Más cosas, me mirado en servicios y Windows Firewall no está en mi lista de servicios.
Hola ve a inicio >> busqueda y en el recuadro escribe CMD , realizas clic derecho y lo ejecutas como administrador, luego escribe el siguiente comando y aprieta Enter:
- sfc /scannow
Nos comentas como sigue el problema, saludos.
sfc /scannow no presenta problemas y el firewall sigue sin ir. Saludos.
Hola, teclea a la vez las siguientes teclas: W(tecla logo windows)+R y en el recuadro escribe services.msc y aprietas en el boton “Aceptar”.
Busca el servicio “Firewall de Windows Defender” >> realiza clic derecho y luego en Propiedades >> en Tipo de Inicio colocas Automatico >> clic en Aplicar y Aceptar
reinicias el equipo.
Nos comentas.
Lo he hecho, pero al llegar a Tipo de Inicio me pone: Desabilitado y en Gris, no me deja modificar esa opción. Saludos.
Hola chicos y permiso:
1.- Descarga FSS.exe a tu escritorio.
- Ejecuta FSS.exe (Presiona clic derecho y seleccionas Ejecutar como administrador)
Marca todas las opciones:
-
Presiona el botón Scan y esperá a que termine su trabajo.
-
Se abrirá un Bloc de notas. Copia y pega el contenido en tu próxima respuesta.
Luego realiza lo siguiente:
2.- Desactiva temporalmente tu antivirus y cualquier programa de seguridad.
3.- Descarga Farbar Recovery Scan Tool. en el escritorio, seleccionando la versión adecuada para la arquitectura (32 o 64bits) de su equipo. >> Como saber si mi Windows es de 32 o 64 bits.?
- Ejecuta FRST.exe.
- En el mensaje de la ventana del Disclaimer, pulsamos Yes
- En la ventana principal pulsamos en el botón Scan y esperamos a que concluya el proceso.
- Se abrirán dos(2) archivos(Logs), Frst.txt y Addition.txt, estos quedaran grabados en el escritorio.
Guía: Como Ejecutar FRST
4.- En tu próxima respuesta, pega los reportes generados.
Guía : ¿Como Pegar reportes en el Foro?
Esperamos esos reporte.
Salu2
FSS.exe
Farbar Service Scanner Version: 27-01-2016
Ran by DHAMPIRD (administrator) on 21-12-2019 at 17:55:52
Running from "C:\Users\DHAMPIRD\Desktop"
Microsoft Windows 10 Pro (X64)
Boot Mode: Normal
****************************************************************
Internet Services:
============
Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.
Windows Firewall:
=============
mpsdrv Service is not running. Checking service configuration:
The start type of mpsdrv service is OK.
The ImagePath of mpsdrv service is OK.
Checking LEGACY_mpsdrv: ATTENTION!=====> Unable to open LEGACY_mpsdrv\0000 registry key. The key does not exist.
MpsSvc Service is not running. Checking service configuration:
The start type of MpsSvc service is set to Disabled. The default start type is Auto.
The ImagePath of MpsSvc: "%SystemRoot%\system32\svchost.exe -k LocalServiceNoNetworkFirewall -p".
The ServiceDll of MpsSvc service is OK.
Firewall Disabled Policy:
==================
System Restore:
============
System Restore Policy:
========================
Security Center:
============
Windows Update:
============
wuauserv Service is not running. Checking service configuration:
The start type of wuauserv service is OK.
The ImagePath of wuauserv: "%systemroot%\system32\svchost.exe -k netsvcs -p".
The ServiceDll of wuauserv service is OK.
Windows Autoupdate Disabled Policy:
============================
Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Disabled. The default start type is Auto.
The ImagePath of WinDefend: ""C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1910.4-0\MsMpEng.exe"".
Windows Defender Disabled Policy:
==========================
Other Services:
==============
File Check:
========
C:\Windows\System32\nsisvc.dll => File is digitally signed
C:\Windows\System32\drivers\nsiproxy.sys => File is digitally signed
C:\Windows\System32\drivers\afd.sys => File is digitally signed
C:\Windows\System32\drivers\tdx.sys => File is digitally signed
C:\Windows\System32\Drivers\tcpip.sys => File is digitally signed
C:\Windows\System32\dnsrslvr.dll => File is digitally signed
C:\Windows\System32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\System32\mpssvc.dll => File is digitally signed
C:\Windows\System32\bfe.dll => File is digitally signed
C:\Windows\System32\drivers\mpsdrv.sys => File is digitally signed
C:\Windows\System32\SDRSVC.dll => File is digitally signed
C:\Windows\System32\vssvc.exe => File is digitally signed
C:\Windows\System32\wscsvc.dll => File is digitally signed
C:\Windows\System32\wbem\WMIsvc.dll => File is digitally signed
C:\Windows\System32\wuaueng.dll => File is digitally signed
C:\Windows\System32\qmgr.dll => File is digitally signed
C:\Windows\System32\es.dll => File is digitally signed
C:\Windows\System32\cryptsvc.dll => File is digitally signed
C:\Program Files\Windows Defender\MpSvc.dll => File is digitally signed
C:\Windows\System32\ipnathlp.dll => File is digitally signed
C:\Windows\System32\iphlpsvc.dll => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
**** End of log ****
FRST (primera parte)
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14-12-2019
Ran by DHAMPIRD (administrator) on FOXHOUNDI7 (Gigabyte Technology Co., Ltd. To be filled by O.E.M.) (21-12-2019 18:07:40)
Running from C:\Users\DHAMPIRD\Desktop
Loaded Profiles: DHAMPIRD (Available Profiles: DHAMPIRD)
Platform: Windows 10 Pro Version 1903 18362.535 (X64) Language: Español (España, internacional)
Default browser: FF
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
() [File not signed] C:\altera\13.0\quartus\bin64\jtagserver.exe
() [File not signed] C:\Program Files (x86)\ccxgui\ccxStream.exe
() [File not signed] C:\Program Files (x86)\myiHome\app\myiHome-server.exe
() [File not signed] C:\Program Files\Elgato\SoundCapture\SoundCapture.exe
([XC]D-Ice) [File not signed] C:\Program Files (x86)\ccxgui\ccXservice.exe
(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Aleksey Cherkasskiy -> ) [File not signed] C:\Program Files (x86)\HDD Health\HDDHealthService.exe
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc. -> Apple, Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\secd.exe
(Arvato Digital Services Canada Inc -> arvato digital services llc) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Autodesk, Inc -> Autodesk Inc.) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe
(Binary Fortress Software Ltd. -> Binary Fortress Software) C:\Program Files (x86)\DisplayFusion\DisplayFusionService.exe
(BitTorrent Inc.) [File not signed] C:\Users\DHAMPIRD\AppData\Roaming\uTorrent\uTorrent.exe
(Corsair Memory, Inc. -> Corsair Memory, Inc) C:\Program Files\Elgato\StreamDeck\StreamDeck.exe
(Corsair Memory, Inc. -> Elgato Systems) C:\Program Files\Elgato\ControlCenter\ControlCenter.exe
(Disc Soft Ltd -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Pro\DiscSoftBusServicePro.exe
(Disc Soft Ltd -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Pro\DTShellHlp.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Dropbox, Inc -> The Qt Company Ltd.) C:\Program Files (x86)\Dropbox\Client\87.4.138\QtWebEngineProcess.exe
(Dropbox, Inc -> The Qt Company Ltd.) C:\Program Files (x86)\Dropbox\Client\87.4.138\QtWebEngineProcess.exe
(Dropbox, Inc -> The Qt Company Ltd.) C:\Program Files (x86)\Dropbox\Client\87.4.138\QtWebEngineProcess.exe
(Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eguiProxy.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(FSL - Freesoftland) [File not signed] C:\Program Files (x86)\FSL\IconRestorer\IconRestorer.exe
(Garmin International, Inc. -> Garmin Ltd. or its subsidiaries) C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe
(Google Inc.) [File not signed] C:\Program Files (x86)\Google\Gmail Notifier\gnotify.exe
(Google LLC -> ) C:\Program Files\Google\Drive\googledrivesync.exe
(Google LLC -> ) C:\Program Files\Google\Drive\googledrivesync.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.422\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.422\GoogleCrashHandler64.exe
(GuinpinSoft inc) [File not signed] C:\Program Files\Common Files\cdarbsvc\cdarbsvc_v1.0.0_x64.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation - Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
(Intel(R) Intel Network Drivers -> Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Logitech Inc -> ) C:\Program Files\Logitech\Collaboration\Services\Video\RightSightAPI\crashpad_handler.exe
(Logitech Inc -> Logitech Europe S.A.) C:\Program Files\Logitech\Collaboration\Services\Video\RightSightAPI\RightSightService.exe
(Logitech Inc -> Logitech) C:\Program Files\Logitech\Collaboration\Services\Video\ServiceLayer.exe
(Logitech Inc -> Logitech) C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOverlay.exe
(Logitech Inc -> Logitech, Inc.) C:\Program Files\Logitech\LogiOptions\LogiOptions.exe
(Logitech Inc -> Logitech, Inc.) C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOptionsMgr.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\DHAMPIRD\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11911.1001.9.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SecurityHealthHost.exe
(Mixbyte Inc -> Freemake) C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Nero AG -> Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Nullsoft, Inc.) [File not signed] C:\Program Files (x86)\Winamp\winampa.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files\Java\jre1.8.0_231\bin\javaw.exe
(Plex, Inc -> ) C:\Program Files (x86)\Plex\Plex Media Server\Plex Tuner Service.exe
(Plex, Inc -> Plex, Inc.) C:\Program Files (x86)\Plex\Plex Media Server\Plex DLNA Server.exe
(Plex, Inc -> Plex, Inc.) C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe
(Plex, Inc -> Plex, Inc.) C:\Program Files (x86)\Plex\Plex Media Server\Plex Update Service.exe
(Plex, Inc -> Python Software Foundation) C:\Program Files (x86)\Plex\Plex Media Server\PlexScriptHost.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Sony Mobile Communications AB -> Sony) [File not signed] C:\Program Files\Sony\Xperia Companion\Service\XperiaCompanionService.exe
(The Qt Company Ltd.) [File not signed] C:\Program Files\Elgato\StreamDeck\QtWebEngineProcess.exe
(The Qt Company Ltd.) [File not signed] C:\Program Files\Elgato\StreamDeck\QtWebEngineProcess.exe
(The Qt Company Ltd.) [File not signed] C:\Program Files\Elgato\StreamDeck\QtWebEngineProcess.exe
(Tim Kosse -> FileZilla Project) C:\Program Files (x86)\FileZilla Server\FileZilla Server.exe
(Wacom Technology Corp. -> Wacom Technology) C:\Program Files\Tablet\Wacom\WacomHost.exe
(Wacom Technology Corporation -> Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe
(Wacom Technology Corporation -> Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe
(Wacom Technology Corporation -> Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe
(Wacom Technology Corporation -> Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\WTabletServicePro.exe
(WESTERN DIGITAL TECHNOLOGIES -> Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
(WESTERN DIGITAL TECHNOLOGIES -> Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe
(WhatsApp, Inc -> WhatsApp) C:\Users\DHAMPIRD\AppData\Local\WhatsApp\app-0.3.9308\WhatsApp.exe
(WhatsApp, Inc -> WhatsApp) C:\Users\DHAMPIRD\AppData\Local\WhatsApp\app-0.3.9308\WhatsApp.exe
(WhatsApp, Inc -> WhatsApp) C:\Users\DHAMPIRD\AppData\Local\WhatsApp\app-0.3.9308\WhatsApp.exe
(WhatsApp, Inc -> WhatsApp) C:\Users\DHAMPIRD\AppData\Local\WhatsApp\app-0.3.9308\WhatsApp.exe
(Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Wondershare\drfone\Library\DriverInstaller\DriverInstall.exe
(Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Wondershare\WAF\2.4.3.237\WsAppService.exe
Failed to access process -> CaptureLibService.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8497368 2015-07-07] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [322472 2015-07-27] (Intel Corporation - Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2872400 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [Elgato Sound Capture] => C:\Program Files\Elgato\SoundCapture\SoundCapture.exe [1234944 2019-02-12] () [File not signed]
HKLM\...\Run: [Control Center] => C:\Program Files\Elgato\ControlCenter\ControlCenter.exe [835944 2019-02-08] (Corsair Memory, Inc. -> Elgato Systems)
HKLM\...\Run: [Stream Deck] => C:\Program Files\Elgato\StreamDeck\StreamDeck.exe [8130920 2019-04-17] (Corsair Memory, Inc. -> Corsair Memory, Inc)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [302904 2019-10-25] (Apple Inc. -> Apple Inc.)
HKLM\...\Run: [LogiOptions] => C:\Program Files\Logitech\LogiOptions\LogiOptions.exe [2179208 2019-08-27] (Logitech Inc -> Logitech, Inc.)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmds.exe [183088 2019-12-07] (ESET, spol. s r.o. -> ESET)
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe [1178400 2015-08-07] (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [6268224 2019-12-17] (Dropbox, Inc -> Dropbox, Inc.)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [File not signed]
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [1871344 2018-02-02] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
HKLM-x32\...\Run: [WD Drive Unlocker] => C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe [1694080 2013-06-18] (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [WD Quick View] => C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe [5571944 2016-04-19] (WESTERN DIGITAL TECHNOLOGIES -> Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [Autodesk Desktop App] => C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe [721856 2016-07-01] (Autodesk, Inc -> Autodesk, Inc.)
HKLM-x32\...\Run: [WinampAgent] => C:\Program Files (x86)\Winamp\winampa.exe [74752 2012-06-28] (Nullsoft, Inc.) [File not signed]
HKLM-x32\...\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] => C:\Program Files (x86)\Google\Gmail Notifier\gnotify.exe [479232 2005-07-15] (Google Inc.) [File not signed]
HKLM-x32\...\Run: [PWRISOVM.EXE] => C:\Program Files (x86)\PowerISO\PWRISOVM.EXE [167936 2008-07-07] (PowerISO Computing, Inc.) [File not signed]
HKLM-x32\...\Run: [CloneCDTray] => C:\Program Files (x86)\SlySoft\CloneCD\CloneCDTray.exe [57344 2009-01-29] (SlySoft, Inc.) [File not signed]
HKLM-x32\...\Run: [Nikon Message Center 2] => C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe [619008 2010-05-25] (Nikon Corporation) [File not signed]
HKLM-x32\...\Run: [MMTray] => C:\Program Files (x86)\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe [114688 2003-10-01] (MUSICMATCH, Inc.) [File not signed]
HKLM-x32\...\Run: [FileZilla Server Interface] => C:\Program Files (x86)\FileZilla Server\FileZilla Server Interface.exe [2770088 2017-02-08] (Tim Kosse -> FileZilla Project)
HKLM-x32\...\Run: [iSkysoft Helper Compact.exe] => C:\Program Files (x86)\Common Files\iSkysoft\iSkysoft Helper Compact\ISHelper.exe [2138272 2016-10-08] (Shenzhen Yi Xing Investment Co., Ltd. -> iSkySoft)
HKLM-x32\...\Run: [LogiFEPluginforLync2010] => C:\Program Files (x86)\Common Files\LogiShrd\LogiFEPluginforLync2010\4.0\LogiFEC.exe [296216 2018-02-12] (Logitech Inc -> Logitech,Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [645648 2019-10-05] (Oracle America, Inc. -> Oracle Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12202019014045697\...\Run: [Plex Media Server] => C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe [24120296 2019-10-08] (Plex, Inc -> Plex, Inc.)
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12202019014046400\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12202019014034361\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12202019014047244\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-3597564769-968549059-3920177797-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12202019014036595\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-3597564769-968549059-3920177797-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12202019014047869\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-3597564769-968549059-3920177797-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12202019014042369\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-3597564769-968549059-3920177797-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12202019014048807\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-3597564769-968549059-3920177797-1005\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1421736 2017-03-28] (Garmin International, Inc. -> Garmin Ltd. or its subsidiaries)
HKU\S-1-5-21-3597564769-968549059-3920177797-1005\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3284944 2019-11-14] (Valve -> Valve Corporation)
HKU\S-1-5-21-3597564769-968549059-3920177797-1005\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2019-10-25] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-3597564769-968549059-3920177797-1005\...\Run: [XperiaCompanionAgent] => C:\Program Files (x86)\Sony\Xperia Companion\XperiaCompanionAgent.exe [2097024 2017-03-21] (Sony Mobile Communications AB -> Sony) [File not signed]
HKU\S-1-5-21-3597564769-968549059-3920177797-1005\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [110392 2019-10-25] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-3597564769-968549059-3920177797-1005\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [67896 2019-10-25] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-3597564769-968549059-3920177797-1005\...\Run: [iCloudPhotos] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe [356664 2019-10-25] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-3597564769-968549059-3920177797-1005\...\Run: [Discord] => C:\Users\DHAMPIRD\AppData\Local\Discord\app-0.0.305\Discord.exe [81780056 2019-03-07] (Discord Inc. -> Discord Inc.)
HKU\S-1-5-21-3597564769-968549059-3920177797-1005\...\Run: [DisplayFusion] => C:\Program Files (x86)\DisplayFusion\DisplayFusion.exe [9013136 2018-06-27] (Binary Fortress Software Ltd. -> Binary Fortress Software)
HKU\S-1-5-21-3597564769-968549059-3920177797-1005\...\Run: [Plex Media Server] => C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe [24120296 2019-10-08] (Plex, Inc -> Plex, Inc.)
HKU\S-1-5-21-3597564769-968549059-3920177797-1005\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [47774856 2019-10-24] (Google LLC -> )
HKU\S-1-5-21-3597564769-968549059-3920177797-1005\...\Run: [DAEMON Tools Pro Agent] => C:\Program Files\DAEMON Tools Pro\DTAgent.exe [4506304 2017-05-17] (Disc Soft Ltd -> Disc Soft Ltd)
HKU\S-1-5-21-3597564769-968549059-3920177797-1005\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [24552064 2019-10-14] (Piriform Software Ltd -> Piriform Ltd)
HKU\S-1-5-21-3597564769-968549059-3920177797-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12202019014044384\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1421736 2017-03-28] (Garmin International, Inc. -> Garmin Ltd. or its subsidiaries)
HKU\S-1-5-21-3597564769-968549059-3920177797-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12202019014044384\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3284944 2019-11-14] (Valve -> Valve Corporation)
HKU\S-1-5-21-3597564769-968549059-3920177797-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12202019014044384\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2019-10-25] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-3597564769-968549059-3920177797-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12202019014044384\...\Run: [XperiaCompanionAgent] => C:\Program Files (x86)\Sony\Xperia Companion\XperiaCompanionAgent.exe [2097024 2017-03-21] (Sony Mobile Communications AB -> Sony) [File not signed]
HKU\S-1-5-21-3597564769-968549059-3920177797-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12202019014044384\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [110392 2019-10-25] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-3597564769-968549059-3920177797-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12202019014044384\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [67896 2019-10-25] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-3597564769-968549059-3920177797-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12202019014044384\...\Run: [iCloudPhotos] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe [356664 2019-10-25] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-3597564769-968549059-3920177797-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12202019014044384\...\Run: [Discord] => C:\Users\DHAMPIRD\AppData\Local\Discord\app-0.0.305\Discord.exe [81780056 2019-03-07] (Discord Inc. -> Discord Inc.)
HKU\S-1-5-21-3597564769-968549059-3920177797-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12202019014044384\...\Run: [DisplayFusion] => C:\Program Files (x86)\DisplayFusion\DisplayFusion.exe [9013136 2018-06-27] (Binary Fortress Software Ltd. -> Binary Fortress Software)
HKU\S-1-5-21-3597564769-968549059-3920177797-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12202019014044384\...\Run: [Plex Media Server] => C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe [24120296 2019-10-08] (Plex, Inc -> Plex, Inc.)
HKU\S-1-5-21-3597564769-968549059-3920177797-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12202019014044384\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [47774856 2019-10-24] (Google LLC -> )
HKU\S-1-5-21-3597564769-968549059-3920177797-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12202019014044384\...\Run: [DAEMON Tools Pro Agent] => C:\Program Files\DAEMON Tools Pro\DTAgent.exe [4506304 2017-05-17] (Disc Soft Ltd -> Disc Soft Ltd)
HKU\S-1-5-21-3597564769-968549059-3920177797-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12202019014044384\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [24552064 2019-10-14] (Piriform Software Ltd -> Piriform Ltd)
HKU\S-1-5-21-3597564769-968549059-3920177797-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12202019014044384\...\RunOnce: [Application Restart #0] => C:\Program Files\Mozilla Firefox\firefox.exe [566984 2019-12-03] (Mozilla Corporation -> Mozilla Corporation)
HKU\S-1-5-21-3597564769-968549059-3920177797-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12202019014044384\...\RunOnce: [Application Restart #1] => C:\Users\DHAMPIRD\AppData\Roaming\uTorrent\uTorrent.exe [3248720 2014-06-27] (BitTorrent Inc.) [File not signed]
HKU\S-1-5-21-3597564769-968549059-3920177797-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12202019014049760\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1421736 2017-03-28] (Garmin International, Inc. -> Garmin Ltd. or its subsidiaries)
HKU\S-1-5-21-3597564769-968549059-3920177797-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12202019014049760\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3284944 2019-11-14] (Valve -> Valve Corporation)
HKU\S-1-5-21-3597564769-968549059-3920177797-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12202019014049760\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2019-10-25] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-3597564769-968549059-3920177797-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12202019014049760\...\Run: [XperiaCompanionAgent] => C:\Program Files (x86)\Sony\Xperia Companion\XperiaCompanionAgent.exe [2097024 2017-03-21] (Sony Mobile Communications AB -> Sony) [File not signed]
HKU\S-1-5-21-3597564769-968549059-3920177797-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12202019014049760\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [110392 2019-10-25] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-3597564769-968549059-3920177797-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12202019014049760\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [67896 2019-10-25] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-3597564769-968549059-3920177797-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12202019014049760\...\Run: [iCloudPhotos] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe [356664 2019-10-25] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-3597564769-968549059-3920177797-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12202019014049760\...\Run: [Discord] => C:\Users\DHAMPIRD\AppData\Local\Discord\app-0.0.305\Discord.exe [81780056 2019-03-07] (Discord Inc. -> Discord Inc.)
HKU\S-1-5-21-3597564769-968549059-3920177797-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12202019014049760\...\Run: [DisplayFusion] => C:\Program Files (x86)\DisplayFusion\DisplayFusion.exe [9013136 2018-06-27] (Binary Fortress Software Ltd. -> Binary Fortress Software)
HKU\S-1-5-21-3597564769-968549059-3920177797-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12202019014049760\...\Run: [Plex Media Server] => C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe [24120296 2019-10-08] (Plex, Inc -> Plex, Inc.)
HKU\S-1-5-21-3597564769-968549059-3920177797-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12202019014049760\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [47774856 2019-10-24] (Google LLC -> )
HKU\S-1-5-21-3597564769-968549059-3920177797-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12202019014049760\...\Run: [DAEMON Tools Pro Agent] => C:\Program Files\DAEMON Tools Pro\DTAgent.exe [4506304 2017-05-17] (Disc Soft Ltd -> Disc Soft Ltd)
HKU\S-1-5-21-3597564769-968549059-3920177797-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12202019014049760\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [24552064 2019-10-14] (Piriform Software Ltd -> Piriform Ltd)
HKU\S-1-5-21-3597564769-968549059-3920177797-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12202019014049760\...\RunOnce: [Application Restart #0] => C:\Program Files\Mozilla Firefox\firefox.exe [566984 2019-12-03] (Mozilla Corporation -> Mozilla Corporation)
HKU\S-1-5-21-3597564769-968549059-3920177797-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12202019014049760\...\RunOnce: [Application Restart #1] => C:\Users\DHAMPIRD\AppData\Roaming\uTorrent\uTorrent.exe [3248720 2014-06-27] (BitTorrent Inc.) [File not signed]
HKU\S-1-5-18\...\Run: [Plex Media Server] => C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe [24120296 2019-10-08] (Plex, Inc -> Plex, Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\79.0.3945.88\Installer\chrmstp.exe [2019-12-17] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\GIGABYTE OC_GURU.lnk [2016-07-12]
ShortcutTarget: GIGABYTE OC_GURU.lnk -> C:\Program Files (x86)\GIGABYTE\GIGABYTE OC_GURU II\OC_GURU.exe (GIGABYTE Technology Co.,Ltd.) [File not signed]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HDDHealth.lnk [2019-08-10]
ShortcutTarget: HDDHealth.lnk -> C:\Program Files (x86)\HDD Health\hddhealth.exe (Aleksey Cherkasskiy -> PANTERASoft) [File not signed]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Logitech Desktop Messenger.lnk [2016-08-14]
ShortcutTarget: Logitech Desktop Messenger.lnk -> C:\Program Files (x86)\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe (Logitech) [File not signed]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\myiHome Server.lnk [2019-02-22]
ShortcutTarget: myiHome Server.lnk -> C:\Program Files (x86)\myiHome\app\myiHome-server.exe () [File not signed]
Startup: C:\Users\DHAMPIRD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\IconRestorer.lnk [2018-08-30]
ShortcutTarget: IconRestorer.lnk -> C:\Program Files (x86)\FSL\IconRestorer\IconRestorer.exe (FSL - Freesoftland) [File not signed]
Startup: C:\Users\DHAMPIRD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk [2018-02-06]
ShortcutTarget: MEGAsync.lnk -> C:\Users\DHAMPIRD\AppData\Local\MEGAsync\MEGAsync.exe (Mega Limited -> Mega Limited)
GroupPolicy: Restriction ? <==== ATTENTION
GroupPolicy\User: Restriction ? <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0EFD3FCB-C309-47A0-BFC4-4DA10C51CF71} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload => {EBF00FCB-0769-4B81-9BEC-6C05514111AA}
Task: {11FA98AF-E466-4B43-BCFC-00CB85E594AB} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2872400 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {1215D2AC-E65F-49C7-B157-89D78410B189} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [654456 2019-10-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {154DB33C-D05B-478C-A85A-D588ED62AFAB} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1240656 2019-09-10] (Adobe Inc. -> Adobe Systems)
Task: {155C0CAD-D188-48F0-A155-7544DE8A546E} - System32\Tasks\{672B90E3-A8A3-40CC-90A1-24CCB547A947} => C:\Windows\system32\pcalua.exe -a "D:\PC SOFT\SOFTWARE\TOOL.VISUAL BASIC\Visual Basic Runtimes\Visual Basic runtimes.exe" -d "D:\PC SOFT\SOFTWARE\TOOL.VISUAL BASIC\Visual Basic Runtimes"
Task: {19FC47D2-64ED-479E-9458-2506EA2B134E} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [913720 2019-10-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {1D06A6D2-0110-41E5-A1E2-769442D2078D} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_303_Plugin.exe [1457720 2019-12-13] (Adobe Inc. -> Adobe)
Task: {2A8C4A0A-4380-423D-AA48-74A922EE57DC} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {307EAC23-0F1A-43B3-B15E-59D4B8FBB068} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [18458752 2019-10-14] (Piriform Software Ltd -> Piriform Ltd)
Task: {31625531-F27E-48E1-827D-3517C282F752} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [608384 2019-10-14] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {31E90574-84A9-47D4-8CB1-C48004F6E0D6} - System32\Tasks\{CD065C4C-4BE5-40D0-8A89-499708668B6A} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\Ps2\hdl_dumb-0.8.3\hdl_dumb.exe" -d "C:\Program Files (x86)\Ps2\hdl_dumb-0.8.3"
Task: {32429829-B9D8-4C45-A5BB-55242B7750F0} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [913720 2019-10-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {3353E241-0ABE-49C1-9882-F4E26CDABAE8} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3301928 2019-10-25] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {380C03C0-B724-43A3-B5BF-B8FE96607634} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {42DD18CB-904D-40DC-B9D4-6AC8CEB2B1AE} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1133368 2019-10-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {43235996-AE73-48F7-B89B-EE4C6D15F480} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1133368 2019-10-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {44BFC9D0-3127-4F20-AB8B-34C648811E17} - System32\Tasks\{B0A35694-8F55-4793-979D-9C80DB680B6E} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\upc.exe" -d C:\Windows\system32 -c "uplay://launch/2184/0"
Task: {4AC3A237-4DDC-455F-A563-7F74271057DB} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-07-28] (Dropbox, Inc -> Dropbox, Inc.)
Task: {51729D3C-90A4-410B-BB70-484D33232F29} - System32\Tasks\Microsoft Office 15 Sync Maintenance for FOXHOUNDi7-DHAMPIRD FOXHOUNDi7 => C:\Program Files\Microsoft Office\Office15\MsoSync.exe [470720 2014-11-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {58F0E95E-3362-47E6-9C0B-63A24DC86600} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [152216 2016-07-12] (Google Inc -> Google Inc.)
Task: {5A3FB241-0B11-4EA5-BC66-0D9F1B406040} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\BthSQM => {C8367320-6F85-11E0-A1F0-0800200C9A66} C:\WINDOWS\System32\BthTelemetry.dll [32256 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
Task: {62A7A8A7-AA9C-4509-BBBA-3E3D9DC67E23} - System32\Tasks\CorelUpdateHelperTaskCore => C:\Program Files (x86)\Corel\CUH\v2\CUH.exe [1677600 2019-09-06] (Corel Corporation -> Corel Corporation)
Task: {697AB824-3A7F-423C-857A-E6FEABAB3628} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [1722880 2019-06-25] () [File not signed]
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task => {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Task: {70F0D834-AA07-4969-9AAD-5A23A2F5F65E} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1133368 2019-10-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {741FE548-6201-4214-B612-8F6B31BB8FB7} - System32\Tasks\{3D22ECEA-BF69-4F06-ACAE-BC5C0FE5B693} => C:\Users\DHAMPIRD\AppData\Local\Temp\mwbF4E3.tmp\mb-support.exe
Task: {7AF1CBE3-5BCB-4435-98A5-CB630A56099C} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-12-13] (Adobe Inc. -> Adobe)
Task: {7C810065-0373-4D8D-92FF-F2C0E0ED5A3F} - System32\Tasks\MEGA\MEGAsync Update Task S-1-5-21-3597564769-968549059-3920177797-1005 => C:\Users\DHAMPIRD\AppData\Local\MEGAsync\MEGAupdater.exe [615160 2019-06-28] (Mega Limited -> Mega Limited)
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task => {1B1F472E-3221-4826-97DB-2C2324D389AE}
Task: {92DBB85D-7F3C-460F-ADDA-1FFC1B3E6770} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1133368 2019-10-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {A4BC941D-73E6-4E1F-963F-E75DB256EBB8} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-07-28] (Dropbox, Inc -> Dropbox, Inc.)
Task: {AA68FCC3-98D4-469D-A706-116D8A8B957E} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-09-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {AC364387-4F5D-49C2-9A29-FF0E0F292200} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [616832 2019-09-04] (Apple Inc. -> Apple Inc.)
Task: {C34A8F91-AD9A-4F3A-B286-1DDB9FED031D} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {C9DEA6FB-DB92-435F-B4EC-B0A5DAA9ED1E} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [1626328 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {CE2DE968-E342-40D7-9566-427D45E4A886} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {F1D96832-118B-46DB-ADC7-768A8357020F} - System32\Tasks\AdobeAAMUpdater-1.0-FOXHOUNDi7-DHAMPIRD => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {F99C6390-099C-48D5-8F40-B760C6883535} - System32\Tasks\{861FD316-C38F-4693-9172-4231B89AB869} => C:\Windows\system32\pcalua.exe -a E:\DOWNLOADS\VBRun60sp5.exe -d E:\DOWNLOADS
Task: {F9B5F139-6F34-4634-B9C4-6607803B3930} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [39848 2017-03-28] (Garmin International, Inc. -> )
Task: {FCF90515-72C1-4B79-9137-A42EA3DAB559} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [152216 2016-07-12] (Google Inc -> Google Inc.)
Task: {FD9002B0-2C22-48E0-8C63-D2E96B6B99E9} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe [67896 2019-10-25] (Apple Inc. -> Apple Inc.)
Task: {FFBB7FF2-B830-4981-8B08-3679EFF1F9D1} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-09-27] (NVIDIA Corporation -> NVIDIA Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 213.60.205.175
Tcpip\..\Interfaces\{79d115bc-ecf5-42c2-b808-5545f548ba5c}: [DhcpNameServer] 213.60.205.175
FRST (segunda parte)
Internet Explorer:
==================
HKU\S-1-5-21-3597564769-968549059-3920177797-1005\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.es/
HKU\S-1-5-21-3597564769-968549059-3920177797-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12202019014044384\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.es/
HKU\S-1-5-21-3597564769-968549059-3920177797-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12202019014049760\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.es/
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2014-11-12] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_231\bin\ssv.dll [2019-12-07] (Oracle America, Inc. -> Oracle Corporation)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2016-06-30] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2014-11-12] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_231\bin\jp2ssv.dll [2019-12-07] (Oracle America, Inc. -> Oracle Corporation)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2016-06-30] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2014-10-22] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_231\bin\ssv.dll [2019-12-07] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2016-06-30] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2014-11-12] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_231\bin\jp2ssv.dll [2019-12-07] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2016-06-30] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2016-06-30] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2016-06-30] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKU\S-1-5-21-3597564769-968549059-3920177797-1005 -> Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2016-06-30] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKU\S-1-5-21-3597564769-968549059-3920177797-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12202019014044384 -> Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2016-06-30] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKU\S-1-5-21-3597564769-968549059-3920177797-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12202019014049760 -> Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2016-06-30] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2014-10-15] (Microsoft Corporation -> Microsoft Corporation)
FireFox:
========
FF DefaultProfile: c5y9yd2v.default-1496602388133
FF ProfilePath: C:\Users\DHAMPIRD\AppData\Roaming\Mozilla\Firefox\Profiles\c5y9yd2v.default-1496602388133 [2019-12-21]
FF DownloadDir: F:\WEBDOWN
FF Homepage: Mozilla\Firefox\Profiles\c5y9yd2v.default-1496602388133 -> hxxps://www.google.es
FF Notifications: Mozilla\Firefox\Profiles\c5y9yd2v.default-1496602388133 -> hxxps://www.aussiearcade.com; hxxps://web.wallapop.com; hxxps://darkumbra.net; hxxps://newsupdatesky.info; hxxps://emumovies.com; hxxps://hyperspin-fe.com; hxxps://entierradegamers.com; hxxps://www.softzone.es; hxxps://mail.google.com; hxxps://oraronerethet.info; hxxps://andalbrighth.pro; hxxps://uploadbuzz.org; hxxps://errorkit.com; hxxps://clk.ink; hxxps://www.subdivx.com; hxxps://www.avpasion.com; hxxp://localhost:8096; hxxps://oko.sh; hxxps://descargarsubs.xyz; hxxps://0.nextyourcontent.com; hxxps://1.nextyourcontent.com; hxxps://notification-list.com; hxxps://www.adslzone.net; hxxps://uii.io; hxxps://forospyware.com; hxxps://gplinks.in; hxxps://descargaonline.xyz
FF Extension: (signTextJS plus) - C:\Users\DHAMPIRD\AppData\Roaming\Mozilla\Firefox\Profiles\c5y9yd2v.default-1496602388133\Extensions\[email protected] [2019-02-13]
FF Extension: (Hola VPN Proxy) - C:\Users\DHAMPIRD\AppData\Roaming\Mozilla\Firefox\Profiles\c5y9yd2v.default-1496602388133\Extensions\{b2c23af9-126b-4273-952f-6b1809356086}.xpi [2018-06-09]
FF Extension: (Adblock Plus - bloqueador de anuncios gratis) - C:\Users\DHAMPIRD\AppData\Roaming\Mozilla\Firefox\Profiles\c5y9yd2v.default-1496602388133\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2019-10-23]
FF Extension: (Greasemonkey) - C:\Users\DHAMPIRD\AppData\Roaming\Mozilla\Firefox\Profiles\c5y9yd2v.default-1496602388133\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2019-06-13]
FF Extension: (MTS play youtube inside facebook) - C:\Users\DHAMPIRD\AppData\Roaming\Mozilla\Firefox\Profiles\c5y9yd2v.default-1496602388133\Extensions\{fb6ba290-4286-46bb-a8a4-225d1e4fe6ce}.xpi [2018-10-20]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Extension: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2018-02-02]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_303.dll [2019-12-13] (Adobe Inc. -> )
FF Plugin: @java.com/DTPlugin,version=11.231.2 -> C:\Program Files\Java\jre1.8.0_231\bin\dtplugin\npDeployJava1.dll [2019-12-07] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.231.2 -> C:\Program Files\Java\jre1.8.0_231\bin\plugin2\npjp2.dll [2019-12-07] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-07-29] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_303.dll [2019-12-13] (Adobe Inc. -> )
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.231.2 -> C:\Program Files (x86)\Java\jre1.8.0_231\bin\dtplugin\npDeployJava1.dll [2019-12-07] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.231.2 -> C:\Program Files (x86)\Java\jre1.8.0_231\bin\plugin2\npjp2.dll [2019-12-07] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2014-10-22] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-13] (Google LLC -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-13] (Google LLC -> Google LLC)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-06-11] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-06-11] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-06-11] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-06-11] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-06-11] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2018-02-02] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-12-02] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-07-29] (Adobe Systems Incorporated -> Adobe Systems)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\eset_security_config_overlay.js [2019-12-21]
Chrome:
=======
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Profile: C:\Users\DHAMPIRD\AppData\Local\Google\Chrome\User Data\Default [2019-12-20]
CHR Extension: (Presentaciones) - C:\Users\DHAMPIRD\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-02-01]
CHR Extension: (Documentos) - C:\Users\DHAMPIRD\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-02-01]
CHR Extension: (Google Drive) - C:\Users\DHAMPIRD\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-07-12]
CHR Extension: (YouTube) - C:\Users\DHAMPIRD\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-07-12]
CHR Extension: (Adblock Plus - bloqueador de anuncios gratis) - C:\Users\DHAMPIRD\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2019-12-09]
CHR Extension: (Búsqueda de Google) - C:\Users\DHAMPIRD\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-07-12]
CHR Extension: (Adobe Acrobat) - C:\Users\DHAMPIRD\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2019-10-15]
CHR Extension: (Hojas de cálculo) - C:\Users\DHAMPIRD\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-02-01]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\DHAMPIRD\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-11-08]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\DHAMPIRD\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2019-05-27]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\DHAMPIRD\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-15]
CHR Extension: (Gmail) - C:\Users\DHAMPIRD\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-05-27]
CHR Extension: (Chrome Media Router) - C:\Users\DHAMPIRD\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-12-09]
CHR Profile: C:\Users\DHAMPIRD\AppData\Local\Google\Chrome\User Data\System Profile [2019-12-20]
CHR HKU\S-1-5-21-3597564769-968549059-3920177797-1005\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKU\S-1-5-21-3597564769-968549059-3920177797-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12202019014044384\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKU\S-1-5-21-3597564769-968549059-3920177797-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12202019014049760\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdAppMgrSvc; C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe [1295376 2016-07-01] (Autodesk, Inc -> Autodesk Inc.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3147344 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2914896 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [96056 2019-10-07] (Apple Inc. -> Apple Inc.)
R2 ccXgui; C:\Program Files (x86)\ccxgui\ccXservice.exe [173568 2004-04-23] ([XC]D-Ice) [File not signed]
R2 CdRomArbiterService; C:\Program Files\Common Files\cdarbsvc\cdarbsvc_v1.0.0_x64.exe [8704 2019-06-14] (GuinpinSoft inc) [File not signed]
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-07-28] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-07-28] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [51024 2019-12-17] (Dropbox, Inc -> Dropbox, Inc.)
R3 Disc Soft Pro Bus Service; C:\Program Files\DAEMON Tools Pro\DiscSoftBusServicePro.exe [1841344 2017-05-17] (Disc Soft Ltd -> Disc Soft Ltd)
R2 DisplayFusionService; C:\Program Files (x86)\DisplayFusion\DisplayFusionService.exe [5598624 2018-06-27] (Binary Fortress Software Ltd. -> Binary Fortress Software)
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [2245488 2019-12-07] (ESET, spol. s r.o. -> ESET)
R3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [2245488 2019-12-07] (ESET, spol. s r.o. -> ESET)
R2 FileZilla Server; C:\Program Files (x86)\FileZilla Server\FileZilla Server.exe [859304 2017-02-08] (Tim Kosse -> FileZilla Project)
R2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [81280 2019-06-13] (Mixbyte Inc -> Freemake)
S2 FreemakeVideoCapture; C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe [17792 2019-06-13] (Mixbyte Inc -> Ellora Assets Corp.)
R2 Garmin Device Interaction Service; C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe [1099280 2017-03-28] (Garmin International, Inc. -> Garmin Ltd. or its subsidiaries)
R2 HDDHealth; C:\Program Files (x86)\HDD Health\HDDHealthService.exe [17760 2013-03-08] (Aleksey Cherkasskiy -> ) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2015-05-22] (Intel® Trusted Connect Service -> Intel(R) Corporation)
R3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [File not signed]
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-05-19] () [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [207648 2015-08-07] (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation)
R2 JTAGServer; C:\altera\13.0\quartus\bin64\jtagserver.exe [268800 2013-04-25] () [File not signed]
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [6960640 2019-12-05] (Malwarebytes Inc -> Malwarebytes)
S3 mi-raysat_3dsmax2015_64; C:\Program Files\Autodesk\3ds Max 2015\NVIDIA\Satellite\raysat_3dsmax2015_64server.exe [86016 2011-09-15] () [File not signed]
R2 nebula; C:\Program Files\Logitech\Collaboration\Services\Video\ServiceLayer.exe [4489352 2019-06-12] (Logitech Inc -> Logitech)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-09-27] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-09-27] (NVIDIA Corporation -> NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2213696 2018-09-10] (Electronic Arts, Inc. -> Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3084104 2018-09-10] (Electronic Arts, Inc. -> Electronic Arts)
R2 PlexUpdateService; C:\Program Files (x86)\Plex\Plex Media Server\Plex Update Service.exe [2137064 2019-10-08] (Plex, Inc -> Plex, Inc.)
R2 PSI_SVC_2; C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [277360 2014-04-30] (Arvato Digital Services Canada Inc -> arvato digital services llc)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5796168 2019-09-09] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [File not signed]
R2 WDBackup; C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe [1049464 2016-04-19] (WESTERN DIGITAL TECHNOLOGIES -> Western Digital Technologies, Inc.)
R2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [314744 2016-04-19] (WESTERN DIGITAL TECHNOLOGIES -> Western Digital Technologies, Inc.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1910.4-0\NisSrv.exe [3201616 2019-10-29] (Microsoft Windows Publisher -> Microsoft Corporation)
S4 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1910.4-0\MsMpEng.exe [103168 2019-10-29] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.4.3.237\WsAppService.exe [495720 2018-07-04] (Wondershare Technology Co.,Ltd -> Wondershare)
R2 WsDrvInst; C:\Program Files (x86)\Wondershare\drfone\Library\DriverInstaller\DriverInstall.exe [120016 2018-07-04] (Wondershare Technology Co.,Ltd -> Wondershare)
R2 WTabletServicePro; C:\Program Files\Tablet\Wacom\WTabletServicePro.exe [2169800 2018-06-19] (Wacom Technology Corporation -> Wacom Technology, Corp.)
R2 XperiaCompanionService; C:\Program Files\Sony\Xperia Companion\Service\XperiaCompanionService.exe [2205568 2017-03-21] (Sony Mobile Communications AB -> Sony) [File not signed]
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20640 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
R1 cbfsdisk2017; C:\Windows\system32\drivers\cbfsdisk2017.sys [243976 2018-03-23] (Callback Technologies, Inc. -> Callback Technologies, Inc.)
R3 dtproscsibus; C:\WINDOWS\System32\drivers\dtproscsibus.sys [30264 2019-03-27] (Disc Soft Ltd -> Disc Soft Ltd)
R3 e60MZ0380.X64; C:\WINDOWS\System32\drivers\e60MZ0380.X64.SYS [3981608 2018-10-17] (Elgato Systems LLC -> )
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [149944 2019-10-03] (ESET, spol. s r.o. -> ESET)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [15800 2019-09-30] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [189512 2019-10-03] (ESET, spol. s r.o. -> ESET)
R3 ElbyCDFL; C:\WINDOWS\System32\Drivers\ElbyCDFL.sys [40648 2007-02-16] (SlySoft Inc. -> SlySoft, Inc.)
R3 ElbyCDFL; C:\Windows\SysWOW64\Drivers\ElbyCDFL.sys [40648 2007-02-16] (SlySoft Inc. -> SlySoft, Inc.)
R3 ElgatoVAD; C:\WINDOWS\System32\drivers\ElgatoVAD.sys [39208 2018-07-20] (Elgato Systems LLC -> Elgato Systems GmbH)
R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [116696 2019-12-07] (ESET, spol. s r.o. -> ESET)
S3 ESETCleanersDriver; C:\WINDOWS\system32\Drivers\ESETCleanersDriver.sys [181160 2019-04-11] (ESET, spol. s r.o. -> ESET)
S3 gameflt; C:\WINDOWS\System32\DriverStore\FileRepository\gameflt.inf_amd64_e3f21201adb86c74\gameflt.sys [70704 2019-10-09] (Microsoft Windows -> Microsoft Corporation)
S3 GPCIDrv; C:\Program Files (x86)\GIGABYTE\GIGABYTE OC_GURU II\GPCIDrv64.sys [14376 2014-08-28] (Giga-Byte Technology -> )
S3 libusbK; C:\WINDOWS\System32\drivers\libusbK.sys [47928 2018-05-04] (Travis Lee Robinson -> hxxp://libusb-win32.sourceforge.net)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [216544 2019-12-13] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [20936 2019-12-05] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [278344 2019-12-20] (Malwarebytes Inc -> Malwarebytes)
R2 npf; C:\WINDOWS\System32\drivers\npf.sys [35344 2011-02-11] (CACE Technologies, Inc. -> CACE Technologies, Inc.)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_77e6900053c33f6f\nvlddmkm.sys [23231744 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30336 2019-07-23] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [69840 2019-03-19] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [75600 2019-08-25] (NVIDIA Corporation -> NVIDIA Corporation)
S3 PSKMAD; C:\WINDOWS\System32\DRIVERS\PSKMAD.sys [50320 2015-01-29] (Panda Security S.L. -> Panda Security, S.L.)
R1 SCDEmu; C:\Windows\System32\Drivers\SCDEmu.sys [85424 2008-07-07] (Fenghua Lee -> PowerISO Computing, Inc.)
R3 ScpVBus; C:\WINDOWS\System32\drivers\ScpVBus.sys [39168 2013-05-05] (Bruce James -> Scarlet.Crush Productions)
S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2015-06-17] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
R3 vpnpbus; C:\WINDOWS\System32\drivers\vpnpbus.sys [19208 2018-03-23] (Callback Technologies, Inc. -> Callback Technologies, Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [46472 2019-10-29] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [35584 2018-02-26] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [351968 2019-10-29] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [53984 2019-10-29] (Microsoft Windows -> Microsoft Corporation)
R3 XtuAcpiDriver; C:\WINDOWS\System32\drivers\XtuAcpiDriver.sys [62856 2017-10-24] (Intel Corporation -> Intel Corporation)
S3 Xvdd; C:\WINDOWS\System32\DriverStore\FileRepository\xvdd.inf_amd64_4beca0218f643d77\xvdd.sys [478256 2019-10-09] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ===================
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-12-21 18:07 - 2019-12-21 18:09 - 000068703 _____ C:\Users\DHAMPIRD\Desktop\FRST.txt
2019-12-21 18:06 - 2019-12-21 18:08 - 000000000 ____D C:\FRST
2019-12-21 17:57 - 2019-12-21 17:57 - 002264064 _____ (Farbar) C:\Users\DHAMPIRD\Desktop\FRST64.exe
2019-12-21 17:55 - 2019-12-21 17:56 - 000003515 _____ C:\Users\DHAMPIRD\Desktop\FSS.txt
2019-12-21 17:53 - 2019-12-21 17:53 - 000899584 _____ (Farbar) C:\Users\DHAMPIRD\Desktop\FSS.exe
2019-12-21 02:33 - 2019-12-21 02:33 - 000000000 _____ C:\Users\DHAMPIRD\Desktop\xbox game bar problema.txt
2019-12-20 01:44 - 2019-12-20 01:44 - 000000000 ___HD C:\OneDriveTemp
2019-12-20 01:40 - 2019-12-20 01:40 - 000278344 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2019-12-20 00:26 - 2019-12-20 00:26 - 000000695 _____ C:\Users\DHAMPIRD\AppData\Local\recently-used.xbel
2019-12-20 00:19 - 2019-12-20 00:19 - 000000829 _____ C:\Users\Public\Desktop\CCleaner.lnk
2019-12-20 00:19 - 2019-12-20 00:19 - 000000829 _____ C:\ProgramData\Desktop\CCleaner.lnk
2019-12-19 01:13 - 2019-12-19 01:47 - 000000000 ____D C:\Users\DHAMPIRD\AppData\Roaming\deluge
2019-12-19 01:12 - 2019-12-19 01:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Deluge
2019-12-19 01:12 - 2019-12-19 01:12 - 000000000 ____D C:\Program Files (x86)\Deluge
2019-12-18 20:03 - 2019-12-18 20:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2019-12-18 15:08 - 2019-12-18 15:08 - 000000184 _____ C:\Users\DHAMPIRD\Desktop\reparar.bat
2019-12-17 20:30 - 2019-12-17 20:30 - 000051024 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2019-12-17 20:30 - 2019-12-17 20:30 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2019-12-17 20:30 - 2019-12-17 20:30 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2019-12-17 20:30 - 2019-12-17 20:30 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2019-12-17 00:49 - 2019-12-17 00:49 - 000000000 ____D C:\SEGA LINDBERGH
2019-12-14 02:28 - 2019-12-14 02:28 - 025443840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2019-12-14 02:28 - 2019-12-14 02:28 - 018020352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-12-14 02:28 - 2019-12-14 02:28 - 007754240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-12-14 02:28 - 2019-12-14 02:28 - 006516648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-12-14 02:28 - 2019-12-14 02:28 - 006083832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2019-12-14 02:28 - 2019-12-14 02:28 - 005943296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2019-12-14 02:28 - 2019-12-14 02:28 - 005914112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-12-14 02:28 - 2019-12-14 02:28 - 005764664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2019-12-14 02:28 - 2019-12-14 02:28 - 004129416 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2019-12-14 02:28 - 2019-12-14 02:28 - 002800640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2019-12-14 02:28 - 2019-12-14 02:28 - 002494432 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2019-12-14 02:28 - 2019-12-14 02:28 - 002188816 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystems64.dll
2019-12-14 02:28 - 2019-12-14 02:28 - 002147328 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2019-12-14 02:28 - 2019-12-14 02:28 - 001664904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2019-12-14 02:28 - 2019-12-14 02:28 - 001610752 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2019-12-14 02:28 - 2019-12-14 02:28 - 001539584 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2019-12-14 02:28 - 2019-12-14 02:28 - 001496080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppVEntSubsystems32.dll
2019-12-14 02:28 - 2019-12-14 02:28 - 001458688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2019-12-14 02:28 - 2019-12-14 02:28 - 001413840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2019-12-14 02:28 - 2019-12-14 02:28 - 001399312 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-12-14 02:28 - 2019-12-14 02:28 - 001098928 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2019-12-14 02:28 - 2019-12-14 02:28 - 001072952 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-12-14 02:28 - 2019-12-14 02:28 - 001054864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2019-12-14 02:28 - 2019-12-14 02:28 - 000842552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll
2019-12-14 02:28 - 2019-12-14 02:28 - 000774456 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2019-12-14 02:28 - 2019-12-14 02:28 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2019-12-14 02:28 - 2019-12-14 02:28 - 000673456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2019-12-14 02:28 - 2019-12-14 02:28 - 000646144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2019-12-14 02:28 - 2019-12-14 02:28 - 000595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2019-12-14 02:28 - 2019-12-14 02:28 - 000593128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2019-12-14 02:28 - 2019-12-14 02:28 - 000532480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2019-12-14 02:28 - 2019-12-14 02:28 - 000430080 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcfg.dll
2019-12-14 02:28 - 2019-12-14 02:28 - 000406480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Enumeration.dll
2019-12-14 02:28 - 2019-12-14 02:28 - 000342528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\udfs.sys
2019-12-14 02:28 - 2019-12-14 02:28 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2019-12-14 02:28 - 2019-12-14 02:28 - 000210744 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcbloader.dll
2019-12-14 02:28 - 2019-12-14 02:28 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2019-12-14 02:28 - 2019-12-14 02:28 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
2019-12-14 02:28 - 2019-12-14 02:28 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2019-12-14 02:28 - 2019-12-14 02:28 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2019-12-14 02:28 - 2019-12-14 02:28 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll
2019-12-14 02:28 - 2019-12-14 02:28 - 000100352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cdfs.sys
2019-12-14 02:28 - 2019-12-14 02:28 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2019-12-14 02:28 - 2019-12-14 02:28 - 000097080 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2019-12-14 02:28 - 2019-12-14 02:28 - 000089536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2019-12-14 02:28 - 2019-12-14 02:28 - 000032056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpvideominiport.sys
2019-12-14 02:28 - 2019-12-14 02:28 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dciman32.dll
2019-12-14 02:28 - 2019-12-14 02:28 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DMAlertListener.ProxyStub.dll
2019-12-14 02:28 - 2019-12-14 02:28 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\lpk.dll
2019-12-14 02:27 - 2019-12-14 02:27 - 009927992 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-12-14 02:27 - 2019-12-14 02:27 - 007905000 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2019-12-14 02:27 - 2019-12-14 02:27 - 007600448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-12-14 02:27 - 2019-12-14 02:27 - 007278592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2019-12-14 02:27 - 2019-12-14 02:27 - 007263992 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2019-12-14 02:27 - 2019-12-14 02:27 - 003729408 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2019-12-14 02:27 - 2019-12-14 02:27 - 003703296 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-12-14 02:27 - 2019-12-14 02:27 - 002762296 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2019-12-14 02:27 - 2019-12-14 02:27 - 002716672 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2019-12-14 02:27 - 2019-12-14 02:27 - 002698768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2019-12-14 02:27 - 2019-12-14 02:27 - 002284544 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-12-14 02:27 - 2019-12-14 02:27 - 002082208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2019-12-14 02:27 - 2019-12-14 02:27 - 001757304 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-12-14 02:27 - 2019-12-14 02:27 - 001748480 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-12-14 02:27 - 2019-12-14 02:27 - 001743888 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2019-12-14 02:27 - 2019-12-14 02:27 - 001697280 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2019-12-14 02:27 - 2019-12-14 02:27 - 001656600 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2019-12-14 02:27 - 2019-12-14 02:27 - 001647072 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2019-12-14 02:27 - 2019-12-14 02:27 - 001512528 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-12-14 02:27 - 2019-12-14 02:27 - 001451520 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocoreworker.exe
2019-12-14 02:27 - 2019-12-14 02:27 - 001366128 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2019-12-14 02:27 - 2019-12-14 02:27 - 001261464 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2019-12-14 02:27 - 2019-12-14 02:27 - 001182448 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2019-12-14 02:27 - 2019-12-14 02:27 - 001149712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-12-14 02:27 - 2019-12-14 02:27 - 001066496 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2019-12-14 02:27 - 2019-12-14 02:27 - 001006904 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2019-12-14 02:27 - 2019-12-14 02:27 - 000986936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refsv1.sys
2019-12-14 02:27 - 2019-12-14 02:27 - 000921600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2019-12-14 02:27 - 2019-12-14 02:27 - 000878080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Service.dll
2019-12-14 02:27 - 2019-12-14 02:27 - 000826368 _____ (Microsoft Corporation) C:\WINDOWS\system32\printfilterpipelinesvc.exe
2019-12-14 02:27 - 2019-12-14 02:27 - 000822416 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2019-12-14 02:27 - 2019-12-14 02:27 - 000797112 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2019-12-14 02:27 - 2019-12-14 02:27 - 000674280 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2019-12-14 02:27 - 2019-12-14 02:27 - 000598016 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2019-12-14 02:27 - 2019-12-14 02:27 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SppExtComObj.Exe
2019-12-14 02:27 - 2019-12-14 02:27 - 000550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2019-12-14 02:27 - 2019-12-14 02:27 - 000530944 _____ (Microsoft Corporation) C:\WINDOWS\system32\usosvc.dll
2019-12-14 02:27 - 2019-12-14 02:27 - 000524264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Enumeration.dll
2019-12-14 02:27 - 2019-12-14 02:27 - 000513536 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2019-12-14 02:27 - 2019-12-14 02:27 - 000511000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64win.dll
2019-12-14 02:27 - 2019-12-14 02:27 - 000457216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cldflt.sys
2019-12-14 02:27 - 2019-12-14 02:27 - 000422712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2019-12-14 02:27 - 2019-12-14 02:27 - 000404480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\exfat.sys
2019-12-14 02:27 - 2019-12-14 02:27 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2019-12-14 02:27 - 2019-12-14 02:27 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2019-12-14 02:27 - 2019-12-14 02:27 - 000127272 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2019-12-14 02:27 - 2019-12-14 02:27 - 000125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2019-12-14 02:27 - 2019-12-14 02:27 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\CustomInstallExec.exe
2019-12-14 02:27 - 2019-12-14 02:27 - 000076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\autopilot.dll
2019-12-14 02:27 - 2019-12-14 02:27 - 000070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.EnrollmentStatusTracking.ConfigProvider.dll
2019-12-14 02:27 - 2019-12-14 02:27 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdProxy.dll
2019-12-14 02:27 - 2019-12-14 02:27 - 000067112 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsManagementServiceWinRt.ProxyStub.dll
2019-12-14 02:27 - 2019-12-14 02:27 - 000046592 _____ (Microsoft Corporation) C:\WINDOWS\system32\printfilterpipelineprxy.dll
2019-12-14 02:27 - 2019-12-14 02:27 - 000034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevQueryBroker.dll
2019-12-14 02:27 - 2019-12-14 02:27 - 000025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\autopilotdiag.dll
2019-12-14 02:27 - 2019-12-14 02:27 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\dciman32.dll
2019-12-14 02:27 - 2019-12-14 02:27 - 000010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMAlertListener.ProxyStub.dll
2019-12-14 02:27 - 2019-12-14 02:27 - 000003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpk.dll
2019-12-13 10:51 - 2019-12-13 10:51 - 006199352 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerInstaller.exe
2019-12-13 01:19 - 2019-12-13 01:19 - 000216544 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2019-12-12 23:22 - 2019-12-12 23:22 - 000002209 _____ C:\Users\DHAMPIRD\Desktop\JDownloader 2.lnk
2019-12-11 10:32 - 2019-12-08 22:28 - 011843696 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2019-12-11 10:32 - 2019-12-08 22:28 - 010167952 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2019-12-11 10:32 - 2019-12-08 22:28 - 001729440 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2019-12-11 10:32 - 2019-12-08 22:28 - 001729440 _____ C:\WINDOWS\system32\vulkaninfo.exe
2019-12-11 10:32 - 2019-12-08 22:28 - 001329568 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2019-12-11 10:32 - 2019-12-08 22:28 - 001329568 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2019-12-11 10:32 - 2019-12-08 22:28 - 001079200 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2019-12-11 10:32 - 2019-12-08 22:28 - 001079200 _____ C:\WINDOWS\system32\vulkan-1.dll
2019-12-11 10:32 - 2019-12-08 22:28 - 000937888 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2019-12-11 10:32 - 2019-12-08 22:28 - 000937888 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2019-12-11 10:32 - 2019-12-08 22:28 - 000352712 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2019-12-11 10:32 - 2019-12-08 22:27 - 001483712 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2019-12-11 10:32 - 2019-12-08 22:27 - 001146880 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2019-12-11 10:32 - 2019-12-08 22:27 - 000824256 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmcumd.dll
2019-12-11 10:32 - 2019-12-08 22:27 - 000684992 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2019-12-11 10:32 - 2019-12-08 22:27 - 000676608 _____ C:\WINDOWS\system32\nvofapi64.dll
2019-12-11 10:32 - 2019-12-08 22:27 - 000557072 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2019-12-11 10:32 - 2019-12-08 22:27 - 000545296 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2019-12-11 10:32 - 2019-12-08 22:26 - 040510424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2019-12-11 10:32 - 2019-12-08 22:26 - 035380264 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2019-12-11 10:32 - 2019-12-08 22:26 - 015030896 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2019-12-11 10:32 - 2019-12-08 22:26 - 005382024 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2019-12-11 10:32 - 2019-12-08 22:26 - 004717656 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2019-12-11 10:32 - 2019-12-08 22:26 - 002076064 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2019-12-11 10:32 - 2019-12-08 22:26 - 001727920 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6444166.dll
2019-12-11 10:32 - 2019-12-08 22:26 - 001568504 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2019-12-11 10:32 - 2019-12-08 22:26 - 001491472 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6444166.dll
2019-12-11 10:32 - 2019-12-08 22:26 - 001371648 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2019-12-11 10:32 - 2019-12-08 22:26 - 001064840 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2019-12-11 10:32 - 2019-12-08 22:26 - 000812800 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2019-12-10 18:20 - 2019-12-10 18:20 - 000000894 _____ C:\Users\DHAMPIRD\Desktop\CAPTURAS OBS.lnk
2019-12-07 20:58 - 2019-12-07 20:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2019-12-07 20:58 - 2019-12-07 20:58 - 000000000 ____D C:\ProgramData\ESET
2019-12-07 20:58 - 2019-12-07 20:58 - 000000000 ____D C:\Program Files\ESET
2019-12-07 20:55 - 2019-12-07 20:54 - 000129080 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-64.dll
2019-12-07 17:28 - 2019-12-07 17:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Twitch Leecher
2019-12-07 17:28 - 2019-12-07 17:28 - 000000000 ____D C:\Program Files\Twitch Leecher
2019-12-05 06:03 - 2019-12-05 06:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Security
2019-12-05 06:03 - 2019-12-05 06:03 - 000000000 ____D C:\Program Files (x86)\Panda Security
2019-12-05 06:03 - 2015-09-14 13:03 - 000039672 _____ C:\WINDOWS\system32\Drivers\DasPtct.SYS
2019-12-05 06:03 - 2015-01-29 18:21 - 000050320 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\PSKMAD.sys
2019-12-05 02:53 - 2019-12-13 01:19 - 000153312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2019-12-05 02:53 - 2019-12-05 02:53 - 000020936 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2019-12-05 02:53 - 2019-12-05 02:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-12-05 02:53 - 2019-12-05 02:53 - 000000000 ____D C:\Program Files\Malwarebytes
2019-12-05 02:28 - 2019-12-05 02:28 - 000000000 ____D C:\WINDOWS\pss
2019-12-05 00:53 - 2019-12-05 00:53 - 000000000 ____D C:\Users\DHAMPIRD\AppData\Local\mbam
2019-12-05 00:32 - 2019-12-05 00:32 - 000000000 ____D C:\Users\DHAMPIRD\AppData\Local\mbamtray
2019-12-05 00:32 - 2019-12-05 00:32 - 000000000 ____D C:\ProgramData\Malwarebytes
2019-12-04 23:53 - 2019-12-04 23:53 - 000003544 _____ C:\WINDOWS\system32\Tasks\{3D22ECEA-BF69-4F06-ACAE-BC5C0FE5B693}
2019-12-04 23:38 - 2019-12-04 23:38 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2019-12-04 16:38 - 2019-12-17 23:38 - 000000374 _____ C:\Users\DHAMPIRD\Desktop\Nuevo documento de texto.txt
2019-12-04 16:22 - 2019-12-04 16:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogiFEPluginforLync2010
2019-12-03 20:32 - 2019-12-09 12:16 - 000000000 ____D C:\Program Files\Mozilla Firefox
2019-12-02 22:04 - 2019-12-02 22:04 - 000000000 ____D C:\Users\DHAMPIRD\AppData\Local\Logitech
2019-12-02 17:19 - 2019-12-02 17:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Configuración de cámara Logitech
2019-12-02 16:15 - 2019-12-02 16:15 - 000000000 ____D C:\Users\DHAMPIRD\AppData\Local\Deployment
2019-12-02 16:14 - 2019-12-02 22:02 - 000000000 ____D C:\Program Files\Logitech
2019-12-02 16:12 - 2019-12-02 16:12 - 000000000 ____D C:\Users\DHAMPIRD\AppData\Roaming\Logishrd
2019-12-02 16:11 - 2019-12-02 16:11 - 000000000 ____D C:\ProgramData\Logishrd
2019-11-26 19:07 - 2019-12-08 22:28 - 000451656 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2019-11-26 19:07 - 2019-12-08 22:26 - 017462424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2019-11-26 19:07 - 2019-12-08 22:26 - 000659152 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2019-11-23 13:46 - 2017-10-17 17:13 - 000001592 _____ C:\WINDOWS\system32\TNODUP-Portable.ini
2019-11-23 13:46 - 2012-05-28 14:04 - 000000027 _____ C:\WINDOWS\system32\Insert License with the maximum expiration date.bat
2019-11-23 13:46 - 2012-05-28 14:04 - 000000024 _____ C:\WINDOWS\system32\Recover current License.bat
2019-11-23 13:46 - 2012-05-28 14:04 - 000000024 _____ C:\WINDOWS\system32\Licenses Downloader.bat
2019-11-23 13:46 - 2012-05-28 14:03 - 000000024 _____ C:\WINDOWS\system32\Config.bat
2019-11-23 13:34 - 2019-08-09 16:30 - 000000001 _____ C:\WINDOWS\y.txt
2019-11-23 13:30 - 2019-11-23 13:30 - 000000000 ____D C:\WINDOWS\Wget
2019-11-23 13:30 - 2019-11-23 13:30 - 000000000 ____D C:\WINDOWS\curl
2019-11-21 10:24 - 2019-11-21 10:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2019-11-21 10:22 - 2019-11-21 10:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2019-11-21 10:22 - 2019-11-21 10:22 - 000000000 ____D C:\Program Files\iTunes
2019-11-21 10:22 - 2019-11-21 10:22 - 000000000 ____D C:\Program Files\iPod
2019-11-21 10:17 - 2019-11-21 10:17 - 000000000 ____D C:\WINDOWS\system32\Tasks\Apple
2019-11-21 10:17 - 2019-11-21 10:17 - 000000000 ____D C:\Program Files (x86)\Apple Software Update
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-12-21 18:08 - 2016-07-12 13:09 - 000000000 ____D C:\Users\DHAMPIRD\AppData\Roaming\uTorrent
2019-12-21 18:03 - 2019-03-19 05:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-12-21 17:41 - 2019-09-09 06:20 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-12-21 17:40 - 2019-09-09 06:58 - 000005196 _____ C:\WINDOWS\system32\Tasks\Microsoft Office 15 Sync Maintenance for FOXHOUNDi7-DHAMPIRD FOXHOUNDi7
2019-12-21 16:59 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-12-21 16:54 - 2016-07-12 00:47 - 000000000 ____D C:\Users\DHAMPIRD\AppData\Local\Packages
2019-12-21 08:46 - 2016-07-23 22:50 - 000000000 ____D C:\Users\DHAMPIRD\AppData\Roaming\vlc
2019-12-21 05:40 - 2016-08-14 13:53 - 000000000 ____D C:\Users\DHAMPIRD\AppData\Local\ElevatedDiagnostics
2019-12-21 02:00 - 2016-07-29 16:36 - 000000000 ____D C:\Users\DHAMPIRD\AppData\Local\Adobe
2019-12-21 01:44 - 2019-02-14 12:07 - 000000000 ___RD C:\Users\DHAMPIRD\Google Drive
2019-12-21 01:08 - 2018-10-17 00:25 - 000000000 ____D C:\Users\DHAMPIRD\AppData\Local\WhatsApp
2019-12-21 01:07 - 2018-04-10 23:15 - 000000000 ____D C:\Users\DHAMPIRD\AppData\Local\SquirrelTemp
2019-12-21 01:06 - 2018-10-17 00:26 - 000000000 ____D C:\Users\DHAMPIRD\AppData\Roaming\WhatsApp
2019-12-20 23:13 - 2019-02-22 14:48 - 000000000 ____D C:\ProgramData\boost_interprocess
2019-12-20 23:09 - 2018-05-07 01:42 - 000000000 ____D C:\Users\DHAMPIRD\AppData\Roaming\obs-studio
2019-12-20 23:09 - 2016-07-14 21:33 - 000000000 ____D C:\Users\DHAMPIRD\AppData\Local\CrashDumps
2019-12-20 23:03 - 2016-08-28 14:01 - 000000132 _____ C:\Users\DHAMPIRD\AppData\Roaming\Prefs. de formato PNG de Adobe CS6
2019-12-20 22:51 - 2019-10-03 20:19 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2019-12-20 22:51 - 2019-10-03 20:19 - 000000000 ___HD C:\ProgramData\Documents\AdobeGCData
2019-12-20 09:58 - 2016-07-31 01:58 - 000000000 ____D C:\Users\DHAMPIRD\AppData\Local\JDownloader v2.0
2019-12-20 07:53 - 2016-09-05 14:52 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2019-12-20 01:52 - 2016-07-12 01:38 - 000000000 ____D C:\ProgramData\NVIDIA
2019-12-20 01:46 - 2019-09-09 06:34 - 001775182 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-12-20 01:46 - 2019-03-19 12:59 - 000788498 _____ C:\WINDOWS\system32\perfh00A.dat
2019-12-20 01:46 - 2019-03-19 12:59 - 000155836 _____ C:\WINDOWS\system32\perfc00A.dat
2019-12-20 01:46 - 2019-03-19 05:50 - 000000000 ____D C:\WINDOWS\INF
2019-12-20 01:45 - 2017-12-30 03:35 - 000000000 ___RD C:\Users\DHAMPIRD\iCloudDrive
2019-12-20 01:44 - 2019-07-25 04:56 - 000008192 _____ C:\WINDOWS\SysWOW64\WDPABKP.dat
2019-12-20 01:44 - 2019-03-22 23:34 - 000000000 ___RD C:\Users\DHAMPIRD\OneDrive
2019-12-20 01:43 - 2016-11-18 11:35 - 000000000 ____D C:\Users\DHAMPIRD\AppData\LocalLow\Mozilla
2019-12-20 01:40 - 2019-09-09 06:58 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-12-20 01:40 - 2018-07-06 20:17 - 000000000 ____D C:\Users\DHAMPIRD\AppData\Roaming\WTablet
2019-12-20 01:39 - 2019-03-19 05:37 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2019-12-20 00:23 - 2016-07-29 15:29 - 000000000 ___RD C:\Users\DHAMPIRD\Desktop\SECURE &CLEAN
2019-12-20 00:22 - 2019-10-30 18:24 - 000000000 ____D C:\WINDOWS\Minidump
2019-12-20 00:22 - 2019-09-09 04:19 - 000000000 ___DC C:\WINDOWS\Panther
2019-12-20 00:22 - 2019-06-29 12:46 - 000000000 ____D C:\Users\DHAMPIRD\AppData\Roaming\MPC-HC
2019-12-20 00:22 - 2019-03-27 04:58 - 000000000 ____D C:\Users\DHAMPIRD\AppData\Roaming\DAEMON Tools Pro
2019-12-20 00:22 - 2016-08-11 22:26 - 000000000 ____D C:\Program Files (x86)\Steam
2019-12-20 00:20 - 2016-08-13 19:46 - 000000000 ____D C:\Program Files\CCleaner
2019-12-20 00:19 - 2019-09-09 06:58 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2019-12-19 14:09 - 2017-07-22 13:57 - 000008380 _____ C:\Users\DHAMPIRD\Desktop\ONGOING.nfo
2019-12-19 01:47 - 2016-07-29 15:29 - 000000000 ___RD C:\Users\DHAMPIRD\Desktop\INTERNET
2019-12-18 20:04 - 2016-07-28 20:15 - 000000000 ____D C:\Program Files (x86)\Dropbox
2019-12-18 10:21 - 2019-03-19 05:52 - 000000000 ___HD C:\Program Files\WindowsApps
2019-12-18 00:03 - 2016-07-12 01:48 - 000002305 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-12-17 16:11 - 2018-04-10 23:15 - 000000000 ____D C:\Users\DHAMPIRD\AppData\Roaming\discord
2019-12-17 05:41 - 2016-08-01 15:50 - 000000000 ____D C:\Users\DHAMPIRD\AppData\Roaming\Audacity
2019-12-16 05:21 - 2019-03-22 23:18 - 000000000 ___RD C:\Users\DHAMPIRD\3D Objects
2019-12-16 05:21 - 2016-08-13 19:58 - 000000000 __RHD C:\Users\Public\AccountPictures
2019-12-16 05:20 - 2019-09-09 06:20 - 005317968 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-12-16 05:15 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SystemResources
2019-12-16 05:14 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\ShellExperiences
2019-12-16 05:14 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-12-14 03:18 - 2014-12-20 22:25 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-12-14 02:44 - 2014-12-20 22:25 - 129221664 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-12-14 02:43 - 2019-03-19 05:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-12-13 23:22 - 2019-09-09 06:58 - 000003622 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2019-12-13 23:22 - 2019-09-09 06:58 - 000003498 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2019-12-13 14:36 - 2019-07-08 09:54 - 000000000 ____D C:\Users\DHAMPIRD\Documents\Usenet.nl
2019-12-13 11:57 - 2016-07-12 00:47 - 000000000 ____D C:\Program Files\KMSpico
2019-12-13 10:52 - 2019-09-09 06:58 - 000004564 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player NPAPI Notifier
2019-12-13 10:52 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\Macromed
2019-12-13 10:51 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2019-12-13 02:20 - 2019-07-08 09:54 - 000000000 ____D C:\Users\DHAMPIRD\AppData\Roaming\Usenet.nl
2019-12-13 02:00 - 2019-02-22 00:33 - 000000703 _____ C:\Users\DHAMPIRD\Documents\CIV_LogFile.txt
2019-12-13 02:00 - 2019-02-22 00:33 - 000000081 _____ C:\Users\DHAMPIRD\AppData\Local\FILM_AE_LogFile.txt
2019-12-13 00:02 - 2019-11-02 22:40 - 000000000 ____D C:\Users\DHAMPIRD\AppData\Local\JDownloader 2.0
2019-12-12 23:22 - 2019-11-02 22:41 - 000000000 ____D C:\Users\DHAMPIRD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JDownloader
2019-12-09 17:44 - 2016-07-31 00:35 - 000000000 ____D C:\Users\DHAMPIRD\AppData\Roaming\Winamp
2019-12-09 12:40 - 2019-03-22 23:32 - 000000000 ____D C:\Users\DHAMPIRD\AppData\Local\PlaceholderTileLogoFolder
2019-12-09 12:13 - 2016-07-23 23:15 - 000000000 ____D C:\Program Files (x86)\Java
2019-12-08 18:20 - 2019-11-13 18:56 - 004224176 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2019-12-08 18:20 - 2019-09-03 19:19 - 004957288 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2019-12-07 21:12 - 2019-10-03 15:13 - 000116696 _____ (ESET) C:\WINDOWS\system32\Drivers\epfwwfp.sys
2019-12-07 20:59 - 2019-03-19 05:52 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2019-12-07 20:55 - 2018-09-10 22:18 - 000000000 ____D C:\Program Files\Java
2019-12-07 20:55 - 2016-07-26 22:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2019-12-07 20:54 - 2018-09-10 22:19 - 000129080 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2019-12-07 20:53 - 2018-09-15 05:41 - 000114232 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2019-12-07 20:42 - 2019-08-08 13:00 - 000000000 ____D C:\Users\DHAMPIRD\AppData\Roaming\IObit
2019-12-07 20:42 - 2019-08-08 13:00 - 000000000 ____D C:\ProgramData\IObit
2019-12-07 17:28 - 2016-07-12 01:54 - 000000000 ____D C:\ProgramData\Package Cache
2019-12-07 04:09 - 2019-09-03 19:19 - 000055685 _____ C:\WINDOWS\system32\nvinfo.pb
2019-12-07 02:21 - 2016-07-30 13:38 - 000670744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2019-12-07 02:21 - 2016-07-30 13:38 - 000083392 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2019-12-07 02:21 - 2016-07-12 01:38 - 005562208 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2019-12-07 02:21 - 2016-07-12 01:38 - 002652712 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2019-12-07 02:21 - 2016-07-12 01:38 - 001768456 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2019-12-07 02:21 - 2016-07-12 01:38 - 000455152 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2019-12-07 02:21 - 2016-07-12 01:38 - 000129392 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2019-12-05 19:42 - 2019-08-08 13:00 - 000000000 ____D C:\Program Files (x86)\IObit
2019-12-05 19:42 - 2016-07-12 00:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico
2019-12-05 19:07 - 2019-03-22 23:43 - 000000000 ____D C:\Users\DHAMPIRD\AppData\Local\D3DSCache
2019-12-05 05:53 - 2016-07-29 20:28 - 000000000 ____D C:\Users\DHAMPIRD\Documents\temp
2019-12-05 02:31 - 2019-09-09 05:30 - 000000000 ____D C:\Users\DHAMPIRD
2019-12-04 23:56 - 2016-07-12 02:09 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-12-04 23:47 - 2016-07-12 02:09 - 000000954 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2019-12-04 23:45 - 2019-02-22 23:55 - 000000000 ____D C:\Program Files (x86)\myiHome
2019-12-04 23:44 - 2017-12-30 03:35 - 000000000 ____D C:\Users\DHAMPIRD\AppData\Local\576740E3-4131-4D3D-8020-B5287E25D945.aplzod
2019-12-04 23:18 - 2017-11-02 20:16 - 000000000 ____D C:\Users\DHAMPIRD\AppData\Roaming\qBittorrent
2019-12-04 16:21 - 2019-03-23 18:32 - 000000000 ___RD C:\Users\DHAMPIRD\Desktop\CAPTURE SOFT
2019-12-04 16:18 - 2016-07-29 15:29 - 000000000 ___RD C:\Users\DHAMPIRD\Desktop\MULTIMEDIA
2019-12-04 11:50 - 2016-07-12 01:38 - 008800072 _____ C:\WINDOWS\system32\nvcoproc.bin
2019-12-02 22:02 - 2016-08-14 20:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
2019-12-02 16:14 - 2016-07-29 16:43 - 000000000 ____D C:\Program Files\Adobe
2019-12-02 16:14 - 2016-07-29 16:39 - 000000000 ____D C:\Program Files\Common Files\Adobe
2019-12-02 16:11 - 2019-05-11 02:35 - 000001320 _____ C:\WINDOWS\wininit.ini
2019-12-01 16:57 - 2016-08-01 17:34 - 000000000 ____D C:\Users\DHAMPIRD\AppData\Roaming\HandBrake
2019-11-23 19:25 - 2016-07-28 20:22 - 000000000 ___RD C:\Users\DHAMPIRD\Dropbox
2019-11-23 17:59 - 2016-07-29 15:29 - 000000000 ___RD C:\Users\DHAMPIRD\Desktop\IPAD2 & IPHONE
2019-11-23 12:54 - 2019-04-24 23:02 - 000000000 ____D C:\Users\DHAMPIRD\AppData\Local\cache
2019-11-23 09:40 - 2019-01-23 19:31 - 000000000 ____D C:\Users\DHAMPIRD\AppData\Roaming\Twitch Leecher
2019-11-23 02:29 - 2019-09-09 06:58 - 000003374 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3597564769-968549059-3920177797-1005
2019-11-23 02:29 - 2019-09-09 05:30 - 000002454 _____ C:\Users\DHAMPIRD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-11-21 10:17 - 2016-08-01 14:32 - 000002535 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
==================== Files in the root of some directories ========
2017-06-17 00:42 - 2017-06-17 00:42 - 000000087 _____ () C:\Users\DHAMPIRD\AppData\Roaming\1de0de73-de3e-46c6-81b0-f6455f081644
2019-06-14 05:12 - 2019-06-14 05:12 - 000000171 _____ () C:\Users\DHAMPIRD\AppData\Roaming\822f02e4-9e9a-4077-a765-71edfca16ad0
2016-08-14 19:04 - 2016-08-14 19:04 - 000000268 ___RH () C:\Users\DHAMPIRD\AppData\Roaming\Action
2016-08-14 19:04 - 2016-08-14 19:04 - 000000268 ___RH () C:\Users\DHAMPIRD\AppData\Roaming\Action Clauses
2016-08-14 19:04 - 2016-08-14 19:04 - 000000268 ___RH () C:\Users\DHAMPIRD\AppData\Roaming\Alerts
2018-05-15 11:58 - 2018-05-15 11:59 - 000054610 _____ () C:\Users\DHAMPIRD\AppData\Roaming\DB.xml
2018-09-22 02:31 - 2018-09-23 01:32 - 000000132 _____ () C:\Users\DHAMPIRD\AppData\Roaming\Prefs. de formato BMP de Adobe CS6
2016-10-03 16:03 - 2016-10-03 16:03 - 000000132 _____ () C:\Users\DHAMPIRD\AppData\Roaming\Prefs. de formato GIF de Adobe CS6
2016-08-28 14:01 - 2019-12-20 23:03 - 000000132 _____ () C:\Users\DHAMPIRD\AppData\Roaming\Prefs. de formato PNG de Adobe CS6
2016-08-01 14:39 - 2018-08-30 00:20 - 000000600 _____ () C:\Users\DHAMPIRD\AppData\Roaming\winscp.rnd
2019-02-22 00:33 - 2019-12-13 02:00 - 000000081 _____ () C:\Users\DHAMPIRD\AppData\Local\FILM_AE_LogFile.txt
2018-09-28 18:22 - 2018-09-28 18:22 - 000000000 _____ () C:\Users\DHAMPIRD\AppData\Local\oobelibMkey.log
2019-12-20 00:26 - 2019-12-20 00:26 - 000000695 _____ () C:\Users\DHAMPIRD\AppData\Local\recently-used.xbel
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Addition (primera parte)
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-12-2019
Ran by DHAMPIRD (21-12-2019 18:09:51)
Running from C:\Users\DHAMPIRD\Desktop
Windows 10 Pro Version 1903 18362.535 (X64) (2019-09-09 06:00:37)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrador (S-1-5-21-3597564769-968549059-3920177797-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3597564769-968549059-3920177797-503 - Limited - Disabled)
DHAMPIRD (S-1-5-21-3597564769-968549059-3920177797-1005 - Administrator - Enabled) => C:\Users\DHAMPIRD
HomeGroupUser$ (S-1-5-21-3597564769-968549059-3920177797-1003 - Limited - Enabled)
Invitado (S-1-5-21-3597564769-968549059-3920177797-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-3597564769-968549059-3920177797-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AV: ESET Security (Disabled - Up to date) {885D845F-AF19-0124-FECE-FFF49D00F440}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKU\S-1-5-21-3597564769-968549059-3920177797-1005\...\uTorrent) (Version: 3.4.2.32080 - BitTorrent Inc.)
µTorrent (HKU\S-1-5-21-3597564769-968549059-3920177797-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12202019014044384\...\uTorrent) (Version: 3.4.2.32080 - BitTorrent Inc.)
µTorrent (HKU\S-1-5-21-3597564769-968549059-3920177797-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12202019014049760\...\uTorrent) (Version: 3.4.2.32080 - BitTorrent Inc.)
3dsmax ancillary install (HKLM-x32\...\{7C8B5E63-821A-4DFB-BDFA-19854D88EC5C}) (Version: 1 - Autodesk) Hidden
4K Capture Utility (HKLM\...\{1269C43A-A073-46B4-BA55-15B9491E36BA}) (Version: 1.5.0.3647 - Elgato Systems)
7-Zip 4.42 (HKLM-x32\...\7-Zip) (Version: - )
Actualización de NVIDIA 38.0.2.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 38.0.2.0 - NVIDIA Corporation) Hidden
Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 18.011.20035 - Adobe Systems Incorporated)
Adobe Acrobat Reader DC - Español (HKLM-x32\...\{AC76BA86-7AD7-1034-7B44-AC0F074E4100}) (Version: 19.021.20061 - Adobe Systems Incorporated)
Adobe After Effects CS6 (HKLM-x32\...\{4817D846-700B-474E-A31B-80892B3E92E3}) (Version: 11.0.1 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.303 - Adobe)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Premiere Pro CC 2015 (HKLM-x32\...\{38C72D42-0672-43B1-9E05-E7631684F9A1}) (Version: 9.0.0 - Adobe Systems Incorporated)
Adobe Premiere Pro CS6 (HKLM-x32\...\{7176B973-6011-43C1-AEBC-2D73FE7C6982}) (Version: 6.0 - Adobe Systems Incorporated)
Aegisub 3.2.2 (HKLM\...\{24BC8B57-716C-444F-B46B-A3349B9164C5}_is1) (Version: 3.2.2 - Aegisub Team)
AIDA64 Extreme Edition v1.70 (HKLM-x32\...\AIDA64 Extreme Edition_is1) (Version: 1.70 - FinalWire Ltd.)
Aiseesoft Blu-ray Player 6.3.6 (HKLM-x32\...\{3E1A13C3-E458-4995-BEA6-4B9BE279D502}_is1) (Version: 6.3.6 - Aiseesoft Studio)
Aiseesoft Video Converter Ultimate 9.2.62 (HKLM-x32\...\{4E453AA0-3B4A-4b78-BA4B-E2EAB6DF11D6}_is1) (Version: 9.2.62 - Aiseesoft Studio)
Aliens vs Predator (HKLM-x32\...\Aliens vs Predator_is1) (Version: - )
Anime Studio Pro 9.0 (HKLM\...\ASP900_is1) (Version: 9.0 - Smith Micro Software, Inc.)
Anime Studio Pro 9.0 (x86) (HKLM-x32\...\ASP900_is1) (Version: 9.0 - Smith Micro Software, Inc.)
ANT Drivers Installer x64 (HKLM\...\{7664AF65-7B0D-4171-9F0F-50455278B428}) (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Aplicación de escritorio de Autodesk (HKLM-x32\...\Autodesk Desktop App) (Version: 6.2.0.174 - Autodesk)
Aplicación para detectar Winamp (HKU\S-1-5-21-3597564769-968549059-3920177797-1005\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
Aplicación para detectar Winamp (HKU\S-1-5-21-3597564769-968549059-3920177797-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12202019014044384\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
Aplicación para detectar Winamp (HKU\S-1-5-21-3597564769-968549059-3920177797-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12202019014049760\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
Apowersoft Video Converter Studio V4.4.8 (HKLM-x32\...\{195E8D7F-292B-4B04-A6E7-E96CAF04C767}_is1) (Version: 4.4.8 - APOWERSOFT LIMITED)
Apple Application Support (32 bits) (HKLM-x32\...\{BED24701-751B-41C5-8888-A8EABAB9FE8C}) (Version: 8.1 - Apple Inc.)
Apple Application Support (64 bits) (HKLM\...\{88F21C94-88AF-4665-AF4F-FECB1FA059B9}) (Version: 8.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{45DDDFED-AABC-450C-B49C-5B4A5E547F5B}) (Version: 13.0.0.38 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A3985C05-7386-411F-A4BF-32A73F37EB44}) (Version: 2.6.3.1 - Apple Inc.)
Arturia V Collection 7 (HKLM\...\V Collection 7_is1) (Version: 7.0.0 - Arturia)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.12 - Michael Tippach)
Asistente para actualización a Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22866 - Microsoft Corporation)
Audacity 2.0.4 (HKLM-x32\...\Audacity_is1) (Version: 2.0.4 - Audacity Team)
Autodesk 3ds Max 2015 (HKLM\...\{52B37EC7-D836-0410-0264-3C24BCED2010}) (Version: 17.0.630.0 - Autodesk) Hidden
Autodesk 3ds Max 2015 (HKLM\...\Autodesk 3ds Max 2015) (Version: 17.0.630.0 - Autodesk)
Autodesk 3ds Max 2015 Populate Data (HKLM\...\{57E92DED-DC6C-41E5-B9E1-76D83BD2EABE}) (Version: 17.0.0.0 - Autodesk)
Autodesk Backburner 2015 (HKLM-x32\...\{8C5F38D2-8EFE-49A4-B3F5-BF3210FED168}) (Version: 15.0.0.0 - Autodesk)
Autodesk DirectConnect 2015 64-bit (HKLM\...\{23C9ED7C-CB64-45FE-A7EA-1BA666F5589D}) (Version: 9.0.56.4 - Autodesk) Hidden
Autodesk DirectConnect 2015 64-bit (HKLM\...\Autodesk DirectConnect 2015 64-bit) (Version: 9.0.56.4 - Autodesk)
Autodesk DWF Viewer 7 (HKLM-x32\...\{9A346205-EA92-4406-B1AB-50379DA3F057}) (Version: 7.0.0 - Autodesk, Inc.)
Autodesk Inventor Server Engine for 3ds Max 2015 (HKLM\...\{9167CA34-4E48-49E3-8892-3C439739D2D3}) (Version: 17.0 - Autodesk)
Autodesk Material Library 2015 (HKLM-x32\...\{427F733F-4D6C-45BC-9324-EB743104C321}) (Version: 5.2.9.100 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2015 (HKLM-x32\...\{ABE2F70B-8D94-44E9-AA04-F0DB35063D62}) (Version: 5.2.9.100 - Autodesk)
Autodesk Material Library Medium Resolution Image Library 2015 (HKLM-x32\...\{9F6466D9-6EFC-4A10-B931-C72D1A3F1763}) (Version: 5.2.9.100 - Autodesk)
Autodesk Revit Interoperability for 3ds Max 2015 (HKLM\...\{0BB716E0-1500-0610-0000-097DC2F354DF}) (Version: 15.0.107.0 - Autodesk) Hidden
Autodesk Revit Interoperability for 3ds Max 2015 (HKLM\...\Autodesk Revit Interoperability for 3ds Max 2015) (Version: 15.0.107.0 - Autodesk)
AutoHotkey 1.1.30.00 (HKLM\...\AutoHotkey) (Version: 1.1.30.00 - Lexikos)
Backup and Sync from Google (HKLM\...\{93EBD8BA-7A14-4636-8F1F-E929ADF2C3A9}) (Version: 3.47.7654.0300 - Google, Inc.)
bl (HKLM-x32\...\{2A075BB4-E976-4278-BF3F-E5C6945D84C0}) (Version: 1.0.0 - Your Company Name) Hidden
Blender (HKLM\...\{47A0EA10-D506-4473-AE99-5E07DD1062DE}) (Version: 2.77.1 - Blender Foundation)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Camera RAW Plug-In for EPSON Creativity Suite (HKLM-x32\...\{8DAC1AE4-33D1-4A78-8A42-00E09EDECC3E}) (Version: 2.1.0.0 - )
Castlevania - The Bloodletting V.1.3 BETA (HKU\S-1-5-21-3597564769-968549059-3920177797-1005\...\Castlevania - The Bloodletting V.1.3 BETA) (Version: - )
Castlevania - The Bloodletting V.1.3 BETA (HKU\S-1-5-21-3597564769-968549059-3920177797-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12202019014044384\...\Castlevania - The Bloodletting V.1.3 BETA) (Version: - )
Castlevania - The Bloodletting V.1.3 BETA (HKU\S-1-5-21-3597564769-968549059-3920177797-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12202019014049760\...\Castlevania - The Bloodletting V.1.3 BETA) (Version: - )
CCleaner (HKLM\...\{AFF38D29-AD4D-4D0F-8F39-DACC6D9F2029}) (Version: 5.19.5633 - Piriform Ltd)
CCleaner (HKLM\...\CCleaner) (Version: 5.63 - Piriform)
CDisplay 1.8 (HKLM-x32\...\CDisplay_is1) (Version: - dvd8n)
CDRWIN 8 (HKLM-x32\...\{23D4A873-14FF-474E-0001-6529DDC11226}) (Version: 8.0.11.0121 - Engelmann Media GmbH)
CLIP STUDIO 1.7.3 (HKLM-x32\...\{49274EB8-4598-47E6-8039-9BB7CE07627E}) (Version: 1.7.3 - CELSYS)
CLIP STUDIO PAINT 1.7.3 (HKLM-x32\...\{1E4572D2-28BC-4BC9-B743-13DC6CFD71DB}) (Version: 1.7.3 - CELSYS)
CloneCD (HKLM-x32\...\CloneCD) (Version: - SlySoft)
CloneDVD 3.6 (HKLM-x32\...\CloneDVD.exe_is1) (Version: - Copyright (C) 2003-2005 DVD X Studios.)
ComicRack v0.9.178 (HKLM\...\ComicRack) (Version: v0.9.178 - cYo Soft)
Configuración de cámara Logitech (HKLM-x32\...\LogiUCDPP) (Version: 2.10.4.0 - Logitech Europe S.A.)
Corel Graphics - Windows Shell Extension (HKLM\...\_{3CAAE169-6001-48ED-B2C6-5B6F511552FD}) (Version: 18.0.0.448 - Corel Corporation)
Corel Graphics - Windows Shell Extension (HKLM\...\{3CAAE169-6001-48ED-B2C6-5B6F511552FD}) (Version: 18.0.448 - Corel Corporation) Hidden
Corel Graphics - Windows Shell Extension 32 Bit Keys (HKLM\...\{C8730B1A-133D-4546-8E21-9EC186341F20}) (Version: 18.0.448 - Corel Corporation) Hidden
Corel Update Manager (HKLM\...\{B8C05FFE-C36F-4F17-AD20-739E4BC65AC9}) (Version: 2.11.552 - Corel corporation) Hidden
CorelDRAW Graphics Suite X8 - BR (x64) (HKLM\...\{67D57366-EFCC-46DA-BB1F-BBE89B377177}) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - Capture (x64) (HKLM\...\{1253ED86-69FD-4A7B-BDF2-96A522583A88}) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - Common (x64) (HKLM\...\{72922AB6-F920-4C98-985D-EC90CE0918D4}) (Version: 18.0.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - Connect (x64) (HKLM\...\{9782A612-03A7-488F-A598-33558163D8F8}) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - CS (x64) (HKLM\...\{300DB480-7301-436A-A312-B695B2BC6D71}) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - CT (x64) (HKLM\...\{43C4A17D-93D9-41C6-8ACA-370EA390ED2A}) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - Custom Data (x64) (HKLM\...\{02C85FBD-87D3-4352-BF2E-AFE897CD5559}) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - CZ (x64) (HKLM\...\{A67AEE14-0435-4B8C-A367-F5EDE6CAF9F6}) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - DE (x64) (HKLM\...\{4AA43BE3-D21B-44D7-B9CD-86692DEF3706}) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - Draw (x64) (HKLM\...\{A66E09BB-9892-421D-9EB9-311D12AA5244}) (Version: 18.0.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - EN (x64) (HKLM\...\{A0845CAD-ED13-46A4-A050-5ACE4631FDEC}) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - ES (x64) (HKLM\...\{B1452C41-DC90-4B58-8320-ABB515E87FFB}) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - Filters (x64) (HKLM\...\{6E6D1438-33CC-413B-BC96-3497B1271CDD}) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - Font Manager (x64) (HKLM\...\{5FB5FF89-0938-49D9-850B-53B78B84A7E4}) (Version: 18.0.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - FR (x64) (HKLM\...\{0A182180-3BAF-4B94-BFD0-CF082CC5FF0D}) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - IPM (x64) (HKLM\...\{A040C72A-0ADC-4FB9-9DB4-19B18F6053F1}) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - IPM Content (x64) (HKLM\...\{FB081BA0-08D2-4C8C-9E55-788A90430BE3}) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - IT (x64) (HKLM\...\{8285FEBA-D373-493F-BC78-934F84A0A298}) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - JP (x64) (HKLM\...\{F5A1D3E4-416E-4723-AD35-86A372B99174}) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - NL (x64) (HKLM\...\{A7922CC8-0EBD-497B-B381-5B3992905327}) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - PHOTO-PAINT (x64) (HKLM\...\{04D8C47E-C0FE-4CA5-8878-91ECD9552109}) (Version: 18.0.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - PL (x64) (HKLM\...\{6F03D92C-48DB-4182-8A51-BEF8FE64B72C}) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - Redist (x64) (HKLM\...\{50D1BD2D-6D8C-45A8-9DB5-CDAB7227DB36}) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - RU (x64) (HKLM\...\{B83D220A-33AB-4AF5-963A-887BD971270E}) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - Setup Files (x64) (HKLM\...\{4B3FC55D-E999-4BEC-AF29-1091E574961F}) (Version: 18.0.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - VBA (x64) (HKLM\...\{48DD8181-A983-447B-9660-A55A935CA751}) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - VideoBrowser (x64) (HKLM\...\{81EBD8D4-9142-4D33-BF34-D99EFC1180F5}) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - Workspaces (x64) (HKLM\...\{1D4B870D-A5A8-4B88-9520-ED8EFD545AA1}) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - Writing Tools (x64) (HKLM\...\{23A2ABD8-8231-48AD-AD71-FF0566A7DD8F}) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 (64-Bit) (HKLM\...\_{4B3FC55D-E999-4BEC-AF29-1091E574961F}) (Version: 18.0.0.450 - Corel Corporation)
CorelDRAW Graphics Suite X8 (HKLM\...\{ECFAF1D6-342D-4AE2-B6BF-82B22F9FE8DE}) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 -TR (x64) (HKLM\...\{ACC8C1B0-E560-4B42-AA52-9CAD14883B29}) (Version: 18.0 - Corel Corporation) Hidden
CPUID CPU-Z 1.76 (HKLM\...\CPUID CPU-Z_is1) (Version: - ) <==== ATTENTION
CX4300_5500_DX4400 Manual (HKLM-x32\...\CX4300_5500_DX4400 Manual) (Version: - )
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Pro (HKLM\...\DAEMON Tools Pro) (Version: 8.2.0.0708 - Disc Soft Ltd)
Dark Souls 3 (HKLM-x32\...\Dark Souls 3_is1) (Version: - )
Deluge 1.3.15 (HKLM-x32\...\Deluge) (Version: - )
DiscJuggler (HKLM-x32\...\DiscJuggler) (Version: 6.0.0.1400 - Padus Incorporated)
Discord (HKU\S-1-5-21-3597564769-968549059-3920177797-1005\...\Discord) (Version: 0.0.305 - Discord Inc.)
Discord (HKU\S-1-5-21-3597564769-968549059-3920177797-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12202019014044384\...\Discord) (Version: 0.0.305 - Discord Inc.)
Discord (HKU\S-1-5-21-3597564769-968549059-3920177797-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12202019014049760\...\Discord) (Version: 0.0.305 - Discord Inc.)
DisplayFusion 9.3 (HKLM-x32\...\B076073A-5527-4f4f-B46B-B10692277DA2_is1) (Version: 9.3.0.0 - Binary Fortress Software)
Dropbox (HKLM-x32\...\Dropbox) (Version: 87.4.138 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.241.1 - Dropbox, Inc.) Hidden
DVDFab (x64) 11.0.3.4 (31/05/2019) (HKLM-x32\...\DVDFab 11(x64)) (Version: 11.0.3.4 - DVDFab Software Inc.)
EAGLE 8.7.0 (HKLM\...\EAGLE_is1) (Version: 8.7.0 - Autodesk, Inc.)
EaseUS Data Recovery Wizard (HKLM\...\EaseUS Data Recovery Wizard_is1) (Version: - EaseUS)
Eines de correcció del Microsoft Office 2013: català (HKLM\...\{90150000-001F-0403-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Elevated Installer (HKLM-x32\...\{1052502B-4C91-43F9-B160-AE39ED57C9F0}) (Version: 5.3.1.0 - Garmin Ltd or its subsidiaries) Hidden
Elgato Control Center (HKLM\...\{B84C32C4-95AA-40D2-9F90-497365C1B0A4}) (Version: 1.0.1.580 - Elgato Systems)
Elgato Game Capture HD (HKLM\...\{22094C2E-6F60-42B4-BC98-1F0A2BE5E238}) (Version: 3.70.30.3030 - Elgato Systems GmbH)
Elgato Stream Deck (HKLM\...\{8A97C794-8E45-4BA2-847A-61DD869333EE}) (Version: 4.2.1.10055 - Elgato Systems GmbH)
eLicenser Control (HKLM-x32\...\eLicenser Control) (Version: - Steinberg Media Technologies GmbH)
Emby Server (HKU\S-1-5-21-3597564769-968549059-3920177797-1005\...\Emby Server) (Version: 4.2 - Emby Team)
Emby Server (HKU\S-1-5-21-3597564769-968549059-3920177797-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12202019014044384\...\Emby Server) (Version: 4.2 - Emby Team)
Emby Server (HKU\S-1-5-21-3597564769-968549059-3920177797-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12202019014049760\...\Emby Server) (Version: 4.2 - Emby Team)
eMule (HKLM-x32\...\eMule) (Version: - )
EPSON Attach To Email (HKLM-x32\...\{20C45B32-5AB6-46A4-94EF-58950CAF05E5}) (Version: 1.01.0000 - SEIKO EPSON) Hidden
EPSON Attach To Email (HKLM-x32\...\InstallShield_{20C45B32-5AB6-46A4-94EF-58950CAF05E5}) (Version: 1.01.0000 - SEIKO EPSON)
EPSON Copy Utility 3 (HKLM-x32\...\{67EDD823-135A-4D59-87BD-950616D6E857}) (Version: 3.2.0.0 - )
EPSON Easy Photo Print (HKLM-x32\...\{B66E665A-DF96-4C38-9422-C7F74BC1B4E5}) (Version: 1.4.2.0 - )
EPSON File Manager (HKLM-x32\...\{2EB81825-E9EE-44F4-8F51-1240C3898DC6}) (Version: 1.3.0.0 - )
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - )
EPSON Scan Assistant (HKLM-x32\...\{2A88F1BF-7041-4E42-84B1-6B4ACB83AC64}) (Version: 1.10.00 - )
ESET Security (HKLM\...\{6D46484B-0BE2-4060-9CD3-FA87ED960ED9}) (Version: 13.0.24.0 - ESET, spol. s r.o.)
ExactFile 1.0.0.15 (HKLM-x32\...\ExactFile_is1) (Version: - StudyLamp Software LLC)
Extended Asian Language font pack for Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-2530-0000-AC0F074E4100}) (Version: 15.007.20033 - Adobe Systems Incorporated)
FBX Plugin 2006.08 for Max 9.0 (HKLM-x32\...\FBX Plugin 2006.08 for Max 9.0) (Version: - )
FBX Plugin 2006.08 for Max 9.0 64 (HKLM-x32\...\FBX Plugin 2006.08 for Max 9.0 64) (Version: - )
Ferramentas de verificación de Microsoft Office 2013 - Galego (HKLM\...\{90150000-001F-0456-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
FileZilla Client 3.20.1 (HKLM-x32\...\FileZilla Client) (Version: 3.20.1 - Tim Kosse)
FileZilla Server (HKLM-x32\...\FileZilla Server) (Version: beta 0.9.60 - FileZilla Project)
FL Studio 12 (HKLM-x32\...\FL Studio 12) (Version: - Image-Line)
FL Studio ASIO (HKLM-x32\...\FL Studio ASIO) (Version: - Image-Line)
FLAC To MP3 V4.0.4 (HKLM-x32\...\FLAC To MP3_is1) (Version: - FLAC To MP3, Inc.)
FlashFXP 4 (HKLM-x32\...\FlashFXP 4) (Version: 4.4.1.1998 - OpenSight Software LLC)
Flashtool (HKLM-x32\...\Flashtool) (Version: 0.9.19.0 - Androxyde)
FlexHEX version 2.7 (HKLM-x32\...\FlexHEX_is1) (Version: 2.7 - Inv Softworks LLC)
FolderView (HKLM-x32\...\FolderView) (Version: - )
Forza Motorsport 7 [FULL REMOVAL] (HKU\S-1-5-21-3597564769-968549059-3920177797-1005\...\{F0A95FBB-6D6A-4D41-A55F-3803B5044A45}_is1) (Version: 1.130.1736.2 - Microsoft Studios)
Forza Motorsport 7 [FULL REMOVAL] (HKU\S-1-5-21-3597564769-968549059-3920177797-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12202019014044384\...\{F0A95FBB-6D6A-4D41-A55F-3803B5044A45}_is1) (Version: 1.130.1736.2 - Microsoft Studios)
Forza Motorsport 7 [FULL REMOVAL] (HKU\S-1-5-21-3597564769-968549059-3920177797-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12202019014049760\...\{F0A95FBB-6D6A-4D41-A55F-3803B5044A45}_is1) (Version: 1.130.1736.2 - Microsoft Studios)
Freemake Video Converter versión 4.1.10 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.10 - Mixbyte Inc.)
Garmin Express (HKLM-x32\...\{BCC7CA85-E57F-452D-BB44-15A1CE018BD0}) (Version: 5.3.1.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express (HKLM-x32\...\{bd8bd200-9a60-4969-b267-6b565f36e3da}) (Version: 5.3.1.0 - Garmin Ltd or its subsidiaries)
Garmin Express Tray (HKLM-x32\...\{DA9C865D-6762-4931-8588-0B13B7A0796B}) (Version: 5.3.1.0 - Garmin Ltd or its subsidiaries) Hidden
Ghostscript GPL 8.64 (Msi Setup) (HKLM-x32\...\_{06CD45E6-FF5E-4D8E-BC01-B276A90DADF2}) (Version: 8.64 - Corel Corporation)
Ghostscript GPL 8.64 (Msi Setup) (HKLM-x32\...\{06CD45E6-FF5E-4D8E-BC01-B276A90DADF2}) (Version: 8.64 - Corel Corporation) Hidden
GIGABYTE OC_GURU II (HKLM-x32\...\{EA298EC1-2B8F-4DA9-8C5B-BC1FCBBAD72F}) (Version: 1.90.0000 - GIGABYTE Technology Co.,Ltd.) Hidden
GIGABYTE OC_GURU II (HKLM-x32\...\InstallShield_{EA298EC1-2B8F-4DA9-8C5B-BC1FCBBAD72F}) (Version: 1.90.0000 - GIGABYTE Technology Co.,Ltd.)
Git version 2.16.2 (HKLM\...\Git_is1) (Version: 2.16.2 - The Git Development Community)
GonVisor 2.44.01 (HKLM-x32\...\GonVisor_is1) (Version: - GON)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 79.0.3945.88 - Google LLC)
Google Earth Pro (HKLM\...\{70A0F34E-564B-4F93-ADD6-3BAEC6E44075}) (Version: 7.3.2.5776 - Google)
Google Gmail Notifier (HKLM-x32\...\{0228e555-4f9c-4e35-a3ec-b109a192b4c2}) (Version: - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.421 - Google LLC) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.115 - Google Inc.) Hidden
GQ USB Driver V2.0.1 (HKLM-x32\...\MCUmall USBprg GQ-4X_is1) (Version: - MCUmall, Inc.)
GQ USB Programmer version 6.29 (HKLM-x32\...\GQ USB Programmer_is1) (Version: 6.29 - )
GQBlaster (HKLM-x32\...\{5EA55F4F-0AE6-45EE-A14E-DB2B436139AA}) (Version: 0.8 - mcumall)
Gtk# for .Net 2.12.26 (HKLM-x32\...\{BC25B808-A11C-4C9F-9C0A-6682E47AAB83}) (Version: 2.12.26 - Xamarin, Inc.)
HandBrake 1.2.1 (HKLM-x32\...\HandBrake) (Version: 1.2.1 - )
HDD Health v4.2 (HKLM-x32\...\HDD Health_is1) (Version: - )
HDD Regenerator (HKLM-x32\...\{2445981B-A23B-4A0E-AD15-3D391BDAEC3E}) (Version: 1.71.0012 - Abstradrome)
HitmanPro 3.7 (HKLM\...\HitmanPro37) (Version: 3.7.15.281 - SurfRight B.V.)
HxD Hex Editor version 1.7.7.0 (HKLM-x32\...\HxD Hex Editor_is1) (Version: 1.7.7.0 - Maël Hörz)
iCloud (HKLM\...\{576BC8FA-1891-47C8-8A23-F3DDB78C06DE}) (Version: 7.15.0.10 - Apple Inc.)
IconRestorer 1.0.8.1 SR1 (HKLM-x32\...\IconRestorer Free_is1) (Version: - FSL - FreeSoftLand)
IL Download Manager (HKLM-x32\...\IL Download Manager) (Version: - Image-Line)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
Intel(R) C++ Redistributables for Windows* on Intel(R) 64 (HKLM-x32\...\{D2437C5C-2D8C-40D2-8059-689AD7239FA3}) (Version: 11.1.048 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1162 - Intel Corporation)
Intel(R) Network Connections 20.2.3001.0 (HKLM\...\PROSetDX) (Version: 20.2.3001.0 - Intel)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.6.0.1029 - Intel Corporation)
Intel(R) USB 3.0 Host Controller Adaptation Driver (HKLM\...\{9472AEE5-5D4D-4329-8BD8-B282FD33B8E0}) (Version: 1.0.1.45 - Intel Corporation)
Intel® Security Assist (HKLM-x32\...\{4B230374-6475-4A73-BA6E-41015E9C5013}) (Version: 1.0.0.532 - Intel Corporation)
ips XP 1.11.2600 (HKLM-x32\...\ips XP_is1) (Version: 1.11.2600 - Tenchi wielding the Illumina sword)
iSkysoft Helper Compact 2.5.2 (HKLM-x32\...\{9BF12010-8799-41A5-A671-E9CFDE9E79F3}_is1) (Version: 2.5.2 - iSkysoft)
iSkysoft iMedia Converter Deluxe(Build 10.4.2.195) (HKLM-x32\...\iMedia Converter Deluxe_is1) (Version: 10.4.2.195 - iSkysoft Software)
IsoBuster 1.7 (HKLM-x32\...\IsoBuster_is1) (Version: 1.7 - Smart Projects)
iTunes (HKLM\...\{A5117F15-A968-4C0F-A4B0-3F601C4ACC77}) (Version: 12.10.2.3 - Apple Inc.)
Java 8 Update 231 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180231F0}) (Version: 8.0.2310.11 - Oracle Corporation)
Java 8 Update 231 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180231F0}) (Version: 8.0.2310.11 - Oracle Corporation)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
K-Lite Mega Codec Pack 15.0.0 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 15.0.0 - KLCP)
KMSpico (HKLM\...\{8B29D47F-92E2-4C20-9EE0-F710991F5D7C}_is1) (Version: - )
KMSpico v9.1.3 (HKLM\...\KMSpico_is1) (Version: 9.1.3 - )
LogiFEPlugin for Lync2010 (HKLM-x32\...\LogiFEPluginforLync2010) (Version: 1.2.311.0 - Logitech Europe S.A.)
Logitech Capture (HKLM\...\Capture) (Version: 1.10.110 - Logitech)
Logitech Desktop Messenger (HKLM-x32\...\{900B1197-53F5-4F46-A882-2CFFFE2EEDCB}) (Version: - )
Logitech Options (HKLM\...\LogiOptions) (Version: 8.0.863 - Logitech)
Magic Bullet Suite v13.0.11 (HKLM-x32\...\{99487911-8011-42BC-B594-8B02BFD32B1D}_is1) (Version: 13.0.11 - Red Giant, LLC)
MakeMKV v1.14.4 (HKLM-x32\...\MakeMKV) (Version: v1.14.4 - GuinpinSoft inc)
Malwarebytes version 4.0.4.49 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.0.4.49 - Malwarebytes)
MediaInfo 0.7.59 (32-bit) (HKLM-x32\...\MediaInfo) (Version: 0.7.59 - MediaArea.net)
MediaInfo 0.7.87 (HKLM\...\MediaInfo) (Version: 0.7.87 - MediaArea.net)
MegaDownloader 1.7 (HKLM\...\{C12C2297-65A4-4E64-9AE1-29F0D947FDA0}}_is1) (Version: 1.7 - AppsForMega.info)
MEGAsync (HKLM-x32\...\MEGAsync) (Version: - Mega Limited)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3597564769-968549059-3920177797-1005\...\OneDriveSetup.exe) (Version: 19.192.0926.0012 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3597564769-968549059-3920177797-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12202019014044384\...\OneDriveSetup.exe) (Version: 19.192.0926.0012 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3597564769-968549059-3920177797-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12202019014049760\...\OneDriveSetup.exe) (Version: 19.192.0926.0012 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{650c9b4a-60ec-4e4e-8d8e-32d85ce3b7c5}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.13.26020 (HKLM-x32\...\{7474cd6e-76cc-4257-837e-5b9261e526af}) (Version: 14.13.26020.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.16.27012 (HKLM-x32\...\{67f67547-9693-4937-aa13-56e296bd40f6}) (Version: 14.16.27012.6 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio Installer (HKLM\...\{6F320B93-EE3C-4826-85E0-ADF79F8D4C61}) (Version: 1.15.3248.309 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2012 (HKLM-x32\...\{89ca2a32-2b52-4595-8dfd-6fe4757958d0}) (Version: 11.0.51108 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2015 (HKLM-x32\...\{dd8b09df-3ef8-49f1-bd1a-65278435860b}) (Version: 14.0.23217 - Microsoft Corporation)
MKVCleaver x64 (HKLM\...\{1256E11A-B91F-4869-9DC3-EBCC7466314C}) (Version: 6.0.7 - Ilia Bakhmoutski)
MKVToolNix 8.5.1 (64bit) (HKLM-x32\...\MKVToolNix) (Version: 8.5.1 - Moritz Bunkus)
ModelSim-Altera Starter Edition 13.0.0.156 (HKLM-x32\...\ModelSim-Altera Starter Edition 13.0.0.156) (Version: 13.0 - Altera Corporation)
Monkey's Audio x64 (HKLM-x32\...\Monkey's Audio x64_is1) (Version: - )
Movie Maker (HKLM-x32\...\{38F03569-A636-4CF3-BDDE-032C8C251304}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 71.0 (x64 es-ES) (HKLM\...\Mozilla Firefox 71.0 (x64 es-ES)) (Version: 71.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 53.0.3 - Mozilla)
MP4Tools v3.7 (HKLM-x32\...\MP4Tools_is1) (Version: - Thüring IT-Consulting)
MUSICMATCH Jukebox (HKLM-x32\...\{45EBDA59-D33B-433A-956E-B2F236468B56}) (Version: - )
myiHome v5.2.0 (HKLM-x32\...\myiHome_is1) (Version: - Syabas Technology Sdn. Bhd.)
NeoBook 5.6.2 (HKLM-x32\...\{B111977A-E61A-4EA3-9F19-605E69C06D14}_is1) (Version: 5.6.2 - NeoSoft Corp.)
Nero Burning ROM 10 (HKLM-x32\...\{7A5D731D-B4B3-490E-B339-75685712BAAB}) (Version: 10.2.11000.12.100 - Nero AG)
Nero Burning ROM 10 (HKLM-x32\...\{FE83F463-7E61-4B18-9FA0-B94B90A0B6B9}) (Version: 10.5.10300 - Nero AG)
Nero BurnRights 10 (HKLM-x32\...\{943CFD7D-5336-47AF-9418-E02473A5A517}) (Version: 4.2.10300.0.102 - Nero AG)
Nero Update (HKLM-x32\...\{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}) (Version: 1.0.0018 - Nero AG)
Nikon Message Center 2 (HKLM-x32\...\{B014EE44-9197-4513-9613-71E6EB1B514E}) (Version: 2.0.1 - Nikon)
NirSoft ShellExView (HKLM-x32\...\NirSoft ShellExView) (Version: - )
Node.js (HKLM\...\{4219DF19-09C9-47A4-88C0-49778E491E54}) (Version: 8.9.4 - Node.js Foundation)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.19 - NVIDIA Corporation) Hidden
NVIDIA Audio virtual de Miracast 419.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Miracast.VirtualAudio) (Version: 419.35 - NVIDIA Corporation)
NVIDIA Controlador de audio HD 1.3.38.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.21 - NVIDIA Corporation)
NVIDIA Controlador de gráficos 441.66 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 441.66 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.20.1.57 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.1.57 - NVIDIA Corporation)
NVIDIA Software del sistema PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 23.0.1 - OBS Project)
obs-ios-camera-source version git (HKLM-x32\...\{EFCC1549-F2CF-4540-B258-EB26A30237D2}_is1) (Version: git - Will Townsend)
OpenToonz version 1.1.0 (HKLM\...\{D9A9B1A3-9370-4BE9-9C8F-7B52EEECB973}_is1) (Version: 1.1.0 - DWANGO Co., Ltd.)
Origin (HKLM-x32\...\Origin) (Version: 10.5.26.8488 - Electronic Arts, Inc.)
Outils de vérification linguistique 2013 de Microsoft Office - Français (HKLM\...\{90150000-001F-040C-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x64 Hosting Support - PTB (HKLM\...\{E237254B-36A1-3D27-815E-B37C13BE0796}) (Version: 11.0.51108 - Microsoft Corporation) Hidden
Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x86 Hosting Support - PTB (HKLM-x32\...\{03077B58-6ACF-32CA-B42A-EAA458C295A1}) (Version: 11.0.51108 - Microsoft Corporation) Hidden
Panda Cloud Cleaner (HKLM-x32\...\{92B2B132-C7F0-43DC-921A-4493C04F78A4}_is1) (Version: 1.1.10 - Panda Security)
Panel de control de NVIDIA 441.66 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 441.66 - NVIDIA Corporation) Hidden
Paquete de controladores de Windows - Altera (WinUSB) JTAG cables (02/11/2014,2014.02.11 ) (HKLM\...\6D27F566AFC20C2281F903D0D9620D335BBAF1AB) (Version: 02/11/2014,2014.02.11 - Altera)
Paquete de controladores de Windows - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Paquete de controladores de Windows - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
Paquete de idioma de Microsoft Visual Studio 2010 Tools para Office Runtime (x64) - ESN (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - ESN) (Version: 10.0.50903 - Microsoft Corporation)
PDF Settings CS6 (HKLM-x32\...\{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}) (Version: 11.0 - Adobe Systems Incorporated) Hidden
PDF To JPG 2.0 (HKLM-x32\...\PDF To JPG_is1) (Version: - PDF To JPG)
ph (HKLM-x32\...\{185F9795-9663-4F13-9EF9-307A282ADB5A}) (Version: 1.0.0 - Your Company Name) Hidden
Picture Control Utility (HKLM-x32\...\{87441A59-5E64-4096-A170-14EFE67200C3}) (Version: 1.2.2 - Nikon)
Plex Media Server (HKLM-x32\...\{9296e017-c45c-484f-b51b-36a42ffa2b48}) (Version: 1.18.0.1913 - Plex, Inc.)
Plex Media Server (HKLM-x32\...\{F8ED7149-77DB-4735-873F-AA4102F2CC0D}) (Version: 1.18.1913 - Plex, Inc.) Hidden
Port Forward Network Utilities (HKLM-x32\...\{4C345FED-92FF-4F24-AD0E-F114F4216DC7}) (Version: 3.0.36 - Portforward, LLC)
Port Forwarding Wizard 4.8 (HKLM-x32\...\Port Forwarding Wizard_is1) (Version: - upRedSun and iForwarder, Inc.)
PowerISO (HKLM-x32\...\PowerISO) (Version: - )
Python 2.6 (64-bit) (HKLM\...\{110EB5C4-E995-4CFB-AB80-A5F315BEA9E9}) (Version: 2.6.150 - Python Software Foundation)
Python 2.7 pycrypto-2.6 (HKU\S-1-5-21-3597564769-968549059-3920177797-1005\...\pycrypto-py2.7) (Version: - )
Python 2.7 pycrypto-2.6 (HKU\S-1-5-21-3597564769-968549059-3920177797-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12202019014044384\...\pycrypto-py2.7) (Version: - )
Python 2.7 pycrypto-2.6 (HKU\S-1-5-21-3597564769-968549059-3920177797-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12202019014049760\...\pycrypto-py2.7) (Version: - )
Python 2.7.13 (HKLM-x32\...\{4A656C6C-D24A-473F-9747-3A8D00907A03}) (Version: 2.7.13150 - Python Software Foundation)
Python 2.7.15 (64-bit) (HKLM\...\{16CD92A4-0152-4CB7-8FD6-9788D3363617}) (Version: 2.7.15150 - Python Software Foundation)
Python 3.6.4 (32-bit) (HKU\S-1-5-21-3597564769-968549059-3920177797-1005\...\{9218130b-5ad0-4cf7-82be-6993cfd6cb84}) (Version: 3.6.4150.0 - Python Software Foundation)
Python 3.6.4 (32-bit) (HKU\S-1-5-21-3597564769-968549059-3920177797-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12202019014044384\...\{9218130b-5ad0-4cf7-82be-6993cfd6cb84}) (Version: 3.6.4150.0 - Python Software Foundation)
Python 3.6.4 (32-bit) (HKU\S-1-5-21-3597564769-968549059-3920177797-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12202019014049760\...\{9218130b-5ad0-4cf7-82be-6993cfd6cb84}) (Version: 3.6.4150.0 - Python Software Foundation)
Python 3.6.4 Core Interpreter (32-bit) (HKLM-x32\...\{D188614B-E656-4EF1-9F5A-23559EBE8F5A}) (Version: 3.6.4150.0 - Python Software Foundation) Hidden
Python 3.6.4 Development Libraries (32-bit) (HKLM-x32\...\{C3797E33-967D-4687-8F1A-9DE771A00125}) (Version: 3.6.4150.0 - Python Software Foundation) Hidden
Python 3.6.4 Documentation (32-bit) (HKLM-x32\...\{E09874D3-E898-4AB6-B043-EE24DF786088}) (Version: 3.6.4150.0 - Python Software Foundation) Hidden
Python 3.6.4 Executables (32-bit) (HKLM-x32\...\{47A75DB9-F3F5-4697-9261-DBA5162DBB9E}) (Version: 3.6.4150.0 - Python Software Foundation) Hidden
Python 3.6.4 pip Bootstrap (32-bit) (HKLM-x32\...\{54142B43-2FA5-4BBA-BF03-27C10EB50C1E}) (Version: 3.6.4150.0 - Python Software Foundation) Hidden
Python 3.6.4 Standard Library (32-bit) (HKLM-x32\...\{2832768E-9BCA-4421-950C-7186B3BDFC45}) (Version: 3.6.4150.0 - Python Software Foundation) Hidden
Python 3.6.4 Tcl/Tk Support (32-bit) (HKLM-x32\...\{20888FA1-8127-42E3-969F-9BF93245AC83}) (Version: 3.6.4150.0 - Python Software Foundation) Hidden
Python 3.6.4 Test Suite (32-bit) (HKLM-x32\...\{D14FB2FA-51B2-415C-93BF-5053102235EE}) (Version: 3.6.4150.0 - Python Software Foundation) Hidden
Python 3.6.4 Utility Scripts (32-bit) (HKLM-x32\...\{D0730E44-E519-4F39-B926-E2FC0449D67C}) (Version: 3.6.4150.0 - Python Software Foundation) Hidden
Python 3.7.0 (64-bit) (HKU\S-1-5-21-3597564769-968549059-3920177797-1005\...\{f684de81-73c2-4924-ad43-e7ae400d47b5}) (Version: 3.7.150.0 - Python Software Foundation)
Python 3.7.0 (64-bit) (HKU\S-1-5-21-3597564769-968549059-3920177797-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12202019014044384\...\{f684de81-73c2-4924-ad43-e7ae400d47b5}) (Version: 3.7.150.0 - Python Software Foundation)
Python 3.7.0 (64-bit) (HKU\S-1-5-21-3597564769-968549059-3920177797-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12202019014049760\...\{f684de81-73c2-4924-ad43-e7ae400d47b5}) (Version: 3.7.150.0 - Python Software Foundation)
Python 3.7.0 Add to Path (64-bit) (HKLM\...\{A03DCA8A-AAD0-4A25-8CE0-D50D73797233}) (Version: 3.7.150.0 - Python Software Foundation) Hidden
Python 3.7.0 Core Interpreter (64-bit) (HKLM\...\{F046BD5A-33F4-4ABA-BD2D-0227F6291EC9}) (Version: 3.7.150.0 - Python Software Foundation) Hidden
Python 3.7.0 Development Libraries (64-bit) (HKLM\...\{61246987-8D99-44A9-8FF5-E2E3F503B72D}) (Version: 3.7.150.0 - Python Software Foundation) Hidden
Python 3.7.0 Documentation (64-bit) (HKLM\...\{E7C56E72-C80E-453B-9345-FAEAE5DB51A4}) (Version: 3.7.150.0 - Python Software Foundation) Hidden
Python 3.7.0 Executables (64-bit) (HKLM\...\{84B7971A-F59F-4247-AD34-BEC02CF85FBD}) (Version: 3.7.150.0 - Python Software Foundation) Hidden
Python 3.7.0 pip Bootstrap (64-bit) (HKLM\...\{8A6F7991-1955-4C46-8C0C-8D7C6F7042FA}) (Version: 3.7.150.0 - Python Software Foundation) Hidden
Python 3.7.0 Standard Library (64-bit) (HKLM\...\{18D93BBC-06F6-449D-96FB-CD473CFC6A6D}) (Version: 3.7.150.0 - Python Software Foundation) Hidden
Python 3.7.0 Tcl/Tk Support (64-bit) (HKLM\...\{A2FC01E0-059E-4D21-AFD2-B63A7E1EF3CD}) (Version: 3.7.150.0 - Python Software Foundation) Hidden
Python 3.7.0 Test Suite (64-bit) (HKLM\...\{E4266358-1C9B-4AF0-ABF7-72BE136904CF}) (Version: 3.7.150.0 - Python Software Foundation) Hidden
Python 3.7.0 Utility Scripts (64-bit) (HKLM\...\{9E24E01B-CBD8-4558-A56D-6188F1A3C822}) (Version: 3.7.150.0 - Python Software Foundation) Hidden
Python Launcher (HKLM-x32\...\{D6BDDB48-938A-4384-A7BE-2B4E4931B111}) (Version: 3.7.6386.0 - Python Software Foundation)
qBittorrent 3.3.16 (HKLM-x32\...\qBittorrent) (Version: 3.3.16 - The qBittorrent project)
Quartus II Web Edition (Free) 13.0.0.156 (HKLM-x32\...\Quartus II Web Edition (Free) 13.0.0.156) (Version: 13.0 - Altera Corporation)
Quartus Prime Pro Edition Programmer and Tools 18.0.0.219 (HKLM\...\Quartus Prime Pro Edition Programmer and Tools 18.0.0.219) (Version: 18.0 - Intel Corporation)
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7553 - Realtek Semiconductor Corp.)
Red Giant Link (HKLM-x32\...\{10F82E5B-B611-4C65-8F29-666A9EC5680A}_is1) (Version: 1.9.13.0 - Red Giant, LLC)
Revisores de Texto do Microsoft Office 2013 – Português do Brasil (HKLM\...\{90150000-001F-0416-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
SD Card Formatter (HKLM-x32\...\{10C16E01-F739-4093-89A7-E570589FA0F6}) (Version: 5.0.0 - SD Association)
Sekiro Shadows Die Twice (HKLM-x32\...\Sekiro Shadows Die Twice_is1) (Version: - )
Service Pack 1 for Microsoft Office 2013 (KB2817430) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version: - Microsoft)
Servicio Xperia Companion (HKLM\...\{62A561E8-3F7C-4363-AAC0-6390476CE334}) (Version: 1.5.12.0 - Sony) Hidden
SHAIO (HKLM-x32\...\SHAIO) (Version: 1.0.0.1 - getraid)
Shenmue I and II (HKLM-x32\...\Shenmue I and II_is1) (Version: - )
Sky Player 6.3.0.0 (HKU\S-1-5-21-3597564769-968549059-3920177797-1005\...\com.bskyb.skyplayer_is1) (Version: 6.3.0.0 - Sky)
Sky Player 6.3.0.0 (HKU\S-1-5-21-3597564769-968549059-3920177797-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12202019014044384\...\com.bskyb.skyplayer_is1) (Version: 6.3.0.0 - Sky)
Sky Player 6.3.0.0 (HKU\S-1-5-21-3597564769-968549059-3920177797-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12202019014049760\...\com.bskyb.skyplayer_is1) (Version: 6.3.0.0 - Sky)
Skype™ 7.29 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.29.102 - Skype Technologies S.A.)
SmartShare (HKLM-x32\...\{BAB337AE-DD9E-45C3-BED6-0EE4732AEC60}) (Version: 2.3.1511.1201 - LG Electronics Inc.)
Software de impresora EPSON (HKLM\...\EPSON Printer and Utilities) (Version: - SEIKO EPSON Corporation)
Software para dispositivos de chipset Intel® (HKLM-x32\...\{c7f54569-0018-439c-809a-48046a4d4ebc}) (Version: 10.1.1.9 - Intel(R) Corporation) Hidden
Sony Mobile Emma (HKLM-x32\...\Emma) (Version: 2.16.10.201607130957 - Sony Mobile Communications Inc.)
SpaceEngine versión 0.9.7.2 (HKLM-x32\...\{E65FD500-9218-44EC-9586-D39FAB4DFDAF}_is1) (Version: 0.9.7.2 - SpaceEngine)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Steinberg Cubase LE AI Elements 6 64bit (HKLM\...\{8EEEB23E-A3EB-44A4-AEE9-D2FD6F96E4A0}) (Version: 6.0.2 - Steinberg Media Technologies GmbH)
Steinberg Drum Loop Expansion 01 (HKLM-x32\...\{490BF87E-1F75-4453-BF55-9F540543A3CA}) (Version: 2.0.0.0 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent ONE Content (HKLM-x32\...\{BD86F1AC-B594-46E4-85DC-1258AC9E2232}) (Version: 1.0.0.003 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent ONE Vintage Beatboxes (HKLM-x32\...\{DBF4BC99-53F1-4C97-84C3-7557D103E182}) (Version: 1.0.0.000 - Steinberg Media Technologies GmbH)
Steinberg HALion Sonic SE 64bit (HKLM\...\{B99C316B-C135-43B5-8E77-2BC5E241F964}) (Version: 1.5.2 - Steinberg Media Technologies GmbH)
Steinberg HALion Sonic SE Content for Cubase LE AI Elements (HKLM-x32\...\{CF45002F-2205-4116-BB51-2D015F436CAC}) (Version: 1.5.2.000 - Steinberg Media Technologies GmbH)
Stopping Plex (HKLM-x32\...\{AD1F345D-39FB-46A0-BC4A-527CB1688EBC}) (Version: 1.18.1913 - Plex, Inc.) Hidden
Streamlabs OBS 0.12.3 (HKLM\...\029c4619-0385-5543-9426-46f9987161d9) (Version: 0.12.3 - General Workings, Inc.)
Subtitle Edit 3.3.13 (HKLM-x32\...\SubtitleEdit_is1) (Version: 3.3.13.131 - Nikse)
Tableta Wacom (HKLM\...\Wacom Tablet Driver) (Version: 6.3.30-6 - Wacom Technology Corp.)
TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version: - TechPowerUp)
TegraRcmGUI (HKLM-x32\...\{D039E679-D036-455F-AC7C-377AA2191953}) (Version: 2.2.0 - eliboa) Hidden
TegraRcmGUI (HKLM-x32\...\TegraRcmGUI 2.2.0) (Version: 2.2.0 - eliboa)
Tenorshare 4uKey 2.0.0.18 (HKLM-x32\...\{Tenorshare 4uKey}_is1) (Version: 2.0.0.18 - Tenorshare, Inc.)
Toon Boom Storyboard Pro Trial (HKLM-x32\...\{52E819E9-C69A-4AF6-B2B3-BC01F8B0ECA3}) (Version: 8.1.4108 - Toon Boom Animation Inc.)
Twitch Leecher 1.8 (HKLM\...\{F6711650-3BDB-4025-82D4-0639CC06F686}) (Version: 1.8.0.0 - Franiac) Hidden
Twitch Leecher 1.8 (HKLM-x32\...\{4ef3f40e-3993-4078-af37-d9444538f014}) (Version: 1.8.0.0 - Franiac)
UltraISO Premium V9.65 (HKLM-x32\...\UltraISO_is1) (Version: - )
Unity (HKLM-x32\...\Unity) (Version: 2017.3.1f1 - Unity Technologies ApS)
Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
Uplay (HKLM-x32\...\Uplay) (Version: 25.0 - Ubisoft)
Usenet.nl (HKLM-x32\...\Usenet.nl_is1) (Version: - )
Uso a distancia de tu PS4 (HKLM-x32\...\{2571934F-1135-4D9F-996A-332AEE68593A}) (Version: 2.8.0.03041 - Sony Interactive Entertainment Inc.)
ViewNX 2 (HKLM-x32\...\{DDD62492-32A7-412B-8AF1-2CF032AD42E3}) (Version: 2.1.2 - Nikon)
Visual Studio Community 2017 (HKLM-x32\...\95d67e3c) (Version: 15.6.27428.2011 - Microsoft Corporation)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.7.1 - VideoLAN)
VNC Viewer 5.2.3 (HKLM\...\{04A52EEA-FA17-48D5-9879-1256C5263CD7}) (Version: 5.2.3 - RealVNC Ltd)
vs_communitymsi (HKLM-x32\...\{C2749223-157E-48F0-9410-A510361D6803}) (Version: 15.6.27406 - Microsoft Corporation) Hidden
vs_communitymsires (HKLM-x32\...\{340226AB-D0EF-4715-A331-AB3A416B5018}) (Version: 15.0.26621 - Microsoft Corporation) Hidden
vs_devenvmsi (HKLM-x32\...\{BFFA2FFB-1095-4ADD-A352-368806D2412B}) (Version: 15.0.26621 - Microsoft Corporation) Hidden
vs_filehandler_amd64 (HKLM-x32\...\{02DD895F-089F-4A63-81A9-78D00142AF20}) (Version: 15.6.27406 - Microsoft Corporation) Hidden
vs_filehandler_x86 (HKLM-x32\...\{E6A92308-33DF-494B-A91A-3B80FBC97F2B}) (Version: 15.6.27406 - Microsoft Corporation) Hidden
vs_FileTracker_Singleton (HKLM-x32\...\{8EB2C670-04C2-482D-BACD-B4095E27FD39}) (Version: 15.6.27309 - Microsoft Corporation) Hidden
vs_minshellinteropmsi (HKLM-x32\...\{6B45EEA3-85F8-4B26-B952-6830A45F2688}) (Version: 15.6.27323 - Microsoft Corporation) Hidden
vs_minshellmsi (HKLM-x32\...\{13E08AD0-D6AC-44C4-9F5B-0AE2EB56B105}) (Version: 15.6.27421 - Microsoft Corporation) Hidden
vs_minshellmsires (HKLM-x32\...\{E70CC1B8-7ED5-4495-9C52-603FE87F38F4}) (Version: 15.0.26621 - Microsoft Corporation) Hidden
WD Discovery Software (HKLM-x32\...\{99341ACA-2A86-4235-A636-02A2A9820987}) (Version: 1.80 - Western Digital)
WD Drive Utilities (HKLM-x32\...\{2F540611-6560-470F-924A-5F52EFA9156F}) (Version: 1.0.5.7 - Western Digital Technologies, Inc.)
WD Quick View (HKLM-x32\...\{E83047E3-B85C-40E4-A421-017B264AB761}) (Version: 2.4.16.16 - Western Digital Technologies, Inc.)
WD Security (HKLM-x32\...\{A95E3E66-D5A4-404E-997D-02562AA492E8}) (Version: 1.0.5.7 - Western Digital Technologies, Inc.)
WD SmartWare (HKLM\...\{02D359F8-1DEF-41DD-8561-99C7321BFE00}) (Version: 2.4.16.16 - Western Digital Technologies, Inc.)
WD SmartWare Installer (HKLM-x32\...\{4555885d-a64c-4234-9aac-72a8a6b5590b}) (Version: 2.4.16.16 - Western Digital Technologies, Inc.)
WhatsApp (HKU\S-1-5-21-3597564769-968549059-3920177797-1005\...\WhatsApp) (Version: 0.3.9309 - WhatsApp)
WhatsApp (HKU\S-1-5-21-3597564769-968549059-3920177797-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12202019014044384\...\WhatsApp) (Version: 0.3.9308 - WhatsApp)
WhatsApp (HKU\S-1-5-21-3597564769-968549059-3920177797-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12202019014049760\...\WhatsApp) (Version: 0.3.9308 - WhatsApp)
Winamp (HKLM-x32\...\Winamp) (Version: 5.63 - Nullsoft, Inc)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Movie Maker 2016 (HKLM-x32\...\{3CC29C1A-B5FE-457B-8F22-32A2557A92C7}}_is1) (Version: - windows-movie-maker.org)
Windows Movie Maker 2019 (HKLM\...\{9CC29C6A-B5FE-497B-8F23-52A2557A92C0}}_is1) (Version: - VideoWin)
WinHex (HKLM-x32\...\WinHex) (Version: - )
WinHTTrack Website Copier 3.49-2 (x64) (HKLM\...\WinHTTrack Website Copier_is1) (Version: 3.49.2 - HTTrack)
WinISO 5.3 (HKLM-x32\...\WinISO_is1) (Version: - WinISO Computing Inc.)
WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)
WinRAR 5.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
WinSCP 5.13.3 (HKLM-x32\...\winscp3_is1) (Version: 5.13.3 - Martin Prikryl)
WinZip 17.0 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240D7}) (Version: 17.0.10283 - WinZip Computing, S.L. )
XAMPP (HKLM-x32\...\xampp) (Version: 7.2.2-0 - Bitnami)
XBSlink (HKLM-x32\...\XBSlink) (Version: - )
XLink Kai (HKLM-x32\...\{B80143CB-7FCF-46F0-9A38-75BFAAB462F9}) (Version: 7.4.30.1 - Team XLink) Hidden
XLink Kai (HKLM-x32\...\{d86f7b48-48d2-4848-8a06-62ae2ab8c766}) (Version: 7.4.30.1 - Team XLink)
Xperia Companion (HKLM-x32\...\{44263da6-788d-4cd9-be25-ba05829e3fb4}) (Version: 1.5.12.0 - Sony)
Xperia Companion (HKLM-x32\...\{DE803B8F-8EFE-4018-AFD1-D0F708A75D50}) (Version: 1.5.12.0 - Sony) Hidden
yabause 0.9.15 (HKLM-x32\...\ (Win64)) (Version: 0.9.15 - Yabause team)
Yamaha Steinberg USB Driver (HKLM\...\{08D120AF-A2AF-4E3A-934C-7A48BA97DEEE}) (Version: 1.9.2 - Yamaha Corporation) Hidden
Yamaha Steinberg USB Driver (HKLM-x32\...\InstallShield_{08D120AF-A2AF-4E3A-934C-7A48BA97DEEE}) (Version: 1.9.2 - Yamaha Corporation)
YAMAHA THR Editor (HKLM-x32\...\{5115B75F-32BF-42CB-A8BC-2F0A71C4DF93}) (Version: 1.0.0 - Yamaha Corporation)
ZBrush 4R7 (HKLM-x32\...\ZBrush 4R7 4R7) (Version: 4R7 - Pixologic)
Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x64) - RUS (HKLM\...\{25FB53C5-BE4C-3B6C-A0C9-D49A39227E1E}) (Version: 11.0.51108 - Microsoft Corporation) Hidden
Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x86) - RUS (HKLM-x32\...\{68DC347D-C1C0-3DE2-A53E-CCC71DA53E57}) (Version: 11.0.51108 - Microsoft Corporation) Hidden
Packages:
=========
Candy Crush Friends -> C:\Program Files\WindowsApps\king.com.CandyCrushFriends_1.26.7.0_x86__kgqvnymyfvs32 [2019-11-29] (king.com)
Candy Crush Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSaga_1.1652.1.0_x86__kgqvnymyfvs32 [2019-12-03] (king.com)
Cooking Fever -> C:\Program Files\WindowsApps\NORDCURRENT.COOKINGFEVER_7.0.0.2_x86__m9bz608c1b9ra [2019-12-04] (Nordcurrent)
Correo y Calendario -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.12228.20276.0_x64__8wekyb3d8bbwe [2019-11-26] (Microsoft Corporation) [MS Ad]
DirectX -> C:\Program Files\WindowsApps\Microsoft.DirectXRuntime_9.29.952.0_x64__8wekyb3d8bbwe [2019-09-09] (Microsoft Corporation)
DirectX -> C:\Program Files\WindowsApps\Microsoft.DirectXRuntime_9.29.952.0_x86__8wekyb3d8bbwe [2019-09-09] (Microsoft Corporation)
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.1.3801.0_x64__rz1tebttyb220 [2019-12-01] (Dolby Laboratories)
Fitbit Coach -> C:\Program Files\WindowsApps\Fitbit.FitbitCoach_4.4.133.0_x64__6mqt6hf9g46tw [2019-03-23] (Fitbit)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-03-22] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-03-22] (Microsoft Corporation) [MS Ad]
Microsoft News: Noticias destacadas en español -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.33.13094.0_x64__8wekyb3d8bbwe [2019-11-13] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.4.11052.0_x64__8wekyb3d8bbwe [2019-11-09] (Microsoft Studios) [MS Ad]
MSN Deportes -> C:\Program Files\WindowsApps\Microsoft.BingSports_4.31.11905.0_x64__8wekyb3d8bbwe [2019-07-20] (Microsoft Corporation) [MS Ad]
MSN Dinero -> C:\Program Files\WindowsApps\Microsoft.BingFinance_4.31.11905.0_x64__8wekyb3d8bbwe [2019-07-20] (Microsoft Corporation) [MS Ad]
MSN El Tiempo -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.33.13253.0_x64__8wekyb3d8bbwe [2019-11-24] (Microsoft Corporation) [MS Ad]
MSN Recetas -> C:\Program Files\WindowsApps\Microsoft.BingFoodAndDrink_3.0.4.336_x64__8wekyb3d8bbwe [2016-07-12] (Microsoft Corporation) [MS Ad]
MSN Salud y Bienestar -> C:\Program Files\WindowsApps\Microsoft.BingHealthAndFitness_3.0.4.336_x64__8wekyb3d8bbwe [2016-07-12] (Microsoft Corporation) [MS Ad]
MSN Viajes -> C:\Program Files\WindowsApps\Microsoft.BingTravel_3.0.4.336_x64__8wekyb3d8bbwe [2016-07-12] (Microsoft Corporation) [MS Ad]
Phototastic Collage -> C:\Program Files\WindowsApps\ThumbmunkeysLtd.PhototasticCollage_2.2.16.0_x64__nfy108tqq3p12 [2019-09-26] (Thumbmunkeys Ltd) [MS Ad]
Servicios de juegos -> C:\Program Files\WindowsApps\Microsoft.GamingServices_1.34.7001.0_x64__8wekyb3d8bbwe [2019-10-09] (Microsoft Corporation)
Xbox (Beta) -> C:\Program Files\WindowsApps\Microsoft.GamingApp_1911.1001.8.0_x64__8wekyb3d8bbwe [2019-11-06] (Microsoft Corporation) [Startup Task]
Xbox One SmartGlass -> C:\Program Files\WindowsApps\Microsoft.XboxOneSmartGlass_2.2.1702.2004_x64__8wekyb3d8bbwe [2019-09-10] (Microsoft Corporation)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3597564769-968549059-3920177797-1005_Classes\CLSID\{3560575F-7C2D-48AE-AB45-DAD430A95EBE}\InprocServer32 -> C:\Program Files\WinZip\adxloader64.dll () [File not signed]
CustomCLSID: HKU\S-1-5-21-3597564769-968549059-3920177797-1005_Classes\CLSID\{6514CF27-CAB1-4577-81A9-EC81618C5003}\InprocServer32 -> C:\Program Files (x86)\FlexHEX\FlexCtx64.dll (Inv Softworks LLC -> Inv Softworks LLC)
CustomCLSID: HKU\S-1-5-21-3597564769-968549059-3920177797-1005_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A} -> [Dropbox] => C:\Users\DHAMPIRD\Dropbox [2016-07-28 20:22]
SSODL: CallbackTechMountNotificator-cbfsdisk2017 - {3D941C7B-07D7-407E-8DA1-FB470AE7B47B} - C:\Windows\system32\CBFSDiskMntNtf2017.dll (Callback Technologies, Inc. -> Callback Technologies, Inc.)
SSODL-x32: CallbackTechMountNotificator-cbfsdisk2017 - {3D941C7B-07D7-407E-8DA1-FB470AE7B47B} - C:\Windows\SysWOW64\CBFSDiskMntNtf2017.dll (Callback Technologies, Inc. -> Callback Technologies, Inc.)
ShellServiceObjects: Virtual Storage Mount Notification -> {3D941C7B-07D7-407E-8DA1-FB470AE7B47B} => C:\Windows\system32\CBFSDiskMntNtf2017.dll [2018-03-23] (Callback Technologies, Inc. -> Callback Technologies, Inc.)
ShellServiceObjects-x32: Virtual Storage Mount Notification -> {3D941C7B-07D7-407E-8DA1-FB470AE7B47B} => C:\Windows\SysWOW64\CBFSDiskMntNtf2017.dll [2018-03-23] (Callback Technologies, Inc. -> Callback Technologies, Inc.)
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\DHAMPIRD\AppData\Local\MEGAsync\ShellExtX64.dll [2019-06-28] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\DHAMPIRD\AppData\Local\MEGAsync\ShellExtX64.dll [2019-06-28] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\DHAMPIRD\AppData\Local\MEGAsync\ShellExtX64.dll [2019-06-28] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync64.dll [2019-10-24] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync64.dll [2019-10-24] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync64.dll [2019-10-24] (Google LLC -> Google)
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\DHAMPIRD\AppData\Local\MEGAsync\ShellExtX64.dll [2019-06-28] (Mega Limited -> )
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\DHAMPIRD\AppData\Local\MEGAsync\ShellExtX64.dll [2019-06-28] (Mega Limited -> )
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\DHAMPIRD\AppData\Local\MEGAsync\ShellExtX64.dll [2019-06-28] (Mega Limited -> )
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
Addition (segundaparte)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2006-05-14] () [File not signed]
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1-x32: [EPPShellEx] -> {509FE1AF-ADD5-49EC-BC55-7CF81FD16E78} => C:\Program Files (x86)\EPSON\Creativity Suite\Easy Photo Print\EPPShell.dll [2006-04-13] (SEIKO EPSON CORPORATION) [File not signed]
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2019-12-07] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2019-10-24] (Google LLC -> Google)
ContextMenuHandlers1: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => -> No File
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\DHAMPIRD\AppData\Local\MEGAsync\ShellExtX64.dll [2019-06-28] (Mega Limited -> )
ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2019-10-25] (Apple Inc. -> Apple Inc.)
ContextMenuHandlers1: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files (x86)\PowerISO\PWRISOSH.DLL [2008-07-07] (PowerISO Computing, Inc.) [File not signed]
ContextMenuHandlers1: [WDBackupMenuHandler] -> {C752BC82-C19A-4827-9C15-0996BA85C180} => C:\Program Files\Western Digital\WD SmartWare\\WDContextMenuHandler.dll [2016-04-19] (WESTERN DIGITAL TECHNOLOGIES -> Western Digital Technologies, Inc.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2013-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2013-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\wzshls64.dll [2012-10-12] (WinZip Computing -> WinZip Computing, S.L.)
ContextMenuHandlers2: [DaemonShellExtDrive] -> {A5415364-784A-41A5-B47A-D452909CA8FF} => C:\Program Files\DAEMON Tools Pro\DTShl64.dll [2017-05-17] (Disc Soft Ltd -> Disc Soft Ltd)
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2019-12-07] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers3: [DaemonShellExtImage] -> {40966797-8FFE-46C8-9EF8-7003F33CCF0F} => C:\Program Files\DAEMON Tools Pro\DTShl64.dll [2017-05-17] (Disc Soft Ltd -> Disc Soft Ltd)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-12-05] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\DHAMPIRD\AppData\Local\MEGAsync\ShellExtX64.dll [2019-06-28] (Mega Limited -> )
ContextMenuHandlers3: [UnlockerShellExtension] -> {DDE4BEEB-DDE6-48fd-8EB5-035C09923F83} => C:\Program Files\Unlocker\UnlockerCOM.dll [2010-07-15] (Empty Loop -> )
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2006-05-14] () [File not signed]
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2019-10-24] (Google LLC -> Google)
ContextMenuHandlers4: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => -> No File
ContextMenuHandlers4: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\wzshls64.dll [2012-10-12] (WinZip Computing -> WinZip Computing, S.L.)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2019-12-07] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2015-03-17] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2019-12-07] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers6: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => -> No File
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-12-05] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [UltraISO] -> {AD392E40-428C-459F-961E-9B147782D099} => C:\Program Files (x86)\UltraISO\isoshl64.dll [2014-01-02] (SHENZHEN YIBO DIGITAL SYSTEMS DEVELOPMENT CO. LTD. -> EZB Systems, Inc.)
ContextMenuHandlers6: [UnlockerShellExtension] -> {DDE4BEEB-DDE6-48fd-8EB5-035C09923F83} => C:\Program Files\Unlocker\UnlockerCOM.dll [2010-07-15] (Empty Loop -> )
ContextMenuHandlers6: [WDBackupMenuHandler] -> {C752BC82-C19A-4827-9C15-0996BA85C180} => C:\Program Files\Western Digital\WD SmartWare\\WDContextMenuHandler.dll [2016-04-19] (WESTERN DIGITAL TECHNOLOGIES -> Western Digital Technologies, Inc.)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2013-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2013-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\wzshls64.dll [2012-10-12] (WinZip Computing -> WinZip Computing, S.L.)
ContextMenuHandlers1_S-1-5-21-3597564769-968549059-3920177797-1005: [FlexHEX Menu] -> {6514CF27-CAB1-4577-81A9-EC81618C5003} => C:\Program Files (x86)\FlexHEX\FlexCtx64.dll [2018-06-30] (Inv Softworks LLC -> Inv Softworks LLC)
==================== Codecs (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Drivers32: [VIDC.X264] => C:\Windows\system32\x264vfw64.dll [3799552 2017-07-30] (x264vfw project) [File not signed]
HKLM\...\Drivers32: [VIDC.HFYU] => C:\Windows\system32\huffyuv.dll [55296 2005-01-22] () [File not signed]
HKLM\...\Drivers32: [VIDC.LAGS] => C:\Windows\system32\lagarith.dll [148992 2011-12-07] ( ) [File not signed]
HKLM\...\Drivers32: [VIDC.XVID] => C:\Windows\system32\xvidvfw.dll [311296 2018-01-28] () [File not signed]
HKLM\...\Drivers32: [msacm.ac3acm] => C:\Windows\system32\ac3acm.acm [180736 2012-07-21] (fccHandler) [File not signed]
HKLM\...\Drivers32: [msacm.vorbis] => C:\Windows\SysWOW64\vorbis.acm [1554944 2015-03-11] (HMS hxxp://hp.vector.co.jp/authors/VA012897/) [File not signed]
HKLM\...\Drivers32: [VIDC.X264] => C:\Windows\SysWOW64\x264vfw.dll [3850240 2017-07-30] (x264vfw project) [File not signed]
HKLM\...\Drivers32: [VIDC.HFYU] => C:\Windows\SysWOW64\huffyuv.dll [39936 2004-05-18] (Disappearing Inc.) [File not signed]
HKLM\...\Drivers32: [VIDC.LAGS] => C:\Windows\SysWOW64\lagarith.dll [216064 2011-12-07] ( ) [File not signed]
HKLM\...\Drivers32: [VIDC.XVID] => C:\Windows\SysWOW64\xvidvfw.dll [284672 2018-01-28] () [File not signed]
HKLM\...\Drivers32: [msacm.ac3acm] => C:\Windows\SysWOW64\ac3acm.acm [122880 2012-07-21] (fccHandler) [File not signed]
HKLM\...\Drivers32: [msacm.lameacm] => C:\Windows\SysWOW64\lameACM.acm [473088 2015-02-25] (hxxp://www.mp3dev.org/) [File not signed]
HKLM\...\Drivers32: [VIDC.FFDS] => C:\Windows\SysWOW64\ff_vfw.dll [112128 2015-10-24] () [File not signed]
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
Shortcut: C:\Users\DHAMPIRD\Desktop\SWITCH\CDNSP(USAR ESTE).lnk -> C:\Users\DHAMPIRD\Desktop\SWITCH\CDNSP(USAR ESTE).bat ()
Shortcut: C:\Users\DHAMPIRD\Desktop\SWITCH\NSCB.bat.lnk -> C:\SWITCH\NSC_BUILDER-master\NSCB.bat ()
Shortcut: C:\Users\DHAMPIRD\Desktop\PS4\+++++++5.05 LAST UPDATES (USAR ESTE ES EL ULTIMO)++++++.lnk -> C:\PS4\+5.05 LAST UPDATES+\5.05 XPLOIT SERVER LAN.bat ()
Shortcut: C:\Users\DHAMPIRD\Desktop\PS4\++++++XPLOIT HEN1.8+ VR 5.05.bat.lnk -> C:\PS4\+ps4-hen-VR 505+\5.05 XPLOIT SERVER LAN.bat ()
Shortcut: C:\Users\DHAMPIRD\Desktop\PS4\5.05 XPLOIT ALL PAYLOADS SERVER LAN.bat.lnk -> C:\PS4\ALL PAYLOADS\5.05 XPLOIT SERVER LAN.bat ()
Shortcut: C:\Users\DHAMPIRD\Desktop\PS4\5.05 XPLOIT HEN V1.7 SERVER LAN.lnk -> C:\PS4\5.0.5 ps4-hen-vtx v1.7\exploit\5.05 XPLOIT HEN V1.7 SERVER LAN.bat ()
Shortcut: C:\Users\DHAMPIRD\Desktop\PS4\5.05 XPLOIT SERVER LAN 1.8 HEN.bat.lnk -> C:\PS4\HEN 1.8\5.05 XPLOIT SERVER LAN 1.8 HEN.bat ()
Shortcut: C:\Users\DHAMPIRD\Desktop\PS4\5.05 XPLOIT SERVER LAN.lnk -> C:\PS4\5.05\5.05 XPLOIT SERVER LAN.bat ()
Shortcut: C:\Users\DHAMPIRD\Desktop\PS4\5.05 XPLOIT VORTEX HEN AND MIRA SERVER LAN.lnk -> C:\PS4\5.05 Vortex and MIRA\5.05 XPLOIT SERVER LAN.bat ()
Shortcut: C:\Users\DHAMPIRD\Desktop\PS4\5.05 XVORTEX SIN MIRA XPLOIT SERVER LAN.lnk -> C:\PS4\5.05-hen-vtx\exploit\5.05 XPLOIT SERVER LAN.bat ()
Shortcut: C:\Users\DHAMPIRD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DVDFab 11 (x64)\Visitar o site do DVDFab.lnk -> hxxp://www.dvdfab.cn/?s=dvdfab11&p=x64&v=11.0.3.
ShortcutWithArgument: C:\Users\DHAMPIRD\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\d249d9ddd424b688\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default
==================== Loaded Modules (Whitelisted) =============
2019-07-10 14:25 - 2013-04-25 04:01 - 000028160 _____ () [File not signed] C:\altera\13.0\quartus\bin64\ccl_ver.dll
2019-07-10 14:25 - 2013-04-25 02:50 - 000879616 _____ () [File not signed] C:\altera\13.0\quartus\bin64\dinkum_alt.dll
2017-03-28 14:32 - 2017-03-28 14:32 - 000073216 _____ () [File not signed] C:\Program Files (x86)\Garmin\Device Interaction Service\FixBootSector.dll
2017-02-14 08:42 - 2017-02-14 08:42 - 000326144 _____ () [File not signed] C:\Program Files (x86)\Garmin\Device Interaction Service\GpsImgWrapper.dll
2019-02-22 23:55 - 2008-03-07 11:55 - 000053248 _____ () [File not signed] C:\Program Files (x86)\myiHome\app\jRegistryKey.dll
2019-02-22 23:55 - 2008-03-07 11:55 - 000058368 _____ () [File not signed] C:\Program Files (x86)\myiHome\app\jshortcut.dll
2019-02-22 23:55 - 2008-03-07 11:55 - 000051200 _____ () [File not signed] C:\Program Files (x86)\myiHome\app\TrayIcon12.dll
2019-03-14 15:54 - 2019-03-14 15:54 - 000038400 _____ () [File not signed] C:\Program Files\Elgato\StreamDeck\giflib5.dll
2019-10-14 01:58 - 2019-10-14 01:58 - 000336384 _____ () [File not signed] C:\Users\DHAMPIRD\AppData\Local\Plex Media Server\Codecs\20fed83-2561-windows-x86\ac3_decoder.dll
2019-10-14 01:58 - 2019-10-14 01:58 - 000750080 _____ () [File not signed] C:\Users\DHAMPIRD\AppData\Local\Plex Media Server\Codecs\20fed83-2561-windows-x86\flv_decoder.dll
2019-10-14 01:58 - 2019-10-14 01:58 - 001558016 _____ () [File not signed] C:\Users\DHAMPIRD\AppData\Local\Plex Media Server\Codecs\20fed83-2561-windows-x86\h264_decoder.dll
2019-10-14 01:58 - 2019-10-14 01:58 - 000817152 _____ () [File not signed] C:\Users\DHAMPIRD\AppData\Local\Plex Media Server\Codecs\20fed83-2561-windows-x86\hevc_decoder.dll
2019-10-14 01:58 - 2019-10-14 01:58 - 000578560 _____ () [File not signed] C:\Users\DHAMPIRD\AppData\Local\Plex Media Server\Codecs\20fed83-2561-windows-x86\mp3_decoder.dll
2019-10-14 01:58 - 2019-10-14 01:58 - 000547840 _____ () [File not signed] C:\Users\DHAMPIRD\AppData\Local\Plex Media Server\Codecs\20fed83-2561-windows-x86\mpeg1video_decoder.dll
2019-10-14 01:58 - 2019-10-14 01:58 - 000559616 _____ () [File not signed] C:\Users\DHAMPIRD\AppData\Local\Plex Media Server\Codecs\20fed83-2561-windows-x86\mpeg2video_decoder.dll
2019-10-14 01:58 - 2019-10-14 01:58 - 001267200 _____ () [File not signed] C:\Users\DHAMPIRD\AppData\Local\Plex Media Server\Codecs\20fed83-2561-windows-x86\mpeg4_decoder.dll
2019-10-14 01:58 - 2019-10-14 01:58 - 001496576 _____ () [File not signed] C:\Users\DHAMPIRD\AppData\Local\Plex Media Server\Codecs\20fed83-2561-windows-x86\msmpeg4v2_decoder.dll
2019-10-14 01:58 - 2019-10-14 01:58 - 001496576 _____ () [File not signed] C:\Users\DHAMPIRD\AppData\Local\Plex Media Server\Codecs\20fed83-2561-windows-x86\msmpeg4v3_decoder.dll
2019-10-14 01:58 - 2019-10-14 01:58 - 000257536 _____ () [File not signed] C:\Users\DHAMPIRD\AppData\Local\Plex Media Server\Codecs\20fed83-2561-windows-x86\svq1_decoder.dll
2019-10-14 01:58 - 2019-10-14 01:58 - 002117120 _____ () [File not signed] C:\Users\DHAMPIRD\AppData\Local\Plex Media Server\Codecs\20fed83-2561-windows-x86\vc1_decoder.dll
2019-10-14 01:58 - 2019-10-14 01:58 - 001717248 _____ () [File not signed] C:\Users\DHAMPIRD\AppData\Local\Plex Media Server\Codecs\20fed83-2561-windows-x86\vp9_decoder.dll
2019-10-14 01:58 - 2019-10-14 01:58 - 001496576 _____ () [File not signed] C:\Users\DHAMPIRD\AppData\Local\Plex Media Server\Codecs\20fed83-2561-windows-x86\wmv1_decoder.dll
2019-10-14 01:58 - 2019-10-14 01:58 - 002117120 _____ () [File not signed] C:\Users\DHAMPIRD\AppData\Local\Plex Media Server\Codecs\20fed83-2561-windows-x86\wmv3_decoder.dll
2019-12-20 01:42 - 2019-12-20 01:42 - 000114176 _____ () [File not signed] C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\_ctypes.pyd
2019-12-20 01:42 - 2019-12-20 01:42 - 000173056 _____ () [File not signed] C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\_elementtree.pyd
2019-12-20 01:42 - 2019-12-20 01:42 - 001808896 _____ () [File not signed] C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\_hashlib.pyd
2019-12-20 01:42 - 2019-12-20 01:42 - 000032256 _____ () [File not signed] C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\_multiprocessing.pyd
2019-12-20 01:42 - 2019-12-20 01:42 - 000046080 _____ () [File not signed] C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\_psutil_windows.pyd
2019-12-20 01:42 - 2019-12-20 01:42 - 000047616 _____ () [File not signed] C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\_socket.pyd
2019-12-20 01:42 - 2019-12-20 01:42 - 002241024 _____ () [File not signed] C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\_ssl.pyd
2019-12-20 01:42 - 2019-12-20 01:42 - 000026112 _____ () [File not signed] C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\_yappi.pyd
2019-12-20 01:42 - 2019-12-20 01:42 - 000080896 _____ () [File not signed] C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\bz2.pyd
2019-12-20 01:42 - 2019-12-20 01:42 - 000016384 _____ () [File not signed] C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\common.time34.pyd
2019-12-20 01:42 - 2019-12-20 01:42 - 000007680 _____ () [File not signed] C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\hashobjs_ext.pyd
2019-12-20 01:42 - 2019-12-20 01:42 - 000301568 _____ () [File not signed] C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\PIL._imaging.pyd
2019-12-20 01:42 - 2019-12-20 01:42 - 000169472 _____ () [File not signed] C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\pyexpat.pyd
2019-12-20 01:42 - 2019-12-20 01:42 - 001084416 _____ () [File not signed] C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\pysqlite2._sqlite.pyd
2019-12-20 01:42 - 2019-12-20 01:42 - 000548864 _____ () [File not signed] C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\pythoncom27.dll
2019-12-20 01:42 - 2019-12-20 01:42 - 000137728 _____ () [File not signed] C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\pywintypes27.dll
2019-12-20 01:42 - 2019-12-20 01:42 - 000010752 _____ () [File not signed] C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\select.pyd
2019-12-20 01:42 - 2019-12-20 01:42 - 000020992 _____ () [File not signed] C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\thumbnails_ext.pyd
2019-12-20 01:42 - 2019-12-20 01:42 - 000689664 _____ () [File not signed] C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\unicodedata.pyd
2019-12-20 01:42 - 2019-12-20 01:42 - 000119808 _____ () [File not signed] C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\usb_ext.pyd
2019-12-20 01:42 - 2019-12-20 01:42 - 000128512 _____ () [File not signed] C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\win32api.pyd
2019-12-20 01:42 - 2019-12-20 01:42 - 000438784 _____ () [File not signed] C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\win32com.shell.shell.pyd
2019-12-20 01:42 - 2019-12-20 01:42 - 000011776 _____ () [File not signed] C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\win32crypt.pyd
2019-12-20 01:42 - 2019-12-20 01:42 - 000023040 _____ () [File not signed] C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\win32event.pyd
2019-12-20 01:42 - 2019-12-20 01:42 - 000149504 _____ () [File not signed] C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\win32file.pyd
2019-12-20 01:42 - 2019-12-20 01:42 - 000223232 _____ () [File not signed] C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\win32gui.pyd
2019-12-20 01:42 - 2019-12-20 01:42 - 000048128 _____ () [File not signed] C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\win32inet.pyd
2019-12-20 01:42 - 2019-12-20 01:42 - 000029696 _____ () [File not signed] C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\win32pdh.pyd
2019-12-20 01:42 - 2019-12-20 01:42 - 000027648 _____ () [File not signed] C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\win32pipe.pyd
2019-12-20 01:42 - 2019-12-20 01:42 - 000044032 _____ () [File not signed] C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\win32process.pyd
2019-12-20 01:42 - 2019-12-20 01:42 - 000020480 _____ () [File not signed] C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\win32profile.pyd
2019-12-20 01:42 - 2019-12-20 01:42 - 000136192 _____ () [File not signed] C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\win32security.pyd
2019-12-20 01:42 - 2019-12-20 01:42 - 000026624 _____ () [File not signed] C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\win32ts.pyd
2019-12-20 01:42 - 2019-12-20 01:42 - 000034816 _____ () [File not signed] C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\windows.conditional.pyd
2019-12-20 01:42 - 2019-12-20 01:42 - 000038400 _____ () [File not signed] C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\windows.connectivity.pyd
2019-12-20 01:42 - 2019-12-20 01:42 - 000071680 _____ () [File not signed] C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\windows.device_monitor.pyd
2019-12-20 01:42 - 2019-12-20 01:42 - 000109056 _____ () [File not signed] C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\windows.volumes.pyd
2019-12-20 01:42 - 2019-12-20 01:42 - 000020480 _____ () [File not signed] C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\windows.winwrap.pyd
2019-12-20 01:42 - 2019-12-20 01:42 - 001325056 _____ () [File not signed] C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\wx._controls_.pyd
2019-12-20 01:42 - 2019-12-20 01:42 - 001489408 _____ () [File not signed] C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\wx._core_.pyd
2019-12-20 01:42 - 2019-12-20 01:42 - 001007104 _____ () [File not signed] C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\wx._gdi_.pyd
2019-12-20 01:42 - 2019-12-20 01:42 - 000103424 _____ () [File not signed] C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\wx._html2.pyd
2019-12-20 01:42 - 2019-12-20 01:42 - 000916992 _____ () [File not signed] C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\wx._misc_.pyd
2019-12-20 01:42 - 2019-12-20 01:42 - 001039872 _____ () [File not signed] C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\wx._windows_.pyd
2017-03-28 14:32 - 2017-03-28 14:32 - 001976832 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\Garmin\Device Interaction Service\XercesLib.dll
2019-12-16 05:38 - 2019-12-16 05:38 - 002253824 _____ (deniszykov) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\deniszykov.615d72e4#\703fbff8d67cf85e8e89507c9120a9af\deniszykov.WebSocketListener.ni.dll
2017-05-17 09:26 - 2019-03-27 19:15 - 005200576 _____ (Disc Soft Ltd -> Disc Soft Ltd) [File not signed] C:\Program Files\DAEMON Tools Pro\Engine.dll
2017-03-28 14:34 - 2017-03-28 14:34 - 000234496 _____ (Dynastream Innovations Inc.) [File not signed] C:\Program Files (x86)\Garmin\Device Interaction Service\ANT_WrappedLib.dll
2019-02-12 14:36 - 2019-02-12 14:36 - 000189952 _____ (Elgato Systems GmbH) [File not signed] C:\Program Files\Elgato\GameCapture\EGCAPILite.dll
2019-02-12 14:22 - 2019-02-12 14:22 - 001029632 _____ (Elgato Systems GmbH) [File not signed] C:\Program Files\Elgato\SoundCapture\ElgatoVAD_Router.dll
2017-03-28 14:32 - 2017-03-28 14:32 - 002711552 _____ (Garmin International) [File not signed] C:\Program Files (x86)\Garmin\Device Interaction Service\legacyio.dll
2017-02-14 08:42 - 2017-02-14 08:42 - 000343552 _____ (Garmin International, Inc.) [File not signed] C:\Program Files (x86)\Garmin\Device Interaction Service\IMG_GPSMAP.dll
2017-03-28 14:32 - 2017-03-28 14:32 - 000425472 _____ (Garmin) [File not signed] C:\Program Files (x86)\Garmin\Device Interaction Service\XMLdll.dll
2019-07-10 14:25 - 2013-04-25 02:50 - 000070144 _____ (Intel Corporation) [File not signed] C:\altera\13.0\quartus\bin64\tbbmalloc.dll
2019-07-10 14:25 - 2013-04-25 02:50 - 000024576 _____ (Intel Corporation) [File not signed] C:\altera\13.0\quartus\bin64\tbbmalloc_proxy.dll
2019-12-20 09:58 - 2019-12-20 09:58 - 000198144 ____N (Java(TM) Native Access (JNA)) [File not signed] C:\Users\DHAMPIRD\AppData\Local\JDownloader v2.0\tmp\jna\jna3475133438970945181.dll
2019-12-16 05:38 - 2019-12-16 05:38 - 000399360 _____ (Microsoft) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Microsoft.W8090224c#\eda9371edfe3a881cbc7bebd02829c0c\Microsoft.WindowsAPICodePack.ni.dll
2019-12-16 05:36 - 2019-12-16 05:36 - 002888192 _____ (Newtonsoft) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Newtonsoft.Json\ba1b954bb351d340490b8af0c8feff26\Newtonsoft.Json.ni.dll
2019-12-20 01:42 - 2019-12-20 01:42 - 003042816 _____ (Python Software Foundation) [File not signed] C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\python27.dll
2016-04-19 11:02 - 2016-04-19 11:02 - 001006080 ____R (Robert Simpson, et al.) [File not signed] C:\Program Files (x86)\Western Digital\WD SmartWare\System.Data.SQLite.dll
2017-03-28 14:32 - 2017-03-28 14:32 - 000090112 _____ (Silicon Laboratories, Inc.) [File not signed] C:\Program Files (x86)\Garmin\Device Interaction Service\DSI_SiUSBXp_3_1.DLL
2019-03-14 15:54 - 2019-03-14 15:54 - 001742848 _____ (SQLite Development Team) [File not signed] C:\Program Files\Elgato\StreamDeck\sqlite3.dll
2017-02-06 14:25 - 2017-02-06 14:25 - 001412608 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\FileZilla Server\libeay32.dll
2017-02-06 14:25 - 2017-02-06 14:25 - 000365056 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\FileZilla Server\ssleay32.dll
2018-09-10 21:24 - 2018-09-10 21:24 - 001548288 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\LIBEAY32.dll
2018-09-10 21:24 - 2018-09-10 21:24 - 000395776 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\ssleay32.dll
2019-03-14 15:54 - 2019-03-14 15:54 - 002278912 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\Elgato\StreamDeck\LIBEAY32.dll
2019-03-14 15:54 - 2019-03-14 15:54 - 000386560 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\Elgato\StreamDeck\ssleay32.dll
2018-09-10 21:24 - 2018-09-10 21:24 - 001611264 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\platforms\qwindows.dll
2018-09-10 21:24 - 2018-09-10 21:24 - 005487104 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Core.dll
2018-09-10 21:24 - 2018-09-10 21:24 - 005841920 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Gui.dll
2018-09-10 21:24 - 2018-09-10 21:24 - 001177600 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Network.dll
2018-09-10 21:24 - 2018-09-10 21:24 - 005089792 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Widgets.dll
2018-09-10 21:24 - 2018-09-10 21:24 - 000184832 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Xml.dll
2019-03-07 19:18 - 2019-03-07 19:18 - 000047616 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Elgato\StreamDeck\bearer\qgenericbearer.dll
2019-03-07 19:17 - 2019-03-07 19:17 - 000031744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Elgato\StreamDeck\imageformats\qgif.dll
2019-03-07 19:37 - 2019-03-07 19:37 - 000040960 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Elgato\StreamDeck\imageformats\qicns.dll
2019-03-07 19:17 - 2019-03-07 19:17 - 000032256 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Elgato\StreamDeck\imageformats\qico.dll
2019-03-07 19:18 - 2019-03-07 19:18 - 000397312 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Elgato\StreamDeck\imageformats\qjpeg.dll
2019-03-07 19:38 - 2019-03-07 19:38 - 000025600 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Elgato\StreamDeck\imageformats\qsvg.dll
2019-03-07 19:37 - 2019-03-07 19:37 - 000025088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Elgato\StreamDeck\imageformats\qtga.dll
2019-03-07 19:37 - 2019-03-07 19:37 - 000374272 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Elgato\StreamDeck\imageformats\qtiff.dll
2019-03-07 19:37 - 2019-03-07 19:37 - 000023552 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Elgato\StreamDeck\imageformats\qwbmp.dll
2019-03-07 19:37 - 2019-03-07 19:37 - 000491520 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Elgato\StreamDeck\imageformats\qwebp.dll
2019-03-07 19:19 - 2019-03-07 19:19 - 001449472 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Elgato\StreamDeck\platforms\qwindows.dll
2019-04-17 11:27 - 2019-04-17 11:27 - 006129152 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Elgato\StreamDeck\Qt5Core.dll
2019-03-07 19:14 - 2019-03-07 19:14 - 006459392 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Elgato\StreamDeck\Qt5Gui.dll
2019-03-07 20:14 - 2019-03-07 20:14 - 000719360 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Elgato\StreamDeck\Qt5Multimedia.dll
2019-03-07 19:14 - 2019-03-07 19:14 - 001314816 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Elgato\StreamDeck\Qt5Network.dll
2019-03-07 20:33 - 2019-03-07 20:33 - 000317440 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Elgato\StreamDeck\Qt5Positioning.dll
2019-03-07 19:17 - 2019-03-07 19:17 - 000318464 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Elgato\StreamDeck\Qt5PrintSupport.dll
2019-03-07 20:04 - 2019-03-07 20:04 - 004006400 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Elgato\StreamDeck\Qt5Qml.dll
2019-03-07 19:59 - 2019-03-07 19:59 - 003773952 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Elgato\StreamDeck\Qt5Quick.dll
2019-03-07 20:01 - 2019-03-07 20:01 - 000072704 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Elgato\StreamDeck\Qt5QuickWidgets.dll
2019-03-07 19:38 - 2019-03-07 19:38 - 000331264 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Elgato\StreamDeck\Qt5Svg.dll
2019-03-07 20:18 - 2019-03-07 20:18 - 000113664 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Elgato\StreamDeck\Qt5WebChannel.dll
2019-03-08 00:11 - 2019-03-08 00:11 - 077765120 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Elgato\StreamDeck\Qt5WebEngineCore.dll
2019-03-08 00:32 - 2019-03-08 00:32 - 000227840 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Elgato\StreamDeck\Qt5WebEngineWidgets.dll
2019-03-07 20:13 - 2019-03-07 20:13 - 000148992 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Elgato\StreamDeck\Qt5WebSockets.dll
2019-03-07 19:16 - 2019-03-07 19:16 - 005579776 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Elgato\StreamDeck\Qt5Widgets.dll
2019-03-07 19:18 - 2019-03-07 19:18 - 000137216 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Elgato\StreamDeck\styles\qwindowsvistastyle.dll
2019-12-20 01:42 - 2019-12-20 01:42 - 000202240 _____ (wxWidgets development team) [File not signed] C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\wxbase30u_net_vc90_x64.dll
2019-12-20 01:42 - 2019-12-20 01:42 - 002831872 _____ (wxWidgets development team) [File not signed] C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\wxbase30u_vc90_x64.dll
2019-12-20 01:42 - 2019-12-20 01:42 - 001654784 _____ (wxWidgets development team) [File not signed] C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\wxmsw30u_adv_vc90_x64.dll
2019-12-20 01:42 - 2019-12-20 01:42 - 006542336 _____ (wxWidgets development team) [File not signed] C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\wxmsw30u_core_vc90_x64.dll
2019-12-20 01:42 - 2019-12-20 01:42 - 000773632 _____ (wxWidgets development team) [File not signed] C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\wxmsw30u_html_vc90_x64.dll
2019-12-20 01:42 - 2019-12-20 01:42 - 000137216 _____ (wxWidgets development team) [File not signed] C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\wxmsw30u_webview_vc90_x64.dll
==================== Alternate Data Streams (Whitelisted) ========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\ProgramData\TEMP:1AAB2E68 [183]
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) =================
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
HKLM\...\.scr: EAGLESCR => "c:\EAGLE 8.7.0\eagle.exe" -C "" "%1" <==== ATTENTION
==================== Internet Explorer trusted/restricted ==========
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2018-07-31 15:50 - 2019-12-05 03:48 - 000000159 _____ C:\WINDOWS\system32\drivers\etc\hosts
0.0.0.0 telemetry.malwarebytes.com
0.0.0.0 telemetry.malwarebytes.com
0.0.0.0 telemetry.mwbsys.com
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Python27\;C:\Python27\Scripts;C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\Common Files\Intel\Shared Files\cpp\bin\Intel64;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Toon Boom Animation\Toon Boom StoryboardProTrial\nt\bin;C:\Program Files (x86)\Common Files\Autodesk Shared\;C:\Program Files\Common Files\Autodesk Shared\;C:\Program Files (x86)\Autodesk\Backburner\;C:\Program Files (x86)\Skype\Phone\;C:\Program Files\nodejs\;C:\Program Files\Git\cmd;C:\Program Files (x86)\GtkSharp\2.12\bin;c:\users\dhampird\appdata\local\programs\python\python37\Scripts;C:\Program Files (x86)\QuickTime\QTSystem\;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\Program Files (x86)\Windows Live\Shared;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12202019014046400\Control Panel\Desktop\\Wallpaper ->
HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12202019014034361\Control Panel\Desktop\\Wallpaper ->
HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12202019014047244\Control Panel\Desktop\\Wallpaper ->
HKU\S-1-5-21-3597564769-968549059-3920177797-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12202019014036595\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
HKU\S-1-5-21-3597564769-968549059-3920177797-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12202019014047869\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
HKU\S-1-5-21-3597564769-968549059-3920177797-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12202019014042369\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
HKU\S-1-5-21-3597564769-968549059-3920177797-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12202019014048807\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
HKU\S-1-5-21-3597564769-968549059-3920177797-1005\Control Panel\Desktop\\Wallpaper -> C:\Users\DHAMPIRD\AppData\Roaming\IrfanView\IrfanView_Wallpaper.bmp
HKU\S-1-5-21-3597564769-968549059-3920177797-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12202019014044384\Control Panel\Desktop\\Wallpaper -> C:\Users\DHAMPIRD\AppData\Roaming\IrfanView\IrfanView_Wallpaper.bmp
HKU\S-1-5-21-3597564769-968549059-3920177797-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12202019014049760\Control Panel\Desktop\\Wallpaper -> C:\Users\DHAMPIRD\AppData\Roaming\IrfanView\IrfanView_Wallpaper.bmp
DNS Servers: 213.60.205.175
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 0) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
mpsdrv => Firewall Service is not running.
MpsSvc => Firewall Service is not running.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\StartupFolder: => "HDDHealth.lnk"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0"
HKLM\...\StartupApproved\Run32: => "AdobeCS6ServiceManager"
HKLM\...\StartupApproved\Run32: => "SwitchBoard"
HKLM\...\StartupApproved\Run32: => "WD Drive Unlocker"
HKLM\...\StartupApproved\Run32: => "WD Quick View"
HKLM\...\StartupApproved\Run32: => "Autodesk Desktop App"
HKLM\...\StartupApproved\Run32: => "CloneCDTray"
HKLM\...\StartupApproved\Run32: => "MMTray"
HKLM\...\StartupApproved\Run32: => "Nikon Message Center 2"
HKLM\...\StartupApproved\Run32: => "PWRISOVM.EXE"
HKLM\...\StartupApproved\Run32: => "FileZilla Server Interface"
HKLM\...\StartupApproved\Run32: => "iSkysoft Helper Compact.exe"
HKU\S-1-5-21-3597564769-968549059-3920177797-1005\...\StartupApproved\StartupFolder: => "MEGAsync.lnk"
HKU\S-1-5-21-3597564769-968549059-3920177797-1005\...\StartupApproved\Run: => "DAEMON Tools Pro Agent"
HKU\S-1-5-21-3597564769-968549059-3920177797-1005\...\StartupApproved\Run: => "GarminExpressTrayApp"
HKU\S-1-5-21-3597564769-968549059-3920177797-1005\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-3597564769-968549059-3920177797-1005\...\StartupApproved\Run: => "XperiaCompanionAgent"
HKU\S-1-5-21-3597564769-968549059-3920177797-1005\...\StartupApproved\Run: => "iCloudServices"
HKU\S-1-5-21-3597564769-968549059-3920177797-1005\...\StartupApproved\Run: => "EPSON Stylus DX4400 Series (Copiar 1)"
HKU\S-1-5-21-3597564769-968549059-3920177797-1005\...\StartupApproved\Run: => "iCloudPhotos"
HKU\S-1-5-21-3597564769-968549059-3920177797-1005\...\StartupApproved\Run: => "ApplePhotoStreams"
HKU\S-1-5-21-3597564769-968549059-3920177797-1005\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-3597564769-968549059-3920177797-1005\...\StartupApproved\Run: => "DisplayFusion"
HKU\S-1-5-21-3597564769-968549059-3920177797-1005\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-3597564769-968549059-3920177797-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12202019014044384\...\StartupApproved\StartupFolder: => "MEGAsync.lnk"
HKU\S-1-5-21-3597564769-968549059-3920177797-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12202019014044384\...\StartupApproved\Run: => "DAEMON Tools Pro Agent"
HKU\S-1-5-21-3597564769-968549059-3920177797-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12202019014044384\...\StartupApproved\Run: => "GarminExpressTrayApp"
HKU\S-1-5-21-3597564769-968549059-3920177797-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12202019014044384\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-3597564769-968549059-3920177797-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12202019014044384\...\StartupApproved\Run: => "XperiaCompanionAgent"
HKU\S-1-5-21-3597564769-968549059-3920177797-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12202019014044384\...\StartupApproved\Run: => "iCloudServices"
HKU\S-1-5-21-3597564769-968549059-3920177797-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12202019014044384\...\StartupApproved\Run: => "EPSON Stylus DX4400 Series (Copiar 1)"
HKU\S-1-5-21-3597564769-968549059-3920177797-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12202019014044384\...\StartupApproved\Run: => "iCloudPhotos"
HKU\S-1-5-21-3597564769-968549059-3920177797-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12202019014044384\...\StartupApproved\Run: => "ApplePhotoStreams"
HKU\S-1-5-21-3597564769-968549059-3920177797-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12202019014044384\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-3597564769-968549059-3920177797-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12202019014044384\...\StartupApproved\Run: => "DisplayFusion"
HKU\S-1-5-21-3597564769-968549059-3920177797-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12202019014044384\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-3597564769-968549059-3920177797-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12202019014049760\...\StartupApproved\StartupFolder: => "MEGAsync.lnk"
HKU\S-1-5-21-3597564769-968549059-3920177797-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12202019014049760\...\StartupApproved\Run: => "DAEMON Tools Pro Agent"
HKU\S-1-5-21-3597564769-968549059-3920177797-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12202019014049760\...\StartupApproved\Run: => "GarminExpressTrayApp"
HKU\S-1-5-21-3597564769-968549059-3920177797-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12202019014049760\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-3597564769-968549059-3920177797-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12202019014049760\...\StartupApproved\Run: => "XperiaCompanionAgent"
HKU\S-1-5-21-3597564769-968549059-3920177797-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12202019014049760\...\StartupApproved\Run: => "iCloudServices"
HKU\S-1-5-21-3597564769-968549059-3920177797-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12202019014049760\...\StartupApproved\Run: => "EPSON Stylus DX4400 Series (Copiar 1)"
HKU\S-1-5-21-3597564769-968549059-3920177797-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12202019014049760\...\StartupApproved\Run: => "iCloudPhotos"
HKU\S-1-5-21-3597564769-968549059-3920177797-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12202019014049760\...\StartupApproved\Run: => "ApplePhotoStreams"
HKU\S-1-5-21-3597564769-968549059-3920177797-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12202019014049760\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-3597564769-968549059-3920177797-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12202019014049760\...\StartupApproved\Run: => "DisplayFusion"
HKU\S-1-5-21-3597564769-968549059-3920177797-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12202019014049760\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{A910962C-DF36-438E-8B6E-3D6390C6F084}] => (Allow) LPort=8920
FirewallRules: [{FE4C239C-F90D-45CF-9459-28D0E37CBCBF}] => (Allow) LPort=8096
FirewallRules: [{6E168321-8409-4523-8363-5ABECE40190F}] => (Allow) LPort=7359
FirewallRules: [{28D04831-3AEF-4C51-919A-E3E08C9E036C}] => (Allow) C:\altera\13.0\quartus\bin64\jtagserver.exe () [File not signed]
FirewallRules: [{48FFBA4C-0190-4DAF-9E24-D51CD82E05EB}] => (Allow) C:\altera\13.0\quartus\bin64\jtagserver.exe () [File not signed]
FirewallRules: [UDP Query User{F7E20FFC-CF94-433D-8960-876CE64D55B0}C:\intelfpga_pro\18.0\qprogrammer\bin64\quartus_pgmw.exe] => (Allow) C:\intelfpga_pro\18.0\qprogrammer\bin64\quartus_pgmw.exe () [File not signed]
FirewallRules: [TCP Query User{4CED3F85-D677-44A5-A1FD-ADCA92CAE4FE}C:\intelfpga_pro\18.0\qprogrammer\bin64\quartus_pgmw.exe] => (Allow) C:\intelfpga_pro\18.0\qprogrammer\bin64\quartus_pgmw.exe () [File not signed]
FirewallRules: [UDP Query User{89E27FDF-F20A-4EE1-AA7E-E6FC2DE37148}C:\intelfpga_pro\18.0\qprogrammer\sopc_builder\bin\system-console.exe] => (Allow) C:\intelfpga_pro\18.0\qprogrammer\sopc_builder\bin\system-console.exe () [File not signed]
FirewallRules: [TCP Query User{1A4FC502-A34D-4140-A31B-489E9B34A23C}C:\intelfpga_pro\18.0\qprogrammer\sopc_builder\bin\system-console.exe] => (Allow) C:\intelfpga_pro\18.0\qprogrammer\sopc_builder\bin\system-console.exe () [File not signed]
FirewallRules: [{06C7E44E-2A5D-46C6-A519-F257C70B8F43}] => (Allow) C:\intelFPGA_pro\18.0\qprogrammer\bin64\jtagserver.exe () [File not signed]
FirewallRules: [{5AF7263D-2A03-4E61-A25A-F4068A67A396}] => (Allow) C:\intelFPGA_pro\18.0\qprogrammer\bin64\jtagserver.exe () [File not signed]
FirewallRules: [UDP Query User{E12C013D-BC69-4B53-8D8D-F7BC54515385}C:\program files\dvdfab 11\dvdfab64.exe] => (Allow) C:\program files\dvdfab 11\dvdfab64.exe (DVDFab Software Inc. -> DVDFab.cn)
FirewallRules: [TCP Query User{69A544C3-FB8C-4FF7-B40A-70F9197EAFED}C:\program files\dvdfab 11\dvdfab64.exe] => (Allow) C:\program files\dvdfab 11\dvdfab64.exe (DVDFab Software Inc. -> DVDFab.cn)
FirewallRules: [{0873C46A-2B21-4210-BD69-EB463BA277B2}] => (Allow) C:\Program Files (x86)\Sony\PS4 Remote Play\RemotePlay.exe (Sony Interactive Entertainment Inc. -> Sony Interactive Entertainment Inc.)
FirewallRules: [{C485F2D2-8F75-4057-9652-057C13D9D87B}] => (Allow) LPort=1900
FirewallRules: [{26CEC78D-A341-46BA-8FFD-7F51029E9233}] => (Allow) LPort=2869
FirewallRules: [{EC4EE69E-4A29-4A8C-AFA6-594EA46BCB42}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{3CF981F4-5AE6-48ED-B734-ABEDF6FBBCAC}C:\program files (x86)\winamp\winamp.exe] => (Allow) C:\program files (x86)\winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.)
FirewallRules: [TCP Query User{F9ABC6ED-E92B-4E98-A239-74A9A1A5BA49}C:\program files (x86)\winamp\winamp.exe] => (Allow) C:\program files (x86)\winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.)
FirewallRules: [UDP Query User{15D981A0-709C-4F1B-AD64-71260343D651}C:\program files (x86)\qbittorrent\qbittorrent.exe] => (Block) C:\program files (x86)\qbittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [TCP Query User{2C0DE502-9E9D-4665-9CA5-7DCA6576BFB0}C:\program files (x86)\qbittorrent\qbittorrent.exe] => (Block) C:\program files (x86)\qbittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [{8820A744-D333-47BE-A994-34CD973A6186}] => (Allow) C:\Program Files\Elgato\4KCaptureUtility\4KCaptureUtility.exe (Corsair Memory, Inc. -> Elgato Systems)
FirewallRules: [{22BE7613-CEAE-4731-9FB9-D4E9D81B8017}] => (Allow) C:\Program Files\Elgato\ControlCenter\ControlCenter.exe (Corsair Memory, Inc. -> Elgato Systems)
FirewallRules: [{75DA909F-1E1B-4FDF-A9A1-52328062F332}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{E99550B7-BBB0-480D-98FE-D747F41BDC6A}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{8039F889-5686-40C7-BF23-743DF6188907}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{A82583A1-9A97-4B1A-9B69-E240879DFF09}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{0310FDAD-6257-4279-9C72-927D0143B4AB}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{9A9135D4-144B-44A9-8D9E-166A72A81076}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{1E1CAF2B-1029-4305-AC9E-D7BA52147D73}] => (Allow) C:\Users\DHAMPIRD\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.) [File not signed]
FirewallRules: [{A3E1D6C0-A220-4E1B-A8EF-AE7A0D95E638}] => (Allow) C:\Users\DHAMPIRD\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.) [File not signed]
FirewallRules: [TCP Query User{034CD533-512E-40CC-94CD-A60C15EFDE3D}C:\program files (x86)\myihome\app\myihome-server.exe] => (Allow) C:\program files (x86)\myihome\app\myihome-server.exe () [File not signed]
FirewallRules: [UDP Query User{88B89EF8-956A-484A-83E6-6C6FDEEE0FF9}C:\program files (x86)\myihome\app\myihome-server.exe] => (Allow) C:\program files (x86)\myihome\app\myihome-server.exe () [File not signed]
FirewallRules: [{293054B4-B81C-4DC7-A93C-05DF7E9DA3A5}] => (Allow) C:\Program Files (x86)\Smith Micro\Anime Studio Pro 9\Anime Studio Pro.exe (Smith Micro Software, Inc. -> Smith Micro Software, Inc.)
FirewallRules: [{6DA6A2F3-81D0-4D36-93D8-8D90B47071BC}] => (Allow) C:\Program Files (x86)\Smith Micro\Anime Studio Pro 9\Anime Studio Pro.exe (Smith Micro Software, Inc. -> Smith Micro Software, Inc.)
FirewallRules: [{2AE9DDF9-57EF-4CEE-B277-97AE68D9DC59}] => (Allow) C:\Program Files\Smith Micro\Anime Studio Pro 9\Anime Studio Pro.exe (Smith Micro Software, Inc. -> Smith Micro Software, Inc.)
FirewallRules: [{076E79AF-81F1-4883-AE5C-399525C3CE4A}] => (Allow) C:\Program Files\Smith Micro\Anime Studio Pro 9\Anime Studio Pro.exe (Smith Micro Software, Inc. -> Smith Micro Software, Inc.)
FirewallRules: [TCP Query User{23D5689C-E46C-43C9-9D9D-014D9E448813}C:\program files (x86)\western digital\wd discovery software\wd discovery.exe] => (Allow) C:\program files (x86)\western digital\wd discovery software\wd discovery.exe () [File not signed]
FirewallRules: [UDP Query User{1D485239-FA34-476E-8648-3D504A063EDE}C:\program files (x86)\western digital\wd discovery software\wd discovery.exe] => (Allow) C:\program files (x86)\western digital\wd discovery software\wd discovery.exe () [File not signed]
FirewallRules: [{0B28550C-03C0-4E01-823A-16B137414138}] => (Allow) C:\Program Files\Autodesk\3ds Max 2015\NVIDIA\Satellite\raysat_3dsmax2015_64server.exe () [File not signed]
FirewallRules: [{891D1AD9-35E5-48E9-9DCC-C3F8C96D2F7F}] => (Allow) C:\Program Files\Autodesk\3ds Max 2015\NVIDIA\Satellite\raysat_3dsmax2015_64server.exe () [File not signed]
FirewallRules: [{BBF97C9C-ADB5-4CC0-BD52-CE5984B0B859}] => (Allow) C:\Program Files\Autodesk\3ds Max 2015\NVIDIA\Satellite\raysat_3dsmax2015_64.exe (NVIDIA Corporation) [File not signed]
FirewallRules: [{51D62331-33DA-4272-BAB2-F0681EB76E12}] => (Allow) C:\Program Files\Autodesk\3ds Max 2015\NVIDIA\Satellite\raysat_3dsmax2015_64.exe (NVIDIA Corporation) [File not signed]
FirewallRules: [TCP Query User{A11BC32A-A697-4F2B-A36F-5BC57B4AA21E}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [UDP Query User{B8733577-D12E-4A2B-A747-F9F1893EB094}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{024DE33B-D02F-4F85-AEB9-051AE98F46B0}C:\program files (x86)\winamp\winamp.exe] => (Allow) C:\program files (x86)\winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.)
FirewallRules: [UDP Query User{9AAFC3E1-D040-4E10-8579-1EF242A71559}C:\program files (x86)\winamp\winamp.exe] => (Allow) C:\program files (x86)\winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.)
FirewallRules: [TCP Query User{2EDBE87A-2F65-4B64-9D19-4742968CDD4C}C:\program files\comicrack\comicrack.exe] => (Allow) C:\program files\comicrack\comicrack.exe () [File not signed]
FirewallRules: [UDP Query User{5DA6532C-D6C4-4535-B86F-668A5AEDF33E}C:\program files\comicrack\comicrack.exe] => (Allow) C:\program files\comicrack\comicrack.exe () [File not signed]
FirewallRules: [TCP Query User{67E6995C-8C9A-4153-8255-E84E9269BFDF}C:\program files (x86)\nordic games\deadfall adventures\binaries\win32\advgame-win32-shipping.exe] => (Allow) C:\program files (x86)\nordic games\deadfall adventures\binaries\win32\advgame-win32-shipping.exe () [File not signed]
FirewallRules: [UDP Query User{199CF609-674F-4797-B7A3-8DF72D7D3F6F}C:\program files (x86)\nordic games\deadfall adventures\binaries\win32\advgame-win32-shipping.exe] => (Allow) C:\program files (x86)\nordic games\deadfall adventures\binaries\win32\advgame-win32-shipping.exe () [File not signed]
FirewallRules: [{D578E6C0-4858-4082-A82E-F40BFABD609E}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{41F3BE84-2F0B-4CA8-834B-688E8E1D98C9}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{400ECE04-467A-46D8-AC24-AFBBD3EDA01E}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{5AA56289-294C-4172-91FA-3F899A16BB90}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [TCP Query User{D910058D-2CAF-4602-9722-428C0DC1AAEC}C:\program files\autodesk\3ds max 2015\3dsmax.exe] => (Allow) C:\program files\autodesk\3ds max 2015\3dsmax.exe (Autodesk, Inc -> Autodesk, Inc.)
FirewallRules: [UDP Query User{17D0BC4E-A4BF-4863-A09D-8116A395B865}C:\program files\autodesk\3ds max 2015\3dsmax.exe] => (Allow) C:\program files\autodesk\3ds max 2015\3dsmax.exe (Autodesk, Inc -> Autodesk, Inc.)
FirewallRules: [TCP Query User{2226F5C0-7A9A-473B-80F2-1460F928D494}C:\daphne\daphneloader.exe] => (Allow) C:\daphne\daphneloader.exe () [File not signed]
FirewallRules: [UDP Query User{E3AB375A-ABD9-40DB-BF4B-B1ECC630FC90}C:\daphne\daphneloader.exe] => (Allow) C:\daphne\daphneloader.exe () [File not signed]
FirewallRules: [{C325CF06-D365-4B3E-9A9E-B8BAEF1867D7}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{914E4CE1-858B-46D3-B45D-AD7BF3D8B100}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{504F69D2-E5D5-43D1-9970-D852F59E21A7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\FINAL FANTASY VII\FF7_Launcher.exe (Square Enix Ltd. -> )
FirewallRules: [{D179DBB9-ED62-42B6-8AB8-D618B09CA864}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\FINAL FANTASY VII\FF7_Launcher.exe (Square Enix Ltd. -> )
FirewallRules: [TCP Query User{A018B2A7-133B-4C89-94A9-46A5EB2E8B76}C:\program files (x86)\xbox\ccxgui\ccxstream.exe] => (Allow) C:\program files (x86)\xbox\ccxgui\ccxstream.exe () [File not signed]
FirewallRules: [UDP Query User{09A3A78D-70DF-433F-B60C-7F9B55EF951B}C:\program files (x86)\xbox\ccxgui\ccxstream.exe] => (Allow) C:\program files (x86)\xbox\ccxgui\ccxstream.exe () [File not signed]
FirewallRules: [{A517A062-DFA5-47F2-B624-25220FCE481B}] => (Allow) C:\Program Files (x86)\Sony Mobile\Emma\Emma.exe (Sony Mobile Communications -> ) [File not signed]
FirewallRules: [{44E2DF93-9447-44E1-8717-82652FB9A80E}] => (Allow) C:\Program Files (x86)\Sony Mobile\Emma\Emma.exe (Sony Mobile Communications -> ) [File not signed]
FirewallRules: [{FD249A69-0AA3-4DD2-9BF5-17094AC5A78A}] => (Block) %ProgramFiles% (x86)\Nero\Nero 10\Nero Burning ROM\nero.exe No File
FirewallRules: [TCP Query User{4659D469-4091-4F5E-8C31-0B69AF83B828}C:\program files (x86)\myihome\app\myihome-server.exe] => (Allow) C:\program files (x86)\myihome\app\myihome-server.exe () [File not signed]
FirewallRules: [UDP Query User{15A8C5A7-EFAD-41BE-9B74-B073F0C35368}C:\program files (x86)\myihome\app\myihome-server.exe] => (Allow) C:\program files (x86)\myihome\app\myihome-server.exe () [File not signed]
FirewallRules: [TCP Query User{226D935C-BD56-4BA6-A35D-442FFFC676B9}C:\program files (x86)\xlink kai\kaiengine.exe] => (Allow) C:\program files (x86)\xlink kai\kaiengine.exe (hxxp://www.teamxlink.co.uk (Team XLink)) [File not signed]
FirewallRules: [UDP Query User{6D202FE9-2F12-4AE8-A9FA-49CEE61A66A5}C:\program files (x86)\xlink kai\kaiengine.exe] => (Allow) C:\program files (x86)\xlink kai\kaiengine.exe (hxxp://www.teamxlink.co.uk (Team XLink)) [File not signed]
FirewallRules: [{8FB96662-25D8-4338-AADD-E018B2F79E5E}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Converter Studio\Video Converter Studio.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{3AA6228C-A1D0-4EE8-8302-79D159D9152A}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Converter Studio\Video Converter Studio.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [TCP Query User{B5CBA079-DBF8-4CF0-9BED-555716741450}C:\program files (x86)\ccxgui\ccxstream.exe] => (Allow) C:\program files (x86)\ccxgui\ccxstream.exe () [File not signed]
FirewallRules: [UDP Query User{C3DB772D-0145-4160-9A0F-0AC13DBAA891}C:\program files (x86)\ccxgui\ccxstream.exe] => (Allow) C:\program files (x86)\ccxgui\ccxstream.exe () [File not signed]
FirewallRules: [TCP Query User{2C250868-1A41-4ACF-B6EF-39E922225E31}C:\program files\opentoonz 1.1\opentoonz_1.1.exe] => (Allow) C:\program files\opentoonz 1.1\opentoonz_1.1.exe () [File not signed]
FirewallRules: [UDP Query User{EF858506-27CD-4D64-845B-70E4B00E02B7}C:\program files\opentoonz 1.1\opentoonz_1.1.exe] => (Allow) C:\program files\opentoonz 1.1\opentoonz_1.1.exe () [File not signed]
FirewallRules: [{CE8C06F3-E02C-4534-BA26-6C3E5722DA3F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SteamVRPerformanceTest\bin\win64\vr.exe () [File not signed]
FirewallRules: [{08F95406-5A80-45DE-A7FB-5FDD5CDD90F8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SteamVRPerformanceTest\bin\win64\vr.exe () [File not signed]
FirewallRules: [{4ADDB89E-58C8-4B0F-BB86-88883FDFF284}] => (Allow) C:\Program Files (x86)\Sony\Xperia Companion\XperiaCompanion.exe (Sony Mobile Communications AB -> Sony) [File not signed]
FirewallRules: [{78114A02-C3AD-4B36-ACB6-FC8E194F7EFB}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{3F7A43C4-9F1A-45BF-A1C3-64BF65027611}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{6CB8C66F-6FFE-4901-B783-22F4CC91E5C6}] => (Block) %ProgramFiles%\Corel\CorelDRAW Graphics Suite X8\Programs64\CorelDRW.exe No File
FirewallRules: [{4A2CB402-2EF5-47F9-B464-C25645C96787}] => (Block) %ProgramFiles%\Corel\CorelDRAW Graphics Suite X8\Programs64\CorelDRW.exe No File
FirewallRules: [TCP Query User{1588D06C-9DD9-49B8-B0C0-68C622A8B544}C:\program files (x86)\emule\emule.exe] => (Allow) C:\program files (x86)\emule\emule.exe (hxxp://www.emule-project.net) [File not signed]
FirewallRules: [UDP Query User{E1C74976-7AA0-4C1C-91FD-F10FE4BEE2A0}C:\program files (x86)\emule\emule.exe] => (Allow) C:\program files (x86)\emule\emule.exe (hxxp://www.emule-project.net) [File not signed]
FirewallRules: [{9F04F4F8-4D3F-4C6A-AB2E-4DAD07467E87}] => (Allow) LPort=85
FirewallRules: [{5357BC53-36D2-4D95-BD7E-5DF6DB0D566E}] => (Allow) LPort=1985
FirewallRules: [{AB891726-68F1-4D89-BF56-791F2752E148}] => (Allow) C:\Program Files (x86)\qBittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [{D19B2E54-86B0-493A-89A1-8F211B36DB89}] => (Allow) C:\Program Files (x86)\qBittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [{74A91729-9FDD-4437-851B-53E01F90F989}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{DB04B0DC-16C1-47AA-9830-C25F3E599F85}] => (Block) c:\Program Files\Corel\CorelDRAW Graphics Suite X8\Programs64\CorelDrw.exe (Corel Corporation -> Corel Corporation)
FirewallRules: [{9B6F6A02-2E4E-40B1-8854-0BACC2D0BEEE}] => (Block) c:\Program Files\Corel\CorelDRAW Graphics Suite X8\Programs64\CorelPP.exe (Corel Corporation -> Corel Corporation)
FirewallRules: [TCP Query User{AD3C2C83-D129-445E-8DE2-2729483C143A}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe (Apache Software Foundation) [File not signed]
FirewallRules: [UDP Query User{07B63E6E-8299-4CD8-A080-47234F49EAEF}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe (Apache Software Foundation) [File not signed]
FirewallRules: [TCP Query User{D9CB2431-0AE9-4A59-BBA9-A4B4D8B3D67A}C:\program files\nodejs\node.exe] => (Allow) C:\program files\nodejs\node.exe (Node.js Foundation -> Node.js)
FirewallRules: [UDP Query User{E2523B0F-3DDA-40CF-8EC8-11DF200C16A9}C:\program files\nodejs\node.exe] => (Allow) C:\program files\nodejs\node.exe (Node.js Foundation -> Node.js)
FirewallRules: [{5D9FCA19-C56B-4D99-A364-B2B7D8753363}] => (Allow) C:\Program Files\Unity\Editor\Unity.exe (Unity Technologies SF -> Unity Technologies ApS)
FirewallRules: [{78040107-A417-4322-AC41-09906EA2A2FC}] => (Block) C:\Program Files\Unity\Editor\Unity.exe (Unity Technologies SF -> Unity Technologies ApS)
FirewallRules: [{245B9D3E-1A6B-4C43-A530-E449BEE78EEC}] => (Allow) C:\Program Files\Unity\Editor\Data\Tools\nodejs\node.exe (Node.js Foundation -> Node.js) [File not signed]
FirewallRules: [{B1B6906D-C580-45FB-B69A-37A6B9F56A48}] => (Block) C:\Program Files\Unity\Editor\Data\Tools\nodejs\node.exe (Node.js Foundation -> Node.js) [File not signed]
FirewallRules: [TCP Query User{651232D9-D998-4547-B296-A86E8762E931}C:\program files\unity\editor\unity.exe] => (Allow) C:\program files\unity\editor\unity.exe (Unity Technologies SF -> Unity Technologies ApS)
Addition (tercera parte)
FirewallRules: [UDP Query User{0FFC5579-C2B5-4610-8CD9-EF8012E984F1}C:\program files\unity\editor\unity.exe] => (Allow) C:\program files\unity\editor\unity.exe (Unity Technologies SF -> Unity Technologies ApS)
FirewallRules: [TCP Query User{B0260A66-5EF8-454B-9A6A-C2024B92B96C}C:\program files (x86)\port forwarding wizard\bin\port forwarding wizard.exe] => (Allow) C:\program files (x86)\port forwarding wizard\bin\port forwarding wizard.exe (upRedSun) [File not signed]
FirewallRules: [UDP Query User{B0BEB1BC-E43E-4059-8F06-6897ACBA4C48}C:\program files (x86)\port forwarding wizard\bin\port forwarding wizard.exe] => (Allow) C:\program files (x86)\port forwarding wizard\bin\port forwarding wizard.exe (upRedSun) [File not signed]
FirewallRules: [TCP Query User{901AB1B2-19CE-4E21-9145-931A84433703}C:\python27\python.exe] => (Allow) C:\python27\python.exe () [File not signed]
FirewallRules: [UDP Query User{61066576-34C7-44E3-AAC6-48119E753E2B}C:\python27\python.exe] => (Allow) C:\python27\python.exe () [File not signed]
FirewallRules: [TCP Query User{BF2EBBBA-AC7C-45C0-9A74-134971FDFE65}C:\program files (x86)\filezilla ftp client\filezilla.exe] => (Allow) C:\program files (x86)\filezilla ftp client\filezilla.exe (Tim Kosse -> FileZilla Project)
FirewallRules: [UDP Query User{B27A63B9-0BBC-4024-ABB1-983FF3E34DCB}C:\program files (x86)\filezilla ftp client\filezilla.exe] => (Allow) C:\program files (x86)\filezilla ftp client\filezilla.exe (Tim Kosse -> FileZilla Project)
FirewallRules: [TCP Query User{37ECEF56-C5C8-42AB-9DDD-3AC9A27545E4}C:\program files (x86)\portforward\port forward network utilities\pfportchecker.exe] => (Allow) C:\program files (x86)\portforward\port forward network utilities\pfportchecker.exe (Portforward, LLC -> portforward.com)
FirewallRules: [UDP Query User{55715CB0-F30F-49CD-B2C6-E2D595E3816C}C:\program files (x86)\portforward\port forward network utilities\pfportchecker.exe] => (Allow) C:\program files (x86)\portforward\port forward network utilities\pfportchecker.exe (Portforward, LLC -> portforward.com)
FirewallRules: [{A26CBCAC-F52C-44A1-827F-83C3CB376FA5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{0BA17663-C54B-462F-8F9C-E8376DAD67B6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{028B308E-F14A-40FA-90AB-7EACD43D4492}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{308F52E2-46A9-472C-BE19-02FD5D082462}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{AA14617B-21B4-4F3B-99F2-0C3187B10F8B}] => (Allow) C:\Program Files (x86)\FileZilla Server\FileZilla Server.exe (Tim Kosse -> FileZilla Project)
FirewallRules: [{7E2556F9-6AA6-4D80-8449-CAD40F645348}] => (Allow) C:\Program Files (x86)\FileZilla Server\FileZilla Server.exe (Tim Kosse -> FileZilla Project)
FirewallRules: [{42E93D13-DD7A-40CA-BFB1-4ED3BA97805F}] => (Allow) C:\Program Files (x86)\FileZilla Server\FileZilla Server Interface.exe (Tim Kosse -> FileZilla Project)
FirewallRules: [{E7F70AD0-4F13-4C96-902C-C781EDB16F88}] => (Allow) C:\Program Files (x86)\FileZilla Server\FileZilla Server Interface.exe (Tim Kosse -> FileZilla Project)
FirewallRules: [{B8700230-5A61-4939-8079-98D2A7CB3A03}] => (Allow) C:\Program Files (x86)\FileZilla Server\FileZilla Server Interface.exe (Tim Kosse -> FileZilla Project)
FirewallRules: [{FA3FF011-3990-486F-88CA-DDBAC963ACB9}] => (Allow) C:\Program Files (x86)\FileZilla Server\FileZilla Server Interface.exe (Tim Kosse -> FileZilla Project)
FirewallRules: [{044C7D0D-6015-4004-8011-5A5D5F7E4DCD}] => (Allow) C:\Program Files (x86)\FileZilla Server\FileZilla Server Interface.exe (Tim Kosse -> FileZilla Project)
FirewallRules: [{171970D4-E484-433D-8AF5-94AE2CC4857B}] => (Allow) C:\Program Files (x86)\FileZilla Server\FileZilla Server Interface.exe (Tim Kosse -> FileZilla Project)
FirewallRules: [{64D51F7C-6B49-45C7-BA79-85A4CE5BD946}] => (Allow) C:\Program Files (x86)\FileZilla Server\FileZilla Server.exe (Tim Kosse -> FileZilla Project)
FirewallRules: [{7C428389-E6F6-4776-99DE-E720F4DF8DE1}] => (Allow) C:\Program Files (x86)\FileZilla Server\FileZilla Server.exe (Tim Kosse -> FileZilla Project)
FirewallRules: [{181F5B93-633C-40E9-95A9-CDB3243E4A22}] => (Allow) C:\Program Files (x86)\FileZilla Server\FileZilla Server.exe (Tim Kosse -> FileZilla Project)
FirewallRules: [{029B4BA6-A96B-4A3B-A1B4-FA14B6D8D2ED}] => (Allow) C:\Program Files (x86)\FileZilla Server\FileZilla Server.exe (Tim Kosse -> FileZilla Project)
FirewallRules: [TCP Query User{3A000800-34C3-4B95-B7B4-486F0618C721}C:\program files (x86)\flashfxp 4\flashfxp.exe] => (Allow) C:\program files (x86)\flashfxp 4\flashfxp.exe (OpenSight Software LLC -> OpenSight Software, LLC) [File not signed]
FirewallRules: [UDP Query User{60203D46-8875-4FDD-B136-0F99FFFADCF1}C:\program files (x86)\flashfxp 4\flashfxp.exe] => (Allow) C:\program files (x86)\flashfxp 4\flashfxp.exe (OpenSight Software LLC -> OpenSight Software, LLC) [File not signed]
FirewallRules: [TCP Query User{1059EAD2-8003-4E43-97D6-59A5DDA8BB83}C:\switch\ndownloader uplauncher\ndownloader.exe] => (Allow) C:\switch\ndownloader uplauncher\ndownloader.exe (SNCF) [File not signed]
FirewallRules: [UDP Query User{2F87C482-21AD-42E1-91E8-59ECEFC8F03E}C:\switch\ndownloader uplauncher\ndownloader.exe] => (Allow) C:\switch\ndownloader uplauncher\ndownloader.exe (SNCF) [File not signed]
FirewallRules: [{970DBAA2-98E9-4652-861F-7718CB7C1BAA}] => (Allow) C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe (Plex, Inc -> Plex, Inc.)
FirewallRules: [{BD08AB63-492C-4268-BF03-F736D13DC3C1}] => (Allow) C:\Program Files (x86)\Plex\Plex Media Server\PlexScriptHost.exe (Plex, Inc -> Python Software Foundation)
FirewallRules: [{365B0F2A-6664-448D-8C70-9AC67B4E6A37}] => (Allow) C:\Program Files (x86)\Plex\Plex Media Server\Plex DLNA Server.exe (Plex, Inc -> Plex, Inc.)
FirewallRules: [{E6A537E9-EA98-421B-AF6E-4BBE001EE97F}] => (Allow) C:\Program Files (x86)\Plex\Plex Media Server\Plex Tuner Service.exe (Plex, Inc -> )
FirewallRules: [{8BD54E0C-7D7D-494E-93C3-ACAF6AFF644D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{7C986A2F-6BFD-48F4-A84C-3EEBBF073A84}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{FACA2E5C-4F7E-41BB-8C37-F55D0AE383B1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{AFEBA751-0C73-4538-8083-375F9644F91C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{387A957C-ADEC-4390-9D7A-8EE5447151C0}] => (Allow) LPort=1688
FirewallRules: [{2CFE1E1B-F0A0-417E-B73A-C6FBD82D63D3}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [{5D2FB513-68F0-4040-ABA7-285728FA4ED5}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{A9AF1CA7-9D97-408D-9A50-545BC48285B1}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{B8B2F446-F29B-45BF-BB24-2CC9151485F3}] => (Allow) C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOptionsMgr.EXE (Logitech Inc -> Logitech, Inc.)
==================== Restore Points =========================
13-12-2019 23:41:16 Windows Update
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (12/21/2019 05:45:49 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (108276,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) al abrir un archivo de registro C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (12/21/2019 05:23:31 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (124544,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) al abrir un archivo de registro C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (12/21/2019 04:59:58 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (107844,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) al abrir un archivo de registro C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (12/21/2019 04:45:53 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (126720,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) al abrir un archivo de registro C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (12/21/2019 04:36:54 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (126688,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) al abrir un archivo de registro C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (12/21/2019 04:23:31 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (123056,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) al abrir un archivo de registro C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (12/21/2019 03:56:50 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (122288,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) al abrir un archivo de registro C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (12/21/2019 03:44:51 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (127220,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) al abrir un archivo de registro C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
System errors:
=============
Error: (12/21/2019 04:55:01 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Error de instalación: error de Windows al instalar la siguiente actualización, error 0x80073d0a: 9WZDNCRFHVN5-MICROSOFT.WINDOWSCALCULATOR.
Error: (12/21/2019 03:48:55 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Error de instalación: error de Windows al instalar la siguiente actualización, error 0x80073d0a: 9WZDNCRFJ9SB-3718.12514FB00DC68.
Error: (12/21/2019 01:36:42 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Error de instalación: error de Windows al instalar la siguiente actualización, error 0x80073d0a: 9PLK42WD0RC0-Microsoft.Photos.MediaEngineDLC.
Error: (12/21/2019 01:03:40 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Error de instalación: error de Windows al instalar la siguiente actualización, error 0x80073d0a: 9WZDNCRFHVN5-MICROSOFT.WINDOWSCALCULATOR.
Error: (12/21/2019 11:33:47 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Error de instalación: error de Windows al instalar la siguiente actualización, error 0x80073d0a: 9WZDNCRFJ9SB-3718.12514FB00DC68.
Error: (12/21/2019 07:33:01 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Error de instalación: error de Windows al instalar la siguiente actualización, error 0x80073d0a: 9WZDNCRFHVN5-MICROSOFT.WINDOWSCALCULATOR.
Error: (12/21/2019 06:26:55 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Error de instalación: error de Windows al instalar la siguiente actualización, error 0x80073d0a: 9WZDNCRFJ9SB-3718.12514FB00DC68.
Error: (12/21/2019 03:17:52 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Error de instalación: error de Windows al instalar la siguiente actualización, error 0x80073d0a: 9WZDNCRFHVN5-MICROSOFT.WINDOWSCALCULATOR.
Windows Defender:
===================================
Date: 2019-11-23 12:26:00.300
Description:
Antivirus de Windows Defender detectó malware u otro software potencialmente no deseado.
Para más información, consulta lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win64/AutoKMS&threatid=2147723334&enterprise=0
Nombre: HackTool:Win64/AutoKMS
Id.: 2147723334
Gravedad: Alta
Categoría: Herramienta
Ruta de acceso: file:_C:\Windows\SECOH-QAD.dll; file:_C:\Windows\SECOH-QAD.exe
Origen de detección: Equipo local
Tipo de detección: Concreto
Origen de detección: Protección en tiempo real
Usuario: NT AUTHORITY\SYSTEM
Nombre de proceso: C:\Program Files\KMSpico\Service_KMS.exe
Versión de inteligencia de seguridad: AV: 1.305.2668.0, AS: 1.305.2668.0, NIS: 1.305.2668.0
Versión de motor: AM: 1.1.16500.1, NIS: 1.1.16500.1
Date: 2019-11-23 12:26:00.148
Description:
Antivirus de Windows Defender detectó malware u otro software potencialmente no deseado.
Para más información, consulta lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win64/AutoKMS&threatid=2147723334&enterprise=0
Nombre: HackTool:Win64/AutoKMS
Id.: 2147723334
Gravedad: Alta
Categoría: Herramienta
Ruta de acceso: file:_C:\Windows\SECOH-QAD.dll
Origen de detección: Equipo local
Tipo de detección: Concreto
Origen de detección: Protección en tiempo real
Usuario: NT AUTHORITY\SYSTEM
Nombre de proceso: C:\Program Files\KMSpico\Service_KMS.exe
Versión de inteligencia de seguridad: AV: 1.305.2668.0, AS: 1.305.2668.0, NIS: 1.305.2668.0
Versión de motor: AM: 1.1.16500.1, NIS: 1.1.16500.1
Date: 2019-11-23 12:15:59.045
Description:
Antivirus de Windows Defender detectó malware u otro software potencialmente no deseado.
Para más información, consulta lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win64/AutoKMS&threatid=2147723334&enterprise=0
Nombre: HackTool:Win64/AutoKMS
Id.: 2147723334
Gravedad: Alta
Categoría: Herramienta
Ruta de acceso: file:_C:\Windows\SECOH-QAD.dll; file:_C:\Windows\SECOH-QAD.exe
Origen de detección: Equipo local
Tipo de detección: Concreto
Origen de detección: Protección en tiempo real
Usuario: NT AUTHORITY\SYSTEM
Nombre de proceso: C:\Program Files\KMSpico\Service_KMS.exe
Versión de inteligencia de seguridad: AV: 1.305.2668.0, AS: 1.305.2668.0, NIS: 1.305.2668.0
Versión de motor: AM: 1.1.16500.1, NIS: 1.1.16500.1
Date: 2019-11-23 12:15:58.586
Description:
Antivirus de Windows Defender detectó malware u otro software potencialmente no deseado.
Para más información, consulta lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win64/AutoKMS&threatid=2147723334&enterprise=0
Nombre: HackTool:Win64/AutoKMS
Id.: 2147723334
Gravedad: Alta
Categoría: Herramienta
Ruta de acceso: file:_C:\Windows\SECOH-QAD.dll
Origen de detección: Equipo local
Tipo de detección: Concreto
Origen de detección: Protección en tiempo real
Usuario: NT AUTHORITY\SYSTEM
Nombre de proceso: C:\Program Files\KMSpico\Service_KMS.exe
Versión de inteligencia de seguridad: AV: 1.305.2668.0, AS: 1.305.2668.0, NIS: 1.305.2668.0
Versión de motor: AM: 1.1.16500.1, NIS: 1.1.16500.1
Date: 2019-11-22 23:59:05.315
Description:
Antivirus de Windows Defender detectó malware u otro software potencialmente no deseado.
Para más información, consulta lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win64/AutoKMS&threatid=2147723334&enterprise=0
Nombre: HackTool:Win64/AutoKMS
Id.: 2147723334
Gravedad: Alta
Categoría: Herramienta
Ruta de acceso: file:_C:\Windows\SECOH-QAD.dll; file:_C:\Windows\SECOH-QAD.exe
Origen de detección: Equipo local
Tipo de detección: Concreto
Origen de detección: Protección en tiempo real
Usuario: NT AUTHORITY\SYSTEM
Nombre de proceso: C:\Program Files\KMSpico\AutoPico.exe
Versión de inteligencia de seguridad: AV: 1.305.2637.0, AS: 1.305.2637.0, NIS: 1.305.2637.0
Versión de motor: AM: 1.1.16500.1, NIS: 1.1.16500.1
Date: 2019-11-14 18:59:50.888
Description:
Antivirus de Windows Defender detectó un error al intentar actualizar la inteligencia de seguridad.
Nueva versión de inteligencia de seguridad:
Versión anterior de inteligencia de seguridad: 1.305.2064.0
Origen de actualización: Servidor de Microsoft Update
Tipo de inteligencia de seguridad: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\SYSTEM
Versión actual del motor:
Versión anterior del motor: 1.1.16500.1
Código de error: 0x80240438
Descripción del error: Se produjo un problema inesperado mientras se buscaban actualizaciones. Para obtener más información sobre cómo instalar o solucionar problemas en las actualizaciones, consulte Ayuda y soporte técnico.
CodeIntegrity:
===================================
Date: 2019-12-21 18:05:52.964
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume2\Program Files\ESET\ESET Security\eamsi.dll that did not meet the Microsoft signing level requirements.
Date: 2019-12-21 18:05:52.960
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume2\Program Files\ESET\ESET Security\eamsi.dll that did not meet the Microsoft signing level requirements.
Date: 2019-12-21 18:05:52.955
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume2\Program Files\ESET\ESET Security\eamsi.dll that did not meet the Microsoft signing level requirements.
Date: 2019-12-21 18:05:52.952
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume2\Program Files\ESET\ESET Security\eamsi.dll that did not meet the Microsoft signing level requirements.
Date: 2019-12-21 18:05:52.947
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume2\Program Files\ESET\ESET Security\eamsi.dll that did not meet the Microsoft signing level requirements.
Date: 2019-12-21 18:05:52.941
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume2\Program Files\ESET\ESET Security\eamsi.dll that did not meet the Microsoft signing level requirements.
Date: 2019-12-21 18:05:52.937
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume2\Program Files\ESET\ESET Security\eamsi.dll that did not meet the Microsoft signing level requirements.
Date: 2019-12-21 18:05:52.933
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume2\Program Files\ESET\ESET Security\eamsi.dll that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
BIOS: American Megatrends Inc. F6 03/14/2016
Motherboard: Gigabyte Technology Co., Ltd. B150M-D3H-CF
Processor: Intel(R) Core(TM) i7-6700 CPU @ 3.40GHz
Percentage of memory in use: 40%
Total physical RAM: 32700.82 MB
Available physical RAM: 19344.87 MB
Total Virtual: 37564.82 MB
Available Virtual: 20105.95 MB
==================== Drives ================================
Drive c: (SYSTEM) (Fixed) (Total:1861.9 GB) (Free:274.42 GB) NTFS
Drive d: (FILES1) (Fixed) (Total:3725.9 GB) (Free:11.11 GB) NTFS
Drive e: (FILES2) (Fixed) (Total:3725.9 GB) (Free:32.97 GB) NTFS
Drive f: (DOWN) (Fixed) (Total:931.51 GB) (Free:101.01 GB) NTFS
Drive g: (4TB ANIME) (Fixed) (Total:3725.99 GB) (Free:25.33 GB) NTFS
Drive h: () (Fixed) (Total:189.86 GB) (Free:44.56 GB) FAT32
\\?\Volume{43699df2-47c0-11e6-825a-806e6f6e6963}\ (Reservado para el sistema) (Fixed) (Total:0.34 GB) (Free:0.07 GB) NTFS
\\?\Volume{583c874c-0000-0000-0000-408fd1010000}\ () (Fixed) (Total:0.78 GB) (Free:0.33 GB) NTFS
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 1863 GB) (Disk ID: 583C874C)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=1861.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=795 MB) - (Type=27)
==========================================================
Disk: 1 (Protective MBR) (Size: 3726 GB) (Disk ID: 00000000)
Partition: GPT.
==========================================================
Disk: 2 (Protective MBR) (Size: 3726 GB) (Disk ID: 00000000)
Partition: GPT.
==========================================================
Disk: 3 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 8C1A533D)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
==========================================================
Disk: 4 (Size: 3726 GB) (Disk ID: 16F2A91F)
Partition: GPT.
==========================================================
Disk: 5 (MBR Code: Windows 7/8/10) (Size: 189.9 GB) (Disk ID: E794CDBE)
Partition 1: (Not Active) - (Size=189.9 GB) - (Type=0B)
==================== End of Addition.txt =======================
Hola @Dhampird
Ademas del problema con el Firewall tienes problemas/ errores de Windows Update.
Que Windows Defender este desactivado esta bien, ya que tienes un AV como Nod.
Sigue estos pasos:
1.- Muy Importante >>> Realizar una copia de Seguridad de su Registro.
- Descarga DelFix en el escritorio de Windows.
- Clic Derecho, “Ejecutar como Administrador”.
- En la ventana principal, marca solamente la casilla “Create Registry Backup”.
- Clic en Run.
Al terminar se abrirá un reporte llamado DelFix.txt, guárdelo por si fuera necesario y cierre la herramienta…
2.- Desactiva Temporalmente tu antivirus.
3.- Abre un nuevo archivo Notepad/Bloc de Notas y copia y pega este contenido:
Start
CloseProcesses:
CreateRestorePoint:
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
GroupPolicy: Restriction ? <==== ATTENTION
GroupPolicy\User: Restriction ? <==== ATTENTION
Task: {44BFC9D0-3127-4F20-AB8B-34C648811E17} - System32\Tasks\{B0A35694-8F55-4793-979D-9C80DB680B6E} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\upc.exe" -d C:\Windows\system32 -c "uplay://launch/2184/0"
Task: {F99C6390-099C-48D5-8F40-B760C6883535} - System32\Tasks\{861FD316-C38F-4693-9172-4231B89AB869} => C:\Windows\system32\pcalua.exe -a E:\DOWNLOADS\VBRun60sp5.exe -d E:\DOWNLOADS
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-06-11] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-06-11] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-06-11] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-06-11] (VideoLAN -> VideoLAN)
2019-12-05 06:03 - 2019-12-05 06:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Security
2019-12-05 06:03 - 2019-12-05 06:03 - 000000000 ____D C:\Program Files (x86)\Panda Security
2019-12-05 06:03 - 2015-01-29 18:21 - 000050320 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\PSKMAD.sys
ContextMenuHanlers4: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => -> No File
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => -> No File
2019-12-20 01:42 - 2019-12-20 01:42 - 000114176 _____ () [File not signed] C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\_ctypes.pyd
2019-12-20 01:42 - 2019-12-20 01:42 - 000173056 _____ () [File not signed] C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\_elementtree.pyd
2019-12-20 01:42 - 2019-12-20 01:42 - 001808896 _____ () [File not signed] C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\_hashlib.pyd
2019-12-20 01:42 - 2019-12-20 01:42 - 000032256 _____ () [File not signed] C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\_multiprocessing.pyd
2019-12-20 01:42 - 2019-12-20 01:42 - 000046080 _____ () [File not signed] C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\_psutil_windows.pyd
2019-12-20 01:42 - 2019-12-20 01:42 - 000047616 _____ () [File not signed] C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\_socket.pyd
2019-12-20 01:42 - 2019-12-20 01:42 - 002241024 _____ () [File not signed] C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\_ssl.pyd
2019-12-20 01:42 - 2019-12-20 01:42 - 000026112 _____ () [File not signed] C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\_yappi.pyd
2019-12-20 01:42 - 2019-12-20 01:42 - 000080896 _____ () [File not signed] C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\bz2.pyd
2019-12-20 01:42 - 2019-12-20 01:42 - 000016384 _____ () [File not signed] C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\common.time34.pyd
2019-12-20 01:42 - 2019-12-20 01:42 - 000007680 _____ () [File not signed] C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\hashobjs_ext.pyd
2019-12-20 01:42 - 2019-12-20 01:42 - 000301568 _____ () [File not signed] C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\PIL._imaging.pyd
2019-12-20 01:42 - 2019-12-20 01:42 - 000169472 _____ () [File not signed] C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\pyexpat.pyd
2019-12-20 01:42 - 2019-12-20 01:42 - 001084416 _____ () [File not signed] C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\pysqlite2._sqlite.pyd
2019-12-20 01:42 - 2019-12-20 01:42 - 000548864 _____ () [File not signed] C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\pythoncom27.dll
2019-12-20 01:42 - 2019-12-20 01:42 - 000137728 _____ () [File not signed] C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\pywintypes27.dll
2019-12-20 01:42 - 2019-12-20 01:42 - 000010752 _____ () [File not signed] C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\select.pyd
2019-12-20 01:42 - 2019-12-20 01:42 - 000020992 _____ () [File not signed] C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\thumbnails_ext.pyd
2019-12-20 01:42 - 2019-12-20 01:42 - 000689664 _____ () [File not signed] C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\unicodedata.pyd
2019-12-20 01:42 - 2019-12-20 01:42 - 000119808 _____ () [File not signed] C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\usb_ext.pyd
2019-12-20 01:42 - 2019-12-20 01:42 - 000128512 _____ () [File not signed] C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\win32api.pyd
2019-12-20 01:42 - 2019-12-20 01:42 - 000438784 _____ () [File not signed] C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\win32com.shell.shell.pyd
2019-12-20 01:42 - 2019-12-20 01:42 - 000011776 _____ () [File not signed] C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\win32crypt.pyd
2019-12-20 01:42 - 2019-12-20 01:42 - 000023040 _____ () [File not signed] C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\win32event.pyd
2019-12-20 01:42 - 2019-12-20 01:42 - 000149504 _____ () [File not signed] C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\win32file.pyd
2019-12-20 01:42 - 2019-12-20 01:42 - 000223232 _____ () [File not signed] C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\win32gui.pyd
2019-12-20 01:42 - 2019-12-20 01:42 - 000048128 _____ () [File not signed] C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\win32inet.pyd
2019-12-20 01:42 - 2019-12-20 01:42 - 000029696 _____ () [File not signed] C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\win32pdh.pyd
2019-12-20 01:42 - 2019-12-20 01:42 - 000027648 _____ () [File not signed] C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\win32pipe.pyd
2019-12-20 01:42 - 2019-12-20 01:42 - 000044032 _____ () [File not signed] C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\win32process.pyd
2019-12-20 01:42 - 2019-12-20 01:42 - 000020480 _____ () [File not signed] C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\win32profile.pyd
2019-12-20 01:42 - 2019-12-20 01:42 - 000136192 _____ () [File not signed] C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\win32security.pyd
2019-12-20 01:42 - 2019-12-20 01:42 - 000026624 _____ () [File not signed] C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\win32ts.pyd
2019-12-20 01:42 - 2019-12-20 01:42 - 000034816 _____ () [File not signed] C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\windows.conditional.pyd
2019-12-20 01:42 - 2019-12-20 01:42 - 000038400 _____ () [File not signed] C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\windows.connectivity.pyd
2019-12-20 01:42 - 2019-12-20 01:42 - 000071680 _____ () [File not signed] C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\windows.device_monitor.pyd
2019-12-20 01:42 - 2019-12-20 01:42 - 000109056 _____ () [File not signed] C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\windows.volumes.pyd
2019-12-20 01:42 - 2019-12-20 01:42 - 000020480 _____ () [File not signed] C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\windows.winwrap.pyd
2019-12-20 01:42 - 2019-12-20 01:42 - 001325056 _____ () [File not signed] C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\wx._controls_.pyd
2019-12-20 01:42 - 2019-12-20 01:42 - 001489408 _____ () [File not signed] C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\wx._core_.pyd
2019-12-20 01:42 - 2019-12-20 01:42 - 001007104 _____ () [File not signed] C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\wx._gdi_.pyd
2019-12-20 01:42 - 2019-12-20 01:42 - 000103424 _____ () [File not signed] C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\wx._html2.pyd
2019-12-20 01:42 - 2019-12-20 01:42 - 000916992 _____ () [File not signed] C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\wx._misc_.pyd
2019-12-20 01:42 - 2019-12-20 01:42 - 001039872 _____ () [File not signed] C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\wx._windows_.pyd
2019-12-20 01:42 - 2019-12-20 01:42 - 003042816 _____ (Python Software Foundation) [File not signed] C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\python27.dll
019-12-20 01:42 - 2019-12-20 01:42 - 000202240 _____ (wxWidgets development team) [File not signed] C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\wxbase30u_net_vc90_x64.dll
2019-12-20 01:42 - 2019-12-20 01:42 - 002831872 _____ (wxWidgets development team) [File not signed] C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\wxbase30u_vc90_x64.dll
2019-12-20 01:42 - 2019-12-20 01:42 - 001654784 _____ (wxWidgets development team) [File not signed] C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\wxmsw30u_adv_vc90_x64.dll
2019-12-20 01:42 - 2019-12-20 01:42 - 006542336 _____ (wxWidgets development team) [File not signed] C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\wxmsw30u_core_vc90_x64.dll
2019-12-20 01:42 - 2019-12-20 01:42 - 000773632 _____ (wxWidgets development team) [File not signed] C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\wxmsw30u_html_vc90_x64.dll
2019-12-20 01:42 - 2019-12-20 01:42 - 000137216 _____ (wxWidgets development team) [File not signed] C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\wxmsw30u_webview_vc90_x64.dll
AlternateDataStreams: C:\ProgramData\TEMP:1AAB2E68 [183]
HKLM\...\.scr: EAGLESCR => "c:\EAGLE 8.7.0\eagle.exe" -C "" "%1" <==== ATTENTION
FirewallRules: [{6CB8C66F-6FFE-4901-B783-22F4CC91E5C6}] => (Block) %ProgramFiles%\Corel\CorelDRAW Graphics Suite X8\Programs64\CorelDRW.exe No File
FirewallRules: [{4A2CB402-2EF5-47F9-B464-C25645C96787}] => (Block) %ProgramFiles%\Corel\CorelDRAW Graphics Suite X8\Programs64\CorelDRW.exe No File
CMD: ipconfig /flushdns
CMD: ipconfig /renew
CMD: bitsadmin /reset /allusers
CMD: netsh winsock reset
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
RemoveProxy:
EmptyTemp:
Hosts:
END
- Lo guardas bajo el nombre de fixlist.txt en el escritorio <<< Esto es muy importante.
Nota: Es necesario que el ejecutable Frst.exe y fixlist.txt se encuentren en la misma ubicación (escritorio) o si no la herramienta no trabajara.
- Ejecutas Frst.exe.
- Presionas el botón Fix y aguardas a que termine.
- La Herramienta guardara el reporte en tu escritorio (Fixlog.txt).
- Lo pegas en tu próxima respuesta.
Luego de reiniciar:
Descargas >>> FixWin10.
- Lo extraes, das doble clic sobre el Icono del programa.
No lleva Instalación. Eso si esta en Ingles.
- En su Ventana Welcome, crearás un Punto de Restauración, dar clic en Create System Restore Point, tal como esta en su Manual.
Posteriormente vas a su Ventana: Conectividad e Internet.
Das Fix en :
5) Problema con la configuración del Firewall de Windows. Restablecer la configuración del Firewall.
Clic en Aceptar.
Luego en la Ventana: Windows 10.
Das Fix en :
1) El almacén de Componentes de Windows está dañado, repararlo utilizando Deployment Image Servicing and Management (DISM)
6) Actualizaciones de Windows bloqueadas, mensaje de error: descargando actualizaciones después de actualizar.
Clic en Aceptar.
Siguiente vas a su Ventana: Herramientas del Sistema - Pestaña System Tools:.
Das Fix en :
10) Restablecer la Configuración de Seguridad de Windows
Clic en Aceptar.
En la pestaña Solucionador de Problemas de Windows.
Ejecutas los pasos del Fix:
9) Windows Update - Actualizaciones de Windows.
En todos los casos, deberás seleccionar la corrección presionando en “Fix” (Ir uno a la vez), una ventana se abrirá informándote “Has aplicado con éxito esta solución. Un reinicio es requerido para ver los cambios”
Al finalizar todos los Fix reinicias el equipo, y compruebas si se soluciono el problema de tu Firewall, ademas busca manualmente actualizaciones y verifica si se pueden instalar.
Nos comentas…
Salu2.
Fixlog.txt
Resultados de la corrección de Farbar Recovery Scan Tool (x64) Versión: 25-12-2019
Ejecutado por DHAMPIRD (26-12-2019 11:59:29) Run:1
Ejecutado desde C:\Users\DHAMPIRD\Desktop
Perfiles cargados: DHAMPIRD (Perfiles disponibles: DHAMPIRD)
Modo de Inicio: Normal
==============================================
fixlist contenido:
*****************
Start
CloseProcesses:
CreateRestorePoint:
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
GroupPolicy: Restriction ? <==== ATTENTION
GroupPolicy\User: Restriction ? <==== ATTENTION
Task: {44BFC9D0-3127-4F20-AB8B-34C648811E17} - System32\Tasks\{B0A35694-8F55-4793-979D-9C80DB680B6E} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\upc.exe" -d C:\Windows\system32 -c "uplay://launch/2184/0"
Task: {F99C6390-099C-48D5-8F40-B760C6883535} - System32\Tasks\{861FD316-C38F-4693-9172-4231B89AB869} => C:\Windows\system32\pcalua.exe -a E:\DOWNLOADS\VBRun60sp5.exe -d E:\DOWNLOADS
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-06-11] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-06-11] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-06-11] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-06-11] (VideoLAN -> VideoLAN)
2019-12-05 06:03 - 2019-12-05 06:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Security
2019-12-05 06:03 - 2019-12-05 06:03 - 000000000 ____D C:\Program Files (x86)\Panda Security
2019-12-05 06:03 - 2015-01-29 18:21 - 000050320 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\PSKMAD.sys
ContextMenuHanlers4: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => -> No File
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => -> No File
2019-12-20 01:42 - 2019-12-20 01:42 - 000114176 _____ () [File not signed] C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\_ctypes.pyd
2019-12-20 01:42 - 2019-12-20 01:42 - 000173056 _____ () [File not signed] C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\_elementtree.pyd
2019-12-20 01:42 - 2019-12-20 01:42 - 001808896 _____ () [File not signed] C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\_hashlib.pyd
2019-12-20 01:42 - 2019-12-20 01:42 - 000032256 _____ () [File not signed] C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\_multiprocessing.pyd
2019-12-20 01:42 - 2019-12-20 01:42 - 000046080 _____ () [File not signed] C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\_psutil_windows.pyd
2019-12-20 01:42 - 2019-12-20 01:42 - 000047616 _____ () [File not signed] C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\_socket.pyd
2019-12-20 01:42 - 2019-12-20 01:42 - 002241024 _____ () [File not signed] C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\_ssl.pyd
2019-12-20 01:42 - 2019-12-20 01:42 - 000026112 _____ () [File not signed] C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\_yappi.pyd
2019-12-20 01:42 - 2019-12-20 01:42 - 000080896 _____ () [File not signed] C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\bz2.pyd
2019-12-20 01:42 - 2019-12-20 01:42 - 000016384 _____ () [File not signed] C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\common.time34.pyd
2019-12-20 01:42 - 2019-12-20 01:42 - 000007680 _____ () [File not signed] C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\hashobjs_ext.pyd
2019-12-20 01:42 - 2019-12-20 01:42 - 000301568 _____ () [File not signed] C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\PIL._imaging.pyd
2019-12-20 01:42 - 2019-12-20 01:42 - 000169472 _____ () [File not signed] C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\pyexpat.pyd
2019-12-20 01:42 - 2019-12-20 01:42 - 001084416 _____ () [File not signed] C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\pysqlite2._sqlite.pyd
2019-12-20 01:42 - 2019-12-20 01:42 - 000548864 _____ () [File not signed] C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\pythoncom27.dll
2019-12-20 01:42 - 2019-12-20 01:42 - 000137728 _____ () [File not signed] C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\pywintypes27.dll
2019-12-20 01:42 - 2019-12-20 01:42 - 000010752 _____ () [File not signed] C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\select.pyd
2019-12-20 01:42 - 2019-12-20 01:42 - 000020992 _____ () [File not signed] C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\thumbnails_ext.pyd
2019-12-20 01:42 - 2019-12-20 01:42 - 000689664 _____ () [File not signed] C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\unicodedata.pyd
2019-12-20 01:42 - 2019-12-20 01:42 - 000119808 _____ () [File not signed] C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\usb_ext.pyd
2019-12-20 01:42 - 2019-12-20 01:42 - 000128512 _____ () [File not signed] C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\win32api.pyd
2019-12-20 01:42 - 2019-12-20 01:42 - 000438784 _____ () [File not signed] C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\win32com.shell.shell.pyd
2019-12-20 01:42 - 2019-12-20 01:42 - 000011776 _____ () [File not signed] C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\win32crypt.pyd
2019-12-20 01:42 - 2019-12-20 01:42 - 000023040 _____ () [File not signed] C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\win32event.pyd
2019-12-20 01:42 - 2019-12-20 01:42 - 000149504 _____ () [File not signed] C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\win32file.pyd
2019-12-20 01:42 - 2019-12-20 01:42 - 000223232 _____ () [File not signed] C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\win32gui.pyd
2019-12-20 01:42 - 2019-12-20 01:42 - 000048128 _____ () [File not signed] C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\win32inet.pyd
2019-12-20 01:42 - 2019-12-20 01:42 - 000029696 _____ () [File not signed] C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\win32pdh.pyd
2019-12-20 01:42 - 2019-12-20 01:42 - 000027648 _____ () [File not signed] C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\win32pipe.pyd
2019-12-20 01:42 - 2019-12-20 01:42 - 000044032 _____ () [File not signed] C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\win32process.pyd
2019-12-20 01:42 - 2019-12-20 01:42 - 000020480 _____ () [File not signed] C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\win32profile.pyd
2019-12-20 01:42 - 2019-12-20 01:42 - 000136192 _____ () [File not signed] C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\win32security.pyd
2019-12-20 01:42 - 2019-12-20 01:42 - 000026624 _____ () [File not signed] C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\win32ts.pyd
2019-12-20 01:42 - 2019-12-20 01:42 - 000034816 _____ () [File not signed] C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\windows.conditional.pyd
2019-12-20 01:42 - 2019-12-20 01:42 - 000038400 _____ () [File not signed] C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\windows.connectivity.pyd
2019-12-20 01:42 - 2019-12-20 01:42 - 000071680 _____ () [File not signed] C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\windows.device_monitor.pyd
2019-12-20 01:42 - 2019-12-20 01:42 - 000109056 _____ () [File not signed] C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\windows.volumes.pyd
2019-12-20 01:42 - 2019-12-20 01:42 - 000020480 _____ () [File not signed] C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\windows.winwrap.pyd
2019-12-20 01:42 - 2019-12-20 01:42 - 001325056 _____ () [File not signed] C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\wx._controls_.pyd
2019-12-20 01:42 - 2019-12-20 01:42 - 001489408 _____ () [File not signed] C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\wx._core_.pyd
2019-12-20 01:42 - 2019-12-20 01:42 - 001007104 _____ () [File not signed] C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\wx._gdi_.pyd
2019-12-20 01:42 - 2019-12-20 01:42 - 000103424 _____ () [File not signed] C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\wx._html2.pyd
2019-12-20 01:42 - 2019-12-20 01:42 - 000916992 _____ () [File not signed] C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\wx._misc_.pyd
2019-12-20 01:42 - 2019-12-20 01:42 - 001039872 _____ () [File not signed] C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\wx._windows_.pyd
2019-12-20 01:42 - 2019-12-20 01:42 - 003042816 _____ (Python Software Foundation) [File not signed] C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\python27.dll
019-12-20 01:42 - 2019-12-20 01:42 - 000202240 _____ (wxWidgets development team) [File not signed] C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\wxbase30u_net_vc90_x64.dll
2019-12-20 01:42 - 2019-12-20 01:42 - 002831872 _____ (wxWidgets development team) [File not signed] C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\wxbase30u_vc90_x64.dll
2019-12-20 01:42 - 2019-12-20 01:42 - 001654784 _____ (wxWidgets development team) [File not signed] C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\wxmsw30u_adv_vc90_x64.dll
2019-12-20 01:42 - 2019-12-20 01:42 - 006542336 _____ (wxWidgets development team) [File not signed] C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\wxmsw30u_core_vc90_x64.dll
2019-12-20 01:42 - 2019-12-20 01:42 - 000773632 _____ (wxWidgets development team) [File not signed] C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\wxmsw30u_html_vc90_x64.dll
2019-12-20 01:42 - 2019-12-20 01:42 - 000137216 _____ (wxWidgets development team) [File not signed] C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\wxmsw30u_webview_vc90_x64.dll
AlternateDataStreams: C:\ProgramData\TEMP:1AAB2E68 [183]
HKLM\...\.scr: EAGLESCR => "c:\EAGLE 8.7.0\eagle.exe" -C "" "%1" <==== ATTENTION
FirewallRules: [{6CB8C66F-6FFE-4901-B783-22F4CC91E5C6}] => (Block) %ProgramFiles%\Corel\CorelDRAW Graphics Suite X8\Programs64\CorelDRW.exe No File
FirewallRules: [{4A2CB402-2EF5-47F9-B464-C25645C96787}] => (Block) %ProgramFiles%\Corel\CorelDRAW Graphics Suite X8\Programs64\CorelDRW.exe No File
CMD: ipconfig /flushdns
CMD: ipconfig /renew
CMD: bitsadmin /reset /allusers
CMD: netsh winsock reset
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
RemoveProxy:
EmptyTemp:
Hosts:
END
*****************
Procesos cerrados correctamente.
El punto de restauración fue creado correctamente.
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => eliminado correctamente
C:\WINDOWS\system32\GroupPolicy\Machine => movido correctamente
C:\WINDOWS\system32\GroupPolicy\GPT.ini => movido correctamente
C:\WINDOWS\SysWOW64\GroupPolicy\GPT.ini => movido correctamente
C:\WINDOWS\system32\GroupPolicy\User => movido correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{44BFC9D0-3127-4F20-AB8B-34C648811E17}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{44BFC9D0-3127-4F20-AB8B-34C648811E17}" => eliminado correctamente
C:\WINDOWS\System32\Tasks\{B0A35694-8F55-4793-979D-9C80DB680B6E} => movido correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{B0A35694-8F55-4793-979D-9C80DB680B6E}" => eliminado correctamente
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F99C6390-099C-48D5-8F40-B760C6883535} => eliminado correctamente
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F99C6390-099C-48D5-8F40-B760C6883535} => eliminado correctamente
C:\WINDOWS\System32\Tasks\{861FD316-C38F-4693-9172-4231B89AB869} => movido correctamente
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{861FD316-C38F-4693-9172-4231B89AB869} => eliminado correctamente
"HKLM\Software\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-06-11] (VideoLAN" => no encontrado
C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll => movido correctamente
"HKLM\Software\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-06-11] (VideoLAN" => no encontrado
"C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll" => no encontrado
"HKLM\Software\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=3.0.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-06-11] (VideoLAN" => no encontrado
"C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll" => no encontrado
"HKLM\Software\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=3.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-06-11] (VideoLAN" => no encontrado
"C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll" => no encontrado
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Security => movido correctamente
C:\Program Files (x86)\Panda Security => movido correctamente
C:\WINDOWS\system32\Drivers\PSKMAD.sys => movido correctamente
ContextMenuHanlers4: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => -> No File => Error: Ninguna corrección automática encontrada para esta entrada.
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\BriefcaseMenu => eliminado correctamente
"HKLM\Software\Classes\CLSID\{85BBD920-42A0-1069-A2E4-08002B30309D}" => eliminado correctamente
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\IObitUnstaler => eliminado correctamente
C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\_ctypes.pyd => movido correctamente
C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\_elementtree.pyd => movido correctamente
C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\_hashlib.pyd => movido correctamente
C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\_multiprocessing.pyd => movido correctamente
C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\_psutil_windows.pyd => movido correctamente
C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\_socket.pyd => movido correctamente
C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\_ssl.pyd => movido correctamente
C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\_yappi.pyd => movido correctamente
C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\bz2.pyd => movido correctamente
C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\common.time34.pyd => movido correctamente
C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\hashobjs_ext.pyd => movido correctamente
C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\PIL._imaging.pyd => movido correctamente
C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\pyexpat.pyd => movido correctamente
C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\pysqlite2._sqlite.pyd => movido correctamente
C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\pythoncom27.dll => movido correctamente
C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\pywintypes27.dll => movido correctamente
C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\select.pyd => movido correctamente
C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\thumbnails_ext.pyd => movido correctamente
C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\unicodedata.pyd => movido correctamente
C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\usb_ext.pyd => movido correctamente
C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\win32api.pyd => movido correctamente
C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\win32com.shell.shell.pyd => movido correctamente
C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\win32crypt.pyd => movido correctamente
C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\win32event.pyd => movido correctamente
C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\win32file.pyd => movido correctamente
C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\win32gui.pyd => movido correctamente
C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\win32inet.pyd => movido correctamente
C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\win32pdh.pyd => movido correctamente
C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\win32pipe.pyd => movido correctamente
C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\win32process.pyd => movido correctamente
C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\win32profile.pyd => movido correctamente
C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\win32security.pyd => movido correctamente
C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\win32ts.pyd => movido correctamente
C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\windows.conditional.pyd => movido correctamente
C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\windows.connectivity.pyd => movido correctamente
C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\windows.device_monitor.pyd => movido correctamente
C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\windows.volumes.pyd => movido correctamente
C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\windows.winwrap.pyd => movido correctamente
C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\wx._controls_.pyd => movido correctamente
C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\wx._core_.pyd => movido correctamente
C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\wx._gdi_.pyd => movido correctamente
C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\wx._html2.pyd => movido correctamente
C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\wx._misc_.pyd => movido correctamente
C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\wx._windows_.pyd => movido correctamente
C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\python27.dll => movido correctamente
019-12-20 01:42 - 2019-12-20 01:42 - 000202240 _____ (wxWidgets development team) [File not signed] C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\wxbase30u_net_vc90_x64.dll => Error: Ninguna corrección automática encontrada para esta entrada.
C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\wxbase30u_vc90_x64.dll => movido correctamente
C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\wxmsw30u_adv_vc90_x64.dll => movido correctamente
C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\wxmsw30u_core_vc90_x64.dll => movido correctamente
C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\wxmsw30u_html_vc90_x64.dll => movido correctamente
C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\wxmsw30u_webview_vc90_x64.dll => movido correctamente
C:\ProgramData\TEMP => ":1AAB2E68" ADS eliminado correctamente
HKLM\Software\Classes\.scr\\"Default"="scrfile" => valor restaurado correctamente
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{6CB8C66F-6FFE-4901-B783-22F4CC91E5C6}" => eliminado correctamente
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{4A2CB402-2EF5-47F9-B464-C25645C96787}" => eliminado correctamente
========= ipconfig /flushdns =========
Configuraci¢n IP de Windows
Se vaci¢ correctamente la cach‚ de resoluci¢n de DNS.
========= Final de CMD: =========
========= ipconfig /renew =========
Configuraci¢n IP de Windows
Adaptador de Ethernet Ethernet:
Sufijo DNS espec¡fico para la conexi¢n. . : mundo-R.com
V¡nculo: direcci¢n IPv6 local. . . : fe80::e9c9:1248:6d84:f5fb%8
Direcci¢n IPv4. . . . . . . . . . . . . . : 192.168.0.12
M scara de subred . . . . . . . . . . . . : 255.255.255.0
Puerta de enlace predeterminada . . . . . : 192.168.0.1
========= Final de CMD: =========
========= bitsadmin /reset /allusers =========
BITSADMIN version 3.0
BITS administration utility.
(C) Copyright Microsoft Corp.
Unable to cancel {491CD261-2E48-4276-AF99-E3D2049D44C2}.
0 out of 1 jobs canceled.
========= Final de CMD: =========
========= netsh winsock reset =========
El cat logo Winsock se restableci¢ correctamente.
Debe reiniciar el equipo para completar el restablecimiento.
========= Final de CMD: =========
========= netsh advfirewall reset =========
Error al intentar ponerse en contacto con el servicio Firewall de Windows Defender. Aseg£rate de que el servicio se est ejecutando e intenta la solicitud de nuevo.
========= Final de CMD: =========
========= netsh advfirewall set allprofiles state ON =========
Error al intentar ponerse en contacto con el servicio Firewall de Windows Defender. Aseg£rate de que el servicio se est ejecutando e intenta la solicitud de nuevo.
========= Final de CMD: =========
========= netsh int ipv4 reset =========
Reenv¡o de compartimiento se restableci¢ correctamente.
Compartimiento se restableci¢ correctamente.
Protocolo de control se restableci¢ correctamente.
Solicitud de secuencia eco se restableci¢ correctamente.
Global se restableci¢ correctamente.
Interfaz se restableci¢ correctamente.
Direcci¢n de difusi¢n por proximidad (a se restableci¢ correctamente.
Direcciones de multidifusi¢n se restableci¢ correctamente.
Direcci¢n de unidifusi¢n se restableci¢ correctamente.
Vecino se restableci¢ correctamente.
Ruta de acceso se restableci¢ correctamente.
Posible se restableci¢ correctamente.
Directiva de prefijo se restableci¢ correctamente.
Vecino de proxy se restableci¢ correctamente.
Ruta se restableci¢ correctamente.
Prefijo de sitio se restableci¢ correctamente.
Subinterfaz se restableci¢ correctamente.
Patr¢n de reactivaci¢n se restableci¢ correctamente.
Resolver vecino se restableci¢ correctamente.
se restableci¢ correctamente.
se restableci¢ correctamente.
se restableci¢ correctamente.
se restableci¢ correctamente.
Error al restablecer .
Acceso denegado.
se restableci¢ correctamente.
se restableci¢ correctamente.
se restableci¢ correctamente.
se restableci¢ correctamente.
se restableci¢ correctamente.
se restableci¢ correctamente.
se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.
========= Final de CMD: =========
========= netsh int ipv6 reset =========
Reenv¡o de compartimiento se restableci¢ correctamente.
Compartimiento se restableci¢ correctamente.
Protocolo de control se restableci¢ correctamente.
Solicitud de secuencia eco se restableci¢ correctamente.
Global se restableci¢ correctamente.
Interfaz se restableci¢ correctamente.
Direcci¢n de difusi¢n por proximidad (a se restableci¢ correctamente.
Direcciones de multidifusi¢n se restableci¢ correctamente.
Direcci¢n de unidifusi¢n se restableci¢ correctamente.
Vecino se restableci¢ correctamente.
Ruta de acceso se restableci¢ correctamente.
Posible se restableci¢ correctamente.
Directiva de prefijo se restableci¢ correctamente.
Vecino de proxy se restableci¢ correctamente.
Ruta se restableci¢ correctamente.
Prefijo de sitio se restableci¢ correctamente.
Subinterfaz se restableci¢ correctamente.
Patr¢n de reactivaci¢n se restableci¢ correctamente.
Resolver vecino se restableci¢ correctamente.
se restableci¢ correctamente.
se restableci¢ correctamente.
se restableci¢ correctamente.
se restableci¢ correctamente.
Error al restablecer .
Acceso denegado.
se restableci¢ correctamente.
se restableci¢ correctamente.
se restableci¢ correctamente.
se restableci¢ correctamente.
se restableci¢ correctamente.
se restableci¢ correctamente.
se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.
========= Final de CMD: =========
========= RemoveProxy: =========
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => eliminado correctamente
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => eliminado correctamente
"HKU\S-1-5-21-3597564769-968549059-3920177797-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12202019014036595\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => eliminado correctamente
"HKU\S-1-5-21-3597564769-968549059-3920177797-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12202019014036595\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => eliminado correctamente
"HKU\S-1-5-21-3597564769-968549059-3920177797-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12202019014047869\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => eliminado correctamente
"HKU\S-1-5-21-3597564769-968549059-3920177797-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12202019014047869\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => eliminado correctamente
"HKU\S-1-5-21-3597564769-968549059-3920177797-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12202019014042369\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => eliminado correctamente
"HKU\S-1-5-21-3597564769-968549059-3920177797-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12202019014042369\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => eliminado correctamente
"HKU\S-1-5-21-3597564769-968549059-3920177797-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12202019014048807\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => eliminado correctamente
"HKU\S-1-5-21-3597564769-968549059-3920177797-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12202019014048807\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => eliminado correctamente
"HKU\S-1-5-21-3597564769-968549059-3920177797-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => eliminado correctamente
"HKU\S-1-5-21-3597564769-968549059-3920177797-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => eliminado correctamente
"HKU\S-1-5-21-3597564769-968549059-3920177797-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12202019014044384\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => eliminado correctamente
"HKU\S-1-5-21-3597564769-968549059-3920177797-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12202019014044384\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => eliminado correctamente
"HKU\S-1-5-21-3597564769-968549059-3920177797-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12202019014049760\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => eliminado correctamente
"HKU\S-1-5-21-3597564769-968549059-3920177797-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12202019014049760\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => eliminado correctamente
========= Final de RemoveProxy: =========
C:\Windows\System32\Drivers\etc\hosts => movido correctamente
Hosts restaurado correctamente.
=========== EmptyTemp: ==========
BITS transfer queue => 10772480 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 69284327 B
Java, Flash, Steam htmlcache => 66311342 B
Windows/system/drivers => 6955210 B
Edge => 34330 B
Chrome => 323218 B
Firefox => 1412591592 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 134 B
LocalService => 30028 B
NetworkService => 5140156 B
ELDI.000 => 5140156 B
ELDI => 5140156 B
DHAMPIRD => 85757840 B
RecycleBin => 0 B
EmptyTemp: => 1.6 GB datos temporales Eliminados.
================================
El sistema necesita reiniciarse.
==== Final de Fixlog 12:04:25 ====
He realizado todos los pasos, el Firewall da el mismo error teniendo desactivada la proteccion del NOD32 , ¿quizá deba desinstalarlo del todo para probar si arranca el Firewall? Las actualizaciones parecen ok, me bucó y encontró updates y los aplicó. A la espera de hacer más pruebas, quizá ya esté arreglado. Tengo que intentar restaurar la calculadora de windows y a saber si algun otro programa, cre que me falla el xbox tool, un soft del gamepass, mañana a ver si lo miro.
Hola @Dhampird
Prueba desinstalar el antivirus con su herramienta especifica:
Herramientas de desinstalación de Antivirus, AntiSpyware y Firewall
No lo reinstales aun.
Una vez desinstalado revisa si puedes activar el Firewall.
Si aun no funciona, ve a la pagina de Microsoft y presiona en Actualizar ahora para que se instale en tu equipo la versión 1909.
Vuelves y nos comentas si así se repararon los errores.
Salu2
Hola, he seguido los pasos, a la hora de ir a la web y darle a actualizar ahora y bajarme el paquete, al ejecutarlo no me instala nada, me sale un mensaje que dice: Gracias por actualizar a la versión más reciente de Windows 10, pero sin instalar nada, opción de Salir y nada más. El Firewall permanece con el mismo error, da igual tenga o no instalado o desinstalado el Antivirus.
Saludos y Feliz Año.
Hola @Dhampird
El proceso puede tardar bastante tiempo debes tener paciencia y esperar,
Vuelve a realizar el proceso, según la velocidad de tu internet, yo he tardado desde 3 a 6 hs para actualizar, y en algunos casos hasta 24 hs para descargar una actualización completa ya que en mi pueblo la internet es muy lenta.
Nos comentas.
Salu2
Hola, nada, no instala nada, he dejado 3 dias la ventana esa abierta del update de la pagina pero no actualiza nada. Saludos.
Hola @Dhampird
Dado el tiempo transcurrido, debes actualizar los reportes de FSS.exe y FRST, los ejecutas nuevamente y nos traes los nuevos logs.
Salu2
Hola, el reporte de FRST Parte1
Resultado del análisis realizado por Farbar Recovery Scan Tool (FRST) (x64) Versión: 18-01-2020
Ejecutado por DHAMPIRD (administrador) sobre FOXHOUNDI7 (Gigabyte Technology Co., Ltd. To be filled by O.E.M.) (21-01-2020 20:22:22)
Ejecutado desde C:\Users\DHAMPIRD\Desktop
Perfiles cargados: DHAMPIRD (Perfiles disponibles: DHAMPIRD)
Platform: Windows 10 Pro Versión 1909 18363.592 (X64) Idioma: Español (España, internacional)
Navegador predeterminado: FF
Modo de Inicio: Normal
Tutorial para Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Procesos (Lista blanca) =================
(Si una entrada es incluida en el fixlist, el proceso será cerrado. El archivo no será movido.)
() [Archivo no firmado] C:\altera\13.0\quartus\bin64\jtagserver.exe
() [Archivo no firmado] C:\Program Files (x86)\ccxgui\ccxStream.exe
() [Archivo no firmado] C:\Program Files (x86)\myiHome\app\myiHome-server.exe
() [Archivo no firmado] C:\Program Files\Elgato\SoundCapture\SoundCapture.exe
([XC]D-Ice) [Archivo no firmado] C:\Program Files (x86)\ccxgui\ccXservice.exe
(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Adobe Systems Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(Aleksey Cherkasskiy -> ) [Archivo no firmado] C:\Program Files (x86)\HDD Health\HDDHealthService.exe
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc. -> Apple, Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\secd.exe
(Arvato Digital Services Canada Inc -> arvato digital services llc) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Autodesk, Inc -> Autodesk Inc.) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe
(Autodesk, Inc -> Autodesk Inc.) C:\Windows\Temp\AdAppMgrUpdater.exe
(Binary Fortress Software Ltd. -> Binary Fortress Software) C:\Program Files (x86)\DisplayFusion\DisplayFusionService.exe
(BitTorrent Inc.) [Archivo no firmado] C:\Users\DHAMPIRD\AppData\Roaming\uTorrent\uTorrent.exe
(Corsair Memory, Inc. -> Corsair Memory, Inc) C:\Program Files\Elgato\StreamDeck\StreamDeck.exe
(Corsair Memory, Inc. -> Elgato Systems) C:\Program Files\Elgato\ControlCenter\ControlCenter.exe
(Disc Soft Ltd -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Pro\DiscSoftBusServicePro.exe
(Disc Soft Ltd -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Pro\DTShellHlp.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Dropbox, Inc -> The Qt Company Ltd.) C:\Program Files (x86)\Dropbox\Client\88.4.172\QtWebEngineProcess.exe
(Dropbox, Inc -> The Qt Company Ltd.) C:\Program Files (x86)\Dropbox\Client\88.4.172\QtWebEngineProcess.exe
(Dropbox, Inc -> The Qt Company Ltd.) C:\Program Files (x86)\Dropbox\Client\88.4.172\QtWebEngineProcess.exe
(Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eguiProxy.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(FSL - Freesoftland) [Archivo no firmado] C:\Program Files (x86)\FSL\IconRestorer\IconRestorer.exe
(Garmin International, Inc. -> Garmin Ltd. or its subsidiaries) C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe
(Google Inc.) [Archivo no firmado] C:\Program Files (x86)\Google\Gmail Notifier\gnotify.exe
(Google LLC -> ) C:\Program Files\Google\Drive\googledrivesync.exe
(Google LLC -> ) C:\Program Files\Google\Drive\googledrivesync.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.422\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.422\GoogleCrashHandler64.exe
(GuinpinSoft inc) [Archivo no firmado] C:\Program Files\Common Files\cdarbsvc\cdarbsvc_v1.0.0_x64.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation - Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) [Archivo no firmado] C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
(Intel(R) Intel Network Drivers -> Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Logitech Inc -> ) C:\Program Files\Logitech\Collaboration\Services\Video\RightSightAPI\crashpad_handler.exe
(Logitech Inc -> Logitech Europe S.A.) C:\Program Files\Logitech\Collaboration\Services\Video\RightSightAPI\RightSightService.exe
(Logitech Inc -> Logitech) C:\Program Files\Logitech\Collaboration\Services\Video\ServiceLayer.exe
(Logitech Inc -> Logitech) C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOverlay.exe
(Logitech Inc -> Logitech, Inc.) C:\Program Files\Logitech\LogiOptions\LogiOptions.exe
(Logitech Inc -> Logitech, Inc.) C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOptionsMgr.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\DHAMPIRD\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\HelpPane.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeSH.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SecurityHealthHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.18362.590_none_5efc551459114cb9\TiWorker.exe
(Mixbyte Inc -> Freemake) C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Nero AG -> Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Nullsoft, Inc.) [Archivo no firmado] C:\Program Files (x86)\Winamp\winampa.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files\Java\jre1.8.0_231\bin\javaw.exe
(Plex, Inc -> ) C:\Program Files (x86)\Plex\Plex Media Server\Plex Tuner Service.exe
(Plex, Inc -> Plex, Inc.) C:\Program Files (x86)\Plex\Plex Media Server\Plex DLNA Server.exe
(Plex, Inc -> Plex, Inc.) C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe
(Plex, Inc -> Plex, Inc.) C:\Program Files (x86)\Plex\Plex Media Server\Plex Update Service.exe
(Plex, Inc -> Python Software Foundation) C:\Program Files (x86)\Plex\Plex Media Server\PlexScriptHost.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Sony Mobile Communications AB -> Sony) [Archivo no firmado] C:\Program Files\Sony\Xperia Companion\Service\XperiaCompanionService.exe
(The Qt Company Ltd.) [Archivo no firmado] C:\Program Files\Elgato\StreamDeck\QtWebEngineProcess.exe
(The Qt Company Ltd.) [Archivo no firmado] C:\Program Files\Elgato\StreamDeck\QtWebEngineProcess.exe
(The Qt Company Ltd.) [Archivo no firmado] C:\Program Files\Elgato\StreamDeck\QtWebEngineProcess.exe
(Tim Kosse -> FileZilla Project) C:\Program Files (x86)\FileZilla Server\FileZilla Server.exe
(Wacom Technology Corp. -> Wacom Technology) C:\Program Files\Tablet\Wacom\WacomHost.exe
(Wacom Technology Corporation -> Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe
(Wacom Technology Corporation -> Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe
(Wacom Technology Corporation -> Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe
(Wacom Technology Corporation -> Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\WTabletServicePro.exe
(WESTERN DIGITAL TECHNOLOGIES -> Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
(WESTERN DIGITAL TECHNOLOGIES -> Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe
(Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Wondershare\drfone\Library\DriverInstaller\DriverInstall.exe
(Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Wondershare\WAF\2.4.3.237\WsAppService.exe
==================== Registro (Lista blanca) ===================
(Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8497368 2015-07-07] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [322472 2015-07-27] (Intel Corporation - Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2872400 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [Elgato Sound Capture] => C:\Program Files\Elgato\SoundCapture\SoundCapture.exe [1234944 2019-02-12] () [Archivo no firmado]
HKLM\...\Run: [Control Center] => C:\Program Files\Elgato\ControlCenter\ControlCenter.exe [835944 2019-02-08] (Corsair Memory, Inc. -> Elgato Systems)
HKLM\...\Run: [Stream Deck] => C:\Program Files\Elgato\StreamDeck\StreamDeck.exe [8130920 2019-04-17] (Corsair Memory, Inc. -> Corsair Memory, Inc)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [302904 2019-10-25] (Apple Inc. -> Apple Inc.)
HKLM\...\Run: [LogiOptions] => C:\Program Files\Logitech\LogiOptions\LogiOptions.exe [2179208 2019-08-27] (Logitech Inc -> Logitech, Inc.)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmds.exe [183088 2019-11-29] (ESET, spol. s r.o. -> ESET)
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe [1178400 2015-08-07] (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [6261760 2020-01-07] (Dropbox, Inc -> Dropbox, Inc.)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [Archivo no firmado]
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [1871344 2018-02-02] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
HKLM-x32\...\Run: [WD Drive Unlocker] => C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe [1694080 2013-06-18] (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [WD Quick View] => C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe [5571944 2016-04-19] (WESTERN DIGITAL TECHNOLOGIES -> Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [Autodesk Desktop App] => C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe [721856 2016-07-01] (Autodesk, Inc -> Autodesk, Inc.)
HKLM-x32\...\Run: [WinampAgent] => C:\Program Files (x86)\Winamp\winampa.exe [74752 2012-06-28] (Nullsoft, Inc.) [Archivo no firmado]
HKLM-x32\...\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] => C:\Program Files (x86)\Google\Gmail Notifier\gnotify.exe [479232 2005-07-15] (Google Inc.) [Archivo no firmado]
HKLM-x32\...\Run: [PWRISOVM.EXE] => C:\Program Files (x86)\PowerISO\PWRISOVM.EXE [167936 2008-07-07] (PowerISO Computing, Inc.) [Archivo no firmado]
HKLM-x32\...\Run: [CloneCDTray] => C:\Program Files (x86)\SlySoft\CloneCD\CloneCDTray.exe [57344 2009-01-29] (SlySoft, Inc.) [Archivo no firmado]
HKLM-x32\...\Run: [Nikon Message Center 2] => C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe [619008 2010-05-25] (Nikon Corporation) [Archivo no firmado]
HKLM-x32\...\Run: [MMTray] => C:\Program Files (x86)\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe [114688 2003-10-01] (MUSICMATCH, Inc.) [Archivo no firmado]
HKLM-x32\...\Run: [FileZilla Server Interface] => C:\Program Files (x86)\FileZilla Server\FileZilla Server Interface.exe [2770088 2017-02-08] (Tim Kosse -> FileZilla Project)
HKLM-x32\...\Run: [iSkysoft Helper Compact.exe] => C:\Program Files (x86)\Common Files\iSkysoft\iSkysoft Helper Compact\ISHelper.exe [2138272 2016-10-08] (Shenzhen Yi Xing Investment Co., Ltd. -> iSkySoft)
HKLM-x32\...\Run: [LogiFEPluginforLync2010] => C:\Program Files (x86)\Common Files\LogiShrd\LogiFEPluginforLync2010\4.0\LogiFEC.exe [296216 2018-02-12] (Logitech Inc -> Logitech,Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [645648 2019-10-05] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-3597564769-968549059-3920177797-1005\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1421736 2017-03-28] (Garmin International, Inc. -> Garmin Ltd. or its subsidiaries)
HKU\S-1-5-21-3597564769-968549059-3920177797-1005\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3284944 2019-11-14] (Valve -> Valve Corporation)
HKU\S-1-5-21-3597564769-968549059-3920177797-1005\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2019-10-25] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-3597564769-968549059-3920177797-1005\...\Run: [XperiaCompanionAgent] => C:\Program Files (x86)\Sony\Xperia Companion\XperiaCompanionAgent.exe [2097024 2017-03-21] (Sony Mobile Communications AB -> Sony) [Archivo no firmado]
HKU\S-1-5-21-3597564769-968549059-3920177797-1005\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [110392 2019-10-25] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-3597564769-968549059-3920177797-1005\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [67896 2019-10-25] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-3597564769-968549059-3920177797-1005\...\Run: [iCloudPhotos] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe [356664 2019-10-25] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-3597564769-968549059-3920177797-1005\...\Run: [Discord] => C:\Users\DHAMPIRD\AppData\Local\Discord\app-0.0.305\Discord.exe [81780056 2019-03-07] (Discord Inc. -> Discord Inc.)
HKU\S-1-5-21-3597564769-968549059-3920177797-1005\...\Run: [DisplayFusion] => C:\Program Files (x86)\DisplayFusion\DisplayFusion.exe [9013136 2018-06-27] (Binary Fortress Software Ltd. -> Binary Fortress Software)
HKU\S-1-5-21-3597564769-968549059-3920177797-1005\...\Run: [Plex Media Server] => C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe [24120296 2019-10-08] (Plex, Inc -> Plex, Inc.)
HKU\S-1-5-21-3597564769-968549059-3920177797-1005\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [47773264 2019-12-22] (Google LLC -> )
HKU\S-1-5-21-3597564769-968549059-3920177797-1005\...\Run: [DAEMON Tools Pro Agent] => C:\Program Files\DAEMON Tools Pro\DTAgent.exe [4506304 2017-05-17] (Disc Soft Ltd -> Disc Soft Ltd)
HKU\S-1-5-21-3597564769-968549059-3920177797-1005\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [24552064 2019-10-14] (Piriform Software Ltd -> Piriform Ltd)
HKU\S-1-5-18\...\Run: [Plex Media Server] => C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe [24120296 2019-10-08] (Plex, Inc -> Plex, Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\79.0.3945.130\Installer\chrmstp.exe [2020-01-16] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\GIGABYTE OC_GURU.lnk [2016-07-12]
ShortcutTarget: GIGABYTE OC_GURU.lnk -> C:\Program Files (x86)\GIGABYTE\GIGABYTE OC_GURU II\OC_GURU.exe (GIGABYTE Technology Co.,Ltd.) [Archivo no firmado]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HDDHealth.lnk [2019-08-10]
ShortcutTarget: HDDHealth.lnk -> C:\Program Files (x86)\HDD Health\hddhealth.exe (Aleksey Cherkasskiy -> PANTERASoft) [Archivo no firmado]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Logitech Desktop Messenger.lnk [2016-08-14]
ShortcutTarget: Logitech Desktop Messenger.lnk -> C:\Program Files (x86)\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe (Logitech) [Archivo no firmado]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\myiHome Server.lnk [2019-02-22]
ShortcutTarget: myiHome Server.lnk -> C:\Program Files (x86)\myiHome\app\myiHome-server.exe () [Archivo no firmado]
Startup: C:\Users\DHAMPIRD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\IconRestorer.lnk [2018-08-30]
ShortcutTarget: IconRestorer.lnk -> C:\Program Files (x86)\FSL\IconRestorer\IconRestorer.exe (FSL - Freesoftland) [Archivo no firmado]
Startup: C:\Users\DHAMPIRD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk [2018-02-06]
ShortcutTarget: MEGAsync.lnk -> C:\Users\DHAMPIRD\AppData\Local\MEGAsync\MEGAsync.exe (Mega Limited -> Mega Limited)
==================== Tareas programadas (Lista blanca) ============
(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)
Task: {0EFD3FCB-C309-47A0-BFC4-4DA10C51CF71} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload => {EBF00FCB-0769-4B81-9BEC-6C05514111AA}
Task: {11FA98AF-E466-4B43-BCFC-00CB85E594AB} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2872400 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {154DB33C-D05B-478C-A85A-D588ED62AFAB} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1240656 2019-09-10] (Adobe Inc. -> Adobe Systems)
Task: {155C0CAD-D188-48F0-A155-7544DE8A546E} - System32\Tasks\{672B90E3-A8A3-40CC-90A1-24CCB547A947} => C:\Windows\system32\pcalua.exe -a "D:\PC SOFT\SOFTWARE\TOOL.VISUAL BASIC\Visual Basic Runtimes\Visual Basic runtimes.exe" -d "D:\PC SOFT\SOFTWARE\TOOL.VISUAL BASIC\Visual Basic Runtimes"
Task: {1D06A6D2-0110-41E5-A1E2-769442D2078D} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_314_Plugin.exe [1457720 2020-01-14] (Adobe Inc. -> Adobe)
Task: {2A8C4A0A-4380-423D-AA48-74A922EE57DC} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {2D7B3A7E-AC61-4C13-8567-65DFF489972B} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [914456 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {307EAC23-0F1A-43B3-B15E-59D4B8FBB068} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [18458752 2019-10-14] (Piriform Software Ltd -> Piriform Ltd)
Task: {31625531-F27E-48E1-827D-3517C282F752} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [608384 2019-10-14] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {31E90574-84A9-47D4-8CB1-C48004F6E0D6} - System32\Tasks\{CD065C4C-4BE5-40D0-8A89-499708668B6A} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\Ps2\hdl_dumb-0.8.3\hdl_dumb.exe" -d "C:\Program Files (x86)\Ps2\hdl_dumb-0.8.3"
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {380C03C0-B724-43A3-B5BF-B8FE96607634} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {4AC3A237-4DDC-455F-A563-7F74271057DB} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-07-28] (Dropbox, Inc -> Dropbox, Inc.)
Task: {5170E9E4-952D-45A0-A65E-292D4A266AAD} - System32\Tasks\Microsoft\VisualStudio\VSIX Auto Update 15.6.152 => C:\Program Files (x86)\Microsoft Visual Studio\Installer\resources\app\ServiceHub\Services\Microsoft.VisualStudio.Setup.Service\VSIXAutoUpdate.exe [197056 2018-03-20] (Microsoft Corporation -> )
Task: {51729D3C-90A4-410B-BB70-484D33232F29} - System32\Tasks\Microsoft Office 15 Sync Maintenance for FOXHOUNDi7-DHAMPIRD FOXHOUNDi7 => C:\Program Files\Microsoft Office\Office15\MsoSync.exe [470720 2014-11-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {537E51EF-2428-4E9E-A6B8-3879FDB058EB} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1134104 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {58F0E95E-3362-47E6-9C0B-63A24DC86600} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [152216 2016-07-12] (Google Inc -> Google Inc.)
Task: {5A3FB241-0B11-4EA5-BC66-0D9F1B406040} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\BthSQM => {C8367320-6F85-11E0-A1F0-0800200C9A66} C:\WINDOWS\System32\BthTelemetry.dll [32256 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
Task: {697AB824-3A7F-423C-857A-E6FEABAB3628} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [1722880 2019-06-25] () [Archivo no firmado]
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task => {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Task: {741FE548-6201-4214-B612-8F6B31BB8FB7} - System32\Tasks\{3D22ECEA-BF69-4F06-ACAE-BC5C0FE5B693} => C:\Users\DHAMPIRD\AppData\Local\Temp\mwbF4E3.tmp\mb-support.exe
Task: {7596F2DC-3AA6-4974-ADA6-0867D9A94A65} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-12-05] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {7AF1CBE3-5BCB-4435-98A5-CB630A56099C} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-01-14] (Adobe Inc. -> Adobe)
Task: {7C810065-0373-4D8D-92FF-F2C0E0ED5A3F} - System32\Tasks\MEGA\MEGAsync Update Task S-1-5-21-3597564769-968549059-3920177797-1005 => C:\Users\DHAMPIRD\AppData\Local\MEGAsync\MEGAupdater.exe [615160 2019-06-28] (Mega Limited -> Mega Limited)
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task => {1B1F472E-3221-4826-97DB-2C2324D389AE}
Task: {8EE3756D-C642-4D0C-AF80-57008E3FA9D7} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1134104 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {9EF4F4A6-1261-442B-A5A3-F4EA5A2B20D3} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1134104 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {A4BC941D-73E6-4E1F-963F-E75DB256EBB8} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-07-28] (Dropbox, Inc -> Dropbox, Inc.)
Task: {AC364387-4F5D-49C2-9A29-FF0E0F292200} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [616832 2019-09-04] (Apple Inc. -> Apple Inc.)
Task: {B1B2FA4B-3EC4-4D1A-B42F-7C3E81580980} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [914456 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {B26DD0F3-25B1-4B95-941A-D952845F2FD4} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [653848 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {BD293954-FDEA-4DE7-8091-2CC38B2F1869} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-12-05] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {C34A8F91-AD9A-4F3A-B286-1DDB9FED031D} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {C9DEA6FB-DB92-435F-B4EC-B0A5DAA9ED1E} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [1626328 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {CA7B314B-D9D2-4D95-A0A9-F0B5650CF259} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3302880 2019-12-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {CE2DE968-E342-40D7-9566-427D45E4A886} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {F1D96832-118B-46DB-ADC7-768A8357020F} - System32\Tasks\AdobeAAMUpdater-1.0-FOXHOUNDi7-DHAMPIRD => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {F6F6D1CE-F46E-47A1-A447-F5C2DD312115} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1134104 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {F9B5F139-6F34-4634-B9C4-6607803B3930} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [39848 2017-03-28] (Garmin International, Inc. -> )
Task: {FCF90515-72C1-4B79-9137-A42EA3DAB559} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [152216 2016-07-12] (Google Inc -> Google Inc.)
Task: {FD9002B0-2C22-48E0-8C63-D2E96B6B99E9} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe [67896 2019-10-25] (Apple Inc. -> Apple Inc.)
(Si una entrada es incluida en el fixlist, el archivo de tarea (.job) será movido. El archivo que está siendo ejecutado por la tarea no será movido.)
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
==================== Internet (Lista blanca) ====================
(Si un elemento es incluido en el fixlist, y éste pertenece al registro, será eliminado o restaurado a su valor predeterminado.)
Hosts: Hay más de una entrada en Hosts. Consulte la sección Hosts de Addition.txt
Tcpip\Parameters: [DhcpNameServer] 213.60.205.175
Tcpip\..\Interfaces\{79d115bc-ecf5-42c2-b808-5545f548ba5c}: [DhcpNameServer] 213.60.205.175
Internet Explorer:
==================
HKU\S-1-5-21-3597564769-968549059-3920177797-1005\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.es/
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2014-11-12] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_231\bin\ssv.dll [2019-12-07] (Oracle America, Inc. -> Oracle Corporation)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2016-06-30] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2014-11-12] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_231\bin\jp2ssv.dll [2019-12-07] (Oracle America, Inc. -> Oracle Corporation)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2016-06-30] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2014-10-22] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_231\bin\ssv.dll [2019-12-07] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2016-06-30] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2014-11-12] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_231\bin\jp2ssv.dll [2019-12-07] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2016-06-30] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2016-06-30] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2016-06-30] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKU\S-1-5-21-3597564769-968549059-3920177797-1005 -> Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2016-06-30] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2014-10-15] (Microsoft Corporation -> Microsoft Corporation)
FireFox:
========
FF DefaultProfile: c5y9yd2v.default-1496602388133
FF ProfilePath: C:\Users\DHAMPIRD\AppData\Roaming\Mozilla\Firefox\Profiles\c5y9yd2v.default-1496602388133 [2020-01-21]
FF DownloadDir: F:\WEBDOWN
FF Homepage: Mozilla\Firefox\Profiles\c5y9yd2v.default-1496602388133 -> hxxps://www.google.es
FF Notifications: Mozilla\Firefox\Profiles\c5y9yd2v.default-1496602388133 -> hxxps://www.aussiearcade.com; hxxps://web.wallapop.com; hxxps://darkumbra.net; hxxps://newsupdatesky.info; hxxps://emumovies.com; hxxps://hyperspin-fe.com; hxxps://entierradegamers.com; hxxps://www.softzone.es; hxxps://mail.google.com; hxxps://oraronerethet.info; hxxps://andalbrighth.pro; hxxps://uploadbuzz.org; hxxps://errorkit.com; hxxps://clk.ink; hxxps://www.subdivx.com; hxxps://www.avpasion.com; hxxp://localhost:8096; hxxps://oko.sh; hxxps://descargarsubs.xyz; hxxps://0.nextyourcontent.com; hxxps://1.nextyourcontent.com; hxxps://notification-list.com; hxxps://www.adslzone.net; hxxps://forospyware.com; hxxps://gplinks.in; hxxps://descargaonline.xyz; hxxps://estoyhechouncocinillas.com; hxxps://www.radikal-gamez.net
FF Extension: (signTextJS plus) - C:\Users\DHAMPIRD\AppData\Roaming\Mozilla\Firefox\Profiles\c5y9yd2v.default-1496602388133\Extensions\[email protected] [2019-02-13]
FF Extension: (Hola VPN Proxy) - C:\Users\DHAMPIRD\AppData\Roaming\Mozilla\Firefox\Profiles\c5y9yd2v.default-1496602388133\Extensions\{b2c23af9-126b-4273-952f-6b1809356086}.xpi [2018-06-09]
FF Extension: (Adblock Plus - bloqueador de anuncios gratis) - C:\Users\DHAMPIRD\AppData\Roaming\Mozilla\Firefox\Profiles\c5y9yd2v.default-1496602388133\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2019-10-23]
FF Extension: (Greasemonkey) - C:\Users\DHAMPIRD\AppData\Roaming\Mozilla\Firefox\Profiles\c5y9yd2v.default-1496602388133\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2019-06-13]
FF Extension: (MTS play youtube inside facebook) - C:\Users\DHAMPIRD\AppData\Roaming\Mozilla\Firefox\Profiles\c5y9yd2v.default-1496602388133\Extensions\{fb6ba290-4286-46bb-a8a4-225d1e4fe6ce}.xpi [2018-10-20]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Extension: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2018-02-02]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_314.dll [2020-01-14] (Adobe Inc. -> )
FF Plugin: @java.com/DTPlugin,version=11.231.2 -> C:\Program Files\Java\jre1.8.0_231\bin\dtplugin\npDeployJava1.dll [2019-12-07] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.231.2 -> C:\Program Files\Java\jre1.8.0_231\bin\plugin2\npjp2.dll [2019-12-07] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-07-29] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_314.dll [2020-01-14] (Adobe Inc. -> )
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.231.2 -> C:\Program Files (x86)\Java\jre1.8.0_231\bin\dtplugin\npDeployJava1.dll [2019-12-07] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.231.2 -> C:\Program Files (x86)\Java\jre1.8.0_231\bin\plugin2\npjp2.dll [2019-12-07] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2014-10-22] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-13] (Google LLC -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-13] (Google LLC -> Google LLC)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Ningún archivo]
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Ningún archivo]
FF Plugin-x32: @videolan.org/vlc,version=3.0.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Ningún archivo]
FF Plugin-x32: @videolan.org/vlc,version=3.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Ningún archivo]
FF Plugin-x32: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Ningún archivo]
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2018-02-02] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-12-02] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-07-29] (Adobe Systems Incorporated -> Adobe Systems)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\eset_security_config_overlay.js [2020-01-21]
Chrome:
=======
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Profile: C:\Users\DHAMPIRD\AppData\Local\Google\Chrome\User Data\Default [2019-12-26]
CHR Extension: (Presentaciones) - C:\Users\DHAMPIRD\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-02-01]
CHR Extension: (Documentos) - C:\Users\DHAMPIRD\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-02-01]
CHR Extension: (Google Drive) - C:\Users\DHAMPIRD\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-07-12]
CHR Extension: (YouTube) - C:\Users\DHAMPIRD\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-07-12]
CHR Extension: (Adblock Plus - bloqueador de anuncios gratis) - C:\Users\DHAMPIRD\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2019-12-09]
CHR Extension: (Búsqueda de Google) - C:\Users\DHAMPIRD\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-07-12]
CHR Extension: (Adobe Acrobat) - C:\Users\DHAMPIRD\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2019-10-15]
CHR Extension: (Hojas de cálculo) - C:\Users\DHAMPIRD\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-02-01]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\DHAMPIRD\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-11-08]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\DHAMPIRD\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2019-05-27]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\DHAMPIRD\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-15]
CHR Extension: (Gmail) - C:\Users\DHAMPIRD\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-05-27]
CHR Extension: (Chrome Media Router) - C:\Users\DHAMPIRD\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-12-09]
CHR Profile: C:\Users\DHAMPIRD\AppData\Local\Google\Chrome\User Data\System Profile [2019-12-26]
CHR HKU\S-1-5-21-3597564769-968549059-3920177797-1005\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
==================== Servicios (Lista blanca) ===================