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-01-16]
CHR Extension: (Google Drive) - C:\Users\Media Service\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-01-16]
CHR Extension: (YouTube) - C:\Users\Media Service\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-01-16]
CHR Extension: (Avast SafePrice | Comparaciones, ofertas y cupones) - C:\Users\Media Service\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2019-06-20]
CHR Extension: (Hojas de cálculo) - C:\Users\Media Service\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-01-16]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\Media Service\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-05-09]
CHR Extension: (Avast Online Security) - C:\Users\Media Service\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2019-05-09]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Media Service\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-08-02]
CHR Extension: (Gmail) - C:\Users\Media Service\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-05-09]
CHR Extension: (Chrome Media Router) - C:\Users\Media Service\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-06-20]
CHR Extension: (Free Video Downloader) - C:\Users\Media Service\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgadljdflpomdcdacknofppeejgmjdn [2018-08-02]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [2321384 2018-05-11] (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [8188768 2018-11-04] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [325024 2018-11-04] (AVAST Software s.r.o. -> AVAST Software)
S3 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [57504 2018-11-04] (AVAST Software s.r.o. -> AVAST Software)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [2267352 2016-08-30] (Acer Incorporated -> Acer Incorporated)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11146224 2019-06-06] (Microsoft Corporation -> Microsoft Corporation)
S2 Dashlane Upgrade Service; C:\Program Files (x86)\Dashlane\Upgrade\DashlaneUpgradeService.exe [83992 2017-08-23] (Dashlane -> Dashlane, Inc.)
S2 Ds3Service; C:\Users\Media Service\Downloads\MANDO PLAY PARA PC\MANDO PS3 PC\ScpServer\bin\ScpService.exe [381952 2014-03-13] (Scarlet.Crush Productions) [File not signed]
R2 Everything; C:\Program Files\Everything\Everything.exe [2197608 2017-06-07] (David Carpenter -> )
S3 GSService; C:\WINDOWS\SysWOW64\GSService.exe [505056 2013-09-09] (cyan soft ltd -> )
R2 ibtsiva; C:\WINDOWS\system32\ibtsiva.exe [183568 2016-10-06] (Intel Corporation-Wireless Connectivity Solutions -> Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [630048 2016-12-05] (Intel(R) Trust Services -> Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [196200 2017-02-19] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6562472 2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268704 2016-08-04] (Intel Corporation-Wireless Connectivity Solutions -> )
S3 QALSvc; C:\Program Files\Acer\Acer Quick Access\QALSvc.exe [461616 2017-02-15] (Acer Incorporated -> Acer Incorporated)
R3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [506672 2017-02-15] (Acer Incorporated -> Acer Incorporated)
S3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [296752 2017-02-21] (Acer Incorporated -> acer)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1807.18075-0\NisSrv.exe [3905952 2018-08-01] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1807.18075-0\MsMpEng.exe [110944 2018-08-01] (Microsoft Corporation -> Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3732896 2016-08-04] (Intel Corporation-Wireless Connectivity Solutions -> Intel® Corporation)
S3 NvContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -s NvContainerLocalSystem -a -f "C:\ProgramData\NVIDIA\NvContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem" -r -p 30000
S3 NvContainerNetworkService; "C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -s NvContainerNetworkService -f "C:\ProgramData\NVIDIA\NvContainerNetworkService.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\NetworkService" -r -p 30000
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugin"

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AIDA64Driver; C:\Program Files (x86)\FinalWire\AIDA64 Extreme\kerneld.x64 [45696 2017-11-26] (FinalWire Kft. -> )
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [201408 2018-11-04] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdrivera.sys [230512 2018-11-04] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsha.sys [201928 2018-11-04] (AVAST Software s.r.o. -> AVAST Software)
R0 aswblog; C:\WINDOWS\System32\drivers\aswbloga.sys [346760 2018-11-04] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniva.sys [59664 2018-11-04] (AVAST Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [15360 2018-07-17] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [185240 2018-11-04] (AVAST Software s.r.o. -> AVAST Software)
S3 aswHwid; C:\WINDOWS\System32\drivers\aswHwid.sys [47064 2018-11-04] (AVAST Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42456 2018-11-04] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [163376 2018-11-04] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [111968 2018-11-04] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [88112 2018-11-04] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [1028840 2018-11-04] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [469488 2019-04-13] (AVAST Software s.r.o. -> AVAST Software)
S2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [208640 2018-11-04] (AVAST Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [381144 2018-11-04] (AVAST Software s.r.o. -> AVAST Software)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [153328 2019-01-08] (Malwarebytes Corporation -> Malwarebytes)
R3 ETDI2C; C:\WINDOWS\system32\DRIVERS\ETDI2C.sys [217680 2016-12-26] (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronic Corp.)
S1 GUBootStartup; C:\Windows\System32\drivers\GUBootStartup.sys [28424 2018-03-22] (Glarysoft LTD -> Glarysoft Ltd)
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [179472 2016-10-06] (Intel Corporation-Wireless Connectivity Solutions -> Intel Corporation)
R3 LMDriver; C:\WINDOWS\System32\drivers\LMDriver.sys [31000 2018-05-15] (Acer Incorporated -> Acer Incorporated)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [199768 2019-06-24] (Malwarebytes Corporation -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [20936 2019-02-01] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [127136 2019-06-24] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [73912 2019-06-24] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [275232 2019-06-24] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [117344 2019-06-24] (Malwarebytes Corporation -> Malwarebytes)
R3 Netwtw04; C:\WINDOWS\System32\drivers\Netwtw04.sys [7689728 2018-04-12] (Microsoft Windows -> Intel Corporation)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvac.inf_amd64_d424a07e89ab274a\nvlddmkm.sys [17036560 2018-03-08] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [29240 2017-02-23] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [47672 2017-02-23] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [59448 2017-02-23] (NVIDIA Corporation -> NVIDIA Corporation)
R3 RadioShim; C:\WINDOWS\System32\drivers\RadioShim.sys [25368 2018-05-15] (Acer Incorporated -> Acer Incorporated)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [947712 2017-01-16] (Realtek Semiconductor Corp. -> Realtek )
R3 RTSPER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [779232 2016-12-15] (Realtek Semiconductor Corp. -> Realsil Semiconductor Corporation)
R3 ScpVBus; C:\WINDOWS\System32\drivers\ScpVBus.sys [39168 2013-05-19] (Bruce James -> Scarlet.Crush Productions)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [46584 2018-08-01] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [340008 2018-08-01] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [61992 2018-08-01] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-06-24 22:17 - 2019-06-24 22:19 - 000038183 _____ C:\Users\Media Service\Downloads\FRST.txt
2019-06-24 22:17 - 2019-06-24 22:17 - 000000000 ____D C:\FRST
2019-06-24 22:14 - 2019-06-24 22:14 - 002418688 _____ (Farbar) C:\Users\Media Service\Downloads\FRST64.exe
2019-06-24 22:00 - 2019-06-24 22:00 - 000199768 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2019-06-24 22:00 - 2019-06-24 22:00 - 000073912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2019-06-24 21:59 - 2019-06-24 21:59 - 000275232 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2019-06-24 21:59 - 2019-06-24 21:59 - 000127136 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2019-06-24 21:59 - 2019-06-24 21:59 - 000117344 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2019-06-22 13:11 - 2019-06-22 13:11 - 000000164 _____ C:\Users\Media Service\Documents\cc_20190622_131103.reg
2019-06-22 13:10 - 2019-06-22 13:10 - 000013886 _____ C:\Users\Media Service\Documents\cc_20190622_131030.reg
2019-06-22 12:39 - 2019-06-22 12:39 - 007025360 _____ (Malwarebytes) C:\Users\Media Service\Desktop\adwcleaner_7.3.exe
2019-06-21 18:45 - 2019-06-21 18:45 - 000713397 _____ C:\Users\Media Service\Desktop\EXAMEN PATRY NACIONALIDAD.pdf
2019-06-21 18:36 - 2019-06-21 18:36 - 000000000 ____D C:\Users\Media Service\AppData\Local\mbam
2019-06-21 18:35 - 2019-06-21 18:35 - 000000000 ____D C:\Users\Media Service\AppData\Local\mbamtray
2019-06-21 18:33 - 2019-06-21 18:33 - 000001916 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2019-06-21 18:33 - 2019-06-21 18:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-06-21 18:33 - 2019-02-01 12:20 - 000020936 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2019-06-21 18:30 - 2019-06-21 18:30 - 064019096 _____ (Malwarebytes ) C:\Users\Media Service\Downloads\mb3-setup-consumer-3.7.1.2839-1.0.586-1.0.11154.exe
2019-06-18 18:29 - 2019-06-18 18:29 - 000002463 _____ C:\Users\Media Service\Downloads\nR86VXT1
2019-06-18 15:36 - 2019-06-18 15:36 - 006105436 _____ C:\Users\Media Service\Downloads\Flacaselastrae.rar
2019-06-14 23:33 - 2019-06-14 23:33 - 000002535 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2019-06-14 23:33 - 2019-06-14 23:33 - 000002516 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2019-06-14 23:33 - 2019-06-14 23:33 - 000002498 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2019-06-14 23:33 - 2019-06-14 23:33 - 000002491 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2019-06-14 23:33 - 2019-06-14 23:33 - 000002489 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2019-06-14 23:33 - 2019-06-14 23:33 - 000002447 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2019-06-14 23:33 - 2019-06-14 23:33 - 000002443 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
2019-06-14 23:33 - 2019-06-14 23:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Herramientas de Microsoft Office
2019-06-13 00:15 - 2019-05-31 03:57 - 000835688 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2019-06-13 00:15 - 2019-05-31 03:57 - 000179816 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2019-06-12 05:28 - 2019-06-07 13:04 - 021388752 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2019-06-12 05:28 - 2019-06-07 07:57 - 007519896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-06-12 05:28 - 2019-06-07 07:46 - 006569344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-06-12 05:28 - 2019-06-07 07:38 - 025857536 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-06-12 05:28 - 2019-06-07 07:37 - 022019584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2019-06-12 05:28 - 2019-06-07 07:27 - 022718976 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-06-12 05:28 - 2019-05-17 08:19 - 004515840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2019-06-12 05:28 - 2019-05-17 07:31 - 004937216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2019-06-12 05:27 - 2019-06-07 13:04 - 001633136 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2019-06-12 05:27 - 2019-06-07 12:45 - 012756480 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2019-06-12 05:27 - 2019-06-07 12:42 - 003613696 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2019-06-12 05:27 - 2019-06-07 12:41 - 004055552 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2019-06-12 05:27 - 2019-06-07 12:40 - 001663488 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2019-06-12 05:27 - 2019-06-07 12:40 - 001364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2019-06-12 05:27 - 2019-06-07 12:23 - 001453920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2019-06-12 05:27 - 2019-06-07 12:19 - 020383832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2019-06-12 05:27 - 2019-06-07 12:07 - 011942400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2019-06-12 05:27 - 2019-06-07 12:04 - 004056064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2019-06-12 05:27 - 2019-06-07 12:04 - 002881536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2019-06-12 05:27 - 2019-06-07 12:04 - 001471488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2019-06-12 05:27 - 2019-06-07 08:01 - 001035040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-06-12 05:27 - 2019-06-07 07:58 - 001220112 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-06-12 05:27 - 2019-06-07 07:58 - 001027384 _____ (Microsoft Corporation) C:\WINDOWS
\system32\hvax64.exe
    2019-06-12 05:27 - 2019-06-07 07:57 - 007436536 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
    2019-06-12 05:27 - 2019-06-07 07:57 - 002811192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
    2019-06-12 05:27 - 2019-06-07 07:57 - 002719032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
    2019-06-12 05:27 - 2019-06-07 07:57 - 001934808 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
    2019-06-12 05:27 - 2019-06-07 07:57 - 001209696 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
    2019-06-12 05:27 - 2019-06-07 07:57 - 000594024 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
    2019-06-12 05:27 - 2019-06-07 07:57 - 000435000 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
    2019-06-12 05:27 - 2019-06-07 07:56 - 009084216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
    2019-06-12 05:27 - 2019-06-07 07:47 - 000380432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
    2019-06-12 05:27 - 2019-06-07 07:46 - 006043496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
    2019-06-12 05:27 - 2019-06-07 07:46 - 001805656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
    2019-06-12 05:27 - 2019-06-07 07:46 - 001011872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
    2019-06-12 05:27 - 2019-06-07 07:31 - 019372544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
    2019-06-12 05:27 - 2019-06-07 07:24 - 005784064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
    2019-06-12 05:27 - 2019-06-07 07:24 - 003400704 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
    2019-06-12 05:27 - 2019-06-07 07:23 - 000608768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
    2019-06-12 05:27 - 2019-06-07 07:22 - 005307392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
    2019-06-12 05:27 - 2019-06-07 07:22 - 003710976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
    2019-06-12 05:27 - 2019-06-07 07:21 - 007588864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
    2019-06-12 05:27 - 2019-06-07 07:21 - 004866048 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
    2019-06-12 05:27 - 2019-06-07 07:21 - 001778688 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
    2019-06-12 05:27 - 2019-06-07 07:21 - 000808448 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
    2019-06-12 05:27 - 2019-06-07 07:20 - 002610688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
    2019-06-12 05:27 - 2019-06-07 07:20 - 000894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
    2019-06-12 05:27 - 2019-06-07 07:19 - 003212288 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
    2019-06-12 05:27 - 2019-06-07 07:19 - 002175488 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
    2019-06-12 05:27 - 2019-06-07 07:19 - 001560576 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
    2019-06-12 05:27 - 2019-06-07 07:19 - 001549824 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
    2019-06-12 05:27 - 2019-06-07 07:18 - 002166784 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
    2019-06-12 05:27 - 2019-06-07 07:18 - 000686592 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
    2019-06-12 05:27 - 2019-06-07 07:18 - 000531968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
    2019-06-12 05:27 - 2019-06-07 07:17 - 001920000 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
    2019-06-12 05:27 - 2019-06-07 07:17 - 000961024 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
    2019-06-12 05:27 - 2019-06-07 07:17 - 000889344 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
    2019-06-12 05:27 - 2019-06-07 07:16 - 001102336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
    2019-06-12 05:27 - 2019-06-07 07:16 - 000544768 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
    2019-06-12 05:27 - 2019-05-19 00:12 - 000353280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
    2019-06-12 05:27 - 2019-05-17 14:40 - 002394960 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVCORE.DLL
    2019-06-12 05:27 - 2019-05-17 14:27 - 006586880 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
    2019-06-12 05:27 - 2019-05-17 14:26 - 004393984 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
    2019-06-12 05:27 - 2019-05-17 14:25 - 004718080 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
    2019-06-12 05:27 - 2019-05-17 14:25 - 004491264 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
    2019-06-12 05:27 - 2019-05-17 14:21 - 001180672 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
    2019-06-12 05:27 - 2019-05-17 14:21 - 000878592 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
    2019-06-12 05:27 - 2019-05-17 14:00 - 005658112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
    2019-06-12 05:27 - 2019-05-17 13:58 - 003397632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
    2019-06-12 05:27 - 2019-05-17 08:44 - 000550520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
    2019-06-12 05:27 - 2019-05-17 08:42 - 005625160 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
    2019-06-12 05:27 - 2019-05-17 08:42 - 004789944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
    2019-06-12 05:27 - 2019-05-17 08:42 - 002256560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
    2019-06-12 05:27 - 2019-05-17 08:42 - 001989552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
    2019-06-12 05:27 - 2019-05-17 08:42 - 001980256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
    2019-06-12 05:27 - 2019-05-17 08:42 - 001620264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
    2019-06-12 05:27 - 2019-05-17 08:42 - 001380096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
    2019-06-12 05:27 - 2019-05-17 08:30 - 013878784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
    2019-06-12 05:27 - 2019-05-17 08:26 - 002969600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
    2019-06-12 05:27 - 2019-05-17 08:19 - 001630720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
    2019-06-12 05:27 - 2019-05-17 08:19 - 001110528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll
    2019-06-12 05:27 - 2019-05-17 08:19 - 000835584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
    2019-06-12 05:27 - 2019-05-17 08:18 - 002796032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
    2019-06-12 05:27 - 2019-05-17 08:18 - 001006592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
    2019-06-12 05:27 - 2019-05-17 08:08 - 000723432 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
    2019-06-12 05:27 - 2019-05-17 08:08 - 000491200 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
    2019-06-12 05:27 - 2019-05-17 08:07 - 004404720 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
    2019-06-12 05:27 - 2019-05-17 08:07 - 002768960 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
    2019-06-12 05:27 - 2019-05-17 08:07 - 002571640 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
    2019-06-12 05:27 - 2019-05-17 08:07 - 002467320 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
    2019-06-12 05:27 - 2019-05-17 08:07 - 001459120 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
    2019-06-12 05:27 - 2019-05-17 08:07 - 001288712 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
    2019-06-12 05:27 - 2019-05-17 08:07 - 001260272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
    2019-06-12 05:27 - 2019-05-17 08:07 - 000930616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
    2019-06-12 05:27 - 2019-05-17 08:07 - 000275768 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
    2019-06-12 05:27 - 2019-05-17 08:06 - 001943136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
    2019-06-12 05:27 - 2019-05-17 08:06 - 001784696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
    2019-06-12 05:27 - 2019-05-17 08:06 - 001140992 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
    2019-06-12 05:27 - 2019-05-17 08:06 - 001098056 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
    2019-06-12 05:27 - 2019-05-17 08:06 - 000983424 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
    2019-06-12 05:27 - 2019-05-17 08:04 - 001826816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
    2019-06-12 05:27 - 2019-05-17 07:44 - 016597504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
    2019-06-12 05:27 - 2019-05-17 07:38 - 004709376 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
    2019-06-12 05:27 - 2019-05-17 07:37 - 004385280 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
    2019-06-12 05:27 - 2019-05-17 07:35 - 000433152 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
    2019-06-12 05:27 - 2019-05-17 07:34 - 001804288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
    2019-06-12 05:27 - 2019-05-17 07:34 - 000916480 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
    2019-06-12 05:27 - 2019-05-17 07:34 - 000671744 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
    2019-06-12 05:27 - 2019-05-17 07:33 - 003091456 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
    2019-06-12 05:27 - 2019-05-17 07:33 - 002912256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
    2019-06-12 05:27 - 2019-05-17 07:33 - 002370560 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
    2019-06-12 05:27 - 2019-05-17 07:33 - 001487360 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll
    2019-06-12 05:27 - 2019-05-17 07:32 - 001070080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
    2019-06-12 05:27 - 2019-05-17 07:32 - 000815104 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
    2019-06-12 05:27 - 2019-05-17 07:31 - 003376640 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
    2019-06-12 05:27 - 2019-05-17 07:31 - 003293184 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
    2019-06-12 05:27 - 2019-05-17 07:31 - 001854976 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
    2019-06-12 05:27 - 2019-05-17 07:31 - 001805312 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
    2019-06-12 05:27 - 2019-05-17 07:31 - 001383424 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
    2019-06-12 05:27 - 2019-05-17 07:31 - 001215488 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
    2019-06-12 05:27 - 2019-05-17 07:31 - 001211904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
    2019-06-12 05:27 - 2019-05-17 07:31 - 001027584 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
    2019-06-12 05:27 - 2019-05-17 07:31 - 000620032 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
    2019-06-12 05:27 - 2019-05-17 07:30 - 000917504 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
    2019-06-12 05:27 - 2019-05-17 07:30 - 000507392 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
    2019-06-12 05:26 - 2019-06-07 12:48 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
    2019-06-12 05:26 - 2019-06-07 12:47 - 000059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
    2019-06-12 05:26 - 2019-06-07 12:10 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf3216.dll
    2019-06-12 05:26 - 2019-06-07 08:07 - 000707384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
    2019-06-12 05:26 - 2019-06-07 07:58 - 000568320 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
    2019-06-12 05:26 - 2019-06-07 07:58 - 000422416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmicmiplugin.dll
    2019-06-12 05:26 - 2019-06-07 07:58 - 000135176 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
    2019-06-12 05:26 - 2019-06-07 07:58 - 000076304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
    2019-06-12 05:26 - 2019-06-07 07:57 - 000792888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
    2019-06-12 05:26 - 2019-06-07 07:57 - 000709728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
    2019-06-12 05:26 - 2019-06-07 07:57 - 000494304 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
    2019-06-12 05:26 - 2019-06-07 07:57 - 000413720 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
    2019-06-12 05:26 - 2019-06-07 07:57 - 000412984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
    2019-06-12 05:26 - 2019-06-07 07:57 - 000383504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
    2019-06-12 05:26 - 2019-06-07 07:57 - 000170296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
    2019-06-12 05:26 - 2019-06-07 07:57 - 000148280 _____ (Microsoft Corporation) C:\WINDOWS\system32\userenv.dll
    2019-06-12 05:26 - 2019-06-07 07:57 - 000137448 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcrypt.dll
    2019-06-12 05:26 - 2019-06-07 07:56 - 000713272 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
    2019-06-12 05:26 - 2019-06-07 07:47 - 000097272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcrypt.dll
    2019-06-12 05:26 - 2019-06-07 07:46 - 000581048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
    2019-06-12 05:26 - 2019-06-07 07:46 - 000357072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
    2019-06-12 05:26 - 2019-06-07 07:46 - 000128792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\userenv.dll
    2019-06-12 05:26 - 2019-06-07 07:24 - 001361408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSPhotography.dll
    2019-06-12 05:26 - 2019-06-07 07:23 - 000561152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
    2019-06-12 05:26 - 2019-06-07 07:23 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
    2019-06-12 05:26 - 2019-06-07 07:22 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
    2019-06-12 05:26 - 2019-06-07 07:22 - 000233984 _____ (Microsoft Corporation) C:\WINDOWS\system32\pku2u.dll
    2019-06-12 05:26 - 2019-06-07 07:22 - 000216064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wdigest.dll
    2019-06-12 05:26 - 2019-06-07 07:21 - 000473600 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
    2019-06-12 05:26 - 2019-06-07 07:21 - 000154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
    2019-06-12 05:26 - 2019-06-07 07:20 - 001708544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSPhotography.dll
    2019-06-12 05:26 - 2019-06-07 07:20 - 000726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
    2019-06-12 05:26 - 2019-06-07 07:19 - 000778240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
    2019-06-12 05:26 - 2019-06-07 07:19 - 000369664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskcomp.dll
    2019-06-12 05:26 - 2019-06-07 07:16 - 000900096 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
    2019-06-12 05:26 - 2019-06-07 07:16 - 000478720 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskcomp.dll
    2019-06-12 05:26 - 2019-06-07 06:00 - 000001308 _____ C:\WINDOWS\system32\tcbres.wim
    2019-06-12 05:26 - 2019-05-19 00:12 - 001311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
    2019-06-12 05:26 - 2019-05-19 00:12 - 000341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
    2019-06-12 05:26 - 2019-05-19 00:12 - 000241152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msltus40.dll
    2019-06-12 05:26 - 2019-05-17 14:44 - 000348160 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
    2019-06-12 05:26 - 2019-05-17 14:40 - 000280888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
    2019-06-12 05:26 - 2019-05-17 14:25 - 000039424 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsUpdateElevatedInstaller.exe
    2019-06-12 05:26 - 2019-05-17 14:24 - 000122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
    2019-06-12 05:26 - 2019-05-17 14:23 - 000110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\AxInstSv.dll
    2019-06-12 05:26 - 2019-05-17 14:22 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
    2019-06-12 05:26 - 2019-05-17 14:22 - 000182784 _____ (Microsoft Corporation) C:\WINDOWS\system32\LanguageComponentsInstaller.dll
    2019-06-12 05:26 - 2019-05-17 14:21 - 001121792 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
    2019-06-12 05:26 - 2019-05-17 14:21 - 000274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3gpui.dll
    2019-06-12 05:26 - 2019-05-17 14:21 - 000221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
    2019-06-12 05:26 - 2019-05-17 14:20 - 002084864 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
    2019-06-12 05:26 - 2019-05-17 14:19 - 000757248 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
    2019-06-12 05:26 - 2019-05-17 14:07 - 002206424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVCORE.DLL
    2019-06-12 05:26 - 2019-05-17 13:56 - 000344576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
    2019-06-12 05:26 - 2019-05-17 13:56 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dot3gpui.dll
    2019-06-12 05:26 - 2019-05-17 13:55 - 000704000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
    2019-06-12 05:26 - 2019-05-17 13:55 - 000668160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
    2019-06-12 05:26 - 2019-05-17 13:55 - 000470528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcSpecfc.dll
    2019-06-12 05:26 - 2019-05-17 13:54 - 002016768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
    2019-06-12 05:26 - 2019-05-17 13:54 - 000908288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSWorkspace.dll
    2019-06-12 05:26 - 2019-05-17 11:33 - 001008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MixedRealityCapture.dll
    2019-06-12 05:26 - 2019-05-17 10:52 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MixedRealityCapture.dll
    2019-06-12 05:26 - 2019-05-17 09:07 - 000105272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
    2019-06-12 05:26 - 2019-05-17 08:44 - 000829960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
    2019-06-12 05:26 - 2019-05-17 08:43 - 000297688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wevtapi.dll
    2019-06-12 05:26 - 2019-05-17 08:42 - 001130568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
    2019-06-12 05:26 - 2019-05-17 08:42 - 000129088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
    2019-06-12 05:26 - 2019-05-17 08:42 - 000125504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KerbClientShared.dll
    2019-06-12 05:26 - 2019-05-17 08:23 - 000074240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dtdump.exe
    2019-06-12 05:26 - 2019-05-17 08:23 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usoapi.dll
    2019-06-12 05:26 - 2019-05-17 08:23 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
    2019-06-12 05:26 - 2019-05-17 08:22 - 000142848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallServiceTasks.dll
    2019-06-12 05:26 - 2019-05-17 08:22 - 000031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
    2019-06-12 05:26 - 2019-05-17 08:21 - 000333824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
    2019-06-12 05:26 - 2019-05-17 08:21 - 000326144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esentutl.exe
    2019-06-12 05:26 - 2019-05-17 08:21 - 000224768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovhost.dll
    2019-06-12 05:26 - 2019-05-17 08:20 - 000366080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
    2019-06-12 05:26 - 2019-05-17 08:20 - 000118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
    2019-06-12 05:26 - 2019-05-17 08:19 - 001073664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
    2019-06-12 05:26 - 2019-05-17 08:19 - 000873472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
    2019-06-12 05:26 - 2019-05-17 08:18 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
    2019-06-12 05:26 - 2019-05-17 08:08 - 001063224 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
    2019-06-12 05:26 - 2019-05-17 08:08 - 000401328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtapi.dll
    2019-06-12 05:26 - 2019-05-17 08:07 - 000260800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
    2019-06-12 05:26 - 2019-05-17 08:06 - 001307648 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
    2019-06-12 05:26 - 2019-05-17 08:06 - 000151888 _____ (Microsoft Corporation) C:\WINDOWS\system32\KerbClientShared.dll
    2019-06-12 05:26 - 2019-05-17 08:00 - 001295360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
    2019-06-12 05:26 - 2019-05-17 07:37 - 000185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallServiceTasks.dll
    2019-06-12 05:26 - 2019-05-17 07:37 - 000108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\DuCsps.dll
    2019-06-12 05:26 - 2019-05-17 07:36 - 000228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winnat.sys
    2019-06-12 05:26 - 2019-05-17 07:36 - 000115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatecsp.dll
    2019-06-12 05:26 - 2019-05-17 07:36 - 000096768 _____ (Microsoft Corporation) C:\WINDOWS\system32\usoapi.dll
    2019-06-12 05:26 - 2019-05-17 07:36 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
    2019-06-12 05:26 - 2019-05-17 07:36 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\UsoClient.exe
    2019-06-12 05:26 - 2019-05-17 07:36 - 000034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
    2019-06-12 05:26 - 2019-05-17 07:36 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
    2019-06-12 05:26 - 2019-05-17 07:35 - 000362496 _____ (Microsoft Corporation) C:\WINDOWS\system32\esentutl.exe
    2019-06-12 05:26 - 2019-05-17 07:35 - 000322560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
    2019-06-12 05:26 - 2019-05-17 07:34 - 000275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\SIHClient.exe
    2019-06-12 05:26 - 2019-05-17 07:34 - 000270336 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovhost.dll
    2019-06-12 05:26 - 2019-05-17 07:34 - 000175104 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
    2019-06-12 05:26 - 2019-05-17 07:34 - 000141312 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
    2019-06-12 05:26 - 2019-05-17 07:34 - 000047616 _____ (Microsoft Corporation) C:\WINDOWS\system32\sscore.dll
    2019-06-12 05:26 - 2019-05-17 07:33 - 001214464 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
    2019-06-12 05:26 - 2019-05-17 07:33 - 000787968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
    2019-06-12 05:26 - 2019-05-17 07:33 - 000270336 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
    2019-06-12 05:26 - 2019-05-17 07:31 - 000466432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
    2019-06-12 05:26 - 2019-05-17 07:30 - 000276992 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvsvc.dll
    2019-06-12 05:04 - 2019-02-13 07:47 - 001909560 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcupdate_GenuineIntel.dll
    2019-06-09 05:15 - 2019-06-09 05:15 - 000000000 ____D C:\Users\Media Service\insta360
    2019-06-03 15:25 - 2019-06-03 15:25 - 000000000 ____D C:\Users\Media Service\AppData\Local\cache
    2019-06-03 15:24 - 2019-06-03 15:24 - 000000000 ____D C:\Users\Media Service\AppData\Local\Insta360
    2019-06-03 15:22 - 2019-06-03 15:22 - 000001328 _____ C:\Users\Public\Desktop\Insta360 Studio 2019.lnk
    2019-06-03 15:22 - 2019-06-03 15:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Insta360 Studio 2019
    2019-06-03 15:22 - 2019-06-03 15:22 - 000000000 ____D C:\Program Files (x86)\Insta360 Studio 2019
    2019-06-03 15:21 - 2019-06-03 15:21 - 073101120 _____ (Shenzhen Arashi Vision Co, Ltd. ) C:\Users\Media Service\Downloads\Insta360 Studio 2019_Winx64_3.3.3_20190530.exe
    2019-06-03 13:05 - 2019-06-03 13:11 - 025111013 _____ C:\Users\Media Service\Downloads\VU¡IDS.mp4

    ==================== One month (modified) ========

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2019-06-24 22:11 - 2018-09-10 09:38 - 000002988 _____ C:\WINDOWS\System32\Tasks\CCleaner Update
    2019-06-24 22:11 - 2018-08-01 21:41 - 000003778 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player NPAPI Notifier
    2019-06-24 22:11 - 2018-08-01 11:25 - 000004302 _____ C:\WINDOWS\System32\Tasks\Software Update Application
    2019-06-24 22:11 - 2018-08-01 11:25 - 000003548 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
    2019-06-24 22:11 - 2018-08-01 11:25 - 000003398 _____ C:\WINDOWS\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
    2019-06-24 22:11 - 2018-08-01 11:25 - 000003324 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
    2019-06-24 22:11 - 2018-08-01 11:25 - 000003118 _____ C:\WINDOWS\System32\Tasks\Intel PTT EK Recertification
    2019-06-24 22:11 - 2018-08-01 11:25 - 000002984 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
    2019-06-24 22:11 - 2018-08-01 11:25 - 000002968 _____ C:\WINDOWS\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
    2019-06-24 22:11 - 2018-08-01 11:25 - 000002956 _____ C:\WINDOWS\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
    2019-06-24 22:11 - 2018-08-01 11:25 - 000002882 _____ C:\WINDOWS\System32\Tasks\Red Giant Link
    2019-06-24 22:11 - 2018-08-01 11:25 - 000002854 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-721675818-2333492642-993102402-1001
    2019-06-24 22:11 - 2018-08-01 11:25 - 000002838 _____ C:\WINDOWS\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
    2019-06-24 22:11 - 2018-08-01 11:25 - 000002786 _____ C:\WINDOWS\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
    2019-06-24 22:11 - 2018-08-01 11:25 - 000002770 _____ C:\WINDOWS\System32\Tasks\AdobeAAMUpdater-1.0-LAPTOP-L5EFGI1N-RUBEN
    2019-06-24 22:11 - 2018-08-01 11:25 - 000002762 _____ C:\WINDOWS\System32\Tasks\BacKGroundAgent
    2019-06-24 22:11 - 2018-08-01 11:25 - 000002744 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
    2019-06-24 22:11 - 2018-08-01 11:25 - 000002724 _____ C:\WINDOWS\System32\Tasks\AdobeGCInvoker-1.0-LAPTOP-L5EFGI1N-RUBEN
    2019-06-24 22:11 - 2018-08-01 11:25 - 000002630 _____ C:\WINDOWS\System32\Tasks\Acer Collection Monitor Application
    2019-06-24 22:11 - 2018-08-01 11:25 - 000002596 _____ C:\WINDOWS\System32\Tasks\Acer Collection Application
    2019-06-24 22:11 - 2018-08-01 11:25 - 000002532 _____ C:\WINDOWS\System32\Tasks\DashlaneUpgradeCheck
    2019-06-24 22:11 - 2018-08-01 11:25 - 000002256 _____ C:\WINDOWS\System32\Tasks\Power Button
    2019-06-24 22:11 - 2018-08-01 11:25 - 000002216 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
    2019-06-24 22:11 - 2018-08-01 11:25 - 000002182 _____ C:\WINDOWS\System32\Tasks\Quick Access
    2019-06-24 22:11 - 2018-08-01 11:25 - 000002162 _____ C:\WINDOWS\System32\Tasks\User Boot Experience Task
    2019-06-24 22:11 - 2018-08-01 11:25 - 000000000 ____D C:\WINDOWS\System32\Tasks\Avast Software
    2019-06-24 22:09 - 2018-04-12 01:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
    2019-06-24 22:05 - 2017-09-29 02:53 - 000000000 ____D C:\Users\Media Service\AppData\LocalLow\Mozilla
    2019-06-24 22:03 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\FxsTmp
    2019-06-24 22:02 - 2017-09-27 23:59 - 000000000 ____D C:\Users\Media Service\AppData\Local\clear.fi
    2019-06-24 22:00 - 2017-05-24 23:24 - 000000000 ____D C:\ProgramData\NVIDIA
    2019-06-24 21:57 - 2018-08-01 11:25 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
    2019-06-24 00:13 - 2018-04-11 23:04 - 000524288 _____ C:\WINDOWS\system32\config\BBI
    2019-06-23 13:25 - 2018-08-01 09:51 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
    2019-06-23 12:29 - 2017-09-29 18:52 - 000000000 ____D C:\Program Files\rempl
    2019-06-23 12:24 - 2018-08-01 11:25 - 000004264 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
    2019-06-22 13:04 - 2018-04-12 01:36 - 000000000 ____D C:\WINDOWS\INF
    2019-06-22 13:04 - 2017-10-06 19:42 - 000000000 ____D C:\Users\Media Service\AppData\Local\CrashDumps
    2019-06-22 12:41 - 2018-03-20 22:12 - 000000000 ____D C:\AdwCleaner
    2019-06-22 00:16 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\AppReadiness
    2019-06-22 00:15 - 2018-04-12 01:38 - 000000000 ___HD C:\Program Files\WindowsApps
    2019-06-21 18:45 - 2019-04-29 16:59 - 000000000 ____D C:\Users\Media Service\AppData\Roaming\Adobe
    2019-06-21 18:33 - 2018-04-12 01:38 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
    2019-06-21 18:33 - 2018-03-20 21:07 - 000000000 ____D C:\ProgramData\Malwarebytes
    2019-06-21 18:13 - 2017-09-28 00:08 - 000002303 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
    2019-06-19 15:56 - 2017-09-29 18:51 - 000000000 ____D C:\Program Files\UNP
    2019-06-18 18:44 - 2017-10-03 18:15 - 000000000 ____D C:\Users\Media Service\AppData\Roaming\vlc
    2019-06-18 16:30 - 2017-10-08 23:29 - 000000000 ____D C:\Users\Media Service\AppData\Roaming\uTorrent
    2019-06-18 15:03 - 2017-10-08 23:31 - 000000000 ____D C:\Users\Media Service\Downloads\DESCARGAS UTORRENT
    2019-06-17 16:40 - 2018-04-12 01:30 - 000000000 ____D C:\WINDOWS\CbsTemp
    2019-06-17 16:09 - 2019-03-26 15:16 - 000000000 ____D C:\Users\Media Service\AppData\Local\BitTorrentHelper
    2019-06-16 22:27 - 2018-08-01 10:20 - 000002425 _____ C:\Users\Media Service\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
    2019-06-16 22:27 - 2017-09-28 00:02 - 000000000 ___RD C:\Users\Media Service\OneDrive
    2019-06-14 23:32 - 2017-05-24 23:44 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
    2019-06-13 13:10 - 2017-10-02 20:43 - 000000000 ____D C:\Users\Media Service\AppData\Local\Everything
    2019-06-13 13:10 - 2017-10-02 19:31 - 000000000 ____D C:\Users\Media Service\AppData\Roaming\Everything
    2019-06-13 00:28 - 2017-09-27 23:57 - 000000000 ____D C:\Users\Media Service\AppData\Local\Packages
    2019-06-13 00:21 - 2018-08-01 10:43 - 001768608 _____ C:\WINDOWS\system32\PerfStringBackup.INI
    2019-06-13 00:21 - 2018-04-12 18:18 - 000787744 _____ C:\WINDOWS\system32\perfh00A.dat
    2019-06-13 00:21 - 2018-04-12 18:18 - 000155340 _____ C:\WINDOWS\system32\perfc00A.dat
    2019-06-13 00:17 - 2018-03-07 11:07 - 000000000 ___RD C:\Users\Media Service\3D Objects
    2019-06-13 00:17 - 2017-05-24 22:55 - 000000000 __RHD C:\Users\Public\AccountPictures
    2019-06-13 00:15 - 2018-08-01 09:50 - 006216288 _____ C:\WINDOWS\system32\FNTCACHE.DAT
    2019-06-12 10:21 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\TextInput
    2019-06-12 10:21 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\ShellExperiences
    2019-06-12 10:21 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\Provisioning
    2019-06-12 10:21 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\bcastdvr
    2019-06-12 05:45 - 2017-09-29 18:59 - 000000000 ____D C:\WINDOWS\system32\MRT
    2019-06-12 05:44 - 2017-10-15 22:28 - 000000000 ____D C:\Users\Media Service\Downloads\FUENTES
    2019-06-12 05:15 - 2017-09-29 18:59 - 135349160 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
    2019-06-09 12:08 - 2019-01-24 13:47 - 000000000 ____D C:\Users\Media Service\Downloads\VIDEOHIVE 2019
    2019-06-09 05:15 - 2018-08-01 10:20 - 000000000 ____D C:\Users\Media Service
    2019-05-27 23:25 - 2018-02-18 22:39 - 000000000 ___RD C:\Users\Media Service\Desktop\COSAS RUBÉN

    ==================== Files in the root of some directories ================

    2007-10-04 12:00 - 2019-06-23 12:34 - 000003134 __RSH () C:\Program Files (x86)\Common Files\Logo.ico
    2017-12-03 16:45 - 2019-05-17 19:28 - 000000132 _____ () C:\Users\Media Service\AppData\Roaming\Prefs. de formato PNG de Adobe CS6
    2018-01-04 13:34 - 2019-01-02 15:18 - 000001456 _____ () C:\Users\Media Service\AppData\Local\Adobe Guardar para Web 13.0 Prefs
    2018-01-14 20:29 - 2018-08-06 13:31 - 000005120 _____ () C:\Users\Media Service\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    2018-06-21 23:02 - 2018-06-21 23:05 - 000282248 _____ () C:\Users\Media Service\AppData\Local\TempWER-831473921-0.sysdata.xml

    ==================== SigCheck ===============================

    (There is no automatic fix for files that do not pass verification.)

    ==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 24-06-2019
Ran by RUBEN (24-06-2019 22:19:43)
Running from C:\Users\Media Service\Downloads
Windows 10 Home Version 1803 17134.829 (X64) (2018-08-01 09:35:27)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrador (S-1-5-21-721675818-2333492642-993102402-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-721675818-2333492642-993102402-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-721675818-2333492642-993102402-1000 - Limited - Disabled) => C:\Users\defaultuser0
Invitado (S-1-5-21-721675818-2333492642-993102402-501 - Limited - Disabled)
RUBEN (S-1-5-21-721675818-2333492642-993102402-1001 - Administrator - Enabled) => C:\Users\Media Service
WDAGUtilityAccount (S-1-5-21-721675818-2333492642-993102402-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Disabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Disabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-721675818-2333492642-993102402-1001\...\uTorrent) (Version: 3.5.5.45271 - BitTorrent Inc.)
µTorrent (HKU\S-1-5-21-721675818-2333492642-993102402-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-06242019220131025\...\uTorrent) (Version: 3.5.5.45271 - BitTorrent Inc.)
1Step Web-Video-Ripper Extras 4.5.4 (HKLM-x32\...\{4F7DCC3C-79E0-4d41-A85E-1F0B9DDABA02}_is1) (Version: 4.5.4 - 1i Soft)
abFiles (HKLM-x32\...\{13885028-098C-4799-9B71-27DAC96502D5}) (Version: 2.08.2001 - Acer Incorporated)
abPhoto (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 3.08.2003.3 - Acer Incorporated)
Acer Configuration Manager (HKLM-x32\...\{414D554E-4453-454E-0201-000000016258}) (Version: 2.1.16258 - Acer)
Actualización de NVIDIA 23.23.30.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 23.23.30.0 - NVIDIA Corporation) Hidden
Adobe After Effects CC 2017 (HKLM-x32\...\AEFT_14_0_0) (Version: 14.0.0 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.9.0.327 - Adobe Systems Incorporated)
Adobe Flash Player 30 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 30.0.0.134 - Adobe Systems Incorporated)
Adobe Premiere Pro CS6 (HKLM-x32\...\{7176B973-6011-43C1-AEBC-2D73FE7C6982}) (Version: 6.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) - Español (HKLM-x32\...\{AC76BA86-7AD7-1034-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
AIDA64 Extreme v5.95 (HKLM-x32\...\AIDA64 Extreme_is1) (Version: 5.95 - FinalWire Ltd.)
Ansel (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel) (Version: 376.89 - NVIDIA Corporation) Hidden
AnyMedia Player 3.4.7 (HKLM-x32\...\{1959CCD2-1227-4de4-97E7-04F29D526762}_is1) (Version: 3.4.7 - cyan soft ltd)
AOP Framework (HKLM-x32\...\{4A37A114-702F-4055-A4B6-16571D4A5353}) (Version: 3.22.2001.0 - Acer Incorporated)
App Explorer (HKU\S-1-5-21-721675818-2333492642-993102402-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-06242019220129635\...\Host App Service) (Version: 0.272.1.295 - SweetLabs) <==== ATTENTION
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Argente - Registry Cleaner 3.1.2.0 (HKLM\...\Argente - Registry Cleaner_is1) (Version: 3.1.2.0 - Raúl Argente)
Ashampoo Burning Studio FREE (HKLM-x32\...\{91B33C97-91F8-FFB3-581B-BC952C901685}_is1) (Version: 1.14.5 - Ashampoo GmbH & Co. KG)
aTube Catcher versión 3.8 (HKLM-x32\...\{D43B360E-722D-421B-BC77-20B9E0F8B6CD}_is1) (Version: 3.8 - DsNET Corp)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 18.7.2354 - AVAST Software)
Camtasia Studio 8 (HKLM-x32\...\{BFA04EE0-8240-4667-8D53-45496A901C33}) (Version: 8.1.2.1327 - TechSmith Corporation)
Canon TS3100 series Manual en pantalla (HKLM-x32\...\Canon TS3100 series Manual en pantalla) (Version: 1.4.0 - Canon Inc.)
Canon TS3100 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_TS3100_series) (Version: 1.00 - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.46 - Piriform)
Compatibilidad con Aplicaciones de Apple (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Dashlane Upgrade Service (HKLM-x32\...\Dashlane Upgrade Service) (Version: 2.1.17.0 - Dashlane, Inc.)
EaseUS Data Recovery Wizard (HKLM\...\EaseUS Data Recovery Wizard_is1) (Version:  - EaseUS)
ELAN HIDI2C Filter Driver X64 13.6.9.4_WHQL (HKLM\...\Elantech) (Version: 13.6.9.4 - ELAN Microelectronic Corp.)
EPSON WF-2010 Series Printer Uninstall (HKLM\...\EPSON WF-2010 Series) (Version:  - SEIKO EPSON Corporation)
Everything 1.4.1.877 (x64) (HKLM\...\Everything) (Version: 1.4.1.877 (x64) - David Carpenter)
Glary Utilities 5.94 (HKLM-x32\...\Glary Utilities 5) (Version: 5.94.0.116 - Glarysoft Ltd)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 75.0.3770.100 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden
HandBrake 1.1.1 (HKLM-x32\...\HandBrake) (Version: 1.1.1 - )
HDSmart_V3.7 (HKLM\...\{ADE3DE3D-643F-4A99-8326-3CDD5F99FF2C}}_is1) (Version:  - )
Insta360 Studio 2019 version 3.3.3 (HKLM-x32\...\{78E34D33-E6EF-442B-A808-2351211989E2}}_is1) (Version: 3.3.3 - Arashi Vision .Ltd)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.7.0.1004 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 21.20.16.4599 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 15.2.0.1020 - Intel Corporation)
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1633.3 - Intel Corporation)
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{39638376-A270-445E-89B2-9B7A3358D2B6}) (Version: 19.11.1639.0649 - Intel Corporation)
K-Lite Mega Codec Pack 10.0.5 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 10.0.5 - )
LibreOffice 5.3.2.2 (HKLM-x32\...\{8DA98699-6AD4-49CF-A9A0-B5E7B7981BE6}) (Version: 5.3.2.2 - The Document Foundation)
Loquendo TTS 7 Carlos Multimedia High Quality (HKLM-x32\...\{CCB512D7-4500-4E5F-A2EA-26D512E4B2BF}) (Version: 7.3.0 - Loquendo)
Loquendo TTS 7 Carmen Multimedia High Quality (HKLM-x32\...\{08E73A78-70C4-4168-BB68-98B6D7A9001F}) (Version: 7.3.0 - Loquendo)
Loquendo TTS 7 Engine Full Distribution (HKLM-x32\...\{16096EE7-3343-4835-B9AF-C63492BD89B3}) (Version: 7.5.0 - Loquendo)
Loquendo TTS 7 Jorge Multimedia High Quality (HKLM-x32\...\{22BF5757-B409-4936-B711-959FE897BD4A}) (Version: 7.3.0 - Loquendo)
Loquendo TTS 7 SDK Distribution (HKLM-x32\...\{30139AC2-AB19-4AEA-865F-2154240D851F}) (Version: 7.3.1 - Loquendo)
Loquendo TTS 7 Soledad Multimedia High Quality (HKLM-x32\...\{5A073D9F-DC37-4581-BD40-A88EEAB5048D}) (Version: 7.3.1 - Loquendo)
Loquendo TTS 7 Spanish (HKLM-x32\...\{02B7FE27-CF87-4380-B57B-9D7A543B1674}) (Version: 7.4.0 - Loquendo)
Malwarebytes versión 3.7.1.2839 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.7.1.2839 - Malwarebytes)
Mecanografía 10 v2.9a (HKLM-x32\...\Mecanografía 10) (Version: v2.9a - Zikitrake Soft)
MediaInfo 0.7.99 (HKLM\...\MediaInfo) (Version: 0.7.99 - MediaArea.net)
Microsoft Office 365 - es-es (HKLM\...\O365HomePremRetail - es-es) (Version: 16.0.11629.20246 - Microsoft Corporation)
Microsoft OneDrive (HKU\.DEFAULT\...\OneDriveSetup.exe) (Version: 17.3.6743.1212 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-721675818-2333492642-993102402-1001\...\OneDriveSetup.exe) (Version: 19.086.0502.0006 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-721675818-2333492642-993102402-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-06242019220131025\...\OneDriveSetup.exe) (Version: 19.086.0502.0006 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.11.25325 (HKLM-x32\...\{404c9c27-8377-4fd1-b607-7ca635db4e49}) (Version: 14.11.25325.0 - Microsoft Corporation)
MIT App Inventor Tools 2.3.0 (HKLM-x32\...\MIT App Inventor Tools) (Version: 2.3.0 - Massachusetts Institute of Technology)
Mozilla Firefox 61.0 (x64 es-ES) (HKLM\...\Mozilla Firefox 61.0 (x64 es-ES)) (Version: 61.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 61.0 - Mozilla)
NirSoft WebVideoCap (HKLM-x32\...\NirSoft WebVideoCap) (Version:  - )
NVIDIA GeForce Experience 3.4.0.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.4.0.70 - NVIDIA Corporation)
NVIDIA Software del sistema PhysX 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
NvNodejs (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvNodejs) (Version: 3.4.0.70 - NVIDIA Corporation) Hidden
NvTelemetry (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvTelemetry) (Version: 2.3.16.0 - NVIDIA Corporation) Hidden
NvvHci (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvvHci) (Version: 2.02.0.5 - NVIDIA Corporation) Hidden
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.11629.20246 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.11629.20246 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.11629.20246 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0C0A-0000-0000000FF1CE}) (Version: 16.0.11629.20246 - Microsoft Corporation) Hidden
paint.net (HKLM\...\{1F895C18-6A2F-4A9E-BBE9-246783070F37}) (Version: 4.0.16 - dotPDN LLC)
Panel de control de NVIDIA 388.73 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 388.73 - NVIDIA Corporation) Hidden
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
Quiz Builder 1.3 ( 15-day Trial ) (HKLM-x32\...\Quiz Builder_is1) (Version:  - Tanida Software)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.14393.21294 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.13.1223.2016 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8555 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
Red Giant Link (HKLM-x32\...\{10F82E5B-B611-4C65-8F29-666A9EC5680A}_is1) (Version: 1.7.19.0 - Red Giant, LLC)
Registro de la impresora (HKLM-x32\...\Canon EISRegistration) (Version: 1.3.0 - Canon Inc.)
Revo Uninstaller 2.0.5 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.5 - VS Revo Group, Ltd.)
SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 7.1.0351 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController) (Version: 3.4.0.70 - NVIDIA Corporation) Hidden
Skype™ 7.40 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.40.151 - Skype Technologies S.A.)
Software Intel® PROSet/Wireless (HKLM-x32\...\{544ecb18-5d76-44bb-ac33-8d06719e39e7}) (Version: 19.20.0 - Intel Corporation)
Software para dispositivos de chipset Intel® (HKLM-x32\...\{bb0592a7-5772-4736-9d55-2402740085db}) (Version: 10.1.1.38 - Intel(R) Corporation) Hidden
Spotify (HKU\S-1-5-21-721675818-2333492642-993102402-1001\...\Spotify) (Version: 1.0.98.78.gb45d2a6b - Spotify AB)
Spotify (HKU\S-1-5-21-721675818-2333492642-993102402-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-06242019220131025\...\Spotify) (Version: 1.0.98.78.gb45d2a6b - Spotify AB)
TextAloud (HKLM-x32\...\TextAloud MP3_is1) (Version: 2.0 - NextUp.com)
Transmission 2.92 (14714) (x64) (HKLM\...\{E2B281FA-6236-4F0D-B710-ECDB6B60EB5E}) (Version: 2.92.0 - Transmission Project)
Trapcode Suite 64-bit (HKLM\...\{460D83C4-15D5-4C0E-9B7D-2204F196A010}) (Version: 12.1.3 - Red Giant) Hidden
Trapcode Suite 64-bit (HKLM-x32\...\InstallShield_{460D83C4-15D5-4C0E-9B7D-2204F196A010}) (Version: 12.1.3 - Red Giant)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{F14FB68A-9188-4036-AD0D-D054BC9C9291}) (Version: 2.59.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM\...\{A7B60FC9-A750-43C7-B7EC-892CD09147C7}) (Version: 1.18.0.0 - Microsoft Corporation) Hidden
VdhCoApp 1.2.4 (HKLM\...\weh-iss-net.downloadhelper.coapp_is1) (Version:  - DownloadHelper)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.3 - VideoLAN)
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.33.0 (HKLM\...\VulkanRT1.0.33.0) (Version: 1.0.33.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.54.1 (HKLM\...\VulkanRT1.0.54.1) (Version: 1.0.54.1 - LunarG, Inc.) Hidden
Windows Setup Remediations (x64) (KB4023057) (HKLM\...\{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb) (Version:  - )
WinRAR 5.70 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.70.0 - win.rar GmbH)

Packages:
=========
Acer Collection -> C:\Program Files\WindowsApps\AcerIncorporated.AcerCollection_1.1.3013.0_x64__48frkmn4z8aw4 [2018-10-20] (Acer Incorporated)
Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.0.2.0_x64__tf1gferkr813w [2019-05-27] (Autodesk Inc.)
Correo y Calendario -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20174.0_x64__8wekyb3d8bbwe [2019-06-02] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-26] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-26] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.4.6132.0_x64__8wekyb3d8bbwe [2019-06-18] (Microsoft Studios) [MS Ad]

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-721675818-2333492642-993102402-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-06242019220131025_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems Incorporated -> Adobe Systems)
CustomCLSID: HKU\S-1-5-21-721675818-2333492642-993102402-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems Incorporated -> Adobe Systems)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-06-10] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-06-10] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-06-10] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-11-04] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-06-10] (Adobe Systems Incorporated -> )
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-11-04] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files (x86)\Glary Utilities 5\x64\ContextHandler.dll [2018-03-02] (Glarysoft LTD -> Glarysoft Ltd)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files (x86)\Glary Utilities 5\x64\ContextHandler.dll [2018-03-02] (Glarysoft LTD -> Glarysoft Ltd)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-11-04] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_ab736fe7f232ee1e\igfxDTCM.dll [2017-11-13] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2017-12-19] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-06-10] (Adobe Systems Incorporated -> )
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-11-04] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files (x86)\Glary Utilities 5\x64\ContextHandler.dll [2018-03-02] (Glarysoft LTD -> Glarysoft Ltd)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============


==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Program Files\Common Files\system:TTGBB835UahFGPyDd [1804]
AlternateDataStreams: C:\ProgramData\Microsoft:jNqHo8aWHrLBQZdZDBGDvAo3N82 [2204]
AlternateDataStreams: C:\ProgramData\Microsoft:TzmhTiQLaFWIect6GsynCOu9u [2272]
AlternateDataStreams: C:\ProgramData\TEMP:88812874 [412]
AlternateDataStreams: C:\Users\Media Service\AppData\Local\RoCK7VT0EGdvK:0nHbDIGZMCFxAmA8KWrRmfCI [2012]
AlternateDataStreams: C:\Users\Media Service\AppData\Local\Temp:WRl03xpCVKFAdyFHONG [2146]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2016-07-16 13:47 - 2019-06-03 20:10 - 000000828 _____ C:\WINDOWS\system32\drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\Skype\Phone\;C:\Program Files (x86)\QuickTime\QTSystem\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-06242019220128057\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-06242019220128729\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-21-721675818-2333492642-993102402-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-06242019220129635\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-21-721675818-2333492642-993102402-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Media Service\Pictures\EFECTO TEXTO NEON PHOTOSHOP\FONDO NEON TRISKEL VIDEO EDICION2.jpg
HKU\S-1-5-21-721675818-2333492642-993102402-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-06242019220131025\Control Panel\Desktop\\Wallpaper -> C:\Users\Media Service\Pictures\EFECTO TEXTO NEON PHOTOSHOP\FONDO NEON TRISKEL VIDEO EDICION2.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

HKLM\...\StartupApproved\Run: => "Everything"
HKLM\...\StartupApproved\Run: => "ShadowPlay"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKLM\...\StartupApproved\Run32: => "APSDaemon"
HKLM\...\StartupApproved\Run32: => "Wondershare Helper Compact.exe"
HKLM\...\StartupApproved\Run32: => "CanonQuickMenu"
HKLM\...\StartupApproved\Run32: => "IJNetworkScannerSelectorEX2"
HKU\S-1-5-21-721675818-2333492642-993102402-1001\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-721675818-2333492642-993102402-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-721675818-2333492642-993102402-1001\...\StartupApproved\Run: => "uTorrent"
HKU\S-1-5-21-721675818-2333492642-993102402-1001\...\StartupApproved\Run: => "EPLTarget\P0000000000000000"
HKU\S-1-5-21-721675818-2333492642-993102402-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-721675818-2333492642-993102402-1001\...\StartupApproved\Run: => "WallpaperSuite"
HKU\S-1-5-21-721675818-2333492642-993102402-1001\...\StartupApproved\Run: => "GUDelayStartup"
HKU\S-1-5-21-721675818-2333492642-993102402-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-721675818-2333492642-993102402-1001\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-721675818-2333492642-993102402-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-06242019220131025\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-721675818-2333492642-993102402-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-06242019220131025\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-721675818-2333492642-993102402-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-06242019220131025\...\StartupApproved\Run: => "uTorrent"
HKU\S-1-5-21-721675818-2333492642-993102402-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-06242019220131025\...\StartupApproved\Run: => "EPLTarget\P0000000000000000"
HKU\S-1-5-21-721675818-2333492642-993102402-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-06242019220131025\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-721675818-2333492642-993102402-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-06242019220131025\...\StartupApproved\Run: => "WallpaperSuite"
HKU\S-1-5-21-721675818-2333492642-993102402-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-06242019220131025\...\StartupApproved\Run: => "GUDelayStartup"
HKU\S-1-5-21-721675818-2333492642-993102402-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-06242019220131025\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-721675818-2333492642-993102402-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-06242019220131025\...\StartupApproved\Run: => "Spotify"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [UDP Query User{35601B14-9268-469A-87C4-11E7B44F8184}C:\users\media service\appdata\local\temp\dl_folder\mpnp_dl\mpnp_dl\mpnp-win-ts3100-1_00-ea34_2\drvsetup\setup64.exe] => (Allow) C:\users\media service\appdata\local\temp\dl_folder\mpnp_dl\mpnp_dl\mpnp-win-ts3100-1_00-ea34_2\drvsetup\setup64.exe No File
FirewallRules: [TCP Query User{72846AC7-D9BB-43F4-9E53-DC17DB1E3D67}C:\users\media service\appdata\local\temp\dl_folder\mpnp_dl\mpnp_dl\mpnp-win-ts3100-1_00-ea34_2\drvsetup\setup64.exe] => (Allow) C:\users\media service\appdata\local\temp\dl_folder\mpnp_dl\mpnp_dl\mpnp-win-ts3100-1_00-ea34_2\drvsetup\setup64.exe No File
FirewallRules: [UDP Query User{9D87D009-6465-4D14-A86A-5FAEB6C666FD}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{87E44330-8796-4678-9DF8-7031CCC77F22}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{2957BB37-CAD1-4FA1-B1D2-706487462DBA}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{DB0BBD42-E09D-4AD9-8C3D-CD65E38FD3C1}] => (Allow) C:\Users\Media Service\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{65EFCCC9-F50B-4F06-B976-CE38A8ADFCB2}] => (Allow) C:\Users\Media Service\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{0D936120-6983-47B7-B102-D4A606E7DC18}] => (Allow) C:\Users\Media Service\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{CD7018CE-C4A3-405F-9A0D-45AB2F92901F}] => (Allow) C:\Users\Media Service\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{AA59F3A9-D6BD-453F-9344-ADC15E82FCAF}] => (Allow) C:\Users\Media Service\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{AD34B3FA-FDB5-4CB7-9089-591F5E30147B}] => (Allow) C:\Users\Media Service\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{F7E0C7A0-15F1-4A7E-AC07-F1FDA2105666}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{E84120DE-44A8-4DCB-8BA1-7FA9B6944616}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{BB8529D1-78CE-4F3B-A802-27DAE873A87A}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{58DE9899-FBB3-44AC-BEE9-89FB08B65D77}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe (Acer Incorporated -> acer)
FirewallRules: [{3FE4B8B1-58A1-4C95-8292-3AD617CBA7F7}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe (Acer Incorporated -> acer)
FirewallRules: [{9DAD5682-6E27-4300-B6ED-7714854F27A9}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe (Acer Incorporated -> acer)
FirewallRules: [{1C8449C8-99F5-454A-9D07-1E21898C1235}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe (Acer Incorporated -> acer)
FirewallRules: [{F7F7DA2E-68A0-413E-91D3-67BBAA7ABD43}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe (Acer Incorporated -> Acer Cloud Technology)
FirewallRules: [{2994B490-9C0D-44B2-BA5B-187526EEF86C}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe (Acer Incorporated -> Acer Cloud Technology)
FirewallRules: [{232F6DDE-E20D-4CE5-ACE2-0A016621B0E1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{5CF6E637-201C-4ECC-A2E1-66D23B206091}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{187CABEA-7F5C-4493-98C6-ED14ED85862C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{C846D850-E1EA-445B-9239-E130EB84F50D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{900149E6-9F7A-40CD-9840-E69220A12EF6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{A47682B9-8F3C-475E-86D9-BFD9DA46B808}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel Corporation-Wireless Connectivity Solutions -> )
FirewallRules: [{C3E7EA83-F4A7-49DF-9B89-C58CEEEC03B3}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{05E6C228-5EDC-4E3B-B78E-7A8CFB05AC1A}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{4639242C-F338-4200-A41F-38E8A1EF8B4B}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
FirewallRules: [{0BF658FB-F848-4B16-ACDC-098CD5CFDEE5}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
FirewallRules: [TCP Query User{FBD65192-D7DD-4CB4-A116-336E270CD59A}C:\program files (x86)\videolan\vlc\vlc.exe] => (Block) C:\program files (x86)\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{3FF23A86-2B87-4980-9583-943133E912D7}C:\program files (x86)\videolan\vlc\vlc.exe] => (Block) C:\program files (x86)\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [TCP Query User{ACE0DE33-096A-4878-93D9-70C5422E9656}C:\users\media service\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\media service\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{0EF8B79B-619A-4993-82D8-97C9C23EBD86}C:\users\media service\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\media service\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{9C5D537C-9745-4A4C-B514-0AAA02C9440D}C:\users\media service\downloads\musica spotify\deezloader-win32-x64\deezloader.exe] => (Block) C:\users\media service\downloads\musica spotify\deezloader-win32-x64\deezloader.exe (GitHub, Inc.) [File not signed]
FirewallRules: [UDP Query User{D11FDA1B-04D0-4682-91BF-B6556F826748}C:\users\media service\downloads\musica spotify\deezloader-win32-x64\deezloader.exe] => (Block) C:\users\media service\downloads\musica spotify\deezloader-win32-x64\deezloader.exe (GitHub, Inc.) [File not signed]
FirewallRules: [{56F81A8C-B3F2-4B36-9DEE-F63F1B8DA8A0}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{2C60EF7C-EEB2-4A32-8BAE-CA80CD49A93C}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

16-05-2019 13:45:26 Windows Update
12-06-2019 05:13:05 Windows Update
17-06-2019 16:35:56 Windows Update
23-06-2019 12:26:08 Windows Update

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (06/22/2019 06:28:38 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: svchost.exe_UserDataSvc, versión: 10.0.17134.556, marca de tiempo: 0xf23cada5
Nombre del módulo con errores: ntdll.dll, versión: 10.0.17134.799, marca de tiempo: 0x7f828745
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x000000000000d5a1
Identificador del proceso con errores: 0x1838
Hora de inicio de la aplicación con errores: 0x01d5277a61d8e09b
Ruta de acceso de la aplicación con errores: c:\windows\system32\svchost.exe
Ruta de acceso del módulo con errores: C:\WINDOWS\SYSTEM32\ntdll.dll
Identificador del informe: 8644af73-5ae7-40c1-8d63-e0458a37026b
Nombre completo del paquete con errores: 
Identificador de aplicación relativa del paquete con errores:

Error: (06/17/2019 06:12:37 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: El programa LockApp.exe, versión 10.0.17134.1, dejó de interactuar con Windows y se cerró. Para ver si hay más información disponible acerca del problema, comprueba el historial de problemas en la sección Seguridad y mantenimiento del Panel de control.

Identificador de proceso: 2528

Hora de inicio: 01d52526f261f1f3

Hora de finalización: 4294967295

Ruta de la aplicación: C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe

Identificador de informe: 842223c7-997b-48d9-ba2e-ab27f783a944

Nombre completo de paquete con errores: Microsoft.LockApp_10.0.17134.1_neutral__cw5n1h2txyewy

Identificador de aplicación relativa del paquete con errores: WindowsDefaultLockScreen

Error: (06/12/2019 06:14:56 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: AfterFX.exe, versión: 14.0.0.207, marca de tiempo: 0x5808771f
Nombre del módulo con errores: Camera Raw.8bi, versión: 9.7.0.668, marca de tiempo: 0x57dd6a0c
Código de excepción: 0xc0000409
Desplazamiento de errores: 0x0000000000a55f14
Identificador del proceso con errores: 0x36b8
Hora de inicio de la aplicación con errores: 0x01d520cea0a5d1e3
Ruta de acceso de la aplicación con errores: C:\Program Files\Adobe\Adobe After Effects CC 2017\Support Files\AfterFX.exe
Ruta de acceso del módulo con errores: C:\Program Files\Common Files\Adobe\Plug-Ins\CC\File Formats\Camera Raw.8bi
Identificador del informe: d41b3695-a081-491d-bbfe-dd2f09b4e708
Nombre completo del paquete con errores: 
Identificador de aplicación relativa del paquete con errores:

Error: (06/10/2019 01:14:14 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: RAVBg64.exe, versión: 1.0.0.295, marca de tiempo: 0x5bc04e16
Nombre del módulo con errores: ntdll.dll, versión: 10.0.17134.556, marca de tiempo: 0x74bed8b0
Código de excepción: 0xc0000374
Desplazamiento de errores: 0x00000000000f479b
Identificador del proceso con errores: 0x218c
Hora de inicio de la aplicación con errores: 0x01d51ef3ad8b79fa
Ruta de acceso de la aplicación con errores: C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
Ruta de acceso del módulo con errores: C:\WINDOWS\SYSTEM32\ntdll.dll
Identificador del informe: a39933b0-eb5a-4b3a-af7c-af6d8dbadd9f
Nombre completo del paquete con errores: 
Identificador de aplicación relativa del paquete con errores:

Error: (06/09/2019 07:36:27 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: vlc.exe, versión: 3.0.3.0, marca de tiempo: 0x00dee6e6
Nombre del módulo con errores: ntdll.dll, versión: 10.0.17134.556, marca de tiempo: 0x319e0a75
Código de excepción: 0xc0000374
Desplazamiento de errores: 0x000d8529
Identificador del proceso con errores: 0x26dc
Hora de inicio de la aplicación con errores: 0x01d51e8521c8a39f
Ruta de acceso de la aplicación con errores: C:\Program Files (x86)\VideoLAN\VLC\vlc.exe
Ruta de acceso del módulo con errores: C:\WINDOWS\SYSTEM32\ntdll.dll
Identificador del informe: eb592c95-ffb2-44b5-8558-0b6e60297164
Nombre completo del paquete con errores: 
Identificador de aplicación relativa del paquete con errores:

Error: (05/27/2019 12:17:44 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: dwm.exe, versión: 10.0.17134.1, marca de tiempo: 0xf5178e97
Nombre del módulo con errores: dwmcore.dll, versión: 10.0.17134.441, marca de tiempo: 0x8b352f6e
Código de excepción: 0xc0000602
Desplazamiento de errores: 0x0000000000106cea
Identificador del proceso con errores: 0xfc0
Hora de inicio de la aplicación con errores: 0x01d5147567b6cf97
Ruta de acceso de la aplicación con errores: C:\WINDOWS\System32\dwm.exe
Ruta de acceso del módulo con errores: C:\WINDOWS\System32\dwmcore.dll
Identificador del informe: 0a5f9b85-8b2d-4801-85e1-b862e061977c
Nombre completo del paquete con errores: 
Identificador de aplicación relativa del paquete con errores:

Error: (05/22/2019 11:50:53 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: dwm.exe, versión: 10.0.17134.1, marca de tiempo: 0xf5178e97
Nombre del módulo con errores: dwmcore.dll, versión: 10.0.17134.441, marca de tiempo: 0x8b352f6e
Código de excepción: 0xc0000602
Desplazamiento de errores: 0x0000000000106cea
Identificador del proceso con errores: 0x22d4
Hora de inicio de la aplicación con errores: 0x01d510e86a4035fe
Ruta de acceso de la aplicación con errores: C:\WINDOWS\System32\dwm.exe
Ruta de acceso del módulo con errores: C:\WINDOWS\System32\dwmcore.dll
Identificador del informe: dde0eab7-fc26-4382-b611-3263a79c4482
Nombre completo del paquete con errores: 
Identificador de aplicación relativa del paquete con errores:

Error: (05/17/2019 03:30:12 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: sedsvc.exe, versión: 10.0.17134.1003, marca de tiempo: 0xa4407904
Nombre del módulo con errores: sedsvc.exe, versión: 10.0.17134.1003, marca de tiempo: 0xa4407904
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x00000000000105f1
Identificador del proceso con errores: 0x1e08
Hora de inicio de la aplicación con errores: 0x01d4fb5470a32a8a
Ruta de acceso de la aplicación con errores: C:\Program Files\rempl\sedsvc.exe
Ruta de acceso del módulo con errores: C:\Program Files\rempl\sedsvc.exe
Identificador del informe: b3259f1a-ce6d-429c-8534-830f1412095e
Nombre completo del paquete con errores: 
Identificador de aplicación relativa del paquete con errores:


System errors:
=============
Error: (06/24/2019 10:05:48 PM) (Source: DCOM) (EventID: 10016) (User: LAPTOP-L5EFGI1N)
Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID 
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
 y APPID 
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
 al usuario LAPTOP-L5EFGI1N\RUBEN con SID (S-1-5-21-721675818-2333492642-993102402-1001) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID Microsoft.Windows.ContentDeliveryManager_10.0.17134.1_neutral_neutral_cw5n1h2txyewy (S-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.

Error: (06/24/2019 10:05:48 PM) (Source: DCOM) (EventID: 10016) (User: LAPTOP-L5EFGI1N)
Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID 
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
 y APPID 
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
 al usuario LAPTOP-L5EFGI1N\RUBEN con SID (S-1-5-21-721675818-2333492642-993102402-1001) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID Microsoft.Windows.ContentDeliveryManager_10.0.17134.1_neutral_neutral_cw5n1h2txyewy (S-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.

Error: (06/24/2019 10:05:08 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: El servidor {5B99FA76-721C-423C-ADAC-56D03C8A8007} no se registró con DCOM dentro del tiempo de espera requerido.

Error: (06/24/2019 10:04:48 PM) (Source: DCOM) (EventID: 10016) (User: LAPTOP-L5EFGI1N)
Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID 
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
 y APPID 
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
 al usuario LAPTOP-L5EFGI1N\RUBEN con SID (S-1-5-21-721675818-2333492642-993102402-1001) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID Microsoft.Windows.ContentDeliveryManager_10.0.17134.1_neutral_neutral_cw5n1h2txyewy (S-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.

Error: (06/24/2019 10:03:30 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: El servicio Optimización de entrega no respondió después de iniciar.

Error: (06/24/2019 10:01:23 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio Dashlane Upgrade Service no pudo iniciarse debido al siguiente error: 
El servicio no respondió a tiempo a la solicitud de inicio o de control.

Error: (06/24/2019 10:01:23 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Se agotó el tiempo de espera (30000 ms) para la conexión con el servicio Dashlane Upgrade Service.

Error: (06/24/2019 09:58:35 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio Ds3Service no pudo iniciarse debido al siguiente error: 
El servicio no respondió a tiempo a la solicitud de inicio o de control.


Windows Defender:
===================================
Date: 2018-11-21 18:13:45.447
Description: 
Antivirus de Windows Defender detectó malware u otro software potencialmente no deseado.
Para obtener más información consulte lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:JS/CoinHive.A&threatid=2147729066&enterprise=0
Nombre: Trojan:JS/CoinHive.A
Id.: 2147729066
Gravedad: Grave
Categoría: Caballo de Troya
Ruta de acceso: file:_C:\ProgramData\AVAST Software\Avast\report\WebShield.txt
Origen de detección: Equipo local
Tipo de detección: Concreto
Fuente de detección: Protección en tiempo real
Usuario: NT AUTHORITY\SYSTEM
Nombre de proceso: C:\Program Files\AVAST Software\Avast\AvastSvc.exe
Versión de firma: AV: 1.281.484.0, AS: 1.281.484.0, NIS: 1.281.484.0
Versión de motor: AM: 1.1.15400.5, NIS: 1.1.15400.5

CodeIntegrity:
===================================

Date: 2019-06-24 21:56:47.146
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\GUBootStartup.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-06-22 12:45:32.354
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\GUBootStartup.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-06-22 06:31:49.143
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\GUBootStartup.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-06-18 14:51:38.879
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\GUBootStartup.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-06-13 00:12:11.947
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\GUBootStartup.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-05-18 15:05:45.234
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\GUBootStartup.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-04-25 12:39:58.782
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\GUBootStartup.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-04-24 11:15:13.243
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Acer\clear.fi plug-in\Clearfishellext_x64.dll that did not meet the Microsoft signing level requirements.

==================== Memory info =========================== 

BIOS: Insyde Corp. V1.05 05/17/2017
Motherboard: KBL Charmander_KL
Processor: Intel(R) Core(TM) i7-7500U CPU @ 2.70GHz
Percentage of memory in use: 49%
Total physical RAM: 8075.6 MB
Available physical RAM: 4104.46 MB
Total Virtual: 16267.6 MB
Available Virtual: 12572.58 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:930.4 GB) (Free:186.52 GB) NTFS

\\?\Volume{723b97ec-86c1-4acd-94f2-54670cd6d231}\ (Recovery) (Fixed) (Total:1 GB) (Free:0.58 GB) NTFS
\\?\Volume{471f5f96-f8f4-40c9-9da3-23a24a77f429}\ (ESP) (Fixed) (Total:0.09 GB) (Free:0.04 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 4AE56BAF)

Partition: GPT.

==================== End of Addition.txt ============================

Una duda mas…esos caracteres afectan a navegadores como Edge o Internet Explorer, u a otras aplicaciones o programas, incluido el propio sistema? Este problema, te das cuenta cundo surgió??..una actualización de windows, una instalacion de algún programa, etc ( o desde que dia o fecha aprox.)

Sí estos caracteres también me salen en más exploradores como el chrome, y en alguna aplicación como el lector de pdf.

Lo siento pero no me acuerdo desde cuando me sale el error, no recuerdo que haya sido después de alguna actualización o instalación de algún programa no lo tengo muy claro lo siento.

Saludos Polesul

Disculpa la demora…

Primeramente debes actualizar algunos programas importantes que tienes desactulaizados:

  • Adobe Reader
  • Avast
  • Ccleaner
  • Firefox
  • Winrar
  • Libre Office

Avast o Firefox puedes hacerlo desde el propio programa y los demás descargando la versión mas actualizada ( de sus paginas oficiales o desde https://www.majorgeeks.com/ )

Es muy importante y sobre todo los programas de seguridad, tener la ultima versión

Ademas tu Windows 10, ya es una version antigua

Vete a Windows update y mira si te sale actualizar a la version 1903 ( dale a buscar…)

Si no vete a https://www.microsoft.com/es-es/software-download/windows10 y dale a actualizar ahora

Comentas como va todo despues

Bueno después de bastante tiempo de actualización de windows, he de decir que ya no veo los caracteres raros que había comentado antes, parece ser que faltaba actualizar windows para ver las palabras “normales” pero si es cierto que ahora noto un poco lento mi pc, será que tendré que darle tiempo y volver a pasarle todos los antivirus y limpiadores. Por el tema de los carcteres raros puedo dar mi problema por soluccionado muchísimas gracias.

Saludos Polesu.

Este tema se cerró automáticamente 2 días después del último post. No se permiten nuevas respuestas.