Exceso de verificación de si soy un robot

Hola, antes que nada quería felicitaros a toda esta comunidad y lo que habéis conseguido.

Bueno, resulta que ya hace unos meses que, aleatoriamente, al hacer una búsqueda en google me sale el mensaje "Nuestros sistemas han detectado tráfico inusual procedente de tu red de ordenadores. En esta página se comprueba si eres tú quien envía las solicitudes en lugar de un robot. ". No uso VPN ni nada por el estilo.

Otra cosa que me gustaría añadir es que las páginas con dominio “.io” me piden también esta verificación, y, por lo que he podido leer, tal vez se trate de que mi ip esté en una blacklist.

Por último también quería añadir que desde que actualicé chrome, me sale que mi navegador esta gestionado por una organización, cosa que no entiendo, pues mi PC es de uso privado y no está relacionado con nada de trabajo.

Me gustaría saber si es posible que tenga un malware en mi PC. Cabe recalcar que llevo meses haciendo análisis de antivirus con programas como Avast, Malwarebytes y Spyhunter, y nunca me sale nada sospechoso.

Gracias de antemano

Hola @Pedro2 y Bienvenido al nuevo Foro…!!

Imagino que TU antivirus actual es AVAST…??

Te lo indico ya que parece que el tema “Chrome Gestionado por tu organización” es un bug/fallo de Avast :arrow_right: https://forum.avast.com/index.php?topic=233117.0

Nos confirmas.

Saludos.

1 me gusta

Correcto, acabo de revisar el foro y es lo que ocurre. Justamente hoy he actualizado Avast y se debe a eso, pues al desactivar los escudos se elimina este mensaje. Gracias.

Me gustaría si tienes (o alguien tiene) alguna idea de lo que puede ser lo otro que he mencionado, sobre los captchas que me salen al hacer una búsqueda en Google.

Gracias de antemano y enhorabuena por la labor!

Perfecto… :+1: y para ese problema lo primero que debemos hacer es una verificación de tu máquina. :face_with_monocle:

Ahora sigue estos pasos, en el orden indicado y leyendo todo lo explicado. :+1:

:one: Desactiva temporalmente el Antivirus :arrow_forward: Cómo deshabilitar temporalmente su Antivirus, mientras estemos realizando TODOS los pasos.

Vamos a descargar en TU ESCRITORIO(y NO en otro lugar :face_with_monocle:) todas las herramientas que vamos a utilizar en este procedimiento (pero no las ejecutes todavía) :


:two: Ejecutas las herramientas de una en una y en el orden indicado :



CCleaner.-

  • Instalas y Ejecutas CCleaner siguiendo los pasos indicados en el manual.

  • Úsalo primero en su opción de Limpiador para borrar cookies, temporales de Internet y todos los archivos que te muestre como obsoletos.

  • Después usa su opción de Registro para limpiar todo el registro de Windows(haciendo copia de seguridad).

Malwarebytes.-

  • Instalas y Ejecutas MBAM siguiendo los pasos indicados en el manual.

  • Realiza un Análisis Personalizado. :white_check_mark:

  • Seleccionando TODOS a Cuarentena para enviarlo a la cuarentena y Reinicias el sistema.

  • En el apartado del programa :arrow_forward: Historial de detecciones :arrow_backward: encontrarás el informe de MBAM, que debes copiar y pegar en tu próxima respuesta, para poder analizarlo.

AdwCleaner.-

  • Ejecuta Adwcleaner.exe.

  • Pulsamos en el botón Analizar ahora, y espera a que se realice el proceso, inmediatamente pulsa siempre sobre el botón Iniciar Reparación.

  • Espera a que se complete y sigue las instrucciones, si te pidiera Reiniciar el sistema Aceptas.

  • El log/informe lo encontramos en la pestaña “Informes”, volviendo a abrir el programa si fuese necesario, para poder copiarlo y pegarlo en tu próxima respuesta.

  • El informe también se puede encontrar en C:\AdwCleaner\Logs\AdwCleaner[C00].txt

Junkware Removal Tool.-

  • Ejecuta JRT.exe.

  • Y pulsar cualquier tecla para continuar, esperar pacientemente a que termine el proceso.

  • Si en algún momento te pide Reiniciar hazlo.

  • Al finalizar, un registro/informe (JRT.txt) se guardara en el escritorio y se abrirá automáticamente.

  • Copia y pega el contenido de JRT.txt en tu próxima respuesta.

Farbar Recovery Scan Tool.-

  • Ejecuta FRST.exe.

  • En el mensaje de la ventana del Disclaimer/Responsabilidad, pulsamos Sí/Yes

  • En la ventana principal pulsamos en el botón Analizar/Scan y esperamos a que concluya el proceso.

  • Se abrirán dos(2) archivos(Logs), Frst.txt y Addition.txt, estos quedaran grabados en el escritorio.

:three: Poner los informes en tu próxima respuesta de :

  • Malwarebytes, AdwCleaner, JRT, FRST + Addition.txt, y en ese orden. :+1:

Debes copiarlos y pegarlos con todo su contenido y usaras varios mensajes si recibes un mensaje de error indicando que es muy largo(más de 64.000 caracteres aprox.).

Y nos cuentas como funciona tu equipo en relación al problema planteado. :face_with_monocle:

Saludos.

Malwarebytes, comentarle que no he encontrado la posibilidad de obtener la versión gratuita de 14 días.

Malwarebytes
www.malwarebytes.com

-Detalles del registro-
Fecha del análisis: 11/4/20
Hora del análisis: 20:17
Archivo de registro: a4fb589c-7c20-11ea-9dd8-94e97991c228.json

-Información del software-
Versión: 4.1.0.56
Versión de los componentes: 1.0.867
Versión del paquete de actualización: 1.0.22306
Licencia: Gratis

-Información del sistema-
SO: Windows 10 (Build 18362.720)
CPU: x64
Sistema de archivos: NTFS
Usuario: LAPTOP-7PE91MO1\Pau

-Resumen del análisis-
Tipo de análisis: Análisis de amenazas
Análisis iniciado por:: Manual
Resultado: Completado
Objetos analizados: 333301
Amenazas detectadas: 0
Amenazas en cuarentena: 0
Tiempo transcurrido: 0 min, 54 seg

-Opciones de análisis-
Memoria: Activado
Inicio: Activado
Sistema de archivos: Activado
Archivo: Activado
Rootkits: Desactivado
Heurística: Activado
PUP: Detectar
PUM: Detectar

-Detalles del análisis-
Proceso: 0
(No hay elementos maliciosos detectados)

Módulo: 0
(No hay elementos maliciosos detectados)

Clave del registro: 0
(No hay elementos maliciosos detectados)

Valor del registro: 0
(No hay elementos maliciosos detectados)

Datos del registro: 0
(No hay elementos maliciosos detectados)

Secuencia de datos: 0
(No hay elementos maliciosos detectados)

Carpeta: 0
(No hay elementos maliciosos detectados)

Archivo: 0
(No hay elementos maliciosos detectados)

Sector físico: 0
(No hay elementos maliciosos detectados)

WMI: 0
(No hay elementos maliciosos detectados)


(end)

Adwcleaner

# -------------------------------
# Malwarebytes AdwCleaner 8.0.4.0
# -------------------------------
# Build:    04-03-2020
# Database: 2020-04-03.1 (Local)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start:    04-11-2020
# Duration: 00:00:05
# OS:       Windows 10 Home
# Cleaned:  52
# Failed:   0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

Deleted       Preinstalled.ACERAOPFramework   Folder   C:\Program Files (x86)\ACER\AOP FRAMEWORK
Deleted       Preinstalled.ACERAOPFramework   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{4A37A114-702F-4055-A4B6-16571D4A5353}
Deleted       Preinstalled.ACERClear.fiShellExtension   Registry   HKLM\Software\Classes\CLSID\{ED32C084-BABB-11E1-B491-D4D66088709B}
Deleted       Preinstalled.ACERClear.fiShellExtension   Registry   HKLM\Software\Wow6432Node\\Classes\CLSID\{ED32C084-BABB-11E1-B491-D4D66088709B}
Deleted       Preinstalled.AcerCareCenter   Folder   C:\Program Files (x86)\ACER\CARE CENTER
Deleted       Preinstalled.AcerCareCenter   Registry   HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2DB675D1-4162-4CA4-92F7-72CA93C612B4} 
Deleted       Preinstalled.AcerCareCenter   Registry   HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1E57FBC8-5396-497E-8137-390B6BC2F6AE} 
Deleted       Preinstalled.AcerCareCenter   Registry   HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2DB675D1-4162-4CA4-92F7-72CA93C612B4} 
Deleted       Preinstalled.AcerCareCenter   Registry   HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ACCAgent
Deleted       Preinstalled.AcerCareCenter   Registry   HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ACCBackgroundApplication
Deleted       Preinstalled.AcerCareCenter   Registry   HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{1AF41E84-3408-499A-8C93-8891F0612719}
Deleted       Preinstalled.AcerCareCenter   Task   C:\Windows\System32\Tasks\ACCAGENT
Deleted       Preinstalled.AcerCareCenter   Task   C:\Windows\System32\Tasks\ACCBACKGROUNDAPPLICATION
Deleted       Preinstalled.AcerCollection   Folder   C:\Program Files (x86)\ACER\ACER COLLECTION
Deleted       Preinstalled.AcerCollection   Registry   HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{40D91C27-36A5-4EA5-9936-C1A76636A6B4} 
Deleted       Preinstalled.AcerCollection   Registry   HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8E663A9E-FDBE-40A0-A567-A450A143EA02} 
Deleted       Preinstalled.AcerCollection   Registry   HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Acer Collection Application
Deleted       Preinstalled.AcerCollection   Registry   HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Acer Collection Monitor Application
Deleted       Preinstalled.AcerCollection   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{8CD449EA-BBA0-477F-AFF9-9AF6E8C50EF2}
Deleted       Preinstalled.AcerCollection   Task   C:\Windows\System32\Tasks\ACER COLLECTION APPLICATION
Deleted       Preinstalled.AcerCollection   Task   C:\Windows\System32\Tasks\ACER COLLECTION MONITOR APPLICATION
Deleted       Preinstalled.AcerConfigurationManager   Folder   C:\Program Files (x86)\ACER\AMUNDSEN\2.1.16258
Deleted       Preinstalled.AcerConfigurationManager   Registry   HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{52858EA2-E2BC-4D3C-B600-F22605DBE4B7} 
Deleted       Preinstalled.AcerConfigurationManager   Registry   HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AcerCMUpdateTask2.1.16258
Deleted       Preinstalled.AcerConfigurationManager   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{414D554E-4453-454E-0201-000000016258}
Deleted       Preinstalled.AcerConfigurationManager   Task   C:\Windows\System32\Tasks\ACERCMUPDATETASK2.1.16258
Deleted       Preinstalled.AcerPortal   Folder   C:\Program Files (x86)\ACER\ACER PORTAL
Deleted       Preinstalled.AcerPortal   Registry   HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CCAC79D2-7E6A-4141-A0F7-F3E72E2F76B8} 
Deleted       Preinstalled.AcerPortal   Registry   HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AcerCloud
Deleted       Preinstalled.AcerPortal   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}
Deleted       Preinstalled.AcerPortal   Task   C:\Windows\System32\Tasks\ACERCLOUD
Deleted       Preinstalled.AcerQuickAccess   Folder   C:\Program Files\ACER\ACER QUICK ACCESS
Deleted       Preinstalled.AcerQuickAccess   Registry   HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{22D966CD-D4F9-408C-A3D2-64D5CB8B6191} 
Deleted       Preinstalled.AcerQuickAccess   Registry   HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FE83DF1E-3313-4FA9-BC66-C0AE30B51DE7} 
Deleted       Preinstalled.AcerQuickAccess   Registry   HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Power Button
Deleted       Preinstalled.AcerQuickAccess   Registry   HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Quick Access
Deleted       Preinstalled.AcerQuickAccess   Registry   HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{8BBF04F1-C68A-441C-B5EF-446EE9960EAF}
Deleted       Preinstalled.AcerQuickAccess   Task   C:\Windows\System32\Tasks\POWER BUTTON
Deleted       Preinstalled.AcerQuickAccess   Task   C:\Windows\System32\Tasks\QUICK ACCESS
Deleted       Preinstalled.AcerUEIPFramework   Folder   C:\Program Files\ACER\USER EXPERIENCE IMPROVEMENT PROGRAM\FRAMEWORK
Deleted       Preinstalled.AcerUEIPFramework   Folder   C:\Program Files\ACER\USER EXPERIENCE IMPROVEMENT PROGRAM\PLUGIN\APPMONITOR
Deleted       Preinstalled.AcerUEIPFramework   Registry   HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4D4A8FEF-E4AF-44F7-BE50-D1B869CD9B31} 
Deleted       Preinstalled.AcerUEIPFramework   Registry   HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\UbtFrameworkService
Deleted       Preinstalled.AcerUEIPFramework   Registry   HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{12A718F2-2357-4D41-9E1F-18583A4745F7}
Deleted       Preinstalled.AcerUEIPFramework   Task   C:\Windows\System32\Tasks\UBTFRAMEWORKSERVICE
Deleted       Preinstalled.AcerUpdater   Folder   C:\ProgramData\ACER\ACER UPDATER
Deleted       Preinstalled.AcerabBox   Registry   HKLM\Software\Classes\CLSID\{5CCE71FA-9F61-4F24-9CD1-98D819B40D68}
Deleted       Preinstalled.SonyPlayMemoriesHome   Folder   C:\Program Files (x86)\SONY\PLAYMEMORIES HOME
Deleted       Preinstalled.SonyPlayMemoriesHome   Registry   HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|PMBVolumeWatcher
Deleted       Preinstalled.SonyPlayMemoriesHome   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Run|PMBVolumeWatcher
Deleted       Preinstalled.SonyPlayMemoriesHome   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{7D3A0097-9E0E-4073-801C-295BBDAEAED8}
Deleted       Preinstalled.SonyPlayMemoriesHome   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{D3981248-DBE7-4050-B666-A7FE5AFFC62C}


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [12214 octets] - [11/04/2020 15:58:07]
AdwCleaner[C00].txt - [5134 octets] - [11/04/2020 15:59:17]
AdwCleaner[S01].txt - [8001 octets] - [11/04/2020 20:20:15]
AdwCleaner[S02].txt - [8062 octets] - [11/04/2020 20:21:49]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C02].txt ##########

JRT

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.4 (07.09.2017)
Operating System: Windows 10 Home x64 
Ran by Pau (Administrator) on 11/04/2020 at 20:24:02,29
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 4 

Successfully deleted: C:\ProgramData\productdata (Folder) 
Successfully deleted: C:\Users\Pau\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\driver booster.lnk (Shortcut) 
Successfully deleted: C:\Users\Pau\AppData\Roaming\Mozilla\Firefox\Profiles\rstrv8na.default\user.js (File) 
Successfully deleted: C:\WINDOWS\system32\Tasks\Driver Booster SkipUAC (Pau) (Task)



Registry: 1 

Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0E8131EE-6DB2-4C7F-A7A3-67DB1ABF1498} (Registry Key)




~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 11/04/2020 at 20:25:42,13
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

FRT (va por partes)

Resultado del análisis realizado por Farbar Recovery Scan Tool (FRST) (x64) Versión: 11-04-2020
Ejecutado por Pau (administrador) sobre LAPTOP-7PE91MO1 (Acer Swift SF314-51) (11-04-2020 20:26:47)
Ejecutado desde C:\Users\Pau\Desktop
Perfiles cargados: defaultuser0 & Pau & Invitados1 (Perfiles disponibles: defaultuser0 & Pau & Invitados1)
Platform: Windows 10 Home Versión 1903 18362.720 (X64) Idioma: Español (España, internacional)
Navegador predeterminado: Chrome
Modo de Inicio: Normal
Tutorial para Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Procesos (Lista blanca) =================

(Si una entrada es incluida en el fixlist, el proceso será cerrado. El archivo no será movido.)

(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler64.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
(Brother Industries, Ltd.) [Archivo no firmado] C:\Program Files (x86)\Browny02\BrYNSvc.exe
(F-Secure Corporation -> F-Secure Corporation) C:\Program Files (x86)\F-Secure\Freedome\Freedome\1\FreedomeService.exe
(ICEpower a/s -> ICEpower) C:\Windows\System32\ICEsoundService64.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel(R) CN -> Intel Corporation) C:\Windows\System32\IntelSSTAPO\ParameterService\ParameterService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_82548830eadb8221\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_82548830eadb8221\IntelCpHDCPSvc.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_82548830eadb8221\IntelCpHeciSvc.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iaahcic.inf_amd64_120314e52c04567c\RstMwService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.20022.11011.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SecurityHealthHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe
(Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Qualcomm Atheros -> Qualcomm Technologies Inc.) C:\Windows\System32\drivers\QcomWlanSrvx64.exe
(Razer USA Ltd. -> Razer Inc) C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe

==================== Registro (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18391120 2019-11-29] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_TrueHarmony] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1506384 2019-11-29] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [320568 2016-09-20] (Intel(R) Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [108216 2020-04-11] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3942864 2016-10-13] (Logitech -> Logitech, Inc.)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2133728 2017-09-12] (Wondershare Technology Co.,Ltd -> Wondershare)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [3084288 2012-07-31] (Brother Industries, Ltd.) [Archivo no firmado]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601928 2018-12-15] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [FreedomeAutoStart] => C:\Program Files (x86)\F-Secure\Freedome\Freedome\1\Freedome.exe [5397976 2019-09-07] (F-Secure Corporation -> F-Secure Corporation)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATENCIÓN
HKU\S-1-5-21-2394460862-3132608155-2558793003-1000\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-2394460862-3132608155-2558793003-1001\...\Run: [AvastBrowserAutoLaunch_07CA85A6BC7C208C84A3BF50C35C2DF1] => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [1875592 2020-03-19] (Avast Software s.r.o. -> AVAST Software)
HKU\S-1-5-21-2394460862-3132608155-2558793003-1001\...\Run: [Lync] => C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe [23843336 2020-04-08] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2394460862-3132608155-2558793003-1001\...\Run: [Spotify] => C:\Users\Pau\AppData\Roaming\Spotify\Spotify.exe [22932200 2020-04-11] (Spotify AB -> Spotify Ltd)
HKU\S-1-5-21-2394460862-3132608155-2558793003-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [22245560 2020-03-19] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-2394460862-3132608155-2558793003-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-2394460862-3132608155-2558793003-1001\...\MountPoints2: {2e709beb-379e-11e9-ac85-94e97991c228} - "D:\HiSuiteDownLoader.exe" 
HKU\S-1-5-21-2394460862-3132608155-2558793003-1006\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Invitados1\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe"
HKU\S-1-5-21-2394460862-3132608155-2558793003-1006\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Invitados1\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe"
HKU\S-1-5-21-2394460862-3132608155-2558793003-1006\...\RunOnce: [Uninstall 19.222.1110.0006\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Invitados1\AppData\Local\Microsoft\OneDrive\19.222.1110.0006\amd64"
HKU\S-1-5-21-2394460862-3132608155-2558793003-1006\...\RunOnce: [Uninstall 19.222.1110.0006] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Invitados1\AppData\Local\Microsoft\OneDrive\19.222.1110.0006"
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\80.0.3987.163\Installer\chrmstp.exe [2020-04-06] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{30C521FB-255B-46C8-9F0D-EE5AE371C9AA}] -> C:\Program Files (x86)\AVAST Software\Browser\Application\80.0.3764.149\Installer\chrmstp.exe [2020-04-02] (Avast Software s.r.o. -> AVAST Software)
BootExecute: autocheck autochk * bootdelete
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restricción <==== ATENCIÓN
CHR HKLM\SOFTWARE\Policies\Google: Restricción <==== ATENCIÓN

==================== Tareas programadas (Lista blanca) ============

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

Task: {01AFDE4E-264B-4B0C-B877-2EB4786174DA} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [18227896 2020-03-19] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {1CF47A7C-F3C6-418B-84DC-E527BFF0349D} - System32\Tasks\watchdog2 => C:\Windows\System32\Drivers\UMDF\run2.bat [5906 2016-07-27] () [Archivo no firmado]
Task: {2118ACE5-C715-473E-B1AA-4680C79E448C} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [1875592 2020-03-19] (Avast Software s.r.o. -> AVAST Software)
Task: {22BD494A-E14D-4EB4-A106-1DF4A5FCDC4A} - System32\Tasks\ACC => C:\Program Files (x86)\Acer\Care Center\LiveUpdateChecker.exe
Task: {2BDAB372-9BAA-42BE-BBB7-F158E5FFF41C} - System32\Tasks\FubToolByPLD => C:\OEM\Preload\FubTool\FubTool.exe [30976 2015-05-14] (Acer Incorporated -> )
Task: {4E491580-90A9-4E67-8374-0EDF3A963504} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4357016 2020-04-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {515E392B-283E-44FD-833C-724257A8F581} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-04-11] (AVAST Software s.r.o. -> AVAST Software)
Task: {5F49C460-0785-439E-ACE5-C67FF619CBD1} - System32\Tasks\Avast Secure Browser Heartbeat Task (Logon) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [1875592 2020-03-19] (Avast Software s.r.o. -> AVAST Software)
Task: {6037A4CA-B5D2-4342-B481-652657B54CD4} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [909112 2016-07-26] (Intel(R) Trusted Connect Service -> Intel(R) Corporation)
Task: {838AD629-786C-4CF1-ABEC-918260561483} - System32\Tasks\BacKGroundAgent => C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
Task: {8F3C0F6F-F21F-457A-9866-492700A46389} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [115448 2020-04-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {996332AB-5C7E-4478-9A0F-86A81701D48B} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24702024 2020-03-30] (Microsoft Corporation -> Microsoft Corporation)
Task: {A581A8F4-9E8B-467D-9364-F770E9D591A4} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-04-11] (AVAST Software s.r.o. -> AVAST Software)
Task: {B16C7E5A-1922-48C6-95E5-859B7B7106CD} - \Microsoft\Windows\UNP\RunCampaignManager -> Ningún archivo <==== ATENCIÓN
Task: {B5E938CE-436F-4ECC-80D3-E9C0A1D999FA} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2020-03-19] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {C84C5354-971E-430B-9C1D-814DB8AE3F66} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [115448 2020-04-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {C945EA90-173A-4E41-B29C-F7836391101E} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24702024 2020-03-30] (Microsoft Corporation -> Microsoft Corporation)
Task: {CD532601-D4D5-4B3C-83C0-0ADC35FC67A4} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-05-20] (Google Inc -> Google Inc.)
Task: {D0BA9FB3-54C7-4133-AE3B-F2F8EFD81B29} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [473904 2016-09-13] (Acer Incorporated -> Acer Incorporated)
Task: {D40E5380-F2FC-44A9-BA1B-A4715A1632D6} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1660520 2020-02-27] (Avast Software s.r.o. -> Avast Software)
Task: {D5F27A37-2ED0-4BD5-A2D7-AB57973B07F8} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-05-20] (Google Inc -> Google Inc.)
Task: {D84A9D31-3D64-4A7A-8A63-C8FB2C346EA6} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [3325032 2020-04-11] (Avast Software s.r.o. -> AVAST Software)
Task: {E162891E-5AA2-4C54-A77B-8802B01B2F69} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4357016 2020-04-08] (Microsoft Corporation -> Microsoft Corporation)

(Si una entrada es incluida en el fixlist, el archivo de tarea (.job) será movido. El archivo que está siendo ejecutado por la tarea no será movido.)


==================== Internet (Lista blanca) ====================

(Si un elemento es incluido en el fixlist, y éste pertenece al registro, será eliminado o restaurado a su valor predeterminado.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{2bb5d343-6b2b-440b-8cff-d52b029b5dd7}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
HKU\S-1-5-21-2394460862-3132608155-2558793003-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer17win10.msn.com/?pc=ACTE
HKU\S-1-5-21-2394460862-3132608155-2558793003-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer17win10.msn.com/?pc=ACTE
SearchScopes: HKU\S-1-5-21-2394460862-3132608155-2558793003-1001 -> DefaultScope {0E8131EE-6DB2-4C7F-A7A3-67DB1ABF1498} URL = 
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2020-01-18] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_201\bin\ssv.dll [2019-08-14] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_201\bin\jp2ssv.dll [2019-08-14] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2020-01-18] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-04-08] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-04-08] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-04-08] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-04-08] (Microsoft Corporation -> Microsoft Corporation)

Edge: 
======
DownloadDir: C:\Users\Pau\Downloads

FireFox:
========
FF DefaultProfile: rstrv8na.default
FF ProfilePath: C:\Users\Pau\AppData\Roaming\Mozilla\Firefox\Profiles\rstrv8na.default [2020-04-11]
FF Extension: (Dashlane) - C:\Users\Pau\AppData\Roaming\Mozilla\Firefox\Profiles\rstrv8na.default\Extensions\[email protected] [2017-01-05] [Heredado]
FF Extension: (Español (España) Language Pack) - C:\Users\Pau\AppData\Roaming\Mozilla\Firefox\Profiles\rstrv8na.default\Extensions\[email protected] [2018-03-10] [Heredado]
FF Extension: (Mozilla Partner Defaults) - C:\Users\Pau\AppData\Roaming\Mozilla\Firefox\Profiles\rstrv8na.default\Extensions\[email protected] [2018-01-25] [Heredado]
FF Extension: (User-Agent Switcher and Manager) - C:\Users\Pau\AppData\Roaming\Mozilla\Firefox\Profiles\rstrv8na.default\Extensions\{a6c4a591-f1b2-4f03-b3ff-767e5bedf4e7}.xpi [2020-03-11]
FF Extension: (Español (España) Language Pack) - C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\[email protected] [2016-11-24] [Heredado]
FF Extension: (Mozilla Partner Defaults) - C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\[email protected] [2016-11-24] [Heredado]
FF Plugin: @java.com/DTPlugin,version=11.201.2 -> C:\Program Files\Java\jre1.8.0_201\bin\dtplugin\npDeployJava1.dll [2019-08-14] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.201.2 -> C:\Program Files\Java\jre1.8.0_201\bin\plugin2\npjp2.dll [2019-08-14] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2019-12-07] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-01-18] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin HKU\S-1-5-21-2394460862-3132608155-2558793003-1001: @zoom.us/ZoomVideoPlugin -> C:\Users\Pau\AppData\Roaming\Zoom\bin\npzoomplugin.dll [2020-03-26] (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)

Chrome: 
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Pau\AppData\Local\Google\Chrome\User Data\Default [2020-04-11]
CHR Extension: (Presentaciones) - C:\Users\Pau\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-12]
CHR Extension: (Documentos) - C:\Users\Pau\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13]
CHR Extension: (Google Drive) - C:\Users\Pau\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-18]
CHR Extension: (YouTube) - C:\Users\Pau\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-05-20]
CHR Extension: (Hojas de cálculo) - C:\Users\Pau\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-13]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\Pau\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-03-15]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Pau\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-08]
CHR Extension: (Gmail) - C:\Users\Pau\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-05-01]
CHR Extension: (Chrome Media Router) - C:\Users\Pau\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-04-11]
CHR Profile: C:\Users\Pau\AppData\Local\Google\Chrome\User Data\Guest Profile [2020-04-11]
CHR Profile: C:\Users\Pau\AppData\Local\Google\Chrome\User Data\System Profile [2020-04-11]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki]

==================== Servicios (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [5504928 2020-04-11] (Avast Software s.r.o. -> AVAST Software)
R2 AtherosSvc; C:\WINDOWS\System32\drivers\AdminService.exe [406504 2019-11-29] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-04-11] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [345384 2020-04-11] (Avast Software s.r.o. -> AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-04-11] (AVAST Software s.r.o. -> AVAST Software)
S3 AvastSecureBrowserElevationService; C:\Program Files (x86)\AVAST Software\Browser\Application\80.0.3764.149\elevation_service.exe [973760 2020-03-19] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [58048 2020-04-11] (Avast Software s.r.o. -> AVAST Software)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8473200 2019-04-07] (BattlEye Innovations e.K. -> )
R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [270336 2012-07-13] (Brother Industries, Ltd.) [Archivo no firmado]
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [10626328 2020-03-30] (Microsoft Corporation -> Microsoft Corporation)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [803440 2019-09-07] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
R2 Freedome Service; C:\Program Files (x86)\F-Secure\Freedome\Freedome\1\FreedomeService.exe [434648 2019-09-07] (F-Secure Corporation -> F-Secure Corporation)
R2 ICEsoundService; C:\WINDOWS\system32\ICEsoundService64.exe [806352 2019-11-29] (ICEpower a/s -> ICEpower)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [987432 2016-07-26] (Intel(R) Trusted Connect Service -> Intel(R) Corporation)
R2 IntelSSTSvc; C:\WINDOWS\system32\IntelSSTAPO\ParameterService\ParameterService.exe [26576 2016-09-19] (Intel(R) CN -> Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [177440 2016-08-30] (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [6933272 2020-04-11] (Malwarebytes Inc -> Malwarebytes)
R2 QcomWlanSrv; C:\WINDOWS\System32\drivers\QcomWlanSrvx64.exe [191768 2019-11-29] (Qualcomm Atheros -> Qualcomm Technologies Inc.)
R2 Razer Game Manager Service; C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe [253776 2018-04-06] (Razer USA Ltd. -> Razer Inc)
S3 Rockstar Service; C:\Program Files\Rockstar Games\Launcher\RockstarService.exe [471696 2019-10-07] (Rockstar Games, Inc. -> Rockstar Games)
R2 RstMwService; C:\WINDOWS\System32\DriverStore\FileRepository\iaahcic.inf_amd64_120314e52c04567c\RstMwService.exe [2156512 2019-11-29] (Intel(R) Rapid Storage Technology -> Intel Corporation)
R2 RzActionSvc; C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe [533376 2018-06-08] (Razer USA Ltd. -> Razer Inc.)
S3 RzKLService; C:\Program Files (x86)\Razer\Razer Cortex\RzKLService.exe [290352 2018-07-10] (Razer USA Ltd. -> Razer Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4098056 2019-03-19] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [113992 2019-03-19] (Microsoft Corporation -> Microsoft Corporation)
S3 CCDMonitorService; "C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe" [X]
S2 PMBDeviceInfoProvider; "C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe" [X]
S3 QALSvc; "C:\Program Files\Acer\Acer Quick Access\QALSvc.exe" [X]
S3 QASvc; "C:\Program Files\Acer\Acer Quick Access\QASvc.exe" [X]
S3 UEIPSvc; "C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe" [X]

===================== Controladores (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [37856 2020-04-11] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [206120 2020-04-11] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [234776 2020-04-11] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [178968 2020-04-11] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [60696 2020-04-11] (Avast Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [16304 2020-02-25] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42984 2020-04-11] (Avast Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [175920 2020-04-11] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [492144 2020-04-11] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [109480 2020-04-11] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [85056 2020-04-11] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [851808 2020-04-11] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [459608 2020-04-11] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [235696 2020-04-11] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [317280 2020-04-11] (Avast Software s.r.o. -> AVAST Software)
R3 ETDI2C; C:\WINDOWS\system32\DRIVERS\ETDI2C.sys [217688 2016-09-14] (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronic Corp.)
S3 ETDSMBus; C:\WINDOWS\System32\drivers\ETDSMBus.sys [31816 2018-07-13] (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronic Corp.)
R3 fsfreedometap; C:\WINDOWS\System32\drivers\fsfreedometap.sys [36312 2019-09-07] (F-Secure Corporation -> The OpenVPN Project)
R1 HWiNFO32; C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [27552 2018-07-13] (Martin Malik - REALiX -> REALiX(tm))
R0 iaStorAC; C:\WINDOWS\System32\drivers\iaStorAC.sys [1035744 2019-11-29] (Intel(R) Rapid Storage Technology -> Intel Corporation)
R3 LMDriver; C:\WINDOWS\System32\drivers\LMDriver.sys [31032 2019-01-02] (Acer Incorporated -> Acer Incorporated)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [214496 2020-04-11] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [20936 2020-04-11] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248968 2020-04-11] (Malwarebytes Inc -> Malwarebytes)
R3 MEIx64; C:\WINDOWS\System32\DriverStore\FileRepository\heci.inf_amd64_85021432489d6a1c\x64\TeeDriverW8x64.sys [266128 2019-11-29] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation)
R3 Qcamain10x64; C:\WINDOWS\System32\drivers\Qcamain10x64.sys [2371864 2019-11-29] (Qualcomm Atheros -> Qualcomm Atheros, Inc.)
R3 RadioShim; C:\WINDOWS\System32\drivers\RadioShim.sys [25400 2019-01-02] (Acer Incorporated -> Acer Incorporated)
R3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [450152 2019-11-29] (Realtek Semiconductor Corp. -> Realsil Semiconductor Corporation)
R3 ScpVBus; C:\WINDOWS\System32\drivers\ScpVBus.sys [39168 2017-03-13] (Bruce James -> Scarlet.Crush Productions)
R3 SmbDrvI; C:\WINDOWS\System32\drivers\Smb_driver_Intel.sys [56840 2019-11-29] (Synaptics Incorporated -> Synaptics Incorporated)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46472 2019-03-19] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [333784 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [62432 2019-03-19] (Microsoft Windows -> Microsoft Corporation)

FRT 2


==================== NetSvcs (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)


==================== Un mes (creado) ===================

(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)

2020-04-11 20:26 - 2020-04-11 20:27 - 000029870 ____C C:\Users\Pau\Desktop\FRST.txt
2020-04-11 20:26 - 2020-04-11 20:27 - 000000000 ____D C:\FRST
2020-04-11 20:25 - 2020-04-11 20:25 - 000001076 ____C C:\Users\Pau\Desktop\JRT.txt
2020-04-11 20:23 - 2020-04-11 20:23 - 000008926 ____C C:\Users\Pau\Desktop\AdwCleaner[C02].txt
2020-04-11 20:22 - 2020-04-11 20:22 - 000214496 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2020-04-11 20:18 - 2020-04-11 20:18 - 000001545 ____C C:\Users\Pau\Desktop\MBAM.txt
2020-04-11 20:11 - 2020-04-11 20:11 - 000248968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2020-04-11 20:11 - 2020-04-11 20:11 - 000002033 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2020-04-11 20:02 - 2020-04-11 20:11 - 000153312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2020-04-11 20:02 - 2020-04-11 20:10 - 000020936 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2020-04-11 20:02 - 2020-04-11 20:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2020-04-11 20:02 - 2020-04-11 20:02 - 000000000 ____D C:\ProgramData\Malwarebytes
2020-04-11 19:44 - 2020-04-11 19:44 - 000050464 ____C C:\Users\Pau\Desktop\cc_20200411_194432.reg
2020-04-11 19:41 - 2020-04-11 20:25 - 000004210 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2020-04-11 19:41 - 2020-04-11 19:41 - 000002884 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC
2020-04-11 19:41 - 2020-04-11 19:41 - 000000869 _____ C:\Users\Public\Desktop\CCleaner.lnk
2020-04-11 19:41 - 2020-04-11 19:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2020-04-11 19:41 - 2020-04-11 19:41 - 000000000 ____D C:\Program Files\CCleaner
2020-04-11 19:39 - 2020-04-11 19:40 - 002281472 _____ (Farbar) C:\Users\Pau\Desktop\FRST64.exe
2020-04-11 19:38 - 2020-04-11 19:38 - 008196784 _____ (Malwarebytes) C:\Users\Pau\Desktop\adwcleaner_8.0.4 (1).exe
2020-04-11 19:38 - 2020-04-11 19:38 - 001965536 _____ (Malwarebytes) C:\Users\Pau\Downloads\MBSetup (1).exe
2020-04-11 19:38 - 2020-04-11 19:38 - 001790024 _____ (Malwarebytes) C:\Users\Pau\Desktop\JRT (1).exe
2020-04-11 19:37 - 2020-04-11 19:37 - 022267336 _____ (Piriform Software Ltd) C:\Users\Pau\Downloads\ccsetup565.exe
2020-04-11 19:37 - 2020-04-11 19:37 - 022267336 _____ (Piriform Software Ltd) C:\Users\Pau\Downloads\ccsetup565 (1).exe
2020-04-11 19:26 - 2020-04-11 19:26 - 001790024 _____ (Malwarebytes) C:\Users\Pau\Downloads\JRT.exe
2020-04-11 16:01 - 2020-04-11 16:01 - 000005134 ____C C:\Users\Pau\Desktop\AdwCleaner[C00].txt
2020-04-11 15:57 - 2020-04-11 15:59 - 000000000 ____D C:\AdwCleaner
2020-04-11 15:57 - 2020-04-11 15:57 - 008196784 _____ (Malwarebytes) C:\Users\Pau\Downloads\adwcleaner_8.0.4.exe
2020-04-11 14:24 - 2020-04-11 14:24 - 007241296 _____ (Stanislav Polshyn & Trend Micro Inc.) C:\Users\Pau\Downloads\HiJackThis.exe
2020-04-11 14:19 - 2020-04-11 14:19 - 000198570 _____ C:\WINDOWS\system32\bootdelete.lst
2020-04-11 14:19 - 2020-04-11 14:19 - 000012872 _____ (SurfRight B.V.) C:\WINDOWS\system32\bootdelete.exe
2020-04-11 14:15 - 2020-04-11 14:20 - 000000000 ____D C:\ProgramData\HitmanPro
2020-04-11 14:14 - 2020-04-11 14:15 - 011429976 _____ (SurfRight B.V.) C:\Users\Pau\Downloads\hitmanpro_x64.exe
2020-04-11 13:40 - 2020-04-11 13:40 - 001965536 _____ (Malwarebytes) C:\Users\Pau\Downloads\MBSetup.exe
2020-04-11 13:28 - 2020-04-11 20:25 - 000004264 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2020-04-11 13:28 - 2020-04-11 13:28 - 000492144 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetHub.sys
2020-04-11 13:28 - 2020-04-11 13:27 - 000337048 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2020-04-11 13:27 - 2020-04-11 13:27 - 000851808 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2020-04-11 13:27 - 2020-04-11 13:27 - 000459608 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2020-04-11 13:27 - 2020-04-11 13:27 - 000317280 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2020-04-11 13:27 - 2020-04-11 13:27 - 000235696 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2020-04-11 13:27 - 2020-04-11 13:27 - 000234776 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2020-04-11 13:27 - 2020-04-11 13:27 - 000206120 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2020-04-11 13:27 - 2020-04-11 13:27 - 000178968 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2020-04-11 13:27 - 2020-04-11 13:27 - 000175920 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2020-04-11 13:27 - 2020-04-11 13:27 - 000109480 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2020-04-11 13:27 - 2020-04-11 13:27 - 000085056 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2020-04-11 13:27 - 2020-04-11 13:27 - 000060696 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2020-04-11 13:27 - 2020-04-11 13:27 - 000042984 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2020-04-11 13:27 - 2020-04-11 13:27 - 000037856 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2020-04-11 01:06 - 2020-04-11 01:06 - 000047523 _____ C:\Users\Pau\AppData\Local\recently-used.xbel
2020-04-09 23:50 - 2020-04-10 01:07 - 000000000 ___DC C:\Users\Pau\Desktop\Torneo
2020-04-09 13:32 - 2020-04-09 13:32 - 010650190 _____ C:\Users\Pau\Downloads\drive-download-20200409T113106Z-001.zip
2020-04-09 01:40 - 2020-04-09 14:24 - 000000000 ___DC C:\Users\Pau\Desktop\Visca
2020-04-09 00:33 - 2020-04-09 00:33 - 000164983 _____ C:\Users\Pau\Downloads\WhatsApp Image 2020-04-08 at 22.44.45.jpeg
2020-04-07 23:00 - 2020-04-07 23:00 - 000082910 _____ C:\Users\Pau\Downloads\WhatsApp Image 2020-04-07 at 22.59.28.jpeg
2020-04-07 22:55 - 2020-04-07 22:55 - 000296316 _____ C:\Users\Pau\Downloads\WhatsApp Image 2020-03-08 at 19.21.59.jpeg
2020-04-07 22:55 - 2020-04-07 22:55 - 000162403 _____ C:\Users\Pau\Downloads\WhatsApp Image 2020-03-08 at 19.20.45.jpeg
2020-04-07 22:54 - 2020-04-07 22:54 - 000276030 _____ C:\Users\Pau\Downloads\WhatsApp Image 2020-03-08 at 19.22.23.jpeg
2020-04-07 22:37 - 2020-04-07 22:37 - 000652367 ____C C:\Users\Pau\Desktop\jaume.jpeg
2020-04-07 22:32 - 2020-04-07 22:32 - 000140897 _____ C:\Users\Pau\Downloads\WhatsApp Image 2020-04-07 at 21.00.02.jpeg
2020-04-07 22:32 - 2020-04-07 22:32 - 000136998 _____ C:\Users\Pau\Downloads\WhatsApp Image 2020-04-07 at 20.59.36.jpeg
2020-04-07 20:42 - 2020-04-07 20:42 - 035208351 _____ C:\Users\Pau\Downloads\VID-20200326-WA0058.mp4
2020-04-07 19:08 - 2020-04-07 19:09 - 012150816 _____ C:\Users\Pau\Downloads\drive-download-20200407T170645Z-001.zip
2020-04-06 14:21 - 2020-04-06 14:21 - 018590766 _____ C:\Users\Pau\Downloads\drive-download-20200406T122112Z-001.zip
2020-04-04 15:29 - 2020-04-04 15:29 - 000488671 _____ C:\Users\Pau\Downloads\Lazos-de-Amor-Brian-Weiss.pdf
2020-04-04 15:29 - 2020-04-04 15:29 - 000402763 _____ C:\Users\Pau\Downloads\El-regreso-del-caballero-de-la-armadura-oxidada-de-Robert-Fisher.pdf
2020-04-03 20:08 - 2020-04-03 20:08 - 000155615 _____ C:\Users\Pau\Downloads\U2T3_CienciaMetodeHipoteticDeductiu.docx.pdf
2020-04-03 19:22 - 2020-04-03 19:22 - 011943610 _____ C:\Users\Pau\Downloads\El Libro Rojo – Carl Gustav Jung – Descargar ( PDFDrive.com ).pdf
2020-04-03 19:22 - 2020-04-03 19:22 - 001553655 _____ C:\Users\Pau\Downloads\Cómo hacer para que te pasen cosas buenas.pdf
2020-04-02 15:55 - 2020-04-02 15:55 - 000003856 _____ C:\WINDOWS\system32\Tasks\Avast Secure Browser Heartbeat Task (Hourly)
2020-04-02 15:55 - 2020-04-02 15:55 - 000003272 _____ C:\WINDOWS\system32\Tasks\Avast Secure Browser Heartbeat Task (Logon)
2020-04-01 12:22 - 2020-04-01 12:22 - 000001357 ____C C:\Users\Pau\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Amazon Games.lnk
2020-04-01 12:22 - 2020-04-01 12:22 - 000001349 ____C C:\Users\Pau\Desktop\Amazon Games.lnk
2020-04-01 12:10 - 2020-04-01 12:10 - 001825296 _____ (Amazon) C:\Users\Pau\Downloads\AmazonGamesSetup.exe
2020-04-01 12:10 - 2020-04-01 12:10 - 000000000 ____D C:\Users\Pau\AppData\Local\Amazon Games
2020-03-31 00:03 - 2020-03-31 00:03 - 000000000 ___DC C:\Users\Pau\Desktop\Tenis
2020-03-27 21:47 - 2020-03-27 21:47 - 000172321 _____ C:\Users\Pau\Downloads\PauPart_Activitats.pdf
2020-03-27 16:42 - 2020-03-27 16:42 - 000484639 _____ C:\Users\Pau\Downloads\KIT-DE-RESILIENCIA (1).pdf
2020-03-27 16:41 - 2020-03-27 16:41 - 000484639 _____ C:\Users\Pau\Downloads\KIT-DE-RESILIENCIA.pdf
2020-03-27 13:54 - 2020-03-27 13:54 - 000357235 ____C C:\Users\Pau\Desktop\jou.jpeg
2020-03-27 13:46 - 2020-03-27 13:46 - 000074405 _____ C:\Users\Pau\Downloads\WhatsApp Image 2020-03-27 at 00.30.05.jpeg
2020-03-27 13:46 - 2020-03-27 13:46 - 000058306 _____ C:\Users\Pau\Downloads\WhatsApp Image 2020-03-27 at 00.29.44.jpeg
2020-03-26 20:10 - 2020-03-26 20:10 - 000000000 ___DC C:\Users\Pau\Documents\Zoom
2020-03-26 20:09 - 2020-03-26 20:10 - 000000000 ____D C:\Users\Pau\AppData\Roaming\Zoom
2020-03-26 20:09 - 2020-03-26 20:09 - 000000000 ___DC C:\Users\Pau\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom
2020-03-23 11:42 - 2020-04-11 16:20 - 000002862 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2394460862-3132608155-2558793003-1001
2020-03-23 11:42 - 2020-03-23 11:42 - 000002444 ____C C:\Users\Pau\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-03-22 19:43 - 2020-03-22 19:43 - 000132753 _____ C:\Users\Pau\Downloads\WhatsApp Image 2020-03-22 at 11.43.01 (1).jpeg
2020-03-22 19:42 - 2020-03-22 19:42 - 000138226 _____ C:\Users\Pau\Downloads\WhatsApp Image 2020-03-22 at 11.43.01.jpeg
2020-03-22 19:42 - 2020-03-22 19:42 - 000130748 _____ C:\Users\Pau\Downloads\WhatsApp Image 2020-03-22 at 11.42.59.jpeg
2020-03-22 19:42 - 2020-03-22 19:42 - 000130464 _____ C:\Users\Pau\Downloads\WhatsApp Image 2020-03-19 at 22.43.01.jpeg
2020-03-18 15:20 - 2020-04-09 01:39 - 000000000 ___DC C:\Users\Pau\Desktop\Coronavirus
2020-03-16 19:16 - 2020-03-16 19:16 - 000192395 _____ C:\Users\Pau\Downloads\quadrant-tasques-CGM-setmana-1-3.pdf
2020-03-16 13:19 - 2020-03-16 13:19 - 011578243 _____ C:\Users\Pau\Downloads\Gmail.zip
2020-03-15 13:36 - 2020-04-11 20:23 - 000000000 ____D C:\Users\Pau\AppData\Local\Spotify
2020-03-15 13:36 - 2020-03-15 13:36 - 000001875 ____C C:\Users\Pau\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2020-03-15 13:22 - 2020-04-11 20:23 - 000000000 ____D C:\Users\Pau\AppData\Roaming\Spotify
2020-03-15 13:12 - 2020-03-15 13:12 - 000892416 _____ (Spotify Ltd) C:\Users\Pau\Downloads\SpotifySetup.exe
2020-03-14 12:13 - 2020-03-14 12:13 - 011607552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2020-03-14 12:13 - 2020-03-14 12:13 - 009711616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2020-03-14 12:13 - 2020-03-14 12:13 - 002315680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2020-03-14 12:13 - 2020-03-14 12:13 - 001867816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2020-03-14 12:13 - 2020-03-14 12:13 - 001555904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2020-03-14 12:13 - 2020-03-14 12:13 - 001417976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2020-03-14 12:13 - 2020-03-14 12:13 - 001108040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2020-03-14 12:13 - 2020-03-14 12:13 - 001012792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2020-03-14 12:13 - 2020-03-14 12:13 - 000952416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DolbyDecMFT.dll
2020-03-14 12:13 - 2020-03-14 12:13 - 000757632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfreadwrite.dll
2020-03-14 12:13 - 2020-03-14 12:13 - 000380416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSFlacDecoder.dll
2020-03-14 12:13 - 2020-03-14 12:13 - 000239616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSFlacEncoder.dll
2020-03-14 12:12 - 2020-03-14 12:12 - 025900544 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2020-03-14 12:12 - 2020-03-14 12:12 - 025444352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2020-03-14 12:12 - 2020-03-14 12:12 - 022635008 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2020-03-14 12:12 - 2020-03-14 12:12 - 019850240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2020-03-14 12:12 - 2020-03-14 12:12 - 019812352 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramWorld.dll
2020-03-14 12:12 - 2020-03-14 12:12 - 018027008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2020-03-14 12:12 - 2020-03-14 12:12 - 007755776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2020-03-14 12:12 - 2020-03-14 12:12 - 007259648 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2020-03-14 12:12 - 2020-03-14 12:12 - 006520776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2020-03-14 12:12 - 2020-03-14 12:12 - 006285312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2020-03-14 12:12 - 2020-03-14 12:12 - 006084344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2020-03-14 12:12 - 2020-03-14 12:12 - 005911040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2020-03-14 12:12 - 2020-03-14 12:12 - 005764664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2020-03-14 12:12 - 2020-03-14 12:12 - 005112832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2020-03-14 12:12 - 2020-03-14 12:12 - 005040640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2020-03-14 12:12 - 2020-03-14 12:12 - 004855808 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2020-03-14 12:12 - 2020-03-14 12:12 - 004580352 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2020-03-14 12:12 - 2020-03-14 12:12 - 004538880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2020-03-14 12:12 - 2020-03-14 12:12 - 004348408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.dll
2020-03-14 12:12 - 2020-03-14 12:12 - 004129648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2020-03-14 12:12 - 2020-03-14 12:12 - 003971808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2020-03-14 12:12 - 2020-03-14 12:12 - 003860832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmpltfm.dll
2020-03-14 12:12 - 2020-03-14 12:12 - 003819520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2020-03-14 12:12 - 2020-03-14 12:12 - 003488768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2020-03-14 12:12 - 2020-03-14 12:12 - 003243296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.dll
2020-03-14 12:12 - 2020-03-14 12:12 - 002956688 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2020-03-14 12:12 - 2020-03-14 12:12 - 002875904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2020-03-14 12:12 - 2020-03-14 12:12 - 002800640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2020-03-14 12:12 - 2020-03-14 12:12 - 002773568 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2020-03-14 12:12 - 2020-03-14 12:12 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2020-03-14 12:12 - 2020-03-14 12:12 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2020-03-14 12:12 - 2020-03-14 12:12 - 002740736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\directml.dll
2020-03-14 12:12 - 2020-03-14 12:12 - 002584008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2020-03-14 12:12 - 2020-03-14 12:12 - 002561536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2020-03-14 12:12 - 2020-03-14 12:12 - 002494744 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2020-03-14 12:12 - 2020-03-14 12:12 - 002307584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2020-03-14 12:12 - 2020-03-14 12:12 - 002305536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2020-03-14 12:12 - 2020-03-14 12:12 - 002259872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2020-03-14 12:12 - 2020-03-14 12:12 - 002224952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2020-03-14 12:12 - 2020-03-14 12:12 - 002180408 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2020-03-14 12:12 - 2020-03-14 12:12 - 002072664 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2020-03-14 12:12 - 2020-03-14 12:12 - 002031104 _____ C:\WINDOWS\system32\rdpnano.dll
2020-03-14 12:12 - 2020-03-14 12:12 - 002021888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2020-03-14 12:12 - 2020-03-14 12:12 - 001985104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2020-03-14 12:12 - 2020-03-14 12:12 - 001854976 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2020-03-14 12:12 - 2020-03-14 12:12 - 001835128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2020-03-14 12:12 - 2020-03-14 12:12 - 001835008 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2020-03-14 12:12 - 2020-03-14 12:12 - 001770552 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2020-03-14 12:12 - 2020-03-14 12:12 - 001729024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll
2020-03-14 12:12 - 2020-03-14 12:12 - 001697792 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2020-03-14 12:12 - 2020-03-14 12:12 - 001688064 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsPrint.dll
2020-03-14 12:12 - 2020-03-14 12:12 - 001684992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2020-03-14 12:12 - 2020-03-14 12:12 - 001665416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2020-03-14 12:12 - 2020-03-14 12:12 - 001664896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2020-03-14 12:12 - 2020-03-14 12:12 - 001647072 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2020-03-14 12:12 - 2020-03-14 12:12 - 001610240 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2020-03-14 12:12 - 2020-03-14 12:12 - 001540096 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2020-03-14 12:12 - 2020-03-14 12:12 - 001490640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2020-03-14 12:12 - 2020-03-14 12:12 - 001484600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2020-03-14 12:12 - 2020-03-14 12:12 - 001458688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2020-03-14 12:12 - 2020-03-14 12:12 - 001413632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2020-03-14 12:12 - 2020-03-14 12:12 - 001412096 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2020-03-14 12:12 - 2020-03-14 12:12 - 001398584 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2020-03-14 12:12 - 2020-03-14 12:12 - 001319936 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2020-03-14 12:12 - 2020-03-14 12:12 - 001284096 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2020-03-14 12:12 - 2020-03-14 12:12 - 001283600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2020-03-14 12:12 - 2020-03-14 12:12 - 001282944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfreadwrite.dll
2020-03-14 12:12 - 2020-03-14 12:12 - 001273856 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2020-03-14 12:12 - 2020-03-14 12:12 - 001264128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2020-03-14 12:12 - 2020-03-14 12:12 - 001260544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpsharercom.dll
2020-03-14 12:12 - 2020-03-14 12:12 - 001218632 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2020-03-14 12:12 - 2020-03-14 12:12 - 001214976 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2020-03-14 12:12 - 2020-03-14 12:12 - 001190912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Graphics.Display.DisplayEnhancementService.dll
2020-03-14 12:12 - 2020-03-14 12:12 - 001098720 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2020-03-14 12:12 - 2020-03-14 12:12 - 001097728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2020-03-14 12:12 - 2020-03-14 12:12 - 001088000 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2020-03-14 12:12 - 2020-03-14 12:12 - 001080832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2020-03-14 12:12 - 2020-03-14 12:12 - 001077048 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2020-03-14 12:12 - 2020-03-14 12:12 - 001054376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2020-03-14 12:12 - 2020-03-14 12:12 - 001031680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsPrint.dll
2020-03-14 12:12 - 2020-03-14 12:12 - 001007672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2020-03-14 12:12 - 2020-03-14 12:12 - 001000960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.Internal.dll
2020-03-14 12:12 - 2020-03-14 12:12 - 000980320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmpal.dll
2020-03-14 12:12 - 2020-03-14 12:12 - 000935040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Taskmgr.exe
2020-03-14 12:12 - 2020-03-14 12:12 - 000923136 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2020-03-14 12:12 - 2020-03-14 12:12 - 000921088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2020-03-14 12:12 - 2020-03-14 12:12 - 000915296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmcodecs.dll
2020-03-14 12:12 - 2020-03-14 12:12 - 000898048 _____ (Microsoft Corporation) C:\WINDOWS\system32\MdmDiagnostics.dll
2020-03-14 12:12 - 2020-03-14 12:12 - 000895488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2020-03-14 12:12 - 2020-03-14 12:12 - 000892696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2020-03-14 12:12 - 2020-03-14 12:12 - 000883712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2020-03-14 12:12 - 2020-03-14 12:12 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windowsperformancerecordercontrol.dll
2020-03-14 12:12 - 2020-03-14 12:12 - 000843776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2020-03-14 12:12 - 2020-03-14 12:12 - 000836608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCoreProvisioning.dll
2020-03-14 12:12 - 2020-03-14 12:12 - 000835584 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll
2020-03-14 12:12 - 2020-03-14 12:12 - 000814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2020-03-14 12:12 - 2020-03-14 12:12 - 000783480 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2020-03-14 12:12 - 2020-03-14 12:12 - 000776488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2020-03-14 12:12 - 2020-03-14 12:12 - 000769552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2020-03-14 12:12 - 2020-03-14 12:12 - 000748032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.OnlineId.dll
2020-03-14 12:12 - 2020-03-14 12:12 - 000734720 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpksetup.exe
2020-03-14 12:12 - 2020-03-14 12:12 - 000732000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ortcengine.dll
2020-03-14 12:12 - 2020-03-14 12:12 - 000710144 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbc32.dll
2020-03-14 12:12 - 2020-03-14 12:12 - 000705536 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2020-03-14 12:12 - 2020-03-14 12:12 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2020-03-14 12:12 - 2020-03-14 12:12 - 000691712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2020-03-14 12:12 - 2020-03-14 12:12 - 000689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2020-03-14 12:12 - 2020-03-14 12:12 - 000680448 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2020-03-14 12:12 - 2020-03-14 12:12 - 000680184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2020-03-14 12:12 - 2020-03-14 12:12 - 000670720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2020-03-14 12:12 - 2020-03-14 12:12 - 000669496 _____ (Microsoft Corporation) C:\WINDOWS\system32\computecore.dll
2020-03-14 12:12 - 2020-03-14 12:12 - 000668672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsecedit.dll
2020-03-14 12:12 - 2020-03-14 12:12 - 000668296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2020-03-14 12:12 - 2020-03-14 12:12 - 000667136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2020-03-14 12:12 - 2020-03-14 12:12 - 000654336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uReFS.dll
2020-03-14 12:12 - 2020-03-14 12:12 - 000646656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2020-03-14 12:12 - 2020-03-14 12:12 - 000627216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicensingWinRT.dll
2020-03-14 12:12 - 2020-03-14 12:12 - 000613888 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofmsvc.dll
2020-03-14 12:12 - 2020-03-14 12:12 - 000604160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbc32.dll
2020-03-14 12:12 - 2020-03-14 12:12 - 000599552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2020-03-14 12:12 - 2020-03-14 12:12 - 000595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2020-03-14 12:12 - 2020-03-14 12:12 - 000592896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2020-03-14 12:12 - 2020-03-14 12:12 - 000562688 _____ (Microsoft Corporation) C:\WINDOWS\system32\iprtrmgr.dll
2020-03-14 12:12 - 2020-03-14 12:12 - 000562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2020-03-14 12:12 - 2020-03-14 12:12 - 000551824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sxs.dll
2020-03-14 12:12 - 2020-03-14 12:12 - 000532480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2020-03-14 12:12 - 2020-03-14 12:12 - 000526848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidprov.dll
2020-03-14 12:12 - 2020-03-14 12:12 - 000525312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsecedit.dll
2020-03-14 12:12 - 2020-03-14 12:12 - 000518656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2020-03-14 12:12 - 2020-03-14 12:12 - 000516096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iprtrmgr.dll
2020-03-14 12:12 - 2020-03-14 12:12 - 000510768 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2020-03-14 12:12 - 2020-03-14 12:12 - 000500224 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprdim.dll
2020-03-14 12:12 - 2020-03-14 12:12 - 000478792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sechost.dll
2020-03-14 12:12 - 2020-03-14 12:12 - 000469504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2020-03-14 12:12 - 2020-03-14 12:12 - 000455168 _____ (Microsoft Corporation) C:\WINDOWS\system32\upnphost.dll
2020-03-14 12:12 - 2020-03-14 12:12 - 000444416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSFlacDecoder.dll
2020-03-14 12:12 - 2020-03-14 12:12 - 000443904 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2020-03-14 12:12 - 2020-03-14 12:12 - 000415744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2020-03-14 12:12 - 2020-03-14 12:12 - 000403456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mprdim.dll
2020-03-14 12:12 - 2020-03-14 12:12 - 000382976 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll
2020-03-14 12:12 - 2020-03-14 12:12 - 000358912 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmsvc.dll
2020-03-14 12:12 - 2020-03-14 12:12 - 000355840 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsDocumentTargetPrint.dll
2020-03-14 12:12 - 2020-03-14 12:12 - 000336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2020-03-14 12:12 - 2020-03-14 12:12 - 000330240 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
2020-03-14 12:12 - 2020-03-14 12:12 - 000329216 _____ (Microsoft Corporation) C:\WINDOWS\system32\DiagnosticLogCSP.dll
2020-03-14 12:12 - 2020-03-14 12:12 - 000328192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\upnphost.dll
2020-03-14 12:12 - 2020-03-14 12:12 - 000327680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2020-03-14 12:12 - 2020-03-14 12:12 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2020-03-14 12:12 - 2020-03-14 12:12 - 000308736 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2020-03-14 12:12 - 2020-03-14 12:12 - 000307712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2020-03-14 12:12 - 2020-03-14 12:12 - 000299520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2020-03-14 12:12 - 2020-03-14 12:12 - 000291840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ahcache.sys
2020-03-14 12:12 - 2020-03-14 12:12 - 000287744 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSFlacEncoder.dll
2020-03-14 12:12 - 2020-03-14 12:12 - 000287232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppcomapi.dll
2020-03-14 12:12 - 2020-03-14 12:12 - 000283136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2020-03-14 12:12 - 2020-03-14 12:12 - 000279040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2020-03-14 12:12 - 2020-03-14 12:12 - 000277504 _____ (Microsoft Corporation) C:\WINDOWS\system32\scecli.dll
2020-03-14 12:12 - 2020-03-14 12:12 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2020-03-14 12:12 - 2020-03-14 12:12 - 000251392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsDocumentTargetPrint.dll
2020-03-14 12:12 - 2020-03-14 12:12 - 000235520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmWmiPl.dll
2020-03-14 12:12 - 2020-03-14 12:12 - 000227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\IndexedDbLegacy.dll
2020-03-14 12:12 - 2020-03-14 12:12 - 000226816 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofm.dll
2020-03-14 12:12 - 2020-03-14 12:12 - 000225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersShell.dll
2020-03-14 12:12 - 2020-03-14 12:12 - 000214016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scecli.dll
2020-03-14 12:12 - 2020-03-14 12:12 - 000213984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditionUpgradeManagerObj.dll
2020-03-14 12:12 - 2020-03-14 12:12 - 000211968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFilterHost.exe
2020-03-14 12:12 - 2020-03-14 12:12 - 000210744 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcbloader.dll
2020-03-14 12:12 - 2020-03-14 12:12 - 000206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndiswan.sys
2020-03-14 12:12 - 2020-03-14 12:12 - 000199480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2020-03-14 12:12 - 2020-03-14 12:12 - 000193592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\weretw.dll
2020-03-14 12:12 - 2020-03-14 12:12 - 000183808 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngOnline.dll
2020-03-14 12:12 - 2020-03-14 12:12 - 000181248 _____ (Microsoft Corporation) C:\WINDOWS\system32\notepad.exe
2020-03-14 12:12 - 2020-03-14 12:12 - 000181248 _____ (Microsoft Corporation) C:\WINDOWS\notepad.exe
2020-03-14 12:12 - 2020-03-14 12:12 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallServiceTasks.dll
2020-03-14 12:12 - 2020-03-14 12:12 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\LanguageComponentsInstaller.dll
2020-03-14 12:12 - 2020-03-14 12:12 - 000179200 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtm.dll
2020-03-14 12:12 - 2020-03-14 12:12 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IndexedDbLegacy.dll
2020-03-14 12:12 - 2020-03-14 12:12 - 000168448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditionUpgradeHelper.dll
2020-03-14 12:12 - 2020-03-14 12:12 - 000166400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MicrosoftAccountTokenProvider.dll
2020-03-14 12:12 - 2020-03-14 12:12 - 000165504 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcmnutils.dll
2020-03-14 12:12 - 2020-03-14 12:12 - 000164776 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmapi.dll
2020-03-14 12:12 - 2020-03-14 12:12 - 000161792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtm.dll
2020-03-14 12:12 - 2020-03-14 12:12 - 000160768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2020-03-14 12:12 - 2020-03-14 12:12 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\notepad.exe
2020-03-14 12:12 - 2020-03-14 12:12 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2020-03-14 12:12 - 2020-03-14 12:12 - 000148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2020-03-14 12:12 - 2020-03-14 12:12 - 000146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceUpdateAgent.dll
2020-03-14 12:12 - 2020-03-14 12:12 - 000143872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmAuto.dll
2020-03-14 12:12 - 2020-03-14 12:12 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
2020-03-14 12:12 - 2020-03-14 12:12 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceMetadataRetrievalClient.dll
2020-03-14 12:12 - 2020-03-14 12:12 - 000137216 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnpclean.dll
2020-03-14 12:12 - 2020-03-14 12:12 - 000136328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\omadmapi.dll
2020-03-14 12:12 - 2020-03-14 12:12 - 000135168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\NdisImPlatform.sys
2020-03-14 12:12 - 2020-03-14 12:12 - 000133944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ImplatSetup.dll
2020-03-14 12:12 - 2020-03-14 12:12 - 000130112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmcmnutils.dll
2020-03-14 12:12 - 2020-03-14 12:12 - 000123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
2020-03-14 12:12 - 2020-03-14 12:12 - 000120560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\profext.dll
2020-03-14 12:12 - 2020-03-14 12:12 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2020-03-14 12:12 - 2020-03-14 12:12 - 000114176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\agilevpn.sys
2020-03-14 12:12 - 2020-03-14 12:12 - 000113152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssitlb.dll
2020-03-14 12:12 - 2020-03-14 12:12 - 000112128 _____ (Microsoft Corporation) C:\WINDOWS\system32\AxInstSv.dll
2020-03-14 12:12 - 2020-03-14 12:12 - 000107520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GraphicsCapture.dll
2020-03-14 12:12 - 2020-03-14 12:12 - 000105832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpenWith.exe
2020-03-14 12:12 - 2020-03-14 12:12 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll
2020-03-14 12:12 - 2020-03-14 12:12 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFolders.exe
2020-03-14 12:12 - 2020-03-14 12:12 - 000102760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\profapi.dll
2020-03-14 12:12 - 2020-03-14 12:12 - 000097080 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2020-03-14 12:12 - 2020-03-14 12:12 - 000093184 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlaapi.dll
2020-03-14 12:12 - 2020-03-14 12:12 - 000092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll
2020-03-14 12:12 - 2020-03-14 12:12 - 000089568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2020-03-14 12:12 - 2020-03-14 12:12 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll
2020-03-14 12:12 - 2020-03-14 12:12 - 000087552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dot3api.dll
2020-03-14 12:12 - 2020-03-14 12:12 - 000087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dot3msm.dll
2020-03-14 12:12 - 2020-03-14 12:12 - 000084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterpriseresourcemanager.dll
2020-03-14 12:12 - 2020-03-14 12:12 - 000078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvSysprep.dll
2020-03-14 12:12 - 2020-03-14 12:12 - 000074752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\asycfilt.dll
2020-03-14 12:12 - 2020-03-14 12:12 - 000071680 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpremove.exe
2020-03-14 12:12 - 2020-03-14 12:12 - 000068408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceReactivation.dll
2020-03-14 12:12 - 2020-03-14 12:12 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\udhisapi.dll
2020-03-14 12:12 - 2020-03-14 12:12 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSManMigrationPlugin.dll
2020-03-14 12:12 - 2020-03-14 12:12 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\enterpriseresourcemanager.dll
2020-03-14 12:12 - 2020-03-14 12:12 - 000065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2020-03-14 12:12 - 2020-03-14 12:12 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iemigplugin.dll
2020-03-14 12:12 - 2020-03-14 12:12 - 000061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmRes.dll
2020-03-14 12:12 - 2020-03-14 12:12 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssprxy.dll
2020-03-14 12:12 - 2020-03-14 12:12 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AxInstUI.exe
2020-03-14 12:12 - 2020-03-14 12:12 - 000058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\udhisapi.dll
2020-03-14 12:12 - 2020-03-14 12:12 - 000055376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmmvrortc.dll
2020-03-14 12:12 - 2020-03-14 12:12 - 000052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2020-03-14 12:12 - 2020-03-14 12:12 - 000048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmapi.dll
2020-03-14 12:12 - 2020-03-14 12:12 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msscntrs.dll
2020-03-14 12:12 - 2020-03-14 12:12 - 000045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf3216.dll
2020-03-14 12:12 - 2020-03-14 12:12 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2020-03-14 12:12 - 2020-03-14 12:12 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\npmproxy.dll
2020-03-14 12:12 - 2020-03-14 12:12 - 000042336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tbs.dll
2020-03-14 12:12 - 2020-03-14 12:12 - 000042296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SysResetErr.exe
2020-03-14 12:12 - 2020-03-14 12:12 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\upnpcont.exe
2020-03-14 12:12 - 2020-03-14 12:12 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afunix.sys
2020-03-14 12:12 - 2020-03-14 12:12 - 000038912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werdiagcontroller.dll
2020-03-14 12:12 - 2020-03-14 12:12 - 000037888 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmtask.exe
2020-03-14 12:12 - 2020-03-14 12:12 - 000037376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsmprovhost.exe
2020-03-14 12:12 - 2020-03-14 12:12 - 000036352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSManHTTPConfig.exe
2020-03-14 12:12 - 2020-03-14 12:12 - 000035328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\upnpcont.exe
2020-03-14 12:12 - 2020-03-14 12:12 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2020-03-14 12:12 - 2020-03-14 12:12 - 000032056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpvideominiport.sys
2020-03-14 12:12 - 2020-03-14 12:12 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sxstrace.exe
2020-03-14 12:12 - 2020-03-14 12:12 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Drivers\afunix.sys
2020-03-14 12:12 - 2020-03-14 12:12 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlmproxy.dll
2020-03-14 12:12 - 2020-03-14 12:12 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmAgent.dll
2020-03-14 12:12 - 2020-03-14 12:12 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msimsg.dll
2020-03-14 12:12 - 2020-03-14 12:12 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimsg.dll
2020-03-14 12:12 - 2020-03-14 12:12 - 000023040 _____ (Microsoft Corporation) C:\WINDOWS\system32\msauserext.dll
2020-03-14 12:12 - 2020-03-14 12:12 - 000019768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.exe
2020-03-14 12:12 - 2020-03-14 12:12 - 000018944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msauserext.dll
2020-03-14 12:12 - 2020-03-14 12:12 - 000017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlmsprep.dll
2020-03-14 12:12 - 2020-03-14 12:12 - 000016384 _____ (Microsoft Corporation) C:\WINDOWS\system32\MUILanguageCleanup.dll
2020-03-14 12:12 - 2020-03-14 12:12 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\LangCleanupSysprepAction.dll
2020-03-14 12:12 - 2020-03-14 12:12 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsmplpxy.dll
2020-03-14 12:12 - 2020-03-14 12:12 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\system32\iprtprio.dll
2020-03-14 12:12 - 2020-03-14 12:12 - 000010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMAlertListener.ProxyStub.dll
2020-03-14 12:12 - 2020-03-14 12:12 - 000010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchTM.exe
2020-03-14 12:12 - 2020-03-14 12:12 - 000010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpksetupproxyserv.dll
2020-03-14 12:12 - 2020-03-14 12:12 - 000009216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iprtprio.dll
2020-03-14 12:12 - 2020-03-14 12:12 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DMAlertListener.ProxyStub.dll
2020-03-14 12:12 - 2020-03-14 12:12 - 000007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msimg32.dll
2020-03-14 12:12 - 2020-03-14 12:12 - 000003584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCertResources.dll
2020-03-14 12:12 - 2020-03-14 12:12 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth9.bin
2020-03-14 12:12 - 2020-03-14 12:12 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2020-03-14 12:12 - 2020-03-14 12:12 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2020-03-14 12:12 - 2020-03-14 12:12 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2020-03-14 12:12 - 2020-03-14 12:12 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2020-03-14 12:12 - 2020-03-14 12:12 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2020-03-14 12:12 - 2020-03-14 12:12 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2020-03-14 12:12 - 2020-03-14 12:12 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2020-03-14 12:12 - 2020-03-14 12:12 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth12.bin
2020-03-14 12:12 - 2020-03-14 12:12 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth11.bin
2020-03-14 12:12 - 2020-03-14 12:12 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth10.bin
2020-03-14 12:12 - 2020-03-14 12:12 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2020-03-14 12:11 - 2020-03-14 12:11 - 009930552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2020-03-14 12:11 - 2020-03-14 12:11 - 007905784 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2020-03-14 12:11 - 2020-03-14 12:11 - 007604584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2020-03-14 12:11 - 2020-03-14 12:11 - 007263992 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2020-03-14 12:11 - 2020-03-14 12:11 - 006436352 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2020-03-14 12:11 - 2020-03-14 12:11 - 006168064 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2020-03-14 12:11 - 2020-03-14 12:11 - 004898144 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmpltfm.dll
2020-03-14 12:11 - 2020-03-14 12:11 - 004622280 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2020-03-14 12:11 - 2020-03-14 12:11 - 004563416 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2020-03-14 12:11 - 2020-03-14 12:11 - 004471296 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2020-03-14 12:11 - 2020-03-14 12:11 - 004140544 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2020-03-14 12:11 - 2020-03-14 12:11 - 004048896 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2020-03-14 12:11 - 2020-03-14 12:11 - 003799552 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2020-03-14 12:11 - 2020-03-14 12:11 - 003728896 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2020-03-14 12:11 - 2020-03-14 12:11 - 003708928 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2020-03-14 12:11 - 2020-03-14 12:11 - 003587896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2020-03-14 12:11 - 2020-03-14 12:11 - 003552768 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2020-03-14 12:11 - 2020-03-14 12:11 - 003371720 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2020-03-14 12:11 - 2020-03-14 12:11 - 003263488 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2020-03-14 12:11 - 2020-03-14 12:11 - 003260928 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2020-03-14 12:11 - 2020-03-14 12:11 - 003143168 _____ (Microsoft Corporation) C:\WINDOWS\system32\directml.dll
2020-03-14 12:11 - 2020-03-14 12:11 - 002986808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2020-03-14 12:11 - 2020-03-14 12:11 - 002870272 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2020-03-14 12:11 - 2020-03-14 12:11 - 002808832 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2020-03-14 12:11 - 2020-03-14 12:11 - 002768440 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2020-03-14 12:11 - 2020-03-14 12:11 - 002715648 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2020-03-14 12:11 - 2020-03-14 12:11 - 002698040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2020-03-14 12:11 - 2020-03-14 12:11 - 002522112 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2020-03-14 12:11 - 2020-03-14 12:11 - 002474496 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2020-03-14 12:11 - 2020-03-14 12:11 - 002453504 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll
2020-03-14 12:11 - 2020-03-14 12:11 - 002289152 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2020-03-14 12:11 - 2020-03-14 12:11 - 002157056 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2020-03-14 12:11 - 2020-03-14 12:11 - 002087376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2020-03-14 12:11 - 2020-03-14 12:11 - 001999952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2020-03-14 12:11 - 2020-03-14 12:11 - 001972536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refs.sys
2020-03-14 12:11 - 2020-03-14 12:11 - 001885184 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2020-03-14 12:11 - 2020-03-14 12:11 - 001823232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2020-03-14 12:11 - 2020-03-14 12:11 - 001764336 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2020-03-14 12:11 - 2020-03-14 12:11 - 001762304 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2020-03-14 12:11 - 2020-03-14 12:11 - 001757304 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2020-03-14 12:11 - 2020-03-14 12:11 - 001751040 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2020-03-14 12:11 - 2020-03-14 12:11 - 001743888 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2020-03-14 12:11 - 2020-03-14 12:11 - 001657120 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2020-03-14 12:11 - 2020-03-14 12:11 - 001609216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2020-03-14 12:11 - 2020-03-14 12:11 - 001581056 _____ (Microsoft Corporation) C:\WINDOWS\system32\qmgr.dll
2020-03-14 12:11 - 2020-03-14 12:11 - 001513040 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2020-03-14 12:11 - 2020-03-14 12:11 - 001482040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2020-03-14 12:11 - 2020-03-14 12:11 - 001481216 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpsharercom.dll
2020-03-14 12:11 - 2020-03-14 12:11 - 001480192 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocoreworker.exe
2020-03-14 12:11 - 2020-03-14 12:11 - 001428992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2020-03-14 12:11 - 2020-03-14 12:11 - 001396152 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2020-03-14 12:11 - 2020-03-14 12:11 - 001394168 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2020-03-14 12:11 - 2020-03-14 12:11 - 001366128 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2020-03-14 12:11 - 2020-03-14 12:11 - 001354080 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmpal.dll
2020-03-14 12:11 - 2020-03-14 12:11 - 001260480 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2020-03-14 12:11 - 2020-03-14 12:11 - 001182448 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2020-03-14 12:11 - 2020-03-14 12:11 - 001180160 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2020-03-14 12:11 - 2020-03-14 12:11 - 001153024 _____ (Microsoft Corporation) C:\WINDOWS\system32\windowsperformancerecordercontrol.dll
2020-03-14 12:11 - 2020-03-14 12:11 - 001149712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2020-03-14 12:11 - 2020-03-14 12:11 - 001092096 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCoreProvisioning.dll
2020-03-14 12:11 - 2020-03-14 12:11 - 001091936 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmcodecs.dll
2020-03-14 12:11 - 2020-03-14 12:11 - 001083904 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2020-03-14 12:11 - 2020-03-14 12:11 - 001071184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Taskmgr.exe
2020-03-14 12:11 - 2020-03-14 12:11 - 001057792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2020-03-14 12:11 - 2020-03-14 12:11 - 001032544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ortcengine.dll
2020-03-14 12:11 - 2020-03-14 12:11 - 001027000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2020-03-14 12:11 - 2020-03-14 12:11 - 000988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\refsutil.exe
2020-03-14 12:11 - 2020-03-14 12:11 - 000983896 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2020-03-14 12:11 - 2020-03-14 12:11 - 000974848 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2020-03-14 12:11 - 2020-03-14 12:11 - 000945384 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2020-03-14 12:11 - 2020-03-14 12:11 - 000929144 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
2020-03-14 12:11 - 2020-03-14 12:11 - 000916480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2020-03-14 12:11 - 2020-03-14 12:11 - 000914944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2020-03-14 12:11 - 2020-03-14 12:11 - 000908504 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2020-03-14 12:11 - 2020-03-14 12:11 - 000878080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Service.dll
2020-03-14 12:11 - 2020-03-14 12:11 - 000877232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2020-03-14 12:11 - 2020-03-14 12:11 - 000874296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2020-03-14 12:11 - 2020-03-14 12:11 - 000863232 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2020-03-14 12:11 - 2020-03-14 12:11 - 000851968 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2020-03-14 12:11 - 2020-03-14 12:11 - 000845312 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2020-03-14 12:11 - 2020-03-14 12:11 - 000838144 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Language.dll
2020-03-14 12:11 - 2020-03-14 12:11 - 000833616 _____ (Microsoft Corporation) C:\WINDOWS\system32\pkeyhelper.dll
2020-03-14 12:11 - 2020-03-14 12:11 - 000802304 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2020-03-14 12:11 - 2020-03-14 12:11 - 000796904 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2020-03-14 12:11 - 2020-03-14 12:11 - 000782848 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2020-03-14 12:11 - 2020-03-14 12:11 - 000772096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2020-03-14 12:11 - 2020-03-14 12:11 - 000765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\uReFS.dll
2020-03-14 12:11 - 2020-03-14 12:11 - 000749568 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2020-03-14 12:11 - 2020-03-14 12:11 - 000741392 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingWinRT.dll
2020-03-14 12:11 - 2020-03-14 12:11 - 000678912 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2020-03-14 12:11 - 2020-03-14 12:11 - 000661816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2020-03-14 12:11 - 2020-03-14 12:11 - 000649728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidprov.dll
2020-03-14 12:11 - 2020-03-14 12:11 - 000642216 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2020-03-14 12:11 - 2020-03-14 12:11 - 000638464 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
2020-03-14 12:11 - 2020-03-14 12:11 - 000637240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2020-03-14 12:11 - 2020-03-14 12:11 - 000636848 _____ (Microsoft Corporation) C:\WINDOWS\system32\sxs.dll
2020-03-14 12:11 - 2020-03-14 12:11 - 000605896 _____ (Microsoft Corporation) C:\WINDOWS\system32\sechost.dll
2020-03-14 12:11 - 2020-03-14 12:11 - 000605184 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2020-03-14 12:11 - 2020-03-14 12:11 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SppExtComObj.Exe
2020-03-14 12:11 - 2020-03-14 12:11 - 000568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnprv.dll
2020-03-14 12:11 - 2020-03-14 12:11 - 000568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.UXRes.dll
2020-03-14 12:11 - 2020-03-14 12:11 - 000561464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2020-03-14 12:11 - 2020-03-14 12:11 - 000550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2020-03-14 12:11 - 2020-03-14 12:11 - 000540672 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2020-03-14 12:11 - 2020-03-14 12:11 - 000535552 _____ (Microsoft Corporation) C:\WINDOWS\system32\usosvc.dll
2020-03-14 12:11 - 2020-03-14 12:11 - 000531768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2020-03-14 12:11 - 2020-03-14 12:11 - 000522384 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2020-03-14 12:11 - 2020-03-14 12:11 - 000489984 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2020-03-14 12:11 - 2020-03-14 12:11 - 000477496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2020-03-14 12:11 - 2020-03-14 12:11 - 000460800 _____ (Microsoft Corporation) C:\WINDOWS\system32\slui.exe
2020-03-14 12:11 - 2020-03-14 12:11 - 000459688 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2020-03-14 12:11 - 2020-03-14 12:11 - 000457216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cldflt.sys
2020-03-14 12:11 - 2020-03-14 12:11 - 000457016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2020-03-14 12:11 - 2020-03-14 12:11 - 000448000 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll
2020-03-14 12:11 - 2020-03-14 12:11 - 000441144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2020-03-14 12:11 - 2020-03-14 12:11 - 000435200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll
2020-03-14 12:11 - 2020-03-14 12:11 - 000433152 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountExtension.dll
2020-03-14 12:11 - 2020-03-14 12:11 - 000429880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys
2020-03-14 12:11 - 2020-03-14 12:11 - 000401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2020-03-14 12:11 - 2020-03-14 12:11 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2020-03-14 12:11 - 2020-03-14 12:11 - 000379904 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2020-03-14 12:11 - 2020-03-14 12:11 - 000368128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2020-03-14 12:11 - 2020-03-14 12:11 - 000355000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys
2020-03-14 12:11 - 2020-03-14 12:11 - 000353960 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2020-03-14 12:11 - 2020-03-14 12:11 - 000338432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2020-03-14 12:11 - 2020-03-14 12:11 - 000337920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Acx01000.sys
2020-03-14 12:11 - 2020-03-14 12:11 - 000320312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthAgent.dll
2020-03-14 12:11 - 2020-03-14 12:11 - 000309248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2020-03-14 12:11 - 2020-03-14 12:11 - 000307712 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcomapi.dll
2020-03-14 12:11 - 2020-03-14 12:11 - 000306696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbvideo.sys
2020-03-14 12:11 - 2020-03-14 12:11 - 000294400 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2020-03-14 12:11 - 2020-03-14 12:11 - 000291328 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceDirectoryClient.dll
2020-03-14 12:11 - 2020-03-14 12:11 - 000285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmWmiPl.dll
2020-03-14 12:11 - 2020-03-14 12:11 - 000282112 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcpopkeysrv.dll
2020-03-14 12:11 - 2020-03-14 12:11 - 000273408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountCloudAP.dll
2020-03-14 12:11 - 2020-03-14 12:11 - 000271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2020-03-14 12:11 - 2020-03-14 12:11 - 000268288 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3svc.dll
2020-03-14 12:11 - 2020-03-14 12:11 - 000265216 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2020-03-14 12:11 - 2020-03-14 12:11 - 000263168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnservice.dll
2020-03-14 12:11 - 2020-03-14 12:11 - 000262656 _____ (Microsoft Corporation) C:\WINDOWS\system32\netman.dll
2020-03-14 12:11 - 2020-03-14 12:11 - 000260920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2020-03-14 12:11 - 2020-03-14 12:11 - 000259584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2020-03-14 12:11 - 2020-03-14 12:11 - 000258048 _____ (Microsoft Corporation) C:\WINDOWS\system32\VPNv2CSP.dll
2020-03-14 12:11 - 2020-03-14 12:11 - 000250896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
2020-03-14 12:11 - 2020-03-14 12:11 - 000250880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winnat.sys
2020-03-14 12:11 - 2020-03-14 12:11 - 000248064 _____ (Microsoft Corporation) C:\WINDOWS\system32\weretw.dll
2020-03-14 12:11 - 2020-03-14 12:11 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2020-03-14 12:11 - 2020-03-14 12:11 - 000239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\vdsbas.dll
2020-03-14 12:11 - 2020-03-14 12:11 - 000234984 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeManagerObj.dll
2020-03-14 12:11 - 2020-03-14 12:11 - 000233472 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2020-03-14 12:11 - 2020-03-14 12:11 - 000232960 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2020-03-14 12:11 - 2020-03-14 12:11 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\TetheringMgr.dll
2020-03-14 12:11 - 2020-03-14 12:11 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallServiceTasks.dll
2020-03-14 12:11 - 2020-03-14 12:11 - 000228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountTokenProvider.dll
2020-03-14 12:11 - 2020-03-14 12:11 - 000224056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelppm.sys
2020-03-14 12:11 - 2020-03-14 12:11 - 000222520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ataport.sys
2020-03-14 12:11 - 2020-03-14 12:11 - 000221200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2020-03-14 12:11 - 2020-03-14 12:11 - 000208696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\processr.sys
2020-03-14 12:11 - 2020-03-14 12:11 - 000204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2020-03-14 12:11 - 2020-03-14 12:11 - 000201744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys
2020-03-14 12:11 - 2020-03-14 12:11 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2020-03-14 12:11 - 2020-03-14 12:11 - 000201528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\amdppm.sys
2020-03-14 12:11 - 2020-03-14 12:11 - 000199992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\amdk8.sys
2020-03-14 12:11 - 2020-03-14 12:11 - 000183608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbccgp.sys
2020-03-14 12:11 - 2020-03-14 12:11 - 000182272 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
2020-03-14 12:11 - 2020-03-14 12:11 - 000180232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2020-03-14 12:11 - 2020-03-14 12:11 - 000177152 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeHelper.dll
2020-03-14 12:11 - 2020-03-14 12:11 - 000174592 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmAuto.dll
2020-03-14 12:11 - 2020-03-14 12:11 - 000174392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storahci.sys
2020-03-14 12:11 - 2020-03-14 12:11 - 000151568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbus.sys
2020-03-14 12:11 - 2020-03-14 12:11 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2020-03-14 12:11 - 2020-03-14 12:11 - 000146712 _____ (Microsoft Corporation) C:\WINDOWS\system32\profext.dll
2020-03-14 12:11 - 2020-03-14 12:11 - 000144384 _____ (Microsoft Corporation) 

FRT 3

C:\WINDOWS\system32\GraphicsCapture.dll
2020-03-14 12:11 - 2020-03-14 12:11 - 000141840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2020-03-14 12:11 - 2020-03-14 12:11 - 000141824 _____ (Microsoft Corporation) C:\WINDOWS\system32\provpackageapidll.dll
2020-03-14 12:11 - 2020-03-14 12:11 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2020-03-14 12:11 - 2020-03-14 12:11 - 000138240 _____ (Microsoft Corporation) C:\WINDOWS\system32\TelephonyInteractiveUser.dll
2020-03-14 12:11 - 2020-03-14 12:11 - 000133256 _____ (Microsoft Corporation) C:\WINDOWS\system32\profapi.dll
2020-03-14 12:11 - 2020-03-14 12:11 - 000131896 _____ (Microsoft Corporation) C:\WINDOWS\system32\DTUHandler.exe
2020-03-14 12:11 - 2020-03-14 12:11 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssitlb.dll
2020-03-14 12:11 - 2020-03-14 12:11 - 000128312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifitask.exe
2020-03-14 12:11 - 2020-03-14 12:11 - 000127064 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2020-03-14 12:11 - 2020-03-14 12:11 - 000120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
2020-03-14 12:11 - 2020-03-14 12:11 - 000120048 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpenWith.exe
2020-03-14 12:11 - 2020-03-14 12:11 - 000118784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Taskbar.dll
2020-03-14 12:11 - 2020-03-14 12:11 - 000114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hdaudbus.sys
2020-03-14 12:11 - 2020-03-14 12:11 - 000114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthenum.sys
2020-03-14 12:11 - 2020-03-14 12:11 - 000108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanprotdim.dll
2020-03-14 12:11 - 2020-03-14 12:11 - 000107832 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthProxyStub.dll
2020-03-14 12:11 - 2020-03-14 12:11 - 000105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\utcutil.dll
2020-03-14 12:11 - 2020-03-14 12:11 - 000103936 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3msm.dll
2020-03-14 12:11 - 2020-03-14 12:11 - 000102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\NFCProvisioningPlugin.dll
2020-03-14 12:11 - 2020-03-14 12:11 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BTHUSB.SYS
2020-03-14 12:11 - 2020-03-14 12:11 - 000098104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\crashdmp.sys
2020-03-14 12:11 - 2020-03-14 12:11 - 000097792 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdatastore.dll
2020-03-14 12:11 - 2020-03-14 12:11 - 000092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3api.dll
2020-03-14 12:11 - 2020-03-14 12:11 - 000091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll
2020-03-14 12:11 - 2020-03-14 12:11 - 000089616 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceReactivation.dll
2020-03-14 12:11 - 2020-03-14 12:11 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\BarcodeProvisioningPlugin.dll
2020-03-14 12:11 - 2020-03-14 12:11 - 000087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditBufferTestHook.dll
2020-03-14 12:11 - 2020-03-14 12:11 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSManMigrationPlugin.dll
2020-03-14 12:11 - 2020-03-14 12:11 - 000084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe
2020-03-14 12:11 - 2020-03-14 12:11 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\CustomInstallExec.exe
2020-03-14 12:11 - 2020-03-14 12:11 - 000076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\autopilot.dll
2020-03-14 12:11 - 2020-03-14 12:11 - 000070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.EnrollmentStatusTracking.ConfigProvider.dll
2020-03-14 12:11 - 2020-03-14 12:11 - 000069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\monitor.sys
2020-03-14 12:11 - 2020-03-14 12:11 - 000067112 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsManagementServiceWinRt.ProxyStub.dll
2020-03-14 12:11 - 2020-03-14 12:11 - 000066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemovableMediaProvisioningPlugin.dll
2020-03-14 12:11 - 2020-03-14 12:11 - 000066336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlrmdr.exe
2020-03-14 12:11 - 2020-03-14 12:11 - 000063288 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthHost.exe
2020-03-14 12:11 - 2020-03-14 12:11 - 000061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmRes.dll
2020-03-14 12:11 - 2020-03-14 12:11 - 000060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
2020-03-14 12:11 - 2020-03-14 12:11 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\msscntrs.dll
2020-03-14 12:11 - 2020-03-14 12:11 - 000056672 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmmvrortc.dll
2020-03-14 12:11 - 2020-03-14 12:11 - 000056632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pciidex.sys
2020-03-14 12:11 - 2020-03-14 12:11 - 000054784 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAProfileNotificationHandler.dll
2020-03-14 12:11 - 2020-03-14 12:11 - 000048256 _____ (Microsoft Corporation) C:\WINDOWS\system32\tbs.dll
2020-03-14 12:11 - 2020-03-14 12:11 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsmprovhost.exe
2020-03-14 12:11 - 2020-03-14 12:11 - 000045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\cellulardatacapabilityhandler.dll
2020-03-14 12:11 - 2020-03-14 12:11 - 000044544 _____ (Microsoft Corporation) C:\WINDOWS\system32\werdiagcontroller.dll
2020-03-14 12:11 - 2020-03-14 12:11 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2020-03-14 12:11 - 2020-03-14 12:11 - 000043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiredNetworkCSP.dll
2020-03-14 12:11 - 2020-03-14 12:11 - 000041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSManHTTPConfig.exe
2020-03-14 12:11 - 2020-03-14 12:11 - 000041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\WordBreakers.dll
2020-03-14 12:11 - 2020-03-14 12:11 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BthMini.SYS
2020-03-14 12:11 - 2020-03-14 12:11 - 000036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\sxstrace.exe
2020-03-14 12:11 - 2020-03-14 12:11 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Provisioning.ProxyStub.dll
2020-03-14 12:11 - 2020-03-14 12:11 - 000032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmAgent.dll
2020-03-14 12:11 - 2020-03-14 12:11 - 000031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\FaxPrinterInstaller.dll
2020-03-14 12:11 - 2020-03-14 12:11 - 000030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\KNetPwrDepBroker.sys
2020-03-14 12:11 - 2020-03-14 12:11 - 000030008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\atapi.sys
2020-03-14 12:11 - 2020-03-14 12:11 - 000029712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tbs.sys
2020-03-14 12:11 - 2020-03-14 12:11 - 000028936 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmbuspipe.dll
2020-03-14 12:11 - 2020-03-14 12:11 - 000025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\autopilotdiag.dll
2020-03-14 12:11 - 2020-03-14 12:11 - 000024064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wci.dll
2020-03-14 12:11 - 2020-03-14 12:11 - 000019984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelide.sys
2020-03-14 12:11 - 2020-03-14 12:11 - 000019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mpnotify.exe
2020-03-14 12:11 - 2020-03-14 12:11 - 000016912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pciide.sys
2020-03-14 12:11 - 2020-03-14 12:11 - 000015872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsmplpxy.dll
2020-03-14 12:11 - 2020-03-14 12:11 - 000012288 _____ (Microsoft Corporation) C:\WINDOWS\system32\pacjsworker.exe
2020-03-14 12:11 - 2020-03-14 12:11 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchTM.exe
2020-03-14 12:11 - 2020-03-14 12:11 - 000008192 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimg32.dll
2020-03-14 12:11 - 2020-03-14 12:11 - 000003584 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCertResources.dll
2020-03-14 12:11 - 2020-03-14 12:11 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tier2punctuations.dll
2020-03-14 12:11 - 2020-03-14 12:11 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\TelephonyInteractiveUserRes.dll
2020-03-13 15:43 - 2020-03-13 15:43 - 000492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2020-03-13 15:43 - 2020-03-13 15:43 - 000390656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe


==================== Un mes (modificado) ==================

(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)

2020-04-11 20:23 - 2017-09-20 16:38 - 000000000 ___DC C:\Users\Pau\AppData\Local\AVAST Software
2020-04-11 20:22 - 2019-09-15 15:28 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-04-11 20:22 - 2019-03-19 06:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-04-11 20:22 - 2019-03-19 06:37 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2020-04-11 20:22 - 2018-05-31 23:06 - 000000000 ____D C:\Program Files (x86)\Sony
2020-04-11 20:22 - 2017-05-05 21:03 - 000000000 __SHD C:\Users\Pau\IntelGraphicsProfiles
2020-04-11 20:22 - 2016-11-24 11:56 - 000000000 ____D C:\ProgramData\Acer
2020-04-11 20:22 - 2016-11-24 11:56 - 000000000 ____D C:\Program Files\Acer
2020-04-11 20:22 - 2016-11-24 11:56 - 000000000 ____D C:\Program Files (x86)\Acer
2020-04-11 20:14 - 2019-09-15 15:54 - 000498628 _____ C:\WINDOWS\system32\perfh011.dat
2020-04-11 20:14 - 2019-09-15 15:54 - 000151686 _____ C:\WINDOWS\system32\perfc011.dat
2020-04-11 20:14 - 2019-09-15 15:29 - 002552318 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-04-11 20:14 - 2019-03-19 13:59 - 000857582 _____ C:\WINDOWS\system32\perfh00A.dat
2020-04-11 20:14 - 2019-03-19 13:59 - 000175956 _____ C:\WINDOWS\system32\perfc00A.dat
2020-04-11 20:14 - 2019-03-19 06:50 - 000000000 ____D C:\WINDOWS\INF
2020-04-11 20:07 - 2018-09-19 16:50 - 000000000 __RDC C:\Users\Pau\Desktop\App útiles
2020-04-11 20:02 - 2019-03-19 06:52 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2020-04-11 19:43 - 2017-05-06 11:44 - 000000000 ___DC C:\Users\Pau\AppData\Local\CrashDumps
2020-04-11 19:33 - 2018-09-19 16:50 - 000000000 ___DC C:\Users\Pau\Desktop\shit q no sé donde meter
2020-04-11 19:12 - 2019-09-15 15:18 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-04-11 16:20 - 2020-02-21 16:48 - 000002862 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2394460862-3132608155-2558793003-1006
2020-04-11 16:20 - 2019-09-15 15:28 - 000003550 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2020-04-11 16:20 - 2019-09-15 15:28 - 000003326 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2020-04-11 16:17 - 2019-09-15 15:28 - 000000000 ____D C:\WINDOWS\system32\Tasks\AVAST Software
2020-04-11 15:59 - 2018-07-13 14:50 - 000000000 ___DC C:\Users\Pau\AppData\LocalLow\IObit
2020-04-11 15:59 - 2018-07-13 14:50 - 000000000 ____D C:\ProgramData\IObit
2020-04-11 15:59 - 2018-07-13 14:50 - 000000000 ____D C:\Program Files (x86)\IObit
2020-04-11 15:59 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2020-04-11 14:22 - 2017-06-17 12:32 - 000000000 ____D C:\ProgramData\AVAST Software
2020-04-11 13:34 - 2019-12-23 14:02 - 000000000 ____D C:\Users\Pau\AppData\Local\cache
2020-04-11 13:29 - 2019-03-19 06:52 - 000000000 ___HD C:\Program Files\WindowsApps
2020-04-11 13:29 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-04-11 12:58 - 2019-02-17 02:59 - 000000000 ___DC C:\Users\Pau\AppData\Roaming\.minecraft
2020-04-11 12:33 - 2019-02-17 03:02 - 000000000 ___DC C:\Users\Pau\AppData\Roaming\.tlauncher
2020-04-11 01:07 - 2018-01-12 22:58 - 000000000 ____D C:\Users\Pau\.gimp-2.8
2020-04-11 01:06 - 2018-01-12 23:00 - 000000000 ___DC C:\Users\Pau\AppData\Local\gtk-2.0
2020-04-09 11:25 - 2017-11-23 01:01 - 000000000 ___DC C:\Users\Pau\AppData\Local\Packages
2020-04-09 01:59 - 2016-11-24 11:25 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2020-04-06 21:07 - 2017-05-20 14:28 - 000002303 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-04-05 11:14 - 2018-05-12 17:10 - 000000348 _____ C:\WINDOWS\BRRBCOM.INI
2020-04-04 01:56 - 2019-03-19 06:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-04-02 15:55 - 2018-04-11 19:32 - 000002504 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2020-04-02 15:55 - 2018-04-11 19:32 - 000002469 _____ C:\Users\Public\Desktop\Avast Secure Browser.lnk
2020-03-29 20:12 - 2020-01-19 20:02 - 000000000 ____D C:\Users\Invitados1
2020-03-29 20:12 - 2019-09-15 15:22 - 000000000 ____D C:\Users\defaultuser0
2020-03-23 11:42 - 2017-05-05 21:04 - 000000000 ___RD C:\Users\Pau\OneDrive
2020-03-20 10:59 - 2019-12-22 14:36 - 000000000 ___DC C:\Users\Pau\Desktop\Batxillerat
2020-03-20 10:59 - 2018-10-19 18:18 - 000000000 ___DC C:\Users\Pau\Desktop\Memes
2020-03-15 01:54 - 2019-09-15 15:18 - 000693640 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-03-15 01:54 - 2017-05-06 11:45 - 000000000 ___RD C:\Users\Pau\3D Objects
2020-03-15 01:54 - 2016-11-24 11:25 - 000000000 __RHD C:\Users\Public\AccountPictures
2020-03-15 01:53 - 2019-03-19 06:52 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2020-03-15 01:53 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2020-03-15 01:53 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2020-03-15 01:53 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\SystemResources
2020-03-15 01:53 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2020-03-15 01:53 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\setup
2020-03-15 01:53 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\oobe
2020-03-15 01:53 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\Dism
2020-03-15 01:52 - 2019-09-15 15:22 - 000000000 ____D C:\Users\Pau
2020-03-15 01:52 - 2019-03-19 06:52 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2020-03-15 01:52 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\ShellExperiences
2020-03-15 01:52 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\bcastdvr
2020-03-15 01:52 - 2019-03-19 06:52 - 000000000 ____D C:\Program Files\Windows Defender
2020-03-15 01:52 - 2019-03-19 06:37 - 000000000 ____D C:\WINDOWS\servicing
2020-03-14 12:30 - 2017-05-05 23:35 - 000000000 ____D C:\WINDOWS\system32\MRT
2020-03-14 12:16 - 2017-05-05 23:35 - 121542864 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe

==================== Archivos en la raíz de algunos directorios ========

2017-11-21 22:15 - 2017-11-22 20:31 - 000007168 ____C () C:\Users\Pau\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2018-12-06 21:01 - 2018-12-06 21:01 - 000001536 ____C () C:\Users\Pau\AppData\Local\GfxMetrics.cfg
2020-04-11 01:06 - 2020-04-11 01:06 - 000047523 _____ () C:\Users\Pau\AppData\Local\recently-used.xbel

==================== SigCheck ============================

(No existe una corrección automática para los archivos que no pasan la verificación.)

==================== Final de FRST.txt ========================

ADDITION

Resultados del Análisis Adicional de Farbar Recovery Scan Tool (x64) Versión: 11-04-2020
Ejecutado por Pau (11-04-2020 20:27:43)
Ejecutado desde C:\Users\Pau\Desktop
Windows 10 Home Versión 1903 18362.720 (X64) (2019-09-15 13:28:24)
Modo de Inicio: Normal
==========================================================


==================== Cuentas: =============================

Administrador (S-1-5-21-2394460862-3132608155-2558793003-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2394460862-3132608155-2558793003-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-2394460862-3132608155-2558793003-1000 - Limited - Disabled) => C:\Users\defaultuser0
Invitado (S-1-5-21-2394460862-3132608155-2558793003-501 - Limited - Disabled)
Invitados1 (S-1-5-21-2394460862-3132608155-2558793003-1006 - Limited - Enabled) => C:\Users\Invitados1
Pau (S-1-5-21-2394460862-3132608155-2558793003-1001 - Administrator - Enabled) => C:\Users\Pau
WDAGUtilityAccount (S-1-5-21-2394460862-3132608155-2558793003-504 - Limited - Disabled)

==================== Centro de Seguridad ========================

(Si una entrada es incluida en el fixlist, será eliminada.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Disabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Programas instalados ======================

(Solo los programas de adware con indicador "Oculto", pueden ser añadidos al fixlist para hacerlos visibles. Los programas adware deben ser desinstalados manualmente.)

${APPNAME} (HKLM-x32\...\${APPNAME}) (Version:  - )
abFiles (HKLM-x32\...\{13885028-098C-4799-9B71-27DAC96502D5}) (Version: 2.07.2004 - Acer Incorporated)
abPhoto (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 4.00.2001.1 - Acer Incorporated)
Amazon Games (HKU\S-1-5-21-2394460862-3132608155-2558793003-1001\...\{4DD10B06-78A4-4E6F-AA39-25E9C38FA568}) (Version: 1.1.136.3 - Amazon.com Services, Inc.)
App Explorer (HKU\S-1-5-21-2394460862-3132608155-2558793003-1000\...\Host App Service) (Version: 0.272.1.295 - SweetLabs) <==== ATENCIÓN
App Explorer (HKU\S-1-5-21-2394460862-3132608155-2558793003-1006\...\Host App Service) (Version: 0.272.1.295 - SweetLabs) <==== ATENCIÓN
Audacity 2.2.2 (HKLM-x32\...\Audacity_is1) (Version: 2.2.2 - Audacity Team)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 20.2.2401 - Avast Software)
Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 80.0.3764.149 - Los creadores de Avast Secure Browser)
Avast Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.4.136.333 - AVAST Software) Hidden
Bonjour (HKLM\...\{B91110FB-33B4-468B-90C2-4D5E8AE3FAE1}) (Version: 2.0.2.0 - Apple Inc.)
Canon Utilities CameraWindow DC 8 (HKLM-x32\...\CameraWindowDC) (Version: 8.10.4.24 - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.65 - Piriform)
Driver Booster 5 (HKLM-x32\...\Driver Booster_is1) (Version: 5.5.1 - IObit)
Egistec Touch Fingerprint Sensor WBF Driver (HKLM-x32\...\{E8C889B8-0A8B-46BA-B433-F7D6968A6543}) (Version: 3.5.3.2 - Egis Technology Inc.) Hidden
EgisTec Touch Fingerprint Sensor WBF Driver (HKLM-x32\...\InstallShield_{E8C889B8-0A8B-46BA-B433-F7D6968A6543}) (Version: 3.5.3.2 - Egis Technology Inc.)
ELAN HIDI2C Filter Driver X64 13.6.8.2_WHQL (HKLM\...\Elantech) (Version: 13.6.8.2 - ELAN Microelectronic Corp.)
Epic Games Launcher (HKLM-x32\...\{BF267CB6-EC73-4AA9-991E-7BEA0B87419B}) (Version: 1.1.144.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Freedome VPN (HKLM-x32\...\F-Secure Freedome) (Version: 1.3.2915.0 - F-Secure Corporation)
Freedome VPN (source) (HKLM-x32\...\{83A4BF20-6745-437C-98D8-3C4B94D174EB}) (Version: 1.16.0612 - Acer)
GIMP 2.8.22 (HKLM\...\GIMP-2_is1) (Version: 2.8.22 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 80.0.3987.163 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
Grand Theft Auto: San Andreas (HKLM-x32\...\Grand Theft Auto: San Andreas) (Version: 1.0.0.22 - Rockstar Games)
HL-3150CDW (HKLM-x32\...\{C6580DE1-F539-4700-ADD2-3185121E51A8}) (Version: 1.0.1.0 - Brother Industries, Ltd.)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.6.0.1025 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 22.20.16.4691 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 15.2.0.1020 - Intel Corporation)
Java 8 Update 201 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180201F0}) (Version: 8.0.2010.9 - Oracle Corporation)
Java 8 Update 45 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418045F0}) (Version: 8.0.450 - Oracle Corporation)
KMSpico (HKLM\...\{8B29D47F-92E2-4C20-9EE0-F710991F5D7C}_is1) (Version:  - )
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
League of Legends (HKLM-x32\...\{62292933-30AF-4962-B6BB-59191D386D94}) (Version: 4.2.1 - Riot Games) Hidden
League of Legends (HKLM-x32\...\League of Legends 4.2.1) (Version: 4.2.1 - Riot Games)
Malwarebytes version 4.1.0.56 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.1.0.56 - Malwarebytes)
MergeModule_x64 (HKLM\...\{12DCC5A7-0100-4433-B4FF-217A3C5DC83B}) (Version: 9.3.00 - Sony Corporation) Hidden
MergeModule_x86 (HKLM-x32\...\{42251A8D-C4AE-4D3B-8A50-948CB98A0969}) (Version: 10.5.00 - Sony Corporation) Hidden
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}) (Version: 3.5.67.0 - Microsoft Corporation)
Microsoft Office Profesional Plus 2016 - es-es (HKLM\...\ProPlusRetail - es-es) (Version: 16.0.12624.20382 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2394460862-3132608155-2558793003-1001\...\OneDriveSetup.exe) (Version: 19.232.1124.0010 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2394460862-3132608155-2558793003-1006\...\OneDriveSetup.exe) (Version: 19.232.1124.0008 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.22.27821 (HKLM-x32\...\{6361b579-2795-4886-b2a8-53d5239b6452}) (Version: 14.22.27821.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.22.27821 (HKLM-x32\...\{5bfc1380-fd35-4b85-9715-7351535d077e}) (Version: 14.22.27821.0 - Microsoft Corporation)
Mozilla Firefox 47.0.2 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 47.0.2 (x86 en-US)) (Version: 47.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 45.0 - Mozilla)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 22.0.2 - OBS Project)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.12624.20320 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.12624.20320 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.12624.20382 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0C0A-0000-0000000FF1CE}) (Version: 16.0.12624.20320 - Microsoft Corporation) Hidden
OpenShot Video Editor versión 2.4.2 (HKLM\...\{4BB0DCDC-BC24-49EC-8937-72956C33A470}_is1) (Version: 2.4.2 - OpenShot Studios, LLC)
PMB_ModeEditor (HKLM-x32\...\{E95982CA-945F-41F2-B156-A603897AB242}) (Version: 10.3.00 - Sony Corporation) Hidden
Pokemon Uranium (HKLM-x32\...\Pokemon Uranium) (Version: 1.2.1 - Pokemon Uranium Team)
Qualcomm Atheros 11ac Wireless LAN Installer (HKLM-x32\...\{20CA507E-24AA-4741-87CF-CC1B250790B7}) (Version: 11.0.10388 - Qualcomm Atheros)
Qualcomm Atheros Bluetooth Installer (64) (HKLM\...\{628988B4-3FA5-4EA6-BAA3-DA640F6718BD}) (Version: 10.0.0.278 - Qualcomm Atheros)
Razer Cortex (HKLM-x32\...\Razer Cortex_is1) (Version: 9.0.72.876 - Razer Inc.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.14393.31228 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8581 - Realtek Semiconductor Corp.)
Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.6.132 - Rockstar Games)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.0.3.1 - Rockstar Games)
RPG Maker XP 1.02a (HKLM-x32\...\RPG Maker XP) (Version: 1.02a - Enterbrain, inc.)
Software para dispositivos de chipset Intel® (HKLM-x32\...\{226be6c3-8e08-4d52-bd3a-d361008448c5}) (Version: 10.1.1.37 - Intel(R) Corporation) Hidden
Spotify (HKU\S-1-5-21-2394460862-3132608155-2558793003-1001\...\Spotify) (Version: 1.1.30.658.gf13cde74 - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Stellarium 0.19.1.1 (HKLM\...\Stellarium_is1) (Version: 0.19.1.1 - Stellarium team)
SURVEY_PROGRAM (HKU\S-1-5-21-2394460862-3132608155-2558793003-1001\...\SURVEY_PROGRAM) (Version:  - )
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden
Vulkan Run Time Libraries 1.0.42.0 (HKLM\...\VulkanRT1.0.42.0) (Version: 1.0.42.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.42.0 (HKLM\...\VulkanRT1.0.42.0-2) (Version: 1.0.42.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.42.0 (HKLM\...\VulkanRT1.0.42.0-4) (Version: 1.0.42.0 - LunarG, Inc.)
WinRAR 5.71 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.71.0 - win.rar GmbH)
Wondershare Filmora(Build 8.5.0) (HKLM\...\Wondershare Filmora_is1) (Version:  - Wondershare Software)
Wondershare Helper Compact 2.6.0 (HKLM-x32\...\{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.6.0 - Wondershare)
World of Tanks (HKU\S-1-5-21-2394460862-3132608155-2558793003-1001\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812eu}_is1) (Version:  - Wargaming.net)
Zoom (HKU\S-1-5-21-2394460862-3132608155-2558793003-1001\...\ZoomUMX) (Version: 4.6 - Zoom Video Communications, Inc.)

Packages:
=========
Acer Collection -> C:\Program Files\WindowsApps\AcerIncorporated.AcerCollection_1.1.3013.0_x64__48frkmn4z8aw4 [2018-10-20] (Acer Incorporated)
Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.1.0.0_x64__tf1gferkr813w [2019-11-07] (Autodesk Inc.)
Booking.com -> C:\Program Files\WindowsApps\Booking.com_1.0.1606.2210_x64__96rgg7pjt343r [2016-11-24] (CN=Acer Incorporated)
Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.165.800.0_x86__kgqvnymyfvs32 [2020-04-04] (king.com)
Disney Magic Kingdoms -> C:\Program Files\WindowsApps\A278AB0D.DisneyMagicKingdoms_4.9.0.6_x86__h6adky7gbf63m [2020-03-14] (Gameloft SE)
eBay -> C:\Program Files\WindowsApps\eBay_1.0.1606.2210_x64__96rgg7pjt343r [2016-11-24] (CN=Acer Incorporated)
FIFA Mobile Fútbol -> C:\Program Files\WindowsApps\ElectronicArtsMobile.FIFA17Mobile_6.2.1.0_x86__q5ha1ztykcgvj [2017-07-29] (Electronic Arts)
Jetpack Joyride -> C:\Program Files\WindowsApps\HalfbrickStudiosPtyLtd.JetpackJoyride_1.0.3.68_x86__w77bc8x1h5kya [2017-05-07] (Halfbrick Studios Pty Ltd)
Kindle -> C:\Program Files\WindowsApps\AMZNMobileLLC.KindleforWindows8_2.1.0.2_neutral__stfe6vwa9jnbp [2017-08-05] (AMZN Mobile LLC)
March of Empires: War of Lords -> C:\Program Files\WindowsApps\A278AB0D.MarchofEmpires_4.7.0.11_x86__h6adky7gbf63m [2020-04-02] (Gameloft SE)
Master of Typing 3 -> C:\Program Files\WindowsApps\AcademMediaLabs.MasterofTyping3_1.1.0.0_x64__cqk2amf1mbxjr [2017-06-17] (Academ Media Labs) [MS Ad]
Meme-Generador -> C:\Program Files\WindowsApps\8840NaveenCS.Meme-Generator_3.3.0.0_neutral__20e0kv46hk748 [2018-05-23] (Naveen CS)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-20] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-20] (Microsoft Corporation) [MS Ad]
Microsoft News: Noticias destacadas en español -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-25] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.6.1224.0_x64__8wekyb3d8bbwe [2020-03-26] (Microsoft Studios) [MS Ad]
Mind Maps Pro -> C:\Program Files\WindowsApps\BallardAppCraftery.MindMapsPro2Beta_1.1.27.0_x64__epyrqhfctk40t [2019-02-09] (User Camp)
Minecraft for Windows 10 -> C:\Program Files\WindowsApps\Microsoft.MinecraftUWP_1.14.3002.0_x64__8wekyb3d8bbwe [2020-02-13] (Microsoft Studios)
MSN El Tiempo -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-25] (Microsoft Corporation) [MS Ad]
Music Maker Jam -> C:\Program Files\WindowsApps\MAGIX.MusicMakerJam_3.1.1.0_x64__a2t3txkz9j1jw [2020-01-24] (MAGIX)
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.96.725.0_x64__mcm4njqhnhss8 [2020-04-11] (Netflix, Inc.)
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.Twitter_6.1.4.1000_neutral__wgeqdkkx372wm [2018-09-09] (Twitter Inc.)
VLC -> C:\Program Files\WindowsApps\VideoLAN.VLC_3.2.1.0_x64__paz6r1rewnh0a [2019-06-05] (VideoLAN)
WildTangent Games -> C:\Program Files\WindowsApps\WildTangentGames.63435CFB65F55_2.0.82.0_x64__qt5r5pa5dyg8m [2019-12-24] (WildTangent Games)

==================== Personalizado CLSID (Lista blanca): ==============

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

ShellIconOverlayIdentifiers: [ ACloudSynced] -> {5CCE71FA-9F61-4F24-9CD1-98D819B40D68} =>  -> Ningún archivo
ShellIconOverlayIdentifiers: [ ACloudSyncing] -> {C1E1456F-C2D8-4C96-870D-35F1E13941EE} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2017-10-02] (Acer Incorporated -> Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudToBeSynced] -> {307523FA-DDC0-4068-983F-2A6B34627744} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2017-10-02] (Acer Incorporated -> Acer Incorporated)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-04-11] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-04-11] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-04-11] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-04-11] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> Ningún archivo
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_82548830eadb8221\igfxDTCM.dll [2017-08-03] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-04-11] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-04-11] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Lista blanca) ====================

==================== Accesos directos & WMI ========================

(Las entradas pueden ser listadas para ser restauradas o eliminadas.)

ShortcutWithArgument: C:\Users\Pau\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\d249d9ddd424b688\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default

==================== Módulos cargados (Lista blanca) =============

2018-05-12 17:09 - 2009-02-27 16:38 - 000139264 ____R () [Archivo no firmado] C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2018-05-12 17:09 - 2012-07-13 13:09 - 000385024 ____N (Brother Industries, Ltd.) [Archivo no firmado] C:\Program Files (x86)\Browny02\BrMonitor.dll
2018-05-12 17:09 - 2010-09-29 17:07 - 000180224 ____N (Brother Industries, Ltd.) [Archivo no firmado] C:\Program Files (x86)\Browny02\BroSNMP.dll

==================== Alternate Data Streams (Lista blanca) ========

(Si una entrada es incluida en el fixlist, solamente los ADS serán eliminados.)

AlternateDataStreams: C:\Users\Public\AppData:CSM [468]
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [476]

==================== Modo Seguro (Lista blanca) ==================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El "AlternateShell" será restaurado.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Asociación (Lista blanca) =================

==================== Internet Explorer sitios de confianza/restringidos ==========

==================== Hosts contenido: =========================

(Si es necesario, la directiva Hosts: puede ser incluida en el fixlist para restablecer Hosts.)

2016-07-16 13:47 - 2019-01-04 17:58 - 000000827 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Otras Áreas ===========================

(Actualmente no existe una corrección automática para esta sección.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-2394460862-3132608155-2558793003-1000\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-21-2394460862-3132608155-2558793003-1001\Control Panel\Desktop\\Wallpaper -> c:\users\pau\downloads\cropped-1366-768-993206.jpg
HKU\S-1-5-21-2394460862-3132608155-2558793003-1006\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img2.jpg
DNS Servers: El medio no está conectado a internet.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn)
Firewall de Windows está habilitado.

==================== MSCONFIG/TASK MANAGER elementos deshabilitados ==

(Si una entrada es incluida en el fixlist, será eliminada.)

HKLM\...\StartupApproved\Run: => "Logitech Download Assistant"
HKLM\...\StartupApproved\Run32: => "Wondershare Helper Compact.exe"
HKU\S-1-5-21-2394460862-3132608155-2558793003-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2394460862-3132608155-2558793003-1001\...\StartupApproved\Run: => "AvastBrowserAutoLaunch_07CA85A6BC7C208C84A3BF50C35C2DF1"

==================== Reglas de firewall (Lista blanca) ================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

FirewallRules: [UDP Query User{F3EF55FD-9566-40D7-8CAD-25BE8DEA4DDA}C:\program files\java\jre1.8.0_201\bin\javaw.exe] => (Block) C:\program files\java\jre1.8.0_201\bin\javaw.exe
FirewallRules: [TCP Query User{9A9308CF-5958-4D09-B57B-B5AB354709DE}C:\program files\java\jre1.8.0_201\bin\javaw.exe] => (Block) C:\program files\java\jre1.8.0_201\bin\javaw.exe
FirewallRules: [UDP Query User{AB175CF0-46C3-48C0-8D1C-7273DDC2D6DC}C:\riot games\league of legends\game\league of legends.exe] => (Block) C:\riot games\league of legends\game\league of legends.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [TCP Query User{511388A0-66EE-42DE-ABFD-780056E0026A}C:\riot games\league of legends\game\league of legends.exe] => (Block) C:\riot games\league of legends\game\league of legends.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [{EF6C5AAD-3425-4CDA-99F2-3114BB238EB8}] => (Block) C:\program files\java\jre1.8.0_45\bin\javaw.exe
FirewallRules: [{930CBE69-371E-4DA9-BB57-E7188E980DF9}] => (Block) C:\program files\java\jre1.8.0_45\bin\javaw.exe
FirewallRules: [UDP Query User{2540312D-1AAC-4E8C-B124-0A7BEDDD32CB}C:\program files\java\jre1.8.0_45\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_45\bin\javaw.exe
FirewallRules: [TCP Query User{D7BDF96B-4A77-4F5D-8B37-9A76EB9C1926}C:\program files\java\jre1.8.0_45\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_45\bin\javaw.exe
FirewallRules: [{30B8E73D-CCA0-42D9-9283-604EA1DF7AC1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Undertale\UNDERTALE.exe (Toby Fox ) [Archivo no firmado]
FirewallRules: [{67870C68-B47C-43BC-8092-BB92F11D9711}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Undertale\UNDERTALE.exe (Toby Fox ) [Archivo no firmado]
FirewallRules: [{AAF8EB15-E89A-41F8-B63B-76A5539112E0}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{5358DBB1-BFAE-4901-95F6-61A3C30E7528}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{B8C8BAB5-EFBA-48E4-9EF9-C66A068CE22A}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{7B19836C-1EEB-45E7-8249-BBF54EE89EE0}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{1491A182-3CBC-4C99-88B7-E5EBDC9CABD1}] => (Block) C:\program files\openshot video editor\launch.exe () [Archivo no firmado]
FirewallRules: [{23C8C168-D917-40CB-AC1E-B4EFDA43B666}] => (Block) C:\program files\openshot video editor\launch.exe () [Archivo no firmado]
FirewallRules: [UDP Query User{4F671F8C-CF87-489F-868F-6D1A773057E7}C:\program files\openshot video editor\launch.exe] => (Allow) C:\program files\openshot video editor\launch.exe () [Archivo no firmado]
FirewallRules: [TCP Query User{E88D556D-5412-4648-B403-1AA78D4ABDA9}C:\program files\openshot video editor\launch.exe] => (Allow) C:\program files\openshot video editor\launch.exe () [Archivo no firmado]
FirewallRules: [{0DAF0532-84C7-4E35-9BEB-912839FDE09F}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{5CCEBE1D-12E1-41BA-8C9A-C86F3CCC880C}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{01CA9CA5-A6C0-4A50-A77F-9EFBA0B193D0}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{AAE3986F-B0B6-42C3-B145-2D3AEB6E1290}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{7A223861-3C38-4814-A8F7-6EC0EA7FC29E}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\5.5.1\AutoUpdate.exe (IObit Information Technology -> IObit)
FirewallRules: [{C9B58908-09C1-4585-9A7C-4AB7BCB3803E}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\5.5.1\AutoUpdate.exe (IObit Information Technology -> IObit)
FirewallRules: [{B07C6D7D-09DB-4511-9AC0-111D5349FA61}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\5.5.1\DBDownloader.exe (IObit Information Technology -> IObit)
FirewallRules: [{16581CC2-DAF7-459A-A439-01C48080B356}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\5.5.1\DBDownloader.exe (IObit Information Technology -> IObit)
FirewallRules: [{D89D1C55-19E1-41CC-9A8A-61CCBED8C0AC}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\5.5.1\DriverBooster.exe (IObit Information Technology -> IObit)
FirewallRules: [{97FF5EBC-1CCA-485A-A7A7-7D09D5B72DF5}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\5.5.1\DriverBooster.exe (IObit Information Technology -> IObit)
FirewallRules: [{CE813D52-08D4-4AFD-A28C-D66E565D1533}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{8D7308A0-14ED-4F16-ADBC-B2DD932A0FB5}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{BF4B1B41-D1C8-4FEB-ABA1-4B2C9ED5961D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{33F60CF4-63B4-440E-8434-FBCB948EA3BA}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{EE2AEF00-D945-44B1-8BB2-B8C3DB171C7D}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe Ningún archivo
FirewallRules: [{1331EC2A-621B-433C-A819-80F2DE43B45D}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe Ningún archivo
FirewallRules: [{A8B22284-2C73-4257-9CA6-0DD1E19D8F9A}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe (Acer Incorporated -> acer)
FirewallRules: [{20C99FE6-75B6-4E7D-9546-AD901995EA40}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe (Acer Incorporated -> acer)
FirewallRules: [{575CF7BE-DC87-4B8B-9A6E-EE879BF4CD61}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe (Acer Incorporated -> acer)
FirewallRules: [{511EEDBB-BBFE-483C-997A-CEDA028B85F0}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe (Acer Incorporated -> acer)
FirewallRules: [{12A6ED49-EEF0-4B14-BEFD-F206F97400BF}] => (Allow) LPort=1688
FirewallRules: [TCP Query User{BBAB78FF-5271-4F56-B684-D29399FACFE7}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Block) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{C5297B6C-4BA9-4839-BBFF-B07FA35F84E9}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Block) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{6D24DB96-B2DC-43AD-BEA9-54F8D5EA68F8}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{E9B84FC1-9E12-4AC8-B384-3B3E5F43629D}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{8386D1EA-0841-43C0-AC5D-3063580239DC}] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{A9D97325-64FC-454A-9AC0-029F44EB9B63}] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{2C2AF13F-AA46-441E-A591-C22D8ECC8077}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cuisine Royale\eac_launcher.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{1E53181E-A8E1-4A75-B977-D5F842E48C02}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cuisine Royale\eac_launcher.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{0E39CF0D-EB09-4569-AA66-C5FA36E37B9E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cuisine Royale\launcher.exe (Gaijin Network LTD -> Gaijin Entertainment)
FirewallRules: [{40372757-D2BF-48F4-9F33-5B08F1822F97}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cuisine Royale\launcher.exe (Gaijin Network LTD -> Gaijin Entertainment)
FirewallRules: [{42766982-E1B2-4E37-B79A-48D776480647}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cuisine Royale\bpreport.exe () [Archivo no firmado]
FirewallRules: [{EA58DFAC-BF88-4CE0-8EC0-4884D32C0DF3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cuisine Royale\bpreport.exe () [Archivo no firmado]
FirewallRules: [{7AD7DBA8-B781-467E-8C58-93C386C8E6A6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cuisine Royale\win32\bpreport.exe () [Archivo no firmado]
FirewallRules: [{3E7C8962-9094-4C61-9948-7BEE3BE594C5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cuisine Royale\win32\bpreport.exe () [Archivo no firmado]
FirewallRules: [{932DE9F4-7E70-4943-90BF-47CD44795772}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cuisine Royale\gaijin_downloader.exe (Gaijin Network LTD -> Gaijin Entertainment)
FirewallRules: [{CCDCA986-AD0B-4090-AF45-291807D7EACA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cuisine Royale\gaijin_downloader.exe (Gaijin Network LTD -> Gaijin Entertainment)
FirewallRules: [{92B3F0E9-151F-4F9E-95DD-9B08C4AE9C39}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cuisine Royale\win64\enlisted.exe (Gaijin Network LTD -> Gaijin Entertainment)
FirewallRules: [{6BDF4C2D-7FCB-461A-83B7-7AC051B22A46}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cuisine Royale\win64\enlisted.exe (Gaijin Network LTD -> Gaijin Entertainment)
FirewallRules: [{63B4AC05-956E-43AB-8DBC-00C91617C441}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cuisine Royale\win32\enlisted.exe (Gaijin Network LTD -> Gaijin Entertainment)
FirewallRules: [{255E778A-AEC8-43DC-97CA-F7FB47F004A0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cuisine Royale\win32\enlisted.exe (Gaijin Network LTD -> Gaijin Entertainment)
FirewallRules: [TCP Query User{C2D8BBA5-075E-4985-BEDE-7AA24107A8AC}C:\users\pau\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\pau\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{FDE4A4C7-9C0D-432A-90ED-5E3AD0E33386}C:\users\pau\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\pau\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{4C1AD4D6-0136-4FA0-8315-C3CF7B8C0F85}] => (Block) C:\users\pau\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{C273A8D1-1B29-4B47-ABA6-961989C0BD83}] => (Block) C:\users\pau\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{734EB209-28F0-4F58-8AD2-9126F33C5CDF}] => (Allow) C:\Users\Pau\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{BC9A3FDF-D5FB-4E26-B991-6B821064B591}] => (Allow) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{40A728C5-EEDF-4233-93B3-2167B7210335}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{CBD1D0FB-A63B-476D-BC97-88616B3243E6}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)

==================== Puntos de Restauración =========================

31-03-2020 12:59:33 Punto de control programado
04-04-2020 01:55:18 Windows Update
11-04-2020 14:18:58 Punto de comprobación por HitmanPro
11-04-2020 20:21:57 AdwCleaner_BeforeCleaning_11/04/2020_20:21:56
11-04-2020 20:24:03 JRT Pre-Junkware Removal

==================== Dispositivos defectuosos en el Administrador de dispositivos ============


==================== Errores del registro de eventos: ========================

Errores de aplicación:
==================
Error: (04/11/2020 08:22:19 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Error del Servicio de instantáneas de volumen: error inesperado al llamar a la rutina CoCreateInstance. HR = 0x8007045b, Se está cerrando el sistema.
.

Error: (04/11/2020 08:22:19 PM) (Source: VSS) (EventID: 13) (User: )
Description: Información del Servicio de instantáneas de volumen: el servidor COM con CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} y el nombre CEventSystem no puede iniciarse. [0x8007045b, Se está cerrando el sistema.
]

Error: (04/11/2020 08:22:19 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Error del Servicio de instantáneas de volumen: error inesperado al llamar a la rutina CoCreateInstance. HR = 0x8007045b, Se está cerrando el sistema.
.

Error: (04/11/2020 08:22:19 PM) (Source: VSS) (EventID: 13) (User: )
Description: Información del Servicio de instantáneas de volumen: el servidor COM con CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} y el nombre CEventSystem no puede iniciarse. [0x8007045b, Se está cerrando el sistema.
]

Error: (04/11/2020 08:17:01 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (4456,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) al abrir un archivo de registro C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (04/11/2020 08:08:06 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Error del Servicio de instantáneas de volumen: error inesperado al llamar a la rutina CoCreateInstance. HR = 0x8007045b, Se está cerrando el sistema.
.

Error: (04/11/2020 08:08:06 PM) (Source: VSS) (EventID: 13) (User: )
Description: Información del Servicio de instantáneas de volumen: el servidor COM con CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} y el nombre CEventSystem no puede iniciarse. [0x8007045b, Se está cerrando el sistema.
]

Error: (04/11/2020 08:05:55 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Error del Servicio de instantáneas de volumen: error inesperado al llamar a la rutina CoCreateInstance. HR = 0x8007045b, Se está cerrando el sistema.
.


Errores del sistema:
=============
Error: (04/11/2020 08:22:41 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio PMBDeviceInfoProvider no pudo iniciarse debido al siguiente error: 
El sistema no puede encontrar el archivo especificado.

Error: (04/11/2020 08:22:09 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio ICEsound Service se terminó de manera inesperada. Esto ha sucedido 1 veces.

Error: (04/11/2020 08:22:09 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio Intel(R) Storage Middleware Service se terminó de manera inesperada. Esto ha sucedido 1 veces.

Error: (04/11/2020 08:22:09 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio Intel(R) Content Protection HDCP Service se terminó de manera inesperada. Esto ha sucedido 1 veces.

Error: (04/11/2020 08:22:09 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio Intel(R) Dynamic Application Loader Host Interface Service se terminó de manera inesperada. Esto ha sucedido 1 veces.

Error: (04/11/2020 08:22:09 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio Razer Game Manager se terminó de manera inesperada. Esto ha sucedido 1 veces.

Error: (04/11/2020 08:22:09 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio Intel(R) Content Protection HECI Service se terminó de manera inesperada. Esto ha sucedido 1 veces.

Error: (04/11/2020 08:22:09 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: El servicio Servicio Hacer clic y ejecutar de Microsoft Office terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 0 milisegundos: Reiniciar el servicio.


Windows Defender:
===================================
Date: 2019-09-16 00:24:05.743
Description: 
Antivirus de Windows Defender detectó malware u otro software potencialmente no deseado.
Para más información, consulta lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win64/AutoKMS&threatid=2147723334&enterprise=0
Nombre: HackTool:Win64/AutoKMS
Id.: 2147723334
Gravedad: Alta
Categoría: Herramienta
Ruta de acceso: file:_C:\Windows\SECOH-QAD.dll
Origen de detección: Equipo local
Tipo de detección: Concreto
Origen de detección: Protección en tiempo real
Usuario: NT AUTHORITY\SYSTEM
Nombre de proceso: C:\Program Files\AVAST Software\Avast\AvastSvc.exe
Versión de inteligencia de seguridad: AV: 1.301.1377.0, AS: 1.301.1377.0, NIS: 1.301.1377.0
Versión de motor: AM: 1.1.16300.1, NIS: 1.1.16300.1

Date: 2019-09-16 00:14:41.864
Description: 
Antivirus de Windows Defender detectó malware u otro software potencialmente no deseado.
Para más información, consulta lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win32/AutoKMS&threatid=2147685180&enterprise=0
Nombre: HackTool:Win32/AutoKMS
Id.: 2147685180
Gravedad: Alta
Categoría: Herramienta
Ruta de acceso: file:_C:\Program Files\KMSpico\scripts\Install_Service.cmd; file:_C:\Program Files\KMSpico\scripts\Install_Task.cmd; file:_C:\Program Files\KMSpico\scripts\UnInstall_Service.cmd
Origen de detección: Equipo local
Tipo de detección: Concreto
Origen de detección: Protección en tiempo real
Usuario: NT AUTHORITY\SYSTEM
Nombre de proceso: C:\Program Files\AVAST Software\Avast\AvastSvc.exe
Versión de inteligencia de seguridad: AV: 1.301.1377.0, AS: 1.301.1377.0, NIS: 1.301.1377.0
Versión de motor: AM: 1.1.16300.1, NIS: 1.1.16300.1

Date: 2019-09-16 00:14:20.674
Description: 
Antivirus de Windows Defender detectó malware u otro software potencialmente no deseado.
Para más información, consulta lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win32/AutoKMS&threatid=2147685180&enterprise=0
Nombre: HackTool:Win32/AutoKMS
Id.: 2147685180
Gravedad: Alta
Categoría: Herramienta
Ruta de acceso: file:_C:\Program Files\KMSpico\scripts\Install_Service.cmd; file:_C:\Program Files\KMSpico\scripts\Install_Task.cmd; file:_C:\Program Files\KMSpico\scripts\UnInstall_Service.cmd
Origen de detección: Equipo local
Tipo de detección: Concreto
Origen de detección: Protección en tiempo real
Usuario: NT AUTHORITY\SYSTEM
Nombre de proceso: C:\Program Files\AVAST Software\Avast\AvastSvc.exe
Versión de inteligencia de seguridad: AV: 1.301.1377.0, AS: 1.301.1377.0, NIS: 1.301.1377.0
Versión de motor: AM: 1.1.16300.1, NIS: 1.1.16300.1

Date: 2019-09-16 00:14:20.524
Description: 
Antivirus de Windows Defender detectó malware u otro software potencialmente no deseado.
Para más información, consulta lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win32/AutoKMS&threatid=2147685180&enterprise=0
Nombre: HackTool:Win32/AutoKMS
Id.: 2147685180
Gravedad: Alta
Categoría: Herramienta
Ruta de acceso: file:_C:\Program Files\KMSpico\scripts\Install_Service.cmd; file:_C:\Program Files\KMSpico\scripts\Install_Task.cmd
Origen de detección: Equipo local
Tipo de detección: Concreto
Origen de detección: Protección en tiempo real
Usuario: NT AUTHORITY\SYSTEM
Nombre de proceso: C:\Program Files\AVAST Software\Avast\AvastSvc.exe
Versión de inteligencia de seguridad: AV: 1.301.1377.0, AS: 1.301.1377.0, NIS: 1.301.1377.0
Versión de motor: AM: 1.1.16300.1, NIS: 1.1.16300.1

Date: 2019-09-16 00:14:20.442
Description: 
Antivirus de Windows Defender detectó malware u otro software potencialmente no deseado.
Para más información, consulta lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win32/AutoKMS&threatid=2147685180&enterprise=0
Nombre: HackTool:Win32/AutoKMS
Id.: 2147685180
Gravedad: Alta
Categoría: Herramienta
Ruta de acceso: file:_C:\Program Files\KMSpico\scripts\Install_Service.cmd
Origen de detección: Equipo local
Tipo de detección: Concreto
Origen de detección: Protección en tiempo real
Usuario: NT AUTHORITY\SYSTEM
Nombre de proceso: C:\Program Files\AVAST Software\Avast\AvastSvc.exe
Versión de inteligencia de seguridad: AV: 1.301.1377.0, AS: 1.301.1377.0, NIS: 1.301.1377.0
Versión de motor: AM: 1.1.16300.1, NIS: 1.1.16300.1

Date: 2020-04-11 20:23:59.066
Description: 
Antivirus de Windows Defender detectó un error al intentar actualizar la inteligencia de seguridad.
Nueva versión de inteligencia de seguridad: 
Versión anterior de inteligencia de seguridad: 1.301.1377.0
Origen de actualización: Centro de protección contra malware de Microsoft
Tipo de inteligencia de seguridad: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\Servicio de red
Versión actual del motor: 
Versión anterior del motor: 1.1.16300.1
Código de error: 0x80072ee7
Descripción del error: No se pudo resolver el nombre de servidor o su dirección 

Date: 2020-04-11 20:23:59.065
Description: 
Antivirus de Windows Defender detectó un error al intentar actualizar la inteligencia de seguridad.
Nueva versión de inteligencia de seguridad: 
Versión anterior de inteligencia de seguridad: 1.301.1377.0
Origen de actualización: Centro de protección contra malware de Microsoft
Tipo de inteligencia de seguridad: AntiSpyware
Tipo de actualización: Completa
Usuario: NT AUTHORITY\Servicio de red
Versión actual del motor: 
Versión anterior del motor: 1.1.16300.1
Código de error: 0x80072ee7
Descripción del error: No se pudo resolver el nombre de servidor o su dirección 

Date: 2020-04-11 20:23:59.065
Description: 
Antivirus de Windows Defender detectó un error al intentar actualizar la inteligencia de seguridad.
Nueva versión de inteligencia de seguridad: 
Versión anterior de inteligencia de seguridad: 1.301.1377.0
Origen de actualización: Centro de protección contra malware de Microsoft
Tipo de inteligencia de seguridad: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\Servicio de red
Versión actual del motor: 
Versión anterior del motor: 1.1.16300.1
Código de error: 0x80072ee7
Descripción del error: No se pudo resolver el nombre de servidor o su dirección 

Date: 2020-04-11 20:23:59.059
Description: 
Antivirus de Windows Defender detectó un error al intentar actualizar la inteligencia de seguridad.
Nueva versión de inteligencia de seguridad: 
Versión anterior de inteligencia de seguridad: 1.301.1377.0
Origen de actualización: Centro de protección contra malware de Microsoft
Tipo de inteligencia de seguridad: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\Servicio de red
Versión actual del motor: 
Versión anterior del motor: 1.1.16300.1
Código de error: 0x80072ee7
Descripción del error: No se pudo resolver el nombre de servidor o su dirección 

Date: 2020-04-11 20:23:59.058
Description: 
Antivirus de Windows Defender detectó un error al intentar actualizar la inteligencia de seguridad.
Nueva versión de inteligencia de seguridad: 
Versión anterior de inteligencia de seguridad: 1.301.1377.0
Origen de actualización: Centro de protección contra malware de Microsoft
Tipo de inteligencia de seguridad: AntiSpyware
Tipo de actualización: Completa
Usuario: NT AUTHORITY\Servicio de red
Versión actual del motor: 
Versión anterior del motor: 1.1.16300.1
Código de error: 0x80072ee7
Descripción del error: No se pudo resolver el nombre de servidor o su dirección 

CodeIntegrity:
===================================

Date: 2020-04-11 20:24:02.831
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.

Date: 2020-04-11 20:23:52.510
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.

Date: 2020-04-11 20:23:52.491
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.

Date: 2020-04-11 20:23:52.400
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.

Date: 2020-04-11 20:23:48.248
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.

Date: 2020-04-11 20:23:48.230
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.

Date: 2020-04-11 20:23:48.213
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.

Date: 2020-04-11 20:23:48.195
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.

==================== Información de la memoria =========================== 

BIOS: Insyde Corp. V1.01 11/08/2016
Placa base: Acer M3_SK
Procesador: Intel(R) Core(TM) i7-7500U CPU @ 2.70GHz
Porcentaje de memoria en uso: 36%
RAM física total: 8060.23 MB
RAM física disponible: 5131.83 MB
Virtual total: 11004.23 MB
Virtual disponible: 8329.7 MB

==================== Unidades ================================

Drive c: (Acer) (Fixed) (Total:237.36 GB) (Free:47.37 GB) NTFS

\\?\Volume{63d371cf-0e35-4e24-a2f7-fcb70ae074b4}\ (Recovery) (Fixed) (Total:1 GB) (Free:0.56 GB) NTFS
\\?\Volume{69f0283a-ea1a-4153-88e1-3ec653024a6c}\ (ESP) (Fixed) (Total:0.09 GB) (Free:0.04 GB) FAT32

==================== MBR & Tabla de particiones ====================

==========================================================
Disk: 0 (Size: 238.5 GB) (Disk ID: 1EF0A6EF)

Partition: GPT.

==================== Final de Addition.txt =======================

En cuanto al problema, persiste. Pero como ya le he dicho, estoy casi seguro de que se debe a que mi ip está en una blacklist. Lo que me interesa saber es si mi inclusión en esta se ha provocado por un virus que hacía búsquedas, spam, desde mi navegador.

EDIT: Con esto me refiero al problema sobre el “.io”, sobre el del tráfico inusual aún no he visto nada pero también es verdad que no me salta siempre, solo de vez en cuando

Hola.

Todavía nos quedan cosas por hacer, NO descarto que TU IP pueda estar en una “blacklist”, pero antes de llegar esa conclusión debemos hacer algunos pasos más. :face_with_monocle:

Mientras termino de revisar los informes vas a realizar lo siguiente, descarga e instala este programa :arrow_right: Manual de Revo Uninstaller :+1:

Y úsalo para desinstalar todos los programas que encuentres que se llamen o tengan en su nombre, cualquiera de estas denominaciones :

Java
App Explorer
Driver Booster 
SweetLabs
Avast Secure Browser
IObit

Cuando Revo te pida, que selecciones el método de desinstalación, seleccionas “Avanzado”.

Si durante el proceso te solicita “Reiniciar” NO lo hagas, dile que NO y deja que Revo siga trabajando.

Cuando termines todos los procesos de desinstalación ya REINICIAS tú el ordenador.

Nos comentas SI hubo alguna incidencia al hacerlo…??

Saludos.

He eliminado todo correctamente menos SweetLabs y App Explorer, no he encontrado nada relacionado con esos nombres.

Pues… segun el informe que pusiste del Addition.txt existen dos entradas/progamas :

App Explorer (HKU\S-1-5-21-2394460862-3132608155-2558793003-1000…\Host App Service) (Version: 0.272.1.295 - SweetLabs) <==== ATENCIÓN

App Explorer (HKU\S-1-5-21-2394460862-3132608155-2558793003-1006…\Host App Service) (Version: 0.272.1.295 - SweetLabs) <==== ATENCIÓN

Es raro que con RevoUninstaller NO hayan aparecido esos progamas/entradas…??

:thinking:

No, no me sale. ¿Tal vez puede ser que lo haya desinstalado hace tiempo y eso son archivos residuales? ¿O que el programa en si tenga otro nombre? Desconozco lo que pueda ser, ya me dice sus conclusiones.

Gracias de antemano

Hola.

Ejecutaste RevoUninstaller haciendo click derecho y “Ejecutar como Administrador”…??

Efectivamente, así lo he hecho y no me sale. Lo he vuelto a revisar por si acaso pero sigue sin salir.

Bien… :face_with_monocle:

Verifica SI en esta ruta :

C:\Uers\Pau\Appdata\local\

Tienes alguna carpeta de nombre Pokki o SweetLabs:thinking:

Nos comentas.

Saludos.

Carpetas ninguna, pero he buscado por nombre y he encontrado dos archivos con este nombre:

“SweetLabs_Pokki_4efc125e5bdfe64bf86cc73a85a9d56ebf10231c”

Están dentro de carpeta “Packages” y dentro de ahí, en otra que empieza por Microsoft (hay varias que empiezan por ese nombre). Ya me dice como debo proceder.

Muchas gracias y enhorabuena por tu gran trabajo :+1:

Elimina TODOS lo que encuentres con esos dos nombres. :+1:

Y además por favor, realiza una búsqueda con este término “hostappservice” y dime SI te aparece algo y donde se ubica…??

Y además ahora quiero que hagas estos pasos :

Descarga(en tu escritorio) este fichero, :arrow_right: regscanner-x64.rar.

Lo descomprimes y entras en la carpeta “regscanner-x64” que tendrás creada en el escritorio.

Desde aquí ejecutas el programa Regscanner.exe(Si usas Windows Vista/7/8 o 10, presiona clic derecho y seleccionas Ejecutar como Administrador).

Te saldrá una ventana con el menú, y en donde figura la casilla de “Buscar” escribes "SweetLabs" sin las comillas, todo lo demás lo dejas como está y haces clic en el botón “Aceptar”.

Verás que te va realizando la búsqueda en una nueva ventana, cuando termine, vas a “Editar” >> "Seleccionar Todo” después >> Archivo >> Eliminar Claves/Valores Seleccionados.

Te borrará todos los que pueda, y con los que no pueda te saldrá un mensaje diciéndote que se ha producido un error.

A continuación cierras la herramienta y la vuelves a ejecutar repitiendo los pasos de búsqueda de nuevo y eliminando TODO lo que encuentres.

Una vez haya buscado por ese término haces otra búsqueda por el término "Pokki" sin las comillas

Cuando hagas esta segunda verificación dime SI todavia queda algo que NO se pueda eliminar, toma nota de lo que pueda quedar en cada caso y comentas si encuentras algo con el término “hostappservice”.

Saludos.

1 me gusta