Hola, apenas me entero que tengo de DNS “Utopia.net” lo busqué en google y al parecer es un malware, como lo soluciono?
Hola @yeah bienvenido al Forospyware
Realiza los siguientes pasos, aunque hayas hecho alguno, sin cambiar el orden:
1) Descarga, actualiza y ejecuta Malwarebytes’ Anti-Malware, revisa en detalle el manual, para que sepas usarlo y configurarlo.
- Realiza un Análisis personalizado, actualizando si te lo pide.
- Pulsar en “Cuarentena seleccionado” para enviarlo a la cuarentena y Reinicias el sistema.
- En el apartado del manual Informes
Informe de análisis encontrarás el reporte de MBAM, clic en Exportar Copiar al portapapeles.
2) Descarga AdwCleaner | InfoSpyware en el escritorio.
- Desactiva temporalmente el Antivirus Cómo deshabilitar temporalmente su Antivirus.
- Cierra también todos los programas que tengas abiertos.
- Ejecuta Adwcleaner.exe (Si usas Windows Vista/7 u 8 presiona clic derecho y selecciona "Ejecutar como Administrador".)
- Pulsar en el botón Escanear, y espera a que se realice el proceso, inmediatamente pulsa sobre el botón Limpiar.
- Espera a que se complete y sigue las instrucciones, si te pidiera Reiniciar el sistema Aceptas.
- Guardas el reporte que te aparecerá, para copiarlo y pegarlo en tu próxima respuesta.
- El informe también se puede encontrar en C:\AdwCleaner\AdwCleaner[C1].txt
3) Descarga CCleaner
- Instala Ccleaner
- Abres Ccleaner en la pestaña limpiador dejas como esta configurada predeterminadamente, haces clic en analizar esperas que termine clic en ejecutar limpiador
- Clic en la pestaña Registro clic en buscar problemas esperas que termine clic en Reparar Seleccionadas y haces una copia de seguridad
- Vuelves a darle clic en buscar problemas hasta que no encuentre ninguno.
Pega los reportes de Malwarebytes y AdwCleaner y comentas como va el problema.
Un saludo
AdwCleaner:
# -------------------------------
# Malwarebytes AdwCleaner 8.0.0.0
# -------------------------------
# Build: 11-21-2019
# Database: 2019-11-26.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 12-10-2019
# Duration: 00:00:24
# OS: Windows 10 Pro
# Scanned: 35225
# Detected: 0
***** [ Services ] *****
No malicious services found.
***** [ Folders ] *****
No malicious folders found.
***** [ Files ] *****
No malicious files found.
***** [ DLL ] *****
No malicious DLLs found.
***** [ WMI ] *****
No malicious WMI found.
***** [ Shortcuts ] *****
No malicious shortcuts found.
***** [ Tasks ] *****
No malicious tasks found.
***** [ Registry ] *****
No malicious registry entries found.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries found.
***** [ Chromium URLs ] *****
No malicious Chromium URLs found.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries found.
***** [ Firefox URLs ] *****
No malicious Firefox URLs found.
***** [ Preinstalled Software ] *****
No Preinstalled Software found.
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########
MalwareBytes:
Malwarebytes
www.malwarebytes.com
-Detalles del registro-
Fecha del análisis: 10/12/19
Hora del análisis: 18:26
Archivo de registro: b5ab329a-1b93-11ea-9536-b42e993ed774.json
-Información del software-
Versión: 4.0.4.49
Versión de los componentes: 1.0.770
Versión del paquete de actualización: 1.0.15954
Licencia: Gratis
-Información del sistema-
SO: Windows 10 (Build 18362.476)
CPU: x64
Sistema de archivos: NTFS
Usuario: DESKTOP-C3ALJHQ\Manuu
-Resumen del análisis-
Tipo de análisis: Análisis de amenazas
Análisis iniciado por:: Manual
Resultado: Completado
Objetos analizados: 290928
Amenazas detectadas: 3
Amenazas en cuarentena: 3
Tiempo transcurrido: 2 min, 17 seg
-Opciones de análisis-
Memoria: Activado
Inicio: Activado
Sistema de archivos: Activado
Archivo: Activado
Rootkits: Desactivado
Heurística: Activado
PUP: Detectar
PUM: Detectar
-Detalles del análisis-
Proceso: 0
(No hay elementos maliciosos detectados)
Módulo: 0
(No hay elementos maliciosos detectados)
Clave del registro: 0
(No hay elementos maliciosos detectados)
Valor del registro: 0
(No hay elementos maliciosos detectados)
Datos del registro: 0
(No hay elementos maliciosos detectados)
Secuencia de datos: 0
(No hay elementos maliciosos detectados)
Carpeta: 0
(No hay elementos maliciosos detectados)
Archivo: 3
RiskWare.DontStealOurSoftware, C:\WINDOWS\SYSTEM32\DRIVERS\ETC\HOSTS, Sustituido, 5293, 353142, 1.0.15954, , ame,
RiskWare.DontStealOurSoftware, C:\WINDOWS\SYSTEM32\DRIVERS\ETC\HOSTS, Sustituido, 5293, 353142, 1.0.15954, , ame,
RiskWare.DontStealOurSoftware, C:\WINDOWS\SYSTEM32\DRIVERS\ETC\HOSTS, Sustituido, 5293, 543391, 1.0.15954, , ame,
Sector físico: 0
(No hay elementos maliciosos detectados)
WMI: 0
(No hay elementos maliciosos detectados)
(end)
Gracias por responder, no detecto nada
Hola
AdwCleaner no detectó nada, pero Malwarebytes si, cómo sigue el problema?
Un saludo
Hola, el problema persiste
Configuración IP de Windows
Adaptador de Ethernet Ethernet:
Sufijo DNS específico para la conexión. . : utopia.net
Vínculo: dirección IPv6 local. . . : fe80::1404:1be5:800f:1e50%17
Dirección IPv4. . . . . . . . . . . . . . : 192.168.0.71
Máscara de subred . . . . . . . . . . . . : 255.255.255.0
Puerta de enlace predeterminada . . . . . : 192.168.0.1
Adaptador de LAN inalámbrica Wi-Fi:
Estado de los medios. . . . . . . . . . . : medios desconectados
Sufijo DNS específico para la conexión. . :
Adaptador de LAN inalámbrica Conexión de área local* 9:
Estado de los medios. . . . . . . . . . . : medios desconectados
Sufijo DNS específico para la conexión. . :
Adaptador de LAN inalámbrica Conexión de área local* 10:
Estado de los medios. . . . . . . . . . . : medios desconectados
Sufijo DNS específico para la conexión. . :
Hola
Desactiva temporalmente el Antivirus >> Cómo deshabilitar temporalmente su Antivirus
Descarga Farbar Recovery Scan Tool.en el escritorio, seleccionando la versión adecuada para la arquitectura(32 o 64bits) de tu equipo. ¿Cómo saber si mi Windows es de 32 o 64 bits.?
- Ejecuta FRST.exe.
- En el mensaje de la ventana del Disclaimer, pulsamos Yes
- En la ventana principal pulsamos en el botón Scan y esperamos a que concluya el proceso.
- Se abrirán dos(2) archivos(Logs), Frst.txt y Addition.txt, estos quedaran grabados en el escritorio.
Pon los dos reportes generados.
Debes copiarlos y pegarlos con todo su contenido y usaras varios mensajes si recibes un mensaje de error indicando que es muy largo(mas de 50.000 caracteres aprox.).
Un saludo.
Gracias por tu respuesta!
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 07-12-2019
Ran by Manuu (administrator) on DESKTOP-C3ALJHQ (Gigabyte Technology Co., Ltd. B450 AORUS M) (10-12-2019 21:00:38)
Running from C:\Users\Manuu\Desktop
Loaded Profiles: Manuu (Available Profiles: Manuu)
Platform: Windows 10 Pro Version 1903 18362.476 (X64) Language: Español (España, internacional)
Default browser: "D:\Archivos de programa\AppData\Local\Vivaldi\Application\vivaldi.exe" -- "%1"
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
() [File not signed] C:\Program Files\AMD\Performance Profile Client\RyzenMaster\AUEPRyzenMasterAC.exe
(Adobe Inc. -> Adobe Inc) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe
(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Inc. -> Adobe) D:\Archivos de programa\Adobe\Adobe Audition 2020\Adobe Audition.exe
(Adobe Inc. -> Adobe) D:\Archivos de programa\Adobe\Adobe Audition 2020\dynamiclinkmanager.exe
(Adobe Systems, Incorporated -> Adobe Systems Inc.) D:\Archivos de programas (x86)\Adobe\Acrobat DC\Acrobat\acrotray.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amdow.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\c0348851.inf_amd64_f427aea67cb09eda\B348820\atieclxx.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\c0348851.inf_amd64_f427aea67cb09eda\B348820\atiesrxx.exe
(AMD) [File not signed] C:\Program Files\AMD\Performance Profile Client\AUEPLauncher.exe
(AMD) [File not signed] C:\Program Files\AMD\Performance Profile Client\AUEPMaster.exe
(AMD) [File not signed] C:\Program Files\AMD\Performance Profile Client\AUEPUF.exe
(AVAST Software s.r.o. -> AVAST Software) D:\Archivos de programa\AVAST Software\afwServ.exe
(AVAST Software s.r.o. -> AVAST Software) D:\Archivos de programa\AVAST Software\AvastSvc.exe
(AVAST Software s.r.o. -> AVAST Software) D:\Archivos de programa\AVAST Software\AvastUI.exe
(AVAST Software s.r.o. -> AVAST Software) D:\Archivos de programa\AVAST Software\AvastUI.exe
(AVAST Software s.r.o. -> AVAST Software) D:\Archivos de programa\AVAST Software\wsc_proxy.exe
(Google LLC -> ) C:\Program Files\Google\Drive File Stream\35.0.13.0\crashpad_handler.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\schtasks.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SecurityHealthHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1911.3-0\MsMpEng.exe
(Piriform Software Ltd -> Piriform Ltd) D:\Program Files\CCleaner\CCleaner64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe
(Shenzhen Huion Animation Technology Co.,LTD -> Graphic Tablet Company Shenzhen) C:\PenTabletDriver\TabletDriver.exe
(Slack Technologies, Inc. -> Slack Technologies Inc.) C:\Users\Manuu\AppData\Local\slack\app-4.1.2\slack.exe
(Slack Technologies, Inc. -> Slack Technologies Inc.) C:\Users\Manuu\AppData\Local\slack\app-4.1.2\slack.exe
(Slack Technologies, Inc. -> Slack Technologies Inc.) C:\Users\Manuu\AppData\Local\slack\app-4.1.2\slack.exe
(Slack Technologies, Inc. -> Slack Technologies Inc.) C:\Users\Manuu\AppData\Local\slack\app-4.1.2\slack.exe
(SUPERAntiSpyware.com -> SUPERAntiSpyware.com) D:\Program Files\SUPERAntiSpyware\SASCore64.exe
(Support.com, Inc. -> SUPERAntiSpyware) D:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
(Vivaldi Technologies AS -> Vivaldi Technologies AS) D:\Archivos de programa\AppData\Local\Vivaldi\Application\update_notifier.exe
(Vivaldi Technologies AS -> Vivaldi Technologies AS) D:\Archivos de programa\AppData\Local\Vivaldi\Application\vivaldi.exe
(Vivaldi Technologies AS -> Vivaldi Technologies AS) D:\Archivos de programa\AppData\Local\Vivaldi\Application\vivaldi.exe
(Vivaldi Technologies AS -> Vivaldi Technologies AS) D:\Archivos de programa\AppData\Local\Vivaldi\Application\vivaldi.exe
(Vivaldi Technologies AS -> Vivaldi Technologies AS) D:\Archivos de programa\AppData\Local\Vivaldi\Application\vivaldi.exe
(Vivaldi Technologies AS -> Vivaldi Technologies AS) D:\Archivos de programa\AppData\Local\Vivaldi\Application\vivaldi.exe
(Vivaldi Technologies AS -> Vivaldi Technologies AS) D:\Archivos de programa\AppData\Local\Vivaldi\Application\vivaldi.exe
(Vivaldi Technologies AS -> Vivaldi Technologies AS) D:\Archivos de programa\AppData\Local\Vivaldi\Application\vivaldi.exe
(Vivaldi Technologies AS -> Vivaldi Technologies AS) D:\Archivos de programa\AppData\Local\Vivaldi\Application\vivaldi.exe
(Vivaldi Technologies AS -> Vivaldi Technologies AS) D:\Archivos de programa\AppData\Local\Vivaldi\Application\vivaldi.exe
(Vivaldi Technologies AS -> Vivaldi Technologies AS) D:\Archivos de programa\AppData\Local\Vivaldi\Application\vivaldi.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2872400 2019-09-25] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [TabletDriver] => C:\PenTabletDriver\TabletDriver.exe [3160448 2018-11-12] (Shenzhen Huion Animation Technology Co.,LTD -> Graphic Tablet Company Shenzhen)
HKLM\...\Run: [RtkAudUService] => C:\Windows\System32\RtkAudUService64.exe [856288 2019-10-29] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [AvastUI.exe] => D:\Archivos de programa\AVAST Software\AvLaunch.exe [268680 2019-11-22] (AVAST Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => D:\Archivos de programas (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [1870928 2017-02-17] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\RunOnce: [GrpConv] => grpconv -o
HKU\S-1-5-21-4099755853-2960477214-752941415-1001\...\Run: [Vivaldi Update Notifier] => D:\Archivos de programa\AppData\Local\Vivaldi\Application\update_notifier.exe [1876040 2019-10-14] (Vivaldi Technologies AS -> Vivaldi Technologies AS)
HKU\S-1-5-21-4099755853-2960477214-752941415-1001\...\Run: [CCleaner Smart Cleaning] => D:\Program Files\CCleaner\CCleaner64.exe [24552064 2019-10-16] (Piriform Software Ltd -> Piriform Ltd)
HKU\S-1-5-21-4099755853-2960477214-752941415-1001\...\Run: [CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [144008 2019-10-22] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-4099755853-2960477214-752941415-1001\...\Run: [Adobe Acrobat Synchronizer] => D:\Archivos de programas (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [886352 2017-02-17] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
HKU\S-1-5-21-4099755853-2960477214-752941415-1001\...\Run: [SUPERAntiSpyware] => D:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [9198000 2019-10-23] (Support.com, Inc. -> SUPERAntiSpyware)
HKU\S-1-5-21-4099755853-2960477214-752941415-1001\...\MountPoints2: {5898a1c1-fb12-11e9-b764-b42e993ed774} - "E:\autorun.exe" `PLEASE DOUBLE CLICK TO START.html`
GroupPolicy: Restriction ? <==== ATTENTION
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0A02614C-F794-4CFE-8515-DC63D8E7EE5C} - System32\Tasks\CCleaner Update => D:\Program Files\CCleaner\CCUpdate.exe [608384 2019-10-16] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {0C48212D-6D63-427F-97EC-A7107088CCF1} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MpCmdRun.exe [469648 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {1465599C-DC21-4922-8F17-63C32F2CB512} - System32\Tasks\Avast Emergency Update => D:\Archivos de programa\AVAST Software\AvEmUpdate.exe [3933576 2019-11-22] (AVAST Software s.r.o. -> AVAST Software)
Task: {1BBEFDE5-7B89-45D4-A9F1-E281F5649852} - System32\Tasks\SUPERAntiSpyware Scheduled Task 7855a667-da23-40a6-83e0-d732948b7822 => D:\Program Files\SUPERAntiSpyware\SASTask.exe [49944 2013-11-07] (SUPERAntiSpyware.com -> SUPERAdBlocker.com)
Task: {32E037A7-0631-4806-AA73-8FD0CF4EEF52} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1240656 2019-09-10] (Adobe Inc. -> Adobe Systems)
Task: {34556360-417E-4D5C-9577-E315CB3886B4} - System32\Tasks\SUPERAntiSpyware Scheduled Task 6559c879-a245-49ea-aa8c-23c5d206d30a => D:\Program Files\SUPERAntiSpyware\SASTask.exe [49944 2013-11-07] (SUPERAntiSpyware.com -> SUPERAdBlocker.com)
Task: {47530356-E5EC-4928-B7DC-3415DA333D0D} - System32\Tasks\CCleanerSkipUAC => D:\Program Files\CCleaner\CCleaner.exe [18458752 2019-10-16] (Piriform Software Ltd -> Piriform Ltd)
Task: {47828DEB-C814-43C3-9D47-26F8A62FD829} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MpCmdRun.exe [469648 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {499B2024-78BB-412F-B5BA-613ED7FA5345} - System32\Tasks\AMDLinkUpdate => C:\Program Files\AMD\CIM\BIN64\InstallManagerApp.exe [468992 2019-11-15] (Advanced Micro Devices, Inc.) [File not signed]
Task: {59D9260E-1432-4F95-ABD6-9C420FE37A07} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\RSServCmd.exe [68280 2019-11-15] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {5F2184C6-DD8C-4D76-A4AF-622FD9101CE4} - System32\Tasks\Red Giant Link => C:\Program Files\Red Giant Link\Red Giant Link.exe
Task: {64DE846B-59B5-4DC3-B309-FA3725E4E320} - System32\Tasks\ModifyLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [468992 2019-11-15] (Advanced Micro Devices, Inc.) [File not signed]
Task: {7684E439-5D14-47E6-8712-4426296F9244} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MpCmdRun.exe [469648 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {8E839A88-D1B8-4E4B-8D2F-2A06D246BFA5} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [61112 2019-11-15] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {9B0DDD35-EB0A-4115-BA14-8EA9A0549CA5} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MpCmdRun.exe [469648 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {A8D5A559-F868-4B66-A7BB-F0CD65FD4444} - System32\Tasks\StartCNBM => C:\Program Files\AMD\CNext\CNext\cncmd.exe [61112 2019-11-15] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {C07F3083-6D0F-4B53-9E70-FB738CE8330C} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [1873288 2019-11-22] (AVAST Software s.r.o. -> AVAST Software)
Task: {FCB2CEF3-9DE4-431D-9939-92B1FCE6BD87} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2872400 2019-09-25] (Adobe Inc. -> Adobe Systems, Incorporated)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 6559c879-a245-49ea-aa8c-23c5d206d30a.job => D:\Program Files\SUPERAntiSpyware\SASTask.exedD:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
Task: C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 7855a667-da23-40a6-83e0-d732948b7822.job => D:\Program Files\SUPERAntiSpyware\SASTask.exedD:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{864e28a4-8da3-43ec-9cb1-afb7e5bf9474}: [DhcpNameServer] 100.72.3.117 100.72.3.101
Tcpip\..\Interfaces\{de700586-4a1a-4f9d-be98-3671d3aea0c9}: [DhcpNameServer] 192.168.0.1
Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2017-02-17] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2017-02-17] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2017-02-17] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2017-02-17] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2017-02-17] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2017-02-17] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
FireFox:
========
FF DefaultProfile: 33yuzz9o.default
FF ProfilePath: C:\Users\Manuu\AppData\Roaming\Mozilla\Firefox\Profiles\33yuzz9o.default [2019-10-24]
FF ProfilePath: C:\Users\Manuu\AppData\Roaming\Mozilla\Firefox\Profiles\qkaghcq0.default-release [2019-12-10]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - D:\Archivos de programas (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn
FF Extension: (Adobe Acrobat DC - Create PDF) - D:\Archivos de programas (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn [2019-12-10] [Legacy]
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-01-23] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> D:\Archivos de programas (x86)\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Acrobat -> D:\Archivos de programas (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2017-02-17] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-01-23] (Adobe Systems Incorporated -> Adobe Systems)
Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 !SASCORE; D:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [173472 2017-01-30] (SUPERAntiSpyware.com -> SUPERAntiSpyware.com)
S4 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3147344 2019-09-25] (Adobe Inc. -> Adobe Systems, Incorporated)
S4 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2914896 2019-09-25] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AMD External Events Utility; C:\Windows\System32\DriverStore\FileRepository\c0348851.inf_amd64_f427aea67cb09eda\B348820\atiesrxx.exe [509144 2019-11-18] (Advanced Micro Devices, Inc. -> AMD)
S3 aswbIDSAgent; D:\Archivos de programa\AVAST Software\aswidsagent.exe [6085360 2019-11-22] (AVAST Software s.r.o. -> AVAST Software)
R2 AUEPLauncher; C:\Program Files\AMD\Performance Profile Client\AUEPLauncher.exe [43008 2019-11-15] (AMD) [File not signed]
R2 avast! Antivirus; D:\Archivos de programa\AVAST Software\AvastSvc.exe [996880 2019-11-22] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Firewall; D:\Archivos de programa\AVAST Software\afwServ.exe [417536 2019-11-22] (AVAST Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; D:\Archivos de programa\AVAST Software\wsc_proxy.exe [57504 2019-11-22] (AVAST Software s.r.o. -> AVAST Software)
R2 RtkAudioUniversalService; C:\Windows\System32\RtkAudUService64.exe [856288 2019-10-29] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5796168 2019-09-09] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\NisSrv.exe [3206472 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MsMpEng.exe [103376 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 amdgpio2; C:\Windows\System32\drivers\amdgpio2.sys [45832 2019-10-01] (Advanced Micro Devices INC. -> Advanced Micro Devices, Inc)
R3 amdgpio3; C:\Windows\System32\drivers\amdgpio3.sys [24424 2016-08-12] (AMD PMP-PE CB Code Signer v20160415 -> Advanced Micro Devices, Inc)
S3 amdkmcsp; C:\Windows\system32\DRIVERS\amdkmcsp.sys [101232 2017-06-12] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc. )
R3 amdkmdag; C:\Windows\System32\DriverStore\FileRepository\c0348851.inf_amd64_f427aea67cb09eda\B348820\atikmdag.sys [60670888 2019-11-18] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\Windows\System32\DriverStore\FileRepository\c0348851.inf_amd64_f427aea67cb09eda\B348820\atikmpag.sys [598232 2019-11-18] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [103456 2019-10-07] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R3 AMDPCIDev; C:\Windows\System32\drivers\AMDPCIDev.sys [31592 2018-04-25] (Advanced Micro Devices Inc. -> Advanced Micro Devices)
R0 amdpsp; C:\Windows\System32\DRIVERS\amdpsp.sys [243048 2017-06-12] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc. )
R2 AMDRyzenMasterDriver; C:\Program Files\AMD\Performance Profile Client\RyzenMaster\AMDRyzenMasterDriver.sys [70304 2017-11-16] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [204824 2019-11-22] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [274456 2019-11-22] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [209552 2019-11-22] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [65120 2019-11-22] (AVAST Software s.r.o. -> AVAST Software)
R0 aswElam; C:\Windows\System32\drivers\aswElam.sys [16304 2019-11-22] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [42736 2019-11-22] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [161544 2019-11-22] (AVAST Software s.r.o. -> AVAST Software)
R1 aswNetSec; C:\Windows\System32\drivers\aswNetSec.sys [552848 2019-11-22] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [110320 2019-11-22] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [83792 2019-11-22] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [848432 2019-11-22] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [460448 2019-11-22] (AVAST Software s.r.o. -> AVAST Software)
S2 aswStm; C:\Windows\System32\drivers\aswStm.sys [236024 2019-11-22] (AVAST Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [316528 2019-11-22] (AVAST Software s.r.o. -> AVAST Software)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWT6.sys [108152 2019-07-24] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
R1 EneIo; C:\Windows\system32\drivers\ene.sys [17624 2019-05-22] (Microsoft Windows Hardware Compatibility Publisher -> )
S3 gdrv2; C:\Windows\gdrv2.sys [32600 2019-10-16] (GIGA-BYTE Technology Co., Ltd. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
U4 googledrivefs2789; C:\Windows\System32\DRIVERS\googledrivefs2789.sys [123736 2019-11-13] (Google LLC -> Google, Inc.)
S3 GVCIDrv; C:\Program Files (x86)\GIGABYTE\RGBFusion\GVCIDrv64.sys [16712 2019-01-15] (GIGA-BYTE TECHNOLOGY CO., LTD. -> )
R3 netr28ux; C:\Windows\System32\drivers\netr28ux.sys [2224128 2019-03-19] (Microsoft Windows -> MediaTek Inc.)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [662528 2019-03-19] (Microsoft Windows -> Realtek )
R1 SASDIFSV; D:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (Support.com, Inc. -> SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; D:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (Support.com, Inc. -> SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 tap0901; C:\Windows\System32\drivers\tap0901.sys [27136 2016-04-21] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
S3 tapnordvpn; C:\Windows\System32\drivers\tapnordvpn.sys [44896 2018-07-24] (TEFINCOM S.A. -> The OpenVPN Project)
R2 UI5IFS; D:\Archivos de programas (x86)\Ashampoo\Ashampoo UnInstaller 8\IFS64.sys [40520 2019-01-17] (Ashampoo GmbH & Co. KG -> )
R3 vmulti; C:\Windows\System32\drivers\vmulti.sys [10752 2014-09-17] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [45664 2019-12-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [355760 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [54192 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 WinRing0_1_2_0; C:\Program Files (x86)\GIGABYTE\RGBFusion\MODAPI.sys [14544 2019-10-26] (Noriyuki MIYAZAKI -> OpenLibSys.org)
R1 ZAM_Guard; C:\Windows\System32\drivers\zamguard64.sys [203680 2019-12-10] (Zemana Ltd. -> Zemana Ltd.)
S1 ZAM; \??\C:\Windows\System32\drivers\zam64.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ===================
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-12-10 21:00 - 2019-12-10 21:01 - 000024729 _____ C:\Users\Manuu\Desktop\FRST.txt
2019-12-10 21:00 - 2019-12-10 21:00 - 000000000 ____D C:\FRST
2019-12-10 20:59 - 2019-12-10 20:59 - 002263552 _____ (Farbar) C:\Users\Manuu\Desktop\FRST64.exe
2019-12-10 18:24 - 2019-12-10 18:24 - 000000000 ____D C:\AdwCleaner
2019-12-10 16:49 - 2019-12-10 16:49 - 000000000 ____D C:\Users\Manuu\AppData\LocalLow\uTorrent
2019-12-10 12:42 - 2019-12-10 12:42 - 000000000 ____D C:\ProgramData\EnigmaSoft Limited
2019-12-10 12:41 - 2019-12-10 21:01 - 000181633 _____ C:\Windows\ZAM_Guard.krnl.trace
2019-12-10 12:41 - 2019-12-10 13:10 - 000117370 _____ C:\Windows\ZAM.krnl.trace
2019-12-10 12:41 - 2019-12-10 12:41 - 000203680 _____ (Zemana Ltd.) C:\Windows\system32\Drivers\zamguard64.sys
2019-12-07 13:08 - 2019-12-07 23:31 - 000000430 __RSH C:\ProgramData\ntuser.pol
2019-12-07 00:29 - 2019-12-07 00:29 - 000000000 ____D C:\Program Files\Google
2019-12-07 00:29 - 2019-11-13 08:42 - 000123736 ____N (Google, Inc.) C:\Windows\system32\Drivers\googledrivefs2789.sys
2019-12-07 00:28 - 2019-12-10 15:40 - 000000000 ____D C:\Program Files (x86)\Google
2019-12-06 18:06 - 2019-12-06 18:06 - 000001151 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Premiere Pro 2019.lnk
2019-12-06 12:53 - 2019-12-06 13:45 - 000001415 _____ C:\Users\Manuu\Desktop\Notes.txt
2019-12-01 09:01 - 2019-12-01 09:10 - 000000000 ____D C:\Users\Manuu\AppData\Roaming\Psiphon3
2019-12-01 08:44 - 2019-12-01 08:44 - 000000000 ____D C:\ProgramData\Caphyon
2019-12-01 02:43 - 2019-12-01 08:51 - 000000000 ____D C:\Program Files\AVAST Software
2019-11-30 23:14 - 2019-12-10 12:17 - 000000542 _____ C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 7855a667-da23-40a6-83e0-d732948b7822.job
2019-11-30 23:14 - 2019-12-10 12:17 - 000000542 _____ C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 6559c879-a245-49ea-aa8c-23c5d206d30a.job
2019-11-30 23:14 - 2019-12-10 00:36 - 000003384 _____ C:\Windows\system32\Tasks\SUPERAntiSpyware Scheduled Task 6559c879-a245-49ea-aa8c-23c5d206d30a
2019-11-30 23:14 - 2019-12-10 00:36 - 000003126 _____ C:\Windows\system32\Tasks\SUPERAntiSpyware Scheduled Task 7855a667-da23-40a6-83e0-d732948b7822
2019-11-30 23:14 - 2019-11-30 23:14 - 000000930 _____ C:\Users\Public\Desktop\SUPERAntiSpyware Professional.lnk
2019-11-30 23:14 - 2019-11-30 23:14 - 000000000 ____D C:\Users\Manuu\AppData\Roaming\SUPERAntiSpyware.com
2019-11-30 23:14 - 2019-11-30 23:14 - 000000000 ____D C:\ProgramData\SUPERAntiSpyware.com
2019-11-30 23:14 - 2019-11-30 23:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2019-11-27 00:04 - 2019-11-27 00:04 - 000063963 _____ C:\Users\Manuu\Desktop\Precaria (1).pdf
2019-11-23 15:11 - 2019-12-10 16:07 - 000000000 ____D C:\Users\Manuu\AppData\Roaming\vlc
2019-11-23 15:11 - 2019-11-23 15:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2019-11-22 18:45 - 2019-11-22 18:45 - 000000000 ____D C:\Users\Manuu\Creative Cloud Files
2019-11-22 18:02 - 2019-11-22 18:02 - 000000995 _____ C:\Users\Public\Desktop\Avast Premium Security.lnk
2019-11-22 18:02 - 2019-11-22 18:02 - 000000995 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Premium Security.lnk
2019-11-22 18:02 - 2019-11-22 18:02 - 000000000 ____D C:\Users\Manuu\AppData\Roaming\AVAST Software
2019-11-22 18:01 - 2019-12-10 00:36 - 000000000 ____D C:\Windows\system32\Tasks\Avast Software
2019-11-22 18:01 - 2019-12-02 14:02 - 000004266 _____ C:\Windows\system32\Tasks\Avast Emergency Update
2019-11-22 18:01 - 2019-11-22 18:01 - 000848432 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2019-11-22 18:01 - 2019-11-22 18:01 - 000460448 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2019-11-22 18:01 - 2019-11-22 18:01 - 000316528 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2019-11-22 18:01 - 2019-11-22 18:01 - 000236024 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2019-11-22 18:01 - 2019-11-22 18:01 - 000161544 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2019-11-22 18:01 - 2019-11-22 18:01 - 000110320 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2019-11-22 18:01 - 2019-11-22 18:01 - 000083792 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2019-11-22 18:01 - 2019-11-22 18:01 - 000042736 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2019-11-22 18:01 - 2019-11-22 18:01 - 000016304 _____ (AVAST Software) C:\Windows\system32\Drivers\aswElam.sys
2019-11-22 18:01 - 2019-11-22 18:01 - 000000000 ____D C:\Program Files\Common Files\AVAST Software
2019-11-22 18:01 - 2019-11-22 18:00 - 000552848 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNetSec.sys
2019-11-22 18:01 - 2019-11-22 18:00 - 000355720 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2019-11-22 18:01 - 2019-11-22 18:00 - 000274456 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriver.sys
2019-11-22 18:01 - 2019-11-22 18:00 - 000209552 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsh.sys
2019-11-22 18:01 - 2019-11-22 18:00 - 000204824 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2019-11-22 18:01 - 2019-11-22 18:00 - 000065120 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniv.sys
2019-11-22 17:59 - 2019-12-01 08:51 - 000000000 ____D C:\ProgramData\AVAST Software
2019-11-22 17:53 - 2019-11-22 17:53 - 000000000 ____D C:\Program Files\Malwarebytes
2019-11-22 17:33 - 2019-11-22 17:33 - 000000000 ____D C:\Users\Manuu\AppData\Roaming\Obsidium
2019-11-22 17:22 - 2019-12-10 17:14 - 000000194 _____ C:\Users\Manuu\.vivaldi_reporting_data
2019-11-22 17:06 - 2019-12-10 00:36 - 000002374 _____ C:\Windows\system32\Tasks\StartCNBM
2019-11-22 17:05 - 2019-12-10 00:36 - 000002202 _____ C:\Windows\system32\Tasks\StartCN
2019-11-22 17:05 - 2019-12-10 00:36 - 000002122 _____ C:\Windows\system32\Tasks\StartDVR
2019-11-22 17:05 - 2019-11-22 17:05 - 000000000 ____D C:\Windows\LastGood.Tmp
2019-11-22 17:05 - 2019-11-22 17:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Radeon Settings
2019-11-22 17:05 - 2019-11-22 17:05 - 000000000 ____D C:\Program Files (x86)\AMD
2019-11-21 15:01 - 2019-10-30 02:20 - 005623256 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RltkAPOU64.dll
2019-11-21 15:00 - 2019-10-30 02:20 - 001126344 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtCOM64.dll
2019-11-21 15:00 - 2019-10-30 02:20 - 000481888 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll
2019-11-21 15:00 - 2019-10-29 23:20 - 000856288 _____ (Realtek Semiconductor) C:\Windows\system32\RtkAudUService64.exe
2019-11-21 15:00 - 2019-10-29 23:20 - 000821336 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64U.dll
2019-11-21 15:00 - 2019-10-29 23:20 - 000215032 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll
2019-11-18 11:02 - 2019-11-18 11:02 - 001073312 _____ C:\Windows\system32\vulkan-1-999-0-0-0.dll
2019-11-18 11:02 - 2019-11-18 11:02 - 001073312 _____ C:\Windows\system32\vulkan-1.dll
2019-11-18 11:02 - 2019-11-18 11:02 - 000930112 _____ C:\Windows\SysWOW64\vulkan-1-999-0-0-0.dll
2019-11-18 11:02 - 2019-11-18 11:02 - 000930112 _____ C:\Windows\SysWOW64\vulkan-1.dll
2019-11-18 11:02 - 2019-11-18 11:02 - 000852184 _____ C:\Windows\system32\vulkaninfo-1-999-0-0-0.exe
2019-11-18 11:02 - 2019-11-18 11:02 - 000852184 _____ C:\Windows\system32\vulkaninfo.exe
2019-11-18 11:02 - 2019-11-18 11:02 - 000709848 _____ C:\Windows\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2019-11-18 11:02 - 2019-11-18 11:02 - 000709848 _____ C:\Windows\SysWOW64\vulkaninfo.exe
2019-11-18 11:01 - 2019-11-18 11:01 - 001243560 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atiadlxx.dll
2019-11-18 11:01 - 2019-11-18 11:01 - 000135592 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2019-11-18 11:01 - 2019-11-18 11:01 - 000122280 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2019-11-18 11:01 - 2019-11-18 11:01 - 000020608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\detoured.dll
2019-11-18 11:01 - 2019-11-18 11:01 - 000020392 _____ (Microsoft Corporation) C:\Windows\system32\detoured.dll
2019-11-17 20:31 - 2019-11-17 20:31 - 000001142 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Media Encoder 2020.lnk
2019-11-17 00:38 - 2019-11-17 00:38 - 000000000 ____D C:\ProgramData\Automatic Duck
2019-11-16 21:58 - 2019-11-16 22:03 - 000000000 ____D C:\Users\Manuu\Documents\Wondershare Filmora 9
2019-11-16 21:57 - 2019-11-16 21:58 - 000000000 ____D C:\Users\Public\Documents\Wondershare
2019-11-16 18:09 - 2019-11-16 18:09 - 000001130 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Premiere Pro 2020.lnk
2019-11-14 10:58 - 2019-11-14 10:58 - 025444352 _____ (Microsoft Corporation) C:\Windows\system32\Hydrogen.dll
2019-11-14 10:58 - 2019-11-14 10:58 - 009928208 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2019-11-14 10:58 - 2019-11-14 10:58 - 007754240 _____ (Microsoft Corporation) C:\Windows\system32\Chakra.dll
2019-11-14 10:58 - 2019-11-14 10:58 - 007600448 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Protection.PlayReady.dll
2019-11-14 10:58 - 2019-11-14 10:58 - 006521768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-11-14 10:58 - 2019-11-14 10:58 - 006232576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2019-11-14 10:58 - 2019-11-14 10:58 - 006227104 _____ (Microsoft Corporation) C:\Windows\system32\StartTileData.dll
2019-11-14 10:58 - 2019-11-14 10:58 - 005914112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakra.dll
2019-11-14 10:58 - 2019-11-14 10:58 - 004578816 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2019-11-14 10:58 - 2019-11-14 10:58 - 004129408 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
2019-11-14 10:58 - 2019-11-14 10:58 - 003968512 _____ (Microsoft Corporation) C:\Windows\system32\tellib.dll
2019-11-14 10:58 - 2019-11-14 10:58 - 003791360 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2019-11-14 10:58 - 2019-11-14 10:58 - 003728384 _____ (Microsoft Corporation) C:\Windows\system32\win32kfull.sys
2019-11-14 10:58 - 2019-11-14 10:58 - 003703296 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll
2019-11-14 10:58 - 2019-11-14 10:58 - 003487232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2019-11-14 10:58 - 2019-11-14 10:58 - 003084800 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2019-11-14 10:58 - 2019-11-14 10:58 - 002988344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2019-11-14 10:58 - 2019-11-14 10:58 - 002956472 _____ (Microsoft Corporation) C:\Windows\system32\mfmp4srcsnk.dll
2019-11-14 10:58 - 2019-11-14 10:58 - 002800640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32kfull.sys
2019-11-14 10:58 - 2019-11-14 10:58 - 002763016 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2019-11-14 10:58 - 2019-11-14 10:58 - 002716672 _____ (Microsoft Corporation) C:\Windows\system32\win32kbase.sys
2019-11-14 10:58 - 2019-11-14 10:58 - 002576384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2019-11-14 10:58 - 2019-11-14 10:58 - 002284032 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.onecore.dll
2019-11-14 10:58 - 2019-11-14 10:58 - 002114048 _____ (Microsoft Corporation) C:\Windows\system32\Windows.CloudStore.dll
2019-11-14 10:58 - 2019-11-14 10:58 - 002081976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2019-11-14 10:58 - 2019-11-14 10:58 - 001920512 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2019-11-14 10:58 - 2019-11-14 10:58 - 001866272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmp4srcsnk.dll
2019-11-14 10:58 - 2019-11-14 10:58 - 001748480 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.desktop.dll
2019-11-14 10:58 - 2019-11-14 10:58 - 001743888 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll
2019-11-14 10:58 - 2019-11-14 10:58 - 001664688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2019-11-14 10:58 - 2019-11-14 10:58 - 001656392 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2019-11-14 10:58 - 2019-11-14 10:58 - 001647064 _____ (Microsoft Corporation) C:\Windows\system32\gdi32full.dll
2019-11-14 10:58 - 2019-11-14 10:58 - 001610752 _____ (Microsoft Corporation) C:\Windows\system32\HologramCompositor.dll
2019-11-14 10:58 - 2019-11-14 10:58 - 001413864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32full.dll
2019-11-14 10:58 - 2019-11-14 10:58 - 001399096 _____ (Microsoft Corporation) C:\Windows\system32\hvix64.exe
2019-11-14 10:58 - 2019-11-14 10:58 - 001327064 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2019-11-14 10:58 - 2019-11-14 10:58 - 001312256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjet40.dll
2019-11-14 10:58 - 2019-11-14 10:58 - 001283072 _____ (Microsoft Corporation) C:\Windows\system32\werconcpl.dll
2019-11-14 10:58 - 2019-11-14 10:58 - 001171704 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2019-11-14 10:58 - 2019-11-14 10:58 - 001149712 _____ (Microsoft Corporation) C:\Windows\system32\ApplyTrustOffline.exe
2019-11-14 10:58 - 2019-11-14 10:58 - 001098712 _____ (Microsoft Corporation) C:\Windows\system32\DolbyDecMFT.dll
2019-11-14 10:58 - 2019-11-14 10:58 - 001072952 _____ (Microsoft Corporation) C:\Windows\system32\hvax64.exe
2019-11-14 10:58 - 2019-11-14 10:58 - 001017680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2019-11-14 10:58 - 2019-11-14 10:58 - 001007616 _____ (Microsoft Corporation) C:\Windows\system32\StorSvc.dll
2019-11-14 10:58 - 2019-11-14 10:58 - 000874936 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2019-11-14 10:58 - 2019-11-14 10:58 - 000864256 _____ (Microsoft Corporation) C:\Windows\system32\netlogon.dll
2019-11-14 10:58 - 2019-11-14 10:58 - 000842752 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2019-11-14 10:58 - 2019-11-14 10:58 - 000832000 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll
2019-11-14 10:58 - 2019-11-14 10:58 - 000822200 _____ (Microsoft Corporation) C:\Windows\system32\fontdrvhost.exe
2019-11-14 10:58 - 2019-11-14 10:58 - 000774456 _____ (Microsoft Corporation) C:\Windows\system32\securekernel.exe
2019-11-14 10:58 - 2019-11-14 10:58 - 000768488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2019-11-14 10:58 - 2019-11-14 10:58 - 000765440 _____ (Microsoft Corporation) C:\Windows\system32\spoolsv.exe
2019-11-14 10:58 - 2019-11-14 10:58 - 000747320 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2019-11-14 10:58 - 2019-11-14 10:58 - 000701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Mirage.Internal.dll
2019-11-14 10:58 - 2019-11-14 10:58 - 000689664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2019-11-14 10:58 - 2019-11-14 10:58 - 000679152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2019-11-14 10:58 - 2019-11-14 10:58 - 000673664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontdrvhost.exe
2019-11-14 10:58 - 2019-11-14 10:58 - 000663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netlogon.dll
2019-11-14 10:58 - 2019-11-14 10:58 - 000595968 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2019-11-14 10:58 - 2019-11-14 10:58 - 000578560 _____ (Microsoft Corporation) C:\Windows\system32\SppExtComObj.Exe
2019-11-14 10:58 - 2019-11-14 10:58 - 000551736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Vid.sys
2019-11-14 10:58 - 2019-11-14 10:58 - 000550400 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2019-11-14 10:58 - 2019-11-14 10:58 - 000532480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2019-11-14 10:58 - 2019-11-14 10:58 - 000517432 _____ (Microsoft Corporation) C:\Windows\system32\WerFault.exe
2019-11-14 10:58 - 2019-11-14 10:58 - 000516544 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2019-11-14 10:58 - 2019-11-14 10:58 - 000510792 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2019-11-14 10:58 - 2019-11-14 10:58 - 000496640 _____ (Microsoft Corporation) C:\Windows\system32\werui.dll
2019-11-14 10:58 - 2019-11-14 10:58 - 000477712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2019-11-14 10:58 - 2019-11-14 10:58 - 000466928 _____ (Microsoft Corporation) C:\Windows\system32\Faultrep.dll
2019-11-14 10:58 - 2019-11-14 10:58 - 000465208 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2019-11-14 10:58 - 2019-11-14 10:58 - 000461320 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2019-11-14 10:58 - 2019-11-14 10:58 - 000455168 _____ (Microsoft Corporation) C:\Windows\system32\upnphost.dll
2019-11-14 10:58 - 2019-11-14 10:58 - 000452920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFault.exe
2019-11-14 10:58 - 2019-11-14 10:58 - 000429568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\werui.dll
2019-11-14 10:58 - 2019-11-14 10:58 - 000404904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Faultrep.dll
2019-11-14 10:58 - 2019-11-14 10:58 - 000380944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2019-11-14 10:58 - 2019-11-14 10:58 - 000372752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msrpc.sys
2019-11-14 10:58 - 2019-11-14 10:58 - 000327680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\upnphost.dll
2019-11-14 10:58 - 2019-11-14 10:58 - 000324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32k.sys
2019-11-14 10:58 - 2019-11-14 10:58 - 000283648 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2019-11-14 10:58 - 2019-11-14 10:58 - 000247856 _____ (Microsoft Corporation) C:\Windows\system32\weretw.dll
2019-11-14 10:58 - 2019-11-14 10:58 - 000236032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll
2019-11-14 10:58 - 2019-11-14 10:58 - 000225280 _____ (Microsoft Corporation) C:\Windows\system32\wersvc.dll
2019-11-14 10:58 - 2019-11-14 10:58 - 000224768 _____ (Microsoft Corporation) C:\Windows\system32\DWWIN.EXE
2019-11-14 10:58 - 2019-11-14 10:58 - 000220472 _____ (Microsoft Corporation) C:\Windows\system32\wermgr.exe
2019-11-14 10:58 - 2019-11-14 10:58 - 000201728 _____ (Microsoft Corporation) C:\Windows\system32\AppXApplicabilityBlob.dll
2019-11-14 10:58 - 2019-11-14 10:58 - 000199480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wermgr.exe
2019-11-14 10:58 - 2019-11-14 10:58 - 000193800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\weretw.dll
2019-11-14 10:58 - 2019-11-14 10:58 - 000186880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWWIN.EXE
2019-11-14 10:58 - 2019-11-14 10:58 - 000155136 _____ (Microsoft Corporation) C:\Windows\system32\Chakradiag.dll
2019-11-14 10:58 - 2019-11-14 10:58 - 000154112 _____ (Microsoft Corporation) C:\Windows\system32\dssvc.dll
2019-11-14 10:58 - 2019-11-14 10:58 - 000139776 _____ (Microsoft Corporation) C:\Windows\system32\Chakrathunk.dll
2019-11-14 10:58 - 2019-11-14 10:58 - 000132608 _____ (Microsoft Corporation) C:\Windows\splwow64.exe
2019-11-14 10:58 - 2019-11-14 10:58 - 000128512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tunnel.sys
2019-11-14 10:58 - 2019-11-14 10:58 - 000127064 _____ (Microsoft Corporation) C:\Windows\system32\win32u.dll
2019-11-14 10:58 - 2019-11-14 10:58 - 000126464 _____ (Microsoft Corporation) C:\Windows\system32\WinHvPlatform.dll
2019-11-14 10:58 - 2019-11-14 10:58 - 000125952 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2019-11-14 10:58 - 2019-11-14 10:58 - 000122880 _____ (Microsoft Corporation) C:\Windows\system32\wercplsupport.dll
2019-11-14 10:58 - 2019-11-14 10:58 - 000117248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakradiag.dll
2019-11-14 10:58 - 2019-11-14 10:58 - 000111104 _____ (Microsoft Corporation) C:\Windows\system32\AxInstSv.dll
2019-11-14 10:58 - 2019-11-14 10:58 - 000108032 _____ (Microsoft Corporation) C:\Windows\system32\TpmTasks.dll
2019-11-14 10:58 - 2019-11-14 10:58 - 000105472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakrathunk.dll
2019-11-14 10:58 - 2019-11-14 10:58 - 000099328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2019-11-14 10:58 - 2019-11-14 10:58 - 000093496 _____ (Microsoft Corporation) C:\Windows\system32\hvloader.dll
2019-11-14 10:58 - 2019-11-14 10:58 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\wsqmcons.exe
2019-11-14 10:58 - 2019-11-14 10:58 - 000089568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32u.dll
2019-11-14 10:58 - 2019-11-14 10:58 - 000087552 _____ (Microsoft Corporation) C:\Windows\system32\ApiSetHost.AppExecutionAlias.dll
2019-11-14 10:58 - 2019-11-14 10:58 - 000084488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\winhvr.sys
2019-11-14 10:58 - 2019-11-14 10:58 - 000084488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hvservice.sys
2019-11-14 10:58 - 2019-11-14 10:58 - 000079360 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2019-11-14 10:58 - 2019-11-14 10:58 - 000077824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2019-11-14 10:58 - 2019-11-14 10:58 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\CustomInstallExec.exe
2019-11-14 10:58 - 2019-11-14 10:58 - 000074240 _____ (Microsoft Corporation) C:\Windows\system32\reg.exe
2019-11-14 10:58 - 2019-11-14 10:58 - 000071480 _____ (Microsoft Corporation) C:\Windows\system32\win32appinventorycsp.dll
2019-11-14 10:58 - 2019-11-14 10:58 - 000068096 _____ (Microsoft Corporation) C:\Windows\system32\udhisapi.dll
2019-11-14 10:58 - 2019-11-14 10:58 - 000064512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ApiSetHost.AppExecutionAlias.dll
2019-11-14 10:58 - 2019-11-14 10:58 - 000061952 _____ (Microsoft Corporation) C:\Windows\system32\vss_ps.dll
2019-11-14 10:58 - 2019-11-14 10:58 - 000061240 _____ (Microsoft Corporation) C:\Windows\system32\hvhostsvc.dll
2019-11-14 10:58 - 2019-11-14 10:58 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\AxInstUI.exe
2019-11-14 10:58 - 2019-11-14 10:58 - 000059392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\reg.exe
2019-11-14 10:58 - 2019-11-14 10:58 - 000058368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\udhisapi.dll
2019-11-14 10:58 - 2019-11-14 10:58 - 000047616 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2019-11-14 10:58 - 2019-11-14 10:58 - 000044544 _____ (Microsoft Corporation) C:\Windows\system32\werdiagcontroller.dll
2019-11-14 10:58 - 2019-11-14 10:58 - 000040960 _____ (Microsoft Corporation) C:\Windows\system32\upnpcont.exe
2019-11-14 10:58 - 2019-11-14 10:58 - 000039936 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2019-11-14 10:58 - 2019-11-14 10:58 - 000038912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\werdiagcontroller.dll
2019-11-14 10:58 - 2019-11-14 10:58 - 000035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\upnpcont.exe
2019-11-14 10:58 - 2019-11-14 10:58 - 000026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2019-11-14 10:58 - 2019-11-14 10:58 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2019-11-14 10:58 - 2019-11-14 10:58 - 000021304 _____ (Microsoft Corporation) C:\Windows\system32\kdhvcom.dll
2019-11-14 10:58 - 2019-11-14 10:58 - 000014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2019-11-14 10:58 - 2019-11-14 10:58 - 000013824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDJPN.DLL
2019-11-14 10:58 - 2019-11-14 10:58 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\dstokenclean.exe
2019-11-14 10:58 - 2019-11-14 10:58 - 000011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2019-11-14 10:58 - 2019-11-14 10:58 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kbd106.dll
2019-11-14 10:58 - 2019-11-14 10:58 - 000003072 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2019-11-14 10:58 - 2019-11-14 10:58 - 000002560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2019-11-14 10:55 - 2019-10-17 03:17 - 000492544 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2019-11-14 10:55 - 2019-10-17 03:01 - 000390656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2019-11-12 22:50 - 2019-11-12 22:50 - 000000000 ____D C:\Users\Manuu\Documents\AEJuice
2019-11-11 22:08 - 2019-11-11 22:08 - 000000712 _____ C:\Users\Public\Desktop\PenTabletDriver.lnk
2019-11-11 22:08 - 2019-11-11 22:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PenTabletDriver
2019-11-11 22:08 - 2019-11-11 22:08 - 000000000 ____D C:\Program Files\DIFX
2019-11-11 22:08 - 2019-11-11 22:08 - 000000000 ____D C:\PenTabletDriver
2019-11-11 22:08 - 2018-10-31 14:01 - 000061312 _____ (Graphics Tablet) C:\Windows\SysWOW64\wintab32.dll
2019-11-11 22:08 - 2018-10-31 11:49 - 000068480 _____ (Graphics Tablet) C:\Windows\system32\wintab32.dll
2019-11-11 22:08 - 2016-01-13 13:35 - 001011504 _____ (Microsoft Corporation) C:\Windows\system32\WinUsbCoInstaller2.dll
2019-11-11 22:08 - 2016-01-13 13:34 - 001730360 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01009.dll
2019-11-11 22:08 - 2014-09-17 10:47 - 000010752 _____ (Windows (R) Win 7 DDK provider) C:\Windows\system32\Drivers\vmulti.sys
2019-11-11 22:08 - 2014-09-17 10:47 - 000007680 _____ (Windows (R) Win 7 DDK provider) C:\Windows\system32\Drivers\hidkmdf.sys
2019-11-10 23:19 - 2019-11-11 18:32 - 000000000 ____D C:\Users\Manuu\AppData\Roaming\Descript
2019-11-10 23:19 - 2019-11-10 23:19 - 000002269 _____ C:\Users\Manuu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Descript.lnk
2019-11-10 23:19 - 2019-11-10 23:19 - 000002261 _____ C:\Users\Manuu\Desktop\Descript.lnk
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-12-10 21:00 - 2019-10-15 01:11 - 000000000 ____D C:\Users\Manuu\AppData\Roaming\Slack
2019-12-10 20:58 - 2019-10-14 11:26 - 000000000 ____D C:\Windows\system32\SleepStudy
2019-12-10 20:40 - 2019-03-19 01:52 - 000000000 ___HD C:\Program Files\WindowsApps
2019-12-10 20:40 - 2019-03-19 01:52 - 000000000 ____D C:\Windows\AppReadiness
2019-12-10 20:39 - 2019-03-19 01:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-12-10 19:01 - 2019-03-19 01:52 - 000000000 ___HD C:\Windows\ELAMBKUP
2019-12-10 18:17 - 2019-10-15 00:42 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2019-12-10 18:06 - 2019-03-19 01:52 - 000000000 ____D C:\Windows\system32\NDF
2019-12-10 17:57 - 2019-10-15 00:58 - 000000000 ____D C:\Users\Manuu\AppData\Roaming\uTorrent
2019-12-10 17:57 - 2019-03-19 01:50 - 000000000 ____D C:\Windows\INF
2019-12-10 13:02 - 2019-10-14 16:30 - 000000000 ____D C:\Users\Manuu
2019-12-10 12:27 - 2019-10-14 16:33 - 001773386 _____ C:\Windows\system32\PerfStringBackup.INI
2019-12-10 12:27 - 2019-03-19 08:59 - 000788564 _____ C:\Windows\system32\perfh00A.dat
2019-12-10 12:27 - 2019-03-19 08:59 - 000155854 _____ C:\Windows\system32\perfc00A.dat
2019-12-10 12:18 - 2019-10-15 02:30 - 000003112 _____ C:\Windows\system32\Tasks\AMDLinkUpdate
2019-12-10 12:17 - 2019-10-14 16:47 - 000065536 _____ C:\Windows\system32\spu_storage.bin
2019-12-10 12:17 - 2019-10-14 11:26 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-12-10 12:17 - 2019-03-19 01:37 - 000524288 _____ C:\Windows\system32\config\BBI
2019-12-10 00:36 - 2019-10-27 16:41 - 000002872 _____ C:\Windows\system32\Tasks\Red Giant Link
2019-12-10 00:36 - 2019-10-26 13:32 - 000003482 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task
2019-12-10 00:36 - 2019-10-15 02:30 - 000002392 _____ C:\Windows\system32\Tasks\ModifyLinkUpdate
2019-12-10 00:36 - 2019-10-15 01:34 - 000002988 _____ C:\Windows\system32\Tasks\CCleaner Update
2019-12-10 00:36 - 2019-10-15 01:34 - 000002236 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC
2019-12-08 07:23 - 2019-10-25 19:02 - 000000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2019-12-07 23:27 - 2019-10-14 11:26 - 000000000 ____D C:\Windows\system32\Drivers\wd
2019-12-07 13:07 - 2019-03-19 01:52 - 000000000 ___HD C:\Windows\system32\GroupPolicy
2019-12-06 18:06 - 2019-10-26 12:21 - 000000000 ____D C:\Program Files\Adobe
2019-12-06 18:06 - 2019-10-15 15:49 - 000000000 ____D C:\Users\Public\Documents\Adobe
2019-12-03 22:02 - 2019-10-27 17:19 - 000025265 _____ C:\Users\Manuu\Documents\CIV_LogFile.txt
2019-12-01 09:11 - 2019-10-14 16:47 - 000000000 ____D C:\ProgramData\Package Cache
2019-11-30 23:07 - 2019-10-15 00:49 - 000000000 ___HD C:\temp
2019-11-30 22:51 - 2019-03-19 01:37 - 000032768 _____ C:\Windows\system32\config\ELAM
2019-11-22 23:21 - 2019-10-25 07:55 - 000000278 _____ C:\Users\Manuu\Desktop\Kast Media.txt
2019-11-22 17:11 - 2019-10-14 16:47 - 000000000 ____D C:\AMD
2019-11-22 17:06 - 2019-10-14 16:47 - 000000000 ____D C:\Program Files\AMD
2019-11-22 17:05 - 2019-10-15 00:28 - 000000000 ____D C:\Users\Manuu\AppData\LocalLow\AMD
2019-11-22 17:04 - 2019-03-19 01:52 - 000000000 __RHD C:\Users\Public\Libraries
2019-11-22 17:03 - 2019-10-25 11:52 - 000000060 _____ C:\ProgramData\SoftwareUpdateTemp.xml
2019-11-20 18:34 - 2019-10-27 10:18 - 000000420 _____ C:\Users\Manuu\Desktop\Events Dates.txt
2019-11-18 11:02 - 2017-05-16 13:06 - 000574888 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Rapidfire64.dll
2019-11-18 11:02 - 2017-05-16 13:06 - 000485592 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\Rapidfire.dll
2019-11-18 11:02 - 2017-05-16 13:06 - 000480984 _____ C:\Windows\system32\GameManager64.dll
2019-11-18 11:02 - 2017-05-16 13:06 - 000382400 _____ C:\Windows\SysWOW64\GameManager32.dll
2019-11-18 11:02 - 2017-05-16 13:06 - 000184744 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\mantle64.dll
2019-11-18 11:02 - 2017-05-16 13:06 - 000163752 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\mantleaxl64.dll
2019-11-18 11:02 - 2017-05-16 13:06 - 000153512 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\mantle32.dll
2019-11-18 11:02 - 2017-05-16 13:06 - 000138968 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\mantleaxl32.dll
2019-11-18 11:02 - 2017-05-16 13:06 - 000047528 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\RapidFireServer64.dll
2019-11-18 11:02 - 2017-05-16 13:06 - 000044456 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\RapidFireServer.dll
2019-11-18 11:01 - 2019-10-07 09:45 - 001593256 _____ (AMD) C:\Windows\system32\coinst_19.30.dll
2019-11-18 11:01 - 2017-05-16 13:06 - 003916504 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amfrt64.dll
2019-11-18 11:01 - 2017-05-16 13:06 - 003518400 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amfrt32.dll
2019-11-18 11:01 - 2017-05-16 13:06 - 001714392 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiadlxx.dll
2019-11-18 11:01 - 2017-05-16 13:06 - 001243560 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atiadlxy.dll
2019-11-18 11:01 - 2017-05-16 13:06 - 000761560 _____ (AMD) C:\Windows\system32\atieclxx.exe
2019-11-18 11:01 - 2017-05-16 13:06 - 000494016 _____ C:\Windows\system32\dgtrayicon.exe
2019-11-18 11:01 - 2017-05-16 13:06 - 000469208 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atidemgy.dll
2019-11-18 11:01 - 2017-05-16 13:06 - 000440744 _____ C:\Windows\system32\atieah64.exe
2019-11-18 11:01 - 2017-05-16 13:06 - 000352984 _____ C:\Windows\SysWOW64\atieah32.exe
2019-11-18 11:01 - 2017-05-16 13:06 - 000349608 _____ C:\Windows\system32\clinfo.exe
2019-11-18 11:01 - 2017-05-16 13:06 - 000242904 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6txx.dll
2019-11-18 11:01 - 2017-05-16 13:06 - 000214952 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atigktxx.dll
2019-11-18 11:01 - 2017-05-16 13:06 - 000179584 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\aticfx64.dll
2019-11-18 11:01 - 2017-05-16 13:06 - 000159656 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atisamu64.dll
2019-11-18 11:01 - 2017-05-16 13:06 - 000158216 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\aticfx32.dll
2019-11-18 11:01 - 2017-05-16 13:06 - 000136616 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atisamu32.dll
2019-11-18 11:01 - 2017-05-16 13:06 - 000126376 _____ (AMD) C:\Windows\system32\atimuixx.dll
2019-11-18 11:01 - 2017-05-16 13:06 - 000124632 _____ C:\Windows\system32\atidxx64.dll
2019-11-18 11:01 - 2017-05-16 13:06 - 000121560 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdxc64.dll
2019-11-18 11:01 - 2017-05-16 13:06 - 000107944 _____ C:\Windows\SysWOW64\atidxx32.dll
2019-11-18 11:01 - 2017-05-16 13:06 - 000106200 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdxc32.dll
2019-11-18 11:01 - 2017-05-16 13:06 - 000071080 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\ati2erec.dll
2019-11-18 11:00 - 2019-10-07 09:44 - 059441064 _____ C:\Windows\system32\amdcomgr64.dll
2019-11-18 11:00 - 2019-10-07 09:44 - 049336744 _____ C:\Windows\SysWOW64\amdcomgr.dll
2019-11-18 11:00 - 2017-05-16 13:06 - 000941784 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amdlvr64.dll
2019-11-18 11:00 - 2017-05-16 13:06 - 000769448 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amdlvr32.dll
2019-11-18 11:00 - 2017-05-16 13:06 - 000554408 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdmcl64.dll
2019-11-18 11:00 - 2017-05-16 13:06 - 000473304 _____ C:\Windows\system32\amdgfxinfo64.dll
2019-11-18 11:00 - 2017-05-16 13:06 - 000384424 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdmcl32.dll
2019-11-18 11:00 - 2017-05-16 13:06 - 000382376 _____ C:\Windows\SysWOW64\amdgfxinfo32.dll
2019-11-18 11:00 - 2017-05-16 13:05 - 000554696 _____ C:\Windows\system32\amdmiracast.dll
2019-11-18 11:00 - 2017-05-16 13:05 - 000128736 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atimpc64.dll
2019-11-18 11:00 - 2017-05-16 13:05 - 000128736 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdpcom64.dll
2019-11-18 11:00 - 2017-05-16 13:05 - 000108560 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atimpc32.dll
2019-11-18 11:00 - 2017-05-16 13:05 - 000108352 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdpcom32.dll
2019-11-18 10:59 - 2017-05-16 13:05 - 000135456 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdave64.dll
2019-11-18 10:59 - 2017-05-16 13:05 - 000119856 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdave32.dll
2019-11-15 23:34 - 2017-04-24 19:56 - 003437632 _____ C:\Windows\system32\atiumd6a.cap
2019-11-15 23:34 - 2017-04-24 19:51 - 003471376 _____ C:\Windows\SysWOW64\atiumdva.cap
2019-11-15 23:26 - 2017-04-24 20:06 - 000555880 _____ C:\Windows\SysWOW64\atiapfxx.blb
2019-11-15 23:26 - 2017-04-24 20:06 - 000555880 _____ C:\Windows\system32\atiapfxx.blb
2019-11-14 11:04 - 2019-10-14 11:26 - 000315248 _____ C:\Windows\system32\FNTCACHE.DAT
2019-11-14 11:04 - 2019-03-19 01:52 - 000000000 ____D C:\Windows\SystemResources
2019-11-14 11:04 - 2019-03-19 01:52 - 000000000 ____D C:\Windows\ShellExperiences
2019-11-14 11:04 - 2019-03-19 01:52 - 000000000 ____D C:\Windows\bcastdvr
2019-11-14 11:01 - 2019-10-14 22:29 - 000000000 ____D C:\Windows\system32\MRT
2019-11-14 10:59 - 2019-10-14 22:29 - 128443096 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2019-11-14 10:59 - 2019-03-19 01:37 - 000000000 ____D C:\Windows\CbsTemp
2019-11-12 18:45 - 2019-10-14 18:51 - 000748816 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2019-11-12 12:30 - 2019-10-26 12:28 - 000000000 ____D C:\Users\Manuu\Documents\Adobe
==================== Files in the root of some directories ========
2019-11-22 18:06 - 2019-11-22 18:06 - 000000000 _____ () C:\Users\Manuu\AppData\Local\oobelibMkey.log
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
[/CODE]
Additional scan
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 07-12-2019
Ran by Manuu (10-12-2019 21:01:36)
Running from C:\Users\Manuu\Desktop
Windows 10 Pro Version 1903 18362.476 (X64) (2019-10-14 19:28:43)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrador (S-1-5-21-4099755853-2960477214-752941415-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-4099755853-2960477214-752941415-503 - Limited - Disabled)
Invitado (S-1-5-21-4099755853-2960477214-752941415-501 - Limited - Disabled)
Manuu (S-1-5-21-4099755853-2960477214-752941415-1001 - Administrator - Enabled) => C:\Users\Manuu
WDAGUtilityAccount (S-1-5-21-4099755853-2960477214-752941415-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avast Antivirus (Disabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Avast Antivirus (Disabled) {B693136B-F6EE-DD1C-A0EF-229B8B0B29C4}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKU\S-1-5-21-4099755853-2960477214-752941415-1001\...\uTorrent) (Version: 3.5.5.45395 - BitTorrent Inc.)
Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 15.023.20070 - Adobe Systems Incorporated)
Adobe After Effects 2020 (HKLM-x32\...\AEFT_17_0) (Version: 17.0 - Adobe Systems Incorporated)
Adobe Animate 2020 (HKLM-x32\...\FLPR_20_0) (Version: 20.0 - Adobe Systems Incorporated)
Adobe Audition 2020 (HKLM-x32\...\AUDT_13_0) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Illustrator 2020 (HKLM-x32\...\ILST_24_0) (Version: 24.0 - Adobe Systems Incorporated)
Adobe Lightroom Classic (HKLM-x32\...\LTRM_8_4_1) (Version: 8.4.1 - Adobe Systems Incorporated)
Adobe Media Encoder 2020 (HKLM-x32\...\AME_14_0) (Version: 14.0 - Adobe Systems Incorporated)
Adobe Photoshop CC 2019 (HKLM-x32\...\PHSP_20_0_7) (Version: 20.0.7 - Adobe Systems Incorporated)
Adobe Premiere Pro 2019 (HKLM-x32\...\PPRO_13_1_4) (Version: 13.1.4 - Adobe Systems Incorporated)
Adobe Premiere Pro 2020 (HKLM-x32\...\PPRO_14_0) (Version: 14.0 - Adobe Systems Incorporated)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 19.11.3 - Advanced Micro Devices, Inc.)
Ashampoo UnInstaller 8 (HKLM-x32\...\{4209F371-D192-F401-E058-BBF7CF126AEA}_is1) (Version: 8.00.12 - Ashampoo GmbH & Co. KG)
Avast Premium Security (HKLM-x32\...\Avast Antivirus) (Version: 19.8.2393 - AVAST Software)
Branding64 (HKLM\...\{EE2AFCE4-0238-4DE0-A140-1647021627C1}) (Version: 1.00.0001 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization BR (HKLM\...\{E7AA1A02-575C-14C6-FBEF-4BE6D46A5B74}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{EB6C44F1-0F78-FE10-BC63-90BA50AB0CE9}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{B26D75B8-FAB7-6F8B-767F-BAF975383D91}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{36EDC500-E4C0-371C-9865-08450415C1E9}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{4C2FB7FD-89FD-BA5C-585A-3811F326AD34}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{D74218A3-C503-57EF-AC9F-2220082E7ADE}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{DA433FCF-90A1-19A5-65A7-FDF82DE4826D}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{949F125B-A6CC-5A5E-EEE7-4AC50305C1FA}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{20D46801-147B-30AD-7C5A-AC4560A79096}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{22C39711-2747-D264-319A-1550BEEAAEC6}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{1DBACFDB-5E43-7882-36BD-53526D34BD22}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{A91FC4BF-C1EC-ADCA-79D1-F4F0671F1D60}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{ED75A775-03A7-F214-868D-497748707968}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{07BFBD5C-2F63-6828-1B61-B41A44113F3B}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{E6038D3E-5D87-8DF7-6D05-BE7532C3E73E}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{DFAD9DAC-4768-C8BB-4E0E-5239605A9BEA}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{FFBFBD1F-B160-A119-7C43-8584FA2E5665}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{4D1D5407-9B69-6422-629C-8518A26004A4}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{A8379BAB-59A9-C0A3-8BCC-4852EA403692}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{24DF617A-CD23-6E6A-126B-23630D2781CE}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{83DDDFD8-AD42-72F9-E4F1-5456FDB304C9}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.62 - Piriform)
Control (HKU\S-1-5-21-4099755853-2960477214-752941415-1001\...\Control) (Version: - HOODLUM)
Descript 3.1.0-master.20191108.13 (HKU\S-1-5-21-4099755853-2960477214-752941415-1001\...\{47d4069d-eba1-5137-bc5f-9c138f7a3859}) (Version: 3.1.0-master.20191108.13 - Descript, Inc.)
ENE IO Driver (HKLM-x32\...\{D0512FFD-6194-4D2E-967E-25B82A3322FF}) (Version: 2.0.8 - ENE TECHNOLOGY INC.) Hidden
ENE RGB HAL (HKLM\...\{87316426-A33E-41E9-942B-968E928A9A47}) (Version: 1.00.10 - Ene Tech.) Hidden
ENE RGB HAL (HKLM-x32\...\{9f93601b-15ea-4e69-8d7c-dfa0f29ae04e}) (Version: 1.00.10 - Ene Tech.) Hidden
ENE_EHD_M2_HAL (HKLM\...\{1CD178C9-BB49-4E59-9DA6-3C152E2A9844}) (Version: 1.00.01 - ENE TECHNOLOGY INC.) Hidden
ENE_EHD_M2_HAL (HKLM-x32\...\{fe81cfd3-9db4-409d-b0f9-26707d1423c6}) (Version: 1.00.01 - ENE TECHNOLOGY INC.) Hidden
Intel(R) C++ Redistributables on Intel(R) 64 (HKLM-x32\...\{F70BCE36-25F2-4475-A918-6209B3D85BF3}) (Version: 15.0.179 - Intel Corporation)
iZotope Ozone 9 Advanced (HKLM\...\Ozone 9 Advanced_is1) (Version: 9.0 - iZotope & Team V.R)
Magic Bullet Suite v13.0.11 (HKLM-x32\...\{99487911-8011-42BC-B594-8B02BFD32B1D}_is1) (Version: 13.0.11 - Red Giant, LLC)
Maxon Cinema 4D R21 (HKLM\...\Maxon Cinema 4D R21) (Version: R21 - Maxon)
Metro Exodus (HKLM-x32\...\{F25D08D9-EBE0-4C15-AAD2-50B446E85B17}_is1) (Version: - 4A Games)
Microsoft OneDrive (HKU\S-1-5-21-4099755853-2960477214-752941415-1001\...\OneDriveSetup.exe) (Version: 19.152.0927.0012 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.23.27820 (HKLM-x32\...\{852adda4-4c78-4a38-b583-c0b360a329d6}) (Version: 14.23.27820.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.15.26706 (HKLM-x32\...\{7e9fae12-5bbf-47fb-b944-09c49e75c061}) (Version: 14.15.26706.0 - Microsoft Corporation)
Paquete de controladores de Windows - Graphics Tablet (WinUsb) USBDevice (04/10/2014 8.33.30.0) (HKLM\...\142118DF51345EA02D2B1583E102C8FB95FD6D52) (Version: 04/10/2014 8.33.30.0 - Graphics Tablet)
Patriot Viper M2 SSD RGB (HKLM\...\{0886A906-0625-4A43-930D-AA92F6665AF4}) (Version: 1.00.00 - Patriot Memory) Hidden
Patriot Viper M2 SSD RGB (HKLM-x32\...\{0edb50a3-501b-40f9-b197-0d143fdef576}) (Version: 1.00.00 - Patriot Memory)
Product Portal (HKLM-x32\...\Product Portal) (Version: - iZotope, Inc.)
Red Giant Link (HKLM-x32\...\{10F82E5B-B611-4C65-8F29-666A9EC5680A}_is1) (Version: 1.9.14.1 - Red Giant, LLC)
RGB Fusion (HKLM-x32\...\{FFA8F1FA-3C2C-4A94-AC0B-0DF47272C25F}) (Version: 3.19.1002.1 - GIGABYTE)
RX 6 Audio Editor (HKLM-x32\...\RX 6 Audio Editor) (Version: 6.10 - iZotope, Inc.)
Shooter Suite v13.1.9 (HKLM-x32\...\{7DFC5E36-8CC9-4EC5-9C24-A3770A669E3F}_is1) (Version: 13.1.9 - Red Giant, LLC)
Slack (HKU\S-1-5-21-4099755853-2960477214-752941415-1001\...\slack) (Version: 4.1.2 - Slack Technologies Inc.)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 8.0.1046 - SUPERAntiSpyware.com)
The Surge 2 (HKLM-x32\...\The Surge 2_is1) (Version: - )
Trapcode Suite (HKLM\...\Trapcode Suite v15.1.4) (Version: - Red Giant LLC)
UninstallTabletDeviceDriver (HKLM\...\{39089688-F09E-4DAD-8C80-647D3DF68630}_is1) (Version: 12.4.2 - )
VFX Suite (HKLM\...\VFX Suite v1.0.2) (Version: - Red Giant LLC)
Vivaldi (HKU\S-1-5-21-4099755853-2960477214-752941415-1001\...\Vivaldi) (Version: 2.8.1664.44 - Vivaldi Technologies AS.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.8 - VideoLAN)
WinRAR 5.71 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.71.0 - win.rar GmbH)
Packages:
=========
Complemento de motor del medio de Fotos -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-10-19] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-10-14] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-10-14] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.4.11052.0_x64__8wekyb3d8bbwe [2019-11-09] (Microsoft Studios) [MS Ad]
MSN El Tiempo -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.33.13253.0_x64__8wekyb3d8bbwe [2019-11-23] (Microsoft Corporation) [MS Ad]
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.3.180.0_x64__dt26b99r8h8gj [2019-11-21] (Realtek Semiconductor Corp)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-4099755853-2960477214-752941415-1001_Classes\CLSID\{BCA9D37C-CA60-4160-9115-97A00F24702D}\localserver32 -> D:\Archivos de programa\AppData\Local\Vivaldi\Application\2.8.1664.44\notification_helper.exe (Vivaldi Technologies AS -> Vivaldi Technologies AS)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => D:\Archivos de programa\AVAST Software\ashShell.dll [2019-11-22] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => D:\Archivos de programas (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2015-03-17] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => D:\Archivos de programa\AVAST Software\ashShell.dll [2019-11-22] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => -> No File
ContextMenuHandlers1: [WinRAR] -> [CC]{B41DB860-64E4-11D2-9906-E49FADC173CA} => -> No File
ContextMenuHandlers1: [WinRAR32] -> [CC]{B41DB860-8EE4-11D2-9906-E49FADC173CA} => -> No File
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => D:\Archivos de programa\AVAST Software\ashShell.dll [2019-11-22] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers4: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => -> No File
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2019-11-15] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers5: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => -> No File
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => D:\Archivos de programas (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2015-03-17] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => D:\Archivos de programa\AVAST Software\ashShell.dll [2019-11-22] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [WinRAR] -> [CC]{B41DB860-64E4-11D2-9906-E49FADC173CA} => -> No File
ContextMenuHandlers6: [WinRAR32] -> [CC]{B41DB860-8EE4-11D2-9906-E49FADC173CA} => -> No File
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\Manuu\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\e4bf1989cc92ac0e\Vivaldi.lnk -> D:\Archivos de programa\AppData\Local\Vivaldi\Application\vivaldi_proxy.exe (Vivaldi Technologies AS) -> --profile-directory=Default --app-id=mpognobbkildjkofajifpdfhcoklimli
==================== Loaded Modules (Whitelisted) =============
2019-01-08 12:00 - 2019-01-08 12:00 - 000017920 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libEGL.dll
2019-01-08 12:00 - 2019-01-08 12:00 - 003598336 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2018-03-13 03:47 - 2018-03-13 03:47 - 000912896 _____ () [File not signed] C:\Program Files\AMD\Performance Profile Client\aws-cpp-sdk-core.dll
2018-03-13 03:47 - 2018-03-13 03:47 - 003109888 _____ () [File not signed] C:\Program Files\AMD\Performance Profile Client\aws-cpp-sdk-s3.dll
2015-02-19 00:13 - 2015-02-19 00:13 - 000817152 _____ () [File not signed] C:\Program Files\AMD\Performance Profile Client\Device.dll
2015-02-19 00:13 - 2015-02-19 00:13 - 003650560 _____ () [File not signed] C:\Program Files\AMD\Performance Profile Client\Platform.dll
2019-10-11 15:40 - 2019-10-11 15:40 - 001748992 _____ () [File not signed] D:\Archivos de programa\Adobe\Adobe Audition 2020\libsndfile-1.dll
2015-03-17 01:34 - 2015-03-17 01:34 - 000010240 _____ () [File not signed] D:\Archivos de programas (x86)\Adobe\Acrobat DC\Acrobat\locale\es_es\AcroTray.esp
2019-10-11 16:23 - 2019-10-11 16:23 - 033683024 _____ (Adobe Inc. -> Adobe) [File not signed] D:\Archivos de programa\Adobe\Adobe Audition 2020\AuUI.dll
2015-03-17 01:34 - 2015-03-17 01:34 - 000013824 _____ (Adobe Systems Inc.) [File not signed] D:\Archivos de programas (x86)\Adobe\Acrobat DC\Acrobat\locale\es_es\Acrobat Elements\ContextMenuShim64.esp
2019-10-11 15:36 - 2019-10-11 15:36 - 002940416 _____ (RED Digital Cinema) [File not signed] D:\Archivos de programa\Adobe\Adobe Audition 2020\REDR3D-x64.dll
2019-01-08 12:00 - 2019-01-08 12:00 - 001441280 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\platforms\qwindows.dll
2019-11-15 21:38 - 2019-11-15 21:38 - 005999104 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Core.dll
2019-01-08 11:59 - 2019-01-08 11:59 - 006413824 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Gui.dll
2019-01-08 11:59 - 2019-01-08 11:59 - 001141760 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Network.dll
2019-01-08 11:59 - 2019-01-08 11:59 - 000339968 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Positioning.dll
2019-01-08 11:59 - 2019-01-08 11:59 - 004143104 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Qml.dll
2019-01-08 11:59 - 2019-01-08 11:59 - 003840000 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Quick.dll
2019-01-08 11:59 - 2019-01-08 11:59 - 000332800 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Svg.dll
2019-01-08 11:59 - 2019-01-08 11:59 - 000113152 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebChannel.dll
2019-01-08 11:59 - 2019-01-08 11:59 - 000349184 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngine.dll
2019-01-08 11:59 - 2019-01-08 11:59 - 080959488 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngineCore.dll
2019-01-08 12:00 - 2019-01-08 12:00 - 005622272 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Widgets.dll
2019-01-08 12:00 - 2019-01-08 12:00 - 000463360 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WinExtras.dll
2019-01-08 12:00 - 2019-01-08 12:00 - 000190464 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Xml.dll
2019-01-08 12:00 - 2019-01-08 12:00 - 002825216 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5XmlPatterns.dll
2019-01-08 12:00 - 2019-01-08 12:00 - 000053760 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\private\qtgraphicaleffectsprivate.dll
2019-01-08 12:00 - 2019-01-08 12:00 - 000059392 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\qtgraphicaleffectsplugin.dll
2019-01-08 12:00 - 2019-01-08 12:00 - 000017408 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2019-01-08 12:00 - 2019-01-08 12:00 - 000330752 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2019-01-08 12:00 - 2019-01-08 12:00 - 000137216 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Dialogs\dialogplugin.dll
2019-01-08 12:00 - 2019-01-08 12:00 - 000090112 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2019-01-08 12:00 - 2019-01-08 12:00 - 000017920 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer trusted/restricted ==========
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2019-03-19 01:49 - 2019-12-10 18:10 - 000002205 _____ C:\Windows\system32\drivers\etc\hosts
0.0.0.0 serius.mwbsys.com
127.0.0.1 utopia.net
0.0.0.0 keystone.mwbsys.com0.0.0.0 keystone-prod.elasticbeanstalk.com
0.0.0.0 keystone.mwbsys.com
127.0.0.1 activate.adobe.com
127.0.0.1 practivate.adobe.com
127.0.0.1 ereg.adobe.com
127.0.0.1 wip3.adobe.com
127.0.0.1 activate.wip3.adobe.com
127.0.0.1 3dns-3.adobe.com
127.0.0.1 3dns-2.adobe.com
127.0.0.1 adobe-dns.adobe.com
127.0.0.1 adobe-dns-2.adobe.com
127.0.0.1 adobe-dns-3.adobe.com
127.0.0.1 ereg.wip3.adobe.com
127.0.0.1 activate-sea.adobe.com
127.0.0.1 wwis-dubc1-vip60.adobe.com
127.0.0.1 activate-sjc0.adobe.com
127.0.0.1 hl2rcv.adobe.com
127.0.0.1 lm.licenses.adobe.com
127.0.0.1 na2m-pr.licenses.adobe.com
127.0.0.1 lmlicenses.wip4.adobe.com
127.0.0.1 na1r.services.adobe.com
127.0.0.1 hlrcv.stage.adobe.com
127.0.0.1 practivate.adobe
127.0.0.1 practivate.adobe.newoa
127.0.0.1 practivate.adobe.ntp
127.0.0.1 practivate.adobe.ipp
127.0.0.1 adobeereg.com
127.0.0.1 activate.wip1.adobe.com
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> %INTEL_DEV_REDIST%redist\intel64\compiler;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-4099755853-2960477214-752941415-1001\Control Panel\Desktop\\Wallpaper -> D:\Respaldo\Indomable P\unnamed.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
MSCONFIG\Services: AGMService => 3
MSCONFIG\Services: AGSService => 3
HKLM\...\StartupApproved\Run: => "Adobe Creative Cloud"
HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "TabletDriver"
HKLM\...\StartupApproved\Run32: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run32: => "SecurityHealth"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKLM\...\StartupApproved\Run32: => "SelLed"
HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0"
HKU\S-1-5-21-4099755853-2960477214-752941415-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-4099755853-2960477214-752941415-1001\...\StartupApproved\Run: => "CCXProcess"
HKU\S-1-5-21-4099755853-2960477214-752941415-1001\...\StartupApproved\Run: => "com.squirrel.slack.slack"
HKU\S-1-5-21-4099755853-2960477214-752941415-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-4099755853-2960477214-752941415-1001\...\StartupApproved\Run: => "Vivaldi Update Notifier"
HKU\S-1-5-21-4099755853-2960477214-752941415-1001\...\StartupApproved\Run: => "Adobe Acrobat Synchronizer"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{916FE0B1-1DC2-4AB4-8584-C43A0E4F4137}] => (Allow) C:\Users\Manuu\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{74F3F3F5-AE93-4FB7-990F-70B0F607E16D}] => (Allow) C:\Users\Manuu\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [TCP Query User{FE943F63-F035-40B7-BCF0-B7725BC14945}D:\games\the surge 2\bin\thesurge2.exe] => (Allow) D:\games\the surge 2\bin\thesurge2.exe (Focus Home Interactive -> ) [File not signed]
FirewallRules: [UDP Query User{C8A0B694-C14D-45C0-9FA4-AFDC75F0DA92}D:\games\the surge 2\bin\thesurge2.exe] => (Allow) D:\games\the surge 2\bin\thesurge2.exe (Focus Home Interactive -> ) [File not signed]
FirewallRules: [{DA52E3B8-5E04-4756-9D49-2A3C637E5124}] => (Allow) C:\Program Files\Red Giant\PluralEyes 4\PluralEyes 4.exe (Red Giant LLC -> Red Giant, LLC)
FirewallRules: [{6E8047D7-1600-4C3E-B940-F4E82441223A}] => (Allow) C:\Program Files\Red Giant\PluralEyes 4\PEServer.exe (Red Giant, LLC) [File not signed]
FirewallRules: [{4CA67553-9275-4538-86F9-C50236BC0983}] => (Block) C:\Program Files (x86)\Red Giant Link\cefclient.exe () [File not signed]
FirewallRules: [{B90EF0AF-8160-4129-A3B8-48B53AF69332}] => (Block) C:\Program Files (x86)\Red Giant Link\cefclient.exe () [File not signed]
FirewallRules: [{5B127CC0-D641-482C-ADA9-2D66AB62C480}] => (Block) C:\Program Files (x86)\Red Giant Link\Red Giant Link.exe (Red Giant LLC -> )
FirewallRules: [{2039F5D7-E077-482B-A72A-935378D47D9B}] => (Block) C:\Program Files (x86)\Red Giant Link\Red Giant Link.exe (Red Giant LLC -> )
FirewallRules: [{E017A302-63B3-451F-9D5C-9A4A3DE00CA8}] => (Block) C:\Program Files (x86)\Red Giant Link\subprocess.exe () [File not signed]
FirewallRules: [{C3F92F66-1032-405B-865B-352D982B2931}] => (Block) C:\Program Files (x86)\Red Giant Link\subprocess.exe () [File not signed]
FirewallRules: [{F4B97D33-5F08-403A-8684-2B3D201DEA76}] => (Block) C:\Program Files (x86)\Red Giant\unins000.exe () [File not signed]
FirewallRules: [{ABB30808-DCA6-42C0-9575-7C1CE5B25BFA}] => (Block) C:\Program Files (x86)\Red Giant\unins000.exe () [File not signed]
FirewallRules: [{3DF8CA23-E7C2-4D9D-AAD3-5F5D0F5F0F63}] => (Block) C:\Program Files (x86)\Red Giant\unins001.exe () [File not signed]
FirewallRules: [{7430797F-B149-4B9F-8097-87F851553EBC}] => (Block) C:\Program Files (x86)\Red Giant\unins001.exe () [File not signed]
FirewallRules: [TCP Query User{7252CA06-4DA2-4E31-AAE1-C6593A25B3E5}C:\program files\adobe\adobe premiere pro 2020\adobe premiere pro.exe] => (Allow) C:\program files\adobe\adobe premiere pro 2020\adobe premiere pro.exe (Adobe Inc. -> Adobe)
FirewallRules: [UDP Query User{74A4DC63-5DDA-4B38-AF6D-A60465062915}C:\program files\adobe\adobe premiere pro 2020\adobe premiere pro.exe] => (Allow) C:\program files\adobe\adobe premiere pro 2020\adobe premiere pro.exe (Adobe Inc. -> Adobe)
FirewallRules: [TCP Query User{89D92691-BBBA-4F18-946A-E4A6FF775F3D}C:\program files\adobe\adobe media encoder 2020\adobe media encoder.exe] => (Allow) C:\program files\adobe\adobe media encoder 2020\adobe media encoder.exe (Adobe Inc. -> Adobe) [File not signed]
FirewallRules: [UDP Query User{6334D47D-C7F2-4E2F-BF2B-0587C5064FAD}C:\program files\adobe\adobe media encoder 2020\adobe media encoder.exe] => (Allow) C:\program files\adobe\adobe media encoder 2020\adobe media encoder.exe (Adobe Inc. -> Adobe) [File not signed]
FirewallRules: [TCP Query User{A48C5339-64EA-4167-8442-9FE95D1D1EDF}C:\program files\adobe\adobe after effects 2020\support files\afterfx.exe] => (Block) C:\program files\adobe\adobe after effects 2020\support files\afterfx.exe (Adobe Inc. -> Adobe Systems Incorporated)
FirewallRules: [UDP Query User{57502889-AB9B-4900-A75B-49543E8FAA18}C:\program files\adobe\adobe after effects 2020\support files\afterfx.exe] => (Block) C:\program files\adobe\adobe after effects 2020\support files\afterfx.exe (Adobe Inc. -> Adobe Systems Incorporated)
==================== Restore Points =========================
28-11-2019 11:32:03 Punto de control programado
08-12-2019 00:10:08 Punto de control programado
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (12/10/2019 05:46:15 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: slack.exe, versión: 4.1.2.0, marca de tiempo: 0x5d709650
Nombre del módulo con errores: slack.exe, versión: 4.1.2.0, marca de tiempo: 0x5d709650
Código de excepción: 0xc000041d
Desplazamiento de errores: 0x0000000000e8c992
Identificador del proceso con errores: 0x312c
Hora de inicio de la aplicación con errores: 0x01d5af7b2cdfc4ea
Ruta de acceso de la aplicación con errores: C:\Users\Manuu\AppData\Local\slack\app-4.1.2\slack.exe
Ruta de acceso del módulo con errores: C:\Users\Manuu\AppData\Local\slack\app-4.1.2\slack.exe
Identificador del informe: 6080cd64-80d2-4a79-8058-88bfe57d0545
Nombre completo del paquete con errores:
Identificador de aplicación relativa del paquete con errores:
Error: (12/10/2019 05:46:12 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: slack.exe, versión: 4.1.2.0, marca de tiempo: 0x5d709650
Nombre del módulo con errores: slack.exe, versión: 4.1.2.0, marca de tiempo: 0x5d709650
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x0000000000e8c992
Identificador del proceso con errores: 0x312c
Hora de inicio de la aplicación con errores: 0x01d5af7b2cdfc4ea
Ruta de acceso de la aplicación con errores: C:\Users\Manuu\AppData\Local\slack\app-4.1.2\slack.exe
Ruta de acceso del módulo con errores: C:\Users\Manuu\AppData\Local\slack\app-4.1.2\slack.exe
Identificador del informe: 0efcac5f-606a-46a2-be61-9039bea3ca5d
Nombre completo del paquete con errores:
Identificador de aplicación relativa del paquete con errores:
Error: (12/10/2019 01:53:50 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: slack.exe, versión: 4.1.2.0, marca de tiempo: 0x5d709650
Nombre del módulo con errores: slack.exe, versión: 4.1.2.0, marca de tiempo: 0x5d709650
Código de excepción: 0xc000041d
Desplazamiento de errores: 0x0000000000e8c992
Identificador del proceso con errores: 0x2f08
Hora de inicio de la aplicación con errores: 0x01d5af74f2c14ee9
Ruta de acceso de la aplicación con errores: C:\Users\Manuu\AppData\Local\slack\app-4.1.2\slack.exe
Ruta de acceso del módulo con errores: C:\Users\Manuu\AppData\Local\slack\app-4.1.2\slack.exe
Identificador del informe: 7601734b-b909-4743-8802-1d9be74a28e5
Nombre completo del paquete con errores:
Identificador de aplicación relativa del paquete con errores:
Error: (12/10/2019 01:53:48 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: slack.exe, versión: 4.1.2.0, marca de tiempo: 0x5d709650
Nombre del módulo con errores: slack.exe, versión: 4.1.2.0, marca de tiempo: 0x5d709650
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x0000000000e8c992
Identificador del proceso con errores: 0x2f08
Hora de inicio de la aplicación con errores: 0x01d5af74f2c14ee9
Ruta de acceso de la aplicación con errores: C:\Users\Manuu\AppData\Local\slack\app-4.1.2\slack.exe
Ruta de acceso del módulo con errores: C:\Users\Manuu\AppData\Local\slack\app-4.1.2\slack.exe
Identificador del informe: 48954d4e-65a0-46b7-8805-361f6ccffcad
Nombre completo del paquete con errores:
Identificador de aplicación relativa del paquete con errores:
Error: (12/10/2019 01:40:39 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: El programa UI8.exe (versión 8.0.0.0) dejó de interactuar con Windows y se cerró. Para ver si hay más información disponible sobre el problema, comprueba el historial de problemas en el panel de control de seguridad y mantenimiento.
Id. de proceso: 2828
Hora de Inicio: 01d5af7419f0e84f
Hora de finalización: 4294967295
Ruta de la aplicación: D:\Archivos de programas (x86)\Ashampoo\Ashampoo UnInstaller 8\UI8.exe
Id. de informe: d157bca7-4e01-4bd4-b99c-433d6ea79c04
Nombre completo del paquete con errores:
Id. de la aplicación relativa al paquete con errores:
Tipo de bloqueo: Top level window is idle
Error: (12/10/2019 12:33:39 PM) (Source: MsiInstaller) (EventID: 1024) (User: NT AUTHORITY)
Description: Producto: Adobe Acrobat DC - la actualización "Adobe Acrobat DC
(19.010.20098)" no se pudo instalar. Código de error 1603. Windows Installer no puede crear registros para ayudar a solucionar problemas de instalación de paquetes de software. Use el vínculo siguiente para obtener instrucciones sobre la activación de la compatibilidad de registro: http://go.microsoft.com/fwlink/?LinkId=23127
Error: (12/10/2019 12:33:32 PM) (Source: MsiInstaller) (EventID: 11328) (User: NT AUTHORITY)
Description: Producto: Adobe Acrobat DC -- Error 1328. Error al aplicar la revisión al archivo D:\Config.Msi\PT5DC0.tmp. Probablemente el archivo ya se ha actualizado por otros medios y esta revisión no puede modificarlo. Para obtener más información, consulte al proveedor de la revisión. Error del sistema: -1072807676
Error: (12/10/2019 07:14:01 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: SUPERAntiSpyware.exe, versión: 8.0.0.1046, marca de tiempo: 0x5db0c5f6
Nombre del módulo con errores: ntdll.dll, versión: 10.0.18362.418, marca de tiempo: 0x99ca0526
Código de excepción: 0xc0000374
Desplazamiento de errores: 0x00000000000f9269
Identificador del proceso con errores: 0x3264
Hora de inicio de la aplicación con errores: 0x01d5af428b32a244
Ruta de acceso de la aplicación con errores: D:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
Ruta de acceso del módulo con errores: C:\Windows\SYSTEM32\ntdll.dll
Identificador del informe: f1ca4e72-3894-4e4c-bcb6-2d7b48dabe69
Nombre completo del paquete con errores:
Identificador de aplicación relativa del paquete con errores:
System errors:
=============
Error: (12/10/2019 08:39:36 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Error de instalación: error de Windows al instalar la siguiente actualización, error 0x800706d9: 9WZDNCRFHVJL-MICROSOFT.OFFICE.ONENOTE.
Error: (12/10/2019 01:10:19 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio ZAM Controller Service se terminó de manera inesperada. Esto ha sucedido 1 veces.
Error: (12/10/2019 12:18:48 PM) (Source: googledrivefs2789) (EventID: 2) (User: )
Description: Warning: mount point creation is being forced.
Error: (12/10/2019 12:17:55 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: El servicio NcaSvc depende del servicio iphlpsvc, el cual no pudo iniciarse debido al siguiente error:
No se puede iniciar el servicio, porque está deshabilitado o porque no tiene dispositivos habilitados asociados a él.
Error: (12/10/2019 12:17:11 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio AMD User Experience Program Launcher se terminó de manera inesperada. Esto ha sucedido 1 veces.
Error: (12/10/2019 12:17:09 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-C3ALJHQ)
Description: El servidor {9BA05972-F6A8-11CF-A442-00A0C90A8F39} no se registró con DCOM dentro del tiempo de espera requerido.
Error: (12/10/2019 12:17:09 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-C3ALJHQ)
Description: El servidor {9BA05972-F6A8-11CF-A442-00A0C90A8F39} no se registró con DCOM dentro del tiempo de espera requerido.
Error: (12/09/2019 07:21:08 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Error de instalación: error de Windows al instalar la siguiente actualización, error 0x800706d9: 9WZDNCRFHVJL-MICROSOFT.OFFICE.ONENOTE.
Windows Defender:
===================================
Date: 2019-12-09 01:36:10.119
Description:
El examen de Antivirus de Windows Defender se detuvo antes de completarse.
Id. de examen: {591A7B8D-D171-46D0-978F-B624264B91A4}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM
Date: 2019-12-09 01:23:02.845
Description:
El examen de Antivirus de Windows Defender se detuvo antes de completarse.
Id. de examen: {998155E8-65B0-414A-8559-0DA8F75A0FB4}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM
Date: 2019-12-04 22:00:12.316
Description:
El examen de Antivirus de Windows Defender se detuvo antes de completarse.
Id. de examen: {C956A397-87D7-4A87-8FAB-5477CF1FB434}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM
Date: 2019-12-04 18:58:08.754
Description:
El examen de Antivirus de Windows Defender se detuvo antes de completarse.
Id. de examen: {AB095094-4A7A-47CE-A790-3B44DECFA4EB}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM
Date: 2019-12-04 14:46:40.744
Description:
El examen de Antivirus de Windows Defender se detuvo antes de completarse.
Id. de examen: {EEE1CA2F-A01E-47F0-8585-E577C4CEDCEE}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM
Date: 2019-11-30 23:25:49.670
Description:
Antivirus de Windows Defender detectó un error al intentar actualizar la inteligencia de seguridad.
Nueva versión de inteligencia de seguridad:
Versión anterior de inteligencia de seguridad: 1.305.3107.0
Origen de actualización: Centro de protección contra malware de Microsoft
Tipo de inteligencia de seguridad: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\Servicio de red
Versión actual del motor:
Versión anterior del motor: 1.1.16500.1
Código de error: 0x80072ee2
Descripción del error: Se superó el tiempo de espera para la operación
Date: 2019-11-30 23:25:49.669
Description:
Antivirus de Windows Defender detectó un error al intentar actualizar la inteligencia de seguridad.
Nueva versión de inteligencia de seguridad:
Versión anterior de inteligencia de seguridad: 1.305.3107.0
Origen de actualización: Centro de protección contra malware de Microsoft
Tipo de inteligencia de seguridad: AntiSpyware
Tipo de actualización: Completa
Usuario: NT AUTHORITY\Servicio de red
Versión actual del motor:
Versión anterior del motor: 1.1.16500.1
Código de error: 0x80072ee2
Descripción del error: Se superó el tiempo de espera para la operación
Date: 2019-11-30 23:25:49.669
Description:
Antivirus de Windows Defender detectó un error al intentar actualizar la inteligencia de seguridad.
Nueva versión de inteligencia de seguridad:
Versión anterior de inteligencia de seguridad: 1.305.3107.0
Origen de actualización: Centro de protección contra malware de Microsoft
Tipo de inteligencia de seguridad: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\Servicio de red
Versión actual del motor:
Versión anterior del motor: 1.1.16500.1
Código de error: 0x80072ee2
Descripción del error: Se superó el tiempo de espera para la operación
Date: 2019-11-30 23:24:17.573
Description:
Antivirus de Windows Defender detectó un error al intentar actualizar la inteligencia de seguridad.
Nueva versión de inteligencia de seguridad:
Versión anterior de inteligencia de seguridad: 1.305.2637.0
Origen de actualización: Servidor de Microsoft Update
Tipo de inteligencia de seguridad: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\SYSTEM
Versión actual del motor:
Versión anterior del motor: 1.1.16500.1
Código de error: 0x80240022
Descripción del error: El programa no puede buscar actualizaciones de definiciones.
Date: 2019-11-30 23:24:17.572
Description:
Antivirus de Windows Defender detectó un error al intentar actualizar la inteligencia de seguridad.
Nueva versión de inteligencia de seguridad:
Versión anterior de inteligencia de seguridad: 1.305.2637.0
Origen de actualización: Servidor de Microsoft Update
Tipo de inteligencia de seguridad: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\SYSTEM
Versión actual del motor:
Versión anterior del motor: 1.1.16500.1
Código de error: 0x80240022
Descripción del error: El programa no puede buscar actualizaciones de definiciones.
CodeIntegrity:
===================================
Date: 2019-12-10 20:59:54.145
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Archivos de programa\AVAST Software\aswAMSI.dll that did not meet the Windows signing level requirements.
Date: 2019-12-10 20:59:53.754
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Archivos de programa\AVAST Software\aswAMSI.dll that did not meet the Windows signing level requirements.
Date: 2019-12-10 12:19:03.957
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume2\Archivos de programa\AVAST Software\aswAMSI.dll that did not meet the Microsoft signing level requirements.
Date: 2019-12-10 12:19:03.950
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume2\Archivos de programa\AVAST Software\aswAMSI.dll that did not meet the Microsoft signing level requirements.
Date: 2019-12-10 12:19:03.944
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume2\Archivos de programa\AVAST Software\aswAMSI.dll that did not meet the Microsoft signing level requirements.
Date: 2019-12-10 12:19:03.936
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume2\Archivos de programa\AVAST Software\aswAMSI.dll that did not meet the Microsoft signing level requirements.
Date: 2019-12-10 12:19:03.928
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume2\Archivos de programa\AVAST Software\aswAMSI.dll that did not meet the Microsoft signing level requirements.
Date: 2019-12-10 12:19:03.921
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume2\Archivos de programa\AVAST Software\aswAMSI.dll that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
BIOS: American Megatrends Inc. F40 05/16/2019
Motherboard: Gigabyte Technology Co., Ltd. B450 AORUS M
Processor: AMD Ryzen 7 2700X Eight-Core Processor
Percentage of memory in use: 37%
Total physical RAM: 16332.23 MB
Available physical RAM: 10267.63 MB
Total Virtual: 21452.23 MB
Available Virtual: 10641.24 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:111.16 GB) (Free:37.29 GB) NTFS
Drive d: (Disco Local) (Fixed) (Total:931.5 GB) (Free:116.89 GB) NTFS
\\?\Volume{64af509f-fb85-4637-94aa-7881e90e6e26}\ (Recuperación) (Fixed) (Total:0.52 GB) (Free:0.09 GB) NTFS
\\?\Volume{2a206265-226c-4c19-863e-5879de8d830f}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)
Partition: GPT.
==========================================================
Disk: 1 (Protective MBR) (Size: 111.8 GB) (Disk ID: 00000000)
Partition: GPT.
==================== End of Addition.txt =======================Hola
MUY Importante 
Realiza una copia de seguridad del registro :
-
Para hacerlo descarga
DelFix.exe( en tu escritorio). -
Doble clic para ejecutarlo.(Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona -Ejecutar como Administrador-).
-
Atención, ahora marca/selecciona únicamente la casilla "Create registry backup", las demás NO.
-
Pulsar en Run.
Se abrirá el informe (DelFix.txt), guárdalo por si fuera necesario y cierra la herramienta.
A continuación 
con los demás programas cerrados ve a Inicio Ejecutar y escribe Notepad.exe.
- Ahora debes copiar y pegar los códigos/líneas que están en el interior del recuadro de más abajo, dentro del Notepad.
START
CREATERESTOREPOINT:
CLOSEPROCESSES:
HKLM-x32\...\Run: [] => [X]
GroupPolicy: Restriction ? <==== ATTENTION
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2017-02-17] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2017-02-17] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
S1 ZAM; \??\C:\Windows\System32\drivers\zam64.sys [X]
ContextMenuHandlers1: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => -> No File
ContextMenuHandlers1: [WinRAR] -> [CC]{B41DB860-64E4-11D2-9906-E49FADC173CA} => -> No File
ContextMenuHandlers1: [WinRAR32] -> [CC]{B41DB860-8EE4-11D2-9906-E49FADC173CA} => -> No File
ContextMenuHandlers4: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => -> No File
ContextMenuHandlers5: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => -> No File
ContextMenuHandlers6: [WinRAR] -> [CC]{B41DB860-64E4-11D2-9906-E49FADC173CA} => -> No File
ContextMenuHandlers6: [WinRAR32] -> [CC]{B41DB860-8EE4-11D2-9906-E49FADC173CA} => -> No File
HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
ENDGuárdalo bajo el nombre de FIXLIST.TXT en el escritorio Esto es muy importante.
Nota Es importante que la herramienta FRST.exe (Farbar Recovery Scanner Tool) y FIXLIST.TXT se encuentren en la misma ubicación (escritorio) o si no, no trabajara.
Y ahora usa el 2º MÉTODO: de esta Faq de Windows 8(aplicable a Windows 10) ¿Cómo iniciar Windows 8/8.1 en Modo Seguro?, para trabajar desde ese modo de windows.
- Ejecuta FRST.exe.(Si usas Windows Vista/7/8 o 10, presiona clic derecho y seleccionas -Ejecutar como Administrador-).
- Presionar el botón FIX y aguardar a que termine.
- La Herramienta guardara el reporte de reparación en el escritorio (FIXLOG.TXT).
Pega el contenido de este fichero en tu próxima respuesta.
Reiniciar el equipo y comprobar su funcionamiento en relación al problema planteado y comentarlo.
Un saludo
Hola Daniela, gracias por responder
Windows/system/drivers => 103278139 B
Edge => 37402 B
Chrome => 0 B
Firefox => 22321432 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 0 B
Manuu => 667793 B
RecycleBin => 0 B
EmptyTemp: => 140.9 MB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 15:58:37 ====Ya no me aparece Utopia.net, pero ahora mi internet esta muy lento, se supone que es de 300mb y solo descarga a menos de 10mb
Hola
Conoces esta dirección de IP 100.72.3.117 / 100.72.3.101? o tienes algún dispositivo tipo cámara vigilancia, dispositivo interno o similar que tenga conexión con ese PC?
Para el problema de la bajada de descarga, apaga el Router y lo vuelves a encender, y apaga (NO reiniciar) 3 veces el PC completamente.
Comprueba si ya tienes velocidad.
Un saludo
Hola Daniela!
No, no conozco esa IP, desactive el wifi del router y tengo el cable directo a mi pc, ayer le hice un resert y sigue igual 
Hola Daniela, despues de aplicar todo lo que me comentaste, ahora mi internet va a 3mb, qué hago?
Hola
MUY Importante Realiza una copia de seguridad del registro :
-
Para hacerlo descarga
DelFix.exe( en tu escritorio). -
Doble clic para ejecutarlo.(Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona -Ejecutar como Administrador-).
-
Atención, ahora marca/selecciona únicamente la casilla "Create registry backup", las demás NO.
-
Pulsar en Run.
Se abrirá el informe (DelFix.txt), guárdalo por si fuera necesario y cierra la herramienta.
A continuación con los demás programas cerrados ve a Inicio Ejecutar y escribe Notepad.exe.
- Ahora debes copiar y pegar los códigos/líneas que están en el interior del recuadro de más abajo, dentro del Notepad.
START
CREATERESTOREPOINT:
CLOSEPROCESSES:
Tcpip\..\Interfaces\{864e28a4-8da3-43ec-9cb1-afb7e5bf9474}: [DhcpNameServer] 100.72.3.117 100.72.3.101
HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
ENDGuárdalo bajo el nombre de FIXLIST.TXT en el escritorio Esto es muy importante.
Nota Es importante que la herramienta FRST.exe (Farbar Recovery Scanner Tool) y FIXLIST.TXT se encuentren en la misma ubicación (escritorio) o si no, no trabajara.
Y ahora usa el 2º MÉTODO: de esta Faq de Windows 8(aplicable a Windows 10) ¿Cómo iniciar Windows 8/8.1 en Modo Seguro?, para trabajar desde ese modo de windows.
- Ejecuta FRST.exe.(Si usas Windows Vista/7/8 o 10, presiona clic derecho y seleccionas -Ejecutar como Administrador-).
- Presionar el botón FIX y aguardar a que termine.
- La Herramienta guardara el reporte de reparación en el escritorio (FIXLOG.TXT).
Pega el contenido de este fichero en tu próxima respuesta.
Reiniciar el equipo y comprobar su funcionamiento en relación al problema planteado y comentarlo.
Un saludo
Hola
Se ha resuelto lo de la velocidad con el último paso?
Por favor, pon el informe con los resultados, para poder analizarlo, gracias.
Un saludo