Múltiples sincronizaciones automáticas desde muchos países


#21

Hola

Desactiva temporalmente tu antivirus y cualquier programa de seguridad que tengas en funciones.

Descarga Farbar Recovery Scan Tool en el escritorio de Tu PC. Selecciona la versión adecuada para la arquitectura (32 o 64bits) de tu equipo.

Como saber si Mi Windows es de 32 0 64 Bits`

  • Ejecuta FRST.exe
  • En el mensaje de la ventana del Disclaimer, pulsamos Yes
  • En la ventana principal pulsamos en el botón Scan y esperamos a que concluya el proceso.
  • Se abrirán dos(2) archivos(Logs), Frst.txt y Addition.txt, estos quedaran grabados en el escritorio.

Guía: Como Ejecutar FRST

En Tu próxima respuesta, debes pegar los dos reportes generados.

Debes copiarlos y pegarlos con todo su contenido y usaras varios mensajes si recibes un mensaje de error indicando que es muy largo(mas de 50.000 caracteres aprox.).

Envuelve cada uno de los informes con una etiqueta escrita CODE_Inicial al inicio del informe y otra como este CODE_Final al final del mismo.

Saludos


#22
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 27.11.2018
Ran by Denis Zapata (administrator) on LAPTOP-ASUS (27-11-2018 16:33:34)
Running from C:\Users\Denis Zapata\Downloads
Loaded Profiles: Denis Zapata (Available Profiles: Denis Zapata)
Platform: Windows 10 Home Single Language Version 1803 17134.407 (X64) Language: Español (España, internacional)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Windows\System32\LsaIso.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_323fd0e5a4b9830c\igfxCUIService.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Razer Inc) C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe
(Hi-Rez Studios) C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS GiftBox Service\GiftBoxService.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(ELAN Microelectronics Corp.) C:\Windows\System32\ELANFPService.exe
() C:\Windows\SysWOW64\PnkBstrB.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(Intel) C:\Program Files (x86)\Intel Driver and Support Assistant\DSAService.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Razer Cortex\RzKLService.exe
(Conexant Systems, Inc.) C:\Windows\System32\SASrv.exe
() C:\Program Files\Intel\SUR\QUEENCREEK\SurSvc.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1810.5-0\MsMpEng.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1810.5-0\NisSrv.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler64.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Program Files\rempl\sedsvc.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Microsoft Corporation) C:\Program Files\rempl\sedlauncher.exe
() C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
() C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_323fd0e5a4b9830c\igfxEM.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(Microsoft Corporation) C:\Windows\System32\CastSrv.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(ASUSTek Computer Inc.) C:\Program Files\WindowsApps\B9ECED6F.ASUSBatteryHealthCharging_1.0.7.0_x86__qmba6cd70vzyy\ASUS Battery Health Charging\BhcMgr.exe
(Razer) C:\Program Files (x86)\Razer\Razer Cortex\RazerCortex.exe
(ASUSTeK COMPUTER INC.) C:\Program Files (x86)\ASUS\ASUS GiftBox Service\GiftBox.Agent.exe
(The CefSharp Authors) C:\Program Files (x86)\Razer\Razer Cortex\Cef\CefSharp.BrowserSubprocess.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Razer Services\Razer Central\Razer Central.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Razer Cortex\PMRunner32.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Razer Cortex\x64\PMRunner64.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Razer Cortex\FPSRunner32.exe
(The CefSharp Authors) C:\Program Files (x86)\Razer\Razer Services\Razer Central\CefSharp.BrowserSubprocess.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Razer Cortex\x64\FPSRunner64.exe
(Conexant Systems, Inc) C:\Program Files\CONEXANT\SAII\SmartAudio.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ink\InputPersonalization.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-11] (Microsoft Corporation)
HKLM-x32\...\Run: [DSATray] => C:\Program Files (x86)\Intel Driver and Support Assistant\DsaTray.exe [126712 2018-10-18] (Intel)
HKLM-x32\...\Run: [RazerCortex] => C:\Program Files (x86)\Razer\Razer Cortex\CortexLauncher.exe [266624 2018-10-19] (Razer Inc.)
HKU\S-1-5-21-4040028069-3033203577-131071101-1004\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [729704 2018-06-20] (Disc Soft Ltd)
HKU\S-1-5-21-4040028069-3033203577-131071101-1004\...\RunOnce: [Application Restart #0] => C:\Program Files\Common Files\microsoft shared\ink\InputPersonalization.exe [369152 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-21-4040028069-3033203577-131071101-1004\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
GroupPolicy\User: Restriction ? <==== ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 200.49.130.44 200.42.4.207
Tcpip\..\Interfaces\{4cf824fd-91e0-4b51-bce1-ed94c59842e2}: [DhcpNameServer] 200.49.130.44 200.42.4.207

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = 
HKU\S-1-5-21-4040028069-3033203577-131071101-1004\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/
HKU\S-1-5-21-4040028069-3033203577-131071101-1004\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus17win10.msn.com/?pc=ASTE
SearchScopes: HKU\S-1-5-21-4040028069-3033203577-131071101-1004 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-4040028069-3033203577-131071101-1004 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll [2018-07-19] (IObit)

Edge: 
======
Edge HomeButtonPage: HKU\S-1-5-21-4040028069-3033203577-131071101-1004 -> hxxps://www.google.com.ar/

FireFox:
========
FF Plugin: @unity3d.com/UnityPlayer64,version=1.0 -> C:\Program Files\Unity\WebPlayer64\loader-x64\npUnity3D64.dll [2015-06-08] (Unity Technologies ApS)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-11-12] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-11-12] (Google Inc.)

Chrome: 
=======
CHR HomePage: Default -> hxxps://www.google.com/
CHR StartupUrls: Default -> "hxxps://www.google.com/"
CHR Profile: C:\Users\Denis Zapata\AppData\Local\Google\Chrome\User Data\Default [2018-11-27]
CHR Extension: (Presentaciones) - C:\Users\Denis Zapata\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-11-12]
CHR Extension: (Documentos) - C:\Users\Denis Zapata\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-11-12]
CHR Extension: (Google Drive) - C:\Users\Denis Zapata\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-11-12]
CHR Extension: (YouTube) - C:\Users\Denis Zapata\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-11-12]
CHR Extension: (Hojas de cálculo) - C:\Users\Denis Zapata\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-11-12]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\Denis Zapata\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-11-12]
CHR Extension: (AdBlock) - C:\Users\Denis Zapata\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2018-11-12]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Denis Zapata\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-11-12]
CHR Extension: (Gmail) - C:\Users\Denis Zapata\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-11-12]
CHR Extension: (Chrome Media Router) - C:\Users\Denis Zapata\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-11-12]
CHR Profile: C:\Users\Denis Zapata\AppData\Local\Google\Chrome\User Data\System Profile [2018-11-27]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S4 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [2910696 2018-09-10] (Adobe Systems, Incorporated)
S4 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2704872 2018-09-10] (Adobe Systems, Incorporated)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [7201680 2018-07-26] ()
S3 DevActSvc; C:\Program Files (x86)\ASUS\ASUS Device Activation\DevActSvc.exe [326032 2018-06-05] ()
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [3606632 2018-06-20] (Disc Soft Ltd)
R2 DSAService; C:\Program Files (x86)\Intel Driver and Support Assistant\DSAService.exe [23800 2018-10-18] (Intel)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [781440 2018-10-15] (EasyAntiCheat Ltd)
R2 ELANFPService; C:\Windows\System32\ELANFPService.exe [176224 2018-08-10] (ELAN Microelectronics Corp.)
R2 esifsvc; C:\Windows\System32\Intel\DPTF\esif_uf.exe [1855976 2018-10-31] (Intel Corporation)
R2 ESRV_SVC_QUEENCREEK; C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe [937192 2018-09-19] ()
R2 GiftBox.Service; C:\Program Files (x86)\ASUS\ASUS GiftBox Service\GiftBoxService.exe [302416 2018-06-28] (ASUSTeK Computer Inc.)
U2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9728 2018-06-11] (Hi-Rez Studios) [File not signed]
R2 ibtsiva; C:\Windows\System32\ibtsiva.exe [550568 2018-05-02] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [742704 2017-09-21] (Intel(R) Corporation)
S3 Intel(R) SUR QC SAM; C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [18168 2017-07-13] (Intel Corporation)
S2 Intel(R) TPM Provisioning Service; C:\Program Files\Intel\iCLS Client\TPMProvisioningService.exe [668472 2017-09-21] (Intel(R) Corporation)
S2 IObitUnSvr; C:\Program Files (x86)\IObit\IObit Uninstaller\IUService.exe [153360 2018-09-25] (IObit)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [197264 2017-09-25] (Intel Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [265824 2018-04-17] ()
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76888 2018-07-25] ()
R2 PnkBstrB; C:\WINDOWS\SysWOW64\PnkBstrB.exe [189248 2018-07-25] ()
R2 Razer Game Manager Service; C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe [253776 2018-09-20] (Razer Inc)
R2 RzActionSvc; C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe [534400 2018-09-26] (Razer Inc.)
R2 RzKLService; C:\Program Files (x86)\Razer\Razer Cortex\RzKLService.exe [290352 2018-10-19] (Razer Inc.)
R2 SAService; C:\Windows\system32\SAsrv.exe [416576 2016-10-27] (Conexant Systems, Inc.)
S4 ssh-agent; C:\Windows\System32\OpenSSH\ssh-agent.exe [495616 2018-03-10] ()
R2 SystemUsageReportSvc_QUEENCREEK; C:\Program Files\Intel\SUR\QUEENCREEK\SurSvc.exe [194792 2018-09-19] ()
S3 USER_ESRV_SVC_QUEENCREEK; C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe [937192 2018-09-19] ()
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1810.5-0\NisSrv.exe [3917016 2018-10-23] (Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1810.5-0\MsMpEng.exe [114208 2018-10-23] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3848288 2018-04-17] (Intel® Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AmUStor; C:\Windows\system32\drivers\AmUStor.SYS [109008 2018-08-10] ()
R3 AsusPTPDrv; C:\Windows\System32\drivers\AsusPTPFilter.sys [100752 2017-08-15] (ASUSTek COMPUTER INC.)
R3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd.)
R3 dptf_acpi; C:\Windows\System32\drivers\dptf_acpi.sys [78680 2018-10-31] (Intel Corporation)
R3 dptf_cpu; C:\Windows\System32\drivers\dptf_cpu.sys [71000 2018-10-31] (Intel Corporation)
R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2018-07-15] (Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\drivers\dtliteusbbus.sys [47672 2018-07-15] (Disc Soft Ltd)
R3 esif_lf; C:\Windows\System32\drivers\esif_lf.sys [402264 2018-10-31] (Intel Corporation)
R3 ETDSMBus; C:\Windows\System32\drivers\ETDSMBus.sys [31816 2018-07-15] (ELAN Microelectronic Corp.)
R3 HIDSwitch; C:\Windows\System32\drivers\AsRadioControl.sys [34184 2018-10-06] (ASUS)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2018-07-14] (REALiX(tm))
R0 iaStorAC; C:\Windows\System32\drivers\iaStorAC.sys [967696 2018-08-10] (Intel Corporation)
R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [141848 2018-10-14] (Intel Corporation)
R3 IntcDAud; C:\Windows\System32\DriverStore\FileRepository\intcdaud.inf_amd64_ad5691824a5386fe\IntcDAud.sys [630976 2018-10-23] (Intel(R) Corporation)
R3 IUProcessFilter; C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win10_amd64\IUProcessFilter.sys [37184 2018-10-16] (IObit)
R3 IURegistryFilter; C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win10_amd64\IURegistryFilter.sys [43392 2018-10-16] (IObit)
S3 Microsoft_Bluetooth_AvrcpTransport; C:\Windows\system32\DRIVERS\Microsoft.Bluetooth.AvrcpTransport.sys [46592 2018-04-11] (Microsoft Corporation)
R3 necbatt; C:\Windows\System32\drivers\necbatt.sys [28512 2018-10-14] (NEC Personal Computers, Ltd.)
R3 Netwtw06; C:\Windows\System32\drivers\Netwtw06.sys [8815128 2018-10-23] (Intel Corporation)
R3 semav6msr64; C:\Windows\system32\drivers\semav6msr64.sys [43008 2018-09-19] ()
R3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd.)
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [46184 2018-10-23] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [328696 2018-10-23] (Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [60408 2018-10-23] (Microsoft Corporation)
U4 AppMgmt; no ImagePath
U4 CscService; no ImagePath
U4 napagent; no ImagePath
U4 PeerDistSvc; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-11-27 16:33 - 2018-11-27 16:34 - 000017973 _____ C:\Users\Denis Zapata\Downloads\FRST.txt
2018-11-27 16:32 - 2018-11-27 16:33 - 000000000 ____D C:\FRST
2018-11-27 16:31 - 2018-11-27 16:32 - 002416640 _____ (Farbar) C:\Users\Denis Zapata\Downloads\FRST64.exe
2018-11-27 15:38 - 2018-11-27 15:38 - 000003550 _____ C:\Windows\System32\Tasks\ASUS Live Update1
2018-11-27 03:42 - 2018-11-27 03:42 - 000000306 _____ C:\DelFix.txt
2018-11-27 02:19 - 2018-11-27 02:19 - 000000000 ____D C:\Users\Denis Zapata\AppData\Roaming\Macromedia
2018-11-25 23:59 - 2018-11-26 00:03 - 000000000 ____D C:\Users\Denis Zapata\AppData\Roaming\Visual Studio Setup
2018-11-25 23:59 - 2018-11-25 23:59 - 000001375 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio Installer.lnk
2018-11-25 23:59 - 2018-11-25 23:59 - 000000000 ____D C:\Users\Denis Zapata\AppData\Roaming\vstelemetry
2018-11-25 23:59 - 2018-11-25 23:59 - 000000000 ____D C:\Users\Denis Zapata\AppData\Roaming\Microsoft Visual Studio
2018-11-25 23:59 - 2018-11-25 23:59 - 000000000 ____D C:\Users\Denis Zapata\AppData\Local\ServiceHub
2018-11-25 23:59 - 2018-11-25 23:59 - 000000000 ____D C:\Program Files (x86)\Microsoft Visual Studio
2018-11-25 23:58 - 2018-11-25 23:58 - 000000000 ____D C:\ProgramData\Microsoft Visual Studio
2018-11-25 22:42 - 2018-11-25 22:42 - 000085600 ____N (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\35688928.sys
2018-11-25 22:35 - 2018-11-25 22:35 - 000000000 ____D C:\Users\Public\Documents\Catch!
2018-11-25 22:35 - 2018-11-25 22:35 - 000000000 ____D C:\Users\Denis Zapata\AppData\Roaming\DAEMON Tools Lite
2018-11-25 22:35 - 2018-11-25 22:35 - 000000000 ____D C:\Users\Denis Zapata\AppData\Local\Disc_Soft_Ltd
2018-11-25 22:35 - 2018-11-25 22:35 - 000000000 ____D C:\ProgramData\DAEMON Tools Lite
2018-11-25 19:41 - 2018-11-25 19:41 - 000000000 ____D C:\KVRT_Data
2018-11-23 22:26 - 2018-11-23 22:26 - 000000000 ____D C:\Users\Denis Zapata\AppData\Local\DBG
2018-11-23 21:11 - 2018-11-23 21:11 - 000000000 ____D C:\Users\Denis Zapata\AppData\Local\ESET
2018-11-23 20:22 - 2018-11-23 20:39 - 000000000 ____D C:\Users\Denis Zapata\AppData\Roaming\ZHP
2018-11-23 20:22 - 2018-11-23 20:22 - 000000000 ____D C:\Users\Denis Zapata\AppData\Local\ZHP
2018-11-23 20:14 - 2018-11-23 20:14 - 000000000 ____D C:\Users\Denis Zapata\AppData\Local\__SHARED
2018-11-23 20:02 - 2018-11-23 20:02 - 000000000 ____D C:\Users\Denis Zapata\AppData\Local\mbam
2018-11-23 20:01 - 2018-11-23 20:01 - 000000000 ____D C:\Users\Denis Zapata\AppData\Local\mbamtray
2018-11-23 19:50 - 2018-11-23 19:50 - 000000000 ____D C:\Users\Denis Zapata\AppData\Roaming\Dev-Cpp
2018-11-23 19:49 - 2018-11-23 19:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bloodshed Dev-C++
2018-11-23 19:46 - 2018-11-23 19:46 - 000000000 ____D C:\Program Files (x86)\Dev-Cpp
2018-11-23 18:00 - 2018-11-23 18:00 - 000000000 ____D C:\Users\Denis Zapata\AppData\Local\Steam
2018-11-22 20:44 - 2018-11-23 18:48 - 000000000 ____D C:\Users\Denis Zapata\AppData\Local\D3DSCache
2018-11-22 20:34 - 2018-11-22 20:34 - 000000000 ____D C:\ProgramData\Blizzard Entertainment
2018-11-22 20:33 - 2018-11-22 21:17 - 000000000 ____D C:\Users\Denis Zapata\AppData\Local\Battle.net
2018-11-22 20:33 - 2018-11-22 20:34 - 000000000 ____D C:\Users\Denis Zapata\AppData\Roaming\Battle.net
2018-11-22 20:33 - 2018-11-22 20:33 - 000000000 ____D C:\Users\Denis Zapata\AppData\Local\Blizzard Entertainment
2018-11-22 02:02 - 2018-11-16 20:00 - 000834960 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2018-11-22 02:02 - 2018-11-16 20:00 - 000179600 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2018-11-20 21:17 - 2018-11-20 21:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
2018-11-20 21:16 - 2018-11-22 20:33 - 000000000 ____D C:\Program Files (x86)\Battle.net
2018-11-20 19:41 - 2018-11-20 21:16 - 000000000 ____D C:\ProgramData\Battle.net
2018-11-19 01:19 - 2018-11-19 01:19 - 000000000 ____D C:\Program Files\Unity
2018-11-18 22:53 - 2018-11-18 22:53 - 000000279 _____ C:\Users\Denis Zapata\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Papelera de reciclaje.lnk
2018-11-18 21:38 - 2018-11-18 21:39 - 000000282 __RSH C:\Users\Denis Zapata\ntuser.pol
2018-11-17 21:21 - 2018-11-17 21:21 - 000003662 _____ C:\Windows\System32\Tasks\CreateExplorerShellUnelevatedTask
2018-11-14 19:14 - 2018-11-26 22:04 - 000000000 ____D C:\Users\Denis Zapata\Desktop\Memes
2018-11-14 16:14 - 2018-11-14 16:14 - 000003936 _____ C:\Windows\System32\Tasks\CCleaner Update
2018-11-13 21:29 - 2018-11-15 01:49 - 000000000 ____D C:\Users\Denis Zapata\Desktop\2 Parcial
2018-11-13 17:08 - 2018-11-13 17:08 - 000395776 _____ (Microsoft Corporation) C:\Windows\system32\Search.ProtocolHandler.MAPI2.dll
2018-11-13 17:08 - 2018-11-13 17:08 - 000176640 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
2018-11-13 17:04 - 2018-11-01 08:49 - 000348160 _____ (Microsoft Corporation) C:\Windows\system32\MusNotifyIcon.exe
2018-11-13 17:04 - 2018-11-01 08:46 - 002394960 _____ (Microsoft Corporation) C:\Windows\system32\WMVCORE.DLL
2018-11-13 17:04 - 2018-11-01 08:45 - 004527776 _____ (Microsoft Corporation) C:\Windows\system32\sppsvc.exe
2018-11-13 17:04 - 2018-11-01 08:45 - 001617320 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll
2018-11-13 17:04 - 2018-11-01 08:45 - 001376672 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2018-11-13 17:04 - 2018-11-01 08:32 - 000064000 _____ (Microsoft Corporation) C:\Windows\system32\iemigplugin.dll
2018-11-13 17:04 - 2018-11-01 08:31 - 006602240 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2018-11-13 17:04 - 2018-11-01 08:30 - 000122368 _____ (Microsoft Corporation) C:\Windows\system32\musdialoghandlers.dll
2018-11-13 17:04 - 2018-11-01 08:30 - 000029696 _____ (Microsoft Corporation) C:\Windows\system32\msisip.dll
2018-11-13 17:04 - 2018-11-01 08:29 - 012710400 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2018-11-13 17:04 - 2018-11-01 08:29 - 000073728 _____ (Microsoft Corporation) C:\Windows\system32\SMSRouter.dll
2018-11-13 17:04 - 2018-11-01 08:28 - 004491264 _____ (Microsoft Corporation) C:\Windows\system32\xpsrchvw.exe
2018-11-13 17:04 - 2018-11-01 08:28 - 003649024 _____ (Microsoft Corporation) C:\Windows\system32\win32kfull.sys
2018-11-13 17:04 - 2018-11-01 08:28 - 000253952 _____ (Microsoft Corporation) C:\Windows\system32\prnntfy.dll
2018-11-13 17:04 - 2018-11-01 08:27 - 001121792 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2018-11-13 17:04 - 2018-11-01 08:27 - 000878592 _____ (Microsoft Corporation) C:\Windows\system32\CPFilters.dll
2018-11-13 17:04 - 2018-11-01 08:26 - 001364992 _____ (Microsoft Corporation) C:\Windows\system32\bcastdvruserservice.dll
2018-11-13 17:04 - 2018-11-01 08:26 - 000503296 _____ (Microsoft Corporation) C:\Windows\system32\sppcext.dll
2018-11-13 17:04 - 2018-11-01 08:26 - 000392192 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2018-11-13 17:04 - 2018-11-01 08:25 - 000577024 _____ (Microsoft Corporation) C:\Windows\system32\SppExtComObj.Exe
2018-11-13 17:04 - 2018-11-01 07:09 - 001027000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2018-11-13 17:04 - 2018-11-01 06:59 - 005669888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2018-11-13 17:04 - 2018-11-01 06:56 - 011902464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2018-11-13 17:04 - 2018-11-01 06:56 - 000226304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\prnntfy.dll
2018-11-13 17:04 - 2018-11-01 06:56 - 000024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msisip.dll
2018-11-13 17:04 - 2018-11-01 06:54 - 003397632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xpsrchvw.exe
2018-11-13 17:04 - 2018-11-01 06:54 - 000344576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2018-11-13 17:04 - 2018-11-01 06:53 - 000908288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2018-11-13 17:04 - 2018-11-01 06:52 - 002892800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32kfull.sys
2018-11-13 17:04 - 2018-11-01 06:15 - 023861760 _____ (Microsoft Corporation) C:\Windows\system32\Hydrogen.dll
2018-11-13 17:04 - 2018-11-01 06:13 - 019525120 _____ (Microsoft Corporation) C:\Windows\system32\HologramCompositor.dll
2018-11-13 17:04 - 2018-11-01 04:39 - 001035256 _____ (Microsoft Corporation) C:\Windows\system32\ApplyTrustOffline.exe
2018-11-13 17:04 - 2018-11-01 04:38 - 000269336 _____ (Microsoft Corporation) C:\Windows\system32\SgrmEnclave_secure.dll
2018-11-13 17:04 - 2018-11-01 04:37 - 000272408 _____ (Microsoft Corporation) C:\Windows\system32\SgrmEnclave.dll
2018-11-13 17:04 - 2018-11-01 04:28 - 001221432 _____ (Microsoft Corporation) C:\Windows\system32\hvix64.exe
2018-11-13 17:04 - 2018-11-01 04:28 - 001062712 _____ (Microsoft Corporation) C:\Windows\system32\SecConfig.efi
2018-11-13 17:04 - 2018-11-01 04:28 - 001029944 _____ (Microsoft Corporation) C:\Windows\system32\hvax64.exe
2018-11-13 17:04 - 2018-11-01 04:28 - 000566568 _____ (Microsoft Corporation) C:\Windows\system32\tcblaunch.exe
2018-11-13 17:04 - 2018-11-01 04:28 - 000134968 _____ (Microsoft Corporation) C:\Windows\system32\hvloader.dll
2018-11-13 17:04 - 2018-11-01 04:28 - 000076088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hvservice.sys
2018-11-13 17:04 - 2018-11-01 04:27 - 001017152 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2adec.dll
2018-11-13 17:04 - 2018-11-01 04:27 - 000491200 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2018-11-13 17:04 - 2018-11-01 04:26 - 007432120 _____ (Microsoft Corporation) C:\Windows\system32\windows.storage.dll
2018-11-13 17:04 - 2018-11-01 04:26 - 003291640 _____ (Microsoft Corporation) C:\Windows\system32\combase.dll
2018-11-13 17:04 - 2018-11-01 04:26 - 003180080 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2018-11-13 17:04 - 2018-11-01 04:26 - 001363536 _____ (Microsoft Corporation) C:\Windows\system32\WinTypes.dll
2018-11-13 17:04 - 2018-11-01 04:25 - 009089848 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2018-11-13 17:04 - 2018-11-01 04:25 - 007520088 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Protection.PlayReady.dll
2018-11-13 17:04 - 2018-11-01 04:25 - 004404912 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
2018-11-13 17:04 - 2018-11-01 04:25 - 002822456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2018-11-13 17:04 - 2018-11-01 04:25 - 002571320 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2018-11-13 17:04 - 2018-11-01 04:25 - 002371296 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2018-11-13 17:04 - 2018-11-01 04:25 - 001934808 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2018-11-13 17:04 - 2018-11-01 04:25 - 001784680 _____ (Microsoft Corporation) C:\Windows\system32\mfasfsrcsnk.dll
2018-11-13 17:04 - 2018-11-01 04:25 - 001456728 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2018-11-13 17:04 - 2018-11-01 04:25 - 001288920 _____ (Microsoft Corporation) C:\Windows\system32\mfmpeg2srcsnk.dll
2018-11-13 17:04 - 2018-11-01 04:25 - 001257880 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2018-11-13 17:04 - 2018-11-01 04:25 - 001209888 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2018-11-13 17:04 - 2018-11-01 04:25 - 001190248 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2018-11-13 17:04 - 2018-11-01 04:25 - 001140672 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2018-11-13 17:04 - 2018-11-01 04:25 - 000982592 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2018-11-13 17:04 - 2018-11-01 04:25 - 000885968 _____ (Microsoft Corporation) C:\Windows\system32\CoreMessaging.dll
2018-11-13 17:04 - 2018-11-01 04:25 - 000793080 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms2.sys
2018-11-13 17:04 - 2018-11-01 04:25 - 000713472 _____ (Microsoft Corporation) C:\Windows\system32\MSVideoDSP.dll
2018-11-13 17:04 - 2018-11-01 04:25 - 000594224 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2018-11-13 17:04 - 2018-11-01 04:25 - 000463672 _____ (Microsoft Corporation) C:\Windows\system32\coml2.dll
2018-11-13 17:04 - 2018-11-01 04:25 - 000413720 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2018-11-13 17:04 - 2018-11-01 04:25 - 000412984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2018-11-13 17:04 - 2018-11-01 04:25 - 000375824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msrpc.sys
2018-11-13 17:04 - 2018-11-01 04:25 - 000268088 _____ (Microsoft Corporation) C:\Windows\system32\browserbroker.dll
2018-11-13 17:04 - 2018-11-01 04:25 - 000261000 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2018-11-13 17:04 - 2018-11-01 04:09 - 025855488 _____ (Microsoft Corporation) C:\Windows\system32\edgehtml.dll
2018-11-13 17:04 - 2018-11-01 04:03 - 003397120 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll
2018-11-13 17:04 - 2018-11-01 04:03 - 000091136 _____ (Microsoft Corporation) C:\Windows\system32\VsGraphicsProxyStub.dll
2018-11-13 17:04 - 2018-11-01 04:03 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\dusmtask.exe
2018-11-13 17:04 - 2018-11-01 04:02 - 000047104 _____ (Microsoft Corporation) C:\Windows\system32\dusmapi.dll
2018-11-13 17:04 - 2018-11-01 04:02 - 000023552 _____ (Microsoft Corporation) C:\Windows\system32\CSystemEventsBrokerClient.dll
2018-11-13 17:04 - 2018-11-01 04:01 - 022716416 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2018-11-13 17:04 - 2018-11-01 04:01 - 009084928 _____ (Microsoft Corporation) C:\Windows\system32\BingMaps.dll
2018-11-13 17:04 - 2018-11-01 04:01 - 007057408 _____ (Microsoft Corporation) C:\Windows\system32\mos.dll
2018-11-13 17:04 - 2018-11-01 04:00 - 008189440 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2018-11-13 17:04 - 2018-11-01 04:00 - 006031360 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2018-11-13 17:04 - 2018-11-01 04:00 - 003392000 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2018-11-13 17:04 - 2018-11-01 04:00 - 000433664 _____ (Microsoft Corporation) C:\Windows\system32\MusNotification.exe
2018-11-13 17:04 - 2018-11-01 04:00 - 000209408 _____ (Microsoft Corporation) C:\Windows\system32\AppXApplicabilityBlob.dll
2018-11-13 17:04 - 2018-11-01 03:59 - 000322048 _____ (Microsoft Corporation) C:\Windows\system32\MusNotificationUx.exe
2018-11-13 17:04 - 2018-11-01 03:59 - 000241152 _____ (Microsoft Corporation) C:\Windows\system32\tetheringservice.dll
2018-11-13 17:04 - 2018-11-01 03:59 - 000192000 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2018-11-13 17:04 - 2018-11-01 03:59 - 000176128 _____ (Microsoft Corporation) C:\Windows\system32\WPTaskScheduler.dll
2018-11-13 17:04 - 2018-11-01 03:59 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\dab.dll
2018-11-13 17:04 - 2018-11-01 03:58 - 007573504 _____ (Microsoft Corporation) C:\Windows\system32\Chakra.dll
2018-11-13 17:04 - 2018-11-01 03:58 - 004867072 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2018-11-13 17:04 - 2018-11-01 03:58 - 004383744 _____ (Microsoft Corporation) C:\Windows\system32\EdgeContent.dll
2018-11-13 17:04 - 2018-11-01 03:58 - 000530432 _____ (Microsoft Corporation) C:\Windows\system32\MapConfiguration.dll
2018-11-13 17:04 - 2018-11-01 03:58 - 000273408 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll
2018-11-13 17:04 - 2018-11-01 03:58 - 000154112 _____ (Microsoft Corporation) C:\Windows\system32\Chakradiag.dll
2018-11-13 17:04 - 2018-11-01 03:58 - 000149504 _____ (Microsoft Corporation) C:\Windows\system32\dssvc.dll
2018-11-13 17:04 - 2018-11-01 03:57 - 005746688 _____ (Microsoft Corporation) C:\Windows\system32\VsGraphicsDesktopEngine.exe
2018-11-13 17:04 - 2018-11-01 03:57 - 003381248 _____ (Microsoft Corporation) C:\Windows\system32\MapRouter.dll
2018-11-13 17:04 - 2018-11-01 03:57 - 002825728 _____ (Microsoft Corporation) C:\Windows\system32\MapGeocoder.dll
2018-11-13 17:04 - 2018-11-01 03:57 - 002364928 _____ (Microsoft Corporation) C:\Windows\system32\OpcServices.dll
2018-11-13 17:04 - 2018-11-01 03:57 - 001804288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2018-11-13 17:04 - 2018-11-01 03:57 - 001708544 _____ (Microsoft Corporation) C:\Windows\system32\MSPhotography.dll
2018-11-13 17:04 - 2018-11-01 03:57 - 000898560 _____ (Microsoft Corporation) C:\Windows\system32\MusUpdateHandlers.dll
2018-11-13 17:04 - 2018-11-01 03:57 - 000894464 _____ (Microsoft Corporation) C:\Windows\system32\webplatstorageserver.dll
2018-11-13 17:04 - 2018-11-01 03:57 - 000835584 _____ (Microsoft Corporation) C:\Windows\system32\PhoneService.dll
2018-11-13 17:04 - 2018-11-01 03:57 - 000808448 _____ (Microsoft Corporation) C:\Windows\system32\EdgeManager.dll
2018-11-13 17:04 - 2018-11-01 03:57 - 000726528 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2018-11-13 17:04 - 2018-11-01 03:57 - 000356352 _____ (Microsoft Corporation) C:\Windows\system32\dusmsvc.dll
2018-11-13 17:04 - 2018-11-01 03:57 - 000281600 _____ (Microsoft Corporation) C:\Windows\system32\SystemEventsBrokerServer.dll
2018-11-13 17:04 - 2018-11-01 03:57 - 000265728 _____ (Microsoft Corporation) C:\Windows\system32\psmsrv.dll
2018-11-13 17:04 - 2018-11-01 03:56 - 002929664 _____ (Microsoft Corporation) C:\Windows\system32\xpsservices.dll
2018-11-13 17:04 - 2018-11-01 03:56 - 002172928 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.onecore.dll
2018-11-13 17:04 - 2018-11-01 03:56 - 001768448 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2018-11-13 17:04 - 2018-11-01 03:56 - 001395200 _____ (Microsoft Corporation) C:\Windows\system32\TokenBroker.dll
2018-11-13 17:04 - 2018-11-01 03:56 - 000506880 _____ (Microsoft Corporation) C:\Windows\system32\netprofmsvc.dll
2018-11-13 17:04 - 2018-11-01 03:55 - 002738688 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2018-11-13 17:04 - 2018-11-01 03:55 - 001058304 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2018-11-13 17:04 - 2018-11-01 03:55 - 000684544 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll
2018-11-13 17:04 - 2018-11-01 03:54 - 001679360 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2018-11-13 17:04 - 2018-11-01 03:54 - 001551360 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.desktop.dll
2018-11-13 17:04 - 2018-11-01 03:54 - 001264640 _____ (Microsoft Corporation) C:\Windows\system32\JpMapControl.dll
2018-11-13 17:04 - 2018-11-01 03:54 - 001225216 _____ (Microsoft Corporation) C:\Windows\system32\MapsStore.dll
2018-11-13 17:04 - 2018-11-01 03:54 - 001023488 _____ (Microsoft Corporation) C:\Windows\system32\ShareHost.dll
2018-11-13 17:04 - 2018-11-01 03:54 - 000943616 _____ (Microsoft Corporation) C:\Windows\system32\BingOnlineServices.dll
2018-11-13 17:04 - 2018-11-01 03:54 - 000916480 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Security.Authentication.Web.Core.dll
2018-11-13 17:04 - 2018-11-01 03:54 - 000895488 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Security.Authentication.OnlineId.dll
2018-11-13 17:04 - 2018-11-01 03:54 - 000884736 _____ (Microsoft Corporation) C:\Windows\system32\MapControlCore.dll
2018-11-13 17:04 - 2018-11-01 03:54 - 000796672 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
2018-11-13 17:04 - 2018-11-01 03:54 - 000606208 _____ (Microsoft Corporation) C:\Windows\system32\updatehandlers.dll
2018-11-13 17:04 - 2018-11-01 03:53 - 002248192 _____ (Microsoft Corporation) C:\Windows\system32\wlidsvc.dll
2018-11-13 17:04 - 2018-11-01 03:53 - 001373696 _____ (Microsoft Corporation) C:\Windows\system32\usocore.dll
2018-11-13 17:04 - 2018-11-01 03:53 - 001159680 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2018-11-13 17:04 - 2018-11-01 03:53 - 000889344 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2018-11-13 17:04 - 2018-11-01 03:53 - 000542208 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2018-11-13 17:04 - 2018-11-01 03:53 - 000406528 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2018-11-13 17:04 - 2018-11-01 02:39 - 000001310 _____ C:\Windows\system32\tcbres.wim
2018-11-13 17:04 - 2018-11-01 02:08 - 002417952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2018-11-13 17:04 - 2018-11-01 01:50 - 000861712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2adec.dll
2018-11-13 17:04 - 2018-11-01 01:50 - 000786288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2018-11-13 17:04 - 2018-11-01 01:48 - 006039064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\windows.storage.dll
2018-11-13 17:04 - 2018-11-01 01:48 - 004790184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll
2018-11-13 17:04 - 2018-11-01 01:48 - 002478872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\combase.dll
2018-11-13 17:04 - 2018-11-01 01:48 - 002331480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2018-11-13 17:04 - 2018-11-01 01:48 - 001805656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2018-11-13 17:04 - 2018-11-01 01:48 - 001011872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2018-11-13 17:04 - 2018-11-01 01:48 - 000880248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinTypes.dll
2018-11-13 17:04 - 2018-11-01 01:48 - 000384520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\coml2.dll
2018-11-13 17:04 - 2018-11-01 01:47 - 006570368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Protection.PlayReady.dll
2018-11-13 17:04 - 2018-11-01 01:47 - 001980776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2018-11-13 17:04 - 2018-11-01 01:47 - 001379792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfasfsrcsnk.dll
2018-11-13 17:04 - 2018-11-01 01:47 - 001020064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmpeg2srcsnk.dll
2018-11-13 17:04 - 2018-11-01 01:47 - 000581600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVideoDSP.dll
2018-11-13 17:04 - 2018-11-01 01:47 - 000567256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CoreMessaging.dll
2018-11-13 17:04 - 2018-11-01 01:47 - 000129304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2018-11-13 17:04 - 2018-11-01 01:40 - 022015488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgehtml.dll
2018-11-13 17:04 - 2018-11-01 01:35 - 019403776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2018-11-13 17:04 - 2018-11-01 01:34 - 002700288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2018-11-13 17:04 - 2018-11-01 01:33 - 006661632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2018-11-13 17:04 - 2018-11-01 01:33 - 003711488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2018-11-13 17:04 - 2018-11-01 01:32 - 006647296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BingMaps.dll
2018-11-13 17:04 - 2018-11-01 01:31 - 005307904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2018-11-13 17:04 - 2018-11-01 01:31 - 000288768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2018-11-13 17:04 - 2018-11-01 01:30 - 005883904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mos.dll
2018-11-13 17:04 - 2018-11-01 01:30 - 005775872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakra.dll
2018-11-13 17:04 - 2018-11-01 01:30 - 002449408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MapRouter.dll
2018-11-13 17:04 - 2018-11-01 01:30 - 001361408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSPhotography.dll
2018-11-13 17:04 - 2018-11-01 01:30 - 000561152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2018-11-13 17:04 - 2018-11-01 01:30 - 000392704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MapConfiguration.dll
2018-11-13 17:04 - 2018-11-01 01:30 - 000310272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincorlib.dll
2018-11-13 17:04 - 2018-11-01 01:29 - 004529664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VsGraphicsDesktopEngine.exe
2018-11-13 17:04 - 2018-11-01 01:29 - 002258944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2018-11-13 17:04 - 2018-11-01 01:29 - 001986560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MapGeocoder.dll
2018-11-13 17:04 - 2018-11-01 01:29 - 001862656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xpsservices.dll
2018-11-13 17:04 - 2018-11-01 01:29 - 000848384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ShareHost.dll
2018-11-13 17:04 - 2018-11-01 01:29 - 000608768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EdgeManager.dll
2018-11-13 17:04 - 2018-11-01 01:29 - 000578560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webplatstorageserver.dll
2018-11-13 17:04 - 2018-11-01 01:29 - 000165376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2018-11-13 17:04 - 2018-11-01 01:28 - 001348096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\OpcServices.dll
2018-11-13 17:04 - 2018-11-01 01:28 - 001000448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TokenBroker.dll
2018-11-13 17:04 - 2018-11-01 01:28 - 000978944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JpMapControl.dll
2018-11-13 17:04 - 2018-11-01 01:27 - 001627648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2018-11-13 17:04 - 2018-11-01 01:27 - 000856576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2018-11-13 17:04 - 2018-11-01 01:27 - 000713216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BingOnlineServices.dll
2018-11-13 17:04 - 2018-11-01 01:27 - 000678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2018-11-13 17:04 - 2018-11-01 01:27 - 000534016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2018-11-13 17:04 - 2018-11-01 01:26 - 000795648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Security.Authentication.OnlineId.dll
2018-11-13 17:04 - 2018-11-01 01:26 - 000735744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
2018-11-13 17:04 - 2018-11-01 01:26 - 000345088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2018-11-12 02:08 - 2018-11-18 20:45 - 000001581 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-11-12 02:07 - 2018-11-12 02:07 - 000003620 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2018-11-12 02:07 - 2018-11-12 02:07 - 000003496 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2018-11-11 18:14 - 2018-11-27 15:38 - 000000200 _____ C:\Users\Denis Zapata\AppData\Roaming\sp_data.sys
2018-11-11 00:06 - 2018-11-11 00:06 - 000000000 ____D C:\Users\Denis Zapata\AppData\Roaming\Adobe
2018-11-10 23:37 - 2018-11-10 23:37 - 000000000 ____D C:\Users\Denis Zapata\AppData\Roaming\LibreOffice
2018-11-10 23:27 - 2018-11-10 23:27 - 000000000 ____D C:\ProgramData\Kingsoft
2018-11-10 23:10 - 2018-11-12 02:05 - 000000000 ____D C:\Users\Denis Zapata\AppData\Local\PlaceholderTileLogoFolder
2018-11-03 23:55 - 2018-11-03 23:55 - 000002990 _____ C:\Windows\System32\Tasks\Uninstaller_SkipUac_Denis_Zapata
2018-11-03 23:55 - 2018-11-03 23:55 - 000001440 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller.lnk
2018-11-03 23:55 - 2018-11-03 23:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller
2018-11-02 17:57 - 2018-04-11 06:46 - 000402944 _____ (Windows (R) Win 7 DDK provider) C:\Windows\system32\DXCpl.exe
2018-11-02 17:57 - 2018-04-11 06:44 - 000350208 _____ (Microsoft Corporation) C:\Windows\system32\perf_gputiming.dll
2018-11-02 17:57 - 2018-04-11 05:12 - 000380416 _____ (Windows (R) Win 7 DDK provider) C:\Windows\SysWOW64\DXCpl.exe
2018-11-02 17:57 - 2018-04-11 05:11 - 000271360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\perf_gputiming.dll
2018-11-02 17:57 - 2018-04-10 21:41 - 000095744 _____ (Microsoft Corporation) C:\Windows\system32\DxToolsReportGenerator.dll
2018-11-02 17:57 - 2018-04-10 21:37 - 000095744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DxToolsReportGenerator.dll
2018-11-02 17:57 - 2018-04-10 21:15 - 017871360 _____ (Microsoft Corporation) C:\Windows\system32\DXCaptureReplay.dll
2018-11-02 17:57 - 2018-04-10 21:15 - 014058496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DXCaptureReplay.dll
2018-11-02 17:57 - 2018-04-10 21:11 - 000061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VSD3DWARPDebug.dll
2018-11-02 17:57 - 2018-04-10 21:11 - 000041984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VsGraphicsProxyStub.dll
2018-11-02 17:57 - 2018-04-10 21:10 - 000142336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DXToolsMonitor.dll
2018-11-02 17:57 - 2018-04-10 21:10 - 000118272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DXToolsReporting.dll
2018-11-02 17:57 - 2018-04-10 21:09 - 000238592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DXGIDebug.dll
2018-11-02 17:57 - 2018-04-10 21:08 - 003632640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VsGraphicsRemoteEngine.exe
2018-11-02 17:57 - 2018-04-10 21:08 - 002249728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d12SDKLayers.dll
2018-11-02 17:57 - 2018-04-10 21:08 - 001100288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11_3SDKLayers.dll
2018-11-02 17:57 - 2018-04-10 21:08 - 000466944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1debug3.dll
2018-11-02 17:57 - 2018-04-10 21:08 - 000334848 _____ (Microsoft Corporation) C:\Windows\system32\DXGIDebug.dll
2018-11-02 17:57 - 2018-04-10 21:08 - 000078848 _____ (Microsoft Corporation) C:\Windows\system32\VSD3DWARPDebug.dll
2018-11-02 17:57 - 2018-04-10 21:07 - 001359872 _____ (Microsoft Corporation) C:\Windows\system32\d3d11_3SDKLayers.dll
2018-11-02 17:57 - 2018-04-10 21:07 - 000221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VsGraphicsExperiment.dll
2018-11-02 17:57 - 2018-04-10 21:07 - 000176128 _____ (Microsoft Corporation) C:\Windows\system32\DXToolsReporting.dll
2018-11-02 17:57 - 2018-04-10 21:06 - 004858880 _____ (Microsoft Corporation) C:\Windows\system32\VsGraphicsRemoteEngine.exe
2018-11-02 17:57 - 2018-04-10 21:06 - 001500160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DXToolsOfflineAnalysis.dll
2018-11-02 17:57 - 2018-04-10 21:06 - 000921088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DXCap.exe
2018-11-02 17:57 - 2018-04-10 21:06 - 000539136 _____ (Microsoft Corporation) C:\Windows\system32\d2d1debug3.dll
2018-11-02 17:57 - 2018-04-10 21:06 - 000124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VsGraphicsCapture.dll
2018-11-02 17:57 - 2018-04-10 21:05 - 002000896 _____ (Microsoft Corporation) C:\Windows\system32\DXToolsOfflineAnalysis.dll
2018-11-02 17:57 - 2018-04-10 21:05 - 000164864 _____ (Microsoft Corporation) C:\Windows\system32\VsGraphicsCapture.dll
2018-11-02 17:57 - 2018-04-10 21:04 - 000189952 _____ (Microsoft Corporation) C:\Windows\system32\DXToolsMonitor.dll
2018-11-02 17:57 - 2018-04-10 21:03 - 002818560 _____ (Microsoft Corporation) C:\Windows\system32\d3d12SDKLayers.dll
2018-11-02 17:57 - 2018-04-10 21:02 - 001178624 _____ (Microsoft Corporation) C:\Windows\system32\DXCap.exe
2018-11-02 17:57 - 2018-04-10 21:02 - 000286720 _____ (Microsoft Corporation) C:\Windows\system32\VsGraphicsExperiment.dll
2018-11-02 14:34 - 2018-11-18 05:03 - 000000000 ____D C:\Users\Denis Zapata\Desktop\FACULTAD - INGENIERIA
2018-10-31 22:08 - 2018-10-31 22:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Driver and Support Assistant
2018-10-31 21:54 - 2018-10-31 21:54 - 000402264 _____ (Intel Corporation) C:\Windows\system32\Drivers\esif_lf.sys
2018-10-31 21:54 - 2018-10-31 21:54 - 000078680 _____ (Intel Corporation) C:\Windows\system32\Drivers\dptf_acpi.sys
2018-10-31 21:54 - 2018-10-31 21:54 - 000071000 _____ (Intel Corporation) C:\Windows\system32\Drivers\dptf_cpu.sys
2018-10-29 22:49 - 2018-10-30 03:46 - 000000000 ____D C:\Users\Denis Zapata\AppData\Roaming\StardewValley
2018-10-28 22:01 - 2018-10-28 22:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Stardew Valley [GOG.com]
2018-10-28 21:59 - 2018-10-28 21:59 - 000000000 ____D C:\ProgramData\GOG.com

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-11-27 15:38 - 2018-10-06 05:46 - 000004232 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{0DA5ED42-B677-45C1-AC7F-A231DC5488A4}
2018-11-27 15:35 - 2018-07-25 16:59 - 000000000 __SHD C:\Users\Denis Zapata\IntelGraphicsProfiles
2018-11-27 03:40 - 2018-04-11 20:36 - 000000000 ____D C:\Windows\INF
2018-11-27 03:39 - 2018-10-07 01:15 - 000000000 ___HD C:\Users\Denis Zapata\MicrosoftEdgeBackups
2018-11-27 01:08 - 2018-10-06 05:06 - 000000000 ____D C:\Windows\system32\SleepStudy
2018-11-26 23:41 - 2018-04-11 20:30 - 000000000 ____D C:\Windows\CbsTemp
2018-11-26 21:42 - 2018-08-08 03:33 - 000000000 ____D C:\Users\Denis Zapata\Desktop\DCIM
2018-11-26 20:38 - 2018-08-05 23:59 - 000000000 ____D C:\Users\Denis Zapata\Documents\Denis
2018-11-25 22:38 - 2018-10-14 19:45 - 000000000 ____D C:\ProgramData\ProductData
2018-11-25 22:32 - 2018-10-06 17:33 - 000001575 _____ C:\Windows\system32\config\VSMIDK
2018-11-25 22:32 - 2018-10-06 05:46 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-11-25 22:32 - 2018-07-22 16:52 - 000000000 ____D C:\Program Files (x86)\Hi-Rez Studios
2018-11-25 22:31 - 2018-04-11 18:04 - 000786432 _____ C:\Windows\system32\config\BBI
2018-11-23 20:16 - 2018-10-14 19:43 - 000000000 ____D C:\Users\Denis Zapata\AppData\Roaming\IObit
2018-11-23 20:12 - 2018-04-11 20:38 - 000000000 ____D C:\Windows\AppReadiness
2018-11-23 18:49 - 2018-07-15 03:39 - 000000000 ____D C:\Program Files (x86)\Steam
2018-11-22 20:44 - 2018-07-15 13:53 - 000000000 ____D C:\Program Files (x86)\World of Warcraft
2018-11-22 01:58 - 2018-10-14 22:49 - 000000000 ____D C:\Program Files (x86)\Intel Driver and Support Assistant
2018-11-21 19:43 - 2018-04-11 20:38 - 000000000 ___HD C:\Program Files\WindowsApps
2018-11-20 21:34 - 2018-07-20 23:06 - 000000000 ____D C:\Program Files (x86)\Hearthstone
2018-11-18 22:57 - 2018-08-01 20:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2018-11-18 21:39 - 2018-10-06 05:22 - 000000000 ____D C:\Users\Denis Zapata
2018-11-18 21:21 - 2018-10-06 23:52 - 000000000 ____D C:\Users\Denis Zapata\AppData\Local\VirtualStore
2018-11-18 21:20 - 2018-07-25 16:59 - 000000000 ____D C:\Users\Denis Zapata\AppData\Local\Packages
2018-11-18 03:59 - 2018-10-11 02:02 - 000000000 ____D C:\Users\Denis Zapata\AppData\Roaming\Deezloader Remix
2018-11-16 18:29 - 2018-07-25 16:59 - 000000000 ____D C:\Users\Denis Zapata\AppData\Local\ConnectedDevicesPlatform
2018-11-15 20:25 - 2018-07-14 16:34 - 000000000 ____D C:\Program Files\rempl
2018-11-15 01:52 - 2018-10-15 22:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TagScanner
2018-11-14 16:30 - 2018-10-15 22:55 - 000000000 ____D C:\Program Files (x86)\TagScanner
2018-11-13 19:57 - 2018-10-06 05:35 - 005349844 _____ C:\Windows\system32\PerfStringBackup.INI
2018-11-13 19:57 - 2018-10-06 03:35 - 000780362 _____ C:\Windows\system32\perfh00C.dat
2018-11-13 19:57 - 2018-10-06 03:35 - 000149378 _____ C:\Windows\system32\perfc00C.dat
2018-11-13 19:57 - 2018-10-06 03:07 - 000694660 _____ C:\Windows\system32\perfh01F.dat
2018-11-13 19:57 - 2018-10-06 03:07 - 000144206 _____ C:\Windows\system32\perfc01F.dat
2018-11-13 19:57 - 2018-10-06 02:40 - 000766614 _____ C:\Windows\system32\prfh0816.dat
2018-11-13 19:57 - 2018-10-06 02:40 - 000152038 _____ C:\Windows\system32\prfc0816.dat
2018-11-13 19:57 - 2018-10-06 01:46 - 000752216 _____ C:\Windows\system32\prfh0416.dat
2018-11-13 19:57 - 2018-10-06 01:46 - 000148534 _____ C:\Windows\system32\prfc0416.dat
2018-11-13 19:57 - 2018-04-12 13:18 - 000789180 _____ C:\Windows\system32\perfh00A.dat
2018-11-13 19:57 - 2018-04-12 13:18 - 000155760 _____ C:\Windows\system32\perfc00A.dat
2018-11-13 19:50 - 2018-10-06 05:06 - 000413512 _____ C:\Windows\system32\FNTCACHE.DAT
2018-11-13 19:46 - 2018-04-11 20:38 - 000000000 ___SD C:\Windows\SysWOW64\F12
2018-11-13 19:46 - 2018-04-11 20:38 - 000000000 ___SD C:\Windows\system32\F12
2018-11-13 19:46 - 2018-04-11 20:38 - 000000000 ____D C:\Windows\TextInput
2018-11-13 19:46 - 2018-04-11 20:38 - 000000000 ____D C:\Windows\system32\ShellExperiences
2018-11-13 19:46 - 2018-04-11 20:38 - 000000000 ____D C:\Windows\ShellExperiences
2018-11-13 19:46 - 2018-04-11 20:38 - 000000000 ____D C:\Windows\bcastdvr
2018-11-13 17:34 - 2018-07-14 16:35 - 000000000 ____D C:\Windows\system32\MRT
2018-11-13 17:27 - 2018-07-14 16:35 - 137810048 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2018-11-12 02:08 - 2018-10-08 21:15 - 000000000 ____D C:\Users\Denis Zapata\AppData\Local\Google
2018-11-12 02:08 - 2018-07-14 14:50 - 000000000 ____D C:\Program Files (x86)\Google
2018-11-09 00:53 - 2018-04-11 20:38 - 000000000 ____D C:\Windows\LiveKernelReports
2018-11-06 14:54 - 2018-07-30 02:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer Cortex
2018-11-06 01:33 - 2018-03-16 16:13 - 000000000 ____D C:\Program Files (x86)\VulkanRT
2018-11-03 23:55 - 2018-10-14 19:44 - 000000000 ____D C:\Users\Denis Zapata\AppData\LocalLow\IObit
2018-11-03 23:55 - 2018-10-14 19:44 - 000000000 ____D C:\ProgramData\IObit
2018-11-03 23:55 - 2018-10-14 19:44 - 000000000 ____D C:\Program Files (x86)\IObit
2018-11-02 14:44 - 2018-04-11 20:38 - 000000000 ____D C:\Windows\system32\NDF
2018-10-31 22:07 - 2018-03-16 16:03 - 000000000 ____D C:\ProgramData\Package Cache
2018-10-28 21:56 - 2018-07-16 01:08 - 000000000 ____D C:\Games

==================== Files in the root of some directories =======

2018-11-11 18:14 - 2018-11-27 15:38 - 000000200 _____ () C:\Users\Denis Zapata\AppData\Roaming\sp_data.sys

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-10-06 05:06

==================== End of FRST.txt ============================

#23
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27.11.2018
Ran by Denis Zapata (27-11-2018 16:35:07)
Running from C:\Users\Denis Zapata\Downloads
Windows 10 Home Single Language Version 1803 17134.407 (X64) (2018-10-06 08:48:43)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrador (S-1-5-21-4040028069-3033203577-131071101-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-4040028069-3033203577-131071101-503 - Limited - Disabled)
Denis Zapata (S-1-5-21-4040028069-3033203577-131071101-1004 - Administrator - Enabled) => C:\Users\Denis Zapata
Invitado (S-1-5-21-4040028069-3033203577-131071101-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-4040028069-3033203577-131071101-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

. . (HKLM\...\{5F4E8D94-3947-4019-9239-D2541C9A35F2}) (Version: 7.1 - Intel) Hidden
. . (HKLM\...\{7ED1F198-3D52-420C-9F32-9F1B86720990}) (Version: 7.1 - Intel) Hidden
. . (HKLM\...\{B753FD71-4EB8-4842-9016-B1B97ACBDC79}) (Version: 7.1 - Intel) Hidden
. . . (HKLM-x32\...\{E43C1D03-D1BF-4DF9-A6F3-E483EA8B01CA}) (Version: 3.6.0.4 - Intel) Hidden
Alcor Micro USB Card Reader Driver (HKLM-x32\...\{AB4E4E64-6DA2-4E43-969E-83ACB1F57BB6}) (Version: 20.24.401.14520 - Alcor Micro Corp.) Hidden
Alcor Micro USB Card Reader Driver (HKLM-x32\...\InstallShield_{AB4E4E64-6DA2-4E43-969E-83ACB1F57BB6}) (Version: 20.24.401.14520 - Alcor Micro Corp.)
ASUS Device Activation (HKLM-x32\...\{9C4B0706-9F9A-47BF-B417-0A111FC52B04}) (Version: 1.0.4.0 - ASUSTeK COMPUTER INC.)
ASUS GiftBox Service (HKLM-x32\...\{4701E5AB-AF91-4D40-8F18-358CC80E4E5B}) (Version: 3.2.3.0 - ASUSTeK COMPUTER INC.)
ASUS Hello (HKLM-x32\...\{D8CE1923-92A9-4036-817E-9E0D8AA2169B}) (Version: 1.0.4 - ASUSTeK COMPUTER INC.)
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.4.3 - ASUS)
ASUS PTP Driver (HKLM-x32\...\{7618E419-9124-4E6C-9AF4-487A6DDEC1C5}) (Version: 11.0.22 - ASUSTek COMPUTER INC.)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 3.19.0004 - ASUS)
ATK Package (ASUS Keyboard Hotkeys) (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0057 - ASUSTeK COMPUTER INC.)
AudioWizard (HKLM-x32\...\{57E770A2-2BAF-4CAA-BAA3-BD896E2254D3}) (Version: 1.0.5.50 - ICEpower a/s)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Battlefield 1942 HD (HKLM-x32\...\{231FB844-56FE-41B8-A074-8FB6A73794ED}_is1) (Version: 1.61 - Electronic Arts)
CCleaner (HKLM\...\CCleaner) (Version: 5.49 - Piriform)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.66.90.50 - Conexant)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.8.0.0466 - Disc Soft Ltd)
Deezloader Remix 4.1.5 (HKU\S-1-5-21-4040028069-3033203577-131071101-1004\...\5eed4b40-1ed5-51be-ab52-56cdb94a998f) (Version: 4.1.5 - RemixDevs)
Dev-C++ (HKLM-x32\...\Dev-C++) (Version: 5.11 - Bloodshed Software)
Driver Booster 6 (HKLM-x32\...\Driver Booster_is1) (Version: 6.0.2 - IObit)
ELAN SPI FingerPrint Driver (HKLM\...\ElanFP) (Version: 2.5.8.1101 - ELAN Microelectronic Corp.)
Euro Truck Simulator 2 - ElAmigos versión 1.31.2.5 (HKLM-x32\...\{9384C835-3AAB-4AEB-A190-765E3FB774E1}_is1) (Version: 1.31.2.5 - SCS Software)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 70.0.3538.102 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
Intel(R) Computing Improvement Program (HKLM\...\{58FBAE3A-E602-47E6-9F32-AE25D48B378A}) (Version: 2.4.04140 - Intel Corporation)
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.2.11002.3418 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.7.0.1043 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 24.20.100.6194 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 15.2.7.1042 - Intel Corporation)
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1724.2 - Intel Corporation)
Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.47.715.0 - Intel Corporation) Hidden
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{00000000-0200-1033-84C8-B8D95FA3C8C3}) (Version: 20.0.0 - Intel Corporation)
IObit Uninstaller 8 (HKLM-x32\...\IObitUninstall) (Version: 8.1.0.13 - IObit)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
League of Legends (HKLM-x32\...\League of Legends 1.0) (Version: 1.0 - Riot Games, Inc)
LibreOffice 6.1.2.1 (HKLM\...\{E5FC66AA-995A-488A-BEBE-8B5C351F939A}) (Version: 6.1.2.1 - The Document Foundation)
Microsoft OneDrive (HKU\S-1-5-21-4040028069-3033203577-131071101-1004\...\OneDriveSetup.exe) (Version: 18.172.0826.0010 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio Installer (HKLM\...\{6F320B93-EE3C-4826-85E0-ADF79F8D4C61}) (Version: 1.18.1080.1029 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Northgard MULTi7 - ElAmigos versión 1.3.9857 (HKLM-x32\...\{A75E7CE5-C3FE-4B34-AA67-8962AD1C8769}_is1) (Version: 1.3.9857 - Shiro Games)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Planetbase MULTi4 - ElAmigos versión 1.2.3 (HKLM-x32\...\{B779ADEB-8E07-4801-B910-51A5D4992EB6}_is1) (Version: 1.2.3 - Madruga Works)
Pro Evolution Soccer 2017 (HKLM-x32\...\{A3C10274-808C-4ADC-A13D-D94911180B58}_is1) (Version:  - KONAMI)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
Razer Cortex (HKLM-x32\...\Razer Cortex_is1) (Version: 9.2.7.926 - Razer Inc.)
Stardew Valley (HKLM-x32\...\1453375253_is1) (Version: 1.3.28 - GOG.com)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TagScanner 6.0.32 (HKLM-x32\...\TagScanner_is1) (Version:  - Sergey Serkov)
The Escapists 2 MULTi6 - ElAmigos versión 1.1.6 (HKLM-x32\...\{259D7291-BCA5-4329-9DF2-3E61B010DC47}_is1) (Version: 1.1.6 - Team 17)
The Sims 4 Digital Deluxe Edition MULTi17 - ElAmigos versión 1.40.61 (HKLM-x32\...\{27B947C0-320C-4997-9681-1E7010A15896}_is1) (Version: 1.40.61 - EA Games)
UE4 Prerequisites (x64) (HKLM\...\{488048BA-66A9-462E-9C36-00B3F364FAF2}) (Version: 1.0.8.0 - Epic Games, Inc.)
Unity Web Player (x64) (All users) (HKLM\...\UnityWebPlayer) (Version: 4.6.6f2 - Unity Technologies ApS)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{C5FDDED7-DEC7-48B4-AFD8-DFB8A0FD199A}) (Version: 2.51.0.0 - Microsoft Corporation)
Utilidad Intel(R) para identificación de procesadores (HKLM-x32\...\{A92A4DB0-CD37-42D1-BE1D-603D53C24328}) (Version: 1.0.0.0 - Intel Corporation)
Vulkan Run Time Libraries 1.0.54.1 (HKLM\...\VulkanRT1.0.54.1) (Version: 1.0.54.1 - Intel Corporation Inc.)
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1-2) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.1.70.1 (HKLM\...\VulkanRT1.1.70.1) (Version: 1.1.70.1 - LunarG, Inc.) Hidden
Windows Driver Package - ASUSTek COMPUTER INC. (AsusPTPDrv) HIDClass  (08/02/2017 11.0.0.18) (HKLM\...\E90A37D273EA609437C18750E3A7AB5C391A4E33) (Version: 08/02/2017 11.0.0.18 - ASUSTek COMPUTER INC.)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 3.2.2 - ASUSTeK COMPUTER INC.)
WinRAR 5.50 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ContextMenuHandlers1: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll [2018-07-21] (IObit)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers4: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll [2018-07-21] (IObit)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_323fd0e5a4b9830c\igfxDTCM.dll [2018-10-14] (Intel Corporation)
ContextMenuHandlers6: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll [2018-07-21] (IObit)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {01104543-DD05-4FD6-842E-8C7492CFC9CF} - System32\Tasks\S-1-5-21-4040028069-3033203577-131071101-1004\DataSenseLiveTileTask => C:\Windows\System32\DataUsageLiveTileTask.exe [2018-04-11] (Microsoft Corporation)
Task: {09105943-BBF3-4F40-AF85-4371ECA219A4} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-11-06] (Piriform Ltd)
Task: {0AC32D30-EB78-43A0-AF36-3473F6C847AC} - System32\Tasks\ATK Package A22126881260 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [2017-07-28] (ASUSTek Computer Inc.)
Task: {0D280CA7-1280-4AE6-AB92-4AD81EC1B831} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1810.5-0\MpCmdRun.exe [2018-10-23] (Microsoft Corporation)
Task: {0F01B201-3DA9-4CE1-B7DE-8B242FED107B} - System32\Tasks\RazerCortexScheduleClean => C:\Program Files (x86)\Razer\Razer Cortex\RazerCortex.exe [2018-10-19] (Razer)
Task: {1AAB3238-634C-43B6-979E-D763C1E7540D} - System32\Tasks\Microsoft\Windows\Conexant\AFA => C:\Program Files\CONEXANT\cAudioFilterAgent\SACpl.exe [2016-07-05] (Conexant Systems, Inc.)
Task: {303A3EF7-3CD2-4563-B271-7FD72B5372E4} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\Windows\explorer.exe /NOUACCHECK
Task: {3A9377EF-F0C8-4768-8606-9238CD429150} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [2017-07-13] (Intel Corporation)
Task: {3D8E2375-4FCB-4109-8AE7-77C6B5F9EF45} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-11-12] (Google Inc.)
Task: {5701530D-EDD3-45F2-808E-83445B5ECF8A} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [2017-07-13] (Intel Corporation)
Task: {65B85F6F-35B3-4459-A179-28255D5B7B25} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\Windows\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-04-11] ()
Task: {68F79CD0-308E-4BE4-BF07-9D4FC9789C97} - System32\Tasks\S-1-5-21-4040028069-3033203577-131071101-1002\DataSenseLiveTileTask => C:\Windows\System32\DataUsageLiveTileTask.exe [2018-04-11] (Microsoft Corporation)
Task: {833DCACE-8ED2-4982-AF41-F9EED3208C33} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1810.5-0\MpCmdRun.exe [2018-10-23] (Microsoft Corporation)
Task: {83BF41EF-08FF-4CA1-A8BD-CDB7191702E8} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [2017-09-21] (Intel(R) Corporation)
Task: {8584E88B-538A-43F1-A278-DE0048C5E094} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1810.5-0\MpCmdRun.exe [2018-10-23] (Microsoft Corporation)
Task: {8903619D-5981-49B6-8B9C-57B8EDEA1029} - System32\Tasks\ATK Package 36D18D69AFC3 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [2017-07-28] (ASUSTek Computer Inc.)
Task: {8BD67AEB-08FF-4758-A4EA-F2B4F824ED26} - System32\Tasks\Driver Booster SkipUAC (Denis Zapata) => C:\Program Files (x86)\IObit\Driver Booster\6.0.2\DriverBooster.exe [2018-09-25] (IObit)
Task: {9A051F79-2B00-45C7-BE66-CB0F1E9BD3DF} - System32\Tasks\Uninstaller_SkipUac_Denis_Zapata => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2018-10-17] (IObit)
Task: {9F86393A-D094-4CD7-B540-159459551F3E} - System32\Tasks\Update Checker => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2016-08-01] ()
Task: {A3C6380D-9698-416A-B5AB-42807D274765} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1810.5-0\MpCmdRun.exe [2018-10-23] (Microsoft Corporation)
Task: {B889669F-C6B9-496B-8D9D-6FE9B8112B7D} - System32\Tasks\Microsoft\Windows\Conexant\SA2 => C:\Program Files\CONEXANT\SAII\SACpl.exe [2017-06-07] (Conexant Systems, Inc.)
Task: {BDB1D2F3-59E7-4730-B8F9-75A225D8BCD5} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-11-12] (Google Inc.)
Task: {BFBC52CE-94F1-4F4E-A5D5-34C21BB1791E} - System32\Tasks\ASUS Live Update1 => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2016-08-01] ()
Task: {C438AD2A-0CCC-4E9A-8778-BBF1CA1B8745} - System32\Tasks\USER_ESRV_SVC_QUEENCREEK => "C:\Windows\System32\Wscript.exe" //B //NoLogo "C:\Program Files\Intel\SUR\QUEENCREEK\x64\task.vbs"
Task: {E3E146F7-5EE1-46F6-9F97-8ED635ADDF0D} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2016-10-13] (ASUS)
Task: {E8D7B641-D22A-4C90-B9A8-24F4ABFBC093} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2018-04-11 20:34 - 2018-04-11 20:34 - 000444416 _____ () c:\windows\system32\SSDM.dll
2018-10-23 21:26 - 2018-10-23 21:26 - 000184520 _____ () C:\Windows\system32\IntelWifiIhv06.dll
2018-07-25 22:42 - 2018-07-25 22:42 - 000076888 _____ () C:\WINDOWS\SysWOW64\PnkBstrA.exe
2018-07-25 22:42 - 2018-07-25 22:42 - 000189248 _____ () C:\WINDOWS\SysWOW64\PnkBstrB.exe
2018-09-19 01:51 - 2018-09-19 01:51 - 000194792 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\SurSvc.exe
2018-09-19 01:51 - 2018-09-19 01:51 - 000975872 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\sqlite3.DLL
2018-09-19 01:51 - 2018-09-19 01:51 - 000937192 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe
2018-09-19 01:51 - 2018-09-19 01:51 - 002329320 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\x64\intel_modeler.dll
2018-09-19 01:51 - 2018-09-19 01:51 - 000282344 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\x64\pl_agent_lib.dll
2018-09-19 01:51 - 2018-09-19 01:51 - 000292584 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\x64\intel_acpi_battery_input.dll
2018-09-19 01:51 - 2018-09-19 01:51 - 000339176 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\x64\intel_wifi_input.dll
2018-09-19 01:51 - 2018-09-19 01:51 - 000266984 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\x64\devices_use_input.dll
2018-09-19 01:51 - 2018-09-19 01:51 - 000322792 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\x64\intel_system_power_state_input.dll
2018-09-19 01:51 - 2018-09-19 01:51 - 000693480 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\x64\intel_os_input.dll
2018-09-19 01:51 - 2018-09-19 01:51 - 000243944 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\x64\intel_winstat_input.dll
2018-09-19 01:51 - 2018-09-19 01:51 - 000750824 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\x64\intel_upnp_input.dll
2018-09-19 01:51 - 2018-09-19 01:51 - 000411368 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\x64\intel_process_input.dll
2018-09-19 01:51 - 2018-09-19 01:51 - 000278760 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\x64\intel_sgx_input.dll
2018-09-19 01:51 - 2018-09-19 01:51 - 000376552 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\x64\intel_sampler_input.dll
2018-09-19 01:51 - 2018-09-19 01:51 - 000638696 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\x64\intel_hw_input.dll
2018-09-19 01:51 - 2018-09-19 01:51 - 000419048 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\x64\intel_fps_input.dll
2018-09-19 01:51 - 2018-09-19 01:51 - 000303848 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\x64\intel_heartbeat_input.dll
2018-09-19 01:51 - 2018-09-19 01:51 - 000778472 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\x64\sql_logger.dll
2018-09-19 01:51 - 2018-09-19 01:51 - 000863464 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv.exe
2018-09-19 01:51 - 2018-09-19 01:51 - 000312552 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\x64\intel_user_waiting_input.dll
2018-09-19 01:51 - 2018-09-19 01:51 - 000238824 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\x64\intel_events_input.dll
2018-09-19 01:51 - 2018-09-19 01:51 - 000343272 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\x64\intel_foreground_window_input.dll
2018-04-11 20:34 - 2018-04-11 20:34 - 000491744 _____ () C:\Windows\System32\InputHost.dll
2018-04-11 20:34 - 2018-04-11 20:34 - 000472064 _____ () C:\Windows\ShellExperiences\TileControl.dll
2018-04-11 20:34 - 2018-04-11 20:34 - 002759168 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll
2018-11-13 17:04 - 2018-11-01 03:55 - 002185216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2018-11-12 02:08 - 2018-11-08 19:14 - 005020504 _____ () C:\Program Files (x86)\Google\Chrome\Application\70.0.3538.102\libglesv2.dll
2018-11-12 02:08 - 2018-11-08 19:14 - 000116056 _____ () C:\Program Files (x86)\Google\Chrome\Application\70.0.3538.102\libegl.dll
2017-09-25 17:28 - 2017-09-25 17:28 - 001244304 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2018-11-06 14:53 - 2018-10-19 13:40 - 001204624 _____ () C:\Program Files (x86)\Razer\Razer Cortex\Cef\CefSharp.Core.dll
2018-11-06 14:54 - 2018-10-19 13:40 - 071073136 _____ () C:\Program Files (x86)\Razer\Razer Cortex\Cef\libcef.dll
2018-11-06 14:53 - 2018-10-19 13:39 - 000809960 _____ () C:\Program Files (x86)\Razer\Razer Cortex\Cef\CefSharp.BrowserSubprocess.Core.dll
2018-11-06 14:54 - 2018-10-19 13:40 - 003183816 _____ () C:\Program Files (x86)\Razer\Razer Cortex\Cef\libglesv2.dll
2018-11-06 14:54 - 2018-10-19 13:40 - 000085800 _____ () C:\Program Files (x86)\Razer\Razer Cortex\Cef\libegl.dll
2018-09-26 13:22 - 2018-09-26 13:24 - 001005408 _____ () C:\Program Files (x86)\Razer\Razer Services\Razer Central\CefSharp.Core.dll
2018-09-26 13:22 - 2018-09-26 13:24 - 053444984 _____ () C:\Program Files (x86)\Razer\Razer Services\Razer Central\libcef.dll
2018-09-26 13:22 - 2018-09-26 13:24 - 000691056 _____ () C:\Program Files (x86)\Razer\Razer Services\Razer Central\CefSharp.BrowserSubprocess.Core.dll
2018-09-26 13:22 - 2018-09-26 13:24 - 001984392 _____ () C:\Program Files (x86)\Razer\Razer Services\Razer Central\libglesv2.dll
2018-09-26 13:22 - 2018-09-26 13:24 - 000082824 _____ () C:\Program Files (x86)\Razer\Razer Services\Razer Central\libegl.dll
2013-04-27 14:24 - 2013-04-27 14:24 - 000071680 _____ () C:\Program Files (x86)\ASUS\ASUS Live Update\checkmetro.dll
2016-10-13 02:17 - 2016-10-13 02:17 - 000033280 _____ () C:\Program Files (x86)\ASUS\Splendid\DetectDisplayDC.dll
2016-10-13 02:17 - 2016-10-13 02:17 - 000125440 _____ () C:\Program Files (x86)\ASUS\Splendid\CCTAdjust.dll
2016-10-13 02:17 - 2016-10-13 02:17 - 000029184 _____ () C:\Program Files (x86)\ASUS\Splendid\VideoEnhance.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2017-09-29 10:46 - 2017-09-29 10:44 - 000000824 _____ C:\Windows\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-4040028069-3033203577-131071101-1004\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 200.49.130.44 - 200.42.4.207
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

MSCONFIG\Services: AGMService => 2
MSCONFIG\Services: AGSService => 2
MSCONFIG\Services: Bonjour Service => 2
HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "DSATray"
HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [TCP Query User{DC77409E-9EF4-4E1F-8427-D59C87A3CDDC}C:\users\denis zapata\appdata\local\programs\deezloader remix\deezloader remix.exe] => (Allow) C:\users\denis zapata\appdata\local\programs\deezloader remix\deezloader remix.exe
FirewallRules: [UDP Query User{EB96FE9A-4D39-4AC3-898D-790A8FC22E7F}C:\users\denis zapata\appdata\local\programs\deezloader remix\deezloader remix.exe] => (Allow) C:\users\denis zapata\appdata\local\programs\deezloader remix\deezloader remix.exe
FirewallRules: [{E99918E6-32BE-4FEB-99DF-29185691DF4F}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{49576960-FD01-4E6E-AC00-9D1C04C77782}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{77AFB8DF-5CCA-4FDF-8E7F-F133F30DA030}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
FirewallRules: [{B647C52E-A858-42D1-AFF9-FAF8AD1F4A09}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
FirewallRules: [{E4D1EEE1-36B2-451D-A105-B42D884CC575}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{EA58D384-952B-4781-A58C-83F8CADAA93B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{1B3733FA-07EC-442A-BF7C-6F938A0FA7E0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Realm Royale\Binaries\Win64\RealmEAC.exe
FirewallRules: [{FB7863F1-C83B-4EA8-928F-1FF442BBC883}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Realm Royale\Binaries\Win64\RealmEAC.exe
FirewallRules: [{043C1EF6-F376-4B88-B8A8-315958FDD5CA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Paladins\Binaries\Win32\HirezBridge.exe
FirewallRules: [{AD0D6314-B944-47AE-8C7D-1A8E2E40A8A0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Paladins\Binaries\Win32\HirezBridge.exe
FirewallRules: [{BFA6DFD8-9D9E-4B74-BF1F-8F48E377F9AF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Path of Exile\PathOfExileSteam.exe
FirewallRules: [{D7A6E512-C75E-4BE6-A8E2-81C8CC68B014}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Path of Exile\PathOfExileSteam.exe
FirewallRules: [{B53560C7-D0CD-40FC-8EFA-FD54F885E7EB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SMITE\Binaries\Win32\HirezBridge.exe
FirewallRules: [{4D1D9447-94CC-4A5F-886B-28ECF34F8A92}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SMITE\Binaries\Win32\HirezBridge.exe
FirewallRules: [{DDFAD016-00FB-4288-A01F-FBAD9966C9E4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\RussianFishing4\rf4_x64.exe
FirewallRules: [{3E2F2F67-0E0B-46AA-A98E-FFEA4D5DC62B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\RussianFishing4\rf4_x64.exe
FirewallRules: [{BDBEA91F-C7D4-443B-8DE2-E9238857BF05}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\6.0.2\DriverBooster.exe
FirewallRules: [{2B022CBA-84D9-438F-86C9-673B65804637}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\6.0.2\DriverBooster.exe
FirewallRules: [{DBE0A94E-722C-4EC5-926E-7AB7CB1BD368}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\6.0.2\DBDownloader.exe
FirewallRules: [{DAE98223-42D3-4925-8047-0D896DF7A110}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\6.0.2\DBDownloader.exe
FirewallRules: [{11F3247E-0995-4116-AD45-83591C990AD0}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\6.0.2\AutoUpdate.exe
FirewallRules: [{9BF0AF00-F85C-4495-BC19-EDB08E44638F}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\6.0.2\AutoUpdate.exe
FirewallRules: [{A887F023-F743-43E5-9BB5-CE40C7DC9D26}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dreadnought\DreadnoughtLauncher.exe
FirewallRules: [{516395DC-473D-46E5-B44E-7B4966DF36B0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dreadnought\DreadnoughtLauncher.exe
FirewallRules: [TCP Query User{9AEB96A3-3454-4980-B4EB-11233D896370}C:\program files (x86)\steam\steamapps\common\dreadnought\dreadgame\dreadgame\binaries\win64\dreadgame-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dreadnought\dreadgame\dreadgame\binaries\win64\dreadgame-win64-shipping.exe
FirewallRules: [UDP Query User{22A4251F-283E-469A-AE2B-09506837CDC1}C:\program files (x86)\steam\steamapps\common\dreadnought\dreadgame\dreadgame\binaries\win64\dreadgame-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dreadnought\dreadgame\dreadgame\binaries\win64\dreadgame-win64-shipping.exe
FirewallRules: [{9023BA72-7089-4692-9BB5-F5CEC315D1F0}] => (Block) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe
FirewallRules: [{A1CEFCA7-11A8-4EF8-A39E-DEA8D2DBA553}] => (Block) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe
FirewallRules: [{041C143A-0633-4112-A2C3-539E49873732}] => (Allow) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe
FirewallRules: [{16675FF5-967A-4656-ADF3-D57D82683FC1}] => (Allow) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe
FirewallRules: [{5DE25771-69B4-4E3F-AB17-6B71E61FBE47}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{042E4075-DEF6-4189-BE40-31CB43C37140}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{85E74982-C8C0-49E3-A9C4-DDC32AB7FD1B}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{105BF9CA-3E0F-4388-9DF4-70F22381F81E}] => (Allow) C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Outlook_16040.11001.20108.0_x86__8wekyb3d8bbwe\Office16\OUTLOOK.exe
FirewallRules: [{4EE26B12-D4E4-4046-A4E7-61A644ABBF46}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Paladins\Binaries\Win64\PaladinsEAC.exe
FirewallRules: [{8C2C26DE-D58E-4FA8-B7C5-BE5A99B665FD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Paladins\Binaries\Win64\PaladinsEAC.exe

==================== Restore Points =========================

17-11-2018 21:50:52 Instalador de Módulos de Windows
20-11-2018 01:07:32 Instalador de Módulos de Windows
21-11-2018 02:02:58 Instalador de Módulos de Windows
22-11-2018 20:02:49 Instalador de Módulos de Windows
25-11-2018 20:38:26 Instalador de Módulos de Windows
26-11-2018 20:49:26 Eliminación del paquete de idioma
26-11-2018 23:40:54 Instalador de Módulos de Windows

==================== Faulty Device Manager Devices =============

Name: Microsoft Wi-Fi Direct Virtual Adapter #2
Description: Adaptador virtual de Wi-Fi Direct de Microsoft
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: vwifimp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Microsoft Wi-Fi Direct Virtual Adapter #3
Description: Adaptador virtual de Wi-Fi Direct de Microsoft
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: vwifimp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (11/27/2018 03:35:47 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Error del procedimiento de apertura para el servicio "WmiApRpl" en el archivo DLL "C:\Windows\system32\wbem\wmiaprpl.dll". Los datos de rendimiento para este servicio no estarán disponibles. Los primeros cuatro bytes (DWORD) de la sección de datos contienen el código de error.

Error: (11/27/2018 03:35:43 PM) (Source: PerfNet) (EventID: 2004) (User: )
Description: No se puede abrir el objeto de rendimiento del servicio del servidor. Los primeros cuatro bytes (DWORD) de la sección de datos contienen el código de estado.

Error: (11/27/2018 03:35:43 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Error del procedimiento de apertura para el servicio "MSDTC" en el archivo DLL "C:\Windows\system32\msdtcuiu.DLL". Los datos de rendimiento para este servicio no estarán disponibles. Los primeros cuatro bytes (DWORD) de la sección de datos contienen el código de error.

Error: (11/27/2018 03:35:41 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Error del procedimiento de apertura para el servicio "Lsa" en el archivo DLL "C:\Windows\System32\Secur32.dll". Los datos de rendimiento para este servicio no estarán disponibles. Los primeros cuatro bytes (DWORD) de la sección de datos contienen el código de error.

Error: (11/27/2018 03:35:41 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Error del procedimiento de apertura para el servicio "ESENT" en el archivo DLL "C:\Windows\system32\esentprf.dll". Los datos de rendimiento para este servicio no estarán disponibles. Los primeros cuatro bytes (DWORD) de la sección de datos contienen el código de error.

Error: (11/27/2018 03:35:41 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Error del procedimiento de apertura para el servicio ".NETFramework" en el archivo DLL "C:\Windows\system32\mscoree.dll". Los datos de rendimiento para este servicio no estarán disponibles. Los primeros cuatro bytes (DWORD) de la sección de datos contienen el código de error.


System errors:
=============
Error: (11/27/2018 04:09:34 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 y APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 al usuario NT AUTHORITY\SERVICIO LOCAL con SID (S-1-5-19) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.

Error: (11/27/2018 04:07:37 PM) (Source: DCOM) (EventID: 10016) (User: LAPTOP-ASUS)
Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 y APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 al usuario LAPTOP-ASUS\Denis Zapata con SID (S-1-5-21-4040028069-3033203577-131071101-1004) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.

Error: (11/27/2018 03:45:26 PM) (Source: DCOM) (EventID: 10016) (User: LAPTOP-ASUS)
Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 y APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 al usuario LAPTOP-ASUS\Denis Zapata con SID (S-1-5-21-4040028069-3033203577-131071101-1004) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.

Error: (11/27/2018 03:37:49 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 y APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 al usuario NT AUTHORITY\SERVICIO LOCAL con SID (S-1-5-19) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.

Error: (11/27/2018 03:37:45 PM) (Source: DCOM) (EventID: 10016) (User: LAPTOP-ASUS)
Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID 
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
 y APPID 
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
 al usuario LAPTOP-ASUS\Denis Zapata con SID (S-1-5-21-4040028069-3033203577-131071101-1004) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID Microsoft.Windows.ContentDeliveryManager_10.0.17134.1_neutral_neutral_cw5n1h2txyewy (S-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.

Error: (11/27/2018 03:35:09 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 y APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 al usuario NT AUTHORITY\SERVICIO LOCAL con SID (S-1-5-19) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.

Error: (11/27/2018 03:44:11 AM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-ASUS)
Description: El servidor {4AA0A5C4-1B9B-4F2E-99D7-99C6AEC83474} no se registró con DCOM dentro del tiempo de espera requerido.


Windows Defender:
===================================
Date: 2018-11-14 00:34:51.988
Description: 
El examen de Antivirus de Windows Defender se detuvo antes de completarse.
Id. de examen: {18A77E11-CE5D-414F-AB6C-48DA088E371B}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM

Date: 2018-11-14 00:20:53.981
Description: 
El examen de Antivirus de Windows Defender se detuvo antes de completarse.
Id. de examen: {EEE58F9E-908A-4B6A-B2DC-1FBEAC9AC2C0}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM

Date: 2018-11-14 00:05:35.123
Description: 
El examen de Antivirus de Windows Defender se detuvo antes de completarse.
Id. de examen: {E5C2ECF7-8652-4047-A45B-BBEBD45FFCD8}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM

Date: 2018-11-13 23:54:50.728
Description: 
El examen de Antivirus de Windows Defender se detuvo antes de completarse.
Id. de examen: {CF5C1DE3-4C69-48D4-9766-4BBE4F0222DF}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM

Date: 2018-11-03 21:36:07.032
Description: 
El examen de Antivirus de Windows Defender se detuvo antes de completarse.
Id. de examen: {01B21CF3-270C-4A93-A40D-83D4B3FCBD3D}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM

Date: 2018-11-15 20:31:38.167
Description: 
Antivirus de Windows Defender encontró un error al intentar actualizar las firmas.
Nueva versión de firma: 
Versión de firma anterior: 1.281.194.0
Origen de actualización: Servidor de Microsoft Update
Tipo de firma: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\SYSTEM
Versión de motor actual: 
Versión de motor anterior: 1.1.15400.5
Código de error: 0x80240016
Descripción del error: Se produjo un problema inesperado mientras se buscaban actualizaciones. Para obtener más información sobre cómo instalar o solucionar problemas en las actualizaciones, consulte Ayuda y soporte técnico. 

Date: 2018-11-07 14:45:56.174
Description: 
Antivirus de Windows Defender encontró un error al intentar actualizar las firmas.
Nueva versión de firma: 
Versión de firma anterior: 1.279.1328.0
Origen de actualización: Servidor de Microsoft Update
Tipo de firma: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\SYSTEM
Versión de motor actual: 
Versión de motor anterior: 1.1.15400.4
Código de error: 0x8007043c
Descripción del error: El servicio no puede iniciarse en modo a prueba de errores 

Date: 2018-11-07 14:35:44.570
Description: 
La característica Protección en tiempo real de Antivirus de Windows Defender encontró un error:
Característica: Durante el acceso
Código de error: 0x8007043c
Descripción del error: El servicio no puede iniciarse en modo a prueba de errores 
Motivo: La protección antimalware dejó de funcionar por motivos desconocidos. En algunos casos, reiniciar el servicio puede que resuelva el problema.

Date: 2018-11-02 14:53:19.414
Description: 
Antivirus de Windows Defender encontró un error al intentar actualizar las firmas.
Nueva versión de firma: 
Versión de firma anterior: 1.279.922.0
Origen de actualización: Servidor de Microsoft Update
Tipo de firma: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\SYSTEM
Versión de motor actual: 
Versión de motor anterior: 1.1.15400.4
Código de error: 0x8024402c
Descripción del error: Se produjo un problema inesperado mientras se buscaban actualizaciones. Para obtener más información sobre cómo instalar o solucionar problemas en las actualizaciones, consulte Ayuda y soporte técnico. 

Date: 2018-11-02 00:03:05.680
Description: 
Antivirus de Windows Defender encontró un error al intentar actualizar las firmas.
Nueva versión de firma: 
Versión de firma anterior: 1.279.922.0
Origen de actualización: Servidor de Microsoft Update
Tipo de firma: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\SYSTEM
Versión de motor actual: 
Versión de motor anterior: 1.1.15400.4
Código de error: 0x8024402c
Descripción del error: Se produjo un problema inesperado mientras se buscaban actualizaciones. Para obtener más información sobre cómo instalar o solucionar problemas en las actualizaciones, consulte Ayuda y soporte técnico. 

CodeIntegrity:
===================================

Date: 2018-11-23 20:24:16.255
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.1810.5-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\win32kbase.sys that did not meet the Microsoft signing level requirements.

==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i5-7200U CPU @ 2.50GHz
Percentage of memory in use: 36%
Total physical RAM: 8078.99 MB
Available physical RAM: 5098.73 MB
Total Virtual: 9358.99 MB
Available Virtual: 5798.15 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:930.37 GB) (Free:609.99 GB) NTFS

\\?\Volume{46046720-fb89-463f-82b1-1118f83c50a5}\ () (Fixed) (Total:0.87 GB) (Free:0.34 GB) NTFS
\\?\Volume{dfc13d1e-2188-4a9b-99ac-34652b72c631}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 707FA26A)

Partition: GPT.

==================== End of Addition.txt ============================

#24

Pregunto: Esta cuenta que crea estas sincronizaciones, la usaste para loguearte en alguno de los juegos que tenes instalados ? Steam, Razer, etc. oen alguno de sus servidores ?


#25

No, ya que en las cuenta de Steam, Razer (asistente de juegos), Battle.net y demas estan en una cuenta diferente y de igual manera no crean esas sincronizaciones, ya que verifique la actividad de la cuenta a la que están asociados esos programas.


#26

Hola

Abrí un nuevo archivo Notepad y copia y pega este contenido:

Start
CreateRestorePoint:
CloseProcesses
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
HKU\S-1-5-21-4040028069-3033203577-131071101-1004\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
GroupPolicy\User: Restriction ? <==== ATTENTION
FF Plugin: @unity3d.com/UnityPlayer64,version=1.0 -> C:\Program Files\Unity\WebPlayer64\loader-x64\npUnity3D64.dll [2015-06-08] (Unity Technologies ApS)
CHR Profile: C:\Users\Denis Zapata\AppData\Local\Google\Chrome\User Data\System Profile [2018-11-27]
U2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9728 2018-06-11] (Hi-Rez Studios) [File not signed]
S4 ssh-agent; C:\Windows\System32\OpenSSH\ssh-agent.exe [495616 2018-03-10] ()
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
Task: {01104543-DD05-4FD6-842E-8C7492CFC9CF} - System32\Tasks\S-1-5-21-4040028069-3033203577-131071101-1004\DataSenseLiveTileTask => C:\Windows\System32\DataUsageLiveTileTask.exe [2018-04-11] (Microsoft Corporation)
Task: {303A3EF7-3CD2-4563-B271-7FD72B5372E4} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\Windows\explorer.exe /NOUACCHECK
Task: {65B85F6F-35B3-4459-A179-28255D5B7B25} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\Windows\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-04-11] ()
Task: {8BD67AEB-08FF-4758-A4EA-F2B4F824ED26} - System32\Tasks\Driver Booster SkipUAC (Denis Zapata) => C:\Program Files (x86)\IObit\Driver Booster\6.0.2\DriverBooster.exe [2018-09-25] (IObit)
Task: {9A051F79-2B00-45C7-BE66-CB0F1E9BD3DF} - System32\Tasks\Uninstaller_SkipUac_Denis_Zapata => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2018-10-17] (IObit)
FirewallRules: [TCP Query User{DC77409E-9EF4-4E1F-8427-D59C87A3CDDC}C:\users\denis zapata\appdata\local\programs\deezloader remix\deezloader remix.exe] => (Allow) C:\users\denis zapata\appdata\local\programs\deezloader remix\deezloader remix.exe
FirewallRules: [UDP Query User{EB96FE9A-4D39-4AC3-898D-790A8FC22E7F}C:\users\denis zapata\appdata\local\programs\deezloader remix\deezloader remix.exe] => (Allow) C:\users\denis zapata\appdata\local\programs\deezloader remix\deezloader remix.exe
FirewallRules: [{BDBEA91F-C7D4-443B-8DE2-E9238857BF05}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\6.0.2\DriverBooster.exe
FirewallRules: [{2B022CBA-84D9-438F-86C9-673B65804637}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\6.0.2\DriverBooster.exe
FirewallRules: [{DBE0A94E-722C-4EC5-926E-7AB7CB1BD368}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\6.0.2\DBDownloader.exe
FirewallRules: [{DAE98223-42D3-4925-8047-0D896DF7A110}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\6.0.2\DBDownloader.exe
FirewallRules: [{11F3247E-0995-4116-AD45-83591C990AD0}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\6.0.2\AutoUpdate.exe
FirewallRules: [{9BF0AF00-F85C-4495-BC19-EDB08E44638F}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\6.0.2\AutoUpdate.exe
CMD: ipconfig /flushdns
CMD: ipconfig /renew
CMD: bitsadmin /reset /allusers
CMD: netsh winsock reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
RemoveProxy:
EmptyTemp:
Hosts:
END
  • Lo guardas bajo el nombre de fixlist.txt en el escritorio <<< Esto es muy importante.

Nota: Es necesario que el ejecutable Frst.exe y fixlist.txt se encuentren en la misma ubicación (escritorio) o si no la herramienta no trabajara.

  • Ejecutas Frst.exe.
  • Presionas el botón Fix y aguardas a que termine.
  • La Herramienta guardara el reporte en tu escritorio (Fixlog.txt).
  • Lo pegas en tu próxima respuesta.

Saludos


#27
Fix result of Farbar Recovery Scan Tool (x64) Version: 27.11.2018
Ran by Denis Zapata (27-11-2018 17:14:56) Run:1
Running from C:\Users\Denis Zapata\Desktop
Loaded Profiles: Denis Zapata (Available Profiles: Denis Zapata)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CreateRestorePoint:
CloseProcesses
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
HKU\S-1-5-21-4040028069-3033203577-131071101-1004\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
GroupPolicy\User: Restriction ? <==== ATTENTION
FF Plugin: @unity3d.com/UnityPlayer64,version=1.0 -> C:\Program Files\Unity\WebPlayer64\loader-x64\npUnity3D64.dll [2015-06-08] (Unity Technologies ApS)
CHR Profile: C:\Users\Denis Zapata\AppData\Local\Google\Chrome\User Data\System Profile [2018-11-27]
U2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9728 2018-06-11] (Hi-Rez Studios) [File not signed]
S4 ssh-agent; C:\Windows\System32\OpenSSH\ssh-agent.exe [495616 2018-03-10] ()
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
Task: {01104543-DD05-4FD6-842E-8C7492CFC9CF} - System32\Tasks\S-1-5-21-4040028069-3033203577-131071101-1004\DataSenseLiveTileTask => C:\Windows\System32\DataUsageLiveTileTask.exe [2018-04-11] (Microsoft Corporation)
Task: {303A3EF7-3CD2-4563-B271-7FD72B5372E4} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\Windows\explorer.exe /NOUACCHECK
Task: {65B85F6F-35B3-4459-A179-28255D5B7B25} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\Windows\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-04-11] ()
Task: {8BD67AEB-08FF-4758-A4EA-F2B4F824ED26} - System32\Tasks\Driver Booster SkipUAC (Denis Zapata) => C:\Program Files (x86)\IObit\Driver Booster\6.0.2\DriverBooster.exe [2018-09-25] (IObit)
Task: {9A051F79-2B00-45C7-BE66-CB0F1E9BD3DF} - System32\Tasks\Uninstaller_SkipUac_Denis_Zapata => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2018-10-17] (IObit)
FirewallRules: [TCP Query User{DC77409E-9EF4-4E1F-8427-D59C87A3CDDC}C:\users\denis zapata\appdata\local\programs\deezloader remix\deezloader remix.exe] => (Allow) C:\users\denis zapata\appdata\local\programs\deezloader remix\deezloader remix.exe
FirewallRules: [UDP Query User{EB96FE9A-4D39-4AC3-898D-790A8FC22E7F}C:\users\denis zapata\appdata\local\programs\deezloader remix\deezloader remix.exe] => (Allow) C:\users\denis zapata\appdata\local\programs\deezloader remix\deezloader remix.exe
FirewallRules: [{BDBEA91F-C7D4-443B-8DE2-E9238857BF05}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\6.0.2\DriverBooster.exe
FirewallRules: [{2B022CBA-84D9-438F-86C9-673B65804637}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\6.0.2\DriverBooster.exe
FirewallRules: [{DBE0A94E-722C-4EC5-926E-7AB7CB1BD368}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\6.0.2\DBDownloader.exe
FirewallRules: [{DAE98223-42D3-4925-8047-0D896DF7A110}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\6.0.2\DBDownloader.exe
FirewallRules: [{11F3247E-0995-4116-AD45-83591C990AD0}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\6.0.2\AutoUpdate.exe
FirewallRules: [{9BF0AF00-F85C-4495-BC19-EDB08E44638F}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\6.0.2\AutoUpdate.exe
CMD: ipconfig /flushdns
CMD: ipconfig /renew
CMD: bitsadmin /reset /allusers
CMD: netsh winsock reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
RemoveProxy:
EmptyTemp:
Hosts:
END
*****************

Restore point was successfully created.
CloseProcesses => Error: No automatic fix found for this entry.
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.) => Error: No automatic fix found for this entry.
"HKU\S-1-5-21-4040028069-3033203577-131071101-1004\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoLowDiskSpaceChecks" => removed successfully
C:\Windows\system32\GroupPolicy\User => moved successfully
C:\Windows\system32\GroupPolicy\GPT.ini => moved successfully
HKLM\Software\MozillaPlugins\@unity3d.com/UnityPlayer64,version=1.0 => removed successfully
C:\Program Files\Unity\WebPlayer64\loader-x64\npUnity3D64.dll => moved successfully
C:\Users\Denis Zapata\AppData\Local\Google\Chrome\User Data\System Profile => moved successfully
HKLM\System\CurrentControlSet\Services\HiPatchService => removed successfully
HiPatchService => service removed successfully
HKLM\System\CurrentControlSet\Services\ssh-agent => removed successfully
ssh-agent => service removed successfully
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
HKLM\Software\Classes\CLSID\{3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{01104543-DD05-4FD6-842E-8C7492CFC9CF}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{01104543-DD05-4FD6-842E-8C7492CFC9CF}" => removed successfully
C:\Windows\System32\Tasks\S-1-5-21-4040028069-3033203577-131071101-1004\DataSenseLiveTileTask => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\S-1-5-21-4040028069-3033203577-131071101-1004\DataSenseLiveTileTask" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{303A3EF7-3CD2-4563-B271-7FD72B5372E4}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{303A3EF7-3CD2-4563-B271-7FD72B5372E4}" => removed successfully
C:\Windows\System32\Tasks\CreateExplorerShellUnelevatedTask => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\CreateExplorerShellUnelevatedTask" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{65B85F6F-35B3-4459-A179-28255D5B7B25}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{65B85F6F-35B3-4459-A179-28255D5B7B25}" => removed successfully
C:\Windows\System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\HelloFace\FODCleanupTask" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8BD67AEB-08FF-4758-A4EA-F2B4F824ED26}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8BD67AEB-08FF-4758-A4EA-F2B4F824ED26}" => removed successfully
C:\Windows\System32\Tasks\Driver Booster SkipUAC (Denis Zapata) => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Driver Booster SkipUAC (Denis Zapata)" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9A051F79-2B00-45C7-BE66-CB0F1E9BD3DF}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9A051F79-2B00-45C7-BE66-CB0F1E9BD3DF}" => removed successfully
C:\Windows\System32\Tasks\Uninstaller_SkipUac_Denis_Zapata => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Uninstaller_SkipUac_Denis_Zapata" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{DC77409E-9EF4-4E1F-8427-D59C87A3CDDC}C:\users\denis zapata\appdata\local\programs\deezloader remix\deezloader remix.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{EB96FE9A-4D39-4AC3-898D-790A8FC22E7F}C:\users\denis zapata\appdata\local\programs\deezloader remix\deezloader remix.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{BDBEA91F-C7D4-443B-8DE2-E9238857BF05}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{2B022CBA-84D9-438F-86C9-673B65804637}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{DBE0A94E-722C-4EC5-926E-7AB7CB1BD368}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{DAE98223-42D3-4925-8047-0D896DF7A110}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{11F3247E-0995-4116-AD45-83591C990AD0}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{9BF0AF00-F85C-4495-BC19-EDB08E44638F}" => removed successfully

========= ipconfig /flushdns =========


Configuraci¢n IP de Windows

Se vaci¢ correctamente la cach‚ de resoluci¢n de DNS.

========= End of CMD: =========


========= ipconfig /renew =========


Configuraci¢n IP de Windows

No se puede realizar ninguna operaci¢n en Conexi¢n de  rea local* 9 mientras los medios
est‚n desconectados.

Adaptador de LAN inal mbrica Conexi¢n de  rea local* 9:

   Estado de los medios. . . . . . . . . . . : medios desconectados
   Sufijo DNS espec¡fico para la conexi¢n. . : 

Adaptador de LAN inal mbrica Wi-Fi:

   Sufijo DNS espec¡fico para la conexi¢n. . : fibertel.com.ar
   V¡nculo: direcci¢n IPv6 local. . . : fe80::9c5d:c94f:e3fb:cc67%6
   Direcci¢n IPv4. . . . . . . . . . . . . . : 192.168.0.4
   M scara de subred . . . . . . . . . . . . : 255.255.255.0
   Puerta de enlace predeterminada . . . . . : 192.168.0.1

========= End of CMD: =========


========= bitsadmin /reset /allusers =========


BITSADMIN version 3.0
BITS administration utility.
(C) Copyright Microsoft Corp.

Unable to cancel {BF25175F-F4E9-4AA9-824C-C72B09C150D5}.
0 out of 1 jobs canceled.

========= End of CMD: =========


========= netsh winsock reset =========


El cat logo Winsock se restableci¢ correctamente.
Debe reiniciar el equipo para completar el restablecimiento.


========= End of CMD: =========


========= netsh advfirewall set allprofiles state ON =========

Aceptar


========= End of CMD: =========


========= netsh int ipv4 reset =========

Reenv¡o de compartimiento se restableci¢ correctamente.
Compartimiento se restableci¢ correctamente.
Protocolo de control se restableci¢ correctamente.
Solicitud de secuencia eco se restableci¢ correctamente.
Global se restableci¢ correctamente.
Interfaz se restableci¢ correctamente.
Direcci¢n de difusi¢n por proximidad (a se restableci¢ correctamente.
Direcciones de multidifusi¢n se restableci¢ correctamente.
Direcci¢n de unidifusi¢n se restableci¢ correctamente.
Vecino se restableci¢ correctamente.
Ruta de acceso se restableci¢ correctamente.
Posible se restableci¢ correctamente.
Directiva de prefijo se restableci¢ correctamente.
Vecino de proxy se restableci¢ correctamente.
Ruta se restableci¢ correctamente.
Prefijo de sitio se restableci¢ correctamente.
Subinterfaz se restableci¢ correctamente.
Patr¢n de reactivaci¢n se restableci¢ correctamente.
Resolver vecino se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
Error al restablecer .
Acceso denegado.

 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.


========= End of CMD: =========


========= netsh int ipv6 reset =========

Reenv¡o de compartimiento se restableci¢ correctamente.
Compartimiento se restableci¢ correctamente.
Protocolo de control se restableci¢ correctamente.
Solicitud de secuencia eco se restableci¢ correctamente.
Global se restableci¢ correctamente.
Interfaz se restableci¢ correctamente.
Direcci¢n de difusi¢n por proximidad (a se restableci¢ correctamente.
Direcciones de multidifusi¢n se restableci¢ correctamente.
Direcci¢n de unidifusi¢n se restableci¢ correctamente.
Vecino se restableci¢ correctamente.
Ruta de acceso se restableci¢ correctamente.
Posible se restableci¢ correctamente.
Directiva de prefijo se restableci¢ correctamente.
Vecino de proxy se restableci¢ correctamente.
Ruta se restableci¢ correctamente.
Prefijo de sitio se restableci¢ correctamente.
Subinterfaz se restableci¢ correctamente.
Patr¢n de reactivaci¢n se restableci¢ correctamente.
Resolver vecino se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
Error al restablecer .
Acceso denegado.

 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.


========= End of CMD: =========


========= RemoveProxy: =========

"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully
"HKU\S-1-5-21-4040028069-3033203577-131071101-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\S-1-5-21-4040028069-3033203577-131071101-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully


========= End of RemoveProxy: =========

C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 10772480 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 123541974 B
Java, Flash, Steam htmlcache => 185395356 B
Windows/system/drivers => 0 B
Edge => 0 B
Chrome => 69042955 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
LocalService => 0 B
NetworkService => 0 B
NetworkService => 0 B
Denis Zapata => 6652355 B

RecycleBin => 146 B
EmptyTemp: => 377.1 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 17:16:59 ====

#28

Hola

Descargá la herramienta Delfix a Tu escritorio.

Ejecutala, Tildá la casilla Remove disinfection tools y presioná Run

Al terminar Se abrirá un reporte llamado DelFix.txt, verifica que se hayan eliminado las herramientas usadas para desinfectar el Pc.

Corrobora la actividad de la cuenta y Nos comentas como sigue.

Saludos


#29

Ya se eliminaron las herramientas usadas, al pasar unos dias te comento como sigue esto, ya que no ocurren todos los días estas sincronizaciones.

Saludos.


#30

Hola

Perfecto.

Si llegara a ocurrir nuevamente, lo ideal sería que directamente des de baja esa cuenta, porque evidentemente fué capturada en algún momento y esos intentos de sincronización se dan porque alguien la estuvo o la está intentando manipular.

Nos comentas.

Saludos


#31

No se si eso pueda llegar a ser posible por el hecho de que todavía hay cuentas que manejo con ese correo, las cuales lamentablemente no puedo migrar a mi nuevo correo porque el propio servicio no lo permite.


#32

Hola

Ocurre que si la cuenta fue capturada por alguna red (telaraña) de las que se dedican a eso, aunque no tengan la contraseña para administrarla, modificarla o en el peor de los casos, para usarla para enviar Spam, seguramente ocurriran intentos de sincronización.

Es difícil que lo logren si mantenes una buena contraseña. Pero si lo logran ??? Ese es un gran riesgo.


#33

Entiendo el riesgo, pero no tengo alternativas para poder cambiar el correo de X servicios que todavía ocupo con ese correo.

Como mencione, desde que cambie la contraseña y añadi la autenticación todas las sincronizaciones son incorrectas, aunque algo que note es que cuando doy click al enlace que aparece en esos intentos de sincronización, debajo de “¿Le parece extraño?” en Protege tu cuenta la sincronización pasa a ser correcta :flushed: No entiendo bien que es lo que hace ese “link”, si asegura la cuenta o que… o cual es el método que usará Microsoft para “asegurar la cuenta” cambiando a sincronización correcta… :thinking:


#34

Hola

Segun creo, al darle a ese link, estas permitiendo que la cuenta se sincronize vaya a saber con que servidor.

Por eso pasa a ser una sincronización correcta.

O sea, el link es un engaño para que des el OK de sincronizar.


#35

Pero… como que mucho sentido no tiene que hicieran eso ¿no? Menos viniendo de Microsoft.