Error en comando regedit

#1

Error en el comando REGEDIT. CARPETA. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control{ 7746D80F - 97E0 - 4E26 - 9543 - 26B41FC22F79 }. solicito informacion por favor. ¿como poder solucionar ese error

#2

Hola

Explica mejor cual es el problema, pues no se entiende

Cuando sucede , etc

#3

hola muchas gracias por responder. el problema es que me da error en el comando REGEDIT. CARPETA.HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control{ 7746D80F-97E0-4E26-9543-26B41FC22F79* }

yo investigue. descargue farbar. hice un escaneo y tengo los dos reportes. esta muy lento el sistema para encender apagar. y los programas no estan funcionando bien.

#4

solo realice el scaner. pero de hay guarde los reportes y no hice nada mas. me arroja gran cantidad de error. al entrar en la carpeta 7746D80F-97E0-4E26-9543-26B41FC22F79* } me dice “error al abrir clave”

#6

no me queda claro exactamente qué es lo que quieres hacer con esa clave… borrar la …cambiar la …editarla y por qué motivo

Realiza los siguientes pasos, , sin cambiar el orden

1) Descarga, actualiza y ejecuta Malwarebytes’ Anti-Malware,

Manual Malwarebytes, para que sepas usarlo y configurarlo.

  • Realiza un Análisis Personalizado,marcando Todas las casillas de la derecha y de la Izquierda actualizando si te lo pide.
  • Pulsar en “Eliminar Seleccionados” para enviarlo a la cuarentena y Reinicias el sistema.
  • Para acceder posteriormente al informe del análisis : Informes >> Registro de análisis >> Pulsar en >> Exportar >> Copiar al Portapapeles, y lo pegas en tu respuesta

2) Descarga Adwcleaner en el escritorio.

  • Desactiva tu antivirus :arrow_forward:Como deshabilitar temporalmente un antivirus y cualquier programa de seguridad.

  • Ejecuta Adwcleaner.exe (Si usas Windows Vista/7 u 8 presiona clic derecho y selecciona "Ejecutar como Administrador.")

  • Pulsar en el botón Analizar Ahora, y espera a que se realice el proceso, inmediatamente pulsa sobre el botón Iniciar Reparacion.

  • Espera a que se complete y sigue las instrucciones, si te pidiera Reiniciar el sistema Aceptas.

  • Si no encuentra nada, pulsamos “Omitir Reparación

  • El log lo encontramos en la pestaña “Informes”, volviendo a abrir el programa, si es necesario o en"C:\AdwCleaner\Logs\AdwCleaner[C0].txt"

Puedes mirar su manual >> Manual de Adwcleaner

3) Descarga Ccleaner

Instalalo y ejecútalo. En la pestaña limpiador dejas como esta configurada predeterminadamente, haces clic en analizar esperas que termine > clic en ejecutar limpiador. Clic en la pestaña Registro > clic en buscar problemas esperas que termine > clic en Reparar Seleccionadas y haces una copia de seguridad.

Pega los reportes de Malwarebytes, AdwCleaner y comentas como va el problema.


#7

Si lo que sucede con esa clave es que me indica un error. Yo ingresé un texto en ella. Que realmente no iba en esa carpeta. Me equivoqué de carpeta. Y a partir de hay me indica ese error. Quiero ingresar en ella y no tengo acceso. Al hacer un mal registro me generó un error y ha afectado el sistema.

#8

descarga Delfix en tu escritorio.

  • Doble clic para ejecutarlo.(Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona "Ejecutar como Administrador.")

  • Atención, ahora marca/selecciona únicamente la casilla "Create registry backup", las demás NO

  • Pulsar en Run.

Se abrirá el informe (DelFix.txt), guárdalo por si fuera necesario y cierra la herramienta.


Paso 1 >> https://www.softzone.es/2016/07/14/conseguir-permisos-modificar-claves-del-registro-windows-protegidas/

Si No se soluciona con esto, Paso siguiente

Paso 2 - Ahora descarga en el escritorio >> https://es.malwarebytes.com/regassassin/

Abre el editor del registro y vete a esa clave que quieres modificar y boton derecho- copiar nombre de la clave

Ejecutas la herramienta anterior y pegas la ruta de esa clave

ATENCION::::: DE LAS DOS CASILLAS QUE ESTAN DEBAJO, DEJA SOLO MARCADA LA PRIMERA,RESET REGISTRY KEY PERMISIONS y desmarcas la otra

Das a delete y luego intenta volver a cambiarla

#9

hola buenas tardes. estos son los reportes de malwarebytes.

Malwarebytes
www.malwarebytes.com

-Detalles del registro-
Fecha del análisis: 30/3/19
Hora del análisis: 21:45
Archivo de registro: 4fac6062-534e-11e9-a5aa-505bc2647286.json

-Información del software-
Versión: 3.7.1.2839
Versión de los componentes: 1.0.563
Versión del paquete de actualización: 1.0.9930
Licencia: Premium

-Información del sistema-
SO: Windows 10 (Build 16299.1029)
CPU: x64
Sistema de archivos: NTFS
Usuario: LAPTOP-KBKN1DCB\Jose Angel Ramirez

-Resumen del análisis-
Tipo de análisis: Análisis personalizado
Análisis iniciado por:: Manual
Resultado: Completado
Objetos analizados: 394561
Amenazas detectadas: 28
Amenazas en cuarentena: 27
Tiempo transcurrido: 1 hr, 43 min, 0 seg

-Opciones de análisis-
Memoria: Activado
Inicio: Activado
Sistema de archivos: Activado
Archivo: Activado
Rootkits: Activado
Heurística: Activado
PUP: Detectar
PUM: Detectar

-Detalles del análisis-
Proceso: 0
(No hay elementos maliciosos detectados)

Módulo: 0
(No hay elementos maliciosos detectados)

Clave del registro: 18
Trojan.Agent.CK, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{2DC9EF5F-AE1C-45B0-A263-229835CE4F46}, En cuarentena, [4447], [400550],1.0.9930
Trojan.Agent.CK, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\PLAIN\{2DC9EF5F-AE1C-45B0-A263-229835CE4F46}, En cuarentena, [4447], [400550],1.0.9930
Trojan.Agent.CK, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\OInstall, En cuarentena, [4447], [400550],1.0.9930
PUP.Optional.InstallCore.Generic, HKLM\SOFTWARE\CLASSES\TYPELIB\{B0407D14-269B-4E52-893C-440DA17813C3}, En cuarentena, [544], [621110],1.0.9930
PUP.Optional.InstallCore.Generic, HKLM\SOFTWARE\CLASSES\INTERFACE\{21A9C99D-CCD8-42BD-AFC9-B074ABCA319F}, En cuarentena, [544], [621110],1.0.9930
PUP.Optional.InstallCore.Generic, HKLM\SOFTWARE\CLASSES\INTERFACE\{40BD26C6-3139-47F3-84E6-E33B002ED5DE}, En cuarentena, [544], [621110],1.0.9930
PUP.Optional.InstallCore.Generic, HKLM\SOFTWARE\CLASSES\INTERFACE\{70AF754A-8580-4C00-B2BA-857037BE831F}, En cuarentena, [544], [621110],1.0.9930
PUP.Optional.InstallCore.Generic, HKLM\SOFTWARE\CLASSES\INTERFACE\{963D710B-65FA-4C8F-A0F8-D1D6D7E39037}, En cuarentena, [544], [621110],1.0.9930
PUP.Optional.InstallCore.Generic, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{21A9C99D-CCD8-42BD-AFC9-B074ABCA319F}, En cuarentena, [544], [621110],1.0.9930
PUP.Optional.InstallCore.Generic, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{40BD26C6-3139-47F3-84E6-E33B002ED5DE}, En cuarentena, [544], [621110],1.0.9930
PUP.Optional.InstallCore.Generic, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{70AF754A-8580-4C00-B2BA-857037BE831F}, En cuarentena, [544], [621110],1.0.9930
PUP.Optional.InstallCore.Generic, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{963D710B-65FA-4C8F-A0F8-D1D6D7E39037}, En cuarentena, [544], [621110],1.0.9930
PUP.Optional.InstallCore.Generic, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{21A9C99D-CCD8-42BD-AFC9-B074ABCA319F}, En cuarentena, [544], [621110],1.0.9930
PUP.Optional.InstallCore.Generic, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{40BD26C6-3139-47F3-84E6-E33B002ED5DE}, En cuarentena, [544], [621110],1.0.9930
PUP.Optional.InstallCore.Generic, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{70AF754A-8580-4C00-B2BA-857037BE831F}, En cuarentena, [544], [621110],1.0.9930
PUP.Optional.InstallCore.Generic, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{963D710B-65FA-4C8F-A0F8-D1D6D7E39037}, En cuarentena, [544], [621110],1.0.9930
PUP.Optional.InstallCore.Generic, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{B0407D14-269B-4E52-893C-440DA17813C3}, En cuarentena, [544], [621110],1.0.9930
PUP.Optional.InstallCore.Generic, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{B0407D14-269B-4E52-893C-440DA17813C3}, En cuarentena, [544], [621110],1.0.9930

Valor del registro: 1
Trojan.Agent.CK, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{2DC9EF5F-AE1C-45B0-A263-229835CE4F46}|PATH, En cuarentena, [4447], [400549],1.0.9930

Datos del registro: 0
(No hay elementos maliciosos detectados)

Secuencia de datos: 0
(No hay elementos maliciosos detectados)

Carpeta: 0
(No hay elementos maliciosos detectados)

Archivo: 9
Trojan.Agent.CK, C:\WINDOWS\SYSTEM32\TASKS\OINSTALL, En cuarentena, [4447], [400550],1.0.9930
PUP.Optional.InstallCore.Generic, C:\$RECYCLE.BIN\S-1-5-21-559981516-1024437498-3407727514-1002\$R9JTK2D.lnk, En cuarentena, [544], [621110],1.0.9930
PUP.Optional.InstallCore.Generic, C:\$RECYCLE.BIN\S-1-5-21-559981516-1024437498-3407727514-1002\$RI65IIY.lnk, En cuarentena, [544], [621110],1.0.9930
PUP.Optional.InstallCore.Generic, C:\PROGRAM FILES (X86)\DSNET CORP\ATUBE CATCHER 2.0\YCT.EXE, En cuarentena, [544], [621110],1.0.9930
Generic.Malware/Suspicious, C:\PROGRAM FILES\KMSPICO\CERT\KMSPICO\SERVICE_KMS.EXE, En cuarentena, [0], [392686],1.0.9930
PUP.Optional.InstallCore.Generic, C:\PROGRAM FILES (X86)\DSNET CORP\ATUBE CATCHER 2.0\EWORKER.EXE, En cuarentena, [544], [621110],1.0.9930
Generic.Malware/Suspicious, C:\USERS\JOSE ANGEL RAMIREZ\DOCUMENTS\APLICACIONES\OFFICE 2013-2019 C2R INSTALL V6.4.4\OINSTALL.EXE, En cuarentena, [0], [392686],1.0.9930
PUP.Optional.DLLSuite, C:\USERS\JOSE ANGEL RAMIREZ\DOWNLOADS\DLS90014\DLS90014\DLL.SUITE.9.0.0.14.EXE, En cuarentena, [4507], [396352],1.0.9930
RiskWare.DontStealOurSoftware, C:\WINDOWS\SYSTEM32\DRIVERS\ETC\HOSTS, Error durante la eliminación, [5328], [353142],0.0.0

Sector físico: 0
(No hay elementos maliciosos detectados)

WMI: 0
(No hay elementos maliciosos detectados)


(end)
#10

estes es el de adwcleaner. LIMPIEZA.

# -------------------------------
# Malwarebytes AdwCleaner 7.2.7.0
# -------------------------------
# Build:    01-30-2019
# Database: 2019-01-25.2 (Local)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start:    03-31-2019
# Duration: 00:00:04
# OS:       Windows 10 Home Single Language
# Cleaned:  10
# Failed:   0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted       C:\Users\Public\App Explorer
Deleted       C:\Users\Jose Angel Ramirez\AppData\Local\Host App Service

***** [ Files ] *****

Deleted       C:\ProgramData\Microsoft\Windows\Start Menu\Programs\App Explorer.lnk

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

Deleted       C:\Windows\System32\Tasks\App Explorer

***** [ Registry ] *****

Deleted       HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Host App Service
Deleted       HKCU\Software\Host App Service
Deleted       HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9FC23350-5DF2-4AD2-9C6F-21DACDBF3181} 
Deleted       HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\App Explorer
Deleted       HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{c63c0807-9e19-4e06-b4dd-8fb62a1ea0e3}|DhcpNameServer - "40.32.1.55"

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

Deleted       Amazon Assistant for Firefox

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [2108 octets] - [31/03/2019 11:46:37]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
#11

Y el de ANALISIS.

# -------------------------------
# Malwarebytes AdwCleaner 7.2.7.0
# -------------------------------
# Build:    01-30-2019
# Database: 2019-01-25.2 (Local)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start:    03-31-2019
# Duration: 00:00:20
# OS:       Windows 10 Home Single Language
# Scanned:  31769
# Detected: 10


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

Adware.pokki                    C:\Users\Public\App Explorer
Adware.pokki                    C:\Users\Jose Angel Ramirez\AppData\Local\Host App Service

***** [ Files ] *****

Adware.pokki                    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\App Explorer.lnk

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

Adware.pokki                    C:\Windows\System32\Tasks\App Explorer

***** [ Registry ] *****

Adware.pokki                    HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Host App Service
Adware.pokki                    HKCU\Software\Host App Service
Adware.pokki                    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9FC23350-5DF2-4AD2-9C6F-21DACDBF3181} 
Adware.pokki                    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\App Explorer
PUP.Optional.Legacy             HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{c63c0807-9e19-4e06-b4dd-8fb62a1ea0e3}|DhcpNameServer - "40.32.1.55"

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

PUP.Optional.Assistant          Amazon Assistant for Firefox

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.



########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########
#12

Y sobre los ultimos pasos que te di para modificar esa clave??

#13

Hola. Si con el primer paso que me diste pude acceder a la clave. Ya no me genera ningún tipo de error. Muchas gracias. Ahora esos virus que me aparecen en los reportes?. Me demora para encender y apagar aún. Y para cargar el el escritorio. La notebook es nueva tiene alrededor de dos meses. Cómo puedo resolver. Que hago con los reportes???

#14

Vamos a ver que no queden cosas por ahi

  • Desactiva Temporalmente tu antivirus y cualquier programa de seguridad.

  • Descarga a Tu Escritorio >> Esto es muy importante<<.,Fabar Recovery Scan Tool, considerando la versión adecuada para tu equipo. (32 o 64 bits) :arrow_forward: ¿Cómo saber si mi Windows es de 32 o 64 bits?

  • Doble clic para ejecutar Frst.exe. En la ventana del Disclaimer, presiona Yes.

  • En la nueva ventana que se abre, presiona el botón Scan y espera a que concluya el análisis.

  • Se abrirán dos (2) archivos (Logs), Frst.txt y Addition.txt, que estarán grabados en Tu escritorio.

En Tu próxima respuesta, copias y pegas los dos reportes Frst.txt y Addition.txt de FRST

Nota: Si el/los reportes solicitados no entraran en una sola respuesta porque superan la cantidad de caracteres permitidos, puedes utilizar dos o mas respuestas para pegarlos completamente.

#19

He borrado los logs porque lo has hecho mal.

Primeramente, no se indico hacerlo en modo seguro, por lo que realizalo en modo normal,

Segundo, el Frst, se indicaba remarcado que se debe ejecutar desde el escritorio y no desde una carpeta, por lo que corta y pega frst.exe en el escritorio

#20

hola buenos dias. lo realice de unevo es escaneo. muchas gracias.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 17.03.2019
Ran by Jose Angel Ramirez (administrator) on LAPTOP-KBKN1DCB (02-04-2019 12:52:02)
Running from C:\Users\Jose Angel Ramirez\Desktop
Loaded Profiles: Jose Angel Ramirez (Available Profiles: Jose Angel Ramirez)
Platform: Windows 10 Home Single Language Version 1709 16299.1029 (X64) Language: Español (España, internacional)
Default browser: FF
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_57f66a4f0a97f1a3\igfxCUIService.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_57f66a4f0a97f1a3\IntelCpHDCPSvc.exe
(Qualcomm Atheros -> Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1902.2-0\MsMpEng.exe
(Flexera Software LLC -> Flexera Software LLC) C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe
(Symantec Corporation -> Symantec Corporation) C:\Program Files\Norton Security\Engine\22.11.1.5\NS.exe
(WildTangent Inc -> ) C:\Program Files (x86)\WildTangent Games\Integration\WildTangentHelperService.exe
(TeamViewer GmbH -> TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe
(Flexera Software LLC -> Flexera Software LLC) C:\Program Files (x86)\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_57f66a4f0a97f1a3\IntelCpHeciSvc.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Symantec Corporation -> Symantec Corporation) C:\Program Files\Norton Security\Engine\22.11.1.5\NS.exe
(Microsoft Corporation -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1902.2-0\NisSrv.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files (x86)\Acer\Acer Collection\ACEMon.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_57f66a4f0a97f1a3\igfxEM.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QASvc.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QAAgent.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QAAdminAgent.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QALockHandler.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_57f66a4f0a97f1a3\igfxext.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Microsoft Windows Hardware Compatibility Publisher -> Pixart Imaging Inc) C:\Windows\System32\TiltWheelMouse.exe
(Dassault Systemes SolidWorks Corp. -> Dassault Systèmes SolidWorks Corporation) C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS\sldworks_fs.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\rempl\sedlauncher.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\ePowerButton_NB.exe
(Acer Incorporated -> ) C:\Program Files (x86)\Acer\Acer Collection\ACEStd.exe
(Acer Incorporated -> ) C:\Program Files (x86)\Acer\Care Center\ACCStd.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\rempl\sedsvc.exe
(Acer Incorporated -> acer) C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe
(Acer Incorporated -> TODO: <Company name>) C:\Program Files\Acer\User Experience Improvement Program\Plugin\AppMonitor\AppMonitorPlugIn.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [630168 2017-09-29] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18368512 2017-04-16] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [MouseDriver] => C:\Windows\system32\TiltWheelMouse.exe [241152 2012-12-19] (Microsoft Windows Hardware Compatibility Publisher -> Pixart Imaging Inc)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [260488 2019-03-19] (AVAST Software s.r.o. -> AVAST Software)
HKU\S-1-5-21-559981516-1024437498-3407727514-1002\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [22488952 2019-03-11] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-559981516-1024437498-3407727514-1002\...\MountPoints2: {d9917338-3859-11e9-af7b-505bc2647286} - "D:\HiSuiteDownLoader.exe" 
HKLM\...\Drivers32: [VIDC.FMVC] => C:\Windows\SysWOW64\fmcodec.dll [77824 2008-08-18] (Fox Magic Software) [File not signed]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Programa de descargas en segundo plano de SOLIDWORKS.lnk [2019-02-25]
ShortcutTarget: Programa de descargas en segundo plano de SOLIDWORKS.lnk -> C:\Program Files (x86)\Common Files\Gestor de instalación de SOLIDWORKS\BackgroundDownloading\sldBgDwld.exe (Dassault Systemes SolidWorks Corp. -> Dassault Systèmes SolidWorks Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SOLIDWORKS 2019 Fast Start.lnk [2019-02-25]
ShortcutTarget: SOLIDWORKS 2019 Fast Start.lnk -> C:\Windows\Installer\{F261BF5C-81C4-4E81-9ED6-D7EBFA2A9A5B}\NewShortcut2_87EDF6C81D0A4B7B84F42FE0C6A9D608.exe (Flexera Software LLC) [File not signed]

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: 0.0.0.0                   telemetry.malwarebytes.com
Tcpip\Parameters: [DhcpNameServer] 200.49.130.41 200.42.4.204
Tcpip\..\Interfaces\{098b46e0-30a1-4ed5-ab60-db62d168e612}: [DhcpNameServer] 200.49.130.41 200.42.4.204

Internet Explorer:
==================
HKU\S-1-5-21-559981516-1024437498-3407727514-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer17win10.msn.com/?pc=ACTE
HKU\S-1-5-21-559981516-1024437498-3407727514-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer17win10.msn.com/?pc=ACTE
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2019-03-28] (Microsoft Corporation -> Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\Office16\GROOVEEX.DLL [2019-03-28] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2019-03-16] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Norton Identity Safety -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files\Norton Security\Engine32\22.11.1.5\coIEPlg.dll [2017-10-17] (Symantec Corporation -> Symantec Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL [2019-03-28] (Microsoft Corporation -> Microsoft Corporation)
Toolbar: HKLM-x32 - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-03-16] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-03-28] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-03-16] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-03-28] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-03-16] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-03-28] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-03-16] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-03-28] (Microsoft Corporation -> Microsoft Corporation)

FireFox:
========
FF DefaultProfile: dl7i22de.default
FF ProfilePath: C:\Users\Jose Angel Ramirez\AppData\Roaming\Mozilla\Firefox\Profiles\dl7i22de.default [2019-04-02]
FF Extension: (Diccionario español Argentina) - C:\Users\Jose Angel Ramirez\AppData\Roaming\Mozilla\Firefox\Profiles\dl7i22de.default\Extensions\[email protected] [2019-03-02]
FF Extension: (Español (AR) Language Pack) - C:\Users\Jose Angel Ramirez\AppData\Roaming\Mozilla\Firefox\Profiles\dl7i22de.default\Extensions\[email protected] [2019-03-19]
FF Extension: (Avast SafePrice | Comparaciones, ofertas y cupones) - C:\Users\Jose Angel Ramirez\AppData\Roaming\Mozilla\Firefox\Profiles\dl7i22de.default\Extensions\[email protected] [2019-03-19]
FF Extension: (Avast Online Security) - C:\Users\Jose Angel Ramirez\AppData\Roaming\Mozilla\Firefox\Profiles\dl7i22de.default\Extensions\[email protected] [2019-03-26]
FF Extension: (Amazon Assistant for Firefox) - C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\[email protected] [2019-03-25] [hxxps://s3-us-west-2.amazonaws.com/ubp-ubpextension-us-prod/vendor-update/firefox/acer1/updates.json]
FF Extension: (Español (España) Language Pack) - C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\[email protected] [2019-03-25] [Legacy]
FF Extension: (Mozilla Partner Defaults) - C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\[email protected] [2019-03-25] [Legacy]
FF HKLM\...\Firefox\Extensions: [{C1A2A613-35F1-4FCF-B27F-2840527B6556}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NS_22.11.1.5\coFFAddon => not found
FF HKLM-x32\...\Firefox\Extensions: [{C1A2A613-35F1-4FCF-B27F-2840527B6556}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NS_22.11.1.5\coFFAddon => not found
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2019-03-16] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2019-03-16] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2019-03-16] (Microsoft Corporation -> Microsoft Corporation)

Chrome: 
=======
CHR StartupUrls: Default -> "hxxp://www.google.com"
CHR Profile: C:\Users\Jose Angel Ramirez\AppData\Local\Google\Chrome\User Data\Default [2019-03-31]
CHR Extension: (Presentaciones) - C:\Users\Jose Angel Ramirez\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-03-31]
CHR Extension: (Documentos) - C:\Users\Jose Angel Ramirez\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-03-31]
CHR Extension: (Google Drive) - C:\Users\Jose Angel Ramirez\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-03-31]
CHR Extension: (YouTube) - C:\Users\Jose Angel Ramirez\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-03-31]
CHR Extension: (Hojas de cálculo) - C:\Users\Jose Angel Ramirez\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-03-31]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\Jose Angel Ramirez\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-03-31]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Jose Angel Ramirez\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-03-31]
CHR Extension: (Gmail) - C:\Users\Jose Angel Ramirez\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-03-31]
CHR Extension: (Chrome Media Router) - C:\Users\Jose Angel Ramirez\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-03-31]
CHR HKLM\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files\Norton Security\Engine\22.11.1.5\Exts\Chrome.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files\Norton Security\Engine\22.11.1.5\Exts\Chrome.crx <not found>

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6570352 2019-03-19] (AVAST Software s.r.o. -> AVAST Software)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [338312 2017-04-24] (Qualcomm Atheros -> Windows (R) Win 7 DDK provider)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [360440 2019-03-19] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [371824 2019-03-19] (AVAST Software s.r.o. -> AVAST Software)
S3 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [57504 2019-03-19] (AVAST Software s.r.o. -> AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11150824 2019-03-22] (Microsoft Corporation -> Microsoft Corporation)
S2 Dashlane Upgrade Service; C:\Program Files (x86)\Dashlane\Upgrade\DashlaneUpgradeService.exe [83992 2017-08-23] (Dashlane -> Dashlane, Inc.)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [742704 2017-09-21] (Intel(R) Trust Services -> Intel(R) Corporation)
S2 Intel(R) TPM Provisioning Service; C:\Program Files\Intel\iCLS Client\TPMProvisioningService.exe [668472 2017-09-21] (Intel(R) Trust Services -> Intel(R) Corporation)
S2 IntelAudioService; C:\Windows\system32\cAVS\Intel(R) Audio Service\IntelAudioService.exe [161880 2017-08-04] (Intel(R) Smart Sound Technology -> Intel)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [213648 2017-10-26] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6562472 2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
R2 NS; C:\Program Files\Norton Security\Engine\22.11.1.5\NS.exe [326144 2017-10-17] (Symantec Corporation -> Symantec Corporation)
S3 QALSvc; C:\Program Files\Acer\Acer Quick Access\QALSvc.exe [461616 2017-10-30] (Acer Incorporated -> Acer Incorporated)
R3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [506672 2017-10-30] (Acer Incorporated -> Acer Incorporated)
S3 SolidWorks Licensing Service; C:\Program Files (x86)\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe [79360 2019-02-25] (SolidWorks) [File not signed]
R3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [299824 2017-09-13] (Acer Incorporated -> acer)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1902.2-0\NisSrv.exe [4098064 2019-03-01] (Microsoft Corporation -> Microsoft Corporation)
R2 WildTangentHelper; C:\Program Files (x86)\WildTangent Games\Integration\WildTangentHelperService.exe [1495912 2019-01-08] (WildTangent Inc -> )
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1902.2-0\MsMpEng.exe [113992 2019-03-01] (Microsoft Corporation -> Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [205608 2019-03-19] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [254408 2019-03-19] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [196304 2019-03-19] (AVAST Software s.r.o. -> AVAST Software)
R0 aswblog; C:\Windows\System32\drivers\aswblog.sys [320904 2019-03-19] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [58168 2019-03-19] (AVAST Software s.r.o. -> AVAST Software)
R0 aswElam; C:\Windows\System32\drivers\aswElam.sys [15488 2019-03-02] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [42496 2019-03-19] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [169104 2019-03-19] (AVAST Software s.r.o. -> AVAST Software)
R1 aswNetSec; C:\Windows\System32\drivers\aswNetSec.sys [518784 2019-03-19] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [112520 2019-03-19] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [88152 2019-03-19] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [1034640 2019-03-19] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [476256 2019-03-19] (AVAST Software s.r.o. -> AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [220632 2019-03-19] (AVAST Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [380160 2019-03-19] (AVAST Software s.r.o. -> AVAST Software)
S3 BHDrvx64; C:\Program Files\Norton Security\NortonData\22.11.1.5\Definitions\BASHDefs\20171016.001\BHDrvx64.sys [1872024 2017-10-17] (Symantec Corporation -> Symantec Corporation)
S3 ccSet_NS; C:\Windows\system32\drivers\NSx64\160B010.005\ccSetx64.sys [187544 2017-10-17] (Symantec Corporation -> Symantec Corporation)
S3 IDSVia64; C:\Program Files\Norton Security\NortonData\22.11.1.5\Definitions\IPSDefs\20171013.101\IDSVia64.sys [1056920 2017-10-17] (Symantec Corporation -> Symantec Corporation)
R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [22320 2017-10-30] (Acer Incorporated -> Acer Incorporated)
S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [20936 2019-02-01] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [274416 2019-04-02] (Malwarebytes Corporation -> Malwarebytes)
R3 Qcamain10x64; C:\Windows\System32\drivers\Qcamain10x64.sys [2328488 2017-11-09] (Qualcomm Atheros -> Qualcomm Atheros, Inc.)
R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [16688 2017-10-30] (Acer Incorporated -> Acer Incorporated)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [954368 2017-04-18] (Realtek Semiconductor Corp. -> Realtek )
R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [782304 2017-04-11] (Realtek Semiconductor Corp. -> Realsil Semiconductor Corporation)
S3 SRTSP; C:\Windows\system32\drivers\NSx64\160B010.005\SRTSP64.SYS [812696 2017-10-17] (Symantec Corporation -> Symantec Corporation)
S3 SRTSPX; C:\Windows\system32\drivers\NSx64\160B010.005\SRTSPX64.SYS [49304 2017-10-17] (Symantec Corporation -> Symantec Corporation)
S3 SymEFASI; C:\Windows\system32\drivers\NSx64\160B010.005\SYMEFASI64.SYS [1938584 2017-10-17] (Symantec Corporation -> Symantec Corporation)
S3 SymELAM; C:\Windows\system32\drivers\NSx64\160B010.005\SymELAM.sys [24608 2017-10-17] (Microsoft Windows Early Launch Anti-malware Publisher -> Symantec Corporation)
S3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [102600 2018-04-21] (Symantec Corporation -> Symantec Corporation)
S3 SymIRON; C:\Windows\system32\drivers\NSx64\160B010.005\Ironx64.SYS [309984 2017-10-17] (Symantec Corporation -> Symantec Corporation)
S3 SymNetS; C:\Windows\system32\drivers\NSx64\160B010.005\SYMNETS.SYS [566936 2017-10-17] (Symantec Corporation -> Symantec Corporation)
R3 SynRMIHID; C:\Windows\system32\DRIVERS\SynRMIHID.sys [57432 2016-09-05] (Synaptics Incorporated -> Synaptics Incorporated)
R3 t_mouse.sys; C:\Windows\system32\DRIVERS\t_mouse.sys [6144 2012-12-19] (Microsoft Windows Hardware Compatibility Publisher -> )
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [46472 2019-03-01] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [333792 2019-03-01] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [62432 2019-03-01] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-04-02 12:52 - 2019-04-02 12:53 - 000024332 _____ C:\Users\Jose Angel Ramirez\Desktop\FRST.txt
2019-04-02 12:28 - 2019-04-02 12:28 - 000274416 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2019-04-01 15:38 - 2019-04-01 15:39 - 006122272 _____ (TeamViewer) C:\Users\Jose Angel Ramirez\Downloads\TeamViewerQS.exe
2019-04-01 13:43 - 2019-04-01 13:43 - 002434048 _____ (Farbar) C:\Users\Jose Angel Ramirez\Desktop\FRST64.exe
2019-03-31 20:03 - 2019-03-31 20:07 - 000000000 ____D C:\Users\Jose Angel Ramirez\Documents\REGISTROS
2019-03-31 20:02 - 2019-03-31 20:02 - 000000276 _____ C:\DelFix.txt
2019-03-31 20:02 - 2019-03-31 20:02 - 000000000 ____D C:\Windows\ERUNT
2019-03-31 20:01 - 2019-03-31 20:01 - 000797760 _____ C:\Users\Jose Angel Ramirez\Downloads\delfix.exe
2019-03-31 19:19 - 2019-03-31 19:19 - 000000000 ____D C:\Users\Jose Angel Ramirez\AppData\Local\Google
2019-03-31 19:17 - 2019-04-01 19:08 - 000002988 _____ C:\Windows\System32\Tasks\CCleaner Update
2019-03-31 19:17 - 2019-04-01 19:08 - 000002236 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2019-03-31 19:17 - 2019-03-31 19:17 - 000000867 _____ C:\Users\Public\Desktop\CCleaner.lnk
2019-03-31 19:17 - 2019-03-31 19:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2019-03-31 19:16 - 2019-03-31 19:17 - 000000000 ____D C:\Program Files\CCleaner
2019-03-31 19:15 - 2019-03-31 19:24 - 000000000 ____D C:\Program Files (x86)\Google
2019-03-31 19:14 - 2019-03-31 19:14 - 021205512 _____ (Piriform Software Ltd) C:\Users\Jose Angel Ramirez\Desktop\ccsetup555.exe
2019-03-31 16:53 - 2019-03-31 16:53 - 000001629 _____ C:\Users\Jose Angel Ramirez\Desktop\erru.txt
2019-03-31 16:50 - 2019-03-31 16:50 - 000005667 _____ C:\Users\Jose Angel Ramirez\Desktop\error.txt
2019-03-31 11:07 - 2019-03-31 11:47 - 000000000 ____D C:\AdwCleaner
2019-03-31 11:00 - 2019-03-31 11:00 - 007316688 _____ (Malwarebytes) C:\Users\Jose Angel Ramirez\Desktop\adwcleaner_7.2.7.0.exe
2019-03-30 23:42 - 2019-03-30 23:46 - 000153328 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2019-03-30 23:42 - 2019-03-30 23:42 - 000001916 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2019-03-30 23:42 - 2019-03-30 23:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-03-30 23:42 - 2019-02-01 11:20 - 000020936 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamElam.sys
2019-03-30 21:33 - 2019-03-30 21:33 - 000000000 ____D C:\Users\Jose Angel Ramirez\AppData\Local\mbam
2019-03-30 21:32 - 2019-03-30 23:42 - 000000000 ____D C:\ProgramData\Malwarebytes
2019-03-30 21:32 - 2019-03-30 21:32 - 000000000 ____D C:\Users\Jose Angel Ramirez\AppData\Local\mbamtray
2019-03-30 21:32 - 2019-03-30 21:32 - 000000000 ____D C:\Program Files\Malwarebytes
2019-03-30 21:29 - 2019-03-30 21:29 - 000000000 ____D C:\Users\Jose Angel Ramirez\AppData\Roaming\Obsidium
2019-03-30 21:12 - 2019-03-31 19:50 - 000000000 ____D C:\Users\Jose Angel Ramirez\Desktop\Malwarebytes Premium v3.7.1.2839
2019-03-30 21:11 - 2019-03-30 21:11 - 064702769 _____ C:\Users\Jose Angel Ramirez\Desktop\Malwarebytes Premium v3.7.1.2839.rar
2019-03-29 23:05 - 2019-03-29 23:05 - 000041758 _____ C:\Users\Jose Angel Ramirez\Desktop\sistem.txt
2019-03-29 22:50 - 2019-04-02 12:48 - 000049229 _____ C:\Users\Jose Angel Ramirez\Downloads\Addition.txt
2019-03-29 22:48 - 2019-04-02 12:48 - 000096353 _____ C:\Users\Jose Angel Ramirez\Downloads\FRST.txt
2019-03-29 22:21 - 2019-04-02 12:52 - 000000000 ____D C:\FRST
2019-03-29 20:40 - 2019-03-29 20:40 - 000000000 ____D C:\ProgramData\VSK
2019-03-29 20:37 - 2019-03-29 20:37 - 000000000 ____D C:\Users\Jose Angel Ramirez\Downloads\DLS90014
2019-03-29 20:36 - 2019-03-29 20:36 - 013827372 _____ C:\Users\Jose Angel Ramirez\Downloads\DLS90014P.rar
2019-03-29 20:34 - 2019-03-29 20:34 - 022590084 _____ C:\Users\Jose Angel Ramirez\Downloads\DLS90014.rar
2019-03-29 16:23 - 2019-03-29 16:23 - 000000795 _____ C:\Users\Jose Angel Ramirez\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TeamViewer QS.lnk
2019-03-29 16:15 - 2019-03-29 16:15 - 000000000 ____D C:\Users\Jose Angel Ramirez\AppData\Local\ElevatedDiagnostics
2019-03-29 15:02 - 2019-03-29 15:04 - 000000000 ___HD C:\$WINDOWS.~BT
2019-03-29 11:27 - 2019-03-29 13:42 - 000007601 _____ C:\Users\Jose Angel Ramirez\AppData\Local\Resmon.ResmonCfg
2019-03-29 10:00 - 2019-04-01 13:50 - 000000214 _____ C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job
2019-03-29 09:58 - 2019-03-29 19:17 - 000000000 ____D C:\Windows\pss
2019-03-28 20:46 - 2019-04-01 21:02 - 000000000 ____D C:\Users\Jose Angel Ramirez\Documents\SOPORTE TECNICO
2019-03-26 16:13 - 2019-03-26 16:13 - 000001251 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 5.lnk
2019-03-26 16:13 - 2019-03-26 16:13 - 000001239 _____ C:\Users\Public\Desktop\TeamViewer 5.lnk
2019-03-26 16:13 - 2019-03-26 16:13 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2019-03-26 16:12 - 2019-03-26 16:12 - 000000000 ____D C:\Users\Jose Angel Ramirez\temp
2019-03-26 16:11 - 2017-03-01 12:24 - 002617568 _____ C:\Users\Jose Angel Ramirez\Documents\TeamViewer 5 - Instalador.exe
2019-03-26 15:40 - 2019-03-26 14:48 - 002654291 _____ C:\Users\Jose Angel Ramirez\Desktop\install_guide.pdf
2019-03-26 09:46 - 2019-03-26 09:46 - 000002092 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Premier.lnk
2019-03-26 09:45 - 2019-03-19 10:08 - 000362888 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2019-03-25 14:10 - 2019-03-28 15:13 - 000000000 ____D C:\Users\Jose Angel Ramirez\Documents\SOLIDWORKS INFORMACION
2019-03-25 10:49 - 2019-03-29 15:34 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2019-03-25 09:52 - 2018-09-20 06:43 - 001479480 _____ (Microsoft Corporation) C:\Windows\system32\mcupdate_GenuineIntel.dll
2019-03-21 15:20 - 2019-03-21 15:20 - 000000000 ____D C:\Users\Jose Angel Ramirez\Documents\para jose
2019-03-20 13:18 - 2019-04-01 20:22 - 000000000 ____D C:\Users\Jose Angel Ramirez\Documents\planos
2019-03-19 13:30 - 2019-03-19 13:30 - 000000000 ____D C:\Users\Jose Angel Ramirez\Documents\SW Log Files
2019-03-17 11:20 - 2019-03-06 06:28 - 025270272 _____ (Microsoft Corporation) C:\Windows\system32\edgehtml.dll
2019-03-17 11:20 - 2019-03-06 06:05 - 023678976 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2019-03-17 11:20 - 2019-02-17 02:52 - 021754368 _____ (Microsoft Corporation) C:\Windows\system32\Hydrogen.dll
2019-03-17 11:20 - 2019-02-16 23:48 - 007385208 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Protection.PlayReady.dll
2019-03-17 11:20 - 2019-02-16 21:19 - 006475880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-03-17 11:19 - 2019-03-06 07:50 - 000322360 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2019-03-17 11:19 - 2019-03-06 07:49 - 002871096 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2019-03-17 11:19 - 2019-03-06 07:49 - 000512016 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2019-03-17 11:19 - 2019-03-06 07:49 - 000460088 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2019-03-17 11:19 - 2019-03-06 07:48 - 001252872 _____ (Microsoft Corporation) C:\Windows\system32\hvix64.exe
2019-03-17 11:19 - 2019-03-06 07:48 - 001072952 _____ (Microsoft Corporation) C:\Windows\system32\hvax64.exe
2019-03-17 11:19 - 2019-03-06 07:48 - 000735760 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2019-03-17 11:19 - 2019-03-06 07:48 - 000147256 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2019-03-17 11:19 - 2019-03-06 07:47 - 000808248 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2019-03-17 11:19 - 2019-03-06 07:47 - 000505656 _____ (Microsoft Corporation) C:\Windows\system32\dcntel.dll
2019-03-17 11:19 - 2019-03-06 07:46 - 001643832 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2019-03-17 11:19 - 2019-03-06 07:46 - 000619832 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2019-03-17 11:19 - 2019-03-06 07:46 - 000070968 _____ (Microsoft Corporation) C:\Windows\system32\win32appinventorycsp.dll
2019-03-17 11:19 - 2019-03-06 07:45 - 008617000 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2019-03-17 11:19 - 2019-03-06 07:44 - 002394640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2019-03-17 11:19 - 2019-03-06 07:34 - 002736152 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2019-03-17 11:19 - 2019-03-06 07:32 - 002415864 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2019-03-17 11:19 - 2019-03-06 06:04 - 012833792 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2019-03-17 11:19 - 2019-03-06 06:02 - 008108032 _____ (Microsoft Corporation) C:\Windows\system32\Chakra.dll
2019-03-17 11:19 - 2019-03-06 06:01 - 002085376 _____ (Microsoft Corporation) C:\Windows\system32\win32kbase.sys
2019-03-17 11:19 - 2019-03-06 06:00 - 004831744 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2019-03-17 11:19 - 2019-03-06 06:00 - 004724224 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2019-03-17 11:19 - 2019-03-06 06:00 - 003183104 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll
2019-03-17 11:19 - 2019-03-06 05:59 - 001808384 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2019-03-17 11:19 - 2019-03-06 04:01 - 000383288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aepic.dll
2019-03-17 11:19 - 2019-03-06 03:51 - 002217016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2019-03-17 11:19 - 2019-03-06 03:49 - 001991600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2019-03-17 11:19 - 2019-03-06 03:22 - 018948096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgehtml.dll
2019-03-17 11:19 - 2019-03-06 03:20 - 019360256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2019-03-17 11:19 - 2019-03-06 03:19 - 003662336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2019-03-17 11:19 - 2019-03-06 03:18 - 011924992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2019-03-17 11:19 - 2019-03-06 03:17 - 006039040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakra.dll
2019-03-17 11:19 - 2019-03-06 03:15 - 004369408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2019-03-17 11:19 - 2019-02-17 02:54 - 017085952 _____ (Microsoft Corporation) C:\Windows\system32\HologramCompositor.dll
2019-03-17 11:19 - 2019-02-17 02:24 - 003331120 _____ C:\Windows\system32\Windows.Mirage.dll
2019-03-17 11:19 - 2019-02-16 23:59 - 007831664 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2019-03-17 11:19 - 2019-02-16 23:59 - 005890120 _____ (Microsoft Corporation) C:\Windows\system32\StartTileData.dll
2019-03-17 11:19 - 2019-02-16 23:55 - 002515360 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2019-03-17 11:19 - 2019-02-16 23:53 - 032544344 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsRaw.dll
2019-03-17 11:19 - 2019-02-16 23:53 - 003075240 _____ (Microsoft Corporation) C:\Windows\system32\CoreUIComponents.dll
2019-03-17 11:19 - 2019-02-16 23:51 - 001554120 _____ (Microsoft Corporation) C:\Windows\system32\twinapi.appcore.dll
2019-03-17 11:19 - 2019-02-16 23:50 - 021357232 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2019-03-17 11:19 - 2019-02-16 23:49 - 003174624 _____ (Microsoft Corporation) C:\Windows\system32\combase.dll
2019-03-17 11:19 - 2019-02-16 22:30 - 017168896 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2019-03-17 11:19 - 2019-02-16 22:29 - 008728064 _____ (Microsoft Corporation) C:\Windows\system32\BingMaps.dll
2019-03-17 11:19 - 2019-02-16 22:23 - 007145472 _____ (Microsoft Corporation) C:\Windows\system32\mos.dll
2019-03-17 11:19 - 2019-02-16 22:22 - 005195776 _____ (Microsoft Corporation) C:\Windows\system32\cdp.dll
2019-03-17 11:19 - 2019-02-16 22:22 - 003400192 _____ (Microsoft Corporation) C:\Windows\system32\MapRouter.dll
2019-03-17 11:19 - 2019-02-16 22:22 - 001856512 _____ (Microsoft Corporation) C:\Windows\system32\ConstraintIndex.Search.dll
2019-03-17 11:19 - 2019-02-16 22:22 - 001574912 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Cred.dll
2019-03-17 11:19 - 2019-02-16 22:21 - 008040448 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2019-03-17 11:19 - 2019-02-16 22:20 - 002976256 _____ (Microsoft Corporation) C:\Windows\system32\twinui.pcshell.dll
2019-03-17 11:19 - 2019-02-16 22:20 - 002849792 _____ (Microsoft Corporation) C:\Windows\system32\MapGeocoder.dll
2019-03-17 11:19 - 2019-02-16 22:20 - 002596352 _____ (Microsoft Corporation) C:\Windows\system32\smartscreen.exe
2019-03-17 11:19 - 2019-02-16 22:20 - 001577984 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Globalization.dll
2019-03-17 11:19 - 2019-02-16 22:19 - 005972480 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2019-03-17 11:19 - 2019-02-16 22:19 - 004113408 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_nt.dll
2019-03-17 11:19 - 2019-02-16 22:19 - 003211776 _____ (Microsoft Corporation) C:\Windows\system32\NetworkMobileSettings.dll
2019-03-17 11:19 - 2019-02-16 22:19 - 003187200 _____ (Microsoft Corporation) C:\Windows\system32\Windows.CloudStore.dll
2019-03-17 11:19 - 2019-02-16 22:19 - 002837504 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Logon.dll
2019-03-17 11:19 - 2019-02-16 22:18 - 005833216 _____ (Microsoft Corporation) C:\Windows\system32\dbgeng.dll
2019-03-17 11:19 - 2019-02-16 22:18 - 004297728 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_47.dll
2019-03-17 11:19 - 2019-02-16 22:18 - 002637824 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2019-03-17 11:19 - 2019-02-16 22:18 - 001816576 _____ (Microsoft Corporation) C:\Windows\system32\wevtsvc.dll
2019-03-17 11:19 - 2019-02-16 22:18 - 001669120 _____ (Microsoft Corporation) C:\Windows\system32\Wpc.dll
2019-03-17 11:19 - 2019-02-16 22:17 - 002296320 _____ (Microsoft Corporation) C:\Windows\system32\LocationFramework.dll
2019-03-17 11:19 - 2019-02-16 22:17 - 001760768 _____ (Microsoft Corporation) C:\Windows\system32\wpncore.dll
2019-03-17 11:19 - 2019-02-16 22:17 - 001341440 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.Phone.dll
2019-03-17 11:19 - 2019-02-16 21:24 - 031619072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsRaw.dll
2019-03-17 11:19 - 2019-02-16 21:20 - 002381280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\combase.dll
2019-03-17 11:19 - 2019-02-16 21:18 - 020290152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2019-03-17 11:19 - 2019-02-16 20:54 - 013710848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2019-03-17 11:19 - 2019-02-16 20:50 - 006587392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2019-03-17 11:19 - 2019-02-16 20:46 - 006118912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mos.dll
2019-03-17 11:19 - 2019-02-16 20:45 - 005279744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2019-03-17 11:19 - 2019-02-16 20:45 - 001259520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.Phone.dll
2019-03-17 11:18 - 2019-03-06 07:49 - 000075784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hvservice.sys
2019-03-17 11:18 - 2019-03-06 07:48 - 000035640 _____ (Microsoft Corporation) C:\Windows\system32\DeviceCensus.exe
2019-03-17 11:18 - 2019-03-06 07:47 - 000702472 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2019-03-17 11:18 - 2019-03-06 07:46 - 000937784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\refsv1.sys
2019-03-17 11:18 - 2019-03-06 07:45 - 001849872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\refs.sys
2019-03-17 11:18 - 2019-03-06 07:45 - 000078648 _____ (Microsoft Corporation) C:\Windows\system32\hvloader.dll
2019-03-17 11:18 - 2019-03-06 07:40 - 000542520 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2019-03-17 11:18 - 2019-03-06 07:40 - 000027448 _____ (Microsoft Corporation) C:\Windows\system32\browser_broker.exe
2019-03-17 11:18 - 2019-03-06 07:39 - 001172976 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2019-03-17 11:18 - 2019-03-06 07:39 - 000377656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msrpc.sys
2019-03-17 11:18 - 2019-03-06 07:36 - 000248840 _____ (Microsoft Corporation) C:\Windows\system32\browserbroker.dll
2019-03-17 11:18 - 2019-03-06 07:35 - 000893456 _____ (Microsoft Corporation) C:\Windows\system32\WWAHost.exe
2019-03-17 11:18 - 2019-03-06 07:34 - 000371512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fastfat.sys
2019-03-17 11:18 - 2019-03-06 07:32 - 000418832 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2019-03-17 11:18 - 2019-03-06 07:31 - 000757704 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2019-03-17 11:18 - 2019-03-06 07:30 - 000688688 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentClient.dll
2019-03-17 11:18 - 2019-03-06 07:25 - 002774840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2019-03-17 11:18 - 2019-03-06 07:25 - 000614200 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2019-03-17 11:18 - 2019-03-06 06:13 - 001666048 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll
2019-03-17 11:18 - 2019-03-06 06:13 - 000536064 _____ (Microsoft Corporation) C:\Windows\system32\edgeIso.dll
2019-03-17 11:18 - 2019-03-06 06:13 - 000472576 _____ (Microsoft Corporation) C:\Windows\system32\werui.dll
2019-03-17 11:18 - 2019-03-06 06:13 - 000058368 _____ (Microsoft Corporation) C:\Windows\system32\mf3216.dll
2019-03-17 11:18 - 2019-03-06 06:10 - 000200704 _____ (Microsoft Corporation) C:\Windows\system32\EdgeManager.dll
2019-03-17 11:18 - 2019-03-06 06:10 - 000116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bridge.sys
2019-03-17 11:18 - 2019-03-06 06:10 - 000104960 _____ (Microsoft Corporation) C:\Windows\system32\Chakradiag.dll
2019-03-17 11:18 - 2019-03-06 06:10 - 000046080 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2019-03-17 11:18 - 2019-03-06 06:07 - 000431616 _____ (Microsoft Corporation) C:\Windows\system32\msIso.dll
2019-03-17 11:18 - 2019-03-06 06:06 - 000276480 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2019-03-17 11:18 - 2019-03-06 06:05 - 000672768 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2019-03-17 11:18 - 2019-03-06 06:05 - 000403968 _____ (Microsoft Corporation) C:\Windows\system32\WpAXHolder.dll
2019-03-17 11:18 - 2019-03-06 06:04 - 001496064 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.desktop.dll
2019-03-17 11:18 - 2019-03-06 06:04 - 000591360 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2019-03-17 11:18 - 2019-03-06 06:03 - 000532480 _____ (Microsoft Corporation) C:\Windows\system32\winspool.drv
2019-03-17 11:18 - 2019-03-06 06:00 - 002213376 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.onecore.dll
2019-03-17 11:18 - 2019-03-06 06:00 - 001856512 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2019-03-17 11:18 - 2019-03-06 06:00 - 001597952 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2019-03-17 11:18 - 2019-03-06 06:00 - 001156608 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2019-03-17 11:18 - 2019-03-06 06:00 - 000809472 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2019-03-17 11:18 - 2019-03-06 05:57 - 000725504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2019-03-17 11:18 - 2019-03-06 05:56 - 000354304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\exfat.sys
2019-03-17 11:18 - 2019-03-06 05:56 - 000285696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2019-03-17 11:18 - 2019-03-06 05:56 - 000259072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2019-03-17 11:18 - 2019-03-06 05:55 - 004056576 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2019-03-17 11:18 - 2019-03-06 05:53 - 000073728 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\npfs.sys
2019-03-17 11:18 - 2019-03-06 04:01 - 000777536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2019-03-17 11:18 - 2019-03-06 04:01 - 000595560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2019-03-17 11:18 - 2019-03-06 03:50 - 000793400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe
2019-03-17 11:18 - 2019-03-06 03:49 - 000639408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2019-03-17 11:18 - 2019-03-06 03:49 - 000544336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppXDeploymentClient.dll
2019-03-17 11:18 - 2019-03-06 03:49 - 000353080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2019-03-17 11:18 - 2019-03-06 03:29 - 001473024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
2019-03-17 11:18 - 2019-03-06 03:29 - 000344576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgeIso.dll
2019-03-17 11:18 - 2019-03-06 03:29 - 000044544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf3216.dll
2019-03-17 11:18 - 2019-03-06 03:26 - 000155136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EdgeManager.dll
2019-03-17 11:18 - 2019-03-06 03:26 - 000079360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakradiag.dll
2019-03-17 11:18 - 2019-03-06 03:24 - 000369152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msIso.dll
2019-03-17 11:18 - 2019-03-06 03:21 - 000539136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2019-03-17 11:18 - 2019-03-06 03:21 - 000420352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winspool.drv
2019-03-17 11:18 - 2019-03-06 03:20 - 000664576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2019-03-17 11:18 - 2019-03-06 03:19 - 000464384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2019-03-17 11:18 - 2019-03-06 03:15 - 001588224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2019-03-17 11:18 - 2019-03-06 03:15 - 001566720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2019-03-17 11:18 - 2019-03-06 03:15 - 001474560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2019-03-17 11:18 - 2019-03-06 03:12 - 004057600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2019-03-17 11:18 - 2019-02-21 00:13 - 000313344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrd2x40.dll
2019-03-17 11:18 - 2019-02-17 02:24 - 000336896 _____ (Microsoft Corporation) C:\Windows\system32\HolographicRuntimes.dll
2019-03-17 11:18 - 2019-02-17 02:20 - 000882688 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Mirage.Internal.dll
2019-03-17 11:18 - 2019-02-17 00:33 - 002491232 _____ C:\Windows\SysWOW64\Windows.Mirage.dll
2019-03-17 11:18 - 2019-02-17 00:23 - 000618496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Mirage.Internal.dll
2019-03-17 11:18 - 2019-02-16 23:59 - 000779856 _____ (Microsoft Corporation) C:\Windows\system32\fontdrvhost.exe
2019-03-17 11:18 - 2019-02-16 23:59 - 000478792 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase_enclave.dll
2019-03-17 11:18 - 2019-02-16 23:59 - 000382264 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2019-03-17 11:18 - 2019-02-16 23:59 - 000269600 _____ C:\Windows\system32\FaceProcessorCore.dll
2019-03-17 11:18 - 2019-02-16 23:54 - 000997312 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2019-03-17 11:18 - 2019-02-16 23:54 - 000795400 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2019-03-17 11:18 - 2019-02-16 23:53 - 001277968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2019-03-17 11:18 - 2019-02-16 23:53 - 000898328 _____ (Microsoft Corporation) C:\Windows\system32\CoreMessaging.dll
2019-03-17 11:18 - 2019-02-16 23:51 - 006282184 _____ (Microsoft Corporation) C:\Windows\system32\OneCoreUAPCommonProxyStub.dll
2019-03-17 11:18 - 2019-02-16 23:51 - 001778272 _____ (Microsoft Corporation) C:\Windows\system32\propsys.dll
2019-03-17 11:18 - 2019-02-16 23:51 - 001114040 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Shell.Broker.dll
2019-03-17 11:18 - 2019-02-16 23:51 - 000687456 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll
2019-03-17 11:18 - 2019-02-16 23:51 - 000563536 _____ (Microsoft Corporation) C:\Windows\system32\AppResolver.dll
2019-03-17 11:18 - 2019-02-16 23:51 - 000436536 _____ (Microsoft Corporation) C:\Windows\system32\CloudExperienceHostCommon.dll
2019-03-17 11:18 - 2019-02-16 23:51 - 000398728 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsAdminFlows.exe
2019-03-17 11:18 - 2019-02-16 23:51 - 000334136 _____ (Microsoft Corporation) C:\Windows\system32\moshostcore.dll
2019-03-17 11:18 - 2019-02-16 23:51 - 000184336 _____ C:\Windows\system32\InputHost.dll
2019-03-17 11:18 - 2019-02-16 23:51 - 000039736 _____ (Microsoft Corporation) C:\Windows\system32\LocationFrameworkPS.dll
2019-03-17 11:18 - 2019-02-16 23:50 - 000824800 _____ (Microsoft Corporation) C:\Windows\system32\ClipSVC.dll
2019-03-17 11:18 - 2019-02-16 23:50 - 000712504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vhdmp.sys
2019-03-17 11:18 - 2019-02-16 23:50 - 000668848 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.dll
2019-03-17 11:18 - 2019-02-16 23:50 - 000465336 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
2019-03-17 11:18 - 2019-02-16 23:50 - 000250168 _____ (Microsoft Corporation) C:\Windows\system32\offlinesam.dll
2019-03-17 11:18 - 2019-02-16 23:49 - 001170120 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2019-03-17 11:18 - 2019-02-16 23:49 - 001054392 _____ (Microsoft Corporation) C:\Windows\system32\msvproc.dll
2019-03-17 11:18 - 2019-02-16 23:49 - 000903856 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
2019-03-17 11:18 - 2019-02-16 23:49 - 000710888 _____ (Microsoft Corporation) C:\Windows\system32\MSVideoDSP.dll
2019-03-17 11:18 - 2019-02-16 23:49 - 000603824 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2019-03-17 11:18 - 2019-02-16 23:49 - 000374152 _____ (Microsoft Corporation) C:\Windows\system32\vac.exe
2019-03-17 11:18 - 2019-02-16 23:49 - 000093712 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2019-03-17 11:18 - 2019-02-16 23:48 - 001430672 _____ (Microsoft Corporation) C:\Windows\system32\WpcMon.exe
2019-03-17 11:18 - 2019-02-16 23:48 - 001426064 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2019-03-17 11:18 - 2019-02-16 23:48 - 001337280 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2019-03-17 11:18 - 2019-02-16 23:48 - 000857616 _____ (Microsoft Corporation) C:\Windows\system32\LicensingWinRT.dll
2019-03-17 11:18 - 2019-02-16 23:48 - 000714768 _____ (Microsoft Corporation) C:\Windows\system32\EditionUpgradeManagerObj.dll
2019-03-17 11:18 - 2019-02-16 23:48 - 000413792 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2019-03-17 11:18 - 2019-02-16 23:48 - 000261008 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2019-03-17 11:18 - 2019-02-16 23:48 - 000087296 _____ (Microsoft Corporation) C:\Windows\system32\remoteaudioendpoint.dll
2019-03-17 11:18 - 2019-02-16 23:47 - 001101624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2019-03-17 11:18 - 2019-02-16 23:47 - 000387536 _____ (Microsoft Corporation) C:\Windows\system32\wmpps.dll
2019-03-17 11:18 - 2019-02-16 23:46 - 000628752 _____ (Microsoft Corporation) C:\Windows\system32\msvcp_win.dll
2019-03-17 11:18 - 2019-02-16 22:31 - 002362368 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.Controls.dll
2019-03-17 11:18 - 2019-02-16 22:30 - 003994624 _____ (Microsoft Corporation) C:\Windows\system32\UIRibbon.dll
2019-03-17 11:18 - 2019-02-16 22:30 - 001785856 _____ (Microsoft Corporation) C:\Windows\system32\wsp_health.dll
2019-03-17 11:18 - 2019-02-16 22:30 - 001357312 _____ (Microsoft Corporation) C:\Windows\system32\cdprt.dll
2019-03-17 11:18 - 2019-02-16 22:29 - 002053120 _____ (Microsoft Corporation) C:\Windows\system32\wsp_fs.dll
2019-03-17 11:18 - 2019-02-16 22:29 - 000997376 _____ (Microsoft Corporation) C:\Windows\system32\clusapi.dll
2019-03-17 11:18 - 2019-02-16 22:29 - 000730112 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Signals.dll
2019-03-17 11:18 - 2019-02-16 22:29 - 000674816 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.AdaptiveCards.XamlCardRenderer.dll
2019-03-17 11:18 - 2019-02-16 22:29 - 000602624 _____ (Microsoft Corporation) C:\Windows\system32\resutils.dll
2019-03-17 11:18 - 2019-02-16 22:28 - 000975360 _____ C:\Windows\system32\FaceProcessor.dll
#23
2019-03-17 11:18 - 2019-02-16 22:28 - 000704000 _____ (Microsoft Corporation) C:\Windows\system32\UiaManager.dll
2019-03-17 11:18 - 2019-02-16 22:28 - 000674304 _____ (Microsoft Corporation) C:\Windows\system32\LockController.dll
2019-03-17 11:18 - 2019-02-16 22:28 - 000235008 _____ (Microsoft Corporation) C:\Windows\system32\WpcTok.exe
2019-03-17 11:18 - 2019-02-16 22:28 - 000190976 _____ (Microsoft Corporation) C:\Windows\system32\WpcApi.dll
2019-03-17 11:18 - 2019-02-16 22:28 - 000121856 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2019-03-17 11:18 - 2019-02-16 22:27 - 002890240 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.Resources.dll
2019-03-17 11:18 - 2019-02-16 22:27 - 000239104 _____ (Microsoft Corporation) C:\Windows\system32\smartscreenps.dll
2019-03-17 11:18 - 2019-02-16 22:26 - 002186240 _____ (Microsoft Corporation) C:\Windows\system32\mmgaclient.dll
2019-03-17 11:18 - 2019-02-16 22:26 - 001685504 _____ (Microsoft Corporation) C:\Windows\system32\mmgaserver.exe
2019-03-17 11:18 - 2019-02-16 22:26 - 000231936 _____ (Microsoft Corporation) C:\Windows\system32\aadauthhelper.dll
2019-03-17 11:18 - 2019-02-16 22:25 - 001327104 _____ (Microsoft Corporation) C:\Windows\system32\dxilconv.dll
2019-03-17 11:18 - 2019-02-16 22:25 - 000203776 _____ (Microsoft Corporation) C:\Windows\system32\PersonaX.dll
2019-03-17 11:18 - 2019-02-16 22:25 - 000170496 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_ContentDeliveryManager.dll
2019-03-17 11:18 - 2019-02-16 22:24 - 000543232 _____ (Microsoft Corporation) C:\Windows\system32\HolographicExtensions.dll
2019-03-17 11:18 - 2019-02-16 22:24 - 000406528 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.BioFeedback.dll
2019-03-17 11:18 - 2019-02-16 22:24 - 000340480 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Shell.BlueLightReduction.dll
2019-03-17 11:18 - 2019-02-16 22:23 - 001925120 _____ (Microsoft Corporation) C:\Windows\system32\AzureSettingSyncProvider.dll
2019-03-17 11:18 - 2019-02-16 22:23 - 001341440 ____R (The ICU Project) C:\Windows\system32\icuuc.dll
2019-03-17 11:18 - 2019-02-16 22:23 - 001282048 _____ (Microsoft Corporation) C:\Windows\system32\MSVPXENC.dll
2019-03-17 11:18 - 2019-02-16 22:23 - 000795136 _____ (Microsoft Corporation) C:\Windows\system32\NaturalAuth.dll
2019-03-17 11:18 - 2019-02-16 22:23 - 000713216 _____ (Microsoft Corporation) C:\Windows\system32\NetworkCollectionAgent.dll
2019-03-17 11:18 - 2019-02-16 22:23 - 000703488 _____ (Microsoft Corporation) C:\Windows\system32\ngccredprov.dll
2019-03-17 11:18 - 2019-02-16 22:23 - 000623616 _____ (Microsoft Corporation) C:\Windows\system32\aadcloudap.dll
2019-03-17 11:18 - 2019-02-16 22:23 - 000620032 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_Devices.dll
2019-03-17 11:18 - 2019-02-16 22:23 - 000503296 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_User.dll
2019-03-17 11:18 - 2019-02-16 22:23 - 000484352 _____ (Microsoft Corporation) C:\Windows\system32\cdpusersvc.dll
2019-03-17 11:18 - 2019-02-16 22:23 - 000428544 _____ (Microsoft Corporation) C:\Windows\system32\OneCoreCommonProxyStub.dll
2019-03-17 11:18 - 2019-02-16 22:23 - 000332800 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_Notifications.dll
2019-03-17 11:18 - 2019-02-16 22:22 - 002404864 _____ (Microsoft Corporation) C:\Windows\system32\DeviceFlows.DataModel.dll
2019-03-17 11:18 - 2019-02-16 22:22 - 001900544 ____R (The ICU Project) C:\Windows\system32\icuin.dll
2019-03-17 11:18 - 2019-02-16 22:22 - 001471488 _____ (Microsoft Corporation) C:\Windows\system32\CoreShell.dll
2019-03-17 11:18 - 2019-02-16 22:22 - 001346048 _____ (Microsoft Corporation) C:\Windows\system32\lpasvc.dll
2019-03-17 11:18 - 2019-02-16 22:22 - 001262592 _____ (Microsoft Corporation) C:\Windows\system32\JpMapControl.dll
2019-03-17 11:18 - 2019-02-16 22:22 - 000984064 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2019-03-17 11:18 - 2019-02-16 22:22 - 000479744 _____ (Microsoft Corporation) C:\Windows\system32\MapConfiguration.dll
2019-03-17 11:18 - 2019-02-16 22:22 - 000432640 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.LockScreen.dll
2019-03-17 11:18 - 2019-02-16 22:22 - 000243712 _____ (Microsoft Corporation) C:\Windows\system32\WinSCard.dll
2019-03-17 11:18 - 2019-02-16 22:21 - 004592640 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsThresholdAdminFlowUI.dll
2019-03-17 11:18 - 2019-02-16 22:21 - 001297920 _____ (Microsoft Corporation) C:\Windows\system32\GamePanel.exe
2019-03-17 11:18 - 2019-02-16 22:21 - 001173504 _____ (Microsoft Corporation) C:\Windows\system32\MapsStore.dll
2019-03-17 11:18 - 2019-02-16 22:21 - 000987136 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.InkControls.dll
2019-03-17 11:18 - 2019-02-16 22:21 - 000962560 _____ (Microsoft Corporation) C:\Windows\system32\BingOnlineServices.dll
2019-03-17 11:18 - 2019-02-16 22:21 - 000911360 _____ (Microsoft Corporation) C:\Windows\system32\WpcRefreshTask.dll
2019-03-17 11:18 - 2019-02-16 22:21 - 000908800 _____ (Microsoft Corporation) C:\Windows\system32\WpcWebFilter.dll
2019-03-17 11:18 - 2019-02-16 22:21 - 000697344 _____ (Microsoft Corporation) C:\Windows\system32\cdpsvc.dll
2019-03-17 11:18 - 2019-02-16 22:21 - 000492032 _____ (Microsoft Corporation) C:\Windows\system32\NetSetupShim.dll
2019-03-17 11:18 - 2019-02-16 22:20 - 002088448 _____ (Microsoft Corporation) C:\Windows\system32\UIAutomationCore.dll
2019-03-17 11:18 - 2019-02-16 22:20 - 001117184 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2019-03-17 11:18 - 2019-02-16 22:20 - 000933376 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Sensors.dll
2019-03-17 11:18 - 2019-02-16 22:20 - 000893440 _____ (Microsoft Corporation) C:\Windows\system32\NMAA.dll
2019-03-17 11:18 - 2019-02-16 22:20 - 000891392 _____ (Microsoft Corporation) C:\Windows\system32\wcmsvc.dll
2019-03-17 11:18 - 2019-02-16 22:20 - 000464384 _____ (Microsoft Corporation) C:\Windows\system32\facecredentialprovider.dll
2019-03-17 11:18 - 2019-02-16 22:19 - 003329536 _____ (Microsoft Corporation) C:\Windows\system32\MSAJApi.dll
2019-03-17 11:18 - 2019-02-16 22:19 - 001543680 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.Maps.dll
2019-03-17 11:18 - 2019-02-16 22:19 - 001167360 _____ (Microsoft Corporation) C:\Windows\system32\ISM.dll
2019-03-17 11:18 - 2019-02-16 22:18 - 001488384 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2019-03-17 11:18 - 2019-02-16 22:18 - 001238016 _____ (Microsoft Corporation) C:\Windows\system32\aadtb.dll
2019-03-17 11:18 - 2019-02-16 22:18 - 001081856 _____ (Microsoft Corporation) C:\Windows\system32\ngcsvc.dll
2019-03-17 11:18 - 2019-02-16 22:18 - 001055744 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2019-03-17 11:18 - 2019-02-16 22:18 - 000885760 _____ (Microsoft Corporation) C:\Windows\system32\MapControlCore.dll
2019-03-17 11:18 - 2019-02-16 22:18 - 000885248 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Search.dll
2019-03-17 11:18 - 2019-02-16 22:18 - 000856064 _____ (Microsoft Corporation) C:\Windows\system32\mprddm.dll
2019-03-17 11:18 - 2019-02-16 22:16 - 001249792 _____ (Microsoft Corporation) C:\Windows\system32\wpnapps.dll
2019-03-17 11:18 - 2019-02-16 22:16 - 000688128 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll
2019-03-17 11:18 - 2019-02-16 22:15 - 001717248 _____ (Microsoft Corporation) C:\Windows\system32\comsvcs.dll
2019-03-17 11:18 - 2019-02-16 22:15 - 001280000 _____ (Microsoft Corporation) C:\Windows\system32\gpsvc.dll
2019-03-17 11:18 - 2019-02-16 22:14 - 001556992 _____ (Microsoft Corporation) C:\Windows\system32\VSSVC.exe
2019-03-17 11:18 - 2019-02-16 22:14 - 000715776 _____ (Microsoft Corporation) C:\Windows\system32\wlidcli.dll
2019-03-17 11:18 - 2019-02-16 22:14 - 000450560 _____ (Microsoft Corporation) C:\Windows\system32\es.dll
2019-03-17 11:18 - 2019-02-16 22:13 - 000344064 _____ (Microsoft Corporation) C:\Windows\system32\mcbuilder.exe
2019-03-17 11:18 - 2019-02-16 21:40 - 001932216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2019-03-17 11:18 - 2019-02-16 21:39 - 000649208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontdrvhost.exe
2019-03-17 11:18 - 2019-02-16 21:39 - 000566568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CoreMessaging.dll
2019-03-17 11:18 - 2019-02-16 21:39 - 000311096 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2019-03-17 11:18 - 2019-02-16 21:25 - 001141392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2019-03-17 11:18 - 2019-02-16 21:25 - 000595528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2019-03-17 11:18 - 2019-02-16 21:24 - 002314920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CoreUIComponents.dll
2019-03-17 11:18 - 2019-02-16 21:22 - 005616088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2019-03-17 11:18 - 2019-02-16 21:22 - 001555904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\propsys.dll
2019-03-17 11:18 - 2019-02-16 21:22 - 000444416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppResolver.dll
2019-03-17 11:18 - 2019-02-16 21:22 - 000149960 _____ C:\Windows\SysWOW64\InputHost.dll
2019-03-17 11:18 - 2019-02-16 21:22 - 000027664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LocationFrameworkPS.dll
2019-03-17 11:18 - 2019-02-16 21:21 - 001261768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinapi.appcore.dll
2019-03-17 11:18 - 2019-02-16 21:21 - 000354104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CloudExperienceHostCommon.dll
2019-03-17 11:18 - 2019-02-16 21:20 - 000704496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll
2019-03-17 11:18 - 2019-02-16 21:20 - 000522176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.dll
2019-03-17 11:18 - 2019-02-16 21:20 - 000353752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll
2019-03-17 11:18 - 2019-02-16 21:20 - 000221496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\offlinesam.dll
2019-03-17 11:18 - 2019-02-16 21:19 - 001057728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvproc.dll
2019-03-17 11:18 - 2019-02-16 21:19 - 000982952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2019-03-17 11:18 - 2019-02-16 21:18 - 001246336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2019-03-17 11:18 - 2019-02-16 21:18 - 001002552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2019-03-17 11:18 - 2019-02-16 21:18 - 000726544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LicensingWinRT.dll
2019-03-17 11:18 - 2019-02-16 21:18 - 000386336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2019-03-17 11:18 - 2019-02-16 21:18 - 000074896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\remoteaudioendpoint.dll
2019-03-17 11:18 - 2019-02-16 21:16 - 000505064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp_win.dll
2019-03-17 11:18 - 2019-02-16 20:58 - 003490816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIRibbon.dll
2019-03-17 11:18 - 2019-02-16 20:58 - 001453056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsp_fs.dll
2019-03-17 11:18 - 2019-02-16 20:58 - 001309696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsp_health.dll
2019-03-17 11:18 - 2019-02-16 20:58 - 000938496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cdprt.dll
2019-03-17 11:18 - 2019-02-16 20:57 - 000763904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clusapi.dll
2019-03-17 11:18 - 2019-02-16 20:57 - 000472576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\resutils.dll
2019-03-17 11:18 - 2019-02-16 20:56 - 000096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2019-03-17 11:18 - 2019-02-16 20:54 - 001428480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mmgaclient.dll
2019-03-17 11:18 - 2019-02-16 20:54 - 000155136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aadauthhelper.dll
2019-03-17 11:18 - 2019-02-16 20:54 - 000116224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ComposableShellProxyStub.dll
2019-03-17 11:18 - 2019-02-16 20:53 - 000181760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinSCard.dll
2019-03-17 11:18 - 2019-02-16 20:52 - 001286656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVPXENC.dll
2019-03-17 11:18 - 2019-02-16 20:51 - 001996800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DeviceFlows.DataModel.dll
2019-03-17 11:18 - 2019-02-16 20:51 - 001640960 ____R (The ICU Project) C:\Windows\SysWOW64\icuin.dll
2019-03-17 11:18 - 2019-02-16 20:51 - 001158656 ____R (The ICU Project) C:\Windows\SysWOW64\icuuc.dll
2019-03-17 11:18 - 2019-02-16 20:51 - 000315392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2019-03-17 11:18 - 2019-02-16 20:50 - 000981504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Cred.dll
2019-03-17 11:18 - 2019-02-16 20:50 - 000910336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxilconv.dll
2019-03-17 11:18 - 2019-02-16 20:50 - 000356864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MapConfiguration.dll
2019-03-17 11:18 - 2019-02-16 20:49 - 006204416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BingMaps.dll
2019-03-17 11:18 - 2019-02-16 20:49 - 003181568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cdp.dll
2019-03-17 11:18 - 2019-02-16 20:49 - 000963584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GamePanel.exe
2019-03-17 11:18 - 2019-02-16 20:49 - 000636416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WpcWebFilter.dll
2019-03-17 11:18 - 2019-02-16 20:49 - 000343552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NetSetupShim.dll
2019-03-17 11:18 - 2019-02-16 20:48 - 001277440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AzureSettingSyncProvider.dll
2019-03-17 11:18 - 2019-02-16 20:48 - 000720896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.InkControls.dll
2019-03-17 11:18 - 2019-02-16 20:47 - 001948672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MapGeocoder.dll
2019-03-17 11:18 - 2019-02-16 20:47 - 001236480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Globalization.dll
2019-03-17 11:18 - 2019-02-16 20:47 - 000981504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JpMapControl.dll
2019-03-17 11:18 - 2019-02-16 20:47 - 000756736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BingOnlineServices.dll
2019-03-17 11:18 - 2019-02-16 20:46 - 002680832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSAJApi.dll
2019-03-17 11:18 - 2019-02-16 20:46 - 002409984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MapRouter.dll
2019-03-17 11:18 - 2019-02-16 20:46 - 001342464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wpc.dll
2019-03-17 11:18 - 2019-02-16 20:46 - 001312256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.Maps.dll
2019-03-17 11:18 - 2019-02-16 20:45 - 004839424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dbgeng.dll
2019-03-17 11:18 - 2019-02-16 20:45 - 003648000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_47.dll
2019-03-17 11:18 - 2019-02-16 20:45 - 001668096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAutomationCore.dll
2019-03-17 11:18 - 2019-02-16 20:45 - 000825856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2019-03-17 11:18 - 2019-02-16 20:45 - 000696832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Sensors.dll
2019-03-17 11:18 - 2019-02-16 20:44 - 000955392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aadtb.dll
2019-03-17 11:18 - 2019-02-16 20:44 - 000761856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mprddm.dll
2019-03-17 11:18 - 2019-02-16 20:44 - 000743424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NMAA.dll
2019-03-17 11:18 - 2019-02-16 20:44 - 000695296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Search.dll
2019-03-17 11:18 - 2019-02-16 20:43 - 000975360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpnapps.dll
2019-03-17 11:18 - 2019-02-16 20:42 - 001353216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comsvcs.dll
2019-03-17 11:18 - 2019-02-16 20:42 - 000340480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RTMediaFrame.dll
2019-03-17 11:18 - 2019-02-16 20:41 - 000332288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\es.dll
2019-03-17 11:18 - 2019-02-16 20:40 - 000299008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mcbuilder.exe
2019-03-17 11:18 - 2019-02-16 20:38 - 000804120 _____ C:\Windows\SysWOW64\locale.nls
2019-03-17 11:18 - 2019-02-16 20:38 - 000804120 _____ C:\Windows\system32\locale.nls
2019-03-17 11:18 - 2017-11-26 09:00 - 000899584 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll
2019-03-17 11:17 - 2019-03-06 06:13 - 000206848 _____ (Microsoft Corporation) C:\Windows\system32\IndexedDbLegacy.dll
2019-03-17 11:17 - 2019-03-06 06:10 - 000331264 _____ (Microsoft Corporation) C:\Windows\system32\browserexport.exe
2019-03-17 11:17 - 2019-03-06 06:09 - 000082432 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2019-03-17 11:17 - 2019-03-06 06:08 - 000675328 _____ (Microsoft Corporation) C:\Windows\system32\webplatstorageserver.dll
2019-03-17 11:17 - 2019-03-06 06:08 - 000093696 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2019-03-17 11:17 - 2019-03-06 05:56 - 000323072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\udfs.sys
2019-03-17 11:17 - 2019-03-06 05:54 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe
2019-03-17 11:17 - 2019-03-06 05:53 - 000093184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cdfs.sys
2019-03-17 11:17 - 2019-03-06 05:53 - 000067584 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll
2019-03-17 11:17 - 2019-03-06 05:53 - 000031232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msfs.sys
2019-03-17 11:17 - 2019-03-06 05:53 - 000012800 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll
2019-03-17 11:17 - 2019-03-06 03:29 - 000414720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\werui.dll
2019-03-17 11:17 - 2019-03-06 03:25 - 000268288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2019-03-17 11:17 - 2019-03-06 03:25 - 000078336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2019-03-17 11:17 - 2019-03-06 03:24 - 000459776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webplatstorageserver.dll
2019-03-17 11:17 - 2019-02-16 22:28 - 000584192 _____ (Microsoft Corporation) C:\Windows\system32\UIRibbonRes.dll
2019-03-17 11:17 - 2019-02-16 22:28 - 000385024 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.PredictionUnit.dll
2019-03-17 11:17 - 2019-02-16 22:28 - 000300032 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Sets.dll
2019-03-17 11:17 - 2019-02-16 22:28 - 000250368 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_SignInOptions.dll
2019-03-17 11:17 - 2019-02-16 22:28 - 000217600 _____ (Microsoft Corporation) C:\Windows\system32\msctfp.dll
2019-03-17 11:17 - 2019-02-16 22:27 - 000119808 _____ (Microsoft Corporation) C:\Windows\system32\UserDataTimeUtil.dll
2019-03-17 11:17 - 2019-02-16 22:27 - 000084992 _____ C:\Windows\system32\DataStoreCacheDumpTool.exe
2019-03-17 11:17 - 2019-02-16 22:27 - 000037376 _____ (Microsoft Corporation) C:\Windows\system32\SEMgrPS.dll
2019-03-17 11:17 - 2019-02-16 22:26 - 000299008 _____ (Microsoft Corporation) C:\Windows\system32\GameBarPresenceWriter.exe
2019-03-17 11:17 - 2019-02-16 22:26 - 000173056 _____ (Microsoft Corporation) C:\Windows\system32\tdlrecover.exe
2019-03-17 11:17 - 2019-02-16 22:26 - 000143872 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll
2019-03-17 11:17 - 2019-02-16 22:26 - 000141312 _____ (Microsoft Corporation) C:\Windows\system32\provpackageapidll.dll
2019-03-17 11:17 - 2019-02-16 22:26 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\POSyncServices.dll
2019-03-17 11:17 - 2019-02-16 22:26 - 000065024 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2019-03-17 11:17 - 2019-02-16 22:26 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\odbcconf.dll
2019-03-17 11:17 - 2019-02-16 22:26 - 000002560 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2019-03-17 11:17 - 2019-02-16 22:25 - 000407552 _____ (Microsoft Corporation) C:\Windows\system32\CoreShellAPI.dll
2019-03-17 11:17 - 2019-02-16 22:25 - 000257536 _____ (Microsoft Corporation) C:\Windows\system32\ExSMime.dll
2019-03-17 11:17 - 2019-02-16 22:25 - 000253952 _____ (Microsoft Corporation) C:\Windows\system32\windows.internal.shellcommon.shareexperience.dll
2019-03-17 11:17 - 2019-02-16 22:25 - 000253952 _____ (Microsoft Corporation) C:\Windows\system32\FXST30.dll
2019-03-17 11:17 - 2019-02-16 22:24 - 000458752 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.BlockedShutdown.dll
2019-03-17 11:17 - 2019-02-16 22:24 - 000330752 _____ (Microsoft Corporation) C:\Windows\system32\NmaDirect.dll
2019-03-17 11:17 - 2019-02-16 22:24 - 000285184 _____ (Microsoft Corporation) C:\Windows\system32\Cortana.Persona.dll
2019-03-17 11:17 - 2019-02-16 22:24 - 000237568 _____ (Microsoft Corporation) C:\Windows\system32\ComposableShellProxyStub.dll
2019-03-17 11:17 - 2019-02-16 22:24 - 000188928 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_OneCore_BatterySaver.dll
2019-03-17 11:17 - 2019-02-16 22:24 - 000066048 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2019-03-17 11:17 - 2019-02-16 22:23 - 000647168 _____ (Microsoft Corporation) C:\Windows\system32\FXSCOMEX.dll
2019-03-17 11:17 - 2019-02-16 22:23 - 000504320 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.BackgroundTransfer.ContentPrefetchTask.dll
2019-03-17 11:17 - 2019-02-16 22:23 - 000321024 _____ (Microsoft Corporation) C:\Windows\system32\NotificationObjFactory.dll
2019-03-17 11:17 - 2019-02-16 22:23 - 000230400 _____ (Microsoft Corporation) C:\Windows\system32\ApproveChildRequest.exe
2019-03-17 11:17 - 2019-02-16 22:23 - 000119296 _____ (Microsoft Corporation) C:\Windows\system32\DafPrintProvider.dll
2019-03-17 11:17 - 2019-02-16 22:22 - 001425408 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettings.Handlers.dll
2019-03-17 11:17 - 2019-02-16 22:22 - 001113600 _____ (Microsoft Corporation) C:\Windows\system32\bcastdvr.exe
2019-03-17 11:17 - 2019-02-16 22:22 - 000820736 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Import.dll
2019-03-17 11:17 - 2019-02-16 22:22 - 000561152 _____ (Microsoft Corporation) C:\Windows\system32\tileobjserver.dll
2019-03-17 11:17 - 2019-02-16 22:22 - 000229888 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2019-03-17 11:17 - 2019-02-16 22:22 - 000086528 _____ (Microsoft Corporation) C:\Windows\system32\cldapi.dll
2019-03-17 11:17 - 2019-02-16 22:21 - 000841216 _____ (Microsoft Corporation) C:\Windows\system32\mmsys.cpl
2019-03-17 11:17 - 2019-02-16 22:21 - 000234496 _____ (Microsoft Corporation) C:\Windows\system32\NetworkDesktopSettings.dll
2019-03-17 11:17 - 2019-02-16 22:19 - 000563712 _____ (Microsoft Corporation) C:\Windows\system32\w32time.dll
2019-03-17 11:17 - 2019-02-16 22:16 - 000565248 _____ (Microsoft Corporation) C:\Windows\system32\wpnprv.dll
2019-03-17 11:17 - 2019-02-16 22:15 - 000438784 _____ (Microsoft Corporation) C:\Windows\system32\RTMediaFrame.dll
2019-03-17 11:17 - 2019-02-16 22:15 - 000307200 _____ (Microsoft Corporation) C:\Windows\system32\MicrosoftAccountExtension.dll
2019-03-17 11:17 - 2019-02-16 22:15 - 000080896 _____ (Microsoft Corporation) C:\Windows\system32\LocationFrameworkInternalPS.dll
2019-03-17 11:17 - 2019-02-16 22:15 - 000031232 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll
2019-03-17 11:17 - 2019-02-16 22:13 - 000068096 _____ (Microsoft Corporation) C:\Windows\system32\fdProxy.dll
2019-03-17 11:17 - 2019-02-16 20:58 - 001892864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.Controls.dll
2019-03-17 11:17 - 2019-02-16 20:57 - 000584192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIRibbonRes.dll
2019-03-17 11:17 - 2019-02-16 20:57 - 000089088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\olepro32.dll
2019-03-17 11:17 - 2019-02-16 20:56 - 000091648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctfp.dll
2019-03-17 11:17 - 2019-02-16 20:55 - 000160256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\smartscreenps.dll
2019-03-17 11:17 - 2019-02-16 20:55 - 000095232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserDataTimeUtil.dll
2019-03-17 11:17 - 2019-02-16 20:55 - 000030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2019-03-17 11:17 - 2019-02-16 20:55 - 000024064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbcconf.dll
2019-03-17 11:17 - 2019-02-16 20:55 - 000002560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2019-03-17 11:17 - 2019-02-16 20:54 - 001060352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mmgaserver.exe
2019-03-17 11:17 - 2019-02-16 20:54 - 000212992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GameBarPresenceWriter.exe
2019-03-17 11:17 - 2019-02-16 20:54 - 000110080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VEDataLayerHelpers.dll
2019-03-17 11:17 - 2019-02-16 20:54 - 000084480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppCapture.dll
2019-03-17 11:17 - 2019-02-16 20:54 - 000051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ContactActivation.dll
2019-03-17 11:17 - 2019-02-16 20:53 - 000319488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CoreShellAPI.dll
2019-03-17 11:17 - 2019-02-16 20:53 - 000243712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Cortana.Persona.dll
2019-03-17 11:17 - 2019-02-16 20:53 - 000124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ngckeyenum.dll
2019-03-17 11:17 - 2019-02-16 20:52 - 000517632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FXSCOMEX.dll
2019-03-17 11:17 - 2019-02-16 20:52 - 000256512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NmaDirect.dll
2019-03-17 11:17 - 2019-02-16 20:51 - 000480768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NetworkCollectionAgent.dll
2019-03-17 11:17 - 2019-02-16 20:50 - 000583680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Import.dll
2019-03-17 11:17 - 2019-02-16 20:50 - 000344064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2019-03-17 11:17 - 2019-02-16 20:50 - 000196096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\OneCoreCommonProxyStub.dll
2019-03-17 11:17 - 2019-02-16 20:50 - 000091648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DafPrintProvider.dll
2019-03-17 11:17 - 2019-02-16 20:49 - 000886784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcastdvr.exe
2019-03-17 11:17 - 2019-02-16 20:49 - 000769536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mmsys.cpl
2019-03-17 11:17 - 2019-02-16 20:49 - 000282624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NotificationObjFactory.dll
2019-03-17 11:17 - 2019-02-16 20:48 - 000706048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MapControlCore.dll
2019-03-17 11:17 - 2019-02-16 20:47 - 000076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cldapi.dll
2019-03-17 11:17 - 2019-02-16 20:43 - 000044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LocationFrameworkInternalPS.dll
2019-03-17 11:17 - 2019-02-16 20:41 - 000507904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlidcli.dll
2019-03-17 11:17 - 2019-02-16 20:40 - 000028672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fdProxy.dll
2019-03-16 20:21 - 2019-03-16 20:21 - 000002496 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive for Business.lnk
2019-03-16 20:21 - 2019-03-16 20:21 - 000002465 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Project.lnk
2019-03-16 20:21 - 2019-03-16 20:21 - 000002460 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype for Business.lnk
2019-03-16 20:21 - 2019-03-16 20:21 - 000002455 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2019-03-16 20:21 - 2019-03-16 20:21 - 000002454 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2019-03-16 20:21 - 2019-03-16 20:21 - 000002447 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visio.lnk
2019-03-16 20:21 - 2019-03-16 20:21 - 000002418 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2019-03-16 20:21 - 2019-03-16 20:21 - 000002417 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2019-03-16 20:21 - 2019-03-16 20:21 - 000002411 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2019-03-16 20:21 - 2019-03-16 20:21 - 000002405 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
2019-03-16 20:21 - 2019-03-16 20:21 - 000002397 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2019-03-16 20:21 - 2019-03-16 20:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
2019-03-16 20:15 - 2019-03-16 20:15 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2019-03-16 19:47 - 2019-03-28 12:16 - 000000000 ____D C:\Program Files\Microsoft Office
2019-03-16 19:46 - 2019-03-16 19:46 - 000000000 ____D C:\Program Files\Microsoft Office 15
2019-03-16 18:05 - 2008-08-18 19:18 - 000077824 _____ (Fox Magic Software) C:\Windows\SysWOW64\fmcodec.DLL
2019-03-16 17:50 - 2019-03-16 18:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\aTube Catcher
2019-03-16 17:50 - 2019-03-16 17:50 - 000000000 ____D C:\Program Files (x86)\DsNET Corp
2019-03-16 17:50 - 2017-11-09 13:58 - 000440320 _____ (Dart Communications) C:\Windows\SysWOW64\DartSock.dll
2019-03-16 17:50 - 2017-11-09 13:58 - 000401408 _____ (Dart Communications) C:\Windows\SysWOW64\DartSecure2.dll
2019-03-16 17:50 - 2017-11-09 13:58 - 000249856 _____ (Dart Communications) C:\Windows\SysWOW64\DartCertificate.dll
2019-03-14 12:31 - 2019-03-14 12:35 - 031779144 _____ C:\Users\Jose Angel Ramirez\Documents\fernando rojas..m4a
2019-03-14 12:28 - 2019-03-14 12:29 - 000000000 ____D C:\Users\Jose Angel Ramirez\Documents\tapizados
2019-03-13 13:30 - 2019-03-31 19:32 - 000000000 ____D C:\Users\Jose Angel Ramirez\AppData\Local\CrashDumps
2019-03-09 09:41 - 2019-03-09 09:41 - 000000000 ____D C:\Users\Jose Angel Ramirez\Documents\licencias
2019-03-07 15:27 - 2019-04-01 16:50 - 000000000 ____D C:\Users\Jose Angel Ramirez\AppData\Roaming\TeamViewer
2019-03-07 15:10 - 2019-04-01 15:33 - 000000000 _____ C:\Users\Jose Angel Ramirez\AppData\Local\Temptable.xml
2019-03-06 23:54 - 2019-03-17 22:42 - 000000000 ____D C:\Users\Jose Angel Ramirez\Documents\captura
2019-03-04 19:08 - 2019-04-01 15:33 - 000000000 ____D C:\Users\Jose Angel Ramirez\Documents\solidworks ejercicios
2019-03-03 13:08 - 2019-03-03 13:08 - 000000019 ____H C:\Users\Jose Angel Ramirez\Documents\~$ejercicio 1.SLDPRT
2019-03-03 13:06 - 2019-03-23 10:57 - 000000000 ____D C:\Windows\files
2019-03-03 00:51 - 2019-03-03 00:51 - 000000000 ___HD C:\$AV_ASW
2019-03-03 00:14 - 2019-03-03 00:14 - 000000000 ___HD C:\$SysReset

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-04-02 12:49 - 2019-02-26 22:17 - 000000000 ____D C:\Users\Jose Angel Ramirez\AppData\LocalLow\Mozilla
2019-04-02 12:32 - 2019-02-24 21:37 - 000003506 _____ C:\Windows\System32\Tasks\DashlaneUpgradeCheck
2019-04-02 12:31 - 2017-09-29 10:46 - 000000000 ____D C:\Windows\DeliveryOptimization
2019-04-02 12:29 - 2019-02-24 08:51 - 000000000 __SHD C:\Users\Jose Angel Ramirez\IntelGraphicsProfiles
2019-04-02 12:27 - 2018-04-21 21:15 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-04-01 21:16 - 2017-09-29 05:45 - 000524288 _____ C:\Windows\system32\config\BBI
2019-04-01 19:08 - 2019-03-02 23:34 - 000003688 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1551580442
2019-04-01 19:08 - 2019-03-02 21:20 - 000000000 ____D C:\Windows\System32\Tasks\Avast Software
2019-04-01 19:08 - 2019-02-26 14:30 - 000002858 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-559981516-1024437498-3407727514-1002
2019-04-01 19:08 - 2019-02-24 08:05 - 000003692 _____ C:\Windows\System32\Tasks\AcerCMUpdateTask2.1.16258
2019-04-01 19:08 - 2018-04-21 22:22 - 000002610 _____ C:\Windows\System32\Tasks\Norton WSC Integration
2019-04-01 19:08 - 2018-04-21 22:13 - 000002290 _____ C:\Windows\System32\Tasks\Power Button
2019-04-01 19:08 - 2018-04-21 22:13 - 000002216 _____ C:\Windows\System32\Tasks\Quick Access
2019-04-01 19:08 - 2018-04-21 22:04 - 000002630 _____ C:\Windows\System32\Tasks\Acer Collection Monitor Application
2019-04-01 19:08 - 2018-04-21 22:04 - 000002596 _____ C:\Windows\System32\Tasks\Acer Collection Application
2019-04-01 19:08 - 2018-04-21 22:01 - 000004302 _____ C:\Windows\System32\Tasks\Software Update Application
2019-04-01 19:08 - 2018-04-21 22:01 - 000003852 _____ C:\Windows\System32\Tasks\ACCAgent
2019-04-01 19:08 - 2018-04-21 22:01 - 000002820 _____ C:\Windows\System32\Tasks\ACC
2019-04-01 19:08 - 2018-04-21 22:01 - 000002706 _____ C:\Windows\System32\Tasks\UbtFrameworkService
2019-04-01 19:08 - 2018-04-21 22:01 - 000002328 _____ C:\Windows\System32\Tasks\ACCBackgroundApplication
2019-04-01 19:08 - 2018-04-21 21:31 - 000003118 _____ C:\Windows\System32\Tasks\Intel PTT EK Recertification
2019-04-01 19:08 - 2018-04-21 21:28 - 000002768 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task v2
2019-04-01 14:58 - 2018-04-21 21:15 - 000000000 ____D C:\Windows\system32\SleepStudy
2019-03-31 21:55 - 2017-09-29 10:46 - 000000000 ____D C:\Windows\system32\NDF
2019-03-31 19:32 - 2018-04-22 00:14 - 000000000 ____D C:\Windows\Panther
2019-03-31 19:32 - 2017-09-29 10:46 - 000000000 ____D C:\Windows\LiveKernelReports
2019-03-31 19:32 - 2017-09-29 10:44 - 000000000 ____D C:\Windows\INF
2019-03-31 19:02 - 2019-03-02 21:19 - 000004264 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2019-03-30 23:42 - 2017-09-29 10:46 - 000000000 ___HD C:\Windows\ELAMBKUP
2019-03-30 23:37 - 2019-02-24 08:46 - 000000000 ____D C:\Users\Jose Angel Ramirez
2019-03-30 23:25 - 2018-04-21 23:50 - 001300930 _____ C:\Windows\system32\perfh00A.dat
2019-03-30 23:25 - 2018-04-21 23:50 - 000301258 _____ C:\Windows\system32\perfc00A.dat
2019-03-30 23:25 - 2018-04-21 21:29 - 000005638 _____ C:\Windows\system32\PerfStringBackup.INI
2019-03-29 19:57 - 2019-02-25 16:46 - 000000000 ____D C:\ProgramData\FLEXnet
2019-03-29 19:17 - 2018-04-21 22:21 - 000000000 ____D C:\ProgramData\Norton
2019-03-29 19:12 - 2017-09-29 10:46 - 000000000 ___HD C:\Program Files\WindowsApps
2019-03-29 19:04 - 2017-09-29 10:46 - 000000000 ____D C:\Windows\registration
2019-03-29 16:22 - 2019-03-02 21:06 - 000000000 ____D C:\Users\Jose Angel Ramirez\Documents\aplicaciones
2019-03-29 09:32 - 2017-09-29 10:46 - 000000000 ____D C:\Windows\AppReadiness
2019-03-28 19:24 - 2018-04-21 22:12 - 000001244 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2019-03-28 12:19 - 2017-09-29 10:46 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-03-28 12:18 - 2017-09-29 10:46 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2019-03-27 20:16 - 2019-02-25 15:02 - 000000000 ____D C:\Users\Jose Angel Ramirez\AppData\Roaming\SOLIDWORKS
2019-03-27 12:56 - 2019-02-24 08:54 - 000002440 _____ C:\Users\Jose Angel Ramirez\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-03-27 12:56 - 2019-02-24 08:54 - 000000000 ___RD C:\Users\Jose Angel Ramirez\OneDrive
2019-03-26 15:25 - 2019-02-25 16:46 - 000000000 ____D C:\Users\Jose Angel Ramirez\AppData\Local\SolidWorks
2019-03-26 13:02 - 2018-04-21 22:12 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-03-25 09:52 - 2017-09-29 10:37 - 000000000 ____D C:\Windows\CbsTemp
2019-03-20 18:44 - 2019-02-24 08:51 - 000000000 ____D C:\Users\Jose Angel Ramirez\AppData\Local\Packages
2019-03-20 18:23 - 2019-02-26 15:29 - 000000000 ____D C:\Program Files\rempl
2019-03-19 12:10 - 2017-09-29 10:46 - 000000000 ____D C:\Windows\rescache
2019-03-19 10:08 - 2019-03-02 21:18 - 001034640 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2019-03-19 10:08 - 2019-03-02 21:18 - 000518784 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNetSec.sys
2019-03-19 10:08 - 2019-03-02 21:18 - 000476256 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2019-03-19 10:08 - 2019-03-02 21:18 - 000380160 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2019-03-19 10:08 - 2019-03-02 21:18 - 000320904 _____ (AVAST Software) C:\Windows\system32\Drivers\aswblog.sys
2019-03-19 10:08 - 2019-03-02 21:18 - 000254408 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriver.sys
2019-03-19 10:08 - 2019-03-02 21:18 - 000220632 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2019-03-19 10:08 - 2019-03-02 21:18 - 000205608 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2019-03-19 10:08 - 2019-03-02 21:18 - 000196304 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsh.sys
2019-03-19 10:08 - 2019-03-02 21:18 - 000169104 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2019-03-19 10:08 - 2019-03-02 21:18 - 000112520 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2019-03-19 10:08 - 2019-03-02 21:18 - 000088152 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2019-03-19 10:08 - 2019-03-02 21:18 - 000058168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniv.sys
2019-03-19 10:08 - 2019-03-02 21:18 - 000042496 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2019-03-18 19:26 - 2018-04-21 21:40 - 000000000 ____D C:\Program Files (x86)\VulkanRT
2019-03-17 14:28 - 2019-02-24 08:51 - 000000000 ___RD C:\Users\Jose Angel Ramirez\3D Objects
2019-03-17 14:28 - 2018-04-21 21:26 - 000000000 __RHD C:\Users\Public\AccountPictures
2019-03-17 14:24 - 2018-04-21 21:15 - 001326872 _____ C:\Windows\system32\FNTCACHE.DAT
2019-03-17 11:55 - 2017-09-29 10:46 - 000000000 ___SD C:\Windows\SysWOW64\F12
2019-03-17 11:55 - 2017-09-29 10:46 - 000000000 ___SD C:\Windows\system32\UNP
2019-03-17 11:55 - 2017-09-29 10:46 - 000000000 ____D C:\Windows\TextInput
2019-03-17 11:55 - 2017-09-29 10:46 - 000000000 ____D C:\Windows\system32\WinBioPlugIns
2019-03-17 11:54 - 2017-09-29 10:46 - 000000000 ___SD C:\Windows\system32\F12
2019-03-17 11:54 - 2017-09-29 10:46 - 000000000 ___RD C:\Windows\PrintDialog
2019-03-17 11:54 - 2017-09-29 10:46 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2019-03-17 11:54 - 2017-09-29 10:46 - 000000000 ___RD C:\Program Files\Windows Defender
2019-03-17 11:54 - 2017-09-29 10:46 - 000000000 ____D C:\Windows\system32\appraiser
2019-03-17 11:54 - 2017-09-29 10:46 - 000000000 ____D C:\Windows\ShellExperiences
2019-03-17 11:54 - 2017-09-29 10:46 - 000000000 ____D C:\Windows\Provisioning
2019-03-17 11:54 - 2017-09-29 10:46 - 000000000 ____D C:\Windows\bcastdvr
2019-03-17 11:54 - 2017-09-29 10:46 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2019-03-17 11:54 - 2017-09-29 10:46 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2019-03-17 11:54 - 2017-09-29 10:46 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2019-03-16 17:20 - 2019-03-01 00:18 - 000000000 ____D C:\ProgramData\Packages
2019-03-15 19:33 - 2019-02-26 15:21 - 000000000 ____D C:\Windows\system32\MRT
2019-03-15 19:19 - 2019-02-26 15:21 - 127411920 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2019-03-13 21:09 - 2019-03-02 23:34 - 000000000 ____D C:\Users\Jose Angel Ramirez\AppData\Local\Opera Software
2019-03-13 21:09 - 2019-03-02 23:16 - 000000000 ____D C:\Users\Jose Angel Ramirez\AppData\Roaming\Opera Software
2019-03-13 21:08 - 2018-04-21 22:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer
2019-03-11 21:18 - 2019-03-02 20:58 - 000000000 ____D C:\Users\Jose Angel Ramirez\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2019-03-11 21:18 - 2019-03-02 20:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2019-03-11 21:18 - 2019-03-02 20:58 - 000000000 ____D C:\Program Files\WinRAR
2019-03-11 12:31 - 2017-09-29 11:42 - 000000000 ____D C:\Windows\OCR
2019-03-09 09:28 - 2019-03-02 22:20 - 000000000 ____D C:\Program Files\KMSpico
2019-03-03 13:57 - 2017-09-29 10:49 - 000835480 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2019-03-03 13:57 - 2017-09-29 10:49 - 000179608 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

==================== Files in the root of some directories =======

2019-03-29 11:27 - 2019-03-29 13:42 - 000007601 _____ () C:\Users\Jose Angel Ramirez\AppData\Local\Resmon.ResmonCfg
2019-03-07 15:10 - 2019-04-01 15:33 - 000000000 _____ () C:\Users\Jose Angel Ramirez\AppData\Local\Temptable.xml

Some files in TEMP:
====================
2019-03-30 21:30 - 2019-02-05 14:52 - 064309056 _____ (Malwarebytes ) C:\Users\Jose Angel Ramirez\AppData\Local\Temp\mb3-setup-consumer-3.7.1.2839.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\dllhost.exe => File is digitally signed
C:\Windows\SysWOW64\dllhost.exe => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2019-03-29 12:26

==================== End of FRST.txt ============================
#24
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17.03.2019
Ran by Jose Angel Ramirez (02-04-2019 12:53:33)
Running from C:\Users\Jose Angel Ramirez\Desktop
Windows 10 Home Single Language Version 1709 16299.1029 (X64) (2019-02-24 11:34:19)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrador (S-1-5-21-559981516-1024437498-3407727514-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-559981516-1024437498-3407727514-503 - Limited - Disabled)
Invitado (S-1-5-21-559981516-1024437498-3407727514-501 - Limited - Disabled)
Jose Angel Ramirez (S-1-5-21-559981516-1024437498-3407727514-1002 - Administrator - Enabled) => C:\Users\Jose Angel Ramirez
WDAGUtilityAccount (S-1-5-21-559981516-1024437498-3407727514-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Disabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Norton Security (Disabled - Out of date) {30744133-1E94-7B35-F4A3-82A5AEF1CBAA}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton Security (Disabled - Out of date) {8B15A0D7-38AE-74BB-CE13-B9D7D5768117}
AS: Avast Antivirus (Disabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
FW: Avast Antivirus (Disabled) {B693136B-F6EE-DD1C-A0EF-229B8B0B29C4}
FW: Norton Security (Disabled) {084FC016-54FB-7A6D-DFFC-2B9050228CD1}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Acer Care Center (HKLM\...\{1AF41E84-3408-499A-8C93-8891F0612719}) (Version: 2.00.3034 - Acer Incorporated)
Acer Collection (HKLM-x32\...\{8CD449EA-BBA0-477F-AFF9-9AF6E8C50EF2}) (Version: 1.01.3011 - Acer Incorporated)
Acer Configuration Manager (HKLM-x32\...\{414D554E-4453-454E-0201-000000016258}) (Version: 2.1.16258 - Acer)
Acer Quick Access (HKLM\...\{8BBF04F1-C68A-441C-B5EF-446EE9960EAF}) (Version: 2.01.3018 - Acer Incorporated)
Acer UEIP Framework (HKLM\...\{12A718F2-2357-4D41-9E1F-18583A4745F7}) (Version: 3.03.3005 - Acer Incorporated)
aTube Catcher versión 3.8 (HKLM-x32\...\{D43B360E-722D-421B-BC77-20B9E0F8B6CD}_is1) (Version: 3.8 - DsNET Corp)
Avast Premier (HKLM-x32\...\Avast Antivirus) (Version: 19.3.2369 - AVAST Software)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.55 - Piriform)
Dashlane Upgrade Service (HKLM-x32\...\Dashlane Upgrade Service) (Version: 2.1.17.0 - Dashlane, Inc.)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.7.0.1052 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 25.20.100.6373 - Intel Corporation)
Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.47.715.0 - Intel Corporation) Hidden
Intel(R) Trusted Connect Services Client (HKLM-x32\...\{2b32b7d0-4f9f-47c8-adb7-807e6cb2fb75}) (Version: 1.47.715.0 - Intel Corporation) Hidden
Juegos WildTangent (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.1.0.1 - WildTangent)
Malwarebytes versión 3.7.1.2839 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.7.1.2839 - Malwarebytes)
Microsoft Office Profesional Plus 2019 - es-es (HKLM\...\Proplus2019Retail - es-es) (Version: 16.0.11328.20222 - Microsoft Corporation)
Microsoft Office Professional Plus 2019 - en-us (HKLM\...\Proplus2019Retail - en-us) (Version: 16.0.11328.20222 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-559981516-1024437498-3407727514-1002\...\OneDriveSetup.exe) (Version: 19.033.0218.0011 - Microsoft Corporation)
Microsoft Project Professional 2019 - en-us (HKLM\...\ProjectPro2019Retail - en-us) (Version: 16.0.11328.20222 - Microsoft Corporation)
Microsoft Project Professional 2019 - es-es (HKLM\...\ProjectPro2019Retail - es-es) (Version: 16.0.11328.20222 - Microsoft Corporation)
Microsoft Visio Professional 2019 - en-us (HKLM\...\VisioPro2019Retail - en-us) (Version: 16.0.11328.20222 - Microsoft Corporation)
Microsoft Visio Professional 2019 - es-es (HKLM\...\VisioPro2019Retail - es-es) (Version: 16.0.11328.20222 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24212 (HKLM-x32\...\{323dad84-0974-4d90-a1c1-e006c7fdbb7d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24212 (HKLM-x32\...\{462f63a8-6347-4894-a1b3-dbfe3a4c981d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2015 (HKLM-x32\...\{ab213ab7-4792-4c6f-a3fa-8485d06c3475}) (Version: 14.0.23829 - Microsoft Corporation)
Mozilla Firefox 66.0.2 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 66.0.2 (x86 en-US)) (Version: 66.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 57.0.2 - Mozilla)
Norton Security (HKLM-x32\...\NS) (Version: 22.11.1.5 - Symantec Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.11328.20222 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.11328.20222 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.11328.20222 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0C0A-1000-0000000FF1CE}) (Version: 16.0.11328.20222 - Microsoft Corporation) Hidden
Qualcomm Atheros 11ac Wireless LAN Installer (HKLM-x32\...\{20CA507E-24AA-4741-87CF-CC1B250790B7}) (Version: 11.0.10454 - Qualcomm)
Qualcomm Atheros Bluetooth Installer (64) (HKLM\...\{628988B4-3FA5-4EA6-BAA3-DA640F6718BD}) (Version: 10.0.0.309 - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.15063.21299 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.16.323.2017 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8122 - Realtek Semiconductor Corp.)
Software para dispositivos de chipset Intel® (HKLM-x32\...\{bb0592a7-5772-4736-9d55-2402740085db}) (Version: 10.1.1.38 - Intel(R) Corporation) Hidden
SOLIDWORKS 2019 SP01 (HKLM\...\{F261BF5C-81C4-4E81-9ED6-D7EBFA2A9A5B}) (Version: 27.110.0072 - Dassault Systemes SolidWorks Corp) Hidden
SOLIDWORKS 2019 SP01 (HKLM-x32\...\SolidWorks Installation Manager 20190-40100-1100-100) (Version: 27.1.0.72 - SolidWorks Corporation)
SOLIDWORKS 2019 Spanish Resources (HKLM\...\{A3AA02F2-6B01-4454-B668-44E990B96281}) (Version: 27.110.0072 - Nombre de su organización) Hidden
SOLIDWORKS CAM 2019 SP01 (HKLM\...\{FF62C344-015F-4A9F-8F49-7F02CBAB288E}) (Version: 27.10.0072 - Dassault Systèmes SolidWorks Corp) Hidden
SOLIDWORKS eDrawings 2019 SP01 (HKLM\...\{49641C8E-5ADA-42A8-8019-90CBDC933F86}) (Version: 27.10.0092 - Dassault Systèmes SolidWorks Corp) Hidden
SOLIDWORKS Explorer 2019 SP01 (HKLM\...\{ED3F46FA-EF6F-4633-AA94-5C44815EA2B2}) (Version: 27.10.0072 - Dassault Systèmes SolidWorks Corp) Hidden
TeamViewer 5 (HKLM-x32\...\TeamViewer 5) (Version: 5.0.7478  - TeamViewer GmbH)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{FBA3961B-D1DF-493C-BC1F-E67D3B832895}) (Version: 2.56.0.0 - Microsoft Corporation)
WildTangent Helper (HKLM-x32\...\{A39303AB-4898-4F12-BAA0-0B8630F86DB4}) (Version: 1.0.0.281 - WildTangent) Hidden
WinRAR 5.70 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.70.0 - win.rar GmbH)
WPTx64 (HKLM-x32\...\{0B2C58EB-67A2-225B-60B2-D1990E55DD33}) (Version: 8.100.26866 - Microsoft)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-559981516-1024437498-3407727514-1002_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6} -> [OneDrive] => {a52bba46-e9e1-435f-b3d9-28daa648c0f6}
ShellIconOverlayIdentifiers: [  OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files\Norton Security\Engine\22.11.1.5\buShell.dll [2017-10-17] (Symantec Corporation -> Symantec Corporation)
ShellIconOverlayIdentifiers: [  OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files\Norton Security\Engine\22.11.1.5\buShell.dll [2017-10-17] (Symantec Corporation -> Symantec Corporation)
ShellIconOverlayIdentifiers: [  OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files\Norton Security\Engine\22.11.1.5\buShell.dll [2017-10-17] (Symantec Corporation -> Symantec Corporation)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-03-19] (AVAST Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers-x32: [  OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files\Norton Security\Engine\22.11.1.5\buShell.dll [2017-10-17] (Symantec Corporation -> Symantec Corporation)
ShellIconOverlayIdentifiers-x32: [  OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files\Norton Security\Engine\22.11.1.5\buShell.dll [2017-10-17] (Symantec Corporation -> Symantec Corporation)
ShellIconOverlayIdentifiers-x32: [  OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files\Norton Security\Engine\22.11.1.5\buShell.dll [2017-10-17] (Symantec Corporation -> Symantec Corporation)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-03-19] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [BUContextMenu] -> {F7CAA2A1-67A2-44BB-B20F-202FD8EB1DAB} => C:\Program Files\Norton Security\Engine\22.11.1.5\buShell.dll [2017-10-17] (Symantec Corporation -> Symantec Corporation)
ContextMenuHandlers1: [Symantec.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files\Norton Security\Engine\22.11.1.5\NavShExt.dll [2017-10-17] (Symantec Corporation -> Symantec Corporation)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [Symantec.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files\Norton Security\Engine\22.11.1.5\NavShExt.dll [2017-10-17] (Symantec Corporation -> Symantec Corporation)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-03-19] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_57f66a4f0a97f1a3\igfxDTCM.dll [2018-12-19] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-03-19] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [BUContextMenu] -> {F7CAA2A1-67A2-44BB-B20F-202FD8EB1DAB} => C:\Program Files\Norton Security\Engine\22.11.1.5\buShell.dll [2017-10-17] (Symantec Corporation -> Symantec Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [Symantec.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files\Norton Security\Engine\22.11.1.5\NavShExt.dll [2017-10-17] (Symantec Corporation -> Symantec Corporation)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {08FE7231-0AAE-4A41-AB5D-392A0102F65D} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {10ECD0B2-2379-46E8-AFD5-E435C23A9073} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {15BE1C09-5C0F-4A4D-AF43-500423C254D9} - System32\Tasks\ACCAgent => C:\Program Files (x86)\Acer\Care Center\LiveUpdateAgent.exe (Acer Incorporated -> )
Task: {1F85401C-3957-4379-876A-2922DA9CE556} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {2736FAEF-CBE8-4357-8DAC-03495DF43FF6} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\sdxhelper.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {3387B13C-3E7D-45E2-9B7B-5070243F270A} - System32\Tasks\Acer Collection Monitor Application => C:\Program Files (x86)\Acer\Acer Collection\ACEMon.exe (Acer Incorporated -> Acer Incorporated)
Task: {3547B2E0-0F60-4E22-A015-34941001F0A7} - System32\Tasks\ACCBackgroundApplication => C:\Program Files (x86)\Acer\Care Center\ACCStd.exe (Acer Incorporated -> )
Task: {36B266CE-A465-4C01-B028-32FA374803F5} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
Task: {37C48C08-4019-4E5E-9B87-90CB490079DE} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {40D506D1-2FE6-4794-B27E-E4779EDD2370} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {4D3C9008-A0E7-484B-86DD-3A221BEB08B9} - System32\Tasks\ACC => C:\Program Files (x86)\Acer\Care Center\LiveUpdateChecker.exe (Acer Incorporated -> )
Task: {50537624-E12B-45E3-B601-2098E1EB11F9} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1902.2-0\MpCmdRun.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {5632FDFF-B04F-4D75-B17E-112AE7FE7A6D} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe (AVAST Software s.r.o. -> AVAST Software)
Task: {6631470B-4B06-4953-97B4-CA6A7BDCC775} - System32\Tasks\Norton WSC Integration => C:\Program Files\Norton Security\Engine\22.11.1.5\WSCStub.exe (Symantec Corporation -> Symantec Corporation)
Task: {670B4088-85B6-43EE-AE6A-B632E2FAAB08} - System32\Tasks\UbtFrameworkService => C:\Program Files\Acer\User Experience Improvement Program\Framework\TriggerFramework.exe (Acer Incorporated -> TODO: <Company name>)
Task: {6D2A064E-BF62-4AC6-9EB6-3FE824F6FE6A} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {7A77B5A6-80DF-4688-A8F9-0D694623939B} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe (Piriform Software Ltd -> Piriform Software Ltd)
Task: {90EB0C00-0EED-4508-A6F5-E0345828CFD9} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1902.2-0\MpCmdRun.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {9F925027-E1A9-45A4-80F9-481ED97888A6} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1902.2-0\MpCmdRun.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {A0D8B24C-7915-4C24-856C-4966395800C4} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe (Intel(R) Trust Services -> Intel(R) Corporation)
Task: {A2FADB1D-56DE-42A7-81B4-6661B67D1862} - System32\Tasks\Opera scheduled Autoupdate 1551580442 => C:\Users\Jose Angel Ramirez\AppData\Local\Programs\Opera\launcher.exe
Task: {A42FF458-C6A2-4B3D-A588-465FA92A693F} - System32\Tasks\Quick Access => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe (Acer Incorporated -> Acer Incorporated)
Task: {A9B892C9-AECF-4A44-A74E-4C1CDDD376B7} - System32\Tasks\DashlaneUpgradeCheck => net [Argument = start "Dashlane Upgrade Service"]
Task: {C2BE6944-9B13-4033-AE5C-94DC29508702} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe (Acer Incorporated -> Acer Incorporated)
Task: {CF47BF96-D54A-449A-8A6A-A70288B6E75F} - System32\Tasks\Power Button => C:\Program Files\Acer\Acer Quick Access\ePowerButton_NB.exe (Acer Incorporated -> Acer Incorporated)
Task: {DA62068E-9C53-4D69-839E-9699FD67D23F} - System32\Tasks\Acer Collection Application => C:\Program Files (x86)\Acer\Acer Collection\ACEStd.exe (Acer Incorporated -> )
Task: {DDFEA678-91EA-48EE-8115-CE4907738997} - System32\Tasks\AcerCMUpdateTask2.1.16258 => C:\Program Files (x86)\Acer\Amundsen\2.1.16258\AWC.exe (Acer Incorporated -> )
Task: {F2283D09-E544-490E-AD31-25E06BE40149} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1902.2-0\MpCmdRun.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {F9F95750-C3A6-48CD-BECC-B922EE6ACAB9} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
Task: {FB002A71-CCB7-489F-B62C-7EED1FBB06C9} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\sdxhelper.exe (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job => C:\Windows\explorer.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2018-12-26 14:18 - 2018-12-26 14:18 - 000231936 _____ (Dassault Systèmes SolidWorks Corporation) [File not signed] C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS\SWLoginClientCLR.dll
2018-12-26 14:17 - 2018-12-26 14:17 - 000020992 _____ (Dassault Systèmes SolidWorks Corporation) [File not signed] C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS\win7helperbaseu.dll
2018-12-26 17:11 - 2018-12-26 17:11 - 000196608 _____ (Dassault Systèmes SolidWorks Corporation) [File not signed] C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS\swccu.dll
2019-03-30 21:32 - 2019-03-30 23:46 - 003084800 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Quick.dll
2019-03-30 21:32 - 2019-03-30 23:46 - 000438272 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5WinExtras.dll
2019-03-30 21:32 - 2019-03-30 23:46 - 004571648 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Widgets.dll
2019-03-30 21:32 - 2019-03-30 23:46 - 002950144 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Qml.dll
2019-03-30 21:32 - 2019-03-30 23:46 - 005139968 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Gui.dll
2019-03-30 21:32 - 2019-03-30 23:46 - 005010944 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Core.dll
2019-03-30 21:32 - 2019-03-30 23:46 - 002234880 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Network.dll
2019-03-30 23:42 - 2019-03-30 23:46 - 001181184 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\platforms\qwindows.dll
2019-03-30 23:42 - 2019-03-30 23:46 - 000124928 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\styles\qwindowsvistastyle.dll
2019-03-30 23:46 - 2019-03-30 23:46 - 000026112 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\imageformats\qico.dll
2019-03-30 23:46 - 2019-03-30 23:46 - 000020992 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\imageformats\qsvg.dll
2019-03-30 21:32 - 2019-03-30 23:46 - 000259584 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Svg.dll
2019-03-30 23:46 - 2019-03-30 23:46 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick.2\qtquick2plugin.dll
2019-03-30 23:46 - 2019-03-30 23:46 - 000729088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls\qtquickcontrolsplugin.dll
2019-03-30 23:46 - 2019-03-30 23:46 - 000073216 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Layouts\qquicklayoutsplugin.dll
2019-03-30 23:46 - 2019-03-30 23:46 - 000179712 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Dialogs\dialogplugin.dll
2019-03-30 23:46 - 2019-03-30 23:46 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Window.2\windowplugin.dll
2019-03-30 23:46 - 2019-03-30 23:46 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQml\Models.2\modelsplugin.dll
2019-03-30 23:46 - 2019-03-30 23:46 - 000101888 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\PrivateWidgets\widgetsplugin.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2017-09-29 10:46 - 2019-03-30 23:59 - 000000880 _____ C:\Windows\system32\drivers\etc\hosts

0.0.0.0                   telemetry.malwarebytes.com

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path: C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Windows Kits\8.1\Windows Performance Toolkit\
HKU\S-1-5-21-559981516-1024437498-3407727514-1002\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\windows\img0.jpg
DNS Servers: 200.49.130.41 - 200.42.4.204
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

MSCONFIG\Services: AppReadiness => 3
HKLM\...\StartupApproved\Run: => "RTHDVCPL"
HKU\S-1-5-21-559981516-1024437498-3407727514-1002\...\StartupApproved\Run: => "OneDrive"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{F2FBBA58-14C9-4B02-AEBC-CC2008598BB3}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{0F51CC94-2A2A-49CA-8A30-7CBDD3210D60}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{5724B546-A6EE-4D4D-9796-83999F27EF44}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{BA1CD1A5-D11E-400B-900C-7515BF286968}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{64BCE481-E354-4735-A5FD-2F0706B6B6A9}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{FE45D888-3C1C-4748-A880-55AAD9508DC2}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{0D8B9F9C-36F0-4E61-92E0-F7CA8333C151}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{2D866E7B-F174-4D3A-99B6-CE4D042C7E13}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{6FC35EE2-3EE4-4FA4-A5D7-A9B2899AE959}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{4A8EDA97-625D-4E29-AF23-871D089BA35D}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{B1A65139-0C7A-4590-89DD-F81275DAB248}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{63148BF3-3E08-40CE-91FC-AC0534A810FE}] => (Allow) C:\Program Files\WindowsApps\OpenLabsLLC.58714A8CB3A31_4.0.7326.0_x64__xgwf4v8gps778\Stagelight.exe (Open Labs, LLC -> )
FirewallRules: [{59926D95-5086-43CB-8F0D-72D0C3929A9C}] => (Allow) C:\Program Files\WindowsApps\OpenLabsLLC.58714A8CB3A31_4.0.7326.0_x64__xgwf4v8gps778\Stagelight.exe (Open Labs, LLC -> )
FirewallRules: [{F72297CE-4E9B-46EA-93DD-8656B2F17612}] => (Allow) C:\Program Files\WindowsApps\OpenLabsLLC.58714A8CB3A31_4.0.7326.0_x64__xgwf4v8gps778\Stagelight.exe (Open Labs, LLC -> )
FirewallRules: [{50F51DD4-36A8-42F6-886C-C1DF735DF9FE}] => (Allow) C:\Program Files\WindowsApps\OpenLabsLLC.58714A8CB3A31_4.0.7326.0_x64__xgwf4v8gps778\Stagelight.exe (Open Labs, LLC -> )
FirewallRules: [{3FA4F948-3CC6-474D-B601-028C04A662C1}] => (Allow) C:\Program Files\WindowsApps\OpenLabsLLC.58714A8CB3A31_4.0.7326.0_x64__xgwf4v8gps778\Stagelight Container32.exe (Open Labs, LLC -> )
FirewallRules: [{4C5731FF-FF73-428C-9FC4-C869D5BF95B3}] => (Allow) C:\Program Files\WindowsApps\OpenLabsLLC.58714A8CB3A31_4.0.7326.0_x64__xgwf4v8gps778\Stagelight Container32.exe (Open Labs, LLC -> )
FirewallRules: [{B3A7FFEC-E7A1-4ADC-AB7A-3277FDFF4EF5}] => (Allow) C:\Program Files\WindowsApps\OpenLabsLLC.58714A8CB3A31_4.0.7326.0_x64__xgwf4v8gps778\Stagelight Container32.exe (Open Labs, LLC -> )
FirewallRules: [{ACE9DD2D-3B96-4128-8998-D6ECC1A14A4C}] => (Allow) C:\Program Files\WindowsApps\OpenLabsLLC.58714A8CB3A31_4.0.7326.0_x64__xgwf4v8gps778\Stagelight Container32.exe (Open Labs, LLC -> )
FirewallRules: [{29040CD8-5254-4E80-A197-11933197B999}] => (Allow) C:\Program Files\WindowsApps\OpenLabsLLC.58714A8CB3A31_4.0.7326.0_x64__xgwf4v8gps778\Stagelight Container64.exe (Open Labs, LLC -> )
FirewallRules: [{947F9F55-44A7-42F7-8352-72102F6A480C}] => (Allow) C:\Program Files\WindowsApps\OpenLabsLLC.58714A8CB3A31_4.0.7326.0_x64__xgwf4v8gps778\Stagelight Container64.exe (Open Labs, LLC -> )
FirewallRules: [{8C9B4967-5A0C-4DBB-83BF-07EDAB883C26}] => (Allow) C:\Program Files\WindowsApps\OpenLabsLLC.58714A8CB3A31_4.0.7326.0_x64__xgwf4v8gps778\Stagelight Container64.exe (Open Labs, LLC -> )
FirewallRules: [{0A6CE0CA-8C67-43EC-9491-09446629958B}] => (Allow) C:\Program Files\WindowsApps\OpenLabsLLC.58714A8CB3A31_4.0.7326.0_x64__xgwf4v8gps778\Stagelight Container64.exe (Open Labs, LLC -> )
FirewallRules: [{0A409F0B-25F1-474B-B2E6-9754C9B96F8E}] => (Allow) C:\Program Files (x86)\TeamViewer\Version5\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{96714D0D-1609-4548-BFF6-15D4B3076760}] => (Allow) C:\Program Files (x86)\TeamViewer\Version5\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [TCP Query User{C295079E-0F49-49AB-9C88-E91839A572ED}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{3C4B7903-5F74-46AF-B8F6-02574A14C5B1}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)

==================== Restore Points =========================


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================
#25
Application errors:
==================
Error: (04/02/2019 12:35:20 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: AWC.exe, versión: 2.1.16258.0, marca de tiempo: 0x57dc7237
Nombre del módulo con errores: unknown, versión: 0.0.0.0, marca de tiempo: 0x00000000
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x03c32e38
Identificador del proceso con errores: 0x2440
Hora de inicio de la aplicación con errores: 0x01d4e969adca4746
Ruta de acceso de la aplicación con errores: C:\Program Files (x86)\Acer\Amundsen\2.1.16258\AWC.exe
Ruta de acceso del módulo con errores: unknown
Identificador del informe: 93edfb12-c66e-4314-8c8f-a9a93cc2058d
Nombre completo del paquete con errores: 
Identificador de aplicación relativa del paquete con errores:

Error: (04/02/2019 12:35:20 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplicación: AWC.exe
Versión de Framework: v4.0.30319
Descripción: el proceso terminó debido a una excepción no controlada.
Información de la excepción: System.NullReferenceException
   en Amundsen.LSM.Load()
   en Amundsen.Program.TimeIntervalElapsed(Boolean)
   en Amundsen.Program.Main(System.String[])

Error: (04/02/2019 12:34:05 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: AWC.exe, versión: 2.1.16258.0, marca de tiempo: 0x57dc7237
Nombre del módulo con errores: unknown, versión: 0.0.0.0, marca de tiempo: 0x00000000
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x02c02e38
Identificador del proceso con errores: 0x2150
Hora de inicio de la aplicación con errores: 0x01d4e9693d64e2d4
Ruta de acceso de la aplicación con errores: C:\Program Files (x86)\Acer\Amundsen\2.1.16258\AWC.exe
Ruta de acceso del módulo con errores: unknown
Identificador del informe: d9edf759-3498-4adf-9112-4585e419e088
Nombre completo del paquete con errores: 
Identificador de aplicación relativa del paquete con errores:

Error: (04/02/2019 12:34:03 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplicación: AWC.exe
Versión de Framework: v4.0.30319
Descripción: el proceso terminó debido a una excepción no controlada.
Información de la excepción: System.NullReferenceException
   en Amundsen.LSM.Load()
   en Amundsen.Program.TimeIntervalElapsed(Boolean)
   en Amundsen.Program.Main(System.String[])

Error: (04/01/2019 09:14:02 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Error del procedimiento de apertura para el servicio "BITS" en el archivo DLL "C:\Windows\System32\bitsperf.dll". Los datos de rendimiento para este servicio no estarán disponibles. Los primeros cuatro bytes (DWORD) de la sección de datos contienen el código de error.

Error: (04/01/2019 08:36:28 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: AWC.exe, versión: 2.1.16258.0, marca de tiempo: 0x57dc7237
Nombre del módulo con errores: unknown, versión: 0.0.0.0, marca de tiempo: 0x00000000
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x03842e38
Identificador del proceso con errores: 0x2aac
Hora de inicio de la aplicación con errores: 0x01d4e8e3b8d434c2
Ruta de acceso de la aplicación con errores: C:\Program Files (x86)\Acer\Amundsen\2.1.16258\AWC.exe
Ruta de acceso del módulo con errores: unknown
Identificador del informe: 740d9d22-baeb-41d0-a258-7ee64ee04df9
Nombre completo del paquete con errores: 
Identificador de aplicación relativa del paquete con errores:

Error: (04/01/2019 08:36:28 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplicación: AWC.exe
Versión de Framework: v4.0.30319
Descripción: el proceso terminó debido a una excepción no controlada.
Información de la excepción: System.NullReferenceException
   en Amundsen.LSM.Load()
   en Amundsen.Program.TimeIntervalElapsed(Boolean)
   en Amundsen.Program.Main(System.String[])

Error: (04/01/2019 08:35:24 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: AWC.exe, versión: 2.1.16258.0, marca de tiempo: 0x57dc7237
Nombre del módulo con errores: unknown, versión: 0.0.0.0, marca de tiempo: 0x00000000
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x02d12e38
Identificador del proceso con errores: 0x2af8
Hora de inicio de la aplicación con errores: 0x01d4e8e3936b05c3
Ruta de acceso de la aplicación con errores: C:\Program Files (x86)\Acer\Amundsen\2.1.16258\AWC.exe
Ruta de acceso del módulo con errores: unknown
Identificador del informe: 1dafd15c-157f-4744-80b7-75f7793ef96b
Nombre completo del paquete con errores: 
Identificador de aplicación relativa del paquete con errores:


System errors:
=============
Error: (04/02/2019 12:29:15 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio Windows Presentation Foundation Font Cache 3.0.0.0 no pudo iniciarse debido al siguiente error: 
El servicio no respondió a tiempo a la solicitud de inicio o de control.

Error: (04/02/2019 12:29:15 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Se agotó el tiempo de espera (30000 ms) para la conexión con el servicio FontCache3.0.0.0.

Error: (04/02/2019 12:28:53 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 y APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 al usuario NT AUTHORITY\SERVICIO LOCAL con SID (S-1-5-19) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.

Error: (04/02/2019 12:28:53 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 y APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 al usuario NT AUTHORITY\SERVICIO LOCAL con SID (S-1-5-19) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.

Error: (04/02/2019 12:28:42 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio IntelAudioService no pudo iniciarse debido al siguiente error: 
El servicio no respondió a tiempo a la solicitud de inicio o de control.

Error: (04/02/2019 12:28:42 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Se agotó el tiempo de espera (30000 ms) para la conexión con el servicio IntelAudioService.

Error: (04/01/2019 09:14:01 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-KBKN1DCB)
Description: El servidor Microsoft.MicrosoftEdge_41.16299.1004.0_neutral__8wekyb3d8bbwe!ContentProcess no se registró con DCOM dentro del tiempo de espera requerido.

Error: (04/01/2019 08:30:36 PM) (Source: Tcpip) (EventID: 4199) (User: )
Description: El sistema ha detectado un conflicto por la dirección IP 0.0.0.0. La dirección 
de hardware de red es AE-84-C6-64-72-85, las operaciones de red en este sistema 
pueden verse afectadas por este problema.


Windows Defender:
===================================
Date: 2019-04-02 12:45:21.199
Description: 
Antivirus de Windows Defender detectó malware u otro software potencialmente no deseado.
Para obtener más información consulte lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win64/AutoKMS&threatid=2147723334&enterprise=0
Nombre: HackTool:Win64/AutoKMS
Id.: 2147723334
Gravedad: Alta
Categoría: Herramienta
Ruta de acceso: file:_C:\Windows\SECOH-QAD.exe
Origen de detección: Equipo local
Tipo de detección: Concreto
Fuente de detección: Protección en tiempo real
Usuario: LAPTOP-KBKN1DCB\Jose Angel Ramirez
Nombre de proceso: C:\Users\Jose Angel Ramirez\Downloads\FRST64.exe
Versión de firma: AV: 1.289.305.0, AS: 1.289.305.0, NIS: 1.289.305.0
Versión de motor: AM: 1.1.15700.9, NIS: 1.1.15700.9

Date: 2019-03-30 09:09:48.895
Description: 
Antivirus de Windows Defender detectó malware u otro software potencialmente no deseado.
Para obtener más información consulte lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win64/AutoKMS&threatid=2147723334&enterprise=0
Nombre: HackTool:Win64/AutoKMS
Id.: 2147723334
Gravedad: Alta
Categoría: Herramienta
Ruta de acceso: file:_C:\Windows\SECOH-QAD.dll
Origen de detección: Equipo local
Tipo de detección: Concreto
Fuente de detección: Sistema
Usuario: NT AUTHORITY\SYSTEM
Nombre de proceso: Unknown
Versión de firma: AV: 1.289.305.0, AS: 1.289.305.0, NIS: 1.289.305.0
Versión de motor: AM: 1.1.15700.9, NIS: 1.1.15700.9

Date: 2019-03-03 00:11:48.221
Description: 
Antivirus de Windows Defender detectó malware u otro software potencialmente no deseado.
Para obtener más información consulte lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win64/AutoKMS&threatid=2147723334&enterprise=0
Nombre: HackTool:Win64/AutoKMS
Id.: 2147723334
Gravedad: Alta
Categoría: Herramienta
Ruta de acceso: file:_C:\Windows\SECOH-QAD.dll
Origen de detección: Equipo local
Tipo de detección: Concreto
Fuente de detección: Protección en tiempo real
Usuario: NT AUTHORITY\SYSTEM
Nombre de proceso: C:\Program Files\KMSpico\Service_KMS.exe
Versión de firma: AV: 1.289.305.0, AS: 1.289.305.0, NIS: 1.289.305.0
Versión de motor: AM: 1.1.15700.9, NIS: 1.1.15700.9

Date: 2019-03-25 22:43:04.995
Description: 
Antivirus de Windows Defender encontró un error al intentar actualizar las firmas.
Nueva versión de firma: 
Versión de firma anterior: 1.289.305.0
Origen de actualización: Servidor de Microsoft Update
Tipo de firma: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\SYSTEM
Versión de motor actual: 
Versión de motor anterior: 1.1.15700.9
Código de error: 0x80240022
Descripción del error: El programa no puede buscar actualizaciones de definiciones. 

Date: 2019-03-25 22:43:04.994
Description: 
Antivirus de Windows Defender encontró un error al intentar actualizar las firmas.
Nueva versión de firma: 
Versión de firma anterior: 1.289.305.0
Origen de actualización: Servidor de Microsoft Update
Tipo de firma: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\SYSTEM
Versión de motor actual: 
Versión de motor anterior: 1.1.15700.9
Código de error: 0x80240022
Descripción del error: El programa no puede buscar actualizaciones de definiciones. 

Date: 2019-03-25 09:43:53.971
Description: 
Antivirus de Windows Defender encontró un error al intentar actualizar el motor.
Nueva versión de motor: 1.1.15800.1
Versión de motor anterior: 1.1.15700.9
Usuario: NT AUTHORITY\SYSTEM
Código de error: 0x80509004
Descripción del error: Problema inesperado. Instale todas las actualizaciones disponibles e intente iniciar el programa de nuevo. Para obtener más información sobre cómo instalar actualizaciones, consulte Ayuda y soporte técnico. 

Date: 2019-03-21 11:01:40.609
Description: 
Antivirus de Windows Defender encontró un error al intentar actualizar las firmas.
Nueva versión de firma: 
Versión de firma anterior: 1.289.305.0
Origen de actualización: Servidor de Microsoft Update
Tipo de firma: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\SYSTEM
Versión de motor actual: 
Versión de motor anterior: 1.1.15700.9
Código de error: 0x80240022
Descripción del error: El programa no puede buscar actualizaciones de definiciones. 

Date: 2019-03-21 11:01:40.609
Description: 
Antivirus de Windows Defender encontró un error al intentar actualizar las firmas.
Nueva versión de firma: 
Versión de firma anterior: 1.289.305.0
Origen de actualización: Servidor de Microsoft Update
Tipo de firma: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\SYSTEM
Versión de motor actual: 
Versión de motor anterior: 1.1.15700.9
Código de error: 0x80240022
Descripción del error: El programa no puede buscar actualizaciones de definiciones. 

CodeIntegrity:
===================================

Date: 2019-04-02 12:54:07.574
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-04-02 12:54:07.572
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-04-02 12:49:04.281
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-04-02 12:49:04.279
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-04-02 12:44:56.847
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2019-04-02 12:44:56.846
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2019-04-02 12:44:54.166
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2019-04-02 12:44:54.162
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i3-7020U CPU @ 2.30GHz
Percentage of memory in use: 55%
Total physical RAM: 3973.22 MB
Available physical RAM: 1773.2 MB
Total Virtual: 5365.22 MB
Available Virtual: 2829.04 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:930.4 GB) (Free:856.64 GB) NTFS

\\?\Volume{2f03e4c7-74c9-4eac-a537-2302fabb3677}\ (ESP) (Fixed) (Total:0.09 GB) (Free:0.05 GB) FAT32
\\?\Volume{6afee7c9-b763-4ca5-8704-5f45cad6d07d}\ (Recovery) (Fixed) (Total:1 GB) (Free:0.64 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: DB7F44D1)

Partition: GPT.

==================== End of Addition.txt ============================
#26

Lo primero y mas grave que se ve, es que tienes dos antivirus, Norton y Avast :-1:

Lo normal es que eso ademas de no poder ser, te ralentice el pc

Quita uno de los dos, despues de desinstalarlo, ejecuta la herramienta correspondiente de limpieza de ese antivirus y reinicia el pc

Luego:

Bien… y ahora sigue estos pasos, MUY Importante ~ Realiza una copia de seguridad del registro :

  • Para hacerlo descarga Delfix en tu escritorio.

  • Doble clic para ejecutarlo.(Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona "Ejecutar como Administrador.")

  • Atención, ahora marca/selecciona únicamente la casilla "Create registry backup", las demás NO

  • Pulsar en Run.

Se abrirá el informe (DelFix.txt), guárdalo por si fuera necesario y cierra la herramienta.


En el equipo con los demas programas cerrados:

Inicio >>> Ejecutar >>>Escribes notepad.exe.

Ahora copia y pega estos archivos dentro del Notepad:


Start
CreateRestorePoint:
CloseProcesses:

HKU\S-1-5-21-559981516-1024437498-3407727514-1002\...\MountPoints2: {d9917338-3859-11e9-af7b-505bc2647286} - "D:\HiSuiteDownLoader.exe" 
Toolbar: HKLM-x32 - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
2019-03-30 21:30 - 2019-02-05 14:52 - 064309056 _____ (Malwarebytes ) C:\Users\Jose Angel Ramirez\AppData\Local\Temp\mb3-setup-consumer-3.7.1.2839.exe

HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
END

Lo guardas bajo el nombre de fixlist.txt en el escritorio <<< Esto es muy importante.<<

Nota: Es importante que la Hta Frst.exe y fixlist.txt se encuentren en la misma ubicación (escritorio) o si no no trabajara.

  • Y ahora usa esta Faq de Windows ¿Cómo iniciar Windows en Modo Seguro (Aplicable a Windows 10)?, para trabajar desde ese modo de windows. (Usa el Metodo 1 y si no puedes, usa el Metodo 2)

  • Ejecutas Frst.exe.

  • Presionas el botón Fix y aguardas a que termine.

  • La Herramienta guardara el reporte en tu escritorio (Fixlog.txt).

Lo pegas en tu próxima respuesta, comentado como va el pc

Tambien te recomiendo que desde windows update actualices tu version de Windows 10, que ya se queda obsoleta.

Al darle a buscar actualizaciones te deberá salir actualización de características a version 1809, o puedes hacerlo desde:

https://www.microsoft.com/es-es/software-download/windows10

Dandole a “actualizar ahora”, puesto que ademas en breve saldra una nueva version este mes y mejor pasar por la anterior