¿Es software malicioso?


#1

Buenas tardes.

Revisando la pestaña de inicio en el administrador de tareas hay una aplicación que no se que es. ¿Es software malicioso? Concretamente se llama “Nkgurgedwi”.

Lo he deshabilitado por si acaso, pero no consigo eliminarlo… Cuando pincho en el no se habilita la opción de propiedades asi que no se donde podría estar ubicado.


#2

Hola Pirro

Realiza los siguientes pasos, aunque hayas hecho alguno, sin cambiar el orden:

1) Descarga, actualiza y ejecuta Malwarebytes’ Anti-Malware, revisa en detalle el manual, para que sepas usarlo y configurarlo.

  • Realiza un Análisis de amenazas, actualizando si te lo pide.
  • Pulsar en “Cuarentena seleccionado” para enviarlo a la cuarentena y Reinicias el sistema.
  • En el apartado del manual Informes :arrow_forward: Informe de análisis encontrarás el reporte de MBAM, clic en Exportar :arrow_forward: Copiar al portapapeles.

2) Descarga AdwCleaner | InfoSpyware en el escritorio.

  • Desactiva temporalmente el Antivirus :arrow_forward: Cómo deshabilitar temporalmente su Antivirus.
  • Cierra también todos los programas que tengas abiertos.
  • Ejecuta Adwcleaner.exe (Si usas Windows Vista/7 u 8 presiona clic derecho y selecciona "Ejecutar como Administrador".)
  • Pulsar en el botón Escanear, y espera a que se realice el proceso, inmediatamente pulsa sobre el botón Limpiar.
  • Espera a que se complete y sigue las instrucciones, si te pidiera Reiniciar el sistema Aceptas.
  • Guardas el reporte que te aparecerá, para copiarlo y pegarlo en tu próxima respuesta.
  • El informe también se puede encontrar en C:\AdwCleaner\AdwCleaner[C1].txt

3) Descarga CCleaner

  • Instala Ccleaner
  • Abres Ccleaner en la pestaña limpiador dejas como esta configurada predeterminadamente, haces clic en analizar esperas que termine :arrow_forward: clic en ejecutar limpiador
  • Clic en la pestaña Registro :arrow_forward: clic en buscar problemas esperas que termine :arrow_forward: clic en Reparar Seleccionadas y haces una copia de seguridad
  • Vuelves a darle clic en buscar problemas hasta que no encuentre ninguno.

Pega los reportes de Malwarebytes y AdwCleaner y comentas como va el problema.

Un saludo


#3

Antes de nada, gracias por tu rapidez a la hora de contestar Daniela.

Los programas ya los tenía descargados, dejo los informes, si consideras que debo volver a descargarlos me dices (licencia de Malwarebytes caducada).

Los informes:

  • Malwarebytes:
Malwarebytes
www.malwarebytes.com

-Detalles del registro-
Fecha del análisis: 18/11/18
Hora del análisis: 19:23
Archivo de registro: 045df942-eb5f-11e8-a7cc-408d5c228188.json

-Información del software-
Versión: 3.6.1.2711
Versión de los componentes: 1.0.482
Versión del paquete de actualización: 1.0.7907
Licencia: Caducado

-Información del sistema-
SO: Windows 10 (Build 17134.407)
CPU: x64
Sistema de archivos: NTFS
Usuario: DESKTOP-MMU55L8\Usuario_pc

-Resumen del análisis-
Tipo de análisis: Análisis de amenazas
Análisis iniciado por:: Manual
Resultado: Completado
Objetos analizados: 313175
Amenazas detectadas: 0
Amenazas en cuarentena: 0
Tiempo transcurrido: 4 min, 10 seg

-Opciones de análisis-
Memoria: Activado
Inicio: Activado
Sistema de archivos: Activado
Archivo: Activado
Rootkits: Desactivado
Heurística: Activado
PUP: Detectar
PUM: Detectar

-Detalles del análisis-
Proceso: 0
(No hay elementos maliciosos detectados)

Módulo: 0
(No hay elementos maliciosos detectados)

Clave del registro: 0
(No hay elementos maliciosos detectados)

Valor del registro: 0
(No hay elementos maliciosos detectados)

Datos del registro: 0
(No hay elementos maliciosos detectados)

Secuencia de datos: 0
(No hay elementos maliciosos detectados)

Carpeta: 0
(No hay elementos maliciosos detectados)

Archivo: 0
(No hay elementos maliciosos detectados)

Sector físico: 0
(No hay elementos maliciosos detectados)

WMI: 0
(No hay elementos maliciosos detectados)


(end)
  • AdwCleaner
# -------------------------------
# Malwarebytes AdwCleaner 7.2.4.0
# -------------------------------
# Build:    09-25-2018
# Database: 2018-11-14.2 (Cloud)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start:    11-18-2018
# Duration: 00:00:07
# OS:       Windows 10 Home
# Scanned:  32073
# Detected: 0


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.


AdwCleaner[S00].txt - [3266 octets] - [01/11/2018 18:59:13]
AdwCleaner[C00].txt - [3032 octets] - [01/11/2018 19:01:16]
AdwCleaner[S01].txt - [1400 octets] - [01/11/2018 23:06:41]
AdwCleaner[C01].txt - [1566 octets] - [01/11/2018 23:07:16]
AdwCleaner[S02].txt - [1522 octets] - [02/11/2018 15:37:28]
AdwCleaner[C02].txt - [1688 octets] - [02/11/2018 15:39:59]
AdwCleaner[S03].txt - [1616 octets] - [02/11/2018 15:59:30]
AdwCleaner[C03].txt - [1802 octets] - [02/11/2018 15:59:49]
AdwCleaner[S04].txt - [1738 octets] - [02/11/2018 19:59:03]
AdwCleaner[S05].txt - [1799 octets] - [18/11/2018 19:35:34]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S06].txt ##########

#4

Hola

Los reportes salen limpios, vamos a analizar más profundo tu equipo para ver si podemos eliminarlo.

Descarga Farbar Recovery Scan Tool.en el escritorio, seleccionando la versión adecuada para la arquitectura(32 o 64bits) de tu equipo. :arrow_forward: ¿Cómo saber si mi Windows es de 32 o 64 bits.?

  • Ejecuta FRST.exe.
  • En el mensaje de la ventana del Disclaimer, pulsamos Yes
  • En la ventana principal pulsamos en el botón Scan y esperamos a que concluya el proceso.
  • Se abrirán dos(2) archivos(Logs), Frst.txt y Addition.txt, estos quedaran grabados en el escritorio.

Pon los dos reportes generados.

Debes copiarlos y pegarlos con todo su contenido y usaras varios mensajes si recibes un mensaje de error indicando que es muy largo(mas de 50.000 caracteres aprox.).

Un saludo


#5

Hola.

Al intentar pegar los informes da el siguiente error: “Lo sentimos, pero los usuarios nuevos solo pueden mencionar a 2 usuarios en un post.”


#6

Hola

Pega el reporte en tu respuesta, lo seleccionas entero y presiona el símbolo Captura%20de%20pantalla%20(55) de la barra de herramientas.

Haz lo mismo con cada reportes.

Un saludo


#7

Hola.

Informe 1-1/2

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15.11.2018
Ran by Usuario_pc (administrator) on DESKTOP-MMU55L8 (18-11-2018 20:30:20)
Running from C:\Users\Usuario_pc\Desktop
Loaded Profiles: Usuario_pc (Available Profiles: Usuario_pc)
Platform: Windows 10 Home Version 1803 17134.407 (X64) Language: Español (España, internacional)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
() C:\Windows\SysWOW64\NMSAccess64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Program Files\rempl\sedsvc.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.34.81.0_x64__kzf8qxf38zg5c\SkypeApp.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.34.81.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
() C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18082.13811.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11001.20083.0_x64__8wekyb3d8bbwe\HxOutlook.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11001.20083.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13671792 2014-03-14] (Realtek Semiconductor)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [937920 2011-06-06] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-12-12] (Oracle Corporation)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [98024 2018-10-09] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-21-1265119368-708876424-1656143655-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\Steam.exe [3131680 2018-11-10] (Valve Corporation)
HKU\S-1-5-21-1265119368-708876424-1656143655-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9292504 2016-12-21] (Piriform Ltd)
HKU\S-1-5-21-1265119368-708876424-1656143655-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\Bubbles.scr [804352 2018-04-12] (Microsoft Corporation)
Startup: C:\Users\Usuario_pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\9c6279fe2b5068b8b3b6374549ae89e0.lnk [2018-11-01]
ShortcutTarget: 9c6279fe2b5068b8b3b6374549ae89e0.lnk -> C:\DESKTOP-MMU55L8\nkgurgedwi.exe (No File)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 80.58.61.254 80.58.61.250
Tcpip\..\Interfaces\{350a4b25-aa7e-4a89-b03f-141bbaae4e39}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{a5a691a5-d48c-4859-9b40-bb94e9828921}: [DhcpNameServer] 80.58.61.254 80.58.61.250

Internet Explorer:
==================
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-09-05] (Adobe Systems Incorporated)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\ssv.dll [2017-04-15] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-04-15] (Oracle Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Usuario_pc\AppData\Roaming\Mozilla\Firefox\Profiles\VZTuUAxo.default [2018-11-18]
FF Extension: (Avira Navegación segura) - C:\Users\Usuario_pc\AppData\Roaming\Mozilla\Firefox\Profiles\VZTuUAxo.default\Extensions\[email protected] [2018-10-26]
FF Extension: (Adblock Plus (versión de desarrollo)) - C:\Users\Usuario_pc\AppData\Roaming\Mozilla\Firefox\Profiles\VZTuUAxo.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2018-11-16]
FF Extension: (Firefox Monitor) - C:\Users\Usuario_pc\AppData\Roaming\Mozilla\Firefox\Profiles\VZTuUAxo.default\features\{2769daac-3576-46df-8439-bfd5ab06cb55}\[email protected] [2018-11-14]
FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-01-30] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll [2015-10-16] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll [2017-04-15] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\plugin2\npjp2.dll [2017-04-15] (Oracle Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2018-11-13] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2018-11-13] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-17] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2011-09-05] (Adobe Systems Inc.)

Chrome: 
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxps://www.google.es/?gws_rd=ssl
CHR Profile: C:\Users\Usuario_pc\AppData\Local\Google\Chrome\User Data\Default [2018-11-18]
CHR Extension: (Adblock Plus) - C:\Users\Usuario_pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2018-11-18]
CHR Extension: (Avira Navegación segura) - C:\Users\Usuario_pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2018-11-01]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Usuario_pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-07]
CHR Extension: (Chrome Media Router) - C:\Users\Usuario_pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-11-01]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [891472 2018-11-12] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [248312 2018-11-12] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [248312 2018-11-12] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1162120 2018-11-12] (Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [431688 2018-10-09] (Avira Operations GmbH & Co. KG)
R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [365040 2017-10-20] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation)
R3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6347056 2018-09-19] (Malwarebytes)
R2 NMSAccess64; C:\Windows\SysWOW64\NMSAccess64.exe [82872 2009-01-12] ()
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [773160 2018-10-10] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [773160 2018-10-10] (NVIDIA Corporation)
S4 ssh-agent; C:\Windows\System32\OpenSSH\ssh-agent.exe [495616 2018-03-10] ()
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1806.18062-0\NisSrv.exe [3925648 2018-07-07] (Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1806.18062-0\MsMpEng.exe [100080 2018-07-07] (Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000 
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 avdevprot; C:\Windows\System32\DRIVERS\avdevprot.sys [69656 2018-08-10] (Avira Operations GmbH & Co. KG)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [179376 2018-07-08] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [169864 2018-07-08] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [44488 2017-03-28] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [88488 2017-03-28] (Avira Operations GmbH & Co. KG)
S3 DIRECTIO; C:\Program Files (x86)\BurnInTest\DirectIo.sys [15872 2008-03-19] ()
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [260480 2018-11-18] (Malwarebytes)
R3 netr28ux; C:\Windows\System32\drivers\netr28ux.sys [2224128 2018-04-12] (MediaTek Inc.)
R3 nvlddmkm; C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_6992f55a2cc4b209\nvlddmkm.sys [20371952 2018-11-13] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30792 2018-08-21] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [69544 2018-06-08] (NVIDIA Corporation)
R3 nvvhci; C:\Windows\System32\drivers\nvvhci.sys [74576 2018-11-13] (NVIDIA Corporation)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [604160 2018-04-12] (Realtek )
S3 WdBoot; C:\Windows\system32\drivers\wd\WdBoot.sys [46592 2018-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\wd\WdFilter.sys [340008 2018-07-07] (Microsoft Corporation)
S3 wdm_usb; C:\Windows\system32\DRIVERS\usb2ser.sys [159936 2016-08-16] (MBB)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [59944 2018-07-07] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-11-18 20:30 - 2018-11-18 20:31 - 000016772 _____ C:\Users\Usuario_pc\Desktop\FRST.txt
2018-11-18 20:30 - 2018-11-18 20:30 - 000000000 ____D C:\FRST
2018-11-18 20:28 - 2018-11-18 20:28 - 002416128 _____ (Farbar) C:\Users\Usuario_pc\Desktop\FRST64.exe
2018-11-18 19:37 - 2018-11-18 19:37 - 000001860 _____ C:\Users\Usuario_pc\Desktop\AdwCleaner[S06].txt
2018-11-18 19:33 - 2018-11-18 19:33 - 000001556 _____ C:\Users\Usuario_pc\Desktop\malwarebytes.txt
2018-11-18 18:09 - 2018-11-18 18:09 - 000260480 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2018-11-18 13:20 - 2018-11-18 13:20 - 000002442 _____ C:\Users\Usuario_pc\Documents\cc_20181118_132007.reg
2018-11-17 11:56 - 2018-11-13 02:50 - 000133432 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2018-11-17 11:55 - 2018-11-17 11:56 - 000000000 ____D C:\Windows\LastGood.Tmp
2018-11-17 11:53 - 2018-11-13 20:05 - 000243616 _____ C:\Windows\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2018-11-17 11:53 - 2018-11-13 20:05 - 000243616 _____ C:\Windows\SysWOW64\vulkaninfo.exe
2018-11-17 11:53 - 2018-11-13 20:04 - 000978336 _____ C:\Windows\system32\vulkan-1-999-0-0-0.dll
2018-11-17 11:53 - 2018-11-13 20:04 - 000978336 _____ C:\Windows\system32\vulkan-1.dll
2018-11-17 11:53 - 2018-11-13 20:04 - 000845216 _____ C:\Windows\SysWOW64\vulkan-1-999-0-0-0.dll
2018-11-17 11:53 - 2018-11-13 20:04 - 000845216 _____ C:\Windows\SysWOW64\vulkan-1.dll
2018-11-17 11:53 - 2018-11-13 20:04 - 000552272 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2018-11-17 11:53 - 2018-11-13 20:04 - 000457328 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2018-11-17 11:53 - 2018-11-13 20:04 - 000268176 _____ C:\Windows\system32\vulkaninfo-1-999-0-0-0.exe
2018-11-17 11:53 - 2018-11-13 20:04 - 000268176 _____ C:\Windows\system32\vulkaninfo.exe
2018-11-17 11:53 - 2018-11-13 20:03 - 040254240 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2018-11-17 11:53 - 2018-11-13 20:03 - 035151560 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2018-11-17 11:53 - 2018-11-13 20:03 - 015908696 _____ (NVIDIA Corporation) C:\Windows\system32\nvptxJitCompiler.dll
2018-11-17 11:53 - 2018-11-13 20:03 - 013203400 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvptxJitCompiler.dll
2018-11-17 11:53 - 2018-11-13 20:03 - 004941440 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2018-11-17 11:53 - 2018-11-13 20:03 - 004313568 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2018-11-17 11:53 - 2018-11-13 20:03 - 002017736 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6441694.dll
2018-11-17 11:53 - 2018-11-13 20:03 - 002000000 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2018-11-17 11:53 - 2018-11-13 20:03 - 001509160 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2018-11-17 11:53 - 2018-11-13 20:03 - 001468032 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6441694.dll
2018-11-17 11:53 - 2018-11-13 20:03 - 001457096 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2018-11-17 11:53 - 2018-11-13 20:03 - 001124648 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2018-11-17 11:53 - 2018-11-13 20:03 - 000822576 _____ (NVIDIA Corporation) C:\Windows\system32\nvmcumd.dll
2018-11-17 11:53 - 2018-11-13 20:03 - 000750024 _____ (NVIDIA Corporation) C:\Windows\system32\nvDecMFTMjpeg.dll
2018-11-17 11:53 - 2018-11-13 20:03 - 000631776 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2018-11-17 11:53 - 2018-11-13 20:03 - 000609056 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvDecMFTMjpeg.dll
2018-11-17 11:53 - 2018-11-13 20:03 - 000521672 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2018-11-17 11:53 - 2018-11-13 20:02 - 019709024 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2018-11-17 11:53 - 2018-11-13 20:02 - 016986448 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2018-11-17 11:53 - 2018-11-13 20:02 - 004252824 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2018-11-17 11:53 - 2018-11-13 20:02 - 001471616 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncMFThevc.dll
2018-11-17 11:53 - 2018-11-13 20:02 - 001462216 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncMFTH264.dll
2018-11-17 11:53 - 2018-11-13 20:02 - 001167776 _____ (NVIDIA Corporation) C:\Windows\system32\nvfatbinaryLoader.dll
2018-11-17 11:53 - 2018-11-13 20:02 - 001152176 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncMFThevc.dll
2018-11-17 11:53 - 2018-11-13 20:02 - 001145912 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncMFTH264.dll
2018-11-17 11:53 - 2018-11-13 20:02 - 000914776 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvfatbinaryLoader.dll
2018-11-17 11:53 - 2018-11-13 20:02 - 000794824 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2018-11-17 11:53 - 2018-11-13 20:02 - 000637672 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2018-11-17 11:53 - 2018-11-13 04:23 - 000047384 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2018-11-16 16:29 - 2018-11-16 16:29 - 000000000 ____D C:\Program Files\rempl
2018-11-13 20:52 - 2018-11-01 12:46 - 002394960 _____ (Microsoft Corporation) C:\Windows\system32\WMVCORE.DLL
2018-11-13 20:52 - 2018-11-01 12:45 - 004527776 _____ (Microsoft Corporation) C:\Windows\system32\sppsvc.exe
2018-11-13 20:52 - 2018-11-01 12:45 - 001617320 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll
2018-11-13 20:52 - 2018-11-01 12:31 - 006602240 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2018-11-13 20:52 - 2018-11-01 12:29 - 012710400 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2018-11-13 20:52 - 2018-11-01 12:28 - 004491264 _____ (Microsoft Corporation) C:\Windows\system32\xpsrchvw.exe
2018-11-13 20:52 - 2018-11-01 12:28 - 003649024 _____ (Microsoft Corporation) C:\Windows\system32\win32kfull.sys
2018-11-13 20:52 - 2018-11-01 10:59 - 005669888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2018-11-13 20:52 - 2018-11-01 10:56 - 011902464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2018-11-13 20:52 - 2018-11-01 10:52 - 002892800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32kfull.sys
2018-11-13 20:52 - 2018-11-01 10:15 - 023861760 _____ (Microsoft Corporation) C:\Windows\system32\Hydrogen.dll
2018-11-13 20:52 - 2018-11-01 10:13 - 019525120 _____ (Microsoft Corporation) C:\Windows\system32\HologramCompositor.dll
2018-11-13 20:52 - 2018-11-01 08:39 - 001035256 _____ (Microsoft Corporation) C:\Windows\system32\ApplyTrustOffline.exe
2018-11-13 20:52 - 2018-11-01 08:28 - 001221432 _____ (Microsoft Corporation) C:\Windows\system32\hvix64.exe
2018-11-13 20:52 - 2018-11-01 08:28 - 001029944 _____ (Microsoft Corporation) C:\Windows\system32\hvax64.exe
2018-11-13 20:52 - 2018-11-01 08:27 - 001017152 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2adec.dll
2018-11-13 20:52 - 2018-11-01 08:26 - 007432120 _____ (Microsoft Corporation) C:\Windows\system32\windows.storage.dll
2018-11-13 20:52 - 2018-11-01 08:26 - 003291640 _____ (Microsoft Corporation) C:\Windows\system32\combase.dll
2018-11-13 20:52 - 2018-11-01 08:26 - 003180080 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2018-11-13 20:52 - 2018-11-01 08:25 - 009089848 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2018-11-13 20:52 - 2018-11-01 08:25 - 007520088 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Protection.PlayReady.dll
2018-11-13 20:52 - 2018-11-01 08:25 - 004404912 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
2018-11-13 20:52 - 2018-11-01 08:25 - 002822456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2018-11-13 20:52 - 2018-11-01 08:25 - 002571320 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2018-11-13 20:52 - 2018-11-01 08:25 - 002371296 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2018-11-13 20:52 - 2018-11-01 08:25 - 001784680 _____ (Microsoft Corporation) C:\Windows\system32\mfasfsrcsnk.dll
2018-11-13 20:52 - 2018-11-01 08:25 - 001288920 _____ (Microsoft Corporation) C:\Windows\system32\mfmpeg2srcsnk.dll
2018-11-13 20:52 - 2018-11-01 08:09 - 025855488 _____ (Microsoft Corporation) C:\Windows\system32\edgehtml.dll
2018-11-13 20:52 - 2018-11-01 08:03 - 003397120 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll
2018-11-13 20:52 - 2018-11-01 08:01 - 022716416 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2018-11-13 20:52 - 2018-11-01 08:01 - 009084928 _____ (Microsoft Corporation) C:\Windows\system32\BingMaps.dll
2018-11-13 20:52 - 2018-11-01 08:01 - 007057408 _____ (Microsoft Corporation) C:\Windows\system32\mos.dll
2018-11-13 20:52 - 2018-11-01 08:00 - 008189440 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2018-11-13 20:52 - 2018-11-01 08:00 - 006031360 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2018-11-13 20:52 - 2018-11-01 08:00 - 003392000 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2018-11-13 20:52 - 2018-11-01 07:58 - 007573504 _____ (Microsoft Corporation) C:\Windows\system32\Chakra.dll
2018-11-13 20:52 - 2018-11-01 07:58 - 004867072 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2018-11-13 20:52 - 2018-11-01 07:58 - 004383744 _____ (Microsoft Corporation) C:\Windows\system32\EdgeContent.dll
2018-11-13 20:52 - 2018-11-01 07:57 - 001804288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2018-11-13 20:52 - 2018-11-01 07:56 - 001768448 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2018-11-13 20:52 - 2018-11-01 07:56 - 001395200 _____ (Microsoft Corporation) C:\Windows\system32\TokenBroker.dll
2018-11-13 20:52 - 2018-11-01 07:55 - 002738688 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2018-11-13 20:52 - 2018-11-01 07:53 - 002248192 _____ (Microsoft Corporation) C:\Windows\system32\wlidsvc.dll
2018-11-13 20:52 - 2018-11-01 07:53 - 001373696 _____ (Microsoft Corporation) C:\Windows\system32\usocore.dll
2018-11-13 20:52 - 2018-11-01 07:53 - 001159680 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2018-11-13 20:52 - 2018-11-01 05:50 - 000861712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2adec.dll
2018-11-13 20:52 - 2018-11-01 05:48 - 006039064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\windows.storage.dll
2018-11-13 20:52 - 2018-11-01 05:48 - 004790184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll
2018-11-13 20:52 - 2018-11-01 05:48 - 002478872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\combase.dll
2018-11-13 20:52 - 2018-11-01 05:48 - 002331480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2018-11-13 20:52 - 2018-11-01 05:47 - 006570368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Protection.PlayReady.dll
2018-11-13 20:52 - 2018-11-01 05:47 - 001980776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2018-11-13 20:52 - 2018-11-01 05:47 - 001379792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfasfsrcsnk.dll
2018-11-13 20:52 - 2018-11-01 05:47 - 001020064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmpeg2srcsnk.dll
2018-11-13 20:52 - 2018-11-01 05:40 - 022015488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgehtml.dll
2018-11-13 20:52 - 2018-11-01 05:35 - 019403776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2018-11-13 20:52 - 2018-11-01 05:34 - 002700288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2018-11-13 20:52 - 2018-11-01 05:33 - 006661632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2018-11-13 20:52 - 2018-11-01 05:33 - 003711488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2018-11-13 20:52 - 2018-11-01 05:30 - 005883904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mos.dll
2018-11-13 20:52 - 2018-11-01 05:30 - 005775872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakra.dll
2018-11-13 20:52 - 2018-11-01 05:27 - 001627648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2018-11-13 20:52 - 2018-10-21 14:00 - 021386368 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2018-11-13 20:52 - 2018-10-21 14:00 - 001516120 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2018-11-13 20:52 - 2018-10-21 13:46 - 013572096 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2018-11-13 20:52 - 2018-10-21 13:46 - 004393472 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_nt.dll
2018-11-13 20:52 - 2018-10-21 12:38 - 001322376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2018-11-13 20:52 - 2018-10-21 12:37 - 020381808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2018-11-13 20:52 - 2018-10-21 12:28 - 012501504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2018-11-13 20:52 - 2018-10-21 08:48 - 005602456 _____ (Microsoft Corporation) C:\Windows\system32\StartTileData.dll
2018-11-13 20:52 - 2018-10-21 08:45 - 003283512 _____ (Microsoft Corporation) C:\Windows\system32\CoreUIComponents.dll
2018-11-13 20:52 - 2018-10-21 08:45 - 000607136 _____ (Microsoft Corporation) C:\Windows\system32\TextInputFramework.dll
2018-11-13 20:52 - 2018-10-21 08:28 - 016592384 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2018-11-13 20:52 - 2018-10-21 08:22 - 004710912 _____ (Microsoft Corporation) C:\Windows\system32\cdp.dll
2018-11-13 20:52 - 2018-10-21 08:19 - 002487088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CoreUIComponents.dll
2018-11-13 20:52 - 2018-10-21 08:17 - 001826816 _____ (Microsoft Corporation) C:\Windows\system32\Windows.CloudStore.dll
2018-11-13 20:52 - 2018-10-21 08:17 - 001668096 _____ (Microsoft Corporation) C:\Windows\system32\cdprt.dll
2018-11-13 20:52 - 2018-10-21 08:16 - 002368512 _____ (Microsoft Corporation) C:\Windows\system32\WebRuntimeManager.dll
2018-11-13 20:52 - 2018-10-21 08:15 - 003212800 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2018-11-13 20:52 - 2018-10-21 08:15 - 002904064 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2018-11-13 20:52 - 2018-10-21 08:14 - 002224640 _____ (Microsoft Corporation) C:\Windows\system32\win32kbase.sys
2018-11-13 20:52 - 2018-10-21 08:14 - 001854976 _____ (Microsoft Corporation) C:\Windows\system32\wevtsvc.dll
2018-11-13 20:52 - 2018-10-21 08:09 - 013873664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2018-11-13 20:52 - 2018-10-21 08:02 - 002966528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cdp.dll
2018-11-13 20:51 - 2018-11-01 12:49 - 000348160 _____ (Microsoft Corporation) C:\Windows\system32\MusNotifyIcon.exe
2018-11-13 20:51 - 2018-11-01 12:45 - 001376672 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2018-11-13 20:51 - 2018-11-01 12:32 - 000064000 _____ (Microsoft Corporation) C:\Windows\system32\iemigplugin.dll
2018-11-13 20:51 - 2018-11-01 12:30 - 000122368 _____ (Microsoft Corporation) C:\Windows\system32\musdialoghandlers.dll
2018-11-13 20:51 - 2018-11-01 12:30 - 000029696 _____ (Microsoft Corporation) C:\Windows\system32\msisip.dll
2018-11-13 20:51 - 2018-11-01 12:29 - 000073728 _____ (Microsoft Corporation) C:\Windows\system32\SMSRouter.dll
2018-11-13 20:51 - 2018-11-01 12:28 - 000253952 _____ (Microsoft Corporation) C:\Windows\system32\prnntfy.dll
2018-11-13 20:51 - 2018-11-01 12:27 - 001121792 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2018-11-13 20:51 - 2018-11-01 12:27 - 000878592 _____ (Microsoft Corporation) C:\Windows\system32\CPFilters.dll
2018-11-13 20:51 - 2018-11-01 12:26 - 001364992 _____ (Microsoft Corporation) C:\Windows\system32\bcastdvruserservice.dll
2018-11-13 20:51 - 2018-11-01 12:26 - 000503296 _____ (Microsoft Corporation) C:\Windows\system32\sppcext.dll
2018-11-13 20:51 - 2018-11-01 12:26 - 000392192 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2018-11-13 20:51 - 2018-11-01 12:25 - 000577024 _____ (Microsoft Corporation) C:\Windows\system32\SppExtComObj.Exe
2018-11-13 20:51 - 2018-11-01 11:09 - 001027000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2018-11-13 20:51 - 2018-11-01 10:56 - 000226304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\prnntfy.dll
2018-11-13 20:51 - 2018-11-01 10:56 - 000024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msisip.dll
2018-11-13 20:51 - 2018-11-01 10:54 - 003397632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xpsrchvw.exe
2018-11-13 20:51 - 2018-11-01 10:54 - 000344576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2018-11-13 20:51 - 2018-11-01 10:53 - 000908288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2018-11-13 20:51 - 2018-11-01 08:38 - 000269336 _____ (Microsoft Corporation) C:\Windows\system32\SgrmEnclave_secure.dll
2018-11-13 20:51 - 2018-11-01 08:37 - 000272408 _____ (Microsoft Corporation) C:\Windows\system32\SgrmEnclave.dll
2018-11-13 20:51 - 2018-11-01 08:28 - 001062712 _____ (Microsoft Corporation) C:\Windows\system32\SecConfig.efi
2018-11-13 20:51 - 2018-11-01 08:28 - 000566568 _____ (Microsoft Corporation) C:\Windows\system32\tcblaunch.exe
2018-11-13 20:51 - 2018-11-01 08:28 - 000134968 _____ (Microsoft Corporation) C:\Windows\system32\hvloader.dll
2018-11-13 20:51 - 2018-11-01 08:28 - 000076088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hvservice.sys
2018-11-13 20:51 - 2018-11-01 08:27 - 000491200 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2018-11-13 20:51 - 2018-11-01 08:26 - 001363536 _____ (Microsoft Corporation) C:\Windows\system32\WinTypes.dll
2018-11-13 20:51 - 2018-11-01 08:25 - 001934808 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2018-11-13 20:51 - 2018-11-01 08:25 - 001456728 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2018-11-13 20:51 - 2018-11-01 08:25 - 001257880 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2018-11-13 20:51 - 2018-11-01 08:25 - 001209888 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2018-11-13 20:51 - 2018-11-01 08:25 - 001190248 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2018-11-13 20:51 - 2018-11-01 08:25 - 001140672 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2018-11-13 20:51 - 2018-11-01 08:25 - 000982592 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2018-11-13 20:51 - 2018-11-01 08:25 - 000885968 _____ (Microsoft Corporation) C:\Windows\system32\CoreMessaging.dll
2018-11-13 20:51 - 2018-11-01 08:25 - 000793080 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms2.sys
2018-11-13 20:51 - 2018-11-01 08:25 - 000713472 _____ (Microsoft Corporation) C:\Windows\system32\MSVideoDSP.dll
2018-11-13 20:51 - 2018-11-01 08:25 - 000594224 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2018-11-13 20:51 - 2018-11-01 08:25 - 000463672 _____ (Microsoft Corporation) C:\Windows\system32\coml2.dll
2018-11-13 20:51 - 2018-11-01 08:25 - 000413720 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2018-11-13 20:51 - 2018-11-01 08:25 - 000412984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2018-11-13 20:51 - 2018-11-01 08:25 - 000375824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msrpc.sys
2018-11-13 20:51 - 2018-11-01 08:25 - 000268088 _____ (Microsoft Corporation) C:\Windows\system32\browserbroker.dll
2018-11-13 20:51 - 2018-11-01 08:25 - 000261000 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2018-11-13 20:51 - 2018-11-01 08:03 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\dusmtask.exe
2018-11-13 20:51 - 2018-11-01 08:02 - 000047104 _____ (Microsoft Corporation) C:\Windows\system32\dusmapi.dll
2018-11-13 20:51 - 2018-11-01 08:02 - 000023552 _____ (Microsoft Corporation) C:\Windows\system32\CSystemEventsBrokerClient.dll
2018-11-13 20:51 - 2018-11-01 08:00 - 000433664 _____ (Microsoft Corporation) C:\Windows\system32\MusNotification.exe
2018-11-13 20:51 - 2018-11-01 08:00 - 000209408 _____ (Microsoft Corporation) C:\Windows\system32\AppXApplicabilityBlob.dll
2018-11-13 20:51 - 2018-11-01 07:59 - 000322048 _____ (Microsoft Corporation) C:\Windows\system32\MusNotificationUx.exe
2018-11-13 20:51 - 2018-11-01 07:59 - 000241152 _____ (Microsoft Corporation) C:\Windows\system32\tetheringservice.dll
2018-11-13 20:51 - 2018-11-01 07:59 - 000192000 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2018-11-13 20:51 - 2018-11-01 07:59 - 000176128 _____ (Microsoft Corporation) C:\Windows\system32\WPTaskScheduler.dll
2018-11-13 20:51 - 2018-11-01 07:59 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\dab.dll
2018-11-13 20:51 - 2018-11-01 07:58 - 000530432 _____ (Microsoft Corporation) C:\Windows\system32\MapConfiguration.dll
2018-11-13 20:51 - 2018-11-01 07:58 - 000273408 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll
2018-11-13 20:51 - 2018-11-01 07:58 - 000154112 _____ (Microsoft Corporation) C:\Windows\system32\Chakradiag.dll
2018-11-13 20:51 - 2018-11-01 07:58 - 000149504 _____ (Microsoft Corporation) C:\Windows\system32\dssvc.dll
2018-11-13 20:51 - 2018-11-01 07:57 - 003381248 _____ (Microsoft Corporation) C:\Windows\system32\MapRouter.dll
2018-11-13 20:51 - 2018-11-01 07:57 - 002825728 _____ (Microsoft Corporation) C:\Windows\system32\MapGeocoder.dll
2018-11-13 20:51 - 2018-11-01 07:57 - 002364928 _____ (Microsoft Corporation) C:\Windows\system32\OpcServices.dll
2018-11-13 20:51 - 2018-11-01 07:57 - 001708544 _____ (Microsoft Corporation) C:\Windows\system32\MSPhotography.dll
2018-11-13 20:51 - 2018-11-01 07:57 - 000898560 _____ (Microsoft Corporation) C:\Windows\system32\MusUpdateHandlers.dll
2018-11-13 20:51 - 2018-11-01 07:57 - 000894464 _____ (Microsoft Corporation) C:\Windows\system32\webplatstorageserver.dll
2018-11-13 20:51 - 2018-11-01 07:57 - 000835584 _____ (Microsoft Corporation) C:\Windows\system32\PhoneService.dll
2018-11-13 20:51 - 2018-11-01 07:57 - 000808448 _____ (Microsoft Corporation) C:\Windows\system32\EdgeManager.dll
2018-11-13 20:51 - 2018-11-01 07:57 - 000726528 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2018-11-13 20:51 - 2018-11-01 07:57 - 000356352 _____ (Microsoft Corporation) C:\Windows\system32\dusmsvc.dll
2018-11-13 20:51 - 2018-11-01 07:57 - 000281600 _____ (Microsoft Corporation) C:\Windows\system32\SystemEventsBrokerServer.dll
2018-11-13 20:51 - 2018-11-01 07:57 - 000265728 _____ (Microsoft Corporation) C:\Windows\system32\psmsrv.dll
2018-11-13 20:51 - 2018-11-01 07:56 - 002929664 _____ (Microsoft Corporation) C:\Windows\system32\xpsservices.dll
2018-11-13 20:51 - 2018-11-01 07:56 - 002172928 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.onecore.dll
2018-11-13 20:51 - 2018-11-01 07:56 - 000506880 _____ (Microsoft Corporation) C:\Windows\system32\netprofmsvc.dll
2018-11-13 20:51 - 2018-11-01 07:55 - 001058304 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2018-11-13 20:51 - 2018-11-01 07:55 - 000684544 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll
2018-11-13 20:51 - 2018-11-01 07:54 - 001679360 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2018-11-13 20:51 - 2018-11-01 07:54 - 001551360 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.desktop.dll
2018-11-13 20:51 - 2018-11-01 07:54 - 001264640 _____ (Microsoft Corporation) C:\Windows\system32\JpMapControl.dll
2018-11-13 20:51 - 2018-11-01 07:54 - 001225216 _____ (Microsoft Corporation) C:\Windows\system32\MapsStore.dll
2018-11-13 20:51 - 2018-11-01 07:54 - 001023488 _____ (Microsoft Corporation) C:\Windows\system32\ShareHost.dll
2018-11-13 20:51 - 2018-11-01 07:54 - 000943616 _____ (Microsoft Corporation) C:\Windows\system32\BingOnlineServices.dll
2018-11-13 20:51 - 2018-11-01 07:54 - 000916480 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Security.Authentication.Web.Core.dll
2018-11-13 20:51 - 2018-11-01 07:54 - 000895488 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Security.Authentication.OnlineId.dll
2018-11-13 20:51 - 2018-11-01 07:54 - 000884736 _____ (Microsoft Corporation) C:\Windows\system32\MapControlCore.dll
2018-11-13 20:51 - 2018-11-01 07:54 - 000796672 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
2018-11-13 20:51 - 2018-11-01 07:54 - 000606208 _____ (Microsoft Corporation) C:\Windows\system32\updatehandlers.dll
2018-11-13 20:51 - 2018-11-01 07:53 - 000889344 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2018-11-13 20:51 - 2018-11-01 07:53 - 000542208 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2018-11-13 20:51 - 2018-11-01 07:53 - 000406528 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2018-11-13 20:51 - 2018-11-01 06:39 - 000001310 _____ C:\Windows\system32\tcbres.wim
2018-11-13 20:51 - 2018-11-01 06:08 - 002417952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2018-11-13 20:51 - 2018-11-01 05:50 - 000786288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2018-11-13 20:51 - 2018-11-01 05:48 - 001805656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2018-11-13 20:51 - 2018-11-01 05:48 - 001011872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2018-11-13 20:51 - 2018-11-01 05:48 - 000880248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinTypes.dll
2018-11-13 20:51 - 2018-11-01 05:48 - 000384520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\coml2.dll
2018-11-13 20:51 - 2018-11-01 05:47 - 000581600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVideoDSP.dll
2018-11-13 20:51 - 2018-11-01 05:47 - 000567256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CoreMessaging.dll
2018-11-13 20:51 - 2018-11-01 05:47 - 000129304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2018-11-13 20:51 - 2018-11-01 05:32 - 006647296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BingMaps.dll
2018-11-13 20:51 - 2018-11-01 05:31 - 005307904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2018-11-13 20:51 - 2018-11-01 05:31 - 000288768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2018-11-13 20:51 - 2018-11-01 05:30 - 002449408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MapRouter.dll
2018-11-13 20:51 - 2018-11-01 05:30 - 001361408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSPhotography.dll
2018-11-13 20:51 - 2018-11-01 05:30 - 000561152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2018-11-13 20:51 - 2018-11-01 05:30 - 000392704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MapConfiguration.dll
2018-11-13 20:51 - 2018-11-01 05:30 - 000310272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincorlib.dll
2018-11-13 20:51 - 2018-11-01 05:29 - 002258944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2018-11-13 20:51 - 2018-11-01 05:29 - 001986560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MapGeocoder.dll
2018-11-13 20:51 - 2018-11-01 05:29 - 001862656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xpsservices.dll
2018-11-13 20:51 - 2018-11-01 05:29 - 000848384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ShareHost.dll
2018-11-13 20:51 - 2018-11-01 05:29 - 000608768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EdgeManager.dll
2018-11-13 20:51 - 2018-11-01 05:29 - 000578560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webplatstorageserver.dll
2018-11-13 20:51 - 2018-11-01 05:29 - 000165376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2018-11-13 20:51 - 2018-11-01 05:28 - 001348096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\OpcServices.dll
2018-11-13 20:51 - 2018-11-01 05:28 - 001000448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TokenBroker.dll
2018-11-13 20:51 - 2018-11-01 05:28 - 000978944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JpMapControl.dll
2018-11-13 20:51 - 2018-11-01 05:27 - 000856576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2018-11-13 20:51 - 2018-11-01 05:27 - 000713216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BingOnlineServices.dll
2018-11-13 20:51 - 2018-11-01 05:27 - 000678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2018-11-13 20:51 - 2018-11-01 05:27 - 000534016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2018-11-13 20:51 - 2018-11-01 05:26 - 000795648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Security.Authentication.OnlineId.dll
2018-11-13 20:51 - 2018-11-01 05:26 - 000735744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
2018-11-13 20:51 - 2018-11-01 05:26 - 000345088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2018-11-13 20:51 - 2018-10-21 14:00 - 001639560 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2018-11-13 20:51 - 2018-10-21 14:00 - 000790416 _____ (Microsoft Corporation) C:\Windows\system32\fontdrvhost.exe
2018-11-13 20:51 - 2018-10-21 14:00 - 000396304 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2018-11-13 20:51 - 2018-10-21 13:59 - 000766480 _____ (Microsoft Corporation) C:\Windows\system32\LicensingWinRT.dll
2018-11-13 20:51 - 2018-10-21 13:59 - 000236728 _____ (Microsoft Corporation) C:\Windows\system32\EditionUpgradeManagerObj.dll
2018-11-13 20:51 - 2018-10-21 13:45 - 000123392 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2018-11-13 20:51 - 2018-10-21 13:44 - 000623104 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2018-11-13 20:51 - 2018-10-21 13:44 - 000085504 _____ (Microsoft Corporation) C:\Windows\system32\INETRES.dll
2018-11-13 20:51 - 2018-10-21 13:43 - 000345600 _____ (Microsoft Corporation) C:\Windows\system32\AcGenral.dll
2018-11-13 20:51 - 2018-10-21 13:43 - 000276992 _____ (Microsoft Corporation) C:\Windows\system32\wisp.dll
2018-11-13 20:51 - 2018-10-21 13:43 - 000182784 _____ (Microsoft Corporation) C:\Windows\system32\LanguageComponentsInstaller.dll
2018-11-13 20:51 - 2018-10-21 13:42 - 001127936 _____ (Microsoft Corporation) C:\Windows\system32\nettrace.dll
2018-11-13 20:51 - 2018-10-21 13:42 - 000765440 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2018-11-13 20:51 - 2018-10-21 13:42 - 000592896 _____ (Microsoft Corporation) C:\Windows\system32\UserLanguagesCpl.dll
2018-11-13 20:51 - 2018-10-21 13:42 - 000181248 _____ (Microsoft Corporation) C:\Windows\system32\EditionUpgradeHelper.dll
2018-11-13 20:51 - 2018-10-21 13:41 - 001180672 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2018-11-13 20:51 - 2018-10-21 12:38 - 000662312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontdrvhost.exe
2018-11-13 20:51 - 2018-10-21 12:38 - 000660480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LicensingWinRT.dll
2018-11-13 20:51 - 2018-10-21 12:38 - 000221216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EditionUpgradeManagerObj.dll
2018-11-13 20:51 - 2018-10-21 12:37 - 001626656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2018-11-13 20:51 - 2018-10-21 12:28 - 000084992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\INETRES.dll
2018-11-13 20:51 - 2018-10-21 12:23 - 000622080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2018-11-13 20:51 - 2018-10-21 12:23 - 000523264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserLanguagesCpl.dll
2018-11-13 20:51 - 2018-10-21 12:22 - 002405888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AcGenral.dll
2018-11-13 20:51 - 2018-10-21 12:22 - 000224256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wisp.dll
2018-11-13 20:51 - 2018-10-21 10:29 - 001008640 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.MixedRealityCapture.dll
2018-11-13 20:51 - 2018-10-21 09:44 - 000868864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.MixedRealityCapture.dll
2018-11-13 20:51 - 2018-10-21 08:47 - 000368440 _____ (Microsoft Corporation) C:\Windows\system32\thumbcache.dll
2018-11-13 20:51 - 2018-10-21 08:46 - 000717112 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_StorageSense.dll
2018-11-13 20:51 - 2018-10-21 08:46 - 000709936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2018-11-13 20:51 - 2018-10-21 08:46 - 000611640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spaceport.sys
2018-11-13 20:51 - 2018-10-21 08:46 - 000560136 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2018-11-13 20:51 - 2018-10-21 08:46 - 000497864 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Enumeration.dll
2018-11-13 20:51 - 2018-10-21 08:46 - 000171024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2018-11-13 20:51 - 2018-10-21 08:45 - 002719032 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2018-11-13 20:51 - 2018-10-21 08:45 - 001946208 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2018-11-13 20:51 - 2018-10-21 08:45 - 001098064 _____ (Microsoft Corporation) C:\Windows\system32\msvproc.dll
2018-11-13 20:51 - 2018-10-21 08:45 - 000185120 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2018-11-13 20:51 - 2018-10-21 08:45 - 000175624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spacedump.sys
2018-11-13 20:51 - 2018-10-21 08:45 - 000139792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2018-11-13 20:51 - 2018-10-21 08:45 - 000058088 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2018-11-13 20:51 - 2018-10-21 08:21 - 001589248 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Globalization.dll
2018-11-13 20:51 - 2018-10-21 08:21 - 000123424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2018-11-13 20:51 - 2018-10-21 08:20 - 000424000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Enumeration.dll
2018-11-13 20:51 - 2018-10-21 08:20 - 000295224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\thumbcache.dll
2018-11-13 20:51 - 2018-10-21 08:20 - 000161792 _____ (Microsoft Corporation) C:\Windows\system32\spacebridge.dll
2018-11-13 20:51 - 2018-10-21 08:20 - 000141312 _____ C:\Windows\system32\DataStoreCacheDumpTool.exe
2018-11-13 20:51 - 2018-10-21 08:20 - 000050688 _____ (Microsoft Corporation) C:\Windows\system32\wcimage.dll
2018-11-13 20:51 - 2018-10-21 08:19 - 001620776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2018-11-13 20:51 - 2018-10-21 08:19 - 001130768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvproc.dll
2018-11-13 20:51 - 2018-10-21 08:19 - 000514560 _____ (Microsoft Corporation) C:\Windows\system32\nltest.exe
2018-11-13 20:51 - 2018-10-21 08:19 - 000505616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TextInputFramework.dll
2018-11-13 20:51 - 2018-10-21 08:19 - 000463360 _____ (Microsoft Corporation) C:\Windows\system32\wlansec.dll
2018-11-13 20:51 - 2018-10-21 08:19 - 000409088 _____ (Microsoft Corporation) C:\Windows\system32\wlanmsm.dll
2018-11-13 20:51 - 2018-10-21 08:19 - 000228864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\winnat.sys
2018-11-13 20:51 - 2018-10-21 08:19 - 000228352 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Web.Diagnostics.dll
2018-11-13 20:51 - 2018-10-21 08:19 - 000137728 _____ (Microsoft Corporation) C:\Windows\system32\InputLocaleManager.dll
2018-11-13 20:51 - 2018-10-21 08:19 - 000112128 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthhfenum.sys
2018-11-13 20:51 - 2018-10-21 08:19 - 000086528 _____ (Microsoft Corporation) C:\Windows\system32\ofdeploy.exe
2018-11-13 20:51 - 2018-10-21 08:19 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\BthAvrcpAppSvc.dll
2018-11-13 20:51 - 2018-10-21 08:19 - 000036352 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vhf.sys
2018-11-13 20:51 - 2018-10-21 08:19 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2018-11-13 20:51 - 2018-10-21 08:18 - 000761344 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2018-11-13 20:51 - 2018-10-21 08:18 - 000461824 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Activities.dll
2018-11-13 20:51 - 2018-10-21 08:18 - 000395264 _____ (Microsoft Corporation) C:\Windows\system32\BthAvctpSvc.dll
2018-11-13 20:51 - 2018-10-21 08:18 - 000275456 _____ (Microsoft Corporation) C:\Windows\system32\scecli.dll
2018-11-13 20:51 - 2018-10-21 08:18 - 000274432 _____ (Microsoft Corporation) C:\Windows\system32\DAFWSD.dll
2018-11-13 20:51 - 2018-10-21 08:18 - 000130048 _____ (Microsoft Corporation) C:\Windows\system32\officecsp.dll
2018-11-13 20:51 - 2018-10-21 08:18 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\seclogon.dll
2018-11-13 20:51 - 2018-10-21 08:17 - 000787456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdiWiFi.sys
2018-11-13 20:51 - 2018-10-21 08:17 - 000625152 _____ (Microsoft Corporation) C:\Windows\system32\PsmServiceExtHost.dll
2018-11-13 20:51 - 2018-10-21 08:17 - 000473600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2018-11-13 20:51 - 2018-10-21 08:17 - 000311296 _____ (Microsoft Corporation) C:\Windows\system32\BthAvrcp.dll
2018-11-13 20:51 - 2018-10-21 08:17 - 000271872 _____ (Microsoft Corporation) C:\Windows\system32\dafBth.dll
2018-11-13 20:51 - 2018-10-21 08:16 - 002584576 _____ (Microsoft Corporation) C:\Windows\system32\wlansvc.dll
2018-11-13 20:51 - 2018-10-21 08:16 - 001535488 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2018-11-13 20:51 - 2018-10-21 08:16 - 000847360 _____ (Microsoft Corporation) C:\Windows\system32\bisrv.dll
2018-11-13 20:51 - 2018-10-21 08:16 - 000514048 _____ (Microsoft Corporation) C:\Windows\system32\BTAGService.dll
2018-11-13 20:51 - 2018-10-21 08:16 - 000323584 _____ (Microsoft Corporation) C:\Windows\system32\AppxAllUserStore.dll
2018-11-13 20:51 - 2018-10-21 08:15 - 000743936 _____ (Microsoft Corporation) C:\Windows\system32\PrintRenderAPIHost.DLL
2018-11-13 20:51 - 2018-10-21 08:15 - 000401920 _____ (Microsoft Corporation) C:\Windows\system32\rascustom.dll
2018-11-13 20:51 - 2018-10-21 08:14 - 001919488 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2018-11-13 20:51 - 2018-10-21 08:14 - 001034752 _____ (Microsoft Corporation) C:\Windows\system32\modernexecserver.dll
2018-11-13 20:51 - 2018-10-21 08:14 - 000932352 _____ (Microsoft Corporation) C:\Windows\system32\rasmans.dll
2018-11-13 20:51 - 2018-10-21 08:14 - 000632320 _____ (Microsoft Corporation) C:\Windows\system32\cdpsvc.dll
2018-11-13 20:51 - 2018-10-21 08:14 - 000453632 _____ (Microsoft Corporation) C:\Windows\system32\cdpusersvc.dll
2018-11-13 20:51 - 2018-10-21 08:14 - 000311296 _____ (Microsoft Corporation) C:\Windows\system32\EnterpriseAppMgmtSvc.dll
2018-11-13 20:51 - 2018-10-21 08:02 - 000157184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spacebridge.dll
2018-11-13 20:51 - 2018-10-21 08:01 - 001189376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Globalization.dll
2018-11-13 20:51 - 2018-10-21 08:01 - 000168448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Web.Diagnostics.dll
2018-11-13 20:51 - 2018-10-21 08:00 - 000214528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scecli.dll
2018-11-13 20:51 - 2018-10-21 07:59 - 000602112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2018-11-13 20:51 - 2018-10-21 07:58 - 001124352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cdprt.dll
2018-11-13 20:51 - 2018-10-21 07:58 - 000415744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2018-11-13 20:51 - 2018-10-21 07:58 - 000230912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxAllUserStore.dll
2018-11-13 20:51 - 2018-10-21 07:57 - 002611200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2018-11-13 20:51 - 2018-10-21 06:59 - 000806320 _____ C:\Windows\SysWOW64\locale.nls
2018-11-13 20:51 - 2018-10-21 06:59 - 000806320 _____ C:\Windows\system32\locale.nls
2018-11-13 20:51 - 2018-04-28 05:02 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll
2018-11-02 19:44 - 2018-11-02 19:44 - 000000400 _____ C:\Users\Usuario_pc\Documents\cc_20181102_194438.reg
2018-11-02 16:11 - 2018-11-02 16:11 - 000001912 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2018-11-02 16:11 - 2018-11-02 16:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2018-11-02 16:11 - 2018-10-18 09:44 - 000152688 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2018-11-01 23:12 - 2018-11-01 23:12 - 000018412 _____ C:\Users\Usuario_pc\Documents\cc_20181101_231158.reg
2018-11-01 19:10 - 2018-11-01 19:10 - 000000000 ____D C:\Users\Usuario_pc\AppData\Local\mbamtray
2018-11-01 19:07 - 2018-11-01 19:08 - 078612224 _____ (Malwarebytes ) C:\Users\Usuario_pc\Desktop\mb3-setup-consumer-3.6.1.2711-1.0.482-1.0.7607.exe
2018-11-01 18:58 - 2018-11-01 19:01 - 000000000 ____D C:\AdwCleaner
2018-11-01 18:57 - 2018-11-01 18:57 - 007592144 _____ (Malwarebytes) C:\Users\Usuario_pc\Desktop\adwcleaner_7.2.4.0.exe
2018-10-24 19:09 - 2018-10-12 16:37 - 002017888 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6441634.dll
2018-10-24 19:09 - 2018-10-12 16:37 - 001468464 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6441634.dll

#8

Informe 1-2/2

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-11-18 20:26 - 2017-10-17 19:00 - 000000000 ____D C:\Users\Usuario_pc\AppData\LocalLow\Mozilla
2018-11-18 20:25 - 2018-05-18 15:33 - 000000000 ____D C:\Windows\system32\SleepStudy
2018-11-18 20:25 - 2018-04-12 00:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2018-11-18 20:09 - 2017-05-06 18:23 - 000000000 ____D C:\ProgramData\NVIDIA
2018-11-18 20:07 - 2017-05-06 18:22 - 000000180 _____ C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2018-11-18 20:07 - 2015-10-16 16:05 - 000000000 __SHD C:\Users\Usuario_pc\IntelGraphicsProfiles
2018-11-18 19:50 - 2018-04-12 00:36 - 000000000 ____D C:\Windows\INF
2018-11-18 19:39 - 2015-10-17 18:24 - 000000000 ____D C:\Program Files (x86)\Steam
2018-11-18 17:55 - 2018-05-18 15:51 - 001768608 _____ C:\Windows\system32\PerfStringBackup.INI
2018-11-18 17:55 - 2018-04-12 17:18 - 000786502 _____ C:\Windows\system32\perfh00A.dat
2018-11-18 17:55 - 2018-04-12 17:18 - 000155134 _____ C:\Windows\system32\perfc00A.dat
2018-11-18 17:49 - 2018-05-18 15:56 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-11-18 14:07 - 2018-04-11 22:04 - 000524288 _____ C:\Windows\system32\config\BBI
2018-11-17 22:21 - 2015-11-22 17:33 - 000000000 ____D C:\Users\Usuario_pc\AppData\Roaming\qBittorrent
2018-11-17 21:08 - 2018-04-12 00:38 - 000000000 ____D C:\Windows\AppReadiness
2018-11-17 21:07 - 2017-10-15 12:06 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2018-11-17 21:07 - 2016-04-17 19:04 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-11-17 19:05 - 2016-11-04 21:59 - 000000000 ____D C:\Users\Usuario_pc\AppData\Local\ElevatedDiagnostics
2018-11-17 19:00 - 2016-04-17 19:04 - 000001228 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2018-11-17 17:53 - 2018-04-12 00:38 - 000000000 ___HD C:\Program Files\WindowsApps
2018-11-17 11:56 - 2017-05-06 18:22 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2018-11-17 11:56 - 2017-05-06 18:22 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2018-11-17 11:56 - 2017-01-31 18:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2018-11-16 16:31 - 2018-05-18 15:56 - 000003386 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1265119368-708876424-1656143655-1001
2018-11-16 16:31 - 2018-05-18 15:39 - 000002412 _____ C:\Users\Usuario_pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-11-16 16:31 - 2015-10-16 16:29 - 000000000 ___RD C:\Users\Usuario_pc\OneDrive
2018-11-14 17:31 - 2015-10-16 17:37 - 000002299 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-11-14 17:31 - 2015-10-16 17:37 - 000002258 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-11-14 16:49 - 2017-11-18 13:47 - 000000000 ___RD C:\Users\Usuario_pc\3D Objects
2018-11-14 16:49 - 2015-10-16 16:27 - 000000000 __RHD C:\Users\Public\AccountPictures
2018-11-14 16:48 - 2018-05-18 15:33 - 000827760 _____ C:\Windows\system32\FNTCACHE.DAT
2018-11-13 21:52 - 2018-04-12 00:38 - 000000000 ___SD C:\Windows\SysWOW64\F12
2018-11-13 21:52 - 2018-04-12 00:38 - 000000000 ___SD C:\Windows\system32\F12
2018-11-13 21:52 - 2018-04-12 00:38 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2018-11-13 21:52 - 2018-04-12 00:38 - 000000000 ____D C:\Windows\TextInput
2018-11-13 21:52 - 2018-04-12 00:38 - 000000000 ____D C:\Windows\system32\ShellExperiences
2018-11-13 21:52 - 2018-04-12 00:38 - 000000000 ____D C:\Windows\ShellExperiences
2018-11-13 21:52 - 2018-04-12 00:38 - 000000000 ____D C:\Windows\bcastdvr
2018-11-13 21:04 - 2018-04-12 00:30 - 000000000 ____D C:\Windows\CbsTemp
2018-11-13 21:03 - 2015-10-16 12:09 - 000000000 ____D C:\Windows\system32\MRT
2018-11-13 21:02 - 2015-10-16 12:09 - 137810048 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2018-11-13 20:02 - 2018-03-05 17:50 - 004992328 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2018-11-13 04:23 - 2018-03-05 17:50 - 001682896 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll
2018-11-13 04:23 - 2018-03-05 17:50 - 000227896 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2018-11-13 04:23 - 2018-03-05 17:50 - 000074576 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvhci.sys
2018-11-13 04:23 - 2018-03-05 17:50 - 000048138 _____ C:\Windows\system32\nvinfo.pb
2018-11-13 02:44 - 2017-05-06 18:23 - 005945144 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2018-11-13 02:44 - 2017-05-06 18:23 - 002611592 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2018-11-13 02:44 - 2017-05-06 18:23 - 001767280 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2018-11-13 02:44 - 2017-05-06 18:23 - 000635248 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll
2018-11-13 02:44 - 2017-05-06 18:23 - 000451056 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2018-11-13 02:44 - 2017-05-06 18:23 - 000124112 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2018-11-13 02:44 - 2017-05-06 18:23 - 000083336 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll
2018-11-12 16:56 - 2015-12-06 22:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2018-11-12 15:30 - 2017-05-06 18:23 - 008407912 _____ C:\Windows\system32\nvcoproc.bin
2018-11-05 18:34 - 2018-04-12 00:41 - 000835168 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2018-11-05 18:34 - 2018-04-12 00:41 - 000179808 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2018-11-02 16:13 - 2015-11-09 12:32 - 000000214 _____ C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job
2018-11-02 16:11 - 2015-10-26 16:29 - 000000000 ____D C:\ProgramData\Malwarebytes
2018-11-02 15:27 - 2015-11-09 12:31 - 000000000 ____D C:\Windows\pss
2018-11-01 23:11 - 2017-02-28 16:16 - 000000000 ____D C:\Users\Usuario_pc\AppData\Local\CrashDumps
2018-11-01 18:32 - 2016-11-15 17:43 - 000000000 ____D C:\ProgramData\TEMP
2018-11-01 08:38 - 2017-12-24 23:00 - 000000000 ____D C:\Users\Usuario_pc\AppData\Roaming\9895e2ed5c726798f33d8697bee73570
2018-10-24 19:11 - 2017-05-06 18:22 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2018-10-24 18:46 - 2018-06-02 11:43 - 000004308 _____ C:\Windows\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-10-24 18:46 - 2018-06-02 11:43 - 000004106 _____ C:\Windows\System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-10-24 18:46 - 2018-06-02 11:43 - 000003976 _____ C:\Windows\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-10-24 18:46 - 2018-06-02 11:43 - 000003940 _____ C:\Windows\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-10-24 18:46 - 2017-01-31 18:42 - 000001443 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2018-10-24 18:46 - 2017-01-31 18:42 - 000000000 ____D C:\Users\Usuario_pc\AppData\Local\NVIDIA Corporation
2018-10-24 18:45 - 2018-06-02 11:43 - 000003926 _____ C:\Windows\System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-10-24 18:45 - 2018-06-02 11:43 - 000003926 _____ C:\Windows\System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-10-24 18:45 - 2018-06-02 11:43 - 000003926 _____ C:\Windows\System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-10-24 18:45 - 2018-05-18 15:56 - 000003894 _____ C:\Windows\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-10-24 18:45 - 2018-05-18 15:56 - 000003866 _____ C:\Windows\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-10-24 18:45 - 2018-05-18 15:56 - 000003858 _____ C:\Windows\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-10-24 18:45 - 2018-05-18 15:56 - 000003654 _____ C:\Windows\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-10-23 19:27 - 2018-07-04 16:35 - 000000000 ____D C:\ProgramData\Packages

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-05-18 15:33

==================== End of FRST.txt ============================

#9

Informe 2-

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15.11.2018
Ran by Usuario_pc (18-11-2018 20:31:28)
Running from C:\Users\Usuario_pc\Desktop
Windows 10 Home Version 1803 17134.407 (X64) (2018-05-18 14:57:33)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrador (S-1-5-21-1265119368-708876424-1656143655-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1265119368-708876424-1656143655-503 - Limited - Disabled)
Invitado (S-1-5-21-1265119368-708876424-1656143655-501 - Limited - Disabled)
Usuario_pc (S-1-5-21-1265119368-708876424-1656143655-1001 - Administrator - Enabled) => C:\Users\Usuario_pc
WDAGUtilityAccount (S-1-5-21-1265119368-708876424-1656143655-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Antivirus (Disabled - Up to date) {B3F630BD-538D-1B4A-14FA-14B63235278F}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Avira Antivirus (Disabled - Up to date) {0897D159-75B7-14C4-2E4A-2FC449B26D32}
AS: Malwarebytes (Disabled - Out of date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Actualización de NVIDIA 33.2.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 33.2.0.0 - NVIDIA Corporation) Hidden
Adobe Flash Player 10 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 10.1.53.64 - Adobe Systems Incorporated)
Adobe Reader X (10.1.1) - Español (HKLM-x32\...\{AC76BA86-7AD7-1034-7B44-AA1000000001}) (Version: 10.1.1 - Adobe Systems Incorporated)
Avira (HKLM-x32\...\{18787388-9263-47A6-B954-41BDE0B90959}) (Version: 1.2.121.24663 - Avira Operations GmbH & Co. KG) Hidden
Avira (HKLM-x32\...\{2884d9b5-2fed-48df-b0e0-fe229e7eb781}) (Version: 1.2.121.24663 - Avira Operations GmbH & Co. KG)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.43.24 - Avira Operations GmbH & Co. KG)
BurnInTest v6.0 Pro (HKLM-x32\...\BurnInTest_is1) (Version: 6.0 - Passmark Software)
CCleaner (HKLM\...\CCleaner) (Version: 5.26 - Piriform)
DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 416.94 - NVIDIA Corporation) Hidden
FotoPrix FotoLibro v4 (HKLM-x32\...\{2FEC2258-5F07-400B-82AE-232510ED187D}) (Version: 6.10.0049 - FotoPrix, S.A.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 70.0.3538.102 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.115 - Google Inc.) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4835 - Intel Corporation)
Java 8 Update 121 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180121F0}) (Version: 8.0.1210.13 - Oracle Corporation)
K-Lite Codec Pack 9.9.5 (Full) (HKLM-x32\...\KLiteCodecPack_is1) (Version: 9.9.5 - )
Malwarebytes versión 3.6.1.2711 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.6.1.2711 - Malwarebytes)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Excel 2007 Help Actualización (KB963678) (HKLM-x32\...\{90120000-0016-0C0A-0000-0000000FF1CE}_ENTERPRISE_{59E09C3D-4878-47D9-87DB-6D0018026889}) (Version:  - Microsoft)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Outlook 2007 Help Actualización (KB963677) (HKLM-x32\...\{90120000-001A-0C0A-0000-0000000FF1CE}_ENTERPRISE_{59C244C2-0C37-4E85-8F7E-DBDD3958B694}) (Version:  - Microsoft)
Microsoft Office Powerpoint 2007 Help Actualización (KB963669) (HKLM-x32\...\{90120000-0018-0C0A-0000-0000000FF1CE}_ENTERPRISE_{F318245D-05AE-4681-A749-A036CE44AF29}) (Version:  - Microsoft)
Microsoft Office Word 2007 Help Actualización (KB963665) (HKLM-x32\...\{90120000-001B-0C0A-0000-0000000FF1CE}_ENTERPRISE_{377BA42A-1C84-45D6-94B8-6D00887D172D}) (Version:  - Microsoft)
Microsoft OneDrive (HKU\S-1-5-21-1265119368-708876424-1656143655-1001\...\OneDriveSetup.exe) (Version: 18.192.0920.0015 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Mozilla Firefox 63.0.3 (x64 es-ES) (HKLM\...\Mozilla Firefox 63.0.3 (x64 es-ES)) (Version: 63.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 63.0.3.6892 - Mozilla)
NMSDVDX64 v1.1 (HKLM\...\{49C4A807-A535-4E85-BD6D-5A7803473CA3}) (Version: 1.01.0001 - FOTOPRIX)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.11 - NVIDIA Corporation) Hidden
NVIDIA Controlador de 3D Vision 416.94 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 416.94 - NVIDIA Corporation)
NVIDIA Controlador de audio HD 1.3.38.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.4 - NVIDIA Corporation)
NVIDIA Controlador de gráficos 416.94 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 416.94 - NVIDIA Corporation)
NVIDIA Controlador de la controladora 3D Vision 390.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 390.41 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.15.0.186 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.15.0.186 - NVIDIA Corporation)
NVIDIA Software del sistema PhysX 9.18.0907 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.18.0907 - NVIDIA Corporation)
OpenOffice 4.1.1 (HKLM-x32\...\{EFC97BC6-345A-4861-ACD5-0D3181252924}) (Version: 4.11.9775 - Apache Software Foundation)
Panel de control de NVIDIA 416.94 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 416.94 - NVIDIA Corporation) Hidden
qBittorrent 3.2.5 (HKLM-x32\...\qBittorrent) (Version: 3.2.5 - The qBittorrent project)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.29.314.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7200 - Realtek Semiconductor Corp.)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{C5FDDED7-DEC7-48B4-AFD8-DFB8A0FD199A}) (Version: 2.51.0.0 - Microsoft Corporation)
VLC media player 2.1.3 (HKLM\...\VLC media player) (Version: 2.1.3 - VideoLAN)
WinRAR 4.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.01.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ContextMenuHandlers1: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2018-10-25] (Avira Operations GmbH & Co. KG)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2011-05-28] ()
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2011-05-28] ()
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes)
ContextMenuHandlers4: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2011-05-28] ()
ContextMenuHandlers4-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2011-05-28] ()
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2017-10-20] (Intel Corporation)
ContextMenuHandlers5: [igfxOSP] -> {FA507C3F-30C6-4DCA-9EE5-2656072EEC14} => C:\WINDOWS\system32\igfxOSP.dll [2017-10-20] (Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2018-11-13] (NVIDIA Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes)
ContextMenuHandlers6: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2018-10-25] (Avira Operations GmbH & Co. KG)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2011-05-28] ()
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2011-05-28] ()

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0883EC34-6F51-4C7C-A72F-FDA9F0F01F05} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2018-10-10] (NVIDIA Corporation)
Task: {11685AA6-2FA8-4F10-920A-DAB730174CBA} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2018-10-10] (NVIDIA Corporation)
Task: {11B029BD-7B51-4737-B381-A1A1A8C06718} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-10-10] (NVIDIA Corporation)
Task: {1834E762-CDA9-4265-878B-937645A4D879} - System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-10-10] (NVIDIA Corporation)
Task: {1C59A790-2CD4-43D4-8395-981A919D534A} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-10-10] (NVIDIA Corporation)
Task: {2659BF59-5033-4D38-9002-DF681BC50841} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-12-21] (Piriform Ltd)
Task: {3CE7C12E-EEBD-4C9D-9745-2AC6A35987F5} - System32\Tasks\Avira_Antivirus_Systray => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [2018-11-12] (Avira Operations GmbH & Co. KG)
Task: {556215FA-18AC-48E8-9600-6D5D72189D7E} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-10-10] (NVIDIA Corporation)
Task: {5AD62C65-8359-48E7-8494-E55674DCD924} - System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-10-10] (NVIDIA Corporation)
Task: {65B85F6F-35B3-4459-A179-28255D5B7B25} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\Windows\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-04-12] ()
Task: {8924A07D-3A31-41BE-967C-BED6C6634671} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-10-16] (Google Inc.)
Task: {8A3C05E7-EB80-41E3-A2EF-1CDD77EA4844} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-10-10] (NVIDIA Corporation)
Task: {A9B2B95B-3597-427D-96B2-CBBDD8F2F1A5} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {BCA8BC33-3808-4067-9D16-4F112A19BA7E} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-10-10] (NVIDIA Corporation)
Task: {BE5E9249-D205-44E7-A0FE-367D5F65D1DF} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2018-10-10] (NVIDIA Corporation)
Task: {BF881665-579A-443D-85DA-2C202CB93272} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-10-16] (Google Inc.)
Task: {C7A4A7D7-AC19-4CE1-AD71-6DF705654DEC} - System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-10-10] (NVIDIA Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job => C:\Windows\explorer.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2018-06-02 11:43 - 2018-10-10 21:04 - 001314856 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2009-01-12 07:15 - 2009-01-12 07:15 - 000082872 _____ () C:\Windows\SysWOW64\NMSAccess64.exe
2018-11-02 16:11 - 2018-10-18 09:44 - 002695360 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2018-04-12 00:34 - 2018-04-12 00:34 - 000491744 _____ () C:\Windows\System32\InputHost.dll
2018-04-12 00:34 - 2018-04-12 00:34 - 000472064 _____ () C:\Windows\ShellExperiences\TileControl.dll
2018-04-12 00:34 - 2018-04-12 00:34 - 002759168 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll
2015-10-16 12:00 - 2011-05-28 21:05 - 000164864 _____ () C:\Program Files\WinRAR\rarext.dll
2018-11-13 20:52 - 2018-11-01 07:55 - 002185216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2018-10-23 19:25 - 2018-10-23 19:25 - 000009216 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.34.81.0_x64__kzf8qxf38zg5c\ImagePipelineNative.dll
2018-11-14 16:52 - 2018-11-14 16:52 - 000060416 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.34.81.0_x64__kzf8qxf38zg5c\ChakraBridge.dll
2018-11-14 16:52 - 2018-11-14 16:53 - 000019456 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.34.81.0_x64__kzf8qxf38zg5c\SkypeProxiesAndStubs.dll
2018-11-14 16:52 - 2018-11-14 16:52 - 010873344 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.34.81.0_x64__kzf8qxf38zg5c\LibWrapper.dll
2018-11-14 16:52 - 2018-11-14 16:53 - 002834432 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.34.81.0_x64__kzf8qxf38zg5c\skypert.dll
2018-11-14 16:52 - 2018-11-14 16:53 - 000685568 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.34.81.0_x64__kzf8qxf38zg5c\RtmMvrUap.dll
2018-11-14 16:52 - 2018-11-14 16:53 - 000183808 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.34.81.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
2018-06-02 11:43 - 2018-10-10 21:03 - 101252136 _____ () C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\libcef.dll
2016-12-21 18:49 - 2016-12-21 18:49 - 000069632 _____ () C:\Program Files\CCleaner\lang\lang-1034.dll
2018-06-02 11:43 - 2018-10-10 21:03 - 004619816 _____ () C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\libglesv2.dll
2018-06-02 11:43 - 2018-10-10 21:03 - 000108584 _____ () C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\libegl.dll
2018-10-26 20:36 - 2018-10-26 20:37 - 035118592 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18082.13811.0_x64__8wekyb3d8bbwe\Video.UI.exe
2018-10-26 20:36 - 2018-10-26 20:36 - 000290816 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18082.13811.0_x64__8wekyb3d8bbwe\SharedUI.dll
2018-10-26 20:36 - 2018-10-26 20:36 - 005987328 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18082.13811.0_x64__8wekyb3d8bbwe\EntCommon.dll
2017-09-27 15:02 - 2017-09-27 15:02 - 003553704 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18082.13811.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-11-07 21:40 - 2018-11-07 21:54 - 001434384 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11001.20083.0_x64__8wekyb3d8bbwe\Office.UI.Xaml.Word.dll
2018-08-10 17:23 - 2018-11-12 16:55 - 001205792 _____ () C:\Program Files (x86)\Avira\Antivirus\crypto-42.dll
2018-08-10 17:23 - 2018-11-12 16:55 - 000244672 _____ () C:\Program Files (x86)\Avira\Antivirus\ssl-44.dll
2015-10-16 11:39 - 2013-09-16 11:17 - 001242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2018-06-02 11:43 - 2018-10-10 21:04 - 001032744 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:E196670A [384]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2017-09-29 14:46 - 2015-07-10 12:02 - 000000824 _____ C:\Windows\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1265119368-708876424-1656143655-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img1.jpg
DNS Servers: 80.58.61.254 - 80.58.61.250
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKU\S-1-5-21-1265119368-708876424-1656143655-1001\...\StartupApproved\StartupFolder: => "9c6279fe2b5068b8b3b6374549ae89e0.lnk"
HKU\S-1-5-21-1265119368-708876424-1656143655-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1265119368-708876424-1656143655-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-1265119368-708876424-1656143655-1001\...\StartupApproved\Run: => "c6279fe2"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{CFC4D443-0B89-4C75-86CF-B1CD218955A4}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Fallout 4\Fallout4Launcher.exe
FirewallRules: [{7CEEF3A4-8A5B-4405-9634-6E9B1E7E745B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Fallout 4\Fallout4Launcher.exe
FirewallRules: [UDP Query User{87D38BEF-656E-47D2-97A9-48280A4F99EF}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{17650B6E-699D-44E9-998E-229010EC4045}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{625F90AC-5471-4B34-A335-621297644701}C:\program files (x86)\steam\steamapps\common\total war warhammer ii\warhammer2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\total war warhammer ii\warhammer2.exe
FirewallRules: [TCP Query User{739CF984-79FB-409C-8731-B23705513078}C:\program files (x86)\steam\steamapps\common\total war warhammer ii\warhammer2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\total war warhammer ii\warhammer2.exe
FirewallRules: [UDP Query User{796DCBD6-A24F-4AAE-96C7-523D037F3BCB}C:\program files (x86)\steam\steamapps\common\total war warhammer\warhammer.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\total war warhammer\warhammer.exe
FirewallRules: [TCP Query User{922B2D0F-8CCB-4E76-9AB2-E73ABD4917DA}C:\program files (x86)\steam\steamapps\common\total war warhammer\warhammer.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\total war warhammer\warhammer.exe
FirewallRules: [UDP Query User{564A11D7-111C-4653-93B5-7952F43C6358}C:\program files (x86)\java\jre1.8.0_121\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre1.8.0_121\bin\javaw.exe
FirewallRules: [TCP Query User{C552E57C-EA03-4D8F-A401-052C37B6D92C}C:\program files (x86)\java\jre1.8.0_121\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre1.8.0_121\bin\javaw.exe
FirewallRules: [{6ED2335D-CBCD-4357-A85D-2E3335F5B666}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Pillars of Eternity\PillarsOfEternity.exe
FirewallRules: [{FF56D76E-EEB6-4560-AA85-F084562FE8F3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Pillars of Eternity\PillarsOfEternity.exe
FirewallRules: [{327861E1-E9BB-4D61-A38B-E795A215592E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{B0FE8AF6-33F9-4B2D-B8F6-5893573D36C4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{6E6BEBCF-81A2-4F9B-A659-ECE8E6053FBE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{308F260D-3BE7-4D2E-B32C-79706D9AD30A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{7F35C680-7EB9-448F-846D-E06F99C9B1CF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Company of Heroes 2\RelicCoH2.exe
FirewallRules: [{D93FC171-4684-4A77-B5A5-65254869505A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Company of Heroes 2\RelicCoH2.exe
FirewallRules: [{C859772E-9E66-40C0-886C-AD4BBDC85CE7}] => (Allow) C:\Program Files (x86)\qBittorrent\qbittorrent.exe
FirewallRules: [{1BDA5E55-86D1-4D2F-968C-80DB5A2DC8E0}] => (Allow) C:\Program Files (x86)\qBittorrent\qbittorrent.exe
FirewallRules: [{306064FA-7A85-4E44-84DF-4CB56E93F9DA}] => (Block) C:\program files (x86)\steam\steamapps\common\total war rome ii\rome2.exe
FirewallRules: [{88BA3EF5-329D-4744-AAA3-3B485355358D}] => (Block) C:\program files (x86)\steam\steamapps\common\total war rome ii\rome2.exe
FirewallRules: [UDP Query User{2ED74CEC-8707-469F-A483-4BF6A237992B}C:\program files (x86)\steam\steamapps\common\total war rome ii\rome2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\total war rome ii\rome2.exe
FirewallRules: [TCP Query User{F1D3A942-0386-4470-AEEE-ED7AF3E661B0}C:\program files (x86)\steam\steamapps\common\total war rome ii\rome2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\total war rome ii\rome2.exe
FirewallRules: [{6271CF12-6061-4F0D-8C55-26761869AD81}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{A444FD3F-CD02-46C5-8FFD-7A5707418938}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{D03A5A2F-30F9-4A0F-AF3D-788C558D90C1}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{834B233D-324D-4999-936B-C2E5AFAF4D6D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{6F3E4003-827C-44FE-8EDE-5001873B9109}C:\gwi\jre645litev1.2\bin\javaw.exe] => (Block) C:\gwi\jre645litev1.2\bin\javaw.exe
FirewallRules: [UDP Query User{23336262-76DA-449A-906D-C1911CB204E8}C:\gwi\jre645litev1.2\bin\javaw.exe] => (Block) C:\gwi\jre645litev1.2\bin\javaw.exe
FirewallRules: [{DE3F4113-0716-4620-9A82-E161BCA17A08}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{8F3062FE-510F-4264-952E-326B97773427}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{A00EE576-B207-41A3-9F89-71643D8A4CE1}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
FirewallRules: [{B110A201-EB2C-4886-A9E2-D1EBC405A40D}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
FirewallRules: [{59C5BB0D-0741-493B-8E1B-D60C8E9AF192}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\XCOM 2\Binaries\Win64\Launcher\ModLauncherWPF.exe
FirewallRules: [{AD539FA1-ABE5-4998-B261-C1CED3A1C1E0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\XCOM 2\Binaries\Win64\Launcher\ModLauncherWPF.exe
FirewallRules: [TCP Query User{43AEE95B-6A09-4A48-BF4B-279C55AF765E}C:\program files (x86)\steam\steamapps\common\xcom 2\xcom2-warofthechosen\binaries\win64\xcom2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\xcom 2\xcom2-warofthechosen\binaries\win64\xcom2.exe
FirewallRules: [UDP Query User{9935DCDF-6D3E-4F7F-BA77-7CC494B0E00E}C:\program files (x86)\steam\steamapps\common\xcom 2\xcom2-warofthechosen\binaries\win64\xcom2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\xcom 2\xcom2-warofthechosen\binaries\win64\xcom2.exe
FirewallRules: [{EB46CA3C-34A4-459F-BB7F-EE651FC21D5E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Total War WARHAMMER\launcher\launcher.exe
FirewallRules: [{54268105-6714-48C4-90A2-8181C7A4DF22}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Total War WARHAMMER\launcher\launcher.exe
FirewallRules: [{B91D4C7B-A2C0-42E2-ACDC-AE9EBCEA499B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{94BCA700-15EE-4BD8-83C3-5EF18714263D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{53583E80-E1DD-46BE-BB43-26BD5FBF073A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{27D8848F-6392-452F-B811-F2D290152E74}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{E8656907-2023-4DBC-A145-62CFB29B49F7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Total War WARHAMMER II\launcher\launcher.exe
FirewallRules: [{2363783C-9E94-4632-BC74-FFDE10201109}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Total War WARHAMMER II\launcher\launcher.exe
FirewallRules: [{41D621C5-8BA1-4F30-A214-E03707B63413}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Total War Rome II\launcher\launcher.exe
FirewallRules: [{3F6A2233-7741-4998-9F42-8B49A7E6C0F2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Total War Rome II\launcher\launcher.exe
FirewallRules: [{7D7E9879-1007-4FF7-93B3-F385346A1BC2}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Restore Points =========================

31-10-2018 15:49:24 Punto de control programado
10-11-2018 07:21:48 Punto de control programado
13-11-2018 20:50:46 Windows Update

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (11/17/2018 10:53:07 PM) (Source: COM) (EventID: 18221) (User: NT AUTHORITY)
Description: Se denegó el acceso al intento de conexión con el servicio RPCSS para la aplicación de servidor COM C:\Windows\SysWOW64\schtasks.exe al usuario Unavailable\Unavailable con SID (S-1-5-18) que se ejecuta en el contenedor de aplicaciones con SID Unavailable (Unavailable). La causa más probable es que los límites de acceso a nivel de equipo no conceden permisos de acceso local al usuario o a la aplicación. Los límites de acceso se pueden modificar con la herramienta administrativa Servicios de componentes.

Error: (11/17/2018 10:39:13 PM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Error al actualizar el estado de Malwarebytes a SECURITY_PRODUCT_STATE_EXPIRED.

Error: (11/09/2018 05:25:26 PM) (Source: Steam Client Service) (EventID: 1) (User: )
Description: Error: Failed to add firewall exception for C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe

Error: (11/08/2018 07:39:29 PM) (Source: Steam Client Service) (EventID: 1) (User: )
Description: Error: Failed to add firewall exception for C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe

Error: (11/07/2018 07:56:47 PM) (Source: Steam Client Service) (EventID: 1) (User: )
Description: Error: Failed to add firewall exception for C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe

Error: (11/07/2018 06:57:03 PM) (Source: Steam Client Service) (EventID: 1) (User: )
Description: Error: Failed to add firewall exception for C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe

Error: (11/06/2018 09:05:02 PM) (Source: Steam Client Service) (EventID: 1) (User: )
Description: Error: Failed to add firewall exception for C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe

Error: (11/05/2018 08:12:07 PM) (Source: Steam Client Service) (EventID: 1) (User: )
Description: Error: Failed to add firewall exception for C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe


System errors:
=============
Error: (11/18/2018 06:13:55 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-MMU55L8)
Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 y APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 al usuario DESKTOP-MMU55L8\Usuario_pc con SID (S-1-5-21-1265119368-708876424-1656143655-1001) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.

Error: (11/18/2018 05:52:21 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: La configuración de permisos específico de la aplicación no concede el permiso Iniciar Local para la aplicación de servidor COM con CLSID 
Windows.SecurityCenter.WscBrokerManager
 y APPID 
No disponible
 al usuario NT AUTHORITY\SYSTEM con SID (S-1-5-18) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.

Error: (11/18/2018 01:50:49 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-MMU55L8)
Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 y APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 al usuario DESKTOP-MMU55L8\Usuario_pc con SID (S-1-5-21-1265119368-708876424-1656143655-1001) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.

Error: (11/18/2018 01:46:50 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: La configuración de permisos específico de la aplicación no concede el permiso Iniciar Local para la aplicación de servidor COM con CLSID 
Windows.SecurityCenter.WscBrokerManager
 y APPID 
No disponible
 al usuario NT AUTHORITY\SYSTEM con SID (S-1-5-18) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.

Error: (11/18/2018 01:20:32 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-MMU55L8)
Description: El servidor Microsoft.Windows.ContentDeliveryManager_10.0.17134.1_neutral_neutral_cw5n1h2txyewy!App.AppX447jn8wbjb1qsw3jxkndb19cwgsrtrkk.mca no se registró con DCOM dentro del tiempo de espera requerido.

Error: (11/18/2018 01:02:34 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-MMU55L8)
Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 y APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 al usuario DESKTOP-MMU55L8\Usuario_pc con SID (S-1-5-21-1265119368-708876424-1656143655-1001) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.

Error: (11/18/2018 12:57:27 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: La configuración de permisos específico de la aplicación no concede el permiso Iniciar Local para la aplicación de servidor COM con CLSID 
Windows.SecurityCenter.WscBrokerManager
 y APPID 
No disponible
 al usuario NT AUTHORITY\SYSTEM con SID (S-1-5-18) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.

Error: (11/18/2018 12:56:12 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-MMU55L8)
Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 y APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 al usuario DESKTOP-MMU55L8\Usuario_pc con SID (S-1-5-21-1265119368-708876424-1656143655-1001) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.


Windows Defender:
===================================
Date: 2018-07-07 14:48:49.341
Description: 
El examen de Antivirus de Windows Defender se detuvo antes de completarse.
Id. de examen: {E40562D3-2E6A-4A83-835A-F9F04C50494F}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: DESKTOP-MMU55L8\Usuario_pc

Date: 2018-10-26 17:14:46.130
Description: 
Antivirus de Windows Defender encontró un error al intentar actualizar las firmas.
Nueva versión de firma: 
Versión de firma anterior: 1.273.1795.0
Origen de actualización: Servidor de Microsoft Update
Tipo de firma: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\SYSTEM
Versión de motor actual: 
Versión de motor anterior: 1.1.15100.1
Código de error: 0x80240022
Descripción del error: El programa no puede buscar actualizaciones de definiciones. 

Date: 2018-10-26 17:14:46.129
Description: 
Antivirus de Windows Defender encontró un error al intentar actualizar las firmas.
Nueva versión de firma: 
Versión de firma anterior: 1.273.1795.0
Origen de actualización: Servidor de Microsoft Update
Tipo de firma: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\SYSTEM
Versión de motor actual: 
Versión de motor anterior: 1.1.15100.1
Código de error: 0x80240022
Descripción del error: El programa no puede buscar actualizaciones de definiciones. 

Date: 2018-07-21 15:22:22.420
Description: 
Antivirus de Windows Defender encontró un error al intentar actualizar las firmas.
Nueva versión de firma: 1.273.127.0
Versión de firma anterior: 1.271.659.0
Origen de actualización: Usuario
Tipo de firma: AntiSpyware
Tipo de actualización: Completa
Usuario: NT AUTHORITY\SYSTEM
Versión de motor actual: 1.1.15100.1
Versión de motor anterior: 1.1.15000.2
Código de error: 0x80509004
Descripción del error: Problema inesperado. Instale todas las actualizaciones disponibles e intente iniciar el programa de nuevo. Para obtener más información sobre cómo instalar actualizaciones, consulte Ayuda y soporte técnico. 

Date: 2018-07-21 15:22:22.420
Description: 
Antivirus de Windows Defender encontró un error al intentar actualizar las firmas.
Nueva versión de firma: 1.273.127.0
Versión de firma anterior: 1.271.659.0
Origen de actualización: Usuario
Tipo de firma: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\SYSTEM
Versión de motor actual: 1.1.15100.1
Versión de motor anterior: 1.1.15000.2
Código de error: 0x80509004
Descripción del error: Problema inesperado. Instale todas las actualizaciones disponibles e intente iniciar el programa de nuevo. Para obtener más información sobre cómo instalar actualizaciones, consulte Ayuda y soporte técnico. 

Date: 2018-07-21 15:22:22.420
Description: 
Antivirus de Windows Defender encontró un error al intentar actualizar el motor.
Nueva versión de motor: 1.1.15100.1
Versión de motor anterior: 1.1.15000.2
Usuario: NT AUTHORITY\SYSTEM
Código de error: 0x80509004
Descripción del error: Problema inesperado. Instale todas las actualizaciones disponibles e intente iniciar el programa de nuevo. Para obtener más información sobre cómo instalar actualizaciones, consulte Ayuda y soporte técnico. 

CodeIntegrity:
===================================

Date: 2018-07-07 14:46:35.522
Description: 
Windows blocked file \Device\HarddiskVolume2\Windows\System32\scrobj.dll which has been disallowed for protected processes.

Date: 2018-07-07 14:46:35.455
Description: 
Windows blocked file \Device\HarddiskVolume2\Windows\System32\scrobj.dll which has been disallowed for protected processes.

Date: 2018-07-07 14:46:35.132
Description: 
Windows blocked file \Device\HarddiskVolume2\Windows\System32\scrobj.dll which has been disallowed for protected processes.

Date: 2018-07-07 14:46:35.077
Description: 
Windows blocked file \Device\HarddiskVolume2\Windows\System32\scrobj.dll which has been disallowed for protected processes.

Date: 2018-07-07 14:46:34.946
Description: 
Windows blocked file \Device\HarddiskVolume2\Windows\System32\scrobj.dll which has been disallowed for protected processes.

Date: 2018-07-07 14:46:10.946
Description: 
Windows blocked file \Device\HarddiskVolume2\Windows\System32\scrobj.dll which has been disallowed for protected processes.

Date: 2018-07-07 14:46:10.835
Description: 
Windows blocked file \Device\HarddiskVolume2\Windows\System32\scrobj.dll which has been disallowed for protected processes.

Date: 2018-07-07 14:46:10.746
Description: 
Windows blocked file \Device\HarddiskVolume2\Windows\System32\scrobj.dll which has been disallowed for protected processes.

==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i5-4460 CPU @ 3.20GHz
Percentage of memory in use: 40%
Total physical RAM: 8091.94 MB
Available physical RAM: 4816.25 MB
Total Virtual: 13823.92 MB
Available Virtual: 9321.49 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:930.57 GB) (Free:584.55 GB) NTFS

\\?\Volume{babd4a46-0000-0000-0000-100000000000}\ (Reservado para el sistema) (Fixed) (Total:0.49 GB) (Free:0.45 GB) NTFS
\\?\Volume{babd4a46-0000-0000-0000-a0c3e8000000}\ () (Fixed) (Total:0.45 GB) (Free:0.06 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: BABD4A46)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=930.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=465 MB) - (Type=27)

==================== End of Addition.txt ============================

#10

Hola

:arrow_forward: MUY Importante :arrow_backward: Realiza una copia de seguridad del registro :

  • Para hacerlo descarga :arrow_forward: DelFix.exe( en tu escritorio).

  • Doble clic para ejecutarlo.(Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona -Ejecutar como Administrador-).

  • Atención, ahora marca/selecciona únicamente la casilla "Create registry backup", las demás NO.

  • Pulsar en Run.

Se abrirá el informe (DelFix.txt), guárdalo por si fuera necesario y cierra la herramienta.

:warning: Con los demás programas cerrados ve a :arrow_forward: Inicio :arrow_forward: Ejecutar :arrow_forward: y escribe Notepad.exe.

  • Ahora debes copiar y pegar los códigos/líneas que están en el interior del recuadro de más abajo, dentro del Notepad.
START
CREATERESTOREPOINT:
CLOSEPROCESSES:
Startup: C:\Users\Usuario_pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\9c6279fe2b5068b8b3b6374549ae89e0.lnk [2018-11-01]
ShortcutTarget: 9c6279fe2b5068b8b3b6374549ae89e0.lnk -> C:\DESKTOP-MMU55L8\nkgurgedwi.exe (No File)
CHR Extension: (Chrome Media Router) - C:\Users\Usuario_pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-11-01]
2018-11-18 20:07 - 2017-05-06 18:22 - 000000180 _____ C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2018-11-01 08:38 - 2017-12-24 23:00 - 000000000 ____D C:\Users\Usuario_pc\AppData\Roaming\9895e2ed5c726798f33d8697bee73570
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
Task: {A9B2B95B-3597-427D-96B2-CBBDD8F2F1A5} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
AlternateDataStreams: C:\ProgramData\TEMP:E196670A [384]

HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
END

Guárdalo bajo el nombre de FIXLIST.TXT en el escritorio :arrow_backward: Esto es muy importante.

:o: Nota :o: Es importante que la herramienta FRST.exe (Farbar Recovery Scanner Tool) y FIXLIST.TXT se encuentren en la misma ubicación (escritorio) o si no, no trabajara.


  • Ejecuta FRST.exe.(Si usas Windows Vista/7/8 o 10, presiona clic derecho y seleccionas -Ejecutar como Administrador-).
  • Presionar el botón FIX y aguardar a que termine.
  • La Herramienta guardara el reporte de reparación en el escritorio (FIXLOG.TXT).

Pega el contenido de este fichero en tu próxima respuesta.

Reiniciar el equipo y comprobar su funcionamiento en relación al problema planteado y comentarlo.

Un saludo


#11

Buenas tardes Daniela.

He seguido tus instrucciones y la aplicación ha desaparecido de la pestaña de inicio en el administrador de tareas.

Fix result of Farbar Recovery Scan Tool (x64) Version: 15.11.2018
Ran by Usuario_pc (19-11-2018 17:43:21) Run:1
Running from C:\Users\Usuario_pc\Desktop
Loaded Profiles: Usuario_pc (Available Profiles: Usuario_pc)
Boot Mode: Normal
==============================================

fixlist content:
*****************
START
CREATERESTOREPOINT:
CLOSEPROCESSES:
Startup: C:\Users\Usuario_pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\9c6279fe2b5068b8b3b6374549ae89e0.lnk [2018-11-01]
ShortcutTarget: 9c6279fe2b5068b8b3b6374549ae89e0.lnk -> C:\DESKTOP-MMU55L8\nkgurgedwi.exe (No File)
CHR Extension: (Chrome Media Router) - C:\Users\Usuario_pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-11-01]
2018-11-18 20:07 - 2017-05-06 18:22 - 000000180 _____ C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2018-11-01 08:38 - 2017-12-24 23:00 - 000000000 ____D C:\Users\Usuario_pc\AppData\Roaming\9895e2ed5c726798f33d8697bee73570
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
Task: {A9B2B95B-3597-427D-96B2-CBBDD8F2F1A5} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
AlternateDataStreams: C:\ProgramData\TEMP:E196670A [384]

HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
END
*****************

Restore point was successfully created.
Processes closed successfully.
C:\Users\Usuario_pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\9c6279fe2b5068b8b3b6374549ae89e0.lnk => moved successfully
"C:\DESKTOP-MMU55L8\nkgurgedwi.exe" => not found
CHR Extension: (Chrome Media Router) - C:\Users\Usuario_pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-11-01] => Error: No automatic fix found for this entry.
C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat => moved successfully
C:\Users\Usuario_pc\AppData\Roaming\9895e2ed5c726798f33d8697bee73570 => moved successfully
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
HKLM\Software\Classes\CLSID\{3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A9B2B95B-3597-427D-96B2-CBBDD8F2F1A5}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A9B2B95B-3597-427D-96B2-CBBDD8F2F1A5}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager" => not found
C:\ProgramData\TEMP => ":E196670A" ADS removed successfully
Could not move "C:\Windows\System32\Drivers\etc\hosts" => Scheduled to move on reboot.

========= RemoveProxy: =========

"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully
"HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully
"HKU\S-1-5-21-1265119368-708876424-1656143655-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\S-1-5-21-1265119368-708876424-1656143655-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully


========= End of RemoveProxy: =========


========= netsh winsock reset =========


El cat logo Winsock se restableci¢ correctamente.
Debe reiniciar el equipo para completar el restablecimiento.


========= End of CMD: =========


========= ipconfig /renew =========


Configuraci¢n IP de Windows

No se puede realizar ninguna operaci¢n en Ethernet mientras los medios
est‚n desconectados.
No se puede realizar ninguna operaci¢n en Conexi¢n de  rea local* 4 mientras los medios
est‚n desconectados.
No se puede realizar ninguna operaci¢n en Conexi¢n de  rea local* 5 mientras los medios
est‚n desconectados.

Adaptador de Ethernet Ethernet:

   Estado de los medios. . . . . . . . . . . : medios desconectados
   Sufijo DNS espec¡fico para la conexi¢n. . : 

Adaptador de LAN inal mbrica Conexi¢n de  rea local* 4:

   Estado de los medios. . . . . . . . . . . : medios desconectados
   Sufijo DNS espec¡fico para la conexi¢n. . : 

Adaptador de LAN inal mbrica Conexi¢n de  rea local* 5:

   Estado de los medios. . . . . . . . . . . : medios desconectados
   Sufijo DNS espec¡fico para la conexi¢n. . : 

Adaptador de LAN inal mbrica Wi-Fi:

   Sufijo DNS espec¡fico para la conexi¢n. . : 
   V¡nculo: direcci¢n IPv6 local. . . : fe80::9cba:1e84:7bba:1793%14
   Direcci¢n IPv4. . . . . . . . . . . . . . : 192.168.1.34
   M scara de subred . . . . . . . . . . . . : 255.255.255.0
   Puerta de enlace predeterminada . . . . . : 192.168.1.1

========= End of CMD: =========


========= ipconfig /flushdns =========


Configuraci¢n IP de Windows

Se vaci¢ correctamente la cach‚ de resoluci¢n de DNS.

========= End of CMD: =========


========= bitsadmin /reset /allusers =========


BITSADMIN version 3.0
BITS administration utility.
(C) Copyright Microsoft Corp.

{9CDACD52-2860-4016-BE1D-644CA166799E} canceled.
{CA8C8972-A4A4-4CF1-98C3-0DE4E7137012} canceled.
2 out of 2 jobs canceled.

========= End of CMD: =========


========= netsh advfirewall reset =========

Aceptar


========= End of CMD: =========


========= netsh advfirewall set allprofiles state ON =========

Aceptar


========= End of CMD: =========


========= netsh int ipv4 reset =========

Reenv¡o de compartimiento se restableci¢ correctamente.
Compartimiento se restableci¢ correctamente.
Protocolo de control se restableci¢ correctamente.
Solicitud de secuencia eco se restableci¢ correctamente.
Global se restableci¢ correctamente.
Interfaz se restableci¢ correctamente.
Direcci¢n de difusi¢n por proximidad (a se restableci¢ correctamente.
Direcciones de multidifusi¢n se restableci¢ correctamente.
Direcci¢n de unidifusi¢n se restableci¢ correctamente.
Vecino se restableci¢ correctamente.
Ruta de acceso se restableci¢ correctamente.
Posible se restableci¢ correctamente.
Directiva de prefijo se restableci¢ correctamente.
Vecino de proxy se restableci¢ correctamente.
Ruta se restableci¢ correctamente.
Prefijo de sitio se restableci¢ correctamente.
Subinterfaz se restableci¢ correctamente.
Patr¢n de reactivaci¢n se restableci¢ correctamente.
Resolver vecino se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
Error al restablecer .
Acceso denegado.

 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.


========= End of CMD: =========


========= netsh int ipv6 reset =========

Reenv¡o de compartimiento se restableci¢ correctamente.
Compartimiento se restableci¢ correctamente.
Protocolo de control se restableci¢ correctamente.
Solicitud de secuencia eco se restableci¢ correctamente.
Global se restableci¢ correctamente.
Interfaz se restableci¢ correctamente.
Direcci¢n de difusi¢n por proximidad (a se restableci¢ correctamente.
Direcciones de multidifusi¢n se restableci¢ correctamente.
Direcci¢n de unidifusi¢n se restableci¢ correctamente.
Vecino se restableci¢ correctamente.
Ruta de acceso se restableci¢ correctamente.
Posible se restableci¢ correctamente.
Directiva de prefijo se restableci¢ correctamente.
Vecino de proxy se restableci¢ correctamente.
Ruta se restableci¢ correctamente.
Prefijo de sitio se restableci¢ correctamente.
Subinterfaz se restableci¢ correctamente.
Patr¢n de reactivaci¢n se restableci¢ correctamente.
Resolver vecino se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
Error al restablecer .
Acceso denegado.

 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.


========= End of CMD: =========


=========== EmptyTemp: ==========

BITS transfer queue => 7888896 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 22524070 B
Java, Flash, Steam htmlcache => 726982417 B
Windows/system/drivers => 18852 B
Edge => 0 B
Chrome => 2175953 B
Firefox => 54540999 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 1822 B
LocalService => 0 B
NetworkService => 0 B
NetworkService => 0 B
Usuario_pc => 2718385 B

RecycleBin => 0 B
EmptyTemp: => 779 MB temporary data Removed.

================================

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 19-11-2018 17:45:49)

C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

==== End of Fixlog 17:46:01 ====

Gracias por tu ayuda, eres una crack


#12

Hola Pirro

Sigue estos pasos, para eliminar las herramientas utilizadas:

Para hacerlo utiliza de nuevo/descarga >> DelFix.exe en tu escritorio.

  • Doble clic para ejecutarlo. (Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona - Ejecutar como Administrador -).

  • Marca todas las casillas, y pulsas en Run

Se abrirá el informe (DelFix.txt), puedes cerrarlo.


Gracias a ti por confiar en ForoSpyware. Ha sido un placer ayudarte :manos:

Nos alegramos que se te haya resuelto :Bien: Damos el tema por solucionado.

Solucionado

Un saludo


#13