CPU al 100% al iniciar el pc

Hola, buenas tengo un problema con el pc que no se como solucionar. El caso es que hoy he ido a encender mi portatil y nada mas iniciar sesión se han puesto los ventiladores a funcionar como nunca antes me había pasado, he abierto el administrador de tareas para ver que pasaba y he visto como nada mas abrirlo estaba la CPU funcionando al 100%.

Al ver esto me he asustado un poco la verdad y lo primero que he ido a hacer es finalizar la tarea que estaba consumiendo mas porcentaje de la cpu que ponia que era antimalware service executable.

Al cerrarlo ha vuelto a la normalidad, pero cada vez que inicio el pc vuelve a pasarme; he investigado un poco y he visto que puede ser un malware que se camufla al abrir el administrador de tareas. El caso es que he instalado malwarebytes, cccleaner y otros programas que he visto en mas foros y ninguno me detecta nada. Estoy por guardarme lo importante en un disco externo y reiniciar de fabrica porque no se como quitar este malware.

Necesito un poco de ayuda, gracias.

Buenas @Alberto_Martinez bienvenido al Foro.

Para revisar tu maquina, sigue estos pasos, en el orden indicado y leyendo todo lo explicado.

Desactiva temporalmente el Antivirus Cómo deshabilitar temporalmente su Antivirus, mientras estemos realizando TODOS los pasos.

Vamos a descargar en TU ESCRITORIO(y NO en otro lugar ) todas las herramientas que vamos a utilizar en este procedimiento (pero no las ejecutes todavía) :

• CCleaner + Manual.

• Malwarebytes’ Anti-Malware + Manual. revisa en detalle el manual, para que sepas usarlo y configurarlo correctamente.

• AdwCleaner + Manual.

• Junkware Removal Tool.

• Farbar Recovery Scan Tool. seleccionando la versión adecuada para la arquitectura(32 o 64bits) de tu equipo. Como saber si Mi Windows es de 32 o 64 Bits ?.

Ejecutas las herramientas de una en una y en el orden indicado :

CCleaner.-

• Instalas y Ejecutas CCleaner siguiendo los pasos indicados en el manual.

• Úsalo primero en su opción de Limpiador para borrar cookies, temporales de Internet y todos los archivos que te muestre como obsoletos.

• Después usa su opción de Registro para limpiar todo el registro de Windows(haciendo copia de seguridad).

Malwarebytes.-

• Instalas y Ejecutas MBAM siguiendo los pasos indicados en el manual.

• Realiza un Análisis Completo.

• Seleccionando TODOS a Cuarentena para enviarlo a la cuarentena y Reinicias el sistema.

• En el apartado del manual Historial encontrarás el informe del MBAM, que debes copiar y pegar en tu próxima respuesta, para analizarlo.

AdwCleaner.-

• Ejecuta Adwcleaner.exe.

• Pulsamos en el botón Analizar ahora, y espera a que se realice el proceso, inmediatamente pulsa siempre sobre el botón Iniciar Reparación.

• Espera a que se complete y sigue las instrucciones, si te pidiera Reiniciar el sistema Aceptas.

• El log/informe lo encontramos en la pestaña “Informes”, volviendo a abrir el programa si fuese necesario, para poder copiarlo y pegarlo en tu próxima respuesta.

• El informe también se puede encontrar en C:\AdwCleaner\Logs\AdwCleaner[C00].txt

Junkware Removal Tool.-

• Ejecuta JRT.exe.

• Y pulsar cualquier tecla para continuar, esperar pacientemente a que termine el proceso.

• Si en algún momento te pide Reiniciar hazlo.

• Al finalizar, un registro/informe (JRT.txt) se guardara en el escritorio y se abrirá automáticamente.

• Copia y pega el contenido de JRT.txt en tu próxima respuesta.

Farbar Recovery Scan Tool.-

• Ejecuta FRST.exe.

• En el mensaje de la ventana del Disclaimer, pulsamos Yes

• En la ventana principal pulsamos en el botón Scan y esperamos a que concluya el proceso.

• Se abrirán dos(2) archivos(Logs), Frst.txt y Addition.txt, estos quedaran grabados en el escritorio.

Poner los informes en tu próxima respuesta de :

• Malwarebytes, AdwCleaner, JRT, FRST + Addition.txt, y en ese orden.

Debes copiarlos y pegarlos con todo su contenido y usaras varios mensajes si recibes un mensaje de error indicando que es muy largo(mas de 50.000 caracteres aprox.).

Y nos cuentas como funciona tu equipo en relación al problema planteado.

Saludos Javier.

Hola, no puedo instalar malwarebytes me sale que se ha producido un error en la instalación, también he probado en modo seguro y nada

ADWCleaner

# -------------------------------
# Malwarebytes AdwCleaner 7.4.2.0
# -------------------------------
# Build:    10-21-2019
# Database: 2019-10-21.1 (Local)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start:    11-23-2019
# Duration: 00:00:01
# OS:       Windows 10 Home
# Cleaned:  9
# Failed:   0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted       C:\ProgramData\Tencent
Deleted       C:\Users\alber\AppData\Local\Tencent
Deleted       C:\Users\alber\AppData\Roaming\Tencent
Deleted       C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Tencent

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted       HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{3D48C148-14C7-4C32-9B87-05CAF4AB8D29}
Deleted       HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{55079674-96E7-45CA-83AD-C0BD8CFF095E}
Deleted       HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{5DEEC5E7-DFBC-417B-BFAF-1E946A304F03}
Deleted       HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{FE341199-C687-4DAB-B601-2B1D8AC6BA45}
Deleted       HKLM\Software\Classes\METNSD

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner_Debug.log - [22924 octets] - [23/11/2019 11:27:52]
AdwCleaner[S00].txt - [2335 octets] - [23/11/2019 11:28:43]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

JRT

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.4 (07.09.2017)
Operating System: Windows 10 Home x64 
Ran by alber (Administrator) on 23/11/2019 at 11:35:14,00
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 4 

Successfully deleted: C:\ProgramData\thunder network (Folder) 
Successfully deleted: C:\Users\alber\AppData\Local\tencent (Folder) 
Successfully deleted: C:\Users\alber\AppData\Roaming\tencent (Folder) 
Successfully deleted: C:\Users\Public\thunder network (Folder) 



Registry: 0 





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 23/11/2019 at 11:37:08,30
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

FRST1

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 21-11-2019
Ran by alber (administrator) on DESKTOP-FISBK50 (HUAWEI HUAWEI MateBook D) (23-11-2019 11:38:29)
Running from C:\Users\alber\OneDrive\Escritorio
Loaded Profiles: alber & lkClassAds & niLXIDiscovery (Available Profiles: alber & lkClassAds & niLXIDiscovery)
Platform: Windows 10 Home Version 1809 17763.864 (X64) Language: Español (España, internacional)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Autodesk, Inc. -> Autodesk Inc.) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Flexera Software LLC -> Flexera Software LLC) C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe
(Flexera Software LLC -> Flexera) C:\Program Files (x86)\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService.exe
(Fortinet Technologies (Canada) Inc. -> Fortinet Inc.) C:\Program Files\Fortinet\FortiClient\FCDBLog.exe
(Fortinet Technologies (Canada) Inc. -> Fortinet Inc.) C:\Program Files\Fortinet\FortiClient\FortiESNAC.exe
(Fortinet Technologies (Canada) Inc. -> Fortinet Inc.) C:\Program Files\Fortinet\FortiClient\FortiSettings.exe
(Fortinet Technologies (Canada) Inc. -> Fortinet Inc.) C:\Program Files\Fortinet\FortiClient\FortiSSLVPNdaemon.exe
(Fortinet Technologies (Canada) Inc. -> Fortinet Inc.) C:\Program Files\Fortinet\FortiClient\FortiTray.exe
(Fortinet Technologies (Canada) Inc. -> Fortinet Inc.) C:\Program Files\Fortinet\FortiClient\scheduler.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome Remote Desktop\79.0.3945.10\remoting_host.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome Remote Desktop\79.0.3945.10\remoting_host.exe
(Huawei Technologies Co., Ltd. -> ) C:\Program Files\Huawei\HwOsd\OSDListener.exe
(Huawei Technologies Co., Ltd. -> ) C:\Program Files\Huawei\HwOsd\OSDMainService.exe
(Huawei Technologies Co., Ltd. -> ) C:\Program Files\Huawei\PCManager\MateBookService.exe
(Huawei Technologies Co., Ltd. -> ) C:\Program Files\Huawei\PCManager\MBAMessageCenter.exe
(Huawei Technologies Co., Ltd. -> Microsoft) C:\Program Files\Huawei\HwLcdEnhancement\LCD_Service.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(Intel Corporation -> Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe
(Intel Corporation -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel Corporation -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\jhi_service.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_2a735c5c675f05e6\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_2a735c5c675f05e6\IntelCpHDCPSvc.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_2a735c5c675f05e6\IntelCpHeciSvc.exe
(Intel(R) Software Development Products -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\sgx_psw.inf_amd64_df0bea5643beeb1b\aesm_service.exe
(Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1910.4-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1910.4-0\NisSrv.exe
(National Instruments Corporation -> National Instruments Corporation) C:\Windows\SysWOW64\lkads.exe
(National Instruments Corporation -> National Instruments Corporation) C:\Windows\SysWOW64\lktsrv.exe
(National Instruments Corporation -> National Instruments Corporation) D:\Gestion de Ensayos Electricos\MAX\nimxs.exe
(National Instruments Corporation -> National Instruments Corporation) D:\Gestion de Ensayos Electricos\Shared\mDNS Responder\nimdnsResponder.exe
(National Instruments Corporation -> National Instruments Corporation) D:\Gestion de Ensayos Electricos\Shared\niauth\niauth_daemon.exe
(National Instruments Corporation -> National Instruments Corporation) D:\Gestion de Ensayos Electricos\Shared\nisvcloc\nisvcloc.exe
(National Instruments Corporation -> National Instruments Corporation) D:\Gestion de Ensayos Electricos\Shared\NI-VISA\niLxiDiscovery.exe
(National Instruments Corporation -> National Instruments Corporation) D:\Gestion de Ensayos Electricos\Shared\Security\nidmsrv.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Piriform Software Ltd -> Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Tencent Technology(Shenzhen) Company Limited -> Tencent) D:\program files\txgameassistant\appmarket\QMEmulatorService.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [pac] => C:\Program Files\Autodesk\Personal Accelerator for Revit\RevitAccelerator.exe [339464 2017-01-17] (Autodesk, Inc. -> Autodesk, Inc.)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [452016 2011-01-15] (Canon Inc. -> CANON INC.)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [6260544 2019-11-14] (Dropbox, Inc -> Dropbox, Inc.)
HKLM-x32\...\Run: [Autodesk Desktop App] => C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe [657704 2019-05-14] (Autodesk, Inc. -> Autodesk, Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1240656 2019-09-10] (Adobe Inc. -> Adobe Systems)
HKU\S-1-5-21-673996061-760897978-3524476661-1001\...\Run: [Spotify] => C:\Users\alber\AppData\Roaming\Spotify\Spotify.exe [21144992 2019-11-13] (Spotify AB -> Spotify Ltd)
HKU\S-1-5-21-673996061-760897978-3524476661-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [24916512 2019-10-01] (Piriform Software Ltd -> Piriform Ltd)
HKU\S-1-5-21-673996061-760897978-3524476661-1001\...\Policies\Explorer: [] 
HKLM\Software\...\AppCompatFlags\Custom\Siemens.Automation.Portal.exe: [{479eafda-32b8-47e0-9c89-d68f3b8a098f}.sdb] -> Siemens.Automation.Portal.exe
HKLM\Software\...\AppCompatFlags\InstalledSDB\{479eafda-32b8-47e0-9c89-d68f3b8a098f}: [DatabasePath] -> C:\Windows\AppPatch\CustomSDB\{479eafda-32b8-47e0-9c89-d68f3b8a098f}.sdb [2016-09-15]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\78.0.3904.108\Installer\chrmstp.exe [2019-11-22] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{AC7DD106-EAB6-4b41-AC4F-D52FD62A82C7}] -> C:\Program Files\Fortinet\FortiClient\FortiCredentialProvider2.dll [2019-08-07] (Fortinet Technologies (Canada) Inc. -> Fortinet Inc.)
HKLM\Software\...\Authentication\Credential Provider Filters: [{AC7DD106-EAB6-4b41-AC4F-D52FD62A82C7}] -> C:\Program Files\Fortinet\FortiClient\FortiCredentialProvider2.dll [2019-08-07] (Fortinet Technologies (Canada) Inc. -> Fortinet Inc.)

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {04A4E4E4-7F5E-48CF-9AAA-DC35D4B45BBC} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3301928 2019-10-25] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {11029878-EDA7-44A5-9153-8E2DF1224120} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [654456 2019-10-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {11C87745-FB5A-4FF2-B663-034D17F5C08B} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1133368 2019-10-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {36996FB3-F69A-4D1A-9E12-2EDB332F5DC3} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-09-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {3F058FA0-2713-483B-92F8-70B3629A4F4C} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [913720 2019-10-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {412BB485-3C69-4F5D-8900-DC07E4969120} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [913720 2019-10-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {44A73D10-C6A0-4375-8733-B1B9D41D25A9} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe [103896 2019-10-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {4552406B-E6C0-45DF-A419-EB875F7922D5} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1133368 2019-10-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {52EA01DA-B2E6-408E-B484-420F884699C9} - System32\Tasks\GoogleUpdateTaskMachineUA1d57d9ea8f6e125 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-12-12] (Google Inc -> Google Inc.)
Task: {54644489-7241-4345-9022-DFAEA2CBC0E4} - System32\Tasks\GoogleUpdateTaskMachineCore1d57d9ea8f3d450 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-12-12] (Google Inc -> Google Inc.)
Task: {546A8A49-170F-4FDA-AFAD-2C0D6E417F1D} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-09-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {6D7038B0-A16E-48C0-B1C7-B28002DF1E8B} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4407880 2019-10-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {72EDFD2B-10CB-4764-9DBA-DD772F259DA7} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1910.4-0\MpCmdRun.exe [469928 2019-10-29] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {75BA8D11-078E-4D80-A357-0BBC58AECD23} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1133368 2019-10-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {79784DF8-88A7-4860-A1F0-F03CC30974EC} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1240656 2019-09-10] (Adobe Inc. -> Adobe Systems)
Task: {831F102C-615C-4B23-8C60-DBF568BABE53} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\Windows\explorer.exe /NOUACCHECK
Task: {858E82F9-FEEF-4DC8-A01D-0E575E8F320C} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26047080 2019-09-27] (Microsoft Corporation -> Microsoft Corporation)
Task: {86E5573D-AAAD-4892-811C-F87FA351C0F7} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1403960 2019-10-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {87430BBE-5263-4287-B53A-545B0B4D33A9} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-10-01] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {A72D553C-D326-4A18-B70A-D0DD5B2482C4} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [18732320 2019-10-01] (Piriform Software Ltd -> Piriform Ltd)
Task: {B146EBC6-9BF1-4438-A560-FEABF5D0FE8C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1910.4-0\MpCmdRun.exe [469928 2019-10-29] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {C8EDBB28-7587-4B70-AB6C-3E731FFB44E3} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2019-02-13] (Dropbox, Inc -> Dropbox, Inc.)
Task: {CA5EBA4B-D9B4-4D9D-B626-65F06FC8A87D} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1133368 2019-10-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D28DAD49-247F-4BE6-A046-79764E4D4B31} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-12-12] (Google Inc -> Google Inc.)
Task: {D2DF50E3-C3E4-47B7-A9C5-CEFC0BEAE870} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-12-12] (Google Inc -> Google Inc.)
Task: {E514DE23-9A0A-4E21-9370-6CDE0983064C} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2019-02-13] (Dropbox, Inc -> Dropbox, Inc.)
Task: {EECE9FAE-AD0D-4D46-9A54-53ECBAFF5C9E} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26047080 2019-09-27] (Microsoft Corporation -> Microsoft Corporation)
Task: {F27BF285-D7CF-4A42-A1F3-20E187F89B62} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-673996061-760897978-3524476661-1001 => C:\Users\alber\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
Task: {F284B453-9F9B-433A-A304-8D2DE0956163} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe [103896 2019-10-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {F3128E88-6159-4CD9-853F-52CFDC76760C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1910.4-0\MpCmdRun.exe [469928 2019-10-29] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {F344DF82-AD52-4D08-869A-CF14B0BAE4A0} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4407880 2019-10-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {FB49CF5E-5DA3-44C4-BAFC-B730E0C54DD6} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [758824 2019-10-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {FCBF4851-045D-4974-84E9-40AF849A550F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1910.4-0\MpCmdRun.exe [469928 2019-10-29] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {FE5DC442-A522-4720-A86E-2D2B3BDB688F} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1403960 2019-10-17] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job => C:\Windows\explorer.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyServer: [S-1-5-21-673996061-760897978-3524476661-1001] => http=127.0.0.1:51914;https=127.0.0.1:51914;socks=127.0.0.1:51913
Winsock: Catalog5 08 D:\Gestion de Ensayos Electricos\Shared\mDNS Responder\nimdnsNSP.dll [35448 2017-03-07] (National Instruments Corporation -> National Instruments Corporation)
Winsock: Catalog5-x64 08 C:\Program Files\National Instruments\Shared\mDNS Responder\nimdnsNSP.dll [38520 2017-03-07] (National Instruments Corporation -> National Instruments Corporation)
Tcpip\..\Interfaces\{3df0a95e-3550-4bf4-8433-50f4dea5a409}: [DhcpNameServer] 212.231.6.7 46.6.113.34 192.168.1.1
HKLM\System\...\Parameters\PersistentRoutes: [169.254.0.0,255.255.0.0,192.168.1.33,1]

Internet Explorer:
==================
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2019-10-17] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2019-07-21] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-07-21] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-07-21] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-07-21] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-07-21] (Microsoft Corporation -> Microsoft Corporation)

Edge: 
======
DownloadDir: C:\Users\alber\Downloads

FireFox:
========
FF DefaultProfile: 4wsdpm8b.default
FF ProfilePath: C:\Users\alber\AppData\Roaming\Mozilla\Firefox\Profiles\4wsdpm8b.default [2019-10-22]
FF ProfilePath: C:\Users\alber\AppData\Roaming\Mozilla\Firefox\Profiles\o9dneiwe.default-release [2019-11-23]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2019-07-21] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2019-07-21] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.35.342\npGoogleUpdate3.dll [2019-11-05] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.35.342\npGoogleUpdate3.dll [2019-11-05] (Google Inc -> Google LLC)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-10-16] (Adobe Inc. -> Adobe Systems Inc.)

Chrome: 
=======
CHR DefaultSearchURL: Default -> hxxps://search.eadblock.com/?q={searchTerms}
CHR DefaultSearchKeyword: Default -> eabsrc.com
CHR Notifications: Default -> hxxps://maranhesduve.club; hxxps://www.realmadrid.com; hxxps://www.xlmoto.es; hxxps://www1.debrahinton.pro; hxxps://www1.ecleneue.com
CHR Profile: C:\Users\alber\AppData\Local\Google\Chrome\User Data\Default [2019-11-23]
CHR Extension: (Presentaciones) - C:\Users\alber\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-12-12]
CHR Extension: (Documentos) - C:\Users\alber\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-12-12]
CHR Extension: (Google Drive) - C:\Users\alber\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-12-12]
CHR Extension: (YouTube) - C:\Users\alber\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-12-12]
CHR Extension: (Hojas de cálculo) - C:\Users\alber\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-12-12]
CHR Extension: (Escritorio Remoto de Chrome) - C:\Users\alber\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2019-07-23]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\alber\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-12-12]
CHR Extension: (AdBlock) - C:\Users\alber\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2019-11-22]
CHR Extension: (Player para ver Movistar+) - C:\Users\alber\AppData\Local\Google\Chrome\User Data\Default\Extensions\kenfcfndncbbggmafjjeihkdclggbojn [2019-03-06]
CHR Extension: (Servicio cashback Letyshops) - C:\Users\alber\AppData\Local\Google\Chrome\User Data\Default\Extensions\lphicbbhfmllgmomkkhjfkpbdlncafbn [2019-11-17]
CHR Extension: (EAB Search Manager) - C:\Users\alber\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikabbhpeollgpkdddpegijnpifolmme [2018-12-12]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\alber\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-05]
CHR Extension: (Gmail) - C:\Users\alber\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-15]
CHR Extension: (Chrome Media Router) - C:\Users\alber\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-11-05]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdAppMgrSvc; C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe [1233272 2019-05-14] (Autodesk, Inc. -> Autodesk Inc.)
R2 AESMService; C:\Windows\System32\DriverStore\FileRepository\sgx_psw.inf_amd64_df0bea5643beeb1b\aesm_service.exe [3235112 2018-03-14] (Intel(R) Software Development Products -> Intel Corporation)
R2 chromoting; C:\Program Files (x86)\Google\Chrome Remote Desktop\79.0.3945.10\remoting_host.exe [74392 2019-10-24] (Google LLC -> Google Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11153504 2019-09-27] (Microsoft Corporation -> Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2019-02-13] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2019-02-13] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\Windows\system32\DbxSvc.exe [51024 2019-11-14] (Dropbox, Inc -> Dropbox, Inc.)
R2 esifsvc; C:\Windows\system32\Intel\DPTF\esif_uf.exe [2218032 2016-12-15] (Intel Corporation -> Intel Corporation)
R2 FA_Scheduler; C:\Program Files\Fortinet\FortiClient\scheduler.exe [138640 2019-08-07] (Fortinet Technologies (Canada) Inc. -> Fortinet Inc.)
R2 ibtsiva; C:\Windows\system32\ibtsiva.exe [515264 2017-08-07] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
R2 jhi_service; C:\Windows\System32\jhi_service.exe [576560 2018-05-23] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation)
R2 LCD_Service; C:\Program Files\Huawei\HwLcdEnhancement\LCD_Service.exe [24560 2019-06-25] (Huawei Technologies Co., Ltd. -> Microsoft)
R2 lkClassAds; C:\Windows\SysWOW64\lkads.exe [69096 2019-03-12] (National Instruments Corporation -> National Instruments Corporation)
R2 lkTimeSync; C:\Windows\SysWOW64\lktsrv.exe [80880 2019-03-12] (National Instruments Corporation -> National Instruments Corporation)
R2 MBAMainService; C:\Program Files\Huawei\PCManager\MateBookService.exe [1034224 2019-06-25] (Huawei Technologies Co., Ltd. -> )
R2 mxssvr; D:\Gestion de Ensayos Electricos\MAX\nimxs.exe [104384 2019-03-10] (National Instruments Corporation -> National Instruments Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [310880 2018-09-05] (Intel Corporation -> )
R2 niauth; D:\Gestion de Ensayos Electricos\Shared\niauth\niauth_daemon.exe [601544 2019-03-12] (National Instruments Corporation -> National Instruments Corporation)
R2 NIDomainService; D:\Gestion de Ensayos Electricos\Shared\Security\nidmsrv.exe [432088 2019-03-12] (National Instruments Corporation -> National Instruments Corporation)
R2 niLXIDiscovery; D:\Gestion de Ensayos Electricos\Shared\NI-VISA\niLxiDiscovery.exe [537144 2019-03-27] (National Instruments Corporation -> National Instruments Corporation)
R2 nimDNSResponder; D:\Gestion de Ensayos Electricos\Shared\mDNS Responder\nimdnsResponder.exe [343080 2017-03-07] (National Instruments Corporation -> National Instruments Corporation)
R2 NiSvcLoc; D:\Gestion de Ensayos Electricos\Shared\niSvcLoc\nisvcloc.exe [110040 2019-03-20] (National Instruments Corporation -> National Instruments Corporation)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-09-27] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-09-27] (NVIDIA Corporation -> NVIDIA Corporation)
R2 OSDMainService; C:\Program Files\Huawei\HwOsd\OSDMainService.exe [665928 2019-01-18] (Huawei Technologies Co., Ltd. -> )
R2 QMEmulatorService; D:\Program Files\TxGameAssistant\AppMarket\QMEmulatorService.exe [148840 2019-10-17] (Tencent Technology(Shenzhen) Company Limited -> Tencent)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1910.4-0\NisSrv.exe [3201616 2019-10-29] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1910.4-0\MsMpEng.exe [103168 2019-10-29] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [4059744 2018-09-05] (Intel Corporation -> Intel® Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000 

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 aow_drv; D:\Program Files\TxGameAssistant\UI\2.0.13016.123\aow_drv_x64_ev.sys [863616 2019-10-25] (Tencent Technology (Shenzhen) Company Limited -> Tencent)
S3 dpmconv; C:\Windows\System32\drivers\dpmconv.sys [275504 2016-07-25] (Siemens AG -> Siemens AG)
R3 dptf_acpi; C:\Windows\System32\drivers\dptf_acpi.sys [72576 2016-12-15] (Intel Corporation -> Intel Corporation)
R3 dptf_cpu; C:\Windows\System32\drivers\dptf_cpu.sys [67968 2016-12-15] (Intel Corporation -> Intel Corporation)
R3 esif_lf; C:\Windows\system32\DRIVERS\esif_lf.sys [355200 2016-12-15] (Intel Corporation -> Intel Corporation)
S3 fortiapd; C:\Windows\System32\drivers\fortiapd.sys [27472 2019-08-07] (Fortinet Technologies (Canada) Inc. -> Fortinet Inc)
R1 FortiFilter; C:\Windows\system32\DRIVERS\FortiFilter.sys [35400 2019-08-07] (Fortinet Technologies (Canada) Inc. -> Fortinet Inc)
S1 FortiFW; C:\Windows\System32\drivers\FortiFW2.sys [46928 2019-08-07] (Fortinet Technologies (Canada) Inc. -> Fortinet Inc)
S3 Fortips; C:\Windows\System32\drivers\fortips.sys [157520 2019-08-07] (Fortinet Technologies (Canada) Inc. -> Fortinet Inc)
R1 FortiShield; C:\Windows\System32\drivers\FortiShield.sys [81744 2019-08-07] (Fortinet Technologies (Canada) Inc. -> Fortinet Inc)
S3 fortisniff; C:\Windows\System32\drivers\fortisniff2.sys [121168 2019-08-07] (Fortinet Technologies (Canada) Inc. -> Fortinet Inc)
S3 ftsvnic; C:\Windows\System32\drivers\ftsvnic.sys [71320 2019-08-07] (Fortinet Technologies (Canada) Inc. -> Fortinet Inc.)
R3 ft_vnic; C:\Windows\System32\drivers\ftvnic.sys [70536 2019-08-07] (Fortinet Technologies (Canada) Inc. -> Fortinet Corporation)
R3 hwnetstat; C:\Program Files\Huawei\PCManager\WFPDriver.sys [30744 2019-06-25] (Huawei Technologies Co., Ltd. -> )
R2 HwOs2ECx64; C:\Program Files\Huawei\PCManager\HwOs2EC10x64.sys [49472 2019-06-25] (Huawei Technologies Co., Ltd. -> Huawei)
R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [129040 2017-08-07] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
R3 Netwtw06; C:\Windows\System32\drivers\Netwtw06.sys [8822392 2018-09-26] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
S3 niorbk; C:\Windows\System32\drivers\niorbkl.sys [31368 2017-03-09] (National Instruments Corporation -> National Instruments Corporation)
S3 nipalfwedl; C:\Windows\System32\drivers\nipalfwedl.sys [31336 2019-03-07] (National Instruments Corporation -> National Instruments Corporation)
R0 NIPALK; C:\Windows\System32\drivers\nipalk.sys [797720 2019-03-07] (National Instruments Corporation -> National Instruments Corporation)
S3 nipalusbedl; C:\Windows\System32\drivers\nipalusbedl.sys [31336 2019-03-07] (National Instruments Corporation -> National Instruments Corporation)
R0 nipbcfk; C:\Windows\System32\drivers\nipbcfk.sys [19288 2019-01-17] (National Instruments Corporation -> National Instruments Corporation)
S3 NiViPciK; C:\Windows\System32\drivers\NiViPciKl.sys [31288 2019-03-25] (National Instruments Corporation -> National Instruments Corporation)
R3 nvlddmkm; C:\Windows\System32\DriverStore\FileRepository\nvhwi.inf_amd64_a346d6214b9520f5\nvlddmkm.sys [22749640 2019-11-08] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30336 2019-07-23] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [69840 2019-04-17] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvhci; C:\Windows\System32\drivers\nvvhci.sys [75600 2019-04-17] (NVIDIA Corporation -> NVIDIA Corporation)
R3 pppop; C:\Windows\System32\drivers\pppop64.sys [54344 2019-08-07] (Fortinet Technologies (Canada) Inc. -> Fortinet Inc.)
S3 s7odpx2x64; C:\Windows\System32\drivers\s7odpx2x64.sys [94432 2015-11-04] (Siemens AG -> SIEMENS AG)
S3 s7oppilx64; C:\Windows\System32\Drivers\s7oppilx64.sys [47448 2016-02-23] (Siemens AG -> SIEMENS AG)
S3 s7oppinx64; C:\Windows\System32\drivers\s7oppinx64.sys [117472 2015-11-04] (Siemens AG -> SIEMENS AG)
S3 s7oserix64; C:\Windows\System32\Drivers\s7oserix64.sys [148312 2016-02-23] (Siemens AG -> SIEMENS AG)
S3 s7osmcax64; C:\Windows\System32\drivers\s7osmcax64.sys [228064 2015-11-04] (Siemens AG -> SIEMENS AG)
S3 s7osobux64; C:\Windows\System32\drivers\s7osobux64.sys [120152 2016-02-23] (Siemens AG -> SIEMENS AG)
S3 s7otmcd64x; C:\Windows\System32\Drivers\s7otmcd64x.sys [202976 2015-11-04] (Siemens AG -> SIEMENS AG)
S3 s7otranx64; C:\Windows\System32\drivers\s7otranx64.sys [280888 2016-04-07] (Siemens AG -> SIEMENS AG)
S3 s7otsadx64; C:\Windows\System32\drivers\s7otsadx64.sys [221920 2015-11-04] (Siemens AG -> SIEMENS AG)
R2 s7ousbu64x; C:\Windows\System32\drivers\s7ousbu64x.sys [157528 2016-02-23] (Siemens AG -> SIEMENS AG)
R2 s7PnDiscoveryDriver; C:\Windows\system32\DRIVERS\s7PnDiscoveryDriver.sys [46824 2016-08-18] (Siemens AG -> SIEMENS AG)
R2 Snpnio; C:\Windows\system32\DRIVERS\snpnio.sys [107568 2016-07-25] (Siemens AG -> Windows (R) Win 7 DDK provider)
R2 SNTIE; C:\Windows\system32\DRIVERS\sntie.sys [302392 2016-05-02] (Siemens AG -> Siemens AG)
R3 SPUVCbv; C:\Windows\System32\Drivers\SPUVCbv64.sys [757312 2017-10-16] (SUNPLUS INNOVATION TECHNOLOGY INC. -> Sunplus Innovation Technology Inc.)
R0 stdcfltn; C:\Windows\System32\DRIVERS\stdcfltn.sys [30352 2016-10-07] (STMICROELECTRONICS S.R.L. -> ST Microelectronics)
R3 ST_Accel; C:\Windows\system32\DRIVERS\ST_Accel.sys [142848 2017-04-19] (Microsoft Windows Hardware Compatibility Publisher -> STMicroelectronics)
S3 tesrsdt; C:\Windows\system32\drivers\tesrsdt.sys [442128 2019-11-01] (Tencent Technology(Shenzhen) Company Limited -> TENCENT)
S3 TesSafe; C:\Windows\system32\TesSafe.sys [555064 2019-11-03] (Tencent Technology(Shenzhen) Company Limited -> TENCENT)
R3 tpfilter; C:\Windows\System32\drivers\tpfilter.sys [25928 2015-10-29] (BYD precision manufacture company -> TP Microelectronic)
S3 vsnl2ada; C:\Windows\System32\drivers\vsnl2ada.sys [143920 2016-07-25] (Siemens AG -> SIEMENS AG)
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [46472 2019-10-29] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [351968 2019-10-29] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [53984 2019-10-29] (Microsoft Windows -> Microsoft Corporation)
R3 WDTDrv; C:\Windows\System32\Drivers\WDTDrv.sys [24976 2017-08-21] (Huawei Technologies Co.,Ltd. -> Huawei Device)
S3 mdareDriver_68; \??\C:\Users\alber\AppData\Local\Temp\FCPreScan\mdare64_68.sys [X] <==== ATTENTION

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-11-23 11:38 - 2019-11-23 11:38 - 000000000 ____D C:\FRST
2019-11-23 11:27 - 2019-11-23 11:29 - 000000000 ____D C:\AdwCleaner
2019-11-23 11:25 - 2019-11-23 11:29 - 000372306 _____ C:\Windows\ntbtlog.txt
2019-11-23 11:25 - 2019-11-23 11:25 - 000000214 _____ C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job
2019-11-23 11:13 - 2019-11-23 11:13 - 000000000 ____D C:\Program Files\Malwarebytes
2019-11-23 11:02 - 2019-11-23 11:27 - 000001044 _____ C:\ProgramData\Escritorio\CCleaner.lnk
2019-11-23 11:02 - 2019-11-23 11:20 - 000004210 _____ C:\Windows\system32\Tasks\CCleaner Update
2019-11-23 11:02 - 2019-11-23 11:02 - 000002888 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC
2019-11-23 11:02 - 2019-11-23 11:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2019-11-23 11:02 - 2019-11-23 11:02 - 000000000 ____D C:\Program Files\CCleaner
2019-11-23 10:52 - 2019-11-23 10:52 - 001790024 _____ (Malwarebytes) C:\Users\alber\Downloads\JRT (1).exe
2019-11-22 18:29 - 2019-11-22 18:29 - 000000000 ____D C:\Users\alber\AppData\Local\mbamtray
2019-11-22 18:29 - 2019-11-22 18:29 - 000000000 ____D C:\Users\alber\AppData\Local\mbam
2019-11-22 18:29 - 2019-11-22 18:29 - 000000000 ____D C:\Users\alber\AppData\Local\cache
2019-11-22 18:28 - 2019-11-22 18:28 - 000000000 ___HD C:\OneDriveTemp
2019-11-22 18:15 - 2019-11-22 18:15 - 001883976 _____ (Malwarebytes) C:\Users\alber\Downloads\MBSetup-009996.009996.exe
2019-11-16 19:15 - 2019-11-16 19:15 - 000267032 _____ C:\Users\alber\Downloads\p2.zip
2019-11-16 19:15 - 2017-11-21 10:18 - 000185701 _____ C:\Users\alber\Downloads\Pract2.pdf
2019-11-16 19:15 - 2013-02-21 15:24 - 000081920 _____ C:\Users\alber\Downloads\ASEM.EXE
2019-11-16 19:15 - 2012-12-07 10:46 - 000063847 _____ C:\Users\alber\Downloads\27c64.pdf
2019-11-16 12:05 - 2019-11-16 12:05 - 000489802 _____ C:\Users\alber\Downloads\sqlite-dll-win32-x86-3300100.zip
2019-11-16 12:03 - 2019-11-16 12:30 - 000000000 ____D C:\Users\alber\sqlite
2019-11-16 11:01 - 2019-11-16 11:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2019-11-14 13:19 - 2019-11-14 13:19 - 000051024 _____ (Dropbox, Inc.) C:\Windows\system32\DbxSvc.exe
2019-11-14 13:19 - 2019-11-14 13:19 - 000047600 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-stable.sys
2019-11-14 13:19 - 2019-11-14 13:19 - 000047600 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-dev.sys
2019-11-14 13:19 - 2019-11-14 13:19 - 000047600 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-canary.sys
2019-11-14 00:01 - 2019-11-14 00:01 - 023455232 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2019-11-14 00:01 - 2019-11-14 00:01 - 019014144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2019-11-14 00:01 - 2019-11-14 00:01 - 012960256 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2019-11-14 00:01 - 2019-11-14 00:01 - 012258816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2019-11-14 00:01 - 2019-11-14 00:01 - 011724288 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2019-11-14 00:01 - 2019-11-14 00:01 - 009941504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2019-11-14 00:01 - 2019-11-14 00:01 - 007872000 _____ (Microsoft Corporation) C:\Windows\system32\Chakra.dll
2019-11-14 00:01 - 2019-11-14 00:01 - 006934016 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2019-11-14 00:01 - 2019-11-14 00:01 - 006547896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-11-14 00:01 - 2019-11-14 00:01 - 006318328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\windows.storage.dll
2019-11-14 00:01 - 2019-11-14 00:01 - 006065152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakra.dll
2019-11-14 00:01 - 2019-11-14 00:01 - 005770240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2019-11-14 00:01 - 2019-11-14 00:01 - 005608336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2019-11-14 00:01 - 2019-11-14 00:01 - 005436696 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
2019-11-14 00:01 - 2019-11-14 00:01 - 004873216 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2019-11-14 00:01 - 2019-11-14 00:01 - 004661760 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2019-11-14 00:01 - 2019-11-14 00:01 - 003906560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2019-11-14 00:01 - 2019-11-14 00:01 - 003872336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2019-11-14 00:01 - 2019-11-14 00:01 - 003703296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2019-11-14 00:01 - 2019-11-14 00:01 - 003656792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\OneCoreUAPCommonProxyStub.dll
2019-11-14 00:01 - 2019-11-14 00:01 - 003550384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll
2019-11-14 00:01 - 2019-11-14 00:01 - 003496448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.AI.MachineLearning.dll
2019-11-14 00:01 - 2019-11-14 00:01 - 002918200 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2019-11-14 00:01 - 2019-11-14 00:01 - 002765312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2019-11-14 00:01 - 2019-11-14 00:01 - 002699976 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2019-11-14 00:01 - 2019-11-14 00:01 - 002698752 _____ (Microsoft Corporation) C:\Windows\system32\WebRuntimeManager.dll
2019-11-14 00:01 - 2019-11-14 00:01 - 002628112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2019-11-14 00:01 - 2019-11-14 00:01 - 002393600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AcGenral.dll
2019-11-14 00:01 - 2019-11-14 00:01 - 002348544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2019-11-14 00:01 - 2019-11-14 00:01 - 002072176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2019-11-14 00:01 - 2019-11-14 00:01 - 001994976 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2019-11-14 00:01 - 2019-11-14 00:01 - 001918792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2019-11-14 00:01 - 2019-11-14 00:01 - 001729024 _____ (Microsoft Corporation) C:\Windows\system32\CoreShell.dll
2019-11-14 00:01 - 2019-11-14 00:01 - 001708544 _____ (Microsoft Corporation) C:\Windows\system32\enterprisecsps.dll
2019-11-14 00:01 - 2019-11-14 00:01 - 001677808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2019-11-14 00:01 - 2019-11-14 00:01 - 001674480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2019-11-14 00:01 - 2019-11-14 00:01 - 001668752 _____ (Microsoft Corporation) C:\Windows\system32\gdi32full.dll
2019-11-14 00:01 - 2019-11-14 00:01 - 001465472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32full.dll
2019-11-14 00:01 - 2019-11-14 00:01 - 001388032 _____ (Microsoft Corporation) C:\Windows\system32\bcastdvruserservice.dll
2019-11-14 00:01 - 2019-11-14 00:01 - 001312256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjet40.dll
2019-11-14 00:01 - 2019-11-14 00:01 - 001291264 _____ (Microsoft Corporation) C:\Windows\system32\werconcpl.dll
2019-11-14 00:01 - 2019-11-14 00:01 - 001267240 _____ (Microsoft Corporation) C:\Windows\system32\SecConfig.efi
2019-11-14 00:01 - 2019-11-14 00:01 - 001200920 _____ (Microsoft Corporation) C:\Windows\system32\mfmpeg2srcsnk.dll
2019-11-14 00:01 - 2019-11-14 00:01 - 001180248 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2019-11-14 00:01 - 2019-11-14 00:01 - 001098136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2019-11-14 00:01 - 2019-11-14 00:01 - 001024712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmpeg2srcsnk.dll
2019-11-14 00:01 - 2019-11-14 00:01 - 000948224 _____ (Microsoft Corporation) C:\Windows\system32\uDWM.dll
2019-11-14 00:01 - 2019-11-14 00:01 - 000877568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2019-11-14 00:01 - 2019-11-14 00:01 - 000872448 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2019-11-14 00:01 - 2019-11-14 00:01 - 000842752 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2019-11-14 00:01 - 2019-11-14 00:01 - 000808272 _____ (Microsoft Corporation) C:\Windows\system32\fontdrvhost.exe
2019-11-14 00:01 - 2019-11-14 00:01 - 000782968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2019-11-14 00:01 - 2019-11-14 00:01 - 000773208 _____ (Microsoft Corporation) C:\Windows\system32\taskschd.dll
2019-11-14 00:01 - 2019-11-14 00:01 - 000729088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
2019-11-14 00:01 - 2019-11-14 00:01 - 000703488 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2019-11-14 00:01 - 2019-11-14 00:01 - 000687104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2019-11-14 00:01 - 2019-11-14 00:01 - 000676352 _____ (Microsoft Corporation) C:\Windows\system32\sud.dll
2019-11-14 00:01 - 2019-11-14 00:01 - 000661264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontdrvhost.exe
2019-11-14 00:01 - 2019-11-14 00:01 - 000642560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sud.dll
2019-11-14 00:01 - 2019-11-14 00:01 - 000613376 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll
2019-11-14 00:01 - 2019-11-14 00:01 - 000596992 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2019-11-14 00:01 - 2019-11-14 00:01 - 000590336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ActivationManager.dll
2019-11-14 00:01 - 2019-11-14 00:01 - 000588816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2019-11-14 00:01 - 2019-11-14 00:01 - 000553472 _____ (Microsoft Corporation) C:\Windows\system32\dmenrollengine.dll
2019-11-14 00:01 - 2019-11-14 00:01 - 000548864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll
2019-11-14 00:01 - 2019-11-14 00:01 - 000547328 _____ (Microsoft Corporation) C:\Windows\system32\VAN.dll
2019-11-14 00:01 - 2019-11-14 00:01 - 000542320 _____ (Microsoft Corporation) C:\Windows\system32\policymanager.dll
2019-11-14 00:01 - 2019-11-14 00:01 - 000535080 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2019-11-14 00:01 - 2019-11-14 00:01 - 000533504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2019-11-14 00:01 - 2019-11-14 00:01 - 000495616 _____ (Microsoft Corporation) C:\Windows\system32\werui.dll
2019-11-14 00:01 - 2019-11-14 00:01 - 000481280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll
2019-11-14 00:01 - 2019-11-14 00:01 - 000474936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2019-11-14 00:01 - 2019-11-14 00:01 - 000473832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\policymanager.dll
2019-11-14 00:01 - 2019-11-14 00:01 - 000462336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dmenrollengine.dll
2019-11-14 00:01 - 2019-11-14 00:01 - 000455168 _____ (Microsoft Corporation) C:\Windows\system32\upnphost.dll
2019-11-14 00:01 - 2019-11-14 00:01 - 000435512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fltMgr.sys
2019-11-14 00:01 - 2019-11-14 00:01 - 000428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\werui.dll
2019-11-14 00:01 - 2019-11-14 00:01 - 000427832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volsnap.sys
2019-11-14 00:01 - 2019-11-14 00:01 - 000383288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msrpc.sys
2019-11-14 00:01 - 2019-11-14 00:01 - 000360960 _____ (Microsoft Corporation) C:\Windows\system32\DeviceEnroller.exe
2019-11-14 00:01 - 2019-11-14 00:01 - 000350208 _____ (Microsoft Corporation) C:\Windows\system32\AcGenral.dll
2019-11-14 00:01 - 2019-11-14 00:01 - 000349184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2019-11-14 00:01 - 2019-11-14 00:01 - 000331264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\upnphost.dll
2019-11-14 00:01 - 2019-11-14 00:01 - 000315904 _____ (Microsoft Corporation) C:\Windows\system32\ComposableShellProxyStub.dll
2019-11-14 00:01 - 2019-11-14 00:01 - 000303104 _____ (Microsoft Corporation) C:\Windows\system32\dmenterprisediagnostics.dll
2019-11-14 00:01 - 2019-11-14 00:01 - 000284672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2019-11-14 00:01 - 2019-11-14 00:01 - 000273408 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll
2019-11-14 00:01 - 2019-11-14 00:01 - 000263360 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2019-11-14 00:01 - 2019-11-14 00:01 - 000262152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2019-11-14 00:01 - 2019-11-14 00:01 - 000249856 _____ (Gracenote, Inc.) C:\Windows\SysWOW64\gnsdk_fp.dll
2019-11-14 00:01 - 2019-11-14 00:01 - 000217088 _____ (Microsoft Corporation) C:\Windows\system32\DWWIN.EXE
2019-11-14 00:01 - 2019-11-14 00:01 - 000180736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWWIN.EXE
2019-11-14 00:01 - 2019-11-14 00:01 - 000177664 _____ (Microsoft Corporation) C:\Windows\system32\spacebridge.dll
2019-11-14 00:01 - 2019-11-14 00:01 - 000151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ComposableShellProxyStub.dll
2019-11-14 00:01 - 2019-11-14 00:01 - 000144384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2019-11-14 00:01 - 2019-11-14 00:01 - 000139776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\prntvpt.dll
2019-11-14 00:01 - 2019-11-14 00:01 - 000122368 _____ (Microsoft Corporation) C:\Windows\system32\wercplsupport.dll
2019-11-14 00:01 - 2019-11-14 00:01 - 000112168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2019-11-14 00:01 - 2019-11-14 00:01 - 000105832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\OpenWith.exe
2019-11-14 00:01 - 2019-11-14 00:01 - 000101888 _____ (Microsoft Corporation) C:\Windows\system32\CoreShellExtFramework.dll
2019-11-14 00:01 - 2019-11-14 00:01 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\wsqmcons.exe
2019-11-14 00:01 - 2019-11-14 00:01 - 000086744 _____ (Microsoft Corporation) C:\Windows\system32\taskhostw.exe
2019-11-14 00:01 - 2019-11-14 00:01 - 000079360 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2019-11-14 00:01 - 2019-11-14 00:01 - 000077824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2019-11-14 00:01 - 2019-11-14 00:01 - 000071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CapabilityAccessManagerClient.dll
2019-11-14 00:01 - 2019-11-14 00:01 - 000068096 _____ (Microsoft Corporation) C:\Windows\system32\udhisapi.dll
2019-11-14 00:01 - 2019-11-14 00:01 - 000064512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ApiSetHost.AppExecutionAlias.dll
2019-11-14 00:01 - 2019-11-14 00:01 - 000058368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\udhisapi.dll
2019-11-14 00:01 - 2019-11-14 00:01 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\dwm.exe
2019-11-14 00:01 - 2019-11-14 00:01 - 000047616 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2019-11-14 00:01 - 2019-11-14 00:01 - 000047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AssignedAccessRuntime.dll
2019-11-14 00:01 - 2019-11-14 00:01 - 000046080 _____ (Microsoft Corporation) C:\Windows\system32\compact.exe
2019-11-14 00:01 - 2019-11-14 00:01 - 000041472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\compact.exe
2019-11-14 00:01 - 2019-11-14 00:01 - 000038912 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2019-11-14 00:01 - 2019-11-14 00:01 - 000023768 _____ (Microsoft Corporation) C:\Windows\system32\nsi.dll
2019-11-14 00:01 - 2019-11-14 00:01 - 000020144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nsi.dll
2019-11-14 00:00 - 2019-11-14 00:00 - 022137120 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2019-11-14 00:00 - 2019-11-14 00:00 - 009667896 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2019-11-14 00:00 - 2019-11-14 00:00 - 007700696 _____ (Microsoft Corporation) C:\Windows\system32\windows.storage.dll
2019-11-14 00:00 - 2019-11-14 00:00 - 007656072 _____ (Microsoft Corporation) C:\Windows\system32\OneCoreUAPCommonProxyStub.dll
2019-11-14 00:00 - 2019-11-14 00:00 - 007645392 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Protection.PlayReady.dll
2019-11-14 00:00 - 2019-11-14 00:00 - 005575168 _____ (Microsoft Corporation) C:\Windows\system32\twinui.pcshell.dll
2019-11-14 00:00 - 2019-11-14 00:00 - 005573232 _____ (Microsoft Corporation) C:\Windows\system32\StartTileData.dll
2019-11-14 00:00 - 2019-11-14 00:00 - 004866560 _____ (Microsoft Corporation) C:\Windows\system32\Windows.AI.MachineLearning.dll
2019-11-14 00:00 - 2019-11-14 00:00 - 004413936 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2019-11-14 00:00 - 2019-11-14 00:00 - 004303872 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_nt.dll
2019-11-14 00:00 - 2019-11-14 00:00 - 004049920 _____ (Microsoft Corporation) C:\Windows\system32\EdgeContent.dll
2019-11-14 00:00 - 2019-11-14 00:00 - 003637760 _____ (Microsoft Corporation) C:\Windows\system32\win32kfull.sys
2019-11-14 00:00 - 2019-11-14 00:00 - 003576832 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2019-11-14 00:00 - 2019-11-14 00:00 - 003387392 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll
2019-11-14 00:00 - 2019-11-14 00:00 - 003363640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2019-11-14 00:00 - 2019-11-14 00:00 - 003333632 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2019-11-14 00:00 - 2019-11-14 00:00 - 003082752 _____ (Microsoft Corporation) 

FRST2

C:\Windows\system32\DWrite.dll
2019-11-14 00:00 - 2019-11-14 00:00 - 002871824 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2019-11-14 00:00 - 2019-11-14 00:00 - 002848768 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2019-11-14 00:00 - 2019-11-14 00:00 - 002707968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32kfull.sys
2019-11-14 00:00 - 2019-11-14 00:00 - 002645504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2019-11-14 00:00 - 2019-11-14 00:00 - 002421248 _____ (Microsoft Corporation) C:\Windows\system32\win32kbase.sys
2019-11-14 00:00 - 2019-11-14 00:00 - 002192384 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.onecore.dll
2019-11-14 00:00 - 2019-11-14 00:00 - 002109960 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2019-11-14 00:00 - 2019-11-14 00:00 - 002050560 _____ (Microsoft Corporation) C:\Windows\system32\Windows.CloudStore.dll
2019-11-14 00:00 - 2019-11-14 00:00 - 001966096 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\refs.sys
2019-11-14 00:00 - 2019-11-14 00:00 - 001933408 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2019-11-14 00:00 - 2019-11-14 00:00 - 001929728 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2019-11-14 00:00 - 2019-11-14 00:00 - 001904128 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2019-11-14 00:00 - 2019-11-14 00:00 - 001751432 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll
2019-11-14 00:00 - 2019-11-14 00:00 - 001726480 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2019-11-14 00:00 - 2019-11-14 00:00 - 001702600 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2019-11-14 00:00 - 2019-11-14 00:00 - 001668784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2019-11-14 00:00 - 2019-11-14 00:00 - 001666440 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2019-11-14 00:00 - 2019-11-14 00:00 - 001644544 _____ (Microsoft Corporation) C:\Windows\system32\wpncore.dll
2019-11-14 00:00 - 2019-11-14 00:00 - 001608192 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.desktop.dll
2019-11-14 00:00 - 2019-11-14 00:00 - 001538560 _____ (Microsoft Corporation) C:\Windows\system32\wbengine.exe
2019-11-14 00:00 - 2019-11-14 00:00 - 001486472 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2019-11-14 00:00 - 2019-11-14 00:00 - 001473296 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2019-11-14 00:00 - 2019-11-14 00:00 - 001388032 _____ (Microsoft Corporation) C:\Windows\system32\qmgr.dll
2019-11-14 00:00 - 2019-11-14 00:00 - 001346216 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2019-11-14 00:00 - 2019-11-14 00:00 - 001331536 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2019-11-14 00:00 - 2019-11-14 00:00 - 001319936 _____ (Microsoft Corporation) C:\Windows\system32\NotificationController.dll
2019-11-14 00:00 - 2019-11-14 00:00 - 001294792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2019-11-14 00:00 - 2019-11-14 00:00 - 001262592 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettings.Handlers.dll
2019-11-14 00:00 - 2019-11-14 00:00 - 001258512 _____ (Microsoft Corporation) C:\Windows\system32\hvix64.exe
2019-11-14 00:00 - 2019-11-14 00:00 - 001183504 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2019-11-14 00:00 - 2019-11-14 00:00 - 001054712 _____ (Microsoft Corporation) C:\Windows\system32\ApplyTrustOffline.exe
2019-11-14 00:00 - 2019-11-14 00:00 - 001054224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ClipSp.sys
2019-11-14 00:00 - 2019-11-14 00:00 - 001050112 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2019-11-14 00:00 - 2019-11-14 00:00 - 001049608 _____ (Microsoft Corporation) C:\Windows\system32\hvax64.exe
2019-11-14 00:00 - 2019-11-14 00:00 - 001022464 _____ (Microsoft Corporation) C:\Windows\system32\wcmsvc.dll
2019-11-14 00:00 - 2019-11-14 00:00 - 000981504 _____ (Microsoft Corporation) C:\Windows\system32\MusUpdateHandlers.dll
2019-11-14 00:00 - 2019-11-14 00:00 - 000927232 _____ (Microsoft Corporation) C:\Windows\system32\rasmans.dll
2019-11-14 00:00 - 2019-11-14 00:00 - 000888560 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2019-11-14 00:00 - 2019-11-14 00:00 - 000869888 _____ (Microsoft Corporation) C:\Windows\system32\netlogon.dll
2019-11-14 00:00 - 2019-11-14 00:00 - 000862008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms2.sys
2019-11-14 00:00 - 2019-11-14 00:00 - 000856424 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2019-11-14 00:00 - 2019-11-14 00:00 - 000834048 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll
2019-11-14 00:00 - 2019-11-14 00:00 - 000811536 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2019-11-14 00:00 - 2019-11-14 00:00 - 000807424 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdiWiFi.sys
2019-11-14 00:00 - 2019-11-14 00:00 - 000801792 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
2019-11-14 00:00 - 2019-11-14 00:00 - 000775768 _____ (Microsoft Corporation) C:\Windows\system32\pkeyhelper.dll
2019-11-14 00:00 - 2019-11-14 00:00 - 000774144 _____ (Microsoft Corporation) C:\Windows\system32\spoolsv.exe
2019-11-14 00:00 - 2019-11-14 00:00 - 000764928 _____ (Microsoft Corporation) C:\Windows\system32\updatehandlers.dll
2019-11-14 00:00 - 2019-11-14 00:00 - 000750592 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll
2019-11-14 00:00 - 2019-11-14 00:00 - 000747536 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2019-11-14 00:00 - 2019-11-14 00:00 - 000741688 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_StorageSense.dll
2019-11-14 00:00 - 2019-11-14 00:00 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\ActivationManager.dll
2019-11-14 00:00 - 2019-11-14 00:00 - 000680184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2019-11-14 00:00 - 2019-11-14 00:00 - 000667664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spaceport.sys
2019-11-14 00:00 - 2019-11-14 00:00 - 000664576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netlogon.dll
2019-11-14 00:00 - 2019-11-14 00:00 - 000652088 _____ (Microsoft Corporation) C:\Windows\system32\securekernel.exe
2019-11-14 00:00 - 2019-11-14 00:00 - 000638480 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2019-11-14 00:00 - 2019-11-14 00:00 - 000604344 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2019-11-14 00:00 - 2019-11-14 00:00 - 000595968 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2019-11-14 00:00 - 2019-11-14 00:00 - 000591160 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2019-11-14 00:00 - 2019-11-14 00:00 - 000575488 _____ (Microsoft Corporation) C:\Windows\system32\MusNotification.exe
2019-11-14 00:00 - 2019-11-14 00:00 - 000574464 _____ (Microsoft Corporation) C:\Windows\system32\wpnprv.dll
2019-11-14 00:00 - 2019-11-14 00:00 - 000553784 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2019-11-14 00:00 - 2019-11-14 00:00 - 000551936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nwifi.sys
2019-11-14 00:00 - 2019-11-14 00:00 - 000536320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\taskschd.dll
2019-11-14 00:00 - 2019-11-14 00:00 - 000520704 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_Notifications.dll
2019-11-14 00:00 - 2019-11-14 00:00 - 000520208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Vid.sys
2019-11-14 00:00 - 2019-11-14 00:00 - 000514600 _____ (Microsoft Corporation) C:\Windows\system32\dcntel.dll
2019-11-14 00:00 - 2019-11-14 00:00 - 000513544 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2019-11-14 00:00 - 2019-11-14 00:00 - 000509968 _____ (Microsoft Corporation) C:\Windows\system32\WerFault.exe
2019-11-14 00:00 - 2019-11-14 00:00 - 000505640 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2019-11-14 00:00 - 2019-11-14 00:00 - 000465416 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2019-11-14 00:00 - 2019-11-14 00:00 - 000462352 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2019-11-14 00:00 - 2019-11-14 00:00 - 000450632 _____ (Microsoft Corporation) C:\Windows\system32\Faultrep.dll
2019-11-14 00:00 - 2019-11-14 00:00 - 000445752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFault.exe
2019-11-14 00:00 - 2019-11-14 00:00 - 000430592 _____ (Microsoft Corporation) C:\Windows\system32\MusNotificationUx.exe
2019-11-14 00:00 - 2019-11-14 00:00 - 000420864 _____ (Microsoft Corporation) C:\Windows\system32\SettingsEnvironment.Desktop.dll
2019-11-14 00:00 - 2019-11-14 00:00 - 000415760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aepic.dll
2019-11-14 00:00 - 2019-11-14 00:00 - 000415744 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2019-11-14 00:00 - 2019-11-14 00:00 - 000408064 _____ (Microsoft Corporation) C:\Windows\system32\rascustom.dll
2019-11-14 00:00 - 2019-11-14 00:00 - 000394240 _____ (Microsoft Corporation) C:\Windows\system32\Search.ProtocolHandler.MAPI2.dll
2019-11-14 00:00 - 2019-11-14 00:00 - 000389408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Faultrep.dll
2019-11-14 00:00 - 2019-11-14 00:00 - 000385848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2019-11-14 00:00 - 2019-11-14 00:00 - 000367104 _____ (Microsoft Corporation) C:\Windows\system32\Wldap32.dll
2019-11-14 00:00 - 2019-11-14 00:00 - 000324624 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2019-11-14 00:00 - 2019-11-14 00:00 - 000321024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wldap32.dll
2019-11-14 00:00 - 2019-11-14 00:00 - 000292352 _____ (Microsoft Corporation) C:\Windows\system32\CapabilityAccessManager.dll
2019-11-14 00:00 - 2019-11-14 00:00 - 000281088 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.AppDefaults.dll
2019-11-14 00:00 - 2019-11-14 00:00 - 000256000 _____ (Microsoft Corporation) C:\Windows\system32\wpnservice.dll
2019-11-14 00:00 - 2019-11-14 00:00 - 000240640 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe
2019-11-14 00:00 - 2019-11-14 00:00 - 000226816 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_CapabilityAccess.dll
2019-11-14 00:00 - 2019-11-14 00:00 - 000215040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BthA2dp.sys
2019-11-14 00:00 - 2019-11-14 00:00 - 000214528 _____ (Microsoft Corporation) C:\Windows\system32\wersvc.dll
2019-11-14 00:00 - 2019-11-14 00:00 - 000213304 _____ (Microsoft Corporation) C:\Windows\system32\wermgr.exe
2019-11-14 00:00 - 2019-11-14 00:00 - 000201528 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2019-11-14 00:00 - 2019-11-14 00:00 - 000198968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spacedump.sys
2019-11-14 00:00 - 2019-11-14 00:00 - 000198144 _____ (Microsoft Corporation) C:\Windows\system32\policymanagerprecheck.dll
2019-11-14 00:00 - 2019-11-14 00:00 - 000193336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wermgr.exe
2019-11-14 00:00 - 2019-11-14 00:00 - 000182784 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
2019-11-14 00:00 - 2019-11-14 00:00 - 000178176 _____ (Microsoft Corporation) C:\Windows\system32\prntvpt.dll
2019-11-14 00:00 - 2019-11-14 00:00 - 000166400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spacebridge.dll
2019-11-14 00:00 - 2019-11-14 00:00 - 000164368 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2019-11-14 00:00 - 2019-11-14 00:00 - 000161792 _____ (Microsoft Corporation) C:\Windows\system32\dssvc.dll
2019-11-14 00:00 - 2019-11-14 00:00 - 000160272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pacer.sys
2019-11-14 00:00 - 2019-11-14 00:00 - 000154624 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_AppExecutionAlias.dll
2019-11-14 00:00 - 2019-11-14 00:00 - 000152896 _____ (Microsoft Corporation) C:\Windows\system32\userenv.dll
2019-11-14 00:00 - 2019-11-14 00:00 - 000151552 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_BackgroundApps.dll
2019-11-14 00:00 - 2019-11-14 00:00 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll
2019-11-14 00:00 - 2019-11-14 00:00 - 000141736 _____ (Microsoft Corporation) C:\Windows\system32\wldp.dll
2019-11-14 00:00 - 2019-11-14 00:00 - 000138112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\userenv.dll
2019-11-14 00:00 - 2019-11-14 00:00 - 000132608 _____ (Microsoft Corporation) C:\Windows\splwow64.exe
2019-11-14 00:00 - 2019-11-14 00:00 - 000124416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tunnel.sys
2019-11-14 00:00 - 2019-11-14 00:00 - 000120352 _____ (Microsoft Corporation) C:\Windows\system32\OpenWith.exe
2019-11-14 00:00 - 2019-11-14 00:00 - 000118480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wldp.dll
2019-11-14 00:00 - 2019-11-14 00:00 - 000111104 _____ (Microsoft Corporation) C:\Windows\system32\AxInstSv.dll
2019-11-14 00:00 - 2019-11-14 00:00 - 000110080 _____ (Microsoft Corporation) C:\Windows\system32\WinHvPlatform.dll
2019-11-14 00:00 - 2019-11-14 00:00 - 000109568 _____ (Microsoft Corporation) C:\Windows\system32\CapabilityAccessManagerClient.dll
2019-11-14 00:00 - 2019-11-14 00:00 - 000090632 _____ (Microsoft Corporation) C:\Windows\system32\hvloader.dll
2019-11-14 00:00 - 2019-11-14 00:00 - 000087080 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\winhvr.sys
2019-11-14 00:00 - 2019-11-14 00:00 - 000087040 _____ (Microsoft Corporation) C:\Windows\system32\ApiSetHost.AppExecutionAlias.dll
2019-11-14 00:00 - 2019-11-14 00:00 - 000086840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\npfs.sys
2019-11-14 00:00 - 2019-11-14 00:00 - 000080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dtdump.exe
2019-11-14 00:00 - 2019-11-14 00:00 - 000080400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hvservice.sys
2019-11-14 00:00 - 2019-11-14 00:00 - 000071696 _____ (Microsoft Corporation) C:\Windows\system32\win32appinventorycsp.dll
2019-11-14 00:00 - 2019-11-14 00:00 - 000061480 _____ (Microsoft Corporation) C:\Windows\system32\hvhostsvc.dll
2019-11-14 00:00 - 2019-11-14 00:00 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\TpmTasks.dll
2019-11-14 00:00 - 2019-11-14 00:00 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\AssignedAccessRuntime.dll
2019-11-14 00:00 - 2019-11-14 00:00 - 000056320 _____ (Microsoft Corporation) C:\Windows\system32\msscntrs.dll
2019-11-14 00:00 - 2019-11-14 00:00 - 000043008 _____ (Microsoft Corporation) C:\Windows\system32\WiredNetworkCSP.dll
2019-11-14 00:00 - 2019-11-14 00:00 - 000036368 _____ (Microsoft Corporation) C:\Windows\system32\DeviceCensus.exe
2019-11-14 00:00 - 2019-11-14 00:00 - 000002560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2019-11-14 00:00 - 2019-11-14 00:00 - 000002560 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2019-11-14 00:00 - 2019-11-14 00:00 - 000000315 _____ C:\Windows\system32\DrtmAuth8.bin
2019-11-14 00:00 - 2019-11-14 00:00 - 000000315 _____ C:\Windows\system32\DrtmAuth7.bin
2019-11-14 00:00 - 2019-11-14 00:00 - 000000315 _____ C:\Windows\system32\DrtmAuth6.bin
2019-11-14 00:00 - 2019-11-14 00:00 - 000000315 _____ C:\Windows\system32\DrtmAuth5.bin
2019-11-14 00:00 - 2019-11-14 00:00 - 000000315 _____ C:\Windows\system32\DrtmAuth4.bin
2019-11-14 00:00 - 2019-11-14 00:00 - 000000315 _____ C:\Windows\system32\DrtmAuth3.bin
2019-11-14 00:00 - 2019-11-14 00:00 - 000000315 _____ C:\Windows\system32\DrtmAuth2.bin
2019-11-14 00:00 - 2019-11-14 00:00 - 000000315 _____ C:\Windows\system32\DrtmAuth1.bin
2019-11-13 00:34 - 2019-11-08 11:08 - 001073872 _____ C:\Windows\system32\vulkan-1-999-0-0-0.dll
2019-11-13 00:34 - 2019-11-08 11:08 - 001073872 _____ C:\Windows\system32\vulkan-1.dll
2019-11-13 00:34 - 2019-11-08 11:08 - 000931536 _____ C:\Windows\SysWOW64\vulkan-1-999-0-0-0.dll
2019-11-13 00:34 - 2019-11-08 11:08 - 000931536 _____ C:\Windows\SysWOW64\vulkan-1.dll
2019-11-13 00:34 - 2019-11-08 11:08 - 000848592 _____ C:\Windows\system32\vulkaninfo-1-999-0-0-0.exe
2019-11-13 00:34 - 2019-11-08 11:08 - 000848592 _____ C:\Windows\system32\vulkaninfo.exe
2019-11-13 00:34 - 2019-11-08 11:08 - 000706256 _____ C:\Windows\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2019-11-13 00:34 - 2019-11-08 11:08 - 000706256 _____ C:\Windows\SysWOW64\vulkaninfo.exe
2019-11-13 00:34 - 2019-11-08 11:08 - 000449792 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2019-11-13 00:34 - 2019-11-08 11:08 - 000352704 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2019-11-13 00:34 - 2019-11-08 11:07 - 011841968 _____ (NVIDIA Corporation) C:\Windows\system32\nvptxJitCompiler.dll
2019-11-13 00:34 - 2019-11-08 11:07 - 010167216 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvptxJitCompiler.dll
2019-11-13 00:34 - 2019-11-08 11:06 - 017458432 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2019-11-13 00:34 - 2019-11-08 11:06 - 005381552 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2019-11-13 00:34 - 2019-11-08 11:06 - 004717568 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2019-11-13 00:34 - 2019-11-08 11:06 - 002074240 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2019-11-13 00:34 - 2019-11-08 11:06 - 001734256 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6444120.dll
2019-11-13 00:34 - 2019-11-08 11:06 - 001568880 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2019-11-13 00:34 - 2019-11-08 11:06 - 001492696 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6444120.dll
2019-11-13 00:34 - 2019-11-08 11:06 - 001482184 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2019-11-13 00:34 - 2019-11-08 11:06 - 001370088 _____ (NVIDIA Corporation) C:\Windows\system32\nvfatbinaryLoader.dll
2019-11-13 00:34 - 2019-11-08 11:06 - 001145056 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2019-11-13 00:34 - 2019-11-08 11:06 - 001066056 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvfatbinaryLoader.dll
2019-11-13 00:34 - 2019-11-08 11:06 - 000813000 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2019-11-13 00:34 - 2019-11-08 11:06 - 000685792 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2019-11-13 00:34 - 2019-11-08 11:06 - 000677280 _____ C:\Windows\system32\nvofapi64.dll
2019-11-13 00:34 - 2019-11-08 11:06 - 000659544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2019-11-13 00:34 - 2019-11-08 11:06 - 000556672 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2019-11-13 00:34 - 2019-11-08 11:06 - 000544728 _____ C:\Windows\SysWOW64\nvofapi.dll
2019-11-13 00:34 - 2019-11-08 11:05 - 040510200 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2019-11-13 00:34 - 2019-11-08 11:05 - 035379672 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2019-11-13 00:34 - 2019-11-08 11:05 - 015026944 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2019-11-12 17:29 - 2019-11-12 17:30 - 000545048 _____ C:\Users\alber\Downloads\p1.zip
2019-11-11 22:51 - 2019-11-11 22:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gestión de ensayos eléctricos
2019-11-11 16:44 - 2019-11-11 16:44 - 214477920 _____ C:\Users\alber\Downloads\GestionDeEnsayos2019.zip
2019-11-11 12:20 - 2019-11-11 12:20 - 000004558 _____ C:\Users\alber\Downloads\L5_A.zip
2019-11-09 11:58 - 2019-11-09 12:11 - 000000000 ____D C:\Users\alber\AppData\Roaming\Psiphon3
2019-11-09 11:55 - 2019-11-09 11:55 - 000000000 ____D C:\Users\alber\AppData\Local\MegaDownloader
2019-11-09 11:28 - 2019-11-22 18:00 - 000000000 ___RD C:\Users\alber\Documents\MEGA
2019-11-07 19:35 - 2019-11-07 19:35 - 000000000 ____D C:\Users\alber\AppData\Roaming\Siemens
2019-11-07 19:32 - 2019-11-07 19:32 - 000007329 _____ C:\Windows\system32\Steuerdatei.ini
2019-11-07 19:32 - 2019-11-07 19:32 - 000003737 _____ C:\Windows\SysWOW64\Steuerdatei.ini
2019-11-07 19:29 - 2019-11-17 17:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Siemens Automation
2019-11-07 19:29 - 2019-11-17 17:39 - 000000000 ____D C:\Program Files\Common Files\Siemens
2019-11-07 19:29 - 2019-11-07 19:29 - 000000000 ____D C:\Users\Public\Documents\Siemens
2019-11-07 19:16 - 2019-11-07 19:16 - 000000000 ____D C:\ProgramData\Siemens
2019-11-07 18:48 - 2019-11-07 18:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Simulacion de maquinas electricas
2019-11-07 18:45 - 2019-11-07 18:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Campos magnéticos
2019-11-07 18:28 - 2019-11-07 18:29 - 110448324 _____ C:\Users\alber\Downloads\Simulación de Máquinas Eléctricas.zip
2019-11-07 18:28 - 2019-11-07 18:28 - 235847515 _____ C:\Users\alber\Downloads\GestionEnsayos2018.zip
2019-11-07 18:27 - 2019-11-07 18:27 - 008852393 _____ C:\Users\alber\Downloads\Ferraris.zip
2019-11-06 13:23 - 2019-11-09 11:39 - 000000000 ____D C:\Users\alber\Documents\MEGAsync Downloads
2019-11-05 19:14 - 2019-11-08 11:02 - 004219656 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2019-11-05 19:14 - 2019-10-25 10:41 - 001733464 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6444112.dll
2019-11-05 19:14 - 2019-10-25 10:41 - 001491472 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6444112.dll
2019-11-05 17:42 - 2019-11-05 17:42 - 000000000 ____D C:\Users\alber\AppData\Local\Labcenter Electronics
2019-11-05 17:40 - 2019-11-05 17:40 - 000002379 _____ C:\ProgramData\Escritorio\Proteus 8 Professional.lnk
2019-11-05 17:40 - 2019-11-05 17:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Proteus 8 Professional
2019-11-05 17:40 - 2019-11-05 17:40 - 000000000 ____D C:\ProgramData\Labcenter Electronics
2019-11-05 17:40 - 2019-11-05 17:40 - 000000000 ____D C:\Program Files (x86)\Labcenter Electronics
2019-11-05 17:38 - 2019-11-05 17:38 - 000000000 ____D C:\Users\alber\AppData\Roaming\Labcenter Electronics
2019-11-01 22:02 - 2019-11-02 16:52 - 000000000 ____D C:\Program Files\Mozilla Firefox
2019-11-01 17:13 - 2019-10-23 15:09 - 001733504 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6444108.dll
2019-11-01 17:13 - 2019-10-23 15:09 - 001490864 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6444108.dll
2019-11-01 17:06 - 2019-11-03 00:21 - 000555064 _____ (TENCENT) C:\Windows\system32\TesSafe.sys
2019-11-01 17:06 - 2019-11-03 00:19 - 000000000 ____D C:\Users\alber\AppData\Roaming\AndroidTbox
2019-11-01 17:06 - 2019-11-01 17:06 - 000442128 _____ (TENCENT) C:\Windows\system32\Drivers\tesrsdt.sys
2019-11-01 17:00 - 2019-11-01 17:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tencent Software
2019-11-01 16:36 - 2019-11-17 17:53 - 000000000 ____D C:\Users\alber\AppData\Local\FortiClient
2019-11-01 16:36 - 2019-11-01 16:36 - 000000000 ____D C:\Users\alber\AppData\Roaming\FortiClient
2019-11-01 16:21 - 2019-11-01 16:21 - 000002069 _____ C:\ProgramData\Escritorio\FortiClient.lnk
2019-11-01 16:21 - 2019-11-01 16:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FortiClient
2019-11-01 16:21 - 2019-11-01 16:21 - 000000000 ____D C:\Program Files\Fortinet
2019-11-01 16:21 - 2019-11-01 16:21 - 000000000 ____D C:\Program Files\Common Files\Fortinet
2019-11-01 16:11 - 2019-11-01 16:11 - 000000000 ____D C:\ProgramData\Applications
2019-11-01 16:04 - 2019-11-01 16:04 - 000000000 ____D C:\Users\alber\Documents\NetSarang Computer
2019-11-01 16:01 - 2019-11-01 16:01 - 000002066 _____ C:\ProgramData\Escritorio\Xftp 6.lnk
2019-11-01 16:01 - 2019-11-01 16:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xftp 6
2019-11-01 16:00 - 2019-11-01 16:00 - 000002102 _____ C:\ProgramData\Escritorio\Xshell 6.lnk
2019-11-01 16:00 - 2019-11-01 16:00 - 000000000 ____D C:\Users\alber\AppData\Local\CrashRpt
2019-11-01 15:59 - 2019-11-01 16:01 - 000000000 ____D C:\Program Files (x86)\NetSarang
2019-11-01 15:59 - 2019-11-01 15:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xshell 6
2019-10-27 17:23 - 2019-10-27 17:23 - 000000000 ____D C:\Windows\system32\Tasks\S-1-5-21-673996061-760897978-3524476661-1001
2019-10-27 17:20 - 2019-10-27 17:20 - 000000000 ____D C:\Users\alber\AppData\Local\DIAL
2019-10-27 17:20 - 2019-10-27 17:20 - 000000000 ____D C:\Users\alber\AppData\Local\__SHARED

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-11-23 11:38 - 2018-12-12 18:17 - 000000000 ____D C:\Users\alber\AppData\Roaming\HwSynergy
2019-11-23 11:37 - 2018-12-12 18:06 - 001773366 _____ C:\Windows\system32\PerfStringBackup.INI
2019-11-23 11:37 - 2018-09-15 17:36 - 000791286 _____ C:\Windows\system32\perfh00A.dat
2019-11-23 11:37 - 2018-09-15 17:36 - 000156524 _____ C:\Windows\system32\perfc00A.dat
2019-11-23 11:37 - 2018-09-15 08:31 - 000000000 ____D C:\Windows\INF
2019-11-23 11:35 - 2018-12-12 18:27 - 000000000 ____D C:\ProgramData\NVIDIA
2019-11-23 11:31 - 2018-12-12 19:32 - 000000000 ____D C:\Users\alber\AppData\Local\Spotify
2019-11-23 11:31 - 2018-12-12 19:31 - 000000000 ____D C:\Users\alber\AppData\Roaming\Spotify
2019-11-23 11:31 - 2018-12-12 18:15 - 000000000 __SHD C:\Users\alber\IntelGraphicsProfiles
2019-11-23 11:31 - 2018-12-12 17:55 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-11-23 11:31 - 2018-09-15 08:33 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-11-23 11:31 - 2018-09-15 07:09 - 000786432 _____ C:\Windows\system32\config\BBI
2019-11-23 10:48 - 2019-10-22 21:41 - 000000000 ____D C:\Users\alber\AppData\LocalLow\Mozilla
2019-11-23 10:47 - 2018-12-12 18:06 - 000000000 ___RD C:\Users\alber\OneDrive
2019-11-23 10:47 - 2018-09-15 08:33 - 000000000 ___HD C:\Windows\ELAMBKUP
2019-11-22 18:39 - 2019-09-10 22:36 - 000000000 ____D C:\Users\alber\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CodeBlocks
2019-11-22 18:39 - 2019-02-10 21:32 - 000000000 ____D C:\Users\alber\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Crocodile Clips
2019-11-22 18:39 - 2018-12-12 18:46 - 000000000 ____D C:\Users\alber\AppData\Local\CrashDumps
2019-11-22 18:39 - 2018-09-15 08:33 - 000000000 ____D C:\Windows\LiveKernelReports
2019-11-22 18:03 - 2019-09-25 18:13 - 000000000 ____D C:\Users\alber\AppData\Roaming\PCManager
2019-11-22 18:03 - 2019-08-26 14:46 - 000000000 ____D C:\Users\alber\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Xiaomi
2019-11-22 17:56 - 2019-02-26 14:19 - 000000000 ____D C:\ProgramData\Autodesk
2019-11-22 17:55 - 2018-12-12 18:50 - 000002299 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-11-22 17:55 - 2018-12-12 18:50 - 000002258 _____ C:\ProgramData\Escritorio\Google Chrome.lnk
2019-11-22 17:55 - 2018-09-15 08:33 - 000000000 ___HD C:\Program Files\WindowsApps
2019-11-22 17:55 - 2018-09-15 08:33 - 000000000 ____D C:\Windows\AppReadiness
2019-11-18 13:34 - 2018-12-12 17:55 - 000000000 ____D C:\Windows\system32\SleepStudy
2019-11-18 10:34 - 2019-09-10 22:37 - 000000000 ____D C:\Users\alber\AppData\Roaming\CodeBlocks
2019-11-17 17:32 - 2018-12-12 19:04 - 000000000 ____D C:\Users\alber\AppData\Local\D3DSCache
2019-11-16 12:09 - 2018-12-12 18:02 - 000000000 ____D C:\Users\alber
2019-11-16 11:02 - 2019-02-13 18:52 - 000000000 ____D C:\Program Files (x86)\Dropbox
2019-11-16 11:01 - 2018-12-12 22:25 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2019-11-16 10:58 - 2018-12-12 18:03 - 000000000 __RHD C:\Users\Public\AccountPictures
2019-11-16 10:58 - 2018-12-12 18:03 - 000000000 ___RD C:\Users\alber\3D Objects
2019-11-16 10:58 - 2018-12-12 17:55 - 000596032 _____ C:\Windows\system32\FNTCACHE.DAT
2019-11-14 00:18 - 2018-09-15 08:33 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2019-11-14 00:18 - 2018-09-15 08:33 - 000000000 ____D C:\Windows\SysWOW64\Dism
2019-11-14 00:18 - 2018-09-15 08:33 - 000000000 ____D C:\Windows\system32\oobe
2019-11-14 00:18 - 2018-09-15 08:33 - 000000000 ____D C:\Windows\system32\appraiser
2019-11-14 00:18 - 2018-09-15 08:33 - 000000000 ____D C:\Windows\ShellExperiences
2019-11-14 00:18 - 2018-09-15 08:33 - 000000000 ____D C:\Windows\PolicyDefinitions
2019-11-14 00:18 - 2018-09-15 08:33 - 000000000 ____D C:\Windows\bcastdvr
2019-11-14 00:18 - 2018-09-15 07:09 - 000000000 ____D C:\Windows\system32\Dism
2019-11-14 00:04 - 2018-12-12 18:32 - 000000000 ____D C:\Windows\system32\MRT
2019-11-14 00:03 - 2018-12-12 18:32 - 128443096 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2019-11-14 00:03 - 2018-09-15 08:23 - 000000000 ____D C:\Windows\CbsTemp
2019-11-12 23:45 - 2018-12-12 18:25 - 000748816 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2019-11-12 19:06 - 2019-10-16 15:41 - 000000000 ____D C:\Users\alber\MATEMATICAS 3
2019-11-12 19:06 - 2019-07-15 16:48 - 000000000 ____D C:\Users\alber\AppData\Roaming\jupyter
2019-11-12 17:30 - 2018-12-12 18:03 - 000000000 ____D C:\Users\alber\AppData\Local\Packages
2019-11-11 22:52 - 2018-12-12 17:55 - 000000000 ____D C:\Windows\ServiceProfiles
2019-11-11 16:50 - 2019-09-27 11:02 - 000000000 ____D C:\ProgramData\National Instruments
2019-11-09 12:06 - 2018-09-15 08:33 - 000000000 ____D C:\Windows\system32\NDF
2019-11-08 11:02 - 2017-07-06 05:35 - 004952320 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2019-11-07 19:43 - 2018-12-12 18:44 - 000000000 ____D C:\ProgramData\Package Cache
2019-11-07 19:32 - 2018-09-15 08:36 - 000000000 ____D C:\Windows\Setup
2019-11-07 19:29 - 2018-09-15 08:33 - 000000000 ____D C:\Windows\security
2019-11-07 03:29 - 2017-07-06 02:29 - 000056238 _____ C:\Windows\system32\nvinfo.pb
2019-11-07 01:35 - 2018-12-12 18:28 - 005549688 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2019-11-07 01:35 - 2018-12-12 18:28 - 002650992 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2019-11-07 01:35 - 2018-12-12 18:28 - 001767264 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2019-11-07 01:35 - 2018-12-12 18:28 - 000668016 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll
2019-11-07 01:35 - 2018-12-12 18:28 - 000454680 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2019-11-07 01:35 - 2018-12-12 18:28 - 000129576 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2019-11-07 01:35 - 2018-12-12 18:28 - 000083576 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll
2019-11-06 22:52 - 2019-02-26 14:17 - 000000000 ____D C:\Users\alber\AppData\Local\Akamai
2019-11-06 14:19 - 2018-12-12 18:28 - 008782162 _____ C:\Windows\system32\nvcoproc.bin
2019-11-05 19:13 - 2019-10-08 07:07 - 000003652 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA1d57d9ea8f6e125
2019-11-05 19:13 - 2019-10-08 07:07 - 000003528 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore1d57d9ea8f3d450
2019-11-05 19:13 - 2018-12-12 18:06 - 000000000 ____D C:\Program Files (x86)\Google
2019-11-05 19:10 - 2019-05-30 00:10 - 000003976 _____ C:\Windows\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-11-05 19:10 - 2019-05-30 00:10 - 000003940 _____ C:\Windows\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-11-05 19:10 - 2019-05-30 00:10 - 000003858 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-11-05 19:10 - 2019-05-30 00:10 - 000003858 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-11-05 19:10 - 2019-05-30 00:10 - 000003858 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-11-05 19:10 - 2019-05-30 00:10 - 000003858 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-11-05 19:10 - 2019-04-23 19:50 - 000004106 _____ C:\Windows\system32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-11-05 19:10 - 2018-12-12 18:56 - 000001443 _____ C:\ProgramData\Escritorio\GeForce Experience.lnk
2019-11-05 19:10 - 2018-12-12 18:55 - 000004308 _____ C:\Windows\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-11-05 19:10 - 2018-12-12 18:55 - 000003894 _____ C:\Windows\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-11-05 19:10 - 2018-12-12 18:55 - 000003654 _____ C:\Windows\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-11-05 19:10 - 2018-12-12 18:27 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2019-11-05 19:10 - 2018-12-12 18:27 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2019-11-05 19:10 - 2018-12-12 18:27 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2019-11-02 19:51 - 2018-12-12 19:20 - 000007597 _____ C:\Users\alber\AppData\Local\Resmon.ResmonCfg
2019-11-02 16:52 - 2019-10-22 21:41 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-11-02 11:49 - 2019-10-22 21:41 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2019-11-01 16:01 - 2019-06-04 10:00 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2019-11-01 15:53 - 2018-12-12 18:07 - 000000000 ____D C:\Users\alber\AppData\Local\PlaceholderTileLogoFolder
2019-11-01 15:51 - 2018-12-12 18:23 - 000000000 ____D C:\ProgramData\Packages
2019-10-29 21:25 - 2018-12-12 17:55 - 000000000 ____D C:\Windows\system32\Drivers\wd
2019-10-27 17:18 - 2019-03-04 11:57 - 000000000 ____D C:\ProgramData\RevitInterProcess
2019-10-24 15:01 - 2019-05-30 00:10 - 002845208 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2019-10-24 15:01 - 2019-05-30 00:10 - 002209136 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2019-10-24 15:01 - 2019-05-30 00:10 - 001323112 _____ (NVIDIA Corporation) C:\Windows\system32\NvRtmpStreamer64.dll

==================== Files in the root of some directories ========

2018-12-12 19:20 - 2019-11-02 19:51 - 000007597 _____ () C:\Users\alber\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Addition1

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21-11-2019
Ran by alber (23-11-2019 11:39:43)
Running from C:\Users\alber\OneDrive\Escritorio
Windows 10 Home Version 1809 17763.864 (X64) (2018-12-12 16:59:31)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrador (S-1-5-21-673996061-760897978-3524476661-500 - Administrator - Disabled)
alber (S-1-5-21-673996061-760897978-3524476661-1001 - Administrator - Enabled) => C:\Users\alber
DefaultAccount (S-1-5-21-673996061-760897978-3524476661-503 - Limited - Disabled)
Invitado (S-1-5-21-673996061-760897978-3524476661-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-673996061-760897978-3524476661-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

ACA & MEP 2019 Object Enabler (HKLM\...\{28B89EEF-2004-0000-5102-CF3F3A09B77D}) (Version: 8.1.44.0 - Autodesk) Hidden
ACAD Private (HKLM\...\{28B89EEF-2001-0000-3102-CF3F3A09B77D}) (Version: 23.0.46.0 - Autodesk) Hidden
Actualización de NVIDIA 38.0.2.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 38.0.2.0 - NVIDIA Corporation) Hidden
Adobe Acrobat Reader DC - Español (HKLM-x32\...\{AC76BA86-7AD7-1034-7B44-AC0F074E4100}) (Version: 19.021.20056 - Adobe Systems Incorporated)
Anaconda3 2019.03 (Python 3.7.3 64-bit) (HKU\S-1-5-21-673996061-760897978-3524476661-1001\...\Anaconda3 2019.03 (Python 3.7.3 64-bit)) (Version: 2019.03 - Anaconda, Inc.)
Aplicación de escritorio de Autodesk (HKLM-x32\...\Autodesk Desktop App) (Version: 7.0.16.29 - Autodesk)
Aplicaciones destacadas de Autodesk 2016-2019 (HKLM-x32\...\{79F5747D-A961-4CCD-88B0-41F004D79AEB}) (Version: 2.5.0 - Autodesk)
AutoCAD 2019 - Español (Spanish) (HKLM\...\{28B89EEF-2001-040A-2102-CF3F3A09B77D}) (Version: 23.0.46.0 - Autodesk) Hidden
AutoCAD 2019  Language Pack - Español (Spanish) (HKLM\...\{28B89EEF-2001-040A-1102-CF3F3A09B77D}) (Version: 23.0.103.0 - Autodesk) Hidden
AutoCAD 2019 (HKLM\...\{28B89EEF-2001-0000-0102-CF3F3A09B77D}) (Version: 23.0.162.0 - Autodesk) Hidden
Autodesk Advanced Material Library Base Resolution Image Library 2019 (HKLM-x32\...\{105181A1-013C-4EE7-A368-999FD7ED950A}) (Version: 17.11.3.0 - Autodesk)
Autodesk Advanced Material Library Low Resolution Image Library 2019 (HKLM-x32\...\{ACC0DD09-7E20-4792-87D5-BDBE40206584}) (Version: 17.11.3.0 - Autodesk)
Autodesk Advanced Material Library Medium Resolution Image Library 2019 (HKLM-x32\...\{078698AF-8BB1-4631-86D0-D91FEE147256}) (Version: 17.11.3.0 - Autodesk)
Autodesk App Manager 2016-2019 (HKLM-x32\...\{C1BF29A7-2D9E-4E8D-A3C1-02F6B20B8AB7}) (Version: 2.5.0 - Autodesk)
Autodesk AutoCAD 2019 - Español (Spanish) (HKLM\...\AutoCAD 2019 - Español (Spanish)) (Version: 23.0.46.0 - Autodesk)
Autodesk AutoCAD 2019.1.2 Update (HKLM-x32\...\{f4f9ba0b-2001-0000-0102-f66cecbc6200}) (Version: 23.0.162.0 - Autodesk)
Autodesk AutoCAD Performance Feedback Tool 1.3.0 (HKLM-x32\...\{448BC38C-2654-48CD-BB43-F59A37854A3E}) (Version: 1.3.0.0 - Autodesk)
Autodesk BIM 360 Glue AutoCAD 2019 Add-in 64 bit (HKLM\...\{59758C9C-FB82-4430-852C-FC79BBE62982}) (Version: 4.70.9 - Autodesk)
Autodesk Certificate Package  (x64) - 7.1.4 (HKLM\...\{1C891560-9ECD-4234-8BBD-752AFE0682D7}) (Version: 7.1.4.0 - Autodesk)
Autodesk Collaboration for Revit 2019 (HKLM\...\{AA384BE4-1901-0010-0000-97E7D7D00B17}) (Version: 19.0.1.1 - Autodesk) Hidden
Autodesk Collaboration for Revit 2019 (HKLM\...\Autodesk Collaboration for Revit 2019) (Version: 19.0.1.1 - Autodesk)
Autodesk License Service (x64) - 7.1.4 (HKLM\...\{F53D6D10-7A75-4A39-8C53-A3D855C7C50A}) (Version: 7.1.4.0 - Autodesk)
Autodesk Material Library 2019 (HKLM-x32\...\{8F69EE2C-DC34-4746-9B47-7511147BD4B0}) (Version: 17.11.3.0 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2019 (HKLM-x32\...\{3AAA4C1B-51DA-487D-81A3-4234DBB9A8F9}) (Version: 17.11.3.0 - Autodesk)
Autodesk Material Library Low Resolution Image Library 2019 (HKLM-x32\...\{77F779B8-3262-4014-97E9-36D6933A1904}) (Version: 17.11.3.0 - Autodesk)
Autodesk Material Library Medium Resolution Image Library 2019 (HKLM-x32\...\{2E819775-E94C-42CC-9C5D-ABB2ADABC7C2}) (Version: 17.11.3.0 - Autodesk)
Autodesk Network License Manager (HKLM\...\{4BE91685-1632-47FC-B563-A8A542C6664C}) (Version: 11.12.0 - Autodesk)
Autodesk ReCap Photo Update 19.1.0 (HKLM-x32\...\{11b0543e-b0f6-438b-8de5-ac6bbe34cc8f}) (Version: 19.1.0.10 - Autodesk)
Autodesk Revit 2019 (HKLM\...\Autodesk Revit 2019) (Version: 19.0.1.1 - Autodesk)
Autodesk Revit 2019 (HKLM\...\Revit 2019) (Version:  - )
Autodesk Revit 2019 MEP Fabrication Configuration - Imperial (HKLM\...\{7B1D0D58-E2A9-400B-9663-86FD56CB44B9}) (Version: 2.2 - Autodesk)
Autodesk Revit 2019 MEP Fabrication Configuration - Metric (HKLM\...\{8E6AEB11-ECE7-475A-BB7D-1D6719B2F8BA}) (Version: 2.2 - Autodesk)
Autodesk Revit Content Libraries 2019 (HKLM\...\Autodesk Revit Content Libraries 2019) (Version: 19.0.1.1 - Autodesk)
Autodesk Revit Content Libraries 2019 (HKLM\...\Revit Content Libraries 2019) (Version:  - )
Autodesk Revit Model Review 2019 (HKLM\...\{715812E8-1901-0010-0000-BBB894911B46}) (Version: 19.0.1.1 - Autodesk) Hidden
Autodesk Revit Model Review 2019 (HKLM\...\Autodesk Revit Model Review 2019) (Version: 19.0.1.1 - Autodesk)
Autodesk Workflows 2019 (HKLM\...\{F9857F69-9B57-4DF2-8930-7A4D5F8D5635}) (Version: 17.11.1.0 - Autodesk, Inc.)
Automation Software Updater (HKLM-x32\...\{CCC0B7DD-EBDB-4DF1-BC0E-5F37ED239DEA}) (Version: 02.00.0000 - Siemens AG) Hidden
Batch Print for Autodesk Revit 2019 (HKLM\...\{82AF00E4-1901-0010-0000-FCE0F87063F9}) (Version: 19.0.1.1 - Autodesk) Hidden
Batch Print for Autodesk Revit 2019 (HKLM\...\Batch Print for Autodesk Revit 2019) (Version: 19.0.1.1 - Autodesk)
Campos magneticos (HKLM-x32\...\{C294D861-87A5-464D-BC25-6E819E92C959}) (Version: 1.0.0 - Universidad de Valladolid)
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version:  - )
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.1.1 - Canon Inc.)
Canon MG5300 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5300_series) (Version:  - Canon Inc.)
Canon MP Navigator EX 5.0 (HKLM-x32\...\MP Navigator EX 5.0) (Version:  - )
CCleaner (HKLM\...\CCleaner) (Version: 5.62 - Piriform)
Chrome Remote Desktop Host (HKLM-x32\...\{738276A2-92E7-4313-9E4D-D090F7DA98EC}) (Version: 79.0.3945.10 - Google Inc.)
CodeBlocks (HKU\S-1-5-21-673996061-760897978-3524476661-1001\...\CodeBlocks) (Version: 17.12 - The Code::Blocks Team)
Dropbox (HKLM-x32\...\Dropbox) (Version: 85.4.155 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.241.1 - Dropbox, Inc.) Hidden
Dynamo Core 1.3.3 (HKLM\...\{F1AA809A-3D47-4FB9-8854-93E070C66A20}) (Version: 1.3.3.4111 - Dynamo)
Dynamo Revit 1.3.3 (HKLM\...\{DE076F37-60CA-4BDC-A5A3-B300DEA4358C}) (Version: 1.3.3.4111 - Dynamo)
eTransmit for Autodesk Revit 2019 (HKLM\...\{4477F08B-1901-0010-0000-9A09D834DFF5}) (Version: 19.0.1.1 - Autodesk) Hidden
eTransmit for Autodesk Revit 2019 (HKLM\...\eTransmit for Autodesk Revit 2019) (Version: 19.0.1.1 - Autodesk)
FARO LS 1.1.502.0 (64bit) (HKLM-x32\...\{66D83FE0-D798-4B38-86FE-FB48151E5AEF}) (Version: 5.2.0.35213 - FARO Scanner Production)
FARO LS 1.1.700.0 (64bit) (HKLM-x32\...\{FF6E9382-0B85-48DE-888F-76EFD9A87038}) (Version: 7.0.0.23 - FARO Scanner Production)
FluidSIM Pneumatics V 4.2 English version 4.2 (HKLM-x32\...\{fluidp42-engE-4D49-A917-2952BA1249D3}_is1) (Version: 4.2 - FESTO, Inc.)
FormIt Converter For Revit 2019 (HKLM\...\{5E47699C-B0DE-443F-92AE-1D1334499D5E}) (Version: 1.9.6.0 - Autodesk)
FortiClient (HKLM\...\{97D17486-D465-4102-83A4-F788846EA3CF}) (Version: 6.0.8.0261 - Fortinet Technologies Inc)
Gameloop (HKLM-x32\...\MobileGamePC) (Version: 1.0.0.1 - Tencent Technology Company)
GÉANTLink 1.2a x64 (HKLM\...\{B43F5526-283F-4634-8841-51B7CB6D5AEC}) (Version: 1.2.5 - GÉANT)
Gestión de ensayos eléctricos (HKLM-x32\...\{2A4193AA-6801-4075-AEA2-19B7C22B5F4D}) (Version: 5.0.0 - Aulamoisan)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 78.0.3904.108 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.341 - Google LLC) Hidden
HwOsd 9.0.1.66 (HKLM\...\HwOsd) (Version: 9.0.1.66 - Huawei Technologies Co., Ltd.)
Importación de SketchUp 2016 (HKLM-x32\...\{C769FB7C-1F55-4B31-9A2A-21CEC50F4F92}) (Version: 2.0.0 - Autodesk)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 22.20.16.4815 - Intel Corporation)
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{00000080-0190-1034-84C8-B8D95FA3C8C3}) (Version: 19.80.0 - Intel Corporation)
IronPython 2.7.3 (HKLM-x32\...\{1EBADAEA-1A0F-40E3-848C-0DD8C5E5A10D}) (Version: 2.7.31000.0 - IronPython Team)
Leer datos laboratorio Máquina Eléctricas UVa (HKLM-x32\...\{FBCFD0E2-6237-4F91-AF60-E8D9FA3314CD}) (Version: 1.0.42 - Aulamoisan)
Math Kernel Libraries (64-bit) (HKLM\...\{C8AE1FF1-C898-4171-B03B-94D5E487C2D8}) (Version: 17.01.49152 - National Instruments) Hidden
Math Kernel Libraries (64-bit) (HKLM\...\{CE86A4F6-834F-4A88-B219-283946FAB878}) (Version: 18.01.49152 - National Instruments) Hidden
Math Kernel Libraries (HKLM-x32\...\{14B23AC5-B7EF-47D1-A57D-8666BAEE13C3}) (Version: 18.01.49152 - National Instruments) Hidden
Math Kernel Libraries (HKLM-x32\...\{6A8A28A0-4568-4718-A3E7-F951C191602B}) (Version: 17.01.49152 - National Instruments) Hidden
MATLAB R2017b (HKLM\...\Matlab R2017b) (Version: 9.3 - MathWorks)
Microsoft Office 365 ProPlus - es-es (HKLM\...\O365ProPlusRetail - es-es) (Version: 16.0.11328.20438 - Microsoft Corporation)
Microsoft OneDrive (HKU\.DEFAULT\...\OneDriveSetup.exe) (Version: 17.3.6743.1212 - Microsoft Corporation)
Microsoft Primary Interoperability Assemblies 2005 (HKLM-x32\...\{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft SQL Server 2014 Express LocalDB  (HKLM\...\{52EBC484-44A1-4DC5-824A-0A503735ABD8}) (Version: 12.1.4100.1 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.12.25810 (HKLM-x32\...\{e2ee15e2-a480-4bc5-bfb7-e9803d1d9823}) (Version: 14.12.25810.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.12.25810 (HKLM-x32\...\{56e11d69-7cc9-40a5-a4f9-8f6190c4d84d}) (Version: 14.12.25810.0 - Microsoft Corporation)
Mozilla Firefox 70.0.1 (x64 es-ES) (HKLM\...\Mozilla Firefox 70.0.1 (x64 es-ES)) (Version: 70.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 70.0 - Mozilla)
National Instruments Software (HKLM-x32\...\NI Uninstaller) (Version:  - National Instruments)
NI Atomic PXIe Peripheral Module Driver 17.3.0 (HKLM-x32\...\{E704B67A-4084-41D1-AEDB-105D9EADDAEC}) (Version: 17.30.49152 - National Instruments) Hidden
NI Authentication 2019 (64-bit) (HKLM\...\{E6E380E8-65B5-403B-9CE5-2F8E61885864}) (Version: 19.00.49152 - National Instruments) Hidden
NI Authentication 2019 (HKLM-x32\...\{E28CF12C-112B-4023-BBA3-C5D30CE583DC}) (Version: 19.00.49152 - National Instruments) Hidden
NI Certificates 2.0.1 (HKLM-x32\...\{AC57A877-D5B3-4B78-A5D6-743E01261347}) (Version: 2.01.49152 - National Instruments) Hidden
NI Curl 19.0.0 (64-bit) (HKLM\...\{0B70FBA3-C887-4B13-976E-DBA47D7F7E08}) (Version: 19.00.49152 - National Instruments) Hidden
NI Curl 2019 (HKLM-x32\...\{B29007A1-E053-46E4-8A51-6803638AF06D}) (Version: 19.00.49152 - National Instruments) Hidden
NI Error Reporting Interface 19.0 (HKLM-x32\...\{69181DFA-D7CA-4AFE-98E2-A985F32B557B}) (Version: 19.00.49152 - National Instruments) Hidden
NI Error Reporting Interface 19.0 for Windows (64-bit) (HKLM\...\{F45959B1-0729-4CF7-8DAF-4EA9F59AB8CF}) (Version: 19.00.49152 - National Instruments) Hidden
NI EulaDepot (HKLM-x32\...\{F8018104-6294-4896-A9E2-CBC919992310}) (Version: 19.00.49152 - National Instruments) Hidden
NI LabVIEW 2012 Deployment Framework (HKLM-x32\...\{27B67D4C-407D-43FF-BCDE-B9E3208070E3}) (Version: 12.0.369.0 - National Instruments) Hidden
NI LabVIEW 2018 Real-Time NBFifo (HKLM-x32\...\{A8F81958-F3CF-445A-8906-86A2A3FDAB8C}) (Version: 18.00.49152 - National Instruments) Hidden
NI LabVIEW 2018 Run-Time Engine Web Server (HKLM-x32\...\{02D35D4E-CA79-4231-A491-9B692F3372E3}) (Version: 18.00.49152 - National Instruments) Hidden
NI LabVIEW 2019 Real-Time NBFifo (HKLM-x32\...\{E1D9B566-15DF-41AE-8342-800FD1A6A7A9}) (Version: 19.00.49152 - National Instruments) Hidden
NI LabVIEW 2019 Run-Time Engine Web Server (HKLM-x32\...\{39E48FFF-ED88-4231-A9A7-198A9CE4CCE4}) (Version: 19.00.49152 - National Instruments) Hidden
NI LabVIEW Runtime 2018 f2 (HKLM-x32\...\{1A304EEE-52F4-4217-A14E-A1B409FA933E}) (Version: 18.02.49154 - National Instruments) Hidden
NI LabVIEW Runtime 2018 Non-English Support. (HKLM-x32\...\{FC073161-1D10-472A-A5C5-1CCAF295760C}) (Version: 18.00.49152 - National Instruments) Hidden
NI LabVIEW Runtime 2019 f2 (HKLM-x32\...\{EE27B7AE-EC56-49EC-9153-7D4CE64EDCA2}) (Version: 19.02.49152 - National Instruments) Hidden
NI LabVIEW Runtime 2019 Non-English Support. (HKLM-x32\...\{21BC6C6B-8341-48B5-9FDC-CF25E4969533}) (Version: 19.00.49152 - National Instruments) Hidden
NI LabVIEW Run-Time Engine 2012 (HKLM-x32\...\{3854EDA2-20A9-4A25-9A29-47A8BBF48DEB}) (Version: 12.0.377.0 - National Instruments) Hidden
NI LabVIEW Run-Time Engine Interop 2012 (HKLM-x32\...\{8D94EB99-D4FC-44C7-A2E2-CD82E0EFF101}) (Version: 12.0.146.0 - National Instruments) Hidden
NI LabVIEW Runtime Interop 2018 (HKLM-x32\...\{302F21E0-288C-43A5-AF00-DF67B807C985}) (Version: 18.02.49154 - National Instruments) Hidden
NI LabVIEW Runtime Interop 2019 (HKLM-x32\...\{021AE42C-985C-40A6-A63E-638CA6A6C152}) (Version: 19.02.49152 - National Instruments) Hidden
NI LabWindows/CVI 2010 SP1 Low-Level Driver (Original) (HKLM-x32\...\{2B1D39F8-477A-4B40-B062-F5E0C4D42B9B}) (Version: 10.0.1434 - National Instruments) Hidden
NI LabWindows/CVI 2010 SP1 Low-Level Driver (Updated) (HKLM-x32\...\{74DBB98D-B4A7-4DD9-9E13-C51FDB1105D0}) (Version: 10.0.1434 - National Instruments) Hidden
NI Logos 19.0 (64-bit) (HKLM\...\{7C768772-3A4B-445D-A29E-14A2FDA1545D}) (Version: 19.00.49152 - National Instruments) Hidden
NI Logos 19.0 (HKLM-x32\...\{60684600-163F-45D7-83DB-E247FA48D81F}) (Version: 19.00.49152 - National Instruments) Hidden
NI Logos XT Support (HKLM-x32\...\{52981014-740C-430E-A83A-711186DF565B}) (Version: 19.00.49152 - National Instruments) Hidden
NI Logos64 XT Support (HKLM\...\{FE3294EC-57C4-4B24-9C4B-D734C2761458}) (Version: 19.00.49152 - National Instruments) Hidden
NI MDF Support (HKLM-x32\...\{ED664E5A-6D28-48EA-A2EE-B6356EF01B37}) (Version: 19.00.49156 - National Instruments) Hidden
NI mDNS Responder 19.0 for Windows 64-bit (HKLM\...\{9A436E28-853F-4FF1-9B6A-DF8CFDBA3A01}) (Version: 19.00.49152 - National Instruments) Hidden
NI mDNS Responder 19.0.0 (HKLM-x32\...\{5E39EF13-6B0A-4C7A-B7FB-608DB58D1D73}) (Version: 19.00.49152 - National Instruments) Hidden
NI Measurement Studio ComponentWorks 3D Graph (HKLM-x32\...\{A9B6FC03-1277-40DF-A475-32389FD27883}) (Version: 8.75.49152 - National Instruments) Hidden
NI Microsoft Visual C++ 2015 Run-Time (HKLM-x32\...\{AFC999BB-F270-46EF-B748-AE755EC75322}) (Version: 14.15.49152 - National Instruments) Hidden
NI MSI Properties (HKLM-x32\...\{820FB6E8-8856-48D7-934C-76169DCCFD48}) (Version: 19.00.49156 - National Instruments) Hidden
NI MSI Properties 64-bit (HKLM\...\{2F5E00C7-C0E0-4252-94A4-6144F6AD879D}) (Version: 19.00.49156 - National Instruments) Hidden
NI MXS 19.0.0 (HKLM-x32\...\{FEC6BAA0-CCCC-485B-ABFA-4A349FC25C45}) (Version: 19.00.49152 - National Instruments) Hidden
NI MXS 19.0.0 for 64 Bit Windows (HKLM\...\{9330A64F-F4E5-4AD3-8E24-974ACB115723}) (Version: 19.00.49152 - National Instruments) Hidden
NI Portable Configuration 19.0.0 (HKLM-x32\...\{8CA5A8AA-78BD-46D2-9C05-1C27D18AB913}) (Version: 19.00.49152 - National Instruments) Hidden
NI Portable Configuration for 64 Bit Windows 19.0.0 (HKLM\...\{C5298B1E-5CAA-45D2-BA4B-AF44B37F3639}) (Version: 19.00.49152 - National Instruments) Hidden
NI Python Interface (64-bit) (HKLM\...\{5C7A1916-A4BD-426E-8885-3AA000F37B5E}) (Version: 19.00.49152 - National Instruments) Hidden
NI Python Interface (HKLM-x32\...\{678D1766-7559-4F34-BCAE-54CB3A6B6346}) (Version: 19.00.49152 - National Instruments) Hidden
NI Security Update (KB 67L8LCQW) (64-bit) (HKLM\...\{3BD1EEE5-2B3D-428A-9CAB-4DE4A38070C4}) (Version: 2.10.49152 - National Instruments) Hidden
NI Security Update (KB 67L8LCQW) (HKLM-x32\...\{64ECB814-3A6A-4E48-9D2F-D6C2EDD725B7}) (Version: 2.10.49152 - National Instruments) Hidden
NI Service Locator 2019 (HKLM-x32\...\{FF4257C4-CB02-4A5F-9B09-D7FB822E53C2}) (Version: 19.00.49153 - National Instruments) Hidden
NI SSL LabVIEW RTE 2018 Support (HKLM-x32\...\{8B982D63-8902-41CC-B707-68ED47858ADC}) (Version: 18.00.49152 - National Instruments) Hidden
NI SSL LabVIEW RTE 2019 Support (HKLM-x32\...\{B18B5A4C-AFA8-40D3-AEB8-F9DA8D9964D6}) (Version: 19.00.49152 - National Instruments) Hidden
NI SSL Support (64-bit) (HKLM\...\{90194484-29A1-4A4F-BC69-86A5FFD998BB}) (Version: 19.00.49152 - National Instruments) Hidden
NI SSL Support (HKLM-x32\...\{81710CDC-7B4D-4A91-8D44-8E2F8B5C2B6E}) (Version: 19.00.49152 - National Instruments) Hidden
NI System API Windows 32-bit 19.0.0 (HKLM-x32\...\{FA85DBC5-063E-4CA0-9E3A-7C1180D8F7AE}) (Version: 19.00.49154 - National Instruments) Hidden
NI System API Windows 64-bit 19.0.0 (HKLM\...\{FF8D25A5-B402-4D6B-9C61-755731F76A48}) (Version: 19.00.49154 - National Instruments) Hidden
NI System Logging Utilities (HKLM-x32\...\{A8EA269D-0DB9-4EF3-A55C-D1A1698510B8}) (Version: 19.00.49152 - National Instruments) Hidden
NI System State Publisher (64-bit) (HKLM\...\{5EAE3D65-8EB6-4592-8DE9-916BE2450C12}) (Version: 19.00.49152 - National Instruments) Hidden
NI System State Publisher (HKLM-x32\...\{CB09014A-8C9C-40D7-ADA0-EB0DE9E7FE1F}) (Version: 19.00.49152 - National Instruments) Hidden
NI Trace Engine (64-bit) (HKLM\...\{4858AE0F-D4FB-441E-9BB8-442115A9D282}) (Version: 19.00.49152 - National Instruments) Hidden
NI Trace Engine (HKLM-x32\...\{5156FF00-C463-4A1F-9063-F7012042E7F0}) (Version: 19.00.49152 - National Instruments) Hidden
NI Uninstaller 19.0.0 (HKLM-x32\...\{88104A0D-1729-4A73-B798-80BEFC243F18}) (Version: 19.00.49156 - National Instruments) Hidden
NI VC2008RTE x64 (HKLM\...\{EDB711DF-86C3-4593-811D-98663B0CCE37}) (Version: 9.10.49152 - National Instruments) Hidden
NI VC2008RTE x86 (HKLM-x32\...\{A4FAF873-938B-43B8-BBF2-E4B2C0CE730B}) (Version: 9.10.49152 - National Instruments) Hidden
NI VISA Shared Components Wrapper Core (HKLM-x32\...\{56835848-FC77-4EAC-8467-F5B3F25AF987}) (Version: 5.110.49152 - National Instruments) Hidden
NI Xerces Delay Load 2.7.10 (HKLM-x32\...\{139B293A-1226-4199-AC8D-A238ADC86EB9}) (Version: 2.179.49152 - National Instruments) Hidden
NI Xerces Delay Load 2.7.9 64-bit (HKLM\...\{D38ECE18-4AE9-4AA2-87D6-5A24CB096572}) (Version: 2.79.49152 - National Instruments) Hidden
NI-APAL 19.0 64-Bit Error Files (HKLM\...\{A317A4DC-DA12-4BC9-AA0F-3B8C2B24899B}) (Version: 19.00.49152 - National Instruments) Hidden
NI-APAL 19.0 Error Files (HKLM-x32\...\{CDB47FFA-0760-4888-A5D2-54CDA3C8C29E}) (Version: 19.00.49152 - National Instruments) Hidden
NI-DIM 18.0.0 (HKLM-x32\...\{214928D1-56D4-4978-A104-2ABCE8C5242C}) (Version: 18.00.49152 - National Instruments) Hidden
NI-DIM 18.0.0 for 64-bit Windows (HKLM\...\{89097888-420A-4C49-8A88-5E9EC11B6D4E}) (Version: 18.00.49152 - National Instruments) Hidden
NI-ORB 17.0 (HKLM-x32\...\{5E4DCDD5-4587-4F43-A325-9BEEB2088B4B}) (Version: 17.00.49153 - National Instruments) Hidden
NI-ORB 17.0 for 64-bit Windows (HKLM\...\{5A71C2B6-4867-4E29-B7C8-C243B821912B}) (Version: 17.00.49153 - National Instruments) Hidden
NI-PAL 19.0 (HKLM-x32\...\{F7BFA33C-DF4A-477C-82BB-E00827A03654}) (Version: 19.00.49152 - National Instruments) Hidden
NI-PAL 19.0 64-Bit Error Files (HKLM\...\{E766BEB6-4E0A-4A47-8DAD-0C5CFD694287}) (Version: 19.00.49152 - National Instruments) Hidden
NI-PAL 19.0 Error Files (HKLM-x32\...\{238429CC-CB53-434F-B446-C8281815057E}) (Version: 19.00.49152 - National Instruments) Hidden
NI-PAL 19.0 for 64 Bit Windows (HKLM\...\{22F86206-A8D9-4D47-8707-9C4058A7533D}) (Version: 19.00.49152 - National Instruments) Hidden
NI-PXIPF Error 19.0.0 (HKLM-x32\...\{0718DA15-62AE-42BF-BE2D-E1929A3E1099}) (Version: 19.00.49152 - National Instruments) Hidden
NI-PXIPF Error 19.0.0 for 64-bit Windows (HKLM\...\{1FF1AD3F-CC9E-4EDA-88DF-C31BC4E84E45}) (Version: 19.00.49152 - National Instruments) Hidden
NI-QPXI 19.0.0 (HKLM-x32\...\{6EA91453-64A5-4024-BB1F-7E5BA38E22D1}) (Version: 19.00.49152 - National Instruments) Hidden
NI-QPXI 19.0.0 for 64-bit Windows (HKLM\...\{EB914D92-59A4-44DB-9FA5-1DF0111589D2}) (Version: 19.00.49152 - National Instruments) Hidden
NI-RoCo Error Files 18.0.0 (HKLM-x32\...\{DCB32F04-543D-455E-ADFE-E7B9AAC91FE8}) (Version: 18.00.49152 - National Instruments) Hidden
NI-ROCO Error Files 18.0.0 for 64-bit Windows (HKLM\...\{AEE286C6-729A-467F-B5D4-451A4976E53F}) (Version: 18.00.49152 - National Instruments) Hidden
NI-RPC 16.0.0f0 for Phar Lap ETS (HKLM-x32\...\{047392F7-F447-4947-AD5C-D74E7F0F4AA9}) (Version: 16.00.49152 - National Instruments) Hidden
NI-RPC 19.0.0f0 (HKLM-x32\...\{EFC648C5-F3BC-4096-9AFE-23121EF06828}) (Version: 19.00.49152 - National Instruments) Hidden
NI-RPC 19.0.0f0 for 64 Bit Windows (HKLM\...\{4E3378C2-DC06-4778-86F9-CDFFD56B9C20}) (Version: 19.00.49152 - National Instruments) Hidden
NI-RPC 19.0.0f0 for Phar Lap ETS (HKLM-x32\...\{FB7B16DB-F395-4D41-A557-80386E0D771E}) (Version: 19.00.49152 - National Instruments) Hidden
NI-Serial Runtime 17.5 (HKLM-x32\...\{5270CDA8-6512-4F0E-8BAE-1CE3ECC2FDFD}) (Version: 17.50.49152 - National Instruments) Hidden
NI-Serial Runtime 17.5 64-bit (HKLM\...\{BD48626C-BC20-4580-9721-466D7DE44396}) (Version: 17.50.49152 - National Instruments) Hidden
Nitro Pro (HKLM\...\{14549B41-93D0-44EA-99C0-DCA7961E2BA1}) (Version: 12.0.0.112 - Nitro)
NI-VISA 64-bit Headers 19.0.0 (HKLM\...\{2C0927A8-F958-449B-89F4-609264DAAF39}) (Version: 19.00.49152 - National Instruments) Hidden
NI-VISA ENET Passport (64-Bit) 19.0.0 64-Bit (HKLM\...\{A22AB7F1-746E-4296-80AE-3694ECF3C0EE}) (Version: 19.00.49152 - National Instruments) Hidden
NI-VISA ENET Passport 19.0.0 (HKLM-x32\...\{F5A1B01A-5DA0-4E01-9DCD-263BD60B09A6}) (Version: 19.00.49152 - National Instruments) Hidden
NI-VISA Enet Serial Passport (64-Bit) 19.0.0 64-Bit (HKLM\...\{FE36A691-4EC2-4DDF-887F-F648BFE6453F}) (Version: 19.00.49152 - National Instruments) Hidden
NI-VISA ENET-Serial Passport 19.0.0 (HKLM-x32\...\{0EDC6197-1568-40AF-B31A-75DC08335991}) (Version: 19.00.49152 - National Instruments) Hidden
NI-VISA Errors 19.0.0 (HKLM-x32\...\{75747B47-816C-4D6C-907C-0BCD82AA9017}) (Version: 19.00.49152 - National Instruments) Hidden
NI-VISA Errors x64 19.0.0 (HKLM\...\{2770EA65-0ED8-4C91-824B-F4399E303EC0}) (Version: 19.00.49152 - National Instruments) Hidden
NI-VISA GPIB Passport (64-Bit) 19.0.0 64-Bit (HKLM\...\{0AD2C4A4-0B21-4395-ADF0-0CE7542CE9CB}) (Version: 19.00.49152 - National Instruments) Hidden
NI-VISA GPIB Passport 19.0.0 (HKLM-x32\...\{26EE21C0-088A-4E92-A1CE-8535968CBF9C}) (Version: 19.00.49152 - National Instruments) Hidden
NI-VISA Headers 19.0.0 (HKLM-x32\...\{76D52089-02AC-46AF-A013-F8206B55F722}) (Version: 19.00.49152 - National Instruments) Hidden
NI-VISA PXI Passport (64-Bit) 19.0.0 64-Bit (HKLM\...\{54F6DFD2-2B46-46C2-AB64-6664644BABF9}) (Version: 19.00.49152 - National Instruments) Hidden
NI-VISA PXI Passport 19.0.0 (HKLM-x32\...\{FEFD819E-523F-4919-8151-9F7B5DE999AB}) (Version: 19.00.49152 - National Instruments) Hidden
NI-VISA Remote Passport (64-Bit) 19.0.0 64-Bit (HKLM\...\{C4AAC632-61DA-4639-81C1-165FFC1F7F4F}) (Version: 19.00.49152 - National Instruments) Hidden
NI-VISA Remote Passport 19.0.0 (HKLM-x32\...\{840E0F21-282D-4E7A-85BD-EF7D77FF8F6B}) (Version: 19.00.49152 - National Instruments) Hidden
NI-VISA Runtime 19.0.0 (HKLM-x32\...\{EACEADFB-F69A-4FA2-8AF8-7A4A57C48A2D}) (Version: 19.00.49152 - National Instruments) Hidden
NI-VISA Serial Passport (64-Bit) 19.0.0 64-Bit (HKLM\...\{7A62D738-8017-4298-B3A3-EB0F24BC259E}) (Version: 19.00.49152 - National Instruments) Hidden
NI-VISA Serial Passport 19.0.0 (HKLM-x32\...\{AF170C9E-251A-4F6A-B56A-AB62879FA6B2}) (Version: 19.00.49152 - National Instruments) Hidden
NI-VISA SysAPI x64 support 19.0.0 (HKLM\...\{A2258F70-4FBA-444A-AF2F-85B45B9026BE}) (Version: 19.00.49152 - National Instruments) Hidden
NI-VISA System API Support 19.0.0 (HKLM-x32\...\{188FE206-B0A6-43EB-85A3-37080D3E9CC2}) (Version: 19.00.49152 - National Instruments) Hidden
NI-VISA TULIP Passport 19.0.0 (HKLM-x32\...\{326C5DFC-D2BE-4CB4-B9EB-E55696D74837}) (Version: 19.00.49152 - National Instruments) Hidden
NI-VISA USB Passport (64-Bit) 19.0.0 64-Bit (HKLM\...\{C27443D4-59C7-4B3C-B857-18893A7B4281}) (Version: 19.00.49152 - National Instruments) Hidden
NI-VISA USB Passport 19.0.0 (HKLM-x32\...\{E8B35E60-6DAB-4C72-99D3-6ABE148C089D}) (Version: 19.00.49152 - National Instruments) Hidden
NI-VISA x64 support 19.0.0 (HKLM\...\{CFE28E9E-E8AC-444D-A98C-3E3EE6C42327}) (Version: 19.00.49152 - National Instruments) Hidden
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.19 - NVIDIA Corporation) Hidden
NVIDIA Controlador de gráficos 441.20 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 441.20 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.20.1.57 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.1.57 - NVIDIA Corporation)
NVIDIA Software del sistema PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.11328.20438 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.11328.20438 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.11328.20438 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0C0A-0000-0000000FF1CE}) (Version: 16.0.11328.20438 - Microsoft Corporation) Hidden
Panel de control de NVIDIA 441.20 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 441.20 - NVIDIA Corporation) Hidden
PC Manager (HKLM\...\PC Manager) (Version: 9.1.3.33 - Huawei Technologies Co., Ltd.)
Personal Accelerator for Revit (HKLM\...\{7C317DB0-F399-4024-A289-92CF4B6FB256}) (Version: 16.0.1205.0 - Autodesk) Hidden
Personal Accelerator for Revit (HKLM\...\Personal Accelerator for Revit) (Version: 16.0.1205.0 - Autodesk)
Proteus 8 Professional (HKLM-x32\...\{B8A525DB-6906-4F0C-92D7-33D55345E4E8}) (Version: 8.0.15417.0 - Labcenter Electronics)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8264 - Realtek Semiconductor Corp.)
REFPROP (HKLM-x32\...\{CA471385-0E4A-403B-B130-99A415310DEB}) (Version: 9.1 - NIST)
Revit 2019 (HKLM\...\{7346B4A0-1900-0510-0000-705C0D862004}) (Version: 19.0.1.1 - Autodesk) Hidden
Revit Content Libraries 2019 (HKLM\...\{941030D0-1900-0410-0000-818BB38A95FC}) (Version: 19.0.1.1 - Autodesk) Hidden
SIMATIC Device Drivers WoW (HKLM-x32\...\{CCC01ADD-3A54-11D6-92A8-00A0245B3AC6}) (Version:  - )
Simulacion de maquinas electricas (HKLM-x32\...\{3B05C05F-59B1-44FE-93B3-B82DA658DCD6}) (Version: 1.0.4 - Universidad de Valladolid)
SketchUp 2018 (HKLM\...\{5EAA3D58-258D-4D24-BA22-C8D8D704F515}) (Version: 18.0.16975 - Trimble Navigation Limited)
Software Intel® PROSet/Wireless (HKLM-x32\...\{f8c930bd-0a68-425f-8c11-87723d1e2c97}) (Version: 20.90.0 - Intel Corporation)
Spotify (HKU\S-1-5-21-673996061-760897978-3524476661-1001\...\Spotify) (Version: 1.1.19.480.g7d17e3ce - Spotify AB)
Transformadores monofásicos (HKLM-x32\...\{8B8FDF39-7939-489F-AA02-964F62B958E0}) (Version: 1.0.0 - NI)
VC User 71 RTL X86 --- (HKLM-x32\...\{A4A4567C-5C29-4756-992D-F84D8250C435}) (Version: 1.0 - redistributed from Microsoft Corporation merge modules) Hidden
VISA Shared Components 5.11.0 (64-Bit) (HKLM\...\{F638A105-2AE0-4C3C-8BF4-0BCD1719F50E}) (Version: 5.11.0302 - IVI Foundation) Hidden
VISA Shared Components 5.11.0 (64-Bit) (HKLM-x32\...\VISASharedComponents) (Version: 5.11 - IVI Foundation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{6DA2B636-698A-3294-BF4A-B5E11B238CDD}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{8CCEA24C-51AE-3B71-9092-7D0C44DDA2DF}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{C3A57BB3-9AA6-3F6F-9395-6C062BDD5FC4}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{F6F09DD8-F39B-3A16-ADB9-C9E6B56903F9}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{04B34E21-5BEE-3D2B-8D3D-E3E80D253F64}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{14866AAD-1F23-39AC-A62B-7091ED1ADE64}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{4B90093A-5D9C-3956-8ABB-95848BE6EFAD}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{B42E259C-E4D4-37F1-A1B2-EB9C4FC5A04D}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
WinRAR 5.61 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.61.0 - win.rar GmbH)
Worksharing Monitor for Autodesk Revit 2019 (HKLM\...\{5063E738-1901-0010-0000-7B7B9AB0B696}) (Version: 19.0.1.1 - Autodesk) Hidden
Worksharing Monitor for Autodesk Revit 2019 (HKLM\...\Worksharing Monitor for Autodesk Revit 2019) (Version: 19.0.1.1 - Autodesk)
Xftp 6 (HKLM-x32\...\{2D76AF66-6E44-4AD8-91B4-CBD509588E99}) (Version: 6.0.0169 - NetSarang Computer, Inc.) Hidden
Xftp 6 (HKLM-x32\...\InstallShield_{2D76AF66-6E44-4AD8-91B4-CBD509588E99}) (Version: 6.0.0169 - NetSarang Computer, Inc.)
Xshell 6 (HKLM-x32\...\{EB1AAB19-5EE8-46BD-86CC-146BF85DC170}) (Version: 6.0.0175 - NetSarang Computer, Inc.) Hidden
Xshell 6 (HKLM-x32\...\InstallShield_{EB1AAB19-5EE8-46BD-86CC-146BF85DC170}) (Version: 6.0.0175 - NetSarang Computer, Inc.)

Packages:
=========
9 zip -> C:\Program Files\WindowsApps\184MagikHub.9zip_3.2.64.0_x64__hvr7qkvwfhvx6 [2019-10-11] (Magik Hub) [MS Ad]
Correo y Calendario -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.12228.20206.0_x64__8wekyb3d8bbwe [2019-11-22] (Microsoft Corporation) [MS Ad]
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.0.2204.0_x64__rz1tebttyb220 [2019-11-16] (Dolby Laboratories)
Fitbit Coach -> C:\Program Files\WindowsApps\Fitbit.FitbitCoach_4.4.133.0_x64__6mqt6hf9g46tw [2018-12-13] (Fitbit)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-02-04] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-02-04] (Microsoft Corporation) [MS Ad]
Microsoft News: Noticias destacadas en español -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.33.13094.0_x64__8wekyb3d8bbwe [2019-11-13] (Microsoft Corporation) [MS Ad]
MSN El Tiempo -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.33.13094.0_x64__8wekyb3d8bbwe [2019-11-22] (Microsoft Corporation) [MS Ad]
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.95.602.0_x64__mcm4njqhnhss8 [2019-10-27] (Netflix, Inc.)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-673996061-760897978-3524476661-1001_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\alber\AppData\Local\Microsoft\OneDrive\19.192.0926.0012\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-673996061-760897978-3524476661-1001_Classes\CLSID\{4AC6DFE1-607B-45B2-B289-D7FBCD44169C}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2019\acad.exe (Autodesk, Inc. -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-673996061-760897978-3524476661-1001_Classes\CLSID\{74D0CE91-F931-4FAC-BEA9-EE32E43EAD37}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2019\acad.exe (Autodesk, Inc. -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-673996061-760897978-3524476661-1001_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\alber\AppData\Local\Microsoft\OneDrive\19.192.0926.0012\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-673996061-760897978-3524476661-1001_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\alber\AppData\Local\Microsoft\OneDrive\19.192.0926.0012\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-673996061-760897978-3524476661-1001_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2019\es-ES\acadficn.dll (Autodesk Development Sarl -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-673996061-760897978-3524476661-1001_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A} -> [Dropbox] => C:\Users\alber\Dropbox [2019-02-13 18:54]
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} =>  -> No File
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} =>  -> No File
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} =>  -> No File
ShellIconOverlayIdentifiers: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2018-01-30] (Autodesk, Inc. -> Autodesk, Inc.)
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} =>  -> No File
ShellIconOverlayIdentifiers-x32: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)

Adittion2

ShellIconOverlayIdentifiers-x32: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [AcShellExtension.AcContextMenuHandler] -> {2E7A2C6C-B938-40a4-BA1C-C7EC982DC202} => C:\Program Files\Common Files\Autodesk Shared\AcShellEx\AcShellExtension.dll [2018-01-30] (Autodesk, Inc. -> Autodesk)
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [FortiClient] -> {7AE5C558-994B-40B7-8730-2DAC2B96781B} => C:\Program Files\Fortinet\FortiClient\FortiCliSh.dll [2019-08-07] (Fortinet Technologies (Canada) Inc. -> Fortinet Inc.)
ContextMenuHandlers1: [HwShareMenu] -> {a550bc32-3e64-389d-8dbe-3e3358afc644} => C:\Program Files\Huawei\PCManager\HwShellMenu\HwShareMenu8.DLL [2019-06-25] (Huawei Technologies Co., Ltd. -> )
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} =>  -> No File
ContextMenuHandlers1: [NP8ShellExtension] -> {9C4B85B8-956C-49BF-9BA5-101384E562B2} => C:\Program Files\Nitro\Pro\12\NPShellExtension.dll [2018-06-08] (Nitro Software, Inc. -> Nitro Software, Inc.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} =>  -> No File
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} =>  -> No File
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} =>  -> No File
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_2a735c5c675f05e6\igfxDTCM.dll [2018-01-03] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2019-11-07] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [FortiClient] -> {1935F098-AF3C-4AFC-ADA2-12C74B452DF1} => C:\Program Files\Fortinet\FortiClient\FortiCliSh.dll [2019-08-07] (Fortinet Technologies (Canada) Inc. -> Fortinet Inc.)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1_.DEFAULT: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} =>  -> No File
ContextMenuHandlers4_.DEFAULT: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} =>  -> No File
ContextMenuHandlers5_.DEFAULT: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} =>  -> No File

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\alber\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\Escritorio Remoto de Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory=Default --app-id=gbchcmhmhahfdphkhkmpfmihenigjmpp
ShortcutWithArgument: C:\Users\alber\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Anaconda3 (64-bit)\Anaconda Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> "/K" C:\Users\alber\Anaconda3\Scripts\activate.bat C:\Users\alber\Anaconda3

==================== Loaded Modules (Whitelisted) =============

2018-12-12 19:27 - 2012-06-14 17:18 - 000359936 _____ (CANON INC.) [File not signed] C:\Windows\System32\CNMN6PPM.DLL
2019-08-07 15:32 - 2019-08-07 15:32 - 001165842 _____ (Fortinet Inc.) [File not signed] C:\Program Files\Fortinet\FortiClient\utilsdll.dll
2018-10-05 09:19 - 2018-10-05 09:19 - 000100864 _____ (National Instruments Corporation) [File not signed] D:\Gestion de Ensayos Electricos\Shared\TraceEngine\ni_traceengine.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Windows\System32:tdsrset.gfc [5846]
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxlctlfudivq`qsp`29hfm [0]

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

HKU\S-1-5-21-673996061-760897978-3524476661-1001\Software\Classes\.scr: AutoCADScriptFile => C:\Windows\system32\notepad.exe "%1"

==================== Internet Explorer trusted/restricted ==========

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-673996061-760897978-3524476661-1001\...\sharepoint.com -> hxxps://alumnosuvaes-files.sharepoint.com

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2018-09-15 08:31 - 2019-11-23 11:39 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\NetSarang\Xftp 6\;C:\Program Files (x86)\NetSarang\Xshell 6\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\MATLAB\R2017b\runtime\win64;C:\Program Files\MATLAB\R2017b\bin;C:\Program Files\Microsoft SQL Server\120\Tools\Binn\;C:\Program Files\Common Files\Autodesk Shared\;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\Program Files (x86)\IVI Foundation\VISA\WinNT\Bin\;C:\Program Files\IVI Foundation\VISA\Win64\Bin\;C:\Program Files (x86)\IVI Foundation\VISA\WinNT\Bin
HKU\S-1-5-21-673996061-760897978-3524476661-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img13.jpg
HKU\S-1-5-80-2318606733-4105731500-2265514868-2382646068-3090068018\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-80-63272789-367670524-4235130887-501008514-333400210\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
DNS Servers: Media is not connected to internet.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run: => "pac"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{EE449C0D-6670-4CDF-A265-36B756C2D505}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel Corporation -> )
FirewallRules: [TCP Query User{ED674571-E698-4F02-BA38-42D7B7D9C5DA}C:\users\alber\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\alber\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{70D2D208-25ED-4448-867D-509AD32C93CE}C:\users\alber\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\alber\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{84CB2098-3D5A-400E-912A-B0E2C9DD181D}] => (Block) C:\users\alber\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{901DCABF-2BFF-4E83-A992-3D6F467E7C19}] => (Block) C:\users\alber\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{67FDBE0E-465A-47A4-914B-07DF8AF7B16B}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{4235357D-E89B-4DB2-A694-8FEE325DEAEF}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{838D0203-2F68-4120-9D3B-C97DDD9E6FD2}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{C6E816D5-986F-463A-9FC7-819E9B46C049}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{6BC6CB7F-35CB-4F7B-AE45-006CAA211D93}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{9FAF2796-1899-4406-AE36-A4A55314053D}] => (Allow) LPort=51848
FirewallRules: [{0C64DAEC-9088-41B1-B50F-9C7E2040172D}] => (Allow) LPort=5000
FirewallRules: [TCP Query User{234EC62D-9BE9-487E-98FF-9A612794B273}C:\program files\matlab\r2017b\bin\win64\matlab.exe] => (Allow) C:\program files\matlab\r2017b\bin\win64\matlab.exe (The MathWorks, Inc. -> The MathWorks Inc.) [File not signed]
FirewallRules: [UDP Query User{5793FC06-0B02-49AB-B587-E21316C77799}C:\program files\matlab\r2017b\bin\win64\matlab.exe] => (Allow) C:\program files\matlab\r2017b\bin\win64\matlab.exe (The MathWorks, Inc. -> The MathWorks Inc.) [File not signed]
FirewallRules: [{0A838CC9-55EB-4764-A14F-0748D7B349FE}] => (Block) C:\program files\matlab\r2017b\bin\win64\matlab.exe (The MathWorks, Inc. -> The MathWorks Inc.) [File not signed]
FirewallRules: [{51EC95D3-E915-4818-9F9C-8883A8C354C1}] => (Block) C:\program files\matlab\r2017b\bin\win64\matlab.exe (The MathWorks, Inc. -> The MathWorks Inc.) [File not signed]
FirewallRules: [{A7F44ACE-8DD8-4682-98B1-A6A1E09C5150}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{68499540-89FA-4A4A-B7D2-7CBC2DFE7BED}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{BD967B35-7575-4165-81F0-0E86FC848219}C:\users\alber\appdata\roaming\xiaomi\miphonemanager\plugin\xunlei\download\minithunderplatform.exe] => (Allow) C:\users\alber\appdata\roaming\xiaomi\miphonemanager\plugin\xunlei\download\minithunderplatform.exe (ShenZhen Thunder Networking Technologies Ltd. -> 深圳市迅雷网络技术有限公司)
FirewallRules: [UDP Query User{49E41514-FF99-4281-9CA9-BF0B11325957}C:\users\alber\appdata\roaming\xiaomi\miphonemanager\plugin\xunlei\download\minithunderplatform.exe] => (Allow) C:\users\alber\appdata\roaming\xiaomi\miphonemanager\plugin\xunlei\download\minithunderplatform.exe (ShenZhen Thunder Networking Technologies Ltd. -> 深圳市迅雷网络技术有限公司)
FirewallRules: [{FE4053CA-2C6F-4632-BD84-50A06A7F9DB8}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{3C976F6D-16FE-4666-8CBA-0DACB01B79D0}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{259D247B-F73B-4810-9B2A-63DDAD22116D}] => (Allow) C:\Program Files (x86)\NetSarang\Xshell 6\XshellCore.exe (NetSarang Computer, Inc. -> NetSarang Computer, Inc.)
FirewallRules: [{4967C477-AAC5-42DE-956F-8A7303E6E045}] => (Allow) C:\Program Files (x86)\NetSarang\Xshell 6\Xshell.exe (NetSarang Computer, Inc. -> NetSarang Computer, Inc.)
FirewallRules: [{107837C9-F205-48E4-ACB5-56C610DF2FB0}] => (Allow) C:\Program Files (x86)\NetSarang\Xshell 6\Xagent.exe (NetSarang Computer, Inc. -> NetSarang Computer, Inc.)
FirewallRules: [{11F06AD1-27DD-4396-B018-FB9E7EF1AC10}] => (Allow) C:\Program Files (x86)\NetSarang\Xftp 6\Xftp.exe (NetSarang Computer, Inc. -> NetSarang Computer, Inc.)
FirewallRules: [{9B24C724-EC68-45B7-9F27-339A27870222}] => (Allow) C:\Program Files (x86)\NetSarang\Xftp 6\Xagent.exe (NetSarang Computer, Inc. -> NetSarang Computer, Inc.)
FirewallRules: [{0E0E2A96-218F-40E5-8CC2-F7FF2D9C615E}] => (Allow) C:\Program Files\Fortinet\FortiClient\ipsec.exe (Fortinet Technologies (Canada) Inc. -> Fortinet Inc.)
FirewallRules: [{7E92CC79-59F9-4B42-8804-50F7279E474B}] => (Allow) C:\Program Files\Fortinet\FortiClient\fortiesnac.exe (Fortinet Technologies (Canada) Inc. -> Fortinet Inc.)
FirewallRules: [{308529EA-AB27-4AC6-A51C-E3CFB7D81761}] => (Allow) C:\Program Files\Fortinet\FortiClient\fortifws.exe (Fortinet Technologies (Canada) Inc. -> Fortinet Inc.)
FirewallRules: [{C99A9FF5-A1C9-44F4-8913-EF8BFD8FF11C}] => (Allow) d:\program files\txgameassistant\appmarket\AppMarket.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{C0A277C9-727A-4D34-A5CB-6B29A80CFD76}] => (Allow) d:\program files\txgameassistant\appmarket\TInst.exe (Tencent Technology(Shenzhen) Company Limited -> )
FirewallRules: [{ABBB4608-E073-4573-8FAF-AEBCF6BC5B3A}] => (Allow) d:\program files\txgameassistant\appmarket\bugreport.exe (Tencent Technology(Shenzhen) Company Limited -> 腾讯公司)
FirewallRules: [{BF2BC683-A683-42C1-88B1-7896322E32AE}] => (Allow) d:\program files\txgameassistant\appmarket\QQExternal.exe (Tencent Technology(Shenzhen) Company Limited -> )
FirewallRules: [{EDDA74D9-A59F-488A-BCA4-6B1360EDAB3C}] => (Allow) d:\program files\txgameassistant\appmarket\GameDownload.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{242BC761-380D-4595-AF1B-28982E1F5FF8}] => (Allow) d:\program files\txgameassistant\appmarket\GF186\TUpdate.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{A016AF57-FC26-4F00-B60D-8A484E9FED04}] => (Allow) d:\program files\txgameassistant\appmarket\AppMarket.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{016D03BE-E842-4360-AE01-CA8D4AA7513F}] => (Allow) d:\program files\txgameassistant\appmarket\TInst.exe (Tencent Technology(Shenzhen) Company Limited -> )
FirewallRules: [{01523632-098E-4F78-8A5A-162A38F6E812}] => (Allow) d:\program files\txgameassistant\appmarket\bugreport.exe (Tencent Technology(Shenzhen) Company Limited -> 腾讯公司)
FirewallRules: [{941396E1-34DD-4A8E-A62A-0BAF8E80FC9C}] => (Allow) d:\program files\txgameassistant\appmarket\QQExternal.exe (Tencent Technology(Shenzhen) Company Limited -> )
FirewallRules: [{AEBA15E0-0F9E-4823-A738-5AA6CC38862D}] => (Allow) d:\program files\txgameassistant\appmarket\GameDownload.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{E5135EDB-87D3-4691-8D6F-1C0A489CBE76}] => (Allow) d:\program files\txgameassistant\appmarket\GF186\TUpdate.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{3B929EA5-E0CF-473D-9A82-B1E6B5C6B661}] => (Allow) d:\program files\txgameassistant\ui\AndroidEmulator.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{8841010A-939B-40AE-B817-FBC393FB837C}] => (Allow) d:\program files\txgameassistant\ui\adb.exe () [File not signed]
FirewallRules: [{8C9F9F23-B9B6-4109-94B9-35DF39E6DF1C}] => (Allow) d:\program files\txgameassistant\ui\TInst.exe (Tencent Technology(Shenzhen) Company Limited -> )
FirewallRules: [{69687B93-7A45-4BC2-B95B-48A75BBCCA4E}] => (Allow) d:\program files\txgameassistant\ui\bugreport.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{230B7BF3-8D7E-48F0-A6A9-ABFEEAC30926}] => (Allow) d:\program files\txgameassistant\ui\TxGaDcc.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{8D30B108-A07D-4E43-8B56-587C9ED6B076}] => (Allow) C:\Program Files (x86)\Labcenter Electronics\Proteus 8 Professional\BIN\PDS.EXE () [File not signed]
FirewallRules: [{83111F53-3EEB-47DE-984F-C24BF3A044DE}] => (Allow) C:\Program Files (x86)\Labcenter Electronics\Proteus 8 Professional\BIN\PDS.EXE () [File not signed]
FirewallRules: [{32DC36A5-F703-475B-B2D5-A6A059CED5CA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{840019F3-825D-4B27-A203-60EF6BF0237B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{3462E8D4-45A3-4521-85A8-1043880AAC57}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{5382F04F-C56D-4873-BCC3-B391B9AEF351}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{A9C2A7E2-75FE-4C61-8B15-6FCD44513AE3}] => (Allow) D:\Gestion de Ensayos Electricos\Shared\mDNS Responder\nimdnsResponder.exe (National Instruments Corporation -> National Instruments Corporation)
FirewallRules: [{8A3BB187-468E-4D84-9792-02A814D0A23C}] => (Allow) D:\Gestion de Ensayos Electricos\Shared\nisvcloc\nisvcloc.exe (National Instruments Corporation -> National Instruments Corporation)
FirewallRules: [{DF58609B-7294-4D7B-8E9A-A4EABA727F0B}] => (Allow) D:\Gestion de Ensayos Electricos\Shared\nisvcloc\nisvcloc.exe (National Instruments Corporation -> National Instruments Corporation)
FirewallRules: [{E3862417-D65E-4169-BD8D-FE8BAE070452}] => (Allow) C:\Program Files (x86)\Google\Chrome Remote Desktop\79.0.3945.10\remoting_host.exe (Google LLC -> Google Inc.)
FirewallRules: [{E1A7F4DB-1B7A-4F8E-9F28-BF5E4C176927}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [{044FC38E-7470-41DF-9085-FE4CE5F5D3D9}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{83657072-CBFF-4406-9C84-BE20F8767227}] => (Allow) C:\Program Files\Fortinet\FortiClient\FortiProxy.exe No File
FirewallRules: [{E55A26DF-FDDE-4FA4-AA32-EB3E30D7F4E3}] => (Allow) C:\Program Files\Fortinet\FortiClient\FortiWad.exe No File
FirewallRules: [{D9487554-DB16-4B85-8137-9FFFF3A0F537}] => (Allow) C:\Program Files\Huawei\PCManager\MBAMessageCenter.exe (Huawei Technologies Co., Ltd. -> )
FirewallRules: [{4DB296D9-54D1-44AF-AC56-D9D6525375FA}] => (Allow) C:\Program Files\Huawei\PCManager\HWVCR.exe (Huawei Technologies Co., Ltd. -> )

==================== Restore Points =========================

23-11-2019 11:35:14 JRT Pre-Junkware Removal

==================== Faulty Device Manager Devices ============

Name: Fortinet SSL VPN Virtual Ethernet Adapter
Description: Fortinet SSL VPN Virtual Ethernet Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Fortinet Inc.
Service: ftsvnic
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: 
Description: 
Class Guid: {4d36e975-e325-11ce-bfc1-08002be10318}
Manufacturer: SIEMENS AG
Service: 
Problem: : Reinstall the drivers for this device. (Code 18)
Resolution: The drivers for this device must be reinstalled.
 Click "Update Driver", which starts the Hardware Update wizard.
Alternately, uninstall the driver, and then click "Scan for hardware changes" to reload the drivers.

Name: 
Description: 
Class Guid: {4d36e975-e325-11ce-bfc1-08002be10318}
Manufacturer: Siemens AG
Service: 
Problem: : Reinstall the drivers for this device. (Code 18)
Resolution: The drivers for this device must be reinstalled.
 Click "Update Driver", which starts the Hardware Update wizard.
Alternately, uninstall the driver, and then click "Scan for hardware changes" to reload the drivers.

Name: 
Description: 
Class Guid: {4d36e975-e325-11ce-bfc1-08002be10318}
Manufacturer: Siemens AG
Service: 
Problem: : Reinstall the drivers for this device. (Code 18)
Resolution: The drivers for this device must be reinstalled.
 Click "Update Driver", which starts the Hardware Update wizard.
Alternately, uninstall the driver, and then click "Scan for hardware changes" to reload the drivers.

Name: 
Description: 
Class Guid: {4d36e975-e325-11ce-bfc1-08002be10318}
Manufacturer: SIEMENS AG
Service: 
Problem: : Reinstall the drivers for this device. (Code 18)
Resolution: The drivers for this device must be reinstalled.
 Click "Update Driver", which starts the Hardware Update wizard.
Alternately, uninstall the driver, and then click "Scan for hardware changes" to reload the drivers.

Name: 
Description: 
Class Guid: {4d36e975-e325-11ce-bfc1-08002be10318}
Manufacturer: Siemens AG
Service: 
Problem: : Reinstall the drivers for this device. (Code 18)
Resolution: The drivers for this device must be reinstalled.
 Click "Update Driver", which starts the Hardware Update wizard.
Alternately, uninstall the driver, and then click "Scan for hardware changes" to reload the drivers.

Name: 
Description: 
Class Guid: {4d36e975-e325-11ce-bfc1-08002be10318}
Manufacturer: Siemens AG
Service: 
Problem: : Reinstall the drivers for this device. (Code 18)
Resolution: The drivers for this device must be reinstalled.
 Click "Update Driver", which starts the Hardware Update wizard.
Alternately, uninstall the driver, and then click "Scan for hardware changes" to reload the drivers.


==================== Event log errors: ========================

Application errors:
==================
Error: (11/23/2019 11:27:38 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: Error al generar el contexto de activación para "C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.Manifest". Error en el archivo de manifiesto o directiva "C:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL" en la línea 1.
La identidad de componente encontrada en el manifiesto no coincide con la del componente solicitado.
La referencia es UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
La definición es UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Use sxstrace.exe para obtener un diagnóstico detallado.

Error: (11/23/2019 11:12:13 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: El programa Spotify.exe (versión 1.1.19.480) dejó de interactuar con Windows y se cerró. Para ver si hay más información disponible sobre el problema, comprueba el historial de problemas en el panel de control de seguridad y mantenimiento.

Id. de proceso: 2f88

Hora de Inicio: 01d5a1e673d9cac7

Hora de finalización: 4294967295

Ruta de la aplicación: C:\Users\alber\AppData\Roaming\Spotify\Spotify.exe

Id. de informe: 9e25c2de-d271-4041-92e6-53c241c6f36d

Nombre completo del paquete con errores: 

Id. de la aplicación relativa al paquete con errores: 

Tipo de bloqueo: Top level window is idle

Error: (11/23/2019 10:48:40 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0


System errors:
=============
Error: (11/23/2019 11:35:26 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: El servicio NVIDIA LocalSystem Container terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 6000 milisegundos: Reiniciar el servicio.

Error: (11/23/2019 11:35:25 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: El servicio NVIDIA Display Container LS terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 6000 milisegundos: Reiniciar el servicio.

Error: (11/23/2019 11:32:02 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: La configuración de permisos específico de la aplicación no concede el permiso Iniciar Local para la aplicación de servidor COM con CLSID 
Windows.SecurityCenter.WscDataProtection
 y APPID 
No disponible
 al usuario NT AUTHORITY\SYSTEM con SID (S-1-5-18) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.

Error: (11/23/2019 11:32:02 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: La configuración de permisos específico de la aplicación no concede el permiso Iniciar Local para la aplicación de servidor COM con CLSID 
Windows.SecurityCenter.SecurityAppBroker
 y APPID 
No disponible
 al usuario NT AUTHORITY\SYSTEM con SID (S-1-5-18) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.

Error: (11/23/2019 11:32:02 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: La configuración de permisos específico de la aplicación no concede el permiso Iniciar Local para la aplicación de servidor COM con CLSID 
Windows.SecurityCenter.WscBrokerManager
 y APPID 
No disponible
 al usuario NT AUTHORITY\SYSTEM con SID (S-1-5-18) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.

Error: (11/23/2019 11:31:57 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-FISBK50)
Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID 
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
 y APPID 
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
 al usuario DESKTOP-FISBK50\alber con SID (S-1-5-21-673996061-760897978-3524476661-1001) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.

Error: (11/23/2019 11:31:12 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: El módulo de extensibilidad de WLAN se detuvo inesperadamente.

Ruta de acceso del módulo: C:\Windows\system32\IntelWifiIhv06.dll

Error: (11/23/2019 11:31:12 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: El módulo de extensibilidad de WLAN se detuvo inesperadamente.

Ruta de acceso del módulo: C:\Windows\system32\IntelWifiIhv06.dll


Windows Defender:
===================================
Date: 2019-11-17 18:01:42.426
Description: 
El examen de Antivirus de Windows Defender se detuvo antes de completarse.
Id. de examen: {F501297D-9FEA-4913-9E06-0ADC2B68E226}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM

Date: 2019-11-16 21:10:36.924
Description: 
El examen de Antivirus de Windows Defender se detuvo antes de completarse.
Id. de examen: {43365E76-7518-4FE7-877E-3B9744B3B346}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM

Date: 2019-11-16 21:04:49.690
Description: 
El examen de Antivirus de Windows Defender se detuvo antes de completarse.
Id. de examen: {870DA987-874E-4F48-AFFF-27BAF47C4426}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM

Date: 2019-11-12 18:34:41.469
Description: 
El examen de Antivirus de Windows Defender se detuvo antes de completarse.
Id. de examen: {C569609D-89FF-452D-AA38-C9FAB563FABB}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM

Date: 2019-11-12 18:06:16.761
Description: 
El examen de Antivirus de Windows Defender se detuvo antes de completarse.
Id. de examen: {C81D2CC5-8D9A-40BB-B6AE-2416970FF2A7}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM

Date: 2019-11-23 11:25:39.320
Description: 
La característica Protección en tiempo real de Antivirus de Windows Defender encontró un error:
Característica: Durante el acceso
Código de error: 0x8007043c
Descripción del error: El servicio no puede iniciarse en modo a prueba de errores 
Motivo: La protección antimalware dejó de funcionar por motivos desconocidos. En algunos casos, reiniciar el servicio puede que resuelva el problema.

Date: 2019-11-23 11:22:16.742
Description: 
Antivirus de Windows Defender encontró un error al intentar actualizar las firmas.
Nueva versión de firma: 
Versión de firma anterior: 1.305.2627.0
Origen de actualización: Servidor de Microsoft Update
Tipo de firma: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\SYSTEM
Versión de motor actual: 
Versión de motor anterior: 1.1.16500.1
Código de error: 0x80240438
Descripción del error: Se produjo un problema inesperado mientras se buscaban actualizaciones. Para obtener más información sobre cómo instalar o solucionar problemas en las actualizaciones, consulte Ayuda y soporte técnico. 

Date: 2019-11-23 10:55:44.743
Description: 
Antivirus de Windows Defender encontró un error al intentar actualizar las firmas.
Nueva versión de firma: 
Versión de firma anterior: 1.305.2627.0
Origen de actualización: Servidor de Microsoft Update
Tipo de firma: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\SYSTEM
Versión de motor actual: 
Versión de motor anterior: 1.1.16500.1
Código de error: 0x80240438
Descripción del error: Se produjo un problema inesperado mientras se buscaban actualizaciones. Para obtener más información sobre cómo instalar o solucionar problemas en las actualizaciones, consulte Ayuda y soporte técnico. 

Date: 2019-11-22 18:16:43.304
Description: 
Antivirus de Windows Defender encontró un error al intentar actualizar las firmas.
Nueva versión de firma: 
Versión de firma anterior: 1.305.2627.0
Origen de actualización: Servidor de Microsoft Update
Tipo de firma: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\SYSTEM
Versión de motor actual: 
Versión de motor anterior: 1.1.16500.1
Código de error: 0x80240438
Descripción del error: Se produjo un problema inesperado mientras se buscaban actualizaciones. Para obtener más información sobre cómo instalar o solucionar problemas en las actualizaciones, consulte Ayuda y soporte técnico. 

Date: 2019-11-08 11:59:56.999
Description: 
Antivirus de Windows Defender encontró un error al intentar actualizar las firmas.
Nueva versión de firma: 
Versión de firma anterior: 1.305.1615.0
Origen de actualización: Servidor de Microsoft Update
Tipo de firma: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\SYSTEM
Versión de motor actual: 
Versión de motor anterior: 1.1.16500.1
Código de error: 0x80240438
Descripción del error: Se produjo un problema inesperado mientras se buscaban actualizaciones. Para obtener más información sobre cómo instalar o solucionar problemas en las actualizaciones, consulte Ayuda y soporte técnico. 

CodeIntegrity:
===================================

Date: 2019-11-23 11:38:25.378
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume6\Program Files\National Instruments\Shared\mDNS Responder\nimdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2019-11-23 11:38:25.376
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume6\Program Files\National Instruments\Shared\mDNS Responder\nimdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2019-11-23 11:35:06.796
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume6\Program Files\National Instruments\Shared\mDNS Responder\nimdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2019-11-23 11:35:06.795
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume6\Program Files\National Instruments\Shared\mDNS Responder\nimdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2019-11-23 11:33:48.163
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume6\Program Files\National Instruments\Shared\mDNS Responder\nimdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2019-11-23 11:33:48.160
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume6\Program Files\National Instruments\Shared\mDNS Responder\nimdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2019-11-23 11:33:45.532
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume6\Program Files\National Instruments\Shared\mDNS Responder\nimdnsNSP.dll that did not meet the Windows signing level requirements.

Date: 2019-11-23 11:33:45.531
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume6\Program Files\National Instruments\Shared\mDNS Responder\nimdnsNSP.dll that did not meet the Windows signing level requirements.

==================== Memory info =========================== 

BIOS: HUAWEI PAIKU123 09/11/2018
Motherboard: HUAWEI HUAWEI MateBook D
Processor: Intel(R) Core(TM) i5-7200U CPU @ 2.50GHz
Percentage of memory in use: 36%
Total physical RAM: 8066.72 MB
Available physical RAM: 5137.61 MB
Total Virtual: 9346.72 MB
Available Virtual: 6387.82 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:222.97 GB) (Free:96.85 GB) NTFS
Drive d: (DIsco gordo) (Fixed) (Total:931.5 GB) (Free:508.64 GB) NTFS

\\?\Volume{b4417974-b6ce-4ff4-9b59-416c3229edef}\ (Recuperación) (Fixed) (Total:0.49 GB) (Free:0.47 GB) NTFS
\\?\Volume{2ffa9c19-65f0-457b-874a-42878a137dc2}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)

Partition: GPT.

==========================================================
Disk: 1 (Size: 223.6 GB) (Disk ID: 17349AEE)

Partition: GPT.

==================== End of Addition.txt =======================

Hola @Alberto_Martinez.

Y has probado a realizar una nueva instalación de Malwarebytes despues de hacer TODOS los demás pasos…??

Pruebalo y nos comentas.

Saludos.

Si, he probado a hacer la instalación después de los demás pasos, y en modo seguro y asegurandome de que no haya ninguna versión anterior instalada

Bien… y qué mensaje/aviso de error te sale exactamente…??

@Alberto_Martinez… puedes poner una imagen de ese mensaje…??

Como Insertar una imagen.

Simplemente pone: Error al instalar la aplicación

Vale… pues de momento dejemos ese problema de Malwarebytes para más adelante.

Y ahora sigue estos pasos, MUY Importante Realiza una copia de seguridad del registro :

• Para hacerlo descarga DelFix.exe(en tu escritorio).

• Doble clic para ejecutarlo.(Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona -Ejecutar como Administrador-).

• Atención, ahora marca/selecciona únicamente la casilla Create registry backup, las demás casillas NO.

• Pulsar en Run.

Se abrirá el informe (DelFix.txt), guárdalo por si fuera necesario y cierra la herramienta.

Con los demás programas cerrados ve a Inicio Ejecutar y escribe Notepad.exe.

• Ahora debes copiar y pegar los códigos/líneas que están en el interior del recuadro de más abajo, dentro del Notepad.

START
CREATERESTOREPOINT:
CLOSEPROCESSES:
ProxyServer: [S-1-5-21-673996061-760897978-3524476661-1001] => http=127.0.0.1:51914;https=127.0.0.1:51914;socks=127.0.0.1:51913
Winsock: Catalog5 08 D:\Gestion de Ensayos Electricos\Shared\mDNS Responder\nimdnsNSP.dll [35448 2017-03-07] (National Instruments Corporation -> National Instruments Corporation)
Winsock: Catalog5-x64 08 C:\Program Files\National Instruments\Shared\mDNS Responder\nimdnsNSP.dll [38520 2017-03-07] (National Instruments Corporation -> National Instruments Corporation)
Tcpip\..\Interfaces\{3df0a95e-3550-4bf4-8433-50f4dea5a409}: [DhcpNameServer] 212.231.6.7 46.6.113.34 192.168.1.1
HKLM\System\...\Parameters\PersistentRoutes: [169.254.0.0,255.255.0.0,192.168.1.33,1]
CHR DefaultSearchURL: Default -> hxxps://search.eadblock.com/?q={searchTerms}
CHR DefaultSearchKeyword: Default -> eabsrc.com
CHR Notifications: Default -> hxxps://maranhesduve.club; hxxps://www.realmadrid.com; hxxps://www.xlmoto.es; hxxps://www1.debrahinton.pro; hxxps://www1.ecleneue.com
S3 mdareDriver_68; \??\C:\Users\alber\AppData\Local\Temp\FCPreScan\mdare64_68.sys [X] <==== ATTENTION
CustomCLSID: HKU\S-1-5-21-673996061-760897978-3524476661-1001_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\alber\AppData\Local\Microsoft\OneDrive\19.192.0926.0012\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-673996061-760897978-3524476661-1001_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\alber\AppData\Local\Microsoft\OneDrive\19.192.0926.0012\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-673996061-760897978-3524476661-1001_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\alber\AppData\Local\Microsoft\OneDrive\19.192.0926.0012\amd64\FileSyncShell64.dll => No File
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => -> No File
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => -> No File
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => -> No File
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => -> No File
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => -> No File
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => -> No File
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> No File
ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> No File
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> No File
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers1_.DEFAULT: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers4_.DEFAULT: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers5_.DEFAULT: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
AlternateDataStreams: C:\Windows\System32:tdsrset.gfc [5846]
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxlctlfudivq`qsp`29hfm [0]
HKLM\...\StartupApproved\Run: => "pac"
HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
END

Guárdalo bajo el nombre de FIXLIST.TXT en el escritorio Esto es muy importante.

Nota Es importante que la herramienta FRST.exe(Farbar Recovery Scanner Tool) y FIXLIST.TXT se encuentren en la misma ubicación (escritorio) o si no, no trabajara.

Y ahora usa el 2º MÉTODO: de esta Faq de Windows 8(aplicable a Windows 10) ¿Cómo iniciar Windows 8/8.1 en Modo Seguro?, para trabajar desde ese modo de windows.

• Ejecuta FRST.exe.(Si usas Windows Vista/7/8 o 10, presiona clic derecho y seleccionas -Ejecutar como Administrador-).

• Presionar el botón FIX y aguardar a que termine.

• La Herramienta guardara el reporte de reparación en el escritorio (FIXLOG.TXT).

Pegar el contenido de este fichero en tu próxima respuesta.

Reiniciar el equipo y comprobar su funcionamiento en relación al problema planteado y comentarlo.

Saludos.

El problema sigue estando. FIXLOG

Fix result of Farbar Recovery Scan Tool (x64) Version: 21-11-2019
Ran by alber (23-11-2019 21:08:24) Run:1
Running from C:\Users\alber\OneDrive\Escritorio
Loaded Profiles: alber (Available Profiles: alber & lkClassAds & niLXIDiscovery)
Boot Mode: Safe Mode (minimal)
==============================================

fixlist content:
*****************
START

CREATERESTOREPOINT:

CLOSEPROCESSES:

ProxyServer: [S-1-5-21-673996061-760897978-3524476661-1001] => http=127.0.0.1:51914;https=127.0.0.1:51914;socks=127.0.0.1:51913

Winsock: Catalog5 08 D:\Gestion de Ensayos Electricos\Shared\mDNS Responder\nimdnsNSP.dll [35448 2017-03-07] (National Instruments Corporation -> National Instruments Corporation)

Winsock: Catalog5-x64 08 C:\Program Files\National Instruments\Shared\mDNS Responder\nimdnsNSP.dll [38520 2017-03-07] (National Instruments Corporation -> National Instruments Corporation)

Tcpip\..\Interfaces\{3df0a95e-3550-4bf4-8433-50f4dea5a409}: [DhcpNameServer] 212.231.6.7 46.6.113.34 192.168.1.1

HKLM\System\...\Parameters\PersistentRoutes: [169.254.0.0,255.255.0.0,192.168.1.33,1]

CHR DefaultSearchURL: Default -> hxxps://search.eadblock.com/?q={searchTerms}

CHR DefaultSearchKeyword: Default -> eabsrc.com

CHR Notifications: Default -> hxxps://maranhesduve.club; hxxps://www.realmadrid.com; hxxps://www.xlmoto.es; hxxps://www1.debrahinton.pro; hxxps://www1.ecleneue.com

S3 mdareDriver_68; \??\C:\Users\alber\AppData\Local\Temp\FCPreScan\mdare64_68.sys [X] <==== ATTENTION

CustomCLSID: HKU\S-1-5-21-673996061-760897978-3524476661-1001_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\alber\AppData\Local\Microsoft\OneDrive\19.192.0926.0012\amd64\FileSyncShell64.dll => No File

CustomCLSID: HKU\S-1-5-21-673996061-760897978-3524476661-1001_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\alber\AppData\Local\Microsoft\OneDrive\19.192.0926.0012\amd64\FileSyncShell64.dll => No File

CustomCLSID: HKU\S-1-5-21-673996061-760897978-3524476661-1001_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\alber\AppData\Local\Microsoft\OneDrive\19.192.0926.0012\amd64\FileSyncShell64.dll => No File

ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => -> No File

ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => -> No File

ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => -> No File

ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => -> No File

ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => -> No File

ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => -> No File

ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> No File

ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> No File

ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> No File

ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> No File

ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File

ContextMenuHandlers1_.DEFAULT: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File

ContextMenuHandlers4_.DEFAULT: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File

ContextMenuHandlers5_.DEFAULT: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File

AlternateDataStreams: C:\Windows\System32:tdsrset.gfc [5846]

AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxlctlfudivq`qsp`29hfm [0]

HKLM\...\StartupApproved\Run: => "pac"

HOSTS:

REMOVEPROXY:

EMPTYTEMP:

CMD: netsh winsock reset

CMD: ipconfig /renew

CMD: ipconfig /flushdns

CMD: bitsadmin /reset /allusers

CMD: netsh advfirewall reset

CMD: netsh advfirewall set allprofiles state ON

CMD: netsh int ipv4 reset

CMD: netsh int ipv6 reset

END
*****************

Error: Restore point can only be created in normal mode.
Processes closed successfully.
"HKU\S-1-5-21-673996061-760897978-3524476661-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer" => removed successfully
HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000008 => removed successfully
HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries64\000000000008 => removed successfully
"HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{3df0a95e-3550-4bf4-8433-50f4dea5a409}\\DhcpNameServer" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\PersistentRoutes\\169.254.0.0,255.255.0.0,192.168.1.33,1" => removed successfully
"Chrome DefaultSearchURL" => removed successfully
"Chrome DefaultSearchKeyword" => removed successfully
"Chrome Notifications" => removed successfully
HKLM\System\CurrentControlSet\Services\mdareDriver_68 => removed successfully
mdareDriver_68 => service removed successfully
HKU\S-1-5-21-673996061-760897978-3524476661-1001_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E} => not found
HKU\S-1-5-21-673996061-760897978-3524476661-1001_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C} => not found
HKU\S-1-5-21-673996061-760897978-3524476661-1001_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E} => not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ MEGA (Pending) => invalid subkey removed.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ MEGA (Synced) => invalid subkey removed.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ MEGA (Syncing) => invalid subkey removed.
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ MEGA (Pending) => invalid subkey removed.
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ MEGA (Synced) => invalid subkey removed.
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ MEGA (Syncing) => invalid subkey removed.
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\MEGA (Context menu) => removed successfully
HKLM\Software\Classes\Drive\ShellEx\ContextMenuHandlers\MEGA (Context menu) => removed successfully
HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\MEGA (Context menu) => removed successfully
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\MEGA (Context menu) => removed successfully
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
HKU\.DEFAULT\Software\Classes\*\ShellEx\ContextMenuHandlers\ FileSyncEx => removed successfully
HKU\.DEFAULT\SOFTWARE\Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => removed successfully
HKU\.DEFAULT\Software\Classes\Directory\ShellEx\ContextMenuHandlers\ FileSyncEx => removed successfully
HKU\.DEFAULT\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\ FileSyncEx => removed successfully
C:\Windows\System32 => ":tdsrset.gfc" ADS removed successfully
C:\ProgramData\Reprise => ":wupeogjxlctlfudivq`qsp`29hfm" ADS removed successfully
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run\\pac" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\pac" => removed successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

========= RemoveProxy: =========

"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully
"HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully
"HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully
"HKU\S-1-5-21-673996061-760897978-3524476661-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\S-1-5-21-673996061-760897978-3524476661-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully


========= End of RemoveProxy: =========


========= netsh winsock reset =========

La funci¢n de inicializaci¢n InitHelperDll en NSHHTTP.DLL no pudo iniciar, c¢digo de error
11003

El cat logo Winsock se restableci¢ correctamente.
Debe reiniciar el equipo para completar el restablecimiento.


========= End of CMD: =========


========= ipconfig /renew =========


Configuraci¢n IP de Windows


========= End of CMD: =========


========= ipconfig /flushdns =========


Configuraci¢n IP de Windows

No se puede vaciar la cach‚ de resoluci¢n de DNS: Error de una funci¢n durante la ejecuci¢n.


========= End of CMD: =========


========= bitsadmin /reset /allusers =========


BITSADMIN version 3.0
BITS administration utility.
(C) Copyright Microsoft Corp.

Unable to connect to BITS - 0x8007043c
El servicio no puede iniciarse en modo a prueba de errores



========= End of CMD: =========


========= netsh advfirewall reset =========

La funci¢n de inicializaci¢n InitHelperDll en NSHHTTP.DLL no pudo iniciar, c¢digo de error
11003

Error al intentar ponerse en contacto con el servicio Firewall de Windows Defender. Aseg£rate de que el servicio se est  ejecutando e intenta la solicitud de nuevo.


========= End of CMD: =========


========= netsh advfirewall set allprofiles state ON =========

La funci¢n de inicializaci¢n InitHelperDll en NSHHTTP.DLL no pudo iniciar, c¢digo de error
11003

Error al intentar ponerse en contacto con el servicio Firewall de Windows Defender. Aseg£rate de que el servicio se est  ejecutando e intenta la solicitud de nuevo.


========= End of CMD: =========


========= netsh int ipv4 reset =========

La funci¢n de inicializaci¢n InitHelperDll en NSHHTTP.DLL no pudo iniciar, c¢digo de error
11003
No hay valores configurados por el usuario para restablecer.


========= End of CMD: =========


========= netsh int ipv6 reset =========

La funci¢n de inicializaci¢n InitHelperDll en NSHHTTP.DLL no pudo iniciar, c¢digo de error
11003
No hay valores configurados por el usuario para restablecer.


========= End of CMD: =========


=========== EmptyTemp: ==========

BITS transfer queue => 8937472 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 10534951 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 32923122 B
Edge => 88576 B
Chrome => 85802699 B
Firefox => 22647937 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 1640 B
alber => 13058973 B
lkClassAds => 13058973 B
niLXIDiscovery => 13058973 B

RecycleBin => 1883976 B
EmptyTemp: => 192.6 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 21:08:33 ====

He conseguido intalar malwarebytes, vuelvo a hacer todo el proceso?

Hola.

Realiza un análisis con Malwarebytes y nos pones el informe.

Saludos.

Te envio los informes de los errores que me detecto Malwarebytes

Malwarebytes
www.malwarebytes.com

-Detalles del registro-
Fecha del evento de protección: 23/11/19
Hora del evento de protección: 21:25
Archivo de registro: 589ec704-0e2f-11ea-8e62-00090ffe0001.json

-Información del software-
Versión: 4.0.4.49
Versión de los componentes: 1.0.750
Versión del paquete de actualización: 1.0.15320
Licencia: Prueba

-Información del sistema-
SO: Windows 10 (Build 17763.864)
CPU: x64
Sistema de archivos: NTFS
Usuario: System

-Detalles del sitio web bloqueado-
Sitio web malicioso: 1
, D:\program files\txgameassistant\appmarket\AppMarket.exe, Bloqueado, -1, -1, 0.0.0

-Datos de sitio web-
Categoría: Troyano
Dominio: s.pc.qq.com
Dirección IP: 203.205.158.50
Puerto: 49781
Tipo: Saliente
Archivo: D:\program files\txgameassistant\appmarket\AppMarket.exe



(end)

Malwarebytes 2

Malwarebytes
www.malwarebytes.com

-Detalles del registro-
Fecha del análisis: 23/11/19
Hora del análisis: 21:18
Archivo de registro: 5b91cebc-0e2e-11ea-9f02-00090ffe0001.json

-Información del software-
Versión: 4.0.4.49
Versión de los componentes: 1.0.750
Versión del paquete de actualización: 1.0.15320
Licencia: Prueba

-Información del sistema-
SO: Windows 10 (Build 17763.864)
CPU: x64
Sistema de archivos: NTFS
Usuario: DESKTOP-FISBK50\alber

-Resumen del análisis-
Tipo de análisis: Análisis de amenazas
Análisis iniciado por:: Manual
Resultado: Completado
Objetos analizados: 359936
Amenazas detectadas: 3
Amenazas en cuarentena: 3
Tiempo transcurrido: 3 min, 26 seg

-Opciones de análisis-
Memoria: Activado
Inicio: Activado
Sistema de archivos: Activado
Archivo: Activado
Rootkits: Desactivado
Heurística: Activado
PUP: Detectar
PUM: Detectar

-Detalles del análisis-
Proceso: 0
(No hay elementos maliciosos detectados)

Módulo: 0
(No hay elementos maliciosos detectados)

Clave del registro: 0
(No hay elementos maliciosos detectados)

Valor del registro: 0
(No hay elementos maliciosos detectados)

Datos del registro: 0
(No hay elementos maliciosos detectados)

Secuencia de datos: 0
(No hay elementos maliciosos detectados)

Carpeta: 0
(No hay elementos maliciosos detectados)

Archivo: 3
MachineLearning/Anomalous.100%, C:\DOCUMENTS AND SETTINGS\PUBLIC\Desktop\Proteus 8 Professional.lnk, En cuarentena, 0, 392687, , , , 
MachineLearning/Anomalous.100%, C:\USERS\PUBLIC\Desktop\Proteus 8 Professional.lnk, En cuarentena, 0, 392687, , , , 
MachineLearning/Anomalous.100%, C:\PROGRAM FILES (X86)\LABCENTER ELECTRONICS\PROTEUS 8 PROFESSIONAL\BIN\PDS.EXE, En cuarentena, 0, 392687, 1.0.15320, , shuriken, 

Sector físico: 0
(No hay elementos maliciosos detectados)

WMI: 0
(No hay elementos maliciosos detectados)


(end)

Malwarebytes 3

Malwarebytes
www.malwarebytes.com

-Detalles del registro-
Fecha del análisis: 23/11/19
Hora del análisis: 21:18
Archivo de registro: 5b91cebc-0e2e-11ea-9f02-00090ffe0001.json

-Información del software-
Versión: 4.0.4.49
Versión de los componentes: 1.0.750
Versión del paquete de actualización: 1.0.15320
Licencia: Prueba

-Información del sistema-
SO: Windows 10 (Build 17763.864)
CPU: x64
Sistema de archivos: NTFS
Usuario: DESKTOP-FISBK50\alber

-Resumen del análisis-
Tipo de análisis: Análisis de amenazas
Análisis iniciado por:: Manual
Resultado: Completado
Objetos analizados: 359936
Amenazas detectadas: 3
Amenazas en cuarentena: 3
Tiempo transcurrido: 3 min, 26 seg

-Opciones de análisis-
Memoria: Activado
Inicio: Activado
Sistema de archivos: Activado
Archivo: Activado
Rootkits: Desactivado
Heurística: Activado
PUP: Detectar
PUM: Detectar

-Detalles del análisis-
Proceso: 0
(No hay elementos maliciosos detectados)

Módulo: 0
(No hay elementos maliciosos detectados)

Clave del registro: 0
(No hay elementos maliciosos detectados)

Valor del registro: 0
(No hay elementos maliciosos detectados)

Datos del registro: 0
(No hay elementos maliciosos detectados)

Secuencia de datos: 0
(No hay elementos maliciosos detectados)

Carpeta: 0
(No hay elementos maliciosos detectados)

Archivo: 3
MachineLearning/Anomalous.100%, C:\DOCUMENTS AND SETTINGS\PUBLIC\Desktop\Proteus 8 Professional.lnk, En cuarentena, 0, 392687, , , , 
MachineLearning/Anomalous.100%, C:\USERS\PUBLIC\Desktop\Proteus 8 Professional.lnk, En cuarentena, 0, 392687, , , , 
MachineLearning/Anomalous.100%, C:\PROGRAM FILES (X86)\LABCENTER ELECTRONICS\PROTEUS 8 PROFESSIONAL\BIN\PDS.EXE, En cuarentena, 0, 392687, 1.0.15320, , shuriken, 

Sector físico: 0
(No hay elementos maliciosos detectados)

WMI: 0
(No hay elementos maliciosos detectados)


(end)

Malwarebytes 4

Malwarebytes
www.malwarebytes.com

-Detalles del registro-
Fecha del análisis: 23/11/19
Hora del análisis: 21:18
Archivo de registro: 5b91cebc-0e2e-11ea-9f02-00090ffe0001.json

-Información del software-
Versión: 4.0.4.49
Versión de los componentes: 1.0.750
Versión del paquete de actualización: 1.0.15320
Licencia: Prueba

-Información del sistema-
SO: Windows 10 (Build 17763.864)
CPU: x64
Sistema de archivos: NTFS
Usuario: DESKTOP-FISBK50\alber

-Resumen del análisis-
Tipo de análisis: Análisis de amenazas
Análisis iniciado por:: Manual
Resultado: Completado
Objetos analizados: 359936
Amenazas detectadas: 3
Amenazas en cuarentena: 3
Tiempo transcurrido: 3 min, 26 seg

-Opciones de análisis-
Memoria: Activado
Inicio: Activado
Sistema de archivos: Activado
Archivo: Activado
Rootkits: Desactivado
Heurística: Activado
PUP: Detectar
PUM: Detectar

-Detalles del análisis-
Proceso: 0
(No hay elementos maliciosos detectados)

Módulo: 0
(No hay elementos maliciosos detectados)

Clave del registro: 0
(No hay elementos maliciosos detectados)

Valor del registro: 0
(No hay elementos maliciosos detectados)

Datos del registro: 0
(No hay elementos maliciosos detectados)

Secuencia de datos: 0
(No hay elementos maliciosos detectados)

Carpeta: 0
(No hay elementos maliciosos detectados)

Archivo: 3
MachineLearning/Anomalous.100%, C:\DOCUMENTS AND SETTINGS\PUBLIC\Desktop\Proteus 8 Professional.lnk, En cuarentena, 0, 392687, , , , 
MachineLearning/Anomalous.100%, C:\USERS\PUBLIC\Desktop\Proteus 8 Professional.lnk, En cuarentena, 0, 392687, , , , 
MachineLearning/Anomalous.100%, C:\PROGRAM FILES (X86)\LABCENTER ELECTRONICS\PROTEUS 8 PROFESSIONAL\BIN\PDS.EXE, En cuarentena, 0, 392687, 1.0.15320, , shuriken, 

Sector físico: 0
(No hay elementos maliciosos detectados)

WMI: 0
(No hay elementos maliciosos detectados)


(end)

Hola.

Cada vez que pasas un análisis te salen las mismas infecciones…??

Cómo sigue tu problema…??