Chrome abre ventanas solo


#1

Buenas tardes,

No se si será por culpa de algún malware o alguna otra razón, pero no encuentro la manera de solucionarlo, por lo que vengo a pediros ayuda. Ayer por la noche estaba haciendo un pedido en una conocida web de pedidos de comida a domicilio, cuando de repente Chrome empezó a hacer cosas raras. Las pestañas que tenia abiertas volvian automaticamente al estado de cuando abres una pestaña nueva, sin ninguna web en ella. Tuve que cerrarlas todas, pero entonces se abrian ventanas separadas de Chrome vacias sin si quiera hacer click en el icono. En ellas no aparecia ningún tipo de propaganda, ni web.

No he instalado ningun programa recientemente, ni ninguna extensión de navegador. Uso Windows 10 Education de 64 bits. Tengo instalado y actualizado Kaspersky Total Security, CCleaner configurado para que borre automaticamente al cerrar cada ventana de navegador los temporales y cookies, paso regularmente Spybot-S&D y uso su sistema de inmunización (que detecta todos los navegadores que tengo instalados menos Chrome), y he instalado y analizado el PC con Malwarebytes.

He usado la funcion de Chrome de Limpiar Ordenador, y finalmente Restaura los valores predeterminados originales de la configuración.

Pese a ello el problema persiste, volviendose a abrir las ventanas aunque las cierre, y cuando ya lleva 4 o 5 abiertas, las siguientes las abre en 1er plano impidiendo el uso normal del pc ya que vuelve al navegador aunque este en otro programa. Incluso hay veces que en la ventana que se abre, parece que se vuelva a abrir sin cerrar la ventana, como si estuviera refrescandose sola. En un par de segundos pueden abrirse 7 o 8 ventanas seguidas y si no lo paro a veces llega a llenar la pantalla, aun cuando el Administrador de Tareas no marca mas de 6 o 8 ventanas de Chrome abiertas. Por ejemplo el administrador cuenta 6 y hay abiertas 17.

Lo peor es que al cabo de un rato el problema parece extenderse al resto de navegadores, cuando al encender el navegador funcionan correctamente. Estoy en una web y de repente vuelve a la pagina vacia como si no tuviera ninguna url, incluso con varios refrescos automaticos. Creo observar eso si, que esto ultimo, si tengo mas de una pestaña abierta, ocurre solo con la que tengo activa en ese instante. Si cambio a otra que esté en otra web, entonces le hace lo mismo.

Podriais ayudarme a encontrar una solución? Gracias


#2

Hola y [email protected] al nuevo Forospyware

Realiza los siguientes pasos, , sin cambiar el orden

1) Descarga, actualiza y ejecuta Malwarebytes’ Anti-Malware,

Manual Malwarebytes , para que sepas usarlo y configurarlo.

  • Realiza un Análisis Personalizado, haciendo click en la sección “Analizar” y seguidamente haciendo click “Analisis personalizado” en y luego click en “Configurar análisis”, marcando Todas las casillas de la derecha y de la Izquierda actualizando si te lo pide.
  • Pulsar en “Eliminar Seleccionados” para enviarlo a la cuarentena y Reinicias el sistema.
  • Para acceder posteriormente al informe del análisis : Informes >> Registro de análisis >> Pulsar en >> Exportar >> Copiar al Portapapeles, y lo pegas en tu respuesta

2) Descarga Adwcleaner en el escritorio.

  • Desactiva tu antivirus :arrow_forward: Como deshabilitar temporalmente un antivirus y cualquier programa de seguridad.
  • Ejecuta Adwcleaner.exe (Si usas Windows Vista/7 u 8 presiona clic derecho y selecciona “Ejecutar como Administrador.”)
  • Pulsar en el botón Analizar Ahora, y espera a que se realice el proceso, inmediatamente pulsa sobre el botón Iniciar Reparacion.
  • Espera a que se complete y sigue las instrucciones, si te pidiera Reiniciar el sistema Aceptas.
  • Si no encuentra nada, pulsamos “Omitir Reparación”
  • El log lo encontramos en la pestaña “Informes”, volviendo a abrir el programa, si es necesario o en"C:\AdwCleaner\Logs\AdwCleaner[C0].txt"

Puedes mirar su manual >> Manual de Adwcleaner

3) Descarga Ccleaner. Aqui tienes manual para que sepas configurar y usarlo.

Instalalo y ejecútalo. En la pestaña limpiador dejas como esta configurada predeterminadamente, haces clic en analizar esperas que termine > clic en ejecutar limpiador. Clic en la pestaña Registro > clic en buscar problemas esperas que termine > clic en Reparar Seleccionadas y haces una copia de seguridad.

Pega los reportes de Malwarebytes, AdwCleaner y comentas como va el problema.

NOTA IMPORTANTE

Por Favor, mientras estemos desinfectando tu maquina o terminando de hacerlo :

  • No realices pasos/acciones que NOSOTROS no te hayamos indicado
  • No descargues NADA de Internet y/o conectes dispositivos externos a tu equipo.
  • No instales NADA(programas/software/complementos/extensiones del navegador…)
  • No ejecutes otros programas de seguridad (Antivirus, Antimalware, ANTINADA…)
  • No realices por tu cuenta otros procedimientos.
  • Usa tu equipo EXCLUSIVAMENTE para desinfectarlo siguiendo nuestras indicaciones.

:warning: Muy Importante :warning: Envuelve cada uno de los informes con una etiqueta escrita CODE_Inicial al inicio del informe y otra como este CODE_Final al final del mismo.

Saludos


#3

Este es el informe de Malwarebytes

Malwarebytes
www.malwarebytes.com

-Detalles del registro-
Fecha del análisis: 5/12/18
Hora del análisis: 20:15
Archivo de registro: 2f84a844-f8c2-11e8-95b7-08606e7c30bb.json

-Información del software-
Versión: 3.6.1.2711
Versión de los componentes: 1.0.482
Versión del paquete de actualización: 1.0.8183
Licencia: Prueba

-Información del sistema-
SO: Windows 10 (Build 17134.407)
CPU: x64
Sistema de archivos: NTFS
Usuario: ARGOS\Agust\u00c3\u00ad

-Resumen del análisis-
Tipo de análisis: Análisis personalizado
Análisis iniciado por:: Manual
Resultado: Completado
Objetos analizados: 866569
Amenazas detectadas: 122
Amenazas en cuarentena: 21
Tiempo transcurrido: 1 hr, 57 min, 23 seg

-Opciones de análisis-
Memoria: Activado
Inicio: Activado
Sistema de archivos: Activado
Archivo: Activado
Rootkits: Activado
Heurística: Activado
PUP: Detectar
PUM: Detectar

-Detalles del análisis-
Proceso: 0
(No hay elementos maliciosos detectados)

Módulo: 0
(No hay elementos maliciosos detectados)

Clave del registro: 0
(No hay elementos maliciosos detectados)

Valor del registro: 0
(No hay elementos maliciosos detectados)

Datos del registro: 0
(No hay elementos maliciosos detectados)

Secuencia de datos: 0
(No hay elementos maliciosos detectados)

Carpeta: 0
(No hay elementos maliciosos detectados)

Archivo: 122
RiskWare.BitCoinMiner, C:\USERS\AGUSTí\DESKTOP\0.3.4B\MINER.EXE, Sin acciones por parte del usuario, [691], [467508],1.0.8183
RiskWare.BitCoinMiner, C:\USERS\AGUSTí\CLAYMORE.S.DUAL.ETHEREUM.DECRED_SIACOIN_LBRY_PASCAL.AMD.NVIDIA.GPU.MINER.V10.0\REMOTE MANAGER\ETHMAN.EXE, Sin acciones por parte del usuario, [691], [556050],1.0.8183
RiskWare.BitCoinMiner, C:\USERS\AGUSTí\DESKTOP\MINERS\CCMINER_GALMOLI (VERT)\CCMINER.EXE, Sin acciones por parte del usuario, [691], [460781],1.0.8183
RiskWare.BitCoinMiner.Themida, C:\USERS\AGUSTí\DESKTOP\MINERS\CLAYMORE'S DUAL ETHEREUM+DECRED_SIACOIN_LBRY_PASCAL AMD+NVIDIA GPU MINER V10.5\CUDA7.5\ETHDCRMINER64.EXE, Sin acciones por parte del usuario, [7803], [480767],1.0.8183
Trojan.BitCoinMiner, C:\USERS\AGUSTí\DESKTOP\MINERS\CPUMINER-MULTI-REL1.3.1-X64\CPUMINER-GW64-COREI7.EXE, Sin acciones por parte del usuario, [569], [379756],1.0.8183
RiskWare.BitCoinMiner, C:\USERS\AGUSTí\CLAYMORE.S.DUAL.ETHEREUM.DECRED_SIACOIN_LBRY_PASCAL.AMD.NVIDIA.GPU.MINER.V10.0\ETHDCRMINER64.EXE, Sin acciones por parte del usuario, [691], [440778],1.0.8183
RiskWare.BitCoinMiner, C:\USERS\AGUSTí\DESKTOP\MINERS\XMR-STAK-WIN64\MINAR INTENSE\XMR-STAK.EXE, Sin acciones por parte del usuario, [691], [480140],1.0.8183
RiskWare.BitCoinMiner, C:\USERS\AGUSTí\DESKTOP\MINERS\XMR-STAK-WIN64\STELLITE\XMR-STAK.EXE, Sin acciones por parte del usuario, [691], [480140],1.0.8183
RiskWare.BitCoinMiner, C:\USERS\AGUSTí\DESKTOP\MINERS\XMR-STAK-WIN64\TURTLECOIN\XMR-STAK.EXE, Sin acciones por parte del usuario, [691], [480140],1.0.8183
PUP.Optional.BitCoinMiner, C:\USERS\AGUSTí\DESKTOP\NHML-1.8.1.6\BIN\CCMINER_NEOSCRYPT\CCMINER.EXE, En cuarentena, [1082], [96421],1.0.8183
RiskWare.BitCoinMiner, C:\USERS\AGUSTí\DESKTOP\NHML-1.8.1.6\BIN\XMR-STAK-CPU\XMR-STAK-CPU.EXE, En cuarentena, [691], [441416],1.0.8183
Trojan.BitCoinMiner, C:\USERS\AGUSTí\DESKTOP\NHML-1.8.1.6\BIN_3RDPARTY\CLAYMORE_CRYPTONIGHT_OLD\NSGPUCNMINER.EXE, En cuarentena, [569], [399446],1.0.8183
RiskWare.BitCoinMiner, C:\USERS\AGUSTí\DESKTOP\MINERS\CLAYMORE'S DUAL ETHEREUM+DECRED_SIACOIN_LBRY_PASCAL AMD+NVIDIA GPU MINER V10.2 (UBIQ)\REMOTE MANAGER\ETHMAN.EXE, Sin acciones por parte del usuario, [691], [556050],1.0.8183
RiskWare.BitCoinMiner, C:\USERS\AGUSTí\DESKTOP\NHML-1.8.1.6\BIN_3RDPARTY\EWBF\MINER.EXE, En cuarentena, [691], [467508],1.0.8183
RiskWare.BitCoinMiner, C:\USERS\AGUSTí\DESKTOP\MINERS\GARLIC\CPUMINER\MINERD.EXE, Sin acciones por parte del usuario, [691], [524997],1.0.8183
RiskWare.BitCoinMiner, C:\USERS\AGUSTí\DESKTOP\MINERS\XMR-STAK-WIN64\EDOLLAR\XMR-STAK.EXE, Sin acciones por parte del usuario, [691], [480140],1.0.8183
RiskWare.BitCoinMiner, C:\USERS\AGUSTí\DESKTOP\MINERS\XMR-STAK-WIN64\MINAR ELECTRONEUM\XMR-STAK.EXE, Sin acciones por parte del usuario, [691], [480140],1.0.8183
RiskWare.BitCoinMiner, C:\USERS\AGUSTí\DESKTOP\MINERS\CRYPTONOTE-EASY-MINER_V0.0.3\BINARIES\CPUMINER\64BIT\MINERD.EXE, Sin acciones por parte del usuario, [691], [75880],1.0.8183
RiskWare.BitCoinMiner, C:\USERS\AGUSTí\DESKTOP\MINERS\MINERO AEON\MINERO AEON AEON-POOL\XMR-STAK.EXE, Sin acciones por parte del usuario, [691], [480140],1.0.8183
RiskWare.BitCoinMiner, C:\USERS\AGUSTí\DESKTOP\MINERS\XMR-STAK-WIN64\LUKA\XMR-STAK.EXE, Sin acciones por parte del usuario, [691], [480140],1.0.8183
RiskWare.BitCoinMiner, C:\USERS\AGUSTí\DESKTOP\MINERS\XMR-STAK-WIN64\XMR-STAK MONEROHASHVAULT\XMR-STAK.EXE, Sin acciones por parte del usuario, [691], [480140],1.0.8183
RiskWare.BitCoinMiner, C:\USERS\AGUSTí\DESKTOP\MONERO-GUI-V0.11.1.0\MONERO-WALLET-CLI.EXE, Sin acciones por parte del usuario, [691], [516571],1.0.8183
RiskWare.BitCoinMiner, C:\USERS\AGUSTí\DESKTOP\NHML-1.8.1.6\BIN_3RDPARTY\CLAYMORE_CRYPTONIGHT\REMOTE MANAGER\ETHMAN.EXE, En cuarentena, [691], [556050],1.0.8183
RiskWare.BitCoinMiner, C:\USERS\AGUSTí\DESKTOP\NHML-1.8.1.6\BIN_3RDPARTY\CLAYMORE_ZCASH\REMOTE MANAGER\ETHMAN.EXE, En cuarentena, [691], [556050],1.0.8183
RiskWare.BitCoinMiner.Themida, C:\USERS\AGUSTí\DESKTOP\MINERS\CLAYMORE'S DUAL ETHEREUM+DECRED_SIACOIN_LBRY_PASCAL AMD+NVIDIA GPU MINER V10.5\ETHDCRMINER64.EXE, Sin acciones por parte del usuario, [7803], [480760],1.0.8183
RiskWare.BitCoinMiner, C:\USERS\AGUSTí\DESKTOP\MINERS\CPUMINER-MULTI-REL1.3.1-X64\CPUMINER-GW64-CORE2.EXE, Sin acciones por parte del usuario, [691], [371884],1.0.8183
Trojan.BitCoinMiner, C:\USERS\AGUSTí\DESKTOP\MINERS\MINAR MONERO NVIDIA\CCMINER.EXE, Sin acciones por parte del usuario, [569], [433294],1.0.8183
RiskWare.BitCoinMiner, C:\USERS\AGUSTí\DESKTOP\MINERS\MINERO AEON\MINAR AEON DREAMITSYSTEMS\XMR-STAK.EXE, Sin acciones por parte del usuario, [691], [480140],1.0.8183
RiskWare.BitCoinMiner, C:\USERS\AGUSTí\DESKTOP\MINERS\XMR-STAK-WIN64\FONERO\XMR-STAK.EXE, Sin acciones por parte del usuario, [691], [480140],1.0.8183
RiskWare.BitCoinMiner, C:\USERS\AGUSTí\DESKTOP\MINERS\XMR-STAK-WIN64\XMR-STAK CROAT\XMR-STAK.EXE, Sin acciones por parte del usuario, [691], [480140],1.0.8183
RiskWare.BitCoinMiner, C:\USERS\AGUSTí\DESKTOP\MONERO-GUI-V0.11.1.0\MONERO-WALLET-RPC.EXE, Sin acciones por parte del usuario, [691], [516571],1.0.8183
RiskWare.BitCoinMiner, C:\USERS\AGUSTí\DESKTOP\WALLETS\CCMINER-X64-2.2.4-CUDA9\CCMINER-X64.EXE, Sin acciones por parte del usuario, [691], [501365],1.0.8183
PUP.Optional.BitCoinMiner, C:\USERS\AGUSTí\DESKTOP\NHML-1.8.1.6\BIN\CCMINER_SP\CCMINER.EXE, En cuarentena, [1082], [96421],1.0.8183
RiskWare.BitCoinMiner, C:\USERS\AGUSTí\DESKTOP\WALLETS\FONERO-WALLET-GUI\FONERO-WALLET-CLI.EXE, Sin acciones por parte del usuario, [691], [516571],1.0.8183
RiskWare.BitCoinMiner.BatBitRst, C:\USERS\AGUSTí\DESKTOP\NHML-1.8.1.6\BIN_3RDPARTY\CLAYMORE_ZCASH\ZECMINER64.EXE, En cuarentena, [8488], [543799],1.0.8183
RiskWare.BitCoinMiner.Generic, C:\USERS\AGUSTí\DESKTOP\WALLETS\EDOLLAR-WIN64\EDOLLARD.EXE, Sin acciones por parte del usuario, [1628], [516625],1.0.8183
RiskWare.BitCoinMiner.Generic, C:\USERS\AGUSTí\DESKTOP\WALLETS\STELLITE\STELLITE-WALLET-CLI.EXE, Sin acciones por parte del usuario, [1628], [516625],1.0.8183
Trojan.BitCoinMiner, C:\USERS\AGUSTí\DESKTOP\XMR-STAK-MASTER\BUILD\BIN\RELEASE\XMR-STAK.EXE, Sin acciones por parte del usuario, [569], [484831],1.0.8183
RiskWare.BitCoinMiner.Generic, C:\USERS\AGUSTí\DESKTOP\WALLETS\STELLITE\STELLITE-WALLET-RPC.EXE, Sin acciones por parte del usuario, [1628], [516625],1.0.8183
RiskWare.BitCoinMiner, C:\USERS\AGUSTí\DESKTOP\YENTEN_WIN64_1.3.1\CPUMINER-OPT-3.7.9-WINDOWS\CPUMINER-SSE2.EXE, Sin acciones por parte del usuario, [691], [479852],1.0.8183
RiskWare.BitCoinMiner.Themida, C:\USERS\AGUSTí\DESKTOP\MINERS\CLAYMORE'S DUAL ETHEREUM+DECRED_SIACOIN_LBRY_PASCAL AMD+NVIDIA GPU MINER V10.5\CUDA6.5\ETHDCRMINER64.EXE, Sin acciones por parte del usuario, [7803], [480768],1.0.8183
RiskWare.BitCoinMiner, C:\USERS\AGUSTí\DESKTOP\MINERS\CLAYMORE'S DUAL ETHEREUM+DECRED_SIACOIN_LBRY_PASCAL AMD+NVIDIA GPU MINER V10.5\REMOTE MANAGER\ETHMAN.EXE, Sin acciones por parte del usuario, [691], [556050],1.0.8183
Trojan.BitCoinMiner, C:\USERS\AGUSTí\DESKTOP\MINERS\CPUMINER-MULTI-REL1.3.1-X64\CPUMINER-GW64-AVX2.EXE, Sin acciones por parte del usuario, [569], [578451],1.0.8183
RiskWare.BitCoinMiner, C:\USERS\AGUSTí\DESKTOP\MINERS\CCMINER-X64-2.2.4-CUDA9\CCMINER-X64.EXE, Sin acciones por parte del usuario, [691], [501365],1.0.8183
RiskWare.BitCoinMiner.Themida, C:\USERS\AGUSTí\DESKTOP\MINERS\CLAYMORE'S DUAL ETHEREUM+DECRED_SIACOIN_LBRY_PASCAL AMD+NVIDIA GPU MINER V10.5\CUDA9.1\ETHDCRMINER64.EXE, Sin acciones por parte del usuario, [7803], [480766],1.0.8183
RiskWare.BitCoinMiner, C:\USERS\AGUSTí\DESKTOP\MINERS\XMR-STAK-WIN64\MONERO\XMR-STAK.EXE, Sin acciones por parte del usuario, [691], [480140],1.0.8183
Generic.Malware/Suspicious, C:\USERS\AGUSTí\DESKTOP\MINERS\CRYPTONOTE-EASY-MINER_V0.0.3\CRYPTONOTEMINER.EXE, Sin acciones por parte del usuario, [0], [392686],1.0.8183
RiskWare.BitCoinMiner, C:\USERS\AGUSTí\DESKTOP\MINERS\XMR-STAK-WIN64 (MONERO)\XMR-STAK.EXE, Sin acciones por parte del usuario, [691], [480140],1.0.8183
RiskWare.BitCoinMiner, C:\USERS\AGUSTí\DESKTOP\NHML-1.8.1.6\BIN_3RDPARTY\CLAYMORE_DUAL\REMOTE MANAGER\ETHMAN.EXE, En cuarentena, [691], [556050],1.0.8183
RiskWare.BitCoinMiner, C:\USERS\AGUSTí\DESKTOP\NHML-1.8.1.6\NICEHASHMINERLEGACY.EXE, En cuarentena, [691], [485277],1.0.8183
RiskWare.BitCoinMiner, C:\USERS\AGUSTí\DESKTOP\NHML-1.8.1.6\BIN\CCMINER_TPRUVOT\CCMINER.EXE, En cuarentena, [691], [572497],1.0.8183
RiskWare.BitCoinMiner, C:\USERS\AGUSTí\DESKTOP\NHML-1.8.1.6\BIN\NHEQMINER_V0.4B\NHEQMINER.EXE, En cuarentena, [691], [500062],1.0.8183
RiskWare.Monero.Generic, C:\USERS\AGUSTí\DESKTOP\NHML-1.8.1.6\BIN\XMRIG\XMRIG.EXE, En cuarentena, [12519], [442220],1.0.8183
RiskWare.BitCoinMiner.Themida, C:\USERS\AGUSTí\DESKTOP\NHML-1.8.1.6\BIN_3RDPARTY\CLAYMORE_DUAL\ETHDCRMINER64.EXE, En cuarentena, [7803], [480760],1.0.8183
RiskWare.GameHack, C:\USERS\AGUSTí\DOWNLOADS\ADOBE.CREATIVE.CLOUD.COLLECTION.2018.SPA.MULTI\ADOBE CC (2018)\SETUP.EXE, Sin acciones por parte del usuario, [7770], [545288],1.0.8183
RiskWare.BitCoinMiner, C:\USERS\AGUSTí\DESKTOP\NHML-1.8.1.6\SETCPUAFF.EXE, En cuarentena, [691], [314153],1.0.8183
HackTool.FilePatch, C:\USERS\AGUSTí\DOWNLOADS\ADOBE.CREATIVE.CLOUD.COLLECTION.2018.SPA.MULTI\CRACK\ADOBE.PHOTOSHOP.CC.2018._X64_.PATCH-MPT.ZIP, Sin acciones por parte del usuario, [7811], [281135],1.0.8183
CrackTool.Agent, C:\USERS\AGUSTí\DOWNLOADS\ADOBE.CREATIVE.CLOUD.COLLECTION.2018.SPA.MULTI\CRACK\AMTEMU.V0.9.2.WIN-PAINTER.ZIP, Sin acciones por parte del usuario, [6136], [445980],1.0.8183
HackTool.Flooder, C:\USERS\AGUSTí\DOWNLOADS\ANONYMUS TOOLS\ANONYMOUS DOSER (1).RAR, En cuarentena, [7925], [364010],1.0.8183
HackTool.SQLInjector, C:\USERS\AGUSTí\DOWNLOADS\#ANONYMOUS\HAVIJ 1.13 PRO PORTABLE\HAVIJ 1.13 PRO PORTABLE.EXE, En cuarentena, [12106], [505710],1.0.8183
RiskWare.BitCoinMiner, C:\USERS\AGUSTí\DESKTOP\WALLETS\FONERO-WALLET-GUI\FONERO-WALLET-RPC.EXE, Sin acciones por parte del usuario, [691], [516571],1.0.8183
RiskWare.BitCoinMiner, C:\USERS\AGUSTí\GOOGLE DRIVE\XMR-STAK CROAT.ZIP, Sin acciones por parte del usuario, [691], [480140],1.0.8183
HackTool.Patcher, C:\USERS\AGUSTí\DOWNLOADS\ADOBE.CREATIVE.CLOUD.COLLECTION.2018.SPA.MULTI\CRACK\ADOBE.SNR.PATCH.V2.0-PAINTER.ZIP, Sin acciones por parte del usuario, [7826], [473286],1.0.8183
RiskWare.Tool.HCK, E:\PROGRAMAS IMPRESCINDIBLES\ADOBE CREATIVE CLOUD‎ 2017 MASTER COLLECTION INCL CRACK [SADEEMPC]\CRACK\CRACK.RAR, Sin acciones por parte del usuario, [7724], [69152],1.0.8183
CrackTool.Agent.X, E:\PROGRAMAS IMPRESCINDIBLES\ADOBE CREATIVE CLOUD‎ 2017 MASTER COLLECTION INCL CRACK [SADEEMPC]\CRACK\ADOBE_ACROBAT_PRO_DC_V2015_MULTI-XFORCE.RAR, Sin acciones por parte del usuario, [10933], [81145],1.0.8183
RiskWare.Tool.HCK, E:\PROGRAMAS IMPRESCINDIBLES\INSTALABLES ADOBE CC 2017\ADOBE.MUSE.CC.V2017.0.0.149.MULTI.WIN.INCL.CRACK-PAINTER\CRACK\ADOBE CC 2015 UNIVERSAL PATCHER 1.5\ADOBE.SNR.PATCH-PAINTER.EXE, Sin acciones por parte del usuario, [7724], [69152],1.0.8183
RiskWare.Agent.Keygen, E:\PROGRAMAS IMPRESCINDIBLES\INSTALABLES ADOBE CC 2017\ADOBE.MUSE.CC.V2017.0.0.149.MULTI.WIN.INCL.CRACK-PAINTER\CRACK\ADOBE CC 2015.5 XFORCE ACTIVATION\KEYGEN_XF-ADOBECC2015.EXE, Sin acciones por parte del usuario, [8047], [352875],1.0.8183
HackTool.Agent, E:\PROGRAMAS IMPRESCINDIBLES\INSTALABLES ADOBE CC 2017\ADOBE.MUSE.CC.V2017.0.0.149.MULTI.WIN.INCL.CRACK-PAINTER\CRACK\AMTEMU.V0.9.1.WIN-PAINTER.ZIP, Sin acciones por parte del usuario, [3908], [448498],1.0.8183
RiskWare.Agent.Keygen, E:\PROGRAMAS IMPRESCINDIBLES\INSTALABLES ADOBE CC 2017\ADOBE.PHOTOSHOP.CC.2017.V18.0.0.53.MULTI.INCL.CRACK-PAINTER (WIN-MAC)\ADOBE.PHOTOSHOP.CC.2017.V18.0.0.53.MULTI.WIN.INCL.CRACK-PAINTER\CRACK\ADOBE CC 2015.5 XFORCE ACTIVATION\KEYGEN_XF-ADOBECC2015.EXE, Sin acciones por parte del usuario, [8047], [352875],1.0.8183
RiskWare.Tool.HCK, E:\PROGRAMAS IMPRESCINDIBLES\INSTALABLES ADOBE CC 2017\ADOBE.PHOTOSHOP.CC.2017.V18.0.0.53.MULTI.INCL.CRACK-PAINTER (WIN-MAC)\ADOBE.PHOTOSHOP.CC.2017.V18.0.0.53.MULTI.WIN.INCL.CRACK-PAINTER\CRACK\ADOBE CC 2015 UNIVERSAL PATCHER 1.5\ADOBE.SNR.PATCH-PAINTER.EXE, Sin acciones por parte del usuario, [7724], [69152],1.0.8183
HackTool.Agent, E:\PROGRAMAS IMPRESCINDIBLES\INSTALABLES ADOBE CC 2017\ADOBE.PHOTOSHOP.CC.2017.V18.0.0.53.MULTI.INCL.CRACK-PAINTER (WIN-MAC)\ADOBE.PHOTOSHOP.CC.2017.V18.0.0.53.MULTI.WIN.INCL.CRACK-PAINTER\CRACK\AMTEMU.V0.9.1.WIN-PAINTER.ZIP, Sin acciones por parte del usuario, [3908], [448498],1.0.8183
CrackTool.Agent, E:\PROGRAMAS IMPRESCINDIBLES\ADOBE UNIVERSAL PATCHER 0.9.2.RAR, Sin acciones por parte del usuario, [6136], [445980],1.0.8183
RiskWare.Agent.Keygen, E:\DESCARGAS\TELEGRAM DESKTOP\#CERBERUS_PACK.RAR, En cuarentena, [8047], [352767],1.0.8183
PUP.Optional.PasswordTool, E:\DESCARGAS\TELEGRAM DESKTOP\CAIN Y ABEL.RAR, En cuarentena, [8511], [147330],1.0.8183
HackTool.FilePatch, E:\DESCARGAS\ELCOMSOFT PASSWORD RECOVERY BUNDLE FORENSIC EDITION 2015.01 - P2P [HELG420]\UPDATES 04.01.2015\ELCOMSOFT ADVANCED ARCHIVE PASSWORD RECOVERY 4.54.55 [ALL EDITIONS]\LICENSE\PATCHES-REPT.RAR, Sin acciones por parte del usuario, [7811], [281135],1.0.8183
RiskWare.BitCoinMiner, E:\DESCARGAS\CCMINER_GALMOLI.RAR, Sin acciones por parte del usuario, [691], [460781],1.0.8183
RiskWare.Tool.HCK, E:\DESCARGAS\ADOBE CC MÁS CRACK 2016.RAR, Sin acciones por parte del usuario, [7724], [69152],1.0.8183
Trojan.BitCoinMiner, E:\DESCARGAS\CCMINER-CRYPTONIGHT_20140926.ZIP, Sin acciones por parte del usuario, [569], [433294],1.0.8183
RiskWare.BitCoinMiner, E:\DESCARGAS\CCMINER-X64-2.2.4-CUDA9.7Z, Sin acciones por parte del usuario, [691], [501365],1.0.8183
RiskWare.BitCoinMiner, E:\DESCARGAS\CPUMINER-OPT-3.7.9-WINDOWS.ZIP, Sin acciones por parte del usuario, [691], [479852],1.0.8183
RiskWare.BitCoinMiner, E:\DESCARGAS\CCMINER-X64-2.2.4-CUDA9 (1).7Z, Sin acciones por parte del usuario, [691], [501365],1.0.8183
RiskWare.BitCoinMiner, E:\DESCARGAS\XMR-STAK-CPU-WIN64.ZIP, Sin acciones por parte del usuario, [691], [454898],1.0.8183
HackTool.Patcher, E:\DESCARGAS\ADOBE UNIVERSAL PATCHER 2017.RAR, Sin acciones por parte del usuario, [7826], [473286],1.0.8183
Trojan.BitCoinMiner, E:\DESCARGAS\CPUMINER-MULTI-REL1.3.1-X64.ZIP, Sin acciones por parte del usuario, [569], [578451],1.0.8183
RiskWare.BitCoinMiner, E:\DESCARGAS\CPUMINER-OPT-3.7.9-WINDOWS (1).ZIP, Sin acciones por parte del usuario, [691], [479852],1.0.8183
RiskWare.BitCoinMiner, E:\DESCARGAS\CGMINER-DECRED-W32_100216.ZIP, Sin acciones por parte del usuario, [691], [159631],1.0.8183
RiskWare.BitCoinMiner, E:\DESCARGAS\XMRIG-2.4.4-GCC-WIN64.ZIP, Sin acciones por parte del usuario, [691], [478192],1.0.8183
Trojan.BitCoinMiner, E:\DESCARGAS\XMRIG.ZIP, Sin acciones por parte del usuario, [569], [440603],1.0.8183
RiskWare.BitCoinMiner.Themida, E:\DESCARGAS\CLAYMORE'S DUAL ETHEREUM+DECRED_SIACOIN_LBRY_PASCAL AMD+NVIDIA GPU MINER V10.5 - CATALYST 15.12-17.X - CUDA 8.0_9.1_7.5_6.5.ZIP, Sin acciones por parte del usuario, [7803], [480768],1.0.8183
RiskWare.BitCoinMiner, E:\DESCARGAS\XMR-STAK-WIN64.ZIP, Sin acciones por parte del usuario, [691], [480140],1.0.8183
Trojan.BitCoinMiner, E:\DESCARGAS\ELECTRONEUM_POOL_MINER_V1.1_SETUP.EXE, Sin acciones por parte del usuario, [569], [470897],1.0.8183
RiskWare.BitCoinMiner.Generic, E:\DESCARGAS\EDOLLAR-WIN64.ZIP, Sin acciones por parte del usuario, [1628], [516625],1.0.8183
RiskWare.BitCoinMiner, E:\DESCARGAS\M-MINERD-64-WIN.ZIP, Sin acciones por parte del usuario, [691], [75880],1.0.8183
RiskWare.BitCoinMiner, E:\DESCARGAS\CLAYMORE'S DUAL ETHEREUM+DECRED_SIACOIN_LBRY_PASCAL AMD+NVIDIA GPU MINER V10.2 - CATALYST 15.12-17.X - CUDA 8.0_7.5_6.5.ZIP, Sin acciones por parte del usuario, [691], [556050],1.0.8183
RiskWare.BitCoinMiner, E:\DESCARGAS\CRYPTONOTE-EASY-MINER_V0.0.3.ZIP, Sin acciones por parte del usuario, [691], [75880],1.0.8183
RiskWare.BitCoinMiner, E:\DESCARGAS\XMR-STAK-WIN64 (1).ZIP, Sin acciones por parte del usuario, [691], [480140],1.0.8183
RiskWare.BitCoinMiner, E:\MONERO-GUI-V0.11.1.0\MONERO-WALLET-CLI.EXE, Sin acciones por parte del usuario, [691], [516571],1.0.8183
RiskWare.BitCoinMiner, E:\DESCARGAS\ZEC MINER 0.3.4B.ZIP, Sin acciones por parte del usuario, [691], [467508],1.0.8183
RiskWare.BitCoinMiner, E:\MONERO-GUI-V0.11.1.0\MONERO-WALLET-RPC.EXE, Sin acciones por parte del usuario, [691], [516571],1.0.8183
RiskWare.BitCoinMiner, E:\AGUSTí\DROPBOX\MINERO CRIPTOMONEDES\XMR-STAK-WIN64.ZIP, Sin acciones por parte del usuario, [691], [480140],1.0.8183
PUP.Optional.SAMInside, E:\AGUSTí\DROPBOX\SAMINSIDE.ZIP, En cuarentena, [7967], [299468],1.0.8183
HackTool.FilePatch, E:\AGUSTí\DROPBOX\ME_CS6.13.0.RAR, En cuarentena, [7811], [281135],1.0.8183
HackTool.Agent, E:\AGUSTí\DROPBOX\ADOBE.CS6.ALL.PRODUCTS.ACTIVATOR.(X32.Y.X64)_UP01-MPT.RAR, Sin acciones por parte del usuario, [3908], [1570],1.0.8183
Trojan.BitCoinMiner, E:\AGUSTí\DROPBOX\MINAR MONERO NVIDIA.RAR, Sin acciones por parte del usuario, [569], [433294],1.0.8183
Generic.Malware/Suspicious, C:\DOCUMENTS AND SETTINGS\PUBLIC\Desktop\BoxyCore.lnk, Sin acciones por parte del usuario, [0], [392686],1.0.8183
Generic.Malware/Suspicious, C:\PROGRAMDATA\Microsoft\Windows\Start Menu\Programs\BoxyCore.lnk, Sin acciones por parte del usuario, [0], [392686],1.0.8183
Generic.Malware/Suspicious, C:\USERS\PUBLIC\DESKTOP\BoxyCore.lnk, Sin acciones por parte del usuario, [0], [392686],1.0.8183
Generic.Malware/Suspicious, C:\PROGRAM FILES (X86)\BOXYCORE\BOXYCOREV1.03.EXE, Sin acciones por parte del usuario, [0], [392686],1.0.8183
Generic.Malware/Suspicious, E:\DESCARGAS\BOXYCORESETUPV.1.03.EXE, Sin acciones por parte del usuario, [0], [392686],1.0.8183
Generic.Malware/Suspicious, E:\DESCARGAS\CCMINER-2.0-BITCORE-X64-CUDA-7.5.7Z, Sin acciones por parte del usuario, [0], [392686],1.0.8183
Generic.Malware/Suspicious, E:\DESCARGAS\CPUMINER-OPT-3.7.8-WINDOWS-V2.ZIP, Sin acciones por parte del usuario, [0], [392686],1.0.8183
Generic.Malware/Suspicious, E:\DESCARGAS\AEON-0.9.14.0-WIN64.ZIP, Sin acciones por parte del usuario, [0], [392686],1.0.8183
Generic.Malware/Suspicious, E:\DESCARGAS\CPUMINER-OPT-3.7.10-WINDOWS.ZIP, Sin acciones por parte del usuario, [0], [392686],1.0.8183
Generic.Malware/Suspicious, E:\DESCARGAS\CCMINER-X64-2.2.3-CUDA9.7Z, Sin acciones por parte del usuario, [0], [392686],1.0.8183
Generic.Malware/Suspicious, E:\DESCARGAS\CATCOIN_0.9.3.0_WIN.ZIP, Sin acciones por parte del usuario, [0], [392686],1.0.8183
Generic.Malware/Suspicious, E:\PROGRAMAS IMPRESCINDIBLES\OFFICE.2016.PRO.PLUS.SPANISH.INCL.PROJECT.PRO.&.VISIO.PRO.VLSC (WIN32-WIN64)\ACTIVADORES\KMSAUTO.LITE.PORTABLE.V1.2.1.DC.03.08.15-RATIBORUS\KMSAUTO_LITE_PORTABLE_V1.2.1.ZIP, Sin acciones por parte del usuario, [0], [392686],1.0.8183
Generic.Malware/Suspicious, E:\DESCARGAS\SETUPDINASTYCOINEASYMINERFORDUMMY.ZIP, Sin acciones por parte del usuario, [0], [392686],1.0.8183
Generic.Malware/Suspicious, E:\DESCARGAS\SGMINER-GM.ZIP, Sin acciones por parte del usuario, [0], [392686],1.0.8183
Generic.Malware/Suspicious, E:\PROGRAMAS IMPRESCINDIBLES\OFFICE.2016.PRO.PLUS.SPANISH.INCL.PROJECT.PRO.&.VISIO.PRO.VLSC (WIN32-WIN64)\ACTIVADORES\KMSPICO.V10.1.7.FINAL-HELDIGARD\KMSPICO INSTALL\KMSPICO_SETUP.EXE, Sin acciones por parte del usuario, [0], [392686],1.0.8183
Generic.Malware/Suspicious, E:\DESCARGAS\CLAYMORE.S.DUAL.ETHEREUM.DECRED_SIACOIN_LBRY.AMD.NVIDIA.GPU.MINER.V7.3.ZIP, Sin acciones por parte del usuario, [0], [392686],1.0.8183
Generic.Malware/Suspicious, E:\PROGRAMAS IMPRESCINDIBLES\OFFICE.2016.PRO.PLUS.SPANISH.INCL.PROJECT.PRO.&.VISIO.PRO.VLSC (WIN32-WIN64)\ACTIVADORES\KMSAUTO.NET.2015.V1.3.9.PORTABLE-RATIBORUS\KMSAUTO NET 2015 V1.3.9 PORTABLE.ZIP, Sin acciones por parte del usuario, [0], [392686],1.0.8183
Generic.Malware/Suspicious, E:\AGUSTí\DROPBOX\APKS PARA DECOMPILAR\XMR-STAK-WIN64_MODCROAT.ZIP, Sin acciones por parte del usuario, [0], [392686],1.0.8183

Sector físico: 0
(No hay elementos maliciosos detectados)

WMI: 0
(No hay elementos maliciosos detectados)


(end) 

He deseleccionado los mineros que tengo en mi pc desde hace tiempo. Los tengo a sabiendas, de forma consciente ya que hice pruebas de mineria con diferentes monedas. Hace meseses que los tengo en el PC y no habia tenido ningun problema. Al empezar justo ayer, creo que puedo descartarlos como foco del problema.

Aquí esta el informe de AdwCleaner

# -------------------------------
# Malwarebytes AdwCleaner 7.2.5.0
# -------------------------------
# Build:    11-26-2018
# Database: 2018-12-03.1 (Cloud)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start:    12-06-2018
# Duration: 00:00:19
# OS:       Windows 10 Education
# Scanned:  32298
# Detected: 0


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.


AdwCleaner[S00].txt - [4366 octets] - [05/12/2018 20:01:48]
AdwCleaner[C00].txt - [3990 octets] - [05/12/2018 20:09:20]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S01].txt ##########

Y finalmente he limpiado con el CCleaner tanto los archivos como el registro.

El problema sigue, incluso mientras escribo esto tengo que copiar y pegar porque cada cierto tiempo el navegador se “autoreferesca” y sale otra vez como acabado de abrir, teniendo que volver a la pagina con las flechas del navegador cuando este para de hacer el loco y sale del bucle.

Lo que he notado es que a Chrome lo afecta abriendo ventanas independientes, y a Firefox volviendo a la pagina vacia de cuando abro el navegador.

Espero sirva para que me ayudeis a encontrar una solución.


#4

Veo que no habías visto que estos programas para “minar” monedas te instalaron Troyanos (Trojan.BitoinMner) estos podrían ser el causante de que se abran las ventanas, también veo que tienes varios cracks/programas piratas.

Es que como ya te mencione anteriormente… tienes varios troyanos en tu computadora, pero no significa que por que tengas varios meses y no pase nada no significa que ellos no son los causantes… Puede ser que el atacante se dio cuenta que una victima a caído en su trampa y logro instalar este malware. AdwCleaner no detecto nada raro…


#5

Entonces que tengo que hacer? Eliminar todo? incluidas las wallets con lo minado? Eso lo solucionara?


#6

Vuelve a repetir detalladamente el paso indicado de Malwarebytes, esta vez una vez que termine el analisis con lo encontrado, envialo a cuarentena.

Por ahora, no sabremos si es este el causante o otro problema.


#7

Estoy pasando el malwarebytes, pero mientras tanto como afecta a los navegadores he echo un netstat -a y os copio el resultado por si ayuda. Como cosa sospechosa he visto que salen varias entradas de “coin-hive” el javascript que usan ciertas webs para minar. Podria ser que los administradores de la web o algun tercero haya introducido ese codigo en la web y por eso me pase justo desde que la visité?

Conexiones activas

  Proto  Dirección local        Dirección remota       Estado
  TCP    0.0.0.0:7              coin-hive:0            LISTENING
  TCP    0.0.0.0:9              coin-hive:0            LISTENING
  TCP    0.0.0.0:13             coin-hive:0            LISTENING
  TCP    0.0.0.0:17             coin-hive:0            LISTENING
  TCP    0.0.0.0:19             coin-hive:0            LISTENING
  TCP    0.0.0.0:135            coin-hive:0            LISTENING
  TCP    0.0.0.0:445            coin-hive:0            LISTENING
  TCP    0.0.0.0:1536           coin-hive:0            LISTENING
  TCP    0.0.0.0:1537           coin-hive:0            LISTENING
  TCP    0.0.0.0:1538           coin-hive:0            LISTENING
  TCP    0.0.0.0:1539           coin-hive:0            LISTENING
  TCP    0.0.0.0:1544           coin-hive:0            LISTENING
  TCP    0.0.0.0:1545           coin-hive:0            LISTENING
  TCP    0.0.0.0:5040           coin-hive:0            LISTENING
  TCP    0.0.0.0:17500          coin-hive:0            LISTENING
  TCP    0.0.0.0:27036          coin-hive:0            LISTENING
  TCP    127.0.0.1:843          coin-hive:0            LISTENING
  TCP    127.0.0.1:1546         coin-hive:0            LISTENING
  TCP    127.0.0.1:1547         coin-hive:0            LISTENING
  TCP    127.0.0.1:1547         192:5737               ESTABLISHED
  TCP    127.0.0.1:1547         192:5738               ESTABLISHED
  TCP    127.0.0.1:1547         192:5739               ESTABLISHED
  TCP    127.0.0.1:3204         192:65001              ESTABLISHED
  TCP    127.0.0.1:3257         coin-hive:0            LISTENING
  TCP    127.0.0.1:3264         192:3265               ESTABLISHED
  TCP    127.0.0.1:3265         192:3264               ESTABLISHED
  TCP    127.0.0.1:3472         192:3473               ESTABLISHED
  TCP    127.0.0.1:3473         192:3472               ESTABLISHED
  TCP    127.0.0.1:3482         192:3483               ESTABLISHED
  TCP    127.0.0.1:3483         192:3482               ESTABLISHED
  TCP    127.0.0.1:3494         192:3495               ESTABLISHED
  TCP    127.0.0.1:3495         192:3494               ESTABLISHED
  TCP    127.0.0.1:4530         192:4531               ESTABLISHED
  TCP    127.0.0.1:4531         192:4530               ESTABLISHED
  TCP    127.0.0.1:4984         192:4985               ESTABLISHED
  TCP    127.0.0.1:4985         192:4984               ESTABLISHED
  TCP    127.0.0.1:5037         coin-hive:0            LISTENING
  TCP    127.0.0.1:5568         192:5569               ESTABLISHED
  TCP    127.0.0.1:5569         192:5568               ESTABLISHED
  TCP    127.0.0.1:5613         192:5614               ESTABLISHED
  TCP    127.0.0.1:5614         192:5613               ESTABLISHED
  TCP    127.0.0.1:5718         192:1547               TIME_WAIT
  TCP    127.0.0.1:5719         192:1547               TIME_WAIT
  TCP    127.0.0.1:5737         192:1547               ESTABLISHED
  TCP    127.0.0.1:5738         192:1547               ESTABLISHED
  TCP    127.0.0.1:5739         192:1547               ESTABLISHED
  TCP    127.0.0.1:6341         coin-hive:0            LISTENING
  TCP    127.0.0.1:6342         coin-hive:0            LISTENING
  TCP    127.0.0.1:15292        coin-hive:0            LISTENING
  TCP    127.0.0.1:17600        coin-hive:0            LISTENING
  TCP    127.0.0.1:21320        coin-hive:0            LISTENING
  TCP    127.0.0.1:21321        coin-hive:0            LISTENING
  TCP    127.0.0.1:21322        coin-hive:0            LISTENING
  TCP    127.0.0.1:21323        coin-hive:0            LISTENING
  TCP    127.0.0.1:21327        coin-hive:0            LISTENING
  TCP    127.0.0.1:27060        coin-hive:0            LISTENING
  TCP    127.0.0.1:43227        coin-hive:0            LISTENING
  TCP    127.0.0.1:65000        coin-hive:0            LISTENING
  TCP    127.0.0.1:65001        coin-hive:0            LISTENING
  TCP    127.0.0.1:65001        192:3204               ESTABLISHED
  TCP    192.168.1.189:139      coin-hive:0            LISTENING
  TCP    192.168.1.189:3206     server-13-33-232-168:https  CLOSE_WAIT
  TCP    192.168.1.189:3208     212.73.235.16:https    ESTABLISHED
  TCP    192.168.1.189:3209     212.73.235.16:https    ESTABLISHED
  TCP    192.168.1.189:3227     40.67.252.206:https    ESTABLISHED
  TCP    192.168.1.189:3312     40.67.253.249:https    ESTABLISHED
  TCP    192.168.1.189:3323     lu3:https              ESTABLISHED
  TCP    192.168.1.189:3325     lu3:https              ESTABLISHED
  TCP    192.168.1.189:3328     wb-in-f125:5222        ESTABLISHED
  TCP    192.168.1.189:3329     mad07s09-in-f10:https  CLOSE_WAIT
  TCP    192.168.1.189:3332     mad07s09-in-f10:https  CLOSE_WAIT
  TCP    192.168.1.189:3348     155.133.230.34:27021   ESTABLISHED
  TCP    192.168.1.189:3488     162.125.68.4:https     CLOSE_WAIT
  TCP    192.168.1.189:3489     162.125.68.4:https     CLOSE_WAIT
  TCP    192.168.1.189:3491     162.125.68.3:https     CLOSE_WAIT
  TCP    192.168.1.189:4532     104.24.30.22:https     ESTABLISHED
  TCP    192.168.1.189:4868     162.125.18.133:https   ESTABLISHED
  TCP    192.168.1.189:5127     server-143-204-192-67:https  CLOSE_WAIT
  TCP    192.168.1.189:5257     162.125.18.133:https   ESTABLISHED
  TCP    192.168.1.189:5385     mad08s05-in-f10:https  CLOSE_WAIT
  TCP    192.168.1.189:5416     ec2-35-172-7-61:https  CLOSE_WAIT
  TCP    192.168.1.189:5554     152.199.19.161:https   CLOSE_WAIT
  TCP    192.168.1.189:5578     a92-122-45-168:https   CLOSE_WAIT
  TCP    192.168.1.189:5617     mad08s06-in-f2:https   ESTABLISHED
  TCP    192.168.1.189:5677     server-54-240-186-128:https  TIME_WAIT
  TCP    192.168.1.189:5679     93.184.220.29:http     TIME_WAIT
  TCP    192.168.1.189:5680     162.125.68.3:https     CLOSE_WAIT
  TCP    192.168.1.189:5681     162.125.68.7:https     CLOSE_WAIT
  TCP    192.168.1.189:5682     162.125.33.7:https     CLOSE_WAIT
  TCP    192.168.1.189:5683     mad08s04-in-f4:https   ESTABLISHED
  TCP    192.168.1.189:5693     mad07s09-in-f4:https   ESTABLISHED
  TCP    192.168.1.189:5694     mad08s04-in-f14:https  ESTABLISHED
  TCP    192.168.1.189:5695     mad06s09-in-f142:https  ESTABLISHED
  TCP    192.168.1.189:5696     mad08s04-in-f3:https   ESTABLISHED
  TCP    192.168.1.189:5697     151.101.132.134:https  ESTABLISHED
  TCP    192.168.1.189:5698     151.101.132.134:https  ESTABLISHED
  TCP    192.168.1.189:5699     104.28.19.197:https    ESTABLISHED
  TCP    192.168.1.189:5700     mad07s09-in-f3:https   ESTABLISHED
  TCP    192.168.1.189:5701     ec2-54-148-138-18:https  ESTABLISHED
  TCP    192.168.1.189:5702     151.101.192.134:https  ESTABLISHED
  TCP    192.168.1.189:5703     151.101.132.134:https  ESTABLISHED
  TCP    192.168.1.189:5704     151.101.64.233:https   ESTABLISHED
  TCP    192.168.1.189:5705     104.16.80.166:https    ESTABLISHED
  TCP    192.168.1.189:5706     arn02s06-in-f182:https  ESTABLISHED
  TCP    192.168.1.189:5707     mad06s10-in-f1:https   ESTABLISHED
  TCP    192.168.1.189:5708     185.43.181.50:http     TIME_WAIT
  TCP    192.168.1.189:5709     81.19.104.84:https     TIME_WAIT
  TCP    192.168.1.189:5710     mad07s10-in-f10:https  TIME_WAIT
  TCP    192.168.1.189:5712     mad07s09-in-f3:https   TIME_WAIT
  TCP    192.168.1.189:5713     mad08s04-in-f3:https   TIME_WAIT
  TCP    192.168.1.189:5715     mad01s24-in-f13:https  TIME_WAIT
  TCP    192.168.1.189:5716     mad06s09-in-f142:https  TIME_WAIT
  TCP    192.168.1.189:5721     mad07s10-in-f14:https  TIME_WAIT
  TCP    192.168.1.189:5723     77.74.177.176:https    TIME_WAIT
  TCP    192.168.1.189:5726     62.67.238.136:https    TIME_WAIT
  TCP    192.168.1.189:5728     mad06s10-in-f3:https   TIME_WAIT
  TCP    192.168.1.189:5729     mad08s04-in-f3:https   ESTABLISHED
  TCP    192.168.1.189:5730     mad07s10-in-f10:https  ESTABLISHED
  TCP    192.168.1.189:5731     wm-in-f188:5228        ESTABLISHED
  TCP    192.168.1.189:5732     mad07s09-in-f3:https   ESTABLISHED
  TCP    192.168.1.189:5735     mad06s09-in-f142:https  ESTABLISHED
  TCP    192.168.1.189:5736     mad06s09-in-f142:https  ESTABLISHED
  TCP    192.168.1.189:5741     mad07s10-in-f14:https  ESTABLISHED
  TCP    192.168.1.189:5742     mad06s10-in-f3:https   ESTABLISHED
  TCP    192.168.1.189:5743     mad06s10-in-f3:https   ESTABLISHED
  TCP    192.168.1.189:5744     mad06s10-in-f3:https   ESTABLISHED
  TCP    [::]:7                 ARGOS:0                LISTENING
  TCP    [::]:9                 ARGOS:0                LISTENING
  TCP    [::]:13                ARGOS:0                LISTENING
  TCP    [::]:17                ARGOS:0                LISTENING
  TCP    [::]:19                ARGOS:0                LISTENING
  TCP    [::]:135               ARGOS:0                LISTENING
  TCP    [::]:445               ARGOS:0                LISTENING
  TCP    [::]:1536              ARGOS:0                LISTENING
  TCP    [::]:1537              ARGOS:0                LISTENING
  TCP    [::]:1538              ARGOS:0                LISTENING
  TCP    [::]:1539              ARGOS:0                LISTENING
  TCP    [::]:1544              ARGOS:0                LISTENING
  TCP    [::]:1545              ARGOS:0                LISTENING
  TCP    [::]:17500             ARGOS:0                LISTENING
  UDP    0.0.0.0:7              *:*
  UDP    0.0.0.0:9              *:*
  UDP    0.0.0.0:13             *:*
  UDP    0.0.0.0:17             *:*
  UDP    0.0.0.0:19             *:*
  UDP    0.0.0.0:500            *:*
  UDP    0.0.0.0:3702           *:*
  UDP    0.0.0.0:3702           *:*
  UDP    0.0.0.0:4500           *:*
  UDP    0.0.0.0:5050           *:*
  UDP    0.0.0.0:5353           *:*
  UDP    0.0.0.0:5353           *:*
  UDP    0.0.0.0:5353           *:*
  UDP    0.0.0.0:5355           *:*
  UDP    0.0.0.0:17500          *:*
  UDP    0.0.0.0:27036          *:*
  UDP    0.0.0.0:49372          *:*
  UDP    0.0.0.0:63248          *:*
  UDP    0.0.0.0:64805          *:*
  UDP    127.0.0.1:1900         *:*
  UDP    127.0.0.1:48301        *:*
  UDP    127.0.0.1:49664        *:*
  UDP    127.0.0.1:49665        *:*
  UDP    127.0.0.1:49666        *:*
  UDP    127.0.0.1:49667        *:*
  UDP    127.0.0.1:51153        *:*
  UDP    127.0.0.1:51239        *:*
  UDP    127.0.0.1:53850        *:*
  UDP    127.0.0.1:53851        *:*
  UDP    127.0.0.1:54149        *:*
  UDP    127.0.0.1:63466        *:*
  UDP    127.0.0.1:65000        *:*
  UDP    192.168.1.189:137      *:*
  UDP    192.168.1.189:138      *:*
  UDP    192.168.1.189:1900     *:*
  UDP    192.168.1.189:5353     *:*
  UDP    192.168.1.189:51152    *:*
  UDP    [::]:7                 *:*
  UDP    [::]:9                 *:*
  UDP    [::]:13                *:*
  UDP    [::]:17                *:*
  UDP    [::]:19                *:*
  UDP    [::]:500               *:*
  UDP    [::]:3702              *:*
  UDP    [::]:3702              *:*
  UDP    [::]:4500              *:*
  UDP    [::]:5353              *:*
  UDP    [::]:5353              *:*
  UDP    [::]:5355              *:*
  UDP    [::]:27036             *:*
  UDP    [::]:63249             *:*
  UDP    [::]:64806             *:*
  UDP    [::1]:1900             *:*
  UDP    [::1]:5353             *:*
  UDP    [::1]:51151            *:*
  UDP    [fe80::c078:aecd:6192:9901%6]:1900  *:*
  UDP    [fe80::c078:aecd:6192:9901%6]:51150  *:*

#8

Este es el resultado del nuevo pase de Malwarebytes con todo seleccionado

Malwarebytes
www.malwarebytes.com

-Detalles del registro-
Fecha del análisis: 6/12/18
Hora del análisis: 12:53
Archivo de registro: 9177d996-f94d-11e8-a8b2-08606e7c30bb.json

-Información del software-
Versión: 3.6.1.2711
Versión de los componentes: 1.0.482
Versión del paquete de actualización: 1.0.8191
Licencia: Prueba

-Información del sistema-
SO: Windows 10 (Build 17134.407)
CPU: x64
Sistema de archivos: NTFS
Usuario: ARGOS\Agust\u00c3\u00ad

-Resumen del análisis-
Tipo de análisis: Análisis personalizado
Análisis iniciado por:: Manual
Resultado: Completado
Objetos analizados: 858822
Amenazas detectadas: 66
Amenazas en cuarentena: 66
Tiempo transcurrido: 2 hr, 28 min, 48 seg

-Opciones de análisis-
Memoria: Activado
Inicio: Activado
Sistema de archivos: Activado
Archivo: Activado
Rootkits: Activado
Heurística: Activado
PUP: Detectar
PUM: Detectar

-Detalles del análisis-
Proceso: 0
(No hay elementos maliciosos detectados)

Módulo: 0
(No hay elementos maliciosos detectados)

Clave del registro: 0
(No hay elementos maliciosos detectados)

Valor del registro: 0
(No hay elementos maliciosos detectados)

Datos del registro: 0
(No hay elementos maliciosos detectados)

Secuencia de datos: 0
(No hay elementos maliciosos detectados)

Carpeta: 0
(No hay elementos maliciosos detectados)

Archivo: 66
RiskWare.BitCoinMiner, C:\USERS\AGUSTí\CLAYMORE.S.DUAL.ETHEREUM.DECRED_SIACOIN_LBRY_PASCAL.AMD.NVIDIA.GPU.MINER.V10.0\REMOTE MANAGER\ETHMAN.EXE, En cuarentena, [691], [556050],1.0.8191
RiskWare.BitCoinMiner.Themida, C:\USERS\AGUSTí\DESKTOP\MINERS\CLAYMORE'S DUAL ETHEREUM+DECRED_SIACOIN_LBRY_PASCAL AMD+NVIDIA GPU MINER V10.5\CUDA6.5\ETHDCRMINER64.EXE, En cuarentena, [7802], [480768],1.0.8191
RiskWare.BitCoinMiner, C:\USERS\AGUSTí\DESKTOP\MINERS\CLAYMORE'S DUAL ETHEREUM+DECRED_SIACOIN_LBRY_PASCAL AMD+NVIDIA GPU MINER V10.5\REMOTE MANAGER\ETHMAN.EXE, En cuarentena, [691], [556050],1.0.8191
Trojan.BitCoinMiner, C:\USERS\AGUSTí\DESKTOP\MINERS\CPUMINER-MULTI-REL1.3.1-X64\CPUMINER-GW64-AVX2.EXE, En cuarentena, [569], [578451],1.0.8191
RiskWare.BitCoinMiner, C:\USERS\AGUSTí\DESKTOP\MINERS\XMR-STAK-WIN64\MONERO\XMR-STAK.EXE, En cuarentena, [691], [480140],1.0.8191
RiskWare.BitCoinMiner, C:\USERS\AGUSTí\DESKTOP\MINERS\CLAYMORE'S DUAL ETHEREUM+DECRED_SIACOIN_LBRY_PASCAL AMD+NVIDIA GPU MINER V10.2 (UBIQ)\REMOTE MANAGER\ETHMAN.EXE, En cuarentena, [691], [556050],1.0.8191
RiskWare.BitCoinMiner, C:\USERS\AGUSTí\DESKTOP\MINERS\GARLIC\CPUMINER\MINERD.EXE, En cuarentena, [691], [524997],1.0.8191
RiskWare.BitCoinMiner, C:\USERS\AGUSTí\DESKTOP\MINERS\XMR-STAK-WIN64\EDOLLAR\XMR-STAK.EXE, En cuarentena, [691], [480140],1.0.8191
RiskWare.BitCoinMiner, C:\USERS\AGUSTí\DESKTOP\MINERS\XMR-STAK-WIN64\MINAR ELECTRONEUM\XMR-STAK.EXE, En cuarentena, [691], [480140],1.0.8191
RiskWare.BitCoinMiner, C:\USERS\AGUSTí\DESKTOP\0.3.4B\MINER.EXE, En cuarentena, [691], [467508],1.0.8191
RiskWare.BitCoinMiner, C:\USERS\AGUSTí\DESKTOP\MINERS\CCMINER_GALMOLI (VERT)\CCMINER.EXE, En cuarentena, [691], [460781],1.0.8191
RiskWare.BitCoinMiner.Themida, C:\USERS\AGUSTí\DESKTOP\MINERS\CLAYMORE'S DUAL ETHEREUM+DECRED_SIACOIN_LBRY_PASCAL AMD+NVIDIA GPU MINER V10.5\CUDA7.5\ETHDCRMINER64.EXE, En cuarentena, [7802], [480767],1.0.8191
Trojan.BitCoinMiner, C:\USERS\AGUSTí\DESKTOP\MINERS\CPUMINER-MULTI-REL1.3.1-X64\CPUMINER-GW64-COREI7.EXE, En cuarentena, [569], [379756],1.0.8191
RiskWare.BitCoinMiner, C:\USERS\AGUSTí\DESKTOP\MINERS\XMR-STAK-WIN64\MINAR INTENSE\XMR-STAK.EXE, En cuarentena, [691], [480140],1.0.8191
RiskWare.BitCoinMiner, C:\USERS\AGUSTí\DESKTOP\MINERS\XMR-STAK-WIN64\STELLITE\XMR-STAK.EXE, En cuarentena, [691], [480140],1.0.8191
RiskWare.BitCoinMiner, C:\USERS\AGUSTí\DESKTOP\MINERS\XMR-STAK-WIN64\TURTLECOIN\XMR-STAK.EXE, En cuarentena, [691], [480140],1.0.8191
RiskWare.BitCoinMiner, C:\USERS\AGUSTí\DESKTOP\MINERS\CCMINER-X64-2.2.4-CUDA9\CCMINER-X64.EXE, En cuarentena, [691], [501365],1.0.8191
RiskWare.BitCoinMiner.Themida, C:\USERS\AGUSTí\DESKTOP\MINERS\CLAYMORE'S DUAL ETHEREUM+DECRED_SIACOIN_LBRY_PASCAL AMD+NVIDIA GPU MINER V10.5\CUDA9.1\ETHDCRMINER64.EXE, En cuarentena, [7802], [480766],1.0.8191
Generic.Malware/Suspicious, C:\USERS\AGUSTí\DESKTOP\MINERS\CRYPTONOTE-EASY-MINER_V0.0.3\CRYPTONOTEMINER.EXE, En cuarentena, [0], [392686],1.0.8191
RiskWare.BitCoinMiner, C:\USERS\AGUSTí\DESKTOP\MINERS\XMR-STAK-WIN64 (MONERO)\XMR-STAK.EXE, En cuarentena, [691], [480140],1.0.8191
RiskWare.BitCoinMiner, C:\USERS\AGUSTí\CLAYMORE.S.DUAL.ETHEREUM.DECRED_SIACOIN_LBRY_PASCAL.AMD.NVIDIA.GPU.MINER.V10.0\ETHDCRMINER64.EXE, En cuarentena, [691], [440778],1.0.8191
RiskWare.BitCoinMiner, C:\USERS\AGUSTí\DESKTOP\WALLETS\FONERO-WALLET-GUI\FONERO-WALLET-RPC.EXE, En cuarentena, [691], [516571],1.0.8191
RiskWare.BitCoinMiner.Themida, C:\USERS\AGUSTí\DESKTOP\MINERS\CLAYMORE'S DUAL ETHEREUM+DECRED_SIACOIN_LBRY_PASCAL AMD+NVIDIA GPU MINER V10.5\ETHDCRMINER64.EXE, En cuarentena, [7802], [480760],1.0.8191
RiskWare.BitCoinMiner, C:\USERS\AGUSTí\DESKTOP\MINERS\CPUMINER-MULTI-REL1.3.1-X64\CPUMINER-GW64-CORE2.EXE, En cuarentena, [691], [371884],1.0.8191
Trojan.BitCoinMiner, C:\USERS\AGUSTí\DESKTOP\MINERS\MINAR MONERO NVIDIA\CCMINER.EXE, En cuarentena, [569], [433294],1.0.8191
RiskWare.BitCoinMiner, C:\USERS\AGUSTí\DESKTOP\MINERS\MINERO AEON\MINAR AEON DREAMITSYSTEMS\XMR-STAK.EXE, En cuarentena, [691], [480140],1.0.8191
RiskWare.BitCoinMiner, C:\USERS\AGUSTí\DESKTOP\MINERS\XMR-STAK-WIN64\FONERO\XMR-STAK.EXE, En cuarentena, [691], [480140],1.0.8191
RiskWare.BitCoinMiner, C:\USERS\AGUSTí\DESKTOP\MINERS\XMR-STAK-WIN64\XMR-STAK CROAT\XMR-STAK.EXE, En cuarentena, [691], [480140],1.0.8191
RiskWare.BitCoinMiner, C:\USERS\AGUSTí\DESKTOP\MONERO-GUI-V0.11.1.0\MONERO-WALLET-RPC.EXE, En cuarentena, [691], [516571],1.0.8191
RiskWare.BitCoinMiner.Generic, C:\USERS\AGUSTí\DESKTOP\WALLETS\EDOLLAR-WIN64\EDOLLARD.EXE, En cuarentena, [1628], [516625],1.0.8191
RiskWare.BitCoinMiner.Generic, C:\USERS\AGUSTí\DESKTOP\WALLETS\STELLITE\STELLITE-WALLET-CLI.EXE, En cuarentena, [1628], [516625],1.0.8191
RiskWare.BitCoinMiner.Generic, C:\USERS\AGUSTí\DESKTOP\WALLETS\STELLITE\STELLITE-WALLET-RPC.EXE, En cuarentena, [1628], [516625],1.0.8191
RiskWare.GameHack, C:\USERS\AGUSTí\DOWNLOADS\ADOBE.CREATIVE.CLOUD.COLLECTION.2018.SPA.MULTI\ADOBE CC (2018)\SETUP.EXE, En cuarentena, [7769], [545288],1.0.8191
RiskWare.BitCoinMiner, C:\USERS\AGUSTí\DESKTOP\MINERS\CRYPTONOTE-EASY-MINER_V0.0.3\BINARIES\CPUMINER\64BIT\MINERD.EXE, En cuarentena, [691], [75880],1.0.8191
RiskWare.BitCoinMiner, C:\USERS\AGUSTí\DESKTOP\MINERS\MINERO AEON\MINERO AEON AEON-POOL\XMR-STAK.EXE, En cuarentena, [691], [480140],1.0.8191
RiskWare.BitCoinMiner, C:\USERS\AGUSTí\DESKTOP\MINERS\XMR-STAK-WIN64\LUKA\XMR-STAK.EXE, En cuarentena, [691], [480140],1.0.8191
RiskWare.BitCoinMiner, C:\USERS\AGUSTí\DESKTOP\MINERS\XMR-STAK-WIN64\XMR-STAK MONEROHASHVAULT\XMR-STAK.EXE, En cuarentena, [691], [480140],1.0.8191
RiskWare.BitCoinMiner, C:\USERS\AGUSTí\DESKTOP\MONERO-GUI-V0.11.1.0\MONERO-WALLET-CLI.EXE, En cuarentena, [691], [516571],1.0.8191
RiskWare.BitCoinMiner, C:\USERS\AGUSTí\DESKTOP\WALLETS\CCMINER-X64-2.2.4-CUDA9\CCMINER-X64.EXE, En cuarentena, [691], [501365],1.0.8191
RiskWare.BitCoinMiner, C:\USERS\AGUSTí\DESKTOP\WALLETS\FONERO-WALLET-GUI\FONERO-WALLET-CLI.EXE, En cuarentena, [691], [516571],1.0.8191
HackTool.Patcher, C:\USERS\AGUSTí\DOWNLOADS\ADOBE.CREATIVE.CLOUD.COLLECTION.2018.SPA.MULTI\CRACK\ADOBE.SNR.PATCH.V2.0-PAINTER.ZIP, En cuarentena, [7825], [473286],1.0.8191
Trojan.BitCoinMiner, C:\USERS\AGUSTí\DESKTOP\XMR-STAK-MASTER\BUILD\BIN\RELEASE\XMR-STAK.EXE, En cuarentena, [569], [484831],1.0.8191
CrackTool.Agent, C:\USERS\AGUSTí\DOWNLOADS\ADOBE.CREATIVE.CLOUD.COLLECTION.2018.SPA.MULTI\CRACK\AMTEMU.V0.9.2.WIN-PAINTER.ZIP, En cuarentena, [6135], [445980],1.0.8191
RiskWare.BitCoinMiner, C:\USERS\AGUSTí\DESKTOP\YENTEN_WIN64_1.3.1\CPUMINER-OPT-3.7.9-WINDOWS\CPUMINER-SSE2.EXE, En cuarentena, [691], [479852],1.0.8191
RiskWare.BitCoinMiner, C:\USERS\AGUSTí\GOOGLE DRIVE\XMR-STAK CROAT.ZIP, En cuarentena, [691], [480140],1.0.8191
HackTool.FilePatch, C:\USERS\AGUSTí\DOWNLOADS\ADOBE.CREATIVE.CLOUD.COLLECTION.2018.SPA.MULTI\CRACK\ADOBE.PHOTOSHOP.CC.2018._X64_.PATCH-MPT.ZIP, En cuarentena, [7810], [281135],1.0.8191
RiskWare.Tool.HCK, E:\PROGRAMAS IMPRESCINDIBLES\ADOBE CREATIVE CLOUD‎ 2017 MASTER COLLECTION INCL CRACK [SADEEMPC]\CRACK\CRACK.RAR, Se eliminará al reiniciar, [7723], [69152],1.0.8191
CrackTool.Agent.X, E:\PROGRAMAS IMPRESCINDIBLES\ADOBE CREATIVE CLOUD‎ 2017 MASTER COLLECTION INCL CRACK [SADEEMPC]\CRACK\ADOBE_ACROBAT_PRO_DC_V2015_MULTI-XFORCE.RAR, Se eliminará al reiniciar, [10935], [81145],1.0.8191
RiskWare.Agent.Keygen, E:\PROGRAMAS IMPRESCINDIBLES\INSTALABLES ADOBE CC 2017\ADOBE.MUSE.CC.V2017.0.0.149.MULTI.WIN.INCL.CRACK-PAINTER\CRACK\ADOBE CC 2015.5 XFORCE ACTIVATION\KEYGEN_XF-ADOBECC2015.EXE, Se eliminará al reiniciar, [8046], [352875],1.0.8191
RiskWare.Agent.Keygen, E:\PROGRAMAS IMPRESCINDIBLES\INSTALABLES ADOBE CC 2017\ADOBE.PHOTOSHOP.CC.2017.V18.0.0.53.MULTI.INCL.CRACK-PAINTER (WIN-MAC)\ADOBE.PHOTOSHOP.CC.2017.V18.0.0.53.MULTI.WIN.INCL.CRACK-PAINTER\CRACK\ADOBE CC 2015.5 XFORCE ACTIVATION\KEYGEN_XF-ADOBECC2015.EXE, Se eliminará al reiniciar, [8046], [352875],1.0.8191
HackTool.Agent, E:\PROGRAMAS IMPRESCINDIBLES\INSTALABLES ADOBE CC 2017\ADOBE.MUSE.CC.V2017.0.0.149.MULTI.WIN.INCL.CRACK-PAINTER\CRACK\AMTEMU.V0.9.1.WIN-PAINTER.ZIP, Se eliminará al reiniciar, [3908], [448498],1.0.8191
HackTool.Agent, E:\PROGRAMAS IMPRESCINDIBLES\INSTALABLES ADOBE CC 2017\ADOBE.PHOTOSHOP.CC.2017.V18.0.0.53.MULTI.INCL.CRACK-PAINTER (WIN-MAC)\ADOBE.PHOTOSHOP.CC.2017.V18.0.0.53.MULTI.WIN.INCL.CRACK-PAINTER\CRACK\AMTEMU.V0.9.1.WIN-PAINTER.ZIP, Se eliminará al reiniciar, [3908], [448498],1.0.8191
RiskWare.Tool.HCK, E:\PROGRAMAS IMPRESCINDIBLES\INSTALABLES ADOBE CC 2017\ADOBE.MUSE.CC.V2017.0.0.149.MULTI.WIN.INCL.CRACK-PAINTER\CRACK\ADOBE CC 2015 UNIVERSAL PATCHER 1.5\ADOBE.SNR.PATCH-PAINTER.EXE, Se eliminará al reiniciar, [7723], [69152],1.0.8191
RiskWare.Tool.HCK, E:\PROGRAMAS IMPRESCINDIBLES\INSTALABLES ADOBE CC 2017\ADOBE.PHOTOSHOP.CC.2017.V18.0.0.53.MULTI.INCL.CRACK-PAINTER (WIN-MAC)\ADOBE.PHOTOSHOP.CC.2017.V18.0.0.53.MULTI.WIN.INCL.CRACK-PAINTER\CRACK\ADOBE CC 2015 UNIVERSAL PATCHER 1.5\ADOBE.SNR.PATCH-PAINTER.EXE, Se eliminará al reiniciar, [7723], [69152],1.0.8191
HackTool.FilePatch, E:\DESCARGAS\ELCOMSOFT PASSWORD RECOVERY BUNDLE FORENSIC EDITION 2015.01 - P2P [HELG420]\UPDATES 04.01.2015\ELCOMSOFT ADVANCED ARCHIVE PASSWORD RECOVERY 4.54.55 [ALL EDITIONS]\LICENSE\PATCHES-REPT.RAR, En cuarentena, [7810], [281135],1.0.8191
RiskWare.BitCoinMiner, E:\MONERO-GUI-V0.11.1.0\MONERO-WALLET-RPC.EXE, En cuarentena, [691], [516571],1.0.8191
RiskWare.BitCoinMiner, E:\AGUSTí\DROPBOX\MINERO CRIPTOMONEDES\XMR-STAK-WIN64.ZIP, En cuarentena, [691], [480140],1.0.8191
RiskWare.BitCoinMiner, E:\MONERO-GUI-V0.11.1.0\MONERO-WALLET-CLI.EXE, En cuarentena, [691], [516571],1.0.8191
Trojan.BitCoinMiner, E:\AGUSTí\DROPBOX\MINAR MONERO NVIDIA.RAR, En cuarentena, [569], [433294],1.0.8191
HackTool.Agent, E:\AGUSTí\DROPBOX\ADOBE.CS6.ALL.PRODUCTS.ACTIVATOR.(X32.Y.X64)_UP01-MPT.RAR, En cuarentena, [3908], [1570],1.0.8191
Generic.Malware/Suspicious, C:\DOCUMENTS AND SETTINGS\PUBLIC\Desktop\BoxyCore.lnk, En cuarentena, [0], [392686],1.0.8191
Generic.Malware/Suspicious, C:\PROGRAMDATA\Microsoft\Windows\Start Menu\Programs\BoxyCore.lnk, En cuarentena, [0], [392686],1.0.8191
Generic.Malware/Suspicious, C:\USERS\PUBLIC\DESKTOP\BoxyCore.lnk, En cuarentena, [0], [392686],1.0.8191
Generic.Malware/Suspicious, C:\PROGRAM FILES (X86)\BOXYCORE\BOXYCOREV1.03.EXE, En cuarentena, [0], [392686],1.0.8191
Generic.Malware/Suspicious, E:\DESCARGAS\CATCOIN_0.9.3.0_WIN.ZIP, En cuarentena, [0], [392686],1.0.8191
Generic.Malware/Suspicious, E:\AGUSTí\DROPBOX\APKS PARA DECOMPILAR\XMR-STAK-WIN64_MODCROAT.ZIP, En cuarentena, [0], [392686],1.0.8191

Sector físico: 0
(No hay elementos maliciosos detectados)

WMI: 0
(No hay elementos maliciosos detectados)


(end)

#9

Sigue abriéndote paginas?

Saludos


#10

Si, lo sigue haciendo y cuanto mas tiempo lleva abierto el pc, lo hace de forma mas agresiva. Sigue apareciendo lo de coinhive cuando hago el netstat.


#11

Descarga los siguientes programas y dejalos en el escritorio:

:one:

  • Ejecuta como admnistrador Rkill
  • Se abrira una consola similar a CMD
  • Deja que trabaje de 2 a 5 minutos
  • Pega el reporte que esta dentro de Rkill.txt guardado en el escritorio. :warning: No reinicies el PC al terminar, y sigue con MBAM anti-rootkit :warning:

:two:

Espero sus reportes y respetivos comentarios si aun sigue detectando. Saludos.


#12
Rkill 2.9.1 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2018 BleepingComputer.com
More Information about Rkill can be found at this link:
 http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 12/07/2018 11:40:13 AM in x64 mode.
Windows Version: Windows 10 Education 

Checking for Windows services to stop:

 * No malware services found to stop.

Checking for processes to terminate:

 * C:\Users\Agustí\AppData\Local\Programs\Google\MusicManager\MusicManager.exe (PID: 10896) [UP-HEUR]

1 proccess terminated!

Checking Registry for malware related settings:

 * No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

 * Windows Defender Disabled

   [HKLM\SOFTWARE\Microsoft\Windows Defender]
   "DisableAntiSpyware" = dword:00000001

Searching for Missing Digital Signatures: 

 * No issues found.

Checking HOSTS File: 

 * Cannot edit the HOSTS file.
 * Permissions could not be fixed. Use Hosts-perm.bat to fix permissions: http://www.bleepingcomputer.com/download/hosts-permbat/

 * HOSTS file entries found: 

  127.0.0.1	192.150.14.69
  127.0.0.1	192.150.18.101
  127.0.0.1	192.150.18.108
  127.0.0.1	192.150.22.40
  127.0.0.1	192.150.8.100
  127.0.0.1	192.150.8.118
  127.0.0.1	209-34-83-73.ood.opsource.net
  127.0.0.1	3dns-1.adobe.com
  127.0.0.1	3dns-2.adobe.com
  127.0.0.1	3dns-2.adobe.com
  127.0.0.1	3dns-3.adobe.com
  127.0.0.1	3dns-3.adobe.com
  127.0.0.1	3dns-4.adobe.com
  127.0.0.1	3dns.adobe.com
  127.0.0.1	activate-sea.adobe.com
  127.0.0.1	activate-sjc0.adobe.com
  127.0.0.1	activate.adobe.com
  127.0.0.1	activate.wip.adobe.com
  127.0.0.1	activate.wip1.adobe.com
  127.0.0.1	activate.wip2.adobe.com

  20 out of 15697 HOSTS entries shown.
  Please review HOSTS file for further entries.

Program finished at: 12/07/2018 11:40:34 AM
Execution time: 0 hours(s), 0 minute(s), and 21 seconds(s) 

Malwarebytes Anti-Rootkit BETA 1.10.3.1001
www.malwarebytes.org

Database version:
  main:    v2018.12.07.06
  rootkit: v2018.12.07.05

Windows 8 x64 NTFS (Safe Mode)
Internet Explorer 11.407.17134.0
Agustí :: ARGOS [administrator]

07/12/2018 11:54:12
mbar-log-2018-12-07 (11-54-12).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled: 
Objects scanned: 268639
Time elapsed: 8 minute(s), 50 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)

No se porque el reporte a prueba de fallos marca que tengo windows 8, si tengo Windows 10.

Pasados unos minutos parece que almenos el tema de las ventanas en blanco que se abren espontaneamente ha dejado de suceder. Tendré que comprobar durante un periodo un poco mas largo y con algun reinicio por medio para confirmar.

Perdón por ser repetitivo, pero entonces tener estas lineas es normal? Si es así, que significan?

Conexiones activas

  Proto  Dirección local        Dirección remota       Estado
  TCP    0.0.0.0:7              coin-hive:0            LISTENING
  TCP    0.0.0.0:9              coin-hive:0            LISTENING
  TCP    0.0.0.0:13             coin-hive:0            LISTENING
  TCP    0.0.0.0:17             coin-hive:0            LISTENING
  TCP    0.0.0.0:19             coin-hive:0            LISTENING
  TCP    0.0.0.0:135            coin-hive:0            LISTENING
  TCP    0.0.0.0:445            coin-hive:0            LISTENING
  TCP    0.0.0.0:1536           coin-hive:0            LISTENING
  TCP    0.0.0.0:1537           coin-hive:0            LISTENING
  TCP    0.0.0.0:1538           coin-hive:0            LISTENING
  TCP    0.0.0.0:1539           coin-hive:0            LISTENING
  TCP    0.0.0.0:1544           coin-hive:0            LISTENING
  TCP    0.0.0.0:1545           coin-hive:0            LISTENING
  TCP    0.0.0.0:5040           coin-hive:0            LISTENING
  TCP    0.0.0.0:17500          coin-hive:0            LISTENING
  TCP    0.0.0.0:27036          coin-hive:0            LISTENING
  TCP    127.0.0.1:843          coin-hive:0            LISTENING
  TCP    127.0.0.1:1546         coin-hive:0            LISTENING
  TCP    127.0.0.1:1547         coin-hive:0            LISTENING
  TCP    127.0.0.1:1552         coin-hive:0            LISTENING
  TCP    127.0.0.1:15292        coin-hive:0            LISTENING
  TCP    127.0.0.1:17600        coin-hive:0            LISTENING
  TCP    127.0.0.1:21320        coin-hive:0            LISTENING
  TCP    127.0.0.1:21321        coin-hive:0            LISTENING
  TCP    127.0.0.1:21322        coin-hive:0            LISTENING
  TCP    127.0.0.1:21323        coin-hive:0            LISTENING
  TCP    127.0.0.1:21327        coin-hive:0            LISTENING
  TCP    127.0.0.1:27060        coin-hive:0            LISTENING
  TCP    127.0.0.1:43227        coin-hive:0            LISTENING
  TCP    127.0.0.1:65000        coin-hive:0            LISTENING
  TCP    127.0.0.1:65001        coin-hive:0            LISTENING
  TCP    192.168.1.189:139      coin-hive:0            LISTENING

PD: En el link de como reiniciar en modo seguro falta el como hacerlo en Windows 10


#13

Hola y con permiso, @Melkor

  • Desactiva Temporalmente tu antivirus y cualquier programa de seguridad.

  • Descarga a Tu Escritorio >> Esto es muy importante<<.,Fabar Recovery Scan Tool, considerando la versión adecuada para tu equipo. (32 o 64 bits) :arrow_forward: ¿Cómo saber si mi Windows es de 32 o 64 bits?

  • Doble clic para ejecutar Frst.exe. En la ventana del Disclaimer, presiona Yes.

  • En la nueva ventana que se abre, presiona el botón Scan y espera a que concluya el análisis.

  • Se abrirán dos (2) archivos (Logs), Frst.txt y Addition.txt, que estarán grabados en Tu escritorio.

En Tu próxima respuesta, copias y pegas los dos reportes Frst.txt y Addition.txt de FRST

Nota: Si el/los reportes solicitados no entraran en una sola respuesta porque superan la cantidad de caracteres permitidos, puedes utilizar dos o mas respuestas para pegarlos completamente.


#16

Al contrario, gracias por tu aportación @Miguelgrado , toda ayuda es bienvenida.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 09.12.2018
Ran by Agustí (administrator) on ARGOS (09-12-2018 18:50:14)
Running from C:\Users\Agustí\Desktop
Loaded Profiles: Agustí &  (Available Profiles: defaultuser0 & Agustí)
Platform: Windows 10 Education Version 1803 17134.407 (X64) Language: Español (España, internacional)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 18.0.0\avp.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
(Microsoft Corporation) C:\Windows\System32\TCPSVCS.EXE
(Wondershare) C:\Program Files (x86)\Wondershare\WAF\2.4.3.237\WsAppService.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 2.0\ksde.exe
(Intel(R) Corporation) C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\XtuService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 2.0\ksdeui.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 18.0.0\avpui.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
() C:\Program Files (x86)\GLPCCamera\monitorpad.exe
() C:\Program Files\Google\Drive\googledrivesync.exe
() C:\Program Files\Google\Drive\googledrivesync.exe
(Google Inc.) C:\Users\Agustí\AppData\Local\Programs\Google\MusicManager\MusicManager.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
() C:\Program Files (x86)\Drakonia Configurator\hid.exe
() C:\Program Files (x86)\Drakonia Configurator\trayicon.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\CCXProcess.exe
(Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\libs\node.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
(Google Inc.) C:\Users\Agustí\AppData\Local\Google\Update\GoogleUpdate.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Mozilla Corporation) C:\Program Files\Daily\thunderbird.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.PeopleExperienceHost_cw5n1h2txyewy\PeopleExperienceHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.14.17639.18041-0\MsMpEng.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.14.17639.18041-0\NisSrv.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated)
HKLM\...\Run: [GLSystray] => C:\Program Files (x86)\GLPCCamera\monitorpad.exe [69632 2014-03-11] ()
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2670056 2018-09-10] (Adobe Systems, Incorporated)
HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Corporation)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [3806016 2018-11-28] (Dropbox, Inc.)
HKLM-x32\...\Run: [GamingMouse] => C:\Program Files (x86)\Drakonia Configurator\hid.exe [248832 2013-10-29] ()
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2383040 2016-10-25] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [3500056 2017-11-01] (Adobe Systems Inc.)
HKLM-x32\...\Run: [PMBVolumeWatcher] => C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe [3029480 2018-05-09] (Sony Corporation)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [6788032 2018-04-20] (Safer-Networking Ltd.)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12092018184304670\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12092018184308924\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12092018184304704\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12092018184308939\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-21-2661268148-4206100724-2722932501-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12092018184304725\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-21-2661268148-4206100724-2722932501-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12092018184308955\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-21-2661268148-4206100724-2722932501-1001\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [46459080 2018-10-04] ()
HKU\S-1-5-21-2661268148-4206100724-2722932501-1001\...\Run: [Google Update] => C:\Users\Agustí\AppData\Local\Google\Update\1.3.33.17\GoogleUpdateCore.exe [601680 2018-05-20] (Google Inc.)
HKU\S-1-5-21-2661268148-4206100724-2722932501-1001\...\Run: [MusicManager] => C:\Users\Agustí\AppData\Local\Programs\Google\MusicManager\MusicManager.exe [5968896 2018-01-30] (Google Inc.)
HKU\S-1-5-21-2661268148-4206100724-2722932501-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3131680 2018-11-26] (Valve Corporation)
HKU\S-1-5-21-2661268148-4206100724-2722932501-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [19467544 2018-11-09] (Piriform Ltd)
HKU\S-1-5-21-2661268148-4206100724-2722932501-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12092018184304790\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [46459080 2018-10-04] ()
HKU\S-1-5-21-2661268148-4206100724-2722932501-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12092018184304790\...\Run: [Google Update] => C:\Users\Agustí\AppData\Local\Google\Update\1.3.33.17\GoogleUpdateCore.exe [601680 2018-05-20] (Google Inc.)
HKU\S-1-5-21-2661268148-4206100724-2722932501-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12092018184304790\...\Run: [MusicManager] => C:\Users\Agustí\AppData\Local\Programs\Google\MusicManager\MusicManager.exe [5968896 2018-01-30] (Google Inc.)
HKU\S-1-5-21-2661268148-4206100724-2722932501-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12092018184304790\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3131680 2018-11-26] (Valve Corporation)
HKU\S-1-5-21-2661268148-4206100724-2722932501-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12092018184304790\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [19467544 2018-11-09] (Piriform Ltd)
HKU\S-1-5-21-2661268148-4206100724-2722932501-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12092018184309017\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [46459080 2018-10-04] ()
HKU\S-1-5-21-2661268148-4206100724-2722932501-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12092018184309017\...\Run: [Google Update] => C:\Users\Agustí\AppData\Local\Google\Update\1.3.33.17\GoogleUpdateCore.exe [601680 2018-05-20] (Google Inc.)
HKU\S-1-5-21-2661268148-4206100724-2722932501-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12092018184309017\...\Run: [MusicManager] => C:\Users\Agustí\AppData\Local\Programs\Google\MusicManager\MusicManager.exe [5968896 2018-01-30] (Google Inc.)
HKU\S-1-5-21-2661268148-4206100724-2722932501-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12092018184309017\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3131680 2018-11-26] (Valve Corporation)
HKU\S-1-5-21-2661268148-4206100724-2722932501-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12092018184309017\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [19467544 2018-11-09] (Piriform Ltd)
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\..\Interfaces\{32113950-bf87-4127-b48f-b8a743f9e7fc}: [NameServer] 80.58.61.250,80.58.61.254

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2661268148-4206100724-2722932501-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2661268148-4206100724-2722932501-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12092018184304790\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2661268148-4206100724-2722932501-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12092018184309017\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
BHO: Kaspersky Protection -> {0E2877D3-2641-4970-B794-A553E295428D} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 18.0.0\x64\IEExt\ie_plugin.dll [2018-07-24] (AO Kaspersky Lab)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2016-12-17] (Adobe Systems Incorporated)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2018-07-20] (Microsoft Corporation)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2016-12-17] (Adobe Systems Incorporated)
BHO: No Name -> {F710F7E5-A520-471D-989C-F653AC328FB2} -> No File
BHO-x32: Kaspersky Protection -> {0E2877D3-2641-4970-B794-A553E295428D} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 18.0.0\IEExt\ie_plugin.dll [2018-07-24] (AO Kaspersky Lab)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2016-12-17] (Adobe Systems Incorporated)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2018-07-22] (Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2016-12-17] (Adobe Systems Incorporated)
BHO-x32: No Name -> {F710F7E5-A520-471D-989C-F653AC328FB2} -> No File
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2016-12-17] (Adobe Systems Incorporated)
Toolbar: HKLM - Kaspersky Protection Toolbar - {4853DF44-7D6B-48E9-9258-D800EEE54AF6} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 18.0.0\x64\IEExt\ie_plugin.dll [2018-07-24] (AO Kaspersky Lab)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2016-12-17] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Kaspersky Protection Toolbar - {4853DF44-7D6B-48E9-9258-D800EEE54AF6} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 18.0.0\IEExt\ie_plugin.dll [2018-07-24] (AO Kaspersky Lab)
Toolbar: HKU\S-1-5-21-2661268148-4206100724-2722932501-1001 -> No Name - {093F479D-712E-46CD-9E06-62E734A05F68} -  No File
Toolbar: HKU\S-1-5-21-2661268148-4206100724-2722932501-1001 -> Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2016-12-17] (Adobe Systems Incorporated)
Toolbar: HKU\S-1-5-21-2661268148-4206100724-2722932501-1001 -> Kaspersky Protection Toolbar - {4853DF44-7D6B-48E9-9258-D800EEE54AF6} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 18.0.0\x64\IEExt\ie_plugin.dll [2018-07-24] (AO Kaspersky Lab)
Toolbar: HKU\S-1-5-21-2661268148-4206100724-2722932501-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12092018184304790 -> No Name - {093F479D-712E-46CD-9E06-62E734A05F68} -  No File
Toolbar: HKU\S-1-5-21-2661268148-4206100724-2722932501-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12092018184304790 -> Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2016-12-17] (Adobe Systems Incorporated)
Toolbar: HKU\S-1-5-21-2661268148-4206100724-2722932501-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12092018184304790 -> Kaspersky Protection Toolbar - {4853DF44-7D6B-48E9-9258-D800EEE54AF6} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 18.0.0\x64\IEExt\ie_plugin.dll [2018-07-24] (AO Kaspersky Lab)
Toolbar: HKU\S-1-5-21-2661268148-4206100724-2722932501-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12092018184309017 -> No Name - {093F479D-712E-46CD-9E06-62E734A05F68} -  No File
Toolbar: HKU\S-1-5-21-2661268148-4206100724-2722932501-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12092018184309017 -> Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2016-12-17] (Adobe Systems Incorporated)
Toolbar: HKU\S-1-5-21-2661268148-4206100724-2722932501-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12092018184309017 -> Kaspersky Protection Toolbar - {4853DF44-7D6B-48E9-9258-D800EEE54AF6} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 18.0.0\x64\IEExt\ie_plugin.dll [2018-07-24] (AO Kaspersky Lab)
Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2018-02-14] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2018-04-10] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2018-02-14] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2018-04-10] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Agustí\AppData\Roaming\Mozilla\Firefox\Profiles\fu8ep68a.default [2018-12-09]
FF Extension: (ZenMate VPN - Mejor seguridad para Internet) - C:\Users\Agustí\AppData\Roaming\Mozilla\Firefox\Profiles\fu8ep68a.default\Extensions\[email protected] [2018-12-04]
FF Extension: (Kaspersky Password Manager) - C:\Users\Agustí\AppData\Roaming\Mozilla\Firefox\Profiles\fu8ep68a.default\Extensions\[email protected] [2018-12-04]
FF Extension: (uBlock Origin) - C:\Users\Agustí\AppData\Roaming\Mozilla\Firefox\Profiles\fu8ep68a.default\Extensions\[email protected] [2018-12-04]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Extension: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2017-11-01]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 18.0.0\FFExt\light_plugin_firefox\addon.xpi
FF Extension: (Kaspersky Protection) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 18.0.0\FFExt\light_plugin_firefox\addon.xpi [2018-07-24]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 18.0.0\FFExt\light_plugin_firefox\addon.xpi
FF HKU\S-1-5-21-2661268148-4206100724-2722932501-1001\...\Firefox\Extensions: [[email protected]] - C:\Users\Agustí\AppData\Roaming\ACEStream\extensions\awe\firefox\acewebextension_unlisted.xpi => not found
FF HKU\S-1-5-21-2661268148-4206100724-2722932501-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12092018184304790\...\Firefox\Extensions: [[email protected]] - C:\Users\Agustí\AppData\Roaming\ACEStream\extensions\awe\firefox\acewebextension_unlisted.xpi => not found
FF HKU\S-1-5-21-2661268148-4206100724-2722932501-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12092018184309017\...\Firefox\Extensions: [[email protected]] - C:\Users\Agustí\AppData\Roaming\ACEStream\extensions\awe\firefox\acewebextension_unlisted.xpi => not found
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2016-10-25] (Adobe Systems)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2018-09-19] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2018-09-19] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2018-09-19] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2018-09-19] (Foxit Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2018-11-29] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2018-11-29] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-20] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-20] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll [2017-11-01] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2016-10-25] (Adobe Systems)
FF Plugin HKU\S-1-5-21-2661268148-4206100724-2722932501-1001: @acestream.net/acestreamplugin,version=3.1.16.1 -> C:\Users\Agustí\AppData\Roaming\ACEStream\player\npace_plugin.dll [No File]
FF Plugin HKU\S-1-5-21-2661268148-4206100724-2722932501-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Agustí\AppData\Local\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-20] (Google Inc.)
FF Plugin HKU\S-1-5-21-2661268148-4206100724-2722932501-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Agustí\AppData\Local\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-20] (Google Inc.)
FF Plugin HKU\S-1-5-21-2661268148-4206100724-2722932501-1001: SkypeForBusinessPlugin-16.2 -> C:\Users\Agustí\AppData\Local\Microsoft\SkypeForBusinessPlugin\16.2.0.194\npGatewayNpapi.dll [2017-05-19] (Microsoft Corporation)
FF Plugin HKU\S-1-5-21-2661268148-4206100724-2722932501-1001: SkypeForBusinessPlugin64-16.2 -> C:\Users\Agustí\AppData\Local\Microsoft\SkypeForBusinessPlugin\16.2.0.194\npGatewayNpapi-x64.dll [2017-05-19] (Microsoft Corporation)
FF Plugin HKU\S-1-5-21-2661268148-4206100724-2722932501-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12092018184304790: @acestream.net/acestreamplugin,version=3.1.16.1 -> C:\Users\Agustí\AppData\Roaming\ACEStream\player\npace_plugin.dll [No File]
FF Plugin HKU\S-1-5-21-2661268148-4206100724-2722932501-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12092018184304790: @tools.google.com/Google Update;version=3 -> C:\Users\Agustí\AppData\Local\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-20] (Google Inc.)
FF Plugin HKU\S-1-5-21-2661268148-4206100724-2722932501-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12092018184304790: @tools.google.com/Google Update;version=9 -> C:\Users\Agustí\AppData\Local\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-20] (Google Inc.)
FF Plugin HKU\S-1-5-21-2661268148-4206100724-2722932501-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12092018184304790: SkypeForBusinessPlugin-16.2 -> C:\Users\Agustí\AppData\Local\Microsoft\SkypeForBusinessPlugin\16.2.0.194\npGatewayNpapi.dll [2017-05-19] (Microsoft Corporation)
FF Plugin HKU\S-1-5-21-2661268148-4206100724-2722932501-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12092018184304790: SkypeForBusinessPlugin64-16.2 -> C:\Users\Agustí\AppData\Local\Microsoft\SkypeForBusinessPlugin\16.2.0.194\npGatewayNpapi-x64.dll [2017-05-19] (Microsoft Corporation)
FF Plugin HKU\S-1-5-21-2661268148-4206100724-2722932501-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12092018184309017: @acestream.net/acestreamplugin,version=3.1.16.1 -> C:\Users\Agustí\AppData\Roaming\ACEStream\player\npace_plugin.dll [No File]
FF Plugin HKU\S-1-5-21-2661268148-4206100724-2722932501-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12092018184309017: @tools.google.com/Google Update;version=3 -> C:\Users\Agustí\AppData\Local\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-20] (Google Inc.)
FF Plugin HKU\S-1-5-21-2661268148-4206100724-2722932501-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12092018184309017: @tools.google.com/Google Update;version=9 -> C:\Users\Agustí\AppData\Local\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-20] (Google Inc.)
FF Plugin HKU\S-1-5-21-2661268148-4206100724-2722932501-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12092018184309017: SkypeForBusinessPlugin-16.2 -> C:\Users\Agustí\AppData\Local\Microsoft\SkypeForBusinessPlugin\16.2.0.194\npGatewayNpapi.dll [2017-05-19] (Microsoft Corporation)
FF Plugin HKU\S-1-5-21-2661268148-4206100724-2722932501-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12092018184309017: SkypeForBusinessPlugin64-16.2 -> C:\Users\Agustí\AppData\Local\Microsoft\SkypeForBusinessPlugin\16.2.0.194\npGatewayNpapi-x64.dll [2017-05-19] (Microsoft Corporation)

Chrome: 
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.es/"
CHR Profile: C:\Users\Agustí\AppData\Local\Google\Chrome\User Data\Default [2018-12-09]
CHR Extension: (Presentaciones) - C:\Users\Agustí\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-24]
CHR Extension: (Documentos) - C:\Users\Agustí\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-24]
CHR Extension: (Google Drive) - C:\Users\Agustí\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-02-15]
CHR Extension: (Audiense) - C:\Users\Agustí\AppData\Local\Google\Chrome\User Data\Default\Extensions\bagknoiagpifjfbempgignagkejmkljm [2017-02-15]
CHR Extension: (Sothink Flash Downloader for Chrome) - C:\Users\Agustí\AppData\Local\Google\Chrome\User Data\Default\Extensions\biceobciobbhhkplgocbaigojbnepcoi [2017-02-15]
CHR Extension: (Direct APK Downloader) - C:\Users\Agustí\AppData\Local\Google\Chrome\User Data\Default\Extensions\bifidglkmlbfohchohkkpdkjokajibgg [2017-10-24]
CHR Extension: (YouTube) - C:\Users\Agustí\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-02-15]
CHR Extension: (Honey) - C:\Users\Agustí\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmnlcjabgnpnenekpadlanbbkooimhnj [2018-11-13]
CHR Extension: (Mi dirección IP) - C:\Users\Agustí\AppData\Local\Google\Chrome\User Data\Default\Extensions\ccfphbgnmmhjfalloifioeeeokjemobf [2017-02-15]
CHR Extension: (Adblock Plus) - C:\Users\Agustí\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2018-12-04]
CHR Extension: (DownAlbum) - C:\Users\Agustí\AppData\Local\Google\Chrome\User Data\Default\Extensions\cgjnhhjpfcdhbhlcmmjppicjmgfkppok [2018-12-09]
CHR Extension: (uBlock Origin) - C:\Users\Agustí\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2018-12-06]
CHR Extension: (Autopen - Email Signatures) - C:\Users\Agustí\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmjcoiohflenpehfaalahocpmacjloof [2017-02-15]
CHR Extension: (Search by Image (by Google)) - C:\Users\Agustí\AppData\Local\Google\Chrome\User Data\Default\Extensions\dajedkncpodkggklbegccjpmnglmnflm [2017-02-15]
CHR Extension: (ZenMate - IP & Browser Check) - C:\Users\Agustí\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchhalahcjpkabdgonjhoogdcipienhf [2017-02-15]
CHR Extension: (Kaspersky Password Manager) - C:\Users\Agustí\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhnkblpjbkfklfloegejegedcafpliaa [2018-11-27]
CHR Extension: (Hacked Emails webmail checker) - C:\Users\Agustí\AppData\Local\Google\Chrome\User Data\Default\Extensions\dojhmchmanmobbleamomangagmoblcgf [2018-04-07]
CHR Extension: (Dropbox para Gmail) - C:\Users\Agustí\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpdmhfocilnekecfjgimjdeckachfbec [2018-04-25]
CHR Extension: (Adobe Acrobat) - C:\Users\Agustí\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-03-06]
CHR Extension: (Box) - C:\Users\Agustí\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejnkaeblpdcamcioiiabclakabcbjmbl [2017-02-15]
CHR Extension: (Google Play Música) - C:\Users\Agustí\AppData\Local\Google\Chrome\User Data\Default\Extensions\fahmaaghhglfmonjliepjlchgpgfmobi [2018-10-29]
CHR Extension: (MyJDownloader Browser Extension) - C:\Users\Agustí\AppData\Local\Google\Chrome\User Data\Default\Extensions\fbcohnmimjicjdomonkcbcpbpnhggkip [2018-11-09]
CHR Extension: (Mixcloud) - C:\Users\Agustí\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdcenekolminfbkcbchinlcgfhpmggpk [2017-02-15]
CHR Extension: (ZenMate VPN - Mejor seguridad para Internet) - C:\Users\Agustí\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdcgdnkidjaadafnichfpabhfomcebme [2018-10-29]
CHR Extension: (Full Page Screen Capture) - C:\Users\Agustí\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdpohaocaechififmbbbbbknoalclacl [2018-10-29]
CHR Extension: (Hojas de cálculo) - C:\Users\Agustí\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-24]
CHR Extension: (Supervisor de vínculos URL) - C:\Users\Agustí\AppData\Local\Google\Chrome\User Data\Default\Extensions\fipcbkgepjlnemlkgialpomkajcpneop [2018-05-30]
CHR Extension: (Complemento inhabilitación Google Analytics) - C:\Users\Agustí\AppData\Local\Google\Chrome\User Data\Default\Extensions\fllaojicojecljbmefodhfapmkghcbnh [2017-02-15]
CHR Extension: (EditThisCookie) - C:\Users\Agustí\AppData\Local\Google\Chrome\User Data\Default\Extensions\fngmhnnpilhplaeedifhccceomclgfbg [2018-11-30]
CHR Extension: (Pricescout - Comparación de precios & cupones) - C:\Users\Agustí\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbkjddnnlgmahpnjjkiolhoophlpibfn [2018-04-11]
CHR Extension: (HTTPS Everywhere) - C:\Users\Agustí\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcbommkclmclpchllfjekcdonpmejbdp [2018-11-09]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\Agustí\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-21]
CHR Extension: (El Camelizer) - C:\Users\Agustí\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghnomdcacenbmilgjigehppbamfndblo [2018-06-23]
CHR Extension: (No Coin - Block miners on the web!) - C:\Users\Agustí\AppData\Local\Google\Chrome\User Data\Default\Extensions\gojamcfopckidlocpkbelmpjcgmbgjcl [2018-03-29]
CHR Extension: (Botón Guardar de Pinterest) - C:\Users\Agustí\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic [2018-10-29]
CHR Extension: (TinEye Reverse Image Search) - C:\Users\Agustí\AppData\Local\Google\Chrome\User Data\Default\Extensions\haebnnbpedcbhciplfhjjkbafijpncjl [2018-10-29]
CHR Extension: (OSI: Servicio AntiBotnet) - C:\Users\Agustí\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhljghnmjahiaofikeljkjnhbeoiclbh [2017-02-15]
CHR Extension: (SEO optimizacion e Internet Marketing) - C:\Users\Agustí\AppData\Local\Google\Chrome\User Data\Default\Extensions\hlngmmdolgbdnnimbmblfhhndibdipaf [2018-06-21]
CHR Extension: (Desprotetor de Links) - C:\Users\Agustí\AppData\Local\Google\Chrome\User Data\Default\Extensions\imcbnnnoghiihopefblgehihofbfbmei [2018-04-17] [UpdateUrl: hxxps://desprotetor.com.br/firefox_update.json] <==== ATTENTION
CHR Extension: (Dropbox) - C:\Users\Agustí\AppData\Local\Google\Chrome\User Data\Default\Extensions\ioekoebejdcmnlefjiknokhhafglcjdl [2018-03-29]
CHR Extension: (SingleFile Core) - C:\Users\Agustí\AppData\Local\Google\Chrome\User Data\Default\Extensions\jemlklgaibiijojffihnhieihhagocma [2017-02-15]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Agustí\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2018-11-15]
CHR Extension: (Kaspersky Protection) - C:\Users\Agustí\AppData\Local\Google\Chrome\User Data\Default\Extensions\mchjnmdbdlkdbfliogedbnpnanfjnolk [2018-03-08]
CHR Extension: (Tom's Hardware UK - My Threads) - C:\Users\Agustí\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgcjmndhglkgjijpkogikbimefoiceno [2017-02-15]
CHR Extension: (Ace Script) - C:\Users\Agustí\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjbepbhonbojpoaenhckjocchgfiaofo [2018-11-23]
CHR Extension: (SingleFile) - C:\Users\Agustí\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpiodijhokgodhhofbcjdecpffjipkle [2018-12-09]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Agustí\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-04]
CHR Extension: (Fanatical Assistant) - C:\Users\Agustí\AppData\Local\Google\Chrome\User Data\Default\Extensions\oobijlcdpmmmpgkonmjnpkkbdmnjpeeb [2018-11-09]
CHR Extension: (uBlock Origin Extra) - C:\Users\Agustí\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgdnlhfefecpicbbihgmbmffkjpaplco [2018-11-18]
CHR Extension: (Gmail) - C:\Users\Agustí\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-02-15]
CHR Extension: (Chrome Media Router) - C:\Users\Agustí\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-10-29]
CHR Profile: C:\Users\Agustí\AppData\Local\Google\Chrome\User Data\Guest Profile [2018-12-05]
CHR Profile: C:\Users\Agustí\AppData\Local\Google\Chrome\User Data\Profile 2 [2018-12-05]
CHR Extension: (Presentaciones) - C:\Users\Agustí\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-11-30]
CHR Extension: (Documentos) - C:\Users\Agustí\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aohghmighlieiainnegkcijnfilokake [2017-11-30]
CHR Extension: (Google Drive) - C:\Users\Agustí\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-11-30]
CHR Extension: (YouTube) - C:\Users\Agustí\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-11-30]
CHR Extension: (Adobe Acrobat) - C:\Users\Agustí\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-11-30]
CHR Extension: (Google Play Música) - C:\Users\Agustí\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\fahmaaghhglfmonjliepjlchgpgfmobi [2017-11-30]
CHR Extension: (Hojas de cálculo) - C:\Users\Agustí\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-11-30]
CHR Extension: (Kaspersky Protection) - C:\Users\Agustí\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\fhoibnponjcgjgcnfacekaijdbbplhib [2017-11-30]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\Agustí\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-12-01]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Agustí\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2017-11-30]
CHR Extension: (Ace Script) - C:\Users\Agustí\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\mjbepbhonbojpoaenhckjocchgfiaofo [2017-11-30]
CHR Extension: (Kaspersky Password Manager) - C:\Users\Agustí\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\mkaoblbjfmcalcjjaifickaoccjmhlal [2017-11-30]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Agustí\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-11-30]
CHR Extension: (Gmail) - C:\Users\Agustí\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-11-30]
CHR Extension: (Chrome Media Router) - C:\Users\Agustí\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-11-30]
CHR Profile: C:\Users\Agustí\AppData\Local\Google\Chrome\User Data\System Profile [2018-12-05]
CHR HKLM\...\Chrome\Extension: [mchjnmdbdlkdbfliogedbnpnanfjnolk] - hxxps://chrome.google.com/webstore/detail/mchjnmdbdlkdbfliogedbnpnanfjnolk
CHR HKU\S-1-5-21-2661268148-4206100724-2722932501-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [dhnkblpjbkfklfloegejegedcafpliaa] - hxxps://chrome.google.com/webstore/detail/dhnkblpjbkfklfloegejegedcafpliaa
CHR HKU\S-1-5-21-2661268148-4206100724-2722932501-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-2661268148-4206100724-2722932501-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [mjbepbhonbojpoaenhckjocchgfiaofo] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-2661268148-4206100724-2722932501-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12092018184304790\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [dhnkblpjbkfklfloegejegedcafpliaa] - hxxps://chrome.google.com/webstore/detail/dhnkblpjbkfklfloegejegedcafpliaa
CHR HKU\S-1-5-21-2661268148-4206100724-2722932501-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12092018184304790\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-2661268148-4206100724-2722932501-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12092018184304790\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [mjbepbhonbojpoaenhckjocchgfiaofo] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-2661268148-4206100724-2722932501-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12092018184309017\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [dhnkblpjbkfklfloegejegedcafpliaa] - hxxps://chrome.google.com/webstore/detail/dhnkblpjbkfklfloegejegedcafpliaa
CHR HKU\S-1-5-21-2661268148-4206100724-2722932501-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12092018184309017\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-2661268148-4206100724-2722932501-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12092018184309017\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [mjbepbhonbojpoaenhckjocchgfiaofo] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2017-11-01]
CHR HKLM-x32\...\Chrome\Extension: [mchjnmdbdlkdbfliogedbnpnanfjnolk] - hxxps://chrome.google.com/webstore/detail/mchjnmdbdlkdbfliogedbnpnanfjnolk

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [744640 2016-10-25] (Adobe Systems Incorporated)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [2910696 2018-09-10] (Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2704872 2018-09-10] (Adobe Systems, Incorporated)
R2 AVP18.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 18.0.0\avp.exe [354672 2017-01-24] (AO Kaspersky Lab)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-02-16] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-02-16] (Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [51024 2018-11-28] (Dropbox, Inc.)
R3 ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [160256 2012-02-01] (Intel Corporation) [File not signed]
R2 IpOverUsbSvc; C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe [21304 2017-09-28] (Microsoft Corporation)
S3 klvssbridge64_18.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 18.0.0\x64\vssbridge64.exe [426416 2018-03-08] (AO Kaspersky Lab)
R2 KSDE2.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 2.0\ksde.exe [354672 2017-01-24] (AO Kaspersky Lab)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6347056 2018-09-19] (Malwarebytes)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [764896 2018-05-20] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [764896 2018-05-20] (NVIDIA Corporation)
R2 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [498152 2018-05-09] (Sony Corporation)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [3892256 2018-04-20] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [3943664 2018-04-20] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [233712 2018-02-06] (Safer-Networking Ltd.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [4737448 2018-07-15] (Microsoft Corporation)
S4 ssh-agent; C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [495616 2018-03-10] ()
S3 Te.Service; C:\Program Files (x86)\Windows Kits\10\Testing\Runtimes\TAEF\Wex.Services.exe [187904 2017-09-28] (Microsoft Corporation) [File not signed]
S3 VSStandardCollectorService150; C:\Program Files (x86)\Microsoft Visual Studio\Shared\Common\DiagnosticsHub.Collection.Service\StandardCollector.Service.exe [142432 2017-11-09] (Microsoft Corporation)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.14.17639.18041-0\NisSrv.exe [4632736 2018-05-03] (Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.14.17639.18041-0\MsMpEng.exe [104680 2018-05-03] (Microsoft Corporation)
R2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.4.3.237\WsAppService.exe [495720 2018-07-04] (Wondershare)
R2 XTU3SERVICE; C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\XtuService.exe [18264 2017-10-31] (Intel(R) Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000 
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 cm_km; C:\WINDOWS\System32\DRIVERS\cm_km.sys [247008 2016-12-26] (AO Kaspersky Lab)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd.)
R2 iocbios2; C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys [38424 2017-09-15] (Intel Corporation)
R0 kl1; C:\WINDOWS\System32\DRIVERS\kl1.sys [554408 2016-10-01] (AO Kaspersky Lab)
R0 klbackupdisk; C:\WINDOWS\System32\DRIVERS\klbackupdisk.sys [70880 2017-12-24] (AO Kaspersky Lab)
R1 klbackupflt; C:\WINDOWS\System32\DRIVERS\klbackupflt.sys [119904 2018-10-29] (AO Kaspersky Lab)
R2 kldisk; C:\WINDOWS\system32\DRIVERS\kldisk.sys [85704 2018-07-24] (AO Kaspersky Lab)
S0 klelam; C:\WINDOWS\System32\DRIVERS\klelam.sys [29208 2018-10-29] (AO Kaspersky Lab)
R3 klflt; C:\WINDOWS\system32\DRIVERS\klflt.sys [207560 2018-05-05] (AO Kaspersky Lab)
R1 klhk; C:\WINDOWS\System32\drivers\klhk.sys [1214752 2018-10-29] (AO Kaspersky Lab)
S3 klids; C:\ProgramData\Kaspersky Lab\AVP18.0.0\Bases\klids.sys [190784 2018-12-06] (AO Kaspersky Lab)
R1 KLIF; C:\WINDOWS\System32\DRIVERS\klif.sys [1058616 2018-10-29] (AO Kaspersky Lab)
R1 KLIM6; C:\WINDOWS\system32\DRIVERS\klim6.sys [57032 2018-05-05] (AO Kaspersky Lab)
R3 klkbdflt; C:\WINDOWS\system32\DRIVERS\klkbdflt.sys [57056 2016-12-23] (AO Kaspersky Lab)
R3 klmouflt; C:\WINDOWS\system32\DRIVERS\klmouflt.sys [58592 2016-12-07] (AO Kaspersky Lab)
R1 klpd; C:\WINDOWS\System32\DRIVERS\klpd.sys [50672 2017-12-24] (AO Kaspersky Lab)
S3 klpnpflt; C:\WINDOWS\system32\DRIVERS\klpnpflt.sys [45768 2018-10-29] (AO Kaspersky Lab)
R3 kltap; C:\WINDOWS\System32\drivers\kltap.sys [52152 2016-06-07] (The OpenVPN Project)
R0 klupd_klif_arkmon; C:\WINDOWS\System32\Drivers\klupd_klif_arkmon.sys [238528 2018-11-09] (AO Kaspersky Lab)
R3 klupd_klif_kimul; C:\WINDOWS\System32\Drivers\klupd_klif_kimul.sys [100136 2018-11-09] (AO Kaspersky Lab)
R3 klupd_klif_klark; C:\WINDOWS\System32\Drivers\klupd_klif_klark.sys [289856 2018-11-09] (AO Kaspersky Lab)
R0 klupd_klif_klbg; C:\WINDOWS\System32\Drivers\klupd_klif_klbg.sys [110640 2018-11-09] (AO Kaspersky Lab)
R3 klupd_klif_mark; C:\WINDOWS\System32\Drivers\klupd_klif_mark.sys [193168 2018-11-09] (AO Kaspersky Lab)
R1 klwfp; C:\WINDOWS\system32\DRIVERS\klwfp.sys [93888 2018-04-13] (AO Kaspersky Lab)
R1 Klwtp; C:\WINDOWS\system32\DRIVERS\klwtp.sys [141000 2018-07-24] (AO Kaspersky Lab)
R1 kneps; C:\WINDOWS\system32\DRIVERS\kneps.sys [199392 2017-12-24] (AO Kaspersky Lab)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [198000 2018-12-07] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [260480 2018-12-07] (Malwarebytes)
S3 npcap; C:\WINDOWS\system32\DRIVERS\npcap.sys [81688 2018-03-03] (Insecure.Com LLC.)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_9db4450b8107f59a\nvlddmkm.sys [20420352 2018-12-01] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [31200 2018-05-20] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [67432 2018-03-15] (NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [74576 2018-11-03] (NVIDIA Corporation)
S3 RTCore64; C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [14024 2017-08-27] ()
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [33960 2015-07-23] (Synaptics Incorporated)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd.)
R1 VBoxNetLwf; C:\WINDOWS\system32\DRIVERS\VBoxNetLwf.sys [210680 2017-10-18] (Oracle Corporation)
R0 VMSNPXY; C:\WINDOWS\System32\drivers\VmsProxyHNic.sys [36768 2018-04-12] (Microsoft Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [46072 2018-05-03] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [313888 2018-05-03] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [61472 2018-05-03] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

#17
==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-12-09 18:50 - 2018-12-09 18:50 - 000051172 _____ C:\Users\Agustí\Desktop\FRST.txt
2018-12-09 18:49 - 2018-12-09 18:49 - 000000000 ____D C:\Users\Agustí\Desktop\FRST-OlderVersion
2018-12-09 18:48 - 2018-12-09 18:49 - 002417152 _____ (Farbar) C:\Users\Agustí\Desktop\FRST64.exe
2018-12-07 12:35 - 2018-12-09 18:43 - 000111152 ____N C:\WINDOWS\system32\Drivers\mwac.sys
2018-12-07 12:35 - 2018-12-07 12:35 - 000260480 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2018-12-07 12:35 - 2018-12-07 12:35 - 000119136 ____N C:\WINDOWS\system32\Drivers\farflt.sys
2018-12-07 12:35 - 2018-12-07 12:35 - 000063768 ____N C:\WINDOWS\system32\Drivers\mbam.sys
2018-12-07 11:54 - 2018-12-07 11:54 - 000255928 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\536493AE.sys
2018-12-07 11:53 - 2018-12-07 12:05 - 000254756 _____ C:\WINDOWS\ntbtlog.txt
2018-12-07 11:53 - 2018-12-07 11:53 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2018-12-07 11:42 - 2018-12-07 12:09 - 000000000 ____D C:\Users\Agustí\Desktop\mbar
2018-12-07 11:42 - 2018-12-07 12:04 - 000000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2018-12-07 11:42 - 2018-12-07 11:42 - 000255928 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\546477F3.sys
2018-12-07 11:38 - 2018-12-07 11:38 - 014178840 _____ (Malwarebytes Corp.) C:\Users\Agustí\Desktop\mbar-1.10.3.1001.exe
2018-12-07 11:37 - 2018-12-07 11:37 - 001802704 _____ (Bleeping Computer, LLC) C:\Users\Agustí\Desktop\iExplore.exe
2018-12-07 00:27 - 2018-12-07 00:27 - 000000000 ____D C:\Program Files (x86)\ESET
2018-12-07 00:21 - 2018-12-07 00:22 - 000315674 _____ C:\TDSSKiller.3.1.0.24_07.12.2018_00.21.14_log.txt
2018-12-06 12:29 - 2018-12-06 12:29 - 000000000 ____D C:\Users\Agustí\.android
2018-12-06 12:13 - 2018-12-06 12:13 - 000000000 ____D C:\Users\Agustí\AppData\Local\WonderShare
2018-12-06 11:52 - 2018-12-06 11:52 - 000000000 ____D C:\Users\Agustí\AppData\Roaming\MobileBackupForeverIni
2018-12-06 11:50 - 2018-12-07 00:13 - 000000000 ____D C:\Users\Agustí\AppData\Roaming\Wondershare
2018-12-06 11:50 - 2018-12-07 00:13 - 000000000 ____D C:\ProgramData\Wondershare
2018-12-06 11:50 - 2018-12-07 00:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare
2018-12-06 11:50 - 2018-12-07 00:13 - 000000000 ____D C:\Program Files (x86)\Wondershare
2018-12-06 11:50 - 2017-09-27 17:29 - 000000232 _____ C:\WINDOWS\SysWOW64\dllhost.exe.config
2018-12-06 00:33 - 2018-12-06 00:33 - 000047640 _____ C:\Users\Agustí\Documents\forospyware chrome.txt
2018-12-05 20:20 - 2018-12-05 20:20 - 007321808 _____ (Malwarebytes) C:\Users\Agustí\Desktop\adwcleaner_7.2.5.0 .exe
2018-12-05 20:01 - 2018-12-05 20:09 - 000000000 ____D C:\AdwCleaner
2018-12-05 20:00 - 2018-12-09 18:50 - 000000000 ____D C:\FRST
2018-12-05 19:35 - 2018-12-05 19:35 - 000002288 _____ C:\Users\Agustí\Documents\chrome.txt
2018-12-05 19:27 - 2018-12-07 11:40 - 000004056 _____ C:\Users\Agustí\Desktop\Rkill.txt
2018-12-05 19:18 - 2018-12-05 19:18 - 000000000 ____D C:\Users\Agustí\AppData\Local\Tempzxpsignde7765528432cebd
2018-12-05 19:18 - 2018-12-05 19:18 - 000000000 ____D C:\Users\Agustí\AppData\Local\Tempzxpsigna2d7f0015f6db24f
2018-12-05 19:18 - 2018-12-05 19:18 - 000000000 ____D C:\Users\Agustí\AppData\Local\Tempzxpsign578a4bb52f827912
2018-12-05 14:44 - 2018-12-07 11:53 - 000198000 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2018-12-05 13:41 - 2018-12-07 11:42 - 000000000 ____D C:\ProgramData\Malwarebytes
2018-12-05 13:41 - 2018-12-05 14:44 - 000152688 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2018-12-05 13:41 - 2018-12-05 13:41 - 000001912 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2018-12-05 13:41 - 2018-12-05 13:41 - 000000000 ____D C:\Users\Agustí\AppData\Local\mbamtray
2018-12-05 13:41 - 2018-12-05 13:41 - 000000000 ____D C:\Users\Agustí\AppData\Local\mbam
2018-12-05 13:41 - 2018-12-05 13:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2018-12-05 13:41 - 2018-12-05 13:41 - 000000000 ____D C:\Program Files\Malwarebytes
2018-12-04 21:18 - 2018-03-29 11:00 - 000002758 _____ C:\WINDOWS\system32\Drivers\etc\hosts.20181204-211840.backup
2018-12-04 21:14 - 2018-11-29 17:19 - 000132976 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2018-12-04 21:12 - 2018-12-04 21:12 - 000001464 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2018-12-04 21:12 - 2018-12-04 21:12 - 000001452 _____ C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2018-12-04 21:12 - 2018-12-04 21:12 - 000000000 ____D C:\WINDOWS\System32\Tasks\Safer-Networking
2018-12-04 21:12 - 2018-12-04 21:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2018-12-04 21:11 - 2018-12-07 12:35 - 000000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2018-12-04 21:11 - 2018-12-05 13:29 - 000000000 ____D C:\ProgramData\Spybot - Search & Destroy
2018-12-04 21:11 - 2018-12-01 05:59 - 000978336 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2018-12-04 21:11 - 2018-12-01 05:59 - 000978336 _____ C:\WINDOWS\system32\vulkan-1.dll
2018-12-04 21:11 - 2018-12-01 05:59 - 000845216 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2018-12-04 21:11 - 2018-12-01 05:59 - 000845216 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2018-12-04 21:11 - 2018-12-01 05:59 - 000552416 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2018-12-04 21:11 - 2018-12-01 05:59 - 000456832 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2018-12-04 21:11 - 2018-12-01 05:59 - 000268192 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2018-12-04 21:11 - 2018-12-01 05:59 - 000268192 _____ C:\WINDOWS\system32\vulkaninfo.exe
2018-12-04 21:11 - 2018-12-01 05:59 - 000243616 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2018-12-04 21:11 - 2018-12-01 05:59 - 000243616 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2018-12-04 21:11 - 2018-12-01 05:56 - 002018080 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6441722.dll
2018-12-04 21:11 - 2018-12-01 05:56 - 002003856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2018-12-04 21:11 - 2018-12-01 05:56 - 001511880 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2018-12-04 21:11 - 2018-12-01 05:56 - 001468032 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6441722.dll
2018-12-04 21:11 - 2018-12-01 05:56 - 001461016 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2018-12-04 21:11 - 2018-12-01 05:56 - 001126688 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2018-12-04 21:11 - 2018-12-01 05:56 - 000631688 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2018-12-04 21:11 - 2018-12-01 05:56 - 000521472 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2018-12-04 21:11 - 2018-12-01 05:55 - 040260352 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2018-12-04 21:11 - 2018-12-01 05:55 - 035156424 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2018-12-04 21:11 - 2018-12-01 05:55 - 015909720 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2018-12-04 21:11 - 2018-12-01 05:55 - 013204104 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2018-12-04 21:11 - 2018-12-01 05:55 - 004946016 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2018-12-04 21:11 - 2018-12-01 05:55 - 004316440 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2018-12-04 21:11 - 2018-12-01 05:55 - 000750472 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvDecMFTMjpeg.dll
2018-12-04 21:11 - 2018-12-01 05:55 - 000608864 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvDecMFTMjpeg.dll
2018-12-04 21:11 - 2018-12-01 05:54 - 019714064 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2018-12-04 21:11 - 2018-12-01 05:54 - 016989840 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2018-12-04 21:11 - 2018-12-01 05:54 - 004258384 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2018-12-04 21:11 - 2018-12-01 05:54 - 001462216 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
2018-12-04 21:11 - 2018-12-01 05:54 - 001167600 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2018-12-04 21:11 - 2018-12-01 05:54 - 001145736 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
2018-12-04 21:11 - 2018-12-01 05:54 - 000914592 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2018-12-04 21:11 - 2018-12-01 05:54 - 000794824 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2018-12-04 21:11 - 2018-12-01 05:54 - 000637672 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2018-12-04 21:11 - 2018-02-06 19:04 - 000032168 _____ (Safer-Networking Ltd.) C:\WINDOWS\system32\sdnclean64.exe
2018-12-02 20:12 - 2018-12-02 20:12 - 000000000 ____D C:\Users\Agustí\AppData\Local\Tempzxpsignee61359d6ac9ff62
2018-12-02 20:11 - 2018-12-02 20:11 - 000000000 ____D C:\Users\Agustí\AppData\Local\Tempzxpsign41e32165fca50436
2018-12-02 18:59 - 2018-12-02 18:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2018-12-01 00:27 - 2018-12-01 00:27 - 000000000 ____D C:\Users\Agustí\AppData\Local\Tempzxpsign752a1bfe4ef04795
2018-12-01 00:27 - 2018-12-01 00:27 - 000000000 ____D C:\Users\Agustí\AppData\Local\Tempzxpsign4fed4b5783bc0378
2018-11-30 23:27 - 2018-12-01 00:17 - 000000000 ____D C:\Users\Agustí\Desktop\LUX 20181130
2018-11-28 18:50 - 2018-11-28 18:50 - 000000000 ____D C:\Users\Agustí\AppData\Local\Tempzxpsign7ef9f66eb5b48b05
2018-11-28 18:49 - 2018-11-28 18:49 - 000000000 ____D C:\Users\Agustí\AppData\Local\Tempzxpsignc2bfa31c721ee1c7
2018-11-28 18:48 - 2018-11-28 18:48 - 000000000 ____D C:\Users\Agustí\AppData\Local\Tempzxpsign1cab6dc67b69ba9a
2018-11-28 14:09 - 2018-11-28 14:09 - 000051024 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2018-11-28 14:09 - 2018-11-28 14:09 - 000047792 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2018-11-28 14:09 - 2018-11-28 14:09 - 000047792 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2018-11-28 14:09 - 2018-11-28 14:09 - 000045752 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2018-11-28 12:02 - 2018-11-28 12:02 - 000000000 ____D C:\Users\Agustí\AppData\Local\Tempzxpsign82199202a6913034
2018-11-28 12:01 - 2018-11-28 12:01 - 000000000 ____D C:\Users\Agustí\AppData\Local\Tempzxpsign630628f6f782907f
2018-11-28 12:00 - 2018-07-31 12:53 - 000000000 ____D C:\megatools-1.10.2-win64
2018-11-27 19:31 - 2018-11-27 19:31 - 000000000 ____D C:\Users\Agustí\Documents\IEFC
2018-11-27 19:23 - 2018-11-16 16:41 - 002017536 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6441701.dll
2018-11-27 19:23 - 2018-11-16 16:41 - 001468192 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6441701.dll
2018-11-26 23:30 - 2018-11-26 23:30 - 000000000 ____D C:\Users\Agustí\AppData\Local\OneDrive
2018-11-26 23:23 - 2018-11-26 23:23 - 000000000 ____D C:\Users\Agustí\Documents\MEGAsync
2018-11-26 23:20 - 2018-12-07 00:12 - 000000000 ____D C:\WINDOWS\System32\Tasks\MEGA
2018-11-25 22:02 - 2018-11-25 22:02 - 000000000 ____D C:\Users\Agustí\AppData\Local\Tempzxpsign580d889bbf87f7b2
2018-11-25 22:01 - 2018-11-25 22:01 - 000000000 ____D C:\Users\Agustí\AppData\Local\Tempzxpsigne726a51882177d51
2018-11-25 21:17 - 2018-11-25 21:17 - 000000000 ____D C:\Users\Agustí\AppData\Local\Tempzxpsign70afce8e33161f44
2018-11-25 21:13 - 2018-11-25 21:13 - 000000000 ____D C:\Users\Agustí\AppData\Local\Tempzxpsign696492c4baf5af10
2018-11-25 21:10 - 2018-11-25 21:10 - 000000000 ____D C:\Users\Agustí\AppData\Local\Tempzxpsignf1f826b3505935b3
2018-11-25 21:10 - 2018-11-25 21:10 - 000000000 ____D C:\Users\Agustí\AppData\Local\Tempzxpsign65ceb02cbd178928
2018-11-25 21:10 - 2018-11-25 21:10 - 000000000 ____D C:\Users\Agustí\AppData\Local\Tempzxpsign34d6117d8c64a1fe
2018-11-18 21:02 - 2018-11-18 21:02 - 000000000 ____D C:\Users\Agustí\AppData\Local\Tempzxpsign8719b5ba42ee4b01
2018-11-18 21:01 - 2018-11-18 21:01 - 000000000 ____D C:\Users\Agustí\AppData\Local\Tempzxpsign8fc038431637541b
2018-11-15 17:39 - 2018-11-13 20:03 - 002017736 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6441694.dll
2018-11-15 17:39 - 2018-11-13 20:03 - 001468032 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6441694.dll
2018-11-15 16:20 - 2018-11-15 16:20 - 000000000 ____D C:\Users\Agustí\AppData\Local\Tempzxpsign6d513913aae5c62a
2018-11-15 16:20 - 2018-11-15 16:20 - 000000000 ____D C:\Users\Agustí\AppData\Local\Tempzxpsign1fb79c78858df04a
2018-11-14 15:39 - 2018-11-01 12:49 - 000348160 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2018-11-14 15:39 - 2018-11-01 12:46 - 002394960 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVCORE.DLL
2018-11-14 15:39 - 2018-11-01 12:45 - 004527776 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2018-11-14 15:39 - 2018-11-01 12:45 - 001617320 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2018-11-14 15:39 - 2018-11-01 12:45 - 001376672 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2018-11-14 15:39 - 2018-11-01 12:32 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2018-11-14 15:39 - 2018-11-01 12:31 - 006602240 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2018-11-14 15:39 - 2018-11-01 12:30 - 000122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2018-11-14 15:39 - 2018-11-01 12:30 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\msisip.dll
2018-11-14 15:39 - 2018-11-01 12:29 - 012710400 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2018-11-14 15:39 - 2018-11-01 12:29 - 000073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\SMSRouter.dll
2018-11-14 15:39 - 2018-11-01 12:28 - 004491264 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2018-11-14 15:39 - 2018-11-01 12:28 - 003649024 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2018-11-14 15:39 - 2018-11-01 12:28 - 000253952 _____ (Microsoft Corporation) C:\WINDOWS\system32\prnntfy.dll
2018-11-14 15:39 - 2018-11-01 12:27 - 001121792 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2018-11-14 15:39 - 2018-11-01 12:27 - 000878592 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2018-11-14 15:39 - 2018-11-01 12:26 - 001364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2018-11-14 15:39 - 2018-11-01 12:26 - 000503296 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2018-11-14 15:39 - 2018-11-01 12:26 - 000463872 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpshell.exe
2018-11-14 15:39 - 2018-11-01 12:26 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2018-11-14 15:39 - 2018-11-01 12:26 - 000327168 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpinit.exe
2018-11-14 15:39 - 2018-11-01 12:25 - 000577024 _____ (Microsoft Corporation) C:\WINDOWS\system32\SppExtComObj.Exe
2018-11-14 15:39 - 2018-11-01 11:09 - 001027000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2018-11-14 15:39 - 2018-11-01 10:59 - 005669888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2018-11-14 15:39 - 2018-11-01 10:56 - 011902464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2018-11-14 15:39 - 2018-11-01 10:56 - 000226304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\prnntfy.dll
2018-11-14 15:39 - 2018-11-01 10:56 - 000024576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msisip.dll
2018-11-14 15:39 - 2018-11-01 10:54 - 003397632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2018-11-14 15:39 - 2018-11-01 10:54 - 000344576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2018-11-14 15:39 - 2018-11-01 10:53 - 000908288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSWorkspace.dll
2018-11-14 15:39 - 2018-11-01 10:52 - 002892800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2018-11-14 15:39 - 2018-11-01 10:15 - 023861760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2018-11-14 15:39 - 2018-11-01 10:13 - 019525120 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2018-11-14 15:39 - 2018-11-01 08:39 - 001035256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2018-11-14 15:39 - 2018-11-01 08:38 - 000269336 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave_secure.dll
2018-11-14 15:39 - 2018-11-01 08:37 - 000272408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave.dll
2018-11-14 15:39 - 2018-11-01 08:28 - 001221432 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2018-11-14 15:39 - 2018-11-01 08:28 - 001062712 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2018-11-14 15:39 - 2018-11-01 08:28 - 001029944 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2018-11-14 15:39 - 2018-11-01 08:28 - 000566568 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2018-11-14 15:39 - 2018-11-01 08:28 - 000134968 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2018-11-14 15:39 - 2018-11-01 08:28 - 000076088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2018-11-14 15:39 - 2018-11-01 08:27 - 001017152 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2adec.dll
2018-11-14 15:39 - 2018-11-01 08:27 - 000491200 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2018-11-14 15:39 - 2018-11-01 08:26 - 007432120 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2018-11-14 15:39 - 2018-11-01 08:26 - 003291640 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2018-11-14 15:39 - 2018-11-01 08:26 - 003180080 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2018-11-14 15:39 - 2018-11-01 08:26 - 001363536 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2018-11-14 15:39 - 2018-11-01 08:25 - 009089848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2018-11-14 15:39 - 2018-11-01 08:25 - 007520088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2018-11-14 15:39 - 2018-11-01 08:25 - 004404912 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2018-11-14 15:39 - 2018-11-01 08:25 - 002822456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2018-11-14 15:39 - 2018-11-01 08:25 - 002571320 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2018-11-14 15:39 - 2018-11-01 08:25 - 002371296 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2018-11-14 15:39 - 2018-11-01 08:25 - 001934808 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2018-11-14 15:39 - 2018-11-01 08:25 - 001784680 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2018-11-14 15:39 - 2018-11-01 08:25 - 001456728 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2018-11-14 15:39 - 2018-11-01 08:25 - 001288920 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2018-11-14 15:39 - 2018-11-01 08:25 - 001257880 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2018-11-14 15:39 - 2018-11-01 08:25 - 001209888 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2018-11-14 15:39 - 2018-11-01 08:25 - 001190248 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2018-11-14 15:39 - 2018-11-01 08:25 - 001140672 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2018-11-14 15:39 - 2018-11-01 08:25 - 000982592 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2018-11-14 15:39 - 2018-11-01 08:25 - 000885968 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2018-11-14 15:39 - 2018-11-01 08:25 - 000793080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2018-11-14 15:39 - 2018-11-01 08:25 - 000713472 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2018-11-14 15:39 - 2018-11-01 08:25 - 000594224 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2018-11-14 15:39 - 2018-11-01 08:25 - 000463672 _____ (Microsoft Corporation) C:\WINDOWS\system32\coml2.dll
2018-11-14 15:39 - 2018-11-01 08:25 - 000413720 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2018-11-14 15:39 - 2018-11-01 08:25 - 000412984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2018-11-14 15:39 - 2018-11-01 08:25 - 000375824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msrpc.sys
2018-11-14 15:39 - 2018-11-01 08:25 - 000268088 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2018-11-14 15:39 - 2018-11-01 08:25 - 000261000 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2018-11-14 15:39 - 2018-11-01 08:09 - 025855488 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2018-11-14 15:39 - 2018-11-01 08:03 - 003397120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2018-11-14 15:39 - 2018-11-01 08:03 - 000091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\VsGraphicsProxyStub.dll
2018-11-14 15:39 - 2018-11-01 08:03 - 000034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmtask.exe
2018-11-14 15:39 - 2018-11-01 08:02 - 000047104 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmapi.dll
2018-11-14 15:39 - 2018-11-01 08:02 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\CSystemEventsBrokerClient.dll
2018-11-14 15:39 - 2018-11-01 08:01 - 022716416 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2018-11-14 15:39 - 2018-11-01 08:01 - 009084928 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2018-11-14 15:39 - 2018-11-01 08:01 - 007057408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2018-11-14 15:39 - 2018-11-01 08:00 - 008189440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2018-11-14 15:39 - 2018-11-01 08:00 - 006031360 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2018-11-14 15:39 - 2018-11-01 08:00 - 003392000 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2018-11-14 15:39 - 2018-11-01 08:00 - 000433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2018-11-14 15:39 - 2018-11-01 08:00 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2018-11-14 15:39 - 2018-11-01 07:59 - 000322048 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2018-11-14 15:39 - 2018-11-01 07:59 - 000241152 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
2018-11-14 15:39 - 2018-11-01 07:59 - 000192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrrun.dll
2018-11-14 15:39 - 2018-11-01 07:59 - 000176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WPTaskScheduler.dll
2018-11-14 15:39 - 2018-11-01 07:59 - 000107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\dab.dll
2018-11-14 15:39 - 2018-11-01 07:58 - 007573504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2018-11-14 15:39 - 2018-11-01 07:58 - 004867072 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2018-11-14 15:39 - 2018-11-01 07:58 - 004383744 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2018-11-14 15:39 - 2018-11-01 07:58 - 000530432 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2018-11-14 15:39 - 2018-11-01 07:58 - 000273408 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2018-11-14 15:39 - 2018-11-01 07:58 - 000154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2018-11-14 15:39 - 2018-11-01 07:58 - 000149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2018-11-14 15:39 - 2018-11-01 07:57 - 005746688 _____ (Microsoft Corporation) C:\WINDOWS\system32\VsGraphicsDesktopEngine.exe
2018-11-14 15:39 - 2018-11-01 07:57 - 003381248 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapRouter.dll
2018-11-14 15:39 - 2018-11-01 07:57 - 002825728 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapGeocoder.dll
2018-11-14 15:39 - 2018-11-01 07:57 - 002364928 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpcServices.dll
2018-11-14 15:39 - 2018-11-01 07:57 - 001804288 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2018-11-14 15:39 - 2018-11-01 07:57 - 001708544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSPhotography.dll
2018-11-14 15:39 - 2018-11-01 07:57 - 000898560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2018-11-14 15:39 - 2018-11-01 07:57 - 000894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2018-11-14 15:39 - 2018-11-01 07:57 - 000835584 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneService.dll
2018-11-14 15:39 - 2018-11-01 07:57 - 000808448 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2018-11-14 15:39 - 2018-11-01 07:57 - 000726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2018-11-14 15:39 - 2018-11-01 07:57 - 000356352 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmsvc.dll
2018-11-14 15:39 - 2018-11-01 07:57 - 000281600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2018-11-14 15:39 - 2018-11-01 07:57 - 000265728 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2018-11-14 15:39 - 2018-11-01 07:56 - 002929664 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsservices.dll
2018-11-14 15:39 - 2018-11-01 07:56 - 002172928 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2018-11-14 15:39 - 2018-11-01 07:56 - 001768448 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2018-11-14 15:39 - 2018-11-01 07:56 - 001395200 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2018-11-14 15:39 - 2018-11-01 07:56 - 000506880 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofmsvc.dll
2018-11-14 15:39 - 2018-11-01 07:55 - 002738688 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2018-11-14 15:39 - 2018-11-01 07:55 - 001058304 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2018-11-14 15:39 - 2018-11-01 07:55 - 000684544 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2018-11-14 15:39 - 2018-11-01 07:54 - 001679360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2018-11-14 15:39 - 2018-11-01 07:54 - 001551360 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2018-11-14 15:39 - 2018-11-01 07:54 - 001264640 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2018-11-14 15:39 - 2018-11-01 07:54 - 001225216 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2018-11-14 15:39 - 2018-11-01 07:54 - 001023488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2018-11-14 15:39 - 2018-11-01 07:54 - 000943616 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingOnlineServices.dll
2018-11-14 15:39 - 2018-11-01 07:54 - 000916480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2018-11-14 15:39 - 2018-11-01 07:54 - 000895488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2018-11-14 15:39 - 2018-11-01 07:54 - 000884736 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2018-11-14 15:39 - 2018-11-01 07:54 - 000796672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2018-11-14 15:39 - 2018-11-01 07:54 - 000606208 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2018-11-14 15:39 - 2018-11-01 07:53 - 002248192 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2018-11-14 15:39 - 2018-11-01 07:53 - 001373696 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2018-11-14 15:39 - 2018-11-01 07:53 - 001159680 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2018-11-14 15:39 - 2018-11-01 07:53 - 000889344 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2018-11-14 15:39 - 2018-11-01 07:53 - 000542208 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2018-11-14 15:39 - 2018-11-01 07:53 - 000406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2018-11-14 15:39 - 2018-11-01 06:39 - 000001310 _____ C:\WINDOWS\system32\tcbres.wim
2018-11-14 15:39 - 2018-11-01 06:08 - 002417952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2018-11-14 15:39 - 2018-11-01 05:50 - 000861712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2adec.dll
2018-11-14 15:39 - 2018-11-01 05:50 - 000786288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2018-11-14 15:39 - 2018-11-01 05:48 - 006039064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2018-11-14 15:39 - 2018-11-01 05:48 - 004790184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2018-11-14 15:39 - 2018-11-01 05:48 - 002478872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2018-11-14 15:39 - 2018-11-01 05:48 - 002331480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2018-11-14 15:39 - 2018-11-01 05:48 - 001805656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2018-11-14 15:39 - 2018-11-01 05:48 - 001011872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2018-11-14 15:39 - 2018-11-01 05:48 - 000880248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2018-11-14 15:39 - 2018-11-01 05:48 - 000384520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\coml2.dll
2018-11-14 15:39 - 2018-11-01 05:47 - 006570368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2018-11-14 15:39 - 2018-11-01 05:47 - 001980776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2018-11-14 15:39 - 2018-11-01 05:47 - 001379792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2018-11-14 15:39 - 2018-11-01 05:47 - 001020064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2018-11-14 15:39 - 2018-11-01 05:47 - 000581600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
2018-11-14 15:39 - 2018-11-01 05:47 - 000567256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2018-11-14 15:39 - 2018-11-01 05:47 - 000129304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2018-11-14 15:39 - 2018-11-01 05:40 - 022015488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2018-11-14 15:39 - 2018-11-01 05:35 - 019403776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2018-11-14 15:39 - 2018-11-01 05:34 - 002700288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2018-11-14 15:39 - 2018-11-01 05:33 - 006661632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2018-11-14 15:39 - 2018-11-01 05:33 - 003711488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2018-11-14 15:39 - 2018-11-01 05:32 - 006647296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2018-11-14 15:39 - 2018-11-01 05:31 - 005307904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2018-11-14 15:39 - 2018-11-01 05:31 - 000288768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2018-11-14 15:39 - 2018-11-01 05:30 - 005883904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2018-11-14 15:39 - 2018-11-01 05:30 - 005775872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2018-11-14 15:39 - 2018-11-01 05:30 - 002449408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapRouter.dll
2018-11-14 15:39 - 2018-11-01 05:30 - 001361408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSPhotography.dll
2018-11-14 15:39 - 2018-11-01 05:30 - 000561152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2018-11-14 15:39 - 2018-11-01 05:30 - 000392704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2018-11-14 15:39 - 2018-11-01 05:30 - 000310272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2018-11-14 15:39 - 2018-11-01 05:29 - 004529664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VsGraphicsDesktopEngine.exe
2018-11-14 15:39 - 2018-11-01 05:29 - 002258944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2018-11-14 15:39 - 2018-11-01 05:29 - 001986560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapGeocoder.dll
2018-11-14 15:39 - 2018-11-01 05:29 - 001862656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsservices.dll
2018-11-14 15:39 - 2018-11-01 05:29 - 000848384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
2018-11-14 15:39 - 2018-11-01 05:29 - 000608768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2018-11-14 15:39 - 2018-11-01 05:29 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2018-11-14 15:39 - 2018-11-01 05:29 - 000165376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrrun.dll
2018-11-14 15:39 - 2018-11-01 05:28 - 001348096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpcServices.dll
2018-11-14 15:39 - 2018-11-01 05:28 - 001000448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2018-11-14 15:39 - 2018-11-01 05:28 - 000978944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2018-11-14 15:39 - 2018-11-01 05:27 - 001627648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2018-11-14 15:39 - 2018-11-01 05:27 - 000856576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2018-11-14 15:39 - 2018-11-01 05:27 - 000713216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingOnlineServices.dll
2018-11-14 15:39 - 2018-11-01 05:27 - 000678400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2018-11-14 15:39 - 2018-11-01 05:27 - 000534016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2018-11-14 15:39 - 2018-11-01 05:26 - 000795648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.OnlineId.dll
2018-11-14 15:39 - 2018-11-01 05:26 - 000735744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2018-11-14 15:39 - 2018-11-01 05:26 - 000345088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2018-11-13 19:21 - 2018-11-13 19:21 - 003672297 _____ C:\Users\Agustí\Documents\Filtros2.pdf
2018-11-13 19:17 - 2018-11-13 19:17 - 000000000 ____D C:\Users\Agustí\AppData\Local\Tempzxpsigna08d809f896ffd37
2018-11-13 19:16 - 2018-11-13 19:16 - 000000000 ____D C:\Users\Agustí\AppData\Local\Tempzxpsignefafcd5f8282483b
2018-11-13 19:16 - 2018-11-13 19:16 - 000000000 ____D C:\Users\Agustí\AppData\Local\Tempzxpsigndc1db486e844e7fa
2018-11-13 19:16 - 2018-11-13 19:16 - 000000000 ____D C:\Users\Agustí\AppData\Local\Tempzxpsignc1a80f666d3b9348
2018-11-13 19:16 - 2018-11-13 19:16 - 000000000 ____D C:\Users\Agustí\AppData\Local\Tempzxpsign96ab83f978a9fe97
2018-11-13 19:11 - 2018-11-13 19:11 - 000001104 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++.lnk
2018-11-13 17:35 - 2018-11-13 17:35 - 000000000 ____D C:\Users\Agustí\AppData\Local\Tempzxpsignddf7f62b4b6f7013
2018-11-13 17:28 - 2018-11-13 17:28 - 000000000 ____D C:\Users\Agustí\AppData\Local\Tempzxpsign2a1482d87250c455
2018-11-13 17:27 - 2018-11-13 17:27 - 000000000 ____D C:\Users\Agustí\AppData\Local\Tempzxpsign482efda9a4eb5bd9
2018-11-13 17:26 - 2018-12-02 19:02 - 000000000 ____D C:\Users\Agustí\Documents\CONTRATO EPSON 20181113
2018-11-12 15:00 - 2018-11-12 15:00 - 000000000 ____D C:\Users\Agustí\AppData\Local\Tempzxpsignb389788ea5356775
2018-11-12 15:00 - 2018-11-12 15:00 - 000000000 ____D C:\Users\Agustí\AppData\Local\Tempzxpsign47fd68e4a1ba9ffa
2018-11-11 20:50 - 2018-11-14 20:55 - 000000000 ____D C:\Users\Agustí\Documents\Cristina
2018-11-10 01:06 - 2018-10-21 14:04 - 002267448 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystems64.dll
2018-11-10 01:06 - 2018-10-21 14:00 - 021386368 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2018-11-10 01:06 - 2018-10-21 14:00 - 001639560 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2018-11-10 01:06 - 2018-10-21 14:00 - 001516120 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2018-11-10 01:06 - 2018-10-21 14:00 - 000790416 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2018-11-10 01:06 - 2018-10-21 13:46 - 013572096 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2018-11-10 01:06 - 2018-10-21 13:46 - 004393472 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2018-11-10 01:06 - 2018-10-21 13:42 - 001127936 _____ (Microsoft Corporation) C:\WINDOWS\system32\nettrace.dll
2018-11-10 01:06 - 2018-10-21 13:41 - 001180672 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2018-11-10 01:06 - 2018-10-21 12:41 - 001540408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppVEntSubsystems32.dll
2018-11-10 01:06 - 2018-10-21 12:38 - 001322376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2018-11-10 01:06 - 2018-10-21 12:37 - 020381808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2018-11-10 01:06 - 2018-10-21 12:37 - 001626656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2018-11-10 01:06 - 2018-10-21 12:28 - 012501504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2018-11-10 01:06 - 2018-10-21 08:48 - 005602456 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2018-11-10 01:06 - 2018-10-21 08:46 - 000717112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_StorageSense.dll
2018-11-10 01:06 - 2018-10-21 08:46 - 000611640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2018-11-10 01:06 - 2018-10-21 08:45 - 003283512 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll
2018-11-10 01:06 - 2018-10-21 08:45 - 002719032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2018-11-10 01:06 - 2018-10-21 08:45 - 001946208 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2018-11-10 01:06 - 2018-10-21 08:45 - 001098064 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2018-11-10 01:06 - 2018-10-21 08:45 - 000607136 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2018-11-10 01:06 - 2018-10-21 08:28 - 016592384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2018-11-10 01:06 - 2018-10-21 08:22 - 004710912 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2018-11-10 01:06 - 2018-10-21 08:21 - 001589248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2018-11-10 01:06 - 2018-10-21 08:19 - 002487088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2018-11-10 01:06 - 2018-10-21 08:19 - 001620776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2018-11-10 01:06 - 2018-10-21 08:19 - 000505616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2018-11-10 01:06 - 2018-10-21 08:17 - 001826816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
2018-11-10 01:06 - 2018-10-21 08:17 - 001668096 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdprt.dll
2018-11-10 01:06 - 2018-10-21 08:17 - 000625152 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2018-11-10 01:06 - 2018-10-21 08:17 - 000311296 _____ (Microsoft Corporation) C:\WINDOWS\system32\BthAvrcp.dll
2018-11-10 01:06 - 2018-10-21 08:16 - 002584576 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2018-11-10 01:06 - 2018-10-21 08:16 - 002368512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2018-11-10 01:06 - 2018-10-21 08:16 - 000847360 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2018-11-10 01:06 - 2018-10-21 08:15 - 003212800 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2018-11-10 01:06 - 2018-10-21 08:15 - 002904064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2018-11-10 01:06 - 2018-10-21 08:15 - 000743936 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintRenderAPIHost.DLL
2018-11-10 01:06 - 2018-10-21 08:14 - 002224640 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2018-11-10 01:06 - 2018-10-21 08:14 - 001919488 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2018-11-10 01:06 - 2018-10-21 08:14 - 001854976 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2018-11-10 01:06 - 2018-10-21 08:14 - 001034752 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2018-11-10 01:06 - 2018-10-21 08:09 - 013873664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2018-11-10 01:06 - 2018-10-21 08:02 - 002966528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2018-11-10 01:06 - 2018-10-21 07:57 - 002611200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2018-11-10 01:05 - 2018-10-21 14:00 - 000396304 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2018-11-10 01:05 - 2018-10-21 13:59 - 000766480 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingWinRT.dll
2018-11-10 01:05 - 2018-10-21 13:59 - 000236728 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeManagerObj.dll
2018-11-10 01:05 - 2018-10-21 13:45 - 000123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2018-11-10 01:05 - 2018-10-21 13:44 - 000623104 _____ (Microsoft Corporation) C:\WINDOWS\system32\osk.exe
2018-11-10 01:05 - 2018-10-21 13:44 - 000085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\INETRES.dll
2018-11-10 01:05 - 2018-10-21 13:43 - 000345600 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcGenral.dll
2018-11-10 01:05 - 2018-10-21 13:43 - 000276992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wisp.dll
2018-11-10 01:05 - 2018-10-21 13:43 - 000182784 _____ (Microsoft Corporation) C:\WINDOWS\system32\LanguageComponentsInstaller.dll
2018-11-10 01:05 - 2018-10-21 13:42 - 000765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2018-11-10 01:05 - 2018-10-21 13:42 - 000592896 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserLanguagesCpl.dll
2018-11-10 01:05 - 2018-10-21 13:42 - 000181248 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeHelper.dll
2018-11-10 01:05 - 2018-10-21 12:41 - 000023056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hvsicontainerservice.dll
2018-11-10 01:05 - 2018-10-21 12:38 - 000662312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2018-11-10 01:05 - 2018-10-21 12:38 - 000660480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicensingWinRT.dll
2018-11-10 01:05 - 2018-10-21 12:38 - 000221216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditionUpgradeManagerObj.dll
2018-11-10 01:05 - 2018-10-21 12:28 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\INETRES.dll
2018-11-10 01:05 - 2018-10-21 12:23 - 000622080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll
2018-11-10 01:05 - 2018-10-21 12:23 - 000523264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserLanguagesCpl.dll
2018-11-10 01:05 - 2018-10-21 12:22 - 002405888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcGenral.dll
2018-11-10 01:05 - 2018-10-21 12:22 - 000224256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wisp.dll
2018-11-10 01:05 - 2018-10-21 10:29 - 001008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MixedRealityCapture.dll
2018-11-10 01:05 - 2018-10-21 09:44 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MixedRealityCapture.dll
2018-11-10 01:05 - 2018-10-21 08:47 - 000368440 _____ (Microsoft Corporation) C:\WINDOWS\system32\thumbcache.dll
2018-11-10 01:05 - 2018-10-21 08:46 - 000709936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2018-11-10 01:05 - 2018-10-21 08:46 - 000560136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2018-11-10 01:05 - 2018-10-21 08:46 - 000497864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Enumeration.dll
2018-11-10 01:05 - 2018-10-21 08:46 - 000171024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2018-11-10 01:05 - 2018-10-21 08:45 - 000185120 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspicli.dll
2018-11-10 01:05 - 2018-10-21 08:45 - 000175624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spacedump.sys
2018-11-10 01:05 - 2018-10-21 08:45 - 000139792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecdd.sys
2018-11-10 01:05 - 2018-10-21 08:45 - 000058088 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsass.exe
2018-11-10 01:05 - 2018-10-21 08:21 - 000123424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sspicli.dll
2018-11-10 01:05 - 2018-10-21 08:20 - 000760320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Wnv.sys
2018-11-10 01:05 - 2018-10-21 08:20 - 000424000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Enumeration.dll
2018-11-10 01:05 - 2018-10-21 08:20 - 000295224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\thumbcache.dll
2018-11-10 01:05 - 2018-10-21 08:20 - 000161792 _____ (Microsoft Corporation) C:\WINDOWS\system32\spacebridge.dll
2018-11-10 01:05 - 2018-10-21 08:20 - 000141312 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2018-11-10 01:05 - 2018-10-21 08:20 - 000050688 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcimage.dll
2018-11-10 01:05 - 2018-10-21 08:19 - 001130768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2018-11-10 01:05 - 2018-10-21 08:19 - 000514560 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe
2018-11-10 01:05 - 2018-10-21 08:19 - 000463360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2018-11-10 01:05 - 2018-10-21 08:19 - 000409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2018-11-10 01:05 - 2018-10-21 08:19 - 000228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winnat.sys
2018-11-10 01:05 - 2018-10-21 08:19 - 000228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Diagnostics.dll
2018-11-10 01:05 - 2018-10-21 08:19 - 000137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2018-11-10 01:05 - 2018-10-21 08:19 - 000112128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthhfenum.sys
2018-11-10 01:05 - 2018-10-21 08:19 - 000086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ofdeploy.exe
2018-11-10 01:05 - 2018-10-21 08:19 - 000060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\BthAvrcpAppSvc.dll
2018-11-10 01:05 - 2018-10-21 08:19 - 000036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhf.sys
2018-11-10 01:05 - 2018-10-21 08:19 - 000028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspisrv.dll
2018-11-10 01:05 - 2018-10-21 08:18 - 000761344 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2018-11-10 01:05 - 2018-10-21 08:18 - 000461824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Activities.dll
2018-11-10 01:05 - 2018-10-21 08:18 - 000395264 _____ (Microsoft Corporation) C:\WINDOWS\system32\BthAvctpSvc.dll
2018-11-10 01:05 - 2018-10-21 08:18 - 000275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\scecli.dll
2018-11-10 01:05 - 2018-10-21 08:18 - 000274432 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAFWSD.dll
2018-11-10 01:05 - 2018-10-21 08:18 - 000130048 _____ (Microsoft Corporation) C:\WINDOWS\system32\officecsp.dll
2018-11-10 01:05 - 2018-10-21 08:18 - 000030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\seclogon.dll
2018-11-10 01:05 - 2018-10-21 08:17 - 000787456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2018-11-10 01:05 - 2018-10-21 08:17 - 000473600 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2018-11-10 01:05 - 2018-10-21 08:17 - 000271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafBth.dll
2018-11-10 01:05 - 2018-10-21 08:16 - 001535488 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2018-11-10 01:05 - 2018-10-21 08:16 - 000514048 _____ (Microsoft Corporation) C:\WINDOWS\system32\BTAGService.dll
2018-11-10 01:05 - 2018-10-21 08:16 - 000323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2018-11-10 01:05 - 2018-10-21 08:15 - 000401920 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2018-11-10 01:05 - 2018-10-21 08:14 - 000932352 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2018-11-10 01:05 - 2018-10-21 08:14 - 000632320 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpsvc.dll
2018-11-10 01:05 - 2018-10-21 08:14 - 000453632 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpusersvc.dll
2018-11-10 01:05 - 2018-10-21 08:14 - 000311296 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
2018-11-10 01:05 - 2018-10-21 08:02 - 000157184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spacebridge.dll
2018-11-10 01:05 - 2018-10-21 08:01 - 001189376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2018-11-10 01:05 - 2018-10-21 08:01 - 000168448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Diagnostics.dll
2018-11-10 01:05 - 2018-10-21 08:00 - 000214528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scecli.dll
2018-11-10 01:05 - 2018-10-21 07:59 - 000602112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2018-11-10 01:05 - 2018-10-21 07:58 - 001124352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdprt.dll
2018-11-10 01:05 - 2018-10-21 07:58 - 000415744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2018-11-10 01:05 - 2018-10-21 07:58 - 000230912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2018-11-10 01:05 - 2018-10-21 06:59 - 000806320 _____ C:\WINDOWS\SysWOW64\locale.nls
2018-11-10 01:05 - 2018-10-21 06:59 - 000806320 _____ C:\WINDOWS\system32\locale.nls
2018-11-10 01:05 - 2018-04-28 05:02 - 000144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2018-11-10 01:04 - 2018-09-04 23:36 - 001476904 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcupdate_GenuineIntel.dll
2018-11-09 15:20 - 2018-11-09 15:20 - 000289856 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_klark.sys
2018-11-09 15:19 - 2018-11-09 21:25 - 000193168 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_mark.sys
2018-11-09 15:19 - 2018-11-09 21:25 - 000100136 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_kimul.sys
2018-11-09 15:19 - 2018-11-09 15:19 - 000238528 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_arkmon.sys
2018-11-09 15:19 - 2018-11-09 15:19 - 000110640 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_klbg.sys
2018-11-09 15:07 - 2018-11-05 13:57 - 002017536 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6441681.dll
2018-11-09 15:07 - 2018-11-05 13:57 - 001468112 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6441681.dll
2018-11-09 15:07 - 2018-11-03 02:56 - 000047384 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdap64.dll

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-12-09 18:50 - 2017-02-15 14:02 - 000000000 ____D C:\Users\Agustí\AppData\LocalLow\Mozilla
2018-12-09 18:47 - 2017-10-27 16:32 - 000000000 ____D C:\Users\Agustí\Desktop\S7
2018-12-09 18:45 - 2018-04-12 00:38 - 000000000 ___HD C:\Program Files\WindowsApps
2018-12-09 18:45 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-12-09 18:44 - 2017-07-28 02:02 - 000000000 ____D C:\ProgramData\NVIDIA
2018-12-09 18:44 - 2017-02-22 16:25 - 000000000 ____D C:\Users\Agustí\AppData\Local\Adobe
2018-12-09 18:43 - 2017-02-20 19:19 - 000000000 ____D C:\Users\Agustí\Documents\Assassin's Creed Unity
2018-12-09 18:43 - 2017-02-15 13:54 - 000000000 ____D C:\ProgramData\Kaspersky Lab
2018-12-09 18:42 - 2018-04-13 19:05 - 000000000 ____D C:\Program Files (x86)\Steam
2018-12-09 18:42 - 2017-04-19 13:09 - 000000000 ___RD C:\Users\Agustí\Google Drive
2018-12-09 18:41 - 2018-04-12 00:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2018-12-07 14:30 - 2018-07-15 15:57 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-12-07 12:42 - 2018-07-15 16:08 - 001768608 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-12-07 12:42 - 2018-04-12 17:19 - 000786502 _____ C:\WINDOWS\system32\perfh00A.dat
2018-12-07 12:42 - 2018-04-12 17:19 - 000155134 _____ C:\WINDOWS\system32\perfc00A.dat
2018-12-07 12:42 - 2018-04-12 00:36 - 000000000 ____D C:\WINDOWS\INF
2018-12-07 12:35 - 2018-07-15 16:05 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-12-07 12:34 - 2018-04-11 22:04 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2018-12-07 11:36 - 2018-04-12 00:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-12-07 11:35 - 2017-07-13 01:00 - 000000000 ____D C:\Users\Agustí\AppData\Roaming\Thunderbird
2018-12-07 00:40 - 2018-04-11 22:04 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2018-12-06 23:34 - 2017-11-15 21:45 - 000000000 ____D C:\Users\Agustí\AppData\Local\Packages
2018-12-06 15:31 - 2018-07-15 15:57 - 005106976 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2018-12-06 15:31 - 2018-01-17 15:21 - 000000000 ____D C:\Users\Agustí\Claymore.s.Dual.Ethereum.Decred_Siacoin_Lbry_Pascal.AMD.NVIDIA.GPU.Miner.v10.0
2018-12-06 15:31 - 2017-10-26 13:44 - 000000000 ____D C:\Users\Agustí\Desktop\monero-gui-v0.11.1.0
2018-12-06 15:31 - 2017-06-11 19:23 - 000000000 ____D C:\Users\Agustí\Desktop\0.3.4b
2018-12-06 13:50 - 2017-02-15 14:00 - 000000000 ____D C:\Program Files (x86)\Google
2018-12-06 12:29 - 2018-07-15 16:00 - 000000000 ____D C:\Users\Agustí
2018-12-06 00:34 - 2017-03-01 21:41 - 000000000 ____D C:\Program Files\CCleaner
2018-12-05 23:55 - 2018-01-19 13:00 - 000000000 ____D C:\Users\Agustí\Desktop\NHML-1.8.1.6
2018-12-05 23:55 - 2017-11-27 00:11 - 000000000 ____D C:\Users\Agustí\Downloads\anonymus tools
2018-12-05 20:12 - 2017-03-15 19:41 - 000592416 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2018-12-05 20:09 - 2017-07-07 16:18 - 000000000 ____D C:\Users\Agustí\AppData\Roaming\WhatsApp
2018-12-05 20:05 - 2018-07-15 16:05 - 000004608 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2018-12-05 20:05 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2018-12-05 20:05 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\Macromed
2018-12-05 19:18 - 2017-02-17 20:54 - 000000000 ____D C:\Users\Agustí\AppData\Local\NVIDIA
2018-12-05 13:10 - 2018-01-02 14:54 - 000000000 ____D C:\Program Files (x86)\SpeedFan
2018-12-05 13:06 - 2017-07-28 02:02 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2018-12-05 13:05 - 2018-06-23 03:12 - 000000000 ____D C:\Users\Agustí\AppData\Roaming\MPC-HC
2018-12-04 21:21 - 2017-06-27 02:01 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-12-04 21:14 - 2017-07-28 02:02 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2018-12-04 21:14 - 2017-02-17 20:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2018-12-04 20:51 - 2017-03-26 18:16 - 000000000 ____D C:\Program Files\Mozilla Firefox
2018-12-04 20:51 - 2017-02-15 14:02 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2018-12-02 18:59 - 2017-02-16 19:14 - 000000000 ____D C:\Program Files (x86)\Dropbox
2018-12-02 17:49 - 2018-07-15 16:05 - 000003360 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2661268148-4206100724-2722932501-1001
2018-12-02 17:49 - 2018-07-15 16:00 - 000002404 _____ C:\Users\Agustí\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-12-02 17:48 - 2017-04-18 19:58 - 000000000 ____D C:\Users\Agustí\Desktop\FLASH
2018-12-01 05:54 - 2018-06-11 22:01 - 004999872 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2018-12-01 05:01 - 2018-04-12 00:41 - 000835688 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2018-12-01 05:01 - 2018-04-12 00:41 - 000179808 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2018-11-30 00:07 - 2017-07-13 01:26 - 000000000 ____D C:\Program Files\Daily
2018-11-29 18:52 - 2018-06-11 22:01 - 000048148 _____ C:\WINDOWS\system32\nvinfo.pb
2018-11-29 17:11 - 2017-07-28 02:02 - 005338608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2018-11-29 17:11 - 2017-07-28 02:02 - 002620624 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2018-11-29 17:11 - 2017-07-28 02:02 - 001767632 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2018-11-29 17:11 - 2017-07-28 02:02 - 000651248 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2018-11-29 17:11 - 2017-07-28 02:02 - 000450600 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2018-11-29 17:11 - 2017-07-28 02:02 - 000125240 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2018-11-29 17:11 - 2017-07-28 02:02 - 000082800 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2018-11-28 00:28 - 2017-07-28 02:02 - 008453862 _____ C:\WINDOWS\system32\nvcoproc.bin
2018-11-27 23:07 - 2017-11-09 12:51 - 000000000 ____D C:\Users\Agustí\Desktop\Portadas
2018-11-27 19:47 - 2017-07-07 16:18 - 000002270 _____ C:\Users\Agustí\Desktop\WhatsApp.lnk
2018-11-27 19:47 - 2017-07-07 16:18 - 000000000 ____D C:\Users\Agustí\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WhatsApp
2018-11-27 19:47 - 2017-07-07 16:18 - 000000000 ____D C:\Users\Agustí\AppData\Local\WhatsApp
2018-11-27 19:47 - 2017-07-07 16:18 - 000000000 ____D C:\Users\Agustí\AppData\Local\SquirrelTemp
2018-11-26 22:43 - 2018-02-05 19:32 - 000000953 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Thunderbird Daily.lnk
2018-11-26 22:40 - 2017-02-15 14:00 - 000002299 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-11-26 22:40 - 2017-02-15 14:00 - 000002258 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-11-24 00:29 - 2017-02-15 20:31 - 000000000 ____D C:\Users\Agustí\AppData\Local\Ubisoft Game Launcher
2018-11-14 20:30 - 2018-04-12 00:38 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2018-11-14 20:30 - 2018-04-12 00:38 - 000000000 ___SD C:\WINDOWS\system32\F12
2018-11-14 20:30 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\TextInput
2018-11-14 20:30 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2018-11-14 20:30 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\ShellExperiences
2018-11-14 20:30 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\bcastdvr
2018-11-14 15:48 - 2017-02-15 14:14 - 000000000 ____D C:\WINDOWS\system32\MRT
2018-11-14 15:45 - 2018-07-15 16:00 - 000000000 ____D C:\Users\defaultuser0
2018-11-14 15:44 - 2017-02-15 14:14 - 137810048 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2018-11-14 15:43 - 2016-07-16 12:47 - 000000167 _____ C:\WINDOWS\win.ini
2018-11-14 13:00 - 2018-06-11 21:54 - 000001951 _____ C:\WINDOWS\NvContainerRecovery.bat
2018-11-13 19:11 - 2018-01-03 14:13 - 000000000 ____D C:\Users\Agustí\AppData\Roaming\Notepad++
2018-11-13 17:28 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2018-11-13 17:28 - 2017-02-22 16:00 - 000000000 ____D C:\ProgramData\Foxit Software
2018-11-11 12:52 - 2017-11-15 21:50 - 000000000 ___RD C:\Users\Agustí\3D Objects
2018-11-11 12:52 - 2017-02-15 13:26 - 000000000 __RHD C:\Users\Public\AccountPictures
2018-11-10 01:11 - 2018-04-12 00:38 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2018-11-10 01:08 - 2018-01-02 14:54 - 000001080 _____ C:\Users\Agustí\Desktop\SpeedFan.lnk
2018-11-10 01:00 - 2018-07-01 03:43 - 000000000 ____D C:\Users\Agustí\Desktop\DaVinci Resolve
2018-11-09 16:02 - 2018-07-15 16:05 - 000004210 _____ C:\WINDOWS\System32\Tasks\CCleaner Update
2018-11-09 15:08 - 2017-10-25 17:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Backup and Sync from Google
2018-11-09 15:08 - 2017-04-19 13:09 - 000002073 _____ C:\Users\Public\Desktop\Google Slides.lnk
2018-11-09 15:08 - 2017-04-19 13:09 - 000002071 _____ C:\Users\Public\Desktop\Google Sheets.lnk
2018-11-09 15:08 - 2017-04-19 13:09 - 000002061 _____ C:\Users\Public\Desktop\Google Docs.lnk
2018-11-09 15:05 - 2018-10-29 14:19 - 000000000 ____D C:\ProgramData\Mozilla

==================== Files in the root of some directories =======

2017-02-22 16:37 - 2018-05-06 22:06 - 000000033 _____ () C:\Users\Agustí\AppData\Roaming\AdobeWLCMCache.dat
2018-01-30 19:28 - 2018-01-31 14:39 - 001065984 _____ () C:\Users\Agustí\AppData\Local\file__0.localstorage
2017-03-18 20:19 - 2017-03-18 20:19 - 000000001 _____ () C:\Users\Agustí\AppData\Local\llftool.4.40.agreement
2017-04-28 22:42 - 2018-04-21 17:59 - 000000600 _____ () C:\Users\Agustí\AppData\Local\PUTTY.RND
2018-04-24 20:30 - 2018-04-24 20:30 - 000000143 _____ () C:\Users\Agustí\AppData\Local\zenmap.exe.log

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
C:\WINDOWS\system32\drivers\farflt.sys -> Access Denied <======= ATTENTION
C:\WINDOWS\system32\drivers\mbam.sys -> Access Denied <======= ATTENTION
C:\WINDOWS\system32\drivers\mwac.sys -> Access Denied <======= ATTENTION

LastRegBack: 2018-07-15 15:57

==================== End of FRST.txt ============================

#18
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 09.12.2018
Ran by Agustí (09-12-2018 18:50:59)
Running from C:\Users\Agustí\Desktop
Windows 10 Education Version 1803 17134.407 (X64) (2018-07-15 15:06:10)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrador (S-1-5-21-2661268148-4206100724-2722932501-500 - Administrator - Disabled)
Agustí (S-1-5-21-2661268148-4206100724-2722932501-1001 - Administrator - Enabled) => C:\Users\Agustí
DefaultAccount (S-1-5-21-2661268148-4206100724-2722932501-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-2661268148-4206100724-2722932501-1000 - Limited - Disabled) => C:\Users\defaultuser0
Invitado (S-1-5-21-2661268148-4206100724-2722932501-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-2661268148-4206100724-2722932501-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Kaspersky Total Security (Disabled - Up to date) {0AB30972-4BAC-7BEE-CBCA-B8F9E68797D8}
AS: Spybot - Search and Destroy (Enabled - Up to date) {4C1D9672-63FE-5C90-371E-8FDA591C5B75}
AS: Kaspersky Total Security (Disabled - Up to date) {B1D2E896-6D96-7460-F17A-838B9D00DD65}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Total Security (Disabled) {32888857-01C3-7AB6-E095-11CC1854D0A3}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

${{arpDisplayName}} (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_cufft_9.1) (Version: 9.1 - NVIDIA Corporation) Hidden
Actualización de NVIDIA 31.2.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 31.2.0.0 - NVIDIA Corporation) Hidden
Adobe Acrobat XI Pro (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-000000000006}) (Version: 11.0.23 - Adobe Systems)
Adobe After Effects CC 2017 (HKLM-x32\...\AEFT_14_1_0) (Version: 14.1.0 - Adobe Systems Incorporated)
Adobe Animate CC 2017 (HKLM-x32\...\FLPR_16_1) (Version: 16.1 - Adobe Systems Incorporated)
Adobe Audition CC 2017 (HKLM-x32\...\AUDT_10_0_2) (Version: 10.0.2 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.9.1.335 - Adobe Systems Incorporated)
Adobe Dreamweaver CC 2017 (HKLM-x32\...\DRWV_17_0_1) (Version: 17.0.1 - Adobe Systems Incorporated)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.101 - Adobe Systems Incorporated)
Adobe Illustrator CC 2017 (HKLM-x32\...\ILST_21_0_2) (Version: 21.0.2 - Adobe Systems Incorporated)
Adobe Media Encoder CC 2017 (HKLM-x32\...\AME_11_0_2) (Version: 11.0.2 - Adobe Systems Incorporated)
Adobe Muse CC 2017 (HKLM-x32\...\MUSE_2017_0_2) (Version: 2017.0.2.60 - Adobe Systems Incorporated)
Adobe Photoshop CC 2017 (HKLM-x32\...\PHSP_18_0_1) (Version: 18.0.1 - Adobe Systems Incorporated)
Adobe Premiere Pro CC 2017 (HKLM-x32\...\PPRO_11_0_2) (Version: 11.0.2 - Adobe Systems Incorporated)
Adobe Touch App Plugins (HKLM-x32\...\{1EC083EE-5B76-4A2A-B95A-CAF460AA29D6}) (Version: 1.0 - Adobe Systems Incorporated)
Advanced PDF Password Recovery (HKLM-x32\...\{A85CC7BA-760F-4B65-8E2F-640BE314F2F8}) (Version: 5.06.113.2041 - Elcomsoft Co. Ltd.)
AnyMP4 Video Converter Ultimate 7.2.32 (HKLM-x32\...\{B77ACAAE-53EE-43c3-86F1-4AEA52F6CDD5}_is1) (Version: 7.2.32 - AnyMP4 Studio)
Application Verifier x64 External Package (HKLM\...\{D9908CED-5ABB-FEE9-FC84-743F4D38637C}) (Version: 10.1.16299.15 - Microsoft) Hidden
Arizen (HKU\S-1-5-21-2661268148-4206100724-2722932501-1001\...\Arizen) (Version: 1.1.1 - ZEN team)
Arizen (HKU\S-1-5-21-2661268148-4206100724-2722932501-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12092018184304790\...\Arizen) (Version: 1.1.1 - ZEN team)
Arizen (HKU\S-1-5-21-2661268148-4206100724-2722932501-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12092018184309017\...\Arizen) (Version: 1.1.1 - ZEN team)
Assassin's Creed Chronicles China (HKLM-x32\...\Uplay Install 1651) (Version:  - Ubisoft)
Assassin's Creed IV Black Flag (HKLM-x32\...\Uplay Install 273) (Version:  - Ubisoft)
Assassin's Creed Rogue (HKLM-x32\...\Uplay Install 895) (Version:  - Ubisoft)
Assassin's Creed Unity (HKLM-x32\...\Uplay Install 720) (Version:  - Ubisoft)
Backup and Sync from Google (HKLM\...\{608EBDC6-D18A-4CF6-AD54-EE6B71D29065}) (Version: 3.43.1584.4446 - Google, Inc.)
Bat To Exe Converter version 3.0.4 (HKLM\...\{60C29EC2-33E8-45EE-87E4-31FA3E35C539}_is1) (Version: 3.0.4 - Fatih Kodak)
Bit Che (HKLM-x32\...\{D9DA5C41-964F-455F-B5E7-3664519440E8}_is1) (Version: 3.5 build 50 - Convivea Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.44 - Piriform)
CDisplayEx 1.10.29 (HKLM\...\CDisplayEx_is1) (Version:  - Progdigy Software S.A.R.L.)
CMake (HKLM\...\{BB5D097B-1420-4F9F-B3A0-D2BE120126CD}) (Version: 3.10.1 - Kitware)
CroatCore (HKU\S-1-5-21-2661268148-4206100724-2722932501-1001\...\CroatCore 1.1) (Version: 1.1 - Croat)
CroatCore (HKU\S-1-5-21-2661268148-4206100724-2722932501-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12092018184304790\...\CroatCore 1.1) (Version: 1.1 - Croat)
CroatCore (HKU\S-1-5-21-2661268148-4206100724-2722932501-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12092018184309017\...\CroatCore 1.1) (Version: 1.1 - Croat)
CUBLAS Development (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_cublas_dev_9.1) (Version: 9.1 - NVIDIA Corporation) Hidden
CUBLAS Runtime (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_cublas_9.1) (Version: 9.1 - NVIDIA Corporation) Hidden
CUDA Documentation (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_documentation_9.1) (Version: 9.1 - NVIDIA Corporation) Hidden
CUDA Profiler Tools (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_nvprof_9.1) (Version: 9.1 - NVIDIA Corporation) Hidden
CUDA Toolkit (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_CUDAToolkit_9.1) (Version: 9.1 - NVIDIA Corporation) Hidden
CUDA Version (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_CUDAVersion_9.1) (Version: 9.1 - NVIDIA Corporation) Hidden
CUDART Runtime (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_cudart_9.1) (Version: 9.1 - NVIDIA Corporation) Hidden
CUFFT Development (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_cufft_dev_9.1) (Version: 9.1 - NVIDIA Corporation) Hidden
cuobjdump (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_cuobjdump_9.1) (Version: 9.1 - NVIDIA Corporation) Hidden
CUPTI (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_cupti_9.1) (Version: 9.1 - NVIDIA Corporation) Hidden
CURAND Development (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_curand_dev_9.1) (Version: 9.1 - NVIDIA Corporation) Hidden
CURAND Runtime (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_curand_9.1) (Version: 9.1 - NVIDIA Corporation) Hidden
CUSOLVER Development (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_cusolver_dev_9.1) (Version: 9.1 - NVIDIA Corporation) Hidden
CUSOLVER Runtime (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_cusolver_9.1) (Version: 9.1 - NVIDIA Corporation) Hidden
CUSPARSE Development (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_cusparse_dev_9.1) (Version: 9.1 - NVIDIA Corporation) Hidden
CUSPARSE Runtime (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_cusparse_9.1) (Version: 9.1 - NVIDIA Corporation) Hidden
Cyotek WebCopy version 1.1.1.4 (HKLM-x32\...\{D5FAF1F8-C903-41b2-AC66-2682A02A78CB}_is1) (Version: 1.1.1.4 - Cyotek Ltd)
Daily 65.0a1 (x64 en-US) (HKLM\...\Daily 65.0a1 (x64 en-US)) (Version: 65.0a1 - Mozilla)
decrediton 1.1.3 (only current user) (HKU\S-1-5-21-2661268148-4206100724-2722932501-1001\...\294af90e-a14b-58c1-adf0-2e358411a479) (Version: 1.1.3 - Decred Team)
decrediton 1.1.3 (only current user) (HKU\S-1-5-21-2661268148-4206100724-2722932501-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12092018184304790\...\294af90e-a14b-58c1-adf0-2e358411a479) (Version: 1.1.3 - Decred Team)
decrediton 1.1.3 (only current user) (HKU\S-1-5-21-2661268148-4206100724-2722932501-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12092018184309017\...\294af90e-a14b-58c1-adf0-2e358411a479) (Version: 1.1.3 - Decred Team)
Demo Suite (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_demo_suite_9.1) (Version: 9.1 - NVIDIA Corporation) Hidden
DiagnosticsHub_CollectionService (HKLM\...\{A5DD0731-C724-4037-B35B-B80782AACE00}) (Version: 15.0.27128 - Microsoft Corporation) Hidden
Disassembler (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_nvdisasm_9.1) (Version: 9.1 - NVIDIA Corporation) Hidden
DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 417.22 - NVIDIA Corporation) Hidden
Drakonia Black (HKLM-x32\...\{2EAD3327-2F92-455F-A675-E5CC4980B67A}}_is1) (Version:  - )
Dropbox (HKLM-x32\...\Dropbox) (Version: 62.4.103 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.141.1 - Dropbox, Inc.) Hidden
Duplicate Cleaner Pro 4.1.0 (HKLM-x32\...\Duplicate Cleaner Pro) (Version: 4.1.0 - DigitalVolcano Software Ltd)
EAGLE 8.1.0 (HKLM\...\{AUTODESK-EAGLE-8-1-0}_is1) (Version: 8.1.0 - Autodesk, Inc.)
Eines de correcció del Microsoft Office 2016: català (HKLM\...\{90160000-001F-0403-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - )
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
Ferramentas de verificación de Microsoft Office 2016 - Galego (HKLM\...\{90160000-001F-0456-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
FileZilla Client 3.32.0 (HKLM-x32\...\FileZilla Client) (Version: 3.32.0 - Tim Kosse)
FireStorm version V1.0.46.005 (HKLM-x32\...\FireStorm_is1) (Version: V1.0.46.005 - )
FormatFactory 4.1.0.0 (HKLM-x32\...\FormatFactory) (Version: 4.1.0.0 - Free Time)
Fortran Examples (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_fortran_examples_9.1) (Version: 9.1 - NVIDIA Corporation) Hidden
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 9.3.0.10826 - Foxit Software Inc.)
Garlium version 7b89cf39f13f25da404f11540d716115ab9592cb (HKLM-x32\...\{39298325-1AE0-4C6C-A61F-31911712601C}_is1) (Version: 7b89cf39f13f25da404f11540d716115ab9592cb - Ske)
GL USB2.0 UVC Camera Device (HKLM-x32\...\{9897BBD8-013A-49F3-928E-866A59B6E00C}) (Version: 14.03.11.0 - GenesysLogic)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 70.0.3538.110 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
GPU Library Advisor (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_gpu-library-advisor_9.1) (Version: 9.1 - NVIDIA Corporation) Hidden
Heaven Benchmark version 4.0 (HKLM-x32\...\Unigine Heaven Benchmark (Basic Edition)_is1) (Version: 4.0 - Unigine Corp.)
Herramientas de corrección de Microsoft Office 2016: español (HKLM\...\{90160000-001F-0C0A-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
HP Color LaserJet 2600 series (HKLM\...\HP Color LaserJet 2600 series) (Version:  - )
icecap_collection_neutral (HKLM-x32\...\{9149432D-3BEE-4869-B6F5-7A5CF843A612}) (Version: 15.0.27005 - Microsoft Corporation) Hidden
icecap_collection_x64 (HKLM\...\{D0C9796E-CB35-4440-885D-9630A0153D1E}) (Version: 15.0.27005 - Microsoft Corporation) Hidden
icecap_collectionresources (HKLM-x32\...\{E3B6406A-1012-4169-B120-0842D3DF27C2}) (Version: 15.0.27005 - Microsoft Corporation) Hidden
icecap_collectionresourcesx64 (HKLM-x32\...\{AE09F990-5094-4B44-A729-712F27F41A55}) (Version: 15.0.27005 - Microsoft Corporation) Hidden
Intel Extreme Tuning Utility (HKLM-x32\...\{09bb3c48-fafb-45a9-b0f2-3694c6c6e012}) (Version: 6.4.1.15 - Intel Corporation)
Intel Extreme Tuning Utility (HKLM-x32\...\{1FDC7997-C78F-4E04-B841-F2150FC06B58}) (Version: 6.4.1.15 - Intel Corporation) Hidden
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Karbo version 1.2.0 (HKLM\...\{293A7E81-D7F3-4F76-99A9-3B9909F805FE}_is1) (Version: 1.2.0 - Karbowanec developers)
Kaspersky Secure Connection (HKLM-x32\...\{F33C0717-8E04-4EB5-90C8-47221287DB4F}) (Version: 18.0.0.405 - Kaspersky Lab) Hidden
Kaspersky Secure Connection (HKLM-x32\...\InstallWIX_{F33C0717-8E04-4EB5-90C8-47221287DB4F}) (Version: 18.0.0.405 - Kaspersky Lab)
Kaspersky Total Security (HKLM-x32\...\{5AAE61FF-858E-453E-B8F3-944618149975}) (Version: 18.0.0.405 - Kaspersky Lab) Hidden
Kaspersky Total Security (HKLM-x32\...\InstallWIX_{5AAE61FF-858E-453E-B8F3-944618149975}) (Version: 18.0.0.405 - Kaspersky Lab)
Malwarebytes versión 3.6.1.2711 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.6.1.2711 - Malwarebytes)
Measurement versión 2.0 (HKLM-x32\...\{D694A790-B0B4-43A3-9482-2E7AC0B95C7C}_is1) (Version: 2.0 - )
MEMCHECK (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_memcheck_9.1) (Version: 9.1 - NVIDIA Corporation) Hidden
MergeModule_x64 (HKLM\...\{12DCC5A7-0100-4433-B4FF-217A3C5DC83B}) (Version: 9.3.00 - Sony Corporation) Hidden
MergeModule_x86 (HKLM-x32\...\{42251A8D-C4AE-4D3B-8A50-948CB98A0969}) (Version: 10.5.00 - Sony Corporation) Hidden
Microsoft Office Professional Plus 2016 (HKLM\...\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2661268148-4206100724-2722932501-1001\...\OneDriveSetup.exe) (Version: 18.212.1021.0008 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2661268148-4206100724-2722932501-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12092018184304790\...\OneDriveSetup.exe) (Version: 18.212.1021.0008 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2661268148-4206100724-2722932501-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12092018184309017\...\OneDriveSetup.exe) (Version: 18.212.1021.0008 - Microsoft Corporation)
Microsoft System CLR Types para SQL Server 2017 CTP2.1 (HKLM\...\{AD999EF9-C16F-4941-A46D-10F3E0A44F77}) (Version: 14.0.600.250 - Microsoft Corporation)
Microsoft System CLR Types para SQL Server 2017 CTP2.1 (HKLM-x32\...\{7A891D71-0623-4597-A912-1FE534FA7383}) (Version: 14.0.600.250 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.12.25810 (HKLM-x32\...\{e2ee15e2-a480-4bc5-bfb7-e9803d1d9823}) (Version: 14.12.25810.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.12.25810 (HKLM-x32\...\{56e11d69-7cc9-40a5-a4f9-8f6190c4d84d}) (Version: 14.12.25810.0 - Microsoft Corporation)
Microsoft Visual Studio Installer (HKLM\...\{6F320B93-EE3C-4826-85E0-ADF79F8D4C61}) (Version: 1.14.160.1208 - Microsoft Corporation)
Microsoft Web Deploy 3.6 (HKLM\...\{65C71B09-C33D-4F60-93EA-DF3AD1D40600}) (Version: 10.0.1981 - Microsoft Corporation)
Mozilla Firefox 59.0.2 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 59.0.2 (x86 en-US)) (Version: 59.0.2 - Mozilla)
Mozilla Firefox 63.0.3 (x64 es-ES) (HKLM\...\Mozilla Firefox 63.0.3 (x64 es-ES)) (Version: 63.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 59.0.2 - Mozilla)
MPC-HC 1.7.13 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.7.13 - MPC-HC Team)
MSI Afterburner 4.4.2 (HKLM-x32\...\Afterburner) (Version: 4.4.2 - MSI Co., LTD)
MSI Development Tools (HKLM-x32\...\{973CACA2-E018-065B-0580-F2784802E299}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
Music Manager (HKU\S-1-5-21-2661268148-4206100724-2722932501-1001\...\MusicManager) (Version:  - Google, Inc.)
Music Manager (HKU\S-1-5-21-2661268148-4206100724-2722932501-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12092018184304790\...\MusicManager) (Version:  - Google, Inc.)
Music Manager (HKU\S-1-5-21-2661268148-4206100724-2722932501-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12092018184309017\...\MusicManager) (Version:  - Google, Inc.)
Nmap 7.70 (HKLM-x32\...\Nmap) (Version: 7.70 - Nmap Project)
Notepad++ (32-bit x86) (HKLM-x32\...\Notepad++) (Version: 7.5.9 - Notepad++ Team)
Npcap 0.99-r2 (HKLM-x32\...\NpcapInst) (Version: 0.99-r2 - Nmap Project)
NPP Development (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_npp_dev_9.1) (Version: 9.1 - NVIDIA Corporation) Hidden
NPP Runtime (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_npp_9.1) (Version: 9.1 - NVIDIA Corporation) Hidden
nvcc (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_nvcc_9.1) (Version: 9.1 - NVIDIA Corporation) Hidden
NVGRAPH Development (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_nvgraph_dev_9.1) (Version: 9.1 - NVIDIA Corporation) Hidden
NVGRAPH Runtime (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_nvgraph_9.1) (Version: 9.1 - NVIDIA Corporation) Hidden
NVIDIA Controlador de 3D Vision 417.22 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 417.22 - NVIDIA Corporation)
NVIDIA Controlador de audio HD 1.3.38.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.4 - NVIDIA Corporation)
NVIDIA Controlador de gráficos 417.22 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 417.22 - NVIDIA Corporation)
NVIDIA Controlador de la controladora 3D Vision 390.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 390.41 - NVIDIA Corporation)
NVIDIA CUDA Development 9.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_CUDADevelopment_9.1) (Version: 9.1 - NVIDIA Corporation)
NVIDIA CUDA Documentation 9.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_CUDADocument_9.1) (Version: 9.1 - NVIDIA Corporation)
NVIDIA CUDA Runtime 9.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_CUDARuntimes_9.1) (Version: 9.1 - NVIDIA Corporation)
NVIDIA CUDA Samples 9.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_samples_9.1) (Version: 9.1 - NVIDIA Corporation)
NVIDIA CUDA Visual Studio Integration 9.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_visual_studio_integration_9.1) (Version: 9.1 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.14.0.139 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.14.0.139 - NVIDIA Corporation)
NVIDIA Nsight Visual Studio Edition 5.4.0.17229 (HKLM\...\{3C2B7A30-1441-4418-8222-2A647ECF1C07}) (Version: 5.4.0.17229 - NVIDIA Corporation)
NVIDIA Software del sistema PhysX 9.18.0907 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.18.0907 - NVIDIA Corporation)
NVIDIA Tools Extension SDK (NVTX) - 64 bit (HKLM\...\{B56D2F88-8865-40FD-B7AC-F074EE4D201D}) (Version: 1.00.00.00 - NVIDIA Corporation)
NVML Development (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_nvml_dev_9.1) (Version: 9.1 - NVIDIA Corporation) Hidden
nvprune (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_nvprune_9.1) (Version: 9.1 - NVIDIA Corporation) Hidden
NVRTC Development (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_nvrtc_dev_9.1) (Version: 9.1 - NVIDIA Corporation) Hidden
NVRTC Runtime (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_nvrtc_9.1) (Version: 9.1 - NVIDIA Corporation) Hidden
Occupancy Calculator (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_occupancy_calculator_9.1) (Version: 9.1 - NVIDIA Corporation) Hidden
OLYMPUS A-GPS Utility (HKLM-x32\...\{1E133E9B-D324-455A-990E-5522334B56D2}) (Version: 2.0.0 - Olympus Corporation)
OLYMPUS Digital Camera Updater (HKLM-x32\...\{962428F4-2E99-4AD2-B55D-B468C18A8A89}) (Version: 2.0.0 - Olympus Corporation)
Panel de control de NVIDIA 417.22 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 417.22 - NVIDIA Corporation) Hidden
Paquete de controladores de Windows - OLYMPUS IMAGING CORP. Camera Communication Driver Package (09/09/2009 1.0.0.0) (HKLM\...\2C1C2F29FADF39F533CEEE67B90F07A5306A4BDB) (Version: 09/09/2009 1.0.0.0 - OLYMPUS IMAGING CORP.)
PlayMemories Home (HKLM-x32\...\{D3981248-DBE7-4050-B666-A7FE5AFFC62C}) (Version: 5.5.01.05091 - Sony Corporation)
PMB_ModeEditor (HKLM-x32\...\{E95982CA-945F-41F2-B156-A603897AB242}) (Version: 10.3.00 - Sony Corporation) Hidden
PMB_ServiceUploader (HKLM-x32\...\{7D3A0097-9E0E-4073-801C-295BBDAEAED8}) (Version: 10.5.01 - Sony Corporation) Hidden
Python 3.5.2 (32-bit) (HKU\S-1-5-21-2661268148-4206100724-2722932501-1001\...\{cf72a2ab-2f1d-49fd-a0d7-1065e6357e1e}) (Version: 3.5.2150.0 - Python Software Foundation)
Python 3.5.2 (32-bit) (HKU\S-1-5-21-2661268148-4206100724-2722932501-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12092018184304790\...\{cf72a2ab-2f1d-49fd-a0d7-1065e6357e1e}) (Version: 3.5.2150.0 - Python Software Foundation)
Python 3.5.2 (32-bit) (HKU\S-1-5-21-2661268148-4206100724-2722932501-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12092018184309017\...\{cf72a2ab-2f1d-49fd-a0d7-1065e6357e1e}) (Version: 3.5.2150.0 - Python Software Foundation)
Python 3.5.2 Core Interpreter (32-bit) (HKLM-x32\...\{EB0611B2-7F10-4D97-BCF2-DCAAB1199498}) (Version: 3.5.2150.0 - Python Software Foundation) Hidden
Python 3.5.2 Development Libraries (32-bit) (HKLM-x32\...\{5DB2183B-62D3-407F-BBC1-EAD2F36283FA}) (Version: 3.5.2150.0 - Python Software Foundation) Hidden
Python 3.5.2 Documentation (32-bit) (HKLM-x32\...\{1FBA5182-78DD-4940-9F06-96E5042B7061}) (Version: 3.5.2150.0 - Python Software Foundation) Hidden
Python 3.5.2 Executables (32-bit) (HKLM-x32\...\{33B10015-A9B1-4210-B50A-26C6443979B0}) (Version: 3.5.2150.0 - Python Software Foundation) Hidden
Python 3.5.2 pip Bootstrap (32-bit) (HKLM-x32\...\{9ADF9987-3327-48C6-91B3-B10900366491}) (Version: 3.5.2150.0 - Python Software Foundation) Hidden
Python 3.5.2 Standard Library (32-bit) (HKLM-x32\...\{FCBB04F4-D2CF-4F55-BE92-B3898696B318}) (Version: 3.5.2150.0 - Python Software Foundation) Hidden
Python 3.5.2 Tcl/Tk Support (32-bit) (HKLM-x32\...\{C1153533-FDC4-4922-892D-B71810F69566}) (Version: 3.5.2150.0 - Python Software Foundation) Hidden
Python 3.5.2 Test Suite (32-bit) (HKLM-x32\...\{9D50A6D7-410A-4469-87B7-35FA84CBD479}) (Version: 3.5.2150.0 - Python Software Foundation) Hidden
Python 3.5.2 Utility Scripts (32-bit) (HKLM-x32\...\{E6DEBF43-7ACF-4E88-9BBF-9B5945683281}) (Version: 3.5.2150.0 - Python Software Foundation) Hidden
Python 3.6.3 (64-bit) (HKU\S-1-5-21-2661268148-4206100724-2722932501-1001\...\{b3a11d5f-0d2d-4bc3-ad72-39f3fa14162c}) (Version: 3.6.3150.0 - Python Software Foundation)
Python 3.6.3 (64-bit) (HKU\S-1-5-21-2661268148-4206100724-2722932501-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12092018184304790\...\{b3a11d5f-0d2d-4bc3-ad72-39f3fa14162c}) (Version: 3.6.3150.0 - Python Software Foundation)
Python 3.6.3 (64-bit) (HKU\S-1-5-21-2661268148-4206100724-2722932501-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12092018184309017\...\{b3a11d5f-0d2d-4bc3-ad72-39f3fa14162c}) (Version: 3.6.3150.0 - Python Software Foundation)
Python 3.6.3 Core Interpreter (64-bit symbols) (HKLM\...\{4F41E9C9-3079-4BB0-806E-EA74F6E218AC}) (Version: 3.6.3150.0 - Python Software Foundation) Hidden
Python 3.6.3 Core Interpreter (64-bit) (HKLM\...\{5CAB3F9C-AC0C-4796-984C-292FF82FB112}) (Version: 3.6.3150.0 - Python Software Foundation) Hidden
Python 3.6.3 Development Libraries (64-bit) (HKLM\...\{B6B221CE-20AA-46D6-8156-911613216968}) (Version: 3.6.3150.0 - Python Software Foundation) Hidden
Python 3.6.3 Documentation (64-bit) (HKLM\...\{404A8C42-6B82-4B32-AC7F-0583644A04F2}) (Version: 3.6.3150.0 - Python Software Foundation) Hidden
Python 3.6.3 Executables (64-bit symbols) (HKLM\...\{B6C96BF6-D381-4011-B65D-44FC4A7CFC9E}) (Version: 3.6.3150.0 - Python Software Foundation) Hidden
Python 3.6.3 Executables (64-bit) (HKLM\...\{D3ABC2C4-85AF-4AFD-94D4-F2B84F49BFEA}) (Version: 3.6.3150.0 - Python Software Foundation) Hidden
Python 3.6.3 pip Bootstrap (64-bit) (HKLM\...\{48EC8399-294B-40F5-8274-E2AFBF0CFCBE}) (Version: 3.6.3150.0 - Python Software Foundation) Hidden
Python 3.6.3 Standard Library (64-bit symbols) (HKLM\...\{28FDA5E7-4FD1-4659-96D0-E6D2FD756DDD}) (Version: 3.6.3150.0 - Python Software Foundation) Hidden
Python 3.6.3 Standard Library (64-bit) (HKLM\...\{60B3332C-989F-4609-8D4F-7B1FD1DB0A5D}) (Version: 3.6.3150.0 - Python Software Foundation) Hidden
Python 3.6.3 Tcl/Tk Support (64-bit symbols) (HKLM\...\{50A4B450-4499-4AF7-8AC9-5125DA32153A}) (Version: 3.6.3150.0 - Python Software Foundation) Hidden
Python 3.6.3 Tcl/Tk Support (64-bit) (HKLM\...\{8FE3FFD1-2F7E-4EBB-A4B7-627E279DA70E}) (Version: 3.6.3150.0 - Python Software Foundation) Hidden
Python 3.6.3 Test Suite (64-bit symbols) (HKLM\...\{43BEECFA-E1E7-4124-B3EC-124B7D35C170}) (Version: 3.6.3150.0 - Python Software Foundation) Hidden
Python 3.6.3 Test Suite (64-bit) (HKLM\...\{2C6B5217-ACF4-4082-B19C-3463C9340E41}) (Version: 3.6.3150.0 - Python Software Foundation) Hidden
Python 3.6.3 Utility Scripts (64-bit) (HKLM\...\{E3F016B8-A524-4F97-9095-944C31A971E0}) (Version: 3.6.3150.0 - Python Software Foundation) Hidden
Python Launcher (HKLM-x32\...\{C093353B-F9EE-4A06-923D-C1B340B82886}) (Version: 3.6.6119.0 - Python Software Foundation)
qBittorrent 4.1.2 (HKLM-x32\...\qBittorrent) (Version: 4.1.2 - The qBittorrent project)
Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
Revisores de Texto do Microsoft Office 2016 – Português (Brasil) (HKLM\...\{90160000-001F-0416-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Revo Uninstaller Pro 3.1.8 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.1.8 - VS Revo Group, Ltd.)
RivaTuner Statistics Server 7.0.2 (HKLM-x32\...\RTSS) (Version: 7.0.2 - Unwinder)
SDK ARM Additions (HKLM-x32\...\{7922BB77-0B59-840A-AC80-D560A34D75C5}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
SDK ARM Redistributables (HKLM-x32\...\{C87DF65C-A672-7E08-A083-E7D48FE8DB70}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
Skype Meetings App (HKLM-x32\...\{E8E6D26B-382E-43C8-91BA-AB8DF2CD0C10}) (Version: 16.2.0.194 - Microsoft Corporation)
Speccy (HKLM\...\Speccy) (Version: 1.31 - Piriform)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version:  - )
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.7.64.0 - Safer-Networking Ltd.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Sumokoin GUI Wallet v0.0.2 (HKLM-x32\...\SumokoinGUIWallet) (Version: 0.0.2 - Sumokoin.org)
TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version:  - TechPowerUp)
Telegram Desktop version 1.4.3 (HKU\S-1-5-21-2661268148-4206100724-2722932501-1001\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 1.4.3 - Telegram Messenger LLP)
Telegram Desktop version 1.4.3 (HKU\S-1-5-21-2661268148-4206100724-2722932501-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12092018184304790\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 1.4.3 - Telegram Messenger LLP)
Telegram Desktop version 1.4.3 (HKU\S-1-5-21-2661268148-4206100724-2722932501-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12092018184309017\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 1.4.3 - Telegram Messenger LLP)
Teleport Ultra (Trial Version) (HKLM-x32\...\Teleport Ultra) (Version: 1.68 - Tennyson Maxwell Information Systems, Inc.)
TypeScript SDK (HKLM-x32\...\{B08D05BC-7897-4616-B34C-95B58D07650C}) (Version: 2.5.4.0 - Microsoft Corporation) Hidden
Ubiq Fusion (HKLM-x32\...\Ubiq Fusion) (Version: 0.9.2 - Ubiq)
Universal CRT Extension SDK (HKLM-x32\...\{A5FA2886-1925-133F-0D41-B9A8ECEA0A2D}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
Universal CRT Headers Libraries and Sources (HKLM-x32\...\{B739B4C5-EEEC-8E70-0276-38C4779AF398}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
Universal CRT Redistributable (HKLM-x32\...\{A9D6F52C-694E-3E41-7AB8-5BEB644742A5}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
Universal CRT Tools x64 (HKLM\...\{E053089E-7953-3219-814F-F485FC151C54}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
Universal CRT Tools x86 (HKLM-x32\...\{B9424F08-0617-C4F6-A798-5A9250C1A738}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
Universal General MIDI DLS Extension SDK (HKLM-x32\...\{D261CEA1-AB8D-9CFA-4407-BCEFC78661AC}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
Update for  (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
Uplay (HKLM-x32\...\Uplay) (Version: 28.1 - Ubisoft)
vcpp_crt.redist.clickonce (HKLM-x32\...\{31B83FA2-E0F4-4155-B5DE-BEA2406E8B01}) (Version: 14.12.25830 - Microsoft Corporation) Hidden
Vertcoin One-Click Miner (HKLM-x32\...\{E9BC593F-D43F-4775-B39C-3B528EC1F476}) (Version: 1.1.76 - Vertcoin Development Team)
Visual Studio Community 2017 (HKLM\...\2af9e5e5) (Version: 15.5.27130.2010 - Microsoft Corporation)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.3 - VideoLAN)
VS Immersive Activate Helper (HKLM-x32\...\{8A2BDA07-3417-46C1-9058-CB32BC63E30E}) (Version: 16.0.76.0 - Microsoft Corporation) Hidden
VS JIT Debugger (HKLM\...\{F8F52853-A1A7-42C7-A082-5A6D5853BB0B}) (Version: 16.0.76.0 - Microsoft Corporation) Hidden
VS Script Debugging Common (HKLM\...\{0EE5749D-2DC0-460F-AB1C-06B3EDB42426}) (Version: 16.0.76.0 - Microsoft Corporation) Hidden
vs_communitymsi (HKLM-x32\...\{595F5D63-8773-4182-A1E0-EC9ECF4B6EA4}) (Version: 15.0.27102 - Microsoft Corporation) Hidden
vs_communitymsires (HKLM-x32\...\{340226AB-D0EF-4715-A331-AB3A416B5018}) (Version: 15.0.26621 - Microsoft Corporation) Hidden
vs_devenvmsi (HKLM-x32\...\{BFFA2FFB-1095-4ADD-A352-368806D2412B}) (Version: 15.0.26621 - Microsoft Corporation) Hidden
vs_filehandler_amd64 (HKLM-x32\...\{9414C260-D479-49EB-B0BF-01C1F5076EA0}) (Version: 15.0.27005 - Microsoft Corporation) Hidden
vs_filehandler_x86 (HKLM-x32\...\{A57BD1C0-42AD-42F8-AFEB-FAC7E6ABB005}) (Version: 15.0.27005 - Microsoft Corporation) Hidden
vs_FileTracker_Singleton (HKLM-x32\...\{70F69B4F-7950-4841-8139-5D0C7EDD2FE6}) (Version: 15.0.27005 - Microsoft Corporation) Hidden
vs_Graphics_Singletonx64 (HKLM\...\{B11D79C6-332C-47B6-B58C-2F88A4911C7C}) (Version: 15.0.27005 - Microsoft Corporation) Hidden
vs_Graphics_Singletonx86 (HKLM-x32\...\{2497054A-0269-4F45-98AE-F469F89CC45F}) (Version: 15.0.27005 - Microsoft Corporation) Hidden
vs_minshellinteropmsi (HKLM-x32\...\{231C8ADB-BF59-458E-A909-CFA825F46388}) (Version: 15.0.27102 - Microsoft Corporation) Hidden
vs_minshellmsi (HKLM-x32\...\{9CDD69A2-765A-4970-AB6B-595A740C614F}) (Version: 15.0.27019 - Microsoft Corporation) Hidden
vs_minshellmsires (HKLM-x32\...\{E70CC1B8-7ED5-4495-9C52-603FE87F38F4}) (Version: 15.0.26621 - Microsoft Corporation) Hidden
vs_tipsmsi (HKLM-x32\...\{1AC6CC3D-7724-4D84-9270-798A2191AB1C}) (Version: 15.0.27005 - Microsoft Corporation) Hidden
WhatsApp (HKU\S-1-5-21-2661268148-4206100724-2722932501-1001\...\WhatsApp) (Version: 0.3.1649 - WhatsApp)
WhatsApp (HKU\S-1-5-21-2661268148-4206100724-2722932501-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12092018184304790\...\WhatsApp) (Version: 0.3.1649 - WhatsApp)
WhatsApp (HKU\S-1-5-21-2661268148-4206100724-2722932501-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12092018184309017\...\WhatsApp) (Version: 0.3.1649 - WhatsApp)
WinAppDeploy (HKLM-x32\...\{9690D51C-4435-1C20-7819-66CCAB0F03F9}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
Windows SDK AddOn (HKLM-x32\...\{350F0ECD-0783-4529-8797-98F0AD33EAC0}) (Version: 10.1.0.0 - Microsoft Corporation)
Windows Software Development Kit - Windows 10.0.16299.15 (HKLM-x32\...\{6195c203-b53c-4bb7-983a-6070a902e704}) (Version: 10.1.16299.15 - Microsoft Corporation)
WinHTTrack Website Copier 3.49-2 (x64) (HKLM\...\WinHTTrack Website Copier_is1) (Version: 3.49.2 - HTTrack)
WinRAR 5.40 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
WinRT Intellisense Desktop - en-us (HKLM-x32\...\{385A1387-A488-9E90-3635-086129610034}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
WinRT Intellisense Desktop - Other Languages (HKLM-x32\...\{D7DD3171-DA58-52A1-95B2-4769640855AF}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
WinRT Intellisense IoT - en-us (HKLM-x32\...\{7336279F-8F8F-5530-A543-3BE963846C0A}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
WinRT Intellisense IoT - Other Languages (HKLM-x32\...\{E414A474-0A87-4F66-C409-A4D9857CFD34}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
WinRT Intellisense Mobile - en-us (HKLM-x32\...\{CE760B86-975B-F514-5673-0ED4332B801B}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
WinRT Intellisense PPI - en-us (HKLM-x32\...\{5E67F8BE-D8D2-257F-CE19-419A2D5125C7}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
WinRT Intellisense PPI - Other Languages (HKLM-x32\...\{A2AA063E-AF50-A1F5-8925-A06EB1556644}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
WinRT Intellisense UAP - en-us (HKLM-x32\...\{7D4C7F4A-02A9-E434-6451-C8787DF28C1F}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
WinRT Intellisense UAP - Other Languages (HKLM-x32\...\{BC467065-9374-5345-DA3F-FCF073304A25}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
ZAR X (HKLM\...\{85DA9B81-D7F9-4165-8E62-F776B57213F8}_is1) (Version:  - www.z-a-recovery.com)

#19
==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2661268148-4206100724-2722932501-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12092018184304790_Classes\CLSID\{3E3AD4BD-346A-460A-80E8-90699B75C00B}\InprocServer32 -> C:\Users\Agustí\AppData\Local\Microsoft\SkypeForBusinessPlugin\16.2.0.194\GatewayActiveX-x64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2661268148-4206100724-2722932501-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12092018184304790_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
CustomCLSID: HKU\S-1-5-21-2661268148-4206100724-2722932501-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12092018184304790_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Agustí\AppData\Local\Google\Update\1.3.33.17\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2661268148-4206100724-2722932501-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12092018184304790_Classes\CLSID\{EA724FD3-844D-43A9-A8C9-A5BC35FC20E4}\InprocServer32 -> C:\Users\Agustí\AppData\Local\Google\Update\1.3.33.17\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2661268148-4206100724-2722932501-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12092018184309017_Classes\CLSID\{3E3AD4BD-346A-460A-80E8-90699B75C00B}\InprocServer32 -> C:\Users\Agustí\AppData\Local\Microsoft\SkypeForBusinessPlugin\16.2.0.194\GatewayActiveX-x64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2661268148-4206100724-2722932501-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12092018184309017_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
CustomCLSID: HKU\S-1-5-21-2661268148-4206100724-2722932501-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12092018184309017_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Agustí\AppData\Local\Google\Update\1.3.33.17\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2661268148-4206100724-2722932501-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12092018184309017_Classes\CLSID\{EA724FD3-844D-43A9-A8C9-A5BC35FC20E4}\InprocServer32 -> C:\Users\Agustí\AppData\Local\Google\Update\1.3.33.17\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2661268148-4206100724-2722932501-1001_Classes\CLSID\{3E3AD4BD-346A-460A-80E8-90699B75C00B}\InprocServer32 -> C:\Users\Agustí\AppData\Local\Microsoft\SkypeForBusinessPlugin\16.2.0.194\GatewayActiveX-x64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2661268148-4206100724-2722932501-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
CustomCLSID: HKU\S-1-5-21-2661268148-4206100724-2722932501-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Agustí\AppData\Local\Google\Update\1.3.33.17\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2661268148-4206100724-2722932501-1001_Classes\CLSID\{EA724FD3-844D-43A9-A8C9-A5BC35FC20E4}\InprocServer32 -> C:\Users\Agustí\AppData\Local\Google\Update\1.3.33.17\psuser_64.dll (Google Inc.)
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\ProgramData\MEGAsync\ShellExtX64.dll -> No File
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\ProgramData\MEGAsync\ShellExtX64.dll -> No File
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\ProgramData\MEGAsync\ShellExtX64.dll -> No File
ShellIconOverlayIdentifiers: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync64.dll [2018-10-04] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync64.dll [2018-10-04] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync64.dll [2018-10-04] (Google)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] ()
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\ProgramData\MEGAsync\ShellExtX64.dll -> No File
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\ProgramData\MEGAsync\ShellExtX64.dll -> No File
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\ProgramData\MEGAsync\ShellExtX64.dll -> No File
ShellIconOverlayIdentifiers-x32: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-28] (Dropbox, Inc.)
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] ()
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat Elements\ContextMenuShim64.dll [2012-09-23] (Adobe Systems Inc.)
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files (x86)\Notepad++\NppShell_06.dll [2018-10-14] ()
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-28] (Dropbox, Inc.)
ContextMenuHandlers1: [FormatFactoryShell] -> {A3777921-CFD3-4A6B-89BF-08E6B95716E8} => C:\Program Files (x86)\FormatFactory\ShellEx64_103.dll [2013-06-17] (Free Time)
ContextMenuHandlers1: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x64.dll [2018-09-26] (Foxit Software Inc.)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2018-10-04] (Google)
ContextMenuHandlers1: [Kaspersky Anti-Virus 18.0.0] -> {FF48AD48-74C7-4260-B385-FAEB80947450} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 18.0.0\x64\ShellEx.dll [2018-10-29] (AO Kaspersky Lab)
ContextMenuHandlers1: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2018-03-23] (Safer-Networking Ltd.)
ContextMenuHandlers1: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2018-03-23] (Safer-Networking Ltd.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-14] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-14] (Alexander Roshal)
ContextMenuHandlers2: [Kaspersky Anti-Virus 18.0.0] -> {FF48AD48-74C7-4260-B385-FAEB80947450} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 18.0.0\x64\ShellEx.dll [2018-10-29] (AO Kaspersky Lab)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes)
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-28] (Dropbox, Inc.)
ContextMenuHandlers4: [FormatFactoryShell] -> {A3777921-CFD3-4A6B-89BF-08E6B95716E8} => C:\Program Files (x86)\FormatFactory\ShellEx64_103.dll [2013-06-17] (Free Time)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2018-10-04] (Google)
ContextMenuHandlers4: [Kaspersky Anti-Virus 18.0.0] -> {FF48AD48-74C7-4260-B385-FAEB80947450} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 18.0.0\x64\ShellEx.dll [2018-10-29] (AO Kaspersky Lab)
ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-28] (Dropbox, Inc.)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2018-11-29] (NVIDIA Corporation)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] ()
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat Elements\ContextMenuShim64.dll [2012-09-23] (Adobe Systems Inc.)
ContextMenuHandlers6: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x64.dll [2018-09-26] (Foxit Software Inc.)
ContextMenuHandlers6: [Kaspersky Anti-Virus 18.0.0] -> {FF48AD48-74C7-4260-B385-FAEB80947450} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 18.0.0\x64\ShellEx.dll [2018-10-29] (AO Kaspersky Lab)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes)
ContextMenuHandlers6: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd)
ContextMenuHandlers6: [RUShellExt] -> {2C5515DC-2A7E-4BFD-B813-CACC2B685EB7} => C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RUExt.dll [2016-12-15] (VS Revo Group)
ContextMenuHandlers6: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2018-03-23] (Safer-Networking Ltd.)
ContextMenuHandlers6: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2018-03-23] (Safer-Networking Ltd.)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-14] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-14] (Alexander Roshal)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {06183D63-7FC5-4D4A-8C14-BD4646E21765} - System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-05-20] (NVIDIA Corporation)
Task: {0F912838-6C34-4454-BD9A-567B25CFB29F} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2017-02-16] (Dropbox, Inc.)
Task: {1D8B0379-5535-4E6D-A1B2-62C71E893E34} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2018-05-20] (NVIDIA Corporation)
Task: {268AEE9F-E876-43D3-8DEA-E5EACB2CEB0D} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2015-07-31] (Microsoft Corporation)
Task: {281E729B-8098-4A55-B1A4-9B1E754890F5} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-05-20] (NVIDIA Corporation)
Task: {34E1404D-FD57-4C1A-821A-B3DA8E97D2D0} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-05-20] (NVIDIA Corporation)
Task: {438EB79F-820F-42E0-A655-A4055B697D2B} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2017-02-16] (Dropbox, Inc.)
Task: {4790F3DA-E76A-4309-9E00-2FCBF25C9812} - System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-05-20] (NVIDIA Corporation)
Task: {51CA5F30-4A45-4D92-9547-EE0487A6799B} - System32\Tasks\Microsoft\Windows\Display\Brightness\BrightnessReset
Task: {5426CB61-79E6-4257-A663-7B4A9A6B7746} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2018-04-20] (Safer-Networking Ltd.)
Task: {5789E04F-F580-424E-B57B-1AFA46B34BEC} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [2015-07-31] (Microsoft Corporation)
Task: {65B85F6F-35B3-4459-A179-28255D5B7B25} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\WINDOWS\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-04-12] ()
Task: {6779FD57-0FF6-492D-8AAB-BF3C9D7A2799} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-02-15] (Google Inc.)
Task: {70E52D27-41FE-4ED8-90D6-23BA02ABD778} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-05-20] (NVIDIA Corporation)
Task: {7B610046-6A42-4DCA-AB84-38DC0A2496D9} - System32\Tasks\Intel\Intel Telemetry 2 (x86) => C:\Program Files (x86)\Intel\Telemetry 2.0\lrio.exe [2016-03-17] (Intel Corporation)
Task: {8D0B8A2D-1E6B-41FF-B5B4-C2AB3F6E7DFD} - System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-05-20] (NVIDIA Corporation)
Task: {91B393C7-4953-4151-9461-F3DA202482F2} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-12-05] (Adobe Systems Incorporated)
Task: {942E8405-68B7-4D5E-AD6F-5633D8CA84EA} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_101_pepper.exe [2018-12-05] (Adobe Systems Incorporated)
Task: {9D5E0399-3410-4592-BF1B-F119A5F7676A} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-05-20] (NVIDIA Corporation)
Task: {A17E23C1-661A-4D16-BBB8-87D671913EEA} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-11-09] (Piriform Ltd)
Task: {A3487094-32CB-4B62-A42A-DA2A6CFF857E} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2661268148-4206100724-2722932501-1001UA => C:\Users\Agustí\AppData\Local\Google\Update\GoogleUpdate.exe [2017-11-30] (Google Inc.)
Task: {A9308F18-D372-434A-B834-35276C767D3F} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-07-03] (Piriform Ltd)
Task: {A9699730-0FA6-4121-81B7-2457B41E5124} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2661268148-4206100724-2722932501-1001Core => C:\Users\Agustí\AppData\Local\Google\Update\GoogleUpdate.exe [2017-11-30] (Google Inc.)
Task: {B1D5BA9B-117B-427C-9FEA-7343FC93A700} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2018-05-20] (NVIDIA Corporation)
Task: {BA3F6818-CD5D-4BD6-8ACD-0D66833694A4} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-08-14] (Adobe Systems Incorporated)
Task: {BB115D81-166A-4CBF-AF08-81F9324C1AAE} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [2018-04-20] (Safer-Networking Ltd.)
Task: {BC545130-0DAF-4B0A-9A1E-A839838A536C} - System32\Tasks\AdobeGCInvoker-1.0-ARGOS-Agustí => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2018-09-10] (Adobe Systems, Incorporated)
Task: {CA12B963-F9F5-42C4-8833-ED27D94352A7} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2018-05-20] (NVIDIA Corporation)
Task: {CFD95700-9229-476D-9987-F1AB9F5DD5D2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-02-15] (Google Inc.)
Task: {E433387F-2DAC-45F1-8AEE-F5340D4FD502} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-05-20] (NVIDIA Corporation)
Task: {ECB14338-2233-488C-8936-8C575DD15068} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2018-04-20] (Safer-Networking Ltd.)
Task: {F353C3F0-19CB-4DAA-9CD7-FA2EA12BB175} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [2015-07-31] (Microsoft Corporation)
Task: {FEE40083-1740-446C-A8D9-491828E3997A} - System32\Tasks\AdobeAAMUpdater-1.0-ARGOS-Agustí => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2016-07-01] (Adobe Systems Incorporated)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

#20

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


ShortcutWithArgument: C:\Users\Agustí\Desktop\Agusti - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Default"
ShortcutWithArgument: C:\Users\Agustí\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\Google Play Música (1).lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory="Profile 2" --app-id=fahmaaghhglfmonjliepjlchgpgfmobi
ShortcutWithArgument: C:\Users\Agustí\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\Google Play Música.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory=Default --app-id=fahmaaghhglfmonjliepjlchgpgfmobi

==================== Loaded Modules (Whitelisted) ==============

2017-03-06 17:09 - 2012-12-06 13:52 - 000136704 _____ () C:\WINDOWS\System32\zlhp2600.dll
2018-06-11 21:54 - 2018-05-20 18:36 - 001315296 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2018-12-05 13:41 - 2018-12-05 14:44 - 002695360 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2018-04-12 00:34 - 2018-04-12 00:34 - 000491744 _____ () C:\Windows\System32\InputHost.dll
2016-10-25 09:57 - 2016-10-25 09:57 - 000491184 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
2018-04-12 00:34 - 2018-04-12 00:34 - 000472064 _____ () C:\Windows\ShellExperiences\TileControl.dll
2018-04-12 00:34 - 2018-04-12 00:34 - 002759168 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll
2018-10-14 19:45 - 2018-10-14 19:45 - 000230064 _____ () C:\Program Files (x86)\Notepad++\NppShell_06.dll
2018-11-14 15:39 - 2018-11-01 07:55 - 002185216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-03-30 18:16 - 2014-03-11 14:15 - 000069632 _____ () C:\Program Files (x86)\GLPCCamera\monitorpad.exe
2018-10-04 19:44 - 2018-10-04 19:44 - 046459080 _____ () C:\Program Files\Google\Drive\googledrivesync.exe
2018-12-09 18:42 - 2018-12-09 18:42 - 000113664 _____ () C:\Users\Agustí\AppData\Local\Temp\_MEI119922\_ctypes.pyd
2018-12-09 18:42 - 2018-12-09 18:42 - 000080896 _____ () C:\Users\Agustí\AppData\Local\Temp\_MEI119922\bz2.pyd
2018-12-09 18:42 - 2018-12-09 18:42 - 001792512 _____ () C:\Users\Agustí\AppData\Local\Temp\_MEI119922\_hashlib.pyd
2018-12-09 18:42 - 2018-12-09 18:42 - 000128512 _____ () C:\Users\Agustí\AppData\Local\Temp\_MEI119922\win32api.pyd
2018-12-09 18:42 - 2018-12-09 18:42 - 000137728 _____ () C:\Users\Agustí\AppData\Local\Temp\_MEI119922\pywintypes27.dll
2018-12-09 18:42 - 2018-12-09 18:42 - 000548864 _____ () C:\Users\Agustí\AppData\Local\Temp\_MEI119922\pythoncom27.dll
2018-12-09 18:42 - 2018-12-09 18:42 - 000689664 _____ () C:\Users\Agustí\AppData\Local\Temp\_MEI119922\unicodedata.pyd
2018-12-09 18:42 - 2018-12-09 18:42 - 000438784 _____ () C:\Users\Agustí\AppData\Local\Temp\_MEI119922\win32com.shell.shell.pyd
2018-12-09 18:42 - 2018-12-09 18:42 - 001489408 _____ () C:\Users\Agustí\AppData\Local\Temp\_MEI119922\wx._core_.pyd
2018-12-09 18:42 - 2018-12-09 18:42 - 001007104 _____ () C:\Users\Agustí\AppData\Local\Temp\_MEI119922\wx._gdi_.pyd
2018-12-09 18:42 - 2018-12-09 18:42 - 001039872 _____ () C:\Users\Agustí\AppData\Local\Temp\_MEI119922\wx._windows_.pyd
2018-12-09 18:42 - 2018-12-09 18:42 - 001325056 _____ () C:\Users\Agustí\AppData\Local\Temp\_MEI119922\wx._controls_.pyd
2018-12-09 18:42 - 2018-12-09 18:42 - 000916992 _____ () C:\Users\Agustí\AppData\Local\Temp\_MEI119922\wx._misc_.pyd
2018-12-09 18:42 - 2018-12-09 18:42 - 001084416 _____ () C:\Users\Agustí\AppData\Local\Temp\_MEI119922\pysqlite2._sqlite.pyd
2018-12-09 18:42 - 2018-12-09 18:42 - 000149504 _____ () C:\Users\Agustí\AppData\Local\Temp\_MEI119922\win32file.pyd
2018-12-09 18:42 - 2018-12-09 18:42 - 000136192 _____ () C:\Users\Agustí\AppData\Local\Temp\_MEI119922\win32security.pyd
2018-12-09 18:42 - 2018-12-09 18:42 - 000007680 _____ () C:\Users\Agustí\AppData\Local\Temp\_MEI119922\hashobjs_ext.pyd
2018-12-09 18:42 - 2018-12-09 18:42 - 000020992 _____ () C:\Users\Agustí\AppData\Local\Temp\_MEI119922\thumbnails_ext.pyd
2018-12-09 18:42 - 2018-12-09 18:42 - 000118784 _____ () C:\Users\Agustí\AppData\Local\Temp\_MEI119922\usb_ext.pyd
2018-12-09 18:42 - 2018-12-09 18:42 - 000047616 _____ () C:\Users\Agustí\AppData\Local\Temp\_MEI119922\_socket.pyd
2018-12-09 18:42 - 2018-12-09 18:42 - 002224640 _____ () C:\Users\Agustí\AppData\Local\Temp\_MEI119922\_ssl.pyd
2018-12-09 18:42 - 2018-12-09 18:42 - 000014848 _____ () C:\Users\Agustí\AppData\Local\Temp\_MEI119922\common.time34.pyd
2018-12-09 18:42 - 2018-12-09 18:42 - 000023040 _____ () C:\Users\Agustí\AppData\Local\Temp\_MEI119922\win32event.pyd
2018-12-09 18:42 - 2018-12-09 18:42 - 000034304 _____ () C:\Users\Agustí\AppData\Local\Temp\_MEI119922\windows.conditional.pyd
2018-12-09 18:42 - 2018-12-09 18:42 - 000020480 _____ () C:\Users\Agustí\AppData\Local\Temp\_MEI119922\windows.winwrap.pyd
2018-12-09 18:42 - 2018-12-09 18:42 - 000110080 _____ () C:\Users\Agustí\AppData\Local\Temp\_MEI119922\windows.volumes.pyd
2018-12-09 18:42 - 2018-12-09 18:42 - 000223232 _____ () C:\Users\Agustí\AppData\Local\Temp\_MEI119922\win32gui.pyd
2018-12-09 18:42 - 2018-12-09 18:42 - 000173568 _____ () C:\Users\Agustí\AppData\Local\Temp\_MEI119922\_elementtree.pyd
2018-12-09 18:42 - 2018-12-09 18:42 - 000169472 _____ () C:\Users\Agustí\AppData\Local\Temp\_MEI119922\pyexpat.pyd
2018-12-09 18:42 - 2018-12-09 18:42 - 000048128 _____ () C:\Users\Agustí\AppData\Local\Temp\_MEI119922\win32inet.pyd
2018-12-09 18:42 - 2018-12-09 18:42 - 000103424 _____ () C:\Users\Agustí\AppData\Local\Temp\_MEI119922\wx._html2.pyd
2018-12-09 18:42 - 2018-12-09 18:42 - 000046080 _____ () C:\Users\Agustí\AppData\Local\Temp\_MEI119922\_psutil_windows.pyd
2018-12-09 18:42 - 2018-12-09 18:42 - 000633272 _____ () C:\Users\Agustí\AppData\Local\Temp\_MEI119922\windows._cacheinvalidation.pyd
2018-12-09 18:42 - 2018-12-09 18:42 - 000011776 _____ () C:\Users\Agustí\AppData\Local\Temp\_MEI119922\win32crypt.pyd
2018-12-09 18:42 - 2018-12-09 18:42 - 000301568 _____ () C:\Users\Agustí\AppData\Local\Temp\_MEI119922\PIL._imaging.pyd
2018-12-09 18:42 - 2018-12-09 18:42 - 000032256 _____ () C:\Users\Agustí\AppData\Local\Temp\_MEI119922\_multiprocessing.pyd
2018-12-09 18:42 - 2018-12-09 18:42 - 005752320 _____ () C:\Users\Agustí\AppData\Local\Temp\_MEI119922\cello.pyd
2018-12-09 18:42 - 2018-12-09 18:42 - 000026112 _____ () C:\Users\Agustí\AppData\Local\Temp\_MEI119922\_yappi.pyd
2018-12-09 18:42 - 2018-12-09 18:42 - 000044032 _____ () C:\Users\Agustí\AppData\Local\Temp\_MEI119922\win32process.pyd
2018-12-09 18:42 - 2018-12-09 18:42 - 000027648 _____ () C:\Users\Agustí\AppData\Local\Temp\_MEI119922\win32pipe.pyd
2018-12-09 18:42 - 2018-12-09 18:42 - 000010752 _____ () C:\Users\Agustí\AppData\Local\Temp\_MEI119922\select.pyd
2018-12-09 18:42 - 2018-12-09 18:42 - 000029696 _____ () C:\Users\Agustí\AppData\Local\Temp\_MEI119922\win32pdh.pyd
2018-12-09 18:42 - 2018-12-09 18:42 - 000038400 _____ () C:\Users\Agustí\AppData\Local\Temp\_MEI119922\windows.connectivity.pyd
2018-12-09 18:42 - 2018-12-09 18:42 - 000073216 _____ () C:\Users\Agustí\AppData\Local\Temp\_MEI119922\windows.device_monitor.pyd
2018-12-09 18:42 - 2018-12-09 18:42 - 000020480 _____ () C:\Users\Agustí\AppData\Local\Temp\_MEI119922\win32profile.pyd
2018-12-09 18:42 - 2018-12-09 18:42 - 000026624 _____ () C:\Users\Agustí\AppData\Local\Temp\_MEI119922\win32ts.pyd
2016-12-16 21:03 - 2017-03-01 21:38 - 000039192 _____ () C:\Program Files\CCleaner\branding.dll
2018-06-24 12:27 - 2018-06-24 12:27 - 000095168 _____ () C:\Program Files\CCleaner\lang\lang-1034.dll
2018-10-29 13:24 - 2018-10-30 19:06 - 001057056 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\SDL2.dll
2018-10-29 13:24 - 2018-09-23 01:00 - 102804768 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libcef.dll
2018-10-29 13:24 - 2018-09-23 01:00 - 004866336 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libglesv2.dll
2018-10-29 13:24 - 2018-09-23 01:00 - 000116000 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libegl.dll
2017-02-17 21:06 - 2013-10-29 14:49 - 000248832 _____ () C:\Program Files (x86)\Drakonia Configurator\hid.exe
2017-02-17 21:06 - 2013-06-26 17:01 - 000240640 _____ () C:\Program Files (x86)\Drakonia Configurator\trayicon.exe
2016-10-25 09:57 - 2016-10-25 09:57 - 031723696 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
2018-11-26 22:40 - 2018-11-16 06:43 - 005020504 _____ () C:\Program Files (x86)\Google\Chrome\Application\70.0.3538.110\libglesv2.dll
2018-11-26 22:40 - 2018-11-16 06:43 - 000116056 _____ () C:\Program Files (x86)\Google\Chrome\Application\70.0.3538.110\libegl.dll
2018-11-14 15:39 - 2018-11-01 07:53 - 002068480 _____ () C:\Windows\ShellExperiences\PeopleCommonControls.dll
2018-04-12 00:34 - 2018-04-12 00:34 - 001465856 _____ () C:\Windows\ShellExperiences\PeopleBarFlyout.dll
2018-07-15 16:52 - 2018-07-15 16:52 - 003037184 _____ () C:\Windows\ShellExperiences\WindowsInternal.People.PeoplePicker.dll
2018-04-12 00:34 - 2018-04-12 00:34 - 000580608 _____ () C:\Windows\ShellExperiences\WindowsInternal.People.Relevance.QueryClient.dll
2018-03-08 20:10 - 2018-03-08 20:10 - 000836968 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 18.0.0\kpcengine.2.3.dll
2018-06-11 21:54 - 2018-05-20 18:36 - 001033184 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2018-01-30 02:55 - 2018-01-30 02:55 - 000217600 _____ () C:\Users\Agustí\AppData\Local\Programs\Google\MusicManager\libid3tag.dll
2018-01-30 02:55 - 2018-01-30 02:55 - 000090112 _____ () C:\Users\Agustí\AppData\Local\Programs\Google\MusicManager\libaacdec.dll
2018-01-30 02:55 - 2018-01-30 02:55 - 000172032 _____ () C:\Users\Agustí\AppData\Local\Programs\Google\MusicManager\libmpgdec.dll
2018-01-30 02:55 - 2018-01-30 02:55 - 000273920 _____ () C:\Users\Agustí\AppData\Local\Programs\Google\MusicManager\libaudioenc.DLL
2018-04-13 19:06 - 2018-10-30 19:06 - 000879904 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2018-04-13 19:06 - 2016-09-01 02:02 - 004969248 _____ () C:\Program Files (x86)\Steam\v8.dll
2018-04-13 19:06 - 2018-11-26 21:29 - 002649376 _____ () C:\Program Files (x86)\Steam\video.dll
2018-04-13 19:06 - 2016-09-01 02:02 - 001195296 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2018-04-13 19:06 - 2016-09-01 02:02 - 001563936 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2018-04-13 19:06 - 2017-12-20 02:43 - 000695584 _____ () C:\Program Files (x86)\Steam\libavformat-57.dll
2018-04-13 19:06 - 2017-12-20 02:43 - 005137696 _____ () C:\Program Files (x86)\Steam\libavcodec-57.dll
2018-04-13 19:06 - 2017-12-20 02:43 - 000847136 _____ () C:\Program Files (x86)\Steam\libavutil-55.dll
2018-04-13 19:06 - 2017-12-20 02:43 - 000783648 _____ () C:\Program Files (x86)\Steam\libswscale-4.dll
2018-04-13 19:06 - 2017-12-20 02:43 - 000351520 _____ () C:\Program Files (x86)\Steam\libavresample-3.dll
2018-04-13 19:06 - 2018-11-26 21:29 - 001028384 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2018-04-13 19:06 - 2016-07-04 23:17 - 000266560 _____ () C:\Program Files (x86)\Steam\openvr_api.dll
2018-12-02 18:59 - 2018-11-28 14:09 - 001141064 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_watchdog.dll
2018-12-02 18:59 - 2018-11-28 14:09 - 002103112 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_crashpad.dll
2018-05-20 19:30 - 2018-11-28 14:11 - 000023376 _____ () C:\Program Files (x86)\Dropbox\Client\tornado.speedups.cp35-win32.pyd
2018-12-02 18:59 - 2018-11-28 14:10 - 000025456 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.cp35-win32.pyd
2018-05-20 19:30 - 2018-11-28 14:08 - 000148968 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_backend.cp35-win32.pyd
2018-12-02 18:59 - 2018-11-28 14:10 - 001878888 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.cp35-win32.pyd
2018-12-02 18:59 - 2018-11-28 14:10 - 000025960 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.cp35-win32.pyd
2018-12-02 18:59 - 2018-11-28 14:09 - 000118232 _____ () C:\Program Files (x86)\Dropbox\Client\pywintypes35.dll
2018-05-20 19:30 - 2018-11-28 14:08 - 000109024 _____ () C:\Program Files (x86)\Dropbox\Client\win32api.cp35-win32.pyd
2018-12-02 18:59 - 2018-11-28 14:10 - 000083784 _____ () C:\Program Files (x86)\Dropbox\Client\fastpath.cp35-win32.pyd
2018-12-02 18:59 - 2018-11-28 14:09 - 000418776 _____ () C:\Program Files (x86)\Dropbox\Client\pythoncom35.dll
2018-12-02 18:59 - 2018-11-28 14:10 - 000074072 _____ () C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.cp35-win32.pyd
2018-05-20 19:30 - 2018-11-28 14:08 - 000027616 _____ () C:\Program Files (x86)\Dropbox\Client\win32event.cp35-win32.pyd
2018-05-20 19:30 - 2018-11-28 14:08 - 000049128 _____ () C:\Program Files (x86)\Dropbox\Client\win32process.cp35-win32.pyd
2018-05-20 19:30 - 2018-11-28 14:08 - 000026600 _____ () C:\Program Files (x86)\Dropbox\Client\win32clipboard.cp35-win32.pyd
2018-05-20 19:30 - 2018-11-28 14:08 - 000131552 _____ () C:\Program Files (x86)\Dropbox\Client\win32file.cp35-win32.pyd
2018-05-20 19:30 - 2018-11-28 14:08 - 000182752 _____ () C:\Program Files (x86)\Dropbox\Client\win32gui.cp35-win32.pyd
2018-05-20 19:30 - 2018-11-28 14:08 - 000027616 _____ () C:\Program Files (x86)\Dropbox\Client\win32pipe.cp35-win32.pyd
2018-05-20 19:30 - 2018-11-28 14:08 - 000119272 _____ () C:\Program Files (x86)\Dropbox\Client\win32security.cp35-win32.pyd
2018-05-20 19:30 - 2018-11-28 14:11 - 000401752 _____ () C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.cp35-win32.pyd
2018-05-20 19:30 - 2018-11-28 14:08 - 000028640 _____ () C:\Program Files (x86)\Dropbox\Client\win32job.cp35-win32.pyd
2018-05-20 19:30 - 2018-11-28 14:11 - 000034664 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.kernel32.compiled._winffi_kernel32.cp35-win32.pyd
2018-05-20 19:30 - 2018-11-28 14:11 - 000062304 _____ () C:\Program Files (x86)\Dropbox\Client\winshell.compiled._winshell.cp35-win32.pyd
2018-12-02 18:59 - 2018-11-28 14:08 - 000023520 _____ () C:\Program Files (x86)\Dropbox\Client\mmapfile.cp35-win32.pyd
2018-05-20 19:30 - 2018-11-28 14:08 - 000053736 _____ () C:\Program Files (x86)\Dropbox\Client\win32service.cp35-win32.pyd
2018-05-20 19:30 - 2018-11-28 14:08 - 000065504 _____ () C:\Program Files (x86)\Dropbox\Client\win32evtlog.cp35-win32.pyd
2018-12-02 18:59 - 2018-11-28 14:10 - 000025944 _____ () C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.cp35-win32.pyd
2018-05-20 19:30 - 2018-11-28 14:11 - 000068968 _____ () C:\Program Files (x86)\Dropbox\Client\winenumhandles.compiled._WinEnumHandles.cp35-win32.pyd
2018-05-20 19:30 - 2018-11-28 14:11 - 000028520 _____ () C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.cp35-win32.pyd
2018-12-02 18:59 - 2018-11-28 14:10 - 000027488 _____ () C:\Program Files (x86)\Dropbox\Client\crashpad.compiled._Crashpad.cp35-win32.pyd
2018-05-20 19:30 - 2018-11-28 14:08 - 000032224 _____ () C:\Program Files (x86)\Dropbox\Client\win32ts.cp35-win32.pyd
2018-12-02 18:59 - 2018-11-28 14:10 - 000156504 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineWidgets.cp35-win32.pyd
2018-05-20 19:30 - 2018-11-28 14:11 - 000092488 _____ () C:\Program Files (x86)\Dropbox\Client\sip.cp35-win32.pyd
2018-12-02 18:59 - 2018-11-28 14:10 - 001778000 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.cp35-win32.pyd
2018-12-02 18:59 - 2018-11-28 14:10 - 000518992 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.cp35-win32.pyd
2018-12-02 18:59 - 2018-11-28 14:10 - 000052056 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineCore.cp35-win32.pyd
2018-12-02 18:59 - 2018-11-28 14:10 - 001929552 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.cp35-win32.pyd
2018-12-02 18:59 - 2018-11-28 14:10 - 003821392 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.cp35-win32.pyd
2018-12-02 18:59 - 2018-11-28 14:10 - 000044888 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebChannel.cp35-win32.pyd
2018-12-02 18:59 - 2018-11-28 14:10 - 000132944 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.cp35-win32.pyd
2018-12-02 18:59 - 2018-11-28 14:10 - 000218456 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.cp35-win32.pyd
2018-12-02 18:59 - 2018-11-28 14:10 - 000205656 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.cp35-win32.pyd
2018-05-20 19:30 - 2018-11-28 14:08 - 000061408 _____ () C:\Program Files (x86)\Dropbox\Client\win32print.cp35-win32.pyd
2018-05-20 19:30 - 2018-11-28 14:11 - 000051552 _____ () C:\Program Files (x86)\Dropbox\Client\winrpcserver.compiled._RPCServer.cp35-win32.pyd
2018-05-20 19:30 - 2018-11-28 14:08 - 000027624 _____ () C:\Program Files (x86)\Dropbox\Client\win32profile.cp35-win32.pyd
2018-08-01 18:27 - 2018-11-28 14:11 - 000033632 _____ () C:\Program Files (x86)\Dropbox\Client\winreindex.compiled._winreindex.cp35-win32.pyd
2018-05-20 19:30 - 2018-11-28 14:11 - 000028008 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.user32.compiled._winffi_user32.cp35-win32.pyd
2018-05-20 19:30 - 2018-11-28 14:11 - 000025960 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.iphlpapi.compiled._winffi_iphlpapi.cp35-win32.pyd
2018-05-20 19:30 - 2018-11-28 14:11 - 000025448 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winerror.compiled._winffi_winerror.cp35-win32.pyd
2018-05-20 19:30 - 2018-11-28 14:11 - 000025960 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.wininet.compiled._winffi_wininet.cp35-win32.pyd
2018-12-02 18:59 - 2018-11-28 14:10 - 000031600 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.cp35-win32.pyd
2018-05-20 19:30 - 2018-11-28 14:08 - 000486880 _____ () C:\Program Files (x86)\Dropbox\Client\winxpgui.cp35-win32.pyd
2018-12-02 18:59 - 2018-11-28 14:10 - 000102736 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWinExtras.cp35-win32.pyd
2018-05-20 19:30 - 2018-11-28 14:11 - 000029040 _____ () C:\Program Files (x86)\Dropbox\Client\winverifysignature.compiled._VerifySignature.cp35-win32.pyd
2018-12-02 18:59 - 2018-11-28 14:10 - 011410256 _____ () C:\Program Files (x86)\Dropbox\Client\nucleus_python.cp35-win32.pyd
2018-12-02 18:59 - 2018-11-28 14:10 - 000029024 _____ () C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.cp35-win32.pyd
2018-12-02 18:59 - 2018-11-28 14:09 - 000036312 _____ () C:\Program Files (x86)\Dropbox\Client\librsync.dll
2018-12-02 18:59 - 2018-11-28 14:10 - 000036712 _____ () C:\Program Files (x86)\Dropbox\Client\enterprise_data.compiled._enterprise_data.cp35-win32.pyd
2018-12-02 18:59 - 2018-11-28 14:10 - 000272208 _____ () C:\Program Files (x86)\Dropbox\Client\EnterpriseDataAdapter.dll
2018-05-20 19:30 - 2018-11-28 14:11 - 000025960 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.advapi32.compiled._winffi_advapi32.cp35-win32.pyd
2018-12-02 18:59 - 2018-11-28 14:10 - 000433992 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.DLL
2018-05-20 19:30 - 2018-11-28 14:11 - 000035680 _____ () C:\Program Files (x86)\Dropbox\Client\wind3d11.compiled._wind3d11.cp35-win32.pyd
2018-12-02 18:59 - 2018-11-28 14:10 - 000025920 _____ () C:\Program Files (x86)\Dropbox\Client\libEGL.DLL
2018-12-02 18:59 - 2018-11-28 14:10 - 001592128 _____ () C:\Program Files (x86)\Dropbox\Client\libGLESv2.dll
2018-05-20 19:30 - 2018-11-28 14:11 - 000095592 _____ () C:\Program Files (x86)\Dropbox\Client\windisplaytoast.compiled._DisplayToast.cp35-win32.pyd
2018-05-20 19:30 - 2018-11-28 14:11 - 000025960 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.shcore.compiled._winffi_shcore.cp35-win32.pyd
2018-10-29 13:25 - 2018-11-28 14:11 - 000029544 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.shell32.compiled._winffi_shell32.cp35-win32.pyd
2018-10-29 13:25 - 2018-11-28 14:11 - 000025448 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.gdi32.compiled._winffi_gdi32.cp35-win32.pyd
2018-05-20 19:30 - 2018-11-28 14:11 - 000029544 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winhttp.compiled._winffi_winhttp.cp35-win32.pyd
2018-12-02 18:59 - 2018-11-28 14:10 - 000530768 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQuick.cp35-win32.pyd
2018-12-02 18:59 - 2018-11-28 14:10 - 000348496 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQml.cp35-win32.pyd
2018-12-02 18:59 - 2018-11-28 14:10 - 000037200 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngine.cp35-win32.pyd
2017-02-17 21:06 - 2013-01-15 17:06 - 000061952 _____ () C:\Program Files (x86)\Drakonia Configurator\HidDevice.dll
2016-10-25 10:51 - 2016-10-25 10:51 - 040523456 _____ () C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\CEF\libcef.dll
2012-09-23 20:44 - 2012-09-23 20:44 - 000010240 _____ () C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\locale\es_es\acrotray.esp
2018-05-09 12:45 - 2018-05-09 12:45 - 000696296 _____ () C:\Program Files (x86)\Sony\PlayMemories Home\XMPCore.dll
2018-05-09 12:45 - 2018-05-09 12:45 - 000748008 _____ () C:\Program Files (x86)\Sony\PlayMemories Home\XMPFiles.dll
2016-10-12 01:08 - 2016-10-12 01:08 - 000118272 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\fs-ext\build\Release\fs-ext.node
2016-10-12 01:08 - 2016-10-12 01:08 - 000223232 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\node-vulcanjs\build\Release\VulcanJS.node
2016-10-12 01:08 - 2016-10-12 01:08 - 000117248 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\ref\build\Release\binding.node
2016-10-12 01:08 - 2016-10-12 01:08 - 000124928 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\ffi\build\Release\ffi_bindings.node
2016-10-25 10:49 - 2016-10-25 10:49 - 000098496 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\node-ProxyResolver\build\Release\ProxyResolverWin.dll
2016-10-12 01:08 - 2016-10-12 01:08 - 000166400 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\idle-gc\build\Release\idle-gc.node

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\Agustí\Documents\img013.jpg:com.dropbox.attributes [168]
AlternateDataStreams: C:\ProgramData\TEMP:02B2B479 [125]

#21
==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mbamchameleon => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mbamchameleon => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

HKLM\...\.scr: EAGLESCR => "C:\EAGLE 8.1.0\eagle.exe" "%1" <==== ATTENTION

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com

There are 7941 more sites.

IE restricted site: HKU\S-1-5-21-2661268148-4206100724-2722932501-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12092018184304725\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-2661268148-4206100724-2722932501-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12092018184304725\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-2661268148-4206100724-2722932501-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12092018184304725\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-2661268148-4206100724-2722932501-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12092018184304725\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-2661268148-4206100724-2722932501-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12092018184304725\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-2661268148-4206100724-2722932501-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12092018184304725\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-2661268148-4206100724-2722932501-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12092018184304725\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-2661268148-4206100724-2722932501-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12092018184304725\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-2661268148-4206100724-2722932501-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12092018184304725\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-2661268148-4206100724-2722932501-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12092018184304725\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-2661268148-4206100724-2722932501-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12092018184304725\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-2661268148-4206100724-2722932501-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12092018184304725\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-2661268148-4206100724-2722932501-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12092018184304725\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-2661268148-4206100724-2722932501-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12092018184304725\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-2661268148-4206100724-2722932501-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12092018184304725\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-2661268148-4206100724-2722932501-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12092018184304725\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-2661268148-4206100724-2722932501-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12092018184304725\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-2661268148-4206100724-2722932501-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12092018184304725\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-2661268148-4206100724-2722932501-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12092018184304725\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-2661268148-4206100724-2722932501-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12092018184304725\...\123simsen.com -> www.123simsen.com

There are 7941 more sites.

IE restricted site: HKU\S-1-5-21-2661268148-4206100724-2722932501-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12092018184308955\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-2661268148-4206100724-2722932501-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12092018184308955\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-2661268148-4206100724-2722932501-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12092018184308955\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-2661268148-4206100724-2722932501-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12092018184308955\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-2661268148-4206100724-2722932501-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12092018184308955\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-2661268148-4206100724-2722932501-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12092018184308955\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-2661268148-4206100724-2722932501-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12092018184308955\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-2661268148-4206100724-2722932501-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12092018184308955\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-2661268148-4206100724-2722932501-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12092018184308955\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-2661268148-4206100724-2722932501-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12092018184308955\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-2661268148-4206100724-2722932501-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12092018184308955\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-2661268148-4206100724-2722932501-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12092018184308955\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-2661268148-4206100724-2722932501-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12092018184308955\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-2661268148-4206100724-2722932501-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12092018184308955\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-2661268148-4206100724-2722932501-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12092018184308955\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-2661268148-4206100724-2722932501-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12092018184308955\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-2661268148-4206100724-2722932501-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12092018184308955\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-2661268148-4206100724-2722932501-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12092018184308955\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-2661268148-4206100724-2722932501-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12092018184308955\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-2661268148-4206100724-2722932501-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12092018184308955\...\123simsen.com -> www.123simsen.com

There are 7941 more sites.

IE restricted site: HKU\S-1-5-21-2661268148-4206100724-2722932501-1001\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-2661268148-4206100724-2722932501-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-2661268148-4206100724-2722932501-1001\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-2661268148-4206100724-2722932501-1001\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-2661268148-4206100724-2722932501-1001\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-2661268148-4206100724-2722932501-1001\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-2661268148-4206100724-2722932501-1001\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-2661268148-4206100724-2722932501-1001\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-2661268148-4206100724-2722932501-1001\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-2661268148-4206100724-2722932501-1001\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-2661268148-4206100724-2722932501-1001\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-2661268148-4206100724-2722932501-1001\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-2661268148-4206100724-2722932501-1001\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-2661268148-4206100724-2722932501-1001\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-2661268148-4206100724-2722932501-1001\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-2661268148-4206100724-2722932501-1001\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-2661268148-4206100724-2722932501-1001\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-2661268148-4206100724-2722932501-1001\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-2661268148-4206100724-2722932501-1001\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-2661268148-4206100724-2722932501-1001\...\123simsen.com -> www.123simsen.com

There are 7941 more sites.

IE restricted site: HKU\S-1-5-21-2661268148-4206100724-2722932501-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12092018184304790\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-2661268148-4206100724-2722932501-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12092018184304790\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-2661268148-4206100724-2722932501-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12092018184304790\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-2661268148-4206100724-2722932501-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12092018184304790\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-2661268148-4206100724-2722932501-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12092018184304790\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-2661268148-4206100724-2722932501-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12092018184304790\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-2661268148-4206100724-2722932501-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12092018184304790\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-2661268148-4206100724-2722932501-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12092018184304790\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-2661268148-4206100724-2722932501-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12092018184304790\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-2661268148-4206100724-2722932501-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12092018184304790\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-2661268148-4206100724-2722932501-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12092018184304790\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-2661268148-4206100724-2722932501-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12092018184304790\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-2661268148-4206100724-2722932501-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12092018184304790\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-2661268148-4206100724-2722932501-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12092018184304790\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-2661268148-4206100724-2722932501-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12092018184304790\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-2661268148-4206100724-2722932501-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12092018184304790\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-2661268148-4206100724-2722932501-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12092018184304790\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-2661268148-4206100724-2722932501-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12092018184304790\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-2661268148-4206100724-2722932501-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12092018184304790\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-2661268148-4206100724-2722932501-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12092018184304790\...\123simsen.com -> www.123simsen.com

There are 7941 more sites.

IE restricted site: HKU\S-1-5-21-2661268148-4206100724-2722932501-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12092018184309017\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-2661268148-4206100724-2722932501-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12092018184309017\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-2661268148-4206100724-2722932501-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12092018184309017\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-2661268148-4206100724-2722932501-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12092018184309017\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-2661268148-4206100724-2722932501-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12092018184309017\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-2661268148-4206100724-2722932501-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12092018184309017\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-2661268148-4206100724-2722932501-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12092018184309017\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-2661268148-4206100724-2722932501-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12092018184309017\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-2661268148-4206100724-2722932501-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12092018184309017\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-2661268148-4206100724-2722932501-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12092018184309017\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-2661268148-4206100724-2722932501-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12092018184309017\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-2661268148-4206100724-2722932501-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12092018184309017\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-2661268148-4206100724-2722932501-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12092018184309017\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-2661268148-4206100724-2722932501-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12092018184309017\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-2661268148-4206100724-2722932501-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12092018184309017\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-2661268148-4206100724-2722932501-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12092018184309017\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-2661268148-4206100724-2722932501-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12092018184309017\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-2661268148-4206100724-2722932501-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12092018184309017\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-2661268148-4206100724-2722932501-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12092018184309017\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-2661268148-4206100724-2722932501-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12092018184309017\...\123simsen.com -> www.123simsen.com

There are 7941 more sites.


==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2017-02-23 17:23 - 2018-12-04 21:18 - 000456624 ____R C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1	192.150.14.69
127.0.0.1	192.150.18.101
127.0.0.1	192.150.18.108
127.0.0.1	192.150.22.40
127.0.0.1	192.150.8.100
127.0.0.1	192.150.8.118
127.0.0.1	209-34-83-73.ood.opsource.net
127.0.0.1	3dns-1.adobe.com
127.0.0.1	3dns-2.adobe.com
127.0.0.1	3dns-2.adobe.com
127.0.0.1	3dns-3.adobe.com
127.0.0.1	3dns-3.adobe.com
127.0.0.1	3dns-4.adobe.com
127.0.0.1	3dns.adobe.com
127.0.0.1	activate-sea.adobe.com
127.0.0.1	activate-sjc0.adobe.com
127.0.0.1	activate.adobe.com
127.0.0.1	activate.wip.adobe.com
127.0.0.1	activate.wip1.adobe.com
127.0.0.1	activate.wip2.adobe.com
127.0.0.1	activate.wip3.adobe.com
127.0.0.1	activate.wip3.adobe.com
127.0.0.1	activate.wip4.adobe.com
127.0.0.1	adobe-dns-1.adobe.com
127.0.0.1	adobe-dns-2.adobe.com
127.0.0.1	adobe-dns-3.adobe.com
127.0.0.1	adobe-dns-4.adobe.com
127.0.0.1	adobe-dns.adobe.com
127.0.0.1	adobe.activate.com
127.0.0.1	adobe.tt.omtrdc.net

There are 15668 more lines.


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12092018184304670\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12092018184308924\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12092018184304704\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12092018184308939\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-21-2661268148-4206100724-2722932501-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12092018184304725\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-21-2661268148-4206100724-2722932501-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12092018184308955\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-21-2661268148-4206100724-2722932501-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img13.jpg
HKU\S-1-5-21-2661268148-4206100724-2722932501-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12092018184304790\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img13.jpg
HKU\S-1-5-21-2661268148-4206100724-2722932501-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12092018184309017\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img13.jpg
DNS Servers: 80.58.61.250 - 80.58.61.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

#22

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{E6E57425-0EF9-46F2-BCF3-95740306CB35}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{3DD1BB10-3568-41DB-AED0-BA684047283D}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{3E67843F-072D-407F-B599-1C2279E1391D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{C92155E8-4C72-4C12-BCA8-D4BD3249D1C0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{01B1469A-79AB-4A4A-92AD-AE12F6E68F4E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{422A2918-4FA5-46FD-A875-F1595C0E202E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{55F4C053-EBC3-4EB6-B093-425A3585C365}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{AB91CCB8-B337-4D04-877E-87DB10A9A90F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{BAC9905B-9389-4802-9383-9313FA4D0995}] => (Allow) D:\SteamLibrary\steamapps\common\Crazy Taxi\AppLauncher.exe
FirewallRules: [{EAF69D85-A3AC-4328-9416-90C756AB8D39}] => (Allow) D:\SteamLibrary\steamapps\common\Crazy Taxi\AppLauncher.exe
FirewallRules: [{2FA0456C-C727-417A-92CD-E417B6391496}] => (Allow) D:\SteamLibrary\steamapps\common\ShadowOfMordor\x64\ShadowOfMordor.exe
FirewallRules: [{1B90163B-8D89-4AEC-964F-BC3B86F5D972}] => (Allow) D:\SteamLibrary\steamapps\common\ShadowOfMordor\x64\ShadowOfMordor.exe
FirewallRules: [{F1181004-4033-4A0B-BA68-0DFE1E2EBA2B}] => (Allow) D:\SteamLibrary\steamapps\common\Indiana Jones and the Last Crusade\Indiana Jones and the Last Crusade.exe
FirewallRules: [{BD047E7D-6F48-4624-B32D-70DFB962822C}] => (Allow) D:\SteamLibrary\steamapps\common\Indiana Jones and the Last Crusade\Indiana Jones and the Last Crusade.exe
FirewallRules: [{390AB7A4-6DE2-47CD-B80C-7A39D8693D1B}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{81099DB0-7B6C-4B1D-B197-D32DB94B10C6}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [UDP Query User{14A8F601-DDA6-434E-BF12-434E0C110E8A}C:\program files\qbittorrent\qbittorrent.exe] => (Allow) C:\program files\qbittorrent\qbittorrent.exe
FirewallRules: [TCP Query User{825DA399-A1B0-49FD-9EDB-09AE85ABB91D}C:\program files\qbittorrent\qbittorrent.exe] => (Allow) C:\program files\qbittorrent\qbittorrent.exe
FirewallRules: [UDP Query User{EDE5F54A-9EE9-4B20-A810-6FA8A87291BE}C:\program files\karbowanec\karbowanec.exe] => (Allow) C:\program files\karbowanec\karbowanec.exe
FirewallRules: [TCP Query User{6F89BB74-B122-4424-BB67-2553F09C9A2E}C:\program files\karbowanec\karbowanec.exe] => (Allow) C:\program files\karbowanec\karbowanec.exe
FirewallRules: [UDP Query User{2DADDBCD-0634-4AFB-B02F-D4E78F3D3707}C:\users\agustí\appdata\roaming\expanse wallet\binaries\gexp\unpacked\gexp.exe] => (Allow) C:\users\agustí\appdata\roaming\expanse wallet\binaries\gexp\unpacked\gexp.exe
FirewallRules: [TCP Query User{E0B3F49A-017F-4E7B-8E33-AAF40E06F27E}C:\users\agustí\appdata\roaming\expanse wallet\binaries\gexp\unpacked\gexp.exe] => (Allow) C:\users\agustí\appdata\roaming\expanse wallet\binaries\gexp\unpacked\gexp.exe
FirewallRules: [UDP Query User{55A9948F-108B-41DA-ABCA-15014C9B8F59}C:\users\agustí\desktop\catcoin_0.9.3.0_win\catcoin-qt.exe] => (Allow) C:\users\agustí\desktop\catcoin_0.9.3.0_win\catcoin-qt.exe
FirewallRules: [TCP Query User{366E5A22-F9D4-457C-85A5-88BB68F0BA61}C:\users\agustí\desktop\catcoin_0.9.3.0_win\catcoin-qt.exe] => (Allow) C:\users\agustí\desktop\catcoin_0.9.3.0_win\catcoin-qt.exe
FirewallRules: [UDP Query User{1F05CAF6-B1A7-4B09-B86E-2FB9E3B01146}C:\program files\sumokoin gui wallet\resources\bin\sumokoind.exe] => (Allow) C:\program files\sumokoin gui wallet\resources\bin\sumokoind.exe
FirewallRules: [TCP Query User{5DD3EF44-A235-4879-AE2B-362C1048E30D}C:\program files\sumokoin gui wallet\resources\bin\sumokoind.exe] => (Allow) C:\program files\sumokoin gui wallet\resources\bin\sumokoind.exe
FirewallRules: [UDP Query User{62291830-7EBC-4F12-B103-2B1AE1E62521}C:\users\agustí\desktop\yenten_win64_1.3.1\yenten-qt.exe] => (Allow) C:\users\agustí\desktop\yenten_win64_1.3.1\yenten-qt.exe
FirewallRules: [TCP Query User{35F84CDB-1052-4289-8BA5-2964CA0A41F2}C:\users\agustí\desktop\yenten_win64_1.3.1\yenten-qt.exe] => (Allow) C:\users\agustí\desktop\yenten_win64_1.3.1\yenten-qt.exe
FirewallRules: [UDP Query User{B63597CE-1E26-4191-A1B1-56DEFC58A8CB}C:\users\agustí\appdata\local\programs\decrediton\resources\bin\dcrd.exe] => (Allow) C:\users\agustí\appdata\local\programs\decrediton\resources\bin\dcrd.exe
FirewallRules: [TCP Query User{C29B037B-E70E-46AD-91DA-5ED3E5FF5591}C:\users\agustí\appdata\local\programs\decrediton\resources\bin\dcrd.exe] => (Allow) C:\users\agustí\appdata\local\programs\decrediton\resources\bin\dcrd.exe
FirewallRules: [UDP Query User{025F470A-ED9A-4D07-B532-CB69D331D93C}C:\users\agustí\appdata\roaming\fusion\binaries\geth\unpacked\gubiq.exe] => (Allow) C:\users\agustí\appdata\roaming\fusion\binaries\geth\unpacked\gubiq.exe
FirewallRules: [TCP Query User{91D4A179-DBBD-4105-B6EC-E99B530E0ACD}C:\users\agustí\appdata\roaming\fusion\binaries\geth\unpacked\gubiq.exe] => (Allow) C:\users\agustí\appdata\roaming\fusion\binaries\geth\unpacked\gubiq.exe
FirewallRules: [UDP Query User{ABD04497-7E24-42E6-BEF8-DBF9030C70D3}C:\users\agustí\desktop\monero-gui-v0.11.1.0\monero-wallet-gui.exe] => (Allow) C:\users\agustí\desktop\monero-gui-v0.11.1.0\monero-wallet-gui.exe
FirewallRules: [TCP Query User{1A204E3C-C831-4034-BD17-C738CF488350}C:\users\agustí\desktop\monero-gui-v0.11.1.0\monero-wallet-gui.exe] => (Allow) C:\users\agustí\desktop\monero-gui-v0.11.1.0\monero-wallet-gui.exe
FirewallRules: [UDP Query User{B68AAB18-F03C-4A9D-9AC9-2E77D7F3E41E}C:\users\agustí\desktop\monero-gui-v0.11.1.0\monerod.exe] => (Allow) C:\users\agustí\desktop\monero-gui-v0.11.1.0\monerod.exe
FirewallRules: [TCP Query User{148348A4-A93F-4221-BFD8-0001D36F5CED}C:\users\agustí\desktop\monero-gui-v0.11.1.0\monerod.exe] => (Allow) C:\users\agustí\desktop\monero-gui-v0.11.1.0\monerod.exe
FirewallRules: [{48556AFA-09FC-4078-ABAB-E202FE359C26}] => (Allow) D:\Ubisoft Game Launcher\games\Assassin's Creed IV Black Flag\AC4BFMP.exe
FirewallRules: [{77197B86-F731-42EC-AD1D-896D127B0C26}] => (Allow) D:\Ubisoft Game Launcher\games\Assassin's Creed IV Black Flag\AC4BFMP.exe
FirewallRules: [{81334512-83C0-4819-ACC2-F7D959C7B19A}] => (Allow) D:\Ubisoft Game Launcher\games\Assassin's Creed IV Black Flag\AC4BFSP.exe
FirewallRules: [{440A9B31-0E9A-4CE0-B496-3A0623412A04}] => (Allow) D:\Ubisoft Game Launcher\games\Assassin's Creed IV Black Flag\AC4BFSP.exe
FirewallRules: [{ECF832BB-CBB8-4EA6-A224-D39407C0BDF7}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe
FirewallRules: [{66C00D10-B60B-4720-B87D-98A0F30D3AEF}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe
FirewallRules: [{8CEF1EE9-D868-46AD-99DE-910308AC00F4}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe
FirewallRules: [{1267DFB7-5401-47E9-A94B-D3F851656B15}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe
FirewallRules: [{BEE6919A-1597-4B02-B825-DDCA83F10630}] => (Allow) D:\Ubisoft Game Launcher\games\Assassin's Creed Chronicles China\Binaries\Win32\ACCGame-Win32-Shipping.exe
FirewallRules: [{E1924538-62BE-4A78-BF24-C8E035CD78DE}] => (Allow) D:\Ubisoft Game Launcher\games\Assassin's Creed Chronicles China\Binaries\Win32\ACCGame-Win32-Shipping.exe
FirewallRules: [{2E0C5083-054D-4B02-A6D7-884F51E0641F}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{9B0CFF0B-3E9E-4BA2-A2AF-A6E9BB9C3C37}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{08763EFC-5882-490B-87F7-E11796590BF1}] => (Allow) D:\Ubisoft Game Launcher\games\Assassin's Creed Rogue\ACC.exe
FirewallRules: [{992DB4AB-430F-48E7-AA30-3008544CCC6D}] => (Allow) D:\Ubisoft Game Launcher\games\Assassin's Creed Rogue\ACC.exe
FirewallRules: [{CBD5CC76-03CD-498C-8817-B26FEB867532}] => (Allow) D:\Ubisoft Game Launcher\games\Assassin's Creed Unity\ACU.exe
FirewallRules: [{7D67C883-5293-4E76-9575-39DD455E4CFE}] => (Allow) D:\Ubisoft Game Launcher\games\Assassin's Creed Unity\ACU.exe
FirewallRules: [{FCD44C60-2E71-4DDE-8FBC-072231A830C5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{1D10250B-7A3A-43B0-BE56-E1B27B545F03}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{B3845120-D729-4EC0-8D82-F89EF3135BC8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{BDCA69AD-055F-40DD-A64F-8D2FF0F67560}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{F566BE57-BAAB-4B95-829E-0EC6DADD50A1}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{29128304-2A7D-44BF-BEBE-999BE11A9B23}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{719B89EB-BB1A-4EA9-8FCA-6D07EFD12E6A}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe
FirewallRules: [{E278D5A6-AE94-4B42-B203-967825540A02}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe
FirewallRules: [{A8ABAB71-CD7D-4B39-B4A8-278907499F34}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
FirewallRules: [{84781E13-C277-4C21-B2D3-8EA4FF3BB1BC}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
FirewallRules: [{DF8E0E60-9CB8-40E9-BE84-89911E4FBF93}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{E1D9B562-C089-47BB-8614-A8D3013D1A91}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service

==================== Restore Points =========================

02-12-2018 19:09:37 Punto de control programado
07-12-2018 11:36:37 Windows Update

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (12/09/2018 06:48:36 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Error al generar el contexto de activación para "E:\Descargas\esetsmartinstaller_esn.exe". Error en el archivo de manifiesto o directiva "" en la línea .
Una versión de componente requerida por la aplicación está en conflicto con la versión de otro componente activo.
Los componentes en conflicto son:.
Componente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.407_none_fb449d63306391e9.manifest.
Componente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.407_none_42f1d43a44dfbaef.manifest.

Error: (12/09/2018 06:44:45 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (12/07/2018 11:37:56 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Error al generar el contexto de activación para "E:\Descargas\esetsmartinstaller_esn.exe". Error en el archivo de manifiesto o directiva "" en la línea .
Una versión de componente requerida por la aplicación está en conflicto con la versión de otro componente activo.
Los componentes en conflicto son:.
Componente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.407_none_fb449d63306391e9.manifest.
Componente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.407_none_42f1d43a44dfbaef.manifest.

Error: (12/07/2018 11:36:45 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (12/07/2018 12:27:48 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Error al generar el contexto de activación para "E:\Descargas\esetsmartinstaller_esn.exe". Error en el archivo de manifiesto o directiva "" en la línea .
Una versión de componente requerida por la aplicación está en conflicto con la versión de otro componente activo.
Los componentes en conflicto son:.
Componente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.407_none_fb449d63306391e9.manifest.
Componente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.407_none_42f1d43a44dfbaef.manifest.

Error: (12/07/2018 12:27:44 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Error al generar el contexto de activación para "E:\Descargas\esetsmartinstaller_esn.exe". Error en el archivo de manifiesto o directiva "" en la línea .
Una versión de componente requerida por la aplicación está en conflicto con la versión de otro componente activo.
Los componentes en conflicto son:.
Componente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.407_none_fb449d63306391e9.manifest.
Componente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.407_none_42f1d43a44dfbaef.manifest.

Error: (12/07/2018 12:15:54 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Error del Servicio de instantáneas de volumen: error inesperado al llamar a la rutina QueryFullProcessImageNameW. HR = 0x8007001f, Uno de los dispositivos conectados al sistema no funciona.
.


Operación:
   Ejecutando operación asincrónica

Contexto:
   Estado actual: DoSnapshotSet

Error: (12/07/2018 12:15:09 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Error del Servicio de instantáneas de volumen: error inesperado al llamar a la rutina QueryFullProcessImageNameW. HR = 0x8007001f, Uno de los dispositivos conectados al sistema no funciona.
.


Operación:
   Ejecutando operación asincrónica

Contexto:
   Estado actual: DoSnapshotSet


System errors:
=============
Error: (12/09/2018 06:46:23 PM) (Source: DCOM) (EventID: 10016) (User: ARGOS)
Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 y APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 al usuario ARGOS\Agustí con SID (S-1-5-21-2661268148-4206100724-2722932501-1001) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.

Error: (12/09/2018 06:42:22 PM) (Source: DCOM) (EventID: 10016) (User: ARGOS)
Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 y APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 al usuario ARGOS\Agustí con SID (S-1-5-21-2661268148-4206100724-2722932501-1001) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.

Error: (12/09/2018 06:42:07 PM) (Source: DCOM) (EventID: 10010) (User: ARGOS)
Description: El servidor {D63B10C5-BB46-4990-A94F-E40B9D520160} no se registró con DCOM dentro del tiempo de espera requerido.

Error: (12/07/2018 12:36:06 PM) (Source: DCOM) (EventID: 10016) (User: ARGOS)
Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 y APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 al usuario ARGOS\Agustí con SID (S-1-5-21-2661268148-4206100724-2722932501-1001) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.

Error: (12/07/2018 12:33:37 PM) (Source: DCOM) (EventID: 10010) (User: ARGOS)
Description: El servidor {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} no se registró con DCOM dentro del tiempo de espera requerido.

Error: (12/07/2018 12:16:22 PM) (Source: DCOM) (EventID: 10016) (User: ARGOS)
Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 y APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 al usuario ARGOS\Agustí con SID (S-1-5-21-2661268148-4206100724-2722932501-1001) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.

Error: (12/07/2018 12:07:27 PM) (Source: DCOM) (EventID: 10016) (User: ARGOS)
Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 y APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 al usuario ARGOS\Agustí con SID (S-1-5-21-2661268148-4206100724-2722932501-1001) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.

Error: (12/07/2018 12:07:22 PM) (Source: DCOM) (EventID: 10016) (User: ARGOS)
Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 y APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 al usuario ARGOS\Agustí con SID (S-1-5-21-2661268148-4206100724-2722932501-1001) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.


Windows Defender:
===================================
Date: 2018-12-07 12:35:31.342
Description: 
Antivirus de Windows Defender encontró un error al intentar actualizar las firmas.
Nueva versión de firma: 
Versión de firma anterior: 1.267.1212.0
Origen de actualización: Centro de protección contra malware de Microsoft
Tipo de firma: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\Servicio de red
Versión de motor actual: 
Versión de motor anterior: 1.1.14800.3
Código de error: 0x80072ee7
Descripción del error: No se pudo resolver el nombre de servidor o su dirección 

Date: 2018-12-07 12:35:31.342
Description: 
Antivirus de Windows Defender encontró un error al intentar actualizar las firmas.
Nueva versión de firma: 
Versión de firma anterior: 1.267.1212.0
Origen de actualización: Centro de protección contra malware de Microsoft
Tipo de firma: AntiSpyware
Tipo de actualización: Completa
Usuario: NT AUTHORITY\Servicio de red
Versión de motor actual: 
Versión de motor anterior: 1.1.14800.3
Código de error: 0x80072ee7
Descripción del error: No se pudo resolver el nombre de servidor o su dirección 

Date: 2018-12-07 12:35:31.342
Description: 
Antivirus de Windows Defender encontró un error al intentar actualizar las firmas.
Nueva versión de firma: 
Versión de firma anterior: 1.267.1212.0
Origen de actualización: Centro de protección contra malware de Microsoft
Tipo de firma: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\Servicio de red
Versión de motor actual: 
Versión de motor anterior: 1.1.14800.3
Código de error: 0x80072ee7
Descripción del error: No se pudo resolver el nombre de servidor o su dirección 

Date: 2018-12-07 12:35:31.333
Description: 
Antivirus de Windows Defender encontró un error al intentar actualizar las firmas.
Nueva versión de firma: 
Versión de firma anterior: 1.267.1212.0
Origen de actualización: Centro de protección contra malware de Microsoft
Tipo de firma: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\Servicio de red
Versión de motor actual: 
Versión de motor anterior: 1.1.14800.3
Código de error: 0x80072ee7
Descripción del error: No se pudo resolver el nombre de servidor o su dirección 

Date: 2018-12-07 12:35:31.333
Description: 
Antivirus de Windows Defender encontró un error al intentar actualizar las firmas.
Nueva versión de firma: 
Versión de firma anterior: 1.267.1212.0
Origen de actualización: Centro de protección contra malware de Microsoft
Tipo de firma: AntiSpyware
Tipo de actualización: Completa
Usuario: NT AUTHORITY\Servicio de red
Versión de motor actual: 
Versión de motor anterior: 1.1.14800.3
Código de error: 0x80072ee7
Descripción del error: No se pudo resolver el nombre de servidor o su dirección 

CodeIntegrity:
===================================

Date: 2018-08-14 05:05:35.316
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\FlightSettings.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-08-14 05:05:35.310
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\FlightSettings.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-08-14 05:05:35.303
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\dsreg.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-08-14 05:05:35.296
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\dsreg.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-08-14 05:05:34.967
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\aepic.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-08-14 05:05:34.947
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\aepic.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-08-06 18:53:15.650
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\FlightSettings.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-08-06 18:53:15.644
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\FlightSettings.dll because the set of per-page image hashes could not be found on the system.

==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i7-3770K CPU @ 3.50GHz
Percentage of memory in use: 15%
Total physical RAM: 32712.55 MB
Available physical RAM: 27724.85 MB
Total Virtual: 37576.55 MB
Available Virtual: 32441.65 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:464.43 GB) (Free:142.94 GB) NTFS
Drive d: (DATA1) (Fixed) (Total:1862.89 GB) (Free:499.25 GB) NTFS
Drive e: (DATA2) (Fixed) (Total:1862.89 GB) (Free:80.87 GB) NTFS

\\?\Volume{9a977788-0000-0000-0000-100000000000}\ (Reservado para el sistema) (Fixed) (Total:0.49 GB) (Free:0.46 GB) NTFS
\\?\Volume{9a977788-0000-0000-0000-a03a74000000}\ () (Fixed) (Total:0.84 GB) (Free:0.45 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 9A977788)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=464.4 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=864 MB) - (Type=27)

========================================================
Disk: 1 (Protective MBR) (Size: 1863 GB) (Disk ID: 00000000)

Partition: GPT.

========================================================
Disk: 2 (Protective MBR) (Size: 1863 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt ============================