Pues eso mismo, tengo algún virus de minado de cpu creo, ya que con el administrador de tareas abierto el pc trabaja normal, pero cuando lo cierro zas!! la cpu se pone al 100%
Tengo Windows 10
Buenas @Musk bienvenido al Foro.
Para revisar tu máquina, sigue estos pasos, en el orden indicado y leyendo todo lo explicado. 
Desactiva temporalmente el Antivirus 
Cómo deshabilitar temporalmente su Antivirus, mientras estemos realizando TODOS los pasos.
Vamos a descargar en TU ESCRITORIO(y NO en otro lugar 
) todas las herramientas que vamos a utilizar en este procedimiento (pero no las ejecutes todavía) :
-
Malwarebytes’ Anti-Malware + Manual.
revisa en detalle el manual, para que sepas usarlo y configurarlo correctamente. -
Farbar Recovery Scan Tool. seleccionando la versión adecuada para la arquitectura(32 o 64bits) de tu equipo. [color=#FF8C00][size=1]
¿Cómo saber si mi Windows es de 32 o 64 bits.?[/size][/color]
Ejecutas las herramientas de una en una y en el orden indicado :
CCleaner.-
-
Instalas y Ejecutas CCleaner siguiendo los pasos indicados en el manual.
-
Úsalo primero en su opción de Limpiador para borrar cookies, temporales de Internet y todos los archivos que te muestre como obsoletos.
-
Después usa su opción de Registro para limpiar todo el registro de Windows(haciendo copia de seguridad).
Malwarebytes.-
-
Instalas y Ejecutas MBAM siguiendo los pasos indicados en el manual.
-
Realiza un Análisis Completo.
-
Seleccionando TODOS a Cuarentena para enviarlo a la cuarentena y Reinicias el sistema.
-
En el apartado del manual
Historial 
encontrarás el informe del MBAM, que debes copiar y pegar en tu próxima respuesta, para analizarlo.
AdwCleaner.-
-
Ejecuta Adwcleaner.exe.
-
Pulsamos en el botón Analizar ahora, y espera a que se realice el proceso, inmediatamente pulsa siempre sobre el botón Iniciar Reparación.
-
Espera a que se complete y sigue las instrucciones, si te pidiera Reiniciar el sistema Aceptas.
-
El log/informe lo encontramos en la pestaña “Informes”, volviendo a abrir el programa si fuese necesario, para poder copiarlo y pegarlo en tu próxima respuesta.
-
El informe también se puede encontrar en C:\AdwCleaner\Logs\AdwCleaner[C00].txt
Junkware Removal Tool.-
-
Ejecuta JRT.exe.
-
Y pulsar cualquier tecla para continuar, esperar pacientemente a que termine el proceso.
-
Si en algún momento te pide Reiniciar hazlo.
-
Al finalizar, un registro/informe (JRT.txt) se guardara en el escritorio y se abrirá automáticamente.
-
Copia y pega el contenido de JRT.txt en tu próxima respuesta.
Farbar Recovery Scan Tool.-
-
Ejecuta FRST.exe.
-
En el mensaje de la ventana del Disclaimer, pulsamos Yes
-
En la ventana principal pulsamos en el botón Scan y esperamos a que concluya el proceso.
-
Se abrirán dos(2) archivos(Logs), Frst.txt y Addition.txt, estos quedaran grabados en el escritorio.
Poner los informes en tu próxima respuesta de :
- Malwarebytes, AdwCleaner, JRT, FRST + Addition.txt, y en ese orden.
Debes copiarlos y pegarlos con todo su contenido y usaras varios mensajes si recibes un mensaje de error indicando que es muy largo(mas de 50.000 caracteres aprox.).
Y nos cuentas como funciona tu equipo en relación al problema planteado.
Saludos Javier.
Hola, Pego los reportes.
Malwarebytes
www.malwarebytes.com
-Detalles del registro-
Fecha del análisis: 10/7/19
Hora del análisis: 12:49
Archivo de registro: 59f1d71c-a300-11e9-ada5-d017c2958b97.json
-Información del software-
Versión: 3.8.3.2965
Versión de los componentes: 1.0.613
Versión del paquete de actualización: 1.0.11466
Licencia: Gratis
-Información del sistema-
SO: Windows 10 (Build 17763.557)
CPU: x64
Sistema de archivos: NTFS
Usuario: DESKTOP-GBE5OK2\Javi
-Resumen del análisis-
Tipo de análisis: Análisis personalizado
Análisis iniciado por:: Manual
Resultado: Completado
Objetos analizados: 479655
Amenazas detectadas: 0
Amenazas en cuarentena: 0
Tiempo transcurrido: 1 hr, 12 min, 49 seg
-Opciones de análisis-
Memoria: Activado
Inicio: Activado
Sistema de archivos: Activado
Archivo: Activado
Rootkits: Activado
Heurística: Activado
PUP: Detectar
PUM: Detectar
-Detalles del análisis-
Proceso: 0
(No hay elementos maliciosos detectados)
Módulo: 0
(No hay elementos maliciosos detectados)
Clave del registro: 0
(No hay elementos maliciosos detectados)
Valor del registro: 0
(No hay elementos maliciosos detectados)
Datos del registro: 0
(No hay elementos maliciosos detectados)
Secuencia de datos: 0
(No hay elementos maliciosos detectados)
Carpeta: 0
(No hay elementos maliciosos detectados)
Archivo: 0
(No hay elementos maliciosos detectados)
Sector físico: 0
(No hay elementos maliciosos detectados)
WMI: 0
(No hay elementos maliciosos detectados)
(end)[/CODE]
[CODE]# -------------------------------
# Malwarebytes AdwCleaner 7.3.0.0
# -------------------------------
# Build: 04-04-2019
# Database: 2019-04-03.1 (Local)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 07-10-2019
# Duration: 00:00:07
# OS: Windows 10 Home
# Scanned: 27198
# Detected: 0
***** [ Services ] *****
No malicious services found.
***** [ Folders ] *****
No malicious folders found.
***** [ Files ] *****
No malicious files found.
***** [ DLL ] *****
No malicious DLLs found.
***** [ WMI ] *****
No malicious WMI found.
***** [ Shortcuts ] *****
No malicious shortcuts found.
***** [ Tasks ] *****
No malicious tasks found.
***** [ Registry ] *****
No malicious registry entries found.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries found.
***** [ Chromium URLs ] *****
No malicious Chromium URLs found.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries found.
***** [ Firefox URLs ] *****
No malicious Firefox URLs found.
AdwCleaner[S00].txt - [1727 octets] - [08/07/2019 15:31:07]
AdwCleaner[C00].txt - [1799 octets] - [08/07/2019 15:31:21]
AdwCleaner[S01].txt - [1372 octets] - [08/07/2019 15:34:06]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S02].txt ##########~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.4 (07.09.2017)
Operating System: Windows 10 Home x64
Ran by Javi (Administrator) on 10/07/2019 at 15:19:00,51
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
File System: 4
Successfully deleted: C:\WINDOWS\system32\Tasks\update-S-1-5-21-1075233761-366340723-250184798-1001 (Task)
Successfully deleted: C:\WINDOWS\system32\Tasks\update-sys (Task)
Successfully deleted: C:\WINDOWS\Tasks\update-S-1-5-21-1075233761-366340723-250184798-1001.job (Task)
Successfully deleted: C:\WINDOWS\Tasks\update-sys.job (Task)
Registry: 0
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 10/07/2019 at 15:20:05,98
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 3-07-2019
Ran by Javi (10-07-2019 15:21:49)
Running from C:\Users\Javi\Desktop
Windows 10 Home Version 1809 17763.557 (X64) (2019-01-22 11:21:37)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrador (S-1-5-21-1075233761-366340723-250184798-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1075233761-366340723-250184798-503 - Limited - Disabled)
Invitado (S-1-5-21-1075233761-366340723-250184798-501 - Limited - Disabled)
Javi (S-1-5-21-1075233761-366340723-250184798-1001 - Administrator - Enabled) => C:\Users\Javi
WDAGUtilityAccount (S-1-5-21-1075233761-366340723-250184798-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
ABBYY FineReader 11 (HKLM-x32\...\{F11000FE-0010-0000-0000-074957833700}) (Version: 11.11.194 - ABBYY Production LLC)
Actualización de NVIDIA 37.0.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 37.0.0.0 - NVIDIA Corporation) Hidden
Adobe Acrobat Reader DC - Español (HKLM-x32\...\{AC76BA86-7AD7-1034-7B44-AC0F074E4100}) (Version: 19.012.20035 - Adobe Systems Incorporated)
Battlefield™ 1 (HKLM-x32\...\{335B50BC-6130-4BAF-9A6A-F1561270587B}) (Version: 1.0.57.44284 - Electronic Arts)
calibre (HKLM-x32\...\{ED468F84-6B55-4FFD-A0C2-3C2064696A88}) (Version: 3.40.1 - Kovid Goyal)
CCleaner (HKLM\...\CCleaner) (Version: 5.44 - Piriform)
DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 425.31 - NVIDIA Corporation) Hidden
FileZilla Client 3.35.2 (HKLM-x32\...\FileZilla Client) (Version: 3.35.2 - Tim Kosse)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 75.0.3770.100 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden
Java 8 Update 201 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180201F0}) (Version: 8.0.2010.9 - Oracle Corporation)
Lightshot-5.4.0.35 (HKLM-x32\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 5.4.0.35 - Skillbrains)
Malwarebytes versión 3.8.3.2965 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.8.3.2965 - Malwarebytes)
Microsoft Office 365 ProPlus - es-es (HKLM\...\O365ProPlusRetail - es-es) (Version: 16.0.10730.20348 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1075233761-366340723-250184798-1001\...\OneDriveSetup.exe) (Version: 19.086.0502.0006 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.13.26020 (HKLM-x32\...\{7474cd6e-76cc-4257-837e-5b9261e526af}) (Version: 14.13.26020.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.13.26020 (HKLM-x32\...\{5c045b7f-e561-4794-91f8-c6cda0893107}) (Version: 14.13.26020.0 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2017 (HKLM-x32\...\{5a7dc0ad-cdb2-43b5-8b82-f81065fe6092}) (Version: 15.0.26717 - Microsoft Corporation)
Mozilla Firefox 67.0.4 (x64 es-ES) (HKLM\...\Mozilla Firefox 67.0.4 (x64 es-ES)) (Version: 67.0.4 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 61.0 - Mozilla)
Notepad++ (64-bit x64) (HKLM\...\Notepad++) (Version: 7.6 - Notepad++ Team)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.15 - NVIDIA Corporation) Hidden
NVIDIA Controlador de audio HD 1.3.38.16 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.16 - NVIDIA Corporation)
NVIDIA Controlador de gráficos 430.86 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 430.86 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.19.0.107 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.19.0.107 - NVIDIA Corporation)
NVIDIA Software del sistema PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.10730.20348 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.10730.20348 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.10730.20348 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0C0A-0000-0000000FF1CE}) (Version: 16.0.10730.20348 - Microsoft Corporation) Hidden
Opera Stable 62.0.3331.43 (HKU\S-1-5-21-1075233761-366340723-250184798-1001\...\Opera 62.0.3331.43) (Version: 62.0.3331.43 - Opera Software)
Origin (HKLM-x32\...\Origin) (Version: 10.5.41.27263 - Electronic Arts, Inc.)
Panel de control de NVIDIA 430.86 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 430.86 - NVIDIA Corporation) Hidden
Riot - Radical Image Optimization Tool (HKLM-x32\...\Riot) (Version: - )
Skype versión 8.48 (HKLM-x32\...\Skype_is1) (Version: 8.48 - Skype Technologies S.A.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Telegram Desktop version 1.7.14 (HKU\S-1-5-21-1075233761-366340723-250184798-1001\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 1.7.14 - Telegram Messenger LLP)
TheBestSpinner3 (HKLM-x32\...\TheBestSpinner3) (Version: - )
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{F814D094-197F-43C8-87FA-3210BB780486}) (Version: 2.53.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM\...\{52C1DD03-104E-4AC6-9DC6-21D585721ED1}) (Version: 1.19.0.0 - Microsoft Corporation) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 3.0.4 - VideoLAN)
Windows Setup Remediations (x64) (KB4023057) (HKLM\...\{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb) (Version: - )
Packages:
=========
Complemento de Fotos -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2017.39121.36610.0_x64__8wekyb3d8bbwe [2018-10-28] (Microsoft Corporation)
Correo y Calendario -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe [2019-07-09] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-02-04] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-02-04] (Microsoft Corporation) [MS Ad]
Microsoft News: Noticias destacadas en español -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.31.11723.0_x64__8wekyb3d8bbwe [2019-06-27] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.4.6132.0_x64__8wekyb3d8bbwe [2019-06-17] (Microsoft Studios) [MS Ad]
MSN Deportes -> C:\Program Files\WindowsApps\Microsoft.BingSports_4.28.3242.0_x64__8wekyb3d8bbwe [2018-12-14] (Microsoft Corporation) [MS Ad]
MSN Dinero -> C:\Program Files\WindowsApps\Microsoft.BingFinance_4.29.10701.0_x64__8wekyb3d8bbwe [2019-03-22] (Microsoft Corporation) [MS Ad]
MSN El Tiempo -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.28.10351.0_x64__8wekyb3d8bbwe [2019-02-13] (Microsoft Corporation) [MS Ad]
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.93.478.0_x64__mcm4njqhnhss8 [2019-06-27] (Netflix, Inc.)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.110.540.0_x86__zpdnekdrzrea0 [2019-07-02] (Spotify AB)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-1075233761-366340723-250184798-1001_Classes\CLSID\{43B6BC35-6C91-EA5D-11D5-C54A6E5CB4FA}\InprocServer32 -> C:\Windows\system32\ole32.dll (Microsoft Windows -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files\Notepad++\NppShell_06.dll [2018-11-13] (Notepad++ -> )
ContextMenuHandlers1: [FineReader11ContextMenu] -> {79E48320-C6B5-49F1-992B-571D53586885} => C:\Program Files (x86)\ABBYY FineReader 11\FRIntegration.x64.dll [2013-06-28] (ABBYY PRODUCTION LLC -> ABBYY Production LLC)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2019-05-23] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [FineReader11ContextMenu] -> {79E48320-C6B5-49F1-992B-571D53586885} => C:\Program Files (x86)\ABBYY FineReader 11\FRIntegration.x64.dll [2013-06-28] (ABBYY PRODUCTION LLC -> ABBYY Production LLC)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\Javi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\Instagram.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=maonlnecdeecdljpahhnnlmhbmalehlm
==================== Loaded Modules (Whitelisted) ==============
2018-08-23 17:54 - 2018-08-23 17:54 - 000000000 ____L (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Root\Office16\AppVIsvSubsystems32.dll
2018-08-23 17:54 - 2018-08-23 17:54 - 000000000 ____L (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Root\Office16\c2r32.dll
2019-03-16 12:42 - 2019-06-11 08:21 - 001277440 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\LIBEAY32.dll
2019-03-16 12:42 - 2019-06-11 08:22 - 000279040 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\ssleay32.dll
2019-03-16 12:42 - 2019-05-25 09:55 - 001611264 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\platforms\qwindows.dll
2019-03-16 12:42 - 2019-05-25 09:56 - 005487104 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Core.dll
2019-03-16 12:42 - 2019-05-25 09:56 - 005841920 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Gui.dll
2019-03-16 12:42 - 2019-05-25 09:56 - 001179136 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Network.dll
2019-03-16 12:42 - 2019-05-25 09:56 - 005089792 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Widgets.dll
2019-03-16 12:42 - 2019-05-25 09:56 - 000184832 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Xml.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-1075233761-366340723-250184798-1001\...\localhost -> localhost
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2018-06-24 14:57 - 2018-06-24 14:56 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\Program Files (x86)\Calibre2\
HKU\S-1-5-21-1075233761-366340723-250184798-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Javi\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\tpvkltS.jpg
DNS Servers: Media is not connected to internet.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
If an entry is included in the fixlist, it will be removed.
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "Bonus.SSR.FR11"
HKLM\...\StartupApproved\Run32: => "Lightshot"
HKU\S-1-5-21-1075233761-366340723-250184798-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-1075233761-366340723-250184798-1001\...\StartupApproved\Run: => "32f2e648"
HKU\S-1-5-21-1075233761-366340723-250184798-1001\...\StartupApproved\Run: => "utweb"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{74DCE1C7-CEFF-4827-A3FD-C0D85DA6B53A}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{AF87B823-E568-4D35-B970-1988CE3BE593}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{40316CF3-EDF2-4A8F-AFB3-ACFF0585EE1A}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F7C3F227-4453-4C01-83DB-472051A3792A}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{89CB73FA-2D56-4EA0-AD3D-E0EAAA82B33E}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{D46E4400-364E-4E1A-848C-7D5815ECA265}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{FACE1DC4-8361-45F4-AE77-E8B72249A034}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{21490531-806F-48C3-B498-8339CBB1152E}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{D17B3B66-E003-4941-B549-4DACE07ED61A}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{4B29DF6F-9861-4D41-BFA1-3E36E70918FA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{D8F5458F-6436-43A0-AC8B-A059450D1175}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{639C7317-2BB7-466D-A76B-04890FA22F60}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{651FDCA5-3431-453E-95D6-F31F44EC3B7D}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{20D5561E-BE5C-41D4-84A5-35441E3DF924}] => (Allow) C:\Program Files (x86)\TheBestSpinner3\TheBestSpinner.exe (JonathanLeger.com) [File not signed]
FirewallRules: [{0F25CBF6-B659-48D5-9D78-5F946446CE52}] => (Allow) C:\Program Files (x86)\TheBestSpinner3\TheBestSpinner.exe (JonathanLeger.com) [File not signed]
FirewallRules: [{CD20A11D-228B-407D-AA86-4BEFE6333BD0}] => (Allow) C:\Program Files (x86)\TheBestSpinner3\TheBestSpinner.exe (JonathanLeger.com) [File not signed]
FirewallRules: [{DC493FD0-1362-4287-B38A-3CC0C9AC7759}] => (Allow) C:\Program Files (x86)\TheBestSpinner3\TheBestSpinner.exe (JonathanLeger.com) [File not signed]
FirewallRules: [{96F42436-BF1B-4648-B1B1-C098115515B2}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 1\bf1Trial.exe (Electronic Arts, Inc. -> EA Digital Illusions CE AB)
FirewallRules: [{38CAF1F1-342C-4C89-849B-38F8AD21212F}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 1\bf1Trial.exe (Electronic Arts, Inc. -> EA Digital Illusions CE AB)
FirewallRules: [{483A097A-C8FD-4B18-B7AA-40AB2CB281A5}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 1\bf1.exe (Electronic Arts, Inc. -> EA Digital Illusions CE AB)
FirewallRules: [{D5C13B4A-C4EB-477E-9441-021F7953CEB3}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 1\bf1.exe (Electronic Arts, Inc. -> EA Digital Illusions CE AB)
FirewallRules: [{72242DA6-4585-43F9-A7D8-61BEBF9621FD}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{76E1EB23-459F-4AF8-8C75-CC734DE8C171}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{1534E11A-6F16-4BA4-B823-325E192F38E9}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{25ED89FA-24F7-4207-A5D7-63A85B17AFBF}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{8C6BE69A-71F9-4DA8-8809-DA9382A465DB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DARK SOULS III\Game\DarkSoulsIII.exe (FromSoftware,Inc. -> BANDAI NAMCO Entertainment Inc.)
FirewallRules: [{A66D3A99-B4C1-4A15-8136-6C1A21C2482E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DARK SOULS III\Game\DarkSoulsIII.exe (FromSoftware,Inc. -> BANDAI NAMCO Entertainment Inc.)
FirewallRules: [{ECCFCB36-01D7-48CF-BB59-53A31E2EF979}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{57FDE006-D379-4C9A-A691-A5823FF8A029}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{88F97EE5-3368-42DD-AAFC-8EB3856ECF55}] => (Allow) C:\Program Files\Opera\60.0.3255.170\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{51A818D8-0670-447A-B248-C926B6EC7FC6}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{99D647BC-6B3A-4BD8-9E93-45D1B202B6A7}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{929EFDFA-E35F-418A-8299-4147EA48CC51}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{49C9F1E7-C5B4-48AD-B5CC-E28C6D45EA23}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.110.540.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{48A34919-80C5-49F2-9D44-5C3DFCE1ADF1}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.110.540.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{A08704A0-38E6-4BB2-8814-0E88FD0B6CBB}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.110.540.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{48943093-1332-4643-8E77-4DACF2B54E32}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.110.540.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{3176777B-47E8-4477-93ED-BC1A9287AB9C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.110.540.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{3269BB37-E55E-41BB-88E1-417291EB2952}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.110.540.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{677C9A3A-6655-479B-A501-69A730CC15C2}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.110.540.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{1B48EBA4-65FC-40D2-B70F-8C12EF0014E1}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.110.540.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{BB68ED21-0AE1-48D5-A8F3-AB90F18D836E}] => (Allow) C:\Program Files\Opera\62.0.3331.43\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{8D679C9C-6911-409A-98C8-9BD6340E95FB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{E1009491-9249-4590-BA50-7EB50F521EA6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{DD15A20D-5421-40D7-B4F6-92C2C103A542}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{62488D97-E22C-4E8A-AB04-4C053641DD11}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
==================== Restore Points =========================
17-06-2019 20:26:53 Windows Update
27-06-2019 13:16:18 Punto de control programado
07-07-2019 14:52:33 Punto de control programado
10-07-2019 15:19:01 JRT Pre-Junkware Removal
==================== Faulty Device Manager Devices =============
Name: Dispositivo USB desconocido (Error de solicitud de descriptor de dispositivo)
Description: Dispositivo USB desconocido (Error de solicitud de descriptor de dispositivo)
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Controladora de host USB estándar)
Service:
Problem: : Windows has stopped this device because it has reported problems. (Code 43)
Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation.
==================== Event log errors: =========================
Application errors:
==================
Error: (07/10/2019 12:28:08 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
Error: (07/09/2019 05:04:41 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
Error: (07/08/2019 03:45:57 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Error al generar el contexto de activación para "C:\Users\Javi\Desktop\esetsmartinstaller_esn.exe". Error en el archivo de manifiesto o directiva "" en la línea .
Una versión de componente requerida por la aplicación está en conflicto con la versión de otro componente activo.
Los componentes en conflicto son:.
Componente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17763.557_none_05b63f68071e5b9f.manifest.
Componente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17763.557_none_4d63763f1b9a84a5.manifest.
Error: (07/08/2019 03:37:11 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Error al generar el contexto de activación para "C:\Users\Javi\Desktop\esetsmartinstaller_esn.exe". Error en el archivo de manifiesto o directiva "" en la línea .
Una versión de componente requerida por la aplicación está en conflicto con la versión de otro componente activo.
Los componentes en conflicto son:.
Componente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17763.557_none_05b63f68071e5b9f.manifest.
Componente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17763.557_none_4d63763f1b9a84a5.manifest.
Error: (07/08/2019 03:36:52 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Error al generar el contexto de activación para "C:\Users\Javi\Desktop\esetsmartinstaller_esn.exe". Error en el archivo de manifiesto o directiva "" en la línea .
Una versión de componente requerida por la aplicación está en conflicto con la versión de otro componente activo.
Los componentes en conflicto son:.
Componente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17763.557_none_05b63f68071e5b9f.manifest.
Componente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17763.557_none_4d63763f1b9a84a5.manifest.
Error: (07/08/2019 01:07:20 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: El programa Telegram.exe (versión 1.7.14.0) dejó de interactuar con Windows y se cerró. Para ver si hay más información disponible sobre el problema, comprueba el historial de problemas en el panel de control de seguridad y mantenimiento.
Id. de proceso: 40e4
Hora de Inicio: 01d5357cf7ffb84d
Hora de finalización: 4294967295
Ruta de la aplicación: C:\Users\Javi\AppData\Roaming\Telegram Desktop\Telegram.exe
Id. de informe: db9c6eb6-67e3-4f3f-98eb-bfea26506ef4
Nombre completo del paquete con errores:
Id. de la aplicación relativa al paquete con errores:
Tipo de bloqueo: Top level window is idle
Error: (07/08/2019 12:09:05 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: El programa Telegram.exe (versión 1.7.14.0) dejó de interactuar con Windows y se cerró. Para ver si hay más información disponible sobre el problema, comprueba el historial de problemas en el panel de control de seguridad y mantenimiento.
Id. de proceso: 16f40
Hora de Inicio: 01d535722a39bbbf
Hora de finalización: 4294967295
Ruta de la aplicación: C:\Users\Javi\AppData\Roaming\Telegram Desktop\Telegram.exe
Id. de informe: 91494099-fd67-4ea9-9e61-e115613816ea
Nombre completo del paquete con errores:
Id. de la aplicación relativa al paquete con errores:
Tipo de bloqueo: Top level window is idle
Error: (07/08/2019 10:47:10 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
System errors:
=============
Error: (07/10/2019 03:19:08 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: El servicio NVIDIA LocalSystem Container terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 6000 milisegundos: Reiniciar el servicio.
Error: (07/10/2019 03:19:08 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: El servicio NVIDIA Display Container LS terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 6000 milisegundos: Reiniciar el servicio.
Error: (07/10/2019 03:18:22 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: La configuración de permisos específico de la aplicación no concede el permiso Iniciar Local para la aplicación de servidor COM con CLSID
Windows.SecurityCenter.WscDataProtection
y APPID
No disponible
al usuario NT AUTHORITY\SYSTEM con SID (S-1-5-18) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.
Error: (07/10/2019 03:15:32 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio Origin Web Helper Service se terminó de manera inesperada. Esto ha sucedido 1 veces.
Error: (07/10/2019 03:15:32 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: El servicio NVIDIA LocalSystem Container terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 6000 milisegundos: Reiniciar el servicio.
Error: (07/10/2019 03:15:32 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: El servicio Servicio Hacer clic y ejecutar de Microsoft Office terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 0 milisegundos: Reiniciar el servicio.
Error: (07/10/2019 03:15:32 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio Logitech Video Camera Service se terminó de manera inesperada. Esto ha sucedido 1 veces.
Error: (07/10/2019 03:15:32 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: El servicio NVIDIA Telemetry Container terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 1000 milisegundos: Reiniciar el servicio.
Windows Defender:
===================================
Date: 2019-07-08 16:30:51.589
Description:
El examen de Antivirus de Windows Defender se detuvo antes de completarse.
Id. de examen: {E66B4A43-D559-4C52-BDE3-982667C3637B}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM
Date: 2019-06-14 13:20:34.136
Description:
El examen de Antivirus de Windows Defender se detuvo antes de completarse.
Id. de examen: {E186C75A-27EC-4176-9C16-233B5D644578}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM
Date: 2019-06-04 14:54:21.653
Description:
El examen de Antivirus de Windows Defender se detuvo antes de completarse.
Id. de examen: {4FBE1C8D-7F42-4E9A-AE57-EBF5C18E739D}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM
Date: 2019-05-29 11:09:42.379
Description:
El examen de Antivirus de Windows Defender se detuvo antes de completarse.
Id. de examen: {51BA38DD-EB92-4C9E-9D0C-50A8694F4FAE}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM
Date: 2019-07-10 14:37:11.051
Description:
Antivirus de Windows Defender encontró un error al intentar actualizar las firmas.
Nueva versión de firma:
Versión de firma anterior: 1.297.744.0
Origen de actualización: Servidor de Microsoft Update
Tipo de firma: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\SYSTEM
Versión de motor actual:
Versión de motor anterior: 1.1.16100.4
Código de error: 0x80240438
Descripción del error: Se produjo un problema inesperado mientras se buscaban actualizaciones. Para obtener más información sobre cómo instalar o solucionar problemas en las actualizaciones, consulte Ayuda y soporte técnico.
CodeIntegrity:
===================================
Date: 2019-06-22 15:06:19.048
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\NVIDIA Corporation\Ansel\Tools\NvCameraWhitelisting64.dll because the set of per-page image hashes could not be found on the system.
Date: 2019-05-19 00:04:42.752
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\NVIDIA Corporation\Ansel\Tools\NvCameraWhitelisting64.dll because the set of per-page image hashes could not be found on the system.
Date: 2019-05-18 23:08:01.053
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\NVIDIA Corporation\Ansel\Tools\NvCameraWhitelisting64.dll because the set of per-page image hashes could not be found on the system.
Date: 2019-05-18 22:52:32.601
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\NVIDIA Corporation\Ansel\Tools\NvCameraWhitelisting64.dll because the set of per-page image hashes could not be found on the system.
Date: 2019-05-18 01:44:11.365
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\NVIDIA Corporation\Ansel\Tools\NvCameraWhitelisting64.dll because the set of per-page image hashes could not be found on the system.
Date: 2019-05-17 19:22:31.659
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\NVIDIA Corporation\Ansel\Tools\NvCameraWhitelisting64.dll because the set of per-page image hashes could not be found on the system.
Date: 2019-05-17 17:59:56.965
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\NVIDIA Corporation\Ansel\Tools\NvCameraWhitelisting64.dll because the set of per-page image hashes could not be found on the system.
Date: 2019-05-17 16:38:47.411
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\NVIDIA Corporation\Ansel\Tools\NvCameraWhitelisting64.dll because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
BIOS: American Megatrends Inc. 0806 02/15/2016
Motherboard: ASUSTeK COMPUTER INC. Z170I PRO GAMING
Processor: Intel(R) Core(TM) i7-6700K CPU @ 4.00GHz
Percentage of memory in use: 20%
Total physical RAM: 16308.46 MB
Available physical RAM: 13014 MB
Total Virtual: 18740.46 MB
Available Virtual: 14065.23 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:464.79 GB) (Free:238.35 GB) NTFS
Drive d: () (Removable) (Total:28.63 GB) (Free:14.74 GB) FAT32
\\?\Volume{4833d3ec-0000-0000-0000-100000000000}\ (Reservado para el sistema) (Fixed) (Total:0.49 GB) (Free:0.46 GB) NTFS
\\?\Volume{4833d3ec-0000-0000-0000-005274000000}\ () (Fixed) (Total:0.48 GB) (Free:0.06 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 4833D3EC)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=464.8 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=490 MB) - (Type=27)
========================================================
Disk: 1 (Protective MBR) (Size: 28.6 GB) (Disk ID: 00000000)
Partition: GPT.
==================== End of Addition.txt ============================Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 3-07-2019
Ran by Javi (administrator) on DESKTOP-GBE5OK2 (10-07-2019 15:21:05)
Running from C:\Users\Javi\Desktop
Loaded Profiles: Javi (Available Profiles: Javi)
Platform: Windows 10 Home Version 1809 17763.557 (X64) Language: Español (España, internacional)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
() [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.48.51.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
(ABBYY PRODUCTION LLC -> ABBYY InfoPoisk LLC) C:\Program Files (x86)\ABBYY FineReader 11\NetworkLicenseServer.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.11\GoogleCrashHandler.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.11\GoogleCrashHandler64.exe
(Logitech Inc -> Logitech) C:\Program Files\Logitech\Collaboration\Services\Video\ServiceLayer.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1906.3-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1906.3-0\NisSrv.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(Qualcomm Atheros -> Windows (R) Win 7 DDK provider) C:\Windows\System32\AdminService.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3942864 2016-10-13] (Logitech -> Logitech, Inc.)
HKLM-x32\...\Run: [Bonus.SSR.FR11] => C:\Program Files (x86)\ABBYY FineReader 11\Bonus.ScreenshotReader.exe [1364496 2013-06-28] (ABBYY PRODUCTION LLC -> ABBYY Production LLC)
HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [225944 2017-04-11] (OOO Lightshot -> )
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601424 2018-12-16] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-1075233761-366340723-250184798-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [18385368 2018-06-24] (Piriform Ltd -> Piriform Ltd)
HKU\S-1-5-21-1075233761-366340723-250184798-1001\...\Run: [32f2e648] => C:\ProgramData\32f2e648\32f2e648.exe C:\ProgramData\32f2e648\32f2e648test.au3
HKU\S-1-5-21-1075233761-366340723-250184798-1001\...\RunOnce: [32f2e6482] => C:\ProgramData\dgEcqP\32f2e648.exe [937776 2019-07-10] (AutoIt Consulting Ltd -> AutoIt Team)
HKU\S-1-5-21-1075233761-366340723-250184798-1001\...\RunOnce: [32f2e648] => C:\ProgramData\32f2e648\32f2e648.exe C:\ProgramData\32f2e648\32f2e648test.au3
HKU\S-1-5-18\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [18385368 2018-06-24] (Piriform Ltd -> Piriform Ltd)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\75.0.3770.100\Installer\chrmstp.exe [2019-06-21] (Google LLC -> Google LLC)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {07521BC8-6DC8-41FF-BBCD-E6A4A95E4887} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [2281944 2019-06-04] (AVAST Software s.r.o. -> AVAST Software)
Task: {0D600243-1C7C-4D16-A2DC-C7597A9248CB} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [897008 2019-06-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {19BF5AD7-65B9-4BD0-8DFF-31A290645F3A} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1195544 2018-12-16] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {1A9C0FB8-7C0C-449F-8ACF-4519F914E4AE} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23949600 2019-05-30] (Microsoft Corporation -> Microsoft Corporation)
Task: {1B135B38-672A-43EB-9BBB-7F8AB5ABAC40} - System32\Tasks\Opera scheduled Autoupdate 1534527548 => C:\Program Files\Opera\launcher.exe [1519640 2019-07-03] (Opera Software AS -> Opera Software)
Task: {2A3E23B2-243B-4BC4-B2DE-202CB468C713} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1130480 2019-06-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {2A48C8A3-90B0-4524-894E-F27F42472A91} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1130480 2019-06-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {3143A222-289F-451D-BA10-18F020AA86BD} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1526352 2019-06-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {42AA88FA-E55D-4259-89D4-96442A7893EA} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [648504 2019-06-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {52F0FE98-0827-4F9D-B3B6-06EEA7CD7611} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-02-05] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {5854E689-5C73-4F47-BC51-541E2E769F1B} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2409040 2019-06-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {68E1127F-6070-4622-9997-5ADA72EDD959} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1130480 2019-06-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {6A277C7B-6000-4462-B26F-A494E84B0104} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2409040 2019-06-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {6D146CD2-5272-4B52-A7C1-81A6F5168FE9} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3788144 2019-06-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {7303F055-74B7-452E-8447-279999DE50DB} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1130480 2019-06-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {7601363F-156E-4425-A484-90109ECC7550} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [782136 2019-03-06] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {792EFDCF-15EF-4498-BB96-CED09039A279} - System32\Tasks\Microsoft\Office\OfficeOsfInstaller => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\osfinstaller.exe [87120 2019-06-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {7A888689-D931-4ABC-AEED-3B1B3D664117} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-06-24] (Google Inc -> Google Inc.)
Task: {7ACC2039-534E-4A82-B2EC-40D385CB8D63} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [782136 2019-03-06] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {7D6F1CEB-2710-4532-994D-D3CBB6E5C417} - System32\Tasks\Microsoft\Windows\Setup\EOSNotify => C:\WINDOWS\system32\EOSNotify.exe
Task: {7F01DF49-EA7F-4E37-ABBF-42DB83CD6ED9} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1906.3-0\MpCmdRun.exe [470176 2019-07-05] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {84A7557B-E820-4714-B1D8-74E7664FA02E} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [13594584 2018-06-24] (Piriform Ltd -> Piriform Ltd)
Task: {8B439BA4-9745-49E9-AED2-DAF82EDD9483} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1526352 2019-06-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {9566E633-ADEA-4797-AD9D-685F9B46443D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1906.3-0\MpCmdRun.exe [470176 2019-07-05] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {99A88B3B-1EB4-40C2-84D3-BD213578A461} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23949600 2019-05-30] (Microsoft Corporation -> Microsoft Corporation)
Task: {9FB22D3F-27A2-4483-ACCB-FD5F39D5B37F} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [897008 2019-06-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {C721DD45-9D99-4230-8D8B-5C33EF67034C} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [753448 2019-06-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {C75C9A56-AC18-4E29-87F9-9FE42AC5C83F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1906.3-0\MpCmdRun.exe [470176 2019-07-05] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {D31735FB-BD02-498B-A7D4-4CEC7C94390E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-06-24] (Google Inc -> Google Inc.)
Task: {E327918B-F66B-45B0-82D5-DA10330B00AB} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1906.3-0\MpCmdRun.exe [470176 2019-07-05] (Microsoft Windows Publisher -> Microsoft Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 80.58.61.250 80.58.61.254
Tcpip\..\Interfaces\{40fa3bfb-8a52-4263-a82f-424d85390020}: [DhcpNameServer] 80.58.61.250 80.58.61.254
Tcpip\..\Interfaces\{9d680c62-252e-468d-b16b-82ab3e9a5dec}: [DhcpNameServer] 80.58.61.250 80.58.61.254
Internet Explorer:
==================
HKU\S-1-5-21-1075233761-366340723-250184798-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.es/
SearchScopes: HKU\S-1-5-21-1075233761-366340723-250184798-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2019-06-14] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2019-01-19] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\ssv.dll [2019-01-16] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\jp2ssv.dll [2019-01-16] (Oracle America, Inc. -> Oracle Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-01-19] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-01-19] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-01-19] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-01-19] (Microsoft Corporation -> Microsoft Corporation)
FireFox:
========
FF DefaultProfile: ddo8sh3n.default
FF ProfilePath: C:\Users\Javi\AppData\Roaming\Mozilla\Firefox\Profiles\ddo8sh3n.default [2019-07-10]
FF Homepage: Mozilla\Firefox\Profiles\ddo8sh3n.default -> hxxp://www.google.es
FF SearchPlugin: C:\Users\Javi\AppData\Roaming\Mozilla\Firefox\Profiles\ddo8sh3n.default\searchplugins\bing-lavasoft-ff59.xml [2018-10-27]
FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-08-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @java.com/DTPlugin,version=11.201.2 -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\dtplugin\npDeployJava1.dll [2019-01-16] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.201.2 -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\plugin2\npjp2.dll [2019-01-16] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2019-01-19] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2019-01-19] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-05-03] (Adobe Inc. -> Adobe Systems Inc.)
Chrome:
=======
CHR DefaultProfile: Default
CHR StartupUrls: Default -> "hxxp://www.google.es/"
CHR Profile: C:\Users\Javi\AppData\Local\Google\Chrome\User Data\Default [2019-07-10]
CHR Extension: (Presentaciones) - C:\Users\Javi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-06-24]
CHR Extension: (Extractor de entidades) - C:\Users\Javi\AppData\Local\Google\Chrome\User Data\Default\Extensions\abngfjnmaobeaaheapakabhdoapfopdi [2018-12-21]
CHR Extension: (Documentos) - C:\Users\Javi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-06-24]
CHR Extension: (Google Drive) - C:\Users\Javi\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-17]
CHR Extension: (YouTube) - C:\Users\Javi\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-06-24]
CHR Extension: (uBlock Origin) - C:\Users\Javi\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2019-06-20]
CHR Extension: (NoFollow) - C:\Users\Javi\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfogidghaigoomjdeacndafapdijmiid [2019-06-25]
CHR Extension: (Easy AdBlocker) - C:\Users\Javi\AppData\Local\Google\Chrome\User Data\Default\Extensions\enlmiihbdlkpihokdgndjhahhkfmfcga [2019-04-24]
CHR Extension: (Block Yourself from Analytics) - C:\Users\Javi\AppData\Local\Google\Chrome\User Data\Default\Extensions\fadgflmigmogfionelcpalhohefbnehm [2018-12-27]
CHR Extension: (Hojas de cálculo) - C:\Users\Javi\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-06-24]
CHR Extension: (Page Analytics (by Google)) - C:\Users\Javi\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnbdnhhicmebfgdgglcdacdapkcihcoh [2018-09-03]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\Javi\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-15]
CHR Extension: (Keywords Everywhere - Keyword Tool) - C:\Users\Javi\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbapdpeemoojbophdfndmlgdhppljgmp [2019-05-28]
CHR Extension: (SimilarWeb - Traffic Rank & Website Analysis) - C:\Users\Javi\AppData\Local\Google\Chrome\User Data\Default\Extensions\hoklmmgfnpapgjgcpechhaamimifchmp [2019-06-16]
CHR Extension: (Yolanda García Ruiz) - C:\Users\Javi\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpbmhkappfhkceplnjebhakclklcmfjd [2018-09-03]
CHR Extension: (eGarante eG-web beta) - C:\Users\Javi\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljibdijikamnefoiodhackbiogocloeb [2019-02-08]
CHR Extension: (Metal negro de carbono + plata) - C:\Users\Javi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lodhggoaglindpoejnjldimdlikkphph [2019-04-28]
CHR Extension: (Instagram) - C:\Users\Javi\AppData\Local\Google\Chrome\User Data\Default\Extensions\maonlnecdeecdljpahhnnlmhbmalehlm [2019-04-10]
CHR Extension: (EAB Search Manager) - C:\Users\Javi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikabbhpeollgpkdddpegijnpifolmme [2018-11-13]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Javi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-06-24]
CHR Extension: (Check My Links) - C:\Users\Javi\AppData\Local\Google\Chrome\User Data\Default\Extensions\ojkcdipcgfaekbeaelaapakgnjflfglf [2019-02-06]
CHR Extension: (Gmail) - C:\Users\Javi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-30]
CHR Extension: (Chrome Media Router) - C:\Users\Javi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-06-21]
CHR Profile: C:\Users\Javi\AppData\Local\Google\Chrome\User Data\Guest Profile [2019-07-10]
CHR Profile: C:\Users\Javi\AppData\Local\Google\Chrome\User Data\Profile 1 [2019-07-10]
CHR Extension: (Presentaciones) - C:\Users\Javi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-10-27]
CHR Extension: (Documentos) - C:\Users\Javi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2018-10-27]
CHR Extension: (Google Drive) - C:\Users\Javi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-30]
CHR Extension: (YouTube) - C:\Users\Javi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-10-27]
CHR Extension: (uBlock Origin) - C:\Users\Javi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2018-10-27]
CHR Extension: (vidIQ for Chrome) - C:\Users\Javi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cppnjmdljhemhdachecffocboniemifa [2018-10-27]
CHR Extension: (Feed+) - C:\Users\Javi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\eaiadkmgpppkonfodnepmoknpaphnlij [2018-10-27]
CHR Extension: (MozBar) - C:\Users\Javi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\eakacpaijcpapndcfffdgphdiccmpknp [2018-11-29]
CHR Extension: (Hojas de cálculo) - C:\Users\Javi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-10-27]
CHR Extension: (Edición de Office) - C:\Users\Javi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gbkeegbaiigmenfmjfclcdgdpimamgkj [2018-10-27]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\Javi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-10-30]
CHR Extension: (Player para ver Movistar+) - C:\Users\Javi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\kenfcfndncbbggmafjjeihkdclggbojn [2018-10-27]
CHR Extension: (Hootsuite) - C:\Users\Javi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\kneloppijbcidgidihgdjnooihjcdbij [2018-10-27]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Javi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-10-27]
CHR Extension: (Check My Links) - C:\Users\Javi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ojkcdipcgfaekbeaelaapakgnjflfglf [2018-10-27]
CHR Extension: (vidIQ Vision for YouTube) - C:\Users\Javi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pachckjkecffpdphbpmfolblodfkgbhl [2018-11-29]
CHR Extension: (Gmail) - C:\Users\Javi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-10-30]
CHR Extension: (Chrome Media Router) - C:\Users\Javi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-10-31]
CHR Profile: C:\Users\Javi\AppData\Local\Google\Chrome\User Data\System Profile [2019-07-10]
Opera:
=======
OPR Extension: (Golden SEO Tools) - C:\Users\Javi\AppData\Roaming\Opera Software\Opera Stable\Extensions\ddgknphabgpfbjedajaondamhejkohkd [2018-09-26]
OPR Extension: (Login Helper) - C:\Users\Javi\AppData\Roaming\Opera Software\Opera Stable\Extensions\elaejmpopanncofaaaphapibnahkkgjb [2018-09-26]
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 ABBYY.Licensing.FineReader.Professional.11.0; C:\Program Files (x86)\ABBYY FineReader 11\NetworkLicenseServer.exe [821048 2013-06-17] (ABBYY PRODUCTION LLC -> ABBYY InfoPoisk LLC)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9662544 2019-05-30] (Microsoft Corporation -> Microsoft Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6744288 2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
R2 nebula; C:\Program Files\Logitech\Collaboration\Services\Video\ServiceLayer.exe [4486896 2018-06-26] (Logitech Inc -> Logitech)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [782136 2019-03-06] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [782136 2019-03-06] (NVIDIA Corporation -> NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2329392 2019-06-11] (Electronic Arts, Inc. -> Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3203888 2019-06-11] (Electronic Arts, Inc. -> Electronic Arts)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1906.3-0\NisSrv.exe [2455544 2019-07-05] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1906.3-0\MsMpEng.exe [110104 2019-07-05] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvTelemetry\plugins" -r
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [20936 2019-06-26] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [275232 2019-07-10] (Malwarebytes Corporation -> Malwarebytes)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_b49751b9038af669\nvlddmkm.sys [21836032 2019-05-23] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30336 2019-06-13] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [69840 2019-03-19] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [75600 2019-04-17] (NVIDIA Corporation -> NVIDIA Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [47704 2019-07-05] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [367032 2019-07-05] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [54200 2019-07-05] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-07-10 15:21 - 2019-07-10 15:21 - 000028814 _____ C:\Users\Javi\Desktop\FRST.txt
2019-07-10 15:21 - 2019-07-10 15:21 - 000000000 ____D C:\ProgramData\uYOsHPI
2019-07-10 15:20 - 2019-07-10 15:21 - 000000000 ____D C:\FRST
2019-07-10 15:20 - 2019-07-10 15:20 - 000000888 _____ C:\Users\Javi\Desktop\JRT.txt
2019-07-10 15:18 - 2019-07-10 15:18 - 000001431 _____ C:\Users\Javi\Desktop\adwcleaner.txt
2019-07-10 15:16 - 2019-07-10 15:16 - 000275232 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2019-07-10 15:15 - 2019-07-10 15:15 - 000000000 ____D C:\ProgramData\iQMawhSL
2019-07-10 15:13 - 2019-07-10 15:13 - 000000000 ____D C:\Users\Javi\Desktop\Nueva carpeta (2)
2019-07-10 15:13 - 2019-07-10 15:13 - 000000000 ____D C:\Users\Javi\Desktop\Nueva carpeta
2019-07-10 14:25 - 2019-07-10 14:25 - 000001554 _____ C:\Users\Javi\Desktop\Informa Malwarebytes.txt
2019-07-10 12:47 - 2019-07-10 12:47 - 000001912 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2019-07-10 12:47 - 2019-07-10 12:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-07-10 12:47 - 2019-07-10 12:47 - 000000000 ____D C:\ProgramData\Malwarebytes
2019-07-10 12:47 - 2019-07-10 12:47 - 000000000 ____D C:\Program Files\Malwarebytes
2019-07-10 12:47 - 2019-06-26 13:00 - 000020936 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2019-07-10 12:47 - 2019-01-08 16:32 - 000153328 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2019-07-10 12:39 - 2019-07-10 12:39 - 002420224 _____ (Farbar) C:\Users\Javi\Desktop\FRST64.exe
2019-07-10 12:37 - 2019-07-10 12:38 - 007025360 _____ (Malwarebytes) C:\Users\Javi\Desktop\adwcleaner_7.3.exe
2019-07-10 12:37 - 2019-07-10 12:38 - 001790024 _____ (Malwarebytes) C:\Users\Javi\Desktop\JRT.exe
2019-07-10 12:36 - 2019-07-10 12:39 - 064488416 _____ (Malwarebytes ) C:\Users\Javi\Desktop\mb3-setup-consumer-3.8.3.2965-1.0.613-1.0.11466.exe
2019-07-08 17:46 - 2019-07-08 17:46 - 000000000 ____D C:\ProgramData\nsnBDGt
2019-07-08 15:31 - 2019-07-08 15:31 - 000000000 ____D C:\ProgramData\tyrbdth
2019-07-08 15:30 - 2019-07-08 15:31 - 000000000 ____D C:\AdwCleaner
2019-07-08 13:21 - 2019-07-08 13:21 - 000007629 _____ C:\Users\Javi\AppData\Local\Resmon.ResmonCfg
2019-06-22 20:29 - 2019-07-04 21:41 - 000000000 ____D C:\Program Files\Mozilla Firefox
2019-06-19 10:07 - 2019-06-19 10:07 - 000000000 ____D C:\Program Files\UNP
2019-06-14 20:46 - 2019-06-14 20:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Herramientas de Microsoft Office
2019-06-13 10:32 - 2019-06-13 10:32 - 026808320 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-06-13 10:32 - 2019-06-13 10:32 - 023438336 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-06-13 10:32 - 2019-06-13 10:32 - 022114960 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2019-06-13 10:32 - 2019-06-13 10:32 - 020816384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2019-06-13 10:32 - 2019-06-13 10:32 - 018999296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-06-13 10:32 - 2019-06-13 10:32 - 017484800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2019-06-13 10:32 - 2019-06-13 10:32 - 015221248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2019-06-13 10:32 - 2019-06-13 10:32 - 012869120 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2019-06-13 10:32 - 2019-06-13 10:32 - 012162048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2019-06-13 10:32 - 2019-06-13 10:32 - 009682744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-06-13 10:32 - 2019-06-13 10:32 - 007884288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2019-06-13 10:32 - 2019-06-13 10:32 - 007875072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-06-13 10:32 - 2019-06-13 10:32 - 007724992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2019-06-13 10:32 - 2019-06-13 10:32 - 007687576 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2019-06-13 10:32 - 2019-06-13 10:32 - 007645392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-06-13 10:32 - 2019-06-13 10:32 - 006926336 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2019-06-13 10:32 - 2019-06-13 10:32 - 006547144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-06-13 10:32 - 2019-06-13 10:32 - 006441472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2019-06-13 10:32 - 2019-06-13 10:32 - 006309256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2019-06-13 10:32 - 2019-06-13 10:32 - 006068224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-06-13 10:32 - 2019-06-13 10:32 - 005764608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2019-06-13 10:32 - 2019-06-13 10:32 - 005588184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2019-06-13 10:32 - 2019-06-13 10:32 - 005297152 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2019-06-13 10:32 - 2019-06-13 10:32 - 005210904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2019-06-13 10:32 - 2019-06-13 10:32 - 005112792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2019-06-13 10:32 - 2019-06-13 10:32 - 005086208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2019-06-13 10:32 - 2019-06-13 10:32 - 004997096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2019-06-13 10:32 - 2019-06-13 10:32 - 004883968 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2019-06-13 10:32 - 2019-06-13 10:32 - 004661760 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2019-06-13 10:32 - 2019-06-13 10:32 - 004627456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2019-06-13 10:32 - 2019-06-13 10:32 - 004588544 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2019-06-13 10:32 - 2019-06-13 10:32 - 003983872 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2019-06-13 10:32 - 2019-06-13 10:32 - 003906560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2019-06-13 10:32 - 2019-06-13 10:32 - 003743744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2019-06-13 10:32 - 2019-06-13 10:32 - 003637248 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2019-06-13 10:32 - 2019-06-13 10:32 - 003426816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2019-06-13 10:32 - 2019-06-13 10:32 - 003385344 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-06-13 10:32 - 2019-06-13 10:32 - 003363640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2019-06-13 10:32 - 2019-06-13 10:32 - 003344896 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2019-06-13 10:32 - 2019-06-13 10:32 - 003270144 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2019-06-13 10:32 - 2019-06-13 10:32 - 003091968 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2019-06-13 10:32 - 2019-06-13 10:32 - 002999808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2019-06-13 10:32 - 2019-06-13 10:32 - 002928640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2019-06-13 10:32 - 2019-06-13 10:32 - 002926096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2019-06-13 10:32 - 2019-06-13 10:32 - 002777736 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2019-06-13 10:32 - 2019-06-13 10:32 - 002707968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2019-06-13 10:32 - 2019-06-13 10:32 - 002690048 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2019-06-13 10:32 - 2019-06-13 10:32 - 002653696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2019-06-13 10:32 - 2019-06-13 10:32 - 002638336 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe2019-06-13 10:32 - 2019-06-13 10:32 - 002627600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2019-06-13 10:32 - 2019-06-13 10:32 - 002469440 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2019-06-13 10:32 - 2019-06-13 10:32 - 002422272 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2019-06-13 10:32 - 2019-06-13 10:32 - 002323696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2019-06-13 10:32 - 2019-06-13 10:32 - 002276192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2019-06-13 10:32 - 2019-06-13 10:32 - 002189312 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-06-13 10:32 - 2019-06-13 10:32 - 002096128 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2019-06-13 10:32 - 2019-06-13 10:32 - 002085168 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2019-06-13 10:32 - 2019-06-13 10:32 - 002017280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2019-06-13 10:32 - 2019-06-13 10:32 - 001929216 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2019-06-13 10:32 - 2019-06-13 10:32 - 001903616 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2019-06-13 10:32 - 2019-06-13 10:32 - 001899160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2019-06-13 10:32 - 2019-06-13 10:32 - 001860608 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2019-06-13 10:32 - 2019-06-13 10:32 - 001860096 ____R (The ICU Project) C:\WINDOWS\system32\icuin.dll
2019-06-13 10:32 - 2019-06-13 10:32 - 001761280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2019-06-13 10:32 - 2019-06-13 10:32 - 001750016 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2019-06-13 10:32 - 2019-06-13 10:32 - 001701888 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2019-06-13 10:32 - 2019-06-13 10:32 - 001700312 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-06-13 10:32 - 2019-06-13 10:32 - 001670840 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2019-06-13 10:32 - 2019-06-13 10:32 - 001644544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2019-06-13 10:32 - 2019-06-13 10:32 - 001618944 ____R (The ICU Project) C:\WINDOWS\SysWOW64\icuin.dll
2019-06-13 10:32 - 2019-06-13 10:32 - 001616384 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2019-06-13 10:32 - 2019-06-13 10:32 - 001605120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-06-13 10:32 - 2019-06-13 10:32 - 001485312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2019-06-13 10:32 - 2019-06-13 10:32 - 001483872 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2019-06-13 10:32 - 2019-06-13 10:32 - 001471040 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-06-13 10:32 - 2019-06-13 10:32 - 001466496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2019-06-13 10:32 - 2019-06-13 10:32 - 001462272 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2019-06-13 10:32 - 2019-06-13 10:32 - 001387520 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2019-06-13 10:32 - 2019-06-13 10:32 - 001342904 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2019-06-13 10:32 - 2019-06-13 10:32 - 001331536 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2019-06-13 10:32 - 2019-06-13 10:32 - 001315328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2019-06-13 10:32 - 2019-06-13 10:32 - 001313792 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2019-06-13 10:32 - 2019-06-13 10:32 - 001311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2019-06-13 10:32 - 2019-06-13 10:32 - 001309696 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2019-06-13 10:32 - 2019-06-13 10:32 - 001298952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2019-06-13 10:32 - 2019-06-13 10:32 - 001260048 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2019-06-13 10:32 - 2019-06-13 10:32 - 001256448 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2019-06-13 10:32 - 2019-06-13 10:32 - 001255936 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2019-06-13 10:32 - 2019-06-13 10:32 - 001254912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2019-06-13 10:32 - 2019-06-13 10:32 - 001253688 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-06-13 10:32 - 2019-06-13 10:32 - 001229824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2019-06-13 10:32 - 2019-06-13 10:32 - 001223168 _____ (Microsoft Corporation) C:\WINDOWS\system32\HoloSI.PCShell.dll
2019-06-13 10:32 - 2019-06-13 10:32 - 001219424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryPS.dll
2019-06-13 10:32 - 2019-06-13 10:32 - 001180184 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2019-06-13 10:32 - 2019-06-13 10:32 - 001098136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2019-06-13 10:32 - 2019-06-13 10:32 - 001072640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2019-06-13 10:32 - 2019-06-13 10:32 - 001054712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-06-13 10:32 - 2019-06-13 10:32 - 001048592 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-06-13 10:32 - 2019-06-13 10:32 - 001032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2019-06-13 10:32 - 2019-06-13 10:32 - 001005056 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2019-06-13 10:32 - 2019-06-13 10:32 - 001000448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2019-06-13 10:32 - 2019-06-13 10:32 - 000998912 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2019-06-13 10:32 - 2019-06-13 10:32 - 000972288 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2019-06-13 10:32 - 2019-06-13 10:32 - 000971776 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2019-06-13 10:32 - 2019-06-13 10:32 - 000924160 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2019-06-13 10:32 - 2019-06-13 10:32 - 000912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2019-06-13 10:32 - 2019-06-13 10:32 - 000898048 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2019-06-13 10:32 - 2019-06-13 10:32 - 000887808 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2019-06-13 10:32 - 2019-06-13 10:32 - 000872448 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2019-06-13 10:32 - 2019-06-13 10:32 - 000863544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2019-06-13 10:32 - 2019-06-13 10:32 - 000853504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2019-06-13 10:32 - 2019-06-13 10:32 - 000850760 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2019-06-13 10:32 - 2019-06-13 10:32 - 000833024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2019-06-13 10:32 - 2019-06-13 10:32 - 000804352 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2019-06-13 10:32 - 2019-06-13 10:32 - 000791040 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2019-06-13 10:32 - 2019-06-13 10:32 - 000787456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2019-06-13 10:32 - 2019-06-13 10:32 - 000773632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2019-06-13 10:32 - 2019-06-13 10:32 - 000769536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2019-06-13 10:32 - 2019-06-13 10:32 - 000758688 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2019-06-13 10:32 - 2019-06-13 10:32 - 000756736 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2019-06-13 10:32 - 2019-06-13 10:32 - 000752144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2019-06-13 10:32 - 2019-06-13 10:32 - 000749568 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2019-06-13 10:32 - 2019-06-13 10:32 - 000735232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2019-06-13 10:32 - 2019-06-13 10:32 - 000730592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2019-06-13 10:32 - 2019-06-13 10:32 - 000699392 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Language.dll
2019-06-13 10:32 - 2019-06-13 10:32 - 000692736 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2019-06-13 10:32 - 2019-06-13 10:32 - 000679424 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2019-06-13 10:32 - 2019-06-13 10:32 - 000676048 _____ (Microsoft Corporation) C:\WINDOWS\system32\StateRepository.Core.dll
2019-06-13 10:32 - 2019-06-13 10:32 - 000669184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2019-06-13 10:32 - 2019-06-13 10:32 - 000667136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapi.dll
2019-06-13 10:32 - 2019-06-13 10:32 - 000663552 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2019-06-13 10:32 - 2019-06-13 10:32 - 000663040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2019-06-13 10:32 - 2019-06-13 10:32 - 000651576 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2019-06-13 10:32 - 2019-06-13 10:32 - 000651064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2019-06-13 10:32 - 2019-06-13 10:32 - 000615440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2019-06-13 10:32 - 2019-06-13 10:32 - 000604344 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2019-06-13 10:32 - 2019-06-13 10:32 - 000594944 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2019-06-13 10:32 - 2019-06-13 10:32 - 000586040 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2019-06-13 10:32 - 2019-06-13 10:32 - 000570368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll
2019-06-13 10:32 - 2019-06-13 10:32 - 000555232 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppResolver.dll
2019-06-13 10:32 - 2019-06-13 10:32 - 000553664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryPS.dll
2019-06-13 10:32 - 2019-06-13 10:32 - 000543744 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2019-06-13 10:32 - 2019-06-13 10:32 - 000540720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StateRepository.Core.dll
2019-06-13 10:32 - 2019-06-13 10:32 - 000532992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2019-06-13 10:32 - 2019-06-13 10:32 - 000531968 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2019-06-13 10:32 - 2019-06-13 10:32 - 000522752 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2019-06-13 10:32 - 2019-06-13 10:32 - 000515152 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2019-06-13 10:32 - 2019-06-13 10:32 - 000513904 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2019-06-13 10:32 - 2019-06-13 10:32 - 000506192 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2019-06-13 10:32 - 2019-06-13 10:32 - 000496128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppcext.dll
2019-06-13 10:32 - 2019-06-13 10:32 - 000495616 _____ (Microsoft Corporation) C:\WINDOWS\system32\DDDS.dll
2019-06-13 10:32 - 2019-06-13 10:32 - 000478720 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskcomp.dll
2019-06-13 10:32 - 2019-06-13 10:32 - 000476160 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2019-06-13 10:32 - 2019-06-13 10:32 - 000474936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2019-06-13 10:32 - 2019-06-13 10:32 - 000462136 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2019-06-13 10:32 - 2019-06-13 10:32 - 000451104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2019-06-13 10:32 - 2019-06-13 10:32 - 000430904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Classpnp.sys
2019-06-13 10:32 - 2019-06-13 10:32 - 000427688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppResolver.dll
2019-06-13 10:32 - 2019-06-13 10:32 - 000424960 _____ (Microsoft Corporation) C:\WINDOWS\system32\SDDS.dll
2019-06-13 10:32 - 2019-06-13 10:32 - 000419368 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmicmiplugin.dll
2019-06-13 10:32 - 2019-06-13 10:32 - 000404792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2019-06-13 10:32 - 2019-06-13 10:32 - 000398848 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2019-06-13 10:32 - 2019-06-13 10:32 - 000398208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2019-06-13 10:32 - 2019-06-13 10:32 - 000389120 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingASDS.dll
2019-06-13 10:32 - 2019-06-13 10:32 - 000386576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2019-06-13 10:32 - 2019-06-13 10:32 - 000375544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2019-06-13 10:32 - 2019-06-13 10:32 - 000375296 _____ (Microsoft Corporation) C:\WINDOWS\system32\esentutl.exe
2019-06-13 10:32 - 2019-06-13 10:32 - 000370688 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2019-06-13 10:32 - 2019-06-13 10:32 - 000365056 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationControllerPS.dll
2019-06-13 10:32 - 2019-06-13 10:32 - 000362496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskcomp.dll
2019-06-13 10:32 - 2019-06-13 10:32 - 000359936 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2019-06-13 10:32 - 2019-06-13 10:32 - 000353280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2019-06-13 10:32 - 2019-06-13 10:32 - 000351744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2019-06-13 10:32 - 2019-06-13 10:32 - 000351232 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicSvc.dll
2019-06-13 10:32 - 2019-06-13 10:32 - 000345600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2019-06-13 10:32 - 2019-06-13 10:32 - 000341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2019-06-13 10:32 - 2019-06-13 10:32 - 000340480 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovhost.dll
2019-06-13 10:32 - 2019-06-13 10:32 - 000331264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esentutl.exe
2019-06-13 10:32 - 2019-06-13 10:32 - 000311808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapibase.dll
2019-06-13 10:32 - 2019-06-13 10:32 - 000292664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2019-06-13 10:32 - 2019-06-13 10:32 - 000287912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SIHClient.exe
2019-06-13 10:32 - 2019-06-13 10:32 - 000282424 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2019-06-13 10:32 - 2019-06-13 10:32 - 000280576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovhost.dll
2019-06-13 10:32 - 2019-06-13 10:32 - 000279040 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvsvc.dll
2019-06-13 10:32 - 2019-06-13 10:32 - 000275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2019-06-13 10:32 - 2019-06-13 10:32 - 000262160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2019-06-13 10:32 - 2019-06-13 10:32 - 000257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicCapsule.dll
2019-06-13 10:32 - 2019-06-13 10:32 - 000247608 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthAgent.dll
2019-06-13 10:32 - 2019-06-13 10:32 - 000246784 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2019-06-13 10:32 - 2019-06-13 10:32 - 000244224 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpnServiceDS.dll
2019-06-13 10:32 - 2019-06-13 10:32 - 000241152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msltus40.dll
2019-06-13 10:32 - 2019-06-13 10:32 - 000240128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winnat.sys
2019-06-13 10:32 - 2019-06-13 10:32 - 000237056 _____ (Microsoft Corporation) C:\WINDOWS\system32\pku2u.dll
2019-06-13 10:32 - 2019-06-13 10:32 - 000228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2019-06-13 10:32 - 2019-06-13 10:32 - 000218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\wdigest.dll
2019-06-13 10:32 - 2019-06-13 10:32 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2019-06-13 10:32 - 2019-06-13 10:32 - 000196920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spacedump.sys
2019-06-13 10:32 - 2019-06-13 10:32 - 000195072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryUpgrade.dll
2019-06-13 10:32 - 2019-06-13 10:32 - 000177152 _____ (Microsoft Corporation) C:\WINDOWS\system32\spacebridge.dll
2019-06-13 10:32 - 2019-06-13 10:32 - 000177152 _____ (Microsoft Corporation) C:\WINDOWS\system32\LanguageComponentsInstaller.dll
2019-06-13 10:32 - 2019-06-13 10:32 - 000166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\FilterDS.dll
2019-06-13 10:32 - 2019-06-13 10:32 - 000165376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spacebridge.dll
2019-06-13 10:32 - 2019-06-13 10:32 - 000165376 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompPkgSrv.exe
2019-06-13 10:32 - 2019-06-13 10:32 - 000162304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryUpgrade.dll
2019-06-13 10:32 - 2019-06-13 10:32 - 000156984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2019-06-13 10:32 - 2019-06-13 10:32 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2019-06-13 10:32 - 2019-06-13 10:32 - 000152896 _____ (Microsoft Corporation) C:\WINDOWS\system32\userenv.dll
2019-06-13 10:32 - 2019-06-13 10:32 - 000152400 _____ (Microsoft Corporation) C:\WINDOWS\system32\KerbClientShared.dll
2019-06-13 10:32 - 2019-06-13 10:32 - 000137056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\userenv.dll
2019-06-13 10:32 - 2019-06-13 10:32 - 000125528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KerbClientShared.dll
2019-06-13 10:32 - 2019-06-13 10:32 - 000122680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll
2019-06-13 10:32 - 2019-06-13 10:32 - 000114648 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompPkgSup.dll
2019-06-13 10:32 - 2019-06-13 10:32 - 000111104 _____ (Microsoft Corporation) C:\WINDOWS\system32\AxInstSv.dll
2019-06-13 10:32 - 2019-06-13 10:32 - 000108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\usoapi.dll
2019-06-13 10:32 - 2019-06-13 10:32 - 000101176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
2019-06-13 10:32 - 2019-06-13 10:32 - 000097792 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingFilterDS.dll
2019-06-13 10:32 - 2019-06-13 10:32 - 000091424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CompPkgSup.dll
2019-06-13 10:32 - 2019-06-13 10:32 - 000090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Microsoft.Bluetooth.Legacy.LEEnumerator.sys
2019-06-13 10:32 - 2019-06-13 10:32 - 000090424 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2019-06-13 10:32 - 2019-06-13 10:32 - 000087864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryBroker.dll
2019-06-13 10:32 - 2019-06-13 10:32 - 000080400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2019-06-13 10:32 - 2019-06-13 10:32 - 000076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicAgent.exe
2019-06-13 10:32 - 2019-06-13 10:32 - 000070144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usoapi.dll
2019-06-13 10:32 - 2019-06-13 10:32 - 000069120 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2019-06-13 10:32 - 2019-06-13 10:32 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerUI.dll
2019-06-13 10:32 - 2019-06-13 10:32 - 000060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
2019-06-13 10:32 - 2019-06-13 10:32 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AssignedAccessRuntime.dll
2019-06-13 10:32 - 2019-06-13 10:32 - 000051712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerUI.dll
2019-06-13 10:32 - 2019-06-13 10:32 - 000048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\UsoClient.exe
2019-06-13 10:32 - 2019-06-13 10:32 - 000047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AssignedAccessRuntime.dll
2019-06-13 10:32 - 2019-06-13 10:32 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf3216.dll
2019-06-13 10:32 - 2019-06-13 10:32 - 000041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryCore.dll
2019-06-13 10:32 - 2019-06-13 10:32 - 000035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2019-06-13 10:32 - 2019-06-13 10:32 - 000031744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryCore.dll
2019-06-13 10:32 - 2019-06-13 10:32 - 000031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2019-06-13 10:32 - 2019-06-13 10:32 - 000022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\slcext.dll
2019-06-13 10:32 - 2019-06-13 10:32 - 000019968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\slcext.dll
2019-06-13 10:32 - 2019-06-13 10:32 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2019-06-13 10:32 - 2019-06-13 10:32 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2019-06-13 10:32 - 2019-06-13 10:32 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2019-06-13 10:32 - 2019-06-13 10:32 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2019-06-13 10:32 - 2019-06-13 10:32 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2019-06-13 10:32 - 2019-06-13 10:32 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2019-06-13 10:32 - 2019-06-13 10:32 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2019-06-13 10:32 - 2019-06-13 10:32 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2019-06-13 10:32 - 2019-06-13 10:32 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2019-06-13 10:32 - 2019-06-13 10:32 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2019-06-12 14:44 - 2019-06-12 14:44 - 000010265 _____ C:\Users\Javi\Downloads\6 cosas a tener en cuenta antes de estudiar un master - La tribuna de HelpMyCash - Words 1870.txt
2019-06-12 11:56 - 2019-06-12 11:56 - 000000000 ____D C:\Users\Javi\Documents\Renta
2019-06-12 10:53 - 2019-06-12 10:53 - 001993528 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcupdate_GenuineIntel.dll
==================== One month (modified) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-07-10 15:19 - 2018-06-24 14:39 - 000000000 ____D C:\ProgramData\NVIDIA
2019-07-10 15:16 - 2019-01-22 13:21 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-07-10 15:16 - 2018-09-15 09:33 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-07-10 15:15 - 2018-09-15 08:09 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2019-07-10 15:11 - 2019-01-22 13:14 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-07-10 14:35 - 2019-01-22 13:21 - 000004210 _____ C:\WINDOWS\System32\Tasks\CCleaner Update
2019-07-10 14:32 - 2019-01-22 13:25 - 001773362 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-07-10 14:32 - 2018-09-15 18:36 - 000788392 _____ C:\WINDOWS\system32\perfh00A.dat
2019-07-10 14:32 - 2018-09-15 18:36 - 000155682 _____ C:\WINDOWS\system32\perfc00A.dat
2019-07-10 14:32 - 2018-09-15 09:31 - 000000000 ____D C:\WINDOWS\INF
2019-07-10 14:26 - 2018-06-24 14:39 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2019-07-10 12:47 - 2018-09-15 09:33 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2019-07-10 12:28 - 2019-01-22 13:21 - 000004214 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{644D9485-F3AD-4425-A531-CB249965878C}
2019-07-10 12:27 - 2018-06-24 20:20 - 000000000 ____D C:\Users\Javi\AppData\Roaming\Telegram Desktop
2019-07-10 12:25 - 2018-12-19 20:31 - 000000000 ____D C:\Users\Javi\AppData\Roaming\37c6aedca9821091b749d893e7e9a654
2019-07-09 21:19 - 2018-09-15 09:33 - 000000000 ___HD C:\Program Files\WindowsApps
2019-07-09 21:19 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-07-09 17:03 - 2019-05-28 12:08 - 000003858 _____ C:\WINDOWS\System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-07-09 17:03 - 2019-05-28 12:08 - 000003858 _____ C:\WINDOWS\System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-07-09 17:03 - 2019-05-28 12:08 - 000003858 _____ C:\WINDOWS\System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-07-09 17:03 - 2019-05-28 12:08 - 000003858 _____ C:\WINDOWS\System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-07-09 17:03 - 2019-01-22 13:21 - 000004308 _____ C:\WINDOWS\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-07-09 17:03 - 2019-01-22 13:21 - 000004106 _____ C:\WINDOWS\System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-07-09 17:03 - 2019-01-22 13:21 - 000003976 _____ C:\WINDOWS\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-07-09 17:03 - 2019-01-22 13:21 - 000003940 _____ C:\WINDOWS\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-07-09 17:03 - 2019-01-22 13:21 - 000003894 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-07-09 17:03 - 2019-01-22 13:21 - 000003654 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-07-09 17:03 - 2018-06-24 14:39 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2019-07-09 17:03 - 2018-06-24 14:39 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2019-07-08 17:29 - 2018-06-24 14:08 - 000000000 ____D C:\Users\Javi\AppData\Local\Packages
2019-07-08 15:07 - 2019-01-22 13:18 - 000000000 ____D C:\Users\Javi
2019-07-08 14:45 - 2018-09-15 09:23 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-07-08 14:42 - 2018-06-26 11:46 - 000000000 ____D C:\Users\Javi\AppData\Local\ElevatedDiagnostics
2019-07-08 14:35 - 2019-01-22 13:21 - 000004170 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1534527548
2019-07-08 14:35 - 2018-08-17 19:39 - 000001197 _____ C:\Users\Javi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Navegador Opera.lnk
2019-07-08 14:35 - 2018-07-03 15:13 - 000000000 ____D C:\Program Files\Opera
2019-07-08 13:09 - 2019-04-20 17:25 - 000000000 ____D C:\Program Files (x86)\Steam
2019-07-08 13:09 - 2018-09-27 19:01 - 000000000 ____D C:\Users\Javi\AppData\Local\CrashDumps
2019-07-08 13:09 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2019-07-08 13:09 - 2018-08-09 16:38 - 000000000 ____D C:\Users\Javi\AppData\Roaming\FileZilla
2019-07-08 11:01 - 2019-05-23 12:22 - 000000000 ____D C:\Users\Javi\Downloads\Telegram Desktop
2019-07-07 19:33 - 2018-07-04 12:54 - 000000000 ____D C:\Users\Javi\AppData\LocalLow\Mozilla
2019-07-05 10:18 - 2018-07-11 01:50 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2019-07-04 21:41 - 2018-07-04 12:54 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-07-03 18:09 - 2018-08-07 12:40 - 000000000 ____D C:\Users\Javi\Documents\Grabaciones de sonido
2019-06-28 20:23 - 2018-06-24 21:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2019-06-28 11:18 - 2019-03-16 12:42 - 000000000 ____D C:\Program Files (x86)\Origin
2019-06-22 20:39 - 2018-07-04 12:54 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2019-06-21 11:00 - 2018-06-24 16:18 - 000002299 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-06-18 10:59 - 2018-07-02 01:30 - 002785776 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2019-06-18 10:59 - 2018-07-02 01:30 - 002164080 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2019-06-18 10:59 - 2018-07-02 01:30 - 001316664 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvRtmpStreamer64.dll
2019-06-18 10:56 - 2018-07-02 01:30 - 000001951 _____ C:\WINDOWS\NvTelemetryContainerRecovery.bat
2019-06-17 19:52 - 2018-11-10 12:47 - 000000000 ____D C:\Users\Javi\Documents\Themes
2019-06-16 16:30 - 2019-01-22 13:21 - 000003374 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1075233761-366340723-250184798-1001
2019-06-16 16:30 - 2019-01-22 13:18 - 000002394 _____ C:\Users\Javi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-06-16 16:30 - 2018-06-24 14:10 - 000000000 ___RD C:\Users\Javi\OneDrive
2019-06-14 20:46 - 2019-01-19 14:48 - 000002580 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype Empresarial.lnk
2019-06-14 20:46 - 2019-01-19 14:48 - 000002531 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2019-06-14 20:46 - 2019-01-19 14:48 - 000002512 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2019-06-14 20:46 - 2019-01-19 14:48 - 000002494 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2019-06-14 20:46 - 2019-01-19 14:48 - 000002487 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2019-06-14 20:46 - 2019-01-19 14:48 - 000002485 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2019-06-14 20:46 - 2019-01-19 14:48 - 000002443 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2019-06-14 20:46 - 2019-01-19 14:48 - 000002439 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
2019-06-14 20:45 - 2018-08-23 17:53 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2019-06-14 11:21 - 2018-08-14 23:21 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2019-06-13 19:05 - 2019-01-22 13:14 - 000528288 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-06-13 19:05 - 2018-07-10 02:46 - 000000000 ___RD C:\Users\Javi\3D Objects
2019-06-13 19:05 - 2018-06-24 14:08 - 000000000 __RHD C:\Users\Public\AccountPictures
2019-06-13 17:26 - 2018-09-15 09:33 - 000000000 ___RD C:\Program Files\Windows Defender
2019-06-13 17:26 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\system32\migwiz
2019-06-13 17:26 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-06-13 05:37 - 2018-07-02 01:30 - 000179184 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll
2019-06-13 05:37 - 2018-07-02 01:30 - 000154608 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2019-06-12 10:55 - 2018-06-24 15:48 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-06-12 10:53 - 2018-06-24 15:48 - 135349160 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
==================== Files in the root of some directories ================
2019-07-08 13:21 - 2019-07-08 13:21 - 000007629 _____ () C:\Users\Javi\AppData\Local\Resmon.ResmonCfg
2018-11-19 14:15 - 2018-11-19 14:15 - 000000003 _____ () C:\Users\Javi\AppData\Local\updater.log
2018-11-19 14:15 - 2018-11-19 14:15 - 000000425 _____ () C:\Users\Javi\AppData\Local\UserProducts.xml
==================== FLock ================
2018-06-24 15:43 C:\OSRSS
==================== SigCheck ===============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ============================Bien… y ahora sigue estos pasos, MUY Importante Realiza una copia de seguridad del registro :
-
Para hacerlo descarga
DelFix.exe(en tu escritorio). -
Doble clic para ejecutarlo.(Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona -Ejecutar como Administrador-).
-
Atención, ahora marca/selecciona únicamente la casilla
Create registry backup, las demás casillas NO. -
Pulsar en Run.
Se abrirá el informe (DelFix.txt), guárdalo por si fuera necesario y cierra la herramienta.
Con los demás programas cerrados ve a Inicio Ejecutar y escribe Notepad.exe.
- Ahora debes copiar y pegar los códigos/líneas que están en el interior del recuadro de más abajo, dentro del Notepad.
START
CREATERESTOREPOINT:
CLOSEPROCESSES:
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
HKU\S-1-5-21-1075233761-366340723-250184798-1001\...\Run: [32f2e648] => C:\ProgramData\32f2e648\32f2e648.exe C:\ProgramData\32f2e648\32f2e648test.au3
HKU\S-1-5-21-1075233761-366340723-250184798-1001\...\RunOnce: [32f2e6482] => C:\ProgramData\dgEcqP\32f2e648.exe [937776 2019-07-10] (AutoIt Consulting Ltd -> AutoIt Team)
HKU\S-1-5-21-1075233761-366340723-250184798-1001\...\RunOnce: [32f2e648] => C:\ProgramData\32f2e648\32f2e648.exe C:\ProgramData\32f2e648\32f2e648test.au3
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\75.0.3770.100\Installer\chrmstp.exe [2019-06-21] (Google LLC -> Google LLC)
Task: {07521BC8-6DC8-41FF-BBCD-E6A4A95E4887} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [2281944 2019-06-04] (AVAST Software s.r.o. -> AVAST Software)
SearchScopes: HKU\S-1-5-21-1075233761-366340723-250184798-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
FF Homepage: Mozilla\Firefox\Profiles\ddo8sh3n.default -> hxxp://www.google.es
2019-06-18 10:56 - 2018-07-02 01:30 - 000001951 _____ C:\WINDOWS\NvTelemetryContainerRecovery.bat
HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
ENDGuárdalo bajo el nombre de FIXLIST.TXT en el escritorio Esto es muy importante.
Nota Es importante que la herramienta FRST.exe(Farbar Recovery Scanner Tool) y FIXLIST.TXT se encuentren en la misma ubicación (escritorio) o si no, no trabajara.
Y ahora usa el 2º MÉTODO: de esta Faq de Windows 8(aplicable a Windows 10) ¿Cómo iniciar Windows 8/8.1 en Modo Seguro?, para trabajar desde ese modo de windows.
-
Ejecuta FRST.exe.(Si usas Windows Vista/7/8 o 10, presiona clic derecho y seleccionas -Ejecutar como Administrador-).
-
Presionar el botón FIX y aguardar a que termine.
-
La Herramienta guardara el reporte de reparación en el escritorio (FIXLOG.TXT).
Pegar el contenido de este fichero en tu próxima respuesta.
Reiniciar el equipo y comprobar su funcionamiento en relación al problema planteado y comentarlo.
Saludos.
Fix result of Farbar Recovery Scan Tool (x64) Version: 3-07-2019
Ran by Javi (10-07-2019 17:44:12) Run:1
Running from C:\Users\Javi\Desktop
Loaded Profiles: Javi (Available Profiles: Javi)
Boot Mode: Safe Mode (minimal)
==============================================
fixlist content:
*****************
START
CREATERESTOREPOINT:
CLOSEPROCESSES:
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
HKU\S-1-5-21-1075233761-366340723-250184798-1001\...\Run: [32f2e648] => C:\ProgramData\32f2e648\32f2e648.exe C:\ProgramData\32f2e648\32f2e648test.au3
HKU\S-1-5-21-1075233761-366340723-250184798-1001\...\RunOnce: [32f2e6482] => C:\ProgramData\dgEcqP\32f2e648.exe [937776 2019-07-10] (AutoIt Consulting Ltd -> AutoIt Team)
HKU\S-1-5-21-1075233761-366340723-250184798-1001\...\RunOnce: [32f2e648] => C:\ProgramData\32f2e648\32f2e648.exe C:\ProgramData\32f2e648\32f2e648test.au3
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\75.0.3770.100\Installer\chrmstp.exe [2019-06-21] (Google LLC -> Google LLC)
Task: {07521BC8-6DC8-41FF-BBCD-E6A4A95E4887} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [2281944 2019-06-04] (AVAST Software s.r.o. -> AVAST Software)
SearchScopes: HKU\S-1-5-21-1075233761-366340723-250184798-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
FF Homepage: Mozilla\Firefox\Profiles\ddo8sh3n.default -> hxxp://www.google.es
2019-06-18 10:56 - 2018-07-02 01:30 - 000001951 _____ C:\WINDOWS\NvTelemetryContainerRecovery.bat
HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
END
*****************
Error: Restore point can only be created in normal mode.
Processes closed successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00asw => removed successfully
HKLM\Software\Classes\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => not found
"HKU\S-1-5-21-1075233761-366340723-250184798-1001\Software\Microsoft\Windows\CurrentVersion\Run\\32f2e648" => not found
"HKU\S-1-5-21-1075233761-366340723-250184798-1001\Software\Microsoft\Windows\CurrentVersion\RunOnce\\32f2e6482" => removed successfully
"HKU\S-1-5-21-1075233761-366340723-250184798-1001\Software\Microsoft\Windows\CurrentVersion\RunOnce\\32f2e648" => removed successfully
HKLM\Software\Microsoft\Active Setup\Installed Components\{8A69D345-D564-463c-AFF1-A69D9E530F96} => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{07521BC8-6DC8-41FF-BBCD-E6A4A95E4887}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{07521BC8-6DC8-41FF-BBCD-E6A4A95E4887}" => removed successfully
C:\WINDOWS\System32\Tasks\Avast Software\Overseer => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Avast Software\Overseer" => removed successfully
"HKU\S-1-5-21-1075233761-366340723-250184798-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully
"Firefox homepage" => removed successfully
C:\WINDOWS\NvTelemetryContainerRecovery.bat => moved successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
========= RemoveProxy: =========
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully
"HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully
"HKU\S-1-5-21-1075233761-366340723-250184798-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\S-1-5-21-1075233761-366340723-250184798-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully
========= End of RemoveProxy: =========
========= netsh winsock reset =========
El cat logo Winsock se restableci¢ correctamente.
Debe reiniciar el equipo para completar el restablecimiento.
========= End of CMD: =========
========= ipconfig /renew =========
Configuraci¢n IP de Windows
========= End of CMD: =========
========= ipconfig /flushdns =========
Configuraci¢n IP de Windows
No se puede vaciar la cach‚ de resoluci¢n de DNS: Error de una funci¢n durante la ejecuci¢n.
========= End of CMD: =========
========= bitsadmin /reset /allusers =========
BITSADMIN version 3.0
BITS administration utility.
(C) Copyright Microsoft Corp.
Unable to connect to BITS - 0x8007043c
El servicio no puede iniciarse en modo a prueba de errores
========= End of CMD: =========
========= netsh advfirewall reset =========
Error al intentar ponerse en contacto con el servicio Firewall de Windows Defender. Aseg£rate de que el servicio se est ejecutando e intenta la solicitud de nuevo.
========= End of CMD: =========
========= netsh advfirewall set allprofiles state ON =========
Error al intentar ponerse en contacto con el servicio Firewall de Windows Defender. Aseg£rate de que el servicio se est ejecutando e intenta la solicitud de nuevo.
========= End of CMD: =========
========= netsh int ipv4 reset =========
No hay valores configurados por el usuario para restablecer.
========= End of CMD: =========
========= netsh int ipv6 reset =========
No hay valores configurados por el usuario para restablecer.
========= End of CMD: =========
=========== EmptyTemp: ==========
BITS transfer queue => 10510336 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 12645886 B
Java, Flash, Steam htmlcache => 31273564 B
Windows/system/drivers => 1929450 B
Edge => 155160 B
Chrome => 61735700 B
Firefox => 26947960 B
Opera => 333886 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 38807 B
LocalService => 0 B
LocalService => 0 B
NetworkService => 5732 B
NetworkService => 0 B
Javi => 277517431 B
RecycleBin => 13662579 B
EmptyTemp: => 416.5 MB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 17:44:20 ====Hola.
Te falto comentar como sigue el problema inicialmente planteado. 
Cierto Javier, sorry.
La verdad es que sólo he podido trastear 10 minutos con el PC después del análisis, pero iba muy bien y la CPU funcionaba con mormalidad. De todos modos, mañana le daré más caña a ver como se comporta.
Mañana confirmo si está todo ok.
¿Tenía bicho?
Mil gracias.
Perfecto.
Efectivamente tenias infeccion por “AutoIT”, que YA eliminamos al hacer los últimos pasos.
No realices pasos/acciones que NOSOTROS no te hayamos indicado.
No descargues NADA de Internet y/o conectes dispositivos externos a tu equipo.
No instales NADA (programas/software/complementos/extensiones del navegador…)
No ejecutes otros programas de seguridad (Antivirus, Antimalware, ANTINADA…)
No realices por tu cuenta otros procedimientos.
Usa tu equipo EXCLUSIVAMENTE para desinfectarlo/arreglarlo siguiendo nuestras indicaciones.
Saludos.
Hola Javier, El PC funciona ahora si muy bien, el problema es que no consigo reproducir audio. He intentado con el solucionador de problemas y nada.
Y ese problema del audio desde cuando lo tienes…??
Solucionado Javier, tanto el audio como el tema de la CPU. Muchas gracias
Y como quedó finalmente solucionado el tema del Audio…??
Pues no sé cómo se solucionó, la verdad. Simplemente he reiniciado y listo.
Ahhhh… entendido, eso es muy habitual que una vez que se usa el solucionador de problemas hay que REINICIAR para que se solucione el problema.
Todo en orden entonces…??
Sí si, todo perfectamente muchas gracias.
Perfecto @Musk excelente, nos alegra ver que ya está el problema inicial completamente arreglado, ahora solo queda eliminar las herramientas usadas.
Para hacerlo descarga DelFix.exe en tu escritorio.
-
Doble clic para ejecutarlo. (Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona - Ejecutar como Administrador -).
-
Marca todas las casillas, y pulsas en Run
Se abrirá el informe (DelFix.txt), puedes cerrarlo.
Para cualquier otro problema, no dudes en volver a postear., ya sabes dónde estamos.
Tema Solucionado.
Saludos, Javier.