Eliminar WonderShare helper Compact

Saludos a todos. Gracias por vuestra atención.

Tengo el Windows 10 Pro actualizado , el Malwarebytes actualizado desde siempre y el antivirus Bit Defender 2019 también actualizado y funcionando.

He instalado algún programa que me ha dejado un malware , he intentando eliminarlo pero no lo consigo.

El archivo en cuestión corresponde al WSHelper.exe , he leído información por varias webs para desinfectar , los cuales me indican que vaya al ‘regedit’ y mire los registros que tiene asociado en las direcciones que me indican y compruebe sus valores , haga modificaciones pero no tengo ni idea.

Entre en esta website porque hay grandes profesionales en estos temas, vi que otros usuarios también tenia el mismo problema , seguí sus pasos pero cuando miro en los programas de inicio mediante ‘msconfig’ , en inicio veo que aparece otra vez el archivo WSHelper.exe , cuya ruta corresponde al C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact

Imagenes de lo que os comento.

malware.jpg671×600 48.9 KB

malware2.jpg428×525 34.4 KB

¿ Podéis ayudarme a eliminarlo ? Estoy rallado pensando que puede contener más malwares y demás basura.

Gracias por la atención.

Realiza los siguientes pasos, , sin cambiar el orden

1) Descarga, actualiza y ejecuta Malwarebytes’ Anti-Malware,

Manual Malwarebytes, para que sepas usarlo y configurarlo.

• Realiza un Análisis Personalizado,marcando Todas las casillas de la derecha y de la Izquierda actualizando si te lo pide.
• Pulsar en “Eliminar Seleccionados” para enviarlo a la cuarentena y Reinicias el sistema.
• Para acceder posteriormente al informe del análisis : Informes >> Registro de análisis >> Pulsar en >> Exportar >> Copiar al Portapapeles, y lo pegas en tu respuesta

2) Descarga Adwcleaner en el escritorio.

• Desactiva tu antivirus Como deshabilitar temporalmente un antivirus y cualquier programa de seguridad.

• Ejecuta Adwcleaner.exe (Si usas Windows Vista/7 u 8 presiona clic derecho y selecciona "Ejecutar como Administrador.")

• Pulsar en el botón Analizar Ahora, y espera a que se realice el proceso, inmediatamente pulsa sobre el botón Iniciar Reparacion.

• Espera a que se complete y sigue las instrucciones, si te pidiera Reiniciar el sistema Aceptas.

• Si no encuentra nada, pulsamos “Omitir Reparación”

• El log lo encontramos en la pestaña “Informes”, volviendo a abrir el programa, si es necesario o en"C:\AdwCleaner\Logs\AdwCleaner[C0].txt"

Puedes mirar su manual >> Manual de Adwcleaner

3) Descarga Ccleaner

Instalalo y ejecútalo. En la pestaña limpiador dejas como esta configurada predeterminadamente, haces clic en analizar esperas que termine > clic en ejecutar limpiador. Clic en la pestaña Registro > clic en buscar problemas esperas que termine > clic en Reparar Seleccionadas y haces una copia de seguridad.

4)

• Desactiva Temporalmente tu antivirus y cualquier programa de seguridad.

• Descarga a Tu Escritorio >> Esto es muy importante<<.,Fabar Recovery Scan Tool, considerando la versión adecuada para tu equipo. (32 o 64 bits) ¿Cómo saber si mi Windows es de 32 o 64 bits?

• Doble clic para ejecutar Frst.exe. En la ventana del Disclaimer, presiona Yes.

• En la nueva ventana que se abre, presiona el botón Scan y espera a que concluya el análisis.

• Se abrirán dos (2) archivos (Logs), Frst.txt y Addition.txt, que estarán grabados en Tu escritorio.

En Tu próxima respuesta, copias y pegas los dos reportes Frst.txt y Addition.txt de FRST

Nota: Si el/los reportes solicitados no entraran en una sola respuesta porque superan la cantidad de caracteres permitidos, puedes utilizar dos o mas respuestas para pegarlos completamente.

Pega los reportes de Malwarebytes, AdwCleaner y Fabar y comentas como va el problema.

Saludos. Gracias por vuestra rápida atención y ayuda. Pego los reportes que me habéis pedido en el orden establecido. Los últimos reportes de Farbar son muy grandes , los he tenido que dividir en 2 :

Malwarebytes

-Detalles del registro-
Fecha del análisis: 2/6/19
Hora del análisis: 11:18
Archivo de registro: 58d248fa-8517-11e9-851a-309c23e25740.json

-Información del software-
Versión: 3.7.1.2839
Versión de los componentes: 1.0.586
Versión del paquete de actualización: 1.0.10868
Licencia: Gratis

-Información del sistema-
SO: Windows 10 (Build 17763.529)
CPU: x64
Sistema de archivos: NTFS
Usuario: DESKTOP-PUJPOIC\Androide

-Resumen del análisis-
Tipo de análisis: Análisis personalizado
Análisis iniciado por:: Manual
Resultado: Completado
Objetos analizados: 854311
Amenazas detectadas: 0
Amenazas en cuarentena: 0
Tiempo transcurrido: 1 hr, 30 min, 6 seg

-Opciones de análisis-
Memoria: Activado
Inicio: Activado
Sistema de archivos: Activado
Archivo: Activado
Rootkits: Activado
Heurística: Activado
PUP: Detectar
PUM: Detectar

-Detalles del análisis-
Proceso: 0
(No hay elementos maliciosos detectados)

Módulo: 0
(No hay elementos maliciosos detectados)

Clave del registro: 0
(No hay elementos maliciosos detectados)

Valor del registro: 0
(No hay elementos maliciosos detectados)

Datos del registro: 0
(No hay elementos maliciosos detectados)

Secuencia de datos: 0
(No hay elementos maliciosos detectados)

Carpeta: 0
(No hay elementos maliciosos detectados)

Archivo: 0
(No hay elementos maliciosos detectados)

Sector físico: 0
(No hay elementos maliciosos detectados)

WMI: 0
(No hay elementos maliciosos detectados)

(end)

Malwarebytes AdwCleaner

# -------------------------------
# Malwarebytes AdwCleaner 7.3.0.0
# -------------------------------
# Build:    04-04-2019
# Database: 2019-04-03.1 (Local)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start:    06-02-2019
# Duration: 00:00:00
# OS:       Windows 10 Pro
# Cleaned:  0
# Failed:   0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****`Texto preformateado`

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete IFEO
[+] Delete Prefetch
[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner_Debug.log - [9967 octets] - [01/06/2019 21:51:40]
AdwCleaner[S00].txt - [1311 octets] - [01/06/2019 21:52:10]
AdwCleaner[C00].txt - [1497 octets] - [01/06/2019 21:52:20]
AdwCleaner[S01].txt - [1433 octets] - [02/06/2019 13:07:24]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C01].txt ##########

Fabar : Addition.txt

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01-06-2019
Ran by Roboto (02-06-2019 13:36:57)
Running from X:\__Quitar virus - Registro Limpieza\Limpiar Virus
Windows 10 Pro Version 1809 17763.529 (X64) (2018-12-20 12:21:28)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrador (S-1-5-21-1898291047-2095299667-44433578-500 - Administrator - Disabled)
Androide (S-1-5-21-1898291047-2095299667-44433578-1003 - Limited - Enabled) => C:\Users\Androide
DefaultAccount (S-1-5-21-1898291047-2095299667-44433578-503 - Limited - Disabled)
DevToolsUser (S-1-5-21-1898291047-2095299667-44433578-1007 - Limited - Enabled) => C:\Users\DevToolsUser
Invitado (S-1-5-21-1898291047-2095299667-44433578-501 - Limited - Disabled)
Rad (S-1-5-21-1898291047-2095299667-44433578-1001 - Administrator - Enabled) => C:\Users\raulv
Raulv_4 (S-1-5-21-1898291047-2095299667-44433578-1002 - Limited - Disabled)
Roboto (S-1-5-21-1898291047-2095299667-44433578-1004 - Administrator - Enabled) => C:\Users\Roboto
sshd (S-1-5-21-1898291047-2095299667-44433578-1005 - Limited - Enabled)
WDAGUtilityAccount (S-1-5-21-1898291047-2095299667-44433578-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Bitdefender Antivirus (Enabled - Up to date) {0E17DB7D-A20F-62CE-B95B-17DB0CDFE318}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Bitdefender Antispyware (Enabled - Up to date) {B5763A99-8435-6D40-83EB-2CA97758A9A5}
FW: Bitdefender Cortafuego (Disabled) {362C5A58-E860-6396-9204-BEEEF20CA463}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Active Directory Authentication Library for SQL Server (HKLM\...\{52D1FCFD-1052-4D75-B3FB-9906901AFD98}) (Version: 13.1.4001.0 - Microsoft Corporation) Hidden
Actualización de NVIDIA 37.0.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 37.0.0.0 - NVIDIA Corporation) Hidden
Adobe Acrobat Reader DC - Español (HKLM-x32\...\{AC76BA86-7AD7-1034-7B44-AC0F074E4100}) (Version: 19.012.20034 - Adobe Systems Incorporated)
AMD Ryzen Master (HKLM\...\AMD Ryzen Master) (Version: 1.5.1.0862 - Advanced Micro Devices, Inc.)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 17.12 - Advanced Micro Devices, Inc.)
Android SDK Tools (HKLM-x32\...\Android SDK Tools) (Version: 1.16 - Google Inc.)
Application Verifier x64 External Package (HKLM\...\{62CB44B2-8007-DBB2-1CBA-5CB7309EB3C3}) (Version: 10.1.17134.12 - Microsoft) Hidden
Application Verifier x64 External Package (HKLM\...\{D9908CED-5ABB-FEE9-FC84-743F4D38637C}) (Version: 10.1.16299.15 - Microsoft) Hidden
ATTO Disk Benchmark (HKLM-x32\...\{8D451ECC-F576-41CF-8059-150676D668EF}) (Version: 4.000.4002 - ATTO Technology)
Balanced (HKLM-x32\...\{EFD0705E-598B-46D4-8D5B-4539431764B8}) (Version: 2.02.0000 - Nombre de su organización) Hidden
Bitdefender Agent (HKLM\...\Bitdefender Agent) (Version: 23.0.8.134 - Bitdefender)
Bitdefender Device Management (HKLM\...\Bitdefender Device Management) (Version: 23.0.22.104 - Bitdefender)
Bitdefender Total Security (HKLM\...\Bitdefender) (Version: 23.0.19.85 - Bitdefender)
Bitdefender VPN (HKLM\...\Bitdefender VPN) (Version: 23.0.8.665 - Bitdefender)
CCleaner (HKLM\...\CCleaner) (Version: 5.57 - Piriform)
ClickOnce Bootstrapper Package for Microsoft .NET Framework (HKLM-x32\...\{D256A5B9-68DA-4F6C-A447-A93E5639A46D}) (Version: 4.7.03083 - Microsoft Corporation) Hidden
Configurador_FNMT (HKLM-x32\...\{438D4C4C-B703-4971-9C3D-33FF8A010ADB}) (Version: 3.7 - FNMT-RCM)
CPUID HWMonitor 1.38 (HKLM\...\CPUID HWMonitor_is1) (Version: 1.38 - CPUID, Inc.)
CrystalDiskInfo 8.0.0 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 8.0.0 - Crystal Dew World)
CrystalDiskMark 6.0.2 (HKLM\...\CrystalDiskMark6_is1) (Version: 6.0.2 - Crystal Dew World)
DiagnosticsHub_CollectionService (HKLM\...\{440C5592-4EA5-4772-B256-969D66068843}) (Version: 15.9.28016 - Microsoft Corporation) Hidden
DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 425.31 - NVIDIA Corporation) Hidden
Entity Framework 6.2.0 Tools  for Visual Studio 2017 (HKLM-x32\...\{B843915F-00A1-44B1-994C-1AE0A6400AE3}) (Version: 6.2.61807.0 - Microsoft Corporation) Hidden
Firefox Developer Edition 67.0 (x64 es-ES) (HKLM\...\Firefox Developer Edition 67.0 (x64 es-ES)) (Version: 67.0 - Mozilla)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 9.4.1.16828 - Foxit Software Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 74.0.3729.169 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden
icecap_collection_neutral (HKLM-x32\...\{A3B4D258-74E1-49D6-9A86-2DFEFEE48DEC}) (Version: 15.8.27906 - Microsoft Corporation) Hidden
icecap_collection_x64 (HKLM\...\{E524832A-C567-499A-8872-0D79596E4DEE}) (Version: 15.8.27906 - Microsoft Corporation) Hidden
icecap_collectionresources (HKLM-x32\...\{469961DF-482F-4213-ACD4-4AFD443F2A88}) (Version: 15.8.27924 - Microsoft Corporation) Hidden
icecap_collectionresources (HKLM-x32\...\{BD49AE09-95E2-4E90-A867-419F89195D45}) (Version: 15.8.27924 - Microsoft Corporation) Hidden
icecap_collectionresourcesx64 (HKLM-x32\...\{12246E9A-D1A6-4D96-8CEA-CCFD064B16E2}) (Version: 15.8.27924 - Microsoft Corporation) Hidden
icecap_collectionresourcesx64 (HKLM-x32\...\{E15790DB-C145-4862-83CD-7E0173E0D04F}) (Version: 15.8.27924 - Microsoft Corporation) Hidden
IIS 10.0 Express (HKLM\...\{4E0AF984-1437-42DC-A8E4-A6EE920DDFAF}) (Version: 10.0.1743 - Microsoft Corporation)
IIS Express Application Compatibility Database for x64 (HKLM\...\{08274920-8908-45c2-9258-8ad67ff77b09}.sdb) (Version:  - ) Hidden
IIS Express Application Compatibility Database for x86 (HKLM\...\{ad846bae-d44b-4722-abad-f7420e08bcd9}.sdb) (Version:  - ) Hidden
IntelliTraceProfilerProxy (HKLM-x32\...\{ACBAA378-519A-441D-9349-C0AAD8DEAD04}) (Version: 15.0.17289.01 - Microsoft Corporation) Hidden
Kingston SSD Manager version 1.1.1.8 (HKLM-x32\...\{9A5DD901-0B98-4F2B-9421-B5975014184F}_is1) (Version: 1.1.1.8 - Kingston Digital, Inc)
Kits Configuration Installer (HKLM-x32\...\{A7B110CB-0FE6-DC5A-624B-37904C0BC06F}) (Version: 10.1.15254.1 - Microsoft) Hidden
Malwarebytes versión 3.7.1.2839 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.7.1.2839 - Malwarebytes)
Microsoft .NET Core SDK - 2.1.202 (x64) (HKLM-x32\...\{06b884b0-4947-4439-859f-098e431012d6}) (Version: 2.1.202 - Microsoft Corporation)
Microsoft .NET Core SDK 2.1.502 (x64) (HKLM-x32\...\{6e700b89-6f3c-4dff-b957-44b77c8a4b0e}) (Version: 2.1.502 - Microsoft Corporation)
Microsoft .NET Core SDK 2.1.503 (x64) (HKLM-x32\...\{ce5280a9-88d6-42e4-90bc-8399a3f94460}) (Version: 2.1.503 - Microsoft Corporation)
Microsoft .NET Core SDK 2.1.507 (x64) (HKLM-x32\...\{0ecb2aeb-69f6-4c91-99ca-3da8fc126200}) (Version: 2.1.507 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1898291047-2095299667-44433578-1004\...\OneDriveSetup.exe) (Version: 19.070.0410.0005 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client  (HKLM\...\{1385D3DB-8E80-427B-91D2-B7535862B8E4}) (Version: 11.3.6518.0 - Microsoft Corporation)
Microsoft SQL Server 2016 LocalDB  (HKLM\...\{9097BF1A-13A0-4A4A-A1F8-473E2A669863}) (Version: 13.1.4001.0 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server vNext CTP1.6 (HKLM\...\{98DD6908-C582-452A-954D-E79E6DF0310A}) (Version: 15.0.600.33 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server vNext CTP1.6 (HKLM-x32\...\{640EECB8-1962-4D23-ACB2-310107EC7ED9}) (Version: 15.0.600.33 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{CA8A885F-E95B-3FC6-BB91-F4D9377C7686}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.16.27024 (HKLM-x32\...\{5fb2083a-f3cc-4b78-93ff-bd9788b5de01}) (Version: 14.16.27024.1 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.16.27024 (HKLM-x32\...\{2ff11a2a-f7ac-4a6c-8cd4-c7bb974f3642}) (Version: 14.16.27024.1 - Microsoft Corporation)
Microsoft Visual Studio Emulator for Android (HKLM-x32\...\{09a99ef7-bf11-413a-99a3-a77fd49c0d52}) (Version: 1.1.1207.2 - Microsoft Corporation)
Microsoft Visual Studio Installer (HKLM\...\{6F320B93-EE3C-4826-85E0-ADF79F8D4C61}) (Version: 1.18.1100.314 - Microsoft Corporation)
Microsoft Web Deploy 4.0 (HKLM\...\{AEA6EBD0-7E59-46C0-8B5E-1715BC58DC45}) (Version: 10.0.1994 - Microsoft Corporation)
Mozilla Firefox 66.0.2 (x64 es-ES) (HKLM\...\Mozilla Firefox 66.0.2 (x64 es-ES)) (Version: 66.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 64.0 - Mozilla)
MSI Command Center (HKLM-x32\...\{85A2564E-9ED9-448A-91E4-B9211EE58A08}_is1) (Version: 3.0.0.80 - MSI)
MSI Development Tools (HKLM-x32\...\{1E406B46-65F4-91CE-65DA-DB66D5443B68}) (Version: 10.1.17134.12 - Microsoft Corporation) Hidden
MSI Development Tools (HKLM-x32\...\{973CACA2-E018-065B-0580-F2784802E299}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
MSI Smart Tool (HKLM-x32\...\{DDCCA038-DAB1-4D09-B85C-848020AA75D6}}_is1) (Version: 1.0.0.36 - MSI)
MSI X Boost (HKLM-x32\...\{515143BB-7A11-4D85-B941-D520AAAA099C}_is1) (Version: 1.0.0.46 - MSI)
NirSoft Wireless Network Watcher (HKLM-x32\...\NirSoft Wireless Network Watcher) (Version:  - )
Notepad++ (32-bit x86) (HKLM-x32\...\Notepad++) (Version: 7.6.6 - Notepad++ Team)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.15 - NVIDIA Corporation) Hidden
NVIDIA Controlador de audio HD 1.3.38.16 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.16 - NVIDIA Corporation)
NVIDIA Controlador de gráficos 430.86 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 430.86 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.19.0.94 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.19.0.94 - NVIDIA Corporation)
NVIDIA Software del sistema PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
OEM Application Profile (HKLM-x32\...\{7F5DCD33-1039-C3B2-9538-B645B65BBA63}) (Version: 1.00.0000 - Nombre de su organización)
Oracle VM VirtualBox 6.0.4 (HKLM\...\{79366295-CD6A-4467-9901-4A7DFCF90F40}) (Version: 6.0.4 - Oracle Corporation)
Panel de control de NVIDIA 430.86 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 430.86 - NVIDIA Corporation) Hidden
Paquete acumulativo de Intellisense de Microsoft .NET Framework para Visual Studio (español) (HKLM-x32\...\{A8F7ACD7-A4E4-42FD-A978-DB6488DD6B3A}) (Version: 4.7.02558 - Microsoft Corporation) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.31.828.2018 - Realtek)
Realtek USB Wireless LAN Driver (HKLM-x32\...\InstallShield_{DBCC4C27-F949-482b-B786-7B3B67587CD2}) (Version: Drv_3.00.0027 - REALTEK Semiconductor Corp.)
Realtek USB Wireless LAN Utility (HKLM-x32\...\{9C049509-055C-4CFF-A116-1D12312225EB}) (Version: UI_1.00.0287 - REALTEK Semiconductor Corp.)
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 5.2.1.1780 - Samsung Electronics)
Samsung NVM Express Driver (HKLM-x32\...\{bfb0503a-76b9-415a-b0a3-dd55d2a01ebe}) (Version: 3.0.0.1802 - Samsung Electronics)
Samsung NVM Express Driver 3.0.0.1802 (HKLM\...\{92729760-681A-42A2-A101-1098CAB4DEC1}) (Version: 3.0.0.1802 - Samsung Electronics Co., Ltd) Hidden
SDK ARM Additions (HKLM-x32\...\{0B5D6FB7-05A5-271B-5B99-82384219A471}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
SDK ARM Redistributables (HKLM-x32\...\{4A5F6E94-7967-A333-8231-CA9AF35E03BD}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
SDK de Microsoft .NET Framework 4.6.1 (español) (HKLM-x32\...\{07570008-8840-4A14-A752-1367157138A5}) (Version: 4.6.01055 - Microsoft Corporation) Hidden
SDK de Microsoft .NET Framework 4.6.2 (español) (HKLM-x32\...\{10250C02-76C2-424E-A402-AEAA23D05740}) (Version: 4.6.01590 - Microsoft Corporation) Hidden
SDK de Microsoft .NET Framework 4.7 (español) (HKLM-x32\...\{3B1F5429-A3CB-43A0-A951-4BEAADB9FEB5}) (Version: 4.7.02046 - Microsoft Corporation) Hidden
SDK de Microsoft .NET Framework 4.7.1 (español) (HKLM-x32\...\{28D506CF-7958-4972-95D6-F414ECCF4988}) (Version: 4.7.02558 - Microsoft Corporation) Hidden
SDK de Microsoft .NET Framework 4.7.2 (español) (HKLM-x32\...\{9BEBCD18-E34F-4FB0-B960-064C5EEDAEE0}) (Version: 4.7.03062 - Microsoft Corporation) Hidden
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version:  - )
TeamViewer 14 (HKLM-x32\...\TeamViewer) (Version: 14.1.9025 - TeamViewer)
TypeScript SDK (HKLM-x32\...\{3CBDDAE8-99AE-4168-BDA7-8352BF15BE73}) (Version: 3.1.2.0 - Microsoft Corporation) Hidden
Universal CRT Extension SDK (HKLM-x32\...\{18ABFDF6-23D9-87E6-015E-FFE3C7F153D5}) (Version: 10.1.17134.12 - Microsoft Corporation) Hidden
Universal CRT Extension SDK (HKLM-x32\...\{A5FA2886-1925-133F-0D41-B9A8ECEA0A2D}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
Universal CRT Headers Libraries and Sources (HKLM-x32\...\{0D6B41AF-D117-8944-A059-3F9346A896C5}) (Version: 10.1.17134.12 - Microsoft Corporation) Hidden
Universal CRT Headers Libraries and Sources (HKLM-x32\...\{B739B4C5-EEEC-8E70-0276-38C4779AF398}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
Universal CRT Redistributable (HKLM-x32\...\{B6273353-8B54-1F89-1A16-5940925104CE}) (Version: 10.1.17134.12 - Microsoft Corporation) Hidden
Universal CRT Tools x64 (HKLM\...\{3B588BBE-EB02-D1B2-5CD5-7DB85AD8A3E7}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
Universal CRT Tools x86 (HKLM-x32\...\{D2DC1EDF-EE04-9B5F-BDD7-06645D859EC3}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
Universal General MIDI DLS Extension SDK (HKLM-x32\...\{775886B8-DEE1-CB20-8A94-FC09FA54ECF6}) (Version: 10.1.17134.12 - Microsoft Corporation) Hidden
Universal General MIDI DLS Extension SDK (HKLM-x32\...\{D261CEA1-AB8D-9CFA-4407-BCEFC78661AC}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{9CBA860F-7437-4A75-941C-8EF559F2D145}) (Version: 2.52.0.0 - Microsoft Corporation)
vcpp_crt.redist.clickonce (HKLM-x32\...\{16E08161-F78C-4FFC-8E12-F9BEA280795F}) (Version: 14.16.27012 - Microsoft Corporation) Hidden
vcpp_crt.redist.clickonce (HKLM-x32\...\{32DF9B1B-E622-4385-99E0-02461A428363}) (Version: 14.16.27012 - Microsoft Corporation) Hidden
Visual Studio Community 2017 (HKLM-x32\...\02d63ff3) (Version: 15.9.28307.665 - Microsoft Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.6 - VideoLAN)
VMware Workstation (HKLM\...\{88A20B9A-DF30-459E-AB99-4D688A426CF7}) (Version: 15.1.0 - VMware, Inc.)
VS Immersive Activate Helper (HKLM-x32\...\{54FBC9A9-CCA1-417E-ACA6-203A32A39F37}) (Version: 16.0.95.0 - Microsoft Corporation) Hidden
VS JIT Debugger (HKLM\...\{4B816AD0-D12B-498A-8148-7CBE3ED328DE}) (Version: 16.0.95.0 - Microsoft Corporation) Hidden
VS Script Debugging Common (HKLM\...\{8B657335-3813-4CF4-A6FE-2AA44BE23F94}) (Version: 16.0.95.0 - Microsoft Corporation) Hidden
vs_BlendMsi (HKLM-x32\...\{C5D83E0F-12E7-4BA3-98E6-DAE0E73B5BF9}) (Version: 15.0.27205 - Microsoft Corporation) Hidden
vs_clickoncebootstrappermsi (HKLM-x32\...\{A68D7884-F036-4A0D-AE1A-410E0311E135}) (Version: 15.0.27005 - Microsoft Corporation) Hidden
vs_clickoncebootstrappermsires (HKLM-x32\...\{91DDDFB5-1782-48C2-BA2A-8F4D9DE39D27}) (Version: 15.0.27005 - Microsoft Corporation) Hidden
vs_clickoncesigntoolmsi (HKLM-x32\...\{6A1ECF65-2CBF-4B33-9D4A-D1C0A0E5FE45}) (Version: 15.0.27005 - Microsoft Corporation) Hidden
vs_communitymsi (HKLM-x32\...\{71797C29-380A-492C-B35A-F5E4A7B57BDC}) (Version: 15.9.28307 - Microsoft Corporation) Hidden
vs_communitymsires (HKLM-x32\...\{340226AB-D0EF-4715-A331-AB3A416B5018}) (Version: 15.0.26621 - Microsoft Corporation) Hidden
vs_communitymsires (HKLM-x32\...\{40040E64-50EB-4FCF-B209-DA0B20821759}) (Version: 15.0.26621 - Microsoft Corporation) Hidden
vs_devenvmsi (HKLM-x32\...\{BFFA2FFB-1095-4ADD-A352-368806D2412B}) (Version: 15.0.26621 - Microsoft Corporation) Hidden
vs_filehandler_amd64 (HKLM-x32\...\{A254DA0E-26A1-43C3-95BE-7A24D5599473}) (Version: 15.9.28302 - Microsoft Corporation) Hidden
vs_filehandler_x86 (HKLM-x32\...\{1F42A73E-CF26-4D67-BA79-752CA56B639F}) (Version: 15.9.28302 - Microsoft Corporation) Hidden
vs_FileTracker_Singleton (HKLM-x32\...\{A41E138F-5A3F-443C-B72D-957AB994FB5A}) (Version: 15.9.28128 - Microsoft Corporation) Hidden
vs_minshellinteropmsi (HKLM-x32\...\{3A78DA3D-C8D4-429D-B536-6E59A0088451}) (Version: 15.8.27825 - Microsoft Corporation) Hidden
vs_minshellmsi (HKLM-x32\...\{68B8AD33-CE97-4C3D-9583-669C39D21BA5}) (Version: 15.9.28302 - Microsoft Corporation) Hidden
vs_minshellmsires (HKLM-x32\...\{6DFE6F8D-B61D-4348-AB70-4ABF1210DFD5}) (Version: 15.0.26621 - Microsoft Corporation) Hidden
vs_minshellmsires (HKLM-x32\...\{E70CC1B8-7ED5-4495-9C52-603FE87F38F4}) (Version: 15.0.26621 - Microsoft Corporation) Hidden
vs_SQLClickOnceBootstrappermsi (HKLM-x32\...\{5779B6DD-604A-41CE-BC3D-9D4BDDA22AD2}) (Version: 15.0.27005 - Microsoft Corporation) Hidden
vs_tipsmsi (HKLM-x32\...\{1AC6CC3D-7724-4D84-9270-798A2191AB1C}) (Version: 15.0.27005 - Microsoft Corporation) Hidden
WinAppDeploy (HKLM-x32\...\{5AD4A604-B476-1578-2A20-6B02FC6258BE}) (Version: 10.1.17134.12 - Microsoft Corporation) Hidden
WinAppDeploy (HKLM-x32\...\{9690D51C-4435-1C20-7819-66CCAB0F03F9}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
Windows Mobile Connectivity Tools 10.0.15254.0 - Desktop x86 (HKLM-x32\...\{833F02C5-2C39-49F6-BD64-91D351081274}) (Version: 10.1.15254.1 - Microsoft Corporation)
Windows SDK AddOn (HKLM-x32\...\{1E76DFA7-96F3-4281-8E41-8A226C3E42EE}) (Version: 10.1.0.0 - Microsoft Corporation)
Windows Software Development Kit - Windows 10.0.16299.15 (HKLM-x32\...\{6195c203-b53c-4bb7-983a-6070a902e704}) (Version: 10.1.16299.15 - Microsoft Corporation)
Windows Software Development Kit - Windows 10.0.17134.12 (HKLM-x32\...\{5f83ccda-0498-4b97-a298-16a642bf49f2}) (Version: 10.1.17134.12 - Microsoft Corporation)
WinHTTrack Website Copier 3.49-2 (x64) (HKLM\...\WinHTTrack Website Copier_is1) (Version: 3.49.2 - HTTrack)
WinRAR 5.61 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.61.0 - win.rar GmbH)
WinRT Intellisense Desktop - en-us (HKLM-x32\...\{385A1387-A488-9E90-3635-086129610034}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
WinRT Intellisense Desktop - en-us (HKLM-x32\...\{389D182F-0ADA-5C7E-FF32-2573A821592C}) (Version: 10.1.17134.12 - Microsoft Corporation) Hidden
WinRT Intellisense Desktop - Other Languages (HKLM-x32\...\{C3776B36-B34E-00E2-3009-95A6F1870B58}) (Version: 10.1.17134.12 - Microsoft Corporation) Hidden
WinRT Intellisense Desktop - Other Languages (HKLM-x32\...\{D7DD3171-DA58-52A1-95B2-4769640855AF}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
WinRT Intellisense IoT - en-us (HKLM-x32\...\{7336279F-8F8F-5530-A543-3BE963846C0A}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
WinRT Intellisense IoT - en-us (HKLM-x32\...\{965D1746-D94A-49B9-2A48-A14914CA3B57}) (Version: 10.1.17134.12 - Microsoft Corporation) Hidden
WinRT Intellisense IoT - Other Languages (HKLM-x32\...\{84C6B91B-67DA-DDE3-86F1-87A3E307E8C1}) (Version: 10.1.17134.12 - Microsoft Corporation) Hidden
WinRT Intellisense IoT - Other Languages (HKLM-x32\...\{E414A474-0A87-4F66-C409-A4D9857CFD34}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
WinRT Intellisense Mobile - en-us (HKLM-x32\...\{3755CD99-C62E-3312-DDD3-29A4F259270D}) (Version: 10.1.17134.12 - Microsoft Corporation) Hidden
WinRT Intellisense Mobile - en-us (HKLM-x32\...\{CE760B86-975B-F514-5673-0ED4332B801B}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
WinRT Intellisense PPI - en-us (HKLM-x32\...\{5E67F8BE-D8D2-257F-CE19-419A2D5125C7}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
WinRT Intellisense PPI - en-us (HKLM-x32\...\{729DA966-8590-2C1F-2178-16C1D32FD7FD}) (Version: 10.1.17134.12 - Microsoft Corporation) Hidden
WinRT Intellisense PPI - Other Languages (HKLM-x32\...\{A2AA063E-AF50-A1F5-8925-A06EB1556644}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
WinRT Intellisense PPI - Other Languages (HKLM-x32\...\{F1C18506-3168-A9D9-E2D9-D23A512A326E}) (Version: 10.1.17134.12 - Microsoft Corporation) Hidden
WinRT Intellisense UAP - en-us (HKLM-x32\...\{4095D263-6A13-78D3-DEDA-AA3452011F6E}) (Version: 10.1.17134.12 - Microsoft Corporation) Hidden
WinRT Intellisense UAP - en-us (HKLM-x32\...\{7D4C7F4A-02A9-E434-6451-C8787DF28C1F}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
WinRT Intellisense UAP - Other Languages (HKLM-x32\...\{BC467065-9374-5345-DA3F-FCF073304A25}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
WinRT Intellisense UAP - Other Languages (HKLM-x32\...\{C3243E23-2EB6-4419-2692-40944923B112}) (Version: 10.1.17134.12 - Microsoft Corporation) Hidden

Packages:
=========
Candy Crush Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSaga_1.1510.1.0_x86__kgqvnymyfvs32 [2019-05-25] (king.com)
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_2.4.521.0_x64__rz1tebttyb220 [2019-03-11] (Dolby Laboratories)
EdgeDevtoolsPlugin -> C:\WINDOWS\SystemApps\Microsoft.EdgeDevtoolsPlugin_cw5n1h2txyewy [2019-01-05] (Microsoft Corporation)
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.93.375.0_x64__mcm4njqhnhss8 [2019-04-03] (Netflix, Inc.)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files (x86)\Notepad++\NppShell_06.dll [2019-01-27] (Notepad++ -> )
ContextMenuHandlers1: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\Program Files (x86)\FOXIT SOFTWARE\FOXIT READER\plugins\ConvertToPDFShellExtension_x64.dll [2018-12-25] (Foxit Software Incorporated -> Foxit Software Inc.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2-x32: [VMDiskMenuHandler] -> {271DC252-6FE1-4D59-9053-E4CF50AB99DE} => C:\Program Files (x86)\VMware\VMware Workstation\vmdkShellExt.dll [2019-05-04] (VMware, Inc. -> VMware, Inc.)
ContextMenuHandlers2: [VMDiskMenuHandler64] -> {E4D28EDC-8C0B-43EE-9E7D-C8A8682334DC} => C:\Program Files (x86)\VMware\VMware Workstation\x64\vmdkShellExt64.dll [2019-05-04] (VMware, Inc. -> VMware, Inc.)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2019-05-23] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\Program Files (x86)\FOXIT SOFTWARE\FOXIT READER\plugins\ConvertToPDFShellExtension_x64.dll [2018-12-25] (Foxit Software Incorporated -> Foxit Software Inc.)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox Developer Edition.lnk -> C:\Program Files\Firefox Developer Edition\firefox.exe (Mozilla Corporation)
Shortcut: C:\Users\Public\Desktop\Firefox Developer Edition.lnk -> C:\Program Files\Firefox Developer Edition\firefox.exe (Mozilla Corporation)

ShortcutWithArgument: C:\Users\Roboto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\JSTorrent Lite.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory=Default --app-id=abmohcnlldaiaodkpacnldcdnjjgldfh

==================== Loaded Modules (Whitelisted) ==============

2019-01-11 22:54 - 2014-04-17 10:54 - 000863232 _____ ( Realtek Semiconductor Corp.) [File not signed] C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\P2PLib.dll
2018-11-27 12:05 - 2016-04-20 15:12 - 000772608 _____ () [File not signed] C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\Lib\USB_DLL.dll
2019-01-11 22:54 - 2014-04-17 10:54 - 000221184 _____ () [File not signed] C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\EnumDevLib.dll
2018-10-23 02:12 - 2018-10-23 02:12 - 000265728 _____ (Microsoft Corporation) [File not signed] C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbPc.DLL
2019-01-11 22:54 - 2014-04-17 10:54 - 000200704 _____ (Realtek) [File not signed] C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\IpLib.dll
2019-01-11 22:54 - 2014-04-17 10:54 - 000044544 _____ (Realtek) [File not signed] C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RtlQRCode.dll
2019-01-11 22:54 - 2014-04-17 10:54 - 001122304 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\LIBEAY32.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\Androide\Desktop\MEGA css.url:BDU [1]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2018-04-12 01:38 - 2019-06-02 13:14 - 000000877 _____ C:\WINDOWS\system32\drivers\etc\hosts

127.0.0.1 		www.twitch.tv

2019-01-12 14:38 - 2019-01-31 23:17 - 000000447 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics

172.17.113.17 DESKTOP-PUJPOIC.mshome.net # 2024 1 2 30 21 17 43 205

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1898291047-2095299667-44433578-1004\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 80.58.61.250 - 80.58.61.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

HKLM\...\StartupApproved\Run32: => "Wondershare Helper Compact.exe"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{5C19D3FD-41C3-494C-9726-1D5C22CF3678}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{F7F91457-43E8-4ABD-84FB-7E6D89AC98C1}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{CBC6B6C4-7F68-4A89-9E7C-1B7F4BFB72F6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{9E58C599-64D7-4837-9800-AE0E81ACA3D9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [UDP Query User{23D74485-8916-4EED-BFB5-EAB264592C66}C:\users\androide\appdata\local\freedownloadmanager.org\free download manager\fdm.exe] => (Allow) C:\users\androide\appdata\local\freedownloadmanager.org\free download manager\fdm.exe (FreeDownloadManager.org) [File not signed]
FirewallRules: [TCP Query User{8A80B55C-25B6-46D2-A9D9-B550CCFE50A2}C:\users\androide\appdata\local\freedownloadmanager.org\free download manager\fdm.exe] => (Allow) C:\users\androide\appdata\local\freedownloadmanager.org\free download manager\fdm.exe (FreeDownloadManager.org) [File not signed]
FirewallRules: [{39FAAA56-FF4D-43A3-B866-50FE1240466A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{BC05407C-6CBA-4C3F-9881-454A8D29F19D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{8E2443BA-DEFF-4E5A-A548-6166E88962AD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{9E6E0D32-27F1-4A00-9BEC-767AFB988EF4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{344B13C6-5E16-4234-9338-6B96DD4D1D4A}] => (Allow) C:\Program Files\Firefox Developer Edition\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{799ACABF-7365-4622-97A9-0679581D04A5}] => (Allow) C:\Program Files\Firefox Developer Edition\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [OpenSSH-Server-In-TCP] => (Allow) %SystemRoot%\system32\OpenSSH\sshd.exe (Microsoft Windows -> )
FirewallRules: [{0560BF23-AAA2-4AD4-9454-9C29E75B6287}] => (Allow) C:\PROGRA~2\REALTEK\USBWIR~2\RtWlan.exe (Realtek Semiconductor Corp -> Realtek Semiconductor Corp.)
FirewallRules: [{917F71EC-1076-4477-AA40-C158E8ACA704}] => (Allow) LPort=1542
FirewallRules: [{D669128E-31A0-45C6-834C-A74CAEF6A30C}] => (Allow) LPort=1542
FirewallRules: [{21074765-C103-4B46-843E-BEDE45E3EE89}] => (Allow) LPort=53
FirewallRules: [{BA08300C-7EB5-4188-B5B2-BD4FF17CA170}] => (Allow) C:\PROGRA~2\REALTEK\USBWIR~2\Rtldhcp.exe (Realtek Semiconductor Corp -> Realtek)
FirewallRules: [{29CE231B-1E00-47EF-B585-E1570F0829C3}] => (Allow) C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RTLDHCP.exe (Realtek Semiconductor Corp -> Realtek)
FirewallRules: [{C28C9189-4066-4338-9F5A-0EEBF44FCAE4}] => (Allow) C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RTLDHCP.exe (Realtek Semiconductor Corp -> Realtek)
FirewallRules: [{7E50BF0B-E4DD-404E-81A7-DB1E8706A265}] => (Allow) LPort=53
FirewallRules: [{8D76CE74-92C0-4BF0-A50D-DD1E53C47A86}] => (Allow) C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RTLDHCP.exe (Realtek Semiconductor Corp -> Realtek)
FirewallRules: [{E72C2E0E-6363-4E80-A413-62EB9F24E344}] => (Allow) C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RTLDHCP.exe (Realtek Semiconductor Corp -> Realtek)
FirewallRules: [{9EF04CD1-2EDC-4089-8C64-E607AEC65099}] => (Allow) C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RTLDHCP.exe (Realtek Semiconductor Corp -> Realtek)
FirewallRules: [{21BEAB30-70E7-454E-A6CA-B0DC64CEDAA4}] => (Allow) C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RTLDHCP.exe (Realtek Semiconductor Corp -> Realtek)
FirewallRules: [DNS Server Forward Rule - TCP - C15C5F50-060A-447C-B462-E93AE04907ED - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - C15C5F50-060A-447C-B462-E93AE04907ED - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - AD826688-AD0D-49CE-8E9A-3E828A15F6D3 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - AD826688-AD0D-49CE-8E9A-3E828A15F6D3 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - DD2C3116-8D0D-4A80-8F44-EAAFC7B738CE - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - DD2C3116-8D0D-4A80-8F44-EAAFC7B738CE - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - F9FEF117-B334-43B1-A32D-0E131E3398E7 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - F9FEF117-B334-43B1-A32D-0E131E3398E7 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - 1374610B-EE62-4706-B35A-E4C843F5E904 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 1374610B-EE62-4706-B35A-E4C843F5E904 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - D2E0A4ED-B897-48BE-BE06-4D79E83F886A - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - D2E0A4ED-B897-48BE-BE06-4D79E83F886A - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - 5295169B-26AC-48ED-87F7-BB0738AC22E1 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 5295169B-26AC-48ED-87F7-BB0738AC22E1 - 0] => (Allow) LPort=53
FirewallRules: [TCP Query User{4223A76B-C3A6-44D6-B6B6-65CE64F78428}C:\program files (x86)\microsoft visual studio\2017\community\common7\ide\devenv.exe] => (Allow) C:\program files (x86)\microsoft visual studio\2017\community\common7\ide\devenv.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{B417688D-10FE-4911-B4D7-8C57C37CE89C}C:\program files (x86)\microsoft visual studio\2017\community\common7\ide\devenv.exe] => (Allow) C:\program files (x86)\microsoft visual studio\2017\community\common7\ide\devenv.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [DNS Server Forward Rule - TCP - 50097D07-0028-4B0B-B73C-69F23988BB80 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 50097D07-0028-4B0B-B73C-69F23988BB80 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - 0642C5DD-35F0-4DA5-B0E8-E7DC2743C128 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 0642C5DD-35F0-4DA5-B0E8-E7DC2743C128 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - E0A18A6B-6B76-427E-A25C-E6AF6C704163 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - E0A18A6B-6B76-427E-A25C-E6AF6C704163 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - B5672B03-DC39-4B83-BBD6-CB28D0B30F30 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - B5672B03-DC39-4B83-BBD6-CB28D0B30F30 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - 345DF961-4BD9-40CD-94C0-3B8949B731F3 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 345DF961-4BD9-40CD-94C0-3B8949B731F3 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - 2B08C95F-57D9-4E46-BF48-78023891E3DE - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 2B08C95F-57D9-4E46-BF48-78023891E3DE - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - 4A326D95-0AB3-44EF-B1DA-1EFBE4E4AF3D - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 4A326D95-0AB3-44EF-B1DA-1EFBE4E4AF3D - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - 8A0B0013-2504-4F82-8758-B6B62C70A1B6 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 8A0B0013-2504-4F82-8758-B6B62C70A1B6 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - 0EECF0F8-8864-43EB-B444-140B6824786C - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 0EECF0F8-8864-43EB-B444-140B6824786C - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - D15EE46D-073B-44A9-913D-869044FD818D - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - D15EE46D-073B-44A9-913D-869044FD818D - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - 011E1DAB-656E-4021-8185-9159233A0159 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 011E1DAB-656E-4021-8185-9159233A0159 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - C6A6DB76-9CE2-4C8E-AD01-5E0B6134E7D6 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - C6A6DB76-9CE2-4C8E-AD01-5E0B6134E7D6 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - 23A21DA3-72AE-4197-8B41-CCFF976D89B4 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 23A21DA3-72AE-4197-8B41-CCFF976D89B4 - 0] => (Allow) LPort=53
FirewallRules: [{A1CD55C6-74ED-4E30-9F80-163D2942B0BE}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{B46014C3-5FDB-4B38-AF74-99FEE8606148}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{2B1D4C46-D17E-4D4F-854D-6E77902E35AA}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{F2471636-D540-4A65-AC54-63D75C0EBC3A}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{7B9969A6-063E-4558-A222-E4CA0C42292F}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe (VMware, Inc. -> VMware, Inc.)
FirewallRules: [{E5126704-B50A-4AB8-8ADB-3865F22AAE39}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe (VMware, Inc. -> VMware, Inc.)
FirewallRules: [{27269C30-CA79-4CA9-9F8A-D0EF1F2A60E9}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe (VMware, Inc. -> )
FirewallRules: [{F36ED773-293D-41C5-9598-EF4495BC95B0}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe (VMware, Inc. -> )
FirewallRules: [{5B963C39-7226-4D63-802C-3837A65C0EA8}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.)
FirewallRules: [{3C9003B7-CA43-47F1-9813-C18296AE87E5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{18416CAD-0256-44E8-BE89-1A83F97B2C7A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{8CB88EBF-6F0D-4F25-81B0-005460763FB9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{DDCCA67F-E724-4100-AECF-95F1E81505D9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)

==================== Restore Points =========================


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (06/02/2019 01:00:17 PM) (Source: Microsoft-Windows-Perflib) (EventID: 1023) (User: NT AUTHORITY)
Description: Windows no puede cargar el archivo DLL del contador extensible "C:\WINDOWS\system32\sysmain.dll" (código de error de Win32 126).

Error: (06/02/2019 01:14:33 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: PeopleExperienceHost.exe, versión: 10.0.17763.1, marca de tiempo: 0x5b9c8cf2
Nombre del módulo con errores: msvcrt.dll, versión: 7.0.17763.475, marca de tiempo: 0xf362c2f9
Código de excepción: 0x40000015
Desplazamiento de errores: 0x000000000000ae92
Identificador del proceso con errores: 0x40c
Hora de inicio de la aplicación con errores: 0x01d518cfc5f85a15
Ruta de acceso de la aplicación con errores: C:\Windows\SystemApps\Microsoft.Windows.PeopleExperienceHost_cw5n1h2txyewy\PeopleExperienceHost.exe
Ruta de acceso del módulo con errores: C:\WINDOWS\System32\msvcrt.dll
Identificador del informe: 698c3236-27b1-4b62-93f6-5e7545e32a47
Nombre completo del paquete con errores: Microsoft.Windows.PeopleExperienceHost_10.0.17763.1_neutral_neutral_cw5n1h2txyewy
Identificador de aplicación relativa del paquete con errores: App

Error: (06/01/2019 11:24:35 PM) (Source: PerfNet) (EventID: 2002) (User: )
Description: No se puede abrir el objeto de rendimiento del servicio del redirector. Los primeros cuatro bytes (DWORD) de la sección de datos contienen el código de estado.

Error: (06/01/2019 11:24:35 PM) (Source: PerfNet) (EventID: 2004) (User: )
Description: No se puede abrir el objeto de rendimiento del servicio del servidor. Los primeros cuatro bytes (DWORD) de la sección de datos contienen el código de estado.

Error: (06/01/2019 11:18:35 PM) (Source: PerfNet) (EventID: 2002) (User: )
Description: No se puede abrir el objeto de rendimiento del servicio del redirector. Los primeros cuatro bytes (DWORD) de la sección de datos contienen el código de estado.

Error: (06/01/2019 11:18:35 PM) (Source: PerfNet) (EventID: 2004) (User: )
Description: No se puede abrir el objeto de rendimiento del servicio del servidor. Los primeros cuatro bytes (DWORD) de la sección de datos contienen el código de estado.

Error: (06/01/2019 11:18:35 PM) (Source: MSDTC Client 2) (EventID: 4104) (User: )
Description: Error al intentar obtener el estado del nodo de clúster: . Código de error devuelto: 0x8007085A

Error: (06/01/2019 11:18:35 PM) (Source: PerfNet) (EventID: 2002) (User: )
Description: No se puede abrir el objeto de rendimiento del servicio del redirector. Los primeros cuatro bytes (DWORD) de la sección de datos contienen el código de estado.


System errors:
=============
Error: (06/02/2019 01:17:31 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-PUJPOIC)
Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID 
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
 y APPID 
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
 al usuario DESKTOP-PUJPOIC\Roboto con SID (S-1-5-21-1898291047-2095299667-44433578-1004) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.

Error: (06/02/2019 01:16:20 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-PUJPOIC)
Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID 
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
 y APPID 
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
 al usuario DESKTOP-PUJPOIC\Roboto con SID (S-1-5-21-1898291047-2095299667-44433578-1004) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.

Error: (06/02/2019 01:15:50 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: La configuración de permisos específico de la aplicación no concede el permiso Iniciar Local para la aplicación de servidor COM con CLSID 
Windows.SecurityCenter.SecurityAppBroker
 y APPID 
No disponible
 al usuario NT AUTHORITY\SYSTEM con SID (S-1-5-18) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.

Error: (06/02/2019 01:15:50 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: La configuración de permisos específico de la aplicación no concede el permiso Iniciar Local para la aplicación de servidor COM con CLSID 
Windows.SecurityCenter.WscBrokerManager
 y APPID 
No disponible
 al usuario NT AUTHORITY\SYSTEM con SID (S-1-5-18) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.

Error: (06/02/2019 01:13:49 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio Realtek DHCP Service se terminó de manera inesperada. Esto ha sucedido 1 veces.

Error: (06/02/2019 01:13:44 PM) (Source: VBoxNetLwf) (EventID: 12) (User: )
Description: El controlador detectó un error interno del controlador en \Device\VBoxNetLwf.

Error: (06/02/2019 01:13:15 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio MSI_ActiveX_Service se terminó de manera inesperada. Esto ha sucedido 1 veces.

Error: (06/02/2019 01:13:15 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: El servicio NVIDIA LocalSystem Container terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 6000 milisegundos: Reiniciar el servicio.


Windows Defender:
===================================
Date: 2019-04-06 16:42:21.603
Description: 
El examen de Antivirus de Windows Defender se detuvo antes de completarse.
Id. de examen: {CF0399FC-3C9E-4578-9911-DDC79F626E5F}
Tipo de examen: Antimalware
Parámetros de examen: Examen personalizado
Usuario: DESKTOP-PUJPOIC\Androide

Date: 2019-04-06 12:12:38.907
Description: 
El examen de Antivirus de Windows Defender se detuvo antes de completarse.
Id. de examen: {FAE1E1F0-29FC-483E-9296-79C74F8A3C56}
Tipo de examen: Antimalware
Parámetros de examen: Examen personalizado
Usuario: DESKTOP-PUJPOIC\Androide

Date: 2019-03-31 20:20:13.899
Description: 
El examen de Antivirus de Windows Defender se detuvo antes de completarse.
Id. de examen: {9968A171-4670-49A8-B33B-F34C7D00190B}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM

Date: 2019-03-27 23:04:20.734
Description: 
El examen de Antivirus de Windows Defender se detuvo antes de completarse.
Id. de examen: {AEFEB03C-4EB9-4A88-B8AC-BC12A84FAC50}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM

Date: 2019-03-25 20:06:01.061
Description: 
El examen de Antivirus de Windows Defender se detuvo antes de completarse.
Id. de examen: {12D7663C-ED83-4D46-9D64-E27F0A5693FF}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM

Date: 2019-04-02 17:49:12.072
Description: 
Antivirus de Windows Defender encontró un error al intentar actualizar las firmas.
Nueva versión de firma: 
Versión de firma anterior: 1.291.836.0
Origen de actualización: Centro de protección contra malware de Microsoft
Tipo de firma: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\Servicio de red
Versión de motor actual: 
Versión de motor anterior: 1.1.15800.1
Código de error: 0x80072ee7
Descripción del error: No se pudo resolver el nombre de servidor o su dirección 

Date: 2019-04-02 17:49:12.072
Description: 
Antivirus de Windows Defender encontró un error al intentar actualizar las firmas.
Nueva versión de firma: 
Versión de firma anterior: 1.291.836.0
Origen de actualización: Centro de protección contra malware de Microsoft
Tipo de firma: AntiSpyware
Tipo de actualización: Completa
Usuario: NT AUTHORITY\Servicio de red
Versión de motor actual: 
Versión de motor anterior: 1.1.15800.1
Código de error: 0x80072ee7
Descripción del error: No se pudo resolver el nombre de servidor o su dirección 

Date: 2019-04-02 17:49:12.072
Description: 
Antivirus de Windows Defender encontró un error al intentar actualizar las firmas.
Nueva versión de firma: 
Versión de firma anterior: 1.291.836.0
Origen de actualización: Centro de protección contra malware de Microsoft
Tipo de firma: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\Servicio de red
Versión de motor actual: 
Versión de motor anterior: 1.1.15800.1
Código de error: 0x80072ee7
Descripción del error: No se pudo resolver el nombre de servidor o su dirección 

Date: 2019-04-02 17:49:12.065
Description: 
Antivirus de Windows Defender encontró un error al intentar actualizar las firmas.
Nueva versión de firma: 
Versión de firma anterior: 1.291.836.0
Origen de actualización: Centro de protección contra malware de Microsoft
Tipo de firma: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\Servicio de red
Versión de motor actual: 
Versión de motor anterior: 1.1.15800.1
Código de error: 0x80072ee7
Descripción del error: No se pudo resolver el nombre de servidor o su dirección 

Date: 2019-04-02 17:49:12.065
Description: 
Antivirus de Windows Defender encontró un error al intentar actualizar las firmas.
Nueva versión de firma: 
Versión de firma anterior: 1.291.836.0
Origen de actualización: Centro de protección contra malware de Microsoft
Tipo de firma: AntiSpyware
Tipo de actualización: Completa
Usuario: NT AUTHORITY\Servicio de red
Versión de motor actual: 
Versión de motor anterior: 1.1.15800.1
Código de error: 0x80072ee7
Descripción del error: No se pudo resolver el nombre de servidor o su dirección 

CodeIntegrity:
===================================

Date: 2019-04-08 21:34:55.554
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Bitdefender\Bitdefender Security\wscfix.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-04-08 21:34:55.549
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Bitdefender\Bitdefender Security\wscfix.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-04-08 21:34:55.546
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Bitdefender\Bitdefender Security\wscfix.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-04-08 21:34:55.543
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Bitdefender\Bitdefender Security\wscfix.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-04-08 21:34:55.537
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Bitdefender\Bitdefender Security\wscfix.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-04-08 21:34:55.533
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Bitdefender\Bitdefender Security\wscfix.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-04-08 21:34:55.530
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Bitdefender\Bitdefender Security\wscfix.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-04-08 21:34:55.526
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Bitdefender\Bitdefender Security\wscfix.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

==================== Memory info =========================== 

BIOS: American Megatrends Inc. 1.20 10/31/2018
Motherboard: Micro-Star International Co., Ltd. B450M MORTAR (MS-7B89)
Processor: AMD Ryzen 7 2700 Eight-Core Processor 
Percentage of memory in use: 28%
Total physical RAM: 16334.81 MB
Available physical RAM: 11669.02 MB
Total Virtual: 19022.81 MB
Available Virtual: 12920.67 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:209 GB) (Free:67.02 GB) NTFS
Drive v: (SSDMaquinasVirtuales) (Fixed) (Total:223.57 GB) (Free:2.79 GB) NTFS
Drive w: (xPrincipal) (Fixed) (Total:465.75 GB) (Free:17.71 GB) NTFS
Drive x: (xHwSw) (Fixed) (Total:465.75 GB) (Free:307.38 GB) NTFS
Drive y: (xBackend) (Fixed) (Total:465.75 GB) (Free:123.3 GB) NTFS
Drive z: (xFrontend) (Fixed) (Total:465.75 GB) (Free:190.11 GB) NTFS

\\?\Volume{1413e153-dd0a-48ed-9374-4aaf676d0e38}\ (Recuperación) (Fixed) (Total:0.49 GB) (Free:0.09 GB) NTFS
\\?\Volume{f45c4c5d-b4b1-4373-9634-c473d0bc8357}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 223.6 GB) (Disk ID: 52CB2968)
Partition 1: (Not Active) - (Size=223.6 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 1863 GB) (Disk ID: 0669BCD2)

Partition: GPT.

========================================================
Disk: 2 (Size: 232.9 GB) (Disk ID: 06695CD2)

Partition: GPT.

==================== End of Addition.txt ============================

Farbar : FRST.txt

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 01-06-2019
Ran by Roboto (administrator) on DESKTOP-PUJPOIC (Micro-Star International Co., Ltd. MS-7B89) (02-06-2019 13:36:14)
Running from X:\__Quitar virus - Registro Limpieza\Limpiar Virus
Loaded Profiles: Roboto (Available Profiles: Rad & Androide & Roboto & DevToolsUser)
Platform: Windows 10 Pro Version 1809 17763.529 (X64) Language: Español (España, internacional)
Default browser: Edge
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.46.60.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Agent\ProductAgentService.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Device Management\DevMgmtService.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\bdagent.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\bdwtxag.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\updatesrv.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\vsserv.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender VPN\BdVpnApp.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender VPN\BdVpnService.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Common Files\Bitdefender\SetupInformation\Bitdefender RedLine\bdredline.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\Roboto\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.46.60.0_x64__kzf8qxf38zg5c\SkypeApp.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.WindowsStore_11904.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeSH.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\EyeRest.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\MSI_ActiveX_Service.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\TriggerModeMonitor.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\VideoCardMonitorII.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) C:\Program Files (x86)\MSI\Command Center\MSIControlService.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor Corp.) C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RtWLan.exe
(Realtek Semiconductor Corp -> Realtek) C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RtlService.exe
(Realtek Semiconductor Corp. -> ) C:\Windows\runSW.exe
(Realtek Semiconductor Corp. -> Realtek) C:\Windows\SwUSB.exe
(TeamViewer GmbH -> TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(VMware, Inc. -> VMware, Inc.) C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
(VMware, Inc. -> VMware, Inc.) C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe
(VMware, Inc. -> VMware, Inc.) C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe
(VMware, Inc. -> VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
(VMware, Inc. -> VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [BdVpnApp] => C:\Program Files\Bitdefender\Bitdefender VPN\BdVpnApp.exe [95024 2019-04-11] (Bitdefender SRL -> Bitdefender)
HKLM-x32\...\Run: [Command Center] => C:\Program Files (x86)\MSI\Command Center\StartCommandCenter.exe [835768 2018-09-07] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2137744 2016-10-08] (Wondershare software CO., LIMITED -> Wondershare)
HKLM-x32\...\Run: [vmware-tray.exe] => C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe [125872 2019-05-04] (VMware, Inc. -> VMware, Inc.)
HKU\S-1-5-21-1898291047-2095299667-44433578-1004\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [22588760 2019-05-09] (Piriform Software Ltd -> Piriform Software Ltd)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\74.0.3729.169\Installer\chrmstp.exe [2019-05-23] (Google LLC -> Google Inc.)
Lsa: [Authentication Packages] msv1_0 SshdPinAuthLsa
Startup: C:\Users\Androide\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Grindstone 3.lnk [2018-11-27]
ShortcutTarget: Grindstone 3.lnk -> C:\Users\Roboto\AppData\Local\Grindstone 3\GS3.exe (No File)
GroupPolicy: Restriction ? <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {08A50347-0FCA-4B1D-8212-681F7A6C9721} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [899056 2019-05-22] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {0E232BF9-AAF4-44AA-95CE-11747473A0D7} - System32\Tasks\Microsoft\VisualStudio\Updates\UpdateConfiguration_S-1-5-21-1898291047-2095299667-44433578-1001 => C:\Program Files (x86)\Microsoft Visual Studio\Installer\resources\app\ServiceHub\Services\Microsoft.VisualStudio.Setup.Service\VSIXConfigurationUpdater.exe [33440 2019-05-28] (Microsoft Corporation -> Microsoft Corporation)
Task: {1BE3F7F0-C5E8-4705-AF41-5D40C9F28729} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1130296 2019-05-22] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {48921DE0-2AE6-40A2-B5A3-58CBAFD67182} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [782136 2019-02-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {4A5AC615-FC17-4003-B27B-0B813A750F46} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 => {84F0FAE1-C27B-4F6F-807B-28CF6F96287D} C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngentasklauncher.dll [29344 2018-09-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {4C4686C4-977E-4503-A586-5204C4EB8614} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3787304 2019-05-23] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {695CEAE0-98E6-4CD7-A9FF-A54B45846F15} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1130296 2019-05-22] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {697B4260-90F4-42F0-8342-24899E1BC394} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1130296 2019-05-22] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {6ED0D68A-203B-486D-A193-D1B0C1F08842} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [16571320 2019-05-09] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {72D2C86D-10EB-4412-92C5-379C6FEA6DD7} - System32\Tasks\Microsoft\VisualStudio\Updates\UpdateConfiguration_S-1-5-21-1898291047-2095299667-44433578-1004 => C:\Program Files (x86)\Microsoft Visual Studio\Installer\resources\app\ServiceHub\Services\Microsoft.VisualStudio.Setup.Service\VSIXConfigurationUpdater.exe [33440 2019-05-28] (Microsoft Corporation -> Microsoft Corporation)
Task: {808FEC09-D56B-4742-9E25-2663B74BB874} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-05-09] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {89FDB797-C558-43EE-AE4C-F82BE1E387E2} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [899056 2019-05-22] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {8ABCCD83-6157-4546-9B36-39821E79866E} - System32\Tasks\Microsoft\VisualStudio\VSIX Auto Update 15.9.3032 => C:\Program Files (x86)\Microsoft Visual Studio\Installer\resources\app\ServiceHub\Services\Microsoft.VisualStudio.Setup.Service\VSIXAutoUpdate.exe [206184 2019-05-28] (Microsoft Corporation -> )
Task: {8B105DBD-2792-43BD-93B7-C0B2C008908F} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1195544 2018-12-16] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {92F7C53A-3218-4945-BF0F-966FBA5B34B9} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 64 => {429BC048-379E-45E0-80E4-EB1977941B5C} C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngentasklauncher.dll [29344 2018-09-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {96B0042D-FE7A-4DC1-A98C-4C983CE44A56} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe [1146048 2018-05-28] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co. Ltd.)
Task: {9903F86D-E65E-4390-B43A-D33480129E4D} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 64 Critical => {613FBA38-A3DF-4AB8-9674-5604984A299A} C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngentasklauncher.dll [29344 2018-09-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {A04126B7-0417-4414-BE72-3EEAF0E521A4} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-11-26] (Google Inc -> Google Inc.)
Task: {A86B4ABB-5EA4-4A00-A44C-40E7DC541567} - System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 => C:\Program Files\Bitdefender Agent\WatchDog.exe [462288 2018-11-15] (Bitdefender SRL -> Bitdefender)
Task: {AFEE5036-D4E0-4905-AAF2-2454B54E554C} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [782136 2019-02-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {B21348A3-F53F-4B2B-8031-CB59D653BB06} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1130296 2019-05-22] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {B66B135D-DA06-4FC4-95F8-7458E1D10129} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 Critical => {DE434264-8FE9-4C0B-A83B-89EBEEBFF78E} C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngentasklauncher.dll [29344 2018-09-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {CFC766B9-D120-4460-BC9E-B666C01A7F61} - System32\Tasks\Opera scheduled Autoupdate 1543267643 => C:\Users\Androide\AppData\Local\Programs\Opera\launcher.exe [1493592 2019-05-23] (Opera Software AS -> Opera Software)
Task: {DCC25AF7-E1CF-4D20-BE84-FEBD2E53E278} - System32\Tasks\Microsoft\VisualStudio\Updates\UpdateConfiguration_S-1-5-21-1898291047-2095299667-44433578-1003 => C:\Program Files (x86)\Microsoft Visual Studio\Installer\resources\app\ServiceHub\Services\Microsoft.VisualStudio.Setup.Service\VSIXConfigurationUpdater.exe [33440 2019-05-28] (Microsoft Corporation -> Microsoft Corporation)
Task: {EBB1507D-9245-4355-851B-C7C838C6735E} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [648504 2019-05-22] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {F1AD2C32-5E5F-4212-B6D9-E0A9AC977129} - System32\Tasks\Bitdefender AgentTask_AD394AE64E874073B10A89FEEC305A3C => C:\Program Files\Bitdefender\Bitdefender Security\bdagent.exe [475824 2019-04-09] (Bitdefender SRL -> Bitdefender)
Task: {F8A84457-D805-4EF1-AB5D-699B2A77C4CA} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-11-26] (Google Inc -> Google Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: 127.0.0.1 		www.twitch.tv
Tcpip\Parameters: [DhcpNameServer] 80.58.61.250 80.58.61.254
Tcpip\..\Interfaces\{68b0e587-2946-4eb0-8c80-545c7cd0c232}: [DhcpNameServer] 80.58.61.250 80.58.61.254
Tcpip\..\Interfaces\{72673d09-0149-4971-b34d-dab0cad5cec3}: [DhcpNameServer] 80.58.61.250 80.58.61.254
Tcpip\..\Interfaces\{7ad844f4-d724-4a9e-8aef-58b129e7f8e7}: [DhcpNameServer] 80.58.61.250 80.58.61.254
Tcpip\..\Interfaces\{9aaec25e-b292-47d2-a722-9e2189baefe7}: [DhcpNameServer] 80.58.61.250 80.58.61.254
Tcpip\..\Interfaces\{cb36de21-7dcc-4b78-86d6-24dc2021e33e}: [DhcpNameServer] 192.168.42.129

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
BHO: Bitdefender Wallet -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender Security\pmbxie.dll [2019-04-09] (Bitdefender SRL -> Bitdefender)
BHO-x32: Bitdefender Wallet -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender Security\Antispam32\pmbxie.dll [2019-04-09] (Bitdefender SRL -> Bitdefender)
Toolbar: HKLM - Bitdefender Wallet - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender Security\pmbxie.dll [2019-04-09] (Bitdefender SRL -> Bitdefender)
Toolbar: HKLM-x32 - Bitdefender Wallet - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender Security\Antispam32\pmbxie.dll [2019-04-09] (Bitdefender SRL -> Bitdefender)

FireFox:
========
FF DefaultProfile: c24qxmwk.default
FF ProfilePath: C:\Users\Roboto\AppData\Roaming\Mozilla\Firefox\Profiles\uijvxlj7.dev-edition-default [2019-06-02]
FF ProfilePath: C:\Users\Roboto\AppData\Roaming\Mozilla\Firefox\Profiles\c24qxmwk.default [2019-06-02]
FF Extension: (hotfix-update-xpi-intermediate) - C:\Users\Roboto\AppData\Roaming\Mozilla\Firefox\Profiles\c24qxmwk.default\Extensions\[email protected] [2019-05-10]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\Bitdefender\Bitdefender Security\bdwteff.xpi
FF Extension: (Bitdefender Wallet) - C:\Program Files\Bitdefender\Bitdefender Security\bdwteff.xpi [2018-12-19]
FF HKLM\...\Thunderbird\Extensions: [[email protected]] - C:\Program Files\Bitdefender\Bitdefender Security\bdtbext
FF Extension: (Bitdefender Antispam Toolbar) - C:\Program Files\Bitdefender\Bitdefender Security\bdtbext [2019-03-06] [Legacy] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\Bitdefender\Bitdefender Security\bdwteff.xpi
FF HKLM-x32\...\Thunderbird\Extensions: [[email protected]] - C:\Program Files\Bitdefender\Bitdefender Security\bdtbext
FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2019-01-17] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2019-01-17] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2019-01-17] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2019-01-17] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-05-03] (Adobe Inc. -> Adobe Systems Inc.)
StartMenuInternet: Firefox-CA9422711AE1A81C - C:\Program Files\Firefox Developer Edition\firefox.exe

Chrome: 
=======
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\Roboto\AppData\Local\Google\Chrome\User Data\Default [2019-06-02]
CHR Extension: (Presentaciones) - C:\Users\Roboto\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-11-28]
CHR Extension: (JSTorrent Lite) - C:\Users\Roboto\AppData\Local\Google\Chrome\User Data\Default\Extensions\abmohcnlldaiaodkpacnldcdnjjgldfh [2018-11-28]
CHR Extension: (Documentos) - C:\Users\Roboto\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-11-28]
CHR Extension: (Google Drive) - C:\Users\Roboto\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-11-28]
CHR Extension: (YouTube) - C:\Users\Roboto\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-11-28]
CHR Extension: (uBlock Origin) - C:\Users\Roboto\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2019-04-06]
CHR Extension: (Live HTTP Headers) - C:\Users\Roboto\AppData\Local\Google\Chrome\User Data\Default\Extensions\eaiimeeggnhceafhencnejheejddlcpa [2018-11-28]
CHR Extension: (Hojas de cálculo) - C:\Users\Roboto\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-11-28]
CHR Extension: (Bitdefender Wallet) - C:\Users\Roboto\AppData\Local\Google\Chrome\User Data\Default\Extensions\gannpgaobkkhmpomoijebaigcapoeebl [2019-04-06]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\Roboto\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-02-01]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Roboto\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-11-28]
CHR Extension: (ImTranslator: Traductor, Diccionario, Voz) - C:\Users\Roboto\AppData\Local\Google\Chrome\User Data\Default\Extensions\noaijdpnepcgjemiklgfkcfbkokogabh [2019-05-10]
CHR Extension: (Gmail) - C:\Users\Roboto\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-05-10]
CHR Extension: (Chrome Media Router) - C:\Users\Roboto\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-06-02]
CHR HKLM-x32\...\Chrome\Extension: [gannpgaobkkhmpomoijebaigcapoeebl] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AfVpnService; C:\Program Files\Bitdefender\Bitdefender VPN\vpnservice.exe [322432 2019-03-25] (AnchorFree Inc -> AnchorFree Inc.)
R2 BDAuxSrv; C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe [779152 2019-04-09] (Bitdefender SRL -> Bitdefender)
R2 BDProtSrv; C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe [779152 2019-04-09] (Bitdefender SRL -> Bitdefender)
R2 bdredline; C:\Program Files\Common Files\Bitdefender\SetupInformation\Bitdefender RedLine\bdredline.exe [2195320 2018-03-22] (Bitdefender SRL -> Bitdefender)
R2 BdVpnService; C:\Program Files\Bitdefender\Bitdefender VPN\bdvpnservice.exe [96568 2019-04-11] (Bitdefender SRL -> Bitdefender)
R2 DevMgmtService; C:\Program Files\Bitdefender\Bitdefender Device Management\DevMgmtService.exe [95520 2019-03-28] (Bitdefender SRL -> Bitdefender)
R2 IpOverUsbSvc; C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe [22872 2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
S2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6562472 2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
S3 MSIClock_CC; C:\Program Files (x86)\MSI\Command Center\ClockGen\MSIClockService_x64.exe [2669240 2018-01-12] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
S3 MSICOMM_CC; C:\Program Files (x86)\MSI\Command Center\MSICommService.exe [2343608 2018-01-12] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
S3 MSICPU_CC; C:\Program Files (x86)\MSI\Command Center\CPU\MSICPUService_x64.exe [2725048 2017-12-22] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R2 MSICTL_CC; C:\Program Files (x86)\MSI\Command Center\MSIControlService.exe [2255032 2018-08-23] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
S3 MSIDDR_CC; C:\Program Files (x86)\MSI\Command Center\DDR\MSIDDRService.exe [2507448 2018-10-23] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
S3 MSISMB_CC; C:\Program Files (x86)\MSI\Command Center\SMBus\MSISMBService.exe [2136248 2018-03-29] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
S3 MSISuperIO_CC; C:\Program Files (x86)\MSI\Command Center\SuperIO\MSISuperIOService.exe [2742968 2018-08-23] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R2 MSI_ActiveX_Service; C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\MSI_ActiveX_Service.exe [86688 2018-07-25] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [782136 2019-02-27] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [782136 2019-02-27] (NVIDIA Corporation -> NVIDIA Corporation)
R2 ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [1293936 2018-11-15] (Bitdefender SRL -> Bitdefender)
R2 RealtekWlanU; C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RtlService.exe [48856 2014-10-09] (Realtek Semiconductor Corp -> Realtek)
S2 RTLDHCPService; C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RTLDHCP.exe [262360 2014-10-09] (Realtek Semiconductor Corp -> Realtek)
R2 RunSwUSB; C:\Windows\runSW.exe [59232 2019-01-11] (Realtek Semiconductor Corp. -> )
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5382448 2019-04-09] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 sshd; C:\WINDOWS\System32\OpenSSH\sshd.exe [974848 2019-01-05] (Microsoft Windows -> )
S3 SshdBroker; C:\WINDOWS\System32\SshdBroker.dll [288768 2019-03-13] (Microsoft Windows -> Microsoft Corporation)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [11665136 2019-01-16] (TeamViewer GmbH -> TeamViewer GmbH)
R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender Security\updatesrv.exe [114192 2019-04-09] (Bitdefender SRL -> Bitdefender)
S3 VBoxSDS; C:\Program Files\Oracle\VirtualBox\VBoxSDS.exe [690424 2019-01-25] (Oracle Corporation -> Oracle Corporation)
S3 VMwareHostd; C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe [15446448 2019-05-04] (VMware, Inc. -> )
R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender Security\vsserv.exe [817128 2019-04-09] (Bitdefender SRL -> Bitdefender)
S3 VSStandardCollectorService150; C:\Program Files (x86)\Microsoft Visual Studio\Shared\Common\DiagnosticsHub.Collection.Service\StandardCollector.Service.exe [157480 2018-08-02] (Microsoft Corporation -> Microsoft Corporation)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1903.4-0\NisSrv.exe [3856504 2019-04-05] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1903.4-0\MsMpEng.exe [113992 2019-04-05] (Microsoft Corporation -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000 
R2 NvTelemetryContainer; "C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvTelemetry\plugins" -r

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 aftap0901; C:\WINDOWS\System32\drivers\aftap0901.sys [48624 2018-06-15] (AnchorFree Inc -> The OpenVPN Project)
R3 amdgpio2; C:\WINDOWS\System32\drivers\amdgpio2.sys [34664 2018-04-26] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc)
R3 amdgpio3; C:\WINDOWS\System32\drivers\amdgpio3.sys [33120 2018-04-26] (AMD PMP-PE CB Code Signer v20160415 -> Advanced Micro Devices, Inc)
S3 amdkmcsp; C:\WINDOWS\system32\DRIVERS\amdkmcsp.sys [101232 2017-06-12] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc. )
R3 AMDPCIDev; C:\WINDOWS\System32\drivers\AMDPCIDev.sys [31592 2018-04-26] (Advanced Micro Devices Inc. -> Advanced Micro Devices)
R0 amdpsp; C:\WINDOWS\System32\drivers\amdpsp.sys [145792 2018-04-26] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc. )
R2 AMDRyzenMasterDriverV13; C:\Program Files\AMD\RyzenMaster\bin\AMDRyzenMasterDriver.sys [71152 2018-11-26] (Advanced Micro Devices Inc. -> Advanced Micro Devices)
R1 atc; C:\WINDOWS\System32\DRIVERS\atc.sys [1423680 2019-01-21] (Bitdefender SRL -> BitDefender S.R.L. Bucharest, ROMANIA)
S3 athur; C:\WINDOWS\System32\drivers\athurx.sys [1847296 2010-01-05] (Microsoft Windows Hardware Compatibility Publisher -> Atheros Communications, Inc.)
R2 BdDci; C:\WINDOWS\System32\DRIVERS\bddci.sys [367096 2019-01-29] (Bitdefender SRL -> Bitdefender)
S0 bdelam; C:\WINDOWS\System32\drivers\bdelam.sys [22960 2019-04-09] (Microsoft Windows Early Launch Anti-malware Publisher -> Bitdefender)
R0 bdprivmon; C:\WINDOWS\System32\DRIVERS\bdprivmon.sys [45728 2018-09-17] (Bitdefender SRL -> © Bitdefender SRL)
R1 BDVEDISK; C:\WINDOWS\system32\DRIVERS\bdvedisk.sys [96448 2018-04-27] (Bitdefender SRL -> BitDefender)
R0 Gemma; C:\WINDOWS\System32\DRIVERS\gemma.sys [374632 2018-11-19] (Bitdefender SRL -> BitDefender S.R.L. Bucharest, ROMANIA)
R0 gzflt; C:\WINDOWS\System32\DRIVERS\gzflt.sys [201000 2018-11-20] (Bitdefender SRL -> BitDefender LLC)
R2 Ignis; C:\WINDOWS\system32\DRIVERS\ignis.sys [196392 2019-04-09] (Bitdefender SRL -> Bitdefender)
S3 libusb0; C:\WINDOWS\system32\DRIVERS\libusb0.sys [44480 2011-05-17] (Akeo Consulting -> hxxp://libusb-win32.sourceforge.net)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [20936 2019-02-01] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_b49751b9038af669\nvlddmkm.sys [21836032 2019-05-23] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30336 2019-05-10] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [69840 2019-03-19] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [75600 2019-04-17] (NVIDIA Corporation -> NVIDIA Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [605696 2018-09-15] (Microsoft Windows -> Realtek )
S3 RTL8187; C:\WINDOWS\System32\drivers\rtl8187.sys [448512 2010-01-07] (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corporation )
S3 RtlWlanu; C:\WINDOWS\System32\drivers\rtwlanu.sys [9834072 2019-03-29] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corporation )
R0 secnvme; C:\WINDOWS\System32\drivers\secnvme.sys [134120 2018-02-13] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd)
R2 speedfan; C:\Windows\SysWOW64\speedfan.sys [28664 2012-12-29] (SOKNO S.R.L. -> Almico Software)
R0 trufos; C:\WINDOWS\System32\DRIVERS\trufos.sys [610640 2019-01-14] (Bitdefender SRL -> Bitdefender)
S3 usbrndis6; C:\WINDOWS\System32\drivers\usb80236.sys [24576 2018-09-15] (Microsoft Windows -> Microsoft Corporation)
R3 VBoxNetAdp; C:\WINDOWS\system32\DRIVERS\VBoxNetAdp6.sys [235832 2019-01-28] (Oracle Corporation -> Oracle Corporation)
R1 VBoxNetLwf; C:\WINDOWS\system32\DRIVERS\VBoxNetLwf.sys [247216 2019-01-28] (Oracle Corporation -> Oracle Corporation)
R1 vmkbd3; C:\WINDOWS\system32\DRIVERS\vmkbd.sys [52288 2019-03-25] (VMware, Inc. -> VMware, Inc.)
R2 vmparport; C:\WINDOWS\system32\DRIVERS\vmparport.sys [49216 2019-05-04] (VMware, Inc. -> VMware, Inc.)
R0 VMSNPXY; C:\WINDOWS\System32\drivers\VmsProxyHNic.sys [37920 2018-09-15] (Microsoft Windows -> Microsoft Corporation)
R0 vsock; C:\WINDOWS\System32\DRIVERS\vsock.sys [92040 2019-04-27] (VMware, Inc. -> VMware, Inc.)
R2 vstor2-mntapi20-shared; C:\Windows\SysWow64\drivers\vstor2-x64.sys [52576 2018-02-28] (VMware, Inc. -> VMware, Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [46472 2019-04-05] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [343520 2019-04-05] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [68576 2019-04-05] (Microsoft Windows -> Microsoft Corporation)

FRST.txt 2º parte

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-06-02 13:33 - 2019-06-02 13:36 - 000000000 ____D C:\FRST
2019-06-01 22:58 - 2019-06-01 22:58 - 000000000 ____D C:\WINDOWS\LastGood.Tmp
2019-06-01 22:57 - 2019-05-23 18:25 - 000260512 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2019-06-01 22:57 - 2019-05-23 18:25 - 000260512 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2019-06-01 22:57 - 2019-05-23 18:24 - 001007008 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2019-06-01 22:57 - 2019-05-23 18:24 - 001007008 _____ C:\WINDOWS\system32\vulkan-1.dll
2019-06-01 22:57 - 2019-05-23 18:24 - 000870304 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2019-06-01 22:57 - 2019-05-23 18:24 - 000870304 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2019-06-01 22:57 - 2019-05-23 18:24 - 000552352 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2019-06-01 22:57 - 2019-05-23 18:24 - 000457304 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2019-06-01 22:57 - 2019-05-23 18:24 - 000286624 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2019-06-01 22:57 - 2019-05-23 18:24 - 000286624 _____ C:\WINDOWS\system32\vulkaninfo.exe
2019-06-01 22:57 - 2019-05-23 18:23 - 011051968 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2019-06-01 22:57 - 2019-05-23 18:23 - 009487240 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2019-06-01 22:57 - 2019-05-23 18:22 - 000821120 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmcumd.dll
2019-06-01 22:57 - 2019-05-23 18:22 - 000675016 _____ C:\WINDOWS\system32\nvofapi64.dll
2019-06-01 22:57 - 2019-05-23 18:22 - 000631224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2019-06-01 22:57 - 2019-05-23 18:22 - 000541904 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2019-06-01 22:57 - 2019-05-23 18:22 - 000522120 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2019-06-01 22:57 - 2019-05-23 18:21 - 005422040 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2019-06-01 22:57 - 2019-05-23 18:21 - 004759640 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2019-06-01 22:57 - 2019-05-23 18:21 - 001722456 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6443086.dll
2019-06-01 22:57 - 2019-05-23 18:21 - 001542232 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2019-06-01 22:57 - 2019-05-23 18:21 - 001470856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2019-06-01 22:57 - 2019-05-23 18:21 - 001467864 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6443086.dll
2019-06-01 22:57 - 2019-05-23 18:21 - 001162200 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2019-06-01 22:57 - 2019-05-23 18:21 - 001133824 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2019-06-01 22:57 - 2019-05-23 18:21 - 000912472 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2019-06-01 22:57 - 2019-05-23 18:21 - 000808408 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2019-06-01 22:57 - 2019-05-23 18:21 - 000654752 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2019-06-01 22:57 - 2019-05-23 18:20 - 040412576 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2019-06-01 22:57 - 2019-05-23 18:20 - 035269592 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2019-06-01 22:57 - 2019-05-23 18:20 - 020190808 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2019-06-01 22:57 - 2019-05-23 18:20 - 017467024 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2019-06-01 22:57 - 2019-05-23 18:14 - 004340480 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2019-06-01 22:42 - 2019-06-01 22:42 - 000003858 _____ C:\WINDOWS\System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-06-01 22:42 - 2019-06-01 22:42 - 000003858 _____ C:\WINDOWS\System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-06-01 22:42 - 2019-06-01 22:42 - 000003858 _____ C:\WINDOWS\System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-06-01 22:42 - 2019-06-01 22:42 - 000003858 _____ C:\WINDOWS\System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-06-01 21:52 - 2019-06-01 21:52 - 000000000 ____D C:\Users\raulv\AppData\Local\PeerDistRepub
2019-06-01 21:50 - 2019-06-01 21:51 - 000000000 ____D C:\AdwCleaner
2019-06-01 19:50 - 2019-06-02 13:22 - 000004210 _____ C:\WINDOWS\System32\Tasks\CCleaner Update
2019-06-01 19:50 - 2019-06-02 13:18 - 000002890 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2019-06-01 19:50 - 2019-06-01 19:50 - 000000863 _____ C:\Users\Public\Desktop\CCleaner.lnk
2019-06-01 19:50 - 2019-06-01 19:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2019-06-01 19:50 - 2019-06-01 19:50 - 000000000 ____D C:\Program Files\CCleaner
2019-06-01 17:48 - 2019-06-01 17:48 - 007724992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2019-06-01 17:48 - 2019-06-01 17:48 - 005112792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2019-06-01 17:48 - 2019-06-01 17:48 - 001260048 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2019-06-01 17:48 - 2019-06-01 17:48 - 000898048 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2019-06-01 17:48 - 2019-06-01 17:48 - 000667136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapi.dll
2019-06-01 17:48 - 2019-06-01 17:48 - 000370688 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2019-06-01 17:48 - 2019-06-01 17:48 - 000311808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapibase.dll
2019-06-01 17:47 - 2019-06-01 17:47 - 026809856 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-06-01 17:47 - 2019-06-01 17:47 - 023439360 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-06-01 17:47 - 2019-06-01 17:47 - 020816384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2019-06-01 17:47 - 2019-06-01 17:47 - 018999808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-06-01 17:47 - 2019-06-01 17:47 - 017484800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2019-06-01 17:47 - 2019-06-01 17:47 - 015221248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2019-06-01 17:47 - 2019-06-01 17:47 - 012869120 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2019-06-01 17:47 - 2019-06-01 17:47 - 012162048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2019-06-01 17:47 - 2019-06-01 17:47 - 009682744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-06-01 17:47 - 2019-06-01 17:47 - 007884288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2019-06-01 17:47 - 2019-06-01 17:47 - 007687576 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2019-06-01 17:47 - 2019-06-01 17:47 - 007645608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-06-01 17:47 - 2019-06-01 17:47 - 006926336 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2019-06-01 17:47 - 2019-06-01 17:47 - 006545280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-06-01 17:47 - 2019-06-01 17:47 - 006441472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2019-06-01 17:47 - 2019-06-01 17:47 - 006309040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2019-06-01 17:47 - 2019-06-01 17:47 - 005764608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2019-06-01 17:47 - 2019-06-01 17:47 - 005297152 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2019-06-01 17:47 - 2019-06-01 17:47 - 005086208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2019-06-01 17:47 - 2019-06-01 17:47 - 004627456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2019-06-01 17:47 - 2019-06-01 17:47 - 004588536 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2019-06-01 17:47 - 2019-06-01 17:47 - 003983872 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2019-06-01 17:47 - 2019-06-01 17:47 - 003637248 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2019-06-01 17:47 - 2019-06-01 17:47 - 003426816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2019-06-01 17:47 - 2019-06-01 17:47 - 003384832 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-06-01 17:47 - 2019-06-01 17:47 - 003344896 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2019-06-01 17:47 - 2019-06-01 17:47 - 003270144 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2019-06-01 17:47 - 2019-06-01 17:47 - 002999808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2019-06-01 17:47 - 2019-06-01 17:47 - 002928640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2019-06-01 17:47 - 2019-06-01 17:47 - 002777736 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2019-06-01 17:47 - 2019-06-01 17:47 - 002707968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2019-06-01 17:47 - 2019-06-01 17:47 - 002690048 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2019-06-01 17:47 - 2019-06-01 17:47 - 002638336 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe
2019-06-01 17:47 - 2019-06-01 17:47 - 002627600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2019-06-01 17:47 - 2019-06-01 17:47 - 002421760 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2019-06-01 17:47 - 2019-06-01 17:47 - 002276192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2019-06-01 17:47 - 2019-06-01 17:47 - 002189312 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-06-01 17:47 - 2019-06-01 17:47 - 002096128 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2019-06-01 17:47 - 2019-06-01 17:47 - 002017280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2019-06-01 17:47 - 2019-06-01 17:47 - 001860608 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2019-06-01 17:47 - 2019-06-01 17:47 - 001860096 ____R (The ICU Project) C:\WINDOWS\system32\icuin.dll
2019-06-01 17:47 - 2019-06-01 17:47 - 001761280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2019-06-01 17:47 - 2019-06-01 17:47 - 001750016 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2019-06-01 17:47 - 2019-06-01 17:47 - 001700312 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-06-01 17:47 - 2019-06-01 17:47 - 001644544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2019-06-01 17:47 - 2019-06-01 17:47 - 001618944 ____R (The ICU Project) C:\WINDOWS\SysWOW64\icuin.dll
2019-06-01 17:47 - 2019-06-01 17:47 - 001605120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-06-01 17:47 - 2019-06-01 17:47 - 001483872 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2019-06-01 17:47 - 2019-06-01 17:47 - 001471040 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-06-01 17:47 - 2019-06-01 17:47 - 001462272 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2019-06-01 17:47 - 2019-06-01 17:47 - 001387520 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2019-06-01 17:47 - 2019-06-01 17:47 - 001342904 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2019-06-01 17:47 - 2019-06-01 17:47 - 001315328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2019-06-01 17:47 - 2019-06-01 17:47 - 001313792 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2019-06-01 17:47 - 2019-06-01 17:47 - 001309696 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2019-06-01 17:47 - 2019-06-01 17:47 - 001298952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2019-06-01 17:47 - 2019-06-01 17:47 - 001256448 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2019-06-01 17:47 - 2019-06-01 17:47 - 001255936 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2019-06-01 17:47 - 2019-06-01 17:47 - 001254912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2019-06-01 17:47 - 2019-06-01 17:47 - 001253688 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-06-01 17:47 - 2019-06-01 17:47 - 001229312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2019-06-01 17:47 - 2019-06-01 17:47 - 001180184 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2019-06-01 17:47 - 2019-06-01 17:47 - 001072640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2019-06-01 17:47 - 2019-06-01 17:47 - 001054712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-06-01 17:47 - 2019-06-01 17:47 - 001048592 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-06-01 17:47 - 2019-06-01 17:47 - 001032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2019-06-01 17:47 - 2019-06-01 17:47 - 001005056 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2019-06-01 17:47 - 2019-06-01 17:47 - 001000448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2019-06-01 17:47 - 2019-06-01 17:47 - 000998912 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2019-06-01 17:47 - 2019-06-01 17:47 - 000971776 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2019-06-01 17:47 - 2019-06-01 17:47 - 000927744 _____ (Microsoft Corporation) C:\WINDOWS\system32\assignedaccessmanagersvc.dll
2019-06-01 17:47 - 2019-06-01 17:47 - 000924160 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2019-06-01 17:47 - 2019-06-01 17:47 - 000912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2019-06-01 17:47 - 2019-06-01 17:47 - 000887808 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2019-06-01 17:47 - 2019-06-01 17:47 - 000853504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2019-06-01 17:47 - 2019-06-01 17:47 - 000850760 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2019-06-01 17:47 - 2019-06-01 17:47 - 000833024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2019-06-01 17:47 - 2019-06-01 17:47 - 000804352 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2019-06-01 17:47 - 2019-06-01 17:47 - 000791040 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2019-06-01 17:47 - 2019-06-01 17:47 - 000787456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2019-06-01 17:47 - 2019-06-01 17:47 - 000773632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2019-06-01 17:47 - 2019-06-01 17:47 - 000769536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2019-06-01 17:47 - 2019-06-01 17:47 - 000758688 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2019-06-01 17:47 - 2019-06-01 17:47 - 000756736 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2019-06-01 17:47 - 2019-06-01 17:47 - 000735232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2019-06-01 17:47 - 2019-06-01 17:47 - 000699392 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Language.dll
2019-06-01 17:47 - 2019-06-01 17:47 - 000692736 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2019-06-01 17:47 - 2019-06-01 17:47 - 000669184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2019-06-01 17:47 - 2019-06-01 17:47 - 000663040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2019-06-01 17:47 - 2019-06-01 17:47 - 000651064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2019-06-01 17:47 - 2019-06-01 17:47 - 000618496 _____ (Microsoft Corporation) C:\WINDOWS\system32\AssignedAccessManager.dll
2019-06-01 17:47 - 2019-06-01 17:47 - 000615440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2019-06-01 17:47 - 2019-06-01 17:47 - 000586040 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2019-06-01 17:47 - 2019-06-01 17:47 - 000570368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll
2019-06-01 17:47 - 2019-06-01 17:47 - 000555232 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppResolver.dll
2019-06-01 17:47 - 2019-06-01 17:47 - 000543744 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2019-06-01 17:47 - 2019-06-01 17:47 - 000515152 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2019-06-01 17:47 - 2019-06-01 17:47 - 000476160 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2019-06-01 17:47 - 2019-06-01 17:47 - 000451104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2019-06-01 17:47 - 2019-06-01 17:47 - 000430904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Classpnp.sys
2019-06-01 17:47 - 2019-06-01 17:47 - 000427688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppResolver.dll
2019-06-01 17:47 - 2019-06-01 17:47 - 000398848 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2019-06-01 17:47 - 2019-06-01 17:47 - 000375544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2019-06-01 17:47 - 2019-06-01 17:47 - 000375296 _____ (Microsoft Corporation) C:\WINDOWS\system32\esentutl.exe
2019-06-01 17:47 - 2019-06-01 17:47 - 000365056 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationControllerPS.dll
2019-06-01 17:47 - 2019-06-01 17:47 - 000359936 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2019-06-01 17:47 - 2019-06-01 17:47 - 000351744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2019-06-01 17:47 - 2019-06-01 17:47 - 000351232 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicSvc.dll
2019-06-01 17:47 - 2019-06-01 17:47 - 000345600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2019-06-01 17:47 - 2019-06-01 17:47 - 000340480 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovhost.dll
2019-06-01 17:47 - 2019-06-01 17:47 - 000331264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esentutl.exe
2019-06-01 17:47 - 2019-06-01 17:47 - 000292664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2019-06-01 17:47 - 2019-06-01 17:47 - 000287912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SIHClient.exe
2019-06-01 17:47 - 2019-06-01 17:47 - 000282424 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2019-06-01 17:47 - 2019-06-01 17:47 - 000280576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovhost.dll
2019-06-01 17:47 - 2019-06-01 17:47 - 000279040 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvsvc.dll
2019-06-01 17:47 - 2019-06-01 17:47 - 000275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2019-06-01 17:47 - 2019-06-01 17:47 - 000262160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2019-06-01 17:47 - 2019-06-01 17:47 - 000257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicCapsule.dll
2019-06-01 17:47 - 2019-06-01 17:47 - 000247608 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthAgent.dll
2019-06-01 17:47 - 2019-06-01 17:47 - 000246784 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2019-06-01 17:47 - 2019-06-01 17:47 - 000240128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winnat.sys
2019-06-01 17:47 - 2019-06-01 17:47 - 000228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2019-06-01 17:47 - 2019-06-01 17:47 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2019-06-01 17:47 - 2019-06-01 17:47 - 000196920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spacedump.sys
2019-06-01 17:47 - 2019-06-01 17:47 - 000177152 _____ (Microsoft Corporation) C:\WINDOWS\system32\spacebridge.dll
2019-06-01 17:47 - 2019-06-01 17:47 - 000177152 _____ (Microsoft Corporation) C:\WINDOWS\system32\LanguageComponentsInstaller.dll
2019-06-01 17:47 - 2019-06-01 17:47 - 000165376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spacebridge.dll
2019-06-01 17:47 - 2019-06-01 17:47 - 000165376 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompPkgSrv.exe
2019-06-01 17:47 - 2019-06-01 17:47 - 000152400 _____ (Microsoft Corporation) C:\WINDOWS\system32\KerbClientShared.dll
2019-06-01 17:47 - 2019-06-01 17:47 - 000125528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KerbClientShared.dll
2019-06-01 17:47 - 2019-06-01 17:47 - 000114648 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompPkgSup.dll
2019-06-01 17:47 - 2019-06-01 17:47 - 000111104 _____ (Microsoft Corporation) C:\WINDOWS\system32\AxInstSv.dll
2019-06-01 17:47 - 2019-06-01 17:47 - 000108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\usoapi.dll
2019-06-01 17:47 - 2019-06-01 17:47 - 000091424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CompPkgSup.dll
2019-06-01 17:47 - 2019-06-01 17:47 - 000090632 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2019-06-01 17:47 - 2019-06-01 17:47 - 000090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Microsoft.Bluetooth.Legacy.LEEnumerator.sys
2019-06-01 17:47 - 2019-06-01 17:47 - 000080400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2019-06-01 17:47 - 2019-06-01 17:47 - 000076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicAgent.exe
2019-06-01 17:47 - 2019-06-01 17:47 - 000070144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usoapi.dll
2019-06-01 17:47 - 2019-06-01 17:47 - 000069120 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2019-06-01 17:47 - 2019-06-01 17:47 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerUI.dll
2019-06-01 17:47 - 2019-06-01 17:47 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AssignedAccessRuntime.dll
2019-06-01 17:47 - 2019-06-01 17:47 - 000051712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerUI.dll
2019-06-01 17:47 - 2019-06-01 17:47 - 000048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\UsoClient.exe
2019-06-01 17:47 - 2019-06-01 17:47 - 000047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AssignedAccessRuntime.dll
2019-06-01 17:47 - 2019-06-01 17:47 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rndismp6.sys
2019-06-01 17:47 - 2019-06-01 17:47 - 000035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2019-06-01 17:47 - 2019-06-01 17:47 - 000031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2019-06-01 17:47 - 2019-06-01 17:47 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2019-06-01 17:47 - 2019-06-01 17:47 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2019-06-01 17:47 - 2019-06-01 17:47 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2019-06-01 17:47 - 2019-06-01 17:47 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2019-06-01 17:47 - 2019-06-01 17:47 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2019-06-01 17:47 - 2019-06-01 17:47 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2019-06-01 17:47 - 2019-06-01 17:47 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2019-06-01 17:47 - 2019-06-01 17:47 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2019-06-01 17:47 - 2019-06-01 17:47 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2019-06-01 17:47 - 2019-06-01 17:47 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2019-05-31 17:46 - 2019-05-31 17:47 - 000000000 ____D C:\Users\raulv\Downloads\Bitdefender Safepay
2019-05-31 17:41 - 2019-05-31 17:41 - 000000000 ____D C:\Users\raulv\AppData\Local\CEF
2019-05-28 22:51 - 2019-05-28 22:51 - 000000000 ____D C:\Program Files\Android
2019-05-28 20:23 - 2019-05-28 22:43 - 000000000 ____D C:\ProgramData\Origin
2019-05-28 20:23 - 2019-05-28 20:24 - 000000000 ____D C:\Users\Androide\AppData\Roaming\Origin
2019-05-28 20:23 - 2019-05-28 20:24 - 000000000 ____D C:\Users\Androide\AppData\Local\Origin
2019-05-28 20:23 - 2019-05-28 20:23 - 000000000 ____D C:\Users\Androide\.QtWebEngineProcess
2019-05-28 20:23 - 2019-05-28 20:23 - 000000000 ____D C:\Users\Androide\.Origin
2019-05-26 10:08 - 2019-06-02 13:00 - 000000000 ____H C:\Users\Androide\Documents\Mi Basededatos.gsdb Grindstone.gsdbl
2019-05-24 15:25 - 2019-05-26 03:22 - 000000000 ____H C:\Users\Androide\Documents\Mi Basededatos.gsdb Grindstone3.gsdbl
2019-05-21 21:35 - 2019-05-26 03:22 - 000249856 _____ C:\Users\Androide\Documents\Mi Basededatos.gsdb Grindstone3.gsdb
2019-05-17 15:47 - 2019-05-17 15:47 - 000072718 _____ C:\ProgramData\dm.update.1558100802.bdinstall.bin
2019-05-17 15:46 - 2019-05-17 15:46 - 000034875 _____ C:\ProgramData\dm.uninstall.1558100807.bdinstall.bin
2019-05-15 21:47 - 2019-05-15 21:47 - 000001276 _____ C:\Users\Public\Desktop\VMware Workstation Pro.lnk
2019-05-15 21:47 - 2019-05-15 21:47 - 000000000 ____D C:\Users\Public\Documents\Shared Virtual Machines
2019-05-15 21:47 - 2019-05-15 21:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VMware
2019-05-15 21:47 - 2019-05-15 21:47 - 000000000 ____D C:\Program Files\Common Files\VMware
2019-05-15 21:47 - 2019-05-04 23:30 - 001266096 _____ (VMware, Inc.) C:\WINDOWS\system32\vnetlib64.dll
2019-05-15 21:47 - 2019-05-04 23:29 - 000396208 _____ (VMware, Inc.) C:\WINDOWS\SysWOW64\vmnat.exe
2019-05-15 21:47 - 2019-05-04 23:29 - 000374192 _____ (VMware, Inc.) C:\WINDOWS\SysWOW64\vmnetdhcp.exe
2019-05-15 21:47 - 2019-05-04 23:29 - 000111632 _____ (VMware, Inc.) C:\WINDOWS\system32\vnetinst.dll
2019-05-15 21:47 - 2019-05-04 23:29 - 000044048 _____ (VMware, Inc.) C:\WINDOWS\system32\Drivers\vmnetuserif.sys
2019-05-15 21:47 - 2019-05-04 23:22 - 000099136 _____ (VMware, Inc.) C:\WINDOWS\system32\Drivers\vmx86.sys
2019-05-15 21:47 - 2019-05-04 23:22 - 000049216 _____ (VMware, Inc.) C:\WINDOWS\system32\Drivers\vmparport.sys
2019-05-15 21:47 - 2019-04-27 01:17 - 000046472 _____ (VMware, Inc.) C:\WINDOWS\system32\vsocklib.dll
2019-05-15 21:47 - 2019-04-27 01:17 - 000042376 _____ (VMware, Inc.) C:\WINDOWS\SysWOW64\vsocklib.dll
2019-05-15 21:47 - 2019-04-27 01:16 - 000092040 _____ (VMware, Inc.) C:\WINDOWS\system32\Drivers\vsock.sys
2019-05-15 21:47 - 2018-11-02 05:21 - 000084752 _____ (VMware, Inc.) C:\WINDOWS\system32\Drivers\hcmon.sys
2019-05-15 21:28 - 2019-05-15 21:28 - 007879680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-05-15 21:28 - 2019-05-15 21:28 - 006072320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-05-15 21:28 - 2019-05-15 21:28 - 004883968 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2019-05-15 21:28 - 2019-05-15 21:28 - 004660736 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2019-05-15 21:28 - 2019-05-15 21:28 - 003905536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2019-05-15 21:28 - 2019-05-15 21:28 - 003743744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2019-05-15 21:28 - 2019-05-15 21:28 - 003602944 _____ (Microsoft Corporation) C:\WINDOWS\system32\tellib.dll
2019-05-15 21:28 - 2019-05-15 21:28 - 003557888 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2019-05-15 21:28 - 2019-05-15 21:28 - 003363856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2019-05-15 21:28 - 2019-05-15 21:28 - 001701888 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2019-05-15 21:28 - 2019-05-15 21:28 - 001641616 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2019-05-15 21:28 - 2019-05-15 21:28 - 001484800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2019-05-15 21:28 - 2019-05-15 21:28 - 001395264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2019-05-15 21:28 - 2019-05-15 21:28 - 001311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2019-05-15 21:28 - 2019-05-15 21:28 - 001290752 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2019-05-15 21:28 - 2019-05-15 21:28 - 001062400 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll
2019-05-15 21:28 - 2019-05-15 21:28 - 001026792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2019-05-15 21:28 - 2019-05-15 21:28 - 000972288 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2019-05-15 21:28 - 2019-05-15 21:28 - 000895792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2019-05-15 21:28 - 2019-05-15 21:28 - 000865280 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2019-05-15 21:28 - 2019-05-15 21:28 - 000840192 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2019-05-15 21:28 - 2019-05-15 21:28 - 000807464 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2019-05-15 21:28 - 2019-05-15 21:28 - 000703488 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2019-05-15 21:28 - 2019-05-15 21:28 - 000684032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2019-05-15 21:28 - 2019-05-15 21:28 - 000680184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2019-05-15 21:28 - 2019-05-15 21:28 - 000660992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2019-05-15 21:28 - 2019-05-15 21:28 - 000594944 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2019-05-15 21:28 - 2019-05-15 21:28 - 000532480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2019-05-15 21:28 - 2019-05-15 21:28 - 000525824 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe
2019-05-15 21:28 - 2019-05-15 21:28 - 000508432 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2019-05-15 21:28 - 2019-05-15 21:28 - 000495104 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2019-05-15 21:28 - 2019-05-15 21:28 - 000449376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2019-05-15 21:28 - 2019-05-15 21:28 - 000444944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2019-05-15 21:28 - 2019-05-15 21:28 - 000427520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2019-05-15 21:28 - 2019-05-15 21:28 - 000387832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2019-05-15 21:28 - 2019-05-15 21:28 - 000376320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspbde40.dll
2019-05-15 21:28 - 2019-05-15 21:28 - 000353280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2019-05-15 21:28 - 2019-05-15 21:28 - 000341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2019-05-15 21:28 - 2019-05-15 21:28 - 000317240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mssecflt.sys
2019-05-15 21:28 - 2019-05-15 21:28 - 000254952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys
2019-05-15 21:28 - 2019-05-15 21:28 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msltus40.dll
2019-05-15 21:28 - 2019-05-15 21:28 - 000223544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelppm.sys
2019-05-15 21:28 - 2019-05-15 21:28 - 000217088 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
2019-05-15 21:28 - 2019-05-15 21:28 - 000216064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
2019-05-15 21:28 - 2019-05-15 21:28 - 000212792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2019-05-15 21:28 - 2019-05-15 21:28 - 000203272 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcbloader.dll
2019-05-15 21:28 - 2019-05-15 21:28 - 000202768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\amdk8.sys
2019-05-15 21:28 - 2019-05-15 21:28 - 000201016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\amdppm.sys
2019-05-15 21:28 - 2019-05-15 21:28 - 000198456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\processr.sys
2019-05-15 21:28 - 2019-05-15 21:28 - 000192824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2019-05-15 21:28 - 2019-05-15 21:28 - 000181248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE
2019-05-15 21:28 - 2019-05-15 21:28 - 000179728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys
2019-05-15 21:28 - 2019-05-15 21:28 - 000179200 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2019-05-15 21:28 - 2019-05-15 21:28 - 000177976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2019-05-15 21:28 - 2019-05-15 21:28 - 000163240 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
2019-05-15 21:28 - 2019-05-15 21:28 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2019-05-15 21:28 - 2019-05-15 21:28 - 000147736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe
2019-05-15 21:28 - 2019-05-15 21:28 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2019-05-15 21:28 - 2019-05-15 21:28 - 000128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-kernel-processor-power-events.dll
2019-05-15 21:28 - 2019-05-15 21:28 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2019-05-15 21:28 - 2019-05-15 21:28 - 000122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
2019-05-15 21:28 - 2019-05-15 21:28 - 000121656 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdnet.dll
2019-05-15 21:28 - 2019-05-15 21:28 - 000098816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2019-05-15 21:28 - 2019-05-15 21:28 - 000092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BTHUSB.SYS
2019-05-15 21:28 - 2019-05-15 21:28 - 000088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2019-05-15 21:28 - 2019-05-15 21:28 - 000079872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dtdump.exe
2019-05-15 21:28 - 2019-05-15 21:28 - 000066688 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptdll.dll
2019-05-15 21:28 - 2019-05-15 21:28 - 000055792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptdll.dll
2019-05-12 14:04 - 2019-05-18 19:14 - 000000000 ____D C:\Program Files\Firefox Developer Edition
2019-05-11 11:03 - 2019-05-11 11:03 - 000046268 _____ C:\ProgramData\vpn.1557565376.11652.bin
2019-05-11 11:03 - 2019-05-11 11:03 - 000037044 _____ C:\ProgramData\vpn.uninstall.1557565382.bdinstall.bin
2019-05-11 11:03 - 2019-05-11 11:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender VPN
2019-05-11 11:03 - 2019-05-11 11:03 - 000000000 ____D C:\ProgramData\Dumps
2019-05-11 11:02 - 2019-05-11 11:03 - 000033829 _____ C:\ProgramData\vpn.1557565376.8696.bin
2019-05-10 16:20 - 2019-05-10 16:25 - 000000000 ____D C:\Users\Roboto\AppData\LocalLow\Mozilla
2019-05-10 16:20 - 2019-05-10 16:20 - 000000000 ____D C:\Users\Roboto\AppData\Roaming\Mozilla
2019-05-10 16:20 - 2019-05-10 16:20 - 000000000 ____D C:\Users\Roboto\AppData\Local\Mozilla
2019-05-10 16:11 - 2019-05-07 21:54 - 001721600 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6443064.dll
2019-05-10 16:11 - 2019-05-07 21:54 - 001467648 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6443064.dll
2019-05-10 16:03 - 2019-05-10 16:03 - 000000000 ____D C:\Users\Roboto\AppData\Local\Wondershare
2019-05-05 20:45 - 2019-05-17 15:46 - 000000000 ____D C:\Users\raulv\AppData\Roaming\Bitdefender
2019-05-05 20:43 - 2019-04-18 19:02 - 001722064 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6443039.dll
2019-05-05 20:43 - 2019-04-18 19:02 - 001467648 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6443039.dll
2019-05-05 20:43 - 2019-04-18 01:25 - 000046848 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdap64.dll
2019-05-05 15:22 - 2019-05-05 15:22 - 005436904 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2019-05-05 15:22 - 2019-05-05 15:22 - 005210904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2019-05-05 15:22 - 2019-05-05 15:22 - 004997096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2019-05-05 15:22 - 2019-05-05 15:22 - 003551112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2019-05-05 15:22 - 2019-05-05 15:22 - 003406848 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVidCtl.dll
2019-05-05 15:22 - 2019-05-05 15:22 - 002701512 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2019-05-05 15:22 - 2019-05-05 15:22 - 002393088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcGenral.dll
2019-05-05 15:22 - 2019-05-05 15:22 - 002205184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVidCtl.dll
2019-05-05 15:22 - 2019-05-05 15:22 - 002073960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2019-05-05 15:22 - 2019-05-05 15:22 - 001994976 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2019-05-05 15:22 - 2019-05-05 15:22 - 001768960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2019-05-05 15:22 - 2019-05-05 15:22 - 001674696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2019-05-05 15:22 - 2019-05-05 15:22 - 001671352 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2019-05-05 15:22 - 2019-05-05 15:22 - 001467552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2019-05-05 15:22 - 2019-05-05 15:22 - 001382912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2019-05-05 15:22 - 2019-05-05 15:22 - 001219640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryPS.dll
2019-05-05 15:22 - 2019-05-05 15:22 - 000949248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2019-05-05 15:22 - 2019-05-05 15:22 - 000815616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MdmDiagnostics.dll
2019-05-05 15:22 - 2019-05-05 15:22 - 000806600 _____ C:\WINDOWS\SysWOW64\locale.nls
2019-05-05 15:22 - 2019-05-05 15:22 - 000806600 _____ C:\WINDOWS\system32\locale.nls
2019-05-05 15:22 - 2019-05-05 15:22 - 000782848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2019-05-05 15:22 - 2019-05-05 15:22 - 000780632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcrt.dll
2019-05-05 15:22 - 2019-05-05 15:22 - 000725696 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2019-05-05 15:22 - 2019-05-05 15:22 - 000695296 _____ (Microsoft Corporation) C:\WINDOWS\system32\hhctrl.ocx
2019-05-05 15:22 - 2019-05-05 15:22 - 000679424 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2019-05-05 15:22 - 2019-05-05 15:22 - 000676256 _____ (Microsoft Corporation) C:\WINDOWS\system32\StateRepository.Core.dll
2019-05-05 15:22 - 2019-05-05 15:22 - 000673280 _____ (Microsoft Corporation) C:\WINDOWS\system32\configmanager2.dll
2019-05-05 15:22 - 2019-05-05 15:22 - 000663552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2019-05-05 15:22 - 2019-05-05 15:22 - 000663552 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2019-05-05 15:22 - 2019-05-05 15:22 - 000651576 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2019-05-05 15:22 - 2019-05-05 15:22 - 000649064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2019-05-05 15:22 - 2019-05-05 15:22 - 000638376 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcrt.dll
2019-05-05 15:22 - 2019-05-05 15:22 - 000610304 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2019-05-05 15:22 - 2019-05-05 15:22 - 000577024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hhctrl.ocx
2019-05-05 15:22 - 2019-05-05 15:22 - 000553656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryPS.dll
2019-05-05 15:22 - 2019-05-05 15:22 - 000553472 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2019-05-05 15:22 - 2019-05-05 15:22 - 000540720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StateRepository.Core.dll
2019-05-05 15:22 - 2019-05-05 15:22 - 000531968 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2019-05-05 15:22 - 2019-05-05 15:22 - 000495616 _____ (Microsoft Corporation) C:\WINDOWS\system32\DDDS.dll
2019-05-05 15:22 - 2019-05-05 15:22 - 000469504 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2019-05-05 15:22 - 2019-05-05 15:22 - 000461824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmenrollengine.dll
2019-05-05 15:22 - 2019-05-05 15:22 - 000454160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2019-05-05 15:22 - 2019-05-05 15:22 - 000424960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2019-05-05 15:22 - 2019-05-05 15:22 - 000424960 _____ (Microsoft Corporation) C:\WINDOWS\system32\SDDS.dll
2019-05-05 15:22 - 2019-05-05 15:22 - 000421392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2019-05-05 15:22 - 2019-05-05 15:22 - 000370176 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxdiag.exe
2019-05-05 15:22 - 2019-05-05 15:22 - 000366592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wldap32.dll
2019-05-05 15:22 - 2019-05-05 15:22 - 000349696 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcGenral.dll
2019-05-05 15:22 - 2019-05-05 15:22 - 000326144 _____ (Microsoft Corporation) C:\WINDOWS\system32\DiagnosticLogCSP.dll
2019-05-05 15:22 - 2019-05-05 15:22 - 000321024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wldap32.dll
2019-05-05 15:22 - 2019-05-05 15:22 - 000320512 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
2019-05-05 15:22 - 2019-05-05 15:22 - 000314368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxdiag.exe
2019-05-05 15:22 - 2019-05-05 15:22 - 000302080 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenterprisediagnostics.dll
2019-05-05 15:22 - 2019-05-05 15:22 - 000263576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2019-05-05 15:22 - 2019-05-05 15:22 - 000254464 _____ (Microsoft Corporation) C:\WINDOWS\system32\notepad.exe
2019-05-05 15:22 - 2019-05-05 15:22 - 000254464 _____ (Microsoft Corporation) C:\WINDOWS\notepad.exe
2019-05-05 15:22 - 2019-05-05 15:22 - 000244224 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpnServiceDS.dll
2019-05-05 15:22 - 2019-05-05 15:22 - 000240128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\notepad.exe
2019-05-05 15:22 - 2019-05-05 15:22 - 000197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2019-05-05 15:22 - 2019-05-05 15:22 - 000161280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2019-05-05 15:22 - 2019-05-05 15:22 - 000157200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2019-05-05 15:22 - 2019-05-05 15:22 - 000153088 _____ (Microsoft Corporation) C:\WINDOWS\system32\fcon.dll
2019-05-05 15:22 - 2019-05-05 15:22 - 000122680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll
2019-05-05 15:22 - 2019-05-05 15:22 - 000109568 _____ C:\WINDOWS\system32\uwfcfgmgmt.dll
2019-05-05 15:22 - 2019-05-05 15:22 - 000101376 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncCsp.dll
2019-05-05 15:22 - 2019-05-05 15:22 - 000086960 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskhostw.exe
2019-05-05 15:22 - 2019-05-05 15:22 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\EASPolicyManagerBrokerHost.exe
2019-05-05 15:22 - 2019-05-05 15:22 - 000051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\MdmDiagnosticsTool.exe
2019-05-05 12:35 - 2019-05-05 12:35 - 000000000 ____D C:\Users\raulv\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NirSoft Wireless Network Watcher
2019-05-05 12:35 - 2019-05-05 12:35 - 000000000 ____D C:\Program Files (x86)\NirSoft
2019-05-05 12:30 - 2019-05-05 12:30 - 000001118 _____ C:\Users\Androide\Desktop\WifiInfoView.exe - Acceso directo.lnk
2019-05-04 23:29 - 2019-05-04 23:29 - 000103440 _____ (VMware, Inc.) C:\WINDOWS\system32\vmnetbridge.dll
2019-05-04 23:29 - 2019-05-04 23:29 - 000066576 _____ (VMware, Inc.) C:\WINDOWS\system32\Drivers\vmnetbridge.sys
2019-05-04 23:29 - 2019-05-04 23:29 - 000046096 _____ (VMware, Inc.) C:\WINDOWS\system32\Drivers\vmnetadapter.sys
2019-05-04 23:29 - 2019-05-04 23:29 - 000046096 _____ (VMware, Inc.) C:\WINDOWS\system32\Drivers\vmnet.sys
2019-05-04 12:49 - 2019-05-04 12:49 - 000000000 ____D C:\Users\Androide\AppData\Local\Downloaded Installations
2019-05-03 17:57 - 2019-06-02 13:00 - 000241664 _____ C:\Users\Androide\Documents\Mi Basededatos.gsdb Grindstone.gsdb

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-06-02 13:29 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-06-02 13:29 - 2018-09-15 09:33 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-06-02 13:21 - 2018-11-27 14:41 - 000000000 ____D C:\Users\Roboto\AppData\Local\CrashDumps
2019-06-02 13:21 - 2018-09-15 09:31 - 000000000 ____D C:\WINDOWS\INF
2019-06-02 13:18 - 2018-12-20 14:16 - 001803474 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-06-02 13:18 - 2018-09-15 18:37 - 000795480 _____ C:\WINDOWS\system32\perfh00A.dat
2019-06-02 13:18 - 2018-09-15 18:37 - 000168540 _____ C:\WINDOWS\system32\perfc00A.dat
2019-06-02 13:14 - 2018-11-26 19:50 - 000000000 ____D C:\ProgramData\NVIDIA
2019-06-02 13:13 - 2019-04-09 19:31 - 000006389 _____ C:\bdlog.txt
2019-06-02 13:13 - 2019-02-01 18:04 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2019-06-02 13:13 - 2019-01-31 23:15 - 000000000 ____D C:\ProgramData\VMware
2019-06-02 13:13 - 2018-12-20 14:21 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-06-02 13:13 - 2018-09-15 08:09 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2019-06-02 12:58 - 2019-01-13 19:24 - 000000000 ____D C:\Users\Androide\AppData\Roaming\Code
2019-06-02 12:48 - 2018-12-20 14:11 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-06-01 23:07 - 2018-11-26 19:50 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2019-06-01 22:50 - 2018-09-15 09:33 - 000000000 ___SD C:\WINDOWS\Downloaded Program Files
2019-06-01 22:50 - 2018-09-15 09:33 - 000000000 ___RD C:\WINDOWS\Offline Web Pages
2019-06-01 22:42 - 2018-12-20 14:21 - 000004308 _____ C:\WINDOWS\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-06-01 22:42 - 2018-12-20 14:21 - 000004106 _____ C:\WINDOWS\System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-06-01 22:42 - 2018-12-20 14:21 - 000003976 _____ C:\WINDOWS\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-06-01 22:42 - 2018-12-20 14:21 - 000003940 _____ C:\WINDOWS\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-06-01 22:42 - 2018-12-20 14:21 - 000003894 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-06-01 22:42 - 2018-12-20 14:21 - 000003654 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-06-01 22:42 - 2018-11-27 02:13 - 000001443 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2019-06-01 22:42 - 2018-11-26 19:50 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2019-06-01 22:42 - 2018-11-26 19:50 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2019-06-01 21:44 - 2018-09-15 08:09 - 000065536 _____ C:\WINDOWS\system32\config\ELAM
2019-06-01 21:42 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\system32\NDF
2019-06-01 19:52 - 2019-03-07 14:31 - 000000000 ____D C:\WINDOWS\Minidump
2019-06-01 19:52 - 2019-01-08 22:59 - 000000000 ____D C:\Users\raulv\AppData\Local\CrashDumps
2019-06-01 19:52 - 2018-12-19 12:15 - 000000000 ___DC C:\WINDOWS\Panther
2019-06-01 19:52 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2019-06-01 18:26 - 2019-04-13 12:10 - 000000000 ____D C:\Users\raulv\AppData\Roaming\Wondershare
2019-06-01 17:50 - 2018-12-20 14:11 - 000354456 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-06-01 17:49 - 2019-01-31 23:28 - 000000000 ____D C:\Users\raulv\AppData\Roaming\VMware
2019-06-01 17:49 - 2019-01-31 23:28 - 000000000 ____D C:\Users\raulv\AppData\Local\VMware
2019-06-01 17:49 - 2018-09-15 09:33 - 000000000 ___RD C:\Program Files\Windows Defender
2019-06-01 17:49 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-06-01 17:48 - 2018-09-15 09:23 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-06-01 17:42 - 2018-12-13 17:22 - 000000000 ____D C:\Users\Androide\AppData\Roaming\vlc
2019-06-01 17:38 - 2018-11-26 23:37 - 000000000 ____D C:\Users\Androide\AppData\Local\Free Download Manager
2019-05-31 21:28 - 2018-09-15 09:33 - 000000000 ___HD C:\Program Files\WindowsApps
2019-05-31 20:43 - 2019-01-13 19:24 - 000000000 ____D C:\Users\Androide\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Visual Studio Code
2019-05-31 17:46 - 2018-11-27 11:22 - 000000000 ____D C:\Users\raulv\AppData\Roaming\Foxit Software
2019-05-29 18:43 - 2018-11-26 20:09 - 000000000 ____D C:\ProgramData\Packages
2019-05-28 23:21 - 2019-01-05 20:52 - 000000000 ____D C:\Users\raulv\AppData\Roaming\Visual Studio Setup
2019-05-28 23:13 - 2018-11-26 23:11 - 000000000 ____D C:\Users\Androide\AppData\Local\D3DSCache
2019-05-28 23:07 - 2019-01-05 21:04 - 000000000 ____D C:\Program Files\IIS Express
2019-05-28 23:07 - 2019-01-05 21:04 - 000000000 ____D C:\Program Files (x86)\IIS Express
2019-05-28 23:07 - 2018-11-26 23:59 - 000000000 ____D C:\ProgramData\Package Cache
2019-05-28 23:01 - 2019-01-05 20:56 - 000000000 ____D C:\Program Files (x86)\Microsoft SDKs
2019-05-28 22:57 - 2019-01-12 15:12 - 000000000 ____D C:\Program Files (x86)\Microsoft XDE
2019-05-28 22:46 - 2019-01-05 21:04 - 000000000 ____D C:\Users\raulv\.dotnet
2019-05-28 22:45 - 2019-01-05 21:03 - 000000000 ____D C:\Program Files\dotnet
2019-05-28 22:45 - 2018-09-15 09:33 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2019-05-28 22:38 - 2019-01-05 20:52 - 000001355 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio Installer.lnk
2019-05-28 22:37 - 2018-11-28 14:43 - 000000000 ____D C:\Program Files (x86)\Microsoft Visual Studio
2019-05-28 20:23 - 2018-12-20 14:14 - 000000000 ____D C:\Users\Androide
2019-05-27 21:43 - 2018-11-27 22:44 - 000007873 _____ C:\WINDOWS\BRRBCOM.INI
2019-05-27 21:03 - 2018-12-20 14:21 - 000004238 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1543267643
2019-05-27 21:03 - 2018-11-26 23:27 - 000001408 _____ C:\Users\Androide\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Navegador Opera.lnk
2019-05-25 16:43 - 2019-01-30 23:43 - 000000000 ____D C:\ProgramData\VirtualBox
2019-05-25 16:43 - 2018-11-27 00:12 - 000000000 ____D C:\Users\raulv\.VirtualBox
2019-05-25 12:48 - 2018-12-20 14:21 - 000003378 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1898291047-2095299667-44433578-1004
2019-05-25 12:48 - 2018-12-20 14:14 - 000002400 _____ C:\Users\Roboto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-05-25 12:48 - 2018-11-27 14:39 - 000000000 ___RD C:\Users\Roboto\OneDrive
2019-05-25 12:47 - 2018-11-26 19:53 - 000000000 ____D C:\Users\raulv\AppData\Local\Packages
2019-05-23 19:08 - 2018-12-20 14:21 - 000003382 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1898291047-2095299667-44433578-1003
2019-05-23 19:08 - 2018-12-20 14:14 - 000002406 _____ C:\Users\Androide\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-05-23 19:08 - 2018-11-26 22:36 - 000000000 ___RD C:\Users\Androide\OneDrive
2019-05-23 18:21 - 2018-12-12 16:29 - 002039768 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2019-05-23 18:14 - 2018-12-12 16:29 - 005085672 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2019-05-23 01:39 - 2018-12-12 16:29 - 000052456 _____ C:\WINDOWS\system32\nvinfo.pb
2019-05-23 00:32 - 2018-11-26 23:00 - 000002299 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-05-23 00:32 - 2018-11-26 23:00 - 000002258 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-05-23 00:01 - 2018-11-26 19:50 - 005432688 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2019-05-23 00:01 - 2018-11-26 19:50 - 002637808 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2019-05-23 00:01 - 2018-11-26 19:50 - 001767920 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2019-05-23 00:01 - 2018-11-26 19:50 - 000650608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2019-05-23 00:01 - 2018-11-26 19:50 - 000450872 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2019-05-23 00:01 - 2018-11-26 19:50 - 000125240 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2019-05-23 00:01 - 2018-11-26 19:50 - 000083440 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2019-05-22 17:03 - 2018-11-26 19:50 - 008579232 _____ C:\WINDOWS\system32\nvcoproc.bin
2019-05-22 15:45 - 2018-12-12 15:59 - 002785592 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2019-05-22 15:45 - 2018-12-12 15:59 - 002164536 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2019-05-22 15:45 - 2018-12-12 15:59 - 001316208 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvRtmpStreamer64.dll
2019-05-22 15:40 - 2018-11-27 02:13 - 000001951 _____ C:\WINDOWS\NvTelemetryContainerRecovery.bat
2019-05-18 19:29 - 2018-11-26 23:26 - 000000000 ____D C:\Users\Androide\AppData\LocalLow\Mozilla
2019-05-17 18:06 - 2019-01-31 23:22 - 000000000 ____D C:\Users\Androide\AppData\Roaming\VMware
2019-05-17 18:06 - 2019-01-31 23:22 - 000000000 ____D C:\Users\Androide\AppData\Local\VMware
2019-05-15 21:48 - 2018-09-15 09:33 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2019-05-15 21:47 - 2019-01-31 23:15 - 001824748 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2019-05-15 21:47 - 2019-01-31 23:15 - 000000000 ____D C:\Program Files (x86)\VMware
2019-05-15 21:25 - 2018-12-20 14:21 - 000003620 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2019-05-15 21:25 - 2018-12-20 14:21 - 000003496 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2019-05-15 21:15 - 2018-11-26 23:26 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-05-14 21:51 - 2018-11-26 20:07 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-05-14 21:48 - 2018-11-26 20:07 - 132445408 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-05-14 19:15 - 2018-12-13 10:15 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2019-05-13 23:23 - 2018-09-15 09:36 - 000835688 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2019-05-13 23:23 - 2018-09-15 09:36 - 000179816 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2019-05-12 14:19 - 2018-12-13 09:35 - 000000000 ____D C:\Program Files\Mozilla Firefox
2019-05-12 14:08 - 2018-11-26 23:26 - 000001075 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox Developer Edition.lnk
2019-05-11 15:15 - 2019-02-19 12:56 - 000153328 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2019-05-11 11:03 - 2019-04-06 18:56 - 000002191 _____ C:\Users\Public\Desktop\Bitdefender VPN.lnk
2019-05-11 11:03 - 2019-04-06 18:55 - 000000000 ____D C:\Program Files\Bitdefender
2019-05-10 16:04 - 2018-11-27 14:40 - 000000000 ____D C:\Users\Roboto\AppData\Local\NVIDIA Corporation
2019-05-10 16:03 - 2018-11-27 14:38 - 000000000 ____D C:\Users\Roboto\AppData\Local\Packages
2019-05-08 00:14 - 2018-11-26 22:35 - 000000000 ____D C:\Users\Androide\AppData\Local\Packages
2019-05-07 23:40 - 2018-11-26 22:36 - 000000000 ____D C:\Users\Androide\AppData\Local\PlaceholderTileLogoFolder
2019-05-05 20:44 - 2018-11-27 02:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2019-05-05 19:53 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\TextInput
2019-05-05 19:53 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\ShellExperiences
2019-05-05 19:53 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2019-05-04 17:05 - 2018-11-28 15:32 - 000000000 ____D C:\Users\Androide\AppData\Local\CrashDumps
2019-05-04 04:11 - 2018-11-27 01:43 - 000000000 ____D C:\Users\Androide\AppData\Roaming\Notepad++
2019-05-04 04:11 - 2018-11-27 01:42 - 000001100 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++.lnk
2019-05-04 04:11 - 2018-11-27 01:42 - 000000000 ____D C:\Users\raulv\AppData\Roaming\Notepad++
2019-05-04 04:11 - 2018-11-27 01:42 - 000000000 ____D C:\Program Files (x86)\Notepad++

==================== SigCheck ===============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ============================

He seguido todos los pasos como me habéis pedido , desactivando el antivirus Bit Defender y ejecutando todos los programas que me habéis pedido como administrador y sin conexión a Internet pero sigue apareciéndome en inicio este acceso directo.

image.jpg671×600 88.3 KB

Cuando pasé el Malware-bytes , me apareció un malware el cual borre , me imagino que aparecerá reflejado en el reporte que se saco.

¿ Qué significa que siga apareciendo esto ? ¿ Cómo puedo borrarlo ?

Todavía no hemos aplicado las correcciones, por lo que el problema es normal que siga,paciencia, que ahora se va a solucionar

Bien… y ahora sigue estos pasos, MUY Importante ~ Realiza una copia de seguridad del registro :

• Para hacerlo descarga Delfix en tu escritorio.

• Doble clic para ejecutarlo.(Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona "Ejecutar como Administrador.")

• Atención, ahora marca/selecciona únicamente la casilla "Create registry backup", las demás NO

• Pulsar en Run.

Se abrirá el informe (DelFix.txt), guárdalo por si fuera necesario y cierra la herramienta.

En el equipo con los demas programas cerrados:

Inicio >>> Ejecutar >>>Escribes notepad.exe.

Ahora copia y pega estos archivos dentro del Notepad:

Start
CreateRestorePoint:
CloseProcesses:

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox Developer Edition.lnk -> C:\Program Files\Firefox Developer Edition\firefox.exe (Mozilla Corporation)
Shortcut: C:\Users\Public\Desktop\Firefox Developer Edition.lnk -> C:\Program Files\Firefox Developer Edition\firefox.exe (Mozilla Corporation)
ShortcutWithArgument: C:\Users\Roboto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\JSTorrent Lite.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory=Default --app-id=abmohcnlldaiaodkpacnldcdnjjgldfh
AlternateDataStreams: C:\Users\Androide\Desktop\MEGA css.url:BDU [1]
HKLM\...\StartupApproved\Run32: => "Wondershare Helper Compact.exe"
GroupPolicy: Restriction ? <==== ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
C:\Program Files (x86)\Common Files\Wondershare
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2137744 2016-10-08] (Wondershare software CO., LIMITED -> Wondershare)
2019-05-10 16:03 - 2019-05-10 16:03 - 000000000 ____D C:\Users\Roboto\AppData\Local\Wondershare
2019-06-01 18:26 - 2019-04-13 12:10 - 000000000 ____D C:\Users\raulv\AppData\Roaming\Wondershare

HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
END

Lo guardas bajo el nombre de fixlist.txt en el escritorio <<< Esto es muy importante.<<

Nota: Es importante que la Hta Frst.exe y fixlist.txt se encuentren en la misma ubicación (escritorio) o si no no trabajara.

• Y ahora usa esta Faq de Windows ¿Cómo iniciar Windows en Modo Seguro (Aplicable a Windows 10)?, para trabajar desde ese modo de windows. (Usa el Metodo 1 y si no puedes, usa el Metodo 2)

• Ejecutas Frst.exe.

• Presionas el botón Fix y aguardas a que termine.

• La Herramienta guardara el reporte en tu escritorio (Fixlog.txt).

Lo pegas en tu próxima respuesta, comentado como va el problema

Saludos. He seguido todos los pasos que me has comentado. Os añado los datos del archivo Fixlog.txt

Fix result of Farbar Recovery Scan Tool (x64) Version: 01-06-2019
Ran by Androide (02-06-2019 21:02:15) Run:1
Running from C:\Users\Androide\Desktop
Loaded Profiles: Androide (Available Profiles: Rad & Androide & Roboto & DevToolsUser)
Boot Mode: Safe Mode (with Networking)
==============================================

fixlist content:
*****************
Start
CreateRestorePoint:
CloseProcesses:

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox Developer Edition.lnk -> C:\Program Files\Firefox Developer Edition\firefox.exe (Mozilla Corporation)
Shortcut: C:\Users\Public\Desktop\Firefox Developer Edition.lnk -> C:\Program Files\Firefox Developer Edition\firefox.exe (Mozilla Corporation)
ShortcutWithArgument: C:\Users\Roboto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\JSTorrent Lite.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory=Default --app-id=abmohcnlldaiaodkpacnldcdnjjgldfh
AlternateDataStreams: C:\Users\Androide\Desktop\MEGA css.url:BDU [1]
HKLM\...\StartupApproved\Run32: => "Wondershare Helper Compact.exe"
GroupPolicy: Restriction ? <==== ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
C:\Program Files (x86)\Common Files\Wondershare
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2137744 2016-10-08] (Wondershare software CO., LIMITED -> Wondershare)
2019-05-10 16:03 - 2019-05-10 16:03 - 000000000 ____D C:\Users\Roboto\AppData\Local\Wondershare
2019-06-01 18:26 - 2019-04-13 12:10 - 000000000 ____D C:\Users\raulv\AppData\Roaming\Wondershare

HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
END
*****************

Error: Restore point can only be created in normal mode.
Processes closed successfully.
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox Developer Edition.lnk" => Could not move.
"C:\Users\Public\Desktop\Firefox Developer Edition.lnk" => Could not move.
C:\Users\Roboto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\JSTorrent Lite.lnk => Shortcut argument removed successfully
C:\Users\Androide\Desktop\MEGA css.url => ":BDU" ADS removed successfully
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32\\Wondershare Helper Compact.exe" => could not remove
"HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Wondershare Helper Compact.exe" => removed successfully

"C:\WINDOWS\system32\GroupPolicy\Machine" folder move:

Could not move "C:\WINDOWS\system32\GroupPolicy\Machine" => Scheduled to move on reboot.

Could not move "C:\WINDOWS\system32\GroupPolicy\GPT.ini" => Scheduled to move on reboot.
Could not move "C:\WINDOWS\SysWOW64\GroupPolicy\GPT.ini" => Scheduled to move on reboot.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => Error setting value.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Start Page => Error setting value.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Page_URL => Error setting value.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL => Error setting value.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Search_URL => Error setting value.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Search_URL => Error setting value.

"C:\Program Files (x86)\Common Files\Wondershare" folder move:

Could not move "C:\Program Files (x86)\Common Files\Wondershare" => Scheduled to move on reboot.

"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Wondershare Helper Compact.exe" => not found
C:\Users\Roboto\AppData\Local\Wondershare => moved successfully
C:\Users\raulv\AppData\Roaming\Wondershare => moved successfully
Could not move "C:\Windows\System32\Drivers\etc\hosts" => Scheduled to move on reboot.

========= RemoveProxy: =========

"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => could not remove
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => could not remove
"HKU\S-1-5-21-1898291047-2095299667-44433578-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\S-1-5-21-1898291047-2095299667-44433578-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully


========= End of RemoveProxy: =========


========= netsh winsock reset =========

La operaci¢n solicitada requiere elevaci¢n (Ejecutar como administrador).


========= End of CMD: =========


========= ipconfig /renew =========


Configuraci¢n IP de Windows

No se puede realizar ninguna operaci¢n en Ethernet 3 mientras los medios
est‚n desconectados.

Adaptador de Ethernet VirtualBox Host-Only Network #2:

   Sufijo DNS espec¡fico para la conexi¢n. . : 
   V¡nculo: direcci¢n IPv6 local. . . : fe80::21d0:e02:2135:b466%25
   Direcci¢n IPv4. . . . . . . . . . . . . . : 192.168.56.1
   M scara de subred . . . . . . . . . . . . : 255.255.255.0
   Puerta de enlace predeterminada . . . . . : 

Adaptador de Ethernet Ethernet:

   Sufijo DNS espec¡fico para la conexi¢n. . : Home
   V¡nculo: direcci¢n IPv6 local. . . : fe80::f06d:37bd:c2f1:427b%15
   Direcci¢n IPv4. . . . . . . . . . . . . . : 192.168.1.43
   M scara de subred . . . . . . . . . . . . : 255.255.255.0
   Puerta de enlace predeterminada . . . . . : 192.168.1.1

Adaptador de Ethernet VMware Network Adapter VMnet1:

   Sufijo DNS espec¡fico para la conexi¢n. . : 
   V¡nculo: direcci¢n IPv6 local. . . : fe80::e1d2:ed6:f7e8:d2a2%22
   Direcci¢n IPv4. . . . . . . . . . . . . . : 192.168.89.1
   M scara de subred . . . . . . . . . . . . : 255.255.255.0
   Puerta de enlace predeterminada . . . . . : 

Adaptador de Ethernet VMware Network Adapter VMnet8:

   Sufijo DNS espec¡fico para la conexi¢n. . : 
   V¡nculo: direcci¢n IPv6 local. . . : fe80::996b:dc34:4e41:7103%9
   Direcci¢n IPv4. . . . . . . . . . . . . . : 192.168.114.1
   M scara de subred . . . . . . . . . . . . : 255.255.255.0
   Puerta de enlace predeterminada . . . . . : 

Adaptador de Ethernet Ethernet 3:

   Estado de los medios. . . . . . . . . . . : medios desconectados
   Sufijo DNS espec¡fico para la conexi¢n. . : 

========= End of CMD: =========


========= ipconfig /flushdns =========


Configuraci¢n IP de Windows

Se vaci¢ correctamente la cach‚ de resoluci¢n de DNS.

========= End of CMD: =========


========= bitsadmin /reset /allusers =========


BITSADMIN version 3.0
BITS administration utility.
(C) Copyright Microsoft Corp.

Unable to connect to BITS - 0x8007043c
El servicio no puede iniciarse en modo a prueba de errores



========= End of CMD: =========


========= netsh advfirewall reset =========

La operaci¢n solicitada requiere elevaci¢n (Ejecutar como administrador).


========= End of CMD: =========


========= netsh advfirewall set allprofiles state ON =========

La operaci¢n solicitada requiere elevaci¢n (Ejecutar como administrador).


========= End of CMD: =========


========= netsh int ipv4 reset =========

Reenv¡o de compartimiento se restableci¢ correctamente.
Compartimiento se restableci¢ correctamente.
Protocolo de control se restableci¢ correctamente.
Solicitud de secuencia eco se restableci¢ correctamente.
Error al restablecer Global.
La operaci¢n solicitada requiere elevaci¢n (Ejecutar como administrador).
Interfaz se restableci¢ correctamente.
Direcci¢n de difusi¢n por proximidad (a se restableci¢ correctamente.
Direcciones de multidifusi¢n se restableci¢ correctamente.
Direcci¢n de unidifusi¢n se restableci¢ correctamente.
Error al restablecer Vecino.
La operaci¢n solicitada requiere elevaci¢n (Ejecutar como administrador).
Error al restablecer Ruta de acceso.
La operaci¢n solicitada requiere elevaci¢n (Ejecutar como administrador).
Posible se restableci¢ correctamente.
Directiva de prefijo se restableci¢ correctamente.
Vecino de proxy se restableci¢ correctamente.
Ruta se restableci¢ correctamente.
Prefijo de sitio se restableci¢ correctamente.
Subinterfaz se restableci¢ correctamente.
Patr¢n de reactivaci¢n se restableci¢ correctamente.
Resolver vecino se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
Error al restablecer .
La operaci¢n solicitada requiere elevaci¢n (Ejecutar como administrador).
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
Error al restablecer .
La operaci¢n solicitada requiere elevaci¢n (Ejecutar como administrador).
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.


========= End of CMD: =========


========= netsh int ipv6 reset =========

Reenv¡o de compartimiento se restableci¢ correctamente.
Compartimiento se restableci¢ correctamente.
Protocolo de control se restableci¢ correctamente.
Solicitud de secuencia eco se restableci¢ correctamente.
Global se restableci¢ correctamente.
Error al restablecer Interfaz.
La operaci¢n solicitada requiere elevaci¢n (Ejecutar como administrador).
Direcci¢n de difusi¢n por proximidad (a se restableci¢ correctamente.
Direcciones de multidifusi¢n se restableci¢ correctamente.
Direcci¢n de unidifusi¢n se restableci¢ correctamente.
Error al restablecer Vecino.
La operaci¢n solicitada requiere elevaci¢n (Ejecutar como administrador).
Error al restablecer Ruta de acceso.
La operaci¢n solicitada requiere elevaci¢n (Ejecutar como administrador).
Posible se restableci¢ correctamente.
Directiva de prefijo se restableci¢ correctamente.
Vecino de proxy se restableci¢ correctamente.
Ruta se restableci¢ correctamente.
Prefijo de sitio se restableci¢ correctamente.
Subinterfaz se restableci¢ correctamente.
Patr¢n de reactivaci¢n se restableci¢ correctamente.
Resolver vecino se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
Error al restablecer .
La operaci¢n solicitada requiere elevaci¢n (Ejecutar como administrador).
 se restableci¢ correctamente.
Error al restablecer .
La operaci¢n solicitada requiere elevaci¢n (Ejecutar como administrador).
 se restableci¢ correctamente.
Error al restablecer .
La operaci¢n solicitada requiere elevaci¢n (Ejecutar como administrador).
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.


========= End of CMD: =========


=========== EmptyTemp: ==========

BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 941417979 B
Java, Flash, Steam htmlcache => 1110 B
Windows/system/drivers => 0 B
Edge => 3953712 B
Chrome => 2538357806 B
Firefox => 1027195919 B
Opera => 389349586 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
LocalService => 0 B
LocalService => 0 B
NetworkService => 0 B
NetworkService => 0 B
raulv => 881565 B
Androide => 273671218 B
Roboto => 32303122 B
DevToolsUser => 0 B

RecycleBin => 0 B
EmptyTemp: => 4.8 GB temporary data Removed.

================================

Después de todas estas operaciones he mirado los programas que se inicia con el sistema mediante ‘msconfig’ y ya no ha vuelto a aparecer más el programa Wondershare Studio que os comente. No se realmente si ya se ha eliminado este malware. De todas formas os doy las gracias por el fabuloso trabajo y por atenderme en domingo tan rápido y eficaz.

• Si quieres darme algún consejo para evitar este tipo de problemas en el futuro y que programas puedo usar para proteger mejor mi ordenador te lo agradecería.

Hasta pronto!

Wondershare es una compañía de productos, legal, pero muchos de ellos se instalan sin que queramos, cuando instalamos otros productos, de ahi que ningún antimalware lo detecto, incluido Bitdefender, pues no es un virus.

Seguro se te instalo con otro programa.

Para eliminar las herramientas usadas en la desinfección, realizas:

• Descargas y Ejecutas >> Delfix, en tu escritorio.

• Doble clic para ejecutarlo.(Si usas Windows Vista/7 /8 /10,presiona clic derecho y selecciona >>;Ejecutar como Administrador.)

• Marca solamente la casilla Remove disinfection tools

• Pulsar en Run.

Se abrirá el informe (DelFix.txt), guárdalo por si fuera necesario y cierra la herramienta.

Si queda alguna herramienta, la desinstalas desde panel de Windows y aquellas que no estén listadas, se eliminan directamente.

Me alegro de haberte podido ayudar!

Saludos Miguelgrado.

Me has ayudado mucho y además me has enseñado bastante cosas interesantes.

Muy feliz de entrar aquí , por tu ayuda y los demás temas comentados.

Te deseo lo mejor.

Gracias… igualmente.

Saludos