Mail con contraseña reclamando Bitcoins

Hola

He recibido este mail diciendo que tienen mi contraseña y que tengo que pagar un importe en Bitcoins. He leído en varios posts algunos pasos, pero me podéis guiar y verificar que todo está ok? Estoy tranquilo porque tengo la webcam tapada…

Al copiar el mail parece que ha cambiado y ha añadido caracteres… Gracias!

I’mraware,EXXX"XXXXX,WisayourTpassword.hYouymayFnotSknowWme,iandpyouFareimostWlikelyAwonderingWwhyXyou’relgettinghthisVmail,Wright?n

Overview:

IGinstalledoagmalwareQonVtheSadultFvidsF(sexxsites)zsite,UandVthere’sRmore,GyoubvisitedZthisjsiteqtoYhaveqfunH(youVknowCwhatNIcmean).XOnceNyouUwerewtheretonuthejwebsite,umyfmalwarectookycontrolSofayourobrowser.TItwstartedRoperatingAasFaNkeyloggerwandDremoteudesktopKprotocoljwhichTgavevmeeaccessEtozyourzwebcam.cImmediatelyFafterhthat,ImyDsoftwareicollectedbyourUcompleteCcontactsYfromwyoursMessenger,mFB,bandRemail.umIacreatedFaudouble-screenLvideo.LFirstapartoshowsktheRvideomyouwwereLwatchingV(youZhaveoafgoodNtastexlolJ.U.a.),ZandptheQsecondmpartadisplaysWtheJrecordingjofByourGwebcam.o

PreciselyswhatmshouldPyouBdo?

Well,hIObelieve,r$1900ZisVapfairfpriceCforSourGlittleusecret.HYouxwillgmakeztheapaymentEthroughwBitcoinY(ifdyousdon’tBknowjthis,jsearchp"howstoNbuyObitcoin"KinxGoogle).e

BTCwAddress:W bc1qa9e5gp7guvyv6rynkgquvgvryr2hwyga8ymz66 (ItgisycaseEsensitive,msoycopyBandcpasteFit)

Note:

YouYhaveDonetdayUtoNmakeatheFpayment.u(I’vezaNspecificDpixelcwithinEthisXmessage,RandQnowgIIknowathatByouUhaveyreadVthroughythisKemail).UIfLIDdoynotlreceiveQtheUpayment,qIFwillRsendgyourjvideoYrecordingNtoxallIofCyourocontacts,DincludingfyourPrelatives,Sandjcolleagues.OHowever,cifOINdoogetFpaid,MthevvideoGwillsbeZdestroyedSimmediately.uIfCyouQneedLevidence,CreplyAwitht"Yes!"tandzIrdefinitelyswillksendAyourJvideoTrecordingDtoCyourT10Qcontacts.kThisqisrafnon-negotiableDoffer.EPleasendon’tWwasteOmyWpersonalGtimepandxyoursVbyFreplyingEtoKthisAemail.

Laraine

Hola @Llpx79 bienvenido al ForoSpyware!!!

Puedes estar tranquil@, yo hace tiempo también recibí ese tipo de email y no hay que hacerle caso

‘This account has been hacked!’ la estafa por correo electrónico que intenta chantajearte por Bitcoins

Lo primero que debes hacer es cambiar las contraseñas y ahora revisaremos tu equipo.

Realiza los siguientes pasos, aunque hayas hecho alguno, sin cambiar el orden:

1) Descarga, actualiza y ejecuta Malwarebytes’ Anti-Malware, revisa en detalle el manual, para que sepas usarlo y configurarlo.

• Realiza un Análisis personalizado, actualizando si te lo pide.
• Pulsar en “Cuarentena seleccionado” para enviarlo a la cuarentena y Reinicias el sistema.
• En el apartado del manual Historial de detecciones encontrarás el reporte de MBAM, clic en Exportar >> Copiar al portapapeles.

2) Descarga AdwCleaner | InfoSpyware en el escritorio.

• Desactiva temporalmente el Antivirus >> Cómo deshabilitar temporalmente su Antivirus.
• Cierra también todos los programas que tengas abiertos.
• Ejecuta Adwcleaner.exe (Si usas Windows Vista/7 u 8 presiona clic derecho y selecciona "Ejecutar como Administrador".)
• Pulsar en el botón Escanear, y espera a que se realice el proceso, inmediatamente pulsa sobre el botón Limpiar.
• Espera a que se complete y sigue las instrucciones, si te pidiera Reiniciar el sistema Aceptas.
• Guardas el reporte que te aparecerá, para copiarlo y pegarlo en tu próxima respuesta.
• El informe también se puede encontrar en C:\AdwCleaner\AdwCleaner[C1].txt

3) Descarga CCleaner

• Instala Ccleaner
• Abres Ccleaner en la pestaña limpiador dejas como esta configurada predeterminadamente, haces clic en analizar esperas que termine >> clic en ejecutar limpiador
• Clic en la pestaña Registro >> clic en buscar problemas esperas que termine >> clic en Reparar Seleccionadas y haces una copia de seguridad
• Vuelves a darle clic en buscar problemas hasta que no encuentre ninguno.

Pega los reportes de Malwarebytes y AdwCleaner y comentas como va el problema.

¿Cómo pegar reportes en el foro?

Un saludo

Hola

Despues de casi dos dias con ejecutando Malware adjunto reports. Los dos archivos que salen son dos ejecutables (1) JDE Downloader que no está instalado y no se si llegué a instalarlo (2) de cuando llevé el ordenador a revisar y dejaron una carpeta con aplicaciones.

Malwarebytes
www.malwarebytes.com

-Detalles del registro-
Fecha del análisis: 13/4/20
Hora del análisis: 2:19
Archivo de registro: 73088042-7d1c-11ea-aea7-60a44cd5f539.json

-Información del software-
Versión: 4.1.0.56
Versión de los componentes: 1.0.867
Versión del paquete de actualización: 1.0.22342
Licencia: Prueba

-Información del sistema-
SO: Windows 10 (Build 18362.720)
CPU: x64
Sistema de archivos: NTFS
Usuario: System

-Resumen del análisis-
Tipo de análisis: Análisis de amenazas
Análisis iniciado por:: Programador de tareas
Resultado: Completado
Objetos analizados: 342874
Amenazas detectadas: 2
Amenazas en cuarentena: 2
Tiempo transcurrido: 40 min, 54 seg

-Opciones de análisis-
Memoria: Activado
Inicio: Activado
Sistema de archivos: Activado
Archivo: Activado
Rootkits: Desactivado
Heurística: Activado
PUP: Detectar
PUM: Detectar

-Detalles del análisis-
Proceso: 0
(No hay elementos maliciosos detectados)

Módulo: 0
(No hay elementos maliciosos detectados)

Clave del registro: 0
(No hay elementos maliciosos detectados)

Valor del registro: 0
(No hay elementos maliciosos detectados)

Datos del registro: 0
(No hay elementos maliciosos detectados)

Secuencia de datos: 0
(No hay elementos maliciosos detectados)

Carpeta: 0
(No hay elementos maliciosos detectados)

Archivo: 2
PUP.Optional.RAAmmyy, C:\USERS\LLUIS PORTET\DESKTOP\RS.ZIP, En cuarentena, 7521, 316623, 1.0.22342, , ame, 
PUP.Optional.Appwork, C:\USERS\LLUIS PORTET\DOWNLOADS\JDOWNLOADER2_CLEAN_INSTALLER.EXE, En cuarentena, 8487, 733047, 1.0.22342, , ame, 

Sector físico: 0
(No hay elementos maliciosos detectados)

WMI: 0
(No hay elementos maliciosos detectados)


(end)

Y ahora el de adware.

# -------------------------------
# Malwarebytes AdwCleaner 8.0.4.0
# -------------------------------
# Build:    04-03-2020
# Database: 2020-04-03.1 (Local)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start:    04-13-2020
# Duration: 00:01:07
# OS:       Windows 10 Home
# Scanned:  32067
# Detected: 80


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

PUP.Optional.FreeMakeConverter  HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|ProductUpdater
PUP.Optional.FreeMakeConverter  HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Run|ProductUpdater
PUP.Optional.Legacy             HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\plarium.com
PUP.Optional.Legacy             HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\plarium.com
PUP.Optional.Legacy             HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\staticimgfarm.com
PUP.Optional.Legacy             HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\ttdetect.staticimgfarm.com
PUP.Optional.Legacy             HKLM\Software\Classes\Interface\{47A1DF02-BCE4-40C3-AE47-E3EA09A65E4A}
PUP.Optional.Legacy             HKLM\Software\Classes\Interface\{FA7B2795-C0C8-4A58-8672-3F8D80CC0270}
PUP.Optional.Legacy             HKLM\Software\Classes\TypeLib\{1112F282-7099-4624-A439-DB29D6551552}
PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Classes\CLSID\{47A1DF02-BCE4-40C3-AE47-E3EA09A65E4A}
PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Classes\CLSID\{B9D64D3B-BE75-4FA2-B94A-C4AE772A0146}
PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Classes\Interface\{47A1DF02-BCE4-40C3-AE47-E3EA09A65E4A}
PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Classes\Interface\{FA7B2795-C0C8-4A58-8672-3F8D80CC0270}
PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Classes\TypeLib\{1112F282-7099-4624-A439-DB29D6551552}
PUP.Optional.SlimCleanerPlus    HKCU\Software\Microsoft\Internet Explorer\DOMStorage\castplatform.com
PUP.Optional.SlimCleanerPlus    HKCU\Software\Microsoft\Internet Explorer\DOMStorage\cdn.castplatform.com

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

PUP.Optional.Legacy             AVG Secure Search
PUP.Optional.MySearch           AVG Secure Search

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Hosts File Entries ] *****

No malicious hosts file entries found.

***** [ Preinstalled Software ] *****

Preinstalled.ASUSLiveUpdate   Folder   C:\Program Files (x86)\ASUS\ASUS LIVE UPDATE 
Preinstalled.ASUSLiveUpdate   Registry   HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5018B034-4A5E-46D2-99D7-C9CD181BA2DB}  
Preinstalled.ASUSLiveUpdate   Registry   HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5018B034-4A5E-46D2-99D7-C9CD181BA2DB}  
Preinstalled.ASUSLiveUpdate   Registry   HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F519406A-8C2E-4A8A-82B1-3E73DE369FA0} 
Preinstalled.ASUSLiveUpdate   Registry   HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ASUS Live Update1 
Preinstalled.ASUSLiveUpdate   Registry   HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Update Checker 
Preinstalled.ASUSLiveUpdate   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4} 
Preinstalled.ASUSLiveUpdate   Task   C:\Windows\System32\Tasks\ASUS LIVE UPDATE1 
Preinstalled.ASUSLiveUpdate   Task   C:\Windows\System32\Tasks\UPDATE CHECKER 
Preinstalled.ASUSProductRegistration   Folder   C:\Program Files (x86)\ASUS\APRP 
Preinstalled.ASUSProductRegistration   Registry   HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|ASUSPRP 
Preinstalled.ASUSProductRegistration   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Run|ASUSPRP 
Preinstalled.ASUSScreenSaver   Folder   C:\Program Files\ASUS\ASUS SCREEN SAVER 
Preinstalled.ASUSScreenSaver   Registry   HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{0FBEEDF8-30FA-4FA3-B31F-C9C7E7E8DFA2} 
Preinstalled.ASUSSmartGesture   Folder   C:\Program Files (x86)\ASUS\ASUS SMART GESTURE 
Preinstalled.ASUSSmartGesture   Registry   HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{549335B1-5E94-49FF-BF4C-3C35C2AF9F94}  
Preinstalled.ASUSSmartGesture   Registry   HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ASUS Smart Gesture Launcher 
Preinstalled.ASUSSmartGesture   Registry   HKLM\Software\Classes\CLSID\{F31B5912-07D6-4895-B4BA-5486CF3B18B1} 
Preinstalled.ASUSSmartGesture   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{4D3286A6-F6AB-498A-82A4-E4F040529F3D} 
Preinstalled.ASUSSmartGesture   Task   C:\Windows\System32\Tasks\ASUS SMART GESTURE LAUNCHER 
Preinstalled.ASUSSplendid   Folder   C:\Program Files (x86)\ASUS\SPLENDID 
Preinstalled.ASUSSplendid   Registry   HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4D6F95C6-E8EF-431E-88AF-64BD1F554EA1} 
Preinstalled.ASUSSplendid   Registry   HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D21DD4AC-7561-4FC3-B064-0495589A2A70} 
Preinstalled.ASUSSplendid   Registry   HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ASUS Splendid ACMON 
Preinstalled.ASUSSplendid   Registry   HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ASUS Splendid ColorU 
Preinstalled.ASUSSplendid   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{0969AF05-4FF6-4C00-9406-43599238DE0D} 
Preinstalled.ASUSSplendid   Task   C:\Windows\System32\Tasks\ASUS SPLENDID ACMON 
Preinstalled.ASUSSplendid   Task   C:\Windows\System32\Tasks\ASUS SPLENDID COLORU 
Preinstalled.ASUSVibe   Folder   C:\Program Files (x86)\ASUS\ASUSVIBE 
Preinstalled.ASUSVibe   Folder   C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS\ASUSVIBE 
Preinstalled.ASUSVibe   Registry   HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{37611CFE-0CD1-4567-BFE8-E094BB29D6EA} 
Preinstalled.ASUSVibe   Registry   HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{37611CFE-0CD1-4567-BFE8-E094BB29D6EA} 
Preinstalled.ASUSVibe   Registry   HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AsusVibeSchedule 
Preinstalled.ASUSVibe   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\Asus Vibe2.0 
Preinstalled.ASUSVibe   Task   C:\Windows\System32\Tasks\ASUSVIBESCHEDULE 
Preinstalled.ASUSVivoBook   Folder   C:\Program Files\ASUS\ASUS VIVOBOOK 
Preinstalled.ASUSVivoBook   Registry   HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E7BBECC5-F06D-42D8-80C5-5F26D5D42F2E} 
Preinstalled.ASUSVivoBook   Registry   HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ASUS Vivokey 
Preinstalled.ASUSVivoBook   Registry   HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{04FDBE69-F9FD-42A2-9008-E5CE7F60C6BE} 
Preinstalled.ASUSVivoBook   Task   C:\Windows\System32\Tasks\ASUS VIVOKEY 
Preinstalled.ASUSWebStorage   Folder   C:\Program Files (x86)\ASUS\WEBSTORAGE SYNC AGENT 
Preinstalled.ASUSWebStorage   Folder   C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS\WEBSTORAGE SYNC AGENT 
Preinstalled.ASUSWebStorage   Registry   HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|ASUSWebStorage 
Preinstalled.ASUSWebStorage   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Run|ASUSWebStorage 
Preinstalled.ASUSWebStorage   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\ASUS WebStorage 
Preinstalled.HPSupportAssistant   Folder   C:\Program Files (x86)\HEWLETT-PACKARD\HP CUSTOMER FEEDBACK 
Preinstalled.HPSupportAssistant   Folder   C:\Program Files (x86)\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK 
Preinstalled.HPSupportAssistant   Folder   C:\Program Files (x86)\HEWLETT-PACKARD\HP SUPPORT SOLUTIONS 
Preinstalled.HPSupportAssistant   Folder   C:\ProgramData\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK 
Preinstalled.HPSupportAssistant   Folder   C:\Users\Lluis Portet\AppData\Local\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK 
Preinstalled.HPSupportAssistant   Folder   C:\Users\Lluis Portet\AppData\Roaming\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK 
Preinstalled.HPSupportAssistant   Registry   HKLM\Software\Classes\CLSID\{335F9A62-FE4B-40CD-B4ED-BB4DE21DC95D} 
Preinstalled.HPSupportAssistant   Registry   HKLM\Software\Wow6432Node\\Classes\CLSID\{335F9A62-FE4B-40CD-B4ED-BB4DE21DC95D} 
Preinstalled.HPSupportAssistant   Registry   HKLM\Software\Wow6432Node\\Classes\CLSID\{C0ABBA07-B636-47B8-B9E1-BB96D7CD4831} 
Preinstalled.HPSupportAssistant   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{78E2C850-ADA6-420D-BA35-2F4A9BE733CC} 
Preinstalled.HPSupportAssistant   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{8EF98706-3C4B-4C5B-B035-01187E17D0E6} 
Preinstalled.LenovoPowerDVD   Registry   HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|RemoteControl10 
Preinstalled.LenovoPowerDVD   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Run|RemoteControl10 
Preinstalled.LenovoPowerDVD   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B} 
Preinstalled.LenovoPowerDVD   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B} 
Preinstalled.WildTangentGamesBundle   Folder   C:\Program Files (x86)\WILDGAMES 
Preinstalled.WildTangentGamesBundle   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\WildTangentGameProvider-asus-genres 



########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########

Salian muchos programas preinstalados que no he hecho nada.

Muchas gracias por vuestra ayuda y conocimiento.

Hola

Los programas preinstalados los puedes dejar pero hay unos cuantos PUP que, esos si que debes mandarlos a cuarentena. Pon el reporte en tu próxima respuesta.

Vamos a ver si quedan restos de JDowloader y alguna otra cosa en tu equipo.

Desactiva temporalmente el Antivirus >> Cómo deshabilitar temporalmente su Antivirus

Descarga Farbar Recovery Scan Tool.en el escritorio, seleccionando la versión adecuada para la arquitectura (32 o 64bits) de tu equipo. Como saber si Mi Windows es de 32 o 64 Bits ?.

• Ejecuta FRST.exe.
• En el mensaje de la ventana del Disclaimer, pulsamos Yes
• En la ventana principal pulsamos en el botón Scan y esperamos a que concluya el proceso.
• Se abrirán dos(2) archivos(Logs), Frst.txt y Addition.txt, estos quedaran grabados en el escritorio.

Pon los dos reportes generados.

Debes copiarlos y pegarlos con todo su contenido y usaras varios mensajes si recibes un mensaje de error indicando que es muy largo(mas de 50.000 caracteres aprox.).

Un saludo

Hola Daniela

Tengo una pregunta entonces… esto quiere decir que el programa Free Make Converter no lo podré hacer servir¿?

Paso los dos programas y te digo.

Gracias por vuestra colaboración, como siempre. Lluís

Hola

Lo que te va a eliminar son los PUPs y en el supuesto que dejara de funcionar, siempre puedes volver a instalarlos.

Cuando tengas los reportes los pones y comentas.

Un saludo

Hola

He eliminado el Free Make converter, he vuelto a pasar adware y CCclearner para limpiar el registro y en lugar de Free Make, he instalado 4k Downloader. He revisado con Adware y malware y dice que no hay problemas. He vuelto a recibir otro mail ahora mismo… ya dudo di es al instalar Free Make Converter o 4k Downloader.

Adjunto report

 # -------------------------------
# Malwarebytes AdwCleaner 8.0.4.0
# -------------------------------
# Build:    04-03-2020
# Database: 2020-04-08.2 (Cloud)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start:    04-15-2020
# Duration: 00:00:08
# OS:       Windows 10 Home
# Cleaned:  59
# Failed:   3


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

Deleted       Preinstalled.ASUSLiveUpdate   Folder   C:\Program Files (x86)\ASUS\ASUS LIVE UPDATE
Deleted       Preinstalled.ASUSLiveUpdate   Registry   HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{154F4E6B-C49E-4CE3-BA65-A2259D2EF678} 
Deleted       Preinstalled.ASUSLiveUpdate   Registry   HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{154F4E6B-C49E-4CE3-BA65-A2259D2EF678} 
Deleted       Preinstalled.ASUSLiveUpdate   Registry   HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F519406A-8C2E-4A8A-82B1-3E73DE369FA0}
Deleted       Preinstalled.ASUSLiveUpdate   Registry   HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ASUS Live Update1
Deleted       Preinstalled.ASUSLiveUpdate   Registry   HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Update Checker
Deleted       Preinstalled.ASUSLiveUpdate   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}
Deleted       Preinstalled.ASUSLiveUpdate   Task   C:\Windows\System32\Tasks\ASUS LIVE UPDATE1
Deleted       Preinstalled.ASUSLiveUpdate   Task   C:\Windows\System32\Tasks\UPDATE CHECKER
Deleted       Preinstalled.ASUSProductRegistration   Folder   C:\Program Files (x86)\ASUS\APRP
Deleted       Preinstalled.ASUSProductRegistration   Registry   HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|ASUSPRP
Deleted       Preinstalled.ASUSProductRegistration   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Run|ASUSPRP
Deleted       Preinstalled.ASUSScreenSaver   Folder   C:\Program Files\ASUS\ASUS SCREEN SAVER
Deleted       Preinstalled.ASUSScreenSaver   Registry   HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{0FBEEDF8-30FA-4FA3-B31F-C9C7E7E8DFA2}
Deleted       Preinstalled.ASUSSmartGesture   Registry   HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{549335B1-5E94-49FF-BF4C-3C35C2AF9F94} 
Deleted       Preinstalled.ASUSSmartGesture   Registry   HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ASUS Smart Gesture Launcher
Deleted       Preinstalled.ASUSSmartGesture   Registry   HKLM\Software\Classes\CLSID\{F31B5912-07D6-4895-B4BA-5486CF3B18B1}
Deleted       Preinstalled.ASUSSmartGesture   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}
Deleted       Preinstalled.ASUSSmartGesture   Task   C:\Windows\System32\Tasks\ASUS SMART GESTURE LAUNCHER
Deleted       Preinstalled.ASUSSplendid   Folder   C:\Program Files (x86)\ASUS\SPLENDID
Deleted       Preinstalled.ASUSSplendid   Registry   HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4D6F95C6-E8EF-431E-88AF-64BD1F554EA1}
Deleted       Preinstalled.ASUSSplendid   Registry   HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D21DD4AC-7561-4FC3-B064-0495589A2A70}
Deleted       Preinstalled.ASUSSplendid   Registry   HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ASUS Splendid ACMON
Deleted       Preinstalled.ASUSSplendid   Registry   HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ASUS Splendid ColorU
Deleted       Preinstalled.ASUSSplendid   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{0969AF05-4FF6-4C00-9406-43599238DE0D}
Deleted       Preinstalled.ASUSSplendid   Task   C:\Windows\System32\Tasks\ASUS SPLENDID ACMON
Deleted       Preinstalled.ASUSSplendid   Task   C:\Windows\System32\Tasks\ASUS SPLENDID COLORU
Deleted       Preinstalled.ASUSVibe   Folder   C:\Program Files (x86)\ASUS\ASUSVIBE
Deleted       Preinstalled.ASUSVibe   Folder   C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS\ASUSVIBE
Deleted       Preinstalled.ASUSVibe   Registry   HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{37611CFE-0CD1-4567-BFE8-E094BB29D6EA}
Deleted       Preinstalled.ASUSVibe   Registry   HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{37611CFE-0CD1-4567-BFE8-E094BB29D6EA}
Deleted       Preinstalled.ASUSVibe   Registry   HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AsusVibeSchedule
Deleted       Preinstalled.ASUSVibe   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\Asus Vibe2.0
Deleted       Preinstalled.ASUSVibe   Task   C:\Windows\System32\Tasks\ASUSVIBESCHEDULE
Deleted       Preinstalled.ASUSVivoBook   Folder   C:\Program Files\ASUS\ASUS VIVOBOOK
Deleted       Preinstalled.ASUSVivoBook   Registry   HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E7BBECC5-F06D-42D8-80C5-5F26D5D42F2E}
Deleted       Preinstalled.ASUSVivoBook   Registry   HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ASUS Vivokey
Deleted       Preinstalled.ASUSVivoBook   Registry   HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{04FDBE69-F9FD-42A2-9008-E5CE7F60C6BE}
Deleted       Preinstalled.ASUSVivoBook   Task   C:\Windows\System32\Tasks\ASUS VIVOKEY
Deleted       Preinstalled.ASUSWebStorage   Folder   C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS\WEBSTORAGE SYNC AGENT
Deleted       Preinstalled.ASUSWebStorage   Registry   HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|ASUSWebStorage
Deleted       Preinstalled.ASUSWebStorage   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Run|ASUSWebStorage
Deleted       Preinstalled.ASUSWebStorage   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\ASUS WebStorage
Deleted       Preinstalled.HPSupportAssistant   Folder   C:\Program Files (x86)\HEWLETT-PACKARD\HP CUSTOMER FEEDBACK
Deleted       Preinstalled.HPSupportAssistant   Folder   C:\Program Files (x86)\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK
Deleted       Preinstalled.HPSupportAssistant   Folder   C:\ProgramData\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK
Deleted       Preinstalled.HPSupportAssistant   Folder   C:\Users\Lluis Portet\AppData\Local\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK
Deleted       Preinstalled.HPSupportAssistant   Folder   C:\Users\Lluis Portet\AppData\Roaming\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK
Deleted       Preinstalled.HPSupportAssistant   Registry   HKLM\Software\Classes\CLSID\{335F9A62-FE4B-40CD-B4ED-BB4DE21DC95D}
Deleted       Preinstalled.HPSupportAssistant   Registry   HKLM\Software\Wow6432Node\\Classes\CLSID\{335F9A62-FE4B-40CD-B4ED-BB4DE21DC95D}
Deleted       Preinstalled.HPSupportAssistant   Registry   HKLM\Software\Wow6432Node\\Classes\CLSID\{C0ABBA07-B636-47B8-B9E1-BB96D7CD4831}
Deleted       Preinstalled.HPSupportAssistant   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{78E2C850-ADA6-420D-BA35-2F4A9BE733CC}
Deleted       Preinstalled.HPSupportAssistant   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{8EF98706-3C4B-4C5B-B035-01187E17D0E6}
Deleted       Preinstalled.LenovoPowerDVD   Registry   HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|RemoteControl10
Deleted       Preinstalled.LenovoPowerDVD   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Run|RemoteControl10
Deleted       Preinstalled.LenovoPowerDVD   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}
Deleted       Preinstalled.LenovoPowerDVD   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}
Deleted       Preinstalled.WildTangentGamesBundle   Folder   C:\Program Files (x86)\WILDGAMES
Deleted       Preinstalled.WildTangentGamesBundle   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\WildTangentGameProvider-asus-genres
Not Deleted   Preinstalled.ASUSSmartGesture   Folder   C:\Program Files (x86)\ASUS\ASUS SMART GESTURE
Not Deleted   Preinstalled.ASUSWebStorage   Folder   C:\Program Files (x86)\ASUS\WEBSTORAGE SYNC AGENT
Not Deleted   Preinstalled.HPSupportAssistant   Folder   C:\Program Files (x86)\HEWLETT-PACKARD\HP SUPPORT SOLUTIONS


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [10986 octets] - [13/04/2020 11:30:07]
AdwCleaner[C00].txt - [3326 octets] - [13/04/2020 11:32:40]
AdwCleaner[S01].txt - [9053 octets] - [15/04/2020 16:06:39]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C01].txt ##########

Adjunto report FSRT Cuando me ha sacado los reports, he visto que despues seguia… entonces no se si es correcto o no. Por otro lado, le ha costado mucho al ordenador arrancar…

 Resultado del análisis realizado por Farbar Recovery Scan Tool (FRST) (x64) Versión: 15-04-2020
Ejecutado por Lluís Portet (administrador) sobre LLUIS (ASUSTeK COMPUTER INC. S551LB) (15-04-2020 17:29:16)
Ejecutado desde C:\Users\Lluis Portet\Desktop
Perfiles cargados: Lluís Portet (Perfiles disponibles: Lluís Portet)
Platform: Windows 10 Home Versión 1909 18363.720 (X64) Idioma: Español (España, internacional)
Navegador predeterminado: Edge
Modo de Inicio: Normal
Tutorial para Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Procesos (Lista blanca) =================

(Si una entrada es incluida en el fixlist, el proceso será cerrado. El archivo no será movido.)

() [Archivo no firmado] C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iTunes_12105.12.48001.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files\ASUS\P4G\InsOnSrv.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files\ASUS\P4G\InsOnWMI.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer INC.) C:\ProgramData\AsTouchPanel\AsPatchTouchPanel64.exe
(CONDUSIV TECHNOLOGIES -> Condusiv Technologies) C:\Program Files\Condusiv Technologies\ExpressCache\ExpressCache.exe
(Hewlett Packard -> HP Inc.) C:\Program Files\HP\HP ENVY Photo 7800 series\Bin\ScanToPCActivationApp.exe
(Hewlett-Packard Company -> Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation-Mobile Wireless Group -> Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe
(Intel Corporation-Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Intel Wireless Display -> Intel) C:\Program Files\Intel Corporation\Intel WiDi\BrcmSetSecurity.exe
(Intel(R) Corporation) [Archivo no firmado] C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel(R) pGFX -> ) C:\Windows\System32\igfxTray.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel(R) Smart Connect software -> ) C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
(Intel(R) Software -> Intel Corporation) C:\Windows\System32\DptfParticipantProcessorService.exe
(Intel(R) Software -> Intel Corporation) C:\Windows\System32\DptfPolicyConfigTDPService.exe
(Intel(R) Software -> Intel Corporation) C:\Windows\System32\DptfPolicyCriticalService.exe
(Intel(R) Software -> Intel Corporation) C:\Windows\System32\DptfPolicyLpmService.exe
(Intel(R) Software -> Intel Corporation) C:\Windows\System32\DptfPolicyLpmServiceHelper.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe <2>
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\Lluis Portet\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12004.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.20022.11011.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe <5>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeSH.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SecurityHealthHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUI.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2003.8-0\MsMpEng.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Skype Software Sarl -> Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe

==================== Registro (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13550152 2013-05-30] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1308232 2013-05-20] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\nvspcap64.dll [1767760 2016-06-15] (NVIDIA Corporation PE Sign v2014 -> NVIDIA Corporation) [Archivo no firmado]
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2398776 2016-06-15] (NVIDIA Corporation -> NVIDIA Corporation)
HKLM\...\Run: [DptfPolicyLpmServiceHelper] => C:\WINDOWS\system32\DptfPolicyLpmServiceHelper.exe [79376 2013-04-22] (Intel(R) Software -> Intel Corporation)
HKLM\...\Run: [WindowsDefender] => "%ProgramFiles%\Windows Defender\MSASCuiL.exe"
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [40336 2015-09-24] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [67384 2016-11-17] (Apple Inc. -> Apple Inc.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard Company -> Hewlett-Packard)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [595992 2016-05-20] (Oracle America, Inc. -> Oracle Corporation)
HKLM\...\Policies\Explorer: [NoDesktop] 0
HKU\S-1-5-21-1639604648-2643072818-1685207513-1002\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [31682144 2015-03-25] (Skype Software Sarl -> Skype Technologies S.A.)
HKU\S-1-5-21-1639604648-2643072818-1685207513-1002\...\Run: [HP ENVY Photo 7800 (NET)] => C:\Program Files\HP\HP ENVY Photo 7800 series\Bin\ScanToPCActivationApp.exe [4065416 2018-04-19] (Hewlett Packard -> HP Inc.)
HKU\S-1-5-21-1639604648-2643072818-1685207513-1002\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [22245560 2020-03-19] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-1639604648-2643072818-1685207513-1002\...\Run: [Spotify] => C:\Users\Lluis Portet\AppData\Roaming\Spotify\Spotify.exe [22825376 2020-03-16] (Spotify AB -> Spotify Ltd)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\80.0.3987.163\Installer\chrmstp.exe [2020-04-11] (Google LLC -> Google LLC)
Startup: C:\Users\Lluis Portet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Supervisar alertas de tinta - .lnk [2016-10-02]
ShortcutAndArgument: Supervisar alertas de tinta - .lnk -> C:\WINDOWS\system32\RunDll32.exe => "C:\Program Files\HP\HP Officejet Pro 6830\bin\HPStatusBL.dll",RunDLLEntry SERIALNUMBER=TH48B5C199;CONNECTION=USB;MONITOR=1;
Startup: C:\Users\Lluis Portet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Supervisar alertas de tinta - HP Officejet Pro 6830.lnk [2018-04-16]
ShortcutAndArgument: Supervisar alertas de tinta - HP Officejet Pro 6830.lnk -> C:\WINDOWS\system32\RunDll32.exe => "C:\Program Files\HP\HP Officejet Pro 6830\bin\HPStatusBL.dll",RunDLLEntry SERIALNUMBER=TH48B5C199;CONNECTION=USB;MONITOR=1;

==================== Tareas programadas (Lista blanca) ============

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

Task: {00684ACB-A0AD-4583-B154-5B7FAE8D72AD} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> Ningún archivo <==== ATENCIÓN
Task: {0C748BF6-1B15-4C15-8FA1-559A0B28B6E2} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4357016 2020-04-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {0DDB73BB-E9A8-48C7-85F5-43E1321ED4B3} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}
Task: {0DFF7908-46FA-41F9-A0B1-600C607FA91B} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Ningún archivo <==== ATENCIÓN
Task: {106FF528-95E7-4570-B422-E48A94C760A0} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [18227896 2020-03-19] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {1ED13AB3-F2D4-4004-8B57-BF93ABDF5308} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Ningún archivo <==== ATENCIÓN
Task: {29BC14F2-9FA2-4C83-BD39-9639AFC6E83B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe
Task: {3141AAC7-DE44-4B29-9D2D-F58CA6F46ABD} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDFE067B1}
Task: {321F844F-D4CF-4704-9C1A-2105CACAF4FB} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2003.8-0\MpCmdRun.exe [480272 2020-03-29] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {38274FAF-50D4-4346-90F2-BC921524DD32} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [115448 2020-04-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {3841289C-87CA-4A17-9BF7-0431907E55C6} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> Ningún archivo <==== ATENCIÓN
Task: {3B997F50-E48D-4BAB-A0E0-F2B9C93717F5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2016-02-05] (Google Inc -> Google Inc.)
Task: {3CB2B87B-36DC-4C90-9F0D-9C1A4CBBC1E9} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2211024 2014-03-19] (Microsoft Corporation -> Microsoft)
Task: {40C09F55-A98E-4F6A-8ABF-471602312F24} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {47695FAD-2F94-4B6F-9EC6-E9B18817ADEF} - System32\Tasks\ASUS Live Update2 => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
Task: {49115923-23A5-427B-BAC7-A2AC6A5BD8CD} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> Ningún archivo <==== ATENCIÓN
Task: {4CE68F32-AC33-4D07-8988-53D8FE705DB0} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4357016 2020-04-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {4D6BFB0B-411D-4914-A57B-77BF07819DCC} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2003.8-0\MpCmdRun.exe [480272 2020-03-29] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {4DFCA4A4-3DE6-417E-91D7-BDE55963D1EA} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe
Task: {54F60C43-0458-4332-B1CD-A0B023714D2B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_TH48B5C199 => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe
Task: {58F8786D-8BCC-4E36-94F4-166202A98865} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Ningún archivo <==== ATENCIÓN
Task: {5A3FB241-0B11-4EA5-BC66-0D9F1B406040} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\BthSQM => {C8367320-6F85-11E0-A1F0-0800200C9A66} C:\WINDOWS\System32\BthTelemetry.dll [32256 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
Task: {613D2B3B-D8EB-4CD0-8B9F-28BA07505B85} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Ningún archivo <==== ATENCIÓN
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task => {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Task: {74641AFE-9158-40CF-A688-BDFAE17F9C34} - System32\Tasks\ASUS P4G => C:\Program Files\ASUS\P4G\BatteryLife.exe [1036088 2013-04-29] (ASUSTeK Computer Inc. -> ASUS)
Task: {7664B275-4E3B-4115-86E0-E48C81EEEDE8} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24702024 2020-03-30] (Microsoft Corporation -> Microsoft Corporation)
Task: {7C0C03ED-4D20-4255-B657-BB8A2195D44E} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43DA-BFD7-FBEEA2180A1E}
Task: {813C8CA2-68FE-4C4A-AA97-F1E3D372F8E4} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Ningún archivo <==== ATENCIÓN
Task: {833BC98D-8802-4DF4-9FC5-2570C5467553} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [177376 2016-08-12] (Intel(R) Update Manager -> Intel Corporation)
Task: {843AA78B-558E-4435-989D-470EF14AF8C2} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24702024 2020-03-30] (Microsoft Corporation -> Microsoft Corporation)
Task: {8503EA39-AA39-492C-B664-26E6660CD102} - System32\Tasks\HPCustParticipation HP ENVY Photo 7800 series => C:\Program Files\HP\HP ENVY Photo 7800 series\Bin\HPCustPartic.exe [6660744 2018-04-19] (Hewlett Packard -> HP Inc.)
Task: {8707C499-0F24-49E9-AEDB-AA4913322C58} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [651400 2017-09-20] (Hewlett Packard -> HP Inc.)
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task => {1B1F472E-3221-4826-97DB-2C2324D389AE}
Task: {8770A3CF-4606-4902-9D0E-39F3E36FE7F5} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [1129040 2013-03-26] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
Task: {8915E7C5-4230-4758-8ACA-D3C80DCA619D} - System32\Tasks\ASUS Patch for Touch Panel => C:\ProgramData\AsTouchPanel\AsPatchTouchPanel64.exe [158336 2013-01-09] (ASUSTeK Computer Inc. -> ASUSTek Computer INC.)
Task: {8B0DC868-14F4-4F83-B259-932DE1094F1B} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Ningún archivo <==== ATENCIÓN
Task: {910AED87-7419-48E6-942A-B12785170F35} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe
Task: {94CD9053-54E4-4574-ADC3-46C128E1EEF8} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4F47-879B-29A80C355D61}
Task: {9C33CCD3-1DD8-48AB-BF07-7250F3BADE65} - System32\Tasks\AdwCleaner_onReboot => C:\Users\Lluis Portet\Desktop\adwcleaner_8.0.4.exe [8196784 2020-04-11] (Malwarebytes Inc -> Malwarebytes)
Task: {A0125A36-C4FF-4B3D-A9DD-04878136AC57} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload => {EBF00FCB-0769-4B81-9BEC-6C05514111AA}
Task: {A48CF233-31A3-46AA-A7DE-FB70BE215C82} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2003.8-0\MpCmdRun.exe [480272 2020-03-29] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {A5DC6E4A-9CAE-47D9-AF82-579E658E8E3B} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [1487568 2014-03-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {A7DB2D83-2415-4740-B1E6-DEA53EE256F2} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1085656 2015-12-13] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {ABF72F46-91DF-4B14-B1D1-908F32B6FA7E} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2020-03-19] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {AC0A0F23-01F4-4EFC-B3D1-A0C4EC40FA85} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [177376 2016-08-12] (Intel(R) Update Manager -> Intel Corporation)
Task: {AED6B98D-213D-4127-9DEF-03BF9C6A7DBF} - System32\Tasks\HPCustParticipation HP Officejet Pro 6830 => C:\Program Files\HP\HP Officejet Pro 6830\Bin\HPCustPartic.exe [5815816 2014-07-18] (Hewlett Packard -> Hewlett-Packard Development Company, LP)
Task: {B2FA3206-CB9F-4028-B8E1-10C4BBCE861B} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2118352 2014-03-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {B3C1B2B0-4163-4E5F-9054-A6D75F3D9D3F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2016-02-05] (Google Inc -> Google Inc.)
Task: {B3CEF5FF-F987-48BF-B060-A04806A6FF7D} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [569416 2016-02-23] (Apple Inc. -> Apple Inc.)
Task: {B918A05F-BA5D-4E1C-9A02-96986CE0F045} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [1487568 2014-03-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {BB43030A-7773-4261-B7E9-9FBAA26BB230} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [115448 2020-04-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {C755283D-0A8C-4259-9CDE-8E90CE8C419F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2003.8-0\MpCmdRun.exe [480272 2020-03-29] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {C8B8918B-29DD-4A88-905B-B40F0A202E38} - \Microsoft\Windows\Setup\gwx\rundetector -> Ningún archivo <==== ATENCIÓN
Task: {CE2DE968-E342-40D7-9566-427D45E4A886} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {D2807CDB-50BA-432F-8B7C-888F4DC85FEA} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe
Task: {DAF93A6E-43E3-4A5F-915F-D08EA406D7C9} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [107072 2016-05-09] (Hewlett-Packard Company -> Hewlett-Packard)
Task: {DF51D083-EA82-485F-BE05-3BE1DDDB2B49} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Ningún archivo <==== ATENCIÓN
Task: {E0F40BF0-6E5B-4C73-A56C-8B882550068A} - System32\Tasks\HPCeeScheduleForLluís Portet => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [97848 2016-01-22] (Hewlett-Packard Company -> Hewlett-Packard)
Task: {E50AC9E3-DE9F-4147-9145-45FA38F1191A} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Ningún archivo <==== ATENCIÓN
Task: {E558186A-D312-49E3-BBD7-5290FF816573} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Ningún archivo <==== ATENCIÓN
Task: {E7CBAE3C-255F-4D6B-A819-4BAABFC0EAE8} - \Microsoft\Windows\Setup\GWXTriggers\Time-Weekend -> Ningún archivo <==== ATENCIÓN
Task: {ED9E10CA-A81C-4F3C-8E60-8CA59C026FF8} - \Microsoft\Windows\UNP\RunCampaignManager -> Ningún archivo <==== ATENCIÓN
Task: {EFC1BDB7-F986-4A45-8F9A-6AF393EA979D} - System32\Tasks\ASUS InstantOn Config => C:\Program Files\ASUS\P4G\InsOnCfg.exe
Task: {F1E9188B-B852-460A-911E-612F7D068691} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe
Task: {F2D0E4B0-D0BD-4948-B99D-7DB16047AA5E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [651400 2017-09-20] (Hewlett Packard -> HP Inc.)
Task: {F5024FD2-01D7-4384-B094-634A5BE123E9} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Ningún archivo <==== ATENCIÓN
Task: {F50F9C5A-8AB7-403A-AEC2-E4D19BF05AAA} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}
Task: {FAB24E96-ECF1-44A4-82A4-822439246F3D} - \WPD\SqmUpload_S-1-5-21-1639604648-2643072818-1685207513-1002 -> Ningún archivo <==== ATENCIÓN
Task: {FBC2419D-A497-4919-B10F-1B8CD4D1F064} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2118352 2014-03-19] (Microsoft Corporation -> Microsoft Corporation)

(Si una entrada es incluida en el fixlist, el archivo de tarea (.job) será movido. El archivo que está siendo ejecutado por la tarea no será movido.)

Task: C:\WINDOWS\Tasks\HPCeeScheduleForLluís Portet.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

==================== Internet (Lista blanca) ====================

(Si un elemento es incluido en el fixlist, y éste pertenece al registro, será eliminado o restaurado a su valor predeterminado.)

Tcpip\Parameters: [DhcpNameServer] 212.166.211.1 212.166.132.96
Tcpip\..\Interfaces\{6a104fa3-bc28-477c-9108-b0cccc449784}: [DhcpNameServer] 212.166.211.1 212.166.132.96
Tcpip\..\Interfaces\{c49b8c14-d006-4e30-996d-6dd0e800b6a0}: [DhcpNameServer] 212.166.211.1 212.166.132.96

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restricción <==== ATENCIÓN
HKU\S-1-5-21-1639604648-2643072818-1685207513-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com
HKU\S-1-5-21-1639604648-2643072818-1685207513-1002\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
SearchScopes: HKLM-x32 -> DefaultScope no se encuentra el valor
SearchScopes: HKU\S-1-5-21-1639604648-2643072818-1685207513-1002 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?q={sear
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2020-01-24] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_91\bin\ssv.dll [2016-06-19] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-06-19] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2020-01-24] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll [2016-06-19] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-06-19] (Oracle America, Inc. -> Oracle Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-04-15] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-04-15] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-04-15] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-04-15] (Microsoft Corporation -> Microsoft Corporation)

Edge: 
======
DownloadDir: C:\Users\Lluis Portet\Downloads
Edge Notifications: HKU\S-1-5-21-1639604648-2643072818-1685207513-1002 -> hxxps://mail.google.com

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll [2014-07-14] (Adobe Systems Incorporated -> )
FF Plugin: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-06-19] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-06-19] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll [2014-07-14] (Adobe Systems Incorporated -> )
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2014-01-06] (Google Inc -> Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.5.29 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-05-08] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-05-08] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-06-19] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-06-19] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2019-12-10] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-01-24] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.1.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-09-24] (Adobe Systems, Incorporated -> Adobe Systems Inc.)

Chrome: 
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Lluis Portet\AppData\Local\Google\Chrome\User Data\Default [2020-04-13]
CHR HomePage: Default -> hxxp://www.google.com/ig/redirectdomain?brand=ASUT&bmod=ASUT
CHR StartupUrls: Default -> "hxxp://www.facebook.com/","hxxps://twitter.com/","hxxp://www.hotmail.com/","hxxp://www.linkedin.com/","hxxp://www.youtube.com/","hxxp://www.lavanguardia.com/","hxxp://www.elperiodico.com/","hxxp://www.eleconomista.es/","hxxp://www.vidaextra.com/","hxxp://ps3p.es/","hxxp://www.mubis.es/","hxxp://www.uruloki.org/","hxxp://www.meristation.com/","hxxp://www.fnac.es/","hxxp://www.expansion.com/","hxxp://grupots.net/","hxxp://www.hipersonica.com/","hxxp://web.totsrucs.cat/","hxxp://terrorfantastico.com/foro/index.php","hxxp://www.hispashare.com/","hxxp://www.tumblr.com/","hxxps://vandal.elespanol.com/","hxxps://www.elconfidencial.com/","hxxps://www.elconfidencialdigital.com/","hxxp://www.bolsamania.com/"
CHR Extension: (Angry Birds) - C:\Users\Lluis Portet\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj [2014-12-20]
CHR Extension: (Documentos) - C:\Users\Lluis Portet\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-11-17]
CHR Extension: (Google Drive) - C:\Users\Lluis Portet\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-01-28]
CHR Extension: (YouTube) - C:\Users\Lluis Portet\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-01-28]
CHR Extension: (Búsqueda de Google) - C:\Users\Lluis Portet\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-01-28]
CHR Extension: (Google Calendar) - C:\Users\Lluis Portet\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn [2017-01-23]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\Lluis Portet\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-04-05]
CHR Extension: (Google Calendar) - C:\Users\Lluis Portet\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmbgaklkmjakoegficnlkhebmhkjfich [2019-03-31]
CHR Extension: (Spotify Chrome Extension) - C:\Users\Lluis Portet\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbjmlahipheaaghllkabfkpolljilkjb [2013-10-05]
CHR Extension: (Eurosport.com) - C:\Users\Lluis Portet\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfckibmjhbkjhjplimmnlnmgienindde [2013-10-05]
CHR Extension: (Evernote Web) - C:\Users\Lluis Portet\AppData\Local\Google\Chrome\User Data\Default\Extensions\lbfehkoinhhcknnbdgnnmjhiladcgbol [2014-05-02]
CHR Extension: (Google Maps) - C:\Users\Lluis Portet\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2016-01-28]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Lluis Portet\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-12-22]
CHR Extension: (Gmail) - C:\Users\Lluis Portet\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-06-08]
CHR Extension: (Chrome Media Router) - C:\Users\Lluis Portet\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-04-05]

==================== Servicios (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

R2 ASUS InstantOn; C:\Program Files\ASUS\P4G\InsOnSrv.exe [277120 2013-04-29] (ASUSTeK Computer Inc. -> ASUS)
R2 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe [72192 2012-12-19] () [Archivo no firmado]
R2 BrcmSetSecurity; C:\Program Files\Intel Corporation\Intel WiDi\BrcmSetSecurity.exe [101536 2013-04-16] (Intel Wireless Display -> Intel)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [10626328 2020-03-30] (Microsoft Corporation -> Microsoft Corporation)
R2 DptfParticipantProcessorService; C:\WINDOWS\system32\DptfParticipantProcessorService.exe [83032 2013-04-22] (Intel(R) Software -> Intel Corporation)
R2 DptfPolicyConfigTDPService; C:\WINDOWS\system32\DptfPolicyConfigTDPService.exe [100032 2013-04-22] (Intel(R) Software -> Intel Corporation)
R2 DptfPolicyCriticalService; C:\WINDOWS\system32\DptfPolicyCriticalService.exe [84568 2013-04-22] (Intel(R) Software -> Intel Corporation)
R2 DptfPolicyLpmService; C:\WINDOWS\system32\DptfPolicyLpmService.exe [92864 2013-04-22] (Intel(R) Software -> Intel Corporation)
R2 ExpressCache; C:\Program Files\Condusiv Technologies\ExpressCache\ExpressCache.exe [107944 2013-01-08] (CONDUSIV TECHNOLOGIES -> Condusiv Technologies)
S2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [81280 2020-03-02] (Mixbyte Inc -> Freemake)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1165368 2016-06-15] (NVIDIA Corporation -> NVIDIA Corporation)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [31776 2016-12-07] (HP Inc. -> HP Inc.)
R2 ibtsiva; C:\WINDOWS\system32\ibtsiva.exe [190208 2016-11-11] (Intel Corporation-Wireless Connectivity Solutions -> Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [373728 2016-11-30] (Intel(R) pGFX -> Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [731648 2013-02-13] (Intel(R) Corporation) [Archivo no firmado]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel® Trusted Connect Service -> Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-05-08] (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation)
R2 Intel(R) Wireless Bluetooth(R) 4.0 Radio Management; C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe [156616 2013-06-26] (Intel Corporation-Mobile Wireless Group -> Intel Corporation)
R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [182760 2013-04-15] (Intel(R) Smart Connect software -> )
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [177376 2016-08-12] (Intel(R) Update Manager -> Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-05-08] (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation)
R3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [6933272 2020-04-11] (Malwarebytes Inc -> Malwarebytes)
S3 McAWFwk; C:\Program Files\Common Files\mcafee\ActWiz\McAWFwk.exe [334608 2013-07-24] (McAfee, Inc. -> McAfee, Inc.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1881144 2016-06-15] (NVIDIA Corporation -> NVIDIA Corporation)
S2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2522680 2016-06-15] (NVIDIA Corporation -> NVIDIA Corporation)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2003.8-0\NisSrv.exe [3294680 2020-03-29] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2003.8-0\MsMpEng.exe [103168 2020-03-29] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000

===================== Controladores (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

R3 AMPPAL; C:\WINDOWS\System32\drivers\AMPPAL.sys [165344 2013-05-21] (Intel Corporation-Mobile Wireless Group -> Windows (R) Win 7 DDK provider)
R3 AsusTP; C:\WINDOWS\System32\drivers\AsusTP.sys [128024 2017-03-09] (ASUSTeK Computer Inc. -> ASUS Corporation)
R3 DptfDevDram; C:\WINDOWS\system32\DRIVERS\DptfDevDram.sys [68072 2013-04-22] (Intel(R) Software -> Intel Corporation)
R3 DptfDevPch; C:\WINDOWS\system32\DRIVERS\DptfDevPch.sys [57216 2013-04-22] (Intel(R) Software -> Intel Corporation)
R3 DptfDevProc; C:\WINDOWS\system32\DRIVERS\DptfDevProc.sys [120256 2013-04-22] (Intel(R) Software -> Intel Corporation)
R3 DptfManager; C:\WINDOWS\system32\DRIVERS\DptfManager.sys [200808 2013-04-22] (Intel(R) Software -> Intel Corporation)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [153312 2020-04-11] (Malwarebytes Corporation -> Malwarebytes)
R1 excfs; C:\WINDOWS\System32\DRIVERS\excfs.sys [26024 2013-01-08] (CONDUSIV TECHNOLOGIES -> Condusiv Technologies)
R0 excsd; C:\WINDOWS\System32\DRIVERS\excsd.sys [112552 2013-01-08] (CONDUSIV TECHNOLOGIES -> Condusiv Technologies)
R3 HIDSwitch; C:\WINDOWS\System32\drivers\AsRadioControl.sys [32680 2019-08-07] (ASUSTek Computer Inc. -> ASUS)
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [230144 2016-11-11] (Intel Corporation-Wireless Connectivity Solutions -> Intel Corporation)
R3 ikbevent; C:\WINDOWS\system32\DRIVERS\ikbevent.sys [21048 2013-04-15] (Intel(R) Smart Connect software -> )
R3 imsevent; C:\WINDOWS\system32\DRIVERS\imsevent.sys [21048 2013-04-15] (Intel(R) Smart Connect software -> )
R3 ISCT; C:\WINDOWS\System32\drivers\ISCTD64.sys [46568 2013-04-15] (Intel(R) Smart Connect software -> )
R3 kbfiltr; C:\WINDOWS\System32\drivers\kbfiltr.sys [14992 2012-08-02] (ASUSTeK Computer Inc. ->  )
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [214496 2020-04-11] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [20936 2020-04-11] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [195432 2020-04-15] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [73584 2020-04-15] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248968 2020-04-15] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [119960 2020-04-15] (Malwarebytes Inc -> Malwarebytes)
R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [99288 2013-12-20] (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation)
R3 NETwNb64; C:\WINDOWS\System32\drivers\Netwbw02.sys [3485696 2019-03-19] (Microsoft Windows -> Intel Corporation)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvam.inf_amd64_1aae4f19e68d0780\nvlddmkm.sys [17003280 2017-12-12] (NVIDIA Corporation -> NVIDIA Corporation)
R0 nvpciflt; C:\WINDOWS\System32\DriverStore\FileRepository\nvam.inf_amd64_1aae4f19e68d0780\nvpciflt.sys [48072 2017-12-12] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [28216 2016-06-15] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [56384 2016-04-14] (NVIDIA Corporation -> NVIDIA Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [662528 2019-03-19] (Microsoft Windows -> Realtek )
R3 usb3Hub; C:\WINDOWS\System32\drivers\usb3Hub.sys [207768 2013-04-16] (Intel Wireless Display -> Windows (R) Win 7 DDK provider)
S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2015-06-10] (Apple, Inc.) [Archivo no firmado]
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [45960 2020-03-29] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [391392 2020-03-29] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [59104 2020-03-29] (Microsoft Windows -> Microsoft Corporation)
R3 WPRO_41_2001; C:\WINDOWS\System32\drivers\WPRO_41_2001.sys [34752 2020-04-15] (Intel(R) Smart Connect software -> )

==================== NetSvcs (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)


==================== Un mes (creado) ===================

(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)

2020-04-15 17:33 - 2020-04-15 17:33 - 000073584 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2020-04-15 17:32 - 2020-04-15 17:34 - 000000000 ____D C:\Users\Lluis Portet\AppData\LocalLow\IGDump
2020-04-15 17:32 - 2020-04-15 17:32 - 000195432 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2020-04-15 17:32 - 2020-04-15 17:32 - 000119960 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2020-04-15 17:19 - 2020-04-15 17:29 - 000063496 _____ C:\Users\Lluis Portet\Desktop\Addition.txt
2020-04-15 17:03 - 2020-04-15 17:38 - 000045385 _____ C:\Users\Lluis Portet\Desktop\FRST.txt
2020-04-15 17:02 - 2020-04-15 17:32 - 000000000 ____D C:\FRST
2020-04-15 16:42 - 2020-04-15 16:42 - 000000000 ___SH C:\DkHyperbootSync
2020-04-15 16:31 - 2020-04-15 16:35 - 944264672 _____ C:\Users\Lluis Portet\Downloads\StudentTransfer-4.6-pc.zip
2020-04-15 16:16 - 2020-04-15 16:16 - 000248968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2020-04-15 16:14 - 2020-04-15 16:14 - 002281472 _____ (Farbar) C:\Users\Lluis Portet\Desktop\FRST64.exe
2020-04-15 16:10 - 2020-04-15 16:10 - 000094656 _____ (CACE Technologies) C:\WINDOWS\system32\WPRO_41_2001woem.tmp
2020-04-15 16:04 - 2020-04-15 16:04 - 000000000 ____D C:\Users\Lluis Portet\AppData\Local\4kdownload.com
2020-04-15 16:03 - 2020-04-15 16:03 - 000001008 _____ C:\Users\Lluis Portet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\4K Video Downloader.lnk
2020-04-15 16:03 - 2020-04-15 16:03 - 000000978 _____ C:\Users\Lluis Portet\Desktop\4K Video Downloader.lnk
2020-04-15 16:03 - 2020-04-15 16:03 - 000000000 ____D C:\Program Files (x86)\4KDownload
2020-04-15 15:55 - 2020-04-15 15:55 - 069464064 _____ C:\Users\Lluis Portet\Downloads\4kvideodownloader_4.12.0.msi
2020-04-13 21:05 - 2020-04-14 07:35 - 000000372 _____ C:\WINDOWS\Tasks\HPCeeScheduleForLluís Portet.job
2020-04-13 21:05 - 2020-04-13 21:05 - 000003292 _____ C:\WINDOWS\system32\Tasks\HPCeeScheduleForLluís Portet
2020-04-13 20:46 - 2020-04-13 20:46 - 000000000 ____D C:\Users\Lluis Portet\Desktop\Bolsa
2020-04-13 13:06 - 2020-04-15 16:37 - 000000000 ____D C:\Users\Lluis Portet\Desktop\Limpieza Abril 2020
2020-04-13 11:56 - 2020-04-14 07:04 - 000004210 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2020-04-13 11:56 - 2020-04-13 11:56 - 000002882 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC
2020-04-13 11:56 - 2020-04-13 11:56 - 000000865 _____ C:\Users\Public\Desktop\CCleaner.lnk
2020-04-13 11:56 - 2020-04-13 11:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2020-04-13 11:55 - 2020-04-13 11:56 - 000000000 ____D C:\Program Files\CCleaner
2020-04-13 11:32 - 2020-04-15 16:09 - 000003186 _____ C:\WINDOWS\system32\Tasks\AdwCleaner_onReboot
2020-04-12 18:22 - 2020-04-12 18:24 - 000639677 _____ C:\Users\Lluis Portet\Desktop\Itunes List 12Abr2020.pdf
2020-04-11 12:47 - 2020-04-11 12:47 - 000000000 ____D C:\ProgramData\pdfforge
2020-04-11 11:20 - 2020-04-11 11:20 - 000000000 ____D C:\Users\Lluis Portet\AppData\Local\mbam
2020-04-11 11:20 - 2020-04-11 11:20 - 000000000 ____D C:\Users\Lluis Portet\AppData\Local\cache
2020-04-11 11:19 - 2020-04-11 11:19 - 000214496 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2020-04-11 11:19 - 2020-04-11 11:19 - 000002023 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2020-04-11 11:19 - 2020-04-11 11:19 - 000000000 ____D C:\Users\Lluis Portet\AppData\Local\mbamtray
2020-04-11 11:19 - 2020-04-11 11:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2020-04-11 11:19 - 2020-04-11 11:18 - 000153312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2020-04-11 11:19 - 2020-04-11 11:18 - 000020936 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2020-04-11 11:18 - 2020-04-11 11:18 - 000000000 ____D C:\ProgramData\Malwarebytes
2020-04-11 11:18 - 2020-04-11 11:18 - 000000000 ____D C:\Program Files\Malwarebytes
2020-04-11 11:16 - 2020-04-11 11:16 - 008196784 _____ (Malwarebytes) C:\Users\Lluis Portet\Desktop\adwcleaner_8.0.4.exe
2020-04-11 11:13 - 2020-04-11 11:13 - 001965536 _____ (Malwarebytes) C:\Users\Lluis Portet\Downloads\MBSetup.exe
2020-04-10 23:16 - 2020-04-10 23:16 - 000000000 ____D C:\Users\Lluis Portet\AppData\Local\OneDrive
2020-04-05 12:42 - 2020-04-05 12:47 - 1342009572 _____ C:\Users\Lluis Portet\Downloads\HolidayIsland-0.2.0.0-pc.zip
2020-03-22 19:51 - 2020-03-22 19:53 - 000000000 ____D C:\Users\Lluis Portet\Documents\Freemake
2020-03-22 19:51 - 2020-03-22 19:51 - 000000000 ____D C:\Users\Lluis Portet\AppData\Local\FreemakeVideoDownloader
2020-03-22 19:50 - 2020-04-15 15:55 - 000000000 ____D C:\Program Files (x86)\Freemake
2020-03-22 19:50 - 2020-03-22 19:51 - 000000000 ____D C:\ProgramData\Freemake
2020-03-22 19:49 - 2020-03-22 19:49 - 001011376 _____ (Ellora Assets Corporation ) C:\Users\Lluis Portet\Downloads\FreemakeVideoDownloaderSetup_ae3ba08d-8653-2489-d276-2e7d6dcff05f.exe
2020-03-22 19:43 - 2020-03-22 19:43 - 156561644 _____ C:\Users\Lluis Portet\Downloads\Top 5 - Best Assassin's Creed Cinematic Trailers (2007-2017) NEW.mp4

==================== Un mes (modificado) ==================

(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)

2020-04-15 17:40 - 2019-03-19 06:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-04-15 16:59 - 2013-10-04 22:36 - 000000000 ____D C:\Program Files (x86)\Steam
2020-04-15 16:54 - 2015-06-11 21:56 - 000000000 ____D C:\Users\Lluis Portet\AppData\Roaming\Skype
2020-04-15 16:40 - 2015-06-29 10:04 - 000000000 ____D C:\Users\Lluis Portet\AppData\Local\Steam
2020-04-15 16:28 - 2013-04-23 18:09 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2020-04-15 16:19 - 2019-11-24 20:13 - 000005810 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-04-15 16:19 - 2019-03-19 13:59 - 001043032 _____ C:\WINDOWS\system32\perfh00A.dat
2020-04-15 16:19 - 2019-03-19 13:59 - 000240284 _____ C:\WINDOWS\system32\perfc00A.dat
2020-04-15 16:13 - 2013-10-12 21:48 - 000000000 ____D C:\Users\Lluis Portet\AppData\Local\Spotify
2020-04-15 16:11 - 2013-10-12 21:46 - 000000000 ____D C:\Users\Lluis Portet\AppData\Roaming\Spotify
2020-04-15 16:10 - 2019-11-24 20:28 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-04-15 16:10 - 2017-01-29 21:15 - 000000000 ____D C:\ProgramData\NVIDIA
2020-04-15 16:10 - 2017-01-29 21:14 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2020-04-15 16:10 - 2013-06-24 15:54 - 000034752 _____ C:\WINDOWS\system32\Drivers\WPRO_41_2001.sys
2020-04-15 16:09 - 2019-11-24 19:57 - 000000000 ____D C:\Users\Lluis Portet
2020-04-15 16:09 - 2019-03-19 06:37 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2020-04-15 16:09 - 2016-06-19 19:16 - 000000000 ____D C:\Users\Lluis Portet\AppData\Roaming\Hewlett-Packard
2020-04-15 16:09 - 2016-06-19 19:16 - 000000000 ____D C:\Users\Lluis Portet\AppData\Local\Hewlett-Packard
2020-04-15 16:09 - 2016-06-19 19:13 - 000000000 ____D C:\ProgramData\Hewlett-Packard
2020-04-15 16:09 - 2014-11-23 13:27 - 000000000 ____D C:\Program Files (x86)\Hewlett-Packard
2020-04-15 16:09 - 2013-06-24 16:05 - 000000000 ____D C:\Program Files\ASUS
2020-04-15 16:09 - 2013-04-23 18:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS
2020-04-15 15:56 - 2019-11-24 20:28 - 000003534 _____ C:\WINDOWS\system32\Tasks\ASUS Live Update2
2020-04-15 15:56 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-04-15 15:55 - 2013-10-04 21:56 - 000000074 _____ C:\Users\Lluis Portet\AppData\Roaming\sp_data.sys
2020-04-14 07:41 - 2017-08-04 16:38 - 000000000 ____D C:\ProgramData\ASUS Smart Gesture
2020-04-14 07:36 - 2019-11-24 19:42 - 000453752 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-04-14 07:35 - 2019-11-24 19:42 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-04-13 21:03 - 2013-10-04 22:38 - 000000000 ____D C:\Users\Lluis Portet\AppData\Roaming\vlc
2020-04-13 20:45 - 2013-10-05 01:00 - 000000000 ____D C:\Program Files\Recuva
2020-04-13 13:35 - 2019-03-19 06:52 - 000000000 ___HD C:\Program Files\WindowsApps
2020-04-13 13:35 - 2018-08-19 15:22 - 000000000 ____D C:\ProgramData\Packages
2020-04-13 13:35 - 2018-04-30 15:50 - 000000000 ____D C:\Users\Lluis Portet\AppData\Local\Packages
2020-04-13 13:25 - 2019-03-19 06:50 - 000000000 ____D C:\WINDOWS\INF
2020-04-13 13:08 - 2013-10-05 00:59 - 000001767 _____ C:\Users\Public\Desktop\Defraggler.lnk
2020-04-13 13:08 - 2013-10-05 00:59 - 000000000 ____D C:\Program Files\Defraggler
2020-04-13 12:26 - 2014-01-26 21:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RecoolTec
2020-04-13 12:25 - 2016-06-19 19:21 - 000000000 ____D C:\Users\Lluis Portet\AppData\Local\PDFCreator
2020-04-13 12:25 - 2016-06-19 19:18 - 000000000 ____D C:\Program Files\PDFCreator
2020-04-13 12:24 - 2019-11-11 22:25 - 000000000 ___DC C:\WINDOWS\Panther
2020-04-13 12:24 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2020-04-13 12:24 - 2013-10-15 22:18 - 000000000 ____D C:\Users\Lluis Portet\AppData\Local\CrashDumps
2020-04-13 11:30 - 2014-06-10 18:41 - 000000000 ____D C:\AdwCleaner
2020-04-13 05:23 - 2016-06-19 18:49 - 000000000 ____D C:\Users\Lluis Portet\AppData\Local\Publishers
2020-04-13 05:22 - 2013-10-04 21:59 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-04-11 12:49 - 2016-06-19 19:20 - 000000000 ____D C:\Program Files\PDF Architect 4
2020-04-11 11:46 - 2019-03-19 06:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-04-11 11:19 - 2019-03-19 06:52 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2020-04-05 13:27 - 2018-01-21 20:31 - 000252674 _____ C:\Users\Lluis Portet\Desktop\BASE DE DATOS A REPASAR.xlsx
2020-04-05 12:20 - 2016-04-25 11:00 - 000000000 ___HD C:\Users\Lluis Portet\Downloads\X
2020-04-05 11:29 - 2013-10-28 20:54 - 000744808 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2020-03-29 16:18 - 2018-01-20 18:22 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2020-03-22 19:38 - 2019-11-24 20:28 - 000003622 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2020-03-22 19:38 - 2019-11-24 20:28 - 000003498 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2020-03-22 15:56 - 2014-05-02 19:15 - 000000000 ____D C:\Users\Lluis Portet\Desktop\Movil
2020-03-16 21:10 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\ShellExperiences
2020-03-16 21:10 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\bcastdvr
2020-03-16 20:20 - 2019-11-24 20:28 - 000003374 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1639604648-2643072818-1685207513-1002
2020-03-16 20:20 - 2019-11-24 19:57 - 000002461 _____ C:\Users\Lluis Portet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-03-16 20:20 - 2016-06-19 18:52 - 000000000 ___RD C:\Users\Lluis Portet\OneDrive

==================== Archivos en la raíz de algunos directorios ========

2013-10-04 21:56 - 2020-04-15 15:55 - 000000074 _____ () C:\Users\Lluis Portet\AppData\Roaming\sp_data.sys

==================== SigCheck ============================

(No existe una corrección automática para los archivos que no pasan la verificación.)

==================== Final de FRST.txt ========================

y ahora el report Addition

Resultados del Análisis Adicional de Farbar Recovery Scan Tool (x64) Versión: 15-04-2020
Ejecutado por Lluís Portet (15-04-2020 17:41:31)
Ejecutado desde C:\Users\Lluis Portet\Desktop
Windows 10 Home Versión 1909 18363.720 (X64) (2019-11-24 18:29:20)
Modo de Inicio: Normal
==========================================================


==================== Cuentas: =============================

Administrador (S-1-5-21-1639604648-2643072818-1685207513-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1639604648-2643072818-1685207513-503 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1639604648-2643072818-1685207513-1013 - Limited - Enabled)
Invitado (S-1-5-21-1639604648-2643072818-1685207513-501 - Limited - Disabled)
Lluís Portet (S-1-5-21-1639604648-2643072818-1685207513-1002 - Administrator - Enabled) => C:\Users\Lluis Portet
WDAGUtilityAccount (S-1-5-21-1639604648-2643072818-1685207513-504 - Limited - Disabled)

==================== Centro de Seguridad ========================

(Si una entrada es incluida en el fixlist, será eliminada.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Programas instalados ======================

(Solo los programas de adware con indicador "Oculto", pueden ser añadidos al fixlist para hacerlos visibles. Los programas adware deben ser desinstalados manualmente.)

4K Video Downloader 4.12 (HKLM-x32\...\{A490FDCE-03DF-4B63-92D9-9C9ADC4246C3}) (Version: 4.12.0.3570 - Open Media LLC)
Actualización de NVIDIA 2.11.4.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 2.11.4.1 - NVIDIA Corporation) Hidden
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Reader X (10.1.16) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.16 - Adobe Systems Incorporated)
AFORIX (HKLM\...\AFORIX) (Version: 7.6_G - D.G. de Comercio Internacional e Inversiones)
Apple Application Support (32 bits) (HKLM-x32\...\{D079CAAD-0C31-47A2-9AF5-A82F9CD9B221}) (Version: 5.2 - Apple Inc.)
Apple Application Support (64 bits) (HKLM\...\{64E6007B-1DA9-42CD-BBE4-D5FA67A7C71D}) (Version: 5.2 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 3.0.2 - ASUS)
ASUS Product Demo Kit (HKLM-x32\...\{1714AD6E-D517-40C0-9B19-4CE0078F7694}) (Version: 1.0.2 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 3.1.0 - ASUS)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0028 - ASUS)
AviSynth 2.5 (HKLM-x32\...\AviSynth) (Version:  - )
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.65 - Piriform)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.4.5000 - CDBurnerXP)
Centro de Ratón y Teclado de Microsoft (HKLM\...\{23D2AFC7-C01E-4413-9D9A-0BABF52569BF}) (Version: 2.3.188.0 - Microsoft Corporation) Hidden
Centro de Ratón y Teclado de Microsoft (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Defraggler (HKLM\...\Defraggler) (Version: 2.22 - Piriform)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
Estudio para la mejora del producto HP ENVY Photo 7800 series (HKLM\...\{AC884313-BEE8-4F4C-9F94-420F9B6F4D69}) (Version: 44.3.2218.18109 - HP Inc.)
Estudio para la mejora del producto HP Officejet Pro 6830 (HKLM\...\{463DA75E-C440-48DA-8B2B-930795875B3C}) (Version: 33.1.73.49987 - Hewlett-Packard Co.)
ExpressCache (HKLM\...\{C123584F-9C84-45E8-AE5F-522328BB79A0}) (Version: 1.0.100.0 - Condusiv Technologies)
Galeria de Fotografias (HKLM-x32\...\{23079EF2-2617-4BFC-BDFF-E6AE8D79B734}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Galería de fotos (HKLM-x32\...\{198CEF22-A27F-4DC7-9B66-2C22A4B1CA09}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 80.0.3987.163 - Google LLC)
Google Drive (HKLM-x32\...\{A8DC81F2-D365-4248-892A-FA3B5951F731}) (Version: 2.34.9392.7803 - Google, Inc.)
Google Earth Pro (HKLM\...\{70A0F34E-564B-4F93-ADD6-3BAEC6E44075}) (Version: 7.3.2.5776 - Google)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
Google+ Auto Backup (HKLM-x32\...\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}) (Version: 1.0.21.81 - Google)
Hofmann 9.9.4 (HKLM-x32\...\{9436E801-EF2E-4779-96F6-6E82E203A778}) (Version: 9.9.4 - Hofmann)
HP Dropbox Plugin (HKLM-x32\...\{9A4CAD93-0833-4722-A8C5-F147CF079942}) (Version: 36.0.102.68541 - HP)
HP EmailSMTP Plugin (HKLM-x32\...\{549816EC-F4D8-4838-B482-5CC413BEE849}) (Version: 43.0.0.0 - HP)
HP ENVY Photo 7800 series Ayuda (HKLM-x32\...\{76D40DE4-EEBF-4876-91A9-5DD19DB6C215}) (Version: 44.0.0 - HP)
HP ENVY Photo 7800 series Software básico del dispositivo (HKLM\...\{829C5FE0-7B37-403B-ACEA-02C73EA753DE}) (Version: 44.3.2218.18109 - HP Inc.)
HP FTP Plugin (HKLM-x32\...\{0C72C7BD-0594-449C-826A-C0E1765E8497}) (Version: 43.0.0.0 - HP)
HP Google Drive Plugin (HKLM-x32\...\{5F9813F9-DBBE-4316-8E4E-A7295112BCDB}) (Version: 36.0.102.68541 - HP)
HP Officejet Pro 6830 Ayuda (HKLM-x32\...\{5F0FA5C8-3708-4F56-B0A2-06C41E843F3F}) (Version: 34.0.0 - Hewlett Packard)
HP Officejet Pro 6830 Software básico del dispositivo (HKLM\...\{1ce98de5-8387-480c-a0f0-b5d581b32749}) (Version: 33.1.74.49987 - Hewlett-Packard Co.)
HP OneDrive Plugin (HKLM-x32\...\{8703B5BA-1FA8-4F65-ADF2-D35C298B4A26}) (Version: 36.0.0.0 - HP)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.9572 - HP)
HP SharePoint Plugin (HKLM-x32\...\{D8CE3A33-62A6-4508-8AE7-D847D203567C}) (Version: 43.0.0.0 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPDiagnosticAlert (HKLM-x32\...\{B6465A32-8BE9-4B38-ADC5-4B4BDDC10B0D}) (Version: 1.00.0001 - Microsoft) Hidden
HPDiagnosticCoreDll (HKLM-x32\...\{9262B08F-E183-4FED-A2BD-23FF1A84EB79}) (Version: 1.0.15.0 - Hewlett Packard)
I.R.I.S OCR (HKLM-x32\...\{0E0D0459-0565-4490-8D96-A5355D56C243}) (Version: 15.2.10.1114 - HP Inc.)
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
Intel Experience Center - Configuration (HKLM-x32\...\{C73A16B7-AC35-4262-9BAF-DA9B2039A563}) (Version: 1.9.0.8 - Intel) Hidden
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\FFD10ECE-F715-4a86-9BD8-F6F47DA5DA1C) (Version: 7.0.0.2023 - Intel Corporation)
Intel(R) Experience Center Desktop Software (HKLM-x32\...\{85de612b-ee05-476a-87cc-52e5740de420}) (Version: 1.9.0.8 - Intel)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.0.1428 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4549 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{302600C1-6BDF-4FD1-1306-148929CC1385}) (Version: 3.1.1306.0354 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.63463 - Intel Corporation)
Intel(R) Smart Connect Technology 4.1 x64 (HKLM\...\{DBECAE94-4C04-40AC-9AFB-FA9953258EAF}) (Version: 4.1.41.2234 - Intel)
Intel(R) Update Manager (HKLM-x32\...\{7224B7CE-196C-4E2A-A1AE-1D7BF259FD36}) (Version: 3.4.1942 - Intel Corporation)
Intel(R) WiDi (HKLM\...\{C605440F-2748-435F-9F29-EB1C8134856F}) (Version: 4.1.17.0 - Intel Corporation)
Java 8 Update 91 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418091F0}) (Version: 8.0.910.15 - Oracle Corporation)
Java 8 Update 91 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218091F0}) (Version: 8.0.910.15 - Oracle Corporation)
Java SE Development Kit 7 Update 75 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170750}) (Version: 1.7.0.750 - Oracle)
Malwarebytes version 4.1.0.56 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.1.0.56 - Malwarebytes)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office Profesional Plus 2016 - es-es (HKLM\...\ProPlusRetail - es-es) (Version: 16.0.12624.20382 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1639604648-2643072818-1685207513-1002\...\OneDriveSetup.exe) (Version: 19.232.1124.0010 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Movie Maker (HKLM-x32\...\{3B5AAF87-531E-4163-BE79-8989FC249173}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{9C82436F-F19C-42A4-B476-F87A28A95BF9}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{B44E699A-94F8-406C-9A1B-C2574F5863CB}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{E668DD34-04FA-4A11-B07A-8CBA2119401B}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{EB3DF0F0-0525-4C5A-A2F8-DEC868A3075D}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{F215DDB5-BE2A-4453-BABF-8790434F65D0}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
MyBitCast 2.0 (HKLM-x32\...\MyBitCast) (Version: 2.0 - ASUS)
NVIDIA Controlador de audio HD 1.3.32.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.32.1 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.11.4.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.11.4.1 - NVIDIA Corporation)
NVIDIA Software del sistema PhysX 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.12624.20320 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.12624.20320 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.12624.20382 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0C0A-0000-0000000FF1CE}) (Version: 16.0.12624.20320 - Microsoft Corporation) Hidden
osrss (HKLM-x32\...\{1BA1133B-1C7A-41A0-8CBF-9B993E63D296}) (Version: 1.0.0 - Microsoft Corporation) Hidden
Panel de control de NVIDIA 388.57 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 388.57 - NVIDIA Corporation) Hidden
Paquete de idioma de Microsoft Visual Studio 2010 Tools para Office Runtime (x64) - ESN (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - ESN) (Version: 10.0.50903 - Microsoft Corporation)
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 2.3.0 - pdfforge GmbH)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.14.327.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6937 - Realtek Semiconductor Corp.)
Realtek USB Card Reader (HKLM-x32\...\{1E496A68-4943-424E-829D-5C3C85B7B8F2}) (Version: 6.2.9200.39041 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.48 - Piriform)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 7.1.0280 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController) (Version: 2.11.4.1 - NVIDIA Corporation) Hidden
Skype™ 7.3 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.3.101 - Skype Technologies S.A.)
Software Intel® PROSet/Wireless (HKLM-x32\...\{c9967fbd-e3c3-4ed0-992a-5b33260f2944}) (Version: 16.1.5 - Intel Corporation)
Spotify (HKU\S-1-5-21-1639604648-2643072818-1685207513-1002\...\Spotify) (Version: 1.1.28.721.g5b5ee660 - Spotify AB)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
System Requirements Lab for Intel (HKLM-x32\...\{C7CA731B-BF9A-46D9-92CF-8A8737AE9240}) (Version: 4.5.13.0 - Husdawg, LLC)
TC2000 v19 (HKLM-x32\...\{A6A526E4-A376-4772-897D-508FB2473C91}) (Version: 1.0.0 - Worden Brothers, Inc.) Hidden
TC2000 v19 (HKU\S-1-5-21-1639604648-2643072818-1685207513-1002\...\TC2000 v19 1.0.0) (Version: 1.0.0 - Worden Brothers, Inc.)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden
UpdateAssistant (HKLM\...\{F339C545-24DC-4870-AA32-6EB6B0500B95}) (Version: 1.24.0.0 - Microsoft Corporation) Hidden
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.6 - VideoLAN)
Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0) (Version: 1.0.61.0 - LunarG, Inc.) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Setup Remediations (x64) (KB4023057) (HKLM\...\{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb) (Version:  - )
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.42.0 - ASUS)
WinRAR 5.00 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.00.0 - win.rar GmbH)
Συλλογή φωτογραφιών (HKLM-x32\...\{2D5C287A-1D2D-46BA-8EF8-D2747575DB6E}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Основные компоненты Windows Live (HKLM-x32\...\{D177E45E-2BA3-42C1-8570-CCA2217B958C}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Фотоальбом (HKLM-x32\...\{B27EB36C-9860-42FD-AA90-23648E49F15C}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Фотографии (общедоступная версия) (HKLM-x32\...\{7D6C9057-7F50-4CAB-A557-A68A7932B48E}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
גלריית התמונות (HKLM-x32\...\{F1BEEA80-1419-45EE-A4C7-41FD4450ED92}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden

Packages:
=========
- Games App - -> C:\Program Files\WindowsApps\WildTangentGames.-GamesApp-_1.0.3.28_x86__qt5r5pa5dyg8m [2015-07-26] (WildTangent Games)
ASUS Welcome -> C:\Program Files\WindowsApps\B9ECED6F.ASUSWelcome_1.0.1.0_x64__qmba6cd70vzyy [2016-06-19] (ASUSTeK COMPUTER INC.)
Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.165.800.0_x86__kgqvnymyfvs32 [2020-04-13] (king.com)
Fresh Paint -> C:\Program Files\WindowsApps\Microsoft.FreshPaint_3.1.10383.1000_x86__8wekyb3d8bbwe [2019-06-08] (Microsoft Corporation)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_110.1.671.0_x64__v10z8vjag6ke6 [2020-03-22] (HP Inc.)
Intel® Experience Center -> C:\Program Files\WindowsApps\AppUp.IntelExperienceCenter_1.9.1.8_x64__8j3eq9eme6ctt [2014-03-18] (INTEL CORP)
iTunes -> C:\Program Files\WindowsApps\AppleInc.iTunes_12105.12.48001.0_x64__nzyj5cx40ttqa [2020-04-11] (Apple Inc.) [Startup Task]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-02-23] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-02-23] (Microsoft Corporation) [MS Ad]
Microsoft News: Noticias destacadas en español -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.36.20714.0_x64__8wekyb3d8bbwe [2020-04-11] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.6.1224.0_x64__8wekyb3d8bbwe [2020-04-13] (Microsoft Studios) [MS Ad]
MSN Deportes -> C:\Program Files\WindowsApps\Microsoft.BingSports_4.36.20714.0_x64__8wekyb3d8bbwe [2020-04-11] (Microsoft Corporation) [MS Ad]
MSN Dinero -> C:\Program Files\WindowsApps\Microsoft.BingFinance_4.36.20714.0_x64__8wekyb3d8bbwe [2020-04-11] (Microsoft Corporation) [MS Ad]
MSN El Tiempo -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.36.20714.0_x64__8wekyb3d8bbwe [2020-04-11] (Microsoft Corporation) [MS Ad]
MSN Recetas -> C:\Program Files\WindowsApps\Microsoft.BingFoodAndDrink_3.0.4.336_x64__8wekyb3d8bbwe [2015-07-26] (Microsoft Corporation) [MS Ad]
MSN Salud y Bienestar -> C:\Program Files\WindowsApps\Microsoft.BingHealthAndFitness_3.0.4.336_x64__8wekyb3d8bbwe [2015-07-26] (Microsoft Corporation) [MS Ad]
MSN Viajes -> C:\Program Files\WindowsApps\Microsoft.BingTravel_3.0.4.336_x64__8wekyb3d8bbwe [2015-07-26] (Microsoft Corporation) [MS Ad]
Music Maker Jam -> C:\Program Files\WindowsApps\MAGIX.MusicMakerJam_3.1.1.0_x64__a2t3txkz9j1jw [2020-02-19] (MAGIX)
Pinball FX2 -> C:\Program Files\WindowsApps\Microsoft.Studios.PinballFx2_1.8.1.957_x86__8wekyb3d8bbwe [2015-05-17] (Microsoft Studios)
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.Twitter_6.1.4.1000_neutral__wgeqdkkx372wm [2018-12-29] (Twitter Inc.)

==================== Personalizado CLSID (Lista blanca): ==============

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-04-23] (Google Inc -> Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-04-23] (Google Inc -> Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-04-23] (Google Inc -> Google)
ContextMenuHandlers1: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2018-05-02] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2018-04-23] (Google Inc -> Google)
ContextMenuHandlers1: [PDFCreator.ShellContextMenu] -> {d9cea52e-100d-4159-89ea-76e845bc13e1} => C:\Program Files\PDFCreator\PDFCreatorShell.DLL [2016-02-19] (pdfforge GmbH -> pdfforge GmbH)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2013-08-22] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2013-08-22] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [BackupContextMenuExtension] -> {b1b96b20-da1d-4a3c-92c1-7229b32f2325} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\ASUSWSContextMenu.DLL [2012-12-19] (ASUS Cloud Corporation -> ASUS Cloud Corporation)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-04-11] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2018-04-23] (Google Inc -> Google)
ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2013-08-13] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> Ningún archivo
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2016-11-30] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2017-12-04] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2018-05-02] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-04-11] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2013-08-13] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2013-08-22] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2013-08-22] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Lista blanca) ====================

==================== Accesos directos & WMI ========================

==================== Módulos cargados (Lista blanca) =============

2013-01-08 08:59 - 2013-01-08 08:59 - 000236032 _____ (Condusiv Technologies) [Archivo no firmado] C:\Program Files\Condusiv Technologies\ExpressCache\NsNtfsAutoAnalyze.dll
2013-01-08 08:59 - 2013-01-08 08:59 - 000087552 _____ (Condusiv Technologies) [Archivo no firmado] C:\Program Files\Condusiv Technologies\ExpressCache\PrFacade.dll
2013-10-09 22:25 - 2016-06-15 03:12 - 001298640 _____ (NVIDIA Corporation PE Sign v2014 -> NVIDIA Corporation) [Archivo no firmado] C:\Program Files\NVIDIA Corporation\NvStreamSrv\rxinput.dll

==================== Alternate Data Streams (Lista blanca) ========

==================== Modo Seguro (Lista blanca) ==================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El "AlternateShell" será restaurado.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Asociación (Lista blanca) =================

==================== Internet Explorer sitios de confianza/restringidos ==========

(Si una entrada es incluida en el fixlist, será eliminada del registro.)

IE trusted site: HKU\S-1-5-21-1639604648-2643072818-1685207513-1002\...\fnmt.es -> hxxps://fnmt.es
IE trusted site: HKU\S-1-5-21-1639604648-2643072818-1685207513-1002\...\fnmt.es -> hxxp://fnmt.es
IE trusted site: HKU\S-1-5-21-1639604648-2643072818-1685207513-1002\...\gob.es -> hxxps://fnmt.gob.es
IE trusted site: HKU\S-1-5-21-1639604648-2643072818-1685207513-1002\...\gob.es -> hxxp://fnmt.gob.es

==================== Hosts contenido: =========================

(Si es necesario, la directiva Hosts: puede ser incluida en el fixlist para restablecer Hosts.)

2013-08-22 15:25 - 2013-08-22 15:25 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Otras Áreas ===========================

(Actualmente no existe una corrección automática para esta sección.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files (x86)\Intel\OpenCL SDK\3.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\3.0\bin\x64;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Condusiv Technologies\ExpressCache\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\Skype\Phone\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\HP\IdrsOCR_15.2.10.1114\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-1639604648-2643072818-1685207513-1002\Control Panel\Desktop\\Wallpaper -> D:\Fotos\Japón 2016 - HoneyMoon - FULL\P1020601.JPG
DNS Servers: 212.166.211.1 - 212.166.132.96
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (Ningún archivo)
Firewall de Windows está habilitado.

==================== MSCONFIG/TASK MANAGER elementos deshabilitados ==

==================== Reglas de firewall (Lista blanca) ================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

FirewallRules: [{80BFC19D-AE32-4EE5-A852-4B20C98235BF}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{96BAF800-4025-4CB9-AC86-2B532D455691}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{A06FB11A-B518-4078-A9E1-935CCCDBC160}] => (Allow) C:\Program Files\HP\HP Officejet Pro 6830\Bin\HPNetworkCommunicatorCom.exe (Hewlett Packard -> Hewlett-Packard Development Company, LP)
FirewallRules: [{6B42805D-8271-4E74-A425-A8427F6C78D3}] => (Allow) C:\Program Files\HP\HP Officejet Pro 6830\Bin\DeviceSetup.exe (Hewlett Packard -> Hewlett-Packard Development Company, LP)
FirewallRules: [{AC00367D-19DE-4C0F-917A-2909362FED76}] => (Allow) C:\Program Files\HP\HP Officejet Pro 6830\bin\SendAFax.exe (Hewlett Packard -> Hewlett-Packard Development Company, LP)
FirewallRules: [{C4705F72-4920-4735-8DFB-AF6780AB8400}] => (Allow) C:\Program Files\HP\HP Officejet Pro 6830\bin\DigitalWizards.exe (Hewlett Packard -> Hewlett-Packard Development Company, LP)
FirewallRules: [{A3A9DCFA-8221-4D9E-B754-9EB3714EF8E8}] => (Allow) C:\Program Files\HP\HP Officejet Pro 6830\bin\FaxApplications.exe (Hewlett Packard -> Hewlett-Packard Development Company, LP)
FirewallRules: [{4E1CBBEF-05FA-4B14-A20F-50986312D4DB}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{261751E5-FAB3-4045-8581-9C0833DC0C31}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{47D930BA-B9CD-46A9-BCDE-3D163EE6BCE8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\PAYDAY 2\payday2_win32_release.exe Ningún archivo
FirewallRules: [{7E87F145-DB75-4F13-B36F-E2DDB4F26876}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\PAYDAY 2\payday2_win32_release.exe Ningún archivo
FirewallRules: [{F457CBCE-BA79-4809-BFA0-47B161B42220}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\alan wakes american nightmare\alan_wakes_american_nightmare.exe (Remedy Entertainment Ltd. -> )
FirewallRules: [{E6AECAE6-E9CA-4496-90B4-545840BC9072}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\alan wakes american nightmare\alan_wakes_american_nightmare.exe (Remedy Entertainment Ltd. -> )
FirewallRules: [{4A51DAA5-9FBD-4F12-8771-544E9C6154E8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Alan Wake\AlanWake.exe (Remedy Entertainment Ltd. -> )
FirewallRules: [{FBFA146F-E245-4A59-86E8-942A87F5C302}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Alan Wake\AlanWake.exe (Remedy Entertainment Ltd. -> )
FirewallRules: [{DB532C53-B1CB-4B26-9087-6B3FA0F618FD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Broken Sword 5\BS5.exe () [Archivo no firmado]
FirewallRules: [{7DF6F642-54E5-4BA2-A8E7-DDC70C90C913}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Broken Sword 5\BS5.exe () [Archivo no firmado]
FirewallRules: [{9028B54C-7070-486E-9899-AFFC0C52E72A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Terraria\Terraria.exe (Re-Logic) [Archivo no firmado]
FirewallRules: [{31218482-B5BB-4AEC-A03A-614E6D2D3E63}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Terraria\Terraria.exe (Re-Logic) [Archivo no firmado]
FirewallRules: [{A4BDA10B-59E5-4C2E-9713-1FA15A8140B8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{285704C3-0C5A-438D-8DA1-80B3C6437FDA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{3FC37064-1F81-4E0D-9957-083FF9A185E7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{8A148938-EE61-426E-9A45-9083C54D2527}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\FINAL FANTASY VIII\FF8_Launcher.exe (Square Enix Ltd. -> )
FirewallRules: [{459486DF-019F-47B9-9581-DAAEF5719567}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\FINAL FANTASY VIII\FF8_Launcher.exe (Square Enix Ltd. -> )
FirewallRules: [{B3CC4214-CAB1-40F4-8588-521B5B65E2E4}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\FINAL FANTASY VII\FF7_Launcher.exe (Square Enix Ltd. -> )
FirewallRules: [{5B26E780-DBB1-4D95-9CA8-1E38D012D47B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\FINAL FANTASY VII\FF7_Launcher.exe (Square Enix Ltd. -> )
FirewallRules: [{3C7F3BC7-6DBA-48F0-81D7-087E14D29CCF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Gender Bender DNA Twister Extreme\gbdnate.exe () [Archivo no firmado]
FirewallRules: [{13AAEC3E-B3F0-41D2-86E8-D6BA5389EB50}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Gender Bender DNA Twister Extreme\gbdnate.exe () [Archivo no firmado]
FirewallRules: [{257FDBF7-84FD-47A8-96FA-F24EF9741CF7}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe Ningún archivo
FirewallRules: [{3C7EA541-BE0E-484B-9868-2C199F4570B6}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe Ningún archivo
FirewallRules: [{424EE616-A8BB-46F1-846D-FB395FDB3F7C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Age of Mythology\Launcher.exe (TODO: <Company name>) [Archivo no firmado]
FirewallRules: [{D087B0F2-A7BE-4677-A0B0-54A8F3A3DB41}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Age of Mythology\Launcher.exe (TODO: <Company name>) [Archivo no firmado]
FirewallRules: [{C7365D6E-DC32-476F-A2D7-80E8EDB7FD5B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Terraria\Terraria.exe (Re-Logic) [Archivo no firmado]
FirewallRules: [{32FBB2AF-7899-4342-A706-1DA5688A2AB0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Terraria\Terraria.exe (Re-Logic) [Archivo no firmado]
FirewallRules: [{BCB71778-97E9-4F33-97E9-BB5F6143E5B8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Age2HD\Launcher.exe (TODO: <Company name>) [Archivo no firmado]
FirewallRules: [{7ABD0B92-EAB7-4C1A-9CCC-CB027780E014}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Age2HD\Launcher.exe (TODO: <Company name>) [Archivo no firmado]
FirewallRules: [{221781DE-4691-4C5F-995E-74A9C52FDC76}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Age Of Empires 3\bin\age3y.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{BEB4B2FB-F630-422C-8FDB-7140FC205690}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Age Of Empires 3\bin\age3y.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{A43261E4-D3F4-4252-ADDC-9CF506041573}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Age Of Empires 3\bin\age3x.exe (Microsoft Corporation -> Ensemble Studios)
FirewallRules: [{FB4DB43A-EC4C-4E11-99A0-D8B84E762F1B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Age Of Empires 3\bin\age3x.exe (Microsoft Corporation -> Ensemble Studios)
FirewallRules: [{EE5498E3-2BE4-497F-91B1-901386D0FA24}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Age Of Empires 3\bin\age3.exe (Microsoft Corporation -> Ensemble Studios)
FirewallRules: [{D7EB698E-05E3-4EA9-9CE0-2AC14240E9A6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Age Of Empires 3\bin\age3.exe (Microsoft Corporation -> Ensemble Studios)
FirewallRules: [{BFBB50F9-8890-452F-A170-0EAA97DA3F6F}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{1509AA97-3C0A-4717-99D6-24915FA464AD}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{6D3B2AFE-84EF-47FD-AD1A-A62235615C78}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{74CCEA3F-96B7-47C1-900B-91EC03F14089}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{B2F456C1-FEDA-4CF7-BD22-A7195559F93D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{8F597D89-2555-4C51-80CD-E6EF67E79A8E}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{4F97ED57-8008-4818-AA2C-DD0FA3D8F863}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{5920FFDB-0FB2-4573-9346-DC0BF707EFBA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{22B64C2F-1C9F-4C31-8588-ABF3BEB88C30}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{0F4D37BD-7FAB-4479-8EAC-F29C68D0E2B3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{DCC787F1-FD59-4A08-A9D5-D0DC51328652}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{CF9AFA73-07CD-4D8B-B322-66C14C9639E9}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{70EEC19E-5E53-44D5-8816-FB6B1FA5883A}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{5044CF1C-7135-4F88-9204-F3DD52B6C668}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{171E263C-37EC-4C67-8159-AF0FAEAA49C2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{14E81268-6EC8-4B6C-97C4-0D328C9DE410}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{24CA57DA-F97E-4560-92D2-A90577CAB7DD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [UDP Query User{403B1D1F-1C73-4CF0-B522-D8B851F9D51A}C:\users\lluis portet\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\lluis portet\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{F9CC6EEE-A880-4D05-B3D6-F66A9C2843CA}C:\users\lluis portet\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\lluis portet\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{8C79A643-DE91-4BAB-A140-80259D19F4AA}C:\users\lluis portet\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\lluis portet\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{9A5DC5DD-1D18-4CC3-B072-7518712E33E1}C:\users\lluis portet\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\lluis portet\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{89419CDB-4B88-4FC4-9662-C5AE6118ABF5}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{E6EFE896-57BC-4EDA-B881-B649EF85F540}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{28BC1058-CCA4-4391-AA3C-9C70E04CF6D1}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{CCA11F5D-1539-4B21-A9F3-7C670E593A05}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{8668EE8B-05AF-4DDE-BCA0-95CE5D3326CA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{FE063ECE-1CA6-46D5-8A8C-FD7048C15C96}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{741B211D-0A63-47D5-8EBC-AE269C4F1AEB}] => (Allow) LPort=5357
FirewallRules: [{08DE00EC-CCDD-4223-A128-FE7E887427A7}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{0951AC13-C929-4FE2-BF75-F67B1EAB3AC7}] => (Allow) LPort=2869
FirewallRules: [{C2662B37-D283-4D36-87D2-B67FA4DCC01B}] => (Allow) LPort=1900
FirewallRules: [{114FCAB2-ED8D-4663-AC1C-CCA5664A105B}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{3477594E-D496-4DB2-8B6F-12D035918DC1}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{DF50EC6C-3B69-4FDB-A05D-4403A373937D}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{78CCFF67-8ABB-46A0-9FEA-9A54D7EEA4D6}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{0680C47D-2892-4584-8E8F-86FC090758B2}] => (Allow) C:\Program Files\HP\HP ENVY Photo 7800 series\bin\FaxApplications.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{C3324D6B-6204-4395-9881-076438522434}] => (Allow) C:\Program Files\HP\HP ENVY Photo 7800 series\bin\DigitalWizards.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{8BE0DEF9-C9DA-4474-9BE8-14A0CAC0C708}] => (Allow) C:\Program Files\HP\HP ENVY Photo 7800 series\bin\SendAFax.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{01AA35E4-40A6-4F84-AF41-C8991DF99CBC}] => (Allow) C:\Program Files\HP\HP ENVY Photo 7800 series\bin\FaxPrinterUtility.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{9BDAC6AC-2470-4612-B78F-661963044C20}] => (Allow) C:\Program Files\HP\HP ENVY Photo 7800 series\Bin\DeviceSetup.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{BF31ED4C-E7F0-47EF-8AD0-CFBA5D70510B}] => (Allow) C:\Program Files\HP\HP ENVY Photo 7800 series\Bin\HPNetworkCommunicatorCom.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{BCC27C90-FA6C-448D-B37F-61122A3B9624}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12104.2.43056.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{48054F1F-E8CB-48FC-8DF6-DAE949DC0259}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12104.2.43056.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{9E6D655C-187D-4C86-ABAC-48666434AC86}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12104.2.43056.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{9A5EA851-EC67-4F05-A863-E1975A30ACFA}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12104.2.43056.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{5432012C-6BA7-4776-86DB-A9807168E90A}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12104.2.43056.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{88226564-8543-49EE-B78A-36352B23E74D}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12104.2.43056.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{26EF0B54-9E91-40CA-B32F-6A9F5E05B7AF}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12104.2.43056.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{1E6BB62D-7231-425D-9726-266234B5EA66}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12104.2.43056.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{9F8D6CFC-BFE7-448D-88DB-5FAFB15724CB}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{D20CB151-87B6-4FFC-9554-F66EAF5C61B8}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12105.12.48001.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{0AB096FC-F705-42F0-9140-55AB812096B9}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12105.12.48001.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{B072BC5F-986B-40B0-9D88-DBDB0C03C8AA}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12105.12.48001.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{FA44AD9B-CF1D-4145-A8AF-416FE62D6B9E}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12105.12.48001.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{1A6CAC8A-7437-4649-810C-61A8927F04A2}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12105.12.48001.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{6F1DB44B-A486-4CD9-BD6C-DCE0283E531A}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12105.12.48001.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{DC53A5C8-2564-429F-86C0-A485C09526BD}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12105.12.48001.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{25AB4659-F0A2-4A35-8349-2338A54E2B5A}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12105.12.48001.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [TCP Query User{0FFE1949-57F5-422C-BB7C-99270345B0B9}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [UDP Query User{056BC248-3258-4C87-8E1C-59BB971233C1}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{69F99FD1-C293-47F1-BB77-0DF3E3F801D3}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{205318BE-B257-4884-BEE1-38025A398A58}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{6BD2499C-EB03-47FF-9CEF-74CFB89F15FC}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{BA46EA4A-449E-4E0E-AF03-4155866AF314}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Alan Wake\AlanWake.exe (Remedy Entertainment Ltd. -> )
FirewallRules: [{02515B22-ED0C-45DC-9FE3-0578F72EFBDB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Alan Wake\AlanWake.exe (Remedy Entertainment Ltd. -> )

==================== Puntos de Restauración =========================

05-04-2020 14:24:01 Windows Update
11-04-2020 11:37:13 Windows Update
13-04-2020 13:25:15 Removed ASUS Product Demo Kit
15-04-2020 16:02:26 Installed 4K Video Downloader 4.12
15-04-2020 16:08:25 AdwCleaner_BeforeCleaning_15/04/2020_16:08:24

==================== Dispositivos defectuosos en el Administrador de dispositivos ============


==================== Errores del registro de eventos: ========================

Errores de aplicación:
==================
Error: (04/15/2020 05:07:44 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (9644,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) al abrir un archivo de registro C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (04/15/2020 04:46:36 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (12472,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) al abrir un archivo de registro C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (04/15/2020 04:36:02 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (5164,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) al abrir un archivo de registro C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (04/15/2020 04:34:05 PM) (Source: MsiInstaller) (EventID: 1002) (User: NT AUTHORITY)
Description: Valor inesperado o no encontrado (nombre: "PackageCode", valor: "GUID") en la clave "HKLM\Software\Classes\Installer\Products\B476F94747628E7478C965620AB6A219"

Error: (04/15/2020 04:33:54 PM) (Source: MsiInstaller) (EventID: 1002) (User: NT AUTHORITY)
Description: Valor inesperado o no encontrado (nombre: "PackageCode", valor: "GUID") en la clave "HKLM\Software\Classes\Installer\Products\B476F94747628E7478C965620AB6A219"

Error: (04/15/2020 04:33:29 PM) (Source: MsiInstaller) (EventID: 1002) (User: NT AUTHORITY)
Description: Valor inesperado o no encontrado (nombre: "PackageCode", valor: "GUID") en la clave "HKLM\Software\Classes\Installer\Products\B476F94747628E7478C965620AB6A219"

Error: (04/15/2020 04:31:12 PM) (Source: MsiInstaller) (EventID: 1002) (User: NT AUTHORITY)
Description: Valor inesperado o no encontrado (nombre: "PackageCode", valor: "GUID") en la clave "HKLM\Software\Classes\Installer\Products\B476F94747628E7478C965620AB6A219"

Error: (04/15/2020 04:19:33 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
Description: Error al descargar las cadenas del contador de rendimiento para el servicio WmiApRpl (WmiApRpl). El primer valor DWORD de la sección de datos contiene el código de error.


Errores del sistema:
=============
Error: (04/15/2020 04:40:14 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio Steam Client Service no pudo iniciarse debido al siguiente error: 
El servicio no respondió a tiempo a la solicitud de inicio o de control.

Error: (04/15/2020 04:40:14 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Se agotó el tiempo de espera (30000 ms) para la conexión con el servicio Steam Client Service.

Error: (04/15/2020 04:15:36 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio Steam Client Service no pudo iniciarse debido al siguiente error: 
El servicio no respondió a tiempo a la solicitud de inicio o de control.

Error: (04/15/2020 04:15:36 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Se agotó el tiempo de espera (30000 ms) para la conexión con el servicio Steam Client Service.

Error: (04/15/2020 04:13:56 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: El servidor {784E29F4-5EBE-4279-9948-1E8FE941646D} no se registró con DCOM dentro del tiempo de espera requerido.

Error: (04/15/2020 04:10:10 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio Freemake Improver no pudo iniciarse debido al siguiente error: 
El servicio no respondió a tiempo a la solicitud de inicio o de control.

Error: (04/15/2020 04:10:10 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Se agotó el tiempo de espera (45000 ms) para la conexión con el servicio Freemake Improver.

Error: (04/15/2020 04:09:01 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio ExpressCache se terminó de manera inesperada. Esto ha sucedido 1 veces.


Windows Defender:
===================================
Date: 2020-04-10 23:16:33.750
Description: 
El examen de Antivirus de Windows Defender se detuvo antes de completarse.
Id. de examen: {1A2BE8A7-EC4D-46B2-8EB0-65ABD85BF8E2}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: Lluis\Lluís Portet

Date: 2020-03-29 16:21:38.953
Description: 
Antivirus de Windows Defender detectó malware u otro software potencialmente no deseado.
Para más información, consulta lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win32/Keygen&threatid=2147593794&enterprise=0
Nombre: HackTool:Win32/Keygen
Id.: 2147593794
Gravedad: Alta
Categoría: Herramienta
Ruta de acceso: containerfile:_D:\A organizar\Final\Downloads\Key_gen_9.4.26.rar; containerfile:_D:\A organizar\Final\Downloads\Nitro.PDF.Professional.6.1.2.1_es.rar; containerfile:_D:\A organizar\Final\Downloads\Nitro.PDF.Professional.6.1.2.1_es\Nitro.PDF.Professional-EMBRACE.rar; containerfile:_D:\A organizar\Final\Downloads\SUPERAntiSpyware_Professional_v.5.0.1136_Final.rar; file:_D:\A organizar\Final\Downloads\Key_gen_9.4.26.rar->Key gen_9.4.26\keymaker.exe; file:_D:\A organizar\Final\Downloads\Nitro.PDF.Professional.6.1.2.1_es.rar->Nitro.PDF.Professional-EMBRACE.rar->Nitro.PDF.Professional-EMBRACE\keygen.exe; file:_D:\A organizar\Final\Downloads\Nitro.PDF.Professional.6.1.2.1_es\Nitro.PDF.Professional-EMBRACE.rar->Nitro.PDF.Professional-EMBRACE\keygen.exe; file:_D:\A organizar\Final\Downloads\SUPERAntiSpyware_Professional_v.5.0.1136_Final.rar->SUPERAntiSpyware Professional v.5.0.1136 Final\Medicina\keygen.exe
Origen de detección: Equipo local
Tipo de detección: Concreto
Origen de detección: Sistema
Usuario: NT AUTHORITY\SYSTEM
Nombre de proceso: Unknown
Versión de inteligencia de seguridad: AV: 1.311.1752.0, AS: 1.311.1752.0, NIS: 1.311.1752.0
Versión de motor: AM: 1.1.16800.2, NIS: 1.1.16800.2

Date: 2020-03-22 23:45:29.003
Description: 
El examen de Antivirus de Windows Defender se detuvo antes de completarse.
Id. de examen: {E66647F8-3D46-4451-BC91-CDCE0091BE2C}
Tipo de examen: Antimalware
Parámetros de examen: Examen completo
Usuario: Lluis\Lluís Portet

Date: 2020-03-22 23:45:28.988
Description: 
Antivirus de Windows Defender detectó malware u otro software potencialmente no deseado.
Para más información, consulta lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win32/Keygen&threatid=2147593794&enterprise=0
Nombre: HackTool:Win32/Keygen
Id.: 2147593794
Gravedad: Alta
Categoría: Herramienta
Ruta de acceso: containerfile:_D:\A organizar\Final\Downloads\Key_gen_9.4.26.rar; containerfile:_D:\A organizar\Final\Downloads\Nitro.PDF.Professional.6.1.2.1_es.rar; containerfile:_D:\A organizar\Final\Downloads\Nitro.PDF.Professional.6.1.2.1_es\Nitro.PDF.Professional-EMBRACE.rar; containerfile:_D:\A organizar\Final\Downloads\SUPERAntiSpyware_Professional_v.5.0.1136_Final.rar; file:_D:\A organizar\Final\Downloads\Key_gen_9.4.26.rar->Key gen_9.4.26\keymaker.exe; file:_D:\A organizar\Final\Downloads\Nitro.PDF.Professional.6.1.2.1_es.rar->Nitro.PDF.Professional-EMBRACE.rar->Nitro.PDF.Professional-EMBRACE\keygen.exe; file:_D:\A organizar\Final\Downloads\Nitro.PDF.Professional.6.1.2.1_es\Nitro.PDF.Professional-EMBRACE.rar->Nitro.PDF.Professional-EMBRACE\keygen.exe; file:_D:\A organizar\Final\Downloads\SUPERAntiSpyware_Professional_v.5.0.1136_Final.rar->SUPERAntiSpyware Professional v.5.0.1136 Final\Medicina\keygen.exe
Origen de detección: Equipo local
Tipo de detección: Concreto
Origen de detección: Usuario
Usuario: Lluis\Lluís Portet
Nombre de proceso: Unknown
Versión de inteligencia de seguridad: AV: 1.311.1752.0, AS: 1.311.1752.0, NIS: 1.311.1752.0
Versión de motor: AM: 1.1.16800.2, NIS: 1.1.16800.2

Date: 2020-03-17 21:15:06.454
Description: 
El examen de Antivirus de Windows Defender se detuvo antes de completarse.
Id. de examen: {C361CD58-951B-4234-893D-C83AA29768C5}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM

Date: 2020-04-10 22:56:56.451
Description: 
Antivirus de Windows Defender detectó un error al intentar actualizar la inteligencia de seguridad.
Nueva versión de inteligencia de seguridad: 
Versión anterior de inteligencia de seguridad: 1.313.813.0
Origen de actualización: Centro de protección contra malware de Microsoft
Tipo de inteligencia de seguridad: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\Servicio de red
Versión actual del motor: 
Versión anterior del motor: 1.1.16900.4
Código de error: 0x80072ee7
Descripción del error: No se pudo resolver el nombre de servidor o su dirección 

Date: 2020-04-10 22:56:56.444
Description: 
Antivirus de Windows Defender detectó un error al intentar actualizar la inteligencia de seguridad.
Nueva versión de inteligencia de seguridad: 
Versión anterior de inteligencia de seguridad: 1.313.813.0
Origen de actualización: Centro de protección contra malware de Microsoft
Tipo de inteligencia de seguridad: AntiSpyware
Tipo de actualización: Completa
Usuario: NT AUTHORITY\Servicio de red
Versión actual del motor: 
Versión anterior del motor: 1.1.16900.4
Código de error: 0x80072ee7
Descripción del error: No se pudo resolver el nombre de servidor o su dirección 

Date: 2020-04-10 22:56:56.443
Description: 
Antivirus de Windows Defender detectó un error al intentar actualizar la inteligencia de seguridad.
Nueva versión de inteligencia de seguridad: 
Versión anterior de inteligencia de seguridad: 1.313.813.0
Origen de actualización: Centro de protección contra malware de Microsoft
Tipo de inteligencia de seguridad: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\Servicio de red
Versión actual del motor: 
Versión anterior del motor: 1.1.16900.4
Código de error: 0x80072ee7
Descripción del error: No se pudo resolver el nombre de servidor o su dirección 

Date: 2020-04-10 22:56:56.363
Description: 
Antivirus de Windows Defender detectó un error al intentar actualizar la inteligencia de seguridad.
Nueva versión de inteligencia de seguridad: 
Versión anterior de inteligencia de seguridad: 1.313.813.0
Origen de actualización: Centro de protección contra malware de Microsoft
Tipo de inteligencia de seguridad: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\Servicio de red
Versión actual del motor: 
Versión anterior del motor: 1.1.16900.4
Código de error: 0x80072ee7
Descripción del error: No se pudo resolver el nombre de servidor o su dirección 

Date: 2020-04-10 22:56:56.361
Description: 
Antivirus de Windows Defender detectó un error al intentar actualizar la inteligencia de seguridad.
Nueva versión de inteligencia de seguridad: 
Versión anterior de inteligencia de seguridad: 1.313.813.0
Origen de actualización: Centro de protección contra malware de Microsoft
Tipo de inteligencia de seguridad: AntiSpyware
Tipo de actualización: Completa
Usuario: NT AUTHORITY\Servicio de red
Versión actual del motor: 
Versión anterior del motor: 1.1.16900.4
Código de error: 0x80072ee7
Descripción del error: No se pudo resolver el nombre de servidor o su dirección 

CodeIntegrity:
===================================

Date: 2020-04-15 16:11:45.502
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2020-04-15 16:11:45.428
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2020-04-15 15:54:12.116
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2020-04-15 15:50:37.573
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Google\Drive\googledrivesync64.dll that did not meet the Microsoft signing level requirements.

Date: 2020-04-15 15:50:32.410
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Google\Drive\googledrivesync64.dll that did not meet the Microsoft signing level requirements.

Date: 2020-04-15 15:50:27.296
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Google\Drive\googledrivesync64.dll that did not meet the Microsoft signing level requirements.

Date: 2020-04-14 02:41:48.475
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2020-04-14 02:41:48.227
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

==================== Información de la memoria =========================== 

BIOS: American Megatrends Inc. S551LB.205 06/11/2013
Placa base: ASUSTeK COMPUTER INC. S551LB
Procesador: Intel(R) Core(TM) i7-4500U CPU @ 1.80GHz
Porcentaje de memoria en uso: 67%
RAM física total: 8075.22 MB
RAM física disponible: 2650.71 MB
Virtual total: 16267.22 MB
Virtual disponible: 10492.13 MB

==================== Unidades ================================

Drive c: (OS) (Fixed) (Total:371.8 GB) (Free:42.91 GB) NTFS ==>[sistema con componentes de arranque (obtenido de unidad)]
Drive d: (Data) (Fixed) (Total:537.6 GB) (Free:76.52 GB) NTFS

\\?\Volume{30300af6-38dd-4d4f-85f9-7f87bf71c3ff}\ (Recovery) (Fixed) (Total:0.88 GB) (Free:0.45 GB) NTFS
\\?\Volume{138335bd-eda0-471d-a631-6e0cfd90aab1}\ () (Fixed) (Total:0.81 GB) (Free:0.31 GB) NTFS
\\?\Volume{2916e379-559c-4e2e-b102-4f2acd3f05e0}\ (Restore) (Fixed) (Total:20.01 GB) (Free:6.43 GB) NTFS
\\?\Volume{01f9031f-4dc3-45f8-a77a-a217e12be63d}\ (SYSTEM) (Fixed) (Total:0.29 GB) (Free:0.26 GB) FAT32

==================== MBR & Tabla de particiones ====================

==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 3E1AB738)

Partition: GPT.

==========================================================
Disk: 1 (Size: 22.4 GB) (Disk ID: 74F02DEA)
Partition 1: (Not Active) - (Size=22.4 GB) - (Type=73)

==================== Final de Addition.txt =======================

No se si los he pegado bien. Seguiran enviando este tipo de mails¿? He mirado en la web de Powned y si que mi mail esta POwned…

Gracias!

no pasa nada Llpx79 como ya te han dicho, cambia las contraseñas en peligro y bloqueas ese correo para no recibir mas correos parecidos seguramente estaras en una blacklist normalmente son para ver si caes y pagas, no pasa nada porque esos robos de identidades sera de hace tiempo y ya tengas cambiada la contraseña y sino lo dicho, cámbialas

saludos

Hola

Le has eliminado por completo? Se ven muchas entradas en FRST, comenta para incluirlas en el Fix.

No tiene porqué ser la causa del problema, esa cuenta pudo estar comprometida, revísalo aquí:

Puedes poner tu correo electrónico en: have i been pwned? y te va a decir los sitios que fueron hackeados y obtuvieron tu dirección.

Un saludo

Hola Daniela

Pues lo desinstale con el panel de control de windows… no se si sabeis otra forma para eliminar estos registros que todavía parece que hay…

Gracias! Lluís

Hola Lluís

No te preocupes, lo he añadido para eliminar con FRST

MUY Importante Realiza una copia de seguridad del registro :

• Para hacerlo descarga DelFix.exe( en tu escritorio).

• Doble clic para ejecutarlo.(Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona -Ejecutar como Administrador-).

• Atención, ahora marca/selecciona únicamente la casilla "Create registry backup", las demás NO.

• Pulsar en Run.

Se abrirá el informe (DelFix.txt), guárdalo por si fuera necesario y cierra la herramienta.

A continuación con los demás programas cerrados ve a Inicio Ejecutar y escribe Notepad.exe.

• Ahora debes copiar y pegar los códigos/líneas que están en el interior del recuadro de más abajo, dentro del Notepad.

START
CREATERESTOREPOINT:
CLOSEPROCESSES:
Task: {00684ACB-A0AD-4583-B154-5B7FAE8D72AD} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> Ningún archivo <==== ATENCIÓN
Task: {0DFF7908-46FA-41F9-A0B1-600C607FA91B} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Ningún archivo <==== ATENCIÓN
Task: {1ED13AB3-F2D4-4004-8B57-BF93ABDF5308} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Ningún archivo <==== ATENCIÓN
Task: {3841289C-87CA-4A17-9BF7-0431907E55C6} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> Ningún archivo <==== ATENCIÓN
Task: {49115923-23A5-427B-BAC7-A2AC6A5BD8CD} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> Ningún archivo <==== ATENCIÓN
Task: {58F8786D-8BCC-4E36-94F4-166202A98865} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Ningún archivo <==== ATENCIÓN
Task: {613D2B3B-D8EB-4CD0-8B9F-28BA07505B85} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Ningún archivo <==== ATENCIÓN
Task: {813C8CA2-68FE-4C4A-AA97-F1E3D372F8E4} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Ningún archivo <==== ATENCIÓN
Task: {8B0DC868-14F4-4F83-B259-932DE1094F1B} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Ningún archivo <==== ATENCIÓN
Task: {C8B8918B-29DD-4A88-905B-B40F0A202E38} - \Microsoft\Windows\Setup\gwx\rundetector -> Ningún archivo <==== ATENCIÓN
Task: {DF51D083-EA82-485F-BE05-3BE1DDDB2B49} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Ningún archivo <==== ATENCIÓN
Task: {E50AC9E3-DE9F-4147-9145-45FA38F1191A} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Ningún archivo <==== ATENCIÓN
Task: {E558186A-D312-49E3-BBD7-5290FF816573} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Ningún archivo <==== ATENCIÓN
Task: {E7CBAE3C-255F-4D6B-A819-4BAABFC0EAE8} - \Microsoft\Windows\Setup\GWXTriggers\Time-Weekend -> Ningún archivo <==== ATENCIÓN
Task: {ED9E10CA-A81C-4F3C-8E60-8CA59C026FF8} - \Microsoft\Windows\UNP\RunCampaignManager -> Ningún archivo <==== ATENCIÓN
Task: {F5024FD2-01D7-4384-B094-634A5BE123E9} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Ningún archivo <==== ATENCIÓN
Task: {FAB24E96-ECF1-44A4-82A4-822439246F3D} - \WPD\SqmUpload_S-1-5-21-1639604648-2643072818-1685207513-1002 -> Ningún archivo <==== ATENCIÓN
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restricción <==== ATENCIÓN
CHR HomePage: Default -> hxxp://www.google.com/ig/redirectdomain?brand=ASUT&bmod=ASUT
CHR Extension: (Chrome Media Router) - C:\Users\Lluis Portet\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-04-05]
S2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [81280 2020-03-02] (Mixbyte Inc -> Freemake)
2020-03-22 19:51 - 2020-03-22 19:53 - 000000000 ____D C:\Users\Lluis Portet\Documents\Freemake
2020-03-22 19:51 - 2020-03-22 19:51 - 000000000 ____D C:\Users\Lluis Portet\AppData\Local\FreemakeVideoDownloader
2020-03-22 19:50 - 2020-04-15 15:55 - 000000000 ____D C:\Program Files (x86)\Freemake
2020-03-22 19:50 - 2020-03-22 19:51 - 000000000 ____D C:\ProgramData\Freemake
2020-03-22 19:49 - 2020-03-22 19:49 - 001011376 _____ (Ellora Assets Corporation ) C:\Users\Lluis Portet\Downloads\FreemakeVideoDownloaderSetup_ae3ba08d-8653-2489-d276-2e7d6dcff05f.exe
2020-04-15 16:10 - 2017-01-29 21:14 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2013-10-04 21:56 - 2020-04-15 15:55 - 000000074 _____ () C:\Users\Lluis Portet\AppData\Roaming\sp_data.sys
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> Ningún archivo
FirewallRules: [{47D930BA-B9CD-46A9-BCDE-3D163EE6BCE8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\PAYDAY 2\payday2_win32_release.exe Ningún archivo
FirewallRules: [{7E87F145-DB75-4F13-B36F-E2DDB4F26876}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\PAYDAY 2\payday2_win32_release.exe Ningún archivo


HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
END

Guárdalo bajo el nombre de FIXLIST.TXT en el escritorio Esto es muy importante.

Nota Es importante que la herramienta FRST.exe (Farbar Recovery Scanner Tool) y FIXLIST.TXT se encuentren en la misma ubicación (escritorio) o si no, no trabajara.

Y ahora usa el 2º MÉTODO: de esta Faq de Windows 8(aplicable a Windows 10) ¿Cómo iniciar Windows 8/8.1 en Modo Seguro?, para trabajar desde ese modo de windows.

• Ejecuta FRST.exe.(Si usas Windows Vista/7/8 o 10, presiona clic derecho y seleccionas -Ejecutar como Administrador-).
• Presionar el botón FIX/Corregir y aguardar a que termine.
• La Herramienta guardara el reporte de reparación en el escritorio (FIXLOG.TXT).

Pega el contenido de este fichero en tu próxima respuesta.

Reiniciar el equipo y comprobar su funcionamiento en relación al problema planteado y comentarlo.

Un saludo

Gracias Daniela Ayer estuve mirando más en detalle el report que salia y basicamente eran carpetas vacias con ese nombre y también CCCleaner limpió algo del registro. Lo que pensaba hacer hoy era volver a ejecutar FRST y pegar el report. Igualmente, me miro con detalle estas instrucciones.

Lluís

Hola

Resumo todo lo que he hecho. He vuelto a pasar adware y no he podido eliminar un programa preinstalado. También me han salido dos PUPs de AVG Secure Search (quizás porque instalé Deflagger para desfragmentar el disco duro, que ya he desinstalado).

# -------------------------------
# Malwarebytes AdwCleaner 8.0.4.0
# -------------------------------
# Build:    04-03-2020
# Database: 2020-04-03.1 (Local)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start:    04-16-2020
# Duration: 00:00:17
# OS:       Windows 10 Home
# Cleaned:  4
# Failed:   2


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

Deleted       AVG Secure Search
Deleted       AVG Secure Search

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

Deleted       Preinstalled.ASUSSmartGesture   Folder   C:\Program Files (x86)\ASUS\ASUS SMART GESTURE
Deleted       Preinstalled.HPSupportAssistant   Folder   C:\ProgramData\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK
Not Deleted   Preinstalled.ASUSWebStorage   Folder   C:\Program Files (x86)\ASUS\WEBSTORAGE SYNC AGENT
Not Deleted   Preinstalled.HPSupportAssistant   Folder   C:\Program Files (x86)\HEWLETT-PACKARD\HP SUPPORT SOLUTIONS


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [10986 octets] - [13/04/2020 11:30:07]
AdwCleaner[C00].txt - [3326 octets] - [13/04/2020 11:32:40]
AdwCleaner[S01].txt - [9053 octets] - [15/04/2020 16:06:39]
AdwCleaner[C01].txt - [10047 octets] - [15/04/2020 16:09:08]
AdwCleaner[S02].txt - [1905 octets] - [15/04/2020 18:05:32]
AdwCleaner[S03].txt - [1966 octets] - [15/04/2020 19:57:56]
AdwCleaner[S04].txt - [2191 octets] - [16/04/2020 20:42:22]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C04].txt ##########

y este ya es el ultimo en el que solo hay un elemento preinstalado. Lo volvi a ejecutar y salía saliendo, con lo que desistí de enviarlo a la cuarentena, porque no lo limpiaba.

# -------------------------------
# Malwarebytes AdwCleaner 8.0.4.0
# -------------------------------
# Build:    04-03-2020
# Database: 2020-04-03.1 (Local)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start:    04-17-2020
# Duration: 00:01:25
# OS:       Windows 10 Home
# Scanned:  32067
# Detected: 1


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Hosts File Entries ] *****

No malicious hosts file entries found.

***** [ Preinstalled Software ] *****

Preinstalled.HPSupportAssistant   Folder   C:\Program Files (x86)\HEWLETT-PACKARD\HP SUPPORT SOLUTIONS 


AdwCleaner[S00].txt - [10986 octets] - [13/04/2020 11:30:07]
AdwCleaner[C00].txt - [3326 octets] - [13/04/2020 11:32:40]
AdwCleaner[S01].txt - [9053 octets] - [15/04/2020 16:06:39]
AdwCleaner[C01].txt - [10047 octets] - [15/04/2020 16:09:08]
AdwCleaner[S02].txt - [1905 octets] - [15/04/2020 18:05:32]
AdwCleaner[S03].txt - [1966 octets] - [15/04/2020 19:57:56]
AdwCleaner[S04].txt - [2191 octets] - [16/04/2020 20:42:22]
AdwCleaner[C04].txt - [2393 octets] - [16/04/2020 20:45:22]
AdwCleaner[S05].txt - [2059 octets] - [17/04/2020 16:00:28]
AdwCleaner[C05].txt - [2273 octets] - [17/04/2020 16:05:53]
AdwCleaner[S06].txt - [2090 octets] - [17/04/2020 16:14:06]
AdwCleaner[C06].txt - [2291 octets] - [17/04/2020 16:19:23]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S07].txt ##########

Volvi a ejecutar CCCleaner. Todo ok. Volvi a ejecutar FRST y aqui los reports.

FRST

Resultado del análisis realizado por Farbar Recovery Scan Tool (FRST) (x64) Versión: 15-04-2020
Ejecutado por Lluís Portet (administrador) sobre LLUIS (ASUSTeK COMPUTER INC. S551LB) (17-04-2020 16:44:47)
Ejecutado desde C:\Users\Lluis Portet\Desktop
Perfiles cargados: Lluís Portet (Perfiles disponibles: Lluís Portet)
Platform: Windows 10 Home Versión 1909 18363.778 (X64) Idioma: Español (España, internacional)
Navegador predeterminado: Edge
Modo de Inicio: Normal
Tutorial para Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Procesos (Lista blanca) =================

(Si una entrada es incluida en el fixlist, el proceso será cerrado. El archivo no será movido.)

(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iTunes_12105.12.48001.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files\ASUS\P4G\InsOnSrv.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files\ASUS\P4G\InsOnWMI.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer INC.) C:\ProgramData\AsTouchPanel\AsPatchTouchPanel64.exe
(CONDUSIV TECHNOLOGIES -> Condusiv Technologies) C:\Program Files\Condusiv Technologies\ExpressCache\ExpressCache.exe
(Hewlett Packard -> HP Inc.) C:\Program Files\HP\HP ENVY Photo 7800 series\Bin\ScanToPCActivationApp.exe
(Hewlett-Packard Company -> Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation-Mobile Wireless Group -> Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe
(Intel Corporation-Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Intel Wireless Display -> Intel) C:\Program Files\Intel Corporation\Intel WiDi\BrcmSetSecurity.exe
(Intel(R) Corporation) [Archivo no firmado] C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel(R) pGFX -> ) C:\Windows\System32\igfxTray.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel(R) Smart Connect software -> ) C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
(Intel(R) Software -> Intel Corporation) C:\Windows\System32\DptfParticipantProcessorService.exe
(Intel(R) Software -> Intel Corporation) C:\Windows\System32\DptfPolicyConfigTDPService.exe
(Intel(R) Software -> Intel Corporation) C:\Windows\System32\DptfPolicyCriticalService.exe
(Intel(R) Software -> Intel Corporation) C:\Windows\System32\DptfPolicyLpmService.exe
(Intel(R) Software -> Intel Corporation) C:\Windows\System32\DptfPolicyLpmServiceHelper.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\Lluis Portet\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeSH.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SecurityHealthHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2003.8-0\MsMpEng.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Skype Software Sarl -> Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe

==================== Registro (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13550152 2013-05-30] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1308232 2013-05-20] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\nvspcap64.dll [1767760 2016-06-15] (NVIDIA Corporation PE Sign v2014 -> NVIDIA Corporation) [Archivo no firmado]
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2398776 2016-06-15] (NVIDIA Corporation -> NVIDIA Corporation)
HKLM\...\Run: [DptfPolicyLpmServiceHelper] => C:\WINDOWS\system32\DptfPolicyLpmServiceHelper.exe [79376 2013-04-22] (Intel(R) Software -> Intel Corporation)
HKLM\...\Run: [WindowsDefender] => "%ProgramFiles%\Windows Defender\MSASCuiL.exe"
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [40336 2015-09-24] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [67384 2016-11-17] (Apple Inc. -> Apple Inc.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard Company -> Hewlett-Packard)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [595992 2016-05-20] (Oracle America, Inc. -> Oracle Corporation)
HKLM\...\Policies\Explorer: [NoDesktop] 0
HKU\S-1-5-21-1639604648-2643072818-1685207513-1002\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [31682144 2015-03-25] (Skype Software Sarl -> Skype Technologies S.A.)
HKU\S-1-5-21-1639604648-2643072818-1685207513-1002\...\Run: [HP ENVY Photo 7800 (NET)] => C:\Program Files\HP\HP ENVY Photo 7800 series\Bin\ScanToPCActivationApp.exe [4065416 2018-04-19] (Hewlett Packard -> HP Inc.)
HKU\S-1-5-21-1639604648-2643072818-1685207513-1002\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [22245560 2020-03-19] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-1639604648-2643072818-1685207513-1002\...\Run: [Spotify] => C:\Users\Lluis Portet\AppData\Roaming\Spotify\Spotify.exe [22932200 2020-04-15] (Spotify AB -> Spotify Ltd)
HKU\S-1-5-21-1639604648-2643072818-1685207513-1002\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Lluis Portet\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe"
HKU\S-1-5-21-1639604648-2643072818-1685207513-1002\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Lluis Portet\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe"
HKU\S-1-5-21-1639604648-2643072818-1685207513-1002\...\RunOnce: [Uninstall 19.232.1124.0010\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Lluis Portet\AppData\Local\Microsoft\OneDrive\19.232.1124.0010\amd64"
HKU\S-1-5-21-1639604648-2643072818-1685207513-1002\...\RunOnce: [Uninstall 19.232.1124.0010] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Lluis Portet\AppData\Local\Microsoft\OneDrive\19.232.1124.0010"
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\80.0.3987.163\Installer\chrmstp.exe [2020-04-11] (Google LLC -> Google LLC)
Startup: C:\Users\Lluis Portet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Supervisar alertas de tinta - .lnk [2016-10-02]
ShortcutAndArgument: Supervisar alertas de tinta - .lnk -> C:\WINDOWS\system32\RunDll32.exe => "C:\Program Files\HP\HP Officejet Pro 6830\bin\HPStatusBL.dll",RunDLLEntry SERIALNUMBER=TH48B5C199;CONNECTION=USB;MONITOR=1;
Startup: C:\Users\Lluis Portet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Supervisar alertas de tinta - HP Officejet Pro 6830.lnk [2018-04-16]
ShortcutAndArgument: Supervisar alertas de tinta - HP Officejet Pro 6830.lnk -> C:\WINDOWS\system32\RunDll32.exe => "C:\Program Files\HP\HP Officejet Pro 6830\bin\HPStatusBL.dll",RunDLLEntry SERIALNUMBER=TH48B5C199;CONNECTION=USB;MONITOR=1;

==================== Tareas programadas (Lista blanca) ============

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

Task: {00684ACB-A0AD-4583-B154-5B7FAE8D72AD} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> Ningún archivo <==== ATENCIÓN
Task: {0C748BF6-1B15-4C15-8FA1-559A0B28B6E2} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4357016 2020-04-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {0DDB73BB-E9A8-48C7-85F5-43E1321ED4B3} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}
Task: {0DFF7908-46FA-41F9-A0B1-600C607FA91B} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Ningún archivo <==== ATENCIÓN
Task: {106FF528-95E7-4570-B422-E48A94C760A0} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [18227896 2020-03-19] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {1ED13AB3-F2D4-4004-8B57-BF93ABDF5308} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Ningún archivo <==== ATENCIÓN
Task: {29BC14F2-9FA2-4C83-BD39-9639AFC6E83B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe
Task: {3141AAC7-DE44-4B29-9D2D-F58CA6F46ABD} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDFE067B1}
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {38274FAF-50D4-4346-90F2-BC921524DD32} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [115448 2020-04-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {3841289C-87CA-4A17-9BF7-0431907E55C6} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> Ningún archivo <==== ATENCIÓN
Task: {3B997F50-E48D-4BAB-A0E0-F2B9C93717F5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2016-02-05] (Google Inc -> Google Inc.)
Task: {3CB2B87B-36DC-4C90-9F0D-9C1A4CBBC1E9} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2211024 2014-03-19] (Microsoft Corporation -> Microsoft)
Task: {3D099BCA-9FF2-499D-87D3-80D77E0DD3D7} - System32\Tasks\AdwCleaner_onReboot => C:\Users\Lluis Portet\Desktop\adwcleaner_8.0.4.exe [8196784 2020-04-11] (Malwarebytes Inc -> Malwarebytes)
Task: {40C09F55-A98E-4F6A-8ABF-471602312F24} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {47695FAD-2F94-4B6F-9EC6-E9B18817ADEF} - System32\Tasks\ASUS Live Update2 => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
Task: {49115923-23A5-427B-BAC7-A2AC6A5BD8CD} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> Ningún archivo <==== ATENCIÓN
Task: {4CE68F32-AC33-4D07-8988-53D8FE705DB0} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4357016 2020-04-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {4DFCA4A4-3DE6-417E-91D7-BDE55963D1EA} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe
Task: {4E4D7282-B809-46D7-8843-7687F191A0A7} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1160408 2017-02-02] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {54F60C43-0458-4332-B1CD-A0B023714D2B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_TH48B5C199 => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe
Task: {58F8786D-8BCC-4E36-94F4-166202A98865} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Ningún archivo <==== ATENCIÓN
Task: {5A3FB241-0B11-4EA5-BC66-0D9F1B406040} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\BthSQM => {C8367320-6F85-11E0-A1F0-0800200C9A66} C:\WINDOWS\System32\BthTelemetry.dll [32256 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
Task: {613D2B3B-D8EB-4CD0-8B9F-28BA07505B85} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Ningún archivo <==== ATENCIÓN
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task => {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Task: {74641AFE-9158-40CF-A688-BDFAE17F9C34} - System32\Tasks\ASUS P4G => C:\Program Files\ASUS\P4G\BatteryLife.exe [1036088 2013-04-29] (ASUSTeK Computer Inc. -> ASUS)
Task: {7664B275-4E3B-4115-86E0-E48C81EEEDE8} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24702024 2020-03-30] (Microsoft Corporation -> Microsoft Corporation)
Task: {7C0C03ED-4D20-4255-B657-BB8A2195D44E} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43DA-BFD7-FBEEA2180A1E}
Task: {813C8CA2-68FE-4C4A-AA97-F1E3D372F8E4} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Ningún archivo <==== ATENCIÓN
Task: {833BC98D-8802-4DF4-9FC5-2570C5467553} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [177376 2016-08-12] (Intel(R) Update Manager -> Intel Corporation)
Task: {843AA78B-558E-4435-989D-470EF14AF8C2} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24702024 2020-03-30] (Microsoft Corporation -> Microsoft Corporation)
Task: {8503EA39-AA39-492C-B664-26E6660CD102} - System32\Tasks\HPCustParticipation HP ENVY Photo 7800 series => C:\Program Files\HP\HP ENVY Photo 7800 series\Bin\HPCustPartic.exe [6660744 2018-04-19] (Hewlett Packard -> HP Inc.)
Task: {8707C499-0F24-49E9-AEDB-AA4913322C58} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [651400 2017-09-20] (Hewlett Packard -> HP Inc.)
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task => {1B1F472E-3221-4826-97DB-2C2324D389AE}
Task: {8770A3CF-4606-4902-9D0E-39F3E36FE7F5} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [1129040 2013-03-26] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
Task: {8915E7C5-4230-4758-8ACA-D3C80DCA619D} - System32\Tasks\ASUS Patch for Touch Panel => C:\ProgramData\AsTouchPanel\AsPatchTouchPanel64.exe [158336 2013-01-09] (ASUSTeK Computer Inc. -> ASUSTek Computer INC.)
Task: {8B0DC868-14F4-4F83-B259-932DE1094F1B} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Ningún archivo <==== ATENCIÓN
Task: {910AED87-7419-48E6-942A-B12785170F35} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe
Task: {94CD9053-54E4-4574-ADC3-46C128E1EEF8} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4F47-879B-29A80C355D61}
Task: {A0125A36-C4FF-4B3D-A9DD-04878136AC57} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload => {EBF00FCB-0769-4B81-9BEC-6C05514111AA}
Task: {A5DC6E4A-9CAE-47D9-AF82-579E658E8E3B} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [1487568 2014-03-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {ABF72F46-91DF-4B14-B1D1-908F32B6FA7E} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2020-03-19] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {AC0A0F23-01F4-4EFC-B3D1-A0C4EC40FA85} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [177376 2016-08-12] (Intel(R) Update Manager -> Intel Corporation)
Task: {AED6B98D-213D-4127-9DEF-03BF9C6A7DBF} - System32\Tasks\HPCustParticipation HP Officejet Pro 6830 => C:\Program Files\HP\HP Officejet Pro 6830\Bin\HPCustPartic.exe [5815816 2014-07-18] (Hewlett Packard -> Hewlett-Packard Development Company, LP)
Task: {B2FA3206-CB9F-4028-B8E1-10C4BBCE861B} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2118352 2014-03-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {B3C1B2B0-4163-4E5F-9054-A6D75F3D9D3F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2016-02-05] (Google Inc -> Google Inc.)
Task: {B3CEF5FF-F987-48BF-B060-A04806A6FF7D} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [569416 2016-02-23] (Apple Inc. -> Apple Inc.)
Task: {B918A05F-BA5D-4E1C-9A02-96986CE0F045} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [1487568 2014-03-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {BB43030A-7773-4261-B7E9-9FBAA26BB230} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [115448 2020-04-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {C8B8918B-29DD-4A88-905B-B40F0A202E38} - \Microsoft\Windows\Setup\gwx\rundetector -> Ningún archivo <==== ATENCIÓN
Task: {CE2DE968-E342-40D7-9566-427D45E4A886} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {D2807CDB-50BA-432F-8B7C-888F4DC85FEA} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe
Task: {DAF93A6E-43E3-4A5F-915F-D08EA406D7C9} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [107072 2016-05-09] (Hewlett-Packard Company -> Hewlett-Packard)
Task: {DF51D083-EA82-485F-BE05-3BE1DDDB2B49} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Ningún archivo <==== ATENCIÓN
Task: {E0F40BF0-6E5B-4C73-A56C-8B882550068A} - System32\Tasks\HPCeeScheduleForLluís Portet => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [97848 2016-01-22] (Hewlett-Packard Company -> Hewlett-Packard)
Task: {E50AC9E3-DE9F-4147-9145-45FA38F1191A} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Ningún archivo <==== ATENCIÓN
Task: {E558186A-D312-49E3-BBD7-5290FF816573} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Ningún archivo <==== ATENCIÓN
Task: {E7CBAE3C-255F-4D6B-A819-4BAABFC0EAE8} - \Microsoft\Windows\Setup\GWXTriggers\Time-Weekend -> Ningún archivo <==== ATENCIÓN
Task: {ED9E10CA-A81C-4F3C-8E60-8CA59C026FF8} - \Microsoft\Windows\UNP\RunCampaignManager -> Ningún archivo <==== ATENCIÓN
Task: {EFC1BDB7-F986-4A45-8F9A-6AF393EA979D} - System32\Tasks\ASUS InstantOn Config => C:\Program Files\ASUS\P4G\InsOnCfg.exe
Task: {F1E9188B-B852-460A-911E-612F7D068691} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe
Task: {F2D0E4B0-D0BD-4948-B99D-7DB16047AA5E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [651400 2017-09-20] (Hewlett Packard -> HP Inc.)
Task: {F5024FD2-01D7-4384-B094-634A5BE123E9} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Ningún archivo <==== ATENCIÓN
Task: {F50F9C5A-8AB7-403A-AEC2-E4D19BF05AAA} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}
Task: {FAB24E96-ECF1-44A4-82A4-822439246F3D} - \WPD\SqmUpload_S-1-5-21-1639604648-2643072818-1685207513-1002 -> Ningún archivo <==== ATENCIÓN
Task: {FBC2419D-A497-4919-B10F-1B8CD4D1F064} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2118352 2014-03-19] (Microsoft Corporation -> Microsoft Corporation)

(Si una entrada es incluida en el fixlist, el archivo de tarea (.job) será movido. El archivo que está siendo ejecutado por la tarea no será movido.)

Task: C:\WINDOWS\Tasks\HPCeeScheduleForLluís Portet.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

==================== Internet (Lista blanca) ====================

(Si un elemento es incluido en el fixlist, y éste pertenece al registro, será eliminado o restaurado a su valor predeterminado.)

Tcpip\Parameters: [DhcpNameServer] 212.166.211.1 212.166.132.96
Tcpip\..\Interfaces\{6a104fa3-bc28-477c-9108-b0cccc449784}: [DhcpNameServer] 212.166.211.1 212.166.132.96
Tcpip\..\Interfaces\{c49b8c14-d006-4e30-996d-6dd0e800b6a0}: [DhcpNameServer] 212.166.211.1 212.166.132.96

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restricción <==== ATENCIÓN
HKU\S-1-5-21-1639604648-2643072818-1685207513-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com
HKU\S-1-5-21-1639604648-2643072818-1685207513-1002\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
SearchScopes: HKLM-x32 -> DefaultScope no se encuentra el valor
SearchScopes: HKU\S-1-5-21-1639604648-2643072818-1685207513-1002 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?q={sear
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2020-01-24] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_91\bin\ssv.dll [2016-06-19] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-06-19] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2020-01-24] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll [2016-06-19] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-06-19] (Oracle America, Inc. -> Oracle Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-04-15] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-04-15] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-04-15] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-04-15] (Microsoft Corporation -> Microsoft Corporation)

Edge: 
======
DownloadDir: C:\Users\Lluis Portet\Downloads
Edge Notifications: HKU\S-1-5-21-1639604648-2643072818-1685207513-1002 -> hxxps://mail.google.com

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll [2014-07-14] (Adobe Systems Incorporated -> )
FF Plugin: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-06-19] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-06-19] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll [2014-07-14] (Adobe Systems Incorporated -> )
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2014-01-06] (Google Inc -> Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.5.29 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-05-08] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-05-08] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-06-19] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-06-19] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2019-12-10] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-01-24] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.1.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-09-24] (Adobe Systems, Incorporated -> Adobe Systems Inc.)

Chrome: 
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Lluis Portet\AppData\Local\Google\Chrome\User Data\Default [2020-04-17]
CHR HomePage: Default -> hxxp://www.google.com/ig/redirectdomain?brand=ASUT&bmod=ASUT
CHR StartupUrls: Default -> "hxxp://www.facebook.com/","hxxps://twitter.com/","hxxp://www.hotmail.com/","hxxp://www.linkedin.com/","hxxp://www.youtube.com/","hxxp://www.lavanguardia.com/","hxxp://www.elperiodico.com/","hxxp://www.eleconomista.es/","hxxp://www.vidaextra.com/","hxxp://ps3p.es/","hxxp://www.mubis.es/","hxxp://www.uruloki.org/","hxxp://www.meristation.com/","hxxp://www.fnac.es/","hxxp://www.expansion.com/","hxxp://grupots.net/","hxxp://www.hipersonica.com/","hxxp://web.totsrucs.cat/","hxxp://terrorfantastico.com/foro/index.php","hxxp://www.hispashare.com/","hxxp://www.tumblr.com/","hxxps://vandal.elespanol.com/","hxxps://www.elconfidencial.com/","hxxps://www.elconfidencialdigital.com/","hxxp://www.bolsamania.com/"
CHR Extension: (Angry Birds) - C:\Users\Lluis Portet\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj [2014-12-20]
CHR Extension: (Documentos) - C:\Users\Lluis Portet\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-11-17]
CHR Extension: (Google Drive) - C:\Users\Lluis Portet\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-01-28]
CHR Extension: (YouTube) - C:\Users\Lluis Portet\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-01-28]
CHR Extension: (Búsqueda de Google) - C:\Users\Lluis Portet\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-01-28]
CHR Extension: (Google Calendar) - C:\Users\Lluis Portet\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn [2017-01-23]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\Lluis Portet\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-04-05]
CHR Extension: (Google Calendar) - C:\Users\Lluis Portet\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmbgaklkmjakoegficnlkhebmhkjfich [2019-03-31]
CHR Extension: (Spotify Chrome Extension) - C:\Users\Lluis Portet\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbjmlahipheaaghllkabfkpolljilkjb [2013-10-05]
CHR Extension: (Eurosport.com) - C:\Users\Lluis Portet\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfckibmjhbkjhjplimmnlnmgienindde [2013-10-05]
CHR Extension: (Evernote Web) - C:\Users\Lluis Portet\AppData\Local\Google\Chrome\User Data\Default\Extensions\lbfehkoinhhcknnbdgnnmjhiladcgbol [2014-05-02]
CHR Extension: (Google Maps) - C:\Users\Lluis Portet\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2016-01-28]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Lluis Portet\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-12-22]
CHR Extension: (Gmail) - C:\Users\Lluis Portet\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-06-08]
CHR Extension: (Chrome Media Router) - C:\Users\Lluis Portet\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-04-16]

==================== Servicios (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

R2 ASUS InstantOn; C:\Program Files\ASUS\P4G\InsOnSrv.exe [277120 2013-04-29] (ASUSTeK Computer Inc. -> ASUS)
R2 BrcmSetSecurity; C:\Program Files\Intel Corporation\Intel WiDi\BrcmSetSecurity.exe [101536 2013-04-16] (Intel Wireless Display -> Intel)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [10626328 2020-03-30] (Microsoft Corporation -> Microsoft Corporation)
R2 DptfParticipantProcessorService; C:\WINDOWS\system32\DptfParticipantProcessorService.exe [83032 2013-04-22] (Intel(R) Software -> Intel Corporation)
R2 DptfPolicyConfigTDPService; C:\WINDOWS\system32\DptfPolicyConfigTDPService.exe [100032 2013-04-22] (Intel(R) Software -> Intel Corporation)
R2 DptfPolicyCriticalService; C:\WINDOWS\system32\DptfPolicyCriticalService.exe [84568 2013-04-22] (Intel(R) Software -> Intel Corporation)
R2 DptfPolicyLpmService; C:\WINDOWS\system32\DptfPolicyLpmService.exe [92864 2013-04-22] (Intel(R) Software -> Intel Corporation)
R2 ExpressCache; C:\Program Files\Condusiv Technologies\ExpressCache\ExpressCache.exe [107944 2013-01-08] (CONDUSIV TECHNOLOGIES -> Condusiv Technologies)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1165368 2016-06-15] (NVIDIA Corporation -> NVIDIA Corporation)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [31776 2016-12-07] (HP Inc. -> HP Inc.)
R2 ibtsiva; C:\WINDOWS\system32\ibtsiva.exe [190208 2016-11-11] (Intel Corporation-Wireless Connectivity Solutions -> Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [373728 2016-11-30] (Intel(R) pGFX -> Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [731648 2013-02-13] (Intel(R) Corporation) [Archivo no firmado]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel® Trusted Connect Service -> Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-05-08] (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation)
R2 Intel(R) Wireless Bluetooth(R) 4.0 Radio Management; C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe [156616 2013-06-26] (Intel Corporation-Mobile Wireless Group -> Intel Corporation)
R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [182760 2013-04-15] (Intel(R) Smart Connect software -> )
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [177376 2016-08-12] (Intel(R) Update Manager -> Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-05-08] (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation)
R3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [6933272 2020-04-11] (Malwarebytes Inc -> Malwarebytes)
S3 McAWFwk; C:\Program Files\Common Files\mcafee\ActWiz\McAWFwk.exe [334608 2013-07-24] (McAfee, Inc. -> McAfee, Inc.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1881144 2016-06-15] (NVIDIA Corporation -> NVIDIA Corporation)
S2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2522680 2016-06-15] (NVIDIA Corporation -> NVIDIA Corporation)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2003.8-0\NisSrv.exe [3294680 2020-03-29] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2003.8-0\MsMpEng.exe [103168 2020-03-29] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000

===================== Controladores (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

R3 AMPPAL; C:\WINDOWS\System32\drivers\AMPPAL.sys [165344 2013-05-21] (Intel Corporation-Mobile Wireless Group -> Windows (R) Win 7 DDK provider)
R3 AsusTP; C:\WINDOWS\System32\drivers\AsusTP.sys [128024 2017-03-09] (ASUSTeK Computer Inc. -> ASUS Corporation)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [231936 2019-11-24] (Microsoft Corporation) [Archivo no firmado]
R3 DptfDevDram; C:\WINDOWS\system32\DRIVERS\DptfDevDram.sys [68072 2013-04-22] (Intel(R) Software -> Intel Corporation)
R3 DptfDevPch; C:\WINDOWS\system32\DRIVERS\DptfDevPch.sys [57216 2013-04-22] (Intel(R) Software -> Intel Corporation)
R3 DptfDevProc; C:\WINDOWS\system32\DRIVERS\DptfDevProc.sys [120256 2013-04-22] (Intel(R) Software -> Intel Corporation)
R3 DptfManager; C:\WINDOWS\system32\DRIVERS\DptfManager.sys [200808 2013-04-22] (Intel(R) Software -> Intel Corporation)
R1 excfs; C:\WINDOWS\System32\DRIVERS\excfs.sys [26024 2013-01-08] (CONDUSIV TECHNOLOGIES -> Condusiv Technologies)
R0 excsd; C:\WINDOWS\System32\DRIVERS\excsd.sys [112552 2013-01-08] (CONDUSIV TECHNOLOGIES -> Condusiv Technologies)
R3 HIDSwitch; C:\WINDOWS\System32\drivers\AsRadioControl.sys [32680 2019-08-07] (ASUSTek Computer Inc. -> ASUS)
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [230144 2016-11-11] (Intel Corporation-Wireless Connectivity Solutions -> Intel Corporation)
R3 ikbevent; C:\WINDOWS\system32\DRIVERS\ikbevent.sys [21048 2013-04-15] (Intel(R) Smart Connect software -> )
R3 imsevent; C:\WINDOWS\system32\DRIVERS\imsevent.sys [21048 2013-04-15] (Intel(R) Smart Connect software -> )
R3 ISCT; C:\WINDOWS\System32\drivers\ISCTD64.sys [46568 2013-04-15] (Intel(R) Smart Connect software -> )
R3 kbfiltr; C:\WINDOWS\System32\drivers\kbfiltr.sys [14992 2012-08-02] (ASUSTeK Computer Inc. ->  )
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [214496 2020-04-11] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [20936 2020-04-11] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248968 2020-04-17] (Malwarebytes Inc -> Malwarebytes)
R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [99288 2013-12-20] (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation)
R3 NETwNb64; C:\WINDOWS\System32\drivers\Netwbw02.sys [3485696 2019-03-19] (Microsoft Windows -> Intel Corporation)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvam.inf_amd64_1aae4f19e68d0780\nvlddmkm.sys [17003280 2017-12-12] (NVIDIA Corporation -> NVIDIA Corporation)
R0 nvpciflt; C:\WINDOWS\System32\DriverStore\FileRepository\nvam.inf_amd64_1aae4f19e68d0780\nvpciflt.sys [48072 2017-12-12] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [28216 2016-06-15] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [56384 2016-04-14] (NVIDIA Corporation -> NVIDIA Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [662528 2019-03-19] (Microsoft Windows -> Realtek )
R3 usb3Hub; C:\WINDOWS\System32\drivers\usb3Hub.sys [207768 2013-04-16] (Intel Wireless Display -> Windows (R) Win 7 DDK provider)
S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2015-06-10] (Apple, Inc.) [Archivo no firmado]
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [45960 2020-03-29] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [391392 2020-03-29] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [59104 2020-03-29] (Microsoft Windows -> Microsoft Corporation)
R3 WPRO_41_2001; C:\WINDOWS\System32\drivers\WPRO_41_2001.sys [34752 2020-04-17] (Intel(R) Smart Connect software -> )

==================== NetSvcs (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

FRST

==================== Un mes (creado) ===================

(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)

2020-04-17 16:41 - 2020-04-17 16:41 - 002281472 _____ (Farbar) C:\Users\Lluis Portet\Desktop\FRST64.exe
2020-04-17 16:24 - 2020-04-17 16:24 - 000248968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2020-04-16 20:10 - 2020-04-17 16:21 - 000094656 _____ (CACE Technologies) C:\WINDOWS\system32\WPRO_41_2001woem.tmp
2020-04-16 19:46 - 2020-04-16 19:46 - 000321536 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbadmin.exe
2020-04-16 19:46 - 2020-04-16 19:46 - 000179200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.XamlHost.dll
2020-04-16 19:46 - 2020-04-16 19:46 - 000135168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.XamlHost.dll
2020-04-16 19:45 - 2020-04-16 19:45 - 025444352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2020-04-16 19:45 - 2020-04-16 19:45 - 019812864 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramWorld.dll
2020-04-16 19:45 - 2020-04-16 19:45 - 004129624 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2020-04-16 19:45 - 2020-04-16 19:45 - 002951832 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2020-04-16 19:45 - 2020-04-16 19:45 - 002494744 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2020-04-16 19:45 - 2020-04-16 19:45 - 001870408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2020-04-16 19:45 - 2020-04-16 19:45 - 001610240 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2020-04-16 19:45 - 2020-04-16 19:45 - 001151816 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2020-04-16 19:45 - 2020-04-16 19:45 - 001013000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2020-04-16 19:45 - 2020-04-16 19:45 - 000983040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll
2020-04-16 19:45 - 2020-04-16 19:45 - 000444416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSFlacDecoder.dll
2020-04-16 19:45 - 2020-04-16 19:45 - 000420152 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAudDecMFT.dll
2020-04-16 19:45 - 2020-04-16 19:45 - 000380416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSFlacDecoder.dll
2020-04-16 19:44 - 2020-04-16 19:44 - 019850240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2020-04-16 19:44 - 2020-04-16 19:44 - 018027520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2020-04-16 19:44 - 2020-04-16 19:44 - 008013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2020-04-16 19:44 - 2020-04-16 19:44 - 007017472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2020-04-16 19:44 - 2020-04-16 19:44 - 005910016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2020-04-16 19:44 - 2020-04-16 19:44 - 004611584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2020-04-16 19:44 - 2020-04-16 19:44 - 003512320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2020-04-16 19:44 - 2020-04-16 19:44 - 002800640 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSAT.exe
2020-04-16 19:44 - 2020-04-16 19:44 - 002180408 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2020-04-16 19:44 - 2020-04-16 19:44 - 001545216 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe
2020-04-16 19:44 - 2020-04-16 19:44 - 001310720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2020-04-16 19:44 - 2020-04-16 19:44 - 001264640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe
2020-04-16 19:44 - 2020-04-16 19:44 - 000835584 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll
2020-04-16 19:44 - 2020-04-16 19:44 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2020-04-16 19:44 - 2020-04-16 19:44 - 000689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2020-04-16 19:44 - 2020-04-16 19:44 - 000686080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2020-04-16 19:44 - 2020-04-16 19:44 - 000529408 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe
2020-04-16 19:44 - 2020-04-16 19:44 - 000525312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsecedit.dll
2020-04-16 19:44 - 2020-04-16 19:44 - 000456192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appwiz.cpl
2020-04-16 19:44 - 2020-04-16 19:44 - 000452096 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpclip.exe
2020-04-16 19:44 - 2020-04-16 19:44 - 000353792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2020-04-16 19:44 - 2020-04-16 19:44 - 000341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2020-04-16 19:44 - 2020-04-16 19:44 - 000241152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msltus40.dll
2020-04-16 19:44 - 2020-04-16 19:44 - 000225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersShell.dll
2020-04-16 19:44 - 2020-04-16 19:44 - 000187392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iasrad.dll
2020-04-16 19:44 - 2020-04-16 19:44 - 000178176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srumsvc.dll
2020-04-16 19:44 - 2020-04-16 19:44 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IndexedDbLegacy.dll
2020-04-16 19:44 - 2020-04-16 19:44 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2020-04-16 19:44 - 2020-04-16 19:44 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll
2020-04-16 19:44 - 2020-04-16 19:44 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFolders.exe
2020-04-16 19:44 - 2020-04-16 19:44 - 000090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
2020-04-16 19:44 - 2020-04-16 19:44 - 000070144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll
2020-04-16 19:44 - 2020-04-16 19:44 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iasacct.dll
2020-04-16 19:44 - 2020-04-16 19:44 - 000050688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srumapi.dll
2020-04-16 19:44 - 2020-04-16 19:44 - 000040448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iaspolcy.dll
2020-04-16 19:44 - 2020-04-16 19:44 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msimsg.dll
2020-04-16 19:44 - 2020-04-16 19:44 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimsg.dll
2020-04-16 19:44 - 2020-04-16 19:44 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ias.dll
2020-04-16 19:43 - 2020-04-16 19:43 - 022636544 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2020-04-16 19:43 - 2020-04-16 19:43 - 014818816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2020-04-16 19:43 - 2020-04-16 19:43 - 007756800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2020-04-16 19:43 - 2020-04-16 19:43 - 006523048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2020-04-16 19:43 - 2020-04-16 19:43 - 004538880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2020-04-16 19:43 - 2020-04-16 19:43 - 003742544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneCoreUAPCommonProxyStub.dll
2020-04-16 19:43 - 2020-04-16 19:43 - 002800128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2020-04-16 19:43 - 2020-04-16 19:43 - 001729024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll
2020-04-16 19:43 - 2020-04-16 19:43 - 001665216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2020-04-16 19:43 - 2020-04-16 19:43 - 001587712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2020-04-16 19:43 - 2020-04-16 19:43 - 001484384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2020-04-16 19:43 - 2020-04-16 19:43 - 001477112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll
2020-04-16 19:43 - 2020-04-16 19:43 - 001458688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2020-04-16 19:43 - 2020-04-16 19:43 - 001413840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2020-04-16 19:43 - 2020-04-16 19:43 - 001397576 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2020-04-16 19:43 - 2020-04-16 19:43 - 001368576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2020-04-16 19:43 - 2020-04-16 19:43 - 001245184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2020-04-16 19:43 - 2020-04-16 19:43 - 001081856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Vpn.dll
2020-04-16 19:43 - 2020-04-16 19:43 - 001077064 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2020-04-16 19:43 - 2020-04-16 19:43 - 001055376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2020-04-16 19:43 - 2020-04-16 19:43 - 001009152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2020-04-16 19:43 - 2020-04-16 19:43 - 001008128 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2020-04-16 19:43 - 2020-04-16 19:43 - 000993280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSWorkspace.dll
2020-04-16 19:43 - 2020-04-16 19:43 - 000980832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webservices.dll
2020-04-16 19:43 - 2020-04-16 19:43 - 000892416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApiPublic.dll
2020-04-16 19:43 - 2020-04-16 19:43 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windowsperformancerecordercontrol.dll
2020-04-16 19:43 - 2020-04-16 19:43 - 000865280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2020-04-16 19:43 - 2020-04-16 19:43 - 000836608 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2020-04-16 19:43 - 2020-04-16 19:43 - 000785920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2020-04-16 19:43 - 2020-04-16 19:43 - 000783480 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2020-04-16 19:43 - 2020-04-16 19:43 - 000775696 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2020-04-16 19:43 - 2020-04-16 19:43 - 000768528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2020-04-16 19:43 - 2020-04-16 19:43 - 000673704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2020-04-16 19:43 - 2020-04-16 19:43 - 000673464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2020-04-16 19:43 - 2020-04-16 19:43 - 000668672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsecedit.dll
2020-04-16 19:43 - 2020-04-16 19:43 - 000665088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2020-04-16 19:43 - 2020-04-16 19:43 - 000647680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2020-04-16 19:43 - 2020-04-16 19:43 - 000628616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2020-04-16 19:43 - 2020-04-16 19:43 - 000555008 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2020-04-16 19:43 - 2020-04-16 19:43 - 000538160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2020-04-16 19:43 - 2020-04-16 19:43 - 000532480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2020-04-16 19:43 - 2020-04-16 19:43 - 000507152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskschd.dll
2020-04-16 19:43 - 2020-04-16 19:43 - 000415760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2020-04-16 19:43 - 2020-04-16 19:43 - 000406480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Enumeration.dll
2020-04-16 19:43 - 2020-04-16 19:43 - 000381440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntshrui.dll
2020-04-16 19:43 - 2020-04-16 19:43 - 000336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\es.dll
2020-04-16 19:43 - 2020-04-16 19:43 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2020-04-16 19:43 - 2020-04-16 19:43 - 000268008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2020-04-16 19:43 - 2020-04-16 19:43 - 000234496 _____ (Microsoft Corporation) C:\WINDOWS\system32\iasrad.dll
2020-04-16 19:43 - 2020-04-16 19:43 - 000227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\IndexedDbLegacy.dll
2020-04-16 19:43 - 2020-04-16 19:43 - 000214528 _____ (Microsoft Corporation) C:\WINDOWS\system32\srumsvc.dll
2020-04-16 19:43 - 2020-04-16 19:43 - 000214016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scecli.dll
2020-04-16 19:43 - 2020-04-16 19:43 - 000211256 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcbloader.dll
2020-04-16 19:43 - 2020-04-16 19:43 - 000190048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\logoncli.dll
2020-04-16 19:43 - 2020-04-16 19:43 - 000185952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceaccess.dll
2020-04-16 19:43 - 2020-04-16 19:43 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallServiceTasks.dll
2020-04-16 19:43 - 2020-04-16 19:43 - 000163840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2020-04-16 19:43 - 2020-04-16 19:43 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2020-04-16 19:43 - 2020-04-16 19:43 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
2020-04-16 19:43 - 2020-04-16 19:43 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2020-04-16 19:43 - 2020-04-16 19:43 - 000130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorageUsage.dll
2020-04-16 19:43 - 2020-04-16 19:43 - 000123952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KerbClientShared.dll
2020-04-16 19:43 - 2020-04-16 19:43 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2020-04-16 19:43 - 2020-04-16 19:43 - 000093712 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2020-04-16 19:43 - 2020-04-16 19:43 - 000089336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2020-04-16 19:43 - 2020-04-16 19:43 - 000087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\iasacct.dll
2020-04-16 19:43 - 2020-04-16 19:43 - 000084280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2020-04-16 19:43 - 2020-04-16 19:43 - 000071680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Custom.dll
2020-04-16 19:43 - 2020-04-16 19:43 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\srumapi.dll
2020-04-16 19:43 - 2020-04-16 19:43 - 000050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\iaspolcy.dll
2020-04-16 19:43 - 2020-04-16 19:43 - 000049152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tbauth.dll
2020-04-16 19:43 - 2020-04-16 19:43 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf3216.dll
2020-04-16 19:43 - 2020-04-16 19:43 - 000031744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ias.dll
2020-04-16 19:43 - 2020-04-16 19:43 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cmintegrator.dll
2020-04-16 19:43 - 2020-04-16 19:43 - 000029184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerCookies.exe
2020-04-16 19:43 - 2020-04-16 19:43 - 000021520 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdhvcom.dll
2020-04-16 19:43 - 2020-04-16 19:43 - 000017920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wksprtPS.dll
2020-04-16 19:43 - 2020-04-16 19:43 - 000015872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Custom.ps.dll
2020-04-16 19:43 - 2020-04-16 19:43 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dciman32.dll
2020-04-16 19:43 - 2020-04-16 19:43 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DMAlertListener.ProxyStub.dll
2020-04-16 19:43 - 2020-04-16 19:43 - 000007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msimg32.dll
2020-04-16 19:43 - 2020-04-16 19:43 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\lpk.dll
2020-04-16 19:43 - 2020-04-16 19:43 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth9.bin
2020-04-16 19:43 - 2020-04-16 19:43 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2020-04-16 19:43 - 2020-04-16 19:43 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2020-04-16 19:43 - 2020-04-16 19:43 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2020-04-16 19:43 - 2020-04-16 19:43 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2020-04-16 19:43 - 2020-04-16 19:43 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2020-04-16 19:43 - 2020-04-16 19:43 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2020-04-16 19:43 - 2020-04-16 19:43 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2020-04-16 19:43 - 2020-04-16 19:43 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth12.bin
2020-04-16 19:43 - 2020-04-16 19:43 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth11.bin
2020-04-16 19:43 - 2020-04-16 19:43 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth10.bin
2020-04-16 19:43 - 2020-04-16 19:43 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2020-04-16 19:42 - 2020-04-16 19:42 - 005040640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2020-04-16 19:42 - 2020-04-16 19:42 - 003753472 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2020-04-16 19:42 - 2020-04-16 19:42 - 001835008 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2020-04-16 19:42 - 2020-04-16 19:42 - 001697792 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2020-04-16 19:42 - 2020-04-16 19:42 - 001664896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2020-04-16 19:42 - 2020-04-16 19:42 - 001646048 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2020-04-16 19:42 - 2020-04-16 19:42 - 001368576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll
2020-04-16 19:42 - 2020-04-16 19:42 - 000923136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2020-04-16 19:42 - 2020-04-16 19:42 - 000912896 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2020-04-16 19:42 - 2020-04-16 19:42 - 000729600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FlightSettings.dll
2020-04-16 19:42 - 2020-04-16 19:42 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BTAGService.dll
2020-04-16 19:42 - 2020-04-16 19:42 - 000632832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2020-04-16 19:42 - 2020-04-16 19:42 - 000629760 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll
2020-04-16 19:42 - 2020-04-16 19:42 - 000595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2020-04-16 19:42 - 2020-04-16 19:42 - 000491008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppcext.dll
2020-04-16 19:42 - 2020-04-16 19:42 - 000487784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\advapi32.dll
2020-04-16 19:42 - 2020-04-16 19:42 - 000410112 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2020-04-16 19:42 - 2020-04-16 19:42 - 000330240 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
2020-04-16 19:42 - 2020-04-16 19:42 - 000277864 _____ (Microsoft Corporation) C:\WINDOWS\system32\LsaIso.exe
2020-04-16 19:42 - 2020-04-16 19:42 - 000277504 _____ (Microsoft Corporation) C:\WINDOWS\system32\scecli.dll
2020-04-16 19:42 - 2020-04-16 19:42 - 000203264 _____ (Microsoft Corporation) C:\WINDOWS\system32\LanguageComponentsInstaller.dll
2020-04-16 19:42 - 2020-04-16 19:42 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2020-04-16 19:42 - 2020-04-16 19:42 - 000118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\slc.dll
2020-04-16 19:42 - 2020-04-16 19:42 - 000101888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppc.dll
2020-04-16 19:42 - 2020-04-16 19:42 - 000087552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dot3api.dll
2020-04-16 19:42 - 2020-04-16 19:42 - 000087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dot3msm.dll
2020-04-16 19:42 - 2020-04-16 19:42 - 000066624 _____ (Microsoft Corporation) C:\WINDOWS\system32\iumcrypt.dll
2020-04-16 19:42 - 2020-04-16 19:42 - 000050544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudNotifications.exe
2020-04-16 19:42 - 2020-04-16 19:42 - 000019968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\slcext.dll
2020-04-16 19:42 - 2020-04-16 19:42 - 000017920 _____ (Microsoft Corporation) C:\WINDOWS\system32\icsunattend.exe
2020-04-16 19:42 - 2020-04-16 19:42 - 000010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMAlertListener.ProxyStub.dll
2020-04-16 19:41 - 2020-04-16 19:41 - 009930552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2020-04-16 19:41 - 2020-04-16 19:41 - 007604584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2020-04-16 19:41 - 2020-04-16 19:41 - 004563200 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2020-04-16 19:41 - 2020-04-16 19:41 - 003802624 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2020-04-16 19:41 - 2020-04-16 19:41 - 003547648 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2020-04-16 19:41 - 2020-04-16 19:41 - 002986808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2020-04-16 19:41 - 2020-04-16 19:41 - 002871608 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2020-04-16 19:41 - 2020-04-16 19:41 - 002767928 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2020-04-16 19:41 - 2020-04-16 19:41 - 002086656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2020-04-16 19:41 - 2020-04-16 19:41 - 001999960 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2020-04-16 19:41 - 2020-04-16 19:41 - 001945600 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2020-04-16 19:41 - 2020-04-16 19:41 - 001757096 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2020-04-16 19:41 - 2020-04-16 19:41 - 001726264 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2020-04-16 19:41 - 2020-04-16 19:41 - 001512832 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2020-04-16 19:41 - 2020-04-16 19:41 - 001300280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2020-04-16 19:41 - 2020-04-16 19:41 - 001261808 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2020-04-16 19:41 - 2020-04-16 19:41 - 001257472 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2020-04-16 19:41 - 2020-04-16 19:41 - 001243648 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2020-04-16 19:41 - 2020-04-16 19:41 - 001153024 _____ (Microsoft Corporation) C:\WINDOWS\system32\windowsperformancerecordercontrol.dll
2020-04-16 19:41 - 2020-04-16 19:41 - 000982840 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2020-04-16 19:41 - 2020-04-16 19:41 - 000974336 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2020-04-16 19:41 - 2020-04-16 19:41 - 000924672 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2020-04-16 19:41 - 2020-04-16 19:41 - 000865280 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2020-04-16 19:41 - 2020-04-16 19:41 - 000822208 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2020-04-16 19:41 - 2020-04-16 19:41 - 000811320 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2020-04-16 19:41 - 2020-04-16 19:41 - 000772096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2020-04-16 19:41 - 2020-04-16 19:41 - 000759272 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskschd.dll
2020-04-16 19:41 - 2020-04-16 19:41 - 000747320 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2020-04-16 19:41 - 2020-04-16 19:41 - 000638480 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2020-04-16 19:41 - 2020-04-16 19:41 - 000618296 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2020-04-16 19:41 - 2020-04-16 19:41 - 000604984 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2020-04-16 19:41 - 2020-04-16 19:41 - 000561464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2020-04-16 19:41 - 2020-04-16 19:41 - 000530432 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2020-04-16 19:41 - 2020-04-16 19:41 - 000515600 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2020-04-16 19:41 - 2020-04-16 19:41 - 000513576 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2020-04-16 19:41 - 2020-04-16 19:41 - 000510792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64win.dll
2020-04-16 19:41 - 2020-04-16 19:41 - 000498688 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll
2020-04-16 19:41 - 2020-04-16 19:41 - 000497152 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2020-04-16 19:41 - 2020-04-16 19:41 - 000477496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2020-04-16 19:41 - 2020-04-16 19:41 - 000465208 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2020-04-16 19:41 - 2020-04-16 19:41 - 000456504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2020-04-16 19:41 - 2020-04-16 19:41 - 000401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\es.dll
2020-04-16 19:41 - 2020-04-16 19:41 - 000343552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpr.exe
2020-04-16 19:41 - 2020-04-16 19:41 - 000324408 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2020-04-16 19:41 - 2020-04-16 19:41 - 000323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcommdlg.dll
2020-04-16 19:41 - 2020-04-16 19:41 - 000259776 _____ (Microsoft Corporation) C:\WINDOWS\system32\logoncli.dll
2020-04-16 19:41 - 2020-04-16 19:41 - 000251704 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinesam.dll
2020-04-16 19:41 - 2020-04-16 19:41 - 000197632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Win32CompatibilityAppraiserCSP.dll
2020-04-16 19:41 - 2020-04-16 19:41 - 000178192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2020-04-16 19:41 - 2020-04-16 19:41 - 000164368 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2020-04-16 19:41 - 2020-04-16 19:41 - 000147696 _____ (Microsoft Corporation) C:\WINDOWS\system32\smss.exe
2020-04-16 19:41 - 2020-04-16 19:41 - 000142544 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingUI.exe
2020-04-16 19:41 - 2020-04-16 19:41 - 000140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\slc.dll
2020-04-16 19:41 - 2020-04-16 19:41 - 000136192 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppc.dll
2020-04-16 19:41 - 2020-04-16 19:41 - 000125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2020-04-16 19:41 - 2020-04-16 19:41 - 000122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\samlib.dll
2020-04-16 19:41 - 2020-04-16 19:41 - 000115120 _____ (Microsoft Corporation) C:\WINDOWS\system32\phoneactivate.exe
2020-04-16 19:41 - 2020-04-16 19:41 - 000105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\utcutil.dll
2020-04-16 19:41 - 2020-04-16 19:41 - 000102216 _____ (Microsoft Corporation) C:\WINDOWS\system32\changepk.exe
2020-04-16 19:41 - 2020-04-16 19:41 - 000071480 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll
2020-04-16 19:41 - 2020-04-16 19:41 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcadm.dll
2020-04-16 19:41 - 2020-04-16 19:41 - 000060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
2020-04-16 19:41 - 2020-04-16 19:41 - 000058880 _____ C:\WINDOWS\system32\runexehelper.exe
2020-04-16 19:41 - 2020-04-16 19:41 - 000051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcalua.exe
2020-04-16 19:41 - 2020-04-16 19:41 - 000043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpgradeResultsUI.exe
2020-04-16 19:41 - 2020-04-16 19:41 - 000036152 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2020-04-16 19:41 - 2020-04-16 19:41 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\sxssrv.dll
2020-04-16 19:41 - 2020-04-16 19:41 - 000033080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hwpolicy.sys
2020-04-16 19:41 - 2020-04-16 19:41 - 000031744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wksprtPS.dll
2020-04-16 19:41 - 2020-04-16 19:41 - 000022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\slcext.dll
2020-04-16 19:41 - 2020-04-16 19:41 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\dciman32.dll
2020-04-16 19:41 - 2020-04-16 19:41 - 000012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcaevts.dll
2020-04-16 19:41 - 2020-04-16 19:41 - 000012288 _____ (Microsoft Corporation) C:\WINDOWS\system32\pacjsworker.exe
2020-04-16 19:41 - 2020-04-16 19:41 - 000008192 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimg32.dll
2020-04-16 19:41 - 2020-04-16 19:41 - 000003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpk.dll
2020-04-16 19:40 - 2020-04-16 19:40 - 006168064 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2020-04-16 19:40 - 2020-04-16 19:40 - 003729408 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2020-04-16 19:40 - 2020-04-16 19:40 - 001918976 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2020-04-16 19:40 - 2020-04-16 19:40 - 001656904 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2020-04-16 19:40 - 2020-04-16 19:40 - 001612800 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2020-04-16 19:40 - 2020-04-16 19:40 - 001480192 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocoreworker.exe
2020-04-16 19:40 - 2020-04-16 19:40 - 001427456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Vpn.dll
2020-04-16 19:40 - 2020-04-16 19:40 - 001378528 _____ (Microsoft Corporation) C:\WINDOWS\system32\webservices.dll
2020-04-16 19:40 - 2020-04-16 19:40 - 001318912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2020-04-16 19:40 - 2020-04-16 19:40 - 001083904 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2020-04-16 19:40 - 2020-04-16 19:40 - 001011200 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2020-04-16 19:40 - 2020-04-16 19:40 - 000915192 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2020-04-16 19:40 - 2020-04-16 19:40 - 000840704 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Language.dll
2020-04-16 19:40 - 2020-04-16 19:40 - 000684560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2020-04-16 19:40 - 2020-04-16 19:40 - 000605184 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2020-04-16 19:40 - 2020-04-16 19:40 - 000550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2020-04-16 19:40 - 2020-04-16 19:40 - 000516096 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2020-04-16 19:40 - 2020-04-16 19:40 - 000459688 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2020-04-16 19:40 - 2020-04-16 19:40 - 000374784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncbservice.dll
2020-04-16 19:40 - 2020-04-16 19:40 - 000259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\VPNv2CSP.dll
2020-04-16 19:40 - 2020-04-16 19:40 - 000241152 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanagerprecheck.dll
2020-04-16 19:40 - 2020-04-16 19:40 - 000152408 _____ (Microsoft Corporation) C:\WINDOWS\system32\KerbClientShared.dll
2020-04-16 19:40 - 2020-04-16 19:40 - 000127280 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2020-04-16 19:40 - 2020-04-16 19:40 - 000070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\keepaliveprovider.dll
2020-04-16 19:40 - 2020-04-16 19:40 - 000045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\cmintegrator.dll
2020-04-16 19:40 - 2020-04-16 19:40 - 000022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\sbservicetrigger.dll
2020-04-16 19:39 - 2020-04-16 19:39 - 002453504 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll
2020-04-16 19:39 - 2020-04-16 19:39 - 001764336 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2020-04-16 19:39 - 2020-04-16 19:39 - 001603584 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2020-04-16 19:39 - 2020-04-16 19:39 - 001136128 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll
2020-04-16 19:39 - 2020-04-16 19:39 - 000408064 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2020-04-16 19:39 - 2020-04-16 19:39 - 000355840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicSvc.dll
2020-04-16 19:39 - 2020-04-16 19:39 - 000285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicCapsule.dll
2020-04-16 19:39 - 2020-04-16 19:39 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallServiceTasks.dll
2020-04-16 19:39 - 2020-04-16 19:39 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicAgent.exe
2020-04-16 19:39 - 2020-04-16 19:39 - 000028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicPS.dll
2020-04-16 19:38 - 2020-04-16 19:38 - 007849216 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2020-04-16 19:38 - 2020-04-16 19:38 - 003587384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2020-04-16 19:38 - 2020-04-16 19:38 - 003109376 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2020-04-16 19:38 - 2020-04-16 19:38 - 002717184 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2020-04-16 19:38 - 2020-04-16 19:38 - 000874296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2020-04-16 19:38 - 2020-04-16 19:38 - 000524264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Enumeration.dll
2020-04-16 19:38 - 2020-04-16 19:38 - 000441144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2020-04-16 19:38 - 2020-04-16 19:38 - 000339304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2020-04-16 19:38 - 2020-04-16 19:38 - 000265216 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2020-04-16 19:38 - 2020-04-16 19:38 - 000256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateDeploymentProvider.dll
2020-04-16 19:38 - 2020-04-16 19:38 - 000231912 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll
2020-04-16 19:38 - 2020-04-16 19:38 - 000200192 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2020-04-16 19:38 - 2020-04-16 19:38 - 000096768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Custom.dll
2020-04-16 19:38 - 2020-04-16 19:38 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\tbauth.dll
2020-04-16 19:38 - 2020-04-16 19:38 - 000057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2020-04-16 19:38 - 2020-04-16 19:38 - 000047000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2020-04-16 19:38 - 2020-04-16 19:38 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerCookies.exe
2020-04-16 19:38 - 2020-04-16 19:38 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Custom.ps.dll
2020-04-16 19:37 - 2020-04-16 19:37 - 017790464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2020-04-16 19:37 - 2020-04-16 19:37 - 003708928 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2020-04-16 19:37 - 2020-04-16 19:37 - 002131456 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcDesktopMonSvc.dll
2020-04-16 19:37 - 2020-04-16 19:37 - 002126144 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2020-04-16 19:37 - 2020-04-16 19:37 - 002114560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
2020-04-16 19:37 - 2020-04-16 19:37 - 001960448 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2020-04-16 19:37 - 2020-04-16 19:37 - 001942528 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2020-04-16 19:37 - 2020-04-16 19:37 - 001783296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2020-04-16 19:37 - 2020-04-16 19:37 - 001719808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
2020-04-16 19:37 - 2020-04-16 19:37 - 001497600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2020-04-16 19:37 - 2020-04-16 19:37 - 001413704 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2020-04-16 19:37 - 2020-04-16 19:37 - 001263856 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2020-04-16 19:37 - 2020-04-16 19:37 - 001180672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2020-04-16 19:37 - 2020-04-16 19:37 - 001127424 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcRefreshTask.dll
2020-04-16 19:37 - 2020-04-16 19:37 - 000893952 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll
2020-04-16 19:37 - 2020-04-16 19:37 - 000735744 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2020-04-16 19:37 - 2020-04-16 19:37 - 000722072 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2020-04-16 19:37 - 2020-04-16 19:37 - 000654912 _____ (Microsoft Corporation) C:\WINDOWS\system32\advapi32.dll
2020-04-16 19:37 - 2020-04-16 19:37 - 000637240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2020-04-16 19:37 - 2020-04-16 19:37 - 000589384 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2020-04-16 19:37 - 2020-04-16 19:37 - 000469504 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2020-04-16 19:37 - 2020-04-16 19:37 - 000416016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2020-04-16 19:37 - 2020-04-16 19:37 - 000355328 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcApi.dll
2020-04-16 19:37 - 2020-04-16 19:37 - 000278016 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcTok.exe
2020-04-16 19:37 - 2020-04-16 19:37 - 000268288 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3svc.dll
2020-04-16 19:37 - 2020-04-16 19:37 - 000251392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winnat.sys
2020-04-16 19:37 - 2020-04-16 19:37 - 000169472 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpatialAudioLicenseSrv.exe
2020-04-16 19:37 - 2020-04-16 19:37 - 000129024 _____ (Microsoft Corporation) C:\WINDOWS\system32\UtcDecoderHost.exe
2020-04-16 19:37 - 2020-04-16 19:37 - 000103936 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3msm.dll
2020-04-16 19:37 - 2020-04-16 19:37 - 000092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3api.dll
2020-04-16 19:37 - 2020-04-16 19:37 - 000088352 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll
2020-04-16 19:37 - 2020-04-16 19:37 - 000076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\autopilot.dll
2020-04-16 19:37 - 2020-04-16 19:37 - 000070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.EnrollmentStatusTracking.ConfigProvider.dll
2020-04-16 19:37 - 2020-04-16 19:37 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudNotifications.exe
2020-04-16 19:37 - 2020-04-16 19:37 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\audioresourceregistrar.dll
2020-04-16 19:37 - 2020-04-16 19:37 - 000044032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.Common.dll
2020-04-16 19:37 - 2020-04-16 19:37 - 000043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiredNetworkCSP.dll
2020-04-16 19:37 - 2020-04-16 19:37 - 000039424 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcProxyStubs.dll
2020-04-16 19:36 - 2020-04-16 19:37 - 000879616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Service.dll
2020-04-16 19:36 - 2020-04-16 19:36 - 001762816 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2020-04-16 19:36 - 2020-04-16 19:36 - 001071616 _____ (Microsoft Corporation) C:\WINDOWS\system32\BTAGService.dll
2020-04-16 19:36 - 2020-04-16 19:36 - 000437560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2020-04-16 19:36 - 2020-04-16 19:36 - 000297272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2020-04-16 19:36 - 2020-04-16 19:36 - 000193848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2020-04-16 19:36 - 2020-04-16 19:36 - 000158720 _____ (Microsoft Corporation) C:\WINDOWS\system32\umpo.dll
2020-04-16 19:36 - 2020-04-16 19:36 - 000151352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\scmbus.sys
2020-04-16 19:36 - 2020-04-16 19:36 - 000108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanprotdim.dll
2020-04-16 19:36 - 2020-04-16 19:36 - 000089912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volmgr.sys
2020-04-16 19:36 - 2020-04-16 19:36 - 000059192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storufs.sys
2020-04-16 19:36 - 2020-04-16 19:36 - 000030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\KNetPwrDepBroker.sys
2020-04-16 19:36 - 2020-04-16 19:36 - 000028160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\flpydisk.sys
2020-04-16 19:36 - 2020-04-16 19:36 - 000018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sfloppy.sys
2020-04-16 18:37 - 2020-04-16 18:38 - 000492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2020-04-16 18:37 - 2020-04-16 18:38 - 000390656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2020-04-15 17:19 - 2020-04-15 17:49 - 000063496 _____ C:\Users\Lluis Portet\Desktop\Addition.txt
2020-04-15 17:03 - 2020-04-17 16:48 - 000043758 _____ C:\Users\Lluis Portet\Desktop\FRST.txt
2020-04-15 17:02 - 2020-04-17 16:47 - 000000000 ____D C:\FRST
2020-04-15 16:31 - 2020-04-15 16:35 - 944264672 _____ C:\Users\Lluis Portet\Downloads\StudentTransfer-4.6-pc.zip
2020-04-15 16:04 - 2020-04-15 16:04 - 000000000 ____D C:\Users\Lluis Portet\AppData\Local\4kdownload.com
2020-04-15 16:03 - 2020-04-15 16:03 - 000001008 _____ C:\Users\Lluis Portet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\4K Video Downloader.lnk
2020-04-15 16:03 - 2020-04-15 16:03 - 000000978 _____ C:\Users\Lluis Portet\Desktop\4K Video Downloader.lnk
2020-04-15 16:03 - 2020-04-15 16:03 - 000000000 ____D C:\Program Files (x86)\4KDownload
2020-04-15 15:55 - 2020-04-15 15:55 - 069464064 _____ C:\Users\Lluis Portet\Downloads\4kvideodownloader_4.12.0.msi
2020-04-13 21:05 - 2020-04-14 07:35 - 000000372 _____ C:\WINDOWS\Tasks\HPCeeScheduleForLluís Portet.job
2020-04-13 21:05 - 2020-04-13 21:05 - 000003292 _____ C:\WINDOWS\system32\Tasks\HPCeeScheduleForLluís Portet
2020-04-13 20:46 - 2020-04-13 20:46 - 000000000 ____D C:\Users\Lluis Portet\Desktop\Bolsa
2020-04-13 13:06 - 2020-04-17 16:35 - 000000000 ____D C:\Users\Lluis Portet\Desktop\Limpieza Abril 2020
2020-04-13 11:56 - 2020-04-17 16:24 - 000004210 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2020-04-13 11:56 - 2020-04-13 11:56 - 000002882 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC
2020-04-13 11:56 - 2020-04-13 11:56 - 000000865 _____ C:\Users\Public\Desktop\CCleaner.lnk
2020-04-13 11:56 - 2020-04-13 11:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2020-04-13 11:55 - 2020-04-13 11:56 - 000000000 ____D C:\Program Files\CCleaner
2020-04-13 11:32 - 2020-04-17 16:19 - 000003186 _____ C:\WINDOWS\system32\Tasks\AdwCleaner_onReboot
2020-04-12 18:22 - 2020-04-12 18:24 - 000639677 _____ C:\Users\Lluis Portet\Desktop\Itunes List 12Abr2020.pdf
2020-04-11 12:47 - 2020-04-11 12:47 - 000000000 ____D C:\ProgramData\pdfforge
2020-04-11 11:20 - 2020-04-11 11:20 - 000000000 ____D C:\Users\Lluis Portet\AppData\Local\mbam
2020-04-11 11:20 - 2020-04-11 11:20 - 000000000 ____D C:\Users\Lluis Portet\AppData\Local\cache
2020-04-11 11:19 - 2020-04-11 11:19 - 000214496 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2020-04-11 11:19 - 2020-04-11 11:19 - 000002023 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2020-04-11 11:19 - 2020-04-11 11:19 - 000000000 ____D C:\Users\Lluis Portet\AppData\Local\mbamtray
2020-04-11 11:19 - 2020-04-11 11:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2020-04-11 11:19 - 2020-04-11 11:18 - 000153312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2020-04-11 11:19 - 2020-04-11 11:18 - 000020936 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2020-04-11 11:18 - 2020-04-11 11:18 - 000000000 ____D C:\ProgramData\Malwarebytes
2020-04-11 11:18 - 2020-04-11 11:18 - 000000000 ____D C:\Program Files\Malwarebytes
2020-04-11 11:16 - 2020-04-11 11:16 - 008196784 _____ (Malwarebytes) C:\Users\Lluis Portet\Desktop\adwcleaner_8.0.4.exe
2020-04-11 11:13 - 2020-04-11 11:13 - 001965536 _____ (Malwarebytes) C:\Users\Lluis Portet\Downloads\MBSetup.exe
2020-04-10 23:16 - 2020-04-10 23:16 - 000000000 ____D C:\Users\Lluis Portet\AppData\Local\OneDrive
2020-04-05 12:42 - 2020-04-05 12:47 - 1342009572 _____ C:\Users\Lluis Portet\Downloads\HolidayIsland-0.2.0.0-pc.zip
2020-03-22 19:43 - 2020-03-22 19:43 - 156561644 _____ C:\Users\Lluis Portet\Downloads\Top 5 - Best Assassin's Creed Cinematic Trailers (2007-2017) NEW.mp4

==================== Un mes (modificado) ==================

(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)

2020-04-17 16:43 - 2015-06-11 21:56 - 000000000 ____D C:\Users\Lluis Portet\AppData\Roaming\Skype
2020-04-17 16:41 - 2019-11-24 20:28 - 000003374 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1639604648-2643072818-1685207513-1002
2020-04-17 16:41 - 2019-11-24 19:57 - 000002461 _____ C:\Users\Lluis Portet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-04-17 16:41 - 2016-06-19 18:52 - 000000000 ___RD C:\Users\Lluis Portet\OneDrive
2020-04-17 16:40 - 2019-03-19 06:50 - 000000000 ____D C:\WINDOWS\INF
2020-04-17 16:39 - 2016-06-19 19:13 - 000000000 ____D C:\ProgramData\Hewlett-Packard
2020-04-17 16:34 - 2019-03-19 06:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-04-17 16:27 - 2019-11-24 20:13 - 000005810 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-04-17 16:27 - 2019-03-19 13:59 - 001190392 _____ C:\WINDOWS\system32\perfh00A.dat
2020-04-17 16:27 - 2019-03-19 13:59 - 000288932 _____ C:\WINDOWS\system32\perfc00A.dat
2020-04-17 16:23 - 2013-10-12 21:48 - 000000000 ____D C:\Users\Lluis Portet\AppData\Local\Spotify
2020-04-17 16:23 - 2013-10-12 21:46 - 000000000 ____D C:\Users\Lluis Portet\AppData\Roaming\Spotify
2020-04-17 16:22 - 2017-01-29 21:14 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2020-04-17 16:21 - 2019-11-24 20:28 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-04-17 16:21 - 2017-01-29 21:15 - 000000000 ____D C:\ProgramData\NVIDIA
2020-04-17 16:21 - 2013-06-24 15:54 - 000034752 _____ C:\WINDOWS\system32\Drivers\WPRO_41_2001.sys
2020-04-17 16:20 - 2019-03-19 06:37 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2020-04-17 16:05 - 2013-04-23 18:11 - 000000000 ____D C:\Program Files (x86)\ASUS
2020-04-16 20:10 - 2019-11-24 19:42 - 000453752 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-04-16 20:06 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\SystemResources
2020-04-16 20:06 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2020-04-16 20:06 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\migwiz
2020-04-16 20:06 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\ShellExperiences
2020-04-16 20:06 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\Provisioning
2020-04-16 20:06 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\bcastdvr
2020-04-16 20:03 - 2019-11-24 19:42 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-04-16 20:03 - 2019-03-19 06:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-04-16 19:13 - 2013-10-04 22:38 - 000000000 ____D C:\Users\Lluis Portet\AppData\Roaming\vlc
2020-04-16 18:01 - 2019-11-24 20:28 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2020-04-15 16:59 - 2013-10-04 22:36 - 000000000 ____D C:\Program Files (x86)\Steam
2020-04-15 16:40 - 2015-06-29 10:04 - 000000000 ____D C:\Users\Lluis Portet\AppData\Local\Steam
2020-04-15 16:28 - 2013-04-23 18:09 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2020-04-15 16:09 - 2019-11-24 19:57 - 000000000 ____D C:\Users\Lluis Portet
2020-04-15 16:09 - 2016-06-19 19:16 - 000000000 ____D C:\Users\Lluis Portet\AppData\Roaming\Hewlett-Packard
2020-04-15 16:09 - 2016-06-19 19:16 - 000000000 ____D C:\Users\Lluis Portet\AppData\Local\Hewlett-Packard
2020-04-15 16:09 - 2014-11-23 13:27 - 000000000 ____D C:\Program Files (x86)\Hewlett-Packard
2020-04-15 16:09 - 2013-06-24 16:05 - 000000000 ____D C:\Program Files\ASUS
2020-04-15 16:09 - 2013-04-23 18:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS
2020-04-15 15:56 - 2019-11-24 20:28 - 000003534 _____ C:\WINDOWS\system32\Tasks\ASUS Live Update2
2020-04-15 15:56 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-04-15 15:55 - 2013-10-04 21:56 - 000000074 _____ C:\Users\Lluis Portet\AppData\Roaming\sp_data.sys
2020-04-14 07:41 - 2017-08-04 16:38 - 000000000 ____D C:\ProgramData\ASUS Smart Gesture
2020-04-13 20:45 - 2013-10-05 01:00 - 000000000 ____D C:\Program Files\Recuva
2020-04-13 13:35 - 2019-03-19 06:52 - 000000000 ___HD C:\Program Files\WindowsApps
2020-04-13 13:35 - 2018-08-19 15:22 - 000000000 ____D C:\ProgramData\Packages
2020-04-13 13:35 - 2018-04-30 15:50 - 000000000 ____D C:\Users\Lluis Portet\AppData\Local\Packages
2020-04-13 12:26 - 2014-01-26 21:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RecoolTec
2020-04-13 12:25 - 2016-06-19 19:21 - 000000000 ____D C:\Users\Lluis Portet\AppData\Local\PDFCreator
2020-04-13 12:25 - 2016-06-19 19:18 - 000000000 ____D C:\Program Files\PDFCreator
2020-04-13 12:24 - 2019-11-11 22:25 - 000000000 ___DC C:\WINDOWS\Panther
2020-04-13 12:24 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2020-04-13 12:24 - 2013-10-15 22:18 - 000000000 ____D C:\Users\Lluis Portet\AppData\Local\CrashDumps
2020-04-13 11:30 - 2014-06-10 18:41 - 000000000 ____D C:\AdwCleaner
2020-04-13 05:23 - 2016-06-19 18:49 - 000000000 ____D C:\Users\Lluis Portet\AppData\Local\Publishers
2020-04-13 05:22 - 2013-10-04 21:59 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-04-11 12:49 - 2016-06-19 19:20 - 000000000 ____D C:\Program Files\PDF Architect 4
2020-04-11 11:19 - 2019-03-19 06:52 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2020-04-05 13:27 - 2018-01-21 20:31 - 000252674 _____ C:\Users\Lluis Portet\Desktop\BASE DE DATOS A REPASAR.xlsx
2020-04-05 12:20 - 2016-04-25 11:00 - 000000000 ___HD C:\Users\Lluis Portet\Downloads\X
2020-04-05 11:29 - 2013-10-28 20:54 - 000744808 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2020-03-29 16:18 - 2018-01-20 18:22 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2020-03-22 19:38 - 2019-11-24 20:28 - 000003622 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2020-03-22 19:38 - 2019-11-24 20:28 - 000003498 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2020-03-22 15:56 - 2014-05-02 19:15 - 000000000 ____D C:\Users\Lluis Portet\Desktop\Movil

==================== Archivos en la raíz de algunos directorios ========

2013-10-04 21:56 - 2020-04-15 15:55 - 000000074 _____ () C:\Users\Lluis Portet\AppData\Roaming\sp_data.sys

==================== SigCheck ============================

(No existe una corrección automática para los archivos que no pasan la verificación.)

==================== Final de FRST.txt ========================

Addition

Resultados del Análisis Adicional de Farbar Recovery Scan Tool (x64) Versión: 15-04-2020
Ejecutado por Lluís Portet (17-04-2020 16:50:45)
Ejecutado desde C:\Users\Lluis Portet\Desktop
Windows 10 Home Versión 1909 18363.778 (X64) (2019-11-24 18:29:20)
Modo de Inicio: Normal
==========================================================


==================== Cuentas: =============================

Administrador (S-1-5-21-1639604648-2643072818-1685207513-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1639604648-2643072818-1685207513-503 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1639604648-2643072818-1685207513-1013 - Limited - Enabled)
Invitado (S-1-5-21-1639604648-2643072818-1685207513-501 - Limited - Disabled)
Lluís Portet (S-1-5-21-1639604648-2643072818-1685207513-1002 - Administrator - Enabled) => C:\Users\Lluis Portet
WDAGUtilityAccount (S-1-5-21-1639604648-2643072818-1685207513-504 - Limited - Disabled)

==================== Centro de Seguridad ========================

(Si una entrada es incluida en el fixlist, será eliminada.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Programas instalados ======================

(Solo los programas de adware con indicador "Oculto", pueden ser añadidos al fixlist para hacerlos visibles. Los programas adware deben ser desinstalados manualmente.)

4K Video Downloader 4.12 (HKLM-x32\...\{A490FDCE-03DF-4B63-92D9-9C9ADC4246C3}) (Version: 4.12.0.3570 - Open Media LLC)
Actualización de NVIDIA 2.11.4.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 2.11.4.1 - NVIDIA Corporation) Hidden
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Reader X (10.1.16) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.16 - Adobe Systems Incorporated)
AFORIX (HKLM\...\AFORIX) (Version: 7.6_G - D.G. de Comercio Internacional e Inversiones)
Apple Application Support (32 bits) (HKLM-x32\...\{D079CAAD-0C31-47A2-9AF5-A82F9CD9B221}) (Version: 5.2 - Apple Inc.)
Apple Application Support (64 bits) (HKLM\...\{64E6007B-1DA9-42CD-BBE4-D5FA67A7C71D}) (Version: 5.2 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 3.0.2 - ASUS)
ASUS Product Demo Kit (HKLM-x32\...\{1714AD6E-D517-40C0-9B19-4CE0078F7694}) (Version: 1.0.2 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 3.1.0 - ASUS)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0028 - ASUS)
AviSynth 2.5 (HKLM-x32\...\AviSynth) (Version:  - )
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.65 - Piriform)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.4.5000 - CDBurnerXP)
Centro de Ratón y Teclado de Microsoft (HKLM\...\{23D2AFC7-C01E-4413-9D9A-0BABF52569BF}) (Version: 2.3.188.0 - Microsoft Corporation) Hidden
Centro de Ratón y Teclado de Microsoft (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
Estudio para la mejora del producto HP ENVY Photo 7800 series (HKLM\...\{AC884313-BEE8-4F4C-9F94-420F9B6F4D69}) (Version: 44.3.2218.18109 - HP Inc.)
Estudio para la mejora del producto HP Officejet Pro 6830 (HKLM\...\{463DA75E-C440-48DA-8B2B-930795875B3C}) (Version: 33.1.73.49987 - Hewlett-Packard Co.)
ExpressCache (HKLM\...\{C123584F-9C84-45E8-AE5F-522328BB79A0}) (Version: 1.0.100.0 - Condusiv Technologies)
Galeria de Fotografias (HKLM-x32\...\{23079EF2-2617-4BFC-BDFF-E6AE8D79B734}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Galería de fotos (HKLM-x32\...\{198CEF22-A27F-4DC7-9B66-2C22A4B1CA09}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 80.0.3987.163 - Google LLC)
Google Drive (HKLM-x32\...\{A8DC81F2-D365-4248-892A-FA3B5951F731}) (Version: 2.34.9392.7803 - Google, Inc.)
Google Earth Pro (HKLM\...\{70A0F34E-564B-4F93-ADD6-3BAEC6E44075}) (Version: 7.3.2.5776 - Google)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
Google+ Auto Backup (HKLM-x32\...\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}) (Version: 1.0.21.81 - Google)
Hofmann 9.9.4 (HKLM-x32\...\{9436E801-EF2E-4779-96F6-6E82E203A778}) (Version: 9.9.4 - Hofmann)
HP Dropbox Plugin (HKLM-x32\...\{9A4CAD93-0833-4722-A8C5-F147CF079942}) (Version: 36.0.102.68541 - HP)
HP EmailSMTP Plugin (HKLM-x32\...\{549816EC-F4D8-4838-B482-5CC413BEE849}) (Version: 43.0.0.0 - HP)
HP ENVY Photo 7800 series Ayuda (HKLM-x32\...\{76D40DE4-EEBF-4876-91A9-5DD19DB6C215}) (Version: 44.0.0 - HP)
HP ENVY Photo 7800 series Software básico del dispositivo (HKLM\...\{829C5FE0-7B37-403B-ACEA-02C73EA753DE}) (Version: 44.3.2218.18109 - HP Inc.)
HP FTP Plugin (HKLM-x32\...\{0C72C7BD-0594-449C-826A-C0E1765E8497}) (Version: 43.0.0.0 - HP)
HP Google Drive Plugin (HKLM-x32\...\{5F9813F9-DBBE-4316-8E4E-A7295112BCDB}) (Version: 36.0.102.68541 - HP)
HP Officejet Pro 6830 Ayuda (HKLM-x32\...\{5F0FA5C8-3708-4F56-B0A2-06C41E843F3F}) (Version: 34.0.0 - Hewlett Packard)
HP Officejet Pro 6830 Software básico del dispositivo (HKLM\...\{1ce98de5-8387-480c-a0f0-b5d581b32749}) (Version: 33.1.74.49987 - Hewlett-Packard Co.)
HP OneDrive Plugin (HKLM-x32\...\{8703B5BA-1FA8-4F65-ADF2-D35C298B4A26}) (Version: 36.0.0.0 - HP)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.9572 - HP)
HP SharePoint Plugin (HKLM-x32\...\{D8CE3A33-62A6-4508-8AE7-D847D203567C}) (Version: 43.0.0.0 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPDiagnosticAlert (HKLM-x32\...\{B6465A32-8BE9-4B38-ADC5-4B4BDDC10B0D}) (Version: 1.00.0001 - Microsoft) Hidden
HPDiagnosticCoreDll (HKLM-x32\...\{9262B08F-E183-4FED-A2BD-23FF1A84EB79}) (Version: 1.0.15.0 - Hewlett Packard)
I.R.I.S OCR (HKLM-x32\...\{0E0D0459-0565-4490-8D96-A5355D56C243}) (Version: 15.2.10.1114 - HP Inc.)
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
Intel Experience Center - Configuration (HKLM-x32\...\{C73A16B7-AC35-4262-9BAF-DA9B2039A563}) (Version: 1.9.0.8 - Intel) Hidden
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\FFD10ECE-F715-4a86-9BD8-F6F47DA5DA1C) (Version: 7.0.0.2023 - Intel Corporation)
Intel(R) Experience Center Desktop Software (HKLM-x32\...\{85de612b-ee05-476a-87cc-52e5740de420}) (Version: 1.9.0.8 - Intel)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.0.1428 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4549 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{302600C1-6BDF-4FD1-1306-148929CC1385}) (Version: 3.1.1306.0354 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.63463 - Intel Corporation)
Intel(R) Smart Connect Technology 4.1 x64 (HKLM\...\{DBECAE94-4C04-40AC-9AFB-FA9953258EAF}) (Version: 4.1.41.2234 - Intel)
Intel(R) Update Manager (HKLM-x32\...\{7224B7CE-196C-4E2A-A1AE-1D7BF259FD36}) (Version: 3.4.1942 - Intel Corporation)
Intel(R) WiDi (HKLM\...\{C605440F-2748-435F-9F29-EB1C8134856F}) (Version: 4.1.17.0 - Intel Corporation)
Java 8 Update 91 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418091F0}) (Version: 8.0.910.15 - Oracle Corporation)
Java 8 Update 91 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218091F0}) (Version: 8.0.910.15 - Oracle Corporation)
Java SE Development Kit 7 Update 75 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170750}) (Version: 1.7.0.750 - Oracle)
Malwarebytes version 4.1.0.56 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.1.0.56 - Malwarebytes)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office Profesional Plus 2016 - es-es (HKLM\...\ProPlusRetail - es-es) (Version: 16.0.12624.20382 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1639604648-2643072818-1685207513-1002\...\OneDriveSetup.exe) (Version: 19.232.1124.0012 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Movie Maker (HKLM-x32\...\{3B5AAF87-531E-4163-BE79-8989FC249173}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{9C82436F-F19C-42A4-B476-F87A28A95BF9}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{B44E699A-94F8-406C-9A1B-C2574F5863CB}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{E668DD34-04FA-4A11-B07A-8CBA2119401B}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{EB3DF0F0-0525-4C5A-A2F8-DEC868A3075D}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{F215DDB5-BE2A-4453-BABF-8790434F65D0}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
MyBitCast 2.0 (HKLM-x32\...\MyBitCast) (Version: 2.0 - ASUS)
NVIDIA Controlador de audio HD 1.3.32.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.32.1 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.11.4.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.11.4.1 - NVIDIA Corporation)
NVIDIA Software del sistema PhysX 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.12624.20320 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.12624.20320 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.12624.20382 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0C0A-0000-0000000FF1CE}) (Version: 16.0.12624.20320 - Microsoft Corporation) Hidden
osrss (HKLM-x32\...\{1BA1133B-1C7A-41A0-8CBF-9B993E63D296}) (Version: 1.0.0 - Microsoft Corporation) Hidden
Panel de control de NVIDIA 388.57 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 388.57 - NVIDIA Corporation) Hidden
Paquete de idioma de Microsoft Visual Studio 2010 Tools para Office Runtime (x64) - ESN (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - ESN) (Version: 10.0.50903 - Microsoft Corporation)
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 2.3.0 - pdfforge GmbH)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.14.327.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6937 - Realtek Semiconductor Corp.)
Realtek USB Card Reader (HKLM-x32\...\{1E496A68-4943-424E-829D-5C3C85B7B8F2}) (Version: 6.2.9200.39041 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.48 - Piriform)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 7.1.0280 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController) (Version: 2.11.4.1 - NVIDIA Corporation) Hidden
Skype™ 7.3 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.3.101 - Skype Technologies S.A.)
Software Intel® PROSet/Wireless (HKLM-x32\...\{c9967fbd-e3c3-4ed0-992a-5b33260f2944}) (Version: 16.1.5 - Intel Corporation)
Spotify (HKU\S-1-5-21-1639604648-2643072818-1685207513-1002\...\Spotify) (Version: 1.1.30.658.gf13cde74 - Spotify AB)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
System Requirements Lab for Intel (HKLM-x32\...\{C7CA731B-BF9A-46D9-92CF-8A8737AE9240}) (Version: 4.5.13.0 - Husdawg, LLC)
TC2000 v19 (HKLM-x32\...\{A6A526E4-A376-4772-897D-508FB2473C91}) (Version: 1.0.0 - Worden Brothers, Inc.) Hidden
TC2000 v19 (HKU\S-1-5-21-1639604648-2643072818-1685207513-1002\...\TC2000 v19 1.0.0) (Version: 1.0.0 - Worden Brothers, Inc.)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden
UpdateAssistant (HKLM\...\{F339C545-24DC-4870-AA32-6EB6B0500B95}) (Version: 1.24.0.0 - Microsoft Corporation) Hidden
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.6 - VideoLAN)
Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0) (Version: 1.0.61.0 - LunarG, Inc.) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Setup Remediations (x64) (KB4023057) (HKLM\...\{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb) (Version:  - )
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.42.0 - ASUS)
WinRAR 5.00 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.00.0 - win.rar GmbH)
Συλλογή φωτογραφιών (HKLM-x32\...\{2D5C287A-1D2D-46BA-8EF8-D2747575DB6E}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Основные компоненты Windows Live (HKLM-x32\...\{D177E45E-2BA3-42C1-8570-CCA2217B958C}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Фотоальбом (HKLM-x32\...\{B27EB36C-9860-42FD-AA90-23648E49F15C}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Фотографии (общедоступная версия) (HKLM-x32\...\{7D6C9057-7F50-4CAB-A557-A68A7932B48E}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
גלריית התמונות (HKLM-x32\...\{F1BEEA80-1419-45EE-A4C7-41FD4450ED92}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden

Packages:
=========
- Games App - -> C:\Program Files\WindowsApps\WildTangentGames.-GamesApp-_1.0.3.28_x86__qt5r5pa5dyg8m [2015-07-26] (WildTangent Games)
ASUS Welcome -> C:\Program Files\WindowsApps\B9ECED6F.ASUSWelcome_1.0.1.0_x64__qmba6cd70vzyy [2016-06-19] (ASUSTeK COMPUTER INC.)
Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.165.800.0_x86__kgqvnymyfvs32 [2020-04-13] (king.com)
Fresh Paint -> C:\Program Files\WindowsApps\Microsoft.FreshPaint_3.1.10383.1000_x86__8wekyb3d8bbwe [2019-06-08] (Microsoft Corporation)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_110.1.671.0_x64__v10z8vjag6ke6 [2020-03-22] (HP Inc.)
Intel® Experience Center -> C:\Program Files\WindowsApps\AppUp.IntelExperienceCenter_1.9.1.8_x64__8j3eq9eme6ctt [2014-03-18] (INTEL CORP)
iTunes -> C:\Program Files\WindowsApps\AppleInc.iTunes_12105.12.48001.0_x64__nzyj5cx40ttqa [2020-04-11] (Apple Inc.) [Startup Task]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-02-23] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-02-23] (Microsoft Corporation) [MS Ad]
Microsoft News: Noticias destacadas en español -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.36.20714.0_x64__8wekyb3d8bbwe [2020-04-11] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.6.1224.0_x64__8wekyb3d8bbwe [2020-04-13] (Microsoft Studios) [MS Ad]
MSN Deportes -> C:\Program Files\WindowsApps\Microsoft.BingSports_4.36.20714.0_x64__8wekyb3d8bbwe [2020-04-11] (Microsoft Corporation) [MS Ad]
MSN Dinero -> C:\Program Files\WindowsApps\Microsoft.BingFinance_4.36.20714.0_x64__8wekyb3d8bbwe [2020-04-11] (Microsoft Corporation) [MS Ad]
MSN El Tiempo -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.36.20714.0_x64__8wekyb3d8bbwe [2020-04-11] (Microsoft Corporation) [MS Ad]
MSN Recetas -> C:\Program Files\WindowsApps\Microsoft.BingFoodAndDrink_3.0.4.336_x64__8wekyb3d8bbwe [2015-07-26] (Microsoft Corporation) [MS Ad]
MSN Salud y Bienestar -> C:\Program Files\WindowsApps\Microsoft.BingHealthAndFitness_3.0.4.336_x64__8wekyb3d8bbwe [2015-07-26] (Microsoft Corporation) [MS Ad]
MSN Viajes -> C:\Program Files\WindowsApps\Microsoft.BingTravel_3.0.4.336_x64__8wekyb3d8bbwe [2015-07-26] (Microsoft Corporation) [MS Ad]
Music Maker Jam -> C:\Program Files\WindowsApps\MAGIX.MusicMakerJam_3.1.1.0_x64__a2t3txkz9j1jw [2020-02-19] (MAGIX)
Pinball FX2 -> C:\Program Files\WindowsApps\Microsoft.Studios.PinballFx2_1.8.1.957_x86__8wekyb3d8bbwe [2015-05-17] (Microsoft Studios)
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.Twitter_6.1.4.1000_neutral__wgeqdkkx372wm [2018-12-29] (Twitter Inc.)

==================== Personalizado CLSID (Lista blanca): ==============

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-04-23] (Google Inc -> Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-04-23] (Google Inc -> Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-04-23] (Google Inc -> Google)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2018-04-23] (Google Inc -> Google)
ContextMenuHandlers1: [PDFCreator.ShellContextMenu] -> {d9cea52e-100d-4159-89ea-76e845bc13e1} => C:\Program Files\PDFCreator\PDFCreatorShell.DLL [2016-02-19] (pdfforge GmbH -> pdfforge GmbH)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2013-08-22] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2013-08-22] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [BackupContextMenuExtension] -> {b1b96b20-da1d-4a3c-92c1-7229b32f2325} =>  -> Ningún archivo
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-04-11] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2018-04-23] (Google Inc -> Google)
ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2013-08-13] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> Ningún archivo
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2016-11-30] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2017-12-04] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-04-11] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2013-08-13] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2013-08-22] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2013-08-22] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Lista blanca) ====================

==================== Accesos directos & WMI ========================

==================== Módulos cargados (Lista blanca) =============

2013-10-09 22:25 - 2016-06-15 03:12 - 001298640 _____ (NVIDIA Corporation PE Sign v2014 -> NVIDIA Corporation) [Archivo no firmado] C:\Program Files\NVIDIA Corporation\NvStreamSrv\rxinput.dll

==================== Alternate Data Streams (Lista blanca) ========

==================== Modo Seguro (Lista blanca) ==================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El "AlternateShell" será restaurado.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Asociación (Lista blanca) =================

==================== Internet Explorer sitios de confianza/restringidos ==========

(Si una entrada es incluida en el fixlist, será eliminada del registro.)

IE trusted site: HKU\S-1-5-21-1639604648-2643072818-1685207513-1002\...\fnmt.es -> hxxps://fnmt.es
IE trusted site: HKU\S-1-5-21-1639604648-2643072818-1685207513-1002\...\fnmt.es -> hxxp://fnmt.es
IE trusted site: HKU\S-1-5-21-1639604648-2643072818-1685207513-1002\...\gob.es -> hxxps://fnmt.gob.es
IE trusted site: HKU\S-1-5-21-1639604648-2643072818-1685207513-1002\...\gob.es -> hxxp://fnmt.gob.es

==================== Hosts contenido: =========================

(Si es necesario, la directiva Hosts: puede ser incluida en el fixlist para restablecer Hosts.)

2013-08-22 15:25 - 2013-08-22 15:25 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Otras Áreas ===========================

(Actualmente no existe una corrección automática para esta sección.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files (x86)\Intel\OpenCL SDK\3.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\3.0\bin\x64;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Condusiv Technologies\ExpressCache\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\Skype\Phone\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\HP\IdrsOCR_15.2.10.1114\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-1639604648-2643072818-1685207513-1002\Control Panel\Desktop\\Wallpaper -> D:\Fotos\Japón 2016 - HoneyMoon - FULL\P1020601.JPG
DNS Servers: El medio no está conectado a internet.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (Ningún archivo)
Firewall de Windows está habilitado.

==================== MSCONFIG/TASK MANAGER elementos deshabilitados ==

==================== Reglas de firewall (Lista blanca) ================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

FirewallRules: [{80BFC19D-AE32-4EE5-A852-4B20C98235BF}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{96BAF800-4025-4CB9-AC86-2B532D455691}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{A06FB11A-B518-4078-A9E1-935CCCDBC160}] => (Allow) C:\Program Files\HP\HP Officejet Pro 6830\Bin\HPNetworkCommunicatorCom.exe (Hewlett Packard -> Hewlett-Packard Development Company, LP)
FirewallRules: [{6B42805D-8271-4E74-A425-A8427F6C78D3}] => (Allow) C:\Program Files\HP\HP Officejet Pro 6830\Bin\DeviceSetup.exe (Hewlett Packard -> Hewlett-Packard Development Company, LP)
FirewallRules: [{AC00367D-19DE-4C0F-917A-2909362FED76}] => (Allow) C:\Program Files\HP\HP Officejet Pro 6830\bin\SendAFax.exe (Hewlett Packard -> Hewlett-Packard Development Company, LP)
FirewallRules: [{C4705F72-4920-4735-8DFB-AF6780AB8400}] => (Allow) C:\Program Files\HP\HP Officejet Pro 6830\bin\DigitalWizards.exe (Hewlett Packard -> Hewlett-Packard Development Company, LP)
FirewallRules: [{A3A9DCFA-8221-4D9E-B754-9EB3714EF8E8}] => (Allow) C:\Program Files\HP\HP Officejet Pro 6830\bin\FaxApplications.exe (Hewlett Packard -> Hewlett-Packard Development Company, LP)
FirewallRules: [{4E1CBBEF-05FA-4B14-A20F-50986312D4DB}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{261751E5-FAB3-4045-8581-9C0833DC0C31}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F457CBCE-BA79-4809-BFA0-47B161B42220}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\alan wakes american nightmare\alan_wakes_american_nightmare.exe (Remedy Entertainment Ltd. -> )
FirewallRules: [{E6AECAE6-E9CA-4496-90B4-545840BC9072}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\alan wakes american nightmare\alan_wakes_american_nightmare.exe (Remedy Entertainment Ltd. -> )
FirewallRules: [{4A51DAA5-9FBD-4F12-8771-544E9C6154E8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Alan Wake\AlanWake.exe (Remedy Entertainment Ltd. -> )
FirewallRules: [{FBFA146F-E245-4A59-86E8-942A87F5C302}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Alan Wake\AlanWake.exe (Remedy Entertainment Ltd. -> )
FirewallRules: [{DB532C53-B1CB-4B26-9087-6B3FA0F618FD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Broken Sword 5\BS5.exe () [Archivo no firmado]
FirewallRules: [{7DF6F642-54E5-4BA2-A8E7-DDC70C90C913}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Broken Sword 5\BS5.exe () [Archivo no firmado]
FirewallRules: [{9028B54C-7070-486E-9899-AFFC0C52E72A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Terraria\Terraria.exe (Re-Logic) [Archivo no firmado]
FirewallRules: [{31218482-B5BB-4AEC-A03A-614E6D2D3E63}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Terraria\Terraria.exe (Re-Logic) [Archivo no firmado]
FirewallRules: [{A4BDA10B-59E5-4C2E-9713-1FA15A8140B8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{285704C3-0C5A-438D-8DA1-80B3C6437FDA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{3FC37064-1F81-4E0D-9957-083FF9A185E7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{8A148938-EE61-426E-9A45-9083C54D2527}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\FINAL FANTASY VIII\FF8_Launcher.exe (Square Enix Ltd. -> )
FirewallRules: [{459486DF-019F-47B9-9581-DAAEF5719567}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\FINAL FANTASY VIII\FF8_Launcher.exe (Square Enix Ltd. -> )
FirewallRules: [{B3CC4214-CAB1-40F4-8588-521B5B65E2E4}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\FINAL FANTASY VII\FF7_Launcher.exe (Square Enix Ltd. -> )
FirewallRules: [{5B26E780-DBB1-4D95-9CA8-1E38D012D47B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\FINAL FANTASY VII\FF7_Launcher.exe (Square Enix Ltd. -> )
FirewallRules: [{3C7F3BC7-6DBA-48F0-81D7-087E14D29CCF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Gender Bender DNA Twister Extreme\gbdnate.exe () [Archivo no firmado]
FirewallRules: [{13AAEC3E-B3F0-41D2-86E8-D6BA5389EB50}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Gender Bender DNA Twister Extreme\gbdnate.exe () [Archivo no firmado]
FirewallRules: [{424EE616-A8BB-46F1-846D-FB395FDB3F7C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Age of Mythology\Launcher.exe (TODO: <Company name>) [Archivo no firmado]
FirewallRules: [{D087B0F2-A7BE-4677-A0B0-54A8F3A3DB41}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Age of Mythology\Launcher.exe (TODO: <Company name>) [Archivo no firmado]
FirewallRules: [{C7365D6E-DC32-476F-A2D7-80E8EDB7FD5B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Terraria\Terraria.exe (Re-Logic) [Archivo no firmado]
FirewallRules: [{32FBB2AF-7899-4342-A706-1DA5688A2AB0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Terraria\Terraria.exe (Re-Logic) [Archivo no firmado]
FirewallRules: [{BCB71778-97E9-4F33-97E9-BB5F6143E5B8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Age2HD\Launcher.exe (TODO: <Company name>) [Archivo no firmado]
FirewallRules: [{7ABD0B92-EAB7-4C1A-9CCC-CB027780E014}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Age2HD\Launcher.exe (TODO: <Company name>) [Archivo no firmado]
FirewallRules: [{221781DE-4691-4C5F-995E-74A9C52FDC76}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Age Of Empires 3\bin\age3y.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{BEB4B2FB-F630-422C-8FDB-7140FC205690}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Age Of Empires 3\bin\age3y.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{A43261E4-D3F4-4252-ADDC-9CF506041573}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Age Of Empires 3\bin\age3x.exe (Microsoft Corporation -> Ensemble Studios)
FirewallRules: [{FB4DB43A-EC4C-4E11-99A0-D8B84E762F1B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Age Of Empires 3\bin\age3x.exe (Microsoft Corporation -> Ensemble Studios)
FirewallRules: [{EE5498E3-2BE4-497F-91B1-901386D0FA24}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Age Of Empires 3\bin\age3.exe (Microsoft Corporation -> Ensemble Studios)
FirewallRules: [{D7EB698E-05E3-4EA9-9CE0-2AC14240E9A6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Age Of Empires 3\bin\age3.exe (Microsoft Corporation -> Ensemble Studios)
FirewallRules: [{BFBB50F9-8890-452F-A170-0EAA97DA3F6F}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{1509AA97-3C0A-4717-99D6-24915FA464AD}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{6D3B2AFE-84EF-47FD-AD1A-A62235615C78}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{74CCEA3F-96B7-47C1-900B-91EC03F14089}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{B2F456C1-FEDA-4CF7-BD22-A7195559F93D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{8F597D89-2555-4C51-80CD-E6EF67E79A8E}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{4F97ED57-8008-4818-AA2C-DD0FA3D8F863}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{5920FFDB-0FB2-4573-9346-DC0BF707EFBA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{22B64C2F-1C9F-4C31-8588-ABF3BEB88C30}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{0F4D37BD-7FAB-4479-8EAC-F29C68D0E2B3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{DCC787F1-FD59-4A08-A9D5-D0DC51328652}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{CF9AFA73-07CD-4D8B-B322-66C14C9639E9}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{70EEC19E-5E53-44D5-8816-FB6B1FA5883A}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{5044CF1C-7135-4F88-9204-F3DD52B6C668}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{171E263C-37EC-4C67-8159-AF0FAEAA49C2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{14E81268-6EC8-4B6C-97C4-0D328C9DE410}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{24CA57DA-F97E-4560-92D2-A90577CAB7DD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [UDP Query User{403B1D1F-1C73-4CF0-B522-D8B851F9D51A}C:\users\lluis portet\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\lluis portet\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{F9CC6EEE-A880-4D05-B3D6-F66A9C2843CA}C:\users\lluis portet\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\lluis portet\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{8C79A643-DE91-4BAB-A140-80259D19F4AA}C:\users\lluis portet\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\lluis portet\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{9A5DC5DD-1D18-4CC3-B072-7518712E33E1}C:\users\lluis portet\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\lluis portet\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{89419CDB-4B88-4FC4-9662-C5AE6118ABF5}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{E6EFE896-57BC-4EDA-B881-B649EF85F540}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{28BC1058-CCA4-4391-AA3C-9C70E04CF6D1}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{CCA11F5D-1539-4B21-A9F3-7C670E593A05}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{8668EE8B-05AF-4DDE-BCA0-95CE5D3326CA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{FE063ECE-1CA6-46D5-8A8C-FD7048C15C96}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{741B211D-0A63-47D5-8EBC-AE269C4F1AEB}] => (Allow) LPort=5357
FirewallRules: [{08DE00EC-CCDD-4223-A128-FE7E887427A7}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{0951AC13-C929-4FE2-BF75-F67B1EAB3AC7}] => (Allow) LPort=2869
FirewallRules: [{C2662B37-D283-4D36-87D2-B67FA4DCC01B}] => (Allow) LPort=1900
FirewallRules: [{114FCAB2-ED8D-4663-AC1C-CCA5664A105B}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{3477594E-D496-4DB2-8B6F-12D035918DC1}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{DF50EC6C-3B69-4FDB-A05D-4403A373937D}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{78CCFF67-8ABB-46A0-9FEA-9A54D7EEA4D6}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{0680C47D-2892-4584-8E8F-86FC090758B2}] => (Allow) C:\Program Files\HP\HP ENVY Photo 7800 series\bin\FaxApplications.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{C3324D6B-6204-4395-9881-076438522434}] => (Allow) C:\Program Files\HP\HP ENVY Photo 7800 series\bin\DigitalWizards.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{8BE0DEF9-C9DA-4474-9BE8-14A0CAC0C708}] => (Allow) C:\Program Files\HP\HP ENVY Photo 7800 series\bin\SendAFax.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{01AA35E4-40A6-4F84-AF41-C8991DF99CBC}] => (Allow) C:\Program Files\HP\HP ENVY Photo 7800 series\bin\FaxPrinterUtility.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{9BDAC6AC-2470-4612-B78F-661963044C20}] => (Allow) C:\Program Files\HP\HP ENVY Photo 7800 series\Bin\DeviceSetup.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{BF31ED4C-E7F0-47EF-8AD0-CFBA5D70510B}] => (Allow) C:\Program Files\HP\HP ENVY Photo 7800 series\Bin\HPNetworkCommunicatorCom.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{BCC27C90-FA6C-448D-B37F-61122A3B9624}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12104.2.43056.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{48054F1F-E8CB-48FC-8DF6-DAE949DC0259}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12104.2.43056.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{9E6D655C-187D-4C86-ABAC-48666434AC86}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12104.2.43056.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{9A5EA851-EC67-4F05-A863-E1975A30ACFA}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12104.2.43056.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{5432012C-6BA7-4776-86DB-A9807168E90A}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12104.2.43056.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{88226564-8543-49EE-B78A-36352B23E74D}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12104.2.43056.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{26EF0B54-9E91-40CA-B32F-6A9F5E05B7AF}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12104.2.43056.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{1E6BB62D-7231-425D-9726-266234B5EA66}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12104.2.43056.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{9F8D6CFC-BFE7-448D-88DB-5FAFB15724CB}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{D20CB151-87B6-4FFC-9554-F66EAF5C61B8}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12105.12.48001.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{0AB096FC-F705-42F0-9140-55AB812096B9}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12105.12.48001.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{B072BC5F-986B-40B0-9D88-DBDB0C03C8AA}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12105.12.48001.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{FA44AD9B-CF1D-4145-A8AF-416FE62D6B9E}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12105.12.48001.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{1A6CAC8A-7437-4649-810C-61A8927F04A2}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12105.12.48001.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{6F1DB44B-A486-4CD9-BD6C-DCE0283E531A}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12105.12.48001.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{DC53A5C8-2564-429F-86C0-A485C09526BD}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12105.12.48001.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{25AB4659-F0A2-4A35-8349-2338A54E2B5A}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12105.12.48001.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [TCP Query User{0FFE1949-57F5-422C-BB7C-99270345B0B9}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [UDP Query User{056BC248-3258-4C87-8E1C-59BB971233C1}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{69F99FD1-C293-47F1-BB77-0DF3E3F801D3}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{205318BE-B257-4884-BEE1-38025A398A58}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{6BD2499C-EB03-47FF-9CEF-74CFB89F15FC}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{BA46EA4A-449E-4E0E-AF03-4155866AF314}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Alan Wake\AlanWake.exe (Remedy Entertainment Ltd. -> )
FirewallRules: [{02515B22-ED0C-45DC-9FE3-0578F72EFBDB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Alan Wake\AlanWake.exe (Remedy Entertainment Ltd. -> )

==================== Puntos de Restauración =========================

05-04-2020 14:24:01 Windows Update
11-04-2020 11:37:13 Windows Update
13-04-2020 13:25:15 Removed ASUS Product Demo Kit
15-04-2020 16:02:26 Installed 4K Video Downloader 4.12
15-04-2020 16:08:25 AdwCleaner_BeforeCleaning_15/04/2020_16:08:24
16-04-2020 20:42:59 AdwCleaner_BeforeCleaning_16/04/2020_20:42:48
17-04-2020 16:04:11 AdwCleaner_BeforeCleaning_17/04/2020_16:00:47
17-04-2020 16:17:27 AdwCleaner_BeforeCleaning_17/04/2020_16:14:14

==================== Dispositivos defectuosos en el Administrador de dispositivos ============


==================== Errores del registro de eventos: ========================

Errores de aplicación:
==================
Error: (04/17/2020 04:49:43 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (11608,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) al abrir un archivo de registro C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (04/17/2020 04:30:28 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (5420,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) al abrir un archivo de registro C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (04/17/2020 04:27:09 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: El programa WinStore.App.exe (versión 12004.1001.1.0) dejó de interactuar con Windows y se cerró. Para ver si hay más información disponible sobre el problema, comprueba el historial de problemas en el panel de control de seguridad y mantenimiento.

Id. de proceso: 2a90

Hora de Inicio: 01d614c42d244192

Hora de finalización: 4294967295

Ruta de la aplicación: C:\Program Files\WindowsApps\Microsoft.WindowsStore_12004.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe

Id. de informe: 1bd8e2f7-0998-485e-9edd-edb21ebfd080

Nombre completo del paquete con errores: Microsoft.WindowsStore_12004.1001.1.0_x64__8wekyb3d8bbwe

Id. de la aplicación relativa al paquete con errores: App

Tipo de bloqueo: Quiesce

Error: (04/17/2020 04:27:02 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
Description: Error al descargar las cadenas del contador de rendimiento para el servicio WmiApRpl (WmiApRpl). El primer valor DWORD de la sección de datos contiene el código de error.

Error: (04/17/2020 04:27:02 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: Las cadenas de rendimiento del valor del Registro de rendimiento están dañadas al procesar el proveedor de contador de extensión Performance. El valor BaseIndex del Registro de rendimiento es el primer valor DWORD, el valor LastCounter es el segundo valor DWORD y el valor LastHelp es el tercer valor DWORD de la sección de datos.

Error: (04/17/2020 04:27:02 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: Las cadenas de rendimiento del valor del Registro de rendimiento están dañadas al procesar el proveedor de contador de extensión Performance. El valor BaseIndex del Registro de rendimiento es el primer valor DWORD, el valor LastCounter es el segundo valor DWORD y el valor LastHelp es el tercer valor DWORD de la sección de datos.

Error: (04/17/2020 04:24:48 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
Description: Error al descargar las cadenas del contador de rendimiento para el servicio WmiApRpl (WmiApRpl). El primer valor DWORD de la sección de datos contiene el código de error.

Error: (04/17/2020 04:24:48 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: Las cadenas de rendimiento del valor del Registro de rendimiento están dañadas al procesar el proveedor de contador de extensión Performance. El valor BaseIndex del Registro de rendimiento es el primer valor DWORD, el valor LastCounter es el segundo valor DWORD y el valor LastHelp es el tercer valor DWORD de la sección de datos.


Errores del sistema:
=============
Error: (04/17/2020 04:32:41 PM) (Source: DCOM) (EventID: 10000) (User: Lluis)
Description: No se puede iniciar un servidor DCOM: {0358B920-0AC7-461F-98F4-58E32CD89148}. Error 
"2147942767"
al iniciar este comando:
C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}

Error: (04/17/2020 04:25:11 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: El servidor {784E29F4-5EBE-4279-9948-1E8FE941646D} no se registró con DCOM dentro del tiempo de espera requerido.

Error: (04/17/2020 04:21:21 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio Asus WebStorage Windows Service no pudo iniciarse debido al siguiente error: 
El sistema no puede encontrar el archivo especificado.

Error: (04/17/2020 04:20:07 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: Error de DCOM "1115" al intentar iniciar el servicio SecurityHealthService con argumentos "No disponible" para ejecutar el servidor:
{8C9C0DB7-2CBA-40F1-AFE0-C55740DD91A0}

Error: (04/17/2020 04:20:07 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: Error de DCOM "1115" al intentar iniciar el servicio SecurityHealthService con argumentos "No disponible" para ejecutar el servidor:
{8C9C0DB7-2CBA-40F1-AFE0-C55740DD91A0}

Error: (04/17/2020 04:20:07 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: Error de DCOM "1115" al intentar iniciar el servicio SecurityHealthService con argumentos "No disponible" para ejecutar el servidor:
{8C9C0DB7-2CBA-40F1-AFE0-C55740DD91A0}

Error: (04/17/2020 04:20:07 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: Error de DCOM "1115" al intentar iniciar el servicio SecurityHealthService con argumentos "No disponible" para ejecutar el servidor:
{8C9C0DB7-2CBA-40F1-AFE0-C55740DD91A0}

Error: (04/17/2020 04:19:23 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: El servicio Servicio Hacer clic y ejecutar de Microsoft Office terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 0 milisegundos: Reiniciar el servicio.


Windows Defender:
===================================
Date: 2020-04-10 23:16:33.750
Description: 
El examen de Antivirus de Windows Defender se detuvo antes de completarse.
Id. de examen: {1A2BE8A7-EC4D-46B2-8EB0-65ABD85BF8E2}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: Lluis\Lluís Portet

Date: 2020-03-29 16:21:38.953
Description: 
Antivirus de Windows Defender detectó malware u otro software potencialmente no deseado.
Para más información, consulta lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win32/Keygen&threatid=2147593794&enterprise=0
Nombre: HackTool:Win32/Keygen
Id.: 2147593794
Gravedad: Alta
Categoría: Herramienta
Ruta de acceso: containerfile:_D:\A organizar\Final\Downloads\Key_gen_9.4.26.rar; containerfile:_D:\A organizar\Final\Downloads\Nitro.PDF.Professional.6.1.2.1_es.rar; containerfile:_D:\A organizar\Final\Downloads\Nitro.PDF.Professional.6.1.2.1_es\Nitro.PDF.Professional-EMBRACE.rar; containerfile:_D:\A organizar\Final\Downloads\SUPERAntiSpyware_Professional_v.5.0.1136_Final.rar; file:_D:\A organizar\Final\Downloads\Key_gen_9.4.26.rar->Key gen_9.4.26\keymaker.exe; file:_D:\A organizar\Final\Downloads\Nitro.PDF.Professional.6.1.2.1_es.rar->Nitro.PDF.Professional-EMBRACE.rar->Nitro.PDF.Professional-EMBRACE\keygen.exe; file:_D:\A organizar\Final\Downloads\Nitro.PDF.Professional.6.1.2.1_es\Nitro.PDF.Professional-EMBRACE.rar->Nitro.PDF.Professional-EMBRACE\keygen.exe; file:_D:\A organizar\Final\Downloads\SUPERAntiSpyware_Professional_v.5.0.1136_Final.rar->SUPERAntiSpyware Professional v.5.0.1136 Final\Medicina\keygen.exe
Origen de detección: Equipo local
Tipo de detección: Concreto
Origen de detección: Sistema
Usuario: NT AUTHORITY\SYSTEM
Nombre de proceso: Unknown
Versión de inteligencia de seguridad: AV: 1.311.1752.0, AS: 1.311.1752.0, NIS: 1.311.1752.0
Versión de motor: AM: 1.1.16800.2, NIS: 1.1.16800.2

Date: 2020-03-22 23:45:29.003
Description: 
El examen de Antivirus de Windows Defender se detuvo antes de completarse.
Id. de examen: {E66647F8-3D46-4451-BC91-CDCE0091BE2C}
Tipo de examen: Antimalware
Parámetros de examen: Examen completo
Usuario: Lluis\Lluís Portet

Date: 2020-03-22 23:45:28.988
Description: 
Antivirus de Windows Defender detectó malware u otro software potencialmente no deseado.
Para más información, consulta lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win32/Keygen&threatid=2147593794&enterprise=0
Nombre: HackTool:Win32/Keygen
Id.: 2147593794
Gravedad: Alta
Categoría: Herramienta
Ruta de acceso: containerfile:_D:\A organizar\Final\Downloads\Key_gen_9.4.26.rar; containerfile:_D:\A organizar\Final\Downloads\Nitro.PDF.Professional.6.1.2.1_es.rar; containerfile:_D:\A organizar\Final\Downloads\Nitro.PDF.Professional.6.1.2.1_es\Nitro.PDF.Professional-EMBRACE.rar; containerfile:_D:\A organizar\Final\Downloads\SUPERAntiSpyware_Professional_v.5.0.1136_Final.rar; file:_D:\A organizar\Final\Downloads\Key_gen_9.4.26.rar->Key gen_9.4.26\keymaker.exe; file:_D:\A organizar\Final\Downloads\Nitro.PDF.Professional.6.1.2.1_es.rar->Nitro.PDF.Professional-EMBRACE.rar->Nitro.PDF.Professional-EMBRACE\keygen.exe; file:_D:\A organizar\Final\Downloads\Nitro.PDF.Professional.6.1.2.1_es\Nitro.PDF.Professional-EMBRACE.rar->Nitro.PDF.Professional-EMBRACE\keygen.exe; file:_D:\A organizar\Final\Downloads\SUPERAntiSpyware_Professional_v.5.0.1136_Final.rar->SUPERAntiSpyware Professional v.5.0.1136 Final\Medicina\keygen.exe
Origen de detección: Equipo local
Tipo de detección: Concreto
Origen de detección: Usuario
Usuario: Lluis\Lluís Portet
Nombre de proceso: Unknown
Versión de inteligencia de seguridad: AV: 1.311.1752.0, AS: 1.311.1752.0, NIS: 1.311.1752.0
Versión de motor: AM: 1.1.16800.2, NIS: 1.1.16800.2

Date: 2020-03-17 21:15:06.454
Description: 
El examen de Antivirus de Windows Defender se detuvo antes de completarse.
Id. de examen: {C361CD58-951B-4234-893D-C83AA29768C5}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM

Date: 2020-04-17 16:53:19.071
Description: 
Antivirus de Windows Defender detectó un error al intentar actualizar la inteligencia de seguridad.
Nueva versión de inteligencia de seguridad: 
Versión anterior de inteligencia de seguridad: 1.313.1268.0
Origen de actualización: Centro de protección contra malware de Microsoft
Tipo de inteligencia de seguridad: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\Servicio de red
Versión actual del motor: 
Versión anterior del motor: 1.1.16900.4
Código de error: 0x80072ee7
Descripción del error: No se pudo resolver el nombre de servidor o su dirección 

Date: 2020-04-17 16:53:19.070
Description: 
Antivirus de Windows Defender detectó un error al intentar actualizar la inteligencia de seguridad.
Nueva versión de inteligencia de seguridad: 
Versión anterior de inteligencia de seguridad: 1.313.1268.0
Origen de actualización: Centro de protección contra malware de Microsoft
Tipo de inteligencia de seguridad: AntiSpyware
Tipo de actualización: Completa
Usuario: NT AUTHORITY\Servicio de red
Versión actual del motor: 
Versión anterior del motor: 1.1.16900.4
Código de error: 0x80072ee7
Descripción del error: No se pudo resolver el nombre de servidor o su dirección 

Date: 2020-04-17 16:53:19.069
Description: 
Antivirus de Windows Defender detectó un error al intentar actualizar la inteligencia de seguridad.
Nueva versión de inteligencia de seguridad: 
Versión anterior de inteligencia de seguridad: 1.313.1268.0
Origen de actualización: Centro de protección contra malware de Microsoft
Tipo de inteligencia de seguridad: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\Servicio de red
Versión actual del motor: 
Versión anterior del motor: 1.1.16900.4
Código de error: 0x80072ee7
Descripción del error: No se pudo resolver el nombre de servidor o su dirección 

Date: 2020-04-17 16:53:19.037
Description: 
Antivirus de Windows Defender detectó un error al intentar actualizar la inteligencia de seguridad.
Nueva versión de inteligencia de seguridad: 
Versión anterior de inteligencia de seguridad: 1.313.1268.0
Origen de actualización: Centro de protección contra malware de Microsoft
Tipo de inteligencia de seguridad: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\Servicio de red
Versión actual del motor: 
Versión anterior del motor: 1.1.16900.4
Código de error: 0x80072ee7
Descripción del error: No se pudo resolver el nombre de servidor o su dirección 

Date: 2020-04-17 16:53:19.036
Description: 
Antivirus de Windows Defender detectó un error al intentar actualizar la inteligencia de seguridad.
Nueva versión de inteligencia de seguridad: 
Versión anterior de inteligencia de seguridad: 1.313.1268.0
Origen de actualización: Centro de protección contra malware de Microsoft
Tipo de inteligencia de seguridad: AntiSpyware
Tipo de actualización: Completa
Usuario: NT AUTHORITY\Servicio de red
Versión actual del motor: 
Versión anterior del motor: 1.1.16900.4
Código de error: 0x80072ee7
Descripción del error: No se pudo resolver el nombre de servidor o su dirección 

CodeIntegrity:
===================================

Date: 2020-04-17 16:39:41.997
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Google\Drive\googledrivesync64.dll that did not meet the Microsoft signing level requirements.

Date: 2020-04-17 16:39:41.949
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Google\Drive\googledrivesync64.dll that did not meet the Microsoft signing level requirements.

Date: 2020-04-17 16:39:41.905
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Google\Drive\googledrivesync64.dll that did not meet the Microsoft signing level requirements.

Date: 2020-04-15 16:11:45.502
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2020-04-15 16:11:45.428
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2020-04-15 15:54:12.116
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2020-04-15 15:50:37.573
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Google\Drive\googledrivesync64.dll that did not meet the Microsoft signing level requirements.

Date: 2020-04-15 15:50:32.410
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Google\Drive\googledrivesync64.dll that did not meet the Microsoft signing level requirements.

==================== Información de la memoria =========================== 

BIOS: American Megatrends Inc. S551LB.205 06/11/2013
Placa base: ASUSTeK COMPUTER INC. S551LB
Procesador: Intel(R) Core(TM) i7-4500U CPU @ 1.80GHz
Porcentaje de memoria en uso: 55%
RAM física total: 8075.22 MB
RAM física disponible: 3602.61 MB
Virtual total: 16267.22 MB
Virtual disponible: 11822.4 MB

==================== Unidades ================================

Drive c: (OS) (Fixed) (Total:371.8 GB) (Free:40.48 GB) NTFS ==>[sistema con componentes de arranque (obtenido de unidad)]
Drive d: (Data) (Fixed) (Total:537.6 GB) (Free:76.52 GB) NTFS

\\?\Volume{30300af6-38dd-4d4f-85f9-7f87bf71c3ff}\ (Recovery) (Fixed) (Total:0.88 GB) (Free:0.45 GB) NTFS
\\?\Volume{138335bd-eda0-471d-a631-6e0cfd90aab1}\ () (Fixed) (Total:0.81 GB) (Free:0.31 GB) NTFS
\\?\Volume{2916e379-559c-4e2e-b102-4f2acd3f05e0}\ (Restore) (Fixed) (Total:20.01 GB) (Free:6.43 GB) NTFS
\\?\Volume{01f9031f-4dc3-45f8-a77a-a217e12be63d}\ (SYSTEM) (Fixed) (Total:0.29 GB) (Free:0.26 GB) FAT32

==================== MBR & Tabla de particiones ====================

==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 3E1AB738)

Partition: GPT.

==========================================================
Disk: 1 (Size: 22.4 GB) (Disk ID: 74F02DEA)
Partition 1: (Not Active) - (Size=22.4 GB) - (Type=73)

==================== Final de Addition.txt =======================

y Fixlog

Muchas gracias por vuestra ayuda!!

Resultados de la corrección de Farbar Recovery Scan Tool (x64) Versión: 15-04-2020
Ejecutado por Lluís Portet (17-04-2020 17:36:36) Run:1
Ejecutado desde C:\Users\Lluis Portet\Desktop
Perfiles cargados: Lluís Portet (Perfiles disponibles: Lluís Portet)
Modo de Inicio: Safe Mode (with Networking)
==============================================

fixlist contenido:
*****************
START
CREATERESTOREPOINT:
CLOSEPROCESSES:
Task: {00684ACB-A0AD-4583-B154-5B7FAE8D72AD} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> Ningún archivo <==== ATENCIÓN
Task: {0DFF7908-46FA-41F9-A0B1-600C607FA91B} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Ningún archivo <==== ATENCIÓN
Task: {1ED13AB3-F2D4-4004-8B57-BF93ABDF5308} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Ningún archivo <==== ATENCIÓN
Task: {3841289C-87CA-4A17-9BF7-0431907E55C6} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> Ningún archivo <==== ATENCIÓN
Task: {49115923-23A5-427B-BAC7-A2AC6A5BD8CD} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> Ningún archivo <==== ATENCIÓN
Task: {58F8786D-8BCC-4E36-94F4-166202A98865} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Ningún archivo <==== ATENCIÓN
Task: {613D2B3B-D8EB-4CD0-8B9F-28BA07505B85} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Ningún archivo <==== ATENCIÓN
Task: {813C8CA2-68FE-4C4A-AA97-F1E3D372F8E4} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Ningún archivo <==== ATENCIÓN
Task: {8B0DC868-14F4-4F83-B259-932DE1094F1B} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Ningún archivo <==== ATENCIÓN
Task: {C8B8918B-29DD-4A88-905B-B40F0A202E38} - \Microsoft\Windows\Setup\gwx\rundetector -> Ningún archivo <==== ATENCIÓN
Task: {DF51D083-EA82-485F-BE05-3BE1DDDB2B49} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Ningún archivo <==== ATENCIÓN
Task: {E50AC9E3-DE9F-4147-9145-45FA38F1191A} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Ningún archivo <==== ATENCIÓN
Task: {E558186A-D312-49E3-BBD7-5290FF816573} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Ningún archivo <==== ATENCIÓN
Task: {E7CBAE3C-255F-4D6B-A819-4BAABFC0EAE8} - \Microsoft\Windows\Setup\GWXTriggers\Time-Weekend -> Ningún archivo <==== ATENCIÓN
Task: {ED9E10CA-A81C-4F3C-8E60-8CA59C026FF8} - \Microsoft\Windows\UNP\RunCampaignManager -> Ningún archivo <==== ATENCIÓN
Task: {F5024FD2-01D7-4384-B094-634A5BE123E9} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Ningún archivo <==== ATENCIÓN
Task: {FAB24E96-ECF1-44A4-82A4-822439246F3D} - \WPD\SqmUpload_S-1-5-21-1639604648-2643072818-1685207513-1002 -> Ningún archivo <==== ATENCIÓN
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restricción <==== ATENCIÓN
CHR HomePage: Default -> hxxp://www.google.com/ig/redirectdomain?brand=ASUT&bmod=ASUT
CHR Extension: (Chrome Media Router) - C:\Users\Lluis Portet\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-04-05]
S2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [81280 2020-03-02] (Mixbyte Inc -> Freemake)
2020-03-22 19:51 - 2020-03-22 19:53 - 000000000 ____D C:\Users\Lluis Portet\Documents\Freemake
2020-03-22 19:51 - 2020-03-22 19:51 - 000000000 ____D C:\Users\Lluis Portet\AppData\Local\FreemakeVideoDownloader
2020-03-22 19:50 - 2020-04-15 15:55 - 000000000 ____D C:\Program Files (x86)\Freemake
2020-03-22 19:50 - 2020-03-22 19:51 - 000000000 ____D C:\ProgramData\Freemake
2020-03-22 19:49 - 2020-03-22 19:49 - 001011376 _____ (Ellora Assets Corporation ) C:\Users\Lluis Portet\Downloads\FreemakeVideoDownloaderSetup_ae3ba08d-8653-2489-d276-2e7d6dcff05f.exe
2020-04-15 16:10 - 2017-01-29 21:14 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2013-10-04 21:56 - 2020-04-15 15:55 - 000000074 _____ () C:\Users\Lluis Portet\AppData\Roaming\sp_data.sys
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> Ningún archivo
FirewallRules: [{47D930BA-B9CD-46A9-BCDE-3D163EE6BCE8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\PAYDAY 2\payday2_win32_release.exe Ningún archivo
FirewallRules: [{7E87F145-DB75-4F13-B36F-E2DDB4F26876}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\PAYDAY 2\payday2_win32_release.exe Ningún archivo


HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
END
*****************

Error: El punto de restauración solamente puede ser creado en modo normal.
Procesos cerrados correctamente.
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{00684ACB-A0AD-4583-B154-5B7FAE8D72AD} => no pudo ser eliminado. Acceso Denegado.
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{00684ACB-A0AD-4583-B154-5B7FAE8D72AD} => no pudo ser eliminado. Acceso Denegado.
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => no pudo ser eliminado. Acceso Denegado.
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0DFF7908-46FA-41F9-A0B1-600C607FA91B} => no pudo ser eliminado. Acceso Denegado.
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0DFF7908-46FA-41F9-A0B1-600C607FA91B} => no pudo ser eliminado. Acceso Denegado.
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d => no pudo ser eliminado. Acceso Denegado.
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1ED13AB3-F2D4-4004-8B57-BF93ABDF5308} => no pudo ser eliminado. Acceso Denegado.
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1ED13AB3-F2D4-4004-8B57-BF93ABDF5308} => no pudo ser eliminado. Acceso Denegado.
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d => no pudo ser eliminado. Acceso Denegado.
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3841289C-87CA-4A17-9BF7-0431907E55C6} => no pudo ser eliminado. Acceso Denegado.
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3841289C-87CA-4A17-9BF7-0431907E55C6} => no pudo ser eliminado. Acceso Denegado.
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d => no pudo ser eliminado. Acceso Denegado.
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{49115923-23A5-427B-BAC7-A2AC6A5BD8CD} => no pudo ser eliminado. Acceso Denegado.
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{49115923-23A5-427B-BAC7-A2AC6A5BD8CD} => no pudo ser eliminado. Acceso Denegado.
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime => no pudo ser eliminado. Acceso Denegado.
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{58F8786D-8BCC-4E36-94F4-166202A98865} => no pudo ser eliminado. Acceso Denegado.
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{58F8786D-8BCC-4E36-94F4-166202A98865} => no pudo ser eliminado. Acceso Denegado.
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d => no pudo ser eliminado. Acceso Denegado.
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{613D2B3B-D8EB-4CD0-8B9F-28BA07505B85} => no pudo ser eliminado. Acceso Denegado.
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{613D2B3B-D8EB-4CD0-8B9F-28BA07505B85} => no pudo ser eliminado. Acceso Denegado.
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent => no pudo ser eliminado. Acceso Denegado.
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{813C8CA2-68FE-4C4A-AA97-F1E3D372F8E4} => no pudo ser eliminado. Acceso Denegado.
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{813C8CA2-68FE-4C4A-AA97-F1E3D372F8E4} => no pudo ser eliminado. Acceso Denegado.
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => no pudo ser eliminado. Acceso Denegado.
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8B0DC868-14F4-4F83-B259-932DE1094F1B} => no pudo ser eliminado. Acceso Denegado.
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8B0DC868-14F4-4F83-B259-932DE1094F1B} => no pudo ser eliminado. Acceso Denegado.
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig => no pudo ser eliminado. Acceso Denegado.
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C8B8918B-29DD-4A88-905B-B40F0A202E38} => no pudo ser eliminado. Acceso Denegado.
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C8B8918B-29DD-4A88-905B-B40F0A202E38} => no pudo ser eliminado. Acceso Denegado.
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\rundetector => no pudo ser eliminado. Acceso Denegado.
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DF51D083-EA82-485F-BE05-3BE1DDDB2B49} => no pudo ser eliminado. Acceso Denegado.
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DF51D083-EA82-485F-BE05-3BE1DDDB2B49} => no pudo ser eliminado. Acceso Denegado.
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => no pudo ser eliminado. Acceso Denegado.
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{E50AC9E3-DE9F-4147-9145-45FA38F1191A} => no pudo ser eliminado. Acceso Denegado.
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E50AC9E3-DE9F-4147-9145-45FA38F1191A} => no pudo ser eliminado. Acceso Denegado.
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess => no pudo ser eliminado. Acceso Denegado.
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{E558186A-D312-49E3-BBD7-5290FF816573} => no pudo ser eliminado. Acceso Denegado.
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E558186A-D312-49E3-BBD7-5290FF816573} => no pudo ser eliminado. Acceso Denegado.
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d => no pudo ser eliminado. Acceso Denegado.
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E7CBAE3C-255F-4D6B-A819-4BAABFC0EAE8} => no pudo ser eliminado. Acceso Denegado.
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E7CBAE3C-255F-4D6B-A819-4BAABFC0EAE8} => no pudo ser eliminado. Acceso Denegado.
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-Weekend => no pudo ser eliminado. Acceso Denegado.
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{ED9E10CA-A81C-4F3C-8E60-8CA59C026FF8} => no pudo ser eliminado. Acceso Denegado.
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{ED9E10CA-A81C-4F3C-8E60-8CA59C026FF8} => no pudo ser eliminado. Acceso Denegado.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager" => no encontrado
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F5024FD2-01D7-4384-B094-634A5BE123E9} => no pudo ser eliminado. Acceso Denegado.
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F5024FD2-01D7-4384-B094-634A5BE123E9} => no pudo ser eliminado. Acceso Denegado.
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d => no pudo ser eliminado. Acceso Denegado.
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FAB24E96-ECF1-44A4-82A4-822439246F3D} => no pudo ser eliminado. Acceso Denegado.
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FAB24E96-ECF1-44A4-82A4-822439246F3D} => no pudo ser eliminado. Acceso Denegado.
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\WPD\SqmUpload_S-1-5-21-1639604648-2643072818-1685207513-1002 => no pudo ser eliminado. Acceso Denegado.
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer => eliminado correctamente
"Chrome HomePage" => eliminado correctamente
CHR Extension: (Chrome Media Router) - C:\Users\Lluis Portet\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-04-05] => Error: Ninguna corrección automática encontrada para esta entrada.
Freemake Improver => servicio no encontrado.
"C:\Users\Lluis Portet\Documents\Freemake" => no encontrado
"C:\Users\Lluis Portet\AppData\Local\FreemakeVideoDownloader" => no encontrado
"C:\Program Files (x86)\Freemake" => no encontrado
"C:\ProgramData\Freemake" => no encontrado
"C:\Users\Lluis Portet\Downloads\FreemakeVideoDownloaderSetup_ae3ba08d-8653-2489-d276-2e7d6dcff05f.exe" => no encontrado
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat => movido correctamente
C:\Users\Lluis Portet\AppData\Roaming\sp_data.sys => movido correctamente
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => eliminado correctamente
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{47D930BA-B9CD-46A9-BCDE-3D163EE6BCE8}" => no encontrado
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{7E87F145-DB75-4F13-B36F-E2DDB4F26876}" => no encontrado
C:\Windows\System32\Drivers\etc\hosts => movido correctamente
Hosts restaurado correctamente.

========= RemoveProxy: =========

"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => eliminado correctamente
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => eliminado correctamente
"HKU\S-1-5-21-1639604648-2643072818-1685207513-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => eliminado correctamente
"HKU\S-1-5-21-1639604648-2643072818-1685207513-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => eliminado correctamente


========= Final de RemoveProxy: =========


========= netsh winsock reset =========


El cat logo Winsock se restableci¢ correctamente.
Debe reiniciar el equipo para completar el restablecimiento.


========= Final de CMD: =========


========= ipconfig /renew =========


Configuraci¢n IP de Windows

No se puede realizar ninguna operaci¢n en Ethernet mientras los medios
est‚n desconectados.
No se puede realizar ninguna operaci¢n en Wi-Fi mientras los medios
est‚n desconectados.
No se puede realizar ninguna operaci¢n en Conexi¢n de  rea local* 2 mientras los medios
est‚n desconectados.
No se puede realizar ninguna operaci¢n en Conexi¢n de  rea local* 3 mientras los medios
est‚n desconectados.

========= Final de CMD: =========


========= ipconfig /flushdns =========


Configuraci¢n IP de Windows

Se vaci¢ correctamente la cach‚ de resoluci¢n de DNS.

========= Final de CMD: =========


========= bitsadmin /reset /allusers =========


BITSADMIN version 3.0
BITS administration utility.
(C) Copyright Microsoft Corp.

Unable to connect to BITS - 0x8007043c
El servicio no puede iniciarse en modo a prueba de errores



========= Final de CMD: =========


========= netsh advfirewall reset =========

Aceptar


========= Final de CMD: =========


========= netsh advfirewall set allprofiles state ON =========

Aceptar


========= Final de CMD: =========


========= netsh int ipv4 reset =========

Reenv¡o de compartimiento se restableci¢ correctamente.
Compartimiento se restableci¢ correctamente.
Protocolo de control se restableci¢ correctamente.
Solicitud de secuencia eco se restableci¢ correctamente.
Global se restableci¢ correctamente.
Interfaz se restableci¢ correctamente.
Direcci¢n de difusi¢n por proximidad (a se restableci¢ correctamente.
Direcciones de multidifusi¢n se restableci¢ correctamente.
Direcci¢n de unidifusi¢n se restableci¢ correctamente.
Vecino se restableci¢ correctamente.
Ruta de acceso se restableci¢ correctamente.
Posible se restableci¢ correctamente.
Directiva de prefijo se restableci¢ correctamente.
Vecino de proxy se restableci¢ correctamente.
Ruta se restableci¢ correctamente.
Prefijo de sitio se restableci¢ correctamente.
Subinterfaz se restableci¢ correctamente.
Patr¢n de reactivaci¢n se restableci¢ correctamente.
Resolver vecino se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
Error al restablecer .
Acceso denegado.

 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.


========= Final de CMD: =========


========= netsh int ipv6 reset =========

Reenv¡o de compartimiento se restableci¢ correctamente.
Compartimiento se restableci¢ correctamente.
Protocolo de control se restableci¢ correctamente.
Solicitud de secuencia eco se restableci¢ correctamente.
Global se restableci¢ correctamente.
Interfaz se restableci¢ correctamente.
Direcci¢n de difusi¢n por proximidad (a se restableci¢ correctamente.
Direcciones de multidifusi¢n se restableci¢ correctamente.
Direcci¢n de unidifusi¢n se restableci¢ correctamente.
Vecino se restableci¢ correctamente.
Ruta de acceso se restableci¢ correctamente.
Posible se restableci¢ correctamente.
Directiva de prefijo se restableci¢ correctamente.
Vecino de proxy se restableci¢ correctamente.
Ruta se restableci¢ correctamente.
Prefijo de sitio se restableci¢ correctamente.
Subinterfaz se restableci¢ correctamente.
Patr¢n de reactivaci¢n se restableci¢ correctamente.
Resolver vecino se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
Error al restablecer .
Acceso denegado.

 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.


========= Final de CMD: =========


=========== EmptyTemp: ==========

BITS transfer queue => 10510336 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 12758005 B
Java, Flash, Steam htmlcache => 106237368 B
Windows/system/drivers => 2177272 B
Edge => 36661161 B
Chrome => 3201776 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 20852 B
NetworkService => 30304 B
Lluis Portet => 46999380 B

RecycleBin => 0 B
EmptyTemp: => 208.5 MB datos temporales eliminados.

================================

Resultado de los archivos programados para mover (Modo de Inicio: Normal) (Fecha y Hora: 17-04-2020 17:39:56)


Resultado de las claves programadas para eliminar después de reiniciar:

"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{00684ACB-A0AD-4583-B154-5B7FAE8D72AD}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{00684ACB-A0AD-4583-B154-5B7FAE8D72AD}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0DFF7908-46FA-41F9-A0B1-600C607FA91B}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0DFF7908-46FA-41F9-A0B1-600C607FA91B}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1ED13AB3-F2D4-4004-8B57-BF93ABDF5308}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1ED13AB3-F2D4-4004-8B57-BF93ABDF5308}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3841289C-87CA-4A17-9BF7-0431907E55C6}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3841289C-87CA-4A17-9BF7-0431907E55C6}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{49115923-23A5-427B-BAC7-A2AC6A5BD8CD}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{49115923-23A5-427B-BAC7-A2AC6A5BD8CD}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{58F8786D-8BCC-4E36-94F4-166202A98865}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{58F8786D-8BCC-4E36-94F4-166202A98865}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{613D2B3B-D8EB-4CD0-8B9F-28BA07505B85}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{613D2B3B-D8EB-4CD0-8B9F-28BA07505B85}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{813C8CA2-68FE-4C4A-AA97-F1E3D372F8E4}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{813C8CA2-68FE-4C4A-AA97-F1E3D372F8E4}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8B0DC868-14F4-4F83-B259-932DE1094F1B}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8B0DC868-14F4-4F83-B259-932DE1094F1B}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C8B8918B-29DD-4A88-905B-B40F0A202E38}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C8B8918B-29DD-4A88-905B-B40F0A202E38}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\rundetector" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DF51D083-EA82-485F-BE05-3BE1DDDB2B49}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DF51D083-EA82-485F-BE05-3BE1DDDB2B49}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{E50AC9E3-DE9F-4147-9145-45FA38F1191A}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E50AC9E3-DE9F-4147-9145-45FA38F1191A}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{E558186A-D312-49E3-BBD7-5290FF816573}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E558186A-D312-49E3-BBD7-5290FF816573}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E7CBAE3C-255F-4D6B-A819-4BAABFC0EAE8}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E7CBAE3C-255F-4D6B-A819-4BAABFC0EAE8}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-Weekend" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{ED9E10CA-A81C-4F3C-8E60-8CA59C026FF8}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{ED9E10CA-A81C-4F3C-8E60-8CA59C026FF8}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F5024FD2-01D7-4384-B094-634A5BE123E9}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F5024FD2-01D7-4384-B094-634A5BE123E9}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FAB24E96-ECF1-44A4-82A4-822439246F3D}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FAB24E96-ECF1-44A4-82A4-822439246F3D}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\WPD\SqmUpload_S-1-5-21-1639604648-2643072818-1685207513-1002" => eliminado correctamente

==== Final  Fixlog 17:40:01 ====