Mi pc se ha vuelto completamente loco


#1

yo no se si es que le ha pegado un virazus al ordenador o que se ha quedado medio tonto de una ostia (lo dudo), pero lleva 2 días que le pasan principalmente 2 cosas:

  • La tecla del guión (-) no funciona, la presionas y no sale nada, en cambio si pulso teclas como la m, la a, la v, la c (no todas, solo algunas) después de pulsarla empieza a escribir una retahíla de guiones que no para hasta que pulso cualquier tecla que no trigeree otra vez el bucle de los guiones. Es MUY molesto.

  • Si abro cualquier programa después de que lleve encendido 15 - 20 min, el programa aparece solo con las imágenes que tiene incorporadas pero NADA de texto. En algunos programas pasa, y en otros no. Y en algunos programas que pasa a veces no pasa y en los que no pasa a veces pasa. Es todo muy muy raro.

La unica info que puedo daros es que hay un proceso llamado runtime broker que si lo mato no reaparece hasta que no tecleo. En cuanto pulso una tecla, sale de nuevo ese proceso.

He probado a restaurar el pc- guardando archivos y borrandolos tambien. Borrandolos fue bien unas horas y luego volvio a ir mal.

Llevo ya 5 días sin pc por esto, alguien podría darme algun consejo?


#2

Buenas @juan_manuel_altadill bienvenido al Foro.

Para revisar tu máquina, sigue estos pasos, en el orden indicado y leyendo todo lo explicado. :+1:

:one: Desactiva temporalmente el Antivirus :arrow_forward: Cómo deshabilitar temporalmente su Antivirus, mientras estemos realizando TODOS los pasos.

Vamos a descargar en TU ESCRITORIO(y NO en otro lugar :face_with_monocle:) todas las herramientas que vamos a utilizar en este procedimiento (pero no las ejecutes todavía) :


:two: Ejecutas las herramientas de una en una y en el orden indicado :



CCleaner.-

  • Instalas y Ejecutas CCleaner siguiendo los pasos indicados en el manual.

  • Úsalo primero en su opción de Limpiador para borrar cookies, temporales de Internet y todos los archivos que te muestre como obsoletos.

  • Después usa su opción de Registro para limpiar todo el registro de Windows(haciendo copia de seguridad).

Malwarebytes.-

  • Instalas y Ejecutas MBAM siguiendo los pasos indicados en el manual.

  • Realiza un Análisis Completo. :white_check_mark:

  • Seleccionando TODOS a Cuarentena para enviarlo a la cuarentena y Reinicias el sistema.

  • En el apartado del manual :arrow_forward:Historial :arrow_backward: encontrarás el informe del MBAM, que debes copiar y pegar en tu próxima respuesta, para analizarlo.

AdwCleaner.-

  • Ejecuta Adwcleaner.exe.

  • Pulsamos en el botón Analizar ahora, y espera a que se realice el proceso, inmediatamente pulsa siempre sobre el botón Iniciar Reparación.

  • Espera a que se complete y sigue las instrucciones, si te pidiera Reiniciar el sistema Aceptas.

  • El log/informe lo encontramos en la pestaña “Informes”, volviendo a abrir el programa si fuese necesario, para poder copiarlo y pegarlo en tu próxima respuesta.

  • El informe también se puede encontrar en C:\AdwCleaner\Logs\AdwCleaner[C00].txt

Junkware Removal Tool.-

  • Ejecuta JRT.exe.

  • Y pulsar cualquier tecla para continuar, esperar pacientemente a que termine el proceso.

  • Si en algún momento te pide Reiniciar hazlo.

  • Al finalizar, un registro/informe (JRT.txt) se guardara en el escritorio y se abrirá automáticamente.

  • Copia y pega el contenido de JRT.txt en tu próxima respuesta.

Farbar Recovery Scan Tool.-

  • Ejecuta FRST.exe.

  • En el mensaje de la ventana del Disclaimer, pulsamos Yes

  • En la ventana principal pulsamos en el botón Scan y esperamos a que concluya el proceso.

  • Se abrirán dos(2) archivos(Logs), Frst.txt y Addition.txt, estos quedaran grabados en el escritorio.

:three: Poner los informes en tu próxima respuesta de :

  • Malwarebytes, AdwCleaner, JRT, FRST + Addition.txt, y en ese orden. :+1:

Debes copiarlos y pegarlos con todo su contenido y usaras varios mensajes si recibes un mensaje de error indicando que es muy largo(mas de 50.000 caracteres aprox.).

Y nos cuentas como funciona tu equipo en relación al problema planteado. :face_with_monocle:

Saludos Javier.


#3

Antes de nada, decir que me he dado cuenta de que cuando ejecuto algun analisis en un antivirus, el virus se detiene durante unas horas y luego vuelve a dar el mismo problema.

Malwarebytes


-Detalles del registro-
Fecha del análisis: 9/1/19
Hora del análisis: 23:36
Archivo de registro: 0eb434b4-145f-11e9-b0ae-74dfbfcdc9ac.json

-Información del software-
Versión: 3.6.1.2711
Versión de los componentes: 1.0.508
Versión del paquete de actualización: 1.0.8704
Licencia: Prueba

-Información del sistema-
SO: Windows 10 (Build 17134.472)
CPU: x64
Sistema de archivos: NTFS
Usuario: DESKTOP-5CB2S37\juanm

-Resumen del análisis-
Tipo de análisis: Análisis de amenazas
Análisis iniciado por:: Manual
Resultado: Completado
Objetos analizados: 280513
Amenazas detectadas: 0
Amenazas en cuarentena: 0
Tiempo transcurrido: 12 min, 13 seg

-Opciones de análisis-
Memoria: Activado
Inicio: Activado
Sistema de archivos: Activado
Archivo: Activado
Rootkits: Activado
Heurística: Activado
PUP: Detectar
PUM: Detectar

-Detalles del análisis-
Proceso: 0
(No hay elementos maliciosos detectados)

Módulo: 0
(No hay elementos maliciosos detectados)

Clave del registro: 0
(No hay elementos maliciosos detectados)

Valor del registro: 0
(No hay elementos maliciosos detectados)

Datos del registro: 0
(No hay elementos maliciosos detectados)

Secuencia de datos: 0
(No hay elementos maliciosos detectados)

Carpeta: 0
(No hay elementos maliciosos detectados)

Archivo: 0
(No hay elementos maliciosos detectados)

Sector físico: 0
(No hay elementos maliciosos detectados)

WMI: 0
(No hay elementos maliciosos detectados)


(end) 

ADWcleaner

# -------------------------------
# Malwarebytes AdwCleaner 7.2.6.0
# -------------------------------
# Build:    12-18-2018
# Database: 2019-01-07.1 (Cloud)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start:    01-09-2019
# Duration: 00:00:13
# OS:       Windows 10 Home
# Scanned:  32250
# Detected: 0


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.


AdwCleaner[S00].txt - [1250 octets] - [06/01/2019 16:40:22]
AdwCleaner[C00].txt - [1436 octets] - [06/01/2019 16:41:03]
AdwCleaner[S01].txt - [1372 octets] - [07/01/2019 06:06:51]
AdwCleaner[C01].txt - [1558 octets] - [07/01/2019 06:07:46]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S02].txt ##########

JRT

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.4 (07.09.2017)
Operating System: Windows 10 Home x64 
Ran by juanm (Administrator) on mi‚. 09/01/2019 at 23:57:38,63
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 0 




Registry: 3 

Successfully deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EC1E29BB-F56A-45D8-B023-D3EF710FA0E0} (Registry Key)
Successfully deleted: HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EC1E29BB-F56A-45D8-B023-D3EF710FA0E0} (Registry Key)
Successfully deleted: HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{C500C267-63BF-451F-8797-4D720C9A2ED9} (Registry Value) 




~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on jue. 10/01/2019 at  0:04:39,37
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

#4

FRST


Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 09.01.2019 01
Ran by juanm (administrator) on DESKTOP-5CB2S37 (10-01-2019 00:07:46)
Running from C:\Users\juanm\Desktop
Loaded Profiles: juanm (Available Profiles: juanm)
Platform: Windows 10 Home Version 1803 17134.472 (X64) Language: Español (España, internacional)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() C:\Program Files (x86)\FarStone\TotalRecovery Pro\EFB\FBAgent.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_463164d40c3d26ce\igfxCUIService.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(Realtek Semiconductor Corp.) C:\Program Files (x86)\Realtek\Realtek Bluetooth Filter ONLY\BTDevMgr.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(ICEpower) C:\Windows\System32\ICEsoundService64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
() C:\Program Files\AVAST Software\SecureLine\vpnsvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
() C:\Program Files (x86)\FarStone\TotalRecovery Pro\EFB\DCNTranProc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.36.52.0_x64__kzf8qxf38zg5c\SkypeApp.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.36.52.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
(Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.23\GoogleCrashHandler.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 3.0\ksde.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.23\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Program Files\rempl\sedsvc.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1812.3-0\MsMpEng.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1812.3-0\NisSrv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
(Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 3.0\ksdeui.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18112.17430.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11810.1001.12.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Farbar) C:\Users\juanm\Desktop\FRST64 (1).exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Corporation)
HKLM-x32\...\Run: [WebStorage] => C:\Program Files (x86)\ASUS\WebStorage\2.2.6.547\ASUSWSLoader.exe [63272 2015-12-24] ()
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [261512 2019-01-05] (AVAST Software)
HKU\S-1-5-21-3064313884-3264504614-223766655-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3133216 2019-01-05] (Valve Corporation)
HKU\S-1-5-21-3064313884-3264504614-223766655-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [19589208 2018-12-10] (Piriform Software Ltd)
HKU\S-1-5-21-3064313884-3264504614-223766655-1001\...\RunOnce: [Application Restart #2] => C:\Program Files (x86)\ASUS\Giftbox\Asusgiftbox.exe [1049608 2017-07-03] (ASUSTek Computer Inc)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\Installer\chrmstp.exe [2019-01-05] (Google Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\avast! SecureLine.lnk [2016-07-14]
ShortcutTarget: avast! SecureLine.lnk -> C:\Program Files\AVAST Software\SecureLine\SecureLine.exe (AVAST Software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{002e6ef1-c204-4eca-a95a-47515b3ee83e}: [DhcpNameServer] 10.66.40.1
Tcpip\..\Interfaces\{20cdb2b5-5f92-4f64-9212-b640e247a17a}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKU\S-1-5-21-3064313884-3264504614-223766655-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus15.msn.com/?pc=ASTE
HKU\S-1-5-21-3064313884-3264504614-223766655-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus15.msn.com/?pc=ASTE
BHO: Kaspersky Protection -> {EC1E29BB-F56A-45D8-B023-D3EF710FA0E0} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\x64\IEExt\ie_plugin.dll [2019-01-06] (AO Kaspersky Lab)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2016-07-14] (Microsoft Corporation)
BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2015-09-03] (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL [2016-07-14] (Microsoft Corporation)
Toolbar: HKLM - Kaspersky Protection Toolbar - {C500C267-63BF-451F-8797-4D720C9A2ED9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\x64\IEExt\ie_plugin.dll [2019-01-06] (AO Kaspersky Lab)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-07-14] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2016-07-14] (Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-07-14] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2016-07-14] (Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-07-14] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2016-07-14] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-07-14] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2016-07-14] (Microsoft Corporation)

FireFox:
========
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\FFExt\light_plugin_firefox\addon.xpi
FF Extension: (Kaspersky Protection) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\FFExt\light_plugin_firefox\addon.xpi [2019-01-06]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\FFExt\light_plugin_firefox\addon.xpi
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-07-14] (Microsoft Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2015-07-10] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2015-07-10] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2015-07-10] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2015-07-10] (Foxit Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2016-07-14] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2019-01-05] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2019-01-05] (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2015-12-22] ()

Chrome: 
=======
CHR Profile: C:\Users\juanm\AppData\Local\Google\Chrome\User Data\Default [2019-01-10]
CHR Extension: (Presentaciones) - C:\Users\juanm\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-01-05]
CHR Extension: (Kaspersky Protection) - C:\Users\juanm\AppData\Local\Google\Chrome\User Data\Default\Extensions\amkpcclbbgegoafihnpgomddadjhcadd [2019-01-09]
CHR Extension: (Documentos) - C:\Users\juanm\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-01-05]
CHR Extension: (Google Drive) - C:\Users\juanm\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-01-05]
CHR Extension: (YouTube) - C:\Users\juanm\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-01-05]
CHR Extension: (Hojas de cálculo) - C:\Users\juanm\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-01-05]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\juanm\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-01-06]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\juanm\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-01-05]
CHR Extension: (Gmail) - C:\Users\juanm\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-01-05]
CHR Extension: (Chrome Media Router) - C:\Users\juanm\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-01-05]
CHR HKLM\...\Chrome\Extension: [amkpcclbbgegoafihnpgomddadjhcadd] - hxxps://chrome.google.com/webstore/detail/amkpcclbbgegoafihnpgomddadjhcadd
CHR HKLM-x32\...\Chrome\Extension: [amkpcclbbgegoafihnpgomddadjhcadd] - hxxps://chrome.google.com/webstore/detail/amkpcclbbgegoafihnpgomddadjhcadd

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage\2.2.6.547\AsusWSWinService.exe [75264 2015-12-24] (ASUS Cloud Corporation) [File not signed]
S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [7834368 2019-01-05] (AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [357816 2019-01-05] (AVAST Software)
S3 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [57504 2019-01-05] (AVAST Software)
R2 BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth Filter ONLY\BTDevMgr.exe [125144 2016-02-15] (Realtek Semiconductor Corp.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2912496 2016-03-06] (Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2019-01-05] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2019-01-05] (Dropbox, Inc.)
S3 DevActSvc; C:\Program Files (x86)\ASUS\ASUS Device Activation\DevActSvc.exe [326032 2018-06-05] ()
R2 esifsvc; C:\Windows\system32\Intel\DPTF\esif_uf.exe [2208888 2017-03-22] (Intel Corporation)
R2 FBAgent; C:\Program Files (x86)\FarStone\TotalRecovery Pro\EFB\FBAgent.exe [73032 2014-08-13] ()
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [349728 2015-12-22] (WildTangent)
R2 ICEsoundService; C:\Windows\system32\ICEsoundService64.exe [799656 2018-08-16] (ICEpower)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [974632 2016-02-19] (Intel(R) Corporation)
R3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335360 2016-03-18] (Intel Corporation) [File not signed]
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [8704 2016-03-18] (Intel Corporation) [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [209184 2016-05-09] (Intel Corporation)
S2 Kingsoft_WPS_UpdateService; C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.5247\wtoolex\wpsupdatesvr.exe [133480 2016-03-28] (Zhuhai Kingsoft Office Software Co.,Ltd)
R2 KSDE3.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 3.0\ksde.exe [617016 2018-02-28] (AO Kaspersky Lab)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6347056 2018-09-19] (Malwarebytes)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [787336 2018-12-06] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [787336 2018-12-06] (NVIDIA Corporation)
R2 RtkBtManServ; C:\Windows\RtkBtManServ.exe [293344 2017-07-12] (Realtek Semiconductor Corp.)
R2 SecureLine; C:\Program Files\AVAST Software\SecureLine\VpnSvc.exe [592392 2019-01-05] ()
S4 ssh-agent; C:\Windows\System32\OpenSSH\ssh-agent.exe [495616 2018-03-10] ()
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5495056 2015-06-17] (TeamViewer GmbH)
R2 Tran_Process_Proc; C:\Program Files (x86)\FarStone\TotalRecovery Pro\EFB\DCNTranProc.exe [71024 2014-03-25] ()
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\NisSrv.exe [3880120 2019-01-09] (Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\MsMpEng.exe [114208 2019-01-09] (Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000 
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AsusPTPDrv; C:\Windows\System32\drivers\AsusPTPFilter.sys [94712 2016-04-01] (ASUS Corporation)
R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [37304 2019-01-05] (AVAST Software)
S3 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [203488 2019-01-05] (AVAST Software)
S3 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [220688 2019-01-05] (AVAST Software)
S3 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [196264 2019-01-05] (AVAST Software)
S3 aswblog; C:\Windows\System32\drivers\aswblog.sys [320888 2019-01-05] (AVAST Software)
S3 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [58160 2019-01-05] (AVAST Software)
R0 aswElam; C:\Windows\System32\drivers\aswElam.sys [15488 2019-01-05] (AVAST Software)
R1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [239808 2019-01-05] (AVAST Software)
R3 aswHwid; C:\Windows\System32\drivers\aswHwid.sys [46584 2019-01-05] (AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [42488 2019-01-05] (AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [166472 2019-01-05] (AVAST Software)
S3 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [111992 2019-01-05] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [88144 2019-01-05] (AVAST Software)
S3 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [1034056 2019-01-05] (AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [474648 2019-01-05] (AVAST Software)
S3 aswStm; C:\Windows\System32\drivers\aswStm.sys [218056 2019-01-05] (AVAST Software)
S3 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [380144 2019-01-05] (AVAST Software)
S3 dg_ssudbus; C:\Windows\System32\drivers\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd.)
R3 dptf_acpi; C:\Windows\System32\drivers\dptf_acpi.sys [71232 2017-03-22] (Intel Corporation)
R3 dptf_cpu; C:\Windows\System32\drivers\dptf_cpu.sys [66624 2017-03-22] (Intel Corporation)
R3 esif_lf; C:\Windows\system32\DRIVERS\esif_lf.sys [350272 2017-03-22] (Intel Corporation)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [152688 2018-12-04] (Malwarebytes)
S3 farmntio; C:\Windows\system32\drivers\farmntio.sys [25144 2014-03-25] () [File not signed]
R3 kltap; C:\Windows\System32\drivers\kltap.sys [48080 2018-02-12] (The OpenVPN Project)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [198512 2019-01-09] (Malwarebytes)
R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [126624 2019-01-09] (Malwarebytes)
R3 MBAMProtection; C:\Windows\system32\DRIVERS\mbam.sys [72536 2019-01-09] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [261032 2019-01-09] (Malwarebytes)
R3 MBAMWebProtection; C:\Windows\system32\DRIVERS\mwac.sys [113016 2019-01-09] (Malwarebytes)
R3 nvlddmkm; C:\Windows\System32\DriverStore\FileRepository\nvam.inf_amd64_9b1341e92276ee7c\nvlddmkm.sys [17213616 2018-10-15] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30336 2018-10-25] (NVIDIA Corporation)
S3 NVSWCFilter; C:\Windows\System32\drivers\nvswcfilter.sys [27440 2018-01-10] (Windows (R) Win 7 DDK provider)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [70024 2018-10-01] (NVIDIA Corporation)
R3 nvvhci; C:\Windows\System32\drivers\nvvhci.sys [74576 2018-10-01] (NVIDIA Corporation)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [947712 2017-03-22] (Realtek )
R3 RtkBtFilter; C:\Windows\system32\DRIVERS\RtkBtfilter.sys [724448 2017-07-12] (Realtek Semiconductor Corporation)
R3 RTWlanE; C:\Windows\System32\drivers\rtwlane.sys [8009040 2017-12-21] (Realtek Semiconductor Corporation )
S3 ScpVBus; C:\Windows\System32\drivers\ScpVBus.sys [39168 2013-05-19] (Scarlet.Crush Productions)
S3 ssudqcfilter; C:\Windows\System32\drivers\ssudqcfilter.sys [64912 2017-05-18] (QUALCOMM Incorporated)
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [46680 2019-01-09] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [330936 2019-01-09] (Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [62136 2019-01-09] (Microsoft Corporation)
U3 aswbdisk; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-01-10 00:07 - 2019-01-10 00:08 - 000023797 _____ C:\Users\juanm\Desktop\FRST.txt
2019-01-09 23:34 - 2019-01-09 23:34 - 000261032 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2019-01-09 23:34 - 2019-01-09 23:34 - 000001914 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2019-01-09 23:34 - 2019-01-09 23:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-01-09 23:34 - 2019-01-09 23:34 - 000000000 ____D C:\ProgramData\Malwarebytes
2019-01-09 23:31 - 2019-01-09 23:28 - 000592616 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2019-01-09 23:29 - 2019-01-09 23:29 - 002425856 _____ (Farbar) C:\Users\juanm\Downloads\FRST64 (1).exe
2019-01-09 23:29 - 2019-01-09 23:29 - 002425856 _____ (Farbar) C:\Users\juanm\Desktop\FRST64 (1).exe
2019-01-09 23:28 - 2019-01-09 23:28 - 081227760 _____ (Malwarebytes ) C:\Users\juanm\Desktop\mb3-setup-consumer-3.6.1.2711-1.0.508-1.0.8211 (1).exe
2019-01-09 23:28 - 2019-01-09 23:28 - 007320272 _____ (Malwarebytes) C:\Users\juanm\Downloads\adwcleaner_7.2.6.0 (1).exe
2019-01-09 23:28 - 2019-01-09 23:28 - 007320272 _____ (Malwarebytes) C:\Users\juanm\Desktop\adwcleaner_7.2.6.0 (1).exe
2019-01-09 23:27 - 2019-01-09 23:28 - 081227760 _____ (Malwarebytes ) C:\Users\juanm\Downloads\mb3-setup-consumer-3.6.1.2711-1.0.508-1.0.8211 (1).exe
2019-01-09 23:27 - 2019-01-09 23:26 - 001790024 _____ (Malwarebytes) C:\Users\juanm\Desktop\JRT (1).exe
2019-01-09 23:26 - 2019-01-09 23:26 - 001790024 _____ (Malwarebytes) C:\Users\juanm\Downloads\JRT (1).exe
2019-01-09 23:15 - 2019-01-09 23:15 - 000000000 ____D C:\Windows\SysWOW64\%Report%
2019-01-09 22:47 - 2019-01-09 22:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Free
2019-01-09 22:47 - 2019-01-06 19:27 - 000002120 _____ C:\Users\Public\Desktop\Kaspersky Free.lnk
2019-01-09 22:00 - 2019-01-09 22:01 - 045966368 _____ (Microsoft Corporation) C:\Users\juanm\Downloads\Windows-KB890830-x64-V5.68.exe
2019-01-09 02:00 - 2019-01-09 02:00 - 000000000 ____D C:\Users\juanm\AppData\Roaming\Foxit Software
2019-01-09 01:46 - 2019-01-09 01:46 - 000000219 _____ C:\Users\juanm\Desktop\Counter-Strike Global Offensive.url
2019-01-08 00:30 - 2019-01-08 00:30 - 005112480 _____ (Husdawg, LLC) C:\Users\juanm\Downloads\Detection.exe
2019-01-07 18:44 - 2019-01-09 23:17 - 000006778 ___RH C:\farstone_pe.letter
2019-01-07 18:38 - 2019-01-07 18:38 - 000000000 ____D C:\Windows\SysWOW64\%Data%
2019-01-07 02:56 - 2019-01-07 03:00 - 000042112 _____ C:\Users\juanm\Downloads\Addition.txt
2019-01-07 02:55 - 2019-01-10 00:07 - 000000000 ____D C:\FRST
2019-01-07 02:55 - 2019-01-07 03:00 - 000125574 _____ C:\Users\juanm\Downloads\FRST.txt
2019-01-07 02:53 - 2019-01-07 02:54 - 002425856 _____ (Farbar) C:\Users\juanm\Downloads\FRST64.exe
2019-01-07 02:51 - 2019-01-10 00:04 - 000001024 _____ C:\Users\juanm\Desktop\JRT.txt
2019-01-07 02:46 - 2019-01-07 02:46 - 001790024 _____ (Malwarebytes) C:\Users\juanm\Downloads\JRT.exe
2019-01-07 01:09 - 2019-01-07 01:09 - 000003172 _____ C:\Users\juanm\Desktop\startup.txt
2019-01-07 00:54 - 2019-01-07 01:03 - 1953349632 _____ C:\Users\juanm\Downloads\ubuntu-18.04.1-desktop-amd64.iso
2019-01-07 00:35 - 2019-01-07 00:39 - 851443712 _____ C:\Users\juanm\Downloads\ubuntu-18.04.1.0-live-server-amd64.iso
2019-01-06 19:34 - 2019-01-09 22:01 - 132790320 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2019-01-06 19:34 - 2019-01-09 21:32 - 000000000 ____D C:\Windows\system32\MRT
2019-01-06 19:33 - 2019-01-06 19:33 - 000000000 ____D C:\Program Files\rempl
2019-01-06 19:30 - 2019-01-06 19:30 - 000001265 _____ C:\Users\Public\Desktop\Kaspersky Secure Connection.lnk
2019-01-06 19:30 - 2019-01-06 19:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Secure Connection
2019-01-06 19:30 - 2019-01-06 19:30 - 000000000 ____D C:\Program Files\Common Files\AV
2019-01-06 19:26 - 2019-01-09 23:59 - 000000000 ____D C:\ProgramData\Kaspersky Lab
2019-01-06 19:26 - 2019-01-06 19:27 - 000000000 ____D C:\Program Files (x86)\Kaspersky Lab
2019-01-06 19:21 - 2019-01-09 23:37 - 000113016 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2019-01-06 19:21 - 2019-01-09 23:35 - 000126624 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2019-01-06 19:21 - 2019-01-09 23:35 - 000072536 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2019-01-06 19:14 - 2019-01-06 19:14 - 000000000 ____D C:\ProgramData\Kaspersky Lab Setup Files
2019-01-06 19:13 - 2019-01-06 19:14 - 002546400 _____ (Kaspersky Lab) C:\Users\juanm\Downloads\startup_15004.exe
2019-01-06 16:55 - 2019-01-06 16:55 - 007657592 _____ (ESET spol. s r.o.) C:\Users\juanm\Downloads\esetonlinescanner_enu.exe
2019-01-06 16:55 - 2019-01-06 16:55 - 000000000 ____D C:\Users\juanm\AppData\Local\ESET
2019-01-06 16:53 - 2019-01-06 16:53 - 000000000 ____D C:\Users\juanm\AppData\Roaming\awsRun
2019-01-06 16:40 - 2019-01-06 16:40 - 000000000 ____D C:\AdwCleaner
2019-01-06 16:38 - 2019-01-06 16:39 - 007320272 _____ (Malwarebytes) C:\Users\juanm\Downloads\adwcleaner_7.2.6.0.exe
2019-01-06 16:31 - 2019-01-06 16:31 - 000000000 ____D C:\Users\juanm\AppData\Local\mbam
2019-01-06 16:30 - 2019-01-09 23:35 - 000198512 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
2019-01-06 16:30 - 2019-01-06 16:30 - 000000000 ____D C:\Users\juanm\AppData\Local\mbamtray
2019-01-06 16:30 - 2018-12-04 08:09 - 000152688 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2019-01-06 16:29 - 2019-01-06 16:29 - 000000000 ____D C:\Program Files\Malwarebytes
2019-01-06 16:28 - 2019-01-06 16:28 - 081227760 _____ (Malwarebytes ) C:\Users\juanm\Downloads\mb3-setup-consumer-3.6.1.2711-1.0.508-1.0.8211.exe
2019-01-06 16:23 - 2019-01-07 00:53 - 000002072 _____ C:\Users\juanm\Desktop\Rkill.txt
2019-01-06 16:23 - 2019-01-06 16:23 - 001802704 _____ (Bleeping Computer, LLC) C:\Users\juanm\Downloads\iExplore.exe
2019-01-06 16:23 - 2019-01-06 16:23 - 000988112 _____ (Bleeping Computer, LLC) C:\Users\juanm\Downloads\iExplore64.exe
2019-01-06 15:24 - 2019-01-09 21:27 - 000002988 _____ C:\Windows\System32\Tasks\CCleaner Update
2019-01-06 15:24 - 2019-01-09 21:27 - 000002236 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2019-01-06 15:24 - 2019-01-06 15:24 - 000000865 _____ C:\Users\Public\Desktop\CCleaner.lnk
2019-01-06 15:24 - 2019-01-06 15:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2019-01-06 15:24 - 2019-01-06 15:24 - 000000000 ____D C:\Program Files\CCleaner
2019-01-06 15:20 - 2019-01-08 00:31 - 000000000 ____D C:\Users\juanm\AppData\Local\D3DSCache
2019-01-06 01:55 - 2019-01-09 23:30 - 000000000 ____D C:\Users\juanm\AppData\Local\CrashDumps
2019-01-06 01:55 - 2019-01-06 01:55 - 000000000 ____D C:\Users\juanm\AppData\Local\DBG
2019-01-05 23:17 - 2019-01-05 23:17 - 000000000 ____D C:\Users\juanm\AppData\Local\Steam
2019-01-05 23:16 - 2019-01-09 21:28 - 000003152 _____ C:\Windows\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-01-05 23:16 - 2019-01-09 21:28 - 000002914 _____ C:\Windows\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-01-05 23:16 - 2019-01-05 23:16 - 000001445 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2019-01-05 23:16 - 2019-01-05 23:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2019-01-05 23:16 - 2018-12-06 11:11 - 002865032 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2019-01-05 23:16 - 2018-12-06 11:11 - 002264968 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2019-01-05 23:16 - 2018-12-06 11:11 - 001323400 _____ (NVIDIA Corporation) C:\Windows\system32\NvRtmpStreamer64.dll
2019-01-05 23:13 - 2019-01-09 21:28 - 000003398 _____ C:\Windows\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-01-05 23:13 - 2019-01-09 21:28 - 000003196 _____ C:\Windows\System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-01-05 23:13 - 2019-01-09 21:28 - 000003016 _____ C:\Windows\System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-01-05 23:13 - 2019-01-09 21:28 - 000003016 _____ C:\Windows\System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-01-05 23:13 - 2019-01-09 21:28 - 000003016 _____ C:\Windows\System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-01-05 23:13 - 2019-01-09 21:28 - 000002984 _____ C:\Windows\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-01-05 23:13 - 2019-01-09 21:28 - 000002956 _____ C:\Windows\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-01-05 23:13 - 2019-01-09 21:28 - 000002838 _____ C:\Windows\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-01-05 23:13 - 2019-01-09 21:28 - 000002744 _____ C:\Windows\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-01-05 23:12 - 2018-12-06 10:20 - 000001951 _____ C:\Windows\NvTelemetryContainerRecovery.bat
2019-01-05 23:10 - 2018-10-01 16:47 - 000074576 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvhci.sys
2019-01-05 23:09 - 2019-01-09 23:35 - 000000000 ____D C:\Program Files (x86)\Steam
2019-01-05 23:09 - 2019-01-05 23:09 - 000001034 _____ C:\Users\Public\Desktop\Steam.lnk
2019-01-05 23:09 - 2019-01-05 23:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2019-01-05 23:08 - 2019-01-05 23:08 - 001573568 _____ C:\Users\juanm\Downloads\SteamSetup.exe
2019-01-05 23:04 - 2019-01-05 23:05 - 114076760 _____ (NVIDIA Corporation) C:\Users\juanm\Downloads\GeForce_Experience_v3.16.0.140.exe
2019-01-05 22:59 - 2019-01-05 22:59 - 000002138 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox 25 GB.lnk
2019-01-05 22:43 - 2019-01-09 23:36 - 000000000 ____D C:\Windows\system32\Drivers\wd
2019-01-05 22:43 - 2019-01-09 23:33 - 000003550 _____ C:\Windows\System32\Tasks\ASUS Live Update1
2019-01-05 22:43 - 2019-01-09 23:33 - 000003540 _____ C:\Windows\System32\Tasks\ASUS Live Update2
2019-01-05 22:43 - 2019-01-09 23:17 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-01-05 22:43 - 2019-01-09 21:28 - 000003118 _____ C:\Windows\System32\Tasks\Intel PTT EK Recertification
2019-01-05 22:43 - 2019-01-09 21:28 - 000002968 _____ C:\Windows\System32\Tasks\Update Checker
2019-01-05 22:43 - 2019-01-09 21:28 - 000002346 _____ C:\Windows\System32\Tasks\RtHDVBg_ListenToDevice
2019-01-05 22:43 - 2019-01-09 21:28 - 000002280 _____ C:\Windows\System32\Tasks\RTKCPL
2019-01-05 22:43 - 2019-01-09 21:27 - 000003546 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskMachineUA
2019-01-05 22:43 - 2019-01-09 21:27 - 000002924 _____ C:\Windows\System32\Tasks\ATK Package 36D18D69AFC3
2019-01-05 22:43 - 2019-01-09 21:27 - 000002340 _____ C:\Windows\System32\Tasks\ASUS USB Charger Plus
2019-01-05 22:43 - 2019-01-09 21:27 - 000002214 _____ C:\Windows\System32\Tasks\ATK Package A22126881260
2019-01-05 22:43 - 2019-01-09 21:27 - 000002214 _____ C:\Windows\System32\Tasks\ASUS Splendid ACMON
2019-01-05 22:43 - 2019-01-07 18:36 - 000003860 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskMachineCore
2019-01-05 22:43 - 2019-01-06 19:17 - 000000000 ____D C:\Windows\System32\Tasks\McAfee
2019-01-05 22:43 - 2019-01-05 22:43 - 000002926 _____ C:\Windows\System32\Tasks\avast! SL Update
2019-01-05 22:43 - 2019-01-05 22:43 - 000000000 _SHDL C:\Users\Public\Documents\Mis vídeos
2019-01-05 22:43 - 2019-01-05 22:43 - 000000000 _SHDL C:\Users\Public\Documents\Mis imágenes
2019-01-05 22:43 - 2019-01-05 22:43 - 000000000 _SHDL C:\Users\Public\Documents\Mi música
2019-01-05 22:43 - 2019-01-05 22:43 - 000000000 _SHDL C:\Users\Default\Reciente
2019-01-05 22:43 - 2019-01-05 22:43 - 000000000 _SHDL C:\Users\Default\Plantillas
2019-01-05 22:43 - 2019-01-05 22:43 - 000000000 _SHDL C:\Users\Default\Mis documentos
2019-01-05 22:43 - 2019-01-05 22:43 - 000000000 _SHDL C:\Users\Default\Menú Inicio
2019-01-05 22:43 - 2019-01-05 22:43 - 000000000 _SHDL C:\Users\Default\Impresoras
2019-01-05 22:43 - 2019-01-05 22:43 - 000000000 _SHDL C:\Users\Default\Entorno de red
2019-01-05 22:43 - 2019-01-05 22:43 - 000000000 _SHDL C:\Users\Default\Documents\Mis vídeos
2019-01-05 22:43 - 2019-01-05 22:43 - 000000000 _SHDL C:\Users\Default\Documents\Mis imágenes
2019-01-05 22:43 - 2019-01-05 22:43 - 000000000 _SHDL C:\Users\Default\Documents\Mi música
2019-01-05 22:43 - 2019-01-05 22:43 - 000000000 _SHDL C:\Users\Default\Datos de programa
2019-01-05 22:43 - 2019-01-05 22:43 - 000000000 _SHDL C:\Users\Default\Configuración local
2019-01-05 22:43 - 2019-01-05 22:43 - 000000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
2019-01-05 22:43 - 2019-01-05 22:43 - 000000000 _SHDL C:\Users\Default\AppData\Local\Historial
2019-01-05 22:43 - 2019-01-05 22:43 - 000000000 _SHDL C:\Users\Default\AppData\Local\Datos de programa
2019-01-05 22:43 - 2019-01-05 22:43 - 000000000 _SHDL C:\Users\Default\AppData\Local\Archivos temporales de Internet
2019-01-05 22:43 - 2019-01-05 22:43 - 000000000 _SHDL C:\Users\Default User\Documents\Mis vídeos
2019-01-05 22:43 - 2019-01-05 22:43 - 000000000 _SHDL C:\Users\Default User\Documents\Mis imágenes
2019-01-05 22:43 - 2019-01-05 22:43 - 000000000 _SHDL C:\Users\Default User\Documents\Mi música
2019-01-05 22:43 - 2019-01-05 22:43 - 000000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
2019-01-05 22:43 - 2019-01-05 22:43 - 000000000 _SHDL C:\Users\Default User\AppData\Local\Historial
2019-01-05 22:43 - 2019-01-05 22:43 - 000000000 _SHDL C:\Users\Default User\AppData\Local\Datos de programa
2019-01-05 22:43 - 2019-01-05 22:43 - 000000000 _SHDL C:\Users\Default User\AppData\Local\Archivos temporales de Internet
2019-01-05 22:43 - 2019-01-05 22:43 - 000000000 _SHDL C:\Users\Default User
2019-01-05 22:43 - 2019-01-05 22:43 - 000000000 _SHDL C:\Users\All Users
2019-01-05 22:43 - 2019-01-05 22:43 - 000000000 _SHDL C:\ProgramData\Plantillas
2019-01-05 22:43 - 2019-01-05 22:43 - 000000000 _SHDL C:\ProgramData\Microsoft\Windows\Start Menu\Programas
2019-01-05 22:43 - 2019-01-05 22:43 - 000000000 _SHDL C:\ProgramData\Menú Inicio
2019-01-05 22:43 - 2019-01-05 22:43 - 000000000 _SHDL C:\ProgramData\Escritorio
2019-01-05 22:43 - 2019-01-05 22:43 - 000000000 _SHDL C:\ProgramData\Documentos
2019-01-05 22:43 - 2019-01-05 22:43 - 000000000 _SHDL C:\ProgramData\Datos de programa
2019-01-05 22:43 - 2019-01-05 22:43 - 000000000 _SHDL C:\Program Files\Archivos comunes
2019-01-05 22:43 - 2019-01-05 22:43 - 000000000 _SHDL C:\Documents and Settings
2019-01-05 22:43 - 2019-01-05 22:43 - 000000000 _SHDL C:\Archivos de programa
2019-01-05 22:43 - 2019-01-05 22:43 - 000000000 ____D C:\Windows\System32\Tasks\ASUS
2019-01-05 22:42 - 2019-01-05 22:42 - 000023076 _____ C:\Windows\system32\emptyregdb.dat
2019-01-05 22:40 - 2018-04-12 00:33 - 002752000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2019-01-05 22:37 - 2019-01-05 22:37 - 000001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2019-01-05 22:29 - 2019-01-05 23:26 - 000000000 ____D C:\ProgramData\Packages
2019-01-05 22:27 - 2019-01-06 00:55 - 000000000 ____D C:\Users\juanm\AppData\Local\Comms
2019-01-05 22:22 - 2019-01-05 22:22 - 000000000 ____D C:\Windows\system32\config\bbimigrate
2019-01-05 22:20 - 2019-01-05 22:20 - 000000000 ____D C:\Users\juanm\Documents\League of Legends
2019-01-05 22:15 - 2019-01-05 22:34 - 000000000 ____D C:\Windows\SysWOW64\RTCOM
2019-01-05 22:15 - 2019-01-05 22:15 - 000000000 ____H C:\ProgramData\DP45977C.lfl
2019-01-05 22:15 - 2019-01-05 22:15 - 000000000 ____D C:\Windows\system32\DAX3
2019-01-05 22:15 - 2019-01-05 22:15 - 000000000 ____D C:\Windows\system32\DAX2
2019-01-05 22:15 - 2019-01-05 22:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Realtek
2019-01-05 22:15 - 2019-01-05 22:15 - 000000000 ____D C:\Program Files\Realtek
2019-01-05 22:14 - 2019-01-09 23:59 - 000000000 ____D C:\ProgramData\NVIDIA
2019-01-05 22:14 - 2019-01-05 23:16 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2019-01-05 22:14 - 2019-01-05 23:16 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2019-01-05 22:14 - 2019-01-05 22:14 - 000000000 ____D C:\Windows\system32\Drivers\NVIDIA Corporation
2019-01-05 22:14 - 2018-09-06 02:18 - 005947704 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2019-01-05 22:14 - 2018-09-06 02:18 - 002612616 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2019-01-05 22:14 - 2018-09-06 02:17 - 008330242 _____ C:\Windows\system32\nvcoproc.bin
2019-01-05 22:14 - 2018-09-06 02:17 - 001767280 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2019-01-05 22:14 - 2018-09-06 02:17 - 000634248 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll
2019-01-05 22:14 - 2018-09-06 02:17 - 000450416 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2019-01-05 22:14 - 2018-09-06 02:17 - 000124112 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2019-01-05 22:14 - 2018-09-06 02:17 - 000083256 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll
2019-01-05 22:14 - 2018-08-03 06:56 - 000001951 _____ C:\Windows\NvContainerRecovery.bat
2019-01-05 22:13 - 2019-01-05 22:33 - 000000000 ____D C:\ProgramData\Realtek
2019-01-05 22:13 - 2019-01-05 22:32 - 000000000 ____D C:\Program Files (x86)\Intel
2019-01-05 22:13 - 2019-01-05 22:27 - 000000000 ____D C:\Program Files\Intel
2019-01-05 22:13 - 2019-01-05 22:26 - 000000000 ___HD C:\Intel
2019-01-05 22:13 - 2019-01-05 22:13 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_esif_umdf2_02_00_00.Wdf
2019-01-05 22:13 - 2019-01-05 22:13 - 000000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_esif_lf_01011.Wdf
2019-01-05 22:13 - 2019-01-05 22:13 - 000000000 ____D C:\Windows\SysWOW64\sda
2019-01-05 22:13 - 2019-01-05 22:13 - 000000000 ____D C:\Windows\system32\Intel
2019-01-05 22:13 - 2019-01-05 22:13 - 000000000 ____D C:\ProgramData\USOShared
2019-01-05 22:13 - 2019-01-05 22:13 - 000000000 _____ C:\Windows\system32\GfxValDisplayLog.bin
2019-01-05 22:13 - 2016-11-30 07:36 - 000113672 _____ (Khronos Group) C:\Windows\system32\OpenCL.DLL
2019-01-05 22:13 - 2016-11-30 07:36 - 000104456 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.DLL
2019-01-05 22:09 - 2019-01-09 21:44 - 000000000 ____D C:\Windows\system32\SleepStudy
2019-01-05 22:09 - 2019-01-05 22:38 - 000426688 _____ C:\Windows\system32\FNTCACHE.DAT
2019-01-05 22:09 - 2019-01-05 22:09 - 000000000 ____D C:\Windows\ServiceProfiles
2019-01-05 22:08 - 2019-01-05 22:08 - 000000000 ____D C:\Users\juanm\AppData\Local\CEF
2019-01-05 22:08 - 2019-01-05 22:08 - 000000000 ____D C:\ProgramData\Riot Games
2019-01-05 22:07 - 2019-01-05 22:07 - 000000741 _____ C:\Users\Public\Desktop\League of Legends.lnk
2019-01-05 22:07 - 2019-01-05 22:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\League of Legends
2019-01-05 22:07 - 2008-07-31 10:41 - 000068616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_1.dll
2019-01-05 22:07 - 2008-07-31 10:40 - 000509448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_2.dll
2019-01-05 22:07 - 2008-07-12 08:18 - 003851784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_39.dll
2019-01-05 22:07 - 2008-07-12 08:18 - 001493528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_39.dll
2019-01-05 22:07 - 2008-07-12 08:18 - 000467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_39.dll
2019-01-05 22:06 - 2019-01-05 22:06 - 000002090 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Free Antivirus.lnk
2019-01-05 22:06 - 2019-01-05 22:06 - 000002078 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2019-01-05 22:06 - 2019-01-05 22:06 - 000000000 ____D C:\Users\juanm\AppData\Local\AVAST Software
2019-01-05 22:06 - 2019-01-05 22:06 - 000000000 ____D C:\Riot Games
2019-01-05 22:05 - 2019-01-09 21:28 - 000002856 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3064313884-3264504614-223766655-1001
2019-01-05 22:05 - 2019-01-09 21:28 - 000000000 ____D C:\Windows\System32\Tasks\Avast Software
2019-01-05 22:05 - 2019-01-05 22:05 - 000003990 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2019-01-05 22:04 - 2019-01-05 22:04 - 088127032 _____ (Riot Games, Inc) C:\Users\juanm\Downloads\League of Legends installer EUW.exe
2019-01-05 22:04 - 2019-01-05 22:04 - 000474648 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2019-01-05 22:04 - 2019-01-05 22:04 - 000380144 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2019-01-05 22:04 - 2019-01-05 22:04 - 000218056 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2019-01-05 22:04 - 2019-01-05 22:04 - 000000000 ____D C:\Program Files\Common Files\AVAST Software
2019-01-05 22:04 - 2019-01-05 22:03 - 000361352 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2019-01-05 22:04 - 2019-01-05 22:03 - 000239808 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHdsKe.sys
2019-01-05 22:04 - 2019-01-05 22:03 - 000203488 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2019-01-05 22:04 - 2019-01-05 22:03 - 000166472 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2019-01-05 22:04 - 2019-01-05 22:03 - 000111992 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2019-01-05 22:04 - 2019-01-05 22:03 - 000088144 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2019-01-05 22:04 - 2019-01-05 22:03 - 000046584 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2019-01-05 22:04 - 2019-01-05 22:03 - 000042488 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2019-01-05 22:04 - 2019-01-05 22:03 - 000015488 _____ (AVAST Software) C:\Windows\system32\Drivers\aswElam.sys
2019-01-05 22:04 - 2019-01-05 22:02 - 001034056 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2019-01-05 22:04 - 2019-01-05 22:02 - 000320888 _____ (AVAST Software) C:\Windows\system32\Drivers\aswblog.sys
2019-01-05 22:04 - 2019-01-05 22:02 - 000220688 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriver.sys
2019-01-05 22:04 - 2019-01-05 22:02 - 000196264 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsh.sys
2019-01-05 22:04 - 2019-01-05 22:02 - 000058160 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniv.sys
2019-01-05 22:04 - 2019-01-05 22:02 - 000037304 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArDisk.sys
2019-01-05 22:03 - 2019-01-05 22:03 - 000002373 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-01-05 22:03 - 2019-01-05 22:03 - 000002332 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-01-05 22:02 - 2019-01-09 21:28 - 000003548 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2019-01-05 22:02 - 2019-01-09 21:28 - 000003324 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2019-01-05 22:02 - 2019-01-05 22:28 - 000000000 ____D C:\Users\juanm\AppData\Local\Google
2019-01-05 22:02 - 2019-01-05 22:02 - 000000000 ____D C:\Program Files (x86)\Google
2019-01-05 22:00 - 2019-01-05 22:00 - 000000000 ____D C:\Users\juanm\AppData\Local\Crashpad
2019-01-05 21:59 - 2019-01-05 22:05 - 000000000 ___RD C:\Users\juanm\OneDrive
2019-01-05 21:58 - 2019-01-05 22:13 - 000000000 ____D C:\Users\juanm\AppData\Roaming\DropboxOEM
2019-01-05 21:58 - 2019-01-05 21:58 - 000000000 ____D C:\Users\juanm\AppData\Local\DropboxOEM
2019-01-05 21:57 - 2019-01-09 23:26 - 000000206 _____ C:\Users\juanm\AppData\Roaming\sp_data.sys
2019-01-05 21:57 - 2019-01-06 16:51 - 000000000 ____D C:\ProgramData\USBChargerPlus
2019-01-05 21:57 - 2019-01-05 22:00 - 000000000 ____D C:\Users\juanm\AppData\Local\ASUS GIFTBOX
2019-01-05 21:57 - 2019-01-05 21:57 - 000000000 ____D C:\Users\juanm\AppData\Roaming\WebStorage
2019-01-05 21:56 - 2019-01-07 18:48 - 000000000 ____D C:\Users\juanm\AppData\Local\NVIDIA Corporation
2019-01-05 21:56 - 2019-01-07 02:51 - 000000000 ____D C:\Users\juanm\AppData\Local\PlaceholderTileLogoFolder
2019-01-05 21:56 - 2019-01-05 21:56 - 000000000 ____D C:\Users\juanm\AppData\Roaming\Macromedia
2019-01-05 21:55 - 2019-01-05 23:17 - 000000000 ____D C:\Users\juanm\AppData\Local\NVIDIA
2019-01-05 21:55 - 2019-01-05 22:11 - 000000000 ____D C:\Users\juanm\AppData\Roaming\AVAST Software
2019-01-05 21:55 - 2019-01-05 21:55 - 000001417 _____ C:\Users\juanm\Desktop\Microsoft Edge.lnk
2019-01-05 21:54 - 2019-01-05 22:48 - 000000000 ____D C:\Users\juanm\AppData\Local\Publishers
2019-01-05 21:54 - 2019-01-05 21:54 - 000000000 ___HD C:\Users\juanm\MicrosoftEdgeBackups
2019-01-05 21:54 - 2019-01-05 21:54 - 000000000 ____D C:\Users\juanm\AppData\Local\MicrosoftEdge
2019-01-05 21:53 - 2019-01-09 23:17 - 000000000 __SHD C:\Users\juanm\IntelGraphicsProfiles
2019-01-05 21:53 - 2019-01-09 02:03 - 000000000 ____D C:\Users\juanm\AppData\Local\Packages
2019-01-05 21:53 - 2019-01-05 21:54 - 000000000 ____D C:\Users\juanm\AppData\Local\ConnectedDevicesPlatform
2019-01-05 21:53 - 2019-01-05 21:53 - 000000000 ___RD C:\Users\juanm\3D Objects
2019-01-05 21:53 - 2019-01-05 21:53 - 000000000 ____D C:\Users\juanm\AppData\Roaming\Adobe
2019-01-05 21:53 - 2019-01-05 21:53 - 000000000 ____D C:\Users\juanm\AppData\Local\VirtualStore
2019-01-05 21:53 - 2019-01-05 21:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Herramientas de Microsoft Office 2016
2019-01-05 21:49 - 2019-01-07 18:39 - 000000000 ____D C:\Users\juanm
2019-01-05 21:49 - 2019-01-05 22:05 - 000002399 _____ C:\Users\juanm\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-01-05 21:49 - 2019-01-05 21:49 - 000000020 ___SH C:\Users\juanm\ntuser.ini
2019-01-05 21:49 - 2019-01-05 21:49 - 000000000 _SHDL C:\Users\juanm\Reciente
2019-01-05 21:49 - 2019-01-05 21:49 - 000000000 _SHDL C:\Users\juanm\Plantillas
2019-01-05 21:49 - 2019-01-05 21:49 - 000000000 _SHDL C:\Users\juanm\Mis documentos
2019-01-05 21:49 - 2019-01-05 21:49 - 000000000 _SHDL C:\Users\juanm\Menú Inicio
2019-01-05 21:49 - 2019-01-05 21:49 - 000000000 _SHDL C:\Users\juanm\Impresoras
2019-01-05 21:49 - 2019-01-05 21:49 - 000000000 _SHDL C:\Users\juanm\Entorno de red
2019-01-05 21:49 - 2019-01-05 21:49 - 000000000 _SHDL C:\Users\juanm\Documents\Mis vídeos
2019-01-05 21:49 - 2019-01-05 21:49 - 000000000 _SHDL C:\Users\juanm\Documents\Mis imágenes
2019-01-05 21:49 - 2019-01-05 21:49 - 000000000 _SHDL C:\Users\juanm\Documents\Mi música
2019-01-05 21:49 - 2019-01-05 21:49 - 000000000 _SHDL C:\Users\juanm\Datos de programa
2019-01-05 21:49 - 2019-01-05 21:49 - 000000000 _SHDL C:\Users\juanm\Configuración local
2019-01-05 21:49 - 2019-01-05 21:49 - 000000000 _SHDL C:\Users\juanm\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
2019-01-05 21:49 - 2019-01-05 21:49 - 000000000 _SHDL C:\Users\juanm\AppData\Local\Historial
2019-01-05 21:49 - 2019-01-05 21:49 - 000000000 _SHDL C:\Users\juanm\AppData\Local\Datos de programa
2019-01-05 21:49 - 2019-01-05 21:49 - 000000000 _SHDL C:\Users\juanm\AppData\Local\Archivos temporales de Internet
2019-01-05 20:56 - 2019-01-05 22:33 - 000000000 ____D C:\Windows\ASUS
2019-01-05 20:55 - 2019-01-09 23:30 - 000000000 ____D C:\Windows\Panther
2019-01-05 20:55 - 2019-01-05 20:56 - 000000000 ____D C:\Windows\InfusedApps
2019-01-05 20:50 - 2019-01-05 20:50 - 000008192 _____ C:\Windows\system32\config\userdiff
2019-01-05 20:50 - 2019-01-05 20:50 - 000000000 ____D C:\Windows\Setup
2019-01-05 20:45 - 2019-01-07 00:10 - 000000000 ____D C:\Windows\OCR
2019-01-05 20:45 - 2019-01-05 22:34 - 000000000 ____D C:\Windows\SysWOW64\XPSViewer
2019-01-05 20:45 - 2019-01-05 20:49 - 000000000 ____D C:\Windows\SysWOW64\zu-ZA
2019-01-05 20:45 - 2019-01-05 20:49 - 000000000 ____D C:\Windows\SysWOW64\yo-NG
2019-01-05 20:45 - 2019-01-05 20:49 - 000000000 ____D C:\Windows\SysWOW64\xh-ZA
2019-01-05 20:45 - 2019-01-05 20:49 - 000000000 ____D C:\Windows\SysWOW64\wo-SN
2019-01-05 20:45 - 2019-01-05 20:49 - 000000000 ____D C:\Windows\SysWOW64\vi-VN
2019-01-05 20:45 - 2019-01-05 20:49 - 000000000 ____D C:\Windows\SysWOW64\uz-Latn-UZ
2019-01-05 20:45 - 2019-01-05 20:49 - 000000000 ____D C:\Windows\SysWOW64\ur-PK
2019-01-05 20:45 - 2019-01-05 20:49 - 000000000 ____D C:\Windows\SysWOW64\ug-CN
2019-01-05 20:45 - 2019-01-05 20:49 - 000000000 ____D C:\Windows\SysWOW64\tt-RU
2019-01-05 20:45 - 2019-01-05 20:49 - 000000000 ____D C:\Windows\SysWOW64\tn-ZA
2019-01-05 20:45 - 2019-01-05 20:49 - 000000000 ____D C:\Windows\SysWOW64\tk-TM
2019-01-05 20:45 - 2019-01-05 20:49 - 000000000 ____D C:\Windows\SysWOW64\ti-ET
2019-01-05 20:45 - 2019-01-05 20:49 - 000000000 ____D C:\Windows\SysWOW64\tg-Cyrl-TJ
2019-01-05 20:45 - 2019-01-05 20:49 - 000000000 ____D C:\Windows\SysWOW64\te-IN
2019-01-05 20:45 - 2019-01-05 20:49 - 000000000 ____D C:\Windows\SysWOW64\ta-IN
2019-01-05 20:45 - 2019-01-05 20:49 - 000000000 ____D C:\Windows\SysWOW64\sw-KE
2019-01-05 20:45 - 2019-01-05 20:49 - 000000000 ____D C:\Windows\SysWOW64\sr-Cyrl-RS
2019-01-05 20:45 - 2019-01-05 20:49 - 000000000 ____D C:\Windows\SysWOW64\sr-Cyrl-BA
2019-01-05 20:45 - 2019-01-05 20:49 - 000000000 ____D C:\Windows\SysWOW64\sq-AL
2019-01-05 20:45 - 2019-01-05 20:49 - 000000000 ____D C:\Windows\SysWOW64\si-LK
2019-01-05 20:45 - 2019-01-05 20:49 - 000000000 ____D C:\Windows\SysWOW64\sd-Arab-PK
2019-01-05 20:45 - 2019-01-05 20:49 - 000000000 ____D C:\Windows\SysWOW64\rw-RW
2019-01-05 20:45 - 2019-01-05 20:49 - 000000000 ____D C:\Windows\SysWOW64\quz-PE
2019-01-05 20:45 - 2019-01-05 20:49 - 000000000 ____D C:\Windows\SysWOW64\quc-Latn-GT
2019-01-05 20:45 - 2019-01-05 20:49 - 000000000 ____D C:\Windows\SysWOW64\prs-AF
2019-01-05 20:45 - 2019-01-05 20:49 - 000000000 ____D C:\Windows\SysWOW64\pa-IN
2019-01-05 20:45 - 2019-01-05 20:49 - 000000000 ____D C:\Windows\SysWOW64\pa-Arab-PK
2019-01-05 20:45 - 2019-01-05 20:49 - 000000000 ____D C:\Windows\SysWOW64\or-IN
2019-01-05 20:45 - 2019-01-05 20:49 - 000000000 ____D C:\Windows\SysWOW64\nso-ZA
2019-01-05 20:45 - 2019-01-05 20:49 - 000000000 ____D C:\Windows\SysWOW64\nn-NO
2019-01-05 20:45 - 2019-01-05 20:49 - 000000000 ____D C:\Windows\SysWOW64\ne-NP
2019-01-05 20:45 - 2019-01-05 20:49 - 000000000 ____D C:\Windows\SysWOW64\mt-MT
2019-01-05 20:45 - 2019-01-05 20:49 - 000000000 ____D C:\Windows\SysWOW64\mr-IN
2019-01-05 20:45 - 2019-01-05 20:49 - 000000000 ____D C:\Windows\SysWOW64\mn-MN
2019-01-05 20:45 - 2019-01-05 20:49 - 000000000 ____D C:\Windows\SysWOW64\ml-IN
2019-01-05 20:45 - 2019-01-05 20:49 - 000000000 ____D C:\Windows\SysWOW64\mk-MK
2019-01-05 20:45 - 2019-01-05 20:49 - 000000000 ____D C:\Windows\SysWOW64\mi-NZ
2019-01-05 20:45 - 2019-01-05 20:49 - 000000000 ____D C:\Windows\SysWOW64\lo-LA
2019-01-05 20:45 - 2019-01-05 20:49 - 000000000 ____D C:\Windows\SysWOW64\lb-LU
2019-01-05 20:45 - 2019-01-05 20:49 - 000000000 ____D C:\Windows\SysWOW64\ky-KG
2019-01-05 20:45 - 2019-01-05 20:49 - 000000000 ____D C:\Windows\SysWOW64\ku-Arab-IQ
2019-01-05 20:45 - 2019-01-05 20:49 - 000000000 ____D C:\Windows\SysWOW64\kok-IN
2019-01-05 20:45 - 2019-01-05 20:49 - 000000000 ____D C:\Windows\SysWOW64\kn-IN
2019-01-05 20:45 - 2019-01-05 20:49 - 000000000 ____D C:\Windows\SysWOW64\km-KH
2019-01-05 20:45 - 2019-01-05 20:49 - 000000000 ____D C:\Windows\SysWOW64\kk-KZ
2019-01-05 20:45 - 2019-01-05 20:49 - 000000000 ____D C:\Windows\SysWOW64\ka-GE
2019-01-05 20:45 - 2019-01-05 20:49 - 000000000 ____D C:\Windows\SysWOW64\is-IS
2019-01-05 20:45 - 2019-01-05 20:49 - 000000000 ____D C:\Windows\SysWOW64\ig-NG
2019-01-05 20:45 - 2019-01-05 20:49 - 000000000 ____D C:\Windows\SysWOW64\id-ID
2019-01-05 20:45 - 2019-01-05 20:49 - 000000000 ____D C:\Windows\SysWOW64\hy-AM
2019-01-05 20:45 - 2019-01-05 20:49 - 000000000 ____D C:\Windows\SysWOW64\ha-Latn-NG
2019-01-05 20:45 - 2019-01-05 20:49 - 000000000 ____D C:\Windows\SysWOW64\gu-IN
2019-01-05 20:45 - 2019-01-05 20:49 - 000000000 ____D C:\Windows\SysWOW64\gd-GB
2019-01-05 20:45 - 2019-01-05 20:49 - 000000000 ____D C:\Windows\SysWOW64\ga-IE
2019-01-05 20:45 - 2019-01-05 20:49 - 000000000 ____D C:\Windows\SysWOW64\fil-PH
2019-01-05 20:45 - 2019-01-05 20:49 - 000000000 ____D C:\Windows\SysWOW64\fa-IR
2019-01-05 20:45 - 2019-01-05 20:49 - 000000000 ____D C:\Windows\SysWOW64\cy-GB
2019-01-05 20:45 - 2019-01-05 20:49 - 000000000 ____D C:\Windows\SysWOW64\chr-CHER-US
2019-01-05 20:45 - 2019-01-05 20:49 - 000000000 ____D C:\Windows\SysWOW64\ca-ES-valencia
2019-01-05 20:45 - 2019-01-05 20:49 - 000000000 ____D C:\Windows\SysWOW64\bs-Latn-BA
2019-01-05 20:45 - 2019-01-05 20:49 - 000000000 ____D C:\Windows\SysWOW64\bn-IN
2019-01-05 20:45 - 2019-01-05 20:49 - 000000000 ____D C:\Windows\SysWOW64\bn-BD
2019-01-05 20:45 - 2019-01-05 20:49 - 000000000 ____D C:\Windows\SysWOW64\be-BY
2019-01-05 20:45 - 2019-01-05 20:49 - 000000000 ____D C:\Windows\SysWOW64\az-Latn-AZ
2019-01-05 20:45 - 2019-01-05 20:49 - 000000000 ____D C:\Windows\SysWOW64\as-IN
2019-01-05 20:45 - 2019-01-05 20:49 - 000000000 ____D C:\Windows\SysWOW64\am-ET
2019-01-05 20:45 - 2019-01-05 20:49 - 000000000 ____D C:\Windows\SysWOW64\af-ZA
2019-01-05 20:45 - 2019-01-05 20:49 - 000000000 ____D C:\Windows\system32\zu-ZA
2019-01-05 20:45 - 2019-01-05 20:49 - 000000000 ____D C:\Windows\system32\yo-NG
2019-01-05 20:45 - 2019-01-05 20:49 - 000000000 ____D C:\Windows\system32\xh-ZA
2019-01-05 20:45 - 2019-01-05 20:49 - 000000000 ____D C:\Windows\system32\wo-SN
2019-01-05 20:45 - 2019-01-05 20:49 - 000000000 ____D C:\Windows\system32\vi-VN
2019-01-05 20:45 - 2019-01-05 20:49 - 000000000 ____D C:\Windows\system32\uz-Latn-UZ
2019-01-05 20:45 - 2019-01-05 20:49 - 000000000 ____D C:\Windows\system32\ur-PK
2019-01-05 20:45 - 2019-01-05 20:49 - 000000000 ____D C:\Windows\system32\ug-CN
2019-01-05 20:45 - 2019-01-05 20:49 - 000000000 ____D C:\Windows\system32\tt-RU
2019-01-05 20:45 - 2019-01-05 20:49 - 000000000 ____D C:\Windows\system32\tn-ZA
2019-01-05 20:45 - 2019-01-05 20:49 - 000000000 ____D C:\Windows\system32\tk-TM
2019-01-05 20:45 - 2019-01-05 20:49 - 000000000 ____D C:\Windows\system32\ti-ET
2019-01-05 20:45 - 2019-01-05 20:49 - 000000000 ____D C:\Windows\system32\tg-Cyrl-TJ
2019-01-05 20:45 - 2019-01-05 20:49 - 000000000 ____D C:\Windows\system32\te-IN
2019-01-05 20:45 - 2019-01-05 20:49 - 000000000 ____D C:\Windows\system32\sw-KE
2019-01-05 20:45 - 2019-01-05 20:49 - 000000000 ____D C:\Windows\system32\sr-Cyrl-RS
2019-01-05 20:45 - 2019-01-05 20:49 - 000000000 ____D C:\Windows\system32\sr-Cyrl-BA
2019-01-05 20:45 - 2019-01-05 20:49 - 000000000 ____D C:\Windows\system32\sq-AL
2019-01-05 20:45 - 2019-01-05 20:49 - 000000000 ____D C:\Windows\system32\sd-Arab-PK
2019-01-05 20:45 - 2019-01-05 20:49 - 000000000 ____D C:\Windows\system32\rw-RW
2019-01-05 20:45 - 2019-01-05 20:49 - 000000000 ____D C:\Windows\system32\quz-PE
2019-01-05 20:45 - 2019-01-05 20:49 - 000000000 ____D C:\Windows\system32\quc-Latn-GT
2019-01-05 20:45 - 2019-01-05 20:49 - 000000000 ____D C:\Windows\system32\prs-AF
2019-01-05 20:45 - 2019-01-05 20:49 - 000000000 ____D C:\Windows\system32\pa-IN
2019-01-05 20:45 - 2019-01-05 20:49 - 000000000 ____D C:\Windows\system32\pa-Arab-PK
2019-01-05 20:45 - 2019-01-05 20:49 - 000000000 ____D C:\Windows\system32\or-IN
2019-01-05 20:45 - 2019-01-05 20:49 - 000000000 ____D C:\Windows\system32\nso-ZA
2019-01-05 20:45 - 2019-01-05 20:49 - 000000000 ____D C:\Windows\system32\nn-NO
2019-01-05 20:45 - 2019-01-05 20:49 - 000000000 ____D C:\Windows\system32\ne-NP
2019-01-05 20:45 - 2019-01-05 20:49 - 000000000 ____D C:\Windows\system32\mt-MT
2019-01-05 20:45 - 2019-01-05 20:49 - 000000000 ____D C:\Windows\system32\mr-IN
2019-01-05 20:45 - 2019-01-05 20:49 - 000000000 ____D C:\Windows\system32\mn-MN
2019-01-05 20:45 - 2019-01-05 20:49 - 000000000 ____D C:\Windows\system32\ml-IN
2019-01-05 20:45 - 2019-01-05 20:49 - 000000000 ____D C:\Windows\system32\mk-MK
2019-01-05 20:45 - 2019-01-05 20:49 - 000000000 ____D C:\Windows\system32\mi-NZ
2019-01-05 20:45 - 2019-01-05 20:49 - 000000000 ____D C:\Windows\system32\lo-LA
2019-01-05 20:45 - 2019-01-05 20:49 - 000000000 ____D C:\Windows\system32\lb-LU
2019-01-05 20:45 - 2019-01-05 20:49 - 000000000 ____D C:\Windows\system32\ky-KG
2019-01-05 20:45 - 2019-01-05 20:49 - 000000000 ____D C:\Windows\system32\ku-Arab-IQ
2019-01-05 20:45 - 2019-01-05 20:49 - 000000000 ____D C:\Windows\system32\kok-IN
2019-01-05 20:45 - 2019-01-05 20:49 - 000000000 ____D C:\Windows\system32\kn-IN
2019-01-05 20:45 - 2019-01-05 20:49 - 000000000 ____D C:\Windows\system32\km-KH
2019-01-05 20:45 - 2019-01-05 20:49 - 000000000 ____D C:\Windows\system32\kk-KZ
2019-01-05 20:45 - 2019-01-05 20:49 - 000000000 ____D C:\Windows\system32\ka-GE
2019-01-05 20:45 - 2019-01-05 20:49 - 000000000 ____D C:\Windows\system32\is-IS
2019-01-05 20:45 - 2019-01-05 20:49 - 000000000 ____D C:\Windows\system32\ig-NG
2019-01-05 20:45 - 2019-01-05 20:49 - 000000000 ____D C:\Windows\system32\id-ID
2019-01-05 20:45 - 2019-01-05 20:49 - 000000000 ____D C:\Windows\system32\hy-AM
2019-01-05 20:45 - 2019-01-05 20:49 - 000000000 ____D C:\Windows\system32\ha-Latn-NG
2019-01-05 20:45 - 2019-01-05 20:49 - 000000000 ____D C:\Windows\system32\gu-IN
2019-01-05 20:45 - 2019-01-05 20:49 - 000000000 ____D C:\Windows\system32\gd-GB
2019-01-05 20:45 - 2019-01-05 20:49 - 000000000 ____D C:\Windows\system32\ga-IE
2019-01-05 20:45 - 2019-01-05 20:49 - 000000000 ____D C:\Windows\system32\fil-PH
2019-01-05 20:45 - 2019-01-05 20:49 - 000000000 ____D C:\Windows\system32\fa-IR
2019-01-05 20:45 - 2019-01-05 20:49 - 000000000 ____D C:\Windows\system32\cy-GB
2019-01-05 20:45 - 2019-01-05 20:49 - 000000000 ____D C:\Windows\system32\chr-CHER-US
2019-01-05 20:45 - 2019-01-05 20:49 - 000000000 ____D C:\Windows\system32\ca-ES-valencia
2019-01-05 20:45 - 2019-01-05 20:49 - 000000000 ____D C:\Windows\system32\bs-Latn-BA
2019-01-05 20:45 - 2019-01-05 20:49 - 000000000 ____D C:\Windows\system32\bn-IN
2019-01-05 20:45 - 2019-01-05 20:49 - 000000000 ____D C:\Windows\system32\bn-BD
2019-01-05 20:45 - 2019-01-05 20:49 - 000000000 ____D C:\Windows\system32\be-BY
2019-01-05 20:45 - 2019-01-05 20:49 - 000000000 ____D C:\Windows\system32\az-Latn-AZ
2019-01-05 20:45 - 2019-01-05 20:49 - 000000000 ____D C:\Windows\system32\as-IN
2019-01-05 20:45 - 2019-01-05 20:49 - 000000000 ____D C:\Windows\system32\af-ZA
2019-01-05 20:45 - 2019-01-05 20:45 - 000000000 ____D C:\Windows\SysWOW64\MailContactsCalendarSync

#5

Revisa el informe que has puesto de FRST, está incompleto y falta que pongas el informe de Addition. :roll_eyes:


#6
2019-01-05 20:45 - 2019-01-05 20:45 - 000000000 ____D C:\Windows\SysWOW64\hi-IN
2019-01-05 20:45 - 2019-01-05 20:45 - 000000000 ____D C:\Windows\SysWOW64\gl-ES
2019-01-05 20:45 - 2019-01-05 20:45 - 000000000 ____D C:\Windows\SysWOW64\eu-ES
2019-01-05 20:45 - 2019-01-05 20:45 - 000000000 ____D C:\Windows\SysWOW64\ca-ES
2019-01-05 20:45 - 2019-01-05 20:45 - 000000000 ____D C:\Windows\system32\OpenSSH
2019-01-05 20:45 - 2019-01-05 20:45 - 000000000 ____D C:\Windows\system32\MailContactsCalendarSync
2019-01-05 20:45 - 2019-01-05 20:45 - 000000000 ____D C:\Windows\system32\hi-IN
2019-01-05 20:45 - 2019-01-05 20:45 - 000000000 ____D C:\Windows\system32\gl-ES
2019-01-05 20:45 - 2019-01-05 20:45 - 000000000 ____D C:\Windows\system32\eu-ES
2019-01-05 20:45 - 2019-01-05 20:45 - 000000000 ____D C:\Windows\system32\ca-ES
2019-01-05 20:45 - 2019-01-05 20:45 - 000000000 ____D C:\Program Files\Reference Assemblies
2019-01-05 20:45 - 2019-01-05 20:45 - 000000000 ____D C:\Program Files\MSBuild
2019-01-05 20:45 - 2019-01-05 20:45 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
2019-01-05 20:45 - 2019-01-05 20:45 - 000000000 ____D C:\Program Files (x86)\MSBuild
2019-01-05 20:44 - 2019-01-05 23:19 - 000789180 _____ C:\Windows\system32\perfh00A.dat
2019-01-05 20:44 - 2019-01-05 23:19 - 000155760 _____ C:\Windows\system32\perfc00A.dat
2019-01-05 20:44 - 2019-01-05 22:34 - 000000000 ____D C:\Windows\SysWOW64\winrm
2019-01-05 20:44 - 2019-01-05 22:34 - 000000000 ____D C:\Windows\SysWOW64\WCN
2019-01-05 20:44 - 2019-01-05 22:34 - 000000000 ____D C:\Windows\SysWOW64\slmgr
2019-01-05 20:44 - 2019-01-05 22:34 - 000000000 ____D C:\Windows\SysWOW64\Printing_Admin_Scripts
2019-01-05 20:44 - 2019-01-05 22:34 - 000000000 ____D C:\Windows\system32\winrm
2019-01-05 20:44 - 2019-01-05 22:34 - 000000000 ____D C:\Windows\system32\WCN
2019-01-05 20:44 - 2019-01-05 22:34 - 000000000 ____D C:\Windows\system32\slmgr
2019-01-05 20:44 - 2019-01-05 22:34 - 000000000 ____D C:\Windows\system32\Printing_Admin_Scripts
2019-01-05 20:44 - 2019-01-05 20:44 - 000346834 _____ C:\Windows\system32\perfi00A.dat
2019-01-05 20:44 - 2019-01-05 20:44 - 000043954 _____ C:\Windows\system32\perfd00A.dat
2019-01-05 20:44 - 2019-01-05 20:44 - 000000000 ____D C:\Windows\SysWOW64\sysprep
2019-01-05 20:44 - 2019-01-05 20:44 - 000000000 ____D C:\Windows\SysWOW64\es
2019-01-05 20:44 - 2019-01-05 20:44 - 000000000 ____D C:\Windows\SysWOW64\0409
2019-01-05 20:44 - 2019-01-05 20:44 - 000000000 ____D C:\Windows\system32\es
2019-01-05 20:44 - 2019-01-05 20:44 - 000000000 ____D C:\Windows\system32\0409
2019-01-05 20:44 - 2019-01-05 20:44 - 000000000 ____D C:\Windows\DigitalLocker
2019-01-05 20:41 - 2019-01-02 20:41 - 000835480 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2019-01-05 20:41 - 2019-01-02 20:41 - 000179600 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2019-01-05 20:39 - 2019-01-05 20:35 - 000215943 _____ C:\Windows\SysWOW64\dssec.dat
2019-01-05 20:39 - 2019-01-05 20:35 - 000208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msclmd.dll
2019-01-05 20:39 - 2019-01-05 20:35 - 000000741 _____ C:\Windows\SysWOW64\NOISE.DAT
2019-01-05 20:38 - 2019-01-10 00:03 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-01-05 20:38 - 2019-01-09 23:36 - 000000000 ____D C:\Program Files\Windows Defender
2019-01-05 20:38 - 2019-01-09 23:12 - 000000000 ____D C:\Windows\system32\NDF
2019-01-05 20:38 - 2019-01-09 21:17 - 000000000 ____D C:\Windows\AppReadiness
2019-01-05 20:38 - 2019-01-07 00:14 - 000000000 ___HD C:\Program Files\WindowsApps
2019-01-05 20:38 - 2019-01-06 19:26 - 000000000 ___RD C:\Program Files (x86)
2019-01-05 20:38 - 2019-01-06 19:26 - 000000000 ___HD C:\Windows\ELAMBKUP
2019-01-05 20:38 - 2019-01-06 03:48 - 000000000 ____D C:\Windows\appcompat
2019-01-05 20:38 - 2019-01-05 23:22 - 000000000 ____D C:\Windows\LiveKernelReports
2019-01-05 20:38 - 2019-01-05 22:43 - 000000000 ____D C:\Program Files\windows nt
2019-01-05 20:38 - 2019-01-05 22:42 - 000000000 __RHD C:\Users\Public\Libraries
2019-01-05 20:38 - 2019-01-05 22:41 - 000000000 ____D C:\Windows\system32\FxsTmp
2019-01-05 20:38 - 2019-01-05 22:34 - 000000000 ___SD C:\Windows\SysWOW64\F12
2019-01-05 20:38 - 2019-01-05 22:34 - 000000000 ___SD C:\Windows\SysWOW64\DiagSvcs
2019-01-05 20:38 - 2019-01-05 22:34 - 000000000 ___SD C:\Windows\system32\F12
2019-01-05 20:38 - 2019-01-05 22:34 - 000000000 ___SD C:\Windows\system32\dsc
2019-01-05 20:38 - 2019-01-05 22:34 - 000000000 ___SD C:\Windows\system32\DiagSvcs
2019-01-05 20:38 - 2019-01-05 22:34 - 000000000 ____D C:\Windows\SysWOW64\oobe
2019-01-05 20:38 - 2019-01-05 22:34 - 000000000 ____D C:\Windows\SysWOW64\MUI
2019-01-05 20:38 - 2019-01-05 22:34 - 000000000 ____D C:\Windows\SysWOW64\Dism
2019-01-05 20:38 - 2019-01-05 22:34 - 000000000 ____D C:\Windows\system32\SystemResetPlatform
2019-01-05 20:38 - 2019-01-05 22:34 - 000000000 ____D C:\Windows\system32\spool
2019-01-05 20:38 - 2019-01-05 22:34 - 000000000 ____D C:\Windows\system32\oobe
2019-01-05 20:38 - 2019-01-05 22:34 - 000000000 ____D C:\Windows\system32\MUI
2019-01-05 20:38 - 2019-01-05 22:34 - 000000000 ____D C:\Windows\system32\Dism
2019-01-05 20:38 - 2019-01-05 22:33 - 000000000 ____D C:\Windows\PolicyDefinitions
2019-01-05 20:38 - 2019-01-05 22:33 - 000000000 ____D C:\Windows\IME
2019-01-05 20:38 - 2019-01-05 22:33 - 000000000 ____D C:\Windows\Help
2019-01-05 20:38 - 2019-01-05 22:33 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2019-01-05 20:38 - 2019-01-05 22:30 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2019-01-05 20:38 - 2019-01-05 22:27 - 000000000 ____D C:\Program Files\Common Files\system
2019-01-05 20:38 - 2019-01-05 22:27 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2019-01-05 20:38 - 2019-01-05 22:17 - 000000000 ___RD C:\Windows\PrintDialog
2019-01-05 20:38 - 2019-01-05 22:17 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2019-01-05 20:38 - 2019-01-05 22:13 - 000000000 ____D C:\ProgramData\USOPrivate
2019-01-05 20:38 - 2019-01-05 21:49 - 000000000 ____D C:\Windows\system32\WinBioDatabase
2019-01-05 20:38 - 2019-01-05 21:48 - 000000000 ____D C:\Windows\Registration
2019-01-05 20:38 - 2019-01-05 20:56 - 000028672 _____ C:\Windows\system32\config\BCD-Template
2019-01-05 20:38 - 2019-01-05 20:49 - 000000000 ___SD C:\Windows\system32\UNP
2019-01-05 20:38 - 2019-01-05 20:49 - 000000000 ____D C:\Windows\TextInput
2019-01-05 20:38 - 2019-01-05 20:49 - 000000000 ____D C:\Windows\SysWOW64\setup
2019-01-05 20:38 - 2019-01-05 20:49 - 000000000 ____D C:\Windows\system32\WinBioPlugIns
2019-01-05 20:38 - 2019-01-05 20:49 - 000000000 ____D C:\Windows\system32\ta-in
2019-01-05 20:38 - 2019-01-05 20:49 - 000000000 ____D C:\Windows\system32\si-lk
2019-01-05 20:38 - 2019-01-05 20:49 - 000000000 ____D C:\Windows\system32\ShellExperiences
2019-01-05 20:38 - 2019-01-05 20:49 - 000000000 ____D C:\Windows\system32\setup
2019-01-05 20:38 - 2019-01-05 20:49 - 000000000 ____D C:\Windows\system32\appraiser
2019-01-05 20:38 - 2019-01-05 20:49 - 000000000 ____D C:\Windows\system32\am-et
2019-01-05 20:38 - 2019-01-05 20:49 - 000000000 ____D C:\Windows\ShellExperiences
2019-01-05 20:38 - 2019-01-05 20:49 - 000000000 ____D C:\Windows\ShellComponents
2019-01-05 20:38 - 2019-01-05 20:49 - 000000000 ____D C:\Windows\Provisioning
2019-01-05 20:38 - 2019-01-05 20:49 - 000000000 ____D C:\Windows\bcastdvr
2019-01-05 20:38 - 2019-01-05 20:49 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2019-01-05 20:38 - 2019-01-05 20:44 - 000000000 ____D C:\Windows\SysWOW64\com
2019-01-05 20:38 - 2019-01-05 20:44 - 000000000 ____D C:\Windows\system32\Sysprep
2019-01-05 20:38 - 2019-01-05 20:44 - 000000000 ____D C:\Windows\system32\migwiz
2019-01-05 20:38 - 2019-01-05 20:44 - 000000000 ____D C:\Windows\system32\com
2019-01-05 20:38 - 2019-01-05 20:39 - 000000000 ___SD C:\Windows\SysWOW64\Nui
2019-01-05 20:38 - 2019-01-05 20:39 - 000000000 ____D C:\Windows\SysWOW64\WinMetadata
2019-01-05 20:38 - 2019-01-05 20:39 - 000000000 ____D C:\Windows\SysWOW64\migwiz
2019-01-05 20:38 - 2019-01-05 20:39 - 000000000 ____D C:\Windows\SysWOW64\icsxml
2019-01-05 20:38 - 2019-01-05 20:39 - 000000000 ____D C:\Windows\SysWOW64\downlevel
2019-01-05 20:38 - 2019-01-05 20:39 - 000000000 ____D C:\Windows\SysWOW64\Bthprops
2019-01-05 20:38 - 2019-01-05 20:39 - 000000000 ____D C:\Windows\SysWOW64\AdvancedInstallers
2019-01-05 20:38 - 2019-01-05 20:38 - 000000000 __SHD C:\Program Files\Windows Sidebar
2019-01-05 20:38 - 2019-01-05 20:38 - 000000000 __SHD C:\Program Files (x86)\Windows Sidebar
2019-01-05 20:38 - 2019-01-05 20:38 - 000000000 __RSD C:\Windows\media
2019-01-05 20:38 - 2019-01-05 20:38 - 000000000 ___SD C:\Windows\SysWOW64\Configuration
2019-01-05 20:38 - 2019-01-05 20:38 - 000000000 ___SD C:\Windows\system32\Nui
2019-01-05 20:38 - 2019-01-05 20:38 - 000000000 ___SD C:\Windows\system32\Configuration
2019-01-05 20:38 - 2019-01-05 20:38 - 000000000 ___SD C:\Windows\Downloaded Program Files
2019-01-05 20:38 - 2019-01-05 20:38 - 000000000 ___RD C:\Windows\Offline Web Pages
2019-01-05 20:38 - 2019-01-05 20:38 - 000000000 ___HD C:\Windows\LanguageOverlayCache
2019-01-05 20:38 - 2019-01-05 20:38 - 000000000 ____D C:\Windows\Web
2019-01-05 20:38 - 2019-01-05 20:38 - 000000000 ____D C:\Windows\WaaS
2019-01-05 20:38 - 2019-01-05 20:38 - 000000000 ____D C:\Windows\Vss
2019-01-05 20:38 - 2019-01-05 20:38 - 000000000 ____D C:\Windows\tracing
2019-01-05 20:38 - 2019-01-05 20:38 - 000000000 ____D C:\Windows\TAPI
2019-01-05 20:38 - 2019-01-05 20:38 - 000000000 ____D C:\Windows\SysWOW64\SMI
2019-01-05 20:38 - 2019-01-05 20:38 - 000000000 ____D C:\Windows\SysWOW64\ras
2019-01-05 20:38 - 2019-01-05 20:38 - 000000000 ____D C:\Windows\SysWOW64\NDF
2019-01-05 20:38 - 2019-01-05 20:38 - 000000000 ____D C:\Windows\SysWOW64\Msdtc
2019-01-05 20:38 - 2019-01-05 20:38 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2019-01-05 20:38 - 2019-01-05 20:38 - 000000000 ____D C:\Windows\SysWOW64\Ipmi
2019-01-05 20:38 - 2019-01-05 20:38 - 000000000 ____D C:\Windows\SysWOW64\InputMethod
2019-01-05 20:38 - 2019-01-05 20:38 - 000000000 ____D C:\Windows\SysWOW64\inetsrv
2019-01-05 20:38 - 2019-01-05 20:38 - 000000000 ____D C:\Windows\SysWOW64\IME
2019-01-05 20:38 - 2019-01-05 20:38 - 000000000 ____D C:\Windows\SysWOW64\GroupPolicyUsers
2019-01-05 20:38 - 2019-01-05 20:38 - 000000000 ____D C:\Windows\SysWOW64\GroupPolicy
2019-01-05 20:38 - 2019-01-05 20:38 - 000000000 ____D C:\Windows\SysWOW64\FxsTmp
2019-01-05 20:38 - 2019-01-05 20:38 - 000000000 ____D C:\Windows\SysWOW64\AppLocker
2019-01-05 20:38 - 2019-01-05 20:38 - 000000000 ____D C:\Windows\SystemResources
2019-01-05 20:38 - 2019-01-05 20:38 - 000000000 ____D C:\Windows\SystemApps
2019-01-05 20:38 - 2019-01-05 20:38 - 000000000 ____D C:\Windows\system32\WinMetadata
2019-01-05 20:38 - 2019-01-05 20:38 - 000000000 ____D C:\Windows\system32\winevt
2019-01-05 20:38 - 2019-01-05 20:38 - 000000000 ____D C:\Windows\system32\ta-lk
2019-01-05 20:38 - 2019-01-05 20:38 - 000000000 ____D C:\Windows\system32\SecureBootUpdates
2019-01-05 20:38 - 2019-01-05 20:38 - 000000000 ____D C:\Windows\system32\ras
2019-01-05 20:38 - 2019-01-05 20:38 - 000000000 ____D C:\Windows\system32\ProximityToast
2019-01-05 20:38 - 2019-01-05 20:38 - 000000000 ____D C:\Windows\system32\PointOfService
2019-01-05 20:38 - 2019-01-05 20:38 - 000000000 ____D C:\Windows\system32\my-mm
2019-01-05 20:38 - 2019-01-05 20:38 - 000000000 ____D C:\Windows\system32\MsDtc
2019-01-05 20:38 - 2019-01-05 20:38 - 000000000 ____D C:\Windows\system32\Macromed
2019-01-05 20:38 - 2019-01-05 20:38 - 000000000 ____D C:\Windows\system32\Ipmi
2019-01-05 20:38 - 2019-01-05 20:38 - 000000000 ____D C:\Windows\system32\InputMethod
2019-01-05 20:38 - 2019-01-05 20:38 - 000000000 ____D C:\Windows\system32\inetsrv
2019-01-05 20:38 - 2019-01-05 20:38 - 000000000 ____D C:\Windows\system32\IME
2019-01-05 20:38 - 2019-01-05 20:38 - 000000000 ____D C:\Windows\system32\icsxml
2019-01-05 20:38 - 2019-01-05 20:38 - 000000000 ____D C:\Windows\system32\ias
2019-01-05 20:38 - 2019-01-05 20:38 - 000000000 ____D C:\Windows\system32\hydrogen
2019-01-05 20:38 - 2019-01-05 20:38 - 000000000 ____D C:\Windows\system32\GroupPolicyUsers
2019-01-05 20:38 - 2019-01-05 20:38 - 000000000 ____D C:\Windows\system32\GroupPolicy
2019-01-05 20:38 - 2019-01-05 20:38 - 000000000 ____D C:\Windows\system32\DriverState
2019-01-05 20:38 - 2019-01-05 20:38 - 000000000 ____D C:\Windows\system32\Drivers\DriverData
2019-01-05 20:38 - 2019-01-05 20:38 - 000000000 ____D C:\Windows\system32\downlevel
2019-01-05 20:38 - 2019-01-05 20:38 - 000000000 ____D C:\Windows\system32\DDFs
2019-01-05 20:38 - 2019-01-05 20:38 - 000000000 ____D C:\Windows\system32\config\TxR
2019-01-05 20:38 - 2019-01-05 20:38 - 000000000 ____D C:\Windows\system32\config\systemprofile
2019-01-05 20:38 - 2019-01-05 20:38 - 000000000 ____D C:\Windows\system32\config\RegBack
2019-01-05 20:38 - 2019-01-05 20:38 - 000000000 ____D C:\Windows\system32\config\Journal
2019-01-05 20:38 - 2019-01-05 20:38 - 000000000 ____D C:\Windows\system32\Bthprops
2019-01-05 20:38 - 2019-01-05 20:38 - 000000000 ____D C:\Windows\system32\AppLocker
2019-01-05 20:38 - 2019-01-05 20:38 - 000000000 ____D C:\Windows\system32\AdvancedInstallers
2019-01-05 20:38 - 2019-01-05 20:38 - 000000000 ____D C:\Windows\System
2019-01-05 20:38 - 2019-01-05 20:38 - 000000000 ____D C:\Windows\SKB
2019-01-05 20:38 - 2019-01-05 20:38 - 000000000 ____D C:\Windows\ServiceState
2019-01-05 20:38 - 2019-01-05 20:38 - 000000000 ____D C:\Windows\security
2019-01-05 20:38 - 2019-01-05 20:38 - 000000000 ____D C:\Windows\schemas
2019-01-05 20:38 - 2019-01-05 20:38 - 000000000 ____D C:\Windows\SchCache
2019-01-05 20:38 - 2019-01-05 20:38 - 000000000 ____D C:\Windows\Resources
2019-01-05 20:38 - 2019-01-05 20:38 - 000000000 ____D C:\Windows\rescache
2019-01-05 20:38 - 2019-01-05 20:38 - 000000000 ____D C:\Windows\PLA
2019-01-05 20:38 - 2019-01-05 20:38 - 000000000 ____D C:\Windows\Performance
2019-01-05 20:38 - 2019-01-05 20:38 - 000000000 ____D C:\Windows\ModemLogs
2019-01-05 20:38 - 2019-01-05 20:38 - 000000000 ____D C:\Windows\L2Schemas
2019-01-05 20:38 - 2019-01-05 20:38 - 000000000 ____D C:\Windows\InputMethod
2019-01-05 20:38 - 2019-01-05 20:38 - 000000000 ____D C:\Windows\IdentityCRL
2019-01-05 20:38 - 2019-01-05 20:38 - 000000000 ____D C:\Windows\Globalization
2019-01-05 20:38 - 2019-01-05 20:38 - 000000000 ____D C:\Windows\GameBarPresenceWriter
2019-01-05 20:38 - 2019-01-05 20:38 - 000000000 ____D C:\Windows\Cursors
2019-01-05 20:38 - 2019-01-05 20:38 - 000000000 ____D C:\Windows\Branding
2019-01-05 20:38 - 2019-01-05 20:38 - 000000000 ____D C:\Windows\addins
2019-01-05 20:38 - 2019-01-05 20:38 - 000000000 ____D C:\ProgramData\WindowsHolographicDevices
2019-01-05 20:38 - 2019-01-05 20:38 - 000000000 ____D C:\Program Files\Windows Security
2019-01-05 20:38 - 2019-01-05 20:38 - 000000000 ____D C:\Program Files\Windows Portable Devices
2019-01-05 20:38 - 2019-01-05 20:38 - 000000000 ____D C:\Program Files\Windows Multimedia Platform
2019-01-05 20:38 - 2019-01-05 20:38 - 000000000 ____D C:\Program Files\Common Files\Services
2019-01-05 20:38 - 2019-01-05 20:38 - 000000000 ____D C:\Program Files (x86)\Windows Portable Devices
2019-01-05 20:38 - 2019-01-05 20:38 - 000000000 ____D C:\Program Files (x86)\windows nt
2019-01-05 20:38 - 2019-01-05 20:38 - 000000000 ____D C:\Program Files (x86)\Windows Multimedia Platform
2019-01-05 20:38 - 2019-01-05 20:35 - 000229376 _____ (Microsoft Corporation) C:\Windows\system32\msclmd.dll
2019-01-05 20:38 - 2019-01-05 20:35 - 000215943 _____ C:\Windows\system32\dssec.dat
2019-01-05 20:38 - 2019-01-05 20:35 - 000017346 _____ C:\Windows\system32\OEMDefaultAssociations.xml
2019-01-05 20:38 - 2019-01-05 20:35 - 000003683 _____ C:\Windows\system32\Drivers\etc\lmhosts.sam
2019-01-05 20:38 - 2019-01-05 20:35 - 000000858 _____ C:\Windows\system32\DefaultQuestions.json
2019-01-05 20:38 - 2019-01-05 20:35 - 000000741 _____ C:\Windows\system32\NOISE.DAT
2019-01-05 20:36 - 2019-01-09 23:30 - 000000000 ____D C:\Windows\INF
2019-01-05 20:28 - 2019-01-09 23:28 - 000000000 ____D C:\Windows\CbsTemp
2019-01-05 20:25 - 2019-01-09 23:34 - 000032768 _____ C:\Windows\system32\config\ELAM
2019-01-05 20:25 - 2019-01-09 23:16 - 101974016 _____ C:\Windows\system32\config\SOFTWARE
2019-01-05 20:25 - 2019-01-09 23:16 - 027787264 _____ C:\Windows\system32\config\SYSTEM
2019-01-05 20:25 - 2019-01-09 23:16 - 000524288 _____ C:\Windows\system32\config\DEFAULT
2019-01-05 20:25 - 2019-01-09 23:16 - 000524288 _____ C:\Windows\system32\config\BBI
2019-01-05 20:25 - 2019-01-09 23:16 - 000131072 _____ C:\Windows\system32\config\SAM
2019-01-05 20:25 - 2019-01-09 23:16 - 000032768 _____ C:\Windows\system32\config\SECURITY
2019-01-05 20:25 - 2019-01-05 20:44 - 000000000 ____D C:\Windows\servicing
2019-01-05 20:25 - 2019-01-05 20:38 - 000000000 ____D C:\Windows\system32\SMI
2019-01-05 18:10 - 2019-01-05 21:08 - 000000000 ___HD C:\$SysReset
2019-01-04 22:50 - 2018-12-14 08:29 - 006567472 ____N (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-01-04 22:50 - 2018-12-14 08:22 - 009084216 ____N (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2019-01-04 22:50 - 2018-12-14 08:22 - 007520104 ____N (Microsoft Corporation) C:\Windows\system32\Windows.Media.Protection.PlayReady.dll
2019-01-04 22:50 - 2018-12-14 07:55 - 003396608 ____N (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll
2019-01-04 22:50 - 2018-12-14 07:53 - 007573504 _____ (Microsoft Corporation) C:\Windows\system32\Chakra.dll
2019-01-04 22:50 - 2018-12-08 13:42 - 004527800 ____N (Microsoft Corporation) C:\Windows\system32\sppsvc.exe
2019-01-04 22:50 - 2018-12-08 13:42 - 001616824 ____N (Microsoft Corporation) C:\Windows\system32\sppobjs.dll
2019-01-04 22:50 - 2018-12-08 13:29 - 013572608 ____N (Microsoft Corporation) C:\Windows\system32\wmp.dll
2019-01-04 22:50 - 2018-12-08 13:25 - 012500992 ____N (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2019-01-04 22:50 - 2018-12-08 09:07 - 005625352 ____N (Microsoft Corporation) C:\Windows\system32\StartTileData.dll
2019-01-04 22:50 - 2018-12-08 09:06 - 001017168 ____N (Microsoft Corporation) C:\Windows\system32\msmpeg2adec.dll
2019-01-04 22:50 - 2018-12-08 09:05 - 007436216 ____N (Microsoft Corporation) C:\Windows\system32\windows.storage.dll
2019-01-04 22:50 - 2018-12-08 08:49 - 025855488 _____ (Microsoft Corporation) C:\Windows\system32\edgehtml.dll
2019-01-04 22:50 - 2018-12-08 08:45 - 006043496 ____N (Microsoft Corporation) C:\Windows\SysWOW64\windows.storage.dll
2019-01-04 22:50 - 2018-12-08 08:42 - 022715392 ____N (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2019-01-04 22:50 - 2018-12-08 08:41 - 007057408 ____N (Microsoft Corporation) C:\Windows\system32\mos.dll
2019-01-04 22:50 - 2018-12-08 08:40 - 004710912 ____N (Microsoft Corporation) C:\Windows\system32\cdp.dll
2019-01-04 22:50 - 2018-12-08 08:38 - 022016000 ____N (Microsoft Corporation) C:\Windows\SysWOW64\edgehtml.dll
2019-01-04 22:50 - 2018-12-08 08:33 - 019405312 ____N (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2019-01-04 22:50 - 2018-11-09 07:15 - 021388752 ____N (Microsoft Corporation) C:\Windows\system32\shell32.dll
2019-01-04 22:50 - 2018-11-09 06:59 - 008623616 ____N (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2019-01-04 22:50 - 2018-11-09 06:57 - 004491264 ____N (Microsoft Corporation) C:\Windows\system32\xpsrchvw.exe
2019-01-04 22:50 - 2018-11-09 06:32 - 020383832 ____N (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2019-01-04 22:50 - 2018-11-09 06:20 - 003397632 ____N (Microsoft Corporation) C:\Windows\SysWOW64\xpsrchvw.exe
2019-01-04 22:50 - 2018-11-09 03:56 - 001213472 ____N (Microsoft Corporation) C:\Windows\system32\ClipUp.exe
2019-01-04 22:50 - 2018-11-09 03:21 - 004866560 ____N (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2019-01-04 22:50 - 2018-11-09 03:19 - 002368512 ____N (Microsoft Corporation) C:\Windows\system32\WebRuntimeManager.dll
2019-01-04 22:50 - 2018-11-09 03:18 - 003320320 ____N (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2019-01-04 22:50 - 2018-11-09 03:16 - 004939776 ____N (Microsoft Corporation) C:\Windows\system32\wininet.dll
2019-01-04 22:50 - 2018-11-09 02:29 - 003711488 ____N (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2019-01-04 22:50 - 2018-11-09 02:28 - 002900992 ____N (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2019-01-04 22:50 - 2018-11-09 02:26 - 004514816 ____N (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2019-01-04 22:49 - 2018-12-14 13:24 - 001364992 ____N (Microsoft Corporation) C:\Windows\system32\bcastdvruserservice.dll
2019-01-04 22:49 - 2018-12-14 08:29 - 001130760 ____N (Microsoft Corporation) C:\Windows\SysWOW64\msvproc.dll
2019-01-04 22:49 - 2018-12-14 08:25 - 001035256 ____N (Microsoft Corporation) C:\Windows\system32\ApplyTrustOffline.exe
2019-01-04 22:49 - 2018-12-14 08:23 - 001221432 ____N (Microsoft Corporation) C:\Windows\system32\hvix64.exe
2019-01-04 22:49 - 2018-12-14 08:23 - 001029944 ____N (Microsoft Corporation) C:\Windows\system32\hvax64.exe
2019-01-04 22:49 - 2018-12-14 08:23 - 000566568 ____N (Microsoft Corporation) C:\Windows\system32\tcblaunch.exe
2019-01-04 22:49 - 2018-12-14 08:23 - 000134968 ____N (Microsoft Corporation) C:\Windows\system32\hvloader.dll
2019-01-04 22:49 - 2018-12-14 08:23 - 000076088 ____N (Microsoft Corporation) C:\Windows\system32\Drivers\hvservice.sys
2019-01-04 22:49 - 2018-12-14 08:21 - 001457240 ____N (Microsoft Corporation) 
C:\Windows\system32\winload.efi
2019-01-04 22:49 - 2018-12-14 08:21 - 001257672 ____N (Microsoft Corporation) C:\Windows\system32\winload.exe
2019-01-04 22:49 - 2018-12-14 08:21 - 001140480 ____N (Microsoft Corporation) C:\Windows\system32\winresume.efi
2019-01-04 22:49 - 2018-12-14 08:21 - 001098064 ____N (Microsoft Corporation) C:\Windows\system32\msvproc.dll
2019-01-04 22:49 - 2018-12-14 08:21 - 000982912 ____N (Microsoft Corporation) C:\Windows\system32\winresume.exe
2019-01-04 22:49 - 2018-12-14 08:13 - 005775872 ____N (Microsoft Corporation) C:\Windows\SysWOW64\Chakra.dll
2019-01-04 22:49 - 2018-12-14 08:12 - 005307392 ____N (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2019-01-04 22:49 - 2018-12-14 08:10 - 001295360 ____N (Microsoft Corporation) C:\Windows\SysWOW64\MSVPXENC.dll
2019-01-04 22:49 - 2018-12-14 08:09 - 004529664 ____N (Microsoft Corporation) C:\Windows\SysWOW64\VsGraphicsDesktopEngine.exe
2019-01-04 22:49 - 2018-12-14 08:07 - 000669696 ____N (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2019-01-04 22:49 - 2018-12-14 07:56 - 000091136 ____N (Microsoft Corporation) C:\Windows\system32\VsGraphicsProxyStub.dll
2019-01-04 22:49 - 2018-12-14 07:55 - 000209408 _____ (Microsoft Corporation) C:\Windows\system32\AppXApplicabilityBlob.dll
2019-01-04 22:49 - 2018-12-14 07:54 - 006032384 ____N (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2019-01-04 22:49 - 2018-12-14 07:54 - 001307648 ____N (Microsoft Corporation) C:\Windows\system32\MSVPXENC.dll
2019-01-04 22:49 - 2018-12-14 07:54 - 000154112 ____N (Microsoft Corporation) C:\Windows\system32\Chakradiag.dll
2019-01-04 22:49 - 2018-12-14 07:53 - 005746688 ____N (Microsoft Corporation) C:\Windows\system32\VsGraphicsDesktopEngine.exe
2019-01-04 22:49 - 2018-12-14 07:52 - 002173440 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.onecore.dll
2019-01-04 22:49 - 2018-12-14 07:52 - 001826816 ____N (Microsoft Corporation) C:\Windows\system32\Windows.CloudStore.dll
2019-01-04 22:49 - 2018-12-14 07:51 - 001551360 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.desktop.dll
2019-01-04 22:49 - 2018-12-14 07:50 - 000776192 ____N (Microsoft Corporation) C:\Windows\system32\jscript.dll
2019-01-04 22:49 - 2018-12-14 06:34 - 000001312 ____N C:\Windows\system32\tcbres.wim
2019-01-04 22:49 - 2018-12-08 13:47 - 001048712 ____N (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Shell.Broker.dll
2019-01-04 22:49 - 2018-12-08 13:47 - 000645320 ____N (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2019-01-04 22:49 - 2018-12-08 13:46 - 000549760 ____N (Microsoft Corporation) C:\Windows\system32\AppResolver.dll
2019-01-04 22:49 - 2018-12-08 13:42 - 001634944 ____N (Microsoft Corporation) C:\Windows\system32\gdi32full.dll
2019-01-04 22:49 - 2018-12-08 13:41 - 002394960 ____N (Microsoft Corporation) C:\Windows\system32\WMVCORE.DLL
2019-01-04 22:49 - 2018-12-08 13:41 - 000481880 ____N (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2019-01-04 22:49 - 2018-12-08 13:40 - 001454648 ____N (Microsoft Corporation) C:\Windows\SysWOW64\gdi32full.dll
2019-01-04 22:49 - 2018-12-08 13:39 - 000444416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppResolver.dll
2019-01-04 22:49 - 2018-12-08 13:29 - 000064000 ____N (Microsoft Corporation) C:\Windows\system32\iemigplugin.dll
2019-01-04 22:49 - 2018-12-08 13:28 - 012710400 ____N (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2019-01-04 22:49 - 2018-12-08 13:28 - 006586880 ____N (Microsoft Corporation) C:\Windows\system32\twinui.dll
2019-01-04 22:49 - 2018-12-08 13:28 - 004708864 ____N (Microsoft Corporation) C:\Windows\system32\twinui.pcshell.dll
2019-01-04 22:49 - 2018-12-08 13:27 - 005657600 ____N (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2019-01-04 22:49 - 2018-12-08 13:27 - 000082432 ____N (Microsoft Corporation) C:\Windows\system32\Drivers\storqosflt.sys
2019-01-04 22:49 - 2018-12-08 13:27 - 000068608 ____N (Microsoft Corporation) C:\Windows\system32\fdBth.dll
2019-01-04 22:49 - 2018-12-08 13:27 - 000059392 ____N (Microsoft Corporation) C:\Windows\SysWOW64\fdBth.dll
2019-01-04 22:49 - 2018-12-08 13:25 - 011902976 ____N (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2019-01-04 22:49 - 2018-12-08 13:23 - 003649024 ____N (Microsoft Corporation) C:\Windows\system32\win32kfull.sys
2019-01-04 22:49 - 2018-12-08 13:23 - 002892288 ____N (Microsoft Corporation) C:\Windows\SysWOW64\win32kfull.sys
2019-01-04 22:49 - 2018-12-08 13:23 - 001856512 ____N (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2019-01-04 22:49 - 2018-12-08 13:23 - 001661440 ____N (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll
2019-01-04 22:49 - 2018-12-08 13:23 - 000503296 ____N (Microsoft Corporation) C:\Windows\system32\sppcext.dll
2019-01-04 22:49 - 2018-12-08 13:23 - 000471040 ____N (Microsoft Corporation) C:\Windows\SysWOW64\AcSpecfc.dll
2019-01-04 22:49 - 2018-12-08 13:22 - 001586176 ____N (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2019-01-04 22:49 - 2018-12-08 13:22 - 001469952 ____N (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
2019-01-04 22:49 - 2018-12-08 13:22 - 000577024 ____N (Microsoft Corporation) C:\Windows\system32\SppExtComObj.Exe
2019-01-04 22:49 - 2018-12-08 09:12 - 000272408 ____N (Microsoft Corporation) C:\Windows\system32\SgrmEnclave.dll
2019-01-04 22:49 - 2018-12-08 09:12 - 000269336 ____N (Microsoft Corporation) C:\Windows\system32\SgrmEnclave_secure.dll
2019-01-04 22:49 - 2018-12-08 09:12 - 000092688 ____N (Microsoft Corporation) C:\Windows\system32\Drivers\bindflt.sys
2019-01-04 22:49 - 2018-12-08 09:07 - 001328632 ____N (Microsoft Corporation) C:\Windows\system32\wpx.dll
2019-01-04 22:49 - 2018-12-08 09:07 - 001063416 ____N (Microsoft Corporation) C:\Windows\system32\SecConfig.efi
2019-01-04 22:49 - 2018-12-08 09:06 - 000777512 ____N (Microsoft Corporation) C:\Windows\system32\wer.dll
2019-01-04 22:49 - 2018-12-08 09:06 - 000709936 ____N (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2019-01-04 22:49 - 2018-12-08 09:06 - 000491416 ____N (Microsoft Corporation) C:\Windows\system32\mf.dll
2019-01-04 22:49 - 2018-12-08 09:06 - 000433168 ____N (Microsoft Corporation) C:\Windows\system32\Drivers\rdbss.sys
2019-01-04 22:49 - 2018-12-08 09:06 - 000249088 ____N (Microsoft Corporation) C:\Windows\system32\weretw.dll
2019-01-04 22:49 - 2018-12-08 09:05 - 002822656 ____N (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2019-01-04 22:49 - 2018-12-08 09:05 - 002463384 ____N (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2019-01-04 22:49 - 2018-12-08 09:05 - 001935008 ____N (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2019-01-04 22:49 - 2018-12-08 09:05 - 001209888 ____N (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2019-01-04 22:49 - 2018-12-08 09:05 - 001018880 ____N (Microsoft Corporation) C:\Windows\system32\Drivers\ClipSp.sys
2019-01-04 22:49 - 2018-12-08 09:05 - 000793592 ____N (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms2.sys
2019-01-04 22:49 - 2018-12-08 09:05 - 000706040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vhdmp.sys
2019-01-04 22:49 - 2018-12-08 09:05 - 000594224 ____N (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2019-01-04 22:49 - 2018-12-08 09:05 - 000421176 ____N (Microsoft Corporation) C:\Windows\system32\xbgmengine.dll
2019-01-04 22:49 - 2018-12-08 09:05 - 000413920 ____N (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2019-01-04 22:49 - 2018-12-08 09:05 - 000171008 ____N (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2019-01-04 22:49 - 2018-12-08 09:05 - 000130312 ____N (Microsoft Corporation) C:\Windows\system32\rmclient.dll
2019-01-04 22:49 - 2018-12-08 09:05 - 000086016 ____N (Microsoft Corporation) C:\Windows\system32\Drivers\fileinfo.sys
2019-01-04 22:49 - 2018-12-08 09:04 - 004404720 ____N (Microsoft Corporation) C:\Windows\system32\mfcore.dll
2019-01-04 22:49 - 2018-12-08 09:04 - 002590296 ____N (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2019-01-04 22:49 - 2018-12-08 09:04 - 002371296 ____N (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2019-01-04 22:49 - 2018-12-08 09:04 - 001943328 ____N (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2019-01-04 22:49 - 2018-12-08 09:04 - 001188512 ____N (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2019-01-04 22:49 - 2018-12-08 09:04 - 001150312 ____N (Microsoft Corporation) C:\Windows\system32\MSVP9DEC.dll
2019-01-04 22:49 - 2018-12-08 09:04 - 000885760 _____ (Microsoft Corporation) C:\Windows\system32\CoreMessaging.dll
2019-01-04 22:49 - 2018-12-08 09:04 - 000604984 ____N (Microsoft Corporation) C:\Windows\system32\securekernel.exe
2019-01-04 22:49 - 2018-12-08 09:04 - 000527160 ____N (Microsoft Corporation) C:\Windows\system32\hal.dll
2019-01-04 22:49 - 2018-12-08 09:04 - 000416024 ____N (Microsoft Corporation) C:\Windows\system32\MSAudDecMFT.dll
2019-01-04 22:49 - 2018-12-08 09:04 - 000413176 ____N (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2019-01-04 22:49 - 2018-12-08 09:04 - 000375608 ____N (Microsoft Corporation) C:\Windows\system32\Drivers\msrpc.sys
2019-01-04 22:49 - 2018-12-08 09:04 - 000335672 ____N (Microsoft Corporation) C:\Windows\system32\moshostcore.dll
2019-01-04 22:49 - 2018-12-08 09:04 - 000268280 ____N (Microsoft Corporation) C:\Windows\system32\browserbroker.dll
2019-01-04 22:49 - 2018-12-08 09:04 - 000260800 ____N (Microsoft Corporation) C:\Windows\system32\mfps.dll
2019-01-04 22:49 - 2018-12-08 09:04 - 000158624 ____N (Microsoft Corporation) C:\Windows\system32\vertdll.dll
2019-01-04 22:49 - 2018-12-08 09:04 - 000128824 ____N (Microsoft Corporation) C:\Windows\system32\Drivers\tm.sys
2019-01-04 22:49 - 2018-12-08 09:04 - 000058168 ____N (Microsoft Corporation) C:\Windows\system32\Drivers\iorate.sys
2019-01-04 22:49 - 2018-12-08 09:04 - 000043520 ____N (Microsoft Corporation) C:\Windows\system32\browser_broker.exe
2019-01-04 22:49 - 2018-12-08 08:47 - 000861744 ____N (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2adec.dll
2019-01-04 22:49 - 2018-12-08 08:47 - 000785760 ____N (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2019-01-04 22:49 - 2018-12-08 08:46 - 002331480 ____N (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2019-01-04 22:49 - 2018-12-08 08:46 - 001989040 ____N (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2019-01-04 22:49 - 2018-12-08 08:46 - 001397104 ____N (Microsoft Corporation) C:\Windows\SysWOW64\MSVP9DEC.dll
2019-01-04 22:49 - 2018-12-08 08:46 - 000665224 ____N (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2019-01-04 22:49 - 2018-12-08 08:46 - 000457056 ____N (Microsoft Corporation) C:\Windows\SysWOW64\MSAudDecMFT.dll
2019-01-04 22:49 - 2018-12-08 08:46 - 000101192 ____N (Microsoft Corporation) C:\Windows\SysWOW64\rmclient.dll
2019-01-04 22:49 - 2018-12-08 08:45 - 004789952 ____N (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll
2019-01-04 22:49 - 2018-12-08 08:45 - 002307240 ____N (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2019-01-04 22:49 - 2018-12-08 08:45 - 001805656 ____N (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2019-01-04 22:49 - 2018-12-08 08:45 - 001620472 ____N (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2019-01-04 22:49 - 2018-12-08 08:45 - 001379816 ____N (Microsoft Corporation) C:\Windows\SysWOW64\mfasfsrcsnk.dll
2019-01-04 22:49 - 2018-12-08 08:45 - 001011872 ____N (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2019-01-04 22:49 - 2018-12-08 08:45 - 000567256 ____N (Microsoft Corporation) C:\Windows\SysWOW64\CoreMessaging.dll
2019-01-04 22:49 - 2018-12-08 08:45 - 000356864 ____N (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll
2019-01-04 22:49 - 2018-12-08 08:45 - 000129296 ____N (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2019-01-04 22:49 - 2018-12-08 08:42 - 009084928 ____N (Microsoft Corporation) C:\Windows\system32\BingMaps.dll
2019-01-04 22:49 - 2018-12-08 08:40 - 004384768 ____N (Microsoft Corporation) C:\Windows\system32\EdgeContent.dll
2019-01-04 22:49 - 2018-12-08 08:39 - 000036352 ____N (Microsoft Corporation) C:\Windows\system32\wpnsruprov.dll
2019-01-04 22:49 - 2018-12-08 08:38 - 003392000 ____N (Microsoft Corporation) C:\Windows\system32\tquery.dll
2019-01-04 22:49 - 2018-12-08 08:38 - 002739200 ____N (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2019-01-04 22:49 - 2018-12-08 08:38 - 000419328 ____N (Microsoft Corporation) C:\Windows\system32\eeprov.dll
2019-01-04 22:49 - 2018-12-08 08:38 - 000310272 ____N (Microsoft Corporation) C:\Windows\system32\wc_storage.dll
2019-01-04 22:49 - 2018-12-08 08:38 - 000132608 ____N (Microsoft Corporation) C:\Windows\system32\DataUsageLiveTileTask.exe
2019-01-04 22:49 - 2018-12-08 08:38 - 000085504 ____N (Microsoft Corporation) C:\Windows\system32\LocationFrameworkInternalPS.dll
2019-01-04 22:49 - 2018-12-08 08:38 - 000083456 ____N (Microsoft Corporation) C:\Windows\system32\Drivers\wcnfs.sys
2019-01-04 22:49 - 2018-12-08 08:38 - 000055296 ____N (Microsoft Corporation) C:\Windows\system32\msscntrs.dll
2019-01-04 22:49 - 2018-12-08 08:37 - 002825728 ____N (Microsoft Corporation) C:\Windows\system32\MapGeocoder.dll
2019-01-04 22:49 - 2018-12-08 08:37 - 000395776 ____N (Microsoft Corporation) C:\Windows\system32\Search.ProtocolHandler.MAPI2.dll
2019-01-04 22:49 - 2018-12-08 08:37 - 000386048 ____N (Microsoft Corporation) C:\Windows\system32\Windows.System.Diagnostics.dll
2019-01-04 22:49 - 2018-12-08 08:37 - 000358912 ____N (Microsoft Corporation) C:\Windows\system32\DataUsageHandlers.dll
2019-01-04 22:49 - 2018-12-08 08:37 - 000184320 ____N (Microsoft Corporation) C:\Windows\system32\bthserv.dll
2019-01-04 22:49 - 2018-12-08 08:37 - 000170496 ____N (Microsoft Corporation) C:\Windows\system32\appsruprov.dll
2019-01-04 22:49 - 2018-12-08 08:37 - 000157696 ____N (Microsoft Corporation) C:\Windows\system32\energyprov.dll
2019-01-04 22:49 - 2018-12-08 08:37 - 000106496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthenum.sys
2019-01-04 22:49 - 2018-12-08 08:37 - 000099328 ____N (Microsoft Corporation) C:\Windows\system32\utcutil.dll
2019-01-04 22:49 - 2018-12-08 08:37 - 000079872 ____N (Microsoft Corporation) C:\Windows\system32\offreg.dll
2019-01-04 22:49 - 2018-12-08 08:36 - 003381248 ____N (Microsoft Corporation) C:\Windows\system32\MapRouter.dll
2019-01-04 22:49 - 2018-12-08 08:36 - 003090432 ____N (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2019-01-04 22:49 - 2018-12-08 08:36 - 002364928 ____N (Microsoft Corporation) C:\Windows\system32\OpcServices.dll
2019-01-04 22:49 - 2018-12-08 08:36 - 001768448 ____N (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2019-01-04 22:49 - 2018-12-08 08:36 - 000894464 ____N (Microsoft Corporation) C:\Windows\system32\webplatstorageserver.dll
2019-01-04 22:49 - 2018-12-08 08:36 - 000566784 _____ (Microsoft Corporation) C:\Windows\system32\daxexec.dll
2019-01-04 22:49 - 2018-12-08 08:36 - 000462336 ____N (Microsoft Corporation) C:\Windows\system32\bcdedit.exe
2019-01-04 22:49 - 2018-12-08 08:36 - 000356352 ____N (Microsoft Corporation) C:\Windows\system32\dusmsvc.dll
2019-01-04 22:49 - 2018-12-08 08:36 - 000227328 ____N (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe
2019-01-04 22:49 - 2018-12-08 08:36 - 000153600 ____N (Microsoft Corporation) C:\Windows\system32\RMapi.dll
2019-01-04 22:49 - 2018-12-08 08:36 - 000043008 ____N (Microsoft Corporation) C:\Windows\system32\Drivers\mmcss.sys
2019-01-04 22:49 - 2018-12-08 08:35 - 002126336 ____N (Microsoft Corporation) C:\Windows\system32\LocationFramework.dll
2019-01-04 22:49 - 2018-12-08 08:35 - 001708544 ____N (Microsoft Corporation) C:\Windows\system32\MSPhotography.dll
2019-01-04 22:49 - 2018-12-08 08:35 - 000808448 ____N (Microsoft Corporation) C:\Windows\system32\EdgeManager.dll
2019-01-04 22:49 - 2018-12-08 08:35 - 000623104 ____N (Microsoft Corporation) C:\Windows\system32\PsmServiceExtHost.dll
2019-01-04 22:49 - 2018-12-08 08:34 - 001535488 ____N (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2019-01-04 22:49 - 2018-12-08 08:34 - 001023488 ____N (Microsoft Corporation) C:\Windows\system32\ShareHost.dll
2019-01-04 22:49 - 2018-12-08 08:34 - 000884224 ____N (Microsoft Corporation) C:\Windows\system32\NMAA.dll
2019-01-04 22:49 - 2018-12-08 08:34 - 000693248 ____N (Microsoft Corporation) C:\Windows\system32\Windows.Networking.Connectivity.dll
2019-01-04 22:49 - 2018-12-08 08:34 - 000684544 ____N (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll
2019-01-04 22:49 - 2018-12-08 08:34 - 000491520 ____N (Microsoft Corporation) C:\Windows\system32\defragsvc.dll
2019-01-04 22:49 - 2018-12-08 08:33 - 002904064 ____N (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2019-01-04 22:49 - 2018-12-08 08:33 - 001457152 ____N (Microsoft Corporation) C:\Windows\system32\dosvc.dll
2019-01-04 22:49 - 2018-12-08 08:33 - 001264640 ____N (Microsoft Corporation) C:\Windows\system32\JpMapControl.dll
2019-01-04 22:49 - 2018-12-08 08:33 - 001058304 ____N (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2019-01-04 22:49 - 2018-12-08 08:33 - 000949248 ____N (Microsoft Corporation) C:\Windows\system32\wcmsvc.dll
2019-01-04 22:49 - 2018-12-08 08:33 - 000823296 ____N (Microsoft Corporation) C:\Windows\system32\twinui.appcore.dll
2019-01-04 22:49 - 2018-12-08 08:33 - 000176640 ____N (Microsoft Corporation) C:\Windows\system32\mssph.dll
2019-01-04 22:49 - 2018-12-08 08:32 - 001097728 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthport.sys
2019-01-04 22:49 - 2018-12-08 08:32 - 001032704 ____N (Microsoft Corporation) C:\Windows\system32\modernexecserver.dll
2019-01-04 22:49 - 2018-12-08 08:32 - 000895488 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Security.Authentication.OnlineId.dll
2019-01-04 22:49 - 2018-12-08 08:32 - 000796672 ____N (Microsoft Corporation) C:\Windows\system32\mssvp.dll
2019-01-04 22:49 - 2018-12-08 08:32 - 000542208 ____N (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2019-01-04 22:49 - 2018-12-08 08:32 - 000406528 ____N (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2019-01-04 22:49 - 2018-12-08 08:30 - 006647296 ____N (Microsoft Corporation) C:\Windows\SysWOW64\BingMaps.dll
2019-01-04 22:49 - 2018-12-08 08:30 - 002966528 ____N (Microsoft Corporation) C:\Windows\SysWOW64\cdp.dll
2019-01-04 22:49 - 2018-12-08 08:30 - 000074240 ____N (Microsoft Corporation) C:\Windows\SysWOW64\dtdump.exe
2019-01-04 22:49 - 2018-12-08 08:29 - 005883904 ____N (Microsoft Corporation) C:\Windows\SysWOW64\mos.dll
2019-01-04 22:49 - 2018-12-08 08:29 - 002700288 ____N (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2019-01-04 22:49 - 2018-12-08 08:29 - 000311296 ____N (Microsoft Corporation) C:\Windows\SysWOW64\Windows.System.Diagnostics.dll
2019-01-04 22:49 - 2018-12-08 08:29 - 000032768 ____N (Microsoft Corporation) C:\Windows\SysWOW64\werdiagcontroller.dll
2019-01-04 22:49 - 2018-12-08 08:28 - 002258944 ____N (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2019-01-04 22:49 - 2018-12-08 08:28 - 001361408 ____N (Microsoft Corporation) C:\Windows\SysWOW64\MSPhotography.dll
2019-01-04 22:49 - 2018-12-08 08:28 - 000391680 ____N (Microsoft Corporation) C:\Windows\SysWOW64\daxexec.dll
2019-01-04 22:49 - 2018-12-08 08:28 - 000288768 ____N (Microsoft Corporation) C:\Windows\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2019-01-04 22:49 - 2018-12-08 08:27 - 002449408 ____N (Microsoft Corporation) C:\Windows\SysWOW64\MapRouter.dll
2019-01-04 22:49 - 2018-12-08 08:27 - 001986560 ____N (Microsoft Corporation) C:\Windows\SysWOW64\MapGeocoder.dll
2019-01-04 22:49 - 2018-12-08 08:27 - 000608768 ____N (Microsoft Corporation) C:\Windows\SysWOW64\EdgeManager.dll
2019-01-04 22:49 - 2018-12-08 08:27 - 000578560 ____N (Microsoft Corporation) C:\Windows\SysWOW64\webplatstorageserver.dll
2019-01-04 22:49 - 2018-12-08 08:27 - 000555008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.Connectivity.dll
2019-01-04 22:49 - 2018-12-08 08:27 - 000059392 ____N (Microsoft Corporation) C:\Windows\SysWOW64\offreg.dll
2019-01-04 22:49 - 2018-12-08 08:26 - 001348096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\OpcServices.dll
2019-01-04 22:49 - 2018-12-08 08:26 - 000848384 ____N (Microsoft Corporation) C:\Windows\SysWOW64\ShareHost.dll
2019-01-04 22:49 - 2018-12-08 08:25 - 000978944 ____N (Microsoft Corporation) C:\Windows\SysWOW64\JpMapControl.dll
2019-01-04 22:49 - 2018-12-08 08:25 - 000856576 ____N (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2019-01-04 22:49 - 2018-12-08 08:25 - 000729088 ____N (Microsoft Corporation) C:\Windows\SysWOW64\NMAA.dll
2019-01-04 22:49 - 2018-12-08 08:25 - 000702464 ____N (Microsoft Corporation) C:\Windows\SysWOW64\twinui.appcore.dll
2019-01-04 22:49 - 2018-12-08 08:25 - 000145408 ____N (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2019-01-04 22:49 - 2018-12-08 08:24 - 000795648 ____N (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Security.Authentication.OnlineId.dll
2019-01-04 22:49 - 2018-12-08 08:24 - 000735744 ____N (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
2019-01-04 22:49 - 2018-12-08 08:24 - 000533504 ____N (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2019-01-04 22:49 - 2018-12-08 08:24 - 000345088 ____N (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2019-01-04 22:49 - 2018-11-09 07:00 - 000177664 ____N (Microsoft Corporation) C:\Windows\system32\t2embed.dll
2019-01-04 22:49 - 2018-11-09 06:58 - 000244736 _____ (Microsoft Corporation) C:\Windows\system32\WinSCard.dll
2019-01-04 22:49 - 2018-11-09 06:57 - 000208896 ____N (Microsoft Corporation) C:\Windows\system32\sensrsvc.dll
2019-01-04 22:49 - 2018-11-09 06:56 - 000392192 ____N (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2019-01-04 22:49 - 2018-11-09 06:56 - 000381952 ____N (Microsoft Corporation) C:\Windows\system32\ninput.dll
2019-01-04 22:49 - 2018-11-09 06:56 - 000103936 ____N (Microsoft Corporation) C:\Windows\system32\DeviceSoftwareInstallationClient.dll
2019-01-04 22:49 - 2018-11-09 06:55 - 001254400 ____N (Microsoft Corporation) C:\Windows\system32\SystemSettings.Handlers.dll
2019-01-04 22:49 - 2018-11-09 06:55 - 000878592 ____N (Microsoft Corporation) C:\Windows\system32\CPFilters.dll
2019-01-04 22:49 - 2018-11-09 06:54 - 001535488 ____N (Microsoft Corporation) C:\Windows\system32\wbengine.exe
2019-01-04 22:49 - 2018-11-09 06:22 - 000138752 ____N (Microsoft Corporation) C:\Windows\SysWOW64\t2embed.dll
2019-01-04 22:49 - 2018-11-09 06:20 - 007987712 ____N (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2019-01-04 22:49 - 2018-11-09 06:19 - 000181248 ____N (Microsoft Corporation) C:\Windows\SysWOW64\WinSCard.dll
2019-01-04 22:49 - 2018-11-09 06:18 - 000344576 ____N (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2019-01-04 22:49 - 2018-11-09 06:18 - 000320512 ____N (Microsoft Corporation) C:\Windows\SysWOW64\ninput.dll
2019-01-04 22:49 - 2018-11-09 06:17 - 000704000 ____N (Microsoft Corporation) C:\Windows\SysWOW64\CPFilters.dll
2019-01-04 22:49 - 2018-11-09 03:49 - 000723416 ____N (Microsoft Corporation) C:\Windows\system32\ci.dll
2019-01-04 22:49 - 2018-11-09 03:49 - 000565048 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBHUB3.SYS
2019-01-04 22:49 - 2018-11-09 03:49 - 000368656 ____N (Microsoft Corporation) C:\Windows\system32\thumbcache.dll
2019-01-04 22:49 - 2018-11-09 03:48 - 003179760 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2019-01-04 22:49 - 2018-11-09 03:48 - 002719736 ____N (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2019-01-04 22:49 - 2018-11-09 03:48 - 001613288 ____N (Microsoft Corporation) C:\Windows\system32\D3D12.dll
2019-01-04 22:49 - 2018-11-09 03:48 - 000899920 ____N (Microsoft Corporation) C:\Windows\system32\winhttp.dll
2019-01-04 22:49 - 2018-11-09 03:48 - 000766704 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll
2019-01-04 22:49 - 2018-11-09 03:48 - 000745472 ____N (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys
2019-01-04 22:49 - 2018-11-09 03:48 - 000375296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pci.sys
2019-01-04 22:49 - 2018-11-09 03:47 - 002765344 ____N (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2019-01-04 22:49 - 2018-11-09 03:47 - 002571128 ____N (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2019-01-04 22:49 - 2018-11-09 03:47 - 002062392 ____N (Microsoft Corporation) C:\Windows\system32\mfsrcsnk.dll
2019-01-04 22:49 - 2018-11-09 03:47 - 001285432 ____N (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2019-01-04 22:49 - 2018-11-09 03:47 - 000930616 ____N (Microsoft Corporation) C:\Windows\system32\WWAHost.exe
2019-01-04 22:49 - 2018-11-09 03:47 - 000537912 ____N (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2019-01-04 22:49 - 2018-11-09 03:22 - 000185344 ____N (Microsoft Corporation) C:\Windows\system32\InstallServiceTasks.dll
2019-01-04 22:49 - 2018-11-09 03:22 - 000097792 ____N (Microsoft Corporation) C:\Windows\system32\winhttpcom.dll
2019-01-04 22:49 - 2018-11-09 03:21 - 001627136 ____N (Microsoft Corporation) C:\Windows\system32\enterprisecsps.dll
2019-01-04 22:49 - 2018-11-09 03:21 - 000119808 ____N (Microsoft Corporation) C:\Windows\system32\UserDataTimeUtil.dll
2019-01-04 22:49 - 2018-11-09 03:21 - 000112128 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthhfenum.sys
2019-01-04 22:49 - 2018-11-09 03:21 - 000002560 ____N (Microsoft Corporation) C:\Windows\system32\tzres.dll
2019-01-04 22:49 - 2018-11-09 03:20 - 000530432 ____N (Microsoft Corporation) C:\Windows\system32\MapConfiguration.dll
2019-01-04 22:49 - 2018-11-09 03:20 - 000399872 ____N (Microsoft Corporation) C:\Windows\system32\BthAvctpSvc.dll
2019-01-04 22:49 - 2018-11-09 03:20 - 000193536 ____N (Microsoft Corporation) C:\Windows\system32\Drivers\ndiswan.sys
2019-01-04 22:49 - 2018-11-09 03:20 - 000092160 ____N (Microsoft Corporation) C:\Windows\system32\tzautoupdate.dll
2019-01-04 22:49 - 2018-11-09 03:19 - 000726528 ____N (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2019-01-04 22:49 - 2018-11-09 03:19 - 000304128 ____N (Microsoft Corporation) C:\Windows\system32\domgmt.dll
2019-01-04 22:49 - 2018-11-09 03:18 - 001487360 ____N (Microsoft Corporation) C:\Windows\system32\InstallService.dll
2019-01-04 22:49 - 2018-11-09 03:18 - 000573952 _____ (Microsoft Corporation) C:\Windows\system32\webio.dll
2019-01-04 22:49 - 2018-11-09 03:18 - 000514048 ____N (Microsoft Corporation) C:\Windows\system32\BTAGService.dll
2019-01-04 22:49 - 2018-11-09 03:18 - 000300032 ____N (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll
2019-01-04 22:49 - 2018-11-09 03:17 - 002584576 ____N (Microsoft Corporation) C:\Windows\system32\wlansvc.dll
2019-01-04 22:49 - 2018-11-09 03:17 - 001069568 ____N (Microsoft Corporation) C:\Windows\system32\Windows.Media.Streaming.dll
2019-01-04 22:49 - 2018-11-09 03:16 - 002224640 _____ (Microsoft Corporation) C:\Windows\system32\win32kbase.sys
2019-01-04 22:49 - 2018-11-09 03:16 - 001364992 ____N (Microsoft Corporation) C:\Windows\system32\lpasvc.dll
2019-01-04 22:49 - 2018-11-09 03:16 - 001225216 ____N (Microsoft Corporation) C:\Windows\system32\MapsStore.dll
2019-01-04 22:49 - 2018-11-09 03:16 - 000308736 ____N (Microsoft Corporation) C:\Windows\system32\EnterpriseAppMgmtSvc.dll
2019-01-04 22:49 - 2018-11-09 03:15 - 000943616 ____N (Microsoft Corporation) C:\Windows\system32\BingOnlineServices.dll
2019-01-04 22:49 - 2018-11-09 03:15 - 000933888 ____N (Microsoft Corporation) C:\Windows\system32\rasmans.dll
2019-01-04 22:49 - 2018-11-09 03:15 - 000884224 ____N (Microsoft Corporation) C:\Windows\system32\MapControlCore.dll
2019-01-04 22:49 - 2018-11-09 03:15 - 000505344 ____N (Microsoft Corporation) C:\Windows\system32\edgeIso.dll
2019-01-04 22:49 - 2018-11-09 03:07 - 002417976 ____N (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2019-01-04 22:49 - 2018-11-09 03:07 - 001299704 ____N (Microsoft Corporation) C:\Windows\SysWOW64\D3D12.dll
2019-01-04 22:49 - 2018-11-09 02:48 - 000550728 ____N (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2019-01-04 22:49 - 2018-11-09 02:47 - 000295224 ____N (Microsoft Corporation) C:\Windows\SysWOW64\thumbcache.dll
2019-01-04 22:49 - 2018-11-09 02:46 - 002253184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2019-01-04 22:49 - 2018-11-09 02:46 - 002161008 ____N (Microsoft Corporation) C:\Windows\SysWOW64\mfsrcsnk.dll
2019-01-04 22:49 - 2018-11-09 02:46 - 001980776 ____N (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2019-01-04 22:49 - 2018-11-09 02:46 - 000829960 ____N (Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe
2019-01-04 22:49 - 2018-11-09 02:46 - 000721024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll
2019-01-04 22:49 - 2018-11-09 02:46 - 000573504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll
2019-01-04 22:49 - 2018-11-09 02:31 - 000094720 ____N (Microsoft Corporation) C:\Windows\SysWOW64\UserDataTimeUtil.dll
2019-01-04 22:49 - 2018-11-09 02:31 - 000002560 ____N (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2019-01-04 22:49 - 2018-11-09 02:30 - 000142848 ____N (Microsoft Corporation) C:\Windows\SysWOW64\InstallServiceTasks.dll
2019-01-04 22:49 - 2018-11-09 02:30 - 000082944 ____N (Microsoft Corporation) C:\Windows\SysWOW64\winhttpcom.dll
2019-01-04 22:49 - 2018-11-09 02:29 - 000561152 ____N (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2019-01-04 22:49 - 2018-11-09 02:29 - 000392704 ____N (Microsoft Corporation) C:\Windows\SysWOW64\MapConfiguration.dll
2019-01-04 22:49 - 2018-11-09 02:29 - 000331264 ____N (Microsoft Corporation) C:\Windows\SysWOW64\edgeIso.dll
2019-01-04 22:49 - 2018-11-09 02:27 - 000463872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webio.dll
2019-01-04 22:49 - 2018-11-09 02:26 - 001110528 ____N (Microsoft Corporation) C:\Windows\SysWOW64\InstallService.dll
2019-01-04 22:49 - 2018-11-09 02:26 - 000873472 ____N (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Streaming.dll
2019-01-04 22:49 - 2018-11-09 02:26 - 000251904 ____N (Microsoft Corporation) C:\Windows\SysWOW64\msIso.dll
2019-01-04 22:49 - 2018-11-09 02:25 - 000713216 ____N (Microsoft Corporation) C:\Windows\SysWOW64\BingOnlineServices.dll
2019-01-04 22:49 - 2018-11-09 02:25 - 000705024 ____N (Microsoft Corporation) C:\Windows\SysWOW64\MapControlCore.dll

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-01-09 23:17 - 2016-03-28 12:17 - 000001032 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job
2019-01-07 18:36 - 2016-03-28 12:17 - 000001028 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job
2019-01-06 19:21 - 2016-07-14 16:29 - 000000000 ____D C:\ProgramData\McAfee
2019-01-06 12:00 - 2016-03-28 12:15 - 000000000 ____D C:\Program Files (x86)\ASUS
2019-01-05 23:19 - 2016-03-28 11:59 - 001768608 _____ C:\Windows\system32\PerfStringBackup.INI
2019-01-05 23:16 - 2016-07-14 16:12 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2019-01-05 22:59 - 2016-07-14 16:58 - 000002124 _____ C:\Users\Public\Desktop\Dropbox 25 GB.lnk
2019-01-05 22:59 - 2016-03-28 12:17 - 000000000 ____D C:\Program Files (x86)\Dropbox
2019-01-05 22:42 - 2015-10-30 08:24 - 000000000 ____D C:\Windows\system32\Tasks_Migrated
2019-01-05 22:33 - 2016-07-14 16:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FarStone
2019-01-05 22:33 - 2016-07-14 16:40 - 000000000 ____D C:\ProgramData\FarStone
2019-01-05 22:33 - 2016-07-14 16:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ICEpower
2019-01-05 22:33 - 2016-07-14 16:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2019-01-05 22:33 - 2016-07-14 16:17 - 000000000 ____D C:\Program Files (x86)\REALTEK PCIE Wireless LAN Driver
2019-01-05 22:33 - 2016-07-14 16:15 - 000000000 ____D C:\Program Files (x86)\Realtek
2019-01-05 22:33 - 2016-07-14 16:03 - 000000000 ____D C:\ProgramData\Intel
2019-01-05 22:33 - 2016-07-14 15:58 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2019-01-05 22:33 - 2016-03-28 12:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WPS Office
2019-01-05 22:33 - 2016-03-28 12:17 - 000000000 ____D C:\ProgramData\Kingsoft
2019-01-05 22:33 - 2016-03-28 12:17 - 000000000 ____D C:\ProgramData\Dropbox
2019-01-05 22:33 - 2016-03-28 12:17 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2019-01-05 22:33 - 2016-03-28 12:17 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2019-01-05 22:33 - 2016-03-28 12:16 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2019-01-05 22:33 - 2016-03-28 12:16 - 000000000 ____D C:\Users\Public\Foxit Software
2019-01-05 22:33 - 2016-03-28 12:16 - 000000000 ____D C:\ProgramData\WildTangent
2019-01-05 22:33 - 2016-03-28 12:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit PhantomPDF
2019-01-05 22:33 - 2016-03-28 12:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Evernote
2019-01-05 22:33 - 2016-03-28 12:16 - 000000000 ____D C:\Program Files (x86)\WildTangent Games
2019-01-05 22:33 - 2016-03-28 12:15 - 000000000 ____D C:\ProgramData\WebStorage
2019-01-05 22:33 - 2016-03-28 12:15 - 000000000 ____D C:\ProgramData\Package Cache
2019-01-05 22:33 - 2016-03-28 12:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS
2019-01-05 22:33 - 2016-03-28 12:15 - 000000000 ____D C:\ProgramData\ASUS WebStorage
2019-01-05 22:33 - 2015-10-30 08:24 - 000000000 ___RD C:\Windows\PurchaseDialog
2019-01-05 22:33 - 2015-10-30 08:24 - 000000000 ___RD C:\Windows\DesktopTileResources
2019-01-05 22:32 - 2016-07-14 16:26 - 000000000 ____D C:\Program Files (x86)\ICEpower
2019-01-05 22:32 - 2016-07-14 16:15 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2019-01-05 22:32 - 2016-03-28 12:16 - 000000000 ____D C:\Program Files (x86)\Kingsoft
2019-01-05 22:32 - 2016-03-28 12:15 - 000000000 ____D C:\Program Files (x86)\Foxit PhantomPDF
2019-01-05 22:31 - 2016-07-14 16:40 - 000000000 ____D C:\Program Files (x86)\FarStone
2019-01-05 22:31 - 2016-07-14 16:18 - 000000000 ____D C:\Program Files (x86)\Cisco
2019-01-05 22:31 - 2016-03-28 12:16 - 000000000 ____D C:\Program Files (x86)\Evernote
2019-01-05 22:30 - 2016-07-14 16:41 - 000000000 ____D C:\Program Files\Microsoft Office 15
2019-01-05 22:30 - 2015-10-30 19:19 - 000000000 ____D C:\Program Files\Windows Journal
2019-01-05 22:27 - 2016-07-14 16:16 - 000000000 ____D C:\Program Files\DIFX
2019-01-05 22:26 - 2016-07-15 00:50 - 000000000 ____D C:\eSupport
2019-01-05 22:26 - 2016-07-14 16:53 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2019-01-05 22:26 - 2016-07-14 16:40 - 000000000 __SHD C:\farston
2019-01-05 22:24 - 2016-07-14 16:40 - 000000000 __SHD C:\dcboot
2019-01-05 22:17 - 2016-07-14 16:41 - 000000000 ____D C:\Program Files\Microsoft Office
2019-01-05 22:04 - 2016-07-14 16:26 - 000000000 ____D C:\ProgramData\AVAST Software
2019-01-05 22:01 - 2016-07-14 16:26 - 000000000 ____D C:\Program Files\AVAST Software
2019-01-05 21:53 - 2016-07-14 16:46 - 000002491 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word 2016.lnk
2019-01-05 21:53 - 2016-07-14 16:46 - 000002472 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access 2016.lnk
2019-01-05 21:53 - 2016-07-14 16:46 - 000002454 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint 2016.lnk
2019-01-05 21:53 - 2016-07-14 16:46 - 000002445 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook 2016.lnk
2019-01-05 21:53 - 2016-07-14 16:46 - 000002443 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel 2016.lnk
2019-01-05 21:53 - 2016-07-14 16:46 - 000002403 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2019-01-05 21:53 - 2016-07-14 16:46 - 000002399 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher 2016.lnk
2019-01-05 21:53 - 2016-07-14 15:57 - 000000000 __RHD C:\Users\Public\AccountPictures
2019-01-05 21:53 - 2016-03-28 19:37 - 000000000 ____D C:\Windows\Log

==================== Files in the root of some directories =======

2019-01-05 21:57 - 2019-01-09 23:26 - 000000206 _____ () C:\Users\juanm\AppData\Roaming\sp_data.sys

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2019-01-05 22:09

==================== End of FRST.txt ============================

Addition

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 09.01.2019 01
Ran by juanm (10-01-2019 00:09:49)
Running from C:\Users\juanm\Desktop
Windows 10 Home Version 1803 17134.472 (X64) (2019-01-05 21:44:26)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrador (S-1-5-21-3064313884-3264504614-223766655-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3064313884-3264504614-223766655-503 - Limited - Disabled)
Invitado (S-1-5-21-3064313884-3264504614-223766655-501 - Limited - Disabled)
juanm (S-1-5-21-3064313884-3264504614-223766655-1001 - Administrator - Enabled) => C:\Users\juanm
WDAGUtilityAccount (S-1-5-21-3064313884-3264504614-223766655-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Disabled - Out of date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Disabled - Out of date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

#7

Perdona por mandarlo en 2 partes, es que el foro no se por que primero me decía que era un mensaje muy largo y luego no me dejó postear durante 1 hora o 2 porque un moderador tenía que revisar el post o algo así :confused:


#8

Hola.

Te ha vuelto a pasar lo mismo con el informe de Additional, esta incompleto, prácticamente falta casi el 90% del informe, revisa el fichero que se genero en tu equipo y comprueba lo que tienes en él y lo que nos has puesto aqui. :roll_eyes:

Si los informes son muy largos se deben dividir en dos o mas partes para copiarlos en varios mensajes.

Esperamos ese informe para poder analizar todos ellos conjuntamente y darte nuevos pasos.

Saludos.


#9

No doy una, perdona. Aquí tienes el documento additional completo. Espero que esté todo bien esta vez :sweat_smile::sweat_smile:

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 09.01.2019 01
Ran by juanm (10-01-2019 00:09:49)
Running from C:\Users\juanm\Desktop
Windows 10 Home Version 1803 17134.472 (X64) (2019-01-05 21:44:26)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrador (S-1-5-21-3064313884-3264504614-223766655-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3064313884-3264504614-223766655-503 - Limited - Disabled)
Invitado (S-1-5-21-3064313884-3264504614-223766655-501 - Limited - Disabled)
juanm (S-1-5-21-3064313884-3264504614-223766655-1001 - Administrator - Enabled) => C:\Users\juanm
WDAGUtilityAccount (S-1-5-21-3064313884-3264504614-223766655-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Disabled - Out of date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Disabled - Out of date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Actualización de NVIDIA 34.0.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 34.0.0.0 - NVIDIA Corporation) Hidden
ASUS Device Activation (HKLM-x32\...\{9C4B0706-9F9A-47BF-B417-0A111FC52B04}) (Version: 1.0.4.0 - ASUSTeK COMPUTER INC.)
ASUS GIFTBOX (HKLM-x32\...\ASUS GIFTBOX) (Version: 7.5.24 - ASUSTek Computer Inc)
ASUS HiPost (HKLM-x32\...\{04768366-F421-4BA5-8423-B84F644B5249}) (Version: 1.0.6 - ASUS)
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.4.0 - ASUS)
ASUS PTP Driver (HKLM-x32\...\{7618E419-9124-4E6C-9AF4-487A6DDEC1C5}) (Version: 11.0.9 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 3.15.0003 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 4.1.7 - ASUS)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0043 - ASUS)
AudioWizard (HKLM-x32\...\{57E770A2-2BAF-4CAA-BAA3-BD896E2254D3}) (Version: 1.0.0.161 - ICEpower a/s)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 19.1.2360 - AVAST Software)
Avast SecureLine for Asustek (HKLM\...\{2CD3C92F-EDC5-4B02-9B0A-9C1D37C58EF5}_is1) (Version: 1.0.278.3 - AVAST Software)
CCleaner (HKLM\...\CCleaner) (Version: 5.51 - Piriform)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
Device Setup (HKLM-x32\...\{8D6B05E0-F457-408C-9D13-549334D8FAE1}) (Version: 2.0.3 - ASUSTek Computer Inc.)
Dropbox 25 GB (HKLM-x32\...\{0867A88D-764F-366E-9E21-130DA8B472C3}) (Version: 3.1.18.0 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.141.1 - Dropbox, Inc.) Hidden
Evernote v. 5.9.1 (HKLM-x32\...\{5EA1DED0-5285-11E5-8AA1-0050569584E9}) (Version: 5.9.1.8742 - Evernote Corp.)
Foxit PhantomPDF (HKLM-x32\...\{39263796-F296-43AF-909C-FCF99592BAC4}) (Version: 7.2.52.1209 - Foxit Software Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 71.0.3578.98 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.23 - Google Inc.) Hidden
Intel(R) Chipset Device Software (HKLM-x32\...\{fb610cea-ba50-4d4b-a717-cf025419035c}) (Version: 10.1.1.13 - Intel(R) Corporation) Hidden
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.1.10605.221 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.11.1193 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4416 - Intel Corporation)
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1519.7 - Intel Corporation)
Intel® Security Assist (HKLM-x32\...\{B294CE94-FE0F-4427-910C-180AF9FCFED1}) (Version: 1.0.1.620 - Intel Corporation)
Kaspersky Free (HKLM-x32\...\{718613F4-492D-4272-ACC3-D04A8EF0F883}) (Version: 19.0.0.1088 - Kaspersky Lab) Hidden
Kaspersky Free (HKLM-x32\...\InstallWIX_{718613F4-492D-4272-ACC3-D04A8EF0F883}) (Version: 19.0.0.1088 - Kaspersky Lab)
Kaspersky Secure Connection (HKLM-x32\...\{F10AA188-7166-430E-8810-FEAB2AD73DE3}) (Version: 19.0.0.1088 - Kaspersky Lab) Hidden
Kaspersky Secure Connection (HKLM-x32\...\InstallWIX_{F10AA188-7166-430E-8810-FEAB2AD73DE3}) (Version: 19.0.0.1088 - Kaspersky Lab)
League of Legends (HKLM-x32\...\League of Legends 1.0) (Version: 1.0 - Riot Games, Inc)
Malwarebytes versión 3.6.1.2711 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.6.1.2711 - Malwarebytes)
Microsoft Office 365 - es-es (HKLM\...\O365HomePremRetail - es-es) (Version: 16.0.6001.1070 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3064313884-3264504614-223766655-1001\...\OneDriveSetup.exe) (Version: 18.222.1104.0007 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23506 (HKLM-x32\...\{3ee5e5bb-b7cc-4556-8861-a00a82977d6c}) (Version: 14.0.23506.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23506 (HKLM-x32\...\{23daf363-3020-4059-b3ae-dc4ad39fed19}) (Version: 14.0.23506.0 - Microsoft Corporation)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.12 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 3.16.0.140 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.16.0.140 - NVIDIA Corporation)
NVIDIA Graphics Driver 359.54 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 359.54 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.6001.1070 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.6001.1070 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0C0A-1000-0000000FF1CE}) (Version: 16.0.6001.1070 - Microsoft Corporation) Hidden
Panel de control de NVIDIA 399.24 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 399.24 - NVIDIA Corporation) Hidden
REALTEK Bluetooth Filter Driver (HKLM-x32\...\{9D3D8C60-A5EF-4123-B2B9-172095903AD}) (Version: 1.3.886.030716 - REALTEK Semiconductor Corp.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.14393.27057 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.9.422.2016 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8514 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{9DAABC60-A5EF-41FF-B2B9-17329590CD5}) (Version: 1.00.0286 - REALTEK Semiconductor Corp.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.43835 - TeamViewer)
TotalRecovery Pro (HKLM-x32\...\TotalRecovery) (Version: 10.0.11.2 - FarStone Inc.)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{9CBA860F-7437-4A75-941C-8EF559F2D145}) (Version: 2.52.0.0 - Microsoft Corporation)
Update Installer for WildTangent Games App (HKLM-x32\...\{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App) (Version:  - WildTangent) Hidden
WebStorage (HKLM-x32\...\WebStorage) (Version: 2.2.6.547 - ASUS Cloud Corporation)
WildTangent Games App (HKLM-x32\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-asus) (Version: 4.1.1.8 - WildTangent)
Windows Driver Package - ASUS (AsusPTPDrv) HIDClass  (03/18/2016 11.0.0.9) (HKLM\...\689E9F7827C3AF1059D6C80D6C7F4EF89E2D7E72) (Version: 03/18/2016 11.0.0.9 - ASUS)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 3.1.0 - ASUS)
WPS Office for ASUS (HKLM-x32\...\Kingsoft Office) (Version: 9.1.0.5247 - Kingsoft Corp.)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7191} => C:\Program Files (x86)\Common Files\AWS\2.2.6.547\ASUSWSShellExt64.dll [2015-04-22] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D809} => C:\Program Files (x86)\Common Files\AWS\2.2.6.547\ASUSWSShellExt64.dll [2015-04-22] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4E} => C:\Program Files (x86)\Common Files\AWS\2.2.6.547\ASUSWSShellExt64.dll [2015-04-22] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-01-05] (AVAST Software)
ContextMenuHandlers1: [7-Zip] -> [CC]{23170F69-40C1-278A-1000-000100020000} =>  -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} =>  -> No File
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-01-05] (AVAST Software)
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> No File
ContextMenuHandlers1: [Foxit_ConvertToPDF] -> {C5269811-4A29-4818-A4BB-111F9FC63A5F} => C:\Program Files (x86)\Foxit PhantomPDF\plugins\ConvertToPDFShellExtension_x64.dll [2015-12-10] (Foxit Software Inc.)
ContextMenuHandlers1: [Kaspersky Anti-Virus 19.0.0] -> {755D388B-420B-4692-A974-84AAF0E577D3} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\x64\ShellEx.dll [2019-01-06] (AO Kaspersky Lab)
ContextMenuHandlers2: [Kaspersky Anti-Virus 19.0.0] -> {755D388B-420B-4692-A974-84AAF0E577D3} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\x64\ShellEx.dll [2019-01-06] (AO Kaspersky Lab)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-01-05] (AVAST Software)
ContextMenuHandlers3: [BackupContextMenuExtension] -> {b1b96b20-da1d-4a3c-92c1-7229b32f2326} => C:\Windows\system32\mscoree.dll [2018-04-12] (Microsoft Corporation)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes)
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} =>  -> No File
ContextMenuHandlers4: [7-Zip] -> [CC]{23170F69-40C1-278A-1000-000100020000} =>  -> No File
ContextMenuHandlers4: [Kaspersky Anti-Virus 19.0.0] -> {755D388B-420B-4692-A974-84AAF0E577D3} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\x64\ShellEx.dll [2019-01-06] (AO Kaspersky Lab)
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} =>  -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_463164d40c3d26ce\igfxDTCM.dll [2016-11-30] (Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2018-09-06] (NVIDIA Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-01-05] (AVAST Software)
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> No File
ContextMenuHandlers6: [Kaspersky Anti-Virus 19.0.0] -> {755D388B-420B-4692-A974-84AAF0E577D3} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\x64\ShellEx.dll [2019-01-06] (AO Kaspersky Lab)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes)
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} =>  -> No File

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {01DF6ECE-47A8-4D82-9365-F7AF4C2F33BD} - System32\Tasks\ATK Package 36D18D69AFC3 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [2015-09-22] (ASUSTek Computer Inc.)
Task: {04A9D75F-9335-465B-905E-7A40739442BB} - System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-12-06] (NVIDIA Corporation)
Task: {06273D99-584B-40E7-BDE2-BADB0E4E196E} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe [2016-01-19] (ASUSTek Computer Inc.)
Task: {0767234F-4A96-4DFA-9EF5-5448B37710D4} - System32\Tasks\Update Checker => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2016-03-15] ()
Task: {0B496B5F-DCA6-49BE-A56A-7476A9C19904} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [2016-02-19] (Intel(R) Corporation)
Task: {111B219B-A7B2-4586-9A4A-9342FA53574A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\MpCmdRun.exe [2019-01-09] (Microsoft Corporation)
Task: {1DB28087-B89F-41E7-82CA-9A45A3FC949C} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-12-06] (NVIDIA Corporation)
Task: {204D0E91-BA53-42FF-9DD7-E27B26107D2A} - System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-12-06] (NVIDIA Corporation)
Task: {273FF817-4095-45CF-AF2F-9E3A9A583024} - System32\Tasks\ASUS Live Update1 => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2016-03-15] ()
Task: {2BB81BAA-E4D6-42FB-A223-0FFCA8945BF9} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\MpCmdRun.exe [2019-01-09] (Microsoft Corporation)
Task: {3141770D-F0CE-4EBE-86B3-EE72EA4B87CC} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2016-02-23] (ASUS)
Task: {32F877AB-E19E-43AE-AEA4-81C4CB2C6DE5} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2019-01-05] (Dropbox, Inc.)
Task: {37BE8BE6-D900-4ACA-88E7-0BE5B95BFF22} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-03-06] (Microsoft Corporation)
Task: {3BDC25B1-3C4E-4B27-BF12-1FC45E17E5A9} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2018-08-16] (Realtek Semiconductor)
Task: {3D2B66AE-8A11-4558-88EF-A21034CCC5F8} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2018-12-06] (NVIDIA Corporation)
Task: {3ED8A10C-217A-48F6-B44C-146ECC5B8512} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\MpCmdRun.exe [2019-01-09] (Microsoft Corporation)
Task: {4742F405-4EB3-465C-B280-8CFD29D534FB} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-12-10] (Piriform Software Ltd)
Task: {4CCE54B2-4242-4C75-9297-83DDF603EF45} - System32\Tasks\ASUS\ASUS GIFTBOX => C:\Program Files (x86)\ASUS\Giftbox\asusgiftbox.exe [2017-07-03] (ASUSTek Computer Inc)
Task: {58E995AB-D717-43BD-A5F1-7F441960377E} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-03-06] (Microsoft Corporation)
Task: {5C35AE9F-217B-4CEF-BAF9-07C3D2350112} - System32\Tasks\ASUS Live Update2 => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2016-03-15] ()
Task: {71114588-5882-4EA4-AA51-004D3A1CF35F} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-12-06] (NVIDIA Corporation)
Task: {72C07E85-CCDB-49A0-BF78-617BE488176D} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2018-12-06] (NVIDIA Corporation)
Task: {7469A318-FB3A-41E7-99F5-EEFFDF3E03B0} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_ERROR_HB => C:\Windows\system32\MRT.exe [2019-01-09] (Microsoft Corporation)
Task: {77F05542-6086-40A7-B608-FAFA19FF5CAA} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [2019-01-09] (AVAST Software)
Task: {78FB4725-5676-43A0-8955-25872C97F9A5} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2016-02-23] (ASUSTek Computer Inc.)
Task: {7A2E1E27-CF4E-4343-8C7F-9E410416C32F} - System32\Tasks\RtHDVBg_ListenToDevice => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2018-08-16] (Realtek Semiconductor)
Task: {845EFF40-F378-47DB-BE8E-BDC448419121} - System32\Tasks\avast! SL Update => C:\Program Files\AVAST Software\SecureLine\SLUpdate.exe [2019-01-05] (AVAST Software)
Task: {8AAB687C-2ECD-4B8C-A9E2-38822C0D77A5} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-12-06] (NVIDIA Corporation)
Task: {8C4C13A5-69CC-45A5-9D7A-042886FA68B7} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\MpCmdRun.exe [2019-01-09] (Microsoft Corporation)
Task: {93BA4851-ADBB-4F41-863B-8D96ED3C4727} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-12-06] (NVIDIA Corporation)
Task: {98257648-1A5E-4340-B027-C6653DFB5E5F} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-12-06] (NVIDIA Corporation)
Task: {AB9A9D91-FB2D-43F4-8420-2B3D4ACABEE3} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2019-01-05] (Google Inc.)
Task: {AE0C028A-3B05-4337-9989-ECECD719F16F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2019-01-05] (Google Inc.)
Task: {B2152A7F-4C7E-4682-886C-A5464604E902} - System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-12-06] (NVIDIA Corporation)
Task: {B8A7F3F0-2F9A-4126-B655-7DEC8BB5A540} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2019-01-05] (Dropbox, Inc.)
Task: {B9B2E6AF-082C-4F7A-BA8A-AB4980C9B821} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\Windows\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-04-12] ()
Task: {CCF88BBC-1B3C-4A90-8604-9889FA04D180} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2018-12-06] (NVIDIA Corporation)
Task: {F055B5CD-793E-4121-BDEE-9B7EBDB28040} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2019-01-05] (AVAST Software)
Task: {F81BE5A3-967B-4135-8E4B-8144A51D2268} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-12-10] (Piriform Ltd)
Task: {FB4E7C0C-648A-4B27-9AD4-ED006742CE90} - System32\Tasks\ATK Package A22126881260 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [2015-09-22] (ASUSTek Computer Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2014-08-13 07:30 - 2014-08-13 07:30 - 000073032 _____ () C:\Program Files (x86)\FarStone\TotalRecovery Pro\EFB\FBAgent.exe
2019-01-05 22:03 - 2019-01-05 22:03 - 000667016 _____ () c:\program files\avast software\avast\streamback.dll
2019-01-09 21:17 - 2019-01-09 21:17 - 006909072 _____ () c:\program files\avast software\avast\defs\19010908\algo64.dll
2019-01-05 22:03 - 2019-01-05 22:03 - 000550792 _____ () C:\Program Files\AVAST Software\Avast\gui_cache.dll
2019-01-05 22:03 - 2019-01-05 22:03 - 001175944 _____ () C:\Program Files\AVAST Software\Avast\hns_tools.dll
2019-01-05 22:03 - 2019-01-05 22:03 - 001967496 _____ () C:\Program Files\AVAST Software\Avast\shepherdsync.dll
2016-07-14 16:41 - 2016-03-06 11:34 - 000171712 _____ () C:\Program Files\Common Files\Microsoft Shared\ClickToRun\ApiClient.dll
2019-01-05 22:52 - 2019-01-05 22:54 - 000592392 _____ () C:\Program Files\AVAST Software\SecureLine\VpnSvc.exe
2014-03-25 10:14 - 2014-03-25 10:14 - 000071024 _____ () C:\Program Files (x86)\FarStone\TotalRecovery Pro\EFB\DCNTranProc.exe
2018-04-12 00:34 - 2018-04-12 00:34 - 000491744 ____N () C:\Windows\SYSTEM32\inputhost.dll
2018-04-12 00:34 - 2018-04-12 00:34 - 000472064 ____N () C:\Windows\ShellExperiences\TileControl.dll
2019-01-04 22:49 - 2018-11-09 03:17 - 002759680 ____N () C:\Windows\ShellComponents\TaskFlowUI.dll
2019-01-04 22:49 - 2018-12-14 07:50 - 002185728 ____N () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2019-01-05 22:58 - 2019-01-05 22:58 - 000009216 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.36.52.0_x64__kzf8qxf38zg5c\ImagePipelineNative.dll
2019-01-05 22:58 - 2019-01-05 22:58 - 000060416 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.36.52.0_x64__kzf8qxf38zg5c\ChakraBridge.dll
2019-01-05 22:58 - 2019-01-05 23:00 - 000182272 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.36.52.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
2019-01-05 22:06 - 2019-01-05 22:06 - 093695912 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2019-01-09 23:34 - 2018-11-15 11:01 - 002712432 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2019-01-09 23:34 - 2018-11-21 11:07 - 002842608 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2019-01-05 23:12 - 2018-12-06 11:11 - 001315208 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2019-01-05 22:55 - 2019-01-05 22:59 - 000478720 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18112.17430.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2019-01-05 22:55 - 2019-01-05 22:59 - 065905152 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18112.17430.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2019-01-05 22:55 - 2019-01-05 22:59 - 000010752 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18112.17430.0_x64__8wekyb3d8bbwe\RenderingPlugin.dll
2019-01-05 22:55 - 2019-01-05 22:59 - 002523136 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18112.17430.0_x64__8wekyb3d8bbwe\UnityEngineDelegates.dll
2019-01-05 22:55 - 2019-01-05 22:58 - 003715072 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18112.17430.0_x64__8wekyb3d8bbwe\MediaEngineCSWrapper.dll
2019-01-05 22:55 - 2019-01-05 23:00 - 000036352 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18112.17430.0_x64__8wekyb3d8bbwe\WinMLWrapper.UWP.dll
2019-01-05 22:55 - 2019-01-05 22:59 - 002480640 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18112.17430.0_x64__8wekyb3d8bbwe\opencv_imgproc320.dll
2019-01-05 22:55 - 2019-01-05 22:59 - 002280960 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18112.17430.0_x64__8wekyb3d8bbwe\opencv_core320.dll
2019-01-05 22:55 - 2019-01-05 22:59 - 002283008 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18112.17430.0_x64__8wekyb3d8bbwe\TrackingDLLUWP.dll
2019-01-05 22:55 - 2019-01-05 22:59 - 014190080 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18112.17430.0_x64__8wekyb3d8bbwe\PhotosApp.Windows.dll
2019-01-05 22:55 - 2019-01-05 22:58 - 003569152 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18112.17430.0_x64__8wekyb3d8bbwe\MediaEngine.dll
2019-01-05 22:55 - 2019-01-05 22:56 - 002871296 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18112.17430.0_x64__8wekyb3d8bbwe\AppCore.Windows.dll
2019-01-05 22:55 - 2019-01-05 22:59 - 000973312 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18112.17430.0_x64__8wekyb3d8bbwe\RuntimeConfiguration.dll
2019-01-05 22:55 - 2019-01-05 22:59 - 004584960 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18112.17430.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2019-01-05 22:55 - 2019-01-05 22:59 - 000146432 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18112.17430.0_x64__8wekyb3d8bbwe\SKU.dll
2018-07-11 14:50 - 2018-06-15 18:30 - 001308672 ____N () c:\windows\system32\FaceProcessor.dll
2018-07-11 14:50 - 2018-06-15 18:55 - 000542888 ____N () c:\windows\system32\FaceProcessorCore.dll
2018-04-12 00:34 - 2018-04-12 00:34 - 001348664 ____N () c:\windows\system32\FaceTrackerInternal.dll
2019-01-05 23:04 - 2019-01-05 23:04 - 000194048 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11810.1001.12.0_x64__8wekyb3d8bbwe\WinStore.Preview.dll
2019-01-05 23:04 - 2019-01-05 23:04 - 002538056 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11810.1001.12.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2019-01-05 23:04 - 2019-01-05 23:04 - 001754112 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11810.1001.12.0_x64__8wekyb3d8bbwe\Microsoft.Membership.MeControl.dll
2019-01-05 22:03 - 2018-12-12 06:11 - 005237216 _____ () C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\libglesv2.dll
2019-01-05 22:03 - 2018-12-12 06:11 - 000117216 _____ () C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\libegl.dll
2019-01-05 23:19 - 2019-01-05 23:19 - 004389888 _____ () C:\Program Files\WindowsApps\Microsoft.OneConnect_5.1809.2571.0_x64__8wekyb3d8bbwe\OneConnect.dll
2014-03-25 10:14 - 2014-03-25 10:14 - 000088576 _____ () C:\Program Files (x86)\FarStone\TotalRecovery Pro\EFB\zlibwapi.dll
2015-08-18 08:18 - 2015-08-18 08:18 - 000332800 _____ () C:\Program Files (x86)\FarStone\TotalRecovery Pro\EFB\FBCmdDsp.dll
2015-08-18 05:30 - 2015-08-18 05:30 - 000085504 _____ () C:\Program Files (x86)\FarStone\TotalRecovery Pro\EFB\FlBckpBk.dll
2015-08-18 05:28 - 2015-08-18 05:28 - 000323584 _____ () C:\Program Files (x86)\FarStone\TotalRecovery Pro\EFB\FlBckpRt.dll
2014-11-25 04:22 - 2014-11-25 04:22 - 000089088 _____ () C:\Program Files (x86)\FarStone\TotalRecovery Pro\EFB\EfbCheckImg.dll
2014-09-22 03:40 - 2014-09-22 03:40 - 000194560 _____ () C:\Program Files (x86)\FarStone\TotalRecovery Pro\EFB\EFBSearchTool.dll
2015-08-18 05:26 - 2015-08-18 05:26 - 000223232 _____ () C:\Program Files (x86)\FarStone\TotalRecovery Pro\EFB\DiskClone.dll
2015-07-27 06:50 - 2015-07-27 06:50 - 000224256 _____ () C:\Program Files (x86)\FarStone\TotalRecovery Pro\EFB\DiskMgr.dll
2014-09-22 03:40 - 2014-09-22 03:40 - 000022528 _____ () C:\Program Files (x86)\FarStone\TotalRecovery Pro\EFB\FBEventMgr.dll
2015-08-18 08:17 - 2015-08-18 08:17 - 000104448 _____ () C:\Program Files (x86)\FarStone\TotalRecovery Pro\EFB\BootConfig.dll
2015-08-18 06:23 - 2015-08-18 06:23 - 000114176 _____ () C:\Program Files (x86)\FarStone\TotalRecovery Pro\EFB\EasyFuncs.dll
2014-05-21 04:04 - 2014-05-21 04:04 - 000018432 _____ () C:\Program Files (x86)\FarStone\TotalRecovery Pro\EFB\FSToken.dll
2014-03-14 08:04 - 2014-03-14 08:04 - 000012288 _____ () C:\Program Files (x86)\FarStone\TotalRecovery Pro\EFB\FSFat32.dll
2014-03-14 08:04 - 2014-03-14 08:04 - 000201216 _____ () C:\Program Files (x86)\FarStone\TotalRecovery Pro\EFB\NtfsLib.dll
2014-03-14 08:04 - 2014-03-14 08:04 - 000013312 _____ () C:\Program Files (x86)\FarStone\TotalRecovery Pro\EFB\VssNew.dll
2014-09-22 03:41 - 2014-09-22 03:41 - 000239104 _____ () C:\Program Files (x86)\FarStone\TotalRecovery Pro\EFB\diskpart.dll
2014-11-05 01:44 - 2014-11-05 01:44 - 000017408 _____ () C:\Program Files (x86)\FarStone\TotalRecovery Pro\EFB\VDiskConvert.dll
2014-03-25 10:14 - 2014-03-25 10:14 - 000194048 _____ () C:\Program Files (x86)\FarStone\TotalRecovery Pro\EFB\NetTool.dll
2014-09-04 03:41 - 2014-09-04 03:41 - 000037888 _____ () C:\Program Files (x86)\FarStone\TotalRecovery Pro\EFB\RapidClone.dll
2014-08-20 02:23 - 2014-08-20 02:23 - 000075264 _____ () C:\Program Files (x86)\FarStone\TotalRecovery Pro\EFB\DiskInterface.dll
2014-03-25 10:14 - 2014-03-25 10:14 - 000157552 _____ () C:\Program Files (x86)\FarStone\TotalRecovery Pro\EFB\FtpPipeModule.dll
2014-03-25 10:14 - 2014-03-25 10:14 - 000091584 _____ () C:\Program Files (x86)\FarStone\TotalRecovery Pro\EFB\TransferManager.dll
2014-03-25 10:14 - 2014-03-25 10:14 - 000062832 _____ () C:\Program Files (x86)\FarStone\TotalRecovery Pro\EFB\CommonFun.dll
2014-03-25 10:14 - 2014-03-25 10:14 - 000054712 _____ () C:\Program Files (x86)\FarStone\TotalRecovery Pro\EFB\FTPFunModule.dll
2014-03-25 10:14 - 2014-03-25 10:14 - 000617952 _____ () C:\Program Files (x86)\FarStone\TotalRecovery Pro\EFB\XpIcfOpt.dll
2016-05-09 22:57 - 2016-05-09 22:57 - 001243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-10-30 08:24 - 2015-10-30 08:21 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path: C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR
HKU\S-1-5-21-3064313884-3264504614-223766655-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\asus\wallpapers\asus.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{08F9B00A-0297-47C5-8B5E-F7942DC73169}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation)
FirewallRules: [{10BA5BA4-CC00-4673-9B05-D728B952A5B8}] => (Allow) C:\Program Files (x86)\FarStone\TotalRecovery Pro\EFB\FBAgent.exe ()
FirewallRules: [{2E080194-1C91-41E7-9AE7-1D69C7934F96}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH)
FirewallRules: [{F1ED6B40-22B6-40FF-AEC5-DF7AF1027843}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH)
FirewallRules: [{C8B32FDE-430F-482F-B1B9-381EC5868CD8}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH)
FirewallRules: [{E43A9694-3741-4B00-B9D3-B7CC4503AA3B}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH)
FirewallRules: [{F845326A-FED1-46E6-B34B-618224EA886E}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
FirewallRules: [{36CF49D7-17C3-4046-87E5-3032475D02C7}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software)
FirewallRules: [{CAD3F4B2-6F92-4352-912E-A5BACA4DED3F}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software)
FirewallRules: [TCP Query User{67FEBAC0-060B-49B6-AA48-729F6CD3F05D}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.178\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.178\deploy\leagueclient.exe ()
FirewallRules: [UDP Query User{A66AB6F7-C0F3-4856-994D-5826EFDB757C}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.178\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.178\deploy\leagueclient.exe ()
FirewallRules: [{71D420A7-93AA-424A-A581-74C85C8A54A1}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
FirewallRules: [{0D50D49B-8C15-44C7-802E-AC2C5722163C}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
FirewallRules: [{F16BD8EA-989E-4730-98C2-80C0F2A08366}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation)
FirewallRules: [{B19FA42D-A715-4D8D-98BF-202260499420}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation)
FirewallRules: [{7E2EE625-C0E0-43B3-8233-7FFAB83612F0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation)
FirewallRules: [{89C8970B-14FF-4A30-9A22-700906185267}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation)
FirewallRules: [{D3FE0F0A-31B3-4ACB-8676-BEE452B5FE26}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation)
FirewallRules: [{94AE05FE-02C4-4A04-BCA8-124400E23840}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation)
FirewallRules: [{B3C086F8-4784-4E5A-AB8B-2165E4C682D0}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Ltd)
FirewallRules: [{D5CB7F68-2B94-431F-8FD2-008737FAD08D}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Ltd)
FirewallRules: [{A36FB3DA-173E-4E34-8600-C2EC306557A7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe ()
FirewallRules: [{DB38A634-E3AB-4A1A-AA6C-5C831C6AA3D0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe ()
FirewallRules: [{2D3B3E99-3495-4DCA-AC17-24C6338853D7}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corporation)
FirewallRules: [{FE981D15-340A-4971-ACC5-4230E264C37B}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corporation)

==================== Restore Points =========================

06-01-2019 15:27:00 Removed ASUS Device Activation
07-01-2019 02:46:23 JRT Pre-Junkware Removal
09-01-2019 23:57:43 JRT Pre-Junkware Removal

==================== Faulty Device Manager Devices =============

Name: Send To OneNote 16
Description: Cola de impresión local
Class Guid: {1ed2bbf9-11f0-4084-b21f-ad83a8e6dcdc}
Manufacturer: Microsoft
Service: 
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (01/09/2019 11:18:51 PM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Error al actualizar el estado de Windows Defender a SECURITY_PRODUCT_STATE_ON.

Error: (01/09/2019 11:18:50 PM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Error al actualizar el estado de Windows Defender a SECURITY_PRODUCT_STATE_ON.

Error: (01/09/2019 10:52:02 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: El programa SearchUI.exe, versión 10.0.17134.472, dejó de interactuar con Windows y se cerró. Para ver si hay más información disponible acerca del problema, comprueba el historial de problemas en la sección Seguridad y mantenimiento del Panel de control.

Identificador de proceso: 1578

Hora de inicio: 01d4a85f931a9495

Hora de finalización: 4294967295

Ruta de la aplicación: C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe

Identificador de informe: 2ff722a6-ebcb-4899-a7d1-479d2894f352

Nombre completo de paquete con errores: Microsoft.Windows.Cortana_1.10.7.17134_neutral_neutral_cw5n1h2txyewy

Identificador de aplicación relativa del paquete con errores: CortanaUI

Error: (01/09/2019 10:46:47 PM) (Source: MsiInstaller) (EventID: 11306) (User: DESKTOP-5CB2S37)
Description: Programa: Kaspersky Free -- Error 1306. Otra aplicación tiene acceso exclusivo al archivo C:\ProgramData\Kaspersky Lab\AVP19.0.0\Bases\Cache\kavbase_00000000.lck_00000011. Cierre todas las demás aplicaciones y, a continuación, haga clic en Reintentar.<<31306>>

Error: (01/09/2019 10:43:42 PM) (Source: MsiInstaller) (EventID: 11404) (User: DESKTOP-5CB2S37)
Description: Programa: Kaspersky Free -- Error 1404. No se pudo eliminar la clave \SOFTWARE\KasperskyLab\AVP19.0.0.  Error del sistema . Compruebe que dispone de suficiente acceso a la clave o póngase en contacto con el Soporte Técnico.<<31404>>#

Error: (01/09/2019 05:09:58 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: GameBar.exe, versión: 1.16.1804.1012, marca de tiempo: 0x5bc7c851
Nombre del módulo con errores: twinapi.appcore.dll, versión: 10.0.17134.137, marca de tiempo: 0xb5d50228
Código de excepción: 0xc000027b
Desplazamiento de errores: 0x000000000009cad5
Identificador del proceso con errores: 0x3dac
Hora de inicio de la aplicación con errores: 0x01d4a6e88c2d42b1
Ruta de acceso de la aplicación con errores: C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_1.16.1012.0_x64__8wekyb3d8bbwe\GameBar.exe
Ruta de acceso del módulo con errores: C:\Windows\System32\twinapi.appcore.dll
Identificador del informe: 66861145-1eb3-4e87-8ead-7b789516f7ca
Nombre completo del paquete con errores: Microsoft.XboxGamingOverlay_1.16.1012.0_x64__8wekyb3d8bbwe
Identificador de aplicación relativa del paquete con errores: App

Error: (01/09/2019 02:00:56 AM) (Source: Microsoft Office 16) (EventID: 2011) (User: )
Description: Office Subscription licensing exception: Error Code: 0x305; CorrelationId: {185073CB-6B95-4A4D-B8E5-47442E65CCCE}

Error: (01/09/2019 01:42:43 AM) (Source: Steam Client Service) (EventID: 1) (User: )
Description: Error: Failed to add firewall exception for C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe


System errors:
=============
Error: (01/10/2019 12:06:04 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-5CB2S37)
Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 y APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 al usuario DESKTOP-5CB2S37\juanm con SID (S-1-5-21-3064313884-3264504614-223766655-1001) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.

Error: (01/09/2019 11:59:20 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: El servicio NVIDIA LocalSystem Container terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 6000 milisegundos: Reiniciar el servicio.

Error: (01/09/2019 11:59:17 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: El servicio NVIDIA Display Container LS terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 6000 milisegundos: Reiniciar el servicio.

Error: (01/09/2019 11:37:26 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 y APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 al usuario NT AUTHORITY\SERVICIO LOCAL con SID (S-1-5-19) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.

Error: (01/09/2019 11:31:47 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-5CB2S37)
Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 y APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 al usuario DESKTOP-5CB2S37\juanm con SID (S-1-5-21-3064313884-3264504614-223766655-1001) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.

Error: (01/09/2019 11:27:24 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 y APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 al usuario NT AUTHORITY\SERVICIO LOCAL con SID (S-1-5-19) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.

Error: (01/09/2019 11:21:20 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio Steam Client Service no pudo iniciarse debido al siguiente error: 
El servicio no respondió a tiempo a la solicitud de inicio o de control.

Error: (01/09/2019 11:21:20 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Se agotó el tiempo de espera (30000 ms) para la conexión con el servicio Steam Client Service.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i5-6200U CPU @ 2.30GHz
Percentage of memory in use: 46%
Total physical RAM: 8056.11 MB
Available physical RAM: 4332.84 MB
Total Virtual: 10872.11 MB
Available Virtual: 6758.85 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:371.85 GB) (Free:285.19 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (DATA) (Fixed) (Total:554.02 GB) (Free:553.17 GB) NTFS
Drive e: (WIFISLAX) (Fixed) (Total:4.87 GB) (Free:4.87 GB) FAT32

\\?\Volume{f79d0bc2-19d8-4a14-80e6-955684d062f9}\ (RECOVERY) (Fixed) (Total:0.49 GB) (Free:0.09 GB) NTFS
\\?\Volume{6d4f8529-da88-4bcd-b958-1edf8c75b5f4}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 5CEF2226)

Partition: GPT.

==================== End of Addition.txt ============================

#10

Bien… y ahora sigue estos pasos, :arrow_forward: MUY Importante :arrow_backward: Realiza una copia de seguridad del registro :

  • Para hacerlo descarga :arrow_forward: DelFix.exe(en tu escritorio).

  • Doble clic para ejecutarlo.(Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona -Ejecutar como Administrador-).

  • Atención, ahora marca/selecciona únicamente la casilla :white_check_mark: Create registry backup, las demás casillas NO. :face_with_monocle:

  • Pulsar en Run.

Se abrirá el informe (DelFix.txt), guárdalo por si fuera necesario y cierra la herramienta.

Y ahora usa el 2º MÉTODO: de esta Faq de Windows 8(aplicable a Windows 10) :arrow_forward: ¿Cómo iniciar Windows 8/8.1 en Modo Seguro?, para trabajar desde ese modo de windows.

:warning: Con los demás programas cerrados ve a :arrow_forward: Inicio :arrow_forward: Ejecutar :arrow_forward: y escribe Notepad.exe.

  • Ahora debes copiar y pegar los códigos/líneas que están en el interior del recuadro de más abajo, dentro del Notepad.
START
CREATERESTOREPOINT:
CLOSEPROCESSES:
ContextMenuHandlers1: [7-Zip] -> [CC]{23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [7-Zip] -> [CC]{23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
2019-01-05 23:12 - 2018-12-06 10:20 - 000001951 _____ C:\Windows\NvTelemetryContainerRecovery.bat
2019-01-05 22:14 - 2018-08-03 06:56 - 000001951 _____ C:\Windows\NvContainerRecovery.bat
2019-01-06 19:21 - 2016-07-14 16:29 - 000000000 ____D C:\ProgramData\McAfee
2019-01-05 22:43 - 2019-01-06 19:17 - 000000000 ____D C:\Windows\System32\Tasks\McAfee
HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
END

Guárdalo bajo el nombre de FIXLIST.TXT en el escritorio :arrow_backward: Esto es muy importante.

:o: Nota :o: Es importante que la herramienta FRST.exe(Farbar Recovery Scanner Tool) y FIXLIST.TXT se encuentren en la misma ubicación (escritorio) o si no, no trabajara.

  • Ejecuta FRST.exe.(Si usas Windows Vista/7/8 o 10, presiona clic derecho y seleccionas -Ejecutar como Administrador-).

  • Presionar el botón FIX y aguardar a que termine.

  • La Herramienta guardara el reporte de reparación en el escritorio (FIXLOG.TXT).

Pegar el contenido de este fichero en tu próxima respuesta. :+1:

Reiniciar el equipo y comprobar su funcionamiento en relación al problema planteado y comentarlo.

Saludos.


#11

El problema sigue igual. He hecho lo del frst en modo seguro, eso debería haberlo hecho en modo normal?

Por cierto, el problema sigue pasando aunque inicie en modo seguro. Es posible que el virus se siga ejecutando incluso iniciando windows de esa forma?

Fix result of Farbar Recovery Scan Tool (x64) Version: 12.01.2019
Ran by juanm (12-01-2019 20:34:24) Run:1
Running from C:\Users\juanm\Desktop
Loaded Profiles: juanm (Available Profiles: juanm)
Boot Mode: Safe Mode (with Networking)
==============================================

fixlist content:
*****************
START
CREATERESTOREPOINT:
CLOSEPROCESSES:
ContextMenuHandlers1: [7-Zip] -> [CC]{23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [7-Zip] -> [CC]{23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
2019-01-05 23:12 - 2018-12-06 10:20 - 000001951 _____ C:\Windows\NvTelemetryContainerRecovery.bat
2019-01-05 22:14 - 2018-08-03 06:56 - 000001951 _____ C:\Windows\NvContainerRecovery.bat
2019-01-06 19:21 - 2016-07-14 16:29 - 000000000 ____D C:\ProgramData\McAfee
2019-01-05 22:43 - 2019-01-06 19:17 - 000000000 ____D C:\Windows\System32\Tasks\McAfee
HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
END
*****************

Error: Restore point can only be created in normal mode.
Processes closed successfully.
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\7-Zip => removed successfully
HKLM\Software\Classes\CLSID\[CC]{23170F69-40C1-278A-1000-000100020000} => not found
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\ANotepad++64 => removed successfully
HKLM\Software\Classes\CLSID\{B298D29A-A6ED-11DE-BA8C-A68E55D89593} => not found
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\BriefcaseMenu => removed successfully
"HKLM\Software\Classes\CLSID\{85BBD920-42A0-1069-A2E4-08002B30309D}" => removed successfully
HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\{4A7C4306-57E0-4C0C-83A9-78C1528F618C} => removed successfully
HKLM\Software\Classes\CLSID\{4A7C4306-57E0-4C0C-83A9-78C1528F618C} => not found
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\7-Zip => removed successfully
HKLM\Software\Classes\CLSID\[CC]{23170F69-40C1-278A-1000-000100020000} => not found
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\Offline Files => removed successfully
HKLM\Software\Classes\CLSID\{474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => not found
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
HKLM\Software\Classes\CLSID\{3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => not found
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\BriefcaseMenu => removed successfully
HKLM\Software\Classes\CLSID\{85BBD920-42A0-1069-A2E4-08002B30309D} => not found
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\Offline Files => removed successfully
HKLM\Software\Classes\CLSID\{474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => not found
C:\Windows\NvTelemetryContainerRecovery.bat => moved successfully
C:\Windows\NvContainerRecovery.bat => moved successfully
C:\ProgramData\McAfee => moved successfully
C:\Windows\System32\Tasks\McAfee => moved successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

========= RemoveProxy: =========

"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully
"HKU\S-1-5-21-3064313884-3264504614-223766655-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\S-1-5-21-3064313884-3264504614-223766655-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully


========= End of RemoveProxy: =========


========= netsh winsock reset =========


El cat logo Winsock se restableci¢ correctamente.
Debe reiniciar el equipo para completar el restablecimiento.


========= End of CMD: =========


========= ipconfig /renew =========


Configuraci¢n IP de Windows

No se puede realizar ninguna operaci¢n en Ethernet 2 mientras los medios
est‚n desconectados.

Adaptador de Ethernet Ethernet:

   Sufijo DNS espec¡fico para la conexi¢n. . : home
   V¡nculo: direcci¢n IPv6 local. . . : fe80::5557:7c64:abfe:fa0c%2
   Direcci¢n IPv4. . . . . . . . . . . . . . : 192.168.1.75
   M scara de subred . . . . . . . . . . . . : 255.255.255.0
   Puerta de enlace predeterminada . . . . . : 192.168.1.1

Adaptador de Ethernet Ethernet 2:

   Estado de los medios. . . . . . . . . . . : medios desconectados
   Sufijo DNS espec¡fico para la conexi¢n. . : 

========= End of CMD: =========


========= ipconfig /flushdns =========


Configuraci¢n IP de Windows

Se vaci¢ correctamente la cach‚ de resoluci¢n de DNS.

========= End of CMD: =========


========= bitsadmin /reset /allusers =========


BITSADMIN version 3.0
BITS administration utility.
(C) Copyright Microsoft Corp.

Unable to connect to BITS - 0x8007043c

========= End of CMD: =========


========= netsh advfirewall reset =========

Aceptar


========= End of CMD: =========


========= netsh advfirewall set allprofiles state ON =========

Aceptar


========= End of CMD: =========


========= netsh int ipv4 reset =========

Reenv¡o de compartimiento se restableci¢ correctamente.
Compartimiento se restableci¢ correctamente.
Protocolo de control se restableci¢ correctamente.
Solicitud de secuencia eco se restableci¢ correctamente.
Global se restableci¢ correctamente.
Interfaz se restableci¢ correctamente.
Direcci¢n de difusi¢n por proximidad (a se restableci¢ correctamente.
Direcciones de multidifusi¢n se restableci¢ correctamente.
Direcci¢n de unidifusi¢n se restableci¢ correctamente.
Vecino se restableci¢ correctamente.
Ruta de acceso se restableci¢ correctamente.
Posible se restableci¢ correctamente.
Directiva de prefijo se restableci¢ correctamente.
Vecino de proxy se restableci¢ correctamente.
Ruta se restableci¢ correctamente.
Prefijo de sitio se restableci¢ correctamente.
Subinterfaz se restableci¢ correctamente.
Patr¢n de reactivaci¢n se restableci¢ correctamente.
Resolver vecino se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
Error al restablecer .
Acceso denegado.

 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.


========= End of CMD: =========


========= netsh int ipv6 reset =========

Reenv¡o de compartimiento se restableci¢ correctamente.
Compartimiento se restableci¢ correctamente.
Protocolo de control se restableci¢ correctamente.
Solicitud de secuencia eco se restableci¢ correctamente.
Global se restableci¢ correctamente.
Interfaz se restableci¢ correctamente.
Direcci¢n de difusi¢n por proximidad (a se restableci¢ correctamente.
Direcciones de multidifusi¢n se restableci¢ correctamente.
Direcci¢n de unidifusi¢n se restableci¢ correctamente.
Vecino se restableci¢ correctamente.
Ruta de acceso se restableci¢ correctamente.
Posible se restableci¢ correctamente.
Directiva de prefijo se restableci¢ correctamente.
Vecino de proxy se restableci¢ correctamente.
Ruta se restableci¢ correctamente.
Prefijo de sitio se restableci¢ correctamente.
Subinterfaz se restableci¢ correctamente.
Patr¢n de reactivaci¢n se restableci¢ correctamente.
Resolver vecino se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
Error al restablecer .
Acceso denegado.

 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.


========= End of CMD: =========


=========== EmptyTemp: ==========

BITS transfer queue => 7921664 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 20212229 B
Java, Flash, Steam htmlcache => 11903753 B
Windows/system/drivers => 720614 B
Edge => 3584 B
Chrome => 392665749 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 72365 B
systemprofile32 => 0 B
LocalService => 0 B
LocalService => 0 B
NetworkService => 7324 B
NetworkService => 0 B
juanm => 21709328 B

RecycleBin => 0 B
EmptyTemp: => 434.1 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 20:35:08 ====

#12

Veamos…si tenemos algo escondido. :roll_eyes:

Descarga y descomprime esta herramienta en tu escritorio :arrow_right: Manual de Malwarebytes Anti-Rootkits Beta, y sigues los pasos que se indican para revisar el equipo :

  • Abre la carpeta Mbar, haces doble clic en el archivo Mbar.exe.
  • En la ventana que saldrá pulsas en Next.
  • Pulsar en Update, y cuando termine en Next.
  • Ahora inicias el análisis pulsando en el botón Scan.
  • Al terminar, si existe infección pulsamos en CleanUp y si no hay infección pulsamos en Exit.

Al terminar busca en la carpeta Mbar, y abres los archivos mbar-log.txt y system-log.txt, nos copias el contenido en la siguiente respuesta y comentas resultados.

Saludos.


#13

mbar log

Malwarebytes Anti-Rootkit BETA 1.10.3.1001
www.malwarebytes.org

Database version:
  main:    v2019.01.12.08
  rootkit: v2019.01.12.08

Windows 10 x64 NTFS
Internet Explorer 11.472.17134.0
juanm :: DESKTOP-5CB2S37 [administrator]

12/1/2019 22:46:53
mbar-log-2019-01-12 (22-46-53).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled: 
Objects scanned: 184087
Time elapsed: 17 minute(s), 40 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)

system log

---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.10.3.1001

(c) Malwarebytes Corporation 2011-2012

OS version: 10.0.9200 Windows 10 x64

Account is Administrative

Internet Explorer version: 11.472.17134.0

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED, E:\ DRIVE_FIXED
CPU speed: 2.400000 GHz
Memory total: 8447442944, free: 4560994304

Downloaded database version: v2019.01.12.08
Downloaded database version: v2019.01.12.08
Downloaded database version: v2018.01.20.01
Initializing...
======================
Driver version: 4.3.0.15
------------ Kernel report ------------
     01/12/2019 22:46:39
------------ Loaded modules -----------
\SystemRoot\system32\ntoskrnl.exe
\SystemRoot\system32\hal.dll
\SystemRoot\system32\kd.dll
\SystemRoot\system32\mcupdate_GenuineIntel.dll
\SystemRoot\System32\drivers\msrpc.sys
\SystemRoot\System32\drivers\ksecdd.sys
\SystemRoot\System32\drivers\werkernel.sys
\SystemRoot\System32\drivers\CLFS.SYS
\SystemRoot\System32\drivers\tm.sys
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\BOOTVID.dll
\SystemRoot\System32\drivers\FLTMGR.SYS
\SystemRoot\System32\drivers\clipsp.sys
\SystemRoot\System32\drivers\cmimcext.sys
\SystemRoot\System32\drivers\ntosext.sys
\SystemRoot\system32\CI.dll
\SystemRoot\System32\drivers\cng.sys
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\system32\drivers\WppRecorder.sys
\SystemRoot\system32\drivers\SleepStudyHelper.sys
\SystemRoot\System32\Drivers\acpiex.sys
\SystemRoot\system32\drivers\SgrmAgent.sys
\SystemRoot\System32\drivers\ACPI.sys
\SystemRoot\System32\drivers\WMILIB.SYS
\SystemRoot\System32\drivers\msisadrv.sys
\SystemRoot\System32\drivers\pci.sys
\SystemRoot\System32\drivers\tpm.sys
\SystemRoot\system32\drivers\aswElam.sys
\SystemRoot\system32\drivers\WindowsTrustedRT.sys
\SystemRoot\System32\drivers\intelpep.sys
\SystemRoot\System32\drivers\WindowsTrustedRTProxy.sys
\SystemRoot\System32\drivers\pcw.sys
\SystemRoot\System32\drivers\vdrvroot.sys
\SystemRoot\system32\drivers\pdc.sys
\SystemRoot\system32\drivers\CEA.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\System32\drivers\spaceport.sys
\SystemRoot\System32\drivers\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\System32\drivers\iaStorA.sys
\SystemRoot\System32\drivers\storport.sys
\SystemRoot\System32\drivers\EhStorClass.sys
\SystemRoot\System32\drivers\fileinfo.sys
\SystemRoot\System32\Drivers\Wof.sys
\SystemRoot\system32\drivers\wd\WdFilter.sys
\SystemRoot\System32\Drivers\Ntfs.sys
\SystemRoot\System32\Drivers\Fs_Rec.sys
\SystemRoot\system32\drivers\ndis.sys
\SystemRoot\system32\drivers\NETIO.SYS
\SystemRoot\System32\Drivers\ksecpkg.sys
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\System32\drivers\wfplwfs.sys
\SystemRoot\system32\drivers\aswRvrt.sys
\SystemRoot\System32\DRIVERS\fvevol.sys
\SystemRoot\System32\drivers\volume.sys
\SystemRoot\System32\drivers\volsnap.sys
\SystemRoot\System32\drivers\rdyboost.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\system32\drivers\iorate.sys
\SystemRoot\System32\drivers\disk.sys
\SystemRoot\System32\drivers\CLASSPNP.SYS
\SystemRoot\system32\drivers\aswArDisk.sys
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\System32\drivers\cdrom.sys
\SystemRoot\system32\drivers\aswSP.sys
\SystemRoot\system32\drivers\filecrypt.sys
\SystemRoot\system32\drivers\tbs.sys
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\system32\drivers\aswKbd.sys
\SystemRoot\System32\drivers\dxgkrnl.sys
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\System32\drivers\vmbkmclr.sys
\SystemRoot\System32\drivers\BasicDisplay.sys
\SystemRoot\System32\drivers\BasicRender.sys
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\system32\DRIVERS\tdx.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\system32\drivers\afunix.sys
\SystemRoot\system32\drivers\afd.sys
\SystemRoot\System32\drivers\vwififlt.sys
\SystemRoot\System32\drivers\pacer.sys
\SystemRoot\system32\drivers\netbios.sys
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\drivers\nsiproxy.sys
\SystemRoot\System32\drivers\npsvctrig.sys
\SystemRoot\System32\drivers\mssmbios.sys
\SystemRoot\System32\drivers\gpuenergydrv.sys
\SystemRoot\System32\Drivers\dfsc.sys
\SystemRoot\System32\Drivers\fastfat.SYS
\SystemRoot\system32\drivers\bam.sys
\??\C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys
\SystemRoot\system32\drivers\aswHdsKe.sys
\SystemRoot\system32\DRIVERS\ahcache.sys
\SystemRoot\System32\drivers\kltap.sys
\SystemRoot\System32\DriverStore\FileRepository\compositebus.inf_amd64_bcb89b3386563bd7\CompositeBus.sys
\SystemRoot\System32\drivers\kdnic.sys
\SystemRoot\System32\drivers\umbus.sys
\SystemRoot\System32\drivers\CAD.sys
\SystemRoot\System32\DriverStore\FileRepository\igdlh64.inf_amd64_463164d40c3d26ce\igdkmd64.sys
\SystemRoot\System32\drivers\dptf_cpu.sys
\SystemRoot\System32\drivers\USBXHCI.SYS
\SystemRoot\system32\drivers\ucx01000.sys
\SystemRoot\System32\drivers\iaLPSS2i_I2C.sys
\SystemRoot\system32\drivers\SpbCx.sys
\SystemRoot\System32\drivers\TeeDriverW8x64.sys
\SystemRoot\System32\DriverStore\FileRepository\nvam.inf_amd64_9b1341e92276ee7c\nvlddmkm.sys
\SystemRoot\system32\DRIVERS\RtsBaStor.sys
\SystemRoot\System32\drivers\rt640x64.sys
\SystemRoot\System32\drivers\rtwlane.sys
\SystemRoot\system32\DRIVERS\wdiwifi.sys
\SystemRoot\System32\drivers\vwifibus.sys
\SystemRoot\System32\drivers\dptf_acpi.sys
\SystemRoot\System32\drivers\i8042prt.sys
\SystemRoot\System32\drivers\kbdclass.sys
\SystemRoot\System32\drivers\HDAudBus.sys
\SystemRoot\System32\drivers\portcls.sys
\SystemRoot\System32\drivers\drmk.sys
\SystemRoot\System32\drivers\ks.sys
\SystemRoot\System32\drivers\CmBatt.sys
\SystemRoot\System32\drivers\BATTC.SYS
\SystemRoot\System32\drivers\wmiacpi.sys
\SystemRoot\System32\drivers\intelppm.sys
\SystemRoot\System32\drivers\acpipagr.sys
\SystemRoot\System32\drivers\AsHIDSwitch64.sys
\SystemRoot\System32\drivers\HIDCLASS.SYS
\SystemRoot\System32\drivers\HIDPARSE.SYS
\SystemRoot\System32\drivers\UEFI.sys
\SystemRoot\system32\drivers\nvvad64v.sys
\SystemRoot\system32\drivers\ksthunk.sys
\SystemRoot\System32\drivers\nvvhci.sys
\SystemRoot\System32\drivers\NdisVirtualBus.sys
\SystemRoot\System32\DriverStore\FileRepository\swenum.inf_amd64_ea7b19c04e7a8136\swenum.sys
\SystemRoot\System32\drivers\rdpbus.sys
\SystemRoot\system32\DRIVERS\AiCharger.sys
\SystemRoot\System32\drivers\UsbHub3.sys
\SystemRoot\System32\drivers\USBD.SYS
\SystemRoot\system32\drivers\RTKVHD64.sys
\SystemRoot\system32\DRIVERS\IntcDAud.sys
\SystemRoot\System32\drivers\hidi2c.sys
\SystemRoot\System32\drivers\mshidkmdf.sys
\SystemRoot\System32\drivers\mouhid.sys
\SystemRoot\System32\drivers\mouclass.sys
\SystemRoot\System32\drivers\AsusPTPFilter.sys
\SystemRoot\System32\drivers\MTConfig.sys
\SystemRoot\System32\drivers\usbccgp.sys
\SystemRoot\system32\DRIVERS\RtkBtfilter.sys
\SystemRoot\system32\DRIVERS\BTHUSB.sys
\SystemRoot\system32\DRIVERS\bthport.sys
\SystemRoot\System32\Drivers\usbvideo.sys
\SystemRoot\system32\DRIVERS\Microsoft.Bluetooth.Legacy.LEEnumerator.sys
\SystemRoot\System32\drivers\rfcomm.sys
\SystemRoot\system32\DRIVERS\BthEnum.sys
\SystemRoot\System32\drivers\bthpan.sys
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\win32kfull.sys
\SystemRoot\System32\win32kbase.sys
\SystemRoot\System32\Drivers\dump_diskdump.sys
\SystemRoot\System32\Drivers\dump_iaStorA.sys
\SystemRoot\System32\Drivers\dump_dumpfve.sys
\SystemRoot\System32\drivers\dxgmms2.sys
\SystemRoot\System32\drivers\monitor.sys
\SystemRoot\system32\DRIVERS\esif_lf.sys
\SystemRoot\system32\DRIVERS\WUDFRd.sys
\SystemRoot\System32\cdd.dll
\SystemRoot\system32\drivers\mmcss.sys
\SystemRoot\system32\drivers\luafv.sys
\SystemRoot\system32\drivers\wcifs.sys
\SystemRoot\system32\drivers\cldflt.sys
\SystemRoot\system32\drivers\storqosflt.sys
\SystemRoot\system32\drivers\aswMonFlt.sys
\SystemRoot\System32\Drivers\MbamChameleon.sys
\SystemRoot\System32\drivers\condrv.sys
\SystemRoot\system32\drivers\lltdio.sys
\SystemRoot\system32\drivers\mslldp.sys
\SystemRoot\system32\drivers\rspndr.sys
\SystemRoot\System32\DRIVERS\wanarp.sys
\SystemRoot\system32\drivers\ndisuio.sys
\SystemRoot\system32\DRIVERS\nwifi.sys
\??\C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys
\SystemRoot\System32\drivers\vwifimp.sys
\SystemRoot\system32\drivers\HTTP.sys
\SystemRoot\system32\DRIVERS\bowser.sys
\SystemRoot\System32\drivers\mpsdrv.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\system32\DRIVERS\mrxsmb20.sys
\SystemRoot\System32\DRIVERS\srvnet.sys
\SystemRoot\system32\drivers\Ndu.sys
\SystemRoot\system32\DRIVERS\mrxsmb10.sys
\SystemRoot\System32\DRIVERS\srv2.sys
\SystemRoot\system32\drivers\peauth.sys
\SystemRoot\System32\drivers\tcpipreg.sys
\SystemRoot\System32\drivers\rassstp.sys
\SystemRoot\System32\DRIVERS\NDProxy.sys
\SystemRoot\System32\drivers\AgileVpn.sys
\SystemRoot\System32\drivers\rasl2tp.sys
\SystemRoot\System32\drivers\raspptp.sys
\SystemRoot\System32\DRIVERS\raspppoe.sys
\SystemRoot\System32\DRIVERS\ndistapi.sys
\SystemRoot\System32\drivers\ndiswan.sys
\SystemRoot\system32\drivers\aswHwid.sys
\SystemRoot\System32\Drivers\mbamswissarmy.sys
\SystemRoot\system32\DRIVERS\mwac.sys
\SystemRoot\system32\drivers\wd\WdNisDrv.sys
\??\C:\Windows\system32\drivers\mbae64.sys
\SystemRoot\system32\DRIVERS\mbam.sys
\SystemRoot\system32\DRIVERS\farflt.sys
\SystemRoot\system32\drivers\wcnfs.sys
\??\C:\Windows\system32\drivers\6631DA5D.sys
----------- End -----------
Done!

Scan started
Database versions:
  main:    v2019.01.12.08
  rootkit: v2019.01.12.08

<<<2>>>
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xffffd1091832e060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xffffd1091824faf0, DeviceName: Unknown, DriverName: \Driver\aswArDisk\
DevicePointer: 0xffffd1091824e9d0, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xffffd1091832e060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
DevicePointer: 0xffffd109158c6b10, DeviceName: Unknown, DriverName: \Driver\ACPI\
DevicePointer: 0xffffd10913c83c60, DeviceName: Unknown, DriverName: \Driver\ACPI\
DevicePointer: 0xffffd10915896060, DeviceName: \Device\00000039\, DriverName: \Driver\iaStorA\
------------ End ----------
Alternate DeviceName: Unknown, DriverName: \Driver\partmgr\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...
Done!
Drive 0
This is a System drive
Scanning MBR on drive 0...
Inspecting partition table:
This drive is a GPT Drive.
MBR Signature: 55AA
Disk Signature: 5CEF2226

GPT Protective MBR Partition information:

    Partition 0 type is EFI-GPT (0xee)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 1  Numsec = 4294967295

    Partition 1 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

    Partition 2 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

    Partition 3 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

GPT Partition information:

    GPT Header Signature 4546492050415254
    GPT Header Revision 65536 Size 92 CRC 3363382947
    GPT Header CurrentLba = 1 BackupLba 1953525167
    GPT Header FirstUsableLba 34  LastUsableLba 1953525134
    GPT Header Guid 74a20df2-9a7a-4f7b-a2f4-fda7ba53150
    GPT Header Contains 128 partition entries starting at LBA 2
    GPT Header Partition entry size = 128

    Backup GPT header Signature 4546492050415254
    Backup GPT header Revision 65536 Size 92 CRC 3363382947
    Backup GPT header CurrentLba = 1953525167 BackupLba 1
    Backup GPT header FirstUsableLba 34  LastUsableLba 1953525134
    Backup GPT header Guid 74a20df2-9a7a-4f7b-a2f4-fda7ba53150
    Backup GPT header Contains 128 partition entries starting at LBA 1953525135
    Backup GPT header Partition entry size = 128

    Partition 0 Type c12a7328-f81f-11d2-ba4b-0a0c93ec93b
    Partition ID 6d4f8529-da88-4bcd-b958-1edf8c75b5f4
    FirstLBA 2048  Last LBA 534527
    Attributes 0
    Partition Name                 EFI system partition

    GPT Partition 0 is bootable
    Partition 1 Type e3c9e316-b5c-4db8-817d-f92df0215ae
    Partition ID e986a2c6-752e-4a97-b7fc-8f78af86b545
    FirstLBA 534528  Last LBA 567295
    Attributes 0
    Partition Name         Microsoft reserved partition

    Partition 2 Type ebd0a0a2-b9e5-4433-87c0-68b6b72699c7
    Partition ID aeea71db-d1e8-493c-99c2-765fe5c95292
    FirstLBA 567296  Last LBA 780388351
    Attributes 0
    Partition Name                 Basic data partition

    Partition 3 Type de94bba4-6d1-4d40-a16a-bfd5179d6ac
    Partition ID f79d0bc2-19d8-4a14-80e6-955684d062f9
    FirstLBA 780388352  Last LBA 781410303
    Attributes 1
    Partition Name                 Basic data partition

    Partition 4 Type ebd0a0a2-b9e5-4433-87c0-68b6b72699c7
    Partition ID 270a281a-8183-44ea-8742-ceeab89331d
    FirstLBA 781410304  Last LBA 1943283711
    Attributes 0
    Partition Name                 Basic data partition

    Partition 5 Type ebd0a0a2-b9e5-4433-87c0-68b6b72699c7
    Partition ID 3949d2a6-f894-436c-ba6a-8222de7147cb
    FirstLBA 1943283712  Last LBA 1953521663
    Attributes 0
    Partition Name                 Basic data partition

Disk Size: 1000204886016 bytes
Sector size: 512 bytes

Done!
File "C:\Windows\System32\KERNELBASE.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\psapi.dll" is sparse (flags = 32768)
File "C:\Windows\System32\GDI32FULL.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\advapi32.dll" is sparse (flags = 32768)
File "C:\Windows\System32\msvcrt.dll" is sparse (flags = 32768)
File "C:\Windows\System32\rpcrt4.dll" is sparse (flags = 32768)
File "C:\Windows\System32\CRYPTBASE.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\imm32.dll" is sparse (flags = 32768)
File "C:\Windows\System32\shell32.dll" is sparse (flags = 32768)
File "C:\Windows\System32\cfgmgr32.dll" is sparse (flags = 32768)
File "C:\Windows\System32\WINDOWS.STORAGE.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\shlwapi.dll" is sparse (flags = 32768)
File "C:\Windows\System32\profapi.dll" is sparse (flags = 32768)
File "C:\Windows\System32\powrprof.dll" is sparse (flags = 32768)
File "C:\Windows\System32\fltLib.dll" is sparse (flags = 32768)
File "C:\Windows\System32\msasn1.dll" is sparse (flags = 32768)
File "C:\Windows\System32\crypt32.dll" is sparse (flags = 32768)
File "C:\Windows\System32\version.dll" is sparse (flags = 32768)
File "C:\Windows\System32\wininet.dll" is sparse (flags = 32768)
File "C:\Windows\System32\netapi32.dll" is sparse (flags = 32768)
File "C:\Windows\System32\netutils.dll" is sparse (flags = 32768)
File "C:\Windows\System32\imagehlp.dll" is sparse (flags = 32768)
File "C:\Windows\System32\ws2_32.dll" is sparse (flags = 32768)
File "C:\Windows\System32\userenv.dll" is sparse (flags = 32768)
File "C:\Windows\System32\mpr.dll" is sparse (flags = 32768)
File "C:\Windows\System32\IPHLPAPI.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\comdlg32.dll" is sparse (flags = 32768)
File "C:\Windows\System32\winmm.dll" is sparse (flags = 32768)
File "C:\Windows\System32\WINMMBASE.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\sfc_os.dll" is sparse (flags = 32768)
File "C:\Windows\System32\cryptsp.dll" is sparse (flags = 32768)
File "C:\Windows\System32\wkscli.dll" is sparse (flags = 32768)
File "C:\Windows\System32\uxtheme.dll" is sparse (flags = 32768)
File "C:\Windows\System32\iertutil.dll" is sparse (flags = 32768)
File "C:\Windows\System32\winhttp.dll" is sparse (flags = 32768)
File "C:\Windows\System32\mswsock.dll" is sparse (flags = 32768)
File "C:\Windows\System32\dnsapi.dll" is sparse (flags = 32768)
File "C:\Windows\System32\rasadhlp.dll" is sparse (flags = 32768)
File "C:\Windows\System32\dwmapi.dll" is sparse (flags = 32768)
File "C:\Windows\System32\ntmarta.dll" is sparse (flags = 32768)
File "C:\Windows\System32\COREMESSAGING.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\wtsapi32.dll" is sparse (flags = 32768)
File "C:\Windows\System32\winsta.dll" is sparse (flags = 32768)
File "C:\Windows\System32\linkinfo.dll" is sparse (flags = 32768)
File "C:\Windows\System32\ntshrui.dll" is sparse (flags = 32768)
File "C:\Windows\System32\srvcli.dll" is sparse (flags = 32768)
File "C:\Windows\System32\smss.exe" is sparse (flags = 32768)
File "C:\Windows\System32\csrss.exe" is sparse (flags = 32768)
File "C:\Windows\System32\wininit.exe" is sparse (flags = 32768)
File "C:\Windows\System32\svchost.exe" is sparse (flags = 32768)
File "C:\Windows\System32\samcli.dll" is sparse (flags = 32768)
File "C:\Windows\System32\setupapi.dll" is sparse (flags = 32768)
File "C:\Windows\System32\cabinet.dll" is sparse (flags = 32768)
File "C:\Windows\System32\nlaapi.dll" is sparse (flags = 32768)
File "C:\Windows\System32\devobj.dll" is sparse (flags = 32768)
File "C:\Windows\System32\wlanext.exe" is sparse (flags = 32768)
File "C:\Windows\System32\conhost.exe" is sparse (flags = 32768)
File "C:\Windows\Microsoft.NET\Framework\v4.0.30319\clr.dll" is sparse (flags = 32768)
File "C:\Windows\assembly\NativeImages_v4.0.30319_32\System\58ae81d120290fd6262fa798dc911c12\System.ni.dll" is sparse (flags = 32768)
File "C:\Windows\Microsoft.NET\Framework\v4.0.30319\clrjit.dll" is sparse (flags = 32768)
File "C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\7dd0e8469c07b8366550ef8467bba40d\System.Xml.ni.dll" is sparse (flags = 32768)
File "C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\30060bb17fc8622a68c18f3687ebac80\System.Core.ni.dll" is sparse (flags = 32768)
File "C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\48932109b3d17e06eb5d8a3540b6156d\System.Configuration.ni.dll" is sparse (flags = 32768)
File "C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Transactions\ed8c335539aeab3296dfc355ff5c8d95\System.Transactions.ni.dll" is sparse (flags = 32768)
File "C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\0284b7dc578a54a177472ad326441be1\System.Runtime.Serialization.ni.dll" is sparse (flags = 32768)
File "C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Net.Http\9ccb70171b63edaf3783c509ecd204c0\System.Net.Http.ni.dll" is sparse (flags = 32768)
File "C:\Windows\System32\httpapi.dll" is sparse (flags = 32768)
File "C:\Windows\System32\dpapi.dll" is sparse (flags = 32768)
File "C:\Windows\System32\gpapi.dll" is sparse (flags = 32768)
File "C:\Windows\System32\cryptnet.dll" is sparse (flags = 32768)
File "C:\Windows\System32\webio.dll" is sparse (flags = 32768)
File "C:\Windows\System32\MSKEYPROTECT.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\ncrypt.dll" is sparse (flags = 32768)
File "C:\Windows\System32\ntasn1.dll" is sparse (flags = 32768)
File "C:\Windows\WinSxS\x86_avast.vc110.crt_2036b14a11e83e4a_11.0.60610.1_none_1d37a43bbfe1dc9c\msvcp110.dll" is sparse (flags = 32768)
File "C:\Windows\WinSxS\x86_avast.vc110.crt_2036b14a11e83e4a_11.0.60610.1_none_1d37a43bbfe1dc9c\msvcr110.dll" is sparse (flags = 32768)
File "C:\Windows\System32\rasman.dll" is sparse (flags = 32768)
File "C:\Windows\System32\dbghelp.dll" is sparse (flags = 32768)
File "C:\Windows\System32\dbgcore.dll" is sparse (flags = 32768)
File "C:\Windows\System32\secur32.dll" is sparse (flags = 32768)
File "C:\Windows\System32\wbem\wbemprox.dll" is sparse (flags = 32768)
File "C:\Windows\System32\wbemcomn.dll" is sparse (flags = 32768)
File "C:\Windows\System32\wbem\wbemsvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\wbem\fastprox.dll" is sparse (flags = 32768)
File "C:\Windows\System32\hid.dll" is sparse (flags = 32768)
File "C:\Windows\System32\MMDevAPI.dll" is sparse (flags = 32768)
File "C:\Windows\System32\AudioSes.dll" is sparse (flags = 32768)
File "C:\Windows\System32\usp10.dll" is sparse (flags = 32768)
File "C:\Windows\System32\ntdsapi.dll" is sparse (flags = 32768)
File "C:\Windows\System32\credui.dll" is sparse (flags = 32768)
File "C:\Windows\System32\oleacc.dll" is sparse (flags = 32768)
File "C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.472_none_42ecd1cc44e43e73\comctl32.dll" is sparse (flags = 32768)
File "C:\Windows\System32\rmclient.dll" is sparse (flags = 32768)
File "C:\Windows\System32\DIRECTMANIPULATION.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\d3d11.dll" is sparse (flags = 32768)
File "C:\Windows\System32\samlib.dll" is sparse (flags = 32768)
File "C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.17134.472_none_73d7c4b19f76b841\GdiPlus.dll" is sparse (flags = 32768)
File "C:\Windows\System32\dxva2.dll" is sparse (flags = 32768)
File "C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PRESENTATIONFONTCACHE.EXE" is sparse (flags = 32768)
File "C:\Windows\System32\sxs.dll" is sparse (flags = 32768)
File "C:\Windows\System32\dllhost.exe" is sparse (flags = 32768)
File "C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" is sparse (flags = 32768)
File "C:\Windows\System32\wsock32.dll" is sparse (flags = 32768)
File "C:\Windows\WinSxS\x86_avast.vc110.crt_2036b14a11e83e4a_11.0.60610.1_none_1d37a43bbfe1dc9c\mfc110u.dll" is sparse (flags = 32768)
File "C:\Windows\System32\Wldap32.dll" is sparse (flags = 32768)
File "C:\Windows\System32\normaliz.dll" is sparse (flags = 32768)
File "C:\Windows\System32\devrtl.dll" is sparse (flags = 32768)
File "C:\Windows\System32\drvstore.dll" is sparse (flags = 32768)
File "C:\Windows\System32\spinf.dll" is sparse (flags = 32768)
File "C:\Windows\System32\RTWorkQ.dll" is sparse (flags = 32768)
File "C:\Windows\System32\MSMPEG2VDEC.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\mf.dll" is sparse (flags = 32768)
File "C:\Windows\System32\msvproc.dll" is sparse (flags = 32768)
File "C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\6c51098849c1249fbce36e045c10f84c\WindowsBase.ni.dll" is sparse (flags = 32768)
File "C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\59322625e79937d055f5e14f8dfe1790\PresentationCore.ni.dll" is sparse (flags = 32768)
File "C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio5ae0f00f#\4bb24270683a8f59195cba36105c3f7f\PresentationFramework.ni.dll" is sparse (flags = 32768)
File "C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\2dd583b5f64f681b49b8ffd5f19f3e55\System.Xaml.ni.dll" is sparse (flags = 32768)
File "C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\039b4d745cebf25ce0c5dd0318debd04\System.Drawing.ni.dll" is sparse (flags = 32768)
File "C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\a212748b5f06b36bc68835ae9acb93d8\System.Windows.Forms.ni.dll" is sparse (flags = 32768)
File "C:\Windows\System32\xmllite.dll" is sparse (flags = 32768)
File "C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatioaec034ca#\cd343aa00c91177dabc4fb8c61bb0cb0\PresentationFramework.Aero2.ni.dll" is sparse (flags = 32768)
File "C:\Windows\System32\D3DCOMPILER_47.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\msxml3.dll" is sparse (flags = 32768)
File "C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Web\af96f7c9b6c080c49db29f3e95bac70a\System.Web.ni.dll" is sparse (flags = 32768)
File "C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Web.28b9ef5a#\fb4484be1c428a91d786784a1d7428ba\System.Web.Extensions.ni.dll" is sparse (flags = 32768)
File "C:\Windows\System32\rtutils.dll" is sparse (flags = 32768)
File "C:\Windows\System32\SEARCHINDEXER.EXE" is sparse (flags = 32768)
File "C:\Windows\System32\audiodg.exe" is sparse (flags = 32768)
File "C:\Windows\System32\SEARCHPROTOCOLHOST.EXE" is sparse (flags = 32768)
File "C:\Windows\System32\SEARCHFILTERHOST.EXE" is sparse (flags = 32768)
File "C:\Windows\System32\THUMBCACHE.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\MSVCP110_WIN.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\cmdext.dll" is sparse (flags = 32768)
File "C:\Windows\System32\userinit.exe" is sparse (flags = 32768)
File "C:\Windows\System32\msv1_0.dll" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\AcpiDev.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\1394ohci.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\flpydisk.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\mspclock.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\acpitime.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\acpiex.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\acpi.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\isapnp.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\amdk8.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\acpipagr.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\afd.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\hidi2c.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\sdstor.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\asyncmac.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\BASICRENDER.SYS" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\amdppm.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\wcnfs.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\atapi.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\BASICDISPLAY.SYS" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\pciide.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\fdc.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\bindflt.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\bthenum.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\HYPERVIDEO.SYS" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\BTHHFENUM.SYS" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\bthport.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\bttflt.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\BUTTONCONVERTER.SYS" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\cng.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\cdfs.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\mup.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\CmBatt.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\condrv.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\partmgr.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\disk.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\dmvsc.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\drmkaud.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\serial.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\dxgkrnl.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\tcpip.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\EHSTORCLASS.SYS" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\EHSTORTCGDRV.SYS" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\errdev.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\ksthunk.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\fileinfo.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\vmstorfl.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\FILETRACE.SYS" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\fltMgr.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\FSDEPENDS.SYS" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\STORQOSFLT.SYS" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\fvevol.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\ndisuio.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\MSGPIOCLX.SYS" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\rasl2tp.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\hdaudbus.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\hidbatt.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\HIDINTERRUPT.SYS" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\HVSERVICE.SYS" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\hwpolicy.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\hyperkbd.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\ndproxy.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\i8042prt.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\NDISVIRTUALBUS.SYS" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\usbhub.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\mspqm.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\intelide.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\intelppm.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\iorate.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\IPMIDrv.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\msiscsi.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\kbdclass.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\kbdhid.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\msisadrv.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\mstee.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\ksecpkg.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\vwififlt.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\mmcss.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\mouclass.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\mouhid.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\mountmgr.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\mrxsmb20.sys" is sparse (flags = 32768)
File "C:\Windows\System32\VSSVC.exe" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\MSHIDKMDF.SYS" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\mssmbios.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\MTConfig.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\netbios.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\netvsc.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\ndis.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\ndistapi.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\ndiswan.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\NETADAPTERCX.SYS" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\NPSVCTRIG.SYS" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\parport.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\pci.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\pcw.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\pdc.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\pcmcia.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\raspptp.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\processr.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\ramdisk.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\rasacd.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\agilevpn.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\raspppoe.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\rassstp.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\rdbss.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\sbp2port.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\sdbus.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\SerCx.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\SpbCx.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\serenum.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\SerCx2.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\sermouse.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\sfloppy.sys" is sparse (flags = 32768)
File "C:\Windows\System32\sppsvc.exe" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\storahci.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\storvsc.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\tdx.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\vdrvroot.sys" is sparse (flags = 32768)
File "C:\Windows\servicing\TRUSTEDINSTALLER.EXE" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\uaspstor.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\Udecx.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\usbccgp.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\udfs.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\umbus.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\umpass.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\USBXHCI.SYS" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\usbuhci.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\usbohci.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\usbehci.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\USBHUB3.SYS" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\usbser.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\USBSTOR.SYS" is sparse (flags = 32768)
File "C:\Windows\System32\vds.exe" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\VERIFIEREXT.SYS" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\vhdmp.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\VMBusHID.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\volmgrx.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\volsnap.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\volume.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\vsmraid.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\vwifibus.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\vwifimp.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\wacompen.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\wanarp.sys" is sparse (flags = 32768)
File "C:\Windows\System32\wbengine.exe" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\Wdf01000.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\wmiacpi.sys" is sparse (flags = 32768)
File "C:\Windows\System32\wbem\WmiApSrv.exe" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\ws2ifsl.sys" is sparse (flags = 32768)
File "C:\Windows\System32\umpnpmgr.dll" is sparse (flags = 32768)
File "C:\Windows\System32\smphost.dll" is sparse (flags = 32768)
File "C:\Windows\System32\AUDIOENDPOINTBUILDER.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\APPXDEPLOYMENTSERVER.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\audiosrv.dll" is sparse (flags = 32768)
File "C:\Windows\System32\BCASTDVRUSERSERVICE.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\RpcEpMap.dll" is sparse (flags = 32768)
File "C:\Windows\System32\netman.dll" is sparse (flags = 32768)
File "C:\Windows\System32\umpo.dll" is sparse (flags = 32768)
File "C:\Windows\System32\BTAGSERVICE.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\BTHAVCTPSVC.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\bthserv.dll" is sparse (flags = 32768)
File "C:\Windows\System32\cryptsvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\DEFRAGSVC.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\dusmsvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\DIAGTRACK.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\dnsrslvr.dll" is sparse (flags = 32768)
File "C:\Windows\System32\eapsvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\efssvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\ENTERPRISEAPPMGMTSVC.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\srvsvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\gpsvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\hidserv.dll" is sparse (flags = 32768)
File "C:\Windows\System32\INSTALLSERVICE.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\keyiso.dll" is sparse (flags = 32768)
File "C:\Windows\System32\wersvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\wcmsvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\wkssvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\lpasvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\lmhsvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\lsm.dll" is sparse (flags = 32768)
File "C:\Windows\System32\iscsiexe.dll" is sparse (flags = 32768)
File "C:\Windows\System32\nlasvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\netlogon.dll" is sparse (flags = 32768)
File "C:\Windows\System32\NETSETUPSVC.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\IPSECSVC.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\rasauto.dll" is sparse (flags = 32768)
File "C:\Windows\System32\rasmans.dll" is sparse (flags = 32768)
File "C:\Windows\System32\RMapi.dll" is sparse (flags = 32768)
File "C:\Windows\System32\sensrsvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\sstpsvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\svsvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\swprv.dll" is sparse (flags = 32768)
File "C:\Windows\System32\TIMEBROKERSERVER.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\TZAUTOUPDATE.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\usermgr.dll" is sparse (flags = 32768)
File "C:\Windows\System32\w32time.dll" is sparse (flags = 32768)
File "C:\Windows\System32\wlansvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\wcncsvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\wbem\WMIsvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\wuaueng.dll" is sparse (flags = 32768)
File "C:\Windows\System32\rundll32.exe" is sparse (flags = 32768)
File "C:\ProgramData\Microsoft\Windows Defender\Scans\mpcache-AA28C95A0B4040B9FFB8DD5BD86CE157ADC028E4.bin.79" is compressed (flags = 1)
File "C:\ProgramData\Microsoft\Windows Defender\Scans\mpcache-AA28C95A0B4040B9FFB8DD5BD86CE157ADC028E4.bin.7C" is compressed (flags = 1)
File "C:\ProgramData\Microsoft\Windows Defender\Scans\mpcache-AA28C95A0B4040B9FFB8DD5BD86CE157ADC028E4.bin.83" is compressed (flags = 1)
Scan finished
=======================================


Removal queue found; removal started
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-r.mbam...
Removal finished

#14

El problema que tienes NO es por infección. :pensive:


#15

Comprendo que pueda parecer eso, y quizá lo sea, pero me parece muy raro que cuando ejecuto un analisis en el equipo, el problema se solucione hasta que el antivirus acaba el escaneo. Igual que cuando reestablecí el pc a valores de fábrica, funcionó perfectamente durante unas horas hasta que volvió el problema.

Ahora por ejemplo llevo un par de días que puedo usar las teclas sin que escriban guiones después de pulsarlas, pero el botón del guión sigue sin funcionar (tamopco puedo abrir corchetes, tengo que copiarlo y pegarlo). Y podría admitir que fuera un fallo de hardware y que la tecla del guión ha muerto y por eso provocaba problemas en otrsa, pero es que cuando el pc ha ido bien hasta esa tecla funcionaba.

Osea yo despues de reestablecer de fábrica, tenía un pc que funcionaba bien. Todo iba correcto hasta que volvió a suceder. Por como se comporta el ordenador me parecería muy raro que fuese fallo físico del teclado.

Además, que los procesos de skype y teamviewer se inicien con el pc (aun habiendo indicado que NO se inicien en el arranque) y que tenga que cerrarlos 3 o 4 veces más antes de que se cierren definitivamente me huele muy mal.

No quiero contradecirte ni poner en duda lo que me has dicho, tú sabes de ordenadores infinitamente más que yo, no te tomes a mal lo que te he dicho.

PD: no se si es un dato importante porque yo lo he achacado a que windows reconocía que se estaba escribiendo (por lo del guión) y por eso iba mal, pero el trackpad también va fatal. Tengo un ratón por usb y ese va perfecto, pero el trackapd RARA vez funciona bien.

PD2: perdona que no pare de editar el mensaje, pero conforme me voy acordando de cosas creo que debería decirtelas para que puedas tener una imagen completa de lo que pasa. Cuando pongo el pc en modo suspensión, vuelve a iniciarse solo, como si hubiera algo que impidiese que siga en modo suspensión. También cuando inicié en modo seguro, en la pantalla de escribir la contraseña para iniciar sesión, empezó a escribir guiones solo y cuando reinicié para volver a usar windows normal no me dejaba escribir (es un problema que pasa a veces cuando inicio el pc desde que tengo este problema), una vez reinicio puedo escribir normal con el teclado (con el problema del guión que no funciona, pero puedo escribir). El otro día por ejemplo me fui 10 min y cuando volví había empezado a escribir guiones en el buscador de chrome.


#16

Sigo diciendo que NO creo que sea problema de infección, los resultados de tus informes no parece que tengas nada grave, y es mas probable por lo que indicas que sea fallo de hardware tanto del teclado como con el trackpad del portátil.

Como alternativa puedes hacer la instalación de la nueva versión de Windows 10.

Para hacerlo debes usar la opción/botón azul de “Actualizar ahora” del instalador de la pagina oficial de Microsoft :arrow_right: https://www.microsoft.com/es-es/software-download/windows10

Una vez que hayas terminado TODO el proceso de actualización a la versión 1809 de W10 debes revisar que exista alguna actualización pendiente desde windows update hasta que compruebes que YA NO quede ninguna. :face_with_monocle:

Cuando termines los pasos nos comentas.

Saludos.