Me salio en pantalla que actualizara y dar acepta y se me instalo el Navegador Chromium y me sustituyo los buscadores predeterminado por el Yahoo y extensiones Yahoo browser en Google Chrome.
Hay que tener cuidado al pulsar o acetar mensajes en webs o al instalar otros programas.
-
Desactiva Temporalmente tu antivirus y cualquier programa de seguridad.
-
Descarga a Tu Escritorio >> Esto es muy importante<<.,Fabar Recovery Scan Tool, considerando la versión adecuada para tu equipo. (32 o 64 bits)
¿Cómo saber si mi Windows es de 32 o 64 bits? -
Doble clic para ejecutar Frst.exe. En la ventana del Disclaimer, presiona Yes.
-
En la nueva ventana que se abre, presiona el botón Scan y espera a que concluya el análisis.
-
Se abrirán dos (2) archivos (Logs), Frst.txt y Addition.txt, que estarán grabados en Tu escritorio.
En Tu próxima respuesta, copias y pegas los dos reportes Frst.txt y Addition.txt de FRST
Nota: Si el/los reportes solicitados no entraran en una sola respuesta porque superan la cantidad de caracteres permitidos, puedes utilizar dos o mas respuestas para pegarlos completamente.
Las respuestas debés pegarlas en este tema, pues ya tienes habilitados las opciones para responder
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-07-2019 01
Ran by PedroAlejandro (23-07-2019 19:19:48)
Running from E:\Escritorio
Windows 10 Pro Version 1903 18362.239 (X64) (2019-06-28 21:36:25)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrador (S-1-5-21-2770923-3023555174-645854538-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2770923-3023555174-645854538-503 - Limited - Disabled)
DevToolsUser (S-1-5-21-2770923-3023555174-645854538-1008 - Limited - Enabled)
Invitado (S-1-5-21-2770923-3023555174-645854538-501 - Limited - Disabled)
PedroAlejandro (S-1-5-21-2770923-3023555174-645854538-1018 - Administrator - Enabled) => C:\Users\PedroAlejandro
sshd (S-1-5-21-2770923-3023555174-645854538-1006 - Limited - Enabled)
WDAGUtilityAccount (S-1-5-21-2770923-3023555174-645854538-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKU\S-1-5-21-2770923-3023555174-645854538-1018\...\uTorrent) (Version: 3.5.3.44358 - BitTorrent Inc.)
Actualización de NVIDIA 37.0.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 37.0.0.0 - NVIDIA Corporation) Hidden
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.223 - Adobe)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.223 - Adobe)
AOMEI Backupper Professional (HKLM-x32\...\{A83692F5-3E9B-4E95-9E7E-B5DF5536CE9D}_is1) (Version: - AOMEI Technology Co., Ltd.)
AOMEI Partition Assistant Pro Edition 7.5 (HKLM-x32\...\{02F850ED-FD0E-4ED1-BE0B-5498165BF300}_is1) (Version: - AOMEI Technology Co., Ltd.)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0050 - ASUS)
AudioWizard (HKLM-x32\...\{57E770A2-2BAF-4CAA-BAA3-BD896E2254D3}) (Version: 1.0.0.135 - ICEpower a/s)
Backup and Sync from Google (HKLM\...\{768C0072-2FD2-4934-9824-B2A1E81AEA5D}) (Version: 3.45.5545.5747 - Google, Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.60 - Piriform)
Chrome Remote Desktop Host (HKLM-x32\...\{A35722E0-FC94-4984-8CA7-100BED21EACA}) (Version: 76.0.3809.21 - Google Inc.)
Defraggler (HKLM\...\Defraggler) (Version: 2.22 - Piriform)
DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 419.67 - NVIDIA Corporation) Hidden
Driver Easy 5.6.12 (HKLM\...\DriverEasy_is1) (Version: 5.6.12 - Easeware)
EaseUS Todo Backup 12.0 Trial (HKLM-x32\...\EaseUS Todo Backup_is1) (Version: 12.0 - CHENGDU YIWO Tech Development Co., Ltd)
FormatFactory 4.8.0.0 (HKLM-x32\...\FormatFactory) (Version: 4.8.0.0 - Free Time)
Glary Utilities PRO 5.124 (HKLM-x32\...\Glary Utilities 5) (Version: 5.124.0.149 - Glarysoft Ltd)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 75.0.3770.142 - Google LLC)
Google Talk Plugin (HKLM-x32\...\{F9B579C2-D854-300A-BE62-A09EB9D722E4}) (Version: 5.41.3.0 - Google)
Google Toolbar for Internet Explorer (HKLM-x32\...\{18455581-E099-4BA8-BC6B-F34B2F06600C}) (Version: 1.0.0 - Google Inc.) Hidden
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.8231.2252 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden
Hard Disk Low Level Format Tool 4.40 (HKLM-x32\...\Hard Disk Low Level Format Tool_is1) (Version: - HDDGURU)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 21.20.16.4550 - Intel Corporation)
Internet Download Manager (HKLM-x32\...\Internet Download Manager) (Version: - Tonec Inc.)
Java 8 Update 221 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180221F0}) (Version: 8.0.2210.11 - Oracle Corporation)
Microsoft Office Profesional Plus 2019 - es-es (HKLM\...\Proplus2019Retail - es-es) (Version: 16.0.11727.20244 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2770923-3023555174-645854538-1018\...\OneDriveSetup.exe) (Version: 19.103.0527.0003 - Microsoft Corporation)
Microsoft Project Professional 2019 - es-es (HKLM\...\ProjectPro2019Retail - es-es) (Version: 16.0.11727.20244 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft Visio Professional 2019 - es-es (HKLM\...\VisioPro2019Retail - es-es) (Version: 16.0.11727.20244 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.16.27012 (HKLM-x32\...\{427ada59-85e7-4bc8-b8d5-ebf59db60423}) (Version: 14.16.27012.6 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.15.26706 (HKLM-x32\...\{7e9fae12-5bbf-47fb-b944-09c49e75c061}) (Version: 14.15.26706.0 - Microsoft Corporation)
Mozilla Firefox 68.0.1 (x64 es-ES) (HKLM\...\Mozilla Firefox 68.0.1 (x64 es-ES)) (Version: 68.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 67.0.4 - Mozilla)
Nitro Pro (HKLM\...\{43DA5F04-2863-475D-85F7-C333516500EE}) (Version: 12.4.0.259 - Nitro)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.15 - NVIDIA Corporation) Hidden
NVIDIA Controlador de gráficos 431.36 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 431.36 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.19.0.107 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.19.0.107 - NVIDIA Corporation)
NVIDIA Software del sistema PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.11727.20244 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.11727.20244 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0C0A-1000-0000000FF1CE}) (Version: 16.0.11727.20244 - Microsoft Corporation) Hidden
Panel de control de NVIDIA 431.36 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 431.36 - NVIDIA Corporation) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8648 - Realtek Semiconductor Corp.)
Revo Uninstaller Pro 4.1.0 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 4.1.0 - VS Revo Group, Ltd.)
RoboForm 8-6-0-0 (All Users) (HKLM-x32\...\AI RoboForm) (Version: 8-6-0-0 - Siber Systems)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.63.0 - Samsung Electronics Co., Ltd.)
Speccy (HKLM\...\Speccy) (Version: 1.32 - Piriform)
Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
VC80CRTRedist - 8.0.50727.6195 (HKLM-x32\...\{933B4015-4618-4716-A828-5289FC03165F}) (Version: 1.2.0 - DivX, Inc) Hidden
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 3.2.2 - ASUSTeK COMPUTER INC.)
WinRAR 5.71 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.71.0 - win.rar GmbH)
Wondershare Filmora(Build 8.5.1) (HKLM\...\Wondershare Filmora_is1) (Version: - Wondershare Software)
Wondershare Helper Compact 2.6.0 (HKLM-x32\...\{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.6.0 - Wondershare)
Your Uninstaller! 7 (HKLM-x32\...\YU2010_is1) (Version: 7.5.2014.3 - URSoft, Inc.)
Packages:
=========
Adobe Notification Client -> C:\Program Files\WindowsApps\AdobeNotificationClient_1.0.1.22_x86__enpm4xejd91yc [2019-07-19] (Adobe Systems Incorporated)
Calculadora² -> C:\Program Files\WindowsApps\61908RichardWalters.Calculator_2019.304.0.0_x64__486nvj664v5b0 [2019-06-28] (Richard Walters)
Candy Crush Friends -> C:\Program Files\WindowsApps\king.com.CandyCrushFriends_1.15.13.0_x86__kgqvnymyfvs32 [2019-06-28] (king.com)
Candy Crush Jelly Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushJellySaga_2.22.8.0_x86__kgqvnymyfvs32 [2019-06-28] (king.com)
Candy Crush Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSaga_1.1550.4.0_x86__kgqvnymyfvs32 [2019-07-16] (king.com)
Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.143.600.0_x86__kgqvnymyfvs32 [2019-07-10] (king.com)
Centro de comando de gráficos Intel® -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.1247.0_x64__8j3eq9eme6ctt [2019-07-12] (INTEL CORP)
Correo y Calendario -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe [2019-07-10] (Microsoft Corporation) [MS Ad]
EdgeDevtoolsPlugin -> C:\WINDOWS\SystemApps\Microsoft.EdgeDevtoolsPlugin_cw5n1h2txyewy [2019-06-29] (Microsoft Corporation)
Extensión de Lector inmersivo sin conexión -> C:\Program Files\WindowsApps\Microsoft.ImmersiveReader_1.4.0.0_x64__8wekyb3d8bbwe [2019-07-04] (Microsoft Corporation)
IDM Integration Module -> C:\Program Files\WindowsApps\TonecInc.IDMIntegrationModule_6.30.6.0_neutral__e7b5mm5d3r6v2 [2019-06-28] (Tonec Inc.)
Instagram -> C:\Program Files\WindowsApps\Facebook.InstagramBeta_41.1788.50991.0_x86__8xx8rvfyw5nnt [2019-03-27] (Instagram)
Intel® Graphics Control Panel -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsControlPanel_3.2.0.0_x64__8j3eq9eme6ctt [2019-06-20] (INTEL CORP)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-03-27] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-03-27] (Microsoft Corporation) [MS Ad]
Microsoft To-Do -> C:\Program Files\WindowsApps\Microsoft.Todos_1.61.21902.0_x64__8wekyb3d8bbwe [2019-07-17] (Microsoft Corporation)
MSN El Tiempo -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.31.11905.0_x64__8wekyb3d8bbwe [2019-07-20] (Microsoft Corporation) [MS Ad]
Office Online -> C:\Program Files\WindowsApps\Microsoft.OfficeOnline_1.5.8.0_neutral__8wekyb3d8bbwe [2019-06-28] (Microsoft Corporation)
RoboForm Password Manager -> C:\Program Files\WindowsApps\SiberSystemsInc.RoboFormEdge_8.5.7.0_x86__7kk3kr9e0p1np [2019-06-28] (Siber Systems Inc)
Telegram Desktop -> C:\Program Files\WindowsApps\TelegramMessengerLLP.TelegramDesktop_1.7.14.0_x64__t4vj0pshhgkwm [2019-07-08] (Telegram Messenger LLP)
Traductor -> C:\Program Files\WindowsApps\Microsoft.BingTranslator_5.5.14.0_x64__8wekyb3d8bbwe [2019-07-04] (Microsoft Corporation)
TuneIn Radio -> C:\Program Files\WindowsApps\TuneIn.TuneInRadio_4.0.5.1000_x64__6bhtb546zcxnj [2019-06-28] (TuneIn) [MS Ad]
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.Twitter_6.1.4.1000_neutral__wgeqdkkx372wm [2019-03-27] (Twitter Inc.)
uBlock Origin -> C:\Program Files\WindowsApps\37833NikRolls.uBlockOrigin_1.15.24.0_neutral__f8jsg5mm64m62 [2019-03-27] (Nik Rolls)
WhatsApp Desktop -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_0.3.3794.0_x64__cv1g1gvanyjgm [2019-07-09] (WhatsApp Inc.)
Windows Terminal (Preview) -> C:\Program Files\WindowsApps\Microsoft.WindowsTerminal_0.2.1831.0_x64__8wekyb3d8bbwe [2019-07-04] (Microsoft Corporation)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-2770923-3023555174-645854538-1018_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-CD527DEF4996} -> [Creative Cloud Files] => C:\Users\PedroAlejandro\Creative Cloud Files [2019-07-19 21:10]
CustomCLSID: HKU\S-1-5-21-2770923-3023555174-645854538-1018_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Inc. -> Adobe Systems)
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => -> No File
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => -> No File
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => -> No File
ShellIconOverlayIdentifiers: [ IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll [2019-05-02] (Tonec Inc. -> Tonec Inc.)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync64.dll [2019-06-27] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync64.dll [2019-06-27] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync64.dll [2019-06-27] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => -> No File
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => -> No File
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers1: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2018-05-02] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers1: [FormatFactoryShell] -> {A3888923-CFD3-4A6B-89BF-08E6B95716E8} => C:\Program Files (x86)\FormatFactory\ShellEx64_106.dll [2019-07-02] (Free Time) [File not signed]
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2019-06-27] (Google LLC -> Google)
ContextMenuHandlers1: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files (x86)\Glary Utilities 5\x64\ContextHandler.dll [2019-01-23] (Glarysoft LTD -> Glarysoft Ltd)
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> No File
ContextMenuHandlers1: [NP8ShellExtension] -> {9C4B85B8-956C-49BF-9BA5-101384E562B2} => C:\Program Files\Nitro\Pro\12\NPShellExtension.dll [2018-09-04] (Nitro Software, Inc. -> Nitro Software, Inc.)
ContextMenuHandlers1: [SimpleShlExt] -> {45203D3B-3D73-4497-8AFE-D29950AC6C55} => C:\Program Files (x86)\EaseUS\Todo Backup\bin\x64\ImageSh.dll [2018-12-17] (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co.,Ltd)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files (x86)\Glary Utilities 5\x64\ContextHandler.dll [2019-01-23] (Glarysoft LTD -> Glarysoft Ltd)
ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> No File
ContextMenuHandlers2: [SimpleShlExt] -> {45203D3B-3D73-4497-8AFE-D29950AC6C55} => C:\Program Files (x86)\EaseUS\Todo Backup\bin\x64\ImageSh.dll [2018-12-17] (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co.,Ltd)
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> No File
ContextMenuHandlers3: [UnlockerShellExtension] -> {DDE4BEEB-DDE6-48fd-8EB5-035C09923F83} => C:\Program Files\Unlocker\UnlockerCOM.dll [2010-07-15] (Empty Loop -> )
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers4: [FormatFactoryShell] -> {A3888923-CFD3-4A6B-89BF-08E6B95716E8} => C:\Program Files (x86)\FormatFactory\ShellEx64_106.dll [2019-07-02] (Free Time) [File not signed]
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2019-06-27] (Google LLC -> Google)
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> No File
ContextMenuHandlers4: [SimpleShlExt] -> {45203D3B-3D73-4497-8AFE-D29950AC6C55} => C:\Program Files (x86)\EaseUS\Todo Backup\bin\x64\ImageSh.dll [2018-12-17] (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co.,Ltd)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2019-07-03] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2018-05-02] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers6: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files (x86)\Glary Utilities 5\x64\ContextHandler.dll [2019-01-23] (Glarysoft LTD -> Glarysoft Ltd)
ContextMenuHandlers6: [RUShellExt] -> {2C5515DC-2A7E-4BFD-B813-CACC2B685EB7} => C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RUExt.dll [2019-03-29] (VS Revo Group Ltd. -> VS Revo Group)
ContextMenuHandlers6: [UnlockerShellExtension] -> {DDE4BEEB-DDE6-48fd-8EB5-035C09923F83} => C:\Program Files\Unlocker\UnlockerCOM.dll [2010-07-15] (Empty Loop -> )
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\PedroAlejandro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\Escritorio Remoto de Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=gbchcmhmhahfdphkhkmpfmihenigjmpp
==================== Loaded Modules (Whitelisted) ==============
2019-07-09 08:59 - 2016-03-07 18:08 - 001291264 _____ () [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\libxml2.dll
2019-07-09 08:59 - 2004-10-05 03:08 - 000055808 _____ () [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\zlib1.dll
2019-07-09 08:59 - 2018-12-22 01:38 - 000057936 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\ActivationOnline.dll
2019-07-09 08:59 - 2018-12-22 00:43 - 000028752 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\Options.dll
2019-07-09 08:59 - 2008-11-25 17:18 - 000892928 _____ (Free Software Foundation) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\iconv.dll
2019-07-02 11:29 - 2019-07-02 11:29 - 000301568 _____ (Free Time) [File not signed] C:\Program Files (x86)\FormatFactory\ShellEx64_106.dll
2019-07-19 21:43 - 2019-07-19 21:43 - 000065536 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\WinSxS\x86_microsoft.vc80.openmp_1fc8b3b9a1e18e3b_8.0.50727.6195_none_3b1209fdc9ac7774\vcomp.dll
2019-07-09 08:59 - 2016-01-26 08:38 - 001150464 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\CMC\bin\LIBEAY32.dll
2019-07-01 15:20 - 2019-07-01 15:18 - 004059192 _____ (Tonec Inc.) [File not signed] C:\Program Files (x86)\Internet Download Manager\IDMan.exe
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Windows:nlsPreferences [386]
AlternateDataStreams: C:\ProgramData\TEMP:1CE11B51 [306]
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-2770923-3023555174-645854538-1018\...\localhost -> localhost
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2019-06-18 12:53 - 2019-07-09 08:41 - 000001241 ____R C:\WINDOWS\system32\drivers\etc\hosts
149.202.196.40 dow0.drivereasy.com
149.202.196.40 dow1.drivereasy.com
127.0.0.1 platform.wondershare.com
127.0.0.1 app.drivereasy.com
127.0.0.1 activation.easeus.com
127.0.0.1 track.easeus.com
127.0.0.1 66.39.112.91
127.0.0.1 216.92.151.227
127.0.0.1 216.92.61.7
127.0.0.1 www.easeus.com
2018-10-14 11:55 - 2019-07-05 11:58 - 000000533 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
172.17.48.17 My-Equ�po.mshome.net # 2024 7 3 3 9 58 11 511
192.168.121.49 My-Equ�po.mshome.net # 2024 5 2 28 7 24 36 211
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;c:\programdata\oracle\java\javapath;c:\windows\system32;c:\windows;c:\windows\system32\wbem;c:\windows\system32\windowspowershell\v1.0\;c:\windows\system32\openssh\;c:\program files (x86)\aomei backupper;c:\program files\nvidia corporation\nvidia nvdlisr;c:\windows\system32;c:\windows;c:\windows\system32\wbem;c:\windows\system32\windowspowershell\v1.0\;c:\windows\system32\openssh\;c:\program files (x86)\aomei backupper;c:\program files (x86)\easeus\todo backup\bin;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common
HKU\S-1-5-21-2770923-3023555174-645854538-1018\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: On)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
If an entry is included in the fixlist, it will be removed.
HKLM\...\StartupApproved\Run: => "AvastUI.exe"
HKLM\...\StartupApproved\Run32: => "Wondershare Helper Compact.exe"
HKU\S-1-5-21-2770923-3023555174-645854538-1018\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-2770923-3023555174-645854538-1018\...\StartupApproved\Run: => "uTorrent"
HKU\S-1-5-21-2770923-3023555174-645854538-1018\...\StartupApproved\Run: => "GoogleDriveSync"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{C86E21BA-95F2-452B-885B-94363386FEA6}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [OpenSSH-Server-In-TCP] => (Allow) %SystemRoot%\system32\OpenSSH\sshd.exe (Microsoft Windows -> )
FirewallRules: [TCP Query User{09E290EA-3758-4C01-9B50-F4305E03006C}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{BCD5722F-4E55-41AE-8866-7BFDCB48A4BB}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{C3ECA77F-11FA-4214-87A0-9399F2FD06A6}] => (Allow) C:\Users\PedroAlejandro\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{E879B112-C00D-4077-933C-BF82654E29C2}] => (Allow) C:\Users\PedroAlejandro\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{763429D8-7D3F-4D39-BD3D-B6A555B58D21}] => (Allow) C:\Users\PedroAlejandro\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{C880063B-898B-48EB-A9C2-43879FED4AB4}] => (Allow) C:\Users\PedroAlejandro\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{E4EB56A3-8B25-41C1-9A7D-E23E38CD4AA3}] => (Allow) C:\Users\PedroAlejandro\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{48F02DC9-30C4-4FFF-8D12-BA78513034B1}] => (Allow) C:\Users\PedroAlejandro\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{D92B0E41-F860-4E7D-A958-CFA617BA5661}] => (Allow) C:\Program Files (x86)\AOMEI Backupper\ABService.exe (CHENGDU AOMEI Tech Co., Ltd. -> AOMEI Tech Co., Ltd.)
FirewallRules: [{6B95BBE2-027D-46FA-9676-7D28403A9948}] => (Allow) C:\Program Files (x86)\AOMEI Backupper\ABService.exe (CHENGDU AOMEI Tech Co., Ltd. -> AOMEI Tech Co., Ltd.)
FirewallRules: [{713758AA-0826-43E2-A5ED-A39E4CA12DEB}] => (Allow) C:\Program Files (x86)\AOMEI Backupper\ABService.exe (CHENGDU AOMEI Tech Co., Ltd. -> AOMEI Tech Co., Ltd.)
FirewallRules: [{D3586241-DB08-4379-89EF-1D7CABC21300}] => (Allow) C:\Program Files (x86)\AOMEI Backupper\ABService.exe (CHENGDU AOMEI Tech Co., Ltd. -> AOMEI Tech Co., Ltd.)
FirewallRules: [TCP Query User{9F885B4A-2DF5-40BA-96E9-675CA9E0AC88}C:\program files (x86)\google\chrome\application\chrome.exe] => (Block) C:\program files (x86)\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [UDP Query User{EECA6788-EDC0-48E1-AF25-F4BC7F0379CC}C:\program files (x86)\google\chrome\application\chrome.exe] => (Block) C:\program files (x86)\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{8BD7E7A8-DC64-4EF9-B1BD-C92957522B5D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{324DEEEC-7BF2-498A-979C-3A931C91CDF0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{26BCBADB-F878-4E88-BD41-EFE5CD62D489}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\CMC\bin\EBCClient.exe (CHENGDU YIWO Tech Development Co., Ltd. -> )
FirewallRules: [{479ABEF2-45ED-4E33-93D7-B264387A440D}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TbService.exe (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd)
FirewallRules: [{04507CCF-567A-4830-AB2D-00A2E56FD99D}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TbService.exe (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd)
FirewallRules: [{FC348315-21F3-4F4A-A6D0-2A5C639E5124}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe (CHENGDU YIWO Tech Development Co., Ltd. -> )
FirewallRules: [{3EEC0F1E-D9C3-4BC7-A644-32906EB2548B}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe (CHENGDU YIWO Tech Development Co., Ltd. -> )
FirewallRules: [{52BB1130-630F-4634-8FC8-1125470F83A3}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe (CHENGDU YIWO Tech Development Co., Ltd. -> )
FirewallRules: [{BD95FC71-DEB1-4955-9074-32EE6B27AC70}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe (CHENGDU YIWO Tech Development Co., Ltd. -> )
FirewallRules: [TCP Query User{18686986-818B-4694-AB12-D4144711D336}C:\program files (x86)\formatfactory\formatfactory.exe] => (Allow) C:\program files (x86)\formatfactory\formatfactory.exe (暇光软件科技(上海)有限公司 -> Free Time Co., Ltd.)
FirewallRules: [UDP Query User{E37D63E3-C53D-455D-AE82-766176AD0FCC}C:\program files (x86)\formatfactory\formatfactory.exe] => (Allow) C:\program files (x86)\formatfactory\formatfactory.exe (暇光软件科技(上海)有限公司 -> Free Time Co., Ltd.)
FirewallRules: [{D032BEE3-BF20-455E-968F-7DE33E1C5C01}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe (暇光软件科技(上海)有限公司 -> Free Time Co., Ltd.)
FirewallRules: [{DE22E1A2-D925-4182-ABE4-3D704EC40D36}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.)
FirewallRules: [{0A751A69-0502-41E9-A9E0-818DB4FEC855}] => (Allow) C:\Program Files\Easeware\DriverEasy\DriverEasy.exe (Easeware Technology Limited -> Easeware)
FirewallRules: [{A6B36129-A442-4B6C-97B1-13FE7C819972}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{BBD3BF43-3F23-480E-BB2C-4137D2FF576D}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{61EE5F7D-2920-42D8-9AAF-0FCA45BBAFB1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{617E5E75-7ECA-45C9-8C8A-88B30AF40DC8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{97343120-DD8A-4202-B7E5-2C1EB8403510}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{B9E39558-E9A8-4EAA-81D5-476A6C4F7A4E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{74FBD631-8A52-49CC-8924-A517D32355B6}] => (Allow) C:\Program Files (x86)\Google\Chrome Remote Desktop\76.0.3809.21\remoting_host.exe (Google LLC -> Google Inc.)
FirewallRules: [{E718ED9A-B36A-470B-AF3F-B55B1DB5A396}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
==================== Restore Points =========================
09-07-2019 23:16:41 Revo Uninstaller Pro's restore point - Chromium
10-07-2019 12:19:30 Revo Uninstaller Pro's restore point - Auslogics Registry Defrag
10-07-2019 13:37:10 DDU Restore Point
10-07-2019 16:11:19 Revo Uninstaller Pro's restore point - EaseUS Data Recovery Wizard
13-07-2019 19:19:35 Revo Uninstaller Pro's restore point - Backup and Sync from Google
13-07-2019 19:22:29 Removed Backup and Sync from Google
18-07-2019 08:28:37 Revo Uninstaller Pro's restore point - PicosmosTools 2.3.0.0
19-07-2019 11:20:32 Revo Uninstaller Pro's restore point - Chromium
19-07-2019 14:00:44 Revo Uninstaller Pro's restore point - Spybot - Search & Destroy
19-07-2019 14:03:17 Revo Uninstaller Pro's restore point - Malwarebytes versión 3.7.1.2839
19-07-2019 20:20:50 Revo Uninstaller Pro's restore point - Bulk Rename Utility 3.0.0.1 (64-bit)
19-07-2019 22:46:17 Revo Uninstaller Pro's restore point - Adobe Creative Cloud
19-07-2019 22:48:09 Revo Uninstaller Pro's restore point - Adobe Lightroom
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (07/23/2019 07:19:07 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (848,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) al abrir un archivo de registro C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (07/23/2019 07:08:25 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (4352,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) al abrir un archivo de registro C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (07/23/2019 06:59:32 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (20564,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) al abrir un archivo de registro C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (07/23/2019 06:52:08 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (17564,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) al abrir un archivo de registro C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (07/23/2019 06:45:41 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (18236,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) al abrir un archivo de registro C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (07/23/2019 06:36:49 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (23388,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) al abrir un archivo de registro C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (07/23/2019 03:12:21 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (16812,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) al abrir un archivo de registro C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (07/23/2019 02:45:11 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (10772,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) al abrir un archivo de registro C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
System errors:
=============
Error: (07/23/2019 06:24:35 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: El servicio Sincronizar host_ea78df7 terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 10000 milisegundos: Reiniciar el servicio.
Error: (07/23/2019 06:24:35 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: El servicio Servicio de usuario del portapapeles_ea78df7 terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 3000 milisegundos: Reiniciar el servicio.
Error: (07/23/2019 03:27:21 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: El servicio Servicio de usuario del portapapeles_a1d3d71 terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 3000 milisegundos: Reiniciar el servicio.
Error: (07/23/2019 03:16:22 PM) (Source: DCOM) (EventID: 10010) (User: MY-EQUÍPO)
Description: El servidor {D7FD466D-F6CF-4C8E-86DD-12E9B0FDAE48} no se registró con DCOM dentro del tiempo de espera requerido.
Error: (07/22/2019 09:43:37 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: El servicio Servicio de usuario del portapapeles_2da0d30 terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 3000 milisegundos: Reiniciar el servicio.
Error: (07/22/2019 08:05:59 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: El servicio Servicio de usuario del portapapeles_1163b16 terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 3000 milisegundos: Reiniciar el servicio.
Error: (07/21/2019 10:54:05 PM) (Source: DCOM) (EventID: 10010) (User: MY-EQUÍPO)
Description: El servidor {D7FD466D-F6CF-4C8E-86DD-12E9B0FDAE48} no se registró con DCOM dentro del tiempo de espera requerido.
Error: (07/21/2019 10:54:05 PM) (Source: DCOM) (EventID: 10010) (User: MY-EQUÍPO)
Description: El servidor {D7FD466D-F6CF-4C8E-86DD-12E9B0FDAE48} no se registró con DCOM dentro del tiempo de espera requerido.
Windows Defender:
===================================
Date: 2019-07-19 22:27:12.169
Description:
El examen de Antivirus de Windows Defender se detuvo antes de completarse.
Id. de examen: {B49E75D5-48EC-4FDE-BE14-84045E2FA3BB}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM
Date: 2019-07-19 21:46:22.074
Description:
Antivirus de Windows Defender detectó malware u otro software potencialmente no deseado.
Para más información, consulta lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Wacatac.B!ml&threatid=2147735505&enterprise=0
Nombre: Trojan:Win32/Wacatac.B!ml
Id.: 2147735505
Gravedad: Grave
Categoría: Caballo de Troya
Ruta de acceso: file:_C:\Users\PedroAlejandro\AppData\Roaming\IDM\DwnlData\PedroAlejandro\FRST_194\FRST.exe
Origen de detección: Equipo local
Tipo de detección: FastPath
Origen de detección: Protección en tiempo real
Usuario: MY-EQUÍPO\PedroAlejandro
Nombre de proceso: C:\Program Files (x86)\Internet Download Manager\IDMan.exe
Versión de inteligencia de seguridad: AV: 1.299.69.0, AS: 1.299.69.0, NIS: 1.299.69.0
Versión de motor: AM: 1.1.16200.1, NIS: 1.1.16200.1
Date: 2019-07-19 21:45:53.768
Description:
Antivirus de Windows Defender detectó malware u otro software potencialmente no deseado.
Para más información, consulta lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Wacatac.B!ml&threatid=2147735505&enterprise=0
Nombre: Trojan:Win32/Wacatac.B!ml
Id.: 2147735505
Gravedad: Grave
Categoría: Caballo de Troya
Ruta de acceso: file:_C:\Users\PedroAlejandro\AppData\Roaming\IDM\DwnlData\PedroAlejandro\FRST_194\FRST.exe
Origen de detección: Equipo local
Tipo de detección: FastPath
Origen de detección: Protección en tiempo real
Usuario: MY-EQUÍPO\PedroAlejandro
Nombre de proceso: C:\Program Files (x86)\Internet Download Manager\IDMan.exe
Versión de inteligencia de seguridad: AV: 1.299.69.0, AS: 1.299.69.0, NIS: 1.299.69.0
Versión de motor: AM: 1.1.16200.1, NIS: 1.1.16200.1
Date: 2019-07-19 21:45:45.975
Description:
Antivirus de Windows Defender detectó malware u otro software potencialmente no deseado.
Para más información, consulta lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Wacatac.B!ml&threatid=2147735505&enterprise=0
Nombre: Trojan:Win32/Wacatac.B!ml
Id.: 2147735505
Gravedad: Grave
Categoría: Caballo de Troya
Ruta de acceso: file:_C:\Users\PedroAlejandro\AppData\Roaming\IDM\DwnlData\PedroAlejandro\FRST_194\FRST.exe
Origen de detección: Equipo local
Tipo de detección: FastPath
Origen de detección: Protección en tiempo real
Usuario: MY-EQUÍPO\PedroAlejandro
Nombre de proceso: C:\Program Files (x86)\Internet Download Manager\IDMan.exe
Versión de inteligencia de seguridad: AV: 1.299.69.0, AS: 1.299.69.0, NIS: 1.299.69.0
Versión de motor: AM: 1.1.16200.1, NIS: 1.1.16200.1
Date: 2019-07-19 20:36:02.552
Description:
El examen de Antivirus de Windows Defender se detuvo antes de completarse.
Id. de examen: {C73017E7-C745-467F-9747-84EB0BD1860A}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM
Date: 2019-07-10 13:37:46.726
Description:
La característica Protección en tiempo real de Antivirus de Windows Defender encontró un error:
Característica: Durante el acceso
Código de error: 0x8007043c
Descripción del error: El servicio no puede iniciarse en modo a prueba de errores
Motivo: La inteligencia de seguridad antimalware dejó de funcionar por motivos desconocidos. En algunos casos, reiniciar el servicio puede que resuelva el problema.
Date: 2019-07-09 10:02:00.283
Description:
La característica Protección en tiempo real de Antivirus de Windows Defender encontró un error:
Característica: Durante el acceso
Código de error: 0x8007043c
Descripción del error: El servicio no puede iniciarse en modo a prueba de errores
Motivo: La inteligencia de seguridad antimalware dejó de funcionar por motivos desconocidos. En algunos casos, reiniciar el servicio puede que resuelva el problema.
Date: 2019-07-05 23:09:49.134
Description:
La característica Protección en tiempo real de Antivirus de Windows Defender encontró un error:
Característica: Durante el acceso
Código de error: 0x8007043c
Descripción del error: El servicio no puede iniciarse en modo a prueba de errores
Motivo: La inteligencia de seguridad antimalware dejó de funcionar por motivos desconocidos. En algunos casos, reiniciar el servicio puede que resuelva el problema.
CodeIntegrity:
===================================
Date: 2019-07-22 11:47:35.001
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\BootDefragDriver.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2019-07-21 18:38:10.220
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\GUBootStartup.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2019-07-19 23:19:52.598
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\GUBootStartup.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2019-07-19 13:30:48.714
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\GUBootStartup.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2019-07-19 11:13:56.622
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2019-07-19 11:13:55.763
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2019-07-19 11:13:54.945
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2019-07-19 11:13:37.968
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Memory info ===========================
BIOS: American Megatrends Inc. X550VX.302 05/04/2017
Motherboard: ASUSTeK COMPUTER INC. X550VX
Processor: Intel(R) Core(TM) i7-6700HQ CPU @ 2.60GHz
Percentage of memory in use: 35%
Total physical RAM: 16279.76 MB
Available physical RAM: 10563.84 MB
Total Virtual: 32663.76 MB
Available Virtual: 26534.82 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:221.8 GB) (Free:112.07 GB) NTFS
Drive d: (Vídeos) (Fixed) (Total:531.51 GB) (Free:135.61 GB) NTFS
Drive e: (Datos) (Fixed) (Total:400 GB) (Free:108.79 GB) NTFS
\\?\Volume{9b9f0422-a688-45dc-be96-511394978ea7}\ (Recuperación) (Fixed) (Total:0.49 GB) (Free:0.47 GB) NTFS
\\?\Volume{0a615ce3-af1b-4db9-8c3a-7592fb85fa34}\ () (Fixed) (Total:0.57 GB) (Free:0.08 GB) NTFS
\\?\Volume{bc2000e4-e050-4b29-bc7d-795860781b2b}\ () (Fixed) (Total:0.6 GB) (Free:0.08 GB) NTFS
\\?\Volume{629458e4-0000-0000-0000-010000000000}\ (PortableBaseLayer) (Fixed) (Total:8 GB) (Free:7.6 GB) NTFS
\\?\Volume{5eb8e210-64e2-4c54-9e5f-6224ee4ecf96}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 223.6 GB) (Disk ID: AE139F50)
Partition: GPT.
========================================================
Disk: 1 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)
Partition: GPT.
========================================================
Disk: 2 (MBR Code: Windows 7/8/10) (Size: 8 GB) (Disk ID: 629458E4)
Partition 1: (Not Active) - (Size=8 GB) - (Type=07 NTFS)
==================== End of Addition.txt========Y el otro log???
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15-07-2019 01
Ran by PedroAlejandro (administrator) on MY-EQUÍPO (ASUSTeK COMPUTER INC. X550VX) (23-07-2019 19:18:40)
Running from E:\Escritorio
Loaded Profiles: PedroAlejandro (Available Profiles: PedroAlejandro)
Platform: Windows 10 Pro Version 1903 18362.239 (X64) Language: Español (España, internacional)
Default browser: Edge
Boot Mode: Normal
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
() [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.48.51.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.YourPhone_1.19062.451.0_x64__8wekyb3d8bbwe\YourPhone.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19031.11411.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(CHENGDU AOMEI Tech Co., Ltd. -> AOMEI Tech Co., Ltd.) C:\Program Files (x86)\AOMEI Backupper\ABService.exe
(CHENGDU YIWO Tech Development Co., Ltd. -> ) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe
(CHENGDU YIWO Tech Development Co., Ltd. -> ) C:\Program Files (x86)\EaseUS\Todo Backup\CMC\bin\EBCClient.exe
(CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd) C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.11\GoogleCrashHandler.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.11\GoogleCrashHandler64.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome Remote Desktop\76.0.3809.21\remoting_host.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome Remote Desktop\76.0.3809.21\remoting_host.exe
(ICEpower a/s -> ICEpower A/S) C:\Windows\System32\ICEsoundService64.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_353320edb98da643\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_353320edb98da643\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_bf9afe57cbde0e11\IntelCpHDCPSvc.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_bf9afe57cbde0e11\IntelCpHeciSvc.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\PedroAlejandro\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.48.51.0_x64__kzf8qxf38zg5c\SkypeApp.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.48.51.0_x64__kzf8qxf38zg5c\SkypeBridge\SkypeBridge.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxCalendarAppImm.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CredentialEnrollmentManager.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\LsaIso.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeSH.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SecurityHealthHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Speech_OneCore\common\SpeechRuntime.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\usocoreworker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\vds.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\vmcompute.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1906.3-0\MsMpEng.exe
(Nitro Software, Inc. -> Nalpeiron Ltd.) C:\Windows\SysWOW64\NLSSRV32.EXE
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(Siber Systems -> Siber Systems) C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon.exe
(Siber Systems -> Siber Systems) C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon-x64.exe
(Tonec Inc. -> Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe
(Tonec Inc.) [File not signed] C:\Program Files (x86)\Internet Download Manager\IDMan.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2849872 2019-07-04] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [644552 2019-07-04] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-2770923-3023555174-645854538-1018\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [23153344 2019-07-11] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-2770923-3023555174-645854538-1018\...\Run: [IDMan] => C:\Program Files (x86)\Internet Download Manager\IDMan.exe [4059192 2019-07-01] (Tonec Inc.) [File not signed]
HKU\S-1-5-21-2770923-3023555174-645854538-1018\...\Run: [GUDelayStartup] => C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe [44024 2019-07-22] (Glarysoft LTD -> Glarysoft Ltd)
HKU\S-1-5-21-2770923-3023555174-645854538-1018\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [46993264 2019-06-27] (Google LLC -> )
HKU\S-1-5-21-2770923-3023555174-645854538-1018\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-2770923-3023555174-645854538-1018\...\Run: [RoboForm] => C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [145704 2019-07-20] (Siber Systems -> Siber Systems)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\75.0.3770.142\Installer\chrmstp.exe [2019-07-17] (Google LLC -> Google LLC)
Lsa: [Authentication Packages] msv1_0 SshdPinAuthLsa
BootExecute: autocheck autochk *
GroupPolicy: Restriction ? <==== ATTENTION
GroupPolicy\User: Restriction ? <==== ATTENTION
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {1ED1CFE5-D68A-48DA-8EDF-D83CFFE6F40C} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-07-09] (Adobe Inc. -> Adobe)
Task: {1FBB9A03-BA90-4E57-93FD-7FCDC704E95A} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2208400 2019-07-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {29D3A89B-DDD4-4856-81AA-8349B69DE63E} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_223_Plugin.exe [1457208 2019-07-09] (Adobe Inc. -> Adobe)
Task: {3C0E3F06-043D-47F3-A089-292B3F5D5200} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\sdxhelper.exe [152112 2019-07-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {49792426-8538-4B17-800E-51A095C772D0} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26804232 2019-06-26] (Microsoft Corporation -> Microsoft Corporation)
Task: {4E1A06C0-D7BC-492A-8871-AC72A6318730} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [897008 2019-06-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {5B450B9E-4AFB-4452-BFF5-BFEB76EAA437} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1130480 2019-06-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {668D5BC0-724E-4337-A649-9A420B2C4E4F} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [782136 2019-03-06] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {68DF9CD5-19AC-4679-BE60-344703486872} - System32\Tasks\ATK Package A22126881260 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [122008 2015-09-22] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
Task: {6B865E86-6A9E-498B-AA4B-A53BC0E49C2B} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [6441536 2019-06-27] (Microsoft Corporation -> Microsoft Corporation)
Task: {6E026B5B-4E25-4F48-9EEA-253ECF755A86} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [897008 2019-06-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {7D416418-9675-47EC-BAE8-191E5D344AD4} - System32\Tasks\{63AEF27F-76E9-84FB-B121-0F9436CDC12D}\fakako => C:\PROGRA~2\COMMON~1\BALANO~1\fakako.exe
Task: {8967FD5D-6D42-41D7-9305-60654860BDDB} - System32\Tasks\GU5SkipUAC => C:\Program Files (x86)\Glary Utilities 5\Integrator.exe [915952 2019-07-22] (Glarysoft LTD -> Glarysoft Ltd)
Task: {89DAD24B-5FA0-448C-A087-AF59F11C9163} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_223_pepper.exe [1453112 2019-07-09] (Adobe Inc. -> Adobe)
Task: {8BADC8E0-B8D4-4176-B1C9-70B83EF5F510} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1130480 2019-06-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {93EB7BD4-1BBC-438B-9FD4-CECA98B4C6E2} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26804232 2019-06-26] (Microsoft Corporation -> Microsoft Corporation)
Task: {9874AAA7-D79C-4860-9D27-FAC963BF0D14} - System32\Tasks\Open URL by RoboForm => C:\WINDOWS\system32\rundll32.exe url.dll,FileProtocolHandler "hxxps://www.roboform.com/test-pass.html?aaa=KICMOLNMPMMMNMNLNMJLCNJLMLLMJLCNMMMLHMKMCNMMHMMMMLCNJLOLGMLLJMGMKLMLOLOMGMKLJNJICMHMCNJMCNPMFMOMOMCNNMMMGMCNOMHMMMJMNMFMPMCNPMCNOMHMMMJMNMCNNMJNPICMPMFMEKMICNJJCKFMMMOMNMNMJNHICMEKMICNJJCKJNBJCMPKKJLJNIAJOLDJKJFJOJBJLJNIAJJNKJC (the data entry has 68 more characters).
Task: {9919FB62-0277-4035-B210-4637DF6CCCB1} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2770923-3023555174-645854538-1009Core => C:\Users\PedroAlejandro\AppData\Local\Google\Update\GoogleUpdate.exe
Task: {9AD9B47C-F7F3-495D-A241-8156D327AF4C} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1130480 2019-06-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {9F1CBA14-0409-4E48-8E4C-EDAB4385EA30} - System32\Tasks\narebol\{12674053-6F96-F22F-9C74-0B9990296B42} => C:\Users\PEDROA~1\AppData\Local\126740~1\narebol.exe <==== ATTENTION
Task: {AF3C8FA3-B35E-42A3-AE77-FF3F0027973E} - System32\Tasks\RtHDVBg_ListenToDevice => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1506176 2019-03-15] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {BC72BE1C-F75A-4915-A74C-EFCC483D735B} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-07-11] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {BD59CED7-F887-42F2-8E74-39104ED439BE} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1506176 2019-03-15] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {C1C3BF09-EED2-434C-9713-23AB71B746A1} - System32\Tasks\ATK Package 36D18D69AFC3 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [122008 2015-09-22] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
Task: {C8459C5E-1628-4360-A70F-6B286405DBFC} - System32\Tasks\MEGA\MEGAsync Update Task S-1-5-21-2770923-3023555174-645854538-1009 => C:\Users\PedroAlejandro\AppData\Local\MEGAsync\MEGAupdater.exe
Task: {C930B9F1-983F-479B-BEAD-A7DB65D857CF} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1906.3-0\MpCmdRun.exe [470176 2019-07-08] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {CC53A333-E068-4DEC-82F0-1B77B9B250A2} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2208400 2019-07-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {D04B2275-36DA-4C0A-8A47-99EB2BF4F5A8} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
Task: {D29A8243-948C-4005-8168-40A37610867F} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\sdxhelper.exe [152112 2019-07-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {D4AFFD7A-06E9-4849-A140-7C2E522071C0} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [648504 2019-06-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D50E65A4-A1B1-49A6-ABD3-0A44ABC50BDC} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1906.3-0\MpCmdRun.exe [470176 2019-07-08] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {D910FCF8-9FFD-4D7A-B09D-5CB1695F1545} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2770923-3023555174-645854538-1009UA => C:\Users\PedroAlejandro\AppData\Local\Google\Update\GoogleUpdate.exe
Task: {D97565D4-098A-4D13-8B10-664199DFA3D8} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3788144 2019-06-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {DFBDED1A-4946-411B-AB2B-811E00229DA1} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [6441536 2019-06-27] (Microsoft Corporation -> Microsoft Corporation)
Task: {E50CB5C7-10A8-48CA-B165-947EFA5F0DDB} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-10-06] (Google Inc -> Google Inc.)
Task: {E647F963-FE10-4BE8-995F-7389966F8AE7} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [16835256 2019-07-11] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {EB1DD668-C750-4847-A28D-D6C3720387B1} - System32\Tasks\Run RoboForm TaskBar Icon => C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [145704 2019-07-20] (Siber Systems -> Siber Systems)
Task: {EF1FD073-47CE-4448-9640-1A97B366E097} - System32\Tasks\AdobeGCInvoker-1.0-MicrosoftAccount-pedroalejandronica@outlook.com => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2849872 2019-07-04] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {F1D674A0-70FD-4E1C-A432-F5C2CCBCFF37} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1906.3-0\MpCmdRun.exe [470176 2019-07-08] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {F296457C-5098-47A7-863C-C358C265E781} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-10-06] (Google Inc -> Google Inc.)
Task: {F3BFF274-9180-4D71-9A38-E1E9DA2BF5C1} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1906.3-0\MpCmdRun.exe [470176 2019-07-08] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {F4236EC8-8876-46CB-ADAE-A1868F01A446} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1130480 2019-06-18] (NVIDIA Corporation -> NVIDIA Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{5d80e18d-c33d-44b8-bb05-dfcb18db78f6}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{dc0ba726-1dba-49e1-af01-8ffb162a6345}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{df130e52-1d07-41b5-875a-be53d3a8770d}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{df130e52-1d07-41b5-875a-be53d3a8770d}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{e54f940b-6996-41de-8502-1b1b5321c91f}: [DhcpNameServer] 192.168.42.129
Internet Explorer:
==================
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://es.search.yahoo.com/yhs/web?hspart=shnl&hsimp=yhs-001&type=c11090332773472957f86f666d7¶m1=IE¶m2=1¶m3=campaignID%3D483%26UserID%3D1923471995¶m4=XPbueSzfBeG6K2MlxBpfELmmgzh8mOsLvk1mNxKnkuDmY5TaGYz/cBpL7OrVcsdhhtKKHDmClfn/Q+KngKSbl0tIuXh83+jXb8fb73wv0nAzjTOLfpp4OTPVEcXhyUYq80F3ys5apKXe9nudGbDur4zgrXZq68VnfTtTJ3EObA6cfZvDTmddpVx3jSdyDRORJyQ7Ep8WQzGNANplZPL7mZnPXDuCLzFuId1xoBUDwiWIxGOJ48zCKFLi8xl6YdKPcs+utlvxGCqBsLX+G2z7/OlcxPJFzLIwJsNYg7/43/0CupC7d2NNTG4wnNjpMGOnxH0rrgBWPVgCLScazbmPhmS+X5SaAK8rCURwZgyEDekPcpoqkjXKn/PfBcxn4Ol5Gv3NAAzWoMHSrAcUmf9x1yS5K9H+bUIyFcAU74UttKhYAaYG0VzV48nzqfVDe+V2Nz3OuoJdqPh3EAR0D8FTQ1IeKpvPXQ9K9s1shIc/qyJcLwaFqHnTk4FGxbfwD6XxC0C8C5csEUo6NVEauVVBQvsWIMoIEdpc2x2TsHn9ab5+8t2BZCgWumfr8W/viQ6eBxhc9Zqxhzpp+28DEN5iIjbS1n2SkvmQRWzcCibWdW4+H/JHOaZnauXUX3bt9/9vJs7EYc8rIj1GmhPhVFuBa8WhZbpEkQKnIyQJ7+jfboOclm3d1t6NT8QJD5v5I72aQgQwl1AyQ8Oq8BCSphMdE6rY0OyzV8ZfsXqjbJv++vI=
SearchScopes: HKLM -> DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
SearchScopes: HKLM-x32 -> DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
SearchScopes: HKU\S-1-5-21-2770923-3023555174-645854538-1018 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2770923-3023555174-645854538-1018 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll [2019-05-08] (Tonec Inc. -> Internet Download Manager, Tonec Inc.)
BHO: No Name -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> No File
BHO: NitroPDF.IE.Sharepoint -> {3BFAE61D-4A6D-4467-9E5E-FE5293D10F9F} -> C:\Program Files\Nitro\Pro\12\npnitroie.dll [2018-09-04] (Nitro Software, Inc. -> Nitro Software, Inc.)
BHO: RoboForm Toolbar Helper -> {724d43a9-0d85-11d4-9908-00400523e39a} -> C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll [2019-07-20] (Siber Systems -> Siber Systems Inc.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2018-10-06] (Google Inc -> Google Inc.)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\Office16\GROOVEEX.DLL [2019-06-26] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll [2019-05-08] (Tonec Inc. -> Internet Download Manager, Tonec Inc.)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2019-06-27] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: NitroPDF.IE.Sharepoint -> {3BFAE61D-4A6D-4467-9E5E-FE5293D10F9F} -> C:\Program Files (x86)\Nitro\Pro\12\npnitroie.dll [2018-09-04] (Nitro Software, Inc. -> Nitro Software, Inc.)
BHO-x32: RoboForm Toolbar Helper -> {724d43a9-0d85-11d4-9908-00400523e39a} -> C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll [2019-07-20] (Siber Systems -> Siber Systems Inc.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_221\bin\ssv.dll [2019-07-20] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2018-10-06] (Google Inc -> Google Inc.)
BHO-x32: No Name -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> No File
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_221\bin\jp2ssv.dll [2019-07-20] (Oracle America, Inc. -> Oracle Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2018-10-06] (Google Inc -> Google Inc.)
Toolbar: HKLM - &RoboForm Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll [2019-07-20] (Siber Systems -> Siber Systems Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2018-10-06] (Google Inc -> Google Inc.)
Toolbar: HKLM-x32 - &RoboForm Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll [2019-07-20] (Siber Systems -> Siber Systems Inc.)
Toolbar: HKU\S-1-5-21-2770923-3023555174-645854538-1018 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2018-10-06] (Google Inc -> Google Inc.)
Toolbar: HKU\S-1-5-21-2770923-3023555174-645854538-1018 -> &RoboForm Toolbar - {724D43A0-0D85-11D4-9908-00400523E39A} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll [2019-07-20] (Siber Systems -> Siber Systems Inc.)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-07-10] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-07-10] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-07-10] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-07-10] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-07-10] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-07-10] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-07-10] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-07-10] (Microsoft Corporation -> Microsoft Corporation)
Edge:
======
Edge Extension: (Office Online) -> 2016_MicrosoftOfficeOnline_8wekyb3d8bbwe => C:\Program Files\WindowsApps\Microsoft.OfficeOnline_1.5.8.0_neutral__8wekyb3d8bbwe [2019-06-28]
Edge Extension: (uBlock Origin) -> EdgeExtension_37833NikRollsuBlockOrigin_f8jsg5mm64m62 => C:\Program Files\WindowsApps\37833NikRolls.uBlockOrigin_1.15.24.0_neutral__f8jsg5mm64m62 [2019-03-27]
Edge Extension: (RoboForm) -> EdgeExtension_SiberSystemsIncRoboFormEdge_7kk3kr9e0p1np => C:\Program Files\WindowsApps\SiberSystemsInc.RoboFormEdge_8.5.7.0_x86__7kk3kr9e0p1np [2019-06-28]
Edge Extension: (IDM Integration Module) -> EdgeExtension_TonecIncIDMIntegrationModule_e7b5mm5d3r6v2 => C:\Program Files\WindowsApps\TonecInc.IDMIntegrationModule_6.30.6.0_neutral__e7b5mm5d3r6v2 [2019-06-28]
Edge Extension: (Traductor para Microsoft Edge) -> MicrosoftTranslate_MicrosoftTranslatorforMicrosoftEdge_8wekyb3d8bbwe => C:\Program Files\WindowsApps\Microsoft.TranslatorforMicrosoftEdge_0.91.51.0_neutral__8wekyb3d8bbwe [2019-03-27]
FireFox:
========
FF DefaultProfile: mxta605x.default
FF ProfilePath: C:\Users\PedroAlejandro\AppData\Roaming\Mozilla\Firefox\Profiles\mxta605x.default [2019-07-19]
FF Homepage: Mozilla\Firefox\Profiles\mxta605x.default -> hxxps://es.search.yahoo.com/yhs/web?hspart=shnl&hsimp=yhs-001&type=c11090332773472957f86f666d7¶m1=Firefox¶m2=1¶m3=campaignID%3D483%26UserID%3D1923471995¶m4=XPbueSzfBeG6K2MlxBpfEBg5afwJRzalH8Aq7yC7BPqR0Eb6lCb+hpT+78qd2IoZ/m25U22CWO1SA0NK08UJWmPsji+whP1wqFVij8OElvYPgUskw8YW6tXz1IvczKmsEeq7M9XXs8+x+NuUhffXEG7iRmIxaU0+Fr20A9XQj/FxHdV6VzrNO4kkv2pks+YZLHN3il0DV0QuyEsK9WnP4uN+JxB9p2gXYhx+ugls2U7lpQ8DyMOvmtAtlkUtdvnUGAPdL5/XoFzLyEdn/OeTveKRYRwKjinQ/Fl8KBYQRd5jHIoX5el2dAqXN3KOZkEKYK0MBXJB0savlYHYaOJx5qxyU3SxZ8+e5sjhWYBXaETm6WTCAbtVQ1mbnyi9LhOpUDBscZFFl5ei520rwf6hiqw8Zi9XrpS/PtoA7AawmVJB5SrjteFRtS5VshxAxEcsoxxF0+e1uZIBy4Xz1vMbbIBQfe92e784Jjh3WP4kkEvuwSR8sa52+8+nZFOHJyy95DH2NEUMt+UOqULUW71GQzeie5xmrmSgRzgug5DkrtiXy/uNkEODjfch5K1exsCHfhGYTwffQmEORzqS5aP9teixxnUGTLctNV1jGa3IdenzUYzmuIkPL/AnKoydNGhNghGeTY9/mt7k/3U/zfFSEvYiInTK9eduDHNhxsuGUkbgi4ya8v5f0qZ0YoCpDuUJjrc4Iuo7ZyUkD2nsj9mz0PL5nGeYuAyZh8CmsU4H8uI=
FF SearchPlugin: C:\Users\PedroAlejandro\AppData\Roaming\Mozilla\Firefox\Profiles\mxta605x.default\searchplugins\loselete.xml [2019-07-19]
FF ProfilePath: C:\Users\PedroAlejandro\AppData\Roaming\Mozilla\Firefox\Profiles\866dgbbj.default-release [2019-07-23]
FF Homepage: Mozilla\Firefox\Profiles\866dgbbj.default-release -> hxxps://www.vivanicaragua.com.ni/
FF Extension: (Facebook Container) - C:\Users\PedroAlejandro\AppData\Roaming\Mozilla\Firefox\Profiles\866dgbbj.default-release\Extensions\@contain-facebook.xpi [2019-07-16]
FF Extension: (Country Flag +) - C:\Users\PedroAlejandro\AppData\Roaming\Mozilla\Firefox\Profiles\866dgbbj.default-release\Extensions\[email protected] [2019-06-28]
FF Extension: (Emoji Cheatsheet for GitHub, Basecamp etc.) - C:\Users\PedroAlejandro\AppData\Roaming\Mozilla\Firefox\Profiles\866dgbbj.default-release\Extensions\[email protected] [2019-06-28]
FF Extension: (DuckDuckGo Privacy Essentials) - C:\Users\PedroAlejandro\AppData\Roaming\Mozilla\Firefox\Profiles\866dgbbj.default-release\Extensions\[email protected] [2019-07-04]
FF Extension: (RoboForm Password Manager) - C:\Users\PedroAlejandro\AppData\Roaming\Mozilla\Firefox\Profiles\866dgbbj.default-release\Extensions\[email protected] [2019-07-18]
FF Extension: (Google Translator for Firefox) - C:\Users\PedroAlejandro\AppData\Roaming\Mozilla\Firefox\Profiles\866dgbbj.default-release\Extensions\[email protected] [2019-06-28]
FF Extension: (uBlock Origin) - C:\Users\PedroAlejandro\AppData\Roaming\Mozilla\Firefox\Profiles\866dgbbj.default-release\Extensions\[email protected] [2019-07-09]
FF HKU\S-1-5-21-2770923-3023555174-645854538-1018\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Internet Download Manager\idmmzcc3.xpi
FF Extension: (IDM Integration Module) - C:\Program Files (x86)\Internet Download Manager\idmmzcc3.xpi [2019-05-10] [UpdateUrl:hxxps://data.internetdownloadmanager.com/idmmzcc3/update.json]
FF HKU\S-1-5-21-2770923-3023555174-645854538-1018\...\SeaMonkey\Extensions: [[email protected]] - C:\Users\PedroAlejandro\AppData\Roaming\IDM\idmmzcc5
FF Extension: (IDM CC) - C:\Users\PedroAlejandro\AppData\Roaming\IDM\idmmzcc5 [2019-07-10] [Legacy] [not signed]
FF HKU\S-1-5-21-2770923-3023555174-645854538-1018\...\SeaMonkey\Extensions: [[email protected]] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi
FF Extension: (IDM integration) - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi [2017-12-20] [Legacy]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_223.dll [2019-07-09] (Adobe Inc. -> )
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2019-06-27] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2019-07-05] (Adobe Inc. -> Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_223.dll [2019-07-09] (Adobe Inc. -> )
FF Plugin-x32: @java.com/DTPlugin,version=11.221.2 -> C:\Program Files (x86)\Java\jre1.8.0_221\bin\dtplugin\npDeployJava1.dll [2019-07-20] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.221.2 -> C:\Program Files (x86)\Java\jre1.8.0_221\bin\plugin2\npjp2.dll [2019-07-20] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2019-06-27] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro\Pro\12\npnitromozilla.dll [2018-09-04] (Nitro Software, Inc. -> Nitro Software, Inc.)
FF Plugin-x32: @siber.com/RoboForm -> C:\Program Files (x86)\Siber Systems\AI RoboForm\chrome\plugin\np-rf-plugin.dll [No File]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2019-07-05] (Adobe Inc. -> Adobe Systems)
Chrome:
=======
CHR HomePage: Default -> hxxps://www.facebook.com/
CHR StartupUrls: Default -> "hxxps://www.facebook.com/"
CHR DefaultSearchURL: Default -> hxxp://selected-search.com/search?q={searchTerms}&
CHR DefaultSearchKeyword: Default -> ss
CHR Profile: C:\Users\PedroAlejandro\AppData\Local\Google\Chrome\User Data\Default [2019-07-23]
CHR Extension: (Traductor de Google) - C:\Users\PedroAlejandro\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2019-06-28]
CHR Extension: (Google Drive) - C:\Users\PedroAlejandro\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-06-28]
CHR Extension: (YouTube) - C:\Users\PedroAlejandro\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-06-28]
CHR Extension: (uBlock Origin) - C:\Users\PedroAlejandro\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2019-06-28]
CHR Extension: (Escritorio Remoto de Chrome) - C:\Users\PedroAlejandro\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2019-07-17]
CHR Extension: (IP Whois & Flags Chrome & Websites Rating) - C:\Users\PedroAlejandro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kmdfbacgombndnllogoijhnggalgmkon [2019-06-28]
CHR Extension: (Office Online) - C:\Users\PedroAlejandro\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndjpnladcallmjemlbaebfadecfhkepb [2019-07-04]
CHR Extension: (IDM Integration Module) - C:\Users\PedroAlejandro\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2019-06-28]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\PedroAlejandro\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-06-28]
CHR Extension: (Gmail) - C:\Users\PedroAlejandro\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-06-28]
CHR Extension: (Chrome Media Router) - C:\Users\PedroAlejandro\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-06-28]
CHR Extension: (RoboForm Password Manager) - C:\Users\PedroAlejandro\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnlccmojcmeohlpggmfnbbiapkmbliob [2019-07-10]
CHR Profile: C:\Users\PedroAlejandro\AppData\Local\Google\Chrome\User Data\System Profile [2019-07-23]
CHR HKLM\...\Chrome\Extension: [egenicdiafgbhogabodhpfcbcgnpocip] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2019-07-01]
CHR HKLM\...\Chrome\Extension: [pnlccmojcmeohlpggmfnbbiapkmbliob] - C:\Program Files (x86)\Siber Systems\AI RoboForm\Chrome\rf-chrome.crx [2019-06-26]
CHR HKU\S-1-5-21-2770923-3023555174-645854538-1018\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [egenicdiafgbhogabodhpfcbcgnpocip] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-2770923-3023555174-645854538-1018\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [egenicdiafgbhogabodhpfcbcgnpocip] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [pnlccmojcmeohlpggmfnbbiapkmbliob] - C:\Program Files (x86)\Siber Systems\AI RoboForm\Chrome\rf-chrome.crx [2019-06-26]
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [816184 2019-07-05] (Adobe Inc. -> Adobe Inc.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3117648 2019-07-04] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2888272 2019-07-04] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 Backupper Service; C:\Program Files (x86)\AOMEI Backupper\ABService.exe [466800 2019-05-09] (CHENGDU AOMEI Tech Co., Ltd. -> AOMEI Tech Co., Ltd.)
R2 chromoting; C:\Program Files (x86)\Google\Chrome Remote Desktop\76.0.3809.21\remoting_host.exe [73200 2019-06-11] (Google LLC -> Google Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11413600 2019-06-26] (Microsoft Corporation -> Microsoft Corporation)
R2 CmService; C:\WINDOWS\System32\CmService.dll [815632 2019-06-29] (Microsoft Windows -> Microsoft Corporation)
R2 EaseUS Agent; C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe [40016 2018-12-17] (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd)
R2 EBC Client; C:\Program Files (x86)\EaseUS\Todo Backup\CMC\bin\EBCClient.exe [93264 2018-12-17] (CHENGDU YIWO Tech Development Co., Ltd. -> )
R2 esifsvc; C:\WINDOWS\System32\Intel\DPTF\esif_uf.exe [1892512 2019-01-08] (Intel Corporation -> Intel Corporation)
S3 gcs; C:\WINDOWS\system32\vmcomputeagent.exe [1381176 2019-06-28] (Microsoft Windows -> Microsoft Corporation)
R3 hns; C:\WINDOWS\System32\HostNetSvc.dll [3380224 2019-06-28] (Microsoft Windows -> Microsoft Corporation)
R2 ICEsoundService; C:\WINDOWS\system32\ICEsoundService64.exe [915232 2019-03-15] (ICEpower a/s -> ICEpower A/S)
R2 nlsX86cc; C:\WINDOWS\SysWOW64\NLSSRV32.EXE [70752 2018-09-04] (Nitro Software, Inc. -> Nalpeiron Ltd.)
R3 nvagent; C:\WINDOWS\System32\NvAgent.dll [41992 2019-06-28] (Microsoft Windows -> Microsoft Corporation)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [782136 2019-03-06] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [782136 2019-03-06] (NVIDIA Corporation -> NVIDIA Corporation)
S3 PAExec; C:\WINDOWS\PAExec.exe [189112 2019-07-10] (Power Admin LLC -> Power Admin LLC)
R2 RtkBtManServ; C:\WINDOWS\RtkBtManServ.exe [324168 2018-10-30] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5773384 2019-07-09] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 sshd; C:\WINDOWS\System32\OpenSSH\sshd.exe [974848 2019-06-29] (Microsoft Windows -> )
S3 SshdBroker; C:\WINDOWS\System32\SshdBroker.dll [290816 2019-06-29] (Microsoft Windows -> Microsoft Corporation)
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [752224 2017-01-16] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.)
R3 vmcompute; C:\WINDOWS\system32\vmcompute.exe [3488568 2019-07-09] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1906.3-0\NisSrv.exe [2455544 2019-07-08] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1906.3-0\MsMpEng.exe [110104 2019-07-08] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvTelemetry\plugins" -r
===================== Drivers (Whitelisted) ======================(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R0 ambakdrv; C:\WINDOWS\System32\ambakdrv.sys [51120 2016-12-21] (CHENGDU AOMEI Tech Co., Ltd. -> )
R2 ammntdrv; C:\WINDOWS\system32\ammntdrv.sys [171952 2016-12-21] (CHENGDU AOMEI Tech Co., Ltd. -> )
S3 ampa; C:\WINDOWS\system32\ampa.sys [38320 2017-02-28] (CHENGDU AOMEI Tech Co., Ltd. -> )
R2 amwrtdrv; C:\WINDOWS\system32\amwrtdrv.sys [38320 2017-09-01] (CHENGDU AOMEI Tech Co., Ltd. -> )
R3 AsusTP; C:\WINDOWS\System32\drivers\AsusTP.sys [124928 2017-03-09] (ASUSTeK Computer Inc. -> ASUS Corporation)
R1 ATKWMIACPIIO; C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [20096 2015-05-08] (Microsoft Windows Hardware Compatibility Publisher -> ASUSTek Computer Inc.)
S3 bsitf; C:\WINDOWS\system32\DRIVERS\bsitf.sys [37208 2018-10-19] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
R3 dptf_acpi; C:\WINDOWS\System32\drivers\dptf_acpi.sys [78832 2019-01-08] (Intel Corporation -> Intel Corporation)
R3 dptf_cpu; C:\WINDOWS\System32\drivers\dptf_cpu.sys [75248 2019-01-08] (Intel Corporation -> Intel Corporation)
R3 esif_lf; C:\WINDOWS\System32\drivers\esif_lf.sys [403440 2019-01-08] (Intel Corporation -> Intel Corporation)
S3 ETDSMBus; C:\WINDOWS\System32\drivers\ETDSMBus.sys [32344 2016-08-29] (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronic Corp.)
R0 EUBAKUP; C:\WINDOWS\System32\drivers\eubakup.sys [73448 2018-10-08] (Microsoft Windows Hardware Compatibility Publisher -> CHENGDU YIWO Tech Development Co., Ltd)
R0 EUBKMON; C:\WINDOWS\System32\drivers\EUBKMON.sys [53504 2018-10-08] (Microsoft Windows Hardware Compatibility Publisher -> )
R1 EUDSKACS; C:\WINDOWS\system32\drivers\eudskacs.sys [22784 2018-10-08] (Microsoft Windows Hardware Compatibility Publisher -> CHENGDU YIWO Tech Development Co., Ltd)
R1 EUFDDISK; C:\WINDOWS\system32\drivers\EuFdDisk.sys [341760 2018-10-08] (Microsoft Windows Hardware Compatibility Publisher -> CHENGDU YIWO Tech Development Co., Ltd)
S0 FlashBoot; C:\WINDOWS\System32\drivers\FlashBoot.sys [17616 2019-01-14] (Challenger Backup Solutions, LLC -> Challenger Backup Solutions, LLC)
S1 GUBootStartup; C:\WINDOWS\System32\drivers\GUBootStartup.sys [28936 2018-10-09] (Glarysoft LTD -> Glarysoft Ltd)
R3 HIDSwitch; C:\WINDOWS\System32\drivers\AsRadioControl.sys [34184 2018-05-02] (ASUSTeK Computer Inc. -> ASUS)
R3 hvsocketcontrol; C:\WINDOWS\system32\drivers\hvsocketcontrol.sys [36368 2019-06-28] (Microsoft Windows -> Microsoft Corporation)
R0 iaStorAC; C:\WINDOWS\System32\drivers\iaStorAC.sys [1033288 2019-07-02] (Intel(R) Rapid Storage Technology -> Intel Corporation)
S3 l2bridge; C:\WINDOWS\System32\drivers\l2bridge.sys [58384 2019-06-28] (Microsoft Windows -> Microsoft Corporation)
R3 MEIx64; C:\WINDOWS\System32\DriverStore\FileRepository\heci.inf_amd64_85021432489d6a1c\x64\TeeDriverW8x64.sys [266128 2019-05-21] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvami.inf_amd64_1ca8cf09fd6670ec\nvlddmkm.sys [21854352 2019-07-04] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30336 2019-06-13] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [69840 2019-07-10] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [75600 2019-04-17] (NVIDIA Corporation -> NVIDIA Corporation)
S3 ptun0901; C:\WINDOWS\System32\drivers\ptun0901.sys [27136 2014-08-08] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [1154336 2019-07-10] (Realtek Semiconductor Corp. -> Realtek )
R3 RtkA2dp; C:\WINDOWS\System32\drivers\RtkA2dp.sys [222760 2016-09-20] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corporation)
R3 RtkAvrcp; C:\WINDOWS\System32\drivers\RtkAvrcp.sys [78616 2016-09-20] (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation)
R3 RtkAvrcpCtrlr; C:\WINDOWS\System32\drivers\RtkAvrcpCtrlr.sys [78720 2018-12-09] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corporation)
R3 RtkBtFilter; C:\WINDOWS\System32\drivers\RtkBtfilter.sys [758352 2018-10-30] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corporation)
R3 RtkHandsfree; C:\WINDOWS\System32\drivers\RtkHandsfree.sys [38112 2018-12-09] (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation)
R3 RTSPER; C:\WINDOWS\System32\drivers\RtsPer.sys [994088 2019-07-10] (Realtek Semiconductor Corp. -> Realsil Semiconductor Corporation)
R3 RTWlanE02; C:\WINDOWS\System32\drivers\rtwlane02.sys [9598640 2019-06-09] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corporation )
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [51352 2019-01-20] (Synaptics Incorporated -> Synaptics Incorporated)
S3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [27136 2016-04-21] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
S3 tapwindscribe0901; C:\WINDOWS\System32\drivers\tapwindscribe0901.sys [54896 2018-07-06] (Windscribe Limited -> The OpenVPN Project)
S3 uvhid; C:\WINDOWS\System32\drivers\uvhid.sys [28128 2017-12-13] (Unified Intents AB -> Windows (R) Win 7 DDK provider)
R1 VfpExt; C:\WINDOWS\System32\drivers\vfpext.sys [1409024 2019-06-28] (Microsoft Windows -> Microsoft Corporation)
R0 VMSNPXY; C:\WINDOWS\System32\drivers\VmsProxyHNic.sys [39952 2019-06-28] (Microsoft Windows -> Microsoft Corporation)
R3 VMSNPXYMP; C:\WINDOWS\System32\drivers\VmsProxyHNic.sys [39952 2019-06-28] (Microsoft Windows -> Microsoft Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [47704 2019-07-08] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [367032 2019-07-08] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [54200 2019-07-08] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
NETSVC: nvagent -> C:\Windows\System32\NvAgent.dll (Microsoft Corporation)
NETSVC: hns -> C:\Windows\System32\HostNetSvc.dll (Microsoft Corporation)
==================== One month (created) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-07-23 18:25 - 2019-07-23 18:25 - 000000000 ___HD C:\OneDriveTemp
2019-07-22 11:54 - 2019-07-22 11:54 - 000000000 ____D C:\Users\PedroAlejandro\AppData\Local\OneDrive
2019-07-20 21:36 - 2019-07-20 21:36 - 000098288 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2019-07-20 21:36 - 2019-07-20 21:36 - 000000000 ____D C:\Users\PedroAlejandro\AppData\Roaming\Sun
2019-07-20 21:36 - 2019-07-20 21:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2019-07-20 21:34 - 2019-07-20 21:36 - 000000000 ____D C:\ProgramData\Oracle
2019-07-19 21:49 - 2019-07-23 19:18 - 000000000 ____D C:\FRST
2019-07-19 21:20 - 2019-07-19 21:20 - 000003738 _____ C:\WINDOWS\System32\Tasks\AdobeGCInvoker-1.0-MicrosoftAccount-pedroalejandronica@outlook.com
2019-07-19 21:15 - 2019-07-19 21:15 - 000000000 ____D C:\Users\PedroAlejandro\AppData\Roaming\NVIDIA
2019-07-19 21:13 - 2019-07-19 21:13 - 000001047 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge 2019.lnk
2019-07-19 21:11 - 2019-07-19 21:13 - 000000000 ____D C:\Program Files\Common Files\Adobe
2019-07-19 21:10 - 2019-07-19 22:48 - 000000000 ____D C:\Program Files\Adobe
2019-07-19 21:10 - 2019-07-19 21:10 - 000000000 ___RD C:\Users\PedroAlejandro\Creative Cloud Files
2019-07-19 21:05 - 2019-07-19 21:12 - 000000000 ____D C:\ProgramData\Adobe
2019-07-19 21:02 - 2019-07-19 21:10 - 000000000 ____D C:\Program Files (x86)\Adobe
2019-07-19 21:01 - 2019-07-19 21:29 - 000000000 ____D C:\Users\PedroAlejandro\AppData\Local\Adobe
2019-07-19 14:02 - 2019-07-19 14:02 - 000000085 _____ C:\WINDOWS\wininit.ini
2019-07-19 12:25 - 2019-07-19 12:25 - 000000000 ____D C:\WINDOWS\System32\Tasks\Safer-Networking
2019-07-19 11:18 - 2019-07-22 08:10 - 000000000 ____D C:\Users\PedroAlejandro\AppData\Local\ElevatedDiagnostics
2019-07-19 10:55 - 2019-07-19 10:55 - 000000000 ____D C:\Users\PedroAlejandro\AppData\Local\ESET
2019-07-19 10:03 - 2019-07-19 11:21 - 000000000 ____D C:\Users\PedroAlejandro\AppData\Local\126740536f96f22f9c740b9990296b42
2019-07-19 10:03 - 2019-07-19 10:03 - 000002375 _____ C:\Users\PedroAlejandro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chromium.lnk
2019-07-19 10:03 - 2019-07-19 10:03 - 000000000 ____D C:\WINDOWS\System32\Tasks\narebol
2019-07-19 10:03 - 2019-07-19 10:03 - 000000000 ____D C:\ProgramData\{67815BBD-4FA9-23C5-17F1-0BEDFF19D335}
2019-07-19 09:56 - 2019-07-19 09:56 - 000323681 _____ C:\Users\PedroAlejandro\AppData\Roaming\Nebuhuri
2019-07-18 23:13 - 2019-07-18 23:13 - 000000000 ___HD C:\$Windows.~WS
2019-07-18 22:56 - 2019-07-18 23:35 - 000000000 ____D C:\ESD
2019-07-18 22:54 - 2019-07-18 22:54 - 000000000 ____D C:\$WINDOWS.~BT
2019-07-18 18:55 - 2019-07-19 23:19 - 000000000 ____D C:\Program Files\Mozilla Firefox
2019-07-18 16:41 - 2019-07-21 18:38 - 104595456 _____ C:\WINDOWS\system32\config\SOFTWARE
2019-07-18 09:51 - 2019-07-18 09:51 - 000000000 ____D C:\Users\PedroAlejandro\AppData\Local\PeerDistRepub
2019-07-18 09:50 - 2019-07-18 09:51 - 000000000 ____D C:\AdwCleaner
2019-07-18 09:06 - 2019-07-18 09:09 - 000000000 ____D C:\Users\PedroAlejandro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2019-07-18 08:27 - 2019-07-19 14:36 - 000000000 ____D C:\ProgramData\TEMP
2019-07-17 22:30 - 2019-07-17 22:30 - 000000000 ____D C:\Users\PedroAlejandro\AppData\LocalLow\uTorrent
2019-07-17 15:50 - 2019-07-18 08:39 - 000000000 ____D C:\Users\PedroAlejandro\AppData\Roaming\Google
2019-07-17 14:12 - 2019-07-23 19:01 - 000000000 ____D C:\Users\PedroAlejandro\AppData\LocalLow\Mozilla
2019-07-17 14:08 - 2019-07-17 14:08 - 000000000 ____D C:\ProgramData\IDM
2019-07-17 14:06 - 2019-07-17 14:06 - 000000000 ____D C:\Users\PedroAlejandro\AppData\Local\VirtualStore
2019-07-17 14:06 - 2019-07-17 14:06 - 000000000 ____D C:\Users\PedroAlejandro\ansel
2019-07-17 14:06 - 2019-07-17 14:06 - 000000000 ____D C:\ProgramData\SystemAcCrux
2019-07-14 10:40 - 2019-07-14 10:40 - 000001411 _____ C:\Users\PedroAlejandro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bloquear.lnk
2019-07-14 10:32 - 2019-07-14 11:02 - 000001797 _____ C:\Users\PedroAlejandro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Apagar.lnk
2019-07-13 19:36 - 2019-07-23 15:03 - 000000000 ___RD C:\Users\PedroAlejandro\Google Drive
2019-07-13 19:32 - 2019-07-13 19:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Backup and Sync from Google
2019-07-11 12:41 - 2019-07-11 12:41 - 000003858 _____ C:\WINDOWS\System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-07-11 12:41 - 2019-07-11 12:41 - 000003858 _____ C:\WINDOWS\System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-07-11 12:41 - 2019-07-11 12:41 - 000003858 _____ C:\WINDOWS\System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-07-11 12:41 - 2019-07-11 12:41 - 000003858 _____ C:\WINDOWS\System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-07-11 12:04 - 2019-07-11 12:08 - 000000000 ____D C:\WINDOWS\files
2019-07-10 16:08 - 2019-07-10 16:10 - 009900176 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\SysWOW64\RsCRIcon.dll
2019-07-10 16:02 - 2019-07-10 16:08 - 029700067 _____ C:\WINDOWS\system32\Drivers\RTAIODAT.DAT
2019-07-10 15:58 - 2019-07-10 15:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Easy
2019-07-10 13:54 - 2019-07-04 20:07 - 004340664 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2019-07-10 13:54 - 2019-07-04 17:13 - 001006792 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2019-07-10 13:54 - 2019-07-04 17:13 - 001006792 _____ C:\WINDOWS\system32\vulkan-1.dll
2019-07-10 13:54 - 2019-07-04 17:13 - 000870088 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2019-07-10 13:54 - 2019-07-04 17:13 - 000870088 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2019-07-10 13:54 - 2019-07-04 17:13 - 000552136 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2019-07-10 13:54 - 2019-07-04 17:13 - 000456448 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2019-07-10 13:54 - 2019-07-04 17:13 - 000286408 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2019-07-10 13:54 - 2019-07-04 17:13 - 000286408 _____ C:\WINDOWS\system32\vulkaninfo.exe
2019-07-10 13:54 - 2019-07-04 17:13 - 000260296 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2019-07-10 13:54 - 2019-07-04 17:13 - 000260296 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2019-07-10 13:54 - 2019-07-04 17:12 - 011059128 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2019-07-10 13:54 - 2019-07-04 17:12 - 009492224 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2019-07-10 13:54 - 2019-07-04 17:11 - 020190592 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2019-07-10 13:54 - 2019-07-04 17:11 - 005422464 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2019-07-10 13:54 - 2019-07-04 17:11 - 004759240 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2019-07-10 13:54 - 2019-07-04 17:11 - 002040192 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2019-07-10 13:54 - 2019-07-04 17:11 - 001722056 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6443136.dll
2019-07-10 13:54 - 2019-07-04 17:11 - 001542016 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2019-07-10 13:54 - 2019-07-04 17:11 - 001470904 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2019-07-10 13:54 - 2019-07-04 17:11 - 001467832 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6443136.dll
2019-07-10 13:54 - 2019-07-04 17:11 - 001162168 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2019-07-10 13:54 - 2019-07-04 17:11 - 001134464 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2019-07-10 13:54 - 2019-07-04 17:11 - 000912072 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2019-07-10 13:54 - 2019-07-04 17:11 - 000808832 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2019-07-10 13:54 - 2019-07-04 17:11 - 000675224 _____ C:\WINDOWS\system32\nvofapi64.dll
2019-07-10 13:54 - 2019-07-04 17:11 - 000654720 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2019-07-10 13:54 - 2019-07-04 17:11 - 000631712 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2019-07-10 13:54 - 2019-07-04 17:11 - 000542296 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2019-07-10 13:54 - 2019-07-04 17:11 - 000521872 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2019-07-10 13:54 - 2019-07-04 17:10 - 040412360 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2019-07-10 13:54 - 2019-07-04 17:10 - 035270016 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2019-07-10 13:54 - 2019-07-04 17:10 - 017467592 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2019-07-10 13:49 - 2019-07-19 21:15 - 000000000 ____D C:\Users\PedroAlejandro\AppData\Local\NVIDIA
2019-07-10 13:48 - 2019-07-11 12:41 - 000004106 _____ C:\WINDOWS\System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-07-10 13:48 - 2019-07-10 13:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2019-07-10 13:48 - 2019-07-03 11:10 - 005435376 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2019-07-10 13:48 - 2019-07-03 11:10 - 002637168 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2019-07-10 13:48 - 2019-07-03 11:10 - 001767464 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2019-07-10 13:48 - 2019-07-03 11:10 - 000651248 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2019-07-10 13:48 - 2019-07-03 11:10 - 000450416 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2019-07-10 13:48 - 2019-07-03 11:10 - 000124784 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2019-07-10 13:48 - 2019-07-03 11:10 - 000082984 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2019-07-10 13:48 - 2019-07-03 11:09 - 008628422 _____ C:\WINDOWS\system32\nvcoproc.bin
2019-07-10 13:48 - 2019-06-18 10:59 - 002785776 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2019-07-10 13:48 - 2019-06-18 10:59 - 002164080 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2019-07-10 13:48 - 2019-06-18 10:59 - 001316664 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvRtmpStreamer64.dll
2019-07-10 13:48 - 2019-06-13 05:37 - 000179184 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll
2019-07-10 13:48 - 2019-06-13 05:37 - 000154608 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2019-07-10 13:47 - 2019-07-23 18:26 - 000000000 ____D C:\ProgramData\NVIDIA
2019-07-10 13:47 - 2019-03-06 06:33 - 000001951 _____ C:\WINDOWS\NvContainerRecovery.bat
2019-07-10 13:45 - 2019-07-10 16:00 - 000069840 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
2019-07-10 13:45 - 2019-07-04 20:07 - 005085096 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2019-07-10 13:45 - 2019-07-03 15:56 - 000052446 _____ C:\WINDOWS\system32\nvinfo.pb
2019-07-10 08:56 - 2019-07-19 09:56 - 000000405 _____ C:\Users\PedroAlejandro\AppData\Roaming\WB.CFG
2019-07-09 22:56 - 2019-07-22 22:23 - 000000000 ____D C:\FFOutput
2019-07-09 22:56 - 2019-07-09 22:56 - 000000000 ____D C:\WINDOWS\System32\Tasks\{63AEF27F-76E9-84FB-B121-0F9436CDC12D}
2019-07-09 22:55 - 2019-07-09 22:56 - 000000000 ____D C:\Users\PedroAlejandro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FormatFactory
2019-07-09 21:21 - 2019-07-09 21:21 - 025902080 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-07-09 21:21 - 2019-07-09 21:21 - 025444864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2019-07-09 21:21 - 2019-07-09 21:21 - 022625280 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-07-09 21:21 - 2019-07-09 21:21 - 019849216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2019-07-09 21:21 - 2019-07-09 21:21 - 019811328 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramWorld.dll
2019-07-09 21:21 - 2019-07-09 21:21 - 018017792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-07-09 21:21 - 2019-07-09 21:21 - 009917752 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-07-09 21:21 - 2019-07-09 21:21 - 008011776 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2019-07-09 21:21 - 2019-07-09 21:21 - 007887440 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2019-07-09 21:21 - 2019-07-09 21:21 - 007758336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-07-09 21:21 - 2019-07-09 21:21 - 007636616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-07-09 21:21 - 2019-07-09 21:21 - 007242312 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2019-07-09 21:21 - 2019-07-09 21:21 - 007008768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2019-07-09 21:21 - 2019-07-09 21:21 - 006534712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-07-09 21:21 - 2019-07-09 21:21 - 006068840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2019-07-09 21:21 - 2019-07-09 21:21 - 005919744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-07-09 21:21 - 2019-07-09 21:21 - 005745504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2019-07-09 21:21 - 2019-07-09 21:21 - 004863488 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2019-07-09 21:21 - 2019-07-09 21:21 - 004562920 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2019-07-09 21:21 - 2019-07-09 21:21 - 004129416 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2019-07-09 21:21 - 2019-07-09 21:21 - 004012032 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2019-07-09 21:21 - 2019-07-09 21:21 - 003837440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2019-07-09 21:21 - 2019-07-09 21:21 - 003725312 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2019-07-09 21:21 - 2019-07-09 21:21 - 003698176 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-07-09 21:21 - 2019-07-09 21:21 - 003488568 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmcompute.exe
2019-07-09 21:21 - 2019-07-09 21:21 - 003372952 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2019-07-09 21:21 - 2019-07-09 21:21 - 003084800 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2019-07-09 21:21 - 2019-07-09 21:21 - 002798592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2019-07-09 21:21 - 2019-07-09 21:21 - 002763552 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2019-07-09 21:21 - 2019-07-09 21:21 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2019-07-09 21:21 - 2019-07-09 21:21 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2019-07-09 21:21 - 2019-07-09 21:21 - 002725376 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2019-07-09 21:21 - 2019-07-09 21:21 - 002656768 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2019-07-09 21:21 - 2019-07-09 21:21 - 002587328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2019-07-09 21:21 - 2019-07-09 21:21 - 002576384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2019-07-09 21:21 - 2019-07-09 21:21 - 002449456 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2019-07-09 21:21 - 2019-07-09 21:21 - 002281984 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-07-09 21:21 - 2019-07-09 21:21 - 002117160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2019-07-09 21:21 - 2019-07-09 21:21 - 002081976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2019-07-09 21:21 - 2019-07-09 21:21 - 001954960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2019-07-09 21:21 - 2019-07-09 21:21 - 001945600 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2019-07-09 21:21 - 2019-07-09 21:21 - 001884672 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2019-07-09 21:21 - 2019-07-09 21:21 - 001754232 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-07-09 21:21 - 2019-07-09 21:21 - 001745920 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-07-09 21:21 - 2019-07-09 21:21 - 001717560 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2019-07-09 21:21 - 2019-07-09 21:21 - 001715000 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntVirtualization.dll
2019-07-09 21:21 - 2019-07-09 21:21 - 001697792 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2019-07-09 21:21 - 2019-07-09 21:21 - 001697280 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2019-07-09 21:21 - 2019-07-09 21:21 - 001657856 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2019-07-09 21:21 - 2019-07-09 21:21 - 001647280 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2019-07-09 21:21 - 2019-07-09 21:21 - 001633648 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2019-07-09 21:21 - 2019-07-09 21:21 - 001608192 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2019-07-09 21:21 - 2019-07-09 21:21 - 001539584 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2019-07-09 21:21 - 2019-07-09 21:21 - 001535288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll
2019-07-09 21:21 - 2019-07-09 21:21 - 001509936 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-07-09 21:21 - 2019-07-09 21:21 - 001480704 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpsharercom.dll
2019-07-09 21:21 - 2019-07-09 21:21 - 001458176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2019-07-09 21:21 - 2019-07-09 21:21 - 001413704 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2019-07-09 21:21 - 2019-07-09 21:21 - 001413632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2019-07-09 21:21 - 2019-07-09 21:21 - 001391416 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-07-09 21:21 - 2019-07-09 21:21 - 001366128 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2019-07-09 21:21 - 2019-07-09 21:21 - 001337656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll
2019-07-09 21:21 - 2019-07-09 21:21 - 001321472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2019-07-09 21:21 - 2019-07-09 21:21 - 001319936 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2019-07-09 21:21 - 2019-07-09 21:21 - 001273344 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2019-07-09 21:21 - 2019-07-09 21:21 - 001261568 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2019-07-09 21:21 - 2019-07-09 21:21 - 001260032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpsharercom.dll
2019-07-09 21:21 - 2019-07-09 21:21 - 001182232 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2019-07-09 21:21 - 2019-07-09 21:21 - 001149928 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-07-09 21:21 - 2019-07-09 21:21 - 001146880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2019-07-09 21:21 - 2019-07-09 21:21 - 001080832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2019-07-09 21:21 - 2019-07-09 21:21 - 001071928 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-07-09 21:21 - 2019-07-09 21:21 - 001067008 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2019-07-09 21:21 - 2019-07-09 21:21 - 001062912 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2019-07-09 21:21 - 2019-07-09 21:21 - 001007104 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2019-07-09 21:21 - 2019-07-09 21:21 - 000986112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Spectrum.exe
2019-07-09 21:21 - 2019-07-09 21:21 - 000947200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2019-07-09 21:21 - 2019-07-09 21:21 - 000928776 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2019-07-09 21:21 - 2019-07-09 21:21 - 000923136 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2019-07-09 21:21 - 2019-07-09 21:21 - 000910272 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2019-07-09 21:21 - 2019-07-09 21:21 - 000889656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2019-07-09 21:21 - 2019-07-09 21:21 - 000879792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2019-07-09 21:21 - 2019-07-09 21:21 - 000843776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2019-07-09 21:21 - 2019-07-09 21:21 - 000830976 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2019-07-09 21:21 - 2019-07-09 21:21 - 000829544 _____ (Microsoft Corporation) C:\WINDOWS\system32\BioIso.exe
2019-07-09 21:21 - 2019-07-09 21:21 - 000821696 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2019-07-09 21:21 - 2019-07-09 21:21 - 000818656 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2019-07-09 21:21 - 2019-07-09 21:21 - 000817152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\PEAuth.sys
2019-07-09 21:21 - 2019-07-09 21:21 - 000813568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2019-07-09 21:21 - 2019-07-09 21:21 - 000782120 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2019-07-09 21:21 - 2019-07-09 21:21 - 000774152 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2019-07-09 21:21 - 2019-07-09 21:21 - 000769336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2019-07-09 21:21 - 2019-07-09 21:21 - 000765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2019-07-09 21:21 - 2019-07-09 21:21 - 000751256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2019-07-09 21:21 - 2019-07-09 21:21 - 000735232 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2019-07-09 21:21 - 2019-07-09 21:21 - 000705536 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2019-07-09 21:21 - 2019-07-09 21:21 - 000701952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2019-07-09 21:21 - 2019-07-09 21:21 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2019-07-09 21:21 - 2019-07-09 21:21 - 000689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2019-07-09 21:21 - 2019-07-09 21:21 - 000679368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2019-07-09 21:21 - 2019-07-09 21:21 - 000676664 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmcompute.dll
2019-07-09 21:21 - 2019-07-09 21:21 - 000673152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2019-07-09 21:21 - 2019-07-09 21:21 - 000668160 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2019-07-09 21:21 - 2019-07-09 21:21 - 000667272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2019-07-09 21:21 - 2019-07-09 21:21 - 000667136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2019-07-09 21:21 - 2019-07-09 21:21 - 000595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2019-07-09 21:21 - 2019-07-09 21:21 - 000589592 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2019-07-09 21:21 - 2019-07-09 21:21 - 000588464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2019-07-09 21:21 - 2019-07-09 21:21 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SppExtComObj.Exe
2019-07-09 21:21 - 2019-07-09 21:21 - 000562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2019-07-09 21:21 - 2019-07-09 21:21 - 000550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2019-07-09 21:21 - 2019-07-09 21:21 - 000531968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2019-07-09 21:21 - 2019-07-09 21:21 - 000523912 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2019-07-09 21:21 - 2019-07-09 21:21 - 000481592 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2019-07-09 21:21 - 2019-07-09 21:21 - 000472576 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedRealitySvc.dll
2019-07-09 21:21 - 2019-07-09 21:21 - 000472064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2019-07-09 21:21 - 2019-07-09 21:21 - 000462848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2019-07-09 21:21 - 2019-07-09 21:21 - 000450048 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpclip.exe
2019-07-09 21:21 - 2019-07-09 21:21 - 000427008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2019-07-09 21:21 - 2019-07-09 21:21 - 000425264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2019-07-09 21:21 - 2019-07-09 21:21 - 000415800 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2019-07-09 21:21 - 2019-07-09 21:21 - 000386016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2019-07-09 21:21 - 2019-07-09 21:21 - 000350208 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2019-07-09 21:21 - 2019-07-09 21:21 - 000344064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptprov.dll
2019-07-09 21:21 - 2019-07-09 21:21 - 000339520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2019-07-09 21:21 - 2019-07-09 21:21 - 000337408 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2019-07-09 21:21 - 2019-07-09 21:21 - 000336928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanapi.dll
2019-07-09 21:21 - 2019-07-09 21:21 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2019-07-09 21:21 - 2019-07-09 21:21 - 000316216 _____ (Microsoft Corporation) C:\WINDOWS\system32\computestorage.dll
2019-07-09 21:21 - 2019-07-09 21:21 - 000301568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll
2019-07-09 21:21 - 2019-07-09 21:21 - 000300184 _____ (Microsoft Corporation) C:\WINDOWS\system32\skci.dll
2019-07-09 21:21 - 2019-07-09 21:21 - 000296448 _____ (Microsoft Corporation) C:\WINDOWS\system32\TDLMigration.dll
2019-07-09 21:21 - 2019-07-09 21:21 - 000292056 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationVdev.dll
2019-07-09 21:21 - 2019-07-09 21:21 - 000283152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mssecflt.sys
2019-07-09 21:21 - 2019-07-09 21:21 - 000278528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2019-07-09 21:21 - 2019-07-09 21:21 - 000270336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptprov.dll
2019-07-09 21:21 - 2019-07-09 21:21 - 000268216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2019-07-09 21:21 - 2019-07-09 21:21 - 000250880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winnat.sys
2019-07-09 21:21 - 2019-07-09 21:21 - 000248088 _____ (Microsoft Corporation) C:\WINDOWS\system32\weretw.dll
2019-07-09 21:21 - 2019-07-09 21:21 - 000227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\IndexedDbLegacy.dll
2019-07-09 21:21 - 2019-07-09 21:21 - 000220680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2019-07-09 21:21 - 2019-07-09 21:21 - 000210440 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcbloader.dll
2019-07-09 21:21 - 2019-07-09 21:21 - 000202040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys
2019-07-09 21:21 - 2019-07-09 21:21 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2019-07-09 21:21 - 2019-07-09 21:21 - 000199176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2019-07-09 21:21 - 2019-07-09 21:21 - 000193800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\weretw.dll
2019-07-09 21:21 - 2019-07-09 21:21 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IndexedDbLegacy.dll
2019-07-09 21:21 - 2019-07-09 21:21 - 000169472 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpatialAudioLicenseSrv.exe
2019-07-09 21:21 - 2019-07-09 21:21 - 000166200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vpcivsp.sys
2019-07-09 21:21 - 2019-07-09 21:21 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2019-07-09 21:21 - 2019-07-09 21:21 - 000151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2019-07-09 21:21 - 2019-07-09 21:21 - 000146920 _____ (Microsoft Corporation) C:\WINDOWS\system32\profext.dll
2019-07-09 21:21 - 2019-07-09 21:21 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
2019-07-09 21:21 - 2019-07-09 21:21 - 000132096 _____ (Microsoft Corporation) C:\WINDOWS\splwow64.exe
2019-07-09 21:21 - 2019-07-09 21:21 - 000130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorageUsage.dll
2019-07-09 21:21 - 2019-07-09 21:21 - 000127296 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2019-07-09 21:21 - 2019-07-09 21:21 - 000125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2019-07-09 21:21 - 2019-07-09 21:21 - 000125440 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2019-07-09 21:21 - 2019-07-09 21:21 - 000123912 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdnet.dll
2019-07-09 21:21 - 2019-07-09 21:21 - 000120352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\profext.dll
2019-07-09 21:21 - 2019-07-09 21:21 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2019-07-09 21:21 - 2019-07-09 21:21 - 000107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2019-07-09 21:21 - 2019-07-09 21:21 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll
2019-07-09 21:21 - 2019-07-09 21:21 - 000098816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2019-07-09 21:21 - 2019-07-09 21:21 - 000093312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpfve.sys
2019-07-09 21:21 - 2019-07-09 21:21 - 000090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
2019-07-09 21:21 - 2019-07-09 21:21 - 000090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\srmlib.dll
2019-07-09 21:21 - 2019-07-09 21:21 - 000089544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2019-07-09 21:21 - 2019-07-09 21:21 - 000088560 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll
2019-07-09 21:21 - 2019-07-09 21:21 - 000078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\offreg.dll
2019-07-09 21:21 - 2019-07-09 21:21 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\CustomInstallExec.exe
2019-07-09 21:21 - 2019-07-09 21:21 - 000070144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll
2019-07-09 21:21 - 2019-07-09 21:21 - 000058880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offreg.dll
2019-07-09 21:21 - 2019-07-09 21:21 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\audioresourceregistrar.dll
2019-07-09 21:21 - 2019-07-09 21:21 - 000044544 _____ (Microsoft Corporation) C:\WINDOWS\system32\werdiagcontroller.dll
2019-07-09 21:21 - 2019-07-09 21:21 - 000041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfdprov.dll
2019-07-09 21:21 - 2019-07-09 21:21 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiConfigSP.dll
2019-07-09 21:21 - 2019-07-09 21:21 - 000038912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werdiagcontroller.dll
2019-07-09 21:21 - 2019-07-09 21:21 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvcpal.dll
2019-07-09 21:21 - 2019-07-09 21:21 - 000016896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanhlp.dll
2019-07-09 21:21 - 2019-07-09 21:21 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\dciman32.dll
2019-07-09 21:21 - 2019-07-09 21:21 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dciman32.dll
2019-07-09 21:21 - 2019-07-09 21:21 - 000003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpk.dll
2019-07-09 21:21 - 2019-07-09 21:21 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6r.dll
2019-07-09 21:21 - 2019-07-09 21:21 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3r.dll
2019-07-09 21:21 - 2019-07-09 21:21 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\lpk.dll
2019-07-09 21:21 - 2019-07-09 21:21 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6r.dll
2019-07-09 21:21 - 2019-07-09 21:21 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3r.dll
2019-07-09 17:57 - 2019-07-09 17:57 - 000455168 ___SH C:\EUMONBMP.SYS
2019-07-09 10:56 - 2019-07-09 17:57 - 000004096 ___SH C:\{83E7A70B-93AF-463A-BAE6-8143F681D1E9}.CBM
2019-07-09 10:12 - 2019-07-09 17:57 - 000000000 ____D C:\WINDOWS\system32\config\regsave
2019-07-09 09:02 - 2019-07-09 09:02 - 000000000 ____D C:\ProgramData\EaseUS
2019-07-09 09:01 - 2019-07-18 08:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EaseUS Todo Backup 12.0
2019-07-09 09:01 - 2018-10-08 17:17 - 000341760 _____ (CHENGDU YIWO Tech Development Co., Ltd) C:\WINDOWS\system32\Drivers\EuFdDisk.sys
2019-07-09 09:01 - 2018-10-08 17:17 - 000073448 _____ (CHENGDU YIWO Tech Development Co., Ltd) C:\WINDOWS\system32\Drivers\eubakup.sys
2019-07-09 09:01 - 2018-10-08 17:17 - 000053504 _____ C:\WINDOWS\system32\Drivers\EUBKMON.sys
2019-07-09 09:01 - 2018-10-08 17:17 - 000022784 _____ (CHENGDU YIWO Tech Development Co., Ltd) C:\WINDOWS\system32\Drivers\eudskacs.sys
2019-07-09 08:59 - 2019-07-09 08:59 - 000000000 ____D C:\Program Files (x86)\EaseUS
2019-07-09 08:59 - 2018-12-17 03:14 - 000026192 _____ (CHENGDU YIWO Tech Development Co., Ltd) C:\WINDOWS\system32\fbnative.exe
2019-07-05 23:41 - 2019-07-17 10:35 - 000000000 ____D C:\Users\PedroAlejandro\AppData\Local\NVIDIA Corporation
2019-07-05 23:38 - 2019-06-18 10:56 - 000001951 _____ C:\WINDOWS\NvTelemetryContainerRecovery.bat
2019-07-05 23:35 - 2019-04-17 06:44 - 000075600 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvhci.sys
2019-07-05 23:16 - 2019-07-17 14:06 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2019-07-05 23:16 - 2019-07-12 10:19 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2019-07-05 23:16 - 2019-07-11 12:41 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2019-07-05 23:16 - 2019-07-05 23:16 - 000000000 ____D C:\WINDOWS\system32\Drivers\NVIDIA Corporation
2019-07-02 22:13 - 2019-07-02 22:13 - 000002074 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nitro Pro.lnk
2019-07-02 22:13 - 2019-07-02 22:13 - 000000000 ____D C:\Users\PedroAlejandro\AppData\Local\Downloaded Installations
2019-07-02 22:13 - 2019-07-02 22:13 - 000000000 ____D C:\Program Files (x86)\Nitro
2019-07-02 22:13 - 2018-09-04 02:03 - 000224352 _____ (Nitro Software, Inc.) C:\WINDOWS\system32\NxPrinterMonitor12.dll
2019-07-02 22:13 - 2018-09-04 02:03 - 000131168 _____ (Nitro Software, Inc.) C:\WINDOWS\system32\NxPrinterMonitorUI12.dll
2019-07-02 21:55 - 2019-07-02 21:55 - 000000000 ____D C:\Users\PedroAlejandro\AppData\Roaming\Nitro
2019-07-02 21:54 - 2019-07-02 22:13 - 000000000 ____D C:\Program Files\Nitro
2019-07-02 10:16 - 2019-07-21 18:38 - 000000208 _____ C:\WINDOWS\SysWOW64\AbBakConfig.dat
2019-07-02 10:16 - 2019-07-02 10:16 - 000000000 ____D C:\ProgramData\Aomei
2019-07-02 10:15 - 2019-07-02 10:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AOMEI Backupper
2019-07-02 10:15 - 2017-09-01 18:12 - 000038320 _____ C:\WINDOWS\system32\amwrtdrv.sys
2019-07-02 10:15 - 2016-12-21 22:54 - 000051120 _____ C:\WINDOWS\system32\ambakdrv.sys
2019-07-02 10:15 - 2016-12-21 22:52 - 000171952 _____ C:\WINDOWS\system32\ammntdrv.sys
2019-07-02 10:03 - 2019-07-09 08:51 - 000001024 ____H C:\SYSTAG.BIN
2019-07-01 15:20 - 2018-12-20 09:05 - 000229296 _____ (Tonec Inc.) C:\WINDOWS\system32\Drivers\idmwfp.sys
2019-07-01 12:34 - 2019-07-01 12:34 - 000000000 ____D C:\WINDOWS\system32\%diagtrack_action_output%
2019-07-01 12:33 - 2019-07-22 11:45 - 000000000 ____D C:\Users\PedroAlejandro\AppData\Local\CrashDumps
2019-06-30 22:57 - 2019-07-20 12:15 - 000000000 ____D C:\Users\PedroAlejandro\AppData\Local\RoboForm
2019-06-30 13:38 - 2019-06-30 13:38 - 000000000 ____D C:\Users\PedroAlejandro\AppData\Local\Readon_Technology
2019-06-30 06:32 - 2019-06-30 06:32 - 000000000 ____D C:\Users\defaultuser100000.MY-EQUÍPO\AppData\Local\ConnectedDevicesPlatform
2019-06-30 06:32 - 2019-06-30 06:32 - 000000000 ____D C:\Users\defaultuser100000.MY-EQUÍPO
2019-06-29 22:40 - 2019-07-19 15:28 - 000000000 ____D C:\Users\PedroAlejandro\AppData\Roaming\uTorrent
2019-06-29 22:28 - 2019-06-30 13:55 - 000000000 ____D C:\Users\PedroAlejandro\AppData\Local\BitTorrentHelper
2019-06-29 22:14 - 2019-06-29 22:14 - 000000000 ____D C:\Users\PedroAlejandro\AppData\Local\fontconfig
2019-06-29 19:10 - 2019-06-29 19:10 - 007175168 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2019-06-29 19:10 - 2019-06-29 19:10 - 006218752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2019-06-29 19:10 - 2019-06-29 19:10 - 005500416 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2019-06-29 19:10 - 2019-06-29 19:10 - 004578816 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2019-06-29 19:10 - 2019-06-29 19:10 - 004481536 _____ (Microsoft Corporation) C:\WINDOWS\system32\DHolographicDisplay.dll
2019-06-29 19:10 - 2019-06-29 19:10 - 004348408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.dll
2019-06-29 19:10 - 2019-06-29 19:10 - 004306432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2019-06-29 19:10 - 2019-06-29 19:10 - 003525592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2019-06-29 19:10 - 2019-06-29 19:10 - 003487232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2019-06-29 19:10 - 2019-06-29 19:10 - 003243080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.dll
2019-06-29 19:10 - 2019-06-29 19:10 - 002956984 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2019-06-29 19:10 - 2019-06-29 19:10 - 002494232 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2019-06-29 19:10 - 2019-06-29 19:10 - 002398208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcGenral.dll
2019-06-29 19:10 - 2019-06-29 19:10 - 002235936 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2019-06-29 19:10 - 2019-06-29 19:10 - 002216448 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2019-06-29 19:10 - 2019-06-29 19:10 - 002190648 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystems64.dll
2019-06-29 19:10 - 2019-06-29 19:10 - 002072152 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2019-06-29 19:10 - 2019-06-29 19:10 - 001866064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2019-06-29 19:10 - 2019-06-29 19:10 - 001611576 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVIntegration.dll
2019-06-29 19:10 - 2019-06-29 19:10 - 001555688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2019-06-29 19:10 - 2019-06-29 19:10 - 001501496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppVEntSubsystems32.dll
2019-06-29 19:10 - 2019-06-29 19:10 - 001383736 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystemController.dll
2019-06-29 19:10 - 2019-06-29 19:10 - 001273176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2019-06-29 19:10 - 2019-06-29 19:10 - 001214976 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2019-06-29 19:10 - 2019-06-29 19:10 - 001192096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2019-06-29 19:10 - 2019-06-29 19:10 - 001151816 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2019-06-29 19:10 - 2019-06-29 19:10 - 001124864 _____ (Microsoft Corporation) C:\WINDOWS\system32\CBDHSvc.dll
2019-06-29 19:10 - 2019-06-29 19:10 - 001043768 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPolicy.dll
2019-06-29 19:10 - 2019-06-29 19:10 - 001012792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2019-06-29 19:10 - 2019-06-29 19:10 - 001000960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.Internal.dll
2019-06-29 19:10 - 2019-06-29 19:10 - 000957240 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVManifest.dll
2019-06-29 19:10 - 2019-06-29 19:10 - 000912896 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2019-06-29 19:10 - 2019-06-29 19:10 - 000902456 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsSandbox.exe
2019-06-29 19:10 - 2019-06-29 19:10 - 000833536 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2019-06-29 19:10 - 2019-06-29 19:10 - 000827192 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVOrchestration.dll
2019-06-29 19:10 - 2019-06-29 19:10 - 000816440 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntStreamingManager.dll
2019-06-29 19:10 - 2019-06-29 19:10 - 000815632 _____ (Microsoft Corporation) C:\WINDOWS\system32\CmService.dll
2019-06-29 19:10 - 2019-06-29 19:10 - 000806400 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvewiz.dll
2019-06-29 19:10 - 2019-06-29 19:10 - 000801592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2019-06-29 19:10 - 2019-06-29 19:10 - 000743424 _____ (Microsoft Corporation) C:\WINDOWS\system32\FrameServer.dll
2019-06-29 19:10 - 2019-06-29 19:10 - 000741176 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVReporting.dll
2019-06-29 19:10 - 2019-06-29 19:10 - 000700928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapi.dll
2019-06-29 19:10 - 2019-06-29 19:10 - 000665912 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVCatalog.dll
2019-06-29 19:10 - 2019-06-29 19:10 - 000649016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPublishing.dll
2019-06-29 19:10 - 2019-06-29 19:10 - 000516752 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2019-06-29 19:10 - 2019-06-29 19:10 - 000510768 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2019-06-29 19:10 - 2019-06-29 19:10 - 000500224 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2019-06-29 19:10 - 2019-06-29 19:10 - 000494904 _____ (Microsoft Corporation) C:\WINDOWS\system32\TransportDSA.dll
2019-06-29 19:10 - 2019-06-29 19:10 - 000491520 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2019-06-29 19:10 - 2019-06-29 19:10 - 000460288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcSpecfc.dll
2019-06-29 19:10 - 2019-06-29 19:10 - 000420864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2019-06-29 19:10 - 2019-06-29 19:10 - 000401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2019-06-29 19:10 - 2019-06-29 19:10 - 000400896 _____ (Microsoft Corporation) C:\WINDOWS\system32\DispBroker.Desktop.dll
2019-06-29 19:10 - 2019-06-29 19:10 - 000394040 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVScripting.dll
2019-06-29 19:10 - 2019-06-29 19:10 - 000387584 _____ (Microsoft Corporation) C:\WINDOWS\system32\provplatformdesktop.dll
2019-06-29 19:10 - 2019-06-29 19:10 - 000382976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcLayers.dll
2019-06-29 19:10 - 2019-06-29 19:10 - 000366184 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsensorgroup.dll
2019-06-29 19:10 - 2019-06-29 19:10 - 000363008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2019-06-29 19:10 - 2019-06-29 19:10 - 000357376 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcGenral.dll
2019-06-29 19:10 - 2019-06-29 19:10 - 000333824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapibase.dll
2019-06-29 19:10 - 2019-06-29 19:10 - 000324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\FSClient.dll
2019-06-29 19:10 - 2019-06-29 19:10 - 000307200 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveui.dll
2019-06-29 19:10 - 2019-06-29 19:10 - 000295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscobj.dll
2019-06-29 19:10 - 2019-06-29 19:10 - 000294400 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_AnalogShell.dll
2019-06-29 19:10 - 2019-06-29 19:10 - 000267528 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2019-06-29 19:10 - 2019-06-29 19:10 - 000257848 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVFileSystemMetadata.dll
2019-06-29 19:10 - 2019-06-29 19:10 - 000257536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\provplatformdesktop.dll
2019-06-29 19:10 - 2019-06-29 19:10 - 000231432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVShNotify.exe
2019-06-29 19:10 - 2019-06-29 19:10 - 000228664 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVStreamMap.dll
2019-06-29 19:10 - 2019-06-29 19:10 - 000202752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cscobj.dll
2019-06-29 19:10 - 2019-06-29 19:10 - 000202552 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVStreamingUX.dll
2019-06-29 19:10 - 2019-06-29 19:10 - 000183808 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngOnline.dll
2019-06-29 19:10 - 2019-06-29 19:10 - 000181560 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVDllSurrogate.exe
2019-06-29 19:10 - 2019-06-29 19:10 - 000177664 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetpp.dll
2019-06-29 19:10 - 2019-06-29 19:10 - 000172856 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVNice.exe
2019-06-29 19:10 - 2019-06-29 19:10 - 000133632 _____ (Microsoft Corporation) C:\WINDOWS\system32\appvetwclientres.dll
2019-06-29 19:10 - 2019-06-29 19:10 - 000131072 _____ (Microsoft Corporation) C:\WINDOWS\system32\madrid.dll
2019-06-29 19:10 - 2019-06-29 19:10 - 000129088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2019-06-29 19:10 - 2019-06-29 19:10 - 000099712 _____ (Microsoft Corporation) C:\WINDOWS\system32\FsIso.exe
2019-06-29 19:10 - 2019-06-29 19:10 - 000070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveskybackup.dll
2019-06-29 19:10 - 2019-06-29 19:10 - 000065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2019-06-29 19:10 - 2019-06-29 19:10 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iemigplugin.dll
2019-06-29 19:10 - 2019-06-29 19:10 - 000058825 _____ C:\WINDOWS\system32\srms.dat
2019-06-29 19:10 - 2019-06-29 19:10 - 000053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\BdeUISrv.exe
2019-06-29 19:10 - 2019-06-29 19:10 - 000042296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SysResetErr.exe
2019-06-29 19:10 - 2019-06-29 19:10 - 000037904 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncAppvPublishingServer.exe
2019-06-29 19:10 - 2019-06-29 19:10 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msimsg.dll
2019-06-29 19:10 - 2019-06-29 19:10 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimsg.dll
2019-06-29 19:10 - 2019-06-29 19:10 - 000022024 _____ (Microsoft Corporation) C:\WINDOWS\system32\ScriptRunner.exe
2019-06-29 19:10 - 2019-06-29 19:10 - 000021304 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdhvcom.dll
2019-06-29 19:10 - 2019-06-29 19:10 - 000013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\appvetwstreamingux.dll
2019-06-29 19:10 - 2019-06-29 19:10 - 000011264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.exe
2019-06-29 19:09 - 2019-06-29 19:09 - 017786368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2019-06-29 19:09 - 2019-06-29 19:09 - 014816256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2019-06-29 19:09 - 2019-06-29 19:09 - 006224296 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2019-06-29 19:09 - 2019-06-29 19:09 - 004552336 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2019-06-29 19:09 - 2019-06-29 19:09 - 004470784 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2019-06-29 19:09 - 2019-06-29 19:09 - 004008960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Service.dll
2019-06-29 19:09 - 2019-06-29 19:09 - 003914480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2019-06-29 19:09 - 2019-06-29 19:09 - 003748864 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2019-06-29 19:09 - 2019-06-29 19:09 - 003654656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2019-06-29 19:09 - 2019-06-29 19:09 - 003590968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2019-06-29 19:09 - 2019-06-29 19:09 - 003550720 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2019-06-29 19:09 - 2019-06-29 19:09 - 003327256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbus.sysC:\WINDOWS\system32\Drivers\vmbus.sys
2019-06-29 19:09 - 2019-06-29 19:09 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2019-06-29 19:09 - 2019-06-29 19:09 - 000129848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mup.sys
2019-06-29 19:09 - 2019-06-29 19:09 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssitlb.dll
2019-06-29 19:09 - 2019-06-29 19:09 - 000122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudDomainJoinAUG.dll
2019-06-29 19:09 - 2019-06-29 19:09 - 000117048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bindflt.sys
2019-06-29 19:09 - 2019-06-29 19:09 - 000115200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleprn.dll
2019-06-29 19:09 - 2019-06-29 19:09 - 000115120 _____ (Microsoft Corporation) C:\WINDOWS\system32\phoneactivate.exe
2019-06-29 19:09 - 2019-06-29 19:09 - 000114176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\agilevpn.sys
2019-06-29 19:09 - 2019-06-29 19:09 - 000113152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssitlb.dll
2019-06-29 19:09 - 2019-06-29 19:09 - 000108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanprotdim.dll
2019-06-29 19:09 - 2019-06-29 19:09 - 000103936 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3msm.dll
2019-06-29 19:09 - 2019-06-29 19:09 - 000102216 _____ (Microsoft Corporation) C:\WINDOWS\system32\changepk.exe
2019-06-29 19:09 - 2019-06-29 19:09 - 000093496 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2019-06-29 19:09 - 2019-06-29 19:09 - 000092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3api.dll
2019-06-29 19:09 - 2019-06-29 19:09 - 000087552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dot3api.dll
2019-06-29 19:09 - 2019-06-29 19:09 - 000087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dot3msm.dll
2019-06-29 19:09 - 2019-06-29 19:09 - 000087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditBufferTestHook.dll
2019-06-29 19:09 - 2019-06-29 19:09 - 000084280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2019-06-29 19:09 - 2019-06-29 19:09 - 000076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\autopilot.dll
2019-06-29 19:09 - 2019-06-29 19:09 - 000072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\efsext.dll
2019-06-29 19:09 - 2019-06-29 19:09 - 000071720 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll
2019-06-29 19:09 - 2019-06-29 19:09 - 000070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.EnrollmentStatusTracking.ConfigProvider.dll
2019-06-29 19:09 - 2019-06-29 19:09 - 000069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\monitor.sys
2019-06-29 19:09 - 2019-06-29 19:09 - 000066560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditBufferTestHook.dll
2019-06-29 19:09 - 2019-06-29 19:09 - 000065064 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsManagementServiceWinRt.ProxyStub.dll
2019-06-29 19:09 - 2019-06-29 19:09 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcadm.dll
2019-06-29 19:09 - 2019-06-29 19:09 - 000060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
2019-06-29 19:09 - 2019-06-29 19:09 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssprxy.dll
2019-06-29 19:09 - 2019-06-29 19:09 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\msscntrs.dll
2019-06-29 19:09 - 2019-06-29 19:09 - 000057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2019-06-29 19:09 - 2019-06-29 19:09 - 000055296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efsext.dll
2019-06-29 19:09 - 2019-06-29 19:09 - 000051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcalua.exe
2019-06-29 19:09 - 2019-06-29 19:09 - 000047000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2019-06-29 19:09 - 2019-06-29 19:09 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msscntrs.dll
2019-06-29 19:09 - 2019-06-29 19:09 - 000045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf3216.dll
2019-06-29 19:09 - 2019-06-29 19:09 - 000043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiredNetworkCSP.dll
2019-06-29 19:09 - 2019-06-29 19:09 - 000043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpgradeResultsUI.exe
2019-06-29 19:09 - 2019-06-29 19:09 - 000041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\WordBreakers.dll
2019-06-29 19:09 - 2019-06-29 19:09 - 000036152 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2019-06-29 19:09 - 2019-06-29 19:09 - 000034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mskssrv.sys
2019-06-29 19:09 - 2019-06-29 19:09 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WordBreakers.dll
2019-06-29 19:09 - 2019-06-29 19:09 - 000030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\KNetPwrDepBroker.sys
2019-06-29 19:09 - 2019-06-29 19:09 - 000028936 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmbuspipe.dll
2019-06-29 19:09 - 2019-06-29 19:09 - 000025088 _____ (Microsoft Corporation) C:\WINDOWS\system32\autopilotdiag.dll
2019-06-29 19:09 - 2019-06-29 19:09 - 000017920 _____ (Microsoft Corporation) C:\WINDOWS\system32\bindflt.dll
2019-06-29 19:09 - 2019-06-29 19:09 - 000012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcaevts.dll
2019-06-29 19:09 - 2019-06-29 19:09 - 000012288 _____ (Microsoft Corporation) C:\WINDOWS\system32\pacjsworker.exe
2019-06-29 19:09 - 2019-06-29 19:09 - 000003584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCertResources.dll
2019-06-29 19:09 - 2019-06-29 19:09 - 000003584 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCertResources.dll
2019-06-29 08:06 - 2019-06-29 08:06 - 000000000 ____D C:\Users\PedroAlejandro\AppData\LocalLow\Sun
2019-06-29 08:05 - 2019-07-21 18:38 - 000000000 ____D C:\Program Files (x86)\Java
2019-06-29 06:56 - 2019-07-18 23:36 - 000001024 ____H C:\AMTAG.BIN
2019-06-29 00:01 - 2019-06-29 00:01 - 004164608 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsLexicons0002.dll
2019-06-29 00:01 - 2019-06-29 00:01 - 001915392 _____ (Microsoft Corporation) C:\WINDOWS\system32\MLS2.dll
2019-06-29 00:01 - 2019-06-29 00:01 - 001875968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MLS2.dll
2019-06-29 00:01 - 2019-06-29 00:01 - 001359872 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebManagement.exe
2019-06-29 00:01 - 2019-06-29 00:01 - 000960512 _____ (Microsoft Corporation) C:\WINDOWS\system32\wdp.dll
2019-06-29 00:01 - 2019-06-29 00:01 - 000637952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wdp.dll
2019-06-29 00:01 - 2019-06-29 00:01 - 000516648 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftWebDriver.exe
2019-06-29 00:01 - 2019-06-29 00:01 - 000393768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MicrosoftWebDriver.exe
2019-06-29 00:01 - 2019-06-29 00:01 - 000296448 _____ (Microsoft Corporation) C:\WINDOWS\system32\PerceptionSimulationREST.dll
2019-06-29 00:01 - 2019-06-29 00:01 - 000290816 _____ (Microsoft Corporation) C:\WINDOWS\system32\SshdBroker.dll
2019-06-29 00:01 - 2019-06-29 00:01 - 000180736 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsData0002.dll
2019-06-29 00:01 - 2019-06-29 00:01 - 000174080 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeveloperToolsSvc.exe
2019-06-29 00:01 - 2019-06-29 00:01 - 000134656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NlsData0002.dll
2019-06-29 00:01 - 2019-06-29 00:01 - 000111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\SshdPinAuthLsa.dll
2019-06-29 00:01 - 2019-06-29 00:01 - 000101888 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeveloperSetupCSP.dll
2019-06-29 00:01 - 2019-06-29 00:01 - 000099840 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevToolsLauncher.exe
2019-06-29 00:01 - 2019-06-29 00:01 - 000094208 _____ (Microsoft Corporation) C:\WINDOWS\system32\debugregsvc.dll
2019-06-29 00:01 - 2019-06-29 00:01 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeployUtil.exe
2019-06-29 00:01 - 2019-06-29 00:01 - 000032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\debugregsvcapi.dll
2019-06-29 00:01 - 2019-06-29 00:01 - 000020480 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeveloperTools.ProxyStub.dll
2019-06-28 23:38 - 2019-06-28 23:38 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2019-06-28 23:37 - 2019-07-21 18:46 - 001937420 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-06-28 23:36 - 2019-06-28 23:36 - 000000456 __RSH C:\Users\PedroAlejandro\ntuser.pol
2019-06-28 23:36 - 2019-06-28 23:36 - 000000020 ___SH C:\Users\PedroAlejandro\ntuser.ini
2019-06-28 23:35 - 2019-07-23 18:27 - 000004218 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{20A71444-42EB-42A3-A7EC-207FCCA60387}
2019-06-28 23:35 - 2019-07-21 18:38 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-06-28 23:35 - 2019-07-20 21:16 - 000004362 _____ C:\WINDOWS\System32\Tasks\Open URL by RoboForm
2019-06-28 23:35 - 2019-07-20 21:16 - 000003806 _____ C:\WINDOWS\System32\Tasks\Run RoboForm TaskBar Icon
2019-06-28 23:35 - 2019-07-20 05:55 - 000004210 _____ C:\WINDOWS\System32\Tasks\CCleaner Update
2019-06-28 23:35 - 2019-07-11 12:41 - 000003976 _____ C:\WINDOWS\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-06-28 23:35 - 2019-07-11 12:41 - 000003940 _____ C:\WINDOWS\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-06-28 23:35 - 2019-07-11 12:41 - 000003894 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-06-28 23:35 - 2019-07-11 12:41 - 000003654 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-06-28 23:35 - 2019-07-09 08:25 - 000004590 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2019-06-28 23:35 - 2019-07-09 08:17 - 000004582 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player NPAPI Notifier
2019-06-28 23:35 - 2019-07-09 08:17 - 000004388 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2019-06-28 23:35 - 2019-06-28 23:35 - 000007623 _____ C:\WINDOWS\diagwrn.xml
2019-06-28 23:35 - 2019-06-28 23:35 - 000007623 _____ C:\WINDOWS\diagerr.xml
2019-06-28 23:35 - 2019-06-28 23:35 - 000003728 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2770923-3023555174-645854538-1009UA
2019-06-28 23:35 - 2019-06-28 23:35 - 000003548 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2019-06-28 23:35 - 2019-06-28 23:35 - 000003460 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2770923-3023555174-645854538-1009Core
2019-06-28 23:35 - 2019-06-28 23:35 - 000003364 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{54B8EFAF-5393-4746-9E29-A82AAF69DF85}
2019-06-28 23:35 - 2019-06-28 23:35 - 000003362 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{050A12CB-AEC6-4496-AEAE-2085913CD504}
2019-06-28 23:35 - 2019-06-28 23:35 - 000003360 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{9F3D74FE-5C28-45B6-8184-1629937EB369}
2019-06-28 23:35 - 2019-06-28 23:35 - 000003360 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{069A0FB1-9361-41DA-A782-E0BE86A0A0AE}
2019-06-28 23:35 - 2019-06-28 23:35 - 000003324 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2019-06-28 23:35 - 2019-06-28 23:35 - 000003042 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
2019-06-28 23:35 - 2019-06-28 23:35 - 000002924 _____ C:\WINDOWS\System32\Tasks\ATK Package 36D18D69AFC3
2019-06-28 23:35 - 2019-06-28 23:35 - 000002346 _____ C:\WINDOWS\System32\Tasks\RtHDVBg_ListenToDevice
2019-06-28 23:35 - 2019-06-28 23:35 - 000002302 _____ C:\WINDOWS\System32\Tasks\RTKCPL
2019-06-28 23:35 - 2019-06-28 23:35 - 000002278 _____ C:\WINDOWS\System32\Tasks\GU5SkipUAC
2019-06-28 23:35 - 2019-06-28 23:35 - 000002230 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2019-06-28 23:35 - 2019-06-28 23:35 - 000002214 _____ C:\WINDOWS\System32\Tasks\ATK Package A22126881260
2019-06-28 23:35 - 2019-06-28 23:35 - 000000000 ____D C:\WINDOWS\System32\Tasks\MEGA
2019-06-28 23:29 - 2019-06-28 23:29 - 000000000 ____D C:\ProgramData\USOShared
2019-06-28 23:29 - 2019-06-12 03:30 - 002874368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2019-06-28 23:26 - 2019-07-23 14:57 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-06-28 23:26 - 2019-07-19 23:19 - 000001527 _____ C:\WINDOWS\system32\config\VSMIDK
2019-06-28 23:26 - 2019-07-09 21:24 - 000463080 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-06-28 23:25 - 2019-06-28 23:25 - 000066064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WinSetupBoot.sys
2019-06-28 23:17 - 2019-06-28 23:17 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate
2019-06-28 23:16 - 2019-07-20 12:36 - 000000000 ____D C:\Users\PedroAlejandro
2019-06-28 23:16 - 2019-07-08 22:32 - 000002420 _____ C:\Users\PedroAlejandro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-06-28 23:16 - 2019-06-28 23:16 - 000000000 _SHDL C:\Users\PedroAlejandro\Reciente
2019-06-28 23:16 - 2019-06-28 23:16 - 000000000 _SHDL C:\Users\PedroAlejandro\Plantillas
2019-06-28 23:16 - 2019-06-28 23:16 - 000000000 _SHDL C:\Users\PedroAlejandro\Mis documentos
2019-06-28 23:16 - 2019-06-28 23:16 - 000000000 _SHDL C:\Users\PedroAlejandro\Menú Inicio
2019-06-28 23:16 - 2019-06-28 23:16 - 000000000 _SHDL C:\Users\PedroAlejandro\Impresoras
2019-06-28 23:16 - 2019-06-28 23:16 - 000000000 _SHDL C:\Users\PedroAlejandro\Entorno de red
2019-06-28 23:16 - 2019-06-28 23:16 - 000000000 _SHDL C:\Users\PedroAlejandro\Datos de programa
2019-06-28 23:16 - 2019-06-28 23:16 - 000000000 _SHDL C:\Users\PedroAlejandro\Configuración local
2019-06-28 23:16 - 2019-06-28 23:16 - 000000000 _SHDL C:\Users\PedroAlejandro\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
2019-06-28 23:16 - 2019-06-28 23:16 - 000000000 _SHDL C:\Users\PedroAlejandro\AppData\Local\Historial
2019-06-28 23:16 - 2019-06-28 23:16 - 000000000 _SHDL C:\Users\PedroAlejandro\AppData\Local\Datos de programa
2019-06-28 23:16 - 2019-06-28 23:16 - 000000000 _SHDL C:\Users\PedroAlejandro\AppData\Local\Archivos temporales de Internet
2019-06-28 23:15 - 2019-06-28 23:17 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2019-06-28 23:14 - 2019-06-28 23:14 - 000000000 ___SD C:\WINDOWS\system32\containers
2019-06-28 23:14 - 2019-06-28 23:14 - 000000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2019-06-28 23:14 - 2019-06-28 23:14 - 000000000 ____D C:\Program Files\Reference Assemblies
2019-06-28 23:14 - 2019-06-28 23:14 - 000000000 ____D C:\Program Files\MSBuild
2019-06-28 23:14 - 2019-06-28 23:14 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
2019-06-28 23:14 - 2019-06-28 23:14 - 000000000 ____D C:\Program Files (x86)\MSBuild
2019-06-28 23:14 - 2019-06-28 23:14 - 000000000 ____D C:\inetpub
2019-06-28 23:13 - 2019-02-05 18:41 - 000778912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2019-06-28 23:13 - 2019-02-05 18:41 - 000103072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2019-06-28 23:13 - 2019-02-05 18:41 - 000035592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2019-06-28 23:12 - 2019-03-01 17:31 - 001166488 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2019-06-28 23:12 - 2019-03-01 17:31 - 000124568 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2019-06-28 23:12 - 2019-03-01 17:31 - 000035592 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2019-06-28 23:03 - 2019-06-28 23:03 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2019-06-28 14:50 - 2019-06-28 14:50 - 000000000 ____D C:\Users\PedroAlejandro\AppData\Roaming\Macromedia
2019-06-28 12:15 - 2019-06-28 12:15 - 000000000 ____D C:\Users\PedroAlejandro\AppData\Roaming\URSoft
2019-06-28 11:47 - 2019-06-28 11:47 - 000000000 ____D C:\Users\PedroAlejandro\AppData\Local\mbamtray
2019-06-28 10:27 - 2019-06-28 23:30 - 000000000 ____D C:\Users\PedroAlejandro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome
2019-06-28 10:20 - 2019-07-17 22:28 - 000000000 ____D C:\Users\PedroAlejandro\AppData\Roaming\Mozilla
2019-06-28 10:20 - 2019-06-28 10:20 - 000000000 ____D C:\Users\PedroAlejandro\AppData\Local\Mozilla
2019-06-28 10:18 - 2019-06-28 10:18 - 000000000 ____D C:\Users\PedroAlejandro\AppData\Roaming\WinRAR
2019-06-28 10:16 - 2019-06-28 10:16 - 000000000 ____D C:\Users\PedroAlejandro\AppData\Roaming\Easeware
2019-06-28 10:16 - 2019-06-28 10:16 - 000000000 ____D C:\Program Files\Easeware
2019-06-28 10:10 - 2019-06-28 10:11 - 000000000 ____D C:\Users\PedroAlejandro\AppData\Roaming\GlarySoft
2019-06-28 10:09 - 2019-06-28 10:09 - 000000000 ____D C:\Users\PedroAlejandro\AppData\Local\VS Revo Group
2019-06-28 09:33 - 2019-06-28 09:33 - 000000000 ____D C:\Users\PedroAlejandro\AppData\Local\CEF
2019-06-28 08:56 - 2019-07-23 15:47 - 000000000 ____D C:\Users\PedroAlejandro\AppData\Roaming\DMCache
2019-06-28 08:56 - 2019-07-23 15:06 - 000000000 ____D C:\Users\PedroAlejandro\AppData\Roaming\IDM
2019-06-28 08:12 - 2019-07-19 20:01 - 000000000 ____D C:\Users\PedroAlejandro\AppData\Local\PlaceholderTileLogoFolder
2019-06-28 07:42 - 2019-07-22 20:03 - 000000000 ____D C:\Users\PedroAlejandro\AppData\Local\Comms
2019-06-28 07:36 - 2019-07-23 18:25 - 000000000 ___RD C:\Users\PedroAlejandro\OneDrive
2019-06-28 07:34 - 2019-07-17 10:35 - 000000000 ____D C:\Users\PedroAlejandro\AppData\Local\Publishers
2019-06-28 07:34 - 2019-07-17 10:35 - 000000000 ____D C:\Users\PedroAlejandro\AppData\Local\MicrosoftEdge
2019-06-28 07:34 - 2019-06-28 07:34 - 000000000 ___HD C:\Users\PedroAlejandro\MicrosoftEdgeBackups
2019-06-28 07:33 - 2019-07-23 18:24 - 000000000 __SHD C:\Users\PedroAlejandro\IntelGraphicsProfiles
2019-06-28 07:33 - 2019-07-23 14:22 - 000000000 ____D C:\Users\PedroAlejandro\AppData\Local\D3DSCache
2019-06-28 07:33 - 2019-07-21 17:31 - 000000000 ____D C:\Users\PedroAlejandro\AppData\Local\Packages
2019-06-28 07:33 - 2019-07-19 21:35 - 000000000 ____D C:\Users\PedroAlejandro\AppData\Roaming\Adobe
2019-06-28 07:33 - 2019-07-19 20:22 - 000000000 ____D C:\Users\PedroAlejandro\AppData\Local\Google
2019-06-28 07:33 - 2019-06-28 11:32 - 000000000 ____D C:\Users\PedroAlejandro\AppData\Local\ConnectedDevicesPlatform
2019-06-28 07:33 - 2019-06-28 07:34 - 000000000 ____D C:\Users\PedroAlejandro\AppData\Local\Intel
2019-06-27 17:23 - 2019-06-27 17:23 - 003162184 _____ (Intel Corporation) C:\WINDOWS\system32\mfx_mft_vp9ve_64.dll
2019-06-27 17:23 - 2019-06-27 17:23 - 000071497 _____ C:\WINDOWS\SysWOW64\h265e_32.vp
2019-06-27 17:23 - 2019-06-27 17:23 - 000071144 _____ C:\WINDOWS\SysWOW64\vp9e_32.vp
2019-06-27 17:23 - 2019-06-27 17:23 - 000065201 _____ C:\WINDOWS\SysWOW64\mj_32.vp
2019-06-27 17:23 - 2019-06-27 17:23 - 000014005 _____ C:\WINDOWS\system32\h265e_64.vp
2019-06-27 17:23 - 2019-06-27 17:23 - 000013856 _____ C:\WINDOWS\system32\vp9e_64.vp
2019-06-27 17:23 - 2019-06-27 17:23 - 000013185 _____ C:\WINDOWS\system32\mj_64.vp
2019-06-27 17:22 - 2019-06-27 17:23 - 002571856 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\mfx_mft_vp9ve_32.dll
2019-06-27 17:21 - 2019-06-27 17:22 - 002992136 _____ (Intel Corporation) C:\WINDOWS\system32\mfx_mft_mjpgvd_64.dll
2019-06-27 17:21 - 2019-06-27 17:21 - 002434080 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\mfx_mft_mjpgvd_32.dll
2019-06-27 17:20 - 2019-06-27 17:21 - 003170008 _____ (Intel Corporation) C:\WINDOWS\system32\mfx_mft_h265ve_64.dll
2019-06-27 17:20 - 2019-06-27 17:20 - 002576544 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\mfx_mft_h265ve_32.dll
2019-06-27 17:19 - 2019-06-27 17:20 - 002952104 _____ (Intel Corporation) C:\WINDOWS\system32\mfx_mft_encrypt_64.dll
2019-06-27 17:19 - 2019-06-27 17:19 - 002410848 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\mfx_mft_encrypt_32.dll
2019-06-27 17:19 - 2019-06-27 17:19 - 000069953 _____ C:\WINDOWS\SysWOW64\he_32.vp
2019-06-27 17:19 - 2019-06-27 17:19 - 000057143 _____ C:\WINDOWS\SysWOW64\dev_32.vp
2019-06-27 17:19 - 2019-06-27 17:19 - 000056359 _____ C:\WINDOWS\system32\dev_64.vp
2019-06-27 17:19 - 2019-06-27 17:19 - 000013417 _____ C:\WINDOWS\system32\he_64.vp
2019-06-27 17:19 - 2019-06-27 17:19 - 000001125 _____ C:\WINDOWS\SysWOW64\cpa_32.vp
2019-06-27 17:19 - 2019-06-27 17:19 - 000001125 _____ C:\WINDOWS\system32\cpa_64.vp
2019-06-27 17:18 - 2019-06-27 17:19 - 001376256 _____ C:\WINDOWS\system32\c_64.cpa
2019-06-27 17:18 - 2019-06-27 17:18 - 003149024 _____ (Intel Corporation) C:\WINDOWS\system32\mfx_mft_h264ve_64.dll
2019-06-27 17:18 - 2019-06-27 17:18 - 001361159 _____ C:\WINDOWS\SysWOW64\c_32.cpa
2019-06-27 17:17 - 2019-06-27 17:18 - 002563384 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\mfx_mft_h264ve_32.dll
2019-06-27 17:11 - 2019-06-27 17:11 - 000212456 _____ (Intel Corporation) C:\WINDOWS\system32\intel_gfx_api-x64.dll
2019-06-27 17:11 - 2019-06-27 17:11 - 000184144 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\intel_gfx_api-x86.dll
2019-06-27 17:06 - 2019-06-27 17:11 - 025074696 _____ (Intel Corporation) C:\WINDOWS\system32\mfxplugin64_hw.dll
2019-06-27 17:03 - 2019-06-27 17:06 - 011912200 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\mfxplugin32_hw.dll
2019-06-27 16:59 - 2019-06-27 17:03 - 021060448 _____ (Intel Corporation) C:\WINDOWS\system32\libmfxhw64.dll
2019-06-27 16:55 - 2019-06-27 16:59 - 019968576 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\libmfxhw32.dll
2019-06-27 16:25 - 2019-06-27 16:25 - 000121352 _____ (Khronos Group) C:\WINDOWS\system32\Intel_OpenCL_ICD64.dll
2019-06-27 16:25 - 2019-06-27 16:25 - 000108552 _____ (Khronos Group) C:\WINDOWS\SysWOW64\Intel_OpenCL_ICD32.dll
2019-06-27 15:41 - 2019-06-27 15:41 - 000183304 _____ C:\WINDOWS\SysWOW64\libGLESv2.dll
2019-06-27 15:41 - 2019-06-27 15:41 - 000148704 _____ C:\WINDOWS\SysWOW64\libGLESv1_CM.dll
2019-06-27 15:41 - 2019-06-27 15:41 - 000147672 _____ C:\WINDOWS\SysWOW64\libEGL.dll
2019-06-27 10:36 - 2019-06-27 10:36 - 000002401 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2019-06-27 10:35 - 2019-06-27 10:35 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2019-06-27 10:32 - 2019-06-27 10:32 - 000000000 ____D C:\Program Files\Microsoft Office 15
2019-06-26 22:09 - 2019-07-20 21:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RoboForm
2019-06-26 10:50 - 2019-07-17 08:42 - 000002299 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-06-25 12:19 - 2019-06-30 13:55 - 000000000 ____D C:\ProgramData\Optimizer
2019-06-25 12:19 - 2019-06-25 12:19 - 000825856 _____ C:\Default.xml
2019-06-23 20:28 - 2019-07-19 23:19 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-06-23 20:28 - 2019-07-19 14:37 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
==================== One month (modified) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-07-23 15:46 - 2019-03-19 06:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-07-23 13:58 - 2018-10-09 14:55 - 000000000 ____D C:\Program Files (x86)\Glary Utilities 5
2019-07-23 12:45 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-07-23 12:44 - 2019-03-19 06:52 - 000000000 ___HD C:\Program Files\WindowsApps
2019-07-22 11:47 - 2018-10-09 14:55 - 000001157 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5.lnk
2019-07-21 18:46 - 2019-03-19 13:59 - 000835436 _____ C:\WINDOWS\system32\perfh00A.dat
2019-07-21 18:46 - 2019-03-19 13:59 - 000177180 _____ C:\WINDOWS\system32\perfc00A.dat
2019-07-21 18:46 - 2019-03-19 06:50 - 000000000 ____D C:\WINDOWS\INF
2019-07-21 18:38 - 2018-10-18 08:42 - 000000150 _____ C:\WINDOWS\SysWOW64\winsevr.dat
2019-07-21 18:38 - 2018-10-18 08:41 - 000000000 ____D C:\Program Files (x86)\AOMEI Backupper
2019-07-21 18:37 - 2019-03-19 06:37 - 001835008 _____ C:\WINDOWS\system32\config\BBI
2019-07-21 18:34 - 2018-10-10 09:18 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-07-21 18:32 - 2018-10-10 09:18 - 136618864 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-07-19 21:09 - 2018-10-05 21:23 - 000000000 ____D C:\ProgramData\Packages
2019-07-19 21:05 - 2018-10-06 21:58 - 000000000 ____D C:\ProgramData\Package Cache
2019-07-19 21:03 - 2019-03-19 06:52 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2019-07-19 14:06 - 2019-03-19 06:52 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2019-07-19 11:09 - 2019-05-09 22:25 - 000000000 ____D C:\Program Files (x86)\Internet Download Manager
2019-07-18 16:41 - 2018-10-07 00:56 - 000000000 ____D C:\WINDOWS\Microsoft Antimalware
2019-07-18 09:52 - 2019-05-16 15:04 - 000000000 ____D C:\Program Files\WinRAR
2019-07-18 09:06 - 2019-05-16 15:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2019-07-18 08:34 - 2018-10-06 20:01 - 000000000 ____D C:\ProgramData\Google
2019-07-17 15:52 - 2018-10-09 15:00 - 000000000 ____D C:\Program Files\CCleaner
2019-07-17 10:42 - 2018-10-06 18:57 - 000000000 ____D C:\Program Files (x86)\Google
2019-07-17 10:35 - 2018-10-17 10:12 - 000000000 ____D C:\ProgramData\ssh
2019-07-17 10:09 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2019-07-13 19:32 - 2018-10-06 20:01 - 000000000 ____D C:\Program Files\Google
2019-07-13 15:46 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\NDF
2019-07-12 10:17 - 2018-10-30 12:30 - 000048080 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\ICCWDT.sys
2019-07-10 17:38 - 2019-06-13 22:19 - 000000000 ____D C:\Program Files\Microsoft Office
2019-07-10 16:11 - 2019-05-21 14:00 - 001154336 _____ (Realtek ) C:\WINDOWS\system32\Drivers\rt640x64.sys
2019-07-10 16:08 - 2019-06-19 13:43 - 000994088 _____ (Realsil Semiconductor Corporation) C:\WINDOWS\system32\Drivers\RtsPer.sys
2019-07-10 16:02 - 2019-03-15 12:21 - 006781216 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RTKVHD64.sys
2019-07-10 13:48 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\Help
2019-07-10 13:38 - 2019-03-27 16:09 - 000189112 _____ (Power Admin LLC) C:\WINDOWS\PAExec.exe
2019-07-10 13:38 - 2018-10-09 15:49 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2019-07-10 11:50 - 2018-10-05 21:31 - 000741432 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2019-07-09 22:55 - 2019-04-15 22:29 - 000000000 ____D C:\Program Files (x86)\FormatFactory
2019-07-09 21:41 - 2019-03-19 06:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-07-09 21:25 - 2018-10-04 15:49 - 000000000 __RHD C:\Users\Public\AccountPictures
2019-07-09 21:23 - 2019-03-19 14:01 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2019-07-09 21:23 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\SystemResources
2019-07-09 21:23 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\oobe
2019-07-09 21:23 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-07-09 08:25 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2019-07-09 08:25 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\Macromed
2019-07-08 22:34 - 2018-10-05 21:21 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2019-07-06 19:18 - 2019-03-19 14:01 - 000000000 ____D C:\WINDOWS\OCR
2019-07-05 12:05 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\schemas
2019-07-05 11:58 - 2018-10-14 11:55 - 000000533 _____ C:\WINDOWS\system32\Drivers\etc\hosts.ics
2019-07-05 11:53 - 2019-03-19 06:56 - 000107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Synth3dVsp.sys
2019-07-02 10:35 - 2019-06-14 09:44 - 001033288 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\iaStorAC.sys
2019-07-02 10:33 - 2018-10-07 22:09 - 000000000 ____D C:\ProgramData\AomeiBR
2019-07-01 12:36 - 2018-11-04 21:23 - 000103028 _____ C:\WINDOWS\dxdiag.txt
2019-06-30 16:03 - 2019-03-19 06:37 - 000000000 ____D C:\WINDOWS\servicing
2019-06-30 13:55 - 2019-03-19 06:52 - 000000000 __SHD C:\Program Files\Windows Sidebar
2019-06-30 13:55 - 2019-03-19 06:52 - 000000000 __SHD C:\Program Files (x86)\Windows Sidebar
2019-06-29 19:21 - 2019-03-19 14:01 - 000000000 ___SD C:\WINDOWS\system32\AppV
2019-06-29 19:21 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\migwiz
2019-06-29 19:21 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\appraiser
2019-06-29 19:21 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\ShellExperiences
2019-06-29 06:59 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\appcompat
2019-06-29 00:01 - 2019-05-22 17:37 - 000000000 ____D C:\WINDOWS\system32\bg
2019-06-29 00:01 - 2019-03-19 14:00 - 000000000 ____D C:\WINDOWS\system32\OpenSSH
2019-06-29 00:01 - 2019-03-19 06:52 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2019-06-29 00:01 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\SystemApps
2019-06-29 00:01 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2019-06-29 00:01 - 2019-03-19 06:52 - 000000000 ____D C:\Program Files\Windows Defender
2019-06-29 00:01 - 2019-03-19 06:52 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2019-06-28 23:56 - 2019-03-19 06:52 - 000000000 ___RD C:\WINDOWS\PrintDialog
2019-06-28 23:37 - 2019-03-19 06:52 - 000000000 ____D C:\ProgramData\USOPrivate
2019-06-28 23:36 - 2019-03-19 06:37 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2019-06-28 23:36 - 2018-10-21 19:02 - 000000464 __RSH C:\ProgramData\ntuser.pol
2019-06-28 23:31 - 2019-03-19 06:52 - 000000000 __RSD C:\WINDOWS\Media
2019-06-28 23:30 - 2019-06-13 17:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Herramientas de Microsoft Office
2019-06-28 23:30 - 2019-05-16 11:36 - 000000000 ____D C:\WINDOWS\SysWOW64\WinRAR v5.61 Multi-ES
2019-06-28 23:30 - 2019-05-09 22:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
2019-06-28 23:30 - 2019-03-23 20:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2019-06-28 23:30 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2019-06-28 23:30 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2019-06-28 23:30 - 2019-02-19 19:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AOMEI Partition Assistant Pro Edition 7.5
2019-06-28 23:30 - 2018-11-11 20:49 - 000000000 ____D C:\WINDOWS\system32\CleanLog
2019-06-28 23:30 - 2018-10-25 18:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy
2019-06-28 23:30 - 2018-10-23 22:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro
2019-06-28 23:30 - 2018-10-09 15:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Defraggler
2019-06-28 23:30 - 2018-10-09 15:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HDD Low Level Format Tool
2019-06-28 23:30 - 2018-10-09 15:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2019-06-28 23:30 - 2018-10-09 14:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5
2019-06-28 23:30 - 2018-10-05 12:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AOMEI Partition Assistant Pro Edition 7.0
2019-06-28 23:30 - 2018-10-05 10:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Your Uninstaller! 7
2019-06-28 23:28 - 2018-10-05 21:19 - 000000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2019-06-28 23:28 - 2018-10-05 21:19 - 000000000 ____D C:\WINDOWS\system32\DAX3
2019-06-28 23:28 - 2018-10-05 21:19 - 000000000 ____D C:\WINDOWS\system32\DAX2
2019-06-28 23:28 - 2018-10-04 15:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Realtek
2019-06-28 23:26 - 2019-05-22 17:33 - 000000000 __RSD C:\WINDOWS\SysWOW64\WindowsDevicePortal
2019-06-28 23:26 - 2019-05-22 17:33 - 000000000 __RSD C:\WINDOWS\system32\WindowsDevicePortal
2019-06-28 23:26 - 2019-05-22 17:33 - 000000000 ___RD C:\WINDOWS\WebManagement
2019-06-28 23:26 - 2019-03-19 13:59 - 000000000 ____D C:\WINDOWS\SysWOW64\WCN
2019-06-28 23:26 - 2019-03-19 13:59 - 000000000 ____D C:\WINDOWS\system32\WCN
2019-06-28 23:26 - 2019-03-19 06:52 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2019-06-28 23:26 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\spool
2019-06-28 23:26 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2019-06-28 23:26 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\ServiceState
2019-06-28 23:26 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\IME
2019-06-28 23:26 - 2019-03-19 06:49 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2019-06-28 23:26 - 2018-10-05 22:11 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy
2019-06-28 23:25 - 2019-03-19 06:56 - 000000000 ____D C:\WINDOWS\Setup
2019-06-28 23:22 - 2019-03-19 06:52 - 000000000 __RHD C:\Users\Public\Libraries
2019-06-28 23:18 - 2019-06-18 12:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare
2019-06-28 23:18 - 2019-03-19 13:59 - 000000000 ____D C:\WINDOWS\SysWOW64\winrm
2019-06-28 23:18 - 2019-03-19 13:59 - 000000000 ____D C:\WINDOWS\SysWOW64\slmgr
2019-06-28 23:18 - 2019-03-19 13:59 - 000000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts
2019-06-28 23:18 - 2019-03-19 13:59 - 000000000 ____D C:\WINDOWS\system32\winrm
2019-06-28 23:18 - 2019-03-19 13:59 - 000000000 ____D C:\WINDOWS\system32\slmgr
2019-06-28 23:18 - 2019-03-19 13:59 - 000000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts
2019-06-28 23:18 - 2019-03-19 06:52 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2019-06-28 23:18 - 2019-03-19 06:52 - 000000000 ___SD C:\WINDOWS\system32\F12
2019-06-28 23:18 - 2019-03-19 06:52 - 000000000 ___SD C:\WINDOWS\system32\dsc
2019-06-28 23:18 - 2019-03-19 06:52 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2019-06-28 23:18 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2019-06-28 23:18 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2019-06-28 23:18 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2019-06-28 23:18 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2019-06-28 23:18 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2019-06-28 23:18 - 2018-10-05 22:15 - 000000000 ____D C:\WINDOWS\system32\Intel
2019-06-28 23:18 - 2018-10-05 22:15 - 000000000 ____D C:\WINDOWS\Firmware
2019-06-28 23:17 - 2019-05-05 10:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ICEpower
2019-06-28 23:17 - 2019-03-19 14:01 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2019-06-28 23:17 - 2019-03-19 14:01 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2019-06-28 23:17 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2019-06-28 23:17 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\inetsrv
2019-06-28 23:17 - 2019-03-19 06:52 - 000000000 ____D C:\Program Files\Common Files\System
2019-06-28 23:17 - 2019-01-08 15:34 - 000000000 ____D C:\Program Files\Intel
2019-06-28 23:17 - 2018-12-09 20:26 - 000000000 ____D C:\Program Files\Synaptics
2019-06-28 23:17 - 2018-10-19 10:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS
2019-06-28 23:17 - 2018-10-05 22:11 - 000000000 ____D C:\WINDOWS\system32\MsDtc
2019-06-28 23:17 - 2018-10-05 21:19 - 000000000 ____D C:\Program Files\Realtek
2019-06-28 23:14 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\SysWOW64\MUI
2019-06-28 23:14 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\MUI
2019-06-28 23:13 - 2019-06-12 03:31 - 003380224 _____ (Microsoft Corporation) C:\WINDOWS\system32\HostNetSvc.dll
2019-06-28 23:13 - 2019-06-12 03:31 - 002426536 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmwp.exe
2019-06-28 23:13 - 2019-06-12 03:31 - 000457016 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmusrv.dll
2019-06-28 23:13 - 2019-06-12 03:31 - 000119096 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdp4vs.dll
2019-06-28 23:13 - 2019-03-19 07:00 - 000169472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisRtl.dll
2019-06-28 23:13 - 2019-03-19 07:00 - 000048640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\admwprox.dll
2019-06-28 23:13 - 2019-03-19 07:00 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ahadmin.dll
2019-06-28 23:13 - 2019-03-19 07:00 - 000016384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisreset.exe
2019-06-28 23:13 - 2019-03-19 07:00 - 000011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wamregps.dll
2019-06-28 23:13 - 2019-03-19 07:00 - 000011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cngkeyhelper.dll
2019-06-28 23:13 - 2019-03-19 07:00 - 000009728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisrstap.dll
2019-06-28 23:13 - 2019-03-19 06:58 - 000058384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\l2bridge.sys
2019-06-28 23:13 - 2019-03-19 06:58 - 000055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\admwprox.dll
2019-06-28 23:13 - 2019-03-19 06:58 - 000041992 _____ (Microsoft Corporation) C:\WINDOWS\system32\NvAgent.dll
2019-06-28 23:13 - 2019-03-19 06:58 - 000018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisreset.exe
2019-06-28 23:13 - 2019-03-19 06:58 - 000015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wamregps.dll
2019-06-28 23:13 - 2019-03-19 06:58 - 000013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisrstap.dll
2019-06-28 23:13 - 2019-03-19 06:57 - 002399760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmswitch.sys
2019-06-28 23:13 - 2019-03-19 06:57 - 001409024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vfpext.sys
2019-06-28 23:13 - 2019-03-19 06:57 - 000490496 _____ (Microsoft Corporation) C:\WINDOWS\system32\gns.dll
2019-06-28 23:13 - 2019-03-19 06:57 - 000346936 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmsmb.dll
2019-06-28 23:13 - 2019-03-19 06:57 - 000274432 _____ (Microsoft Corporation) C:\WINDOWS\system32\vfpctrl.exe
2019-06-28 23:13 - 2019-03-19 06:57 - 000217104 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetMgmtIF.dll
2019-06-28 23:13 - 2019-03-19 06:57 - 000204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisRtl.dll
2019-06-28 23:13 - 2019-03-19 06:57 - 000199680 _____ (Microsoft Corporation) C:\WINDOWS\system32\cmclient.dll
2019-06-28 23:13 - 2019-03-19 06:57 - 000193064 _____ (Microsoft Corporation) C:\WINDOWS\system32\nvspinfo.exe
2019-06-28 23:13 - 2019-03-19 06:57 - 000140304 _____ C:\WINDOWS\system32\nmscrub.exe
2019-06-28 23:13 - 2019-03-19 06:57 - 000129552 _____ (Microsoft Corporation) C:\WINDOWS\system32\nmbind.exe
2019-06-28 23:13 - 2019-03-19 06:57 - 000114176 _____ (Microsoft Corporation) C:\WINDOWS\system32\hnsdiag.exe
2019-06-28 23:13 - 2019-03-19 06:57 - 000112952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbkmclr.sys
2019-06-28 23:13 - 2019-03-19 06:57 - 000083472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcsetupagent.exe
2019-06-28 23:13 - 2019-03-19 06:57 - 000070160 _____ C:\WINDOWS\system32\cmdiag.exe
2019-06-28 23:13 - 2019-03-19 06:57 - 000067584 _____ C:\WINDOWS\system32\cmimageworker.exe
2019-06-28 23:13 - 2019-03-19 06:57 - 000061240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pvhdparser.sys
2019-06-28 23:13 - 2019-03-19 06:57 - 000053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ahadmin.dll
2019-06-28 23:13 - 2019-03-19 06:57 - 000048656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\VmsProxy.sys
2019-06-28 23:13 - 2019-03-19 06:57 - 000047120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdparser.sys
2019-06-28 23:13 - 2019-03-19 06:57 - 000039952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\VmsProxyHNic.sys
2019-06-28 23:13 - 2019-03-19 06:57 - 000038712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\passthruparser.sys
2019-06-28 23:13 - 2019-03-19 06:57 - 000037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\vfpapi.dll
2019-06-28 23:13 - 2019-03-19 06:57 - 000014336 _____ C:\WINDOWS\system32\hnsproxy.dll
2019-06-28 23:13 - 2019-03-19 06:57 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\cngkeyhelper.dll
2019-06-28 23:13 - 2019-03-19 06:57 - 000012600 _____ (Microsoft Corporation) C:\WINDOWS\system32\d4d78066-e6db-44b7-b5cd-2eb82dce620c_HyperV-ComputeLegacy.dll
2019-06-28 23:13 - 2019-03-19 06:57 - 000012600 _____ (Microsoft Corporation) C:\WINDOWS\system32\c4d66f00-b6f0-4439-ac9b-c5ea13fe54d7_HyperV-ComputeCore.dll
2019-06-28 23:13 - 2019-03-19 06:57 - 000012088 _____ (Microsoft Corporation) C:\WINDOWS\system32\f989b52d-f928-44a3-9bf1-bf0c1da6a0d6_HyperV-DeviceVirtualization.dll
2019-06-28 23:13 - 2019-03-19 06:57 - 000012088 _____ (Microsoft Corporation) C:\WINDOWS\system32\c28c7a4e-a619-4463-82b7-0fc9cc7187f5_HyperV-ComputeStorage.dll
2019-06-28 23:13 - 2019-03-19 06:57 - 000012088 _____ (Microsoft Corporation) C:\WINDOWS\system32\07409496-a423-4a3e-b620-2cfb01a9318d_HyperV-ComputeNetwork.dll
2019-06-28 23:13 - 2019-03-19 06:56 - 006518072 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmchipset.dll
2019-06-28 23:13 - 2019-03-19 06:56 - 001381176 _____ (Microsoft Corporation) C:\WINDOWS\system32\VmComputeAgent.exe
2019-06-28 23:13 - 2019-03-19 06:56 - 000663568 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmuidevices.dll
2019-06-28 23:13 - 2019-03-19 06:56 - 000503304 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmserial.dll
2019-06-28 23:13 - 2019-03-19 06:56 - 000478216 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmpmem.dll
2019-06-28 23:13 - 2019-03-19 06:56 - 000417296 _____ (Microsoft Corporation) C:\WINDOWS\system32\VmSynthNic.dll
2019-06-28 23:13 - 2019-03-19 06:56 - 000415784 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmprox.dll
2019-06-28 23:13 - 2019-03-19 06:56 - 000408080 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmsynthstor.dll
2019-06-28 23:13 - 2019-03-19 06:56 - 000305160 _____ C:\WINDOWS\system32\vp9fs.dll
2019-06-28 23:13 - 2019-03-19 06:56 - 000298512 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmsif.dll
2019-06-28 23:13 - 2019-03-19 06:56 - 000294952 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmdynmem.dll
2019-06-28 23:13 - 2019-03-19 06:56 - 000286216 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmiccore.dll
2019-06-28 23:13 - 2019-03-19 06:56 - 000281104 _____ (Microsoft Corporation) C:\WINDOWS\system32\hcsdiag.exe
2019-06-28 23:13 - 2019-03-19 06:56 - 000270648 _____ (Microsoft Corporation) C:\WINDOWS\system32\VmCrashDump.dll
2019-06-28 23:13 - 2019-03-19 06:56 - 000243512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbusr.sys
2019-06-28 23:13 - 2019-03-19 06:56 - 000239928 _____ (Microsoft Corporation) C:\WINDOWS\system32\CExecSvc.exe
2019-06-28 23:13 - 2019-03-19 06:56 - 000231224 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmflexio.dll
2019-06-28 23:13 - 2019-03-19 06:56 - 000209208 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpupvdev.dll
2019-06-28 23:13 - 2019-03-19 06:56 - 000205624 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmbusvdev.dll
2019-06-28 23:13 - 2019-03-19 06:56 - 000157728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storvsp.sys
2019-06-28 23:13 - 2019-03-19 06:56 - 000118584 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmsifcore.dll
2019-06-28 23:13 - 2019-03-19 06:56 - 000105272 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmwpevents.dll
2019-06-28 23:13 - 2019-03-19 06:56 - 000078856 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmwpctrl.dll
2019-06-28 23:13 - 2019-03-19 06:56 - 000076816 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmvirtio.dll
2019-06-28 23:13 - 2019-03-19 06:56 - 000036600 _____ (Microsoft Corporation) C:\WINDOWS\system32\sbresources.dll
2019-06-28 23:13 - 2019-03-19 06:56 - 000036368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvsocketcontrol.sys
2019-06-28 23:13 - 2019-03-19 06:56 - 000031544 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmcomputeeventlog.dll
2019-06-28 23:13 - 2019-03-19 06:56 - 000028688 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmsifproxystub.dll
2019-06-28 23:13 - 2019-03-19 06:56 - 000027664 _____ (Microsoft Corporation) C:\WINDOWS\system32\VrdUmed.dll
2019-06-28 23:13 - 2019-03-19 06:56 - 000024888 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmbuspiper.dll
2019-06-28 23:13 - 2019-03-19 06:56 - 000015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\VmComputeProxy.dll
2019-06-28 23:13 - 2019-03-19 06:56 - 000006658 _____ C:\WINDOWS\system32\VmChipset Third-Party Notices.txt
2019-06-28 23:06 - 2019-05-22 17:49 - 001233480 _____ (Dirección General de la Policía) C:\WINDOWS\system32\DNIeCMx64.dll
2019-06-28 12:23 - 2018-11-02 09:25 - 000000000 ____D C:\WINDOWS\pss
2019-06-27 10:36 - 2019-06-13 22:23 - 000002497 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Project.lnk
2019-06-27 10:36 - 2019-06-13 22:23 - 000002453 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visio.lnk
2019-06-27 10:36 - 2019-06-13 17:05 - 000002489 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2019-06-27 10:36 - 2019-06-13 17:05 - 000002445 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2019-06-27 10:36 - 2019-06-13 17:05 - 000002443 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2019-06-26 21:57 - 2018-10-07 18:57 - 000000000 ____D C:\Program Files (x86)\Siber Systems
2019-06-26 19:43 - 2018-10-04 22:29 - 000000000 ____D C:\Intel
==================== Files in the root of some directories ================
2019-07-19 09:56 - 2019-07-19 09:56 - 000323681 _____ () C:\Users\PedroAlejandro\AppData\Roaming\Nebuhuri
2019-07-10 08:56 - 2019-07-19 09:56 - 000000405 _____ () C:\Users\PedroAlejandro\AppData\Roaming\WB.CFG
2019-07-19 21:05 - 2019-07-19 21:05 - 000000410 _____ () C:\Users\PedroAlejandro\AppData\Local\oobelibMkey.log
==================== SigCheck ===============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ============================Bien… y ahora sigue estos pasos, MUY Importante ~ Realiza una copia de seguridad del registro :
-
Para hacerlo descarga Delfix en tu escritorio.
-
Doble clic para ejecutarlo.(Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona "Ejecutar como Administrador.")
-
Atención, ahora marca/selecciona únicamente la casilla "Create registry backup", las demás NO
-
Pulsar en Run.
Se abrirá el informe (DelFix.txt), guárdalo por si fuera necesario y cierra la herramienta.
En el equipo con los demas programas cerrados:
Inicio >>> Ejecutar >>>Escribes notepad.exe.
Ahora copia y pega estos archivos dentro del Notepad:
Start
CreateRestorePoint:
CloseProcesses:
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => -> No File
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => -> No File
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> No File
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ShortcutWithArgument: C:\Users\PedroAlejandro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\Escritorio Remoto de Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=gbchcmhmhahfdphkhkmpfmihenigjmpp
AlternateDataStreams: C:\Windows:nlsPreferences [386]
AlternateDataStreams: C:\ProgramData\TEMP:1CE11B51 [306]
HKU\S-1-5-21-2770923-3023555174-645854538-1018\...\Run: [AdobeBridge] => [X]
GroupPolicy: Restriction ? <==== ATTENTION
GroupPolicy\User: Restriction ? <==== ATTENTION
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://es.search.yahoo.com/yhs/web?hspart=shnl&hsimp=yhs-001&type=c11090332773472957f86f666d7¶m1=IE¶m2=1¶m3=campaignID%3D483%26UserID%3D1923471995¶m4=XPbueSzfBeG6K2MlxBpfELmmgzh8mOsLvk1mNxKnkuDmY5TaGYz/cBpL7OrVcsdhhtKKHDmClfn/Q+KngKSbl0tIuXh83+jXb8fb73wv0nAzjTOLfpp4OTPVEcXhyUYq80F3ys5apKXe9nudGbDur4zgrXZq68VnfTtTJ3EObA6cfZvDTmddpVx3jSdyDRORJyQ7Ep8WQzGNANplZPL7mZnPXDuCLzFuId1xoBUDwiWIxGOJ48zCKFLi8xl6YdKPcs+utlvxGCqBsLX+G2z7/OlcxPJFzLIwJsNYg7/43/0CupC7d2NNTG4wnNjpMGOnxH0rrgBWPVgCLScazbmPhmS+X5SaAK8rCURwZgyEDekPcpoqkjXKn/PfBcxn4Ol5Gv3NAAzWoMHSrAcUmf9x1yS5K9H+bUIyFcAU74UttKhYAaYG0VzV48nzqfVDe+V2Nz3OuoJdqPh3EAR0D8FTQ1IeKpvPXQ9K9s1shIc/qyJcLwaFqHnTk4FGxbfwD6XxC0C8C5csEUo6NVEauVVBQvsWIMoIEdpc2x2TsHn9ab5+8t2BZCgWumfr8W/viQ6eBxhc9Zqxhzpp+28DEN5iIjbS1n2SkvmQRWzcCibWdW4+H/JHOaZnauXUX3bt9/9vJs7EYc8rIj1GmhPhVFuBa8WhZbpEkQKnIyQJ7+jfboOclm3d1t6NT8QJD5v5I72aQgQwl1AyQ8Oq8BCSphMdE6rY0OyzV8ZfsXqjbJv++vI=
SearchScopes: HKLM -> DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
SearchScopes: HKLM-x32 -> DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
SearchScopes: HKU\S-1-5-21-2770923-3023555174-645854538-1018 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2770923-3023555174-645854538-1018 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
BHO: No Name -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> No File
FF Homepage: Mozilla\Firefox\Profiles\mxta605x.default -> hxxps://es.search.yahoo.com/yhs/web?hspart=shnl&hsimp=yhs-001&type=c11090332773472957f86f666d7¶m1=Firefox¶m2=1¶m3=campaignID%3D483%26UserID%3D1923471995¶m4=XPbueSzfBeG6K2MlxBpfEBg5afwJRzalH8Aq7yC7BPqR0Eb6lCb+hpT+78qd2IoZ/m25U22CWO1SA0NK08UJWmPsji+whP1wqFVij8OElvYPgUskw8YW6tXz1IvczKmsEeq7M9XXs8+x+NuUhffXEG7iRmIxaU0+Fr20A9XQj/FxHdV6VzrNO4kkv2pks+YZLHN3il0DV0QuyEsK9WnP4uN+JxB9p2gXYhx+ugls2U7lpQ8DyMOvmtAtlkUtdvnUGAPdL5/XoFzLyEdn/OeTveKRYRwKjinQ/Fl8KBYQRd5jHIoX5el2dAqXN3KOZkEKYK0MBXJB0savlYHYaOJx5qxyU3SxZ8+e5sjhWYBXaETm6WTCAbtVQ1mbnyi9LhOpUDBscZFFl5ei520rwf6hiqw8Zi9XrpS/PtoA7AawmVJB5SrjteFRtS5VshxAxEcsoxxF0+e1uZIBy4Xz1vMbbIBQfe92e784Jjh3WP4kkEvuwSR8sa52+8+nZFOHJyy95DH2NEUMt+UOqULUW71GQzeie5xmrmSgRzgug5DkrtiXy/uNkEODjfch5K1exsCHfhGYTwffQmEORzqS5aP9teixxnUGTLctNV1jGa3IdenzUYzmuIkPL/AnKoydNGhNghGeTY9/mt7k/3U/zfFSEvYiInTK9eduDHNhxsuGUkbgi4ya8v5f0qZ0YoCpDuUJjrc4Iuo7ZyUkD2nsj9mz0PL5nGeYuAyZh8CmsU4H8uI=
CHR DefaultSearchURL: Default -> hxxp://selected-search.com/search?q={searchTerms}&
HR HKLM\...\Chrome\Extension: [egenicdiafgbhogabodhpfcbcgnpocip] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-2770923-3023555174-645854538-1018\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [egenicdiafgbhogabodhpfcbcgnpocip] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-2770923-3023555174-645854538-1018\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [egenicdiafgbhogabodhpfcbcgnpocip] - hxxps://clients2.google.com/service/update2/crx
2019-07-19 10:03 - 2019-07-19 10:03 - 000000000 ____D C:\WINDOWS\System32\Tasks\narebol
2019-07-19 10:03 - 2019-07-19 10:03 - 000000000 ____D C:\ProgramData\{67815BBD-4FA9-23C5-17F1-0BEDFF19D335}
2019-07-19 09:56 - 2019-07-19 09:56 - 000323681 _____ C:\Users\PedroAlejandro\AppData\Roaming\Nebuhuri
HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
END
Lo guardas bajo el nombre de fixlist.txt en el escritorio <<< Esto es muy importante.<<
Nota: Es importante que la Hta Frst.exe y fixlist.txt se encuentren en la misma ubicación (escritorio) o si no no trabajara.
-
Y ahora usa esta Faq de Windows ¿Cómo iniciar Windows en Modo Seguro (Aplicable a Windows 10)?, para trabajar desde ese modo de windows. (Usa el Metodo 1 y si no puedes, usa el Metodo 2)
-
Ejecutas Frst.exe.
-
Presionas el botón Fix y aguardas a que termine.
-
La Herramienta guardara el reporte en tu escritorio (Fixlog.txt).
Lo pegas en tu próxima respuesta, comentado como va el problema y ademas estos logs de Malwarebytes y Adwcleamner
Realiza los siguientes pasos, , sin cambiar el orden
1) Descarga, actualiza y ejecuta Malwarebytes’ Anti-Malware,
Manual Malwarebytes, para que sepas usarlo y configurarlo.
- Realiza un Análisis Personalizado,marcando Todas las casillas de la derecha y de la Izquierda actualizando si te lo pide.
- Pulsar en “Eliminar Seleccionados” para enviarlo a la cuarentena y Reinicias el sistema.
- Para acceder posteriormente al informe del análisis : Informes >> Registro de análisis >> Pulsar en >> Exportar >> Copiar al Portapapeles, y lo pegas en tu respuesta
2) Descarga Adwcleaner en el escritorio.
-
Desactiva tu antivirus
Como deshabilitar temporalmente un antivirus y cualquier programa de seguridad. -
Ejecuta Adwcleaner.exe (Si usas Windows Vista/7 u 8 presiona clic derecho y selecciona "Ejecutar como Administrador.")
-
Pulsar en el botón Analizar Ahora, y espera a que se realice el proceso, inmediatamente pulsa sobre el botón Iniciar Reparacion.
-
Espera a que se complete y sigue las instrucciones, si te pidiera Reiniciar el sistema Aceptas.
-
Si no encuentra nada, pulsamos “Omitir Reparación”
-
El log lo encontramos en la pestaña “Informes”, volviendo a abrir el programa, si es necesario o en"C:\AdwCleaner\Logs\AdwCleaner[C0].txt"
Puedes mirar su manual >> Manual de Adwcleaner
3) Descarga Ccleaner
Instalalo y ejecútalo. En la pestaña limpiador dejas como esta configurada predeterminadamente, haces clic en analizar esperas que termine > clic en ejecutar limpiador. Clic en la pestaña Registro > clic en buscar problemas esperas que termine > clic en Reparar Seleccionadas y haces una copia de seguridad.
Pega los reportes de Malwarebytes, AdwCleaner y comentas como va el problema.
texto preformateado precedido por 4 espacios``Malwarebytes
> www.malwarebytes.com
>
> -Detalles del registro-
> Fecha del análisis: 25/7/19
> Hora del análisis: 22:19
> Archivo de registro: 73793066-af19-11e9-9169-b0c0908ea552.json
>
> -Información del software-
> Versión: 3.7.1.2839
> Versión de los componentes: 1.0.538
> Versión del paquete de actualización: 1.0.11720
> Licencia: Gratis
>
> -Información del sistema-
> SO: Windows 10 (Build 18362.239)
> CPU: x64
> Sistema de archivos: NTFS
> Usuario: MY-EQU\u00c3\u008dPO\PedroAlejandro
>
> -Resumen del análisis-
> Tipo de análisis: Análisis personalizado
> Análisis iniciado por:: Manual
> Resultado: Completado
> Objetos analizados: 469523
> Amenazas detectadas: 31
> Amenazas en cuarentena: 30
> Tiempo transcurrido: 1 hr, 12 min, 39 seg
>
> -Opciones de análisis-
> Memoria: Activado
> Inicio: Activado
> Sistema de archivos: Activado
> Archivo: Activado
> Rootkits: Activado
> Heurística: Activado
> PUP: Detectar
> PUM: Detectar
>
> -Detalles del análisis-
> Proceso: 0
> (No hay elementos maliciosos detectados)
>
> Módulo: 0
> (No hay elementos maliciosos detectados)
>
> Clave del registro: 0
> (No hay elementos maliciosos detectados)
>
> Valor del registro: 0
> (No hay elementos maliciosos detectados)
>
> Datos del registro: 0
> (No hay elementos maliciosos detectados)
>
> Secuencia de datos: 0
> (No hay elementos maliciosos detectados)
>
> Carpeta: 0
> (No hay elementos maliciosos detectados)
>
> Archivo: 31
> Generic.Malware/Suspicious, E:\DESCARGAS\AOMEI-7\BAKUP\AOMEI.BACKUPPER.PROFESSIONAL.V4.1.0.FI.UP.LC\EASEUS-RECOVERY\EUSDRW1200\CRACK.RAR, En cuarentena, [0], [392686],1.0.11720
> Generic.Malware/Suspicious, E:\DESCARGAS\CCLEANER\CCPRO BY TOOLXPEAKING\CRACKCCLEANERPRO.ZIP, En cuarentena, [0], [392686],1.0.11720
> Generic.Malware/Suspicious, E:\DESCARGAS\CCLEANER\CCPRO BY TOOLXPEAKING.ZIP, En cuarentena, [0], [392686],1.0.11720
> MachineLearning/Anomalous.100%, E:\DESCARGAS\DRIVERS-ACTUALIZADOR\DRIVEREASY PRO 5.6.2\DRIVER.EASY.PRO. (2018_09_01 05_50_40 UTC).RAR, En cuarentena, [0], [392687],1.0.11720
> MachineLearning/Anomalous.100%, E:\DESCARGAS\DRIVER EASY\DEPRO 5.6.9 [WWW.TECNOTUTOSHD.NET].ZIP, En cuarentena, [0], [392687],1.0.11720
> MachineLearning/Anomalous.100%, E:\DESCARGAS\DRIVERS-ACTUALIZADOR\DRIVEREASY PRO 5.6.2\DRVR5.6 FULL BY SRPC\ACTIVADOR.RAR, En cuarentena, [0], [392687],1.0.11720
> HackTool.FilePatch, E:\DESCARGAS\ULTR VIDE0 CON 5.4.RAR\COMPLETO\1\PATCH.RAR, En cuarentena, [7675], [281135],1.0.11720
> MachineLearning/Anomalous.100%, E:\DESCARGAS\DRIVER EASY\DRIVER EASY PRO 5.6.9 [WWW.TECNOTUTOSHD.NET]\PATCH [WWW.TECNOTUTOSHD.NET].ZIP, En cuarentena, [0], [392687],1.0.11720
> MachineLearning/Anomalous.100%, E:\DESCARGAS\DRIVERS-ACTUALIZADOR\DRIVEREASY PRO 5.6.2\DRVR5.6 FULL BY SRPC\ACTIVADOR (2).RAR, En cuarentena, [0], [392687],1.0.11720
> MachineLearning/Anomalous.100%, E:\DESCARGAS\DRIVERS-ACTUALIZADOR\DRIVEREASY PRO 5.6.2\DEPRO 5.6.4 [WWW.TECNOTUTOSHD.NET].ZIP, En cuarentena, [0], [392687],1.0.11720
> HackTool.FilePatch, E:\DESCARGAS\ULTR VIDE0 CON 5.4.RAR\COMPLETO\1.RAR, En cuarentena, [7675], [281135],1.0.11720
> Generic.Malware/Suspicious, E:\DESCARGAS\UNLOCKER1.9.0-PORTABLE\CCLEANER.PROFESSIONAL.PLUS.2017.BYINFORMACIONLIBRE\APP\DEFAULTDATA\CCLEANER\5.51.6939-PVP\KEYMAKER-CORE.RAR, En cuarentena, [0], [392686],1.0.11720
> Generic.Malware/Suspicious, E:\DESCARGAS\UNLOCKER\HDD.LOW.LEVEL.FORMAT.TOOL.4.40.WITH.PORTABLE.INCL.KEYGEN-TPORT\HDD.LOW.LEVEL.FORMAT.TOOL.4.40.INCL.KEYGEN-TPORT\HDD.LOW.LEVEL.FORMAT.TOOL.4.25.KEYGEN.TPORT.ZIP, En cuarentena, [0], [392686],1.0.11720
> Generic.Malware/Suspicious, E:\DESCARGAS\VIDEOCONVERTE\10.0.0.42-PVP\10.0.0.42\WVCU.10.0.0.42.PATCH (2018_09_01 05_50_40 UTC).ZIP, En cuarentena, [0], [392686],1.0.11720
> HackTool.FilePatch, E:\DESCARGAS\NITRO PRO PDF\NITRO PRO 11 64\WWW.TECNOTUTOSHD.NET\NITRO PRO ENTERPRISE 12 (X64) [WWW.TECNOTUTOSHD.NET]\NITRO_PRO_12_64BITS_PC R&S SOLUTION\CRACK_X64.RAR, En cuarentena, [7675], [281135],1.0.11720
> RiskWare.Agent.Keygen, E:\DESCARGAS\NITRO PRO PDF\NITRO PRO 11 64\ACTIVACION (2018_09_01 05_50_40 UTC).RAR, Error durante la eliminación, [8013], [331566],1.0.11720
> MachineLearning/Anomalous.94%, E:\DESCARGAS\COMPRESSED\AOMEI\49191171C9EF2117D7A0E2A0901147C5.RAR, En cuarentena, [0], [392687],1.0.11720
> HackTool.FilePatch, E:\DESCARGAS\REVO-UNISTALLER\RUPRO 4\PATCH [ACTIVADOR].ZIP, En cuarentena, [7675], [281135],1.0.11720
> HackTool.FilePatch, E:\DESCARGAS\REVO-UNISTALLER\RUPRO 4.ZIP, En cuarentena, [7675], [281135],1.0.11720
> RiskWare.Patcher, E:\DESCARGAS\IDM\IDM 6.31 BUILD 2 [WWW.TECNOTUTOSHD.NET]\PATCH.ZIP, En cuarentena, [7829], [573887],1.0.11720
> RiskWare.Patcher, E:\DESCARGAS\IDM\INTERNET DOWNLOAD MANAGER 6.31 BUILD 9 [WWW.TECNOTUTOSHD.NET]\PATCH [WWW.TECNOTUTOSHD.NET].ZIP, En cuarentena, [7829], [573887],1.0.11720
> HackTool.Patcher, E:\DESCARGAS\IDM\IDM 6.31 B3 [WWW.TECNOTUTOSHD.NET].ZIP, En cuarentena, [7698], [524716],1.0.11720
> Generic.Malware/Suspicious, E:\DESCARGAS\IDM\IDM-MAYO-19\IDM 6.33 BUILD 1.ZIP, En cuarentena, [0], [392686],1.0.11720
> RiskWare.Patcher, E:\DESCARGAS\IDM\IDM 6.31 B9 [WWW.TECNOTUTOSHD.NET].ZIP, En cuarentena, [7829], [573887],1.0.11720
> RiskWare.Patcher, E:\DESCARGAS\IDM\IDM 6.31 B3 [WWW.TECNOTUTOSHD.NET]\IDM-6.31.7\CRACKNEW FILES(9-29-2O18) [I-F-M-D] FULL\IDM 6.31 BUILD 8 MULTILINGUAL + CRACK\PATCH\PATCH.RAR, En cuarentena, [7829], [573887],1.0.11720
> HackTool.FilePatch, E:\DESCARGAS\IDM\INTERNET DOWNLOAD MANAGER 6.31 BUILD 9.ZIP, En cuarentena, [7675], [281135],1.0.11720
> Generic.Malware/Suspicious, E:\DESCARGAS\IDM\IDM-32-BUILD1\INTERNET.DOWNLOAD.MANAGER.V6.32.1.ZIP, En cuarentena, [0], [392686],1.0.11720
> HackTool.Patcher, E:\DESCARGAS\IDM\IDM 6.31 B3 [WWW.TECNOTUTOSHD.NET]\PATCH.ZIP, En cuarentena, [7698], [524716],1.0.11720
> HackTool.Agent.UPX, E:\ESCRITORIO\UñAS\CRACKNEW FILES(03.20-2O19) [IBMDF] FULL\IDM 6.32 BUILD 8 MULTILINGUAL + CRACK\CRACK\PATCH\PATCH.13.THEHIDDEN2000.RAR, En cuarentena, [8568], [651975],1.0.11720
> HackTool.Agent.UPX, E:\ESCRITORIO\UñAS\CRACKNEW FILES(03.20-2O19) [IBMDF] FULL\IDM 6.32 BUILD 8 MULTILINGUAL + CRACK\CRACK\PATCH 2\PATCH.RAR, En cuarentena, [8568], [651975],1.0.11720
> RiskWare.Crack, E:\ESCRITORIO\UñAS\CRACKNEW FILES(03.20-2O19) [IBMDF] FULL\IDM 6.32 BUILD 8 MULTILINGUAL + CRACK\CRACK\PATCH\IDM_6.3X_CRACK_V16.5.ZIP, En cuarentena, [8786], [686650],1.0.11720
>
> Sector físico: 0
> (No hay elementos maliciosos detectados)
>
> WMI: 0
> (No hay elementos maliciosos detectados)
>
>
> (end)texto preformateado precedido por 4 espacios # -------------------------------
Malwarebytes AdwCleaner 7.4.0.0
# -------------------------------
# Build: 07-23-2019
# Database: 2019-07-22.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 07-26-2019
# Duration: 00:00:11
# OS: Windows 10 Pro
# Scanned: 35810
# Detected: 1
***** [ Services ] *****
No malicious services found.
***** [ Folders ] *****
No malicious folders found.
***** [ Files ] *****
No malicious files found.
***** [ DLL ] *****
No malicious DLLs found.
***** [ WMI ] *****
No malicious WMI found.
***** [ Shortcuts ] *****
No malicious shortcuts found.
***** [ Tasks ] *****
No malicious tasks found.
***** [ Registry ] *****
PUP.Optional.Segurazo HKLM\System\CurrentControlSet\Services\EventLog\Application\SegurazoSvc
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries found.
***** [ Chromium URLs ] *****
No malicious Chromium URLs found.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries found.
***** [ Firefox URLs ] *****
No malicious Firefox URLs found.
***** [ Preinstalled Software ] *****
No Preinstalled Software found.
AdwCleaner[S00].txt - [1469 octets] - [18/07/2019 09:50:41]
AdwCleaner[C00].txt - [1617 octets] - [18/07/2019 09:51:19]
AdwCleaner[S01].txt - [1600 octets] - [19/07/2019 23:18:51]
AdwCleaner[C01].txt - [1748 octets] - [19/07/2019 23:19:22]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S02].txt ##########Falta el fixlog.txt y comentar como va todo
texto preformateado precedido por 4 espacios el resultado creo que esta marchando bien el pc creo que al limpiar todo lo que encontré ya quedo solucionado , muchas gracias, espero tus recomendacones si falta hacer algna otra cosa
.Fix result of Farbar Recovery Scan Tool (x64) Version: 15-07-2019 01
Ran by PedroAlejandro (25-07-2019 22:04:12) Run:1
Running from E:\Escritorio
Loaded Profiles: PedroAlejandro (Available Profiles: PedroAlejandro)
Boot Mode: Safe Mode (minimal)
==============================================
fixlist content:
*****************
Start
CreateRestorePoint:
CloseProcesses:
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => -> No File
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => -> No File
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> No File
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ShortcutWithArgument: C:\Users\PedroAlejandro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\Escritorio Remoto de Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=gbchcmhmhahfdphkhkmpfmihenigjmpp
AlternateDataStreams: C:\Windows:nlsPreferences [386]
AlternateDataStreams: C:\ProgramData\TEMP:1CE11B51 [306]
HKU\S-1-5-21-2770923-3023555174-645854538-1018\...\Run: [AdobeBridge] => [X]
GroupPolicy: Restriction ? <==== ATTENTION
GroupPolicy\User: Restriction ? <==== ATTENTION
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://es.search.yahoo.com/yhs/web?hspart=shnl&hsimp=yhs-001&type=c11090332773472957f86f666d7¶m1=IE¶m2=1¶m3=campaignID%3D483%26UserID%3D1923471995¶m4=XPbueSzfBeG6K2MlxBpfELmmgzh8mOsLvk1mNxKnkuDmY5TaGYz/cBpL7OrVcsdhhtKKHDmClfn/Q+KngKSbl0tIuXh83+jXb8fb73wv0nAzjTOLfpp4OTPVEcXhyUYq80F3ys5apKXe9nudGbDur4zgrXZq68VnfTtTJ3EObA6cfZvDTmddpVx3jSdyDRORJyQ7Ep8WQzGNANplZPL7mZnPXDuCLzFuId1xoBUDwiWIxGOJ48zCKFLi8xl6YdKPcs+utlvxGCqBsLX+G2z7/OlcxPJFzLIwJsNYg7/43/0CupC7d2NNTG4wnNjpMGOnxH0rrgBWPVgCLScazbmPhmS+X5SaAK8rCURwZgyEDekPcpoqkjXKn/PfBcxn4Ol5Gv3NAAzWoMHSrAcUmf9x1yS5K9H+bUIyFcAU74UttKhYAaYG0VzV48nzqfVDe+V2Nz3OuoJdqPh3EAR0D8FTQ1IeKpvPXQ9K9s1shIc/qyJcLwaFqHnTk4FGxbfwD6XxC0C8C5csEUo6NVEauVVBQvsWIMoIEdpc2x2TsHn9ab5+8t2BZCgWumfr8W/viQ6eBxhc9Zqxhzpp+28DEN5iIjbS1n2SkvmQRWzcCibWdW4+H/JHOaZnauXUX3bt9/9vJs7EYc8rIj1GmhPhVFuBa8WhZbpEkQKnIyQJ7+jfboOclm3d1t6NT8QJD5v5I72aQgQwl1AyQ8Oq8BCSphMdE6rY0OyzV8ZfsXqjbJv++vI=
SearchScopes: HKLM -> DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
SearchScopes: HKLM-x32 -> DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
SearchScopes: HKU\S-1-5-21-2770923-3023555174-645854538-1018 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2770923-3023555174-645854538-1018 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
BHO: No Name -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> No File
FF Homepage: Mozilla\Firefox\Profiles\mxta605x.default -> hxxps://es.search.yahoo.com/yhs/web?hspart=shnl&hsimp=yhs-001&type=c11090332773472957f86f666d7¶m1=Firefox¶m2=1¶m3=campaignID%3D483%26UserID%3D1923471995¶m4=XPbueSzfBeG6K2MlxBpfEBg5afwJRzalH8Aq7yC7BPqR0Eb6lCb+hpT+78qd2IoZ/m25U22CWO1SA0NK08UJWmPsji+whP1wqFVij8OElvYPgUskw8YW6tXz1IvczKmsEeq7M9XXs8+x+NuUhffXEG7iRmIxaU0+Fr20A9XQj/FxHdV6VzrNO4kkv2pks+YZLHN3il0DV0QuyEsK9WnP4uN+JxB9p2gXYhx+ugls2U7lpQ8DyMOvmtAtlkUtdvnUGAPdL5/XoFzLyEdn/OeTveKRYRwKjinQ/Fl8KBYQRd5jHIoX5el2dAqXN3KOZkEKYK0MBXJB0savlYHYaOJx5qxyU3SxZ8+e5sjhWYBXaETm6WTCAbtVQ1mbnyi9LhOpUDBscZFFl5ei520rwf6hiqw8Zi9XrpS/PtoA7AawmVJB5SrjteFRtS5VshxAxEcsoxxF0+e1uZIBy4Xz1vMbbIBQfe92e784Jjh3WP4kkEvuwSR8sa52+8+nZFOHJyy95DH2NEUMt+UOqULUW71GQzeie5xmrmSgRzgug5DkrtiXy/uNkEODjfch5K1exsCHfhGYTwffQmEORzqS5aP9teixxnUGTLctNV1jGa3IdenzUYzmuIkPL/AnKoydNGhNghGeTY9/mt7k/3U/zfFSEvYiInTK9eduDHNhxsuGUkbgi4ya8v5f0qZ0YoCpDuUJjrc4Iuo7ZyUkD2nsj9mz0PL5nGeYuAyZh8CmsU4H8uI=
CHR DefaultSearchURL: Default -> hxxp://selected-search.com/search?q={searchTerms}&
HR HKLM\...\Chrome\Extension: [egenicdiafgbhogabodhpfcbcgnpocip] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-2770923-3023555174-645854538-1018\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [egenicdiafgbhogabodhpfcbcgnpocip] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-2770923-3023555174-645854538-1018\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [egenicdiafgbhogabodhpfcbcgnpocip] - hxxps://clients2.google.com/service/update2/crx
2019-07-19 10:03 - 2019-07-19 10:03 - 000000000 ____D C:\WINDOWS\System32\Tasks\narebol
2019-07-19 10:03 - 2019-07-19 10:03 - 000000000 ____D C:\ProgramData\{67815BBD-4FA9-23C5-17F1-0BEDFF19D335}
2019-07-19 09:56 - 2019-07-19 09:56 - 000323681 _____ C:\Users\PedroAlejandro\AppData\Roaming\Nebuhuri
HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
END
*****************
Error: Restore point can only be created in normal mode.
Processes closed successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00asw => removed successfully
HKLM\Software\Classes\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => not found
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ MEGA (Pending) => invalid subkey removed.
HKLM\Software\Wow6432Node\Classes\CLSID\{056D528D-CE28-4194-9BA3-BA2E9197FF8C} => not found
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ MEGA (Synced) => invalid subkey removed.
HKLM\Software\Wow6432Node\Classes\CLSID\{05B38830-F4E9-4329-978B-1DD28605D202} => not found
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ MEGA (Syncing) => invalid subkey removed.
HKLM\Software\Wow6432Node\Classes\CLSID\{0596C850-7BDD-4C9D-AFDF-873BE6890637} => not found
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\7-Zip => removed successfully
HKLM\Software\Classes\CLSID\{23170F69-40C1-278A-1000-000100020000} => not found
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\ANotepad++64 => removed successfully
HKLM\Software\Classes\CLSID\{B298D29A-A6ED-11DE-BA8C-A68E55D89593} => not found
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\BriefcaseMenu => removed successfully
"HKLM\Software\Classes\CLSID\{85BBD920-42A0-1069-A2E4-08002B30309D}" => removed successfully
HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\MEGA (Context menu) => removed successfully
HKLM\Software\Classes\CLSID\{0229E5E7-09E9-45CF-9228-0228EC7D5F17} => not found
HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\{4A7C4306-57E0-4C0C-83A9-78C1528F618C} => removed successfully
HKLM\Software\Classes\CLSID\{4A7C4306-57E0-4C0C-83A9-78C1528F618C} => not found
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\7-Zip => removed successfully
HKLM\Software\Classes\CLSID\{23170F69-40C1-278A-1000-000100020000} => not found
C:\Users\PedroAlejandro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\Escritorio Remoto de Chrome.lnk => Shortcut argument removed successfully
C:\Windows => ":nlsPreferences" ADS removed successfully
C:\ProgramData\TEMP => ":1CE11B51" ADS removed successfully
"HKU\S-1-5-21-2770923-3023555174-645854538-1018\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeBridge" => removed successfully
C:\WINDOWS\system32\GroupPolicy\Machine => moved successfully
C:\WINDOWS\system32\GroupPolicy\GPT.ini => moved successfully
C:\WINDOWS\SysWOW64\GroupPolicy\GPT.ini => moved successfully
C:\WINDOWS\system32\GroupPolicy\User => moved successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
HKU\S-1-5-21-2770923-3023555174-645854538-1018\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => removed successfully
HKLM\Software\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => not found
HKU\S-1-5-21-2770923-3023555174-645854538-1018\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} => removed successfully
HKLM\Software\Classes\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} => not found
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA} => removed successfully
HKLM\Software\Classes\CLSID\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA} => not found
"Firefox homepage" => removed successfully
"Chrome DefaultSearchURL" => removed successfully
HR HKLM\...\Chrome\Extension: [egenicdiafgbhogabodhpfcbcgnpocip] - hxxps://clients2.google.com/service/update2/crx => Error: No automatic fix found for this entry.
HKU\S-1-5-21-2770923-3023555174-645854538-1018\SOFTWARE\Google\Chrome\Extensions\egenicdiafgbhogabodhpfcbcgnpocip => removed successfully
HKU\S-1-5-21-2770923-3023555174-645854538-1018\SOFTWARE\Google\Chrome\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh => removed successfully
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\egenicdiafgbhogabodhpfcbcgnpocip => removed successfully
C:\WINDOWS\System32\Tasks\narebol => moved successfully
C:\ProgramData\{67815BBD-4FA9-23C5-17F1-0BEDFF19D335} => moved successfully
C:\Users\PedroAlejandro\AppData\Roaming\Nebuhuri => moved successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
========= RemoveProxy: =========
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer => removed successfully
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully
"HKU\S-1-5-21-2770923-3023555174-645854538-1018\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\S-1-5-21-2770923-3023555174-645854538-1018\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully
========= End of RemoveProxy: =========
========= netsh winsock reset =========
El cat logo Winsock se restableci¢ correctamente.
Debe reiniciar el equipo para completar el restablecimiento.
========= End of CMD: =========
========= ipconfig /renew =========
Configuraci¢n IP de Windows
========= End of CMD: =========
========= ipconfig /flushdns =========
Configuraci¢n IP de Windows
Se vaci¢ correctamente la cach‚ de resoluci¢n de DNS.
========= End of CMD: =========
========= bitsadmin /reset /allusers =========
BITSADMIN version 3.0
BITS administration utility.
(C) Copyright Microsoft Corp.
Unable to connect to BITS - 0x8007043c
El servicio no puede iniciarse en modo a prueba de errores
========= End of CMD: =========
========= netsh advfirewall reset =========
Error al intentar ponerse en contacto con el servicio Firewall de Windows Defender. Aseg£rate de que el servicio se est ejecutando e intenta la solicitud de nuevo.
========= End of CMD: =========
========= netsh advfirewall set allprofiles state ON =========
Error al intentar ponerse en contacto con el servicio Firewall de Windows Defender. Aseg£rate de que el servicio se est ejecutando e intenta la solicitud de nuevo.
========= End of CMD: =========
========= netsh int ipv4 reset =========
No hay valores configurados por el usuario para restablecer.
========= End of CMD: =========
========= netsh int ipv6 reset =========
No hay valores configurados por el usuario para restablecer.
========= End of CMD: =========
=========== EmptyTemp: ==========
BITS transfer queue => 10772480 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 44743266 B
Java, Flash, Steam htmlcache => 1154 B
Windows/system/drivers => 1485829 B
Edge => 9292844 B
Chrome => 304425239 B
Firefox => 33534207 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
LocalService => 0 B
NetworkService => 7750 B
NetworkService => 0 B
PedroAlejandro => 225363296 B
RecycleBin => 0 B
EmptyTemp: => 600.5 MB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 22:05:08 ====creo que esta funcionando bie el equipo, al eliminar todo lo que encontre veo que esta funcionando bien , si no tienes ninguna recomendacion mas y alguna otra accion que hacer al equipo, te agreadesco y si no hay nada mas que hacer me doy por sastifecho.
Recuerda que el uso y descarga de Keygesn y Craks para piratear programas , es una entrada de malware constante
Para eliminar las herramientas usadas en la desinfección, realizas:
-
Descargas y Ejecutas >> Delfix, en tu escritorio.
-
Doble clic para ejecutarlo.(Si usas Windows Vista/7 /8 /10,presiona clic derecho y selecciona >>;Ejecutar como Administrador.)
-
Marca solamente la casilla Remove disinfection tools
-
Pulsar en Run.
Se abrirá el informe (DelFix.txt), guárdalo por si fuera necesario y cierra la herramienta.
Si queda alguna herramienta, la desinstalas desde panel de Windows y aquellas que no estén listadas, se eliminan directamente.
Me alegro de haberte podido ayudar! 
TEMA SOLUCIONADO
Este tema se cerró automáticamente 2 días después del último post. No se permiten nuevas respuestas.