Carpeta "Buda"


#1

Buenas, pasa que siempre que conecto mi disco duro externo a mi pc principal en este siempre se crea una carpeta llamada “Buda” siempre la borro pero vuelve a aparecer y no e logrado borrarla, no se si es la pc o el disco duro en si, espero me puedan ayudar :smile:

Aquí los informes que siempre piden:

Malwarebytes
www.malwarebytes.com

-Detalles del registro-
Fecha del análisis: 18/1/19
Hora del análisis: 21:22
Archivo de registro: 12384754-1b91-11e9-a0ee-f0795965a5c3.json

-Información del software-
Versión: 3.6.1.2711
Versión de los componentes: 1.0.519
Versión del paquete de actualización: 1.0.8860
Licencia: Prueba

-Información del sistema-
SO: Windows 10 (Build 17763.253)
CPU: x64
Sistema de archivos: NTFS
Usuario: DESKTOP-P9RORPM\FLORES

-Resumen del análisis-
Tipo de análisis: Análisis de amenazas
Análisis iniciado por:: Manual
Resultado: Completado
Objetos analizados: 293310
Amenazas detectadas: 10
Amenazas en cuarentena: 10
Tiempo transcurrido: 4 min, 34 seg

-Opciones de análisis-
Memoria: Activado
Inicio: Activado
Sistema de archivos: Activado
Archivo: Activado
Rootkits: Desactivado
Heurística: Activado
PUP: Detectar
PUM: Detectar

-Detalles del análisis-
Proceso: 0
(No hay elementos maliciosos detectados)

Módulo: 0
(No hay elementos maliciosos detectados)

Clave del registro: 3
Generic.Malware/Suspicious, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\KMSAutoNet, En cuarentena, [0], [392686],1.0.8860
Generic.Malware/Suspicious, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{7F4A8864-E982-42A4-BB7C-9CAF1AF6C4C4}, En cuarentena, [0], [392686],1.0.8860
Generic.Malware/Suspicious, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\PLAIN\{7F4A8864-E982-42A4-BB7C-9CAF1AF6C4C4}, En cuarentena, [0], [392686],1.0.8860

Valor del registro: 0
(No hay elementos maliciosos detectados)

Datos del registro: 0
(No hay elementos maliciosos detectados)

Secuencia de datos: 0
(No hay elementos maliciosos detectados)

Carpeta: 0
(No hay elementos maliciosos detectados)

Archivo: 7
Generic.Malware/Suspicious, C:\WINDOWS\SYSTEM32\TASKS\KMSAutoNet, En cuarentena, [0], [392686],1.0.8860
Generic.Malware/Suspicious, C:\PROGRAMDATA\KMSAUTOS\KMSAUTO NET.EXE, En cuarentena, [0], [392686],1.0.8860
Generic.Malware/Suspicious, C:\PROGRAMDATA\KMSAUTOS\BIN\KMSSS.EXE, En cuarentena, [0], [392686],1.0.8860
Generic.Malware/Suspicious, C:\PROGRAMDATA\KMSAUTOS\BIN\TUNMIRROR2.EXE, En cuarentena, [0], [392686],1.0.8860
Generic.Malware/Suspicious, C:\PROGRAMDATA\KMSAUTOS\BIN\TUNMIRROR.EXE, En cuarentena, [0], [392686],1.0.8860
Generic.Malware/Suspicious, C:\USERS\FLORES\DOCUMENTS\KMSAUTO.EXE, En cuarentena, [0], [392686],1.0.8860
PUP.Optional.InstallCore.Generic, C:\USERS\FLORES\DOWNLOADS\CHALLENGE-POOL-PROGRAMAS-GRATIS-NET_1509600118.EXE, En cuarentena, [530], [516690],1.0.8860

Sector físico: 0
(No hay elementos maliciosos detectados)

WMI: 0
(No hay elementos maliciosos detectados)


(end)
# -------------------------------
# Malwarebytes AdwCleaner 7.2.6.0
# -------------------------------
# Build:    12-18-2018
# Database: 2019-01-10.1 (Cloud)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start:    01-18-2019
# Duration: 00:00:25
# OS:       Windows 10 Education
# Scanned:  32265
# Detected: 0


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.


AdwCleaner[S00].txt - [1398 octets] - [07/08/2018 12:48:34]
AdwCleaner[C00].txt - [1544 octets] - [07/08/2018 12:48:59]
AdwCleaner[S01].txt - [1363 octets] - [08/08/2018 10:00:18]
AdwCleaner[C01].txt - [1549 octets] - [08/08/2018 10:00:38]
AdwCleaner[S02].txt - [1539 octets] - [09/11/2018 23:23:10]
AdwCleaner[C02].txt - [1705 octets] - [09/11/2018 23:23:48]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S03].txt ##########
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.4 (07.09.2017)
Operating System: Windows 10 Enterprise x64 
Ran by FLORES (Administrator) on vie. 18/01/2019 at 21:37:04.81
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 1 

Successfully deleted: C:\ProgramData\mntemp (File) 



Registry: 0 





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on vie. 18/01/2019 at 21:40:27.59
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

#2
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 16.01.2019 01
Ran by FLORES (administrator) on DESKTOP-P9RORPM (18-01-2019 21:41:57)
Running from C:\Users\FLORES\Desktop
Loaded Profiles: FLORES (Available Profiles: FLORES)
Platform: Windows 10 Education Version 1809 17763.253 (X64) Language: Español (España, internacional)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(DEVGURU Co., LTD.) C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe
() C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\bin\wallpaperservice32_c.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1812.3-0\MsMpEng.exe
(Wondershare) C:\Program Files (x86)\Wondershare\WAF\2.4.3.237\WsAppService.exe
(Wondershare) C:\Program Files (x86)\Wondershare\drfone\Library\DriverInstaller\DriverInstall.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.23\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.23\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.26.95.0_x64__kzf8qxf38zg5c\Skype4Life.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.26.95.0_x64__kzf8qxf38zg5c\SkypeHelper.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11805.1001.49.0_x64__8wekyb3d8bbwe\WinStore.App.exe
() C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.18052.20211.0_x64__8wekyb3d8bbwe\Music.UI.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTShellHlp.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18051.21218.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [322120 2017-04-19] (Intel Corporation)
HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2675176 2018-12-13] (Adobe Systems, Incorporated)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8838400 2016-06-07] (Realtek Semiconductor)
HKLM-x32\...\Run: [LeagueDisplays] => C:\Riot Games\LeagueDisplays\assistant\LeagueDisplaysAssistant.exe [406016 2018-01-31] ()
HKLM-x32\...\Run: [Ultimate Control] => C:\Program Files (x86)\Ultimate Control\ucontrol.exe [349696 2012-08-10] (NEGU Soft)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601424 2018-07-07] (Oracle Corporation)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2409936 2018-08-23] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [4810224 2018-12-04] (Adobe Systems Inc.)
HKU\S-1-5-21-2780051163-1415925091-345908403-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3131680 2018-11-26] (Valve Corporation)
HKU\S-1-5-21-2780051163-1415925091-345908403-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [729704 2018-06-20] (Disc Soft Ltd)
HKU\S-1-5-21-2780051163-1415925091-345908403-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [19645800 2019-01-10] (Piriform Software Ltd)
HKU\S-1-5-21-2780051163-1415925091-345908403-1001\...\Run: [Spotify] => C:\Users\FLORES\AppData\Roaming\Spotify\Spotify.exe [25972968 2018-12-21] (Spotify Ltd)
HKU\S-1-5-21-2780051163-1415925091-345908403-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\SysWOW64\launcher.scr [2417936 2018-01-31] ()
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\Installer\chrmstp.exe [2018-12-13] (Google Inc.)
Startup: C:\Users\FLORES\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk [2018-12-26]
ShortcutTarget: MEGAsync.lnk -> C:\Users\FLORES\AppData\Local\MEGAsync\MEGAsync.exe (Mega Limited)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 190.113.220.18 190.113.220.51 190.113.220.54
Tcpip\..\Interfaces\{51f83a75-38eb-466e-8201-f63f74547eb9}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{51f83a75-38eb-466e-8201-f63f74547eb9}: [DhcpNameServer] 190.113.220.18 190.113.220.51 190.113.220.54

Internet Explorer:
==================
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2018-06-29] (Adobe Systems Incorporated)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2018-06-29] (Adobe Systems Incorporated)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2018-11-30] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_181\bin\ssv.dll [2018-09-06] (Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2018-06-29] (Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_181\bin\jp2ssv.dll [2018-09-06] (Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2018-06-29] (Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2018-06-29] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2018-06-29] (Adobe Systems Incorporated)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-01-14] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-01-18] (Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-01-14] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-01-18] (Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-01-14] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-01-18] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-01-14] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-01-18] (Microsoft Corporation)

FireFox:
========
FF DefaultProfile: bm686dva.default
FF ProfilePath: C:\Users\FLORES\AppData\Roaming\Mozilla\Firefox\Profiles\bm686dva.default [2019-01-18]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Extension: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2018-09-20]
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt => not found
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2018-09-13] (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-08-10] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-08-10] (VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2018-08-23] (Adobe Systems)
FF Plugin-x32: @java.com/DTPlugin,version=11.181.2 -> C:\Program Files (x86)\Java\jre1.8.0_181\bin\dtplugin\npDeployJava1.dll [2018-09-06] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.181.2 -> C:\Program Files (x86)\Java\jre1.8.0_181\bin\plugin2\npjp2.dll [2018-09-06] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2018-09-13] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2019-01-11] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2019-01-11] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-20] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-20] (Google Inc.)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2018-12-04] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2018-08-23] (Adobe Systems)

Chrome: 
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\FLORES\AppData\Local\Google\Chrome\User Data\Default [2019-01-18]
CHR Extension: (Presentaciones) - C:\Users\FLORES\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-07-12]
CHR Extension: (Universal Bypass) - C:\Users\FLORES\AppData\Local\Google\Chrome\User Data\Default\Extensions\aihomhdbhpnpmcnnbckjjcebjoikpihj [2019-01-18]
CHR Extension: (Documentos) - C:\Users\FLORES\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-07-12]
CHR Extension: (Google Drive) - C:\Users\FLORES\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-07-12]
CHR Extension: (YouTube) - C:\Users\FLORES\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-07-12]
CHR Extension: (Adobe Acrobat) - C:\Users\FLORES\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2018-09-09]
CHR Extension: (Hojas de cálculo) - C:\Users\FLORES\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-07-12]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\FLORES\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-15]
CHR Extension: (Malwarebytes Browser Extension) - C:\Users\FLORES\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2019-01-18]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\FLORES\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-07-12]
CHR Extension: (Gmail) - C:\Users\FLORES\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-07-12]
CHR Extension: (Chrome Media Router) - C:\Users\FLORES\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-12-15]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [818128 2018-08-23] (Adobe Systems Incorporated)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [2917864 2018-12-13] (Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2709480 2018-12-13] (Adobe Systems, Incorporated)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe [936728 2013-07-03] ()
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9619816 2019-01-04] (Microsoft Corporation)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [3606632 2018-06-20] (Disc Soft Ltd)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [18504 2017-04-19] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\SocketHeciServer.exe [743728 2017-11-08] (Intel(R) Corporation)
S2 Intel(R) TPM Provisioning Service; C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\TPMProvisioningService.exe [720184 2017-11-08] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [213648 2017-11-22] (Intel Corporation)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6347056 2018-09-19] (Malwarebytes)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [787440 2018-12-06] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [787440 2018-12-06] (NVIDIA Corporation)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5381128 2019-01-08] (Microsoft Corporation)
S4 ssh-agent; C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [384512 2018-09-15] ()
R2 ss_conn_service; C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2014-12-02] (DEVGURU Co., LTD.)
S3 uSHAREitSvc; C:\Program Files (x86)\SHAREit Technologies\SHAREit\SHAREit.Service.exe [33224 2017-09-11] (SHAREit Technologies Co.Ltd)
R2 Wallpaper Engine Service; C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\bin\wallpaperservice32_c.exe [355304 2018-07-12] ()
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\NisSrv.exe [3880120 2018-12-10] (Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\MsMpEng.exe [114208 2018-12-10] (Microsoft Corporation)
R2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.4.3.237\WsAppService.exe [495720 2018-07-04] (Wondershare)
R2 WsDrvInst; C:\Program Files (x86)\Wondershare\drfone\Library\DriverInstaller\DriverInstall.exe [120016 2018-07-04] (Wondershare)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000 
R2 NvTelemetryContainer; "C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvTelemetry\plugins" -r

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2013-07-03] ()
R2 atksgt; C:\WINDOWS\System32\DRIVERS\atksgt.sys [314016 2018-07-30] ()
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2018-07-30] (Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2018-07-30] (Disc Soft Ltd)
R2 lirsgt; C:\WINDOWS\System32\DRIVERS\lirsgt.sys [43680 2018-07-30] ()
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [198512 2019-01-18] (Malwarebytes)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_5db32447b43ce666\nvlddmkm.sys [20461984 2019-01-11] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30336 2018-10-25] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [70024 2018-10-01] (NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [74576 2019-01-11] (NVIDIA Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [1106256 2018-07-12] (Realtek )
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [46680 2018-12-10] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [330936 2018-12-10] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [62136 2018-12-10] (Microsoft Corporation)
S3 xhunter1; C:\Windows\xhunter1.sys [55704 2018-10-31] (Wellbia.com Co., Ltd.)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-01-18 21:41 - 2019-01-18 21:42 - 000021526 _____ C:\Users\FLORES\Desktop\FRST.txt
2019-01-18 21:41 - 2019-01-18 21:41 - 000000000 ____D C:\FRST
2019-01-18 21:40 - 2019-01-18 21:41 - 000000617 _____ C:\Users\FLORES\Desktop\JRT.txt
2019-01-18 21:33 - 2019-01-18 21:33 - 000001621 _____ C:\Users\FLORES\Desktop\AdwCleaner[S03].txt
2019-01-18 21:28 - 2019-01-18 21:28 - 000002783 _____ C:\Users\FLORES\Desktop\mb.txt
2019-01-18 21:20 - 2019-01-18 21:20 - 000000323 _____ C:\Users\FLORES\Desktop\post.txt
2019-01-18 21:15 - 2019-01-18 21:15 - 002427904 _____ (Farbar) C:\Users\FLORES\Desktop\FRST64.exe
2019-01-18 21:15 - 2019-01-18 21:15 - 000198512 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2019-01-18 21:14 - 2019-01-18 21:15 - 002427904 _____ (Farbar) C:\Users\FLORES\Downloads\FRST64.exe
2019-01-18 21:14 - 2019-01-18 21:14 - 000001912 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2019-01-18 21:14 - 2019-01-18 21:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-01-18 21:14 - 2019-01-18 21:13 - 007320272 _____ (Malwarebytes) C:\Users\FLORES\Desktop\adwcleaner_7.2.6.0.exe
2019-01-18 21:14 - 2018-12-04 08:09 - 000152688 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2019-01-18 21:13 - 2019-01-18 21:13 - 007320272 _____ (Malwarebytes) C:\Users\FLORES\Downloads\adwcleaner_7.2.6.0.exe
2019-01-18 21:11 - 2019-01-18 21:10 - 001790024 _____ (Malwarebytes) C:\Users\FLORES\Desktop\JRT.exe
2019-01-18 21:10 - 2019-01-18 21:12 - 082399896 _____ (Malwarebytes ) C:\Users\FLORES\Downloads\mb3-setup-consumer-3.6.1.2711-1.0.519-1.0.8850.exe
2019-01-18 21:10 - 2019-01-18 21:11 - 019341880 _____ (Piriform Software Ltd) C:\Users\FLORES\Downloads\ccsetup552.exe
2019-01-18 21:10 - 2019-01-18 21:10 - 001790024 _____ (Malwarebytes) C:\Users\FLORES\Downloads\JRT.exe
2019-01-18 19:41 - 2019-01-18 19:41 - 000000000 ____D C:\WINDOWS\pss
2019-01-18 18:56 - 2019-01-11 04:31 - 000133328 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2019-01-18 18:55 - 2019-01-18 18:55 - 000000000 ____D C:\WINDOWS\system32\Drivers\NVIDIA Corporation
2019-01-18 18:55 - 2019-01-11 04:22 - 005363000 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2019-01-18 18:55 - 2019-01-11 04:22 - 002623880 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2019-01-18 18:55 - 2019-01-11 04:22 - 001767464 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2019-01-18 18:55 - 2019-01-11 04:22 - 000650608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2019-01-18 18:55 - 2019-01-11 04:22 - 000451056 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2019-01-18 18:55 - 2019-01-11 04:22 - 000125320 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2019-01-18 18:55 - 2019-01-11 04:22 - 000083336 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2019-01-18 18:55 - 2019-01-10 00:51 - 000001951 _____ C:\WINDOWS\NvContainerRecovery.bat
2019-01-18 18:55 - 2019-01-09 08:45 - 008472342 _____ C:\WINDOWS\system32\nvcoproc.bin
2019-01-18 18:51 - 2019-01-11 23:05 - 000978336 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2019-01-18 18:51 - 2019-01-11 23:05 - 000978336 _____ C:\WINDOWS\system32\vulkan-1.dll
2019-01-18 18:51 - 2019-01-11 23:05 - 000845216 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2019-01-18 18:51 - 2019-01-11 23:05 - 000845216 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2019-01-18 18:51 - 2019-01-11 23:05 - 000552536 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2019-01-18 18:51 - 2019-01-11 23:05 - 000456848 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2019-01-18 18:51 - 2019-01-11 23:05 - 000268192 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2019-01-18 18:51 - 2019-01-11 23:05 - 000268192 _____ C:\WINDOWS\system32\vulkaninfo.exe
2019-01-18 18:51 - 2019-01-11 23:05 - 000243616 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2019-01-18 18:51 - 2019-01-11 23:05 - 000243616 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2019-01-18 18:51 - 2019-01-11 23:04 - 004946232 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2019-01-18 18:51 - 2019-01-11 23:04 - 004316304 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2019-01-18 18:51 - 2019-01-11 23:04 - 002018392 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6441771.dll
2019-01-18 18:51 - 2019-01-11 23:04 - 002003600 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2019-01-18 18:51 - 2019-01-11 23:04 - 001512352 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2019-01-18 18:51 - 2019-01-11 23:04 - 001467864 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6441771.dll
2019-01-18 18:51 - 2019-01-11 23:04 - 001461152 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2019-01-18 18:51 - 2019-01-11 23:04 - 001126544 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2019-01-18 18:51 - 2019-01-11 23:04 - 000750520 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvDecMFTMjpeg.dll
2019-01-18 18:51 - 2019-01-11 23:04 - 000631896 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2019-01-18 18:51 - 2019-01-11 23:04 - 000609368 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvDecMFTMjpeg.dll
2019-01-18 18:51 - 2019-01-11 23:04 - 000521688 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2019-01-18 18:51 - 2019-01-11 23:03 - 040262912 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2019-01-18 18:51 - 2019-01-11 23:03 - 035158736 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2019-01-18 18:51 - 2019-01-11 19:03 - 015911384 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2019-01-18 18:51 - 2019-01-11 19:02 - 013205768 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2019-01-18 18:51 - 2019-01-11 19:02 - 001462024 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
2019-01-18 18:51 - 2019-01-11 19:02 - 001167584 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2019-01-18 18:51 - 2019-01-11 19:02 - 001145536 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
2019-01-18 18:51 - 2019-01-11 19:02 - 000914400 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2019-01-18 18:51 - 2019-01-11 19:02 - 000822392 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmcumd.dll
2019-01-18 18:51 - 2019-01-11 19:02 - 000794448 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2019-01-18 18:51 - 2019-01-11 19:02 - 000637664 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2019-01-18 18:51 - 2019-01-11 19:01 - 019717352 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2019-01-18 18:51 - 2019-01-11 19:01 - 016993240 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2019-01-18 18:51 - 2019-01-11 19:01 - 005003032 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2019-01-18 18:51 - 2019-01-11 19:01 - 004260704 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2019-01-18 18:51 - 2019-01-11 06:06 - 001682896 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdagenco6420103.dll
2019-01-18 18:51 - 2019-01-11 06:06 - 000227896 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2019-01-18 18:51 - 2019-01-11 06:06 - 000074576 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvhci.sys
2019-01-18 18:51 - 2019-01-11 06:06 - 000048472 _____ C:\WINDOWS\system32\nvinfo.pb
2019-01-18 18:51 - 2019-01-11 06:06 - 000047384 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdap64.dll
2019-01-13 20:03 - 2019-01-13 20:06 - 003587359 _____ C:\Users\FLORES\Downloads\ReCreators_-_Magical_girls_are_made_to_suffer(youtube.com).mp4
2019-01-12 10:59 - 2019-01-12 11:00 - 248799450 _____ C:\Users\FLORES\Downloads\Kyoukai no Kanata _Opening Album 「Kyoukai no Kanata」_.rar
2019-01-12 10:42 - 2019-01-12 10:49 - 293455442 _____ C:\Users\FLORES\Downloads\Dusk maiden of Amnesia ED - Calendrier - Okui Aki [FLAC]-20190112T154153Z-001.zip
2019-01-12 10:28 - 2019-01-12 10:29 - 034380485 _____ C:\Users\FLORES\Downloads\[Nipponsei] Kaichou wa Maid-sama! ED2 Single - Mugen Loop [heidi.].rar
2019-01-12 10:22 - 2019-01-12 10:22 - 125340993 _____ C:\Users\FLORES\Downloads\Strike the Blood OP1-FLAC.rar
2019-01-12 10:02 - 2019-01-12 10:05 - 154867636 _____ C:\Users\FLORES\Downloads\Seven Doors.rar
2019-01-12 09:52 - 2019-01-12 09:54 - 062971609 _____ C:\Users\FLORES\Downloads\[Funime-Forunesia] Hai to Gensou no Grimgar - OP.rar
2019-01-12 09:33 - 2019-01-12 09:34 - 023990801 _____ C:\Users\FLORES\Downloads\(SNKK) 87.rar
2019-01-11 23:16 - 2019-01-11 23:16 - 017792595 _____ C:\Users\FLORES\Downloads\[Funime-Forunesia] RE_Hamatora - OP - Senno Tsubasa - Livetune adding Takuro Sugawara.rar
2019-01-11 23:02 - 2019-01-11 23:08 - 020197278 _____ C:\Users\FLORES\Downloads\Shoppai Namida.rar
2019-01-11 22:36 - 2019-01-11 22:37 - 164708655 _____ C:\Users\FLORES\Downloads\[FLAC] Chuunibyou Demo Koi ga Shitai! Ending Single - INSIDE IDENTITY.rar
2019-01-11 22:14 - 2019-01-11 22:15 - 046496576 _____ C:\Users\FLORES\Downloads\(SNKK) 330.rar
2019-01-11 22:06 - 2019-01-11 22:07 - 045861716 _____ C:\Users\FLORES\Downloads\01_Panorama_Panama_Town_-_Rapture.flac
2019-01-11 21:40 - 2019-01-11 21:59 - 119498448 _____ C:\Users\FLORES\Downloads\MYTH&ROID_-_HYDRA_[FLAC].rar
2019-01-11 21:37 - 2019-01-11 21:37 - 064994450 _____ C:\Users\FLORES\Downloads\[2013.01.30] Nomizu Iori - Black † White.rar
2019-01-11 21:31 - 2019-01-11 21:31 - 177084491 _____ C:\Users\FLORES\Downloads\[Shin-S] Big Order OP Single - DISORDER (FLAC) [Yousei Teikoku].zip
2019-01-11 21:21 - 2019-01-11 21:23 - 007620880 _____ C:\Users\FLORES\Downloads\chaseme_a.rar
2019-01-11 21:17 - 2019-01-11 21:17 - 007287537 _____ C:\Users\FLORES\Downloads\FY-DS006.rar
2019-01-11 21:04 - 2019-01-11 21:08 - 137565329 ____R C:\Users\FLORES\Downloads\[ASL]_JAM_Project_-_ONE_PUNCH_MAN_OP_-_THE_HERO_Ikareru_Kobushi_ni_Hi_wo_Tsukero_[FLAC].rar
2019-01-11 20:56 - 2019-01-11 20:56 - 153779167 _____ C:\Users\FLORES\Downloads\[LonE] Spice and Wolf OP Single - Tabi no Tochuu [Kiyoura Natsumi] (FLAC).zip
2019-01-11 20:49 - 2019-01-11 20:49 - 173368138 _____ C:\Users\FLORES\Downloads\Toki wo Kizamu Uta - TORCH Single.zip
2019-01-11 20:41 - 2019-01-11 20:41 - 058793477 _____ C:\Users\FLORES\Downloads\0044C_AS_TwKUT.rar
2019-01-08 19:34 - 2019-01-08 19:34 - 026806784 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-01-08 19:34 - 2019-01-08 19:34 - 023440384 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-01-08 19:34 - 2019-01-08 19:34 - 020811776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2019-01-08 19:34 - 2019-01-08 19:34 - 019024384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-01-08 19:34 - 2019-01-08 19:34 - 012858368 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2019-01-08 19:34 - 2019-01-08 19:34 - 012151808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2019-01-08 19:34 - 2019-01-08 19:34 - 009677352 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-01-08 19:34 - 2019-01-08 19:34 - 007857152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-01-08 19:34 - 2019-01-08 19:34 - 007645600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-01-08 19:34 - 2019-01-08 19:34 - 006544800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-01-08 19:34 - 2019-01-08 19:34 - 006057984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-01-08 19:34 - 2019-01-08 19:34 - 005440016 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2019-01-08 19:34 - 2019-01-08 19:34 - 004588544 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2019-01-08 19:34 - 2019-01-08 19:34 - 003952952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.dll
2019-01-08 19:34 - 2019-01-08 19:34 - 003550592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2019-01-08 19:34 - 2019-01-08 19:34 - 003380224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-01-08 19:34 - 2019-01-08 19:34 - 003338328 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2019-01-08 19:34 - 2019-01-08 19:34 - 003270144 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2019-01-08 19:34 - 2019-01-08 19:34 - 002986352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.dll
2019-01-08 19:34 - 2019-01-08 19:34 - 002929152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2019-01-08 19:34 - 2019-01-08 19:34 - 002777432 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2019-01-08 19:34 - 2019-01-08 19:34 - 002626360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2019-01-08 19:34 - 2019-01-08 19:34 - 002594872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2019-01-08 19:34 - 2019-01-08 19:34 - 002469648 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2019-01-08 19:34 - 2019-01-08 19:34 - 002437552 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2019-01-08 19:34 - 2019-01-08 19:34 - 002323696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2019-01-08 19:34 - 2019-01-08 19:34 - 002275896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2019-01-08 19:34 - 2019-01-08 19:34 - 002186752 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-01-08 19:34 - 2019-01-08 19:34 - 002021584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2019-01-08 19:34 - 2019-01-08 19:34 - 001641616 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2019-01-08 19:34 - 2019-01-08 19:34 - 001616384 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2019-01-08 19:34 - 2019-01-08 19:34 - 001602560 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-01-08 19:34 - 2019-01-08 19:34 - 001388032 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2019-01-08 19:34 - 2019-01-08 19:34 - 001309696 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2019-01-08 19:34 - 2019-01-08 19:34 - 001255736 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-01-08 19:34 - 2019-01-08 19:34 - 001212416 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2019-01-08 19:34 - 2019-01-08 19:34 - 001201136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2019-01-08 19:34 - 2019-01-08 19:34 - 001058848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-01-08 19:34 - 2019-01-08 19:34 - 001050936 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-01-08 19:34 - 2019-01-08 19:34 - 001022464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MixedRealityCapture.dll
2019-01-08 19:34 - 2019-01-08 19:34 - 000998912 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2019-01-08 19:34 - 2019-01-08 19:34 - 000912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2019-01-08 19:34 - 2019-01-08 19:34 - 000870400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MixedRealityCapture.dll
2019-01-08 19:34 - 2019-01-08 19:34 - 000833536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2019-01-08 19:34 - 2019-01-08 19:34 - 000773120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2019-01-08 19:34 - 2019-01-08 19:34 - 000735232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2019-01-08 19:34 - 2019-01-08 19:34 - 000663040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2019-01-08 19:34 - 2019-01-08 19:34 - 000662528 ____R (Microsoft Corporation) C:\WINDOWS\system32\MixedRealityCapture.Pipeline.dll
2019-01-08 19:34 - 2019-01-08 19:34 - 000570368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll
2019-01-08 19:34 - 2019-01-08 19:34 - 000463672 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2019-01-08 19:34 - 2019-01-08 19:34 - 000448000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.Workflow.dll
2019-01-08 19:34 - 2019-01-08 19:34 - 000387384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2019-01-08 19:34 - 2019-01-08 19:34 - 000352768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2019-01-08 19:34 - 2019-01-08 19:34 - 000312832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.Workflow.dll
2019-01-08 19:34 - 2019-01-08 19:34 - 000178696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2019-01-08 19:34 - 2019-01-08 19:34 - 000155648 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2019-01-08 19:34 - 2019-01-08 19:34 - 000140808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tm.sys
2019-01-08 19:34 - 2019-01-08 19:34 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintWorkflowService.dll
2019-01-08 19:34 - 2019-01-08 19:34 - 000098816 ____R (Microsoft Corporation) C:\WINDOWS\system32\MixedRealityCapture.Broker.dll
2019-01-08 19:34 - 2019-01-08 19:34 - 000092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wanarp.sys
2019-01-08 19:34 - 2019-01-08 19:34 - 000047112 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser_broker.exe
2019-01-08 19:34 - 2019-01-08 19:34 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2019-01-08 19:34 - 2019-01-08 19:34 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2019-01-08 19:34 - 2019-01-08 19:34 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2019-01-08 19:34 - 2019-01-08 19:34 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2019-01-08 19:34 - 2019-01-08 19:34 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2019-01-08 19:34 - 2019-01-08 19:34 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2019-01-08 19:34 - 2019-01-08 19:34 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2019-01-08 19:34 - 2019-01-08 19:34 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2019-01-08 19:26 - 2019-01-08 19:30 - 123848964 _____ C:\Users\FLORES\Downloads\だってアタシのヒーロー Flac.rar
2019-01-08 19:15 - 2019-01-08 19:15 - 326610842 _____ C:\Users\FLORES\Downloads\Tokyo Ghoul.zip
2019-01-08 18:39 - 2019-01-08 19:00 - 891003783 ____R C:\Users\FLORES\Downloads\[ASL]_Various_Artists_-_Tokyo_Ghoul_Original_Soundtrack_[FLAC].rar
2019-01-08 18:38 - 2019-01-08 18:39 - 189715136 _____ C:\Users\FLORES\Downloads\(SNKK) Shkgkishm.OP-FLL.rar
2019-01-08 18:28 - 2019-01-08 18:29 - 160340783 _____ C:\Users\FLORES\Downloads\HIGHSCHOOL OF THE DEAD - Kishida Kyoudan, The Akeboshi Rockets [FLAC] [w Scans].rar
2019-01-08 12:28 - 2019-01-08 12:32 - 161938753 _____ C:\Users\FLORES\Downloads\RAROP-FLC.zip
2019-01-08 12:26 - 2019-01-08 13:33 - 139257526 _____ C:\Users\FLORES\Downloads\ERSED-FLC.zip
2019-01-08 11:17 - 2019-01-08 11:18 - 061248589 _____ C:\Users\FLORES\Downloads\[Funime-Forunesia] C_OPED.rar
2019-01-08 11:15 - 2019-01-08 11:16 - 037200368 _____ C:\Users\FLORES\Downloads\[Forunesia] Yake Ochinai Tsubasa.flac
2019-01-08 11:14 - 2019-01-08 11:15 - 042151394 _____ C:\Users\FLORES\Downloads\[Forunesia] Bravely You.flac
2019-01-08 10:53 - 2019-01-08 10:54 - 031277246 _____ C:\Users\FLORES\Downloads\(SNKK) 541.rar
2019-01-08 10:39 - 2019-01-08 10:41 - 036503299 _____ C:\Users\FLORES\Downloads\(SNKK) 333.rar
2019-01-08 09:37 - 2019-01-08 10:09 - 079882024 _____ C:\Users\FLORES\Downloads\[2014.04.16] J feet. MfG - dd [S] - eimusics.com.zip
2019-01-08 09:13 - 2019-01-08 09:14 - 036859233 _____ C:\Users\FLORES\Downloads\001OPS2.zip
2019-01-08 08:59 - 2019-01-08 09:03 - 140060405 _____ C:\Users\FLORES\Downloads\Single_STEREO_DIVE_FOUNDATION_-_Renegade_Nihon_Ongaku__FLAC.7z
2019-01-08 08:45 - 2019-01-08 08:46 - 047135093 _____ C:\Users\FLORES\Downloads\binaria.rar
2019-01-08 08:44 - 2019-01-08 08:44 - 110316264 _____ C:\Users\FLORES\Downloads\_SoundFLAC__LiCM.zip
2019-01-07 12:50 - 2019-01-07 12:50 - 000083322 _____ C:\Users\FLORES\Downloads\El_Psy_Kongroo_archive.torrent
2019-01-02 20:43 - 2019-01-02 20:43 - 000000000 ____D C:\Users\FLORES\AppData\Local\NBGI
2019-01-02 20:40 - 2013-06-01 13:58 - 000132096 _____ C:\Users\FLORES\Documents\dxgi.dll
2019-01-02 20:36 - 2019-01-02 20:36 - 000000000 ____D C:\Users\FLORES\Desktop\Modo Dios.{ED7BA470-8E54-465E-825C-99712043E01C}
2019-01-02 20:32 - 2019-01-02 20:33 - 002186864 _____ (Microsoft Corporation) C:\Users\FLORES\Downloads\d3d11.dll
2019-01-02 20:12 - 2019-01-02 20:12 - 000315624 _____ (Microsoft Corporation) C:\Users\FLORES\Downloads\dxwebsetup.exe
2019-01-02 19:10 - 2019-01-02 19:12 - 000000000 ____D C:\Users\FLORES\Documents\DSMODT
2019-01-02 19:01 - 2019-01-02 20:04 - 000000000 ____D C:\Users\FLORES\Documents\Texturas
2019-01-02 18:30 - 2019-01-02 18:30 - 000000000 ____D C:\Users\FLORES\Documents\Telltale Games
2019-01-02 18:16 - 2019-01-02 18:16 - 000000000 ____D C:\Users\FLORES\Documents\NBGI
2019-01-02 10:54 - 2019-01-02 10:54 - 000000000 ____D C:\Users\FLORES\AppData\Roaming\sp6_log
2019-01-01 12:12 - 2019-01-01 12:12 - 000000000 ____D C:\Users\FLORES\AppData\Local\WonderShare
2019-01-01 12:11 - 2019-01-01 12:12 - 000000000 ____D C:\Users\FLORES\AppData\Roaming\Wondershare
2019-01-01 12:08 - 2019-01-01 23:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare
2019-01-01 12:07 - 2017-09-27 17:29 - 000000232 _____ C:\WINDOWS\SysWOW64\dllhost.exe.config
2019-01-01 12:06 - 2019-01-01 23:20 - 000000000 ____D C:\ProgramData\Wondershare
2019-01-01 12:06 - 2019-01-01 12:07 - 000000000 ____D C:\Program Files (x86)\Wondershare
2019-01-01 12:05 - 2019-01-01 12:08 - 000000000 ____D C:\Users\Public\Documents\Wondershare
2019-01-01 12:04 - 2019-01-01 12:04 - 004294489 _____ C:\Users\FLORES\Downloads\Cloneit-web.apk
2019-01-01 12:04 - 2019-01-01 12:04 - 001000552 _____ C:\Users\FLORES\Downloads\drfone_transfer_setup_full3414.exe
2018-12-29 13:41 - 2018-12-29 13:41 - 000000160 _____ C:\Users\FLORES\Downloads\bunnyhop.cfg
2018-12-28 23:12 - 2018-12-28 23:12 - 000001085 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CC 2018.lnk
2018-12-26 14:14 - 2018-12-26 14:14 - 000001128 _____ C:\Users\FLORES\Desktop\MEGAsync.lnk
2018-12-26 14:14 - 2018-12-26 14:14 - 000000000 ____D C:\Users\FLORES\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MEGAsync
2018-12-26 14:14 - 2018-12-26 14:14 - 000000000 ____D C:\Users\FLORES\AppData\Local\MEGAsync
2018-12-26 14:12 - 2018-12-26 14:14 - 029094392 _____ (MEGA Limited) C:\Users\FLORES\Downloads\MEGAsyncSetup (1).exe
2018-12-25 13:16 - 2018-12-25 13:16 - 008497105 _____ C:\Users\FLORES\Downloads\Guia_Repartir_Puntos_AZORAHAI.xlsx
2018-12-24 04:54 - 2018-12-24 04:54 - 000000000 ____D C:\Users\FLORES\AppData\Local\Tempzxpsignb52167c3111c17b4
2018-12-24 04:40 - 2018-12-24 04:40 - 000007307 _____ C:\Users\FLORES\Downloads\gradient-linear-blue-purple-1920x1080-c2-00bfff-9400d3-a-90-f-14.svg
2018-12-24 04:40 - 2018-12-24 04:40 - 000007253 _____ C:\Users\FLORES\Downloads\purple-cyan-linear-gradient-1920x1080-c2-27b3b6-ff00ff-a-90-f-14.svg
2018-12-24 04:29 - 2018-12-24 04:29 - 000000000 ____D C:\Users\FLORES\AppData\Local\Tempzxpsigna34ae43f6253148b
2018-12-24 04:25 - 2018-12-24 04:25 - 000000000 ____D C:\Users\FLORES\AppData\Local\Tempzxpsignbb26c31ce63b718c
2018-12-24 04:25 - 2018-12-24 04:25 - 000000000 ____D C:\Users\FLORES\AppData\Local\Tempzxpsign49313d985fbafe1e
2018-12-23 16:17 - 2018-12-23 16:17 - 019299120 _____ (Piriform Software Ltd) C:\Users\FLORES\Downloads\ccsetup551.exe
2018-12-22 12:22 - 2018-12-22 12:22 - 000000656 _____ C:\Users\FLORES\Downloads\wu10.diagcab
2018-12-22 12:19 - 2011-09-26 07:28 - 000343040 _____ (Jonathan Mathews Software) C:\Users\FLORES\Documents\Ascgen2.exe
2018-12-22 12:10 - 2018-12-22 12:10 - 000000972 _____ C:\Users\FLORES\Desktop\IMG2TXT.lnk
2018-12-22 12:10 - 2018-12-22 12:10 - 000000000 ____D C:\Users\FLORES\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ant Creation
2018-12-22 12:10 - 2018-12-22 12:10 - 000000000 ____D C:\Program Files\Ant Creation
2018-12-21 13:21 - 2018-12-21 13:52 - 1219637757 _____ C:\Users\FLORES\Downloads\Cliente Full PeruMu Season 13 Ep2.exe
2018-12-21 11:04 - 2018-12-22 13:27 - 000000000 ____D C:\Users\FLORES\AppData\Roaming\dvdcss
2018-12-21 11:00 - 2018-12-21 11:00 - 000000945 _____ C:\Users\FLORES\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PPanther.lnk
2018-12-21 10:46 - 2011-08-12 07:44 - 000011603 _____ C:\Users\FLORES\Documents\[Shining] Mayoi Neko Overrun -  01.mp4.torrent
2018-12-20 20:34 - 2018-12-20 20:34 - 000840192 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2018-12-20 20:34 - 2018-12-20 20:34 - 000684032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-01-18 21:41 - 2018-12-17 22:30 - 001775178 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-01-18 21:41 - 2018-09-15 11:37 - 000788392 _____ C:\WINDOWS\system32\perfh00A.dat
2019-01-18 21:41 - 2018-09-15 11:37 - 000155682 _____ C:\WINDOWS\system32\perfc00A.dat
2019-01-18 21:41 - 2018-09-15 02:31 - 000000000 ____D C:\WINDOWS\INF
2019-01-18 21:38 - 2018-07-12 09:54 - 000000000 ____D C:\ProgramData\NVIDIA
2019-01-18 21:35 - 2018-12-17 22:31 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-01-18 21:35 - 2018-09-15 02:33 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-01-18 21:34 - 2018-09-15 01:09 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2019-01-18 21:27 - 2018-07-12 11:00 - 000000000 ____D C:\ProgramData\KMSAutoS
2019-01-18 21:24 - 2018-09-23 20:53 - 000000000 ____D C:\Users\FLORES\AppData\Roaming\vlc
2019-01-18 21:18 - 2018-07-12 11:09 - 000000000 ____D C:\Program Files (x86)\Steam
2019-01-18 21:14 - 2018-11-09 23:04 - 000000000 ____D C:\ProgramData\Malwarebytes
2019-01-18 21:11 - 2018-12-17 22:31 - 000003936 _____ C:\WINDOWS\System32\Tasks\CCleaner Update
2019-01-18 21:11 - 2018-08-08 06:09 - 000000863 _____ C:\Users\Public\Desktop\CCleaner.lnk
2019-01-18 20:58 - 2018-12-17 22:14 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-01-18 19:37 - 2018-09-15 02:33 - 000000000 ____D C:\WINDOWS\system32\NDF
2019-01-18 18:56 - 2018-07-12 09:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2019-01-18 18:56 - 2018-07-12 09:54 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2019-01-18 18:56 - 2018-07-12 09:53 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2019-01-18 18:56 - 2018-07-12 09:53 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2019-01-18 18:55 - 2018-09-15 02:33 - 000000000 ____D C:\WINDOWS\Help
2019-01-18 18:52 - 2018-07-12 09:55 - 000000000 ____D C:\Users\FLORES\AppData\Local\NVIDIA
2019-01-18 18:09 - 2018-07-18 17:13 - 000000000 ____D C:\Program Files\Microsoft Office
2019-01-18 17:49 - 2018-12-17 22:31 - 000004220 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{0C907D51-FCDD-4A5D-A728-7715FF4F61B1}
2019-01-14 21:59 - 2018-09-15 02:33 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2019-01-14 01:31 - 2018-07-15 01:03 - 000000000 ____D C:\Users\FLORES\Documents\MEGAsync Downloads
2019-01-13 20:51 - 2018-12-17 22:19 - 000000000 ____D C:\Users\FLORES
2019-01-12 10:36 - 2018-09-29 19:57 - 000000000 ____D C:\Users\FLORES\AppData\Roaming\Mp3tag
2019-01-12 09:31 - 2018-07-15 06:13 - 000000000 ____D C:\Users\FLORES\AppData\Roaming\uTorrent
2019-01-11 10:30 - 2018-09-15 02:23 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-01-11 10:26 - 2018-09-15 02:36 - 000835480 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2019-01-11 10:26 - 2018-09-15 02:36 - 000179600 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2019-01-11 10:21 - 2018-09-15 11:40 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2019-01-11 10:21 - 2018-09-15 11:40 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2019-01-11 10:21 - 2018-09-15 11:40 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2019-01-11 10:21 - 2018-09-15 02:33 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-01-11 06:06 - 2018-07-12 09:54 - 000001951 _____ C:\WINDOWS\NvTelemetryContainerRecovery.bat
2019-01-08 19:41 - 2018-07-12 11:31 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-01-08 19:37 - 2018-07-12 11:31 - 132790320 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-01-04 10:43 - 2018-09-09 00:07 - 000002469 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk
2019-01-04 10:40 - 2018-07-12 11:56 - 000000000 ____D C:\Users\FLORES\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2019-01-03 00:30 - 2018-12-16 03:03 - 000000000 ____D C:\Users\FLORES\AppData\Local\Spotify
2019-01-03 00:27 - 2018-12-16 03:01 - 000000000 ____D C:\Users\FLORES\AppData\Roaming\Spotify
2019-01-02 20:13 - 2018-07-12 09:43 - 000000000 ____D C:\Users\FLORES\AppData\Local\D3DSCache
2019-01-02 10:55 - 2018-07-12 10:52 - 000000000 ____D C:\ProgramData\Logishrd
2019-01-01 15:55 - 2018-12-17 22:14 - 000618992 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2018-12-30 22:33 - 2018-09-15 02:33 - 000000000 ___HD C:\Program Files\WindowsApps
2018-12-28 23:12 - 2018-08-28 08:37 - 000000000 ____D C:\Users\FLORES\AppData\Roaming\Adobe
2018-12-28 23:12 - 2018-07-28 02:32 - 000000000 ____D C:\Users\FLORES\Documents\Adobe
2018-12-28 23:09 - 2018-07-28 01:33 - 000000000 ____D C:\ProgramData\Adobe
2018-12-28 23:08 - 2018-10-06 08:48 - 000000000 ____D C:\Program Files\Common Files\Adobe
2018-12-26 14:15 - 2018-12-17 22:31 - 000000000 ____D C:\WINDOWS\System32\Tasks\MEGA
2018-12-26 09:09 - 2018-08-11 14:58 - 000000000 ____D C:\Program Files (x86)\PERUMU
2018-12-25 13:19 - 2018-07-12 09:41 - 000000000 ____D C:\Users\FLORES\AppData\Local\Packages
2018-12-23 18:41 - 2018-09-15 02:33 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-12-23 18:34 - 2018-07-12 09:54 - 000000000 ____D C:\ProgramData\Package Cache
2018-12-23 17:54 - 2018-07-12 10:53 - 000018960 _____ (Logitech, Inc.) C:\WINDOWS\system32\Drivers\LNonPnP.sys
2018-12-23 14:52 - 2018-08-11 15:04 - 000001080 _____ C:\Users\FLORES\Desktop\PeruMu Season13.lnk
2018-12-23 11:09 - 2018-09-15 01:09 - 000000000 ____D C:\WINDOWS\servicing
2018-12-21 10:59 - 2018-07-30 15:02 - 000000000 ____D C:\Games
2018-12-21 09:52 - 2018-12-17 22:31 - 000003684 _____ C:\WINDOWS\System32\Tasks\AdobeGCInvoker-1.0-DESKTOP-P9RORPM-FLORES
2018-12-20 20:39 - 2018-12-17 22:31 - 000003378 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2780051163-1415925091-345908403-1001
2018-12-20 20:39 - 2018-12-17 22:19 - 000002400 _____ C:\Users\FLORES\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-12-20 20:39 - 2018-07-12 09:44 - 000000000 ___RD C:\Users\FLORES\OneDrive
2018-12-20 06:14 - 2018-12-17 22:31 - 000003418 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2018-12-20 06:14 - 2018-12-17 22:31 - 000003294 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2018-12-19 16:00 - 2018-12-17 19:21 - 000000000 ___DC C:\WINDOWS\Panther
2018-12-19 16:00 - 2018-07-19 22:38 - 000000000 ____D C:\Users\FLORES\AppData\Local\CrashDumps

==================== Files in the root of some directories =======

2018-10-06 08:49 - 2018-12-09 23:09 - 000000034 _____ () C:\Users\FLORES\AppData\Roaming\AdobeWLCMCache.dat
2018-09-30 09:06 - 2018-09-30 09:06 - 000000000 _____ () C:\Users\FLORES\AppData\Local\oobelibMkey.log

Some files in TEMP:
====================
2019-01-18 18:58 - 2018-12-11 02:08 - 005059680 _____ (NVIDIA Corporation) C:\Users\FLORES\AppData\Local\Temp\NVI2_29.DLL
2019-01-18 18:52 - 2018-12-11 02:32 - 000396272 _____ (NVIDIA Corporation) C:\Users\FLORES\AppData\Local\Temp\nvStInst.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

==================== End of FRST.txt ============================

#3
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 16.01.2019 01
Ran by FLORES (18-01-2019 21:43:29)
Running from C:\Users\FLORES\Desktop
Windows 10 Education Version 1809 17763.253 (X64) (2018-12-18 03:32:49)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrador (S-1-5-21-2780051163-1415925091-345908403-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2780051163-1415925091-345908403-503 - Limited - Disabled)
FLORES (S-1-5-21-2780051163-1415925091-345908403-1001 - Administrator - Enabled) => C:\Users\FLORES
Invitado (S-1-5-21-2780051163-1415925091-345908403-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-2780051163-1415925091-345908403-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Disabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-2780051163-1415925091-345908403-1001\...\uTorrent) (Version: 3.5.5.44989 - BitTorrent Inc.)
Activision(R) (HKLM-x32\...\{14C36646-83C8-430E-92B3-16F998BDB4E0}) (Version: 1.0 - Activision) Hidden
Actualización de NVIDIA 34.0.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 34.0.0.0 - NVIDIA Corporation) Hidden
Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 19.010.20069 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.6.1.393 - Adobe Systems Incorporated)
Adobe Illustrator CC 2017 (HKLM-x32\...\ILST_21_0_0) (Version: 21.0.0 - Adobe Systems Incorporated)
Adobe Photoshop CC 2018 (HKLM-x32\...\PHSP_19_0) (Version: 19.0 - Adobe Systems Incorporated)
Advanced RAR Repair v1.2 (HKLM-x32\...\Advanced RAR Repair v1.2) (Version:  - )
Alan Wake (HKLM\...\{29BF772F-5A28-4721-B93C-1C0F5E74AE99}_is1) (Version: 1.0.0.0 - )
Alice Madness Returns - The Complete Collection (HKLM-x32\...\Alice Madness Returns - The Complete Collection_is1) (Version:  - )
Arx Libertatis (HKLM\...\ArxLibertatis) (Version: 1.1.2 - )
Assassin's Creed IV Black Flag (HKLM-x32\...\Uplay Install 273) (Version:  - Ubisoft)
CCleaner (HKLM\...\CCleaner) (Version: 5.52 - Piriform)
Cheat Engine 6.8.1 (HKLM-x32\...\Cheat Engine 6.8.1_is1) (Version:  - Cheat Engine)
CPUID CPU-Z 1.85 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.85 - CPUID, Inc.)
Crash Bandicoot N Sane Trilogy MULTi6 - ElAmigos versión 1.0 (HKLM-x32\...\{327BFB1B-E44E-4824-9EB7-EA92A8D3CAEC}_is1) (Version: 1.0 - Activision)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.8.0.0466 - Disc Soft Ltd)
DEVIL MAY CRY 4 (HKLM-x32\...\{D4E5A687-797D-44B1-8F96-4FD7A24166A9}) (Version: 1.00.000 - CAPCOM CO., LTD.)
Discord (HKU\S-1-5-21-2780051163-1415925091-345908403-1001\...\Discord) (Version: 0.0.301 - Discord Inc.)
DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 417.71 - NVIDIA Corporation) Hidden
DriversCloud.com (64 bits) (HKLM\...\{A05439B0-F943-46C3-85B6-1C9D02A090E8}) (Version: 10.0.7.0 - Cybelsoft)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 71.0.3578.98 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.23 - Google Inc.) Hidden
HandBrake 1.1.1 (HKLM-x32\...\HandBrake) (Version: 1.1.1 - )
Hextech Repair Tool (HKLM-x32\...\{7F9A97E6-E666-11E5-B582-B88687E82322}) (Version: 1.1.91 - Riot Games, Inc.)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.7.0.1058 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.8.16.1063 - Intel Corporation)
Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.48.139.0 - Intel Corporation) Hidden
Intel(R) Trusted Connect Services Client (HKLM-x32\...\{fd62de85-bda9-4280-a95b-fa2f86e0dc58}) (Version: 1.48.139.0 - Intel Corporation) Hidden
Java 8 Update 181 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180181F0}) (Version: 8.0.1810.13 - Oracle Corporation)
League Displays (HKLM-x32\...\LolScreenSaver) (Version: W1.0.992-beta - Riot Games)
League of Legends (HKLM-x32\...\League of Legends 1.0) (Version: 1.0 - Riot Games, Inc)
Malwarebytes versión 3.6.1.2711 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.6.1.2711 - Malwarebytes)
MEGAsync (HKLM-x32\...\MEGAsync) (Version:  - Mega Limited)
Microsoft Halo (HKLM-x32\...\Halo) (Version:  - Microsoft)
Microsoft Office Profesional 2016 - es-es (HKLM\...\ProfessionalRetail - es-es) (Version: 16.0.11126.20266 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2780051163-1415925091-345908403-1001\...\OneDriveSetup.exe) (Version: 18.222.1104.0007 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{57660847-B1F7-35BD-9118-F62EB863A598}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.13.26020 (HKLM-x32\...\{7474cd6e-76cc-4257-837e-5b9261e526af}) (Version: 14.13.26020.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.13.26020 (HKLM-x32\...\{5c045b7f-e561-4794-91f8-c6cda0893107}) (Version: 14.13.26020.0 - Microsoft Corporation)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{449EFED6-5F86-4428-8EB2-3DA1F6E67CE4}) (Version: 1.20.146.0 - Microsoft)
Mozilla Firefox 61.0.2 (x64 es-ES) (HKLM\...\Mozilla Firefox 61.0.2 (x64 es-ES)) (Version: 61.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 61.0.2 - Mozilla)
Mp3tag v2.91 (HKLM-x32\...\Mp3tag) (Version: 2.91 - Florian Heidenreich)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.12 - NVIDIA Corporation) Hidden
NVIDIA Controlador de 3D Vision 417.71 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 417.71 - NVIDIA Corporation)
NVIDIA Controlador de audio HD 1.3.38.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.4 - NVIDIA Corporation)
NVIDIA Controlador de gráficos 417.71 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 417.71 - NVIDIA Corporation)
NVIDIA Controlador de la controladora 3D Vision 390.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 390.41 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.16.0.140 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.16.0.140 - NVIDIA Corporation)
NVIDIA PhysX (Legacy) (HKLM-x32\...\{6F9D5A0B-202C-4161-BC7F-0664EA39E7E7}) (Version: 9.12.1031 - NVIDIA Corporation)
NVIDIA Software del sistema PhysX 9.18.0907 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.18.0907 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.11126.20266 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.11126.20266 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0C0A-1000-0000000FF1CE}) (Version: 16.0.11126.20266 - Microsoft Corporation) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Operation7 (HKLM-x32\...\Operation7_is1) (Version: 1 - Softnyx Co., Ltd.)
Panel de control de NVIDIA 417.71 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 417.71 - NVIDIA Corporation) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.27.511.2018 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7841 - Realtek Semiconductor Corp.)
RetroArch 1.7.3 (HKU\S-1-5-21-2780051163-1415925091-345908403-1001\...\RetroArch) (Version: 1.7.3 - libretro)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.51.0 - SAMSUNG Electronics Co., Ltd.)
SHAREit (HKLM-x32\...\www.ushareit.com_is1) (Version: 4.0.6.177 - SHAREit Technologies Co.Ltd)
Spider-Man(TM) - Dimensions (HKLM-x32\...\InstallShield_{14C36646-83C8-430E-92B3-16F998BDB4E0}) (Version: 1.0 - Activision)
Spotify (HKU\S-1-5-21-2780051163-1415925091-345908403-1001\...\Spotify) (Version: 1.0.96.181.gf6bc1b6b - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Streamlabs OBS 0.9.8 (HKLM\...\029c4619-0385-5543-9426-46f9987161d9) (Version: 0.9.8 - General Workings, Inc.)
Ultimate Control versión 1.2 (HKLM-x32\...\{4D649577-47C2-4068-B7B8-09D1FEE7EF03}_is1) (Version: 1.2 - NEGU Soft)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{C5FDDED7-DEC7-48B4-AFD8-DFB8A0FD199A}) (Version: 2.51.0.0 - Microsoft Corporation)
Uplay (HKLM-x32\...\Uplay) (Version: 64.0 - Ubisoft)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.4 - VideoLAN)
Watch_Dogs (HKLM-x32\...\Uplay Install 274) (Version:  - Ubisoft)
WinRAR 5.50 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2780051163-1415925091-345908403-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-D9810E8367F0}\InprocServer32 -> %%systemroot%%\system32\shell32.dll => No File
CustomCLSID: HKU\S-1-5-21-2780051163-1415925091-345908403-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\FLORES\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] ()
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\FLORES\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] ()
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\FLORES\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] ()
ShellIconOverlayIdentifiers: [   AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] ()
ShellIconOverlayIdentifiers: [   AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] ()
ShellIconOverlayIdentifiers: [   AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] ()
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\FLORES\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] ()
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\FLORES\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] ()
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\FLORES\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] ()
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] ()
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2015-03-17] (Adobe Systems Inc.)
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\FLORES\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] ()
ContextMenuHandlers1: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2018-09-23] (Florian Heidenreich)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers2: [DaemonShellExtDriveLite] -> {C06369D6-E77D-4626-9656-1256312BD576} => C:\Program Files\DAEMON Tools Lite\DTShl64.dll [2018-06-20] (Disc Soft Ltd)
ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\FLORES\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] ()
ContextMenuHandlers2: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2018-09-23] (Florian Heidenreich)
ContextMenuHandlers3: [DaemonShellExtImageLite] -> {1D1B5D7B-0FC9-452E-902C-12BACD4FBC20} => C:\Program Files\DAEMON Tools Lite\DTShl64.dll [2018-06-20] (Disc Soft Ltd)
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\FLORES\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] ()
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\FLORES\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] ()
ContextMenuHandlers4: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2018-09-23] (Florian Heidenreich)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2019-01-11] (NVIDIA Corporation)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] ()
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2015-03-17] (Adobe Systems Inc.)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (Alexander Roshal)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {05A4F4E9-8927-4144-877D-EC0C3DA495FD} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2019-01-10] (Piriform Ltd)
Task: {074E6E91-087B-4BCB-B395-DAA79D2C1C71} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\sdxhelper.exe [2019-01-18] (Microsoft Corporation)
Task: {1394432A-9138-4F00-8EE6-4047E17A3814} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-08-14] (Adobe Systems Incorporated)
Task: {2CA496A5-ADA0-4ECA-ACB6-E54EB50EEBED} - System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-12-06] (NVIDIA Corporation)
Task: {4304FB24-3F2F-4C8E-8C62-32FF1AEE8956} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-07-12] (Google Inc.)
Task: {44E92D67-0C0D-4387-A7F3-DF065A76AB8F} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-12-06] (NVIDIA Corporation)
Task: {4A6895D7-F6F7-4031-985C-F03F56C6C93D} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [2019-01-16] (AVAST Software)
Task: {4D658C7D-4284-4DAF-ACCE-B33589F3E0D3} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2019-01-18] (Microsoft Corporation)
Task: {5C6A674A-9804-4896-80FE-AF9714AF8829} - System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-12-06] (NVIDIA Corporation)
Task: {6234C8DC-BA9B-420C-BFAE-CF4D972E486B} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2018-12-06] (NVIDIA Corporation)
Task: {69D258E0-829D-417F-933E-FCA170E7DFE4} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\IntelPTTEKRecertification.exe [2017-11-08] (Intel(R) Corporation)
Task: {7355206C-B9A1-4605-8926-D0EDC2A11472} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2018-12-06] (NVIDIA Corporation)
Task: {738DFD0E-F8B8-4A60-9F38-AF3A9097815B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-07-12] (Google Inc.)
Task: {7B42BAE1-172E-48F3-81D3-2951E78D8344} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2019-01-10] (Piriform Software Ltd)
Task: {92243B32-7CC4-4527-9CAE-5FEF4C4C325C} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2019-01-02] (Microsoft Corporation)
Task: {95DB866A-D1A9-451C-AF21-86B97971B600} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\sdxhelper.exe [2019-01-18] (Microsoft Corporation)
Task: {98BE07D2-C624-4DB0-92C5-C9623F8999D2} - System32\Tasks\AdobeGCInvoker-1.0-DESKTOP-P9RORPM-FLORES => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2018-12-13] (Adobe Systems, Incorporated)
Task: {9E3993CD-80BB-48EB-8A35-546216613F16} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-12-06] (NVIDIA Corporation)
Task: {A18C6B8E-A37D-4ADB-9378-4541855A8F52} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2018-12-06] (NVIDIA Corporation)
Task: {A3FC6F90-A3F1-4945-B9A1-840F88696C40} - System32\Tasks\AdobeAAMUpdater-1.0-DESKTOP-P9RORPM-FLORES => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2018-04-11] (Adobe Systems Incorporated)
Task: {A56C0723-EBC9-422A-A3A7-D1D3DEB81335} - System32\Tasks\MEGA\MEGAsync Update Task S-1-5-21-2780051163-1415925091-345908403-1001 => C:\Users\FLORES\AppData\Local\MEGAsync\MEGAupdater.exe [2018-01-15] (Mega Limited)
Task: {A81E0B1D-F470-4F02-9B18-AED267BCDC8C} - System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-12-06] (NVIDIA Corporation)
Task: {AEE18A7B-E5C6-4F5D-8568-CC441AB59B84} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2019-01-02] (Microsoft Corporation)
Task: {C1766467-3208-43DE-ACD7-488D64ACC53E} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2019-01-18] (Microsoft Corporation)
Task: {CF904B18-9F16-4805-A30C-0AE194D6E46F} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-12-06] (NVIDIA Corporation)
Task: {D8F0CCEE-1BA4-424D-BB2D-22FEC8D1CBAF} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-12-06] (NVIDIA Corporation)
Task: {E39F8E32-F4B6-44B2-B8AF-D84A6CFEB7B8} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\WINDOWS\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-09-15] ()
Task: {FD5A4BD6-131B-4CBA-BF5F-3F4F5688FC1A} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-12-06] (NVIDIA Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Intel PTT EK Recertification.job => C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\IntelPTTEKRecertification.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2018-07-12 09:41 - 2013-07-03 20:32 - 000936728 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
2018-07-12 19:12 - 2018-07-12 13:10 - 000355304 _____ () C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\bin\wallpaperservice32_c.exe
2018-09-15 02:28 - 2018-09-15 02:28 - 000834088 _____ () C:\Windows\System32\InputHost.dll
2017-10-18 16:51 - 2017-10-18 16:51 - 000598528 _____ () C:\Users\FLORES\AppData\Local\MEGAsync\ShellExtX64.dll
2018-03-05 19:47 - 2018-03-05 19:47 - 000614848 _____ () C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll
2018-09-15 02:28 - 2018-09-15 02:28 - 000474624 _____ () C:\Windows\ShellExperiences\TileControl.dll
2018-12-17 21:40 - 2018-12-17 21:40 - 002801152 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll
2018-09-15 02:28 - 2018-09-15 02:28 - 001740288 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2018-09-15 11:41 - 2018-09-15 11:41 - 000009216 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.26.95.0_x64__kzf8qxf38zg5c\ImagePipelineNative.dll
2018-09-15 11:41 - 2018-09-15 11:41 - 000058880 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.26.95.0_x64__kzf8qxf38zg5c\ChakraBridge.dll
2018-09-15 11:41 - 2018-09-15 11:41 - 000014336 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.26.95.0_x64__kzf8qxf38zg5c\SkypeHelperProxiesAndStubs.dll
2018-09-15 11:41 - 2018-09-15 11:41 - 011559936 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.26.95.0_x64__kzf8qxf38zg5c\LibWrapper.dll
2018-09-15 11:41 - 2018-09-15 11:41 - 002669568 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.26.95.0_x64__kzf8qxf38zg5c\skypert.dll
2018-09-15 11:41 - 2018-09-15 11:41 - 000144384 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.26.95.0_x64__kzf8qxf38zg5c\SkypeHelper.exe
2018-07-12 09:55 - 2018-12-06 05:14 - 001315312 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2018-07-12 09:55 - 2018-12-06 05:14 - 101252592 _____ () C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\libcef.dll
2018-07-12 09:55 - 2018-12-06 05:14 - 004620272 _____ () C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\libglesv2.dll
2018-07-12 09:55 - 2018-12-06 05:14 - 000109040 _____ () C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\libegl.dll
2018-09-15 11:41 - 2018-09-15 11:41 - 000093696 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11805.1001.49.0_x64__8wekyb3d8bbwe\WinStore.Preview.dll
2018-09-15 11:41 - 2018-09-15 11:41 - 002447072 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11805.1001.49.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-09-15 11:41 - 2018-09-15 11:41 - 007813632 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11805.1001.49.0_x64__8wekyb3d8bbwe\WinStore.Entertainment.Mobile.dll
2018-09-15 11:42 - 2018-09-15 11:42 - 024893952 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.18052.20211.0_x64__8wekyb3d8bbwe\Music.UI.exe
2018-09-15 11:42 - 2018-09-15 11:42 - 000306176 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.18052.20211.0_x64__8wekyb3d8bbwe\SharedUI.dll
2018-09-15 11:42 - 2018-09-15 11:42 - 006736384 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.18052.20211.0_x64__8wekyb3d8bbwe\EntCommon.dll
2018-09-15 02:29 - 2018-09-15 02:29 - 000400928 _____ () C:\WINDOWS\SYSTEM32\WINBIOPLUGINS\FACEBOOTSTRAPADAPTER.DLL
2018-09-15 11:44 - 2018-09-15 11:44 - 000475136 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18051.21218.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2018-09-15 11:44 - 2018-09-15 11:44 - 024116736 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18051.21218.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2018-09-15 11:44 - 2018-09-15 11:44 - 014214144 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18051.21218.0_x64__8wekyb3d8bbwe\PhotosApp.Windows.dll
2018-09-15 11:44 - 2018-09-15 11:44 - 002803712 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18051.21218.0_x64__8wekyb3d8bbwe\AppCore.Windows.dll
2018-09-15 11:44 - 2018-09-15 11:44 - 001405440 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18051.21218.0_x64__8wekyb3d8bbwe\Microsoft.RichMedia.Ink.Controls.dll
2018-09-15 11:44 - 2018-09-15 11:44 - 004584960 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18051.21218.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-09-15 11:44 - 2018-09-15 11:44 - 000043008 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18051.21218.0_x64__8wekyb3d8bbwe\Microsoft.Photos.Edit.Services.dll
2018-09-15 11:44 - 2018-09-15 11:44 - 000629760 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18051.21218.0_x64__8wekyb3d8bbwe\RuntimeConfiguration.dll
2018-07-12 09:41 - 2019-01-18 21:35 - 000033936 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\PEbiosinterface32.dll
2018-07-12 09:41 - 2013-07-03 20:32 - 000104448 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\ATKEX.dll
2017-11-22 18:18 - 2017-11-22 18:18 - 001244304 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2018-07-12 09:55 - 2018-12-06 05:14 - 001033200 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2018-04-11 18:38 - 2018-04-11 18:36 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path: C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\iCLS\;C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-2780051163-1415925091-345908403-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\FLORES\Pictures\champion-kaisa-bulletangel-splash.jpg
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

HKLM\...\StartupApproved\Run: => "EvtMgr6"
HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "LeagueDisplays"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKU\S-1-5-21-2780051163-1415925091-345908403-1001\...\StartupApproved\StartupFolder: => "MEGAsync.lnk"
HKU\S-1-5-21-2780051163-1415925091-345908403-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2780051163-1415925091-345908403-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-2780051163-1415925091-345908403-1001\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"
HKU\S-1-5-21-2780051163-1415925091-345908403-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-2780051163-1415925091-345908403-1001\...\StartupApproved\Run: => "Adobe Acrobat Synchronizer"
HKU\S-1-5-21-2780051163-1415925091-345908403-1001\...\StartupApproved\Run: => "Spotify"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{49138818-D769-4596-83DA-42620828D91C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation)
FirewallRules: [{A52D0F9F-FF54-4BDB-854C-E9F9B4EF3A20}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation)
FirewallRules: [{1048CA03-E693-4B30-8580-3CD1B64DA94F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation)
FirewallRules: [{A1F7EFC6-C070-43B4-93D5-936EC8DCA30E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation)
FirewallRules: [UDP Query User{A11EE119-FC18-4356-953A-BC6696B94477}C:\users\flores\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\flores\appdata\roaming\spotify\spotify.exe (Spotify Ltd)
FirewallRules: [TCP Query User{D5C044D6-9A06-4487-BEBA-3510AA3511BD}C:\users\flores\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\flores\appdata\roaming\spotify\spotify.exe (Spotify Ltd)
FirewallRules: [{88D82F9E-335B-48EB-AAA4-29FDB6AB566D}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
FirewallRules: [{8724220B-7072-4B56-9A8F-432F036A5FA9}] => (Allow) C:\Riot Games\League of Legends\LeagueClient.exe ()
FirewallRules: [{E89E3681-46E9-41CD-8112-C14F69EDA7B2}] => (Allow) C:\Riot Games\League of Legends\LeagueClient.exe ()
FirewallRules: [{16B66AF3-4791-48C2-9547-F5D5193E5BAD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tom Clancy's The Division\thedivision.exe (Ubisoft)
FirewallRules: [{8174C528-1376-453E-BC15-3DB9FE6BEB8E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tom Clancy's The Division\thedivision.exe (Ubisoft)
FirewallRules: [{65DABFC9-5B2B-4F23-AA42-7C2FBBE784F1}] => (Allow) C:\Program Files (x86)\SHAREit Technologies\SHAREit\SHAREit.exe (SHAREit Technologies Co.Ltd)
FirewallRules: [{9B2F1141-B02D-44B8-8F9E-FA3E41ECA665}] => (Allow) C:\Program Files (x86)\SHAREit Technologies\SHAREit\SHAREit.exe (SHAREit Technologies Co.Ltd)
FirewallRules: [{C802DD10-2AF5-4DA5-88B4-D1BCC7AE8C6C}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation)
FirewallRules: [UDP Query User{D1CFC3BA-6E65-49A3-84FC-A3FF19233A21}C:\program files (x86)\java\jre1.8.0_181\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre1.8.0_181\bin\javaw.exe (Oracle Corporation)
FirewallRules: [TCP Query User{68996E30-AE5B-4856-A0D1-0CFD2B8453D6}C:\program files (x86)\java\jre1.8.0_181\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre1.8.0_181\bin\javaw.exe (Oracle Corporation)
FirewallRules: [{CC987BF6-F36B-48F6-8CF7-A4817B454FFE}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corporation)
FirewallRules: [{4348069D-0743-4C48-BD4E-2F001E38C150}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corporation)
FirewallRules: [{171A1834-8CBF-42A8-BF5D-E1513054C60E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Half-Life\hl.exe (Valve)
FirewallRules: [{122129ED-02F3-4F31-8BB9-A89C3F173188}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Half-Life\hl.exe (Valve)
FirewallRules: [{D93DB467-6C46-496F-9B2F-6BD0F103B726}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
FirewallRules: [{A0E67CB0-2847-41AA-A619-880F9F27D9CF}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
FirewallRules: [{E0093705-0761-46D3-A27F-100EDAF2F3DE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Lords Of The Fallen\bin\LordsOfTheFallen.exe ()
FirewallRules: [{0268E647-BEB9-432B-A325-B84202AE9632}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Lords Of The Fallen\bin\LordsOfTheFallen.exe ()
FirewallRules: [{D91ED127-EFAB-474A-820D-D53970FFA06E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Desktop Mascot Engine\dme.exe ()
FirewallRules: [{7DEFD899-8CD1-4B8B-966B-DA0660BA724E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Desktop Mascot Engine\dme.exe ()
FirewallRules: [UDP Query User{4D81736A-C139-436A-B09A-80C8A62A3676}C:\games\crash bandicoot n sane trilogy\crashbandicootnsanetrilogy.exe] => (Allow) C:\games\crash bandicoot n sane trilogy\crashbandicootnsanetrilogy.exe ()
FirewallRules: [TCP Query User{8880AC4E-2B03-400A-BAC8-AB2F81EA07E8}C:\games\crash bandicoot n sane trilogy\crashbandicootnsanetrilogy.exe] => (Allow) C:\games\crash bandicoot n sane trilogy\crashbandicootnsanetrilogy.exe ()
FirewallRules: [{E134CF42-19DD-4EAE-99BB-1E7743ACCA0D}] => (Allow) C:\Program Files (x86)\Activision\Spider-Man(TM) - Dimensions\Game.exe (Beenox)
FirewallRules: [{0AE0CFD1-5C5F-4865-8837-47AD1AC835FC}] => (Allow) C:\Program Files (x86)\Activision\Spider-Man(TM) - Dimensions\Game.exe (Beenox)
FirewallRules: [UDP Query User{3084FEF7-5DA3-4138-B560-56FFA6196369}C:\program files (x86)\electronic arts\alice madness returns - the complete collection\game\alice2\binaries\win32\alicemadnessreturns.exe] => (Allow) C:\program files (x86)\electronic arts\alice madness returns - the complete collection\game\alice2\binaries\win32\alicemadnessreturns.exe (Electronic Arts, Inc.)
FirewallRules: [TCP Query User{98A83D20-7182-4FA0-B9EB-2085CD12A144}C:\program files (x86)\electronic arts\alice madness returns - the complete collection\game\alice2\binaries\win32\alicemadnessreturns.exe] => (Allow) C:\program files (x86)\electronic arts\alice madness returns - the complete collection\game\alice2\binaries\win32\alicemadnessreturns.exe (Electronic Arts, Inc.)
FirewallRules: [{E23B9CAB-5FE2-4AE7-9A15-E094F3027A2A}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (Disc Soft Ltd)
FirewallRules: [{3C8EEB0C-658E-4464-9AA9-ED3E922571A8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Bastion\Bastion.exe (Supergiant Games)
FirewallRules: [{70B2F279-06DA-47BA-89D8-85DF9DB9B53C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Bastion\Bastion.exe (Supergiant Games)
FirewallRules: [UDP Query User{E4E95A78-5BB6-4E7A-9264-DDD231AB79F7}C:\program files (x86)\ultimate control\ucontrol.exe] => (Allow) C:\program files (x86)\ultimate control\ucontrol.exe (NEGU Soft)
FirewallRules: [TCP Query User{63D2B9B6-FA20-42E8-960A-03A22B979DEE}C:\program files (x86)\ultimate control\ucontrol.exe] => (Allow) C:\program files (x86)\ultimate control\ucontrol.exe (NEGU Soft)
FirewallRules: [{BF9DC6F0-BBB0-4476-AC0E-01A255B96601}] => (Allow) C:\Users\FLORES\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.)
FirewallRules: [{9BA97CE8-8764-4926-B99C-6D0FAA02E171}] => (Allow) C:\Users\FLORES\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.)
FirewallRules: [{3CB807E1-A791-4529-95EC-165B232B99E7}] => (Allow) C:\Users\FLORES\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.)
FirewallRules: [{B826B43B-6CE9-4083-B427-BD63A66B812E}] => (Allow) C:\Users\FLORES\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.)
FirewallRules: [{95C654A5-2DFE-443E-A0F9-95BFAE2FEF06}] => (Allow) C:\Users\FLORES\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.)
FirewallRules: [{2AFB11B4-66FD-4161-83F1-7ECD8A06EE09}] => (Allow) C:\Users\FLORES\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.)
FirewallRules: [{DC736CA4-44EA-4FA7-8F06-04179C88ED80}] => (Allow) E:\AS4\Assassin's Creed IV Black Flag\AC4BFMP.exe ()
FirewallRules: [{A8F4B10E-6D5A-456F-A1A1-6264DF6519B4}] => (Allow) E:\AS4\Assassin's Creed IV Black Flag\AC4BFMP.exe ()
FirewallRules: [{DC5C5C94-632E-4684-8F83-0859C9AD5F22}] => (Allow) E:\AS4\Assassin's Creed IV Black Flag\AC4BFSP.exe ()
FirewallRules: [{EB3BB042-38B3-4A9A-8C96-7C78C450975A}] => (Allow) E:\AS4\Assassin's Creed IV Black Flag\AC4BFSP.exe ()
FirewallRules: [{C4CDA821-0B39-4B9D-9AA3-103D4291B7F9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\launcher.exe ()
FirewallRules: [{FA358D86-434E-478A-BA8B-5A88D34A9BBA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\launcher.exe ()
FirewallRules: [{B8867A6E-32AF-43C6-8ABC-F96D5B1839B0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Skyrim\SkyrimLauncher.exe (Bethesda Softworks)
FirewallRules: [{0AC49C79-0FDD-4855-A6B5-E84C6081428F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Skyrim\SkyrimLauncher.exe (Bethesda Softworks)
FirewallRules: [{B104B4F5-8B38-4E61-94DD-FA8A6994AC58}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Last Remnant\Binaries\TLR.exe ()
FirewallRules: [{3A0D1570-B035-44E8-A02D-D74BB2B84360}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Last Remnant\Binaries\TLR.exe ()
FirewallRules: [{ED09CBC4-1D53-4F34-9344-A1DBF4C18311}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe ()
FirewallRules: [{A2A8B81B-89BA-468D-BB0D-7FCCCA2C03E4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe ()
FirewallRules: [{BE22FB69-9703-4A14-BB98-F620D6C23D5D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Saints Row 2\SR2_pc.exe ()
FirewallRules: [{A0FECAC0-78A5-48F8-8375-9B3407CCC58C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Saints Row 2\SR2_pc.exe ()
FirewallRules: [{E67E3B01-F22C-4953-9F29-12DABAB0CFE2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Bayonetta\Bayonetta.exe ()
FirewallRules: [{028EE06F-9746-49EA-9205-A2E8BBF7E2F2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Bayonetta\Bayonetta.exe ()
FirewallRules: [{B8072015-51AF-4B7D-AA84-AC4499928851}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
FirewallRules: [{CBEC33B2-A20E-4FA5-B90D-6C0A06CC7253}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
FirewallRules: [{B1F0356C-277D-4DE8-8A64-E79F47EEFA31}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation)
FirewallRules: [{3625AF12-E075-41F7-83AA-C916D01ECB2C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation)
FirewallRules: [{C31AE236-9969-4062-ADEB-E4C3AD9C3C9F}] => (Allow) C:\Program Files\DriversCloud.com\DriversCloud.exe (CybelSoft)
FirewallRules: [{0A2BF7D2-A883-4AD4-BE1D-3FE19B1CF3AB}] => (Allow) C:\Program Files\DriversCloud.com\DriversCloud.exe (CybelSoft)
FirewallRules: [TCP Query User{22A0B35D-5C0A-4426-9685-8ED1EE1CB6B7}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN)
FirewallRules: [UDP Query User{22DB56AC-30C5-45E4-9A67-C055924DF070}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN)
FirewallRules: [{1F10DC9A-B134-422F-97DD-79FA74D0DD9B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Black Mesa\bms.exe ()
FirewallRules: [{FC41F178-4A5E-4C92-B69E-60EE339F39A2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Black Mesa\bms.exe ()
FirewallRules: [{6A6953FC-5437-4233-B27B-DE034B4D7722}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dark Souls II Scholar of the First Sin\Game\DarkSoulsII.exe (NAMCO BANDAI Games)
FirewallRules: [{2C426EC5-B0D6-4083-B6EF-CE9E1086F92A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dark Souls II Scholar of the First Sin\Game\DarkSoulsII.exe (NAMCO BANDAI Games)
FirewallRules: [{FEFE4E57-A728-4CB7-8660-8FB9FE4812E6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\bin\diagnostics32.exe ()
FirewallRules: [{773DF9B6-F042-4CEF-9A1E-6E23A7380A12}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\bin\diagnostics32.exe ()
FirewallRules: [{FA3C0396-792C-42FA-B9F6-544525DE3EC7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Hell Yeah\HELLYEAH.exe (Arkedo)
FirewallRules: [{411EC6F3-9890-456D-A62F-E14E3D1B2EA2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Hell Yeah\HELLYEAH.exe (Arkedo)
FirewallRules: [{9D5CF9B2-3DDA-4171-A529-5EFD796033BD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Outlast\OutlastLauncher.exe (Red Barrels Inc.)
FirewallRules: [{F22CB108-4642-4081-92C5-477479C8EA22}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Outlast\OutlastLauncher.exe (Red Barrels Inc.)
FirewallRules: [{618B1533-27BA-4CE8-B11B-B4F69784E269}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Silent Hill Homecoming\Bin\SilentHill.exe ()
FirewallRules: [{6404C442-446C-42A0-83DC-BEDAD2D0ED11}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Silent Hill Homecoming\Bin\SilentHill.exe ()
FirewallRules: [{AB15E112-52EC-4034-9D29-48D404B8EFA2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tales of Berseria\Tales of Berseria.exe ()
FirewallRules: [{5679A75D-9B92-40EB-B924-E6300313F687}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tales of Berseria\Tales of Berseria.exe ()
FirewallRules: [{6832E7A4-4923-4AF1-B6D5-E3FC3AC13990}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Walking Dead\WalkingDead101.exe (Telltale Games)
FirewallRules: [{0B5A5A32-8CA1-4090-A609-2D3FB2C3D45F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Walking Dead\WalkingDead101.exe (Telltale Games)
FirewallRules: [{A1431EFA-7ABB-48A8-8EC6-CBDAABD53979}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Yume Nikki\yumenikki\RPG_RT.exe (KADOKAWA GAMES)
FirewallRules: [{2AC1751D-32A7-4A2C-BF8E-C73D18B85281}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Yume Nikki\yumenikki\RPG_RT.exe (KADOKAWA GAMES)
FirewallRules: [{C13FDC68-CF84-4AA2-8BC7-08A78C65D67C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Darkness II\DarknessII.exe (Digital Extremes)
FirewallRules: [{07FF32B3-FD0F-4BB0-8ACF-E96A38757CEB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Darkness II\DarknessII.exe (Digital Extremes)
FirewallRules: [{55C1E8DE-DE56-4AB7-BE12-B3D75AB5E0F4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dark Souls Prepare to Die Edition\DATA\DARKSOULS.exe (NAMCO BANDAI Games Inc.)
FirewallRules: [{2410DF44-5390-41E6-B467-4CE4EF6D2A82}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dark Souls Prepare to Die Edition\DATA\DARKSOULS.exe (NAMCO BANDAI Games Inc.)
FirewallRules: [TCP Query User{BA06C13E-3ADE-4C8F-A392-D31B6B586087}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.179\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.179\deploy\leagueclient.exe ()
FirewallRules: [UDP Query User{AA325402-4B62-469C-892C-6DCDCB5A1DD1}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.179\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.179\deploy\leagueclient.exe ()
FirewallRules: [TCP Query User{9FB186D9-8964-4C65-B3B6-20F602CE1046}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.180\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.180\deploy\leagueclient.exe ()
FirewallRules: [UDP Query User{43C4DE9D-3168-40AA-900A-96FD8D53D9A9}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.180\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.180\deploy\leagueclient.exe ()
FirewallRules: [{1392BD2D-CC8F-4A8B-B123-5C7B0E56F75B}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Ltd)
FirewallRules: [{A4355683-DD51-4425-ABFF-6167E85E0E6F}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Ltd)

==================== Restore Points =========================

02-01-2019 09:04:22 Punto de control programado
08-01-2019 19:27:43 Windows Update
18-01-2019 20:47:39 Punto de control programado
18-01-2019 21:37:14 JRT Pre-Junkware Removal

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (01/18/2019 09:22:30 PM) (Source: SecurityCenter) (EventID: 17) (User: )
Description: Security Center no pudo validar al autor de la llamada con el error %1.


System errors:
=============
Error: (01/18/2019 09:38:13 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: El servicio NVIDIA LocalSystem Container terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 6000 milisegundos: Reiniciar el servicio.

Error: (01/18/2019 09:38:13 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: El servicio NVIDIA Display Container LS terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 6000 milisegundos: Reiniciar el servicio.

Error: (01/18/2019 09:37:59 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: La configuración de permisos específico de la aplicación no concede el permiso Iniciar Local para la aplicación de servidor COM con CLSID 
Windows.SecurityCenter.WscBrokerManager
 y APPID 
No disponible
 al usuario NT AUTHORITY\SYSTEM con SID (S-1-5-18) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.

Error: (01/18/2019 09:37:59 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: La configuración de permisos específico de la aplicación no concede el permiso Iniciar Local para la aplicación de servidor COM con CLSID 
Windows.SecurityCenter.SecurityAppBroker
 y APPID 
No disponible
 al usuario NT AUTHORITY\SYSTEM con SID (S-1-5-18) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.

Error: (01/18/2019 09:37:59 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: La configuración de permisos específico de la aplicación no concede el permiso Iniciar Local para la aplicación de servidor COM con CLSID 
Windows.SecurityCenter.SecurityAppBroker
 y APPID 
No disponible
 al usuario NT AUTHORITY\SYSTEM con SID (S-1-5-18) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.

Error: (01/18/2019 09:37:59 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: La configuración de permisos específico de la aplicación no concede el permiso Iniciar Local para la aplicación de servidor COM con CLSID 
Windows.SecurityCenter.WscDataProtection
 y APPID 
No disponible
 al usuario NT AUTHORITY\SYSTEM con SID (S-1-5-18) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.

Error: (01/18/2019 09:34:20 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: El servicio Servicio Hacer clic y ejecutar de Microsoft Office terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 0 milisegundos: Reiniciar el servicio.

Error: (01/18/2019 09:34:20 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: El servicio NVIDIA Telemetry Container terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 1000 milisegundos: Reiniciar el servicio.


Windows Defender:
===================================
Date: 2019-01-11 11:56:54.794
Description: 
El examen de Antivirus de Windows Defender se detuvo antes de completarse.
Id. de examen: {8BBD5617-17F1-4C76-BE58-4089A59DD891}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM

Date: 2019-01-11 11:33:36.405
Description: 
El examen de Antivirus de Windows Defender se detuvo antes de completarse.
Id. de examen: {F1987627-080B-4CB3-8CD8-6043333992F5}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM

Date: 2019-01-11 10:40:46.896
Description: 
El examen de Antivirus de Windows Defender se detuvo antes de completarse.
Id. de examen: {6499F728-00A3-429C-94C9-7FB3275DC14F}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM

Date: 2019-01-08 11:44:59.771
Description: 
El examen de Antivirus de Windows Defender se detuvo antes de completarse.
Id. de examen: {5323E235-0F0F-4580-994B-59B66C8F0F43}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM

Date: 2019-01-08 10:43:31.566
Description: 
El examen de Antivirus de Windows Defender se detuvo antes de completarse.
Id. de examen: {5D0EC64E-5370-484C-A949-8168BB347DD5}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM

Date: 2018-12-20 20:31:55.155
Description: 
Antivirus de Windows Defender encontró un error al intentar actualizar las firmas.
Nueva versión de firma: 
Versión de firma anterior: 1.283.1099.0
Origen de actualización: Servidor de Microsoft Update
Tipo de firma: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\SYSTEM
Versión de motor actual: 
Versión de motor anterior: 1.1.15500.2
Código de error: 0x80240016
Descripción del error: Se produjo un problema inesperado mientras se buscaban actualizaciones. Para obtener más información sobre cómo instalar o solucionar problemas en las actualizaciones, consulte Ayuda y soporte técnico. 

CodeIntegrity:
===================================

Date: 2019-01-18 21:33:04.482
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-01-18 21:33:04.464
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-01-18 21:33:04.440
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-01-18 21:33:04.424
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i5-4460 CPU @ 3.20GHz
Percentage of memory in use: 55%
Total physical RAM: 4001.54 MB
Available physical RAM: 1772.43 MB
Total Virtual: 8609.54 MB
Available Virtual: 5898.56 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:392.71 GB) (Free:59.38 GB) NTFS
Drive d: (TEISU) (Fixed) (Total:1863.01 GB) (Free:504.38 GB) NTFS
Drive e: () (Fixed) (Total:537.85 GB) (Free:71.08 GB) NTFS

\\?\Volume{8a0da14b-0000-0000-0000-100000000000}\ (Reservado para el sistema) (Fixed) (Total:0.1 GB) (Free:0.05 GB) NTFS
\\?\Volume{8a0da14b-0000-0000-0000-c03362000000}\ () (Fixed) (Total:0.85 GB) (Free:0.34 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 8A0DA14B)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=392.7 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=874 MB) - (Type=27)
Partition 4: (Not Active) - (Size=537.8 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 1863 GB) (Disk ID: 4EFFC304)
Partition 1: (Active) - (Size=1863 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

#4

Hola @Roberto94

Has vuelto rápido…:grinning:

1.- Desactiva temporalmente tu antivirus y cualquier programa de seguridad.

2.- Descarga UsbFix a tu escritorio :

  • Conecte todos sus dispositivos extraibles, USB/Pendrive\Micro SD, disco duro externo, etc.
  • Ejecute USBFix.exe

  • Una vez conectados todos sus dispositivos presione en "Ejecutar análisis."
  • Posteriormente seleccione “Full Análisis” y espere a que termine.
  • En caso de detectar amenazas, seleccione todo los elementos detectados y presione "Limpiar todo"
  • Si le pidiera reiniciar el sistema, Acepte .
  • Una vez que se reinicie el equipo, se abrirá el reporte de USBFix indicando lo detectado y lo eliminado.
  • Copie y pegue entero dicho reporte en su próxima respuesta (en caso de que no se abra, el reporte se guarda con el nombre de UsbFix_Report.txt en el Escritorio)

Una vez terminado el análisis, con todas las unidades conectadas, vuelva a ejecutar USBFix como Administrador, y vacune los mismos, siguiendo los pasos del Manual.


#5

He sufrido un cristo para poder abrir el block de notas correctamente, por alguna razon cuando lo abria estaba vacio, la cosa es que borro muchas cosas de MEGA al parecer, aunque nada relacionado a la carpeta “buda” aparentemente(o asi lo veo yo)

# ----------------------------------------------------
# UsbFix Antivirus Free
# ----------------------------------------------------
# Versión : 11.010
# Base de datos : 2018.11.28 
# Contacto : https://www.usb-antivirus.com/es/contacto
# ----------------------------------------------------
# Tipo de escaneo : Full
# Usuario : FLORES (Administrador)
# Dispositivo : DESKTOP-P9RORPM
# Comenzó : 19/01/2019 02:45:09
# ----------------------------------------------------

------------ | Discos analizados |

C:\	NTFS	(58GB/393GB)	[Fixed] 
D:\	NTFS	(504GB/1863GB)	[Fixed] 
E:\	NTFS	(71GB/538GB)	[Fixed] 

------------ | Elemento(s) infectado(s) |

~ Ningún elemento detectado ~

------------ | Run |

F2 - HKLM\..\Winlogon : [Shell] explorer.exe
F2 - [x64] HKLM\..\Winlogon : [Shell] explorer.exe
F2 - HKLM\..\Winlogon : [Userinit] C:\WINDOWS\system32\userinit.exe
F2 - [x64] HKLM\..\Winlogon : [Userinit] C:\Windows\system32\userinit.exe,
04 - HKCU\..\Run : [OneDrive] "C:\Users\FLORES\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
04 - HKCU\..\Run : [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
04 - HKCU\..\Run : [DAEMON Tools Lite Automount] "C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun
04 - HKCU\..\Run : [CCleaner Smart Cleaning] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
04 - HKCU\..\Run : [Spotify] C:\Users\FLORES\AppData\Roaming\Spotify\Spotify.exe --autostart --minimized
04 - HKLM\..\Run : [LeagueDisplays] C:\Riot Games\LeagueDisplays\assistant\LeagueDisplaysAssistant.exe /onWindowsStart
04 - HKLM\..\Run : [Ultimate Control] "C:\Program Files (x86)\Ultimate Control\ucontrol.exe" -h
04 - HKLM\..\Run : [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
04 - HKLM\..\Run : [Adobe Creative Cloud] "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
04 - HKLM\..\Run : [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe"
04 - [x64] HKLM\..\Run : [SecurityHealth] %windir%\system32\SecurityHealthSystray.exe
04 - [x64] HKLM\..\Run : [IAStorIcon] "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
04 - [x64] HKLM\..\Run : [XboxStat] "C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe" silentrun
04 - [x64] HKLM\..\Run : [AdobeGCInvoker-1.0] "C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe"
04 - [x64] HKLM\..\Run : [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
04 - [x64] HKLM\..\Run : [RTHDVCPL] "C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
04 - HKU\S-1-5-19\..\Run : [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup
04 - HKU\S-1-5-20\..\Run : [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup
04 - HKU\S-1-5-21-2780051163-1415925091-345908403-1001\..\Run : [OneDrive] "C:\Users\FLORES\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
04 - HKU\S-1-5-21-2780051163-1415925091-345908403-1001\..\Run : [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
04 - HKU\S-1-5-21-2780051163-1415925091-345908403-1001\..\Run : [DAEMON Tools Lite Automount] "C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun
04 - HKU\S-1-5-21-2780051163-1415925091-345908403-1001\..\Run : [CCleaner Smart Cleaning] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
04 - HKU\S-1-5-21-2780051163-1415925091-345908403-1001\..\Run : [Spotify] C:\Users\FLORES\AppData\Roaming\Spotify\Spotify.exe --autostart --minimized

------------ | Tasks |

Task - Adobe Acrobat Update Task --> C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
Task - AdobeAAMUpdater-1.0-DESKTOP-P9RORPM-FLORES --> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe -mode=scheduled
Task - AdobeGCInvoker-1.0-DESKTOP-P9RORPM-FLORES --> C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe -mode=scheduled
Task - CCleaner Update --> C:\Program Files\CCleaner\CCUpdate.exe
Task - CCleanerSkipUAC --> "C:\Program Files\CCleaner\CCleaner.exe" $(Arg0)
Task - GoogleUpdateTaskMachineCore --> C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
Task - GoogleUpdateTaskMachineUA --> C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
Task - Intel PTT EK Recertification --> "C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\IntelPTTEKRecertification.exe"
Task - NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} --> C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task - NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} --> C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task - NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} --> "C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe"
Task - NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} --> C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe --launcher=TaskScheduler
Task - NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} --> C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe
Task - NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} --> C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe
Task - NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} --> C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe
Task - NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} --> C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe /noshim
Task - NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} --> C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe /noshim
Task - NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} --> C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe /noshim
Task - NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} --> C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe
Task - OneDrive Standalone Update Task-S-1-5-21-2780051163-1415925091-345908403-1001 --> %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
Task - User_Feed_Synchronization-{0C907D51-FCDD-4A5D-A728-7715FF4F61B1} --> C:\Windows\system32\msfeedssync.exe sync

------------ | C:\ %SystemDrive% - Disco fijo (NTFS) |

[18/01/2019 - 21:35:13 | ASH | 1639032 Ko] - hiberfil.sys
[18/01/2019 - 21:35:16 | ASH | 4718592 Ko] - pagefile.sys
[18/01/2019 - 21:35:26 | ASH | 262144 Ko] - swapfile.sys
[17/12/2018 - 21:25:48 | AH | 0 Ko] - $WINRE_BACKUP_PARTITION.MARKER
[19/01/2019 - 02:31:53 | RASHD] - autorun.inf
[12/07/2018 - 13:39:24 | SHD] - $Recycle.Bin
[12/07/2018 - 02:31:17 | SHD] - Documents and Settings
[12/07/2018 - 02:31:17 | SHD] - Archivos de programa
[19/07/2018 - 19:20:40 | D] - Kaybo
[07/08/2018 - 12:48:53 | D] - AdwCleaner
[10/08/2018 - 21:10:09 | D] - June2010
[20/08/2018 - 06:29:02 | D] - ESD
[15/09/2018 - 02:33:50 | D] - PerfLogs
[10/10/2018 - 19:12:50 | D] - Game
[28/10/2018 - 13:59:42 | D] - Riot Games
[17/12/2018 - 22:14:48 | SHD] - Recovery
[17/12/2018 - 22:19:52 | RD] - Users
[21/12/2018 - 10:59:28 | D] - Games
[02/01/2019 - 10:55:09 | RD] - Program Files
[18/01/2019 - 21:38:17 | HD] - ProgramData
[18/01/2019 - 21:44:01 | D] - Windows
[18/01/2019 - 21:44:14 | D] - FRST
[19/01/2019 - 02:21:44 | RD] - Program Files (x86)

------------ | D:\ - Disco fijo (NTFS) |

[23/07/2010 - 13:40:30 | A | 133138 Ko] - BAKA AND BOING.rar
[10/12/2018 - 19:04:22 | A | 7461 Ko] - Sin título-1.png
[19/01/2019 - 02:31:56 | RASHD] - autorun.inf
[10/12/2018 - 13:19:26 | A | 23 Ko] - Formato Membrete y Ficha tecnica.docx
[31/12/2018 - 19:54:25 | D] - $RECYCLE.BIN
[10/12/2018 - 02:34:23 | A | 1562 Ko] - Sin título-2 [Recuperado].ai
[10/11/2018 - 09:29:23 | D] - found.001
[04/06/2014 - 17:41:34 | D] - buda
[19/11/2018 - 20:35:35 | D] - Manga
[02/12/2018 - 21:24:26 | D] - Programas
[05/12/2018 - 12:54:59 | D] - FFOutput
[05/12/2018 - 15:56:58 | D] - Exposicion
[10/12/2018 - 02:58:44 | D] - Dibujo
[10/12/2018 - 14:09:35 | D] - Final Tipografia
[14/12/2018 - 10:57:37 | D] - Final Grafica
[18/12/2018 - 23:24:08 | D] - DISEÑO GRAFICO
[22/12/2018 - 12:34:02 | D] - PSD's
[23/12/2018 - 16:08:08 | D] - ewe
[01/01/2019 - 17:41:01 | D] - Novelas Ligeras
[06/01/2019 - 19:54:40 | D] - DIBUJO-
[06/01/2019 - 23:29:37 | D] - Ordenar
[08/01/2019 - 00:46:57 | D] - SHAREit
[08/01/2019 - 00:57:34 | D] - DarkSouls
[17/01/2019 - 16:16:38 | D] - Peliculas
[18/01/2019 - 08:21:17 | D] - Anime
[18/01/2019 - 08:21:17 | D] - ??????????
[18/01/2019 - 21:25:35 | D] - Ultimate Anime Openings + Endings Compilation (FULL SONGS!) [8 Hour mix] [22 Years of Anime]

------------ | E:\ - Disco fijo (NTFS) |

[02/03/2018 - 09:07:26 | A | 101 Ko] - WhatsApp Image 2018-03-02 at 8.59.08 AM.jpeg
[02/03/2018 - 09:07:28 | A | 128 Ko] - WhatsApp Image 2018-03-02 at 8.59.10 AM.jpeg
[02/03/2018 - 09:07:33 | A | 137 Ko] - WhatsApp Image 2018-03-02 at 8.59.11 AM.jpeg
[02/03/2018 - 09:07:35 | A | 136 Ko] - WhatsApp Image 2018-03-02 at 8.59.11 AM (1).jpeg
[02/03/2018 - 09:07:38 | A | 104 Ko] - WhatsApp Image 2018-03-02 at 8.59.11 AM (2).jpeg
[02/03/2018 - 09:07:40 | A | 104 Ko] - WhatsApp Image 2018-03-02 at 8.59.11 AM (3).jpeg
[02/03/2018 - 09:07:42 | A | 101 Ko] - WhatsApp Image 2018-03-02 at 8.59.12 AM.jpeg
[02/03/2018 - 09:07:44 | A | 139 Ko] - WhatsApp Image 2018-03-02 at 8.59.12 AM (1).jpeg
[19/01/2019 - 02:31:56 | RASHD] - autorun.inf
[18/07/2018 - 21:03:14 | A | 14 Ko] - Señor Director.docx
[06/07/2018 - 15:45:47 | ASH | 728 Ko] - Thumbs.db
[12/07/2018 - 09:43:12 | SHD] - $RECYCLE.BIN
[30/07/2018 - 15:57:46 | D] - Dragon.Ball.FighterZ.V1.10
[22/12/2017 - 09:29:43 | D] - AS4
[10/02/2018 - 21:49:32 | D] - Nvidia Inspector
[17/02/2018 - 23:43:28 | D] - Wondershare Video Converter Ultimate
[02/03/2018 - 12:14:36 | D] - Fornite
[03/03/2018 - 11:57:18 | SHD] - Recovery
[07/03/2018 - 18:51:05 | D] - Bayonetta
[26/04/2018 - 00:35:15 | D] - Musica
[27/04/2018 - 10:34:09 | D] - DMC
[03/07/2018 - 19:03:56 | D] - Todo
[14/07/2018 - 22:12:22 | D] - Guarda3
[03/09/2018 - 00:02:55 | D] - Anime
[09/10/2018 - 08:16:11 | RD] - Peliculas
[15/10/2018 - 18:20:02 | D] - 101MSDCF
[02/12/2018 - 21:24:06 | D] - PHOTOSHOP CC 2017
[03/12/2018 - 08:43:01 | D] - Madre
[04/01/2019 - 14:56:00 | D] - DarkSouls

Elemento(s) infectado(s) : 0
Elementos analizados : 78523 en 00h 00m 09s

# UsbFix-Report-05.txt [10956B]

------------ | E.O.F  |

#6

Hola @Roberto94

Pudiste vacunar las Unidades con USBFix?

Ejecuta nuevamente FRST como lo hiciste anteriormente y nos pegas un reporte nuevo.

Salu2