No puede encontrar C/Users/.../windows/wesbuagu/ucfigftf.exe

#1

Buenas tardes. Escribo por lo siguiente. Ya tengo casi un ao con este inconveniente y no he podido resolverlo. Cada cierto tiempo, en mi computadora aparece una ventana emergente del símbolo del sistema y luego otra ventana con un mensaje de advertencia, que dice literalmente:

Windows no puede encontrar el archivo “C:/Users/Usuario/AppData/Roaming/Microsoft/Windows/wesbuagu/ucfigftf.exe”. Asegúrese de que el nombre está escrito correctamente e inténtelo de nuevo.

Conb darle al botón aceptar, parece que posterga el mensaje, y cada tanto vuelve a aparecer. o sé que es, pero veo que el consumo de memoria es alto. y he tenido otras recomendaciones, pero no he logrado resolver.

¿Qué em recomiendan para intentar acabar con eso? creo que apareció luego de que descargué algún software de criptomonedas, y algo instalé sin saber… y como en semanas recientes he tenido porblema con el internet por lasituación de mi país, pues bueno, peor…

Cualquier sugerencia, será tomada en cuenta,

gracias de antemano.

#2

Realiza los siguientes pasos, , sin cambiar el orden

1) Descarga, actualiza y ejecuta Malwarebytes’ Anti-Malware,

Manual Malwarebytes, para que sepas usarlo y configurarlo.

  • Realiza un Análisis Personalizado,marcando Todas las casillas de la derecha y de la Izquierda actualizando si te lo pide.
  • Pulsar en “Eliminar Seleccionados” para enviarlo a la cuarentena y Reinicias el sistema.
  • Para acceder posteriormente al informe del análisis : Informes >> Registro de análisis >> Pulsar en >> Exportar >> Copiar al Portapapeles, y lo pegas en tu respuesta

2) Descarga Adwcleaner en el escritorio.

  • Desactiva tu antivirus :arrow_forward:Como deshabilitar temporalmente un antivirus y cualquier programa de seguridad.

  • Ejecuta Adwcleaner.exe (Si usas Windows Vista/7 u 8 presiona clic derecho y selecciona "Ejecutar como Administrador.")

  • Pulsar en el botón Analizar Ahora, y espera a que se realice el proceso, inmediatamente pulsa sobre el botón Iniciar Reparacion.

  • Espera a que se complete y sigue las instrucciones, si te pidiera Reiniciar el sistema Aceptas.

  • Si no encuentra nada, pulsamos “Omitir Reparación

  • El log lo encontramos en la pestaña “Informes”, volviendo a abrir el programa, si es necesario o en"C:\AdwCleaner\Logs\AdwCleaner[C0].txt"

Puedes mirar su manual >> Manual de Adwcleaner

3) Descarga Ccleaner

Instalalo y ejecútalo. En la pestaña limpiador dejas como esta configurada predeterminadamente, haces clic en analizar esperas que termine > clic en ejecutar limpiador. Clic en la pestaña Registro > clic en buscar problemas esperas que termine > clic en Reparar Seleccionadas y haces una copia de seguridad.

Pega los reportes de Malwarebytes, AdwCleaner y comentas como va el problema.


#3
Malwarebytes
www.malwarebytes.com

-Detalles del registro-
Fecha del análisis: 17/4/19
Hora del análisis: 17:23
Archivo de registro: 05dca6d8-6157-11e9-a4f2-047d7b0ddb38.json

-Información del software-
Versión: 3.7.1.2839
Versión de los componentes: 1.0.563
Versión del paquete de actualización: 1.0.10216
Licencia: Prueba

-Información del sistema-
SO: Windows 10 (Build 17134.706)
CPU: x64
Sistema de archivos: NTFS
Usuario: JESUSSAAVEDRAPC\Jes\u00c3\u00bas I. Saavedra

-Resumen del análisis-
Tipo de análisis: Análisis de amenazas
Análisis iniciado por:: Manual
Resultado: Completado
Objetos analizados: 515141
Amenazas detectadas: 24
Amenazas en cuarentena: 24
Tiempo transcurrido: 48 min, 48 seg

-Opciones de análisis-
Memoria: Activado
Inicio: Activado
Sistema de archivos: Activado
Archivo: Activado
Rootkits: Desactivado
Heurística: Activado
PUP: Detectar
PUM: Detectar

-Detalles del análisis-
Proceso: 0
(No hay elementos maliciosos detectados)

Módulo: 0
(No hay elementos maliciosos detectados)

Clave del registro: 11
Adware.Agent, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\OPERA SCHEDULED AUTOUPDATE 4086469641, En cuarentena, [98], [535908],1.0.10216
Adware.Agent, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{6113413E-AFE9-425F-808C-9FB2834A05A0}, En cuarentena, [98], [535908],1.0.10216
Adware.Agent, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\PLAIN\{6113413E-AFE9-425F-808C-9FB2834A05A0}, En cuarentena, [98], [535908],1.0.10216
Adware.Tuto4PC, HKLM\SOFTWARE\MICROSOFT\MPrForWeathI, En cuarentena, [2818], [572664],1.0.10216
Adware.Tuto4PC, HKLM\SOFTWARE\MICROSOFT\MTPreC_B, En cuarentena, [2818], [572665],1.0.10216
Adware.Tuto4PC, HKLM\SOFTWARE\MICROSOFT\MTPreC_Qn, En cuarentena, [2818], [572666],1.0.10216
Adware.Tuto4PC, HKLM\SOFTWARE\MICROSOFT\ShutTPreAm, En cuarentena, [2818], [572667],1.0.10216
Adware.Tuto4PC, HKLM\SOFTWARE\MICROSOFT\ShutTPreIc, En cuarentena, [2818], [572668],1.0.10216
Adware.Tuto4PC, HKLM\SOFTWARE\MICROSOFT\ShutTPreJ, En cuarentena, [2818], [572669],1.0.10216
Adware.Tuto4PC, HKLM\SOFTWARE\MICROSOFT\ShutTPreShM, En cuarentena, [2818], [572670],1.0.10216
Adware.ICLoader, HKLM\SOFTWARE\MICROSOFT\DMUNVERSION, En cuarentena, [459], [518477],1.0.10216

Valor del registro: 2
Adware.Agent, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{6113413E-AFE9-425F-808C-9FB2834A05A0}|PATH, En cuarentena, [98], [535907],1.0.10216
Adware.ICLoader, HKLM\SOFTWARE\MICROSOFT\DMUNVERSION|VERSION, En cuarentena, [459], [518477],1.0.10216

Datos del registro: 0
(No hay elementos maliciosos detectados)

Secuencia de datos: 0
(No hay elementos maliciosos detectados)

Carpeta: 1
Trojan.SmokeLoader, C:\PROGRAMDATA\DAHJSERVICE, En cuarentena, [1013], [509066],1.0.10216

Archivo: 10
Adware.Agent, C:\WINDOWS\SYSTEM32\TASKS\OPERA SCHEDULED AUTOUPDATE 4086469641, En cuarentena, [98], [535908],1.0.10216
Adware.HiRu, C:\USERS\JESúS SAAVEDRA\APPDATA\ROAMING\HUI.EXE, En cuarentena, [3045], [537036],1.0.10216
Adware.FileTour, C:\USERS\JESúS SAAVEDRA\DOWNLOADS\CPU-Z_1.63-SETUP-EN.EXE, En cuarentena, [447], [591373],1.0.10216
Generic.Malware/Suspicious, C:\USERS\JESúS SAAVEDRA\DOWNLOADS\YOUTUBE_DOWNLOADER_HD_SETUP.EXE, En cuarentena, [0], [392686],1.0.10216
PUP.Optional.Reimage, C:\USERS\JESúS SAAVEDRA\DOWNLOADS\REIMAGEREPAIR.EXE, En cuarentena, [341], [331559],1.0.10216
MachineLearning/Anomalous.100%, C:\USERS\JESúS SAAVEDRA\DOWNLOADS\ELIPUPS.EXE, En cuarentena, [0], [392687],1.0.10216
PUP.Optional.InstallCore, C:\USERS\JESúS SAAVEDRA\APPDATA\LOCAL\JDOWNLOADER 2.0\JDOWNLOADER2.EXE.TMP, En cuarentena, [431], [542680],1.0.10216
HackTool.Agent, C:\USERS\JESúS SAAVEDRA\DESKTOP\ADOBE ACROBAT XI\AMTEMU.V0.9.1-PAINTER.EXE, En cuarentena, [3934], [448498],1.0.10216
HackTool.Agent, C:\USERS\JESúS SAAVEDRA\DESKTOP\ADOBE ACROBAT XI PRO 11.0.20 + CRACK [TECH-TOOLS.ME]\CRACK\AMTEMU.V0.9.1-PAINTER.EXE, En cuarentena, [3934], [448498],1.0.10216
HackTool.Agent, C:\USERS\JESúS SAAVEDRA\DESKTOP\ADOBE ACROBAT XI\ADOBE ACROBAT XI\AMTEMU.V0.9.1-PAINTER.EXE, En cuarentena, [3934], [448498],1.0.10216

Sector físico: 0
(No hay elementos maliciosos detectados)

WMI: 0
(No hay elementos maliciosos detectados)


(end)

del AdwCleaner

# -------------------------------
# Malwarebytes AdwCleaner 7.3.0.0
# -------------------------------
# Build:    04-04-2019
# Database: 2019-04-15.1 (Cloud)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start:    04-17-2019
# Duration: 00:00:21
# OS:       Windows 10 Home
# Cleaned:  42
# Failed:   0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted       C:\Program Files (x86)\Enigma Software Group
Deleted       C:\Program Files (x86)\avg web tuneup
Deleted       C:\Program Files\Hola
Deleted       C:\Users\Jesús Saavedra\AppData\LocalLow\avg web tuneup
Deleted       C:\Users\Jesús Saavedra\AppData\Local\avg web tuneup
Deleted       C:\Users\Jesús Saavedra\AppData\Local\slimware utilities inc
Deleted       C:\Users\Jesús Saavedra\AppData\Roaming\Hola
Deleted       C:\Users\Public\Documents\Downloaded Installers

***** [ Files ] *****

Deleted       C:\Users\Jesús Saavedra\Downloads\Hola-Setup.exe
Deleted       C:\Windows\System32\drivers\swdumon.sys
Deleted       C:\spyhunter.fix

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted       HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{600516AB-4E78-436E-B539-71A2F30A925}
Deleted       HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6DADDFE-E220-4903-8E14-4C1517F95A45}
Deleted       HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7AF0E626-22E6-4210-93A2-92EC08942BF}
Deleted       HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9FFEB109-CD16-4344-8119-62D87D68E74}
Deleted       HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ACFC3051-A62F-4131-8316-AB3346F21021}
Deleted       HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AE17EDE6-E4DE-41B1-9EBE-CCD5BCBF48B8}
Deleted       HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CCB78154-6EF-4BDA-B258-583A53E656AF}
Deleted       HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E2EBC450-BE12-4AF7-B24B-197704BCD77}
Deleted       HKCU\Software\APN PIP
Deleted       HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|AdVantage
Deleted       HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|Seviler
Deleted       HKCU\Software\Microsoft\{cc6eb6d8-85b7-435p-8b86-51e4d16ea76d}
Deleted       HKCU\Software\SlimWare Utilities Inc
Deleted       HKLM\Software\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
Deleted       HKLM\Software\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
Deleted       HKLM\Software\Classes\TypeLib\{FA6468D2-FAA4-4951-A53B-2A5CF9CC0A36}
Deleted       HKLM\Software\Hola
Deleted       HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{B351D155-F565-4E71-9B34-7EBFD4C442F8}
Deleted       HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|DiskPower
Deleted       HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|hola
Deleted       HKLM\Software\Microsoft\{6711eba6-cf08-4edw-9528-86004fa424bb}
Deleted       HKLM\Software\Wow6432Node\AVG Tuneup
Deleted       HKLM\Software\Wow6432Node\EnigmaSoftwareGroup
Deleted       HKLM\Software\Wow6432Node\SlimWare Utilities Inc
Deleted       HKLM\Software\Wow6432Node\\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
Deleted       HKLM\Software\Wow6432Node\\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
Deleted       HKLM\Software\Wow6432Node\\Classes\TypeLib\{FA6468D2-FAA4-4951-A53B-2A5CF9CC0A36}
Deleted       HKLM\Software\Wow6432Node\\Google\Chrome\NativeMessagingHosts\avgsh
Deleted       HKLM\Software\Wow6432Node\\Microsoft\Internet Explorer\SearchScopes\{B351D155-F565-4E71-9B34-7EBFD4C442F8}
Deleted       HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Ext\Stats\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Deleted       HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Ext\Stats\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [5498 octets] - [17/04/2019 21:08:49]
AdwCleaner[S01].txt - [5559 octets] - [17/04/2019 21:19:54]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C01].txt ##########
#4

Hasta ahora no ha aparecido otra vez la ventana con el aviso ni el símbolo del sistema,

Veré si sucede algo. Mientras tanto, comento que al parecer a normalizado el consumo de memoria.

Agradecido con su sugerencia, se siguió el rpocedimiento tal cual Ud. lo planteó

#5

Tenias bastante s infecciones…

Vamos a ver si queda algo.

Realiza lo siguiente:

  • Desactiva Temporalmente tu antivirus y cualquier programa de seguridad.

  • Descarga a Tu Escritorio >> Esto es muy importante<<.,Fabar Recovery Scan Tool, considerando la versión adecuada para tu equipo. (32 o 64 bits) :arrow_forward: ¿Cómo saber si mi Windows es de 32 o 64 bits?

  • Doble clic para ejecutar Frst.exe. En la ventana del Disclaimer, presiona Yes.

  • En la nueva ventana que se abre, presiona el botón Scan y espera a que concluya el análisis.

  • Se abrirán dos (2) archivos (Logs), Frst.txt y Addition.txt, que estarán grabados en Tu escritorio.

En Tu próxima respuesta, copias y pegas los dos reportes Frst.txt y Addition.txt de FRST

Nota: Si el/los reportes solicitados no entraran en una sola respuesta porque superan la cantidad de caracteres permitidos, puedes utilizar dos o mas respuestas para pegarlos completamente.


#10

Por favor, disculpe. No seguí el procedimiento tal cual me lo panteó para pegar los registros, que salieron en 4 posts; olvidé seleccionar previamente todo el texto y pulsar el botón de texto preformateado, lo cual haré a continuación.

#11
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 17.04.2019
Ran by Jesús I. Saavedra (administrator) on JESUSSAAVEDRAPC (18-04-2019 09:06:24)
Running from C:\Users\Jesús Saavedra\Desktop
Loaded Profiles: Jesús I. Saavedra (Available Profiles: Jesús I. Saavedra & Temporal Europa)
Platform: Windows 10 Home Version 1803 17134.706 (X64) Language: Inglés (Estados Unidos)
Default browser: FF
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(IBM -> IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(TOSHIBA CORPORATION -> TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
(Prolific Technology Inc.) [File not signed] C:\Windows\SysWOW64\IoctlSvc.exe
(Samsung Electronics CO., LTD. -> ) C:\Windows\SysWOW64\SecUPDUtilSvc.exe
(Tenorshare Co.,Ltd. -> Tenorshare Co,Ltd) C:\Program Files (x86)\ReiBoot\TenorshareReibootService.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Symantec Corporation -> Symantec Corporation) C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.13.11\ccSvcHst.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Research In Motion Limited) [File not signed] C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Brio) [File not signed] C:\Program Files\FolderSize\FolderSizeSvc.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Microsoft Corporation -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1903.4-0\MsMpEng.exe
(Adobe Systems Incorporated -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Adobe Systems Incorporated -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(TOSHIBA CORPORATION -> TOSHIBA Corporation) C:\Program Files\Toshiba\TECO\TecoService.exe
(TOSHIBA CORPORATION -> TOSHIBA Corporation) C:\Program Files\Toshiba\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
(TOSHIBA CORPORATION -> TOSHIBA Corporation) C:\Program Files\Toshiba\TPHM\TPCHSrv.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.7\GoogleCrashHandler.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.7\GoogleCrashHandler64.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\rempl\sedsvc.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.42.60.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Conexant Systems, Inc. -> Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe
(TOSHIBA CORPORATION -> TOSHIBA Corporation) C:\Program Files\Toshiba\TECO\Teco.exe
(TOSHIBA CORPORATION -> TOSHIBA Corporation) C:\Program Files\Toshiba\BulletinBoard\TosNcCore.exe
(TOSHIBA CORPORATION -> TOSHIBA Corporation) C:\Program Files\Toshiba\ReelTime\TosReelTimeMonitor.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(TOSHIBA CORPORATION -> TOSHIBA Corporation) C:\Program Files\Toshiba\TOSHIBA HDD SSD Alert\TosSENotify.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(IBM -> IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportHelper.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.42.60.0_x64__kzf8qxf38zg5c\SkypeApp.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Krzysztof Kowalczyk -> Krzysztof Kowalczyk) C:\Program Files (x86)\SumatraPDF\SumatraPDF.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\Office16\EXCEL.EXE

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-11] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SAIICpl.exe [310912 2011-03-24] (Conexant Systems, Inc. -> Conexant Systems, Inc.)
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [562304 2011-06-30] (Conexant Systems, Inc. -> Conexant Systems, Inc.)
HKLM\...\Run: [Teco] => C:\Program Files\TOSHIBA\TECO\Teco.exe [1544624 2011-05-24] (TOSHIBA CORPORATION -> TOSHIBA Corporation)
HKLM\...\Run: [TosVolRegulator] => C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe [24376 2009-11-11] (TOSHIBA CORPORATION -> TOSHIBA Corporation)
HKLM\...\Run: [TosSENotify] => C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe [710560 2011-06-10] (TOSHIBA CORPORATION -> TOSHIBA Corporation)
HKLM\...\Run: [TosNC] => C:\Program Files\Toshiba\BulletinBoard\TosNcCore.exe [597936 2011-07-27] (TOSHIBA CORPORATION -> TOSHIBA Corporation)
HKLM\...\Run: [TosReelTimeMonitor] => C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe [38824 2011-06-28] (TOSHIBA CORPORATION -> TOSHIBA Corporation)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2675176 2018-12-13] (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [298296 2018-01-22] (Apple Inc. -> Apple Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3953344 2017-06-02] (Synaptics Incorporated -> Synaptics Incorporated)
HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-11] (Microsoft Windows -> Microsoft Corporation)
HKLM-x32\...\Run: [TSleepSrv] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Sleep Utility\TSleepSrv.exe [252792 2010-06-04] (TOSHIBA CORPORATION -> TOSHIBA)
HKLM-x32\...\Run: [RIMBBLaunchAgent.exe] => C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe [267792 2013-01-17] (Research In Motion -> Research In Motion Limited)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [5537088 2019-04-05] (Dropbox, Inc -> Dropbox, Inc.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard Company -> Hewlett-Packard)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [588704 2018-03-28] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-11] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-11] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-921242894-1989990284-1724683343-1000\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2018-03-18] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-921242894-1989990284-1724683343-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27832264 2017-10-06] (Skype Software Sarl -> Skype Technologies S.A.)
HKU\S-1-5-21-921242894-1989990284-1724683343-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [22515488 2019-04-04] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-921242894-1989990284-1724683343-1000\...\Policies\Explorer: [] 
HKU\S-1-5-21-921242894-1989990284-1724683343-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\windows\system32\scrnsave.scr [36864 2018-04-11] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Drivers32: [vidc.mjpg] => C:\WINDOWS\system32\bdmjpeg64.dll [25640 2013-08-05] (Bandisoft -> )
HKLM\...\Drivers32: [vidc.mpeg] => C:\WINDOWS\system32\bdmpegv64.dll [70200 2013-08-05] (Bandisoft -> )
HKLM\...\Drivers32: [msacm.bdmpeg] => C:\WINDOWS\system32\bdmpega64.acm [70712 2013-08-05] (Bandisoft -> )
HKLM\...\Drivers32: [vidc.mjpg] => C:\Windows\SysWOW64\bdmjpeg.dll [23080 2013-08-05] (Bandisoft -> )
HKLM\...\Drivers32: [vidc.mpeg] => C:\Windows\SysWOW64\bdmpegv.dll [66104 2013-08-05] (Bandisoft -> )
HKLM\...\Drivers32: [msacm.bdmpeg] => C:\Windows\SysWOW64\bdmpega.acm [66104 2013-08-05] (Bandisoft -> )
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\73.0.3683.103\Installer\chrmstp.exe [2019-04-17] (Google LLC -> Google Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] -> 
HKLM\Software\...\Winlogon\GPExtensions: [{6cfb9c5c-138e-4bb3-8a3d-d5383e910e57}] -> %SystemRoot%\System32\RdpGroupPolicyExtension.dll
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
CHR HKU\S-1-5-21-921242894-1989990284-1724683343-1000\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{501222ea-ffcf-49af-ab0c-08574d71e5a2}: [NameServer] 8.8.8.8,4.4.4.4
Tcpip\..\Interfaces\{501222ea-ffcf-49af-ab0c-08574d71e5a2}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{6f38bff7-c689-4976-9260-97e715312d68}: [DhcpNameServer] 192.168.8.1 192.168.8.1
Tcpip\..\Interfaces\{8e1a7268-43a8-412c-ac15-63b53c92a052}: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{c48fb11e-6b76-4a91-900d-dc6382f88138}: [DhcpNameServer] 192.168.42.129

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = 
HKU\S-1-5-21-921242894-1989990284-1724683343-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-921242894-1989990284-1724683343-1000 -> {B351D155-F565-4E71-9B34-7EBFD4C442F8} URL = 
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office16\OCHelper.dll [2019-01-16] (Microsoft Corporation -> Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2018-07-20] (Microsoft Corporation -> Microsoft Corporation)
BHO: TOSHIBA Media Controller Plug-in -> {F3C88694-EFFA-4d78-B409-54B7B2535B14} -> C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\x64\TOSHIBAMediaControllerIE.dll [2012-08-24] (TOSHIBA CORPORATION -> TOSHIBA Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll [2019-01-16] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\ssv.dll [2018-04-23] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-10-09] (Skype Technologies SA -> Skype Technologies S.A.)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2018-07-22] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\jp2ssv.dll [2018-04-23] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: TOSHIBA Media Controller Plug-in -> {F3C88694-EFFA-4d78-B409-54B7B2535B14} -> C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll [2012-08-24] (TOSHIBA CORPORATION -> TOSHIBA Corporation)
Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2019-03-12] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2019-03-12] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2019-03-12] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2019-03-12] (Microsoft Corporation -> Microsoft Corporation)

Edge: 
======
Edge Session Restore: HKU\S-1-5-21-921242894-1989990284-1724683343-1000 -> is enabled.

FireFox:
========
FF DefaultProfile: 4oinflbq.default-1435434660898-1524591162478
FF ProfilePath: C:\Users\Jesús Saavedra\AppData\Roaming\Mozilla\Firefox\Profiles\4oinflbq.default-1435434660898-1524591162478 [2019-04-18]
FF Homepage: Mozilla\Firefox\Profiles\4oinflbq.default-1435434660898-1524591162478 -> www.google.co.ve
FF Session Restore: Mozilla\Firefox\Profiles\4oinflbq.default-1435434660898-1524591162478 -> is enabled.
FF Extension: (IBM Security Rapport) - C:\Users\Jesús Saavedra\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\[email protected] [2018-06-07] [UpdateUrl:hxxps://clients2.google.com/service/update2/crx]
FF Extension: (Enhancer for YouTube™) - C:\Users\Jesús Saavedra\AppData\Roaming\Mozilla\Firefox\Profiles\4oinflbq.default-1435434660898-1524591162478\Extensions\[email protected] [2019-01-31]
FF Extension: (Official My JDownloader AddOn) - C:\Users\Jesús Saavedra\AppData\Roaming\Mozilla\Firefox\Profiles\4oinflbq.default-1435434660898-1524591162478\Extensions\[email protected] [2018-04-25] [Legacy]
FF Extension: (Skype Click to Call) - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2017-08-26] [Legacy] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext => not found
FF HKU\S-1-5-21-921242894-1989990284-1724683343-1000\...\Firefox\Extensions: [{87F8774F-B485-47E2-A755-A40A8A5E8877}] - C:\Users\Jesús Saavedra\AppData\Local\GAS Tecnologia\GBBD\bdv\xpi => not found
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_30_0_0_154.dll [2018-08-15] (Adobe Systems Incorporated -> )
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_30_0_0_154.dll [2018-08-15] (Adobe Systems Incorporated -> )
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [No File]
FF Plugin-x32: @java.com/DTPlugin,version=11.171.2 -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\dtplugin\npDeployJava1.dll [2018-04-23] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.171.2 -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\plugin2\npjp2.dll [2018-04-23] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2018-04-10] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [No File]
FF Plugin-x32: @real.com/nprpchromebrowserrecordext;version=15.0.6.14 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll [2012-09-30] (RealNetworks, Inc.) [File not signed]
FF Plugin-x32: @real.com/nprphtml5videoshim;version=15.0.6.14 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll [2012-09-30] (RealNetworks, Inc.) [File not signed]
FF Plugin-x32: @RIM.com/WebSLLauncher,version=1.0 -> C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll [2012-12-13] (Research In Motion -> )
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-04-16] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-04-16] (Google Inc -> Google LLC)
FF Plugin HKU\.DEFAULT: gastecnologia.com.br/sf/bdv -> C:\WINDOWS\system32\config\systemprofile\AppData\Local\GAS Tecnologia\GBBD\npsf_bdv.dll [No File]
FF Plugin HKU\S-1-5-21-921242894-1989990284-1724683343-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Jesús Saavedra\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll [No File]
FF Plugin HKU\S-1-5-21-921242894-1989990284-1724683343-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Jesús Saavedra\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll [No File]
FF Plugin HKU\S-1-5-21-921242894-1989990284-1724683343-1000: @zoom.us/ZoomVideoPlugin -> C:\Users\Jesús Saavedra\AppData\Roaming\Zoom\bin\npzoomplugin.dll [2018-02-06] (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Jesús Saavedra\AppData\Roaming\mozilla\plugins\npatgpc.dll [2017-08-21]
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\autoconf_warsaw.js [2018-04-10] <==== ATTENTION (Points to *.cfg file)
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\warsaw.cfg [2018-04-10] <==== ATTENTION

Chrome: 
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.co.ve/"
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\Jesús Saavedra\AppData\Local\Google\Chrome\User Data\Default [2019-04-18]
CHR Extension: (Flash Video Downloader) - C:\Users\Jesús Saavedra\AppData\Local\Google\Chrome\User Data\Default\Extensions\aiimdkdngfcipjohbjenkahhlhccpdbc [2018-10-02]
CHR Extension: (IBM Security Rapport) - C:\Users\Jesús Saavedra\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbjllphbppobebmjpjcijfbakobcheof [2018-12-28]
CHR Extension: (MEGA) - C:\Users\Jesús Saavedra\AppData\Local\Google\Chrome\User Data\Default\Extensions\bigefpfhnfcobdlfbedofhhaibnlghod [2019-04-17]
CHR Extension: (Hootsuite Hootlet) - C:\Users\Jesús Saavedra\AppData\Local\Google\Chrome\User Data\Default\Extensions\bjgfdlplhmndoonmofmflcbiohgbkifn [2018-01-23]
CHR Extension: (HTTPS Everywhere) - C:\Users\Jesús Saavedra\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcbommkclmclpchllfjekcdonpmejbdp [2019-02-01]
CHR Extension: (Cisco WebEx IM) - C:\Users\Jesús Saavedra\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdgodbfllkenehbjembldlmkjjdafigh [2016-09-26]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\Jesús Saavedra\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-22]
CHR Extension: (Facebook Social Plugin) - C:\Users\Jesús Saavedra\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdmclgnbhdiklglmmdcaelggigiiigpm [2016-02-01]
CHR Extension: (LinkedIn Sales Navigator) - C:\Users\Jesús Saavedra\AppData\Local\Google\Chrome\User Data\Default\Extensions\hihakjfhbmlmjdnnhegiciffjplmdhin [2019-04-13]
CHR Extension: (Cisco Webex Extension) - C:\Users\Jesús Saavedra\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlhmfgmfgeifomenelglieieghnjghma [2018-07-22]
CHR Extension: (Skype) - C:\Users\Jesús Saavedra\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2018-01-23]
CHR Extension: (Boomerang for Gmail) - C:\Users\Jesús Saavedra\AppData\Local\Google\Chrome\User Data\Default\Extensions\mdanidgdpmkimeiiojknlnekblgmpdll [2018-09-13]
CHR Extension: (Email tracking para Gmail - Mailtrack) - C:\Users\Jesús Saavedra\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndnaehgpjlnokgebbaldlmgkapkpjkkb [2019-04-14]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Jesús Saavedra\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-17]
CHR Extension: (Browsec VPN - Free and Unlimited VPN) - C:\Users\Jesús Saavedra\AppData\Local\Google\Chrome\User Data\Default\Extensions\omghfjlpggmjjaagoclmmobgdodcjboh [2019-04-13]
CHR Extension: (Chrome Media Router) - C:\Users\Jesús Saavedra\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-04-17]
CHR Profile: C:\Users\Jesús Saavedra\AppData\Local\Google\Chrome\User Data\Guest Profile [2019-04-17]
CHR Profile: C:\Users\Jesús Saavedra\AppData\Local\Google\Chrome\User Data\System Profile [2019-04-17]
CHR HKU\S-1-5-21-921242894-1989990284-1724683343-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bbjllphbppobebmjpjcijfbakobcheof] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-921242894-1989990284-1724683343-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [odifdffdmeannfboglpliamjmoggdmci] - C:\Users\Jesús Saavedra\AppData\Local\GAS Tecnologia\GBBD\bdv\sf.crx <not found>
CHR HKU\S-1-5-21-921242894-1989990284-1724683343-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [ohfdiojichmakejoojpjejpmhhdfngch] - <no Path/update_url>
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2013-10-09]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [2917864 2018-12-13] (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2709480 2018-12-13] (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2018-03-29] (Apple Inc. -> Apple Inc.)
R2 Blackberry Device Manager; C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe [577536 2013-01-18] (Research In Motion Limited) [File not signed]
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-03-30] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-03-30] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [51024 2019-04-05] (Dropbox, Inc -> Dropbox, Inc.)
R2 FolderSize; C:\Program Files\FolderSize\FolderSizeSvc.exe [167936 2010-04-06] (Brio) [File not signed]
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [347512 2018-12-06] (HP Inc. -> HP Inc.)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2015-09-08] (Macrovision Corporation) [File not signed]
S2 Lavasoft Ad-Aware Service; C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe [1737728 2015-04-29] (Lavasoft Limited ) [File not signed]
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6562472 2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
S2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
R2 PCCUJobMgr; C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.13.11\ccSvcHst.exe [126392 2011-07-19] (Symantec Corporation -> Symantec Corporation)
R2 PLFlash DeviceIoControl Service; C:\windows\SysWOW64\IoctlSvc.exe [81920 2006-12-19] (Prolific Technology Inc.) [File not signed]
S2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
R2 RapportMgmtService; C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe [5264888 2018-12-26] (IBM -> IBM Corp.)
R2 SamsungUPDUtilSvc; C:\WINDOWS\SysWOW64\SecUPDUtilSvc.exe [118576 2014-11-26] (Samsung Electronics CO., LTD. -> )
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [255168 2017-06-02] (Synaptics Incorporated -> Synaptics Incorporated)
R2 TenorshareReibootService; C:\Program Files (x86)\ReiBoot\TenorshareReibootService.exe [33208 2017-11-09] (Tenorshare Co.,Ltd. -> Tenorshare Co,Ltd)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1903.4-0\NisSrv.exe [3856504 2019-04-17] (Microsoft Corporation -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1903.4-0\MsMpEng.exe [113992 2019-04-17] (Microsoft Corporation -> Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 DgiVecp; C:\WINDOWS\System32\Drivers\DgiVecp.sys [53816 2009-03-02] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S2 DgiVecp; C:\Windows\SysWOW64\Drivers\DgiVecp.sys [41984 2004-05-17] (DeviceGuys, Inc.) [File not signed]
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [130688 2016-07-22] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 dot4; C:\WINDOWS\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Hewlett-Packard Company -> Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\WINDOWS\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Hewlett-Packard Company -> Windows (R) Win 7 DDK provider)
S3 dot4usb; C:\WINDOWS\system32\DRIVERS\dot4usb.sys [49056 2012-10-19] (Hewlett-Packard Company -> Microsoft Corporation)
R3 igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys [5382856 2017-03-09] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
R3 IntcDAud; C:\WINDOWS\system32\DRIVERS\IntcDAud.sys [317440 2010-10-15] (Microsoft Windows Hardware Compatibility Publisher -> Intel(R) Corporation)
R3 L1C; C:\WINDOWS\System32\drivers\L1C63x64.sys [121344 2018-04-11] (Microsoft Windows -> Qualcomm Atheros Co., Ltd.)
R0 Lbd; C:\WINDOWS\System32\DRIVERS\Lbd.sys [69152 2010-08-12] (Lavasoft AB -> Lavasoft AB)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [198512 2019-04-17] (Malwarebytes Corporation -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [20936 2019-02-01] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [274416 2019-04-17] (Malwarebytes Corporation -> Malwarebytes)
S3 Netaapl; C:\WINDOWS\System32\drivers\netaapl64.sys [23040 2013-07-25] (Microsoft Windows Hardware Compatibility Publisher -> Apple Inc.)
S3 qcusbser; C:\WINDOWS\system32\DRIVERS\qcusbser.sys [254520 2017-03-15] (Microsoft Windows Hardware Compatibility Publisher -> QUALCOMM Incorporated)
R3 QIOMem; C:\WINDOWS\System32\drivers\QIOMem.sys [22736 2015-05-28] (WDKTestCert 1,130752733198717037 -> TOSHIBA)
R1 RapportAegle64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportAegle64.sys [501256 2018-12-26] (IBM -> IBM Corp.)
R1 RapportCerberus_1930247; C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_1930247.sys [1657968 2019-01-16] (IBM -> IBM Corp.)
R1 RapportEI64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys [725192 2018-12-26] (IBM -> IBM Corp.)
R0 RapportHades64; C:\WINDOWS\System32\Drivers\RapportHades64.sys [461768 2018-12-26] (IBM -> IBM Corp.)
R0 RapportKE64; C:\WINDOWS\System32\Drivers\RapportKE64.sys [608840 2018-12-26] (IBM -> IBM Corp.)
R1 RapportPG64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys [758168 2018-12-26] (IBM -> IBM Corp.)
S3 RimUsb; C:\WINDOWS\System32\Drivers\RimUsb_AMD64.sys [78336 2013-01-03] (Microsoft Windows Hardware Compatibility Publisher -> Research In Motion Limited)
R3 RimVSerPort; C:\WINDOWS\system32\DRIVERS\RimSerial_AMD64.sys [44544 2012-12-10] (Microsoft Windows Hardware Compatibility Publisher -> Research in Motion Ltd)
R3 rtwlane_13; C:\WINDOWS\System32\drivers\rtwlane_13.sys [3717120 2018-04-11] (Microsoft Windows -> Realtek Semiconductor Corporation )
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [51392 2017-06-02] (Synaptics Incorporated -> Synaptics Incorporated)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [164992 2016-07-22] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 ssudserd; C:\WINDOWS\system32\DRIVERS\ssudserd.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 tap-tb-0901; C:\WINDOWS\System32\drivers\tap-tb-0901.sys [38656 2018-05-16] (TunnelBear, Inc. -> The OpenVPN Project)
R3 Thotkey; C:\WINDOWS\System32\drivers\Thotkey.sys [45720 2015-12-31] (TOSHIBA CORPORATION -> Toshiba Corporation)
S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2017-11-27] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
S3 usbrndis6; C:\WINDOWS\System32\drivers\usb80236.sys [22016 2018-04-11] (Microsoft Windows -> Microsoft Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [46472 2019-04-17] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [343520 2019-04-17] (Microsoft Windows -> Microsoft Corporation)
S3 wdm_usb; C:\WINDOWS\system32\DRIVERS\usb2ser.sys [151184 2016-07-15] (NGO -> MBB)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [68576 2019-04-17] (Microsoft Windows -> Microsoft Corporation)
U3 aspnet_state; no ImagePath
S3 SWDUMon; \SystemRoot\system32\DRIVERS\SWDUMon.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-04-18 09:06 - 2019-04-18 09:09 - 000035836 ____C C:\Users\Jesús Saavedra\Desktop\FRST.txt
2019-04-18 09:05 - 2019-04-18 09:06 - 000000000 ___DC C:\FRST
2019-04-18 09:01 - 2019-04-18 09:04 - 002434048 ____C (Farbar) C:\Users\Jesús Saavedra\Desktop\FRST64.exe
2019-04-17 23:20 - 2019-04-17 23:20 - 000000000 ___DC C:\Users\Jesús Saavedra\Desktop\My Shared Folder
2019-04-17 23:15 - 2019-04-18 01:00 - 000000000 ____D C:\Users\Jesús Saavedra\AppData\Roaming\vlc
2019-04-17 23:15 - 2019-04-17 23:15 - 000002009 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SumatraPDF.lnk
2019-04-17 23:15 - 2019-04-17 23:15 - 000000000 ____D C:\Program Files (x86)\SumatraPDF
2019-04-17 23:13 - 2019-04-17 23:13 - 000000927 _____ C:\Users\Public\Desktop\VLC media player.lnk
2019-04-17 23:13 - 2019-04-17 23:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2019-04-17 23:09 - 2019-04-17 23:09 - 000000000 ____D C:\Users\Jesús Saavedra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2019-04-17 23:09 - 2019-04-17 23:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2019-04-17 23:09 - 2019-04-17 23:09 - 000000000 ____D C:\Program Files\WinRAR
2019-04-17 23:05 - 2019-04-17 23:05 - 004860560 ____C (Krzysztof Kowalczyk) C:\Users\Jesús Saavedra\Downloads\SumatraPDF-3.1.2-install.exe
2019-04-17 23:00 - 2019-04-17 23:02 - 041846888 ____C C:\Users\Jesús Saavedra\Downloads\vlc-3.0.6-win64.exe
2019-04-17 22:59 - 2019-04-17 23:00 - 003147760 ____C (Alexander Roshal) C:\Users\Jesús Saavedra\Downloads\winrar-x64-571b2.exe
2019-04-17 22:45 - 2019-04-17 22:45 - 000274416 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2019-04-17 22:30 - 2019-04-17 22:30 - 000048602 ____C C:\Users\Jesús Saavedra\Desktop\cc_20190417_223017.reg
2019-04-17 22:20 - 2019-04-17 22:20 - 000005559 ____C C:\Users\Jesús Saavedra\Desktop\AdwCleaner[S01].txt
2019-04-17 22:20 - 2019-04-17 22:20 - 000004983 ____C C:\Users\Jesús Saavedra\Desktop\AdwCleaner[C01].txt
2019-04-17 22:03 - 2019-04-17 22:52 - 000004210 _____ C:\WINDOWS\System32\Tasks\CCleaner Update
2019-04-17 22:03 - 2019-04-17 22:03 - 000002912 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2019-04-17 22:03 - 2019-04-17 22:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2019-04-17 22:03 - 2019-04-17 22:03 - 000000000 ____D C:\Program Files\CCleaner
2019-04-17 21:56 - 2019-04-17 21:57 - 021254208 ____C (Piriform Software Ltd) C:\Users\Jesús Saavedra\Desktop\ccsetup556.exe
2019-04-17 20:44 - 2019-04-17 20:46 - 007025360 ____C (Malwarebytes) C:\Users\Jesús Saavedra\Desktop\adwcleaner_7.3.exe
2019-04-17 17:22 - 2019-04-17 17:22 - 000000000 ____D C:\Users\Jesús Saavedra\AppData\Local\mbamtray
2019-04-17 17:22 - 2019-04-17 17:22 - 000000000 ____D C:\Users\Jesús Saavedra\AppData\Local\mbam
2019-04-17 17:21 - 2019-04-17 17:21 - 000198512 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2019-04-17 17:20 - 2019-04-17 17:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-04-17 17:20 - 2019-02-01 12:20 - 000020936 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2019-04-17 17:20 - 2019-01-08 16:32 - 000153328 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2019-04-17 17:19 - 2019-04-17 17:19 - 000000000 ____D C:\Program Files\Malwarebytes
2019-04-17 12:52 - 2019-04-02 04:21 - 007520136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-04-17 12:52 - 2019-04-02 04:01 - 025857536 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-04-17 12:52 - 2019-04-02 01:04 - 006572120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-04-17 12:51 - 2019-04-02 08:19 - 012730880 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2019-04-17 12:51 - 2019-04-02 04:19 - 009083704 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-04-17 12:51 - 2019-04-02 03:53 - 022717440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-04-17 12:51 - 2019-04-02 03:53 - 004384256 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2019-04-17 12:51 - 2019-04-02 03:50 - 007591936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-04-17 12:51 - 2019-04-02 00:56 - 022018048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2019-04-17 12:51 - 2019-04-02 00:50 - 019404800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-04-17 12:51 - 2019-04-02 00:43 - 005788160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-04-17 12:51 - 2019-03-14 04:37 - 006043496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2019-04-17 12:51 - 2019-03-14 04:26 - 007436016 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2019-04-17 12:51 - 2019-03-14 04:01 - 008188928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2019-04-17 12:51 - 2019-03-14 03:58 - 004708864 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2019-04-17 12:51 - 2019-03-06 11:37 - 001616608 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2019-04-17 12:51 - 2019-03-06 04:28 - 004937728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2019-04-17 12:51 - 2019-03-06 01:49 - 004516352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2019-04-17 12:51 - 2019-02-16 08:34 - 004718080 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2019-04-17 12:51 - 2019-02-16 06:24 - 023862272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2019-04-17 12:51 - 2019-02-16 06:22 - 019525120 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2019-04-17 12:51 - 2019-02-16 04:03 - 007901392 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2019-04-17 12:51 - 2019-02-16 04:03 - 005625360 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2019-04-17 12:51 - 2019-02-16 03:36 - 007057408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2019-04-17 12:50 - 2019-04-02 08:33 - 001634912 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2019-04-17 12:50 - 2019-04-02 08:33 - 000719984 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2019-04-17 12:50 - 2019-04-02 08:16 - 001030144 _____ (Microsoft Corporation) C:\WINDOWS\system32\termsrv.dll
2019-04-17 12:50 - 2019-04-02 08:12 - 003643904 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2019-04-17 12:50 - 2019-04-02 08:12 - 001364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2019-04-17 12:50 - 2019-04-02 08:11 - 004053504 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2019-04-17 12:50 - 2019-04-02 08:11 - 001857536 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2019-04-17 12:50 - 2019-04-02 08:11 - 001662976 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2019-04-17 12:50 - 2019-04-02 05:25 - 001454648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2019-04-17 12:50 - 2019-04-02 05:11 - 011919360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2019-04-17 12:50 - 2019-04-02 05:08 - 002889216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2019-04-17 12:50 - 2019-04-02 05:07 - 004054528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2019-04-17 12:50 - 2019-04-02 05:06 - 001470976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2019-04-17 12:50 - 2019-04-02 04:36 - 001035256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-04-17 12:50 - 2019-04-02 04:23 - 001023800 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-04-17 12:50 - 2019-04-02 04:22 - 001219896 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-04-17 12:50 - 2019-04-02 04:21 - 002822160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2019-04-17 12:50 - 2019-04-02 04:21 - 002467536 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2019-04-17 12:50 - 2019-04-02 04:21 - 000735680 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2019-04-17 12:50 - 2019-04-02 04:20 - 002719032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2019-04-17 12:50 - 2019-04-02 04:19 - 000786080 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2019-04-17 12:50 - 2019-04-02 03:51 - 003399680 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-04-17 12:50 - 2019-04-02 03:50 - 000808448 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2019-04-17 12:50 - 2019-04-02 03:48 - 001559552 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-04-17 12:50 - 2019-04-02 03:47 - 000894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2019-04-17 12:50 - 2019-04-02 03:46 - 002174976 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-04-17 12:50 - 2019-04-02 03:44 - 002208768 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2019-04-17 12:50 - 2019-04-02 01:05 - 001989544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2019-04-17 12:50 - 2019-04-02 01:04 - 000604008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2019-04-17 12:50 - 2019-04-02 00:43 - 000608768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2019-04-17 12:50 - 2019-04-02 00:40 - 000534016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2019-04-17 12:50 - 2019-03-14 10:52 - 003933296 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2019-04-17 12:50 - 2019-03-14 10:30 - 000440832 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2019-04-17 12:50 - 2019-03-14 10:29 - 000882688 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmartcardCredentialProvider.dll
2019-04-17 12:50 - 2019-03-14 10:08 - 003611264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2019-04-17 12:50 - 2019-03-14 09:53 - 000375808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll
2019-04-17 12:50 - 2019-03-14 04:57 - 000611640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2019-04-17 12:50 - 2019-03-14 04:37 - 002256248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2019-04-17 12:50 - 2019-03-14 04:37 - 001171568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2019-04-17 12:50 - 2019-03-14 04:26 - 002768448 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2019-04-17 12:50 - 2019-03-14 04:26 - 002421048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2019-04-17 12:50 - 2019-03-14 04:26 - 001457576 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-04-17 12:50 - 2019-03-14 04:26 - 001258688 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-04-17 12:50 - 2019-03-14 04:26 - 001140984 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2019-04-17 12:50 - 2019-03-14 04:26 - 001014344 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2019-04-17 12:50 - 2019-03-14 04:26 - 000983424 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2019-04-17 12:50 - 2019-03-14 04:26 - 000481048 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase_enclave.dll
2019-04-17 12:50 - 2019-03-14 04:22 - 002700288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2019-04-17 12:50 - 2019-03-14 04:20 - 006661632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2019-04-17 12:50 - 2019-03-14 04:19 - 003711488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2019-04-17 12:50 - 2019-03-14 04:19 - 002969600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2019-04-17 12:50 - 2019-03-14 04:18 - 005307392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2019-04-17 12:50 - 2019-03-14 04:17 - 002258944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2019-04-17 12:50 - 2019-03-14 04:14 - 001070080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2019-04-17 12:50 - 2019-03-14 04:13 - 000669696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2019-04-17 12:50 - 2019-03-14 03:58 - 002509824 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe
2019-04-17 12:50 - 2019-03-14 03:58 - 000150016 _____ (Microsoft Corporation) C:\WINDOWS\system32\fcon.dll
2019-04-17 12:50 - 2019-03-14 03:57 - 004866560 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2019-04-17 12:50 - 2019-03-14 03:56 - 003392000 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2019-04-17 12:50 - 2019-03-14 03:55 - 003601920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Service.dll
2019-04-17 12:50 - 2019-03-14 03:55 - 002739200 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2019-04-17 12:50 - 2019-03-14 03:54 - 002368000 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2019-04-17 12:50 - 2019-03-14 03:54 - 000566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2019-04-17 12:50 - 2019-03-14 03:52 - 002909696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2019-04-17 12:50 - 2019-03-14 03:52 - 000532992 _____ (Microsoft Corporation) C:\WINDOWS\system32\QuietHours.dll
2019-04-17 12:50 - 2019-03-14 03:51 - 001216000 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2019-04-17 12:50 - 2019-03-14 03:51 - 001058304 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2019-04-17 12:50 - 2019-03-14 03:50 - 001410560 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2019-04-17 12:50 - 2019-03-14 03:50 - 000947200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2019-04-17 12:50 - 2019-03-14 03:50 - 000847360 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2019-04-17 12:50 - 2019-03-14 03:50 - 000776192 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2019-04-17 12:50 - 2019-03-14 03:50 - 000507392 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2019-04-17 12:50 - 2019-03-13 21:57 - 000352768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2019-04-17 12:50 - 2019-03-06 11:14 - 001180672 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2019-04-17 12:50 - 2019-03-06 05:16 - 001188000 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2019-04-17 12:50 - 2019-03-06 05:16 - 000776792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2019-04-17 12:50 - 2019-03-06 05:04 - 000628024 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpx.dll
2019-04-17 12:50 - 2019-03-06 04:31 - 001826816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
2019-04-17 12:50 - 2019-03-06 04:29 - 002364928 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpcServices.dll
2019-04-17 12:50 - 2019-03-06 04:28 - 001803776 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2019-04-17 12:50 - 2019-03-06 02:14 - 000785568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2019-04-17 12:50 - 2019-03-06 02:14 - 000450872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpx.dll
2019-04-17 12:50 - 2019-03-06 01:50 - 001628160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2019-04-17 12:50 - 2019-03-06 01:50 - 001347584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpcServices.dll
2019-04-17 12:50 - 2019-02-16 09:02 - 002871304 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2019-04-17 12:50 - 2019-02-16 09:02 - 001644040 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2019-04-17 12:50 - 2019-02-16 09:02 - 000808456 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2019-04-17 12:50 - 2019-02-16 09:02 - 000735752 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2019-04-17 12:50 - 2019-02-16 09:02 - 000620040 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2019-04-17 12:50 - 2019-02-16 09:02 - 000460296 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2019-04-17 12:50 - 2019-02-16 09:02 - 000322568 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2019-04-17 12:50 - 2019-02-16 09:02 - 000147464 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2019-04-17 12:50 - 2019-02-16 08:57 - 001048472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2019-04-17 12:50 - 2019-02-16 08:56 - 000549520 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppResolver.dll
2019-04-17 12:50 - 2019-02-16 08:53 - 001516416 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2019-04-17 12:50 - 2019-02-16 08:34 - 001725952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2019-04-17 12:50 - 2019-02-16 08:33 - 001786880 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
2019-04-17 12:50 - 2019-02-16 08:32 - 002051072 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
2019-04-17 12:50 - 2019-02-16 08:31 - 001271808 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll
2019-04-17 12:50 - 2019-02-16 08:30 - 002019840 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2019-04-17 12:50 - 2019-02-16 08:22 - 001322176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2019-04-17 12:50 - 2019-02-16 08:06 - 001530880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2019-04-17 12:50 - 2019-02-16 04:16 - 000511800 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2019-04-17 12:50 - 2019-02-16 04:15 - 000505656 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2019-04-17 12:50 - 2019-02-16 04:03 - 000510288 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2019-04-17 12:50 - 2019-02-16 04:02 - 005821440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2019-04-17 12:50 - 2019-02-16 04:02 - 003291632 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2019-04-17 12:50 - 2019-02-16 04:02 - 001934800 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2019-04-17 12:50 - 2019-02-16 04:02 - 001792712 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2019-04-17 12:50 - 2019-02-16 04:01 - 001209696 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2019-04-17 12:50 - 2019-02-16 04:01 - 000594024 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2019-04-17 12:50 - 2019-02-16 03:57 - 000383288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2019-04-17 12:50 - 2019-02-16 03:51 - 002479168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2019-04-17 12:50 - 2019-02-16 03:51 - 001584536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll
2019-04-17 12:50 - 2019-02-16 03:50 - 001805648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2019-04-17 12:50 - 2019-02-16 03:50 - 001011872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2019-04-17 12:50 - 2019-02-16 03:37 - 009084928 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2019-04-17 12:50 - 2019-02-16 03:34 - 005883904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2019-04-17 12:50 - 2019-02-16 03:33 - 006646784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2019-04-17 12:50 - 2019-02-16 03:31 - 002825728 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapGeocoder.dll
#12
2019-04-17 12:50 - 2019-02-16 03:29 - 001768448 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2019-04-17 12:50 - 2019-02-16 03:28 - 003381248 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapRouter.dll
2019-04-17 12:50 - 2019-02-16 03:28 - 002585600 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2019-04-17 12:50 - 2019-02-16 03:28 - 001668096 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdprt.dll
2019-04-17 12:50 - 2019-02-16 03:27 - 001364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpasvc.dll
2019-04-17 12:50 - 2019-02-16 03:27 - 000686592 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2019-04-17 12:50 - 2019-02-16 03:26 - 001459712 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2019-04-17 12:50 - 2019-02-16 03:26 - 001225216 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2019-04-17 12:50 - 2019-02-16 03:26 - 000943616 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingOnlineServices.dll
2019-04-17 12:50 - 2019-02-16 03:26 - 000935424 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2019-04-17 12:50 - 2019-02-16 03:25 - 000884224 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2019-04-17 12:49 - 2019-04-02 08:38 - 000094008 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2019-04-17 12:49 - 2019-04-02 08:18 - 000059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
2019-04-17 12:49 - 2019-04-02 08:13 - 001605632 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2019-04-17 12:49 - 2019-04-02 08:10 - 000130048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\luafv.sys
2019-04-17 12:49 - 2019-04-02 08:10 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\sxssrv.dll
2019-04-17 12:49 - 2019-04-02 05:25 - 000607960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2019-04-17 12:49 - 2019-04-02 05:11 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf3216.dll
2019-04-17 12:49 - 2019-04-02 05:07 - 001586688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2019-04-17 12:49 - 2019-04-02 04:24 - 000135184 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2019-04-17 12:49 - 2019-04-02 04:22 - 000567592 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2019-04-17 12:49 - 2019-04-02 04:22 - 000076088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2019-04-17 12:49 - 2019-04-02 04:20 - 000412984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2019-04-17 12:49 - 2019-04-02 04:19 - 000793400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2019-04-17 12:49 - 2019-04-02 04:19 - 000713272 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2019-04-17 12:49 - 2019-04-02 03:49 - 001307648 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2019-04-17 12:49 - 2019-04-02 03:48 - 000310272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys
2019-04-17 12:49 - 2019-04-02 03:45 - 000323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2019-04-17 12:49 - 2019-04-02 03:44 - 001724416 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpserverbase.dll
2019-04-17 12:49 - 2019-04-02 03:44 - 001421312 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpbase.dll
2019-04-17 12:49 - 2019-04-02 03:43 - 000542720 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2019-04-17 12:49 - 2019-04-02 01:04 - 000581832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
2019-04-17 12:49 - 2019-04-02 01:04 - 000560600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2019-04-17 12:49 - 2019-04-02 00:42 - 001295360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2019-04-17 12:49 - 2019-04-02 00:41 - 001540096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpserverbase.dll
2019-04-17 12:49 - 2019-04-02 00:41 - 001235968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpbase.dll
2019-04-17 12:49 - 2019-03-16 08:54 - 001008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MixedRealityCapture.dll
2019-04-17 12:49 - 2019-03-14 10:51 - 000157192 _____ (Microsoft Corporation) C:\WINDOWS\system32\consent.exe
2019-04-17 12:49 - 2019-03-14 10:33 - 000182784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpdr.sys
2019-04-17 12:49 - 2019-03-14 10:33 - 000082432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storqosflt.sys
2019-04-17 12:49 - 2019-03-14 10:30 - 000675328 _____ (Microsoft Corporation) C:\WINDOWS\system32\objsel.dll
2019-04-17 12:49 - 2019-03-14 10:28 - 000560640 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsound.dll
2019-04-17 12:49 - 2019-03-14 09:53 - 000625664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SmartcardCredentialProvider.dll
2019-04-17 12:49 - 2019-03-14 09:52 - 000502784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dsound.dll
2019-04-17 12:49 - 2019-03-14 04:56 - 000375096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2019-04-17 12:49 - 2019-03-14 04:38 - 000380728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2019-04-17 12:49 - 2019-03-14 04:38 - 000090360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mpr.dll
2019-04-17 12:49 - 2019-03-14 04:28 - 000152072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys
2019-04-17 12:49 - 2019-03-14 04:27 - 000436024 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2019-04-17 12:49 - 2019-03-14 04:27 - 000097600 _____ (Microsoft Corporation) C:\WINDOWS\system32\mpr.dll
2019-04-17 12:49 - 2019-03-14 04:26 - 000175416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spacedump.sys
2019-04-17 12:49 - 2019-03-14 04:18 - 000095744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2019-04-17 12:49 - 2019-03-14 04:17 - 000561152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2019-04-17 12:49 - 2019-03-14 04:17 - 000288768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2019-04-17 12:49 - 2019-03-14 04:17 - 000261632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll
2019-04-17 12:49 - 2019-03-14 04:17 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntlanman.dll
2019-04-17 12:49 - 2019-03-14 04:16 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2019-04-17 12:49 - 2019-03-14 04:16 - 000333824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2019-04-17 12:49 - 2019-03-14 04:15 - 000415744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2019-04-17 12:49 - 2019-03-14 04:15 - 000318464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll
2019-04-17 12:49 - 2019-03-14 04:15 - 000102400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\negoexts.dll
2019-04-17 12:49 - 2019-03-14 04:14 - 000856576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2019-04-17 12:49 - 2019-03-14 04:14 - 000735744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2019-04-17 12:49 - 2019-03-14 04:14 - 000345088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2019-04-17 12:49 - 2019-03-14 04:14 - 000330752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.Workflow.dll
2019-04-17 12:49 - 2019-03-14 04:14 - 000138240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\smartscreenps.dll
2019-04-17 12:49 - 2019-03-14 04:13 - 001468416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2019-04-17 12:49 - 2019-03-14 04:13 - 000145408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2019-04-17 12:49 - 2019-03-14 03:57 - 000106496 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationControllerPS.dll
2019-04-17 12:49 - 2019-03-14 03:56 - 000120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2019-04-17 12:49 - 2019-03-14 03:55 - 000528896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2019-04-17 12:49 - 2019-03-14 03:55 - 000458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2019-04-17 12:49 - 2019-03-14 03:55 - 000414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cldflt.sys
2019-04-17 12:49 - 2019-03-14 03:55 - 000069120 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntlanman.dll
2019-04-17 12:49 - 2019-03-14 03:55 - 000062976 _____ (Microsoft Corporation) C:\WINDOWS\system32\EASPolicyManagerBrokerHost.exe
2019-04-17 12:49 - 2019-03-14 03:54 - 000395776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2019-04-17 12:49 - 2019-03-14 03:54 - 000354304 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
2019-04-17 12:49 - 2019-03-14 03:54 - 000279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll
2019-04-17 12:49 - 2019-03-14 03:54 - 000273408 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2019-04-17 12:49 - 2019-03-14 03:54 - 000227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2019-04-17 12:49 - 2019-03-14 03:54 - 000118784 _____ (Microsoft Corporation) C:\WINDOWS\system32\negoexts.dll
2019-04-17 12:49 - 2019-03-14 03:54 - 000110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcpopkeysrv.dll
2019-04-17 12:49 - 2019-03-14 03:53 - 000787968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2019-04-17 12:49 - 2019-03-14 03:53 - 000473600 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2019-04-17 12:49 - 2019-03-14 03:53 - 000456192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.Workflow.dll
2019-04-17 12:49 - 2019-03-14 03:52 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreenps.dll
2019-04-17 12:49 - 2019-03-14 03:51 - 000226304 _____ (Microsoft Corporation) C:\WINDOWS\system32\TetheringMgr.dll
2019-04-17 12:49 - 2019-03-14 03:50 - 001587712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2019-04-17 12:49 - 2019-03-14 03:50 - 000796672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2019-04-17 12:49 - 2019-03-14 03:50 - 000406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2019-04-17 12:49 - 2019-03-14 03:50 - 000176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2019-04-17 12:49 - 2019-03-13 21:57 - 001311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2019-04-17 12:49 - 2019-03-13 21:57 - 000340992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2019-04-17 12:49 - 2019-03-06 11:36 - 001047352 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2019-04-17 12:49 - 2019-03-06 11:17 - 000810496 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2019-04-17 12:49 - 2019-03-06 11:14 - 000522240 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2019-04-17 12:49 - 2019-03-06 11:14 - 000488448 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2019-04-17 12:49 - 2019-03-06 11:12 - 001180672 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2019-04-17 12:49 - 2019-03-06 08:18 - 000918032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2019-04-17 12:49 - 2019-03-06 08:06 - 000425472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2019-04-17 12:49 - 2019-03-06 08:04 - 000423936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2019-04-17 12:49 - 2019-03-06 05:16 - 000722744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll
2019-04-17 12:49 - 2019-03-06 05:16 - 000527160 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe
2019-04-17 12:49 - 2019-03-06 05:11 - 000493880 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2019-04-17 12:49 - 2019-03-06 05:10 - 000248880 _____ (Microsoft Corporation) C:\WINDOWS\system32\weretw.dll
2019-04-17 12:49 - 2019-03-06 05:07 - 000376120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2019-04-17 12:49 - 2019-03-06 05:05 - 000439224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2019-04-17 12:49 - 2019-03-06 05:05 - 000159864 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
2019-04-17 12:49 - 2019-03-06 05:04 - 000945464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refsv1.sys
2019-04-17 12:49 - 2019-03-06 05:03 - 001921848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refs.sys
2019-04-17 12:49 - 2019-03-06 05:03 - 000375608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msrpc.sys
2019-04-17 12:49 - 2019-03-06 05:02 - 000626488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2019-04-17 12:49 - 2019-03-06 04:33 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidparse.sys
2019-04-17 12:49 - 2019-03-06 04:32 - 000358912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\exfat.sys
2019-04-17 12:49 - 2019-03-06 04:31 - 000324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\udfs.sys
2019-04-17 12:49 - 2019-03-06 04:31 - 000266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2019-04-17 12:49 - 2019-03-06 04:29 - 000736256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2019-04-17 12:49 - 2019-03-06 04:26 - 000073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\npfs.sys
2019-04-17 12:49 - 2019-03-06 04:26 - 000031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msfs.sys
2019-04-17 12:49 - 2019-03-06 04:25 - 000093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cdfs.sys
2019-04-17 12:49 - 2019-03-06 02:17 - 000146712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe
2019-04-17 12:49 - 2019-03-06 02:15 - 000434488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2019-04-17 12:49 - 2019-03-06 02:14 - 000665224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2019-04-17 12:49 - 2019-03-06 02:13 - 000607248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wimgapi.dll
2019-04-17 12:49 - 2019-02-20 23:26 - 000313344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd2x40.dll
2019-04-17 12:49 - 2019-02-16 09:02 - 000071176 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll
2019-04-17 12:49 - 2019-02-16 08:57 - 000506088 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2019-04-17 12:49 - 2019-02-16 08:56 - 000540984 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2019-04-17 12:49 - 2019-02-16 08:34 - 000302080 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcLayers.dll
2019-04-17 12:49 - 2019-02-16 08:31 - 001003520 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2019-04-17 12:49 - 2019-02-16 08:31 - 000861184 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprddm.dll
2019-04-17 12:49 - 2019-02-16 08:31 - 000615424 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2019-04-17 12:49 - 2019-02-16 08:29 - 000091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcbuilder.exe
2019-04-17 12:49 - 2019-02-16 08:24 - 000444176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppResolver.dll
2019-04-17 12:49 - 2019-02-16 08:08 - 000373760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcLayers.dll
2019-04-17 12:49 - 2019-02-16 08:07 - 001307648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll
2019-04-17 12:49 - 2019-02-16 08:07 - 000484352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll
2019-04-17 12:49 - 2019-02-16 08:06 - 001451520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll
2019-04-17 12:49 - 2019-02-16 08:06 - 000774656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2019-04-17 12:49 - 2019-02-16 08:06 - 000765952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mprddm.dll
2019-04-17 12:49 - 2019-02-16 04:15 - 000035640 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2019-04-17 12:49 - 2019-02-16 04:05 - 000087800 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskhostw.exe
2019-04-17 12:49 - 2019-02-16 04:04 - 000193032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys
2019-04-17 12:49 - 2019-02-16 04:02 - 000705848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2019-04-17 12:49 - 2019-02-16 04:02 - 000432952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2019-04-17 12:49 - 2019-02-16 04:02 - 000413712 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2019-04-17 12:49 - 2019-02-16 04:01 - 001285424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2019-04-17 12:49 - 2019-02-16 04:01 - 001098056 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2019-04-17 12:49 - 2019-02-16 04:01 - 001028920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2019-04-17 12:49 - 2019-02-16 04:01 - 000641984 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp_win.dll
2019-04-17 12:49 - 2019-02-16 04:01 - 000527160 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2019-04-17 12:49 - 2019-02-16 04:01 - 000335672 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2019-04-17 12:49 - 2019-02-16 04:01 - 000161664 _____ (Microsoft Corporation) C:\WINDOWS\system32\RTWorkQ.dll
2019-04-17 12:49 - 2019-02-16 03:53 - 000443632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2019-04-17 12:49 - 2019-02-16 03:51 - 000170952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RTWorkQ.dll
2019-04-17 12:49 - 2019-02-16 03:50 - 001130568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2019-04-17 12:49 - 2019-02-16 03:50 - 000504072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp_win.dll
2019-04-17 12:49 - 2019-02-16 03:33 - 000054272 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredentialMigrationHandler.dll
2019-04-17 12:49 - 2019-02-16 03:33 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredentialMigrationHandler.dll
2019-04-17 12:49 - 2019-02-16 03:31 - 000126976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srpapi.dll
2019-04-17 12:49 - 2019-02-16 03:30 - 002449408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapRouter.dll
2019-04-17 12:49 - 2019-02-16 03:30 - 001986560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapGeocoder.dll
2019-04-17 12:49 - 2019-02-16 03:30 - 001124352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdprt.dll
2019-04-17 12:49 - 2019-02-16 03:30 - 000530432 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2019-04-17 12:49 - 2019-02-16 03:30 - 000145920 _____ (Microsoft Corporation) C:\WINDOWS\system32\srpapi.dll
2019-04-17 12:49 - 2019-02-16 03:29 - 000304128 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2019-04-17 12:49 - 2019-02-16 03:28 - 000713216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingOnlineServices.dll
2019-04-17 12:49 - 2019-02-16 03:28 - 000705024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2019-04-17 12:49 - 2019-02-16 03:28 - 000528384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2019-04-17 12:49 - 2019-02-16 03:27 - 000729088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
2019-04-17 12:49 - 2019-02-16 03:25 - 000652800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2019-04-17 12:48 - 2019-04-02 08:19 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2019-04-17 12:48 - 2019-04-02 08:15 - 000140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleprn.dll
2019-04-17 12:48 - 2019-04-02 05:10 - 000117760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleprn.dll
2019-04-17 12:48 - 2019-04-02 03:49 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2019-04-17 12:48 - 2019-04-02 03:48 - 000154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2019-04-17 12:48 - 2019-04-02 03:47 - 001214464 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2019-04-17 12:48 - 2019-04-02 02:22 - 000001312 _____ C:\WINDOWS\system32\tcbres.wim
2019-04-17 12:48 - 2019-04-02 00:43 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2019-04-17 12:48 - 2019-04-02 00:41 - 000230912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2019-04-17 12:48 - 2019-04-02 00:40 - 001073664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2019-04-17 12:48 - 2019-03-16 05:03 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MixedRealityCapture.dll
2019-04-17 12:48 - 2019-03-14 10:35 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfoext.dll
2019-04-17 12:48 - 2019-03-14 10:34 - 000127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2019-04-17 12:48 - 2019-03-14 10:33 - 000030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\RpcPing.exe
2019-04-17 12:48 - 2019-03-14 10:31 - 000198656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincredui.dll
2019-04-17 12:48 - 2019-03-14 09:56 - 000160768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincredui.dll
2019-04-17 12:48 - 2019-03-14 09:55 - 000026624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RpcPing.exe
2019-04-17 12:48 - 2019-03-14 09:53 - 000559104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\objsel.dll
2019-04-17 12:48 - 2019-03-14 04:18 - 000035840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credui.dll
2019-04-17 12:48 - 2019-03-14 04:18 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2019-04-17 12:48 - 2019-03-14 04:17 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wcmapi.dll
2019-04-17 12:48 - 2019-03-14 04:15 - 000195072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShellCommonCommonProxyStub.dll
2019-04-17 12:48 - 2019-03-14 04:14 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2019-04-17 12:48 - 2019-03-14 03:56 - 000144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2019-04-17 12:48 - 2019-03-14 03:56 - 000055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\msscntrs.dll
2019-04-17 12:48 - 2019-03-14 03:56 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2019-04-17 12:48 - 2019-03-14 03:55 - 000141312 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentActivation.dll
2019-04-17 12:48 - 2019-03-14 03:55 - 000134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmapi.dll
2019-04-17 12:48 - 2019-03-14 03:55 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncCsp.dll
2019-04-17 12:48 - 2019-03-14 03:55 - 000048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\credui.dll
2019-04-17 12:48 - 2019-03-14 03:54 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2019-04-17 12:48 - 2019-03-14 03:53 - 000726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2019-04-17 12:48 - 2019-03-14 03:52 - 000404480 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShellCommonCommonProxyStub.dll
2019-04-17 12:48 - 2019-03-13 21:57 - 000475648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxbde40.dll
2019-04-17 12:48 - 2019-03-13 21:57 - 000375808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspbde40.dll
2019-04-17 12:48 - 2019-03-06 11:17 - 000116736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bridge.sys
2019-04-17 12:48 - 2019-03-06 01:51 - 000032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werdiagcontroller.dll
2019-04-17 12:48 - 2019-02-16 08:30 - 000877568 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2019-04-17 12:48 - 2019-02-16 08:29 - 000174080 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngOnline.dll
2019-04-17 12:48 - 2019-02-16 08:04 - 000080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mcbuilder.exe
2019-04-17 12:48 - 2019-02-16 03:32 - 000173568 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseModernAppMgmtCSP.dll
2019-04-17 12:48 - 2019-02-16 03:31 - 000392704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2019-04-17 12:48 - 2019-02-16 03:30 - 000357888 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppLockerCSP.dll
2019-04-17 12:48 - 2019-02-16 03:30 - 000254464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppLockerCSP.dll
2019-04-17 12:48 - 2019-02-16 03:26 - 000401920 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2019-04-17 07:29 - 2019-04-17 07:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2019-04-17 07:07 - 2019-04-17 07:07 - 000002264 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth Pro.lnk
2019-04-17 07:07 - 2019-04-17 07:07 - 000002252 _____ C:\Users\Public\Desktop\Google Earth Pro.lnk
2019-04-16 19:13 - 2019-04-16 19:14 - 000000000 ___DC C:\Users\Jesús Saavedra\Desktop\En NotreDame y una en Londres
2019-04-12 10:28 - 2019-04-12 10:28 - 000986029 ____C C:\Users\Jesús Saavedra\Desktop\INVIGALLC.pdf
2019-04-12 10:28 - 2019-04-12 10:28 - 000501970 ____C C:\Users\Jesús Saavedra\Desktop\INVIGALLC 8879.pdf
2019-04-12 07:37 - 2019-04-18 08:16 - 000003352 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleForJesús I. Saavedra
2019-04-12 07:37 - 2019-04-18 08:16 - 000000412 _____ C:\WINDOWS\Tasks\HPCeeScheduleForJesús I. Saavedra.job
2019-04-10 12:27 - 2019-04-10 12:27 - 001383208 ____C C:\Users\Jesús Saavedra\Desktop\Documento Registro Los Apamates 2B.pdf
2019-04-05 07:52 - 2019-04-05 07:52 - 000051024 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2019-04-05 07:52 - 2019-04-05 07:52 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2019-04-05 07:52 - 2019-04-05 07:52 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2019-04-05 07:52 - 2019-04-05 07:52 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-04-18 08:59 - 2018-04-11 19:38 - 000000000 ____D C:\WINDOWS\system32\NDF
2019-04-18 08:59 - 2018-04-11 19:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-04-18 08:09 - 2018-04-11 19:36 - 000000000 ____D C:\WINDOWS\INF
2019-04-17 23:51 - 2018-06-13 16:17 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-04-17 23:11 - 2013-10-08 13:38 - 000000000 ___DC C:\Program Files\VideoLAN
2019-04-17 22:48 - 2014-09-10 22:03 - 000000064 _____ C:\WINDOWS\SysWOW64\rp_stats.dat
2019-04-17 22:48 - 2014-09-10 22:03 - 000000044 _____ C:\WINDOWS\SysWOW64\rp_rules.dat
2019-04-17 22:45 - 2018-06-13 17:33 - 000003742 _____ C:\WINDOWS\System32\Tasks\Ad-Aware Update (Weekly)
2019-04-17 22:43 - 2018-06-13 17:33 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-04-17 22:42 - 2018-04-11 17:04 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2019-04-17 21:08 - 2015-04-03 10:33 - 000000000 ___DC C:\AdwCleaner
2019-04-17 20:30 - 2017-04-12 17:46 - 000000000 ___DC C:\Users\Jesús Saavedra\Desktop\Adobe Acrobat XI
2019-04-17 20:30 - 2014-10-26 17:50 - 000000000 ___DC C:\Users\Jesús Saavedra\AppData\Local\JDownloader 2.0
2019-04-17 20:25 - 2018-06-13 19:43 - 000817014 _____ C:\WINDOWS\system32\perfh00A.dat
2019-04-17 20:25 - 2018-06-13 19:43 - 000169330 _____ C:\WINDOWS\system32\perfc00A.dat
2019-04-17 20:25 - 2018-06-13 16:23 - 001858730 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-04-17 17:20 - 2018-04-11 19:38 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2019-04-17 17:20 - 2018-04-04 10:40 - 000001923 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2019-04-17 17:20 - 2015-04-03 10:52 - 000000000 ___DC C:\ProgramData\Malwarebytes
2019-04-17 14:49 - 2018-04-11 19:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-04-17 14:43 - 2018-06-13 16:17 - 000415896 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-04-17 14:41 - 2019-02-12 13:51 - 000000726 _____ C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-921242894-1989990284-1724683343-1000.job
2019-04-17 14:41 - 2019-02-12 13:51 - 000000630 _____ C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-921242894-1989990284-1724683343-1000.job
2019-04-17 14:37 - 2018-04-11 19:38 - 000000000 ___SD C:\WINDOWS\system32\UNP
2019-04-17 14:37 - 2018-04-11 19:38 - 000000000 ____D C:\WINDOWS\TextInput
2019-04-17 14:37 - 2018-04-11 19:38 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX
2019-04-17 14:37 - 2018-04-11 19:38 - 000000000 ____D C:\WINDOWS\system32\oobe
2019-04-17 14:37 - 2018-04-11 19:38 - 000000000 ____D C:\WINDOWS\system32\es-MX
2019-04-17 14:37 - 2018-04-11 19:38 - 000000000 ____D C:\WINDOWS\system32\appraiser
2019-04-17 14:36 - 2018-04-11 19:38 - 000000000 ___RD C:\Program Files\Windows Defender
2019-04-17 14:36 - 2018-04-11 19:38 - 000000000 ____D C:\WINDOWS\ShellExperiences
2019-04-17 14:36 - 2018-04-11 19:38 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-04-17 14:36 - 2018-04-11 19:38 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2019-04-17 14:30 - 2018-06-13 16:24 - 000000000 ____D C:\Users\Jesús Saavedra
2019-04-17 13:45 - 2019-02-12 13:51 - 000003918 _____ C:\WINDOWS\System32\Tasks\G2MUploadTask-S-1-5-21-921242894-1989990284-1724683343-1000
2019-04-17 13:45 - 2019-02-12 13:51 - 000003822 _____ C:\WINDOWS\System32\Tasks\G2MUpdateTask-S-1-5-21-921242894-1989990284-1724683343-1000
2019-04-17 13:45 - 2019-02-12 13:51 - 000000000 ____D C:\Users\Jesús Saavedra\AppData\Local\GoToMeeting
2019-04-17 13:41 - 2018-04-11 19:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-04-17 13:24 - 2018-04-11 19:38 - 000000000 ___HD C:\Program Files\WindowsApps
2019-04-17 12:36 - 2009-07-13 22:34 - 000000513 _____ C:\WINDOWS\win.ini
2019-04-17 12:33 - 2018-09-03 09:48 - 000000000 ____D C:\WINDOWS\Minidump
2019-04-17 11:29 - 2013-07-19 10:06 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-04-17 11:29 - 2012-03-14 15:24 - 131129288 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-04-17 09:09 - 2018-03-03 17:35 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2019-04-17 09:08 - 2017-09-29 07:09 - 000000000 ____D C:\Program Files\rempl
2019-04-17 07:31 - 2016-03-30 10:08 - 000000000 ___DC C:\Program Files (x86)\Dropbox
2019-04-17 07:21 - 2015-06-23 12:21 - 000002310 ____C C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-04-17 07:07 - 2011-11-09 03:15 - 000000000 ___DC C:\Program Files\Google
2019-04-16 10:57 - 2018-06-13 17:33 - 000003554 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2019-04-16 10:57 - 2018-06-13 17:33 - 000003430 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2019-04-14 09:18 - 2016-11-29 09:05 - 000013773 ____C C:\Users\Jesús Saavedra\Desktop\COSAS A HACER HOY 9Nov2018.txt
2019-04-11 07:46 - 2017-12-21 15:24 - 000000000 ____D C:\Users\Jesús Saavedra\AppData\Local\Packages
2019-04-10 18:46 - 2015-03-03 11:16 - 000000000 ___DC C:\Users\Jesús Saavedra\Documents\CUENTAS Jesús, Norma y Astrid
2019-04-10 11:09 - 2018-04-24 13:04 - 000000000 ____D C:\Program Files\Mozilla Firefox
2019-04-10 11:09 - 2015-05-05 14:54 - 000000000 ___DC C:\Program Files (x86)\Mozilla Maintenance Service
2019-04-08 11:47 - 2018-04-24 13:05 - 000001016 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2019-04-08 11:47 - 2016-11-19 07:30 - 000000000 ___DC C:\Users\Jesús Saavedra\AppData\LocalLow\Mozilla
2019-04-01 13:51 - 2018-11-16 22:51 - 000835480 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2019-04-01 13:51 - 2018-11-16 22:51 - 000179608 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2019-03-28 11:52 - 2012-04-22 23:59 - 000000000 ___DC C:\Users\Jesús Saavedra\Documents\SPE

==================== Files in the root of some directories =======

2009-08-04 13:54 - 2009-08-04 13:54 - 000000087 ____C () C:\Program Files (x86)\AUTORUN.INF
2009-01-23 15:25 - 2015-09-08 15:45 - 000184320 ____C () C:\Program Files (x86)\SecSNMP.dll
2006-12-21 22:14 - 2006-12-21 22:14 - 000016948 ____C () C:\Program Files (x86)\Setup.dat
2009-08-11 18:18 - 2009-08-11 18:18 - 000777320 ____C () C:\Program Files (x86)\Setup.exe
2006-09-01 18:35 - 2015-09-08 15:46 - 004218880 ____C () C:\Program Files (x86)\Ssres.dll
2015-03-31 04:14 - 2015-03-31 04:14 - 000005655 ____C () C:\Users\Jesús Saavedra\AppData\Roaming\aTc838ba8Cr1dirnHZk2UfF7x
2015-03-31 04:14 - 2015-03-31 04:14 - 000004387 ____C () C:\Users\Jesús Saavedra\AppData\Roaming\NX8DdnnvtqOBLE9F
2013-05-11 23:12 - 2018-02-20 13:00 - 000000385 ____C () C:\Users\Jesús Saavedra\AppData\Roaming\Rim.Desktop.Exception.log
2013-05-11 21:45 - 2013-05-12 04:35 - 000002257 ____C () C:\Users\Jesús Saavedra\AppData\Roaming\Rim.Desktop.HttpServerSetup.log
2013-05-11 23:12 - 2018-02-20 13:00 - 000000385 ____C () C:\Users\Jesús Saavedra\AppData\Roaming\Rim.DesktopHelper.Exception.log
2013-11-02 14:38 - 2013-11-02 14:38 - 000720465 ____C () C:\Users\Jesús Saavedra\AppData\Roaming\unins000.exe
2014-12-05 16:02 - 2014-11-30 13:11 - 000109120 _RSHC (Un4seen Developments) C:\Users\Jesús Saavedra\AppData\Roaming\Microsoft\clog.txt
2015-05-05 10:17 - 2015-05-05 10:17 - 000000287 ____C () C:\Users\Jesús Saavedra\AppData\Local\DelUnist.bat
2012-11-17 21:29 - 2012-11-17 21:29 - 000027520 ____C () C:\Users\Jesús Saavedra\AppData\Local\dt.dat
2016-07-17 11:41 - 2016-07-17 11:41 - 000000017 ____C () C:\Users\Jesús Saavedra\AppData\Local\resmon.resmoncfg
2018-04-01 14:25 - 2018-04-01 14:25 - 000000003 _____ () C:\Users\Jesús Saavedra\AppData\Local\wbem.ini
2019-02-08 12:35 - 2019-02-08 12:35 - 000000000 _____ () C:\Users\Jesús Saavedra\AppData\Local\{5E41F176-7348-4459-A3E1-B084FA761ED0}

Some files in TEMP:
====================
2019-04-17 23:06 - 2014-10-18 22:32 - 000242272 _____ (Krzysztof Kowalczyk) C:\Users\Jesús Saavedra\AppData\Local\Temp\sum~inst.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\dllhost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\dllhost.exe => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-06-13 16:16

==================== End of FRST.txt ============================
#13
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17.04.2019
Ran by Jesús I. Saavedra (18-04-2019 09:11:29)
Running from C:\Users\Jesús Saavedra\Desktop
Windows 10 Home Version 1803 17134.706 (X64) (2018-06-13 21:36:14)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-921242894-1989990284-1724683343-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-921242894-1989990284-1724683343-503 - Limited - Disabled)
Guest (S-1-5-21-921242894-1989990284-1724683343-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-921242894-1989990284-1724683343-1002 - Limited - Enabled)
Jesús I. Saavedra (S-1-5-21-921242894-1989990284-1724683343-1000 - Administrator - Enabled) => C:\Users\Jesús Saavedra
Temporal Europa (S-1-5-21-921242894-1989990284-1724683343-1003 - Limited - Enabled) => C:\Users\Temporal Europa
WDAGUtilityAccount (S-1-5-21-921242894-1989990284-1724683343-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Lavasoft Ad-Watch Live! Antivirus (Disabled - Up to date) {DAAC1C79-1A96-9DFE-FC4C-6940214C33E6}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Disabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Lavasoft Ad-Watch Live! (Disabled - Up to date) {61CDFD9D-3CAC-9270-C6FC-52325ACB795B}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-921242894-1989990284-1724683343-1000\...\uTorrent) (Version: 3.5.0.43916 - BitTorrent Inc.)
64 Bit HP CIO Components Installer (HKLM\...\{FF21C3E6-97FD-474F-9518-8DCBE94C2854}) (Version: 7.2.8 - Hewlett-Packard) Hidden
Ad-Aware (HKLM-x32\...\{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}) (Version: 8.3.0 - Lavasoft) Hidden
Adobe Flash Player 30 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 30.0.0.154 - Adobe Systems Incorporated)
Advanced Archive Password Recovery (HKU\S-1-5-21-921242894-1989990284-1724683343-1000\...\Advanced Archive Password Recovery) (Version: 4.53 - ElcomSoft Co. Ltd.)
Amazon Kindle (HKU\S-1-5-21-921242894-1989990284-1724683343-1000\...\Amazon Kindle) (Version: 1.16.0.44025 - Amazon)
Any Video Converter Professional 3.5.8 (HKLM-x32\...\Any Video Converter Professional_is1) (Version:  - Any-Video-Converter.com)
Apple Application Support (32 bits) (HKLM-x32\...\{543F829B-4591-4B2F-AF63-6E6E6AE59EB2}) (Version: 6.4 - Apple Inc.)
Apple Application Support (64 bits) (HKLM\...\{0ECA3BB5-4410-414B-B226-241FF1C12CD0}) (Version: 6.4 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{9E005AAA-81A3-478E-8944-532D350952EE}) (Version: 11.3.1.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A30EA700-5515-48F0-88B0-9E99DC356B88}) (Version: 2.6.0.1 - Apple Inc.)
Ares 2.1.8 (HKLM-x32\...\Ares) (Version: 2.1.8-Build#3042 - Ares Development Group)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.36 - Atheros Communications Inc.)
AVG PC TuneUp (HKLM-x32\...\{9C775BB6-1453-45EB-8C78-A5CC5199113D}) (Version: 16.77.3 - AVG Technologies) Hidden
AVG PC TuneUp (HKLM-x32\...\{EA225E7B-D771-4631-A917-D8BA7C1EFC5E}) (Version: 16.32.5 - AVG Technologies) Hidden
Bandicam (HKLM-x32\...\Bandicam) (Version: 2.2.0.778 - Bandisoft.com)
Bandisoft MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version:  - Bandisoft.com)
BB Boss version 2.2 (HKLM-x32\...\{EB18E8A3-F008-4655-B425-A3B7F03FFCDD}_is1) (Version: 2.2 - FfejWorks, Inc.)
BlackBerry Desktop Software 7.1 (HKLM-x32\...\{BE5B0450-DCCB-4FE9-93E2-3B38D88A745B}) (Version: 7.1.0.41 - Research In Motion Ltd.) Hidden
BlackBerry Desktop Software 7.1 (HKLM-x32\...\BlackBerry_Desktop) (Version: 7.1.0.41 - Research In Motion Ltd.)
BlackBerry Device Software v5.0.0 para el smartphone BlackBerry 8530 (HKLM-x32\...\{C981C4A5-E0B9-41DE-97F3-75E914F9ADAC}) (Version: 5.0.0.1030 (Plataforma 4.2.0.451) - Research In Motion Ltd.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
BufferChm (HKLM-x32\...\{FA0FF682-CC70-4C57-93CD-E276F3E7537E}) (Version: 140.0.298.000 - Hewlett-Packard) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.56 - Piriform)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Cisco WebEx Meetings (HKU\S-1-5-21-921242894-1989990284-1724683343-1000\...\ActiveTouchMeetingClient) (Version:  - Cisco WebEx LLC)
Computer Modelling Group Software 2007-10-19 (HKLM-x32\...\{51A28850-77D0-4D65-BF5F-4701DD513478}) (Version: 2007-10-19 - Computer Modelling Group)
Copy (HKLM-x32\...\{9BE466FF-70B7-4DA8-807C-DB4C3610FDAA}) (Version: 140.0.298.000 - Hewlett-Packard) Hidden
Destinations (HKLM-x32\...\{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}) (Version: 140.0.253.000 - Hewlett-Packard) Hidden
DeviceDiscovery (HKLM-x32\...\{1458BB78-1DC5-4BC0-B9A3-2B644F5A8105}) (Version: 140.0.298.000 - Hewlett-Packard) Hidden
DJ_AIO_03_F4200_Software_Min (HKLM-x32\...\{CFA33E6D-2D7D-4785-8025-974398E940D1}) (Version: 140.0.425.000 - Hewlett-Packard) Hidden
DocProc (HKLM-x32\...\{9B362566-EC1B-4700-BB9C-EC661BDE2175}) (Version: 13.0.0.0 - Hewlett-Packard) Hidden
Doxillion, convertidor de documentos (HKLM-x32\...\Doxillion) (Version: 2.54 - NCH Software)
Dropbox (HKLM-x32\...\Dropbox) (Version: 71.3.102 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.191.1 - Dropbox, Inc.) Hidden
DVD Shrink 3.2 (HKLM-x32\...\DVD Shrink_is1) (Version:  - DVD Shrink)
Eclipse Software (HKLM-x32\...\{23610DD7-61F3-42B7-909C-0AC6E4A8107F}) (Version: 2009.01.0000 - Schlumberger) Hidden
Eclipse Software 2009.1 (HKLM-x32\...\{49FC4FCD-3752-44DF-90FD-BAFF38A234E3}) (Version: 2009.1 - GeoQuest)
Eines de correcció del Microsoft Office 2016: català (HKLM\...\{90160000-001F-0403-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Escritorio movistar Latam (HKLM-x32\...\Escritorio movistar Latam) (Version:  - Movistar)
Express Scribe (HKLM-x32\...\Scribe) (Version: 5.79 - NCH Software)
F4200 (HKLM-x32\...\{C86E1E36-6D30-4834-9C85-5501F31F7BB4}) (Version: 140.0.425.000 - Hewlett-Packard) Hidden
Ferramentas de verificación de Microsoft Office 2016 - Galego (HKLM\...\{90160000-001F-0456-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Folder Size for Windows (64-bit) (HKLM\...\{F24FF688-7138-4CCF-A83F-71E9FB01170E}) (Version: 2.5 - Brio)
FormatFactory 3.5.0.0 (HKLM-x32\...\FormatFactory) (Version: 3.5.0.0 - Format Factory)
General Release (HKLM-x32\...\{260A1E03-F4EF-4157-8522-73425A203976}) (Version: 2007.11.0000 - Computer Modelling Group) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 73.0.3683.103 - Google Inc.)
Google Drive (HKLM-x32\...\{A8DC81F2-D365-4248-892A-FA3B5951F731}) (Version: 2.34.9392.7803 - Google, Inc.)
Google Earth Pro (HKLM\...\{70A0F34E-564B-4F93-ADD6-3BAEC6E44075}) (Version: 7.3.2.5776 - Google)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.7 - Google LLC) Hidden
GoTo Opener (HKLM-x32\...\{D144D2C2-4F96-48B7-BB2A-E9185050B619}) (Version: 1.0.491 - LogMeIn, Inc.)
GoToMeeting 8.43.0.12692 (HKU\S-1-5-21-921242894-1989990284-1724683343-1000\...\GoToMeeting) (Version: 8.43.0.12692 - LogMeIn, Inc.)
GPBaseService2 (HKLM-x32\...\{BB3447F6-9553-4AA9-960E-0DB5310C5779}) (Version: 140.0.297.000 - Hewlett-Packard) Hidden
Herramientas de corrección de Microsoft Office 2016: español (HKLM\...\{90160000-001F-0C0A-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
HP Deskjet F4200 All-In-One Driver Software 13.0 Rel. 3 (HKLM\...\{A00C9114-40E6-4C70-A619-7DF264B23485}) (Version: 13.0 - HP)
HP Deskjet F4200 All-In-One Driver Software 14.0 Rel. 6 (HKLM\...\{8C925017-72A8-4C4A-AF21-84901E26638F}) (Version: 14.0 - HP)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HP Support Assistant (HKLM-x32\...\{78E2C850-ADA6-420D-BA35-2F4A9BE733CC}) (Version: 8.7.50.3 - HP)
HP Support Solutions Framework (HKLM-x32\...\{8EF98706-3C4B-4C5B-B035-01187E17D0E6}) (Version: 12.10.49.21 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPDiagnosticAlert (HKLM-x32\...\{B6465A32-8BE9-4B38-ADC5-4B4BDDC10B0D}) (Version: 1.00.0001 - Microsoft) Hidden
HPPhotoGadget (HKLM-x32\...\{CAE4213F-F797-439D-BD9E-79B71D115BE3}) (Version: 130.0.282.000 - Hewlett-Packard) Hidden
HPProductAssistant (HKLM-x32\...\{150B6201-E9E6-4DFB-960E-CCBD53FBDDED}) (Version: 140.0.298.000 - Hewlett-Packard) Hidden
HPSSupply (HKLM-x32\...\{6B2FFB21-AC88-45C3-9A7D-4BB3E744EC91}) (Version: 130.0.371.000 - Hewlett-Packard) Hidden
HUAWEI DataCard Driver 2.96 (HKLM-x32\...\HUAWEI DataCard Driver) (Version: 2.96 - Huawei technologies Co., Ltd.)
iCloud (HKLM\...\{5BD11939-D2C2-4F1B-AAAF-5ECE19A801F7}) (Version: 7.4.0.111 - Apple Inc.)
Image Resizer for Windows (64 bit) (HKLM\...\{617CA6E9-D5FB-4017-8130-82E68C56C34D}) (Version: 3.0.4802.35565 - Brice Lambson) Hidden
Image Resizer for Windows (HKLM-x32\...\{69d72156-6582-4556-8637-06f40aa7f85b}) (Version: 3.0.4802.35565 - Brice Lambson)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2353 - Intel Corporation)
iTunes (HKLM\...\{02F0C3CD-24E7-4381-8EC7-564A9BFCFAB1}) (Version: 12.7.3.46 - Apple Inc.)
JAP (HKLM-x32\...\JAP) (Version: 00.18.001 - JAP-Team)
Java 8 Update 171 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180171F0}) (Version: 8.0.1710.11 - Oracle Corporation)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Malwarebytes versión 3.7.1.2839 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.7.1.2839 - Malwarebytes)
Microsoft Office Professional Plus 2016 (HKLM\...\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-921242894-1989990284-1724683343-1000\...\OneDriveSetup.exe) (Version: 18.192.0920.0015 - Microsoft Corporation)
Microsoft Project Professional 2016 (HKLM\...\Office16.PRJPRO) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft Visio Professional 2016 (HKLM\...\Office16.VISPRO) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.12.25810 (HKLM-x32\...\{e2ee15e2-a480-4bc5-bfb7-e9803d1d9823}) (Version: 14.12.25810.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.12.25810 (HKLM-x32\...\{56e11d69-7cc9-40a5-a4f9-8f6190c4d84d}) (Version: 14.12.25810.0 - Microsoft Corporation)
Mozilla Firefox 65.0.2 (x64 es-ES) (HKLM\...\Mozilla Firefox 65.0.2 (x64 es-ES)) (Version: 65.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 59.0.2 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Netwaiting (HKLM-x32\...\{74B8998B-2B1B-4414-AD5D-17E7E9B5FF0A}) (Version: 1.0.1 - Conexant Systems, Inc)
Nokia Connectivity Cable Driver (HKLM\...\{BC4AE628-81A4-4FC6-863A-7A9BA2E2531F}) (Version: 7.1.32.69 - )
OCR Software by I.R.I.S. 14.0 (HKLM\...\HPOCR) (Version: 14.0 - HP)
Petrel 2009.1 (HKLM-x32\...\{E74EFDC6-2423-4CBB-A107-7A6D1538D990}) (Version: 4.11.1 - Schlumberger)
PIPESIM 2008.1 (HKLM-x32\...\{303A394E-7FD4-4D1A-BBC5-0F62FDBE0E6C}) (Version: 2008.01.0133 - Schlumberger)
PIXresizer 2.0.4 (HKLM-x32\...\PIXresizer_is1) (Version:  - Bluefive software)
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
PlayReady PC Runtime x86 (HKLM-x32\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
Rapport (HKLM-x32\...\{1DD81E7D-0D28-4CEB-87B2-C041A4FCB215}) (Version: 3.5.1930.243 - Trusteer) Hidden
Realtek USB 2.0 Reader Driver (HKLM-x32\...\{62BBB2F0-E220-4821-A564-730807D2C34D}) (Version: 1.0.0.15 - Realtek Semiconductor Corp.)
Realtek WLAN Driver (HKLM-x32\...\{9D3D8C60-A55F-4fed-B2B9-173001290E16}) (Version: 2.00.0013 - REALTEK Semiconductor Corp.)
Revisores de Texto do Microsoft Office 2016 – Português (Brasil) (HKLM\...\{90160000-001F-0416-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Revo Uninstaller Pro 3.1.6 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.1.6 - VS Revo Group, Ltd.)
Samsung Universal Print Driver 2 (HKLM-x32\...\Samsung Universal Print Driver 2) (Version: 2.50.06.00 - Samsung Electronics Co., Ltd.)
Scan (HKLM-x32\...\{06A1D88C-E102-4527-AF70-29FFD7AF215A}) (Version: 140.0.253.000 - Hewlett-Packard) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 13.0 - HP)
Skype™ 7.40 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.40.151 - Skype Technologies S.A.)
SolutionCenter (HKLM-x32\...\{BC5DD87B-0143-4D14-AAE6-97109614DC6B}) (Version: 140.0.299.000 - Hewlett-Packard) Hidden
Status (HKLM-x32\...\{5B025634-7D5B-4B8D-BE2A-7943C1CF2D5D}) (Version: 140.0.342.000 - Hewlett-Packard) Hidden
SumatraPDF (HKLM-x32\...\SumatraPDF) (Version: 3.1.2 - Krzysztof Kowalczyk)
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.10.0 - Synaptics Incorporated)
Telegram Desktop version 1.5.4 (HKU\S-1-5-21-921242894-1989990284-1724683343-1000\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 1.5.4 - Telegram Messenger LLP)
Toolbox (HKLM-x32\...\{292F0F52-B62D-4E71-921B-89A682402201}) (Version: 140.0.596.000 - Hewlett-Packard) Hidden
TOSHIBA Assist (HKLM-x32\...\{C2A276E3-154E-44DC-AAF1-FFDD7FD30E35}) (Version: 4.2.3.0 - TOSHIBA CORPORATION)
TOSHIBA Battery Check Utility (HKLM-x32\...\{5468E297-7EF8-4CB3-A091-F8714147793F}) (Version: 1.00.04.01 - Toshiba Client Solutions Co., Ltd.)
TOSHIBA Bulletin Board (HKLM-x32\...\InstallShield_{1C8C049A-145F-4A6E-8290-B5C245EBE39D}) (Version: 1.6.11.64 - TOSHIBA Corporation)
TOSHIBA Disc Creator (HKLM\...\{5DA0E02F-970B-424B-BF41-513A5018E4C0}) (Version: 2.1.0.11 for x64 - TOSHIBA Corporation)
TOSHIBA eco Utility (HKLM\...\{C2F94B5E-201A-4754-8F2F-4395E1D90DA3}) (Version: 1.3.5.64 - TOSHIBA Corporation)
TOSHIBA Hardware Setup (HKLM-x32\...\InstallShield_{C4FFA951-9678-4D51-84B4-AFD15D3C45AD}) (Version: 4.08.09.00 - TOSHIBA)
TOSHIBA HDD/SSD Alert (HKLM\...\{D4322448-B6AF-4316-B859-D8A0E84DCB38}) (Version: 3.1.64.9 - TOSHIBA Corporation)
TOSHIBA Media Controller (HKLM-x32\...\{C7A4F26F-F9B0-41B2-8659-99181108CDE3}) (Version: 1.0.87.4 - TOSHIBA CORPORATION)
TOSHIBA Media Controller Plug-in (HKLM-x32\...\{F26FDF57-483E-42C8-A9C9-EEE1EDB256E0}) (Version: 1.0.8.0 - TOSHIBA CORPORATION)
Toshiba Online Backup (HKLM-x32\...\{C57BCDE1-7CB9-467D-B3BA-7E119916CDC1}) (Version: 2.0.0.31 - Toshiba)
TOSHIBA PC Health Monitor (HKLM\...\{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}) (Version: 1.7.9.64 - TOSHIBA Corporation)
TOSHIBA Quality Application (HKLM-x32\...\{E69992ED-A7F6-406C-9280-1C156417BC49}) (Version: 1.0.3 - TOSHIBA)
TOSHIBA Recovery Media Creator (HKLM-x32\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 2.1.5.5109a - TOSHIBA CORPORATION)
TOSHIBA ReelTime (HKLM-x32\...\InstallShield_{24811C12-F4A9-4D0F-8494-A7B8FE46123C}) (Version: 1.7.21.64 - TOSHIBA Corporation)
TOSHIBA Resolution+ Plug-in for Windows Media Player (HKLM-x32\...\{6CB76C9D-80C2-4CB3-A4CD-D96B239E3F94}) (Version: 1.1.2001 - TOSHIBA Corporation)
TOSHIBA Service Station (HKLM-x32\...\{AC6569FA-6919-442A-8552-073BE69E247A}) (Version: 2.2.12 - TOSHIBA)
TOSHIBA Sleep Utility (HKLM-x32\...\{654F7484-88C5-46DC-AB32-C66BCB0E2102}) (Version: 1.4.2.8 - TOSHIBA Corporation)
TOSHIBA Supervisor Password (HKLM-x32\...\InstallShield_{CBD6B23D-41D5-4A46-8019-6208516C9712}) (Version: 4.08.09.00 - TOSHIBA)
TOSHIBA Value Added Package (HKLM-x32\...\InstallShield_{066CFFF8-12BF-4390-A673-75F95EFF188E}) (Version: 1.6.1.64 - TOSHIBA Corporation)
TOSHIBA Web Camera Application (HKLM-x32\...\InstallShield_{6F3C8901-EBD3-470D-87F8-AC210F6E5E02}) (Version: 2.0.3.3 - TOSHIBA Corporation)
TOSHIBA Wireless LAN Indicator (HKLM-x32\...\{5B01BCB7-A5D3-476F-AF11-E515BA206591}) (Version: 1.0.5 - TOSHIBA CORPORATION)
TOSHIBARegistration (HKLM-x32\...\{5AF550B4-BB67-4E7E-82F1-2C4300279050}) (Version: 1.0.6 - TOSHIBA)
TrayApp (HKLM-x32\...\{CD31E63D-47FD-491C-8117-CF201D0AFAB5}) (Version: 140.0.297.000 - Hewlett-Packard) Hidden
Trusteer Seguridad Terminal (HKLM-x32\...\Rapport_msi) (Version: 3.5.1930.243 - Trusteer)
TweetDeck (HKLM-x32\...\{85D70219-700E-4728-A80D-C394DEF6247E}) (Version: 3.0.2 - Twitter, Inc.)
UnloadSupport (HKLM-x32\...\{4E7C28C7-D5DA-4E9F-A1CA-60490B54AE35}) (Version: 11.0.0 - Hewlett-Packard) Hidden
Update for Skype for Business 2016 (KB4462234) 64-Bit Edition (HKLM\...\{90160000-0011-0000-1000-0000000FF1CE}_Office16.PROPLUS_{2D33E973-0A0D-41B2-8C6E-E2734090F470}) (Version:  - Microsoft)
Update for Skype for Business 2016 (KB4462234) 64-Bit Edition (HKLM\...\{90160000-00C1-0000-1000-0000000FF1CE}_Office16.PRJPRO_{2D33E973-0A0D-41B2-8C6E-E2734090F470}) (Version:  - Microsoft)
Update for Skype for Business 2016 (KB4462234) 64-Bit Edition (HKLM\...\{90160000-00C1-0000-1000-0000000FF1CE}_Office16.PROPLUS_{2D33E973-0A0D-41B2-8C6E-E2734090F470}) (Version:  - Microsoft)
Update for Skype for Business 2016 (KB4462234) 64-Bit Edition (HKLM\...\{90160000-00C1-0000-1000-0000000FF1CE}_Office16.VISPRO_{2D33E973-0A0D-41B2-8C6E-E2734090F470}) (Version:  - Microsoft)
Update for Skype for Business 2016 (KB4462234) 64-Bit Edition (HKLM\...\{90160000-012B-0C0A-1000-0000000FF1CE}_Office16.PROPLUS_{2D33E973-0A0D-41B2-8C6E-E2734090F470}) (Version:  - Microsoft)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{B2E25355-C24E-4E7D-8AD3-455D59810838}) (Version: 2.57.0.0 - Microsoft Corporation)
Vegas Pro 13.0 (64-bit) (HKLM\...\{204DC300-0BC8-11E5-B87F-F04DA23A5C58}) (Version: 13.0.453 - Sony)
Visual C++ 2008 x86 Runtime - v9.0.30729.01 (HKLM-x32\...\{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01) (Version: 9.0.30729.01 - Microsoft Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.6 - VideoLAN)
vs2015_redist x86 (HKLM-x32\...\{BD46163A-0331-4A61-B65A-7B66D7C93F8E}) (Version: 1.0.0.0 - Realnetworks) Hidden
WebReg (HKLM-x32\...\{8EE94FD8-5F52-4463-A340-185D16328158}) (Version: 140.0.297.017 - Hewlett-Packard) Hidden
WhatsApp (HKU\S-1-5-21-921242894-1989990284-1724683343-1000\...\WhatsApp) (Version: 0.2.8361 - WhatsApp)
WinRAR 5.71 beta 2 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.71.2 - win.rar GmbH)
Wondershare Data Recovery(Build 4.7.0.5) (HKLM-x32\...\{FEA3976F-D621-45F3-AFBD-E812A1F2F00D}_is1) (Version: 4.7.0.5 - Wondershare Software Co.,Ltd.)
Wondershare Dr.Fone(Build 2.0.1.3) (HKLM-x32\...\{B2AF05E3-4B0C-44A6-B146-322219BF3562}_is1) (Version: 2.0.1.3 - Wondershare Software Co.,Ltd.)
Youtube Downloader HD v. 2.9.9.27 (HKLM-x32\...\Youtube Downloader HD_is1) (Version:  - YoutubeDownloaderHD.com)
Zoom (HKU\S-1-5-21-921242894-1989990284-1724683343-1000\...\ZoomUMX) (Version: 4.1 - Zoom Video Communications, Inc.)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-921242894-1989990284-1724683343-1000_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6} -> [OneDrive] => {a52bba46-e9e1-435f-b3d9-28daa648c0f6} [0000-00-00 00:00]
CustomCLSID: HKU\S-1-5-21-921242894-1989990284-1724683343-1000_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\Jesús Saavedra\AppData\Local\GoToMeeting\11282\G2MOutlookAddin64.dll (LogMeIn, Inc. -> LogMeIn, Inc.)
CustomCLSID: HKU\S-1-5-21-921242894-1989990284-1724683343-1000_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A} -> [Dropbox] => C:\Users\Jesús Saavedra\Dropbox [2014-10-29 16:31]
ShellExecuteHooks-x32: No Name - {E37CB5F0-51F5-4395-A808-5FA49E399026} -  -> No File
ShellIconOverlayIdentifiers: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-05] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-05] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-05] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-05] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-05] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-05] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-05] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-05] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-05] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-05] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-04-23] (Google Inc -> Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-04-23] (Google Inc -> Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-04-23] (Google Inc -> Google)
ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} =>  -> No File
ShellIconOverlayIdentifiers-x32: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-05] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-05] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-05] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-05] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-05] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-05] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-05] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-05] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-05] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-05] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-05] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2018-04-23] (Google Inc -> Google)
ContextMenuHandlers1: [Image Resizer] -> {51B4D7E5-7568-4234-B4BB-47FB3C016A69} => C:\Program Files\Image Resizer for Windows\ShellExtensions.dll [2013-02-23] (Brice Lambson) [File not signed]
ContextMenuHandlers1: [LavasoftShellExt] -> {DCE027F7-16A4-4BEE-9BE7-74F80EE3738F} => C:\Program Files (x86)\Lavasoft\Ad-Aware\ShellExt_64.dll [2015-04-29] (Lavasoft Limited -> Lavasoft Limited)
ContextMenuHandlers1: [PhotoStreamsExt] -> [CC]{89D984B3-813B-406A-8298-118AFA3A22AE} =>  -> No File
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-16] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-16] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [LavasoftShellExt] -> {DCE027F7-16A4-4BEE-9BE7-74F80EE3738F} => C:\Program Files (x86)\Lavasoft\Ad-Aware\ShellExt_64.dll [2015-04-29] (Lavasoft Limited -> Lavasoft Limited)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-05] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2018-04-23] (Google Inc -> Google)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-05] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} =>  -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\WINDOWS\system32\igfxpph.dll [2017-03-09] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [LavasoftShellExt] -> {DCE027F7-16A4-4BEE-9BE7-74F80EE3738F} => C:\Program Files (x86)\Lavasoft\Ad-Aware\ShellExt_64.dll [2015-04-29] (Lavasoft Limited -> Lavasoft Limited)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [RUShellExt] -> {2C5515DC-2A7E-4BFD-B813-CACC2B685EB7} => C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RUExt.dll [2012-12-29] (VS Revo Group -> VS Revo Group)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-16] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-16] (win.rar GmbH -> Alexander Roshal)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0195E0D0-8859-40BF-8F2B-049F0C8CFC93} - System32\Tasks\Microsoft\Windows\Flighting\FeatureConfig\ReconcileFeatures
Task: {07CB5A3B-061B-4BA4-8A9F-EC317E3A0175} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {0876328C-A14D-444E-99C4-5A47F6291BC2} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe (HP Inc. -> HP Inc.)
Task: {08923DC3-5E2E-4DCE-BE3E-9EBCB4073F9B} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {08E06DB8-D859-4A95-A1EE-737482E0DA62} - System32\Tasks\{9187A549-2248-4BE8-BAE5-38CFBF5BDB4C} => C:\windows\system32\pcalua.exe -a C:\Users\JESSSA~1\AppData\Local\Temp\Shockwave_Installer_FF.exe -d "C:\Program Files (x86)\Mozilla Firefox" <==== ATTENTION
Task: {11227E60-73BC-4947-8B75-5B4E09C0B01F} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {113B32D9-CF02-4CF1-8F6C-8F005A04D17C} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-921242894-1989990284-1724683343-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: {16181E5A-9EA7-445E-B00A-084043244D1D} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {16697794-802B-4959-8331-9D1D3A870C9A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {1A68576E-9168-4296-8022-C55CE2EA9533} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {1E1E4999-CEA9-4B22-A618-064C7DB2B5E2} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {2A43F3B6-DA57-4703-A3CA-6015360AED90} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {2CDA110A-409F-493C-82CB-33846432454F} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {2DF79931-ADE5-411C-9747-81A3343C4743} - \RealPlayer (32-bit)  -> No File <==== ATTENTION
Task: {2F3581A7-04CA-4DED-9023-F46BDA5CE952} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {30223943-34DD-4DA0-A14F-B608FCFC7B5B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe (HP Inc. -> HP Inc.)
Task: {3224C536-FEFB-4656-A8E6-B33C09601512} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe
Task: {32AA6A10-AF07-44AE-92CA-AE63EC50ED5D} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {3CA36504-25F1-4D1A-B2F0-2BD0E367E676} - System32\Tasks\RealDownloader Update Check => c:\program files (x86)\real\RealDownloader\downloader2.exe
Task: {4096A307-970B-4453-B945-1F2B89C8FAF6} - System32\Tasks\AdobeGCInvoker-1.0-JESUSSAAVEDRAPC-Jesús I. Saavedra => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
Task: {433BB0D0-7188-4078-8F24-E9303108B4EE} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {4380FAB9-8689-4AE2-96A7-FDD44C1A8473} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-921242894-1989990284-1724683343-1003 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: {453B61FD-BE1D-4F52-93C6-2650E2E4983F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe (HP Inc. -> HP Inc.)
Task: {48A5E74D-6D81-4E9B-B6A2-86149C91BC69} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_30_0_0_154_Plugin.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {4C1E0492-9D6D-44E5-A237-C75017294B41} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {4D081574-AA72-4AAE-B3FB-4D8D41E6DFB9} - System32\Tasks\HPCeeScheduleForJesús I. Saavedra => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe (Hewlett-Packard Company -> Hewlett-Packard)
Task: {4D888EE2-1BDD-4827-84B7-6A13F46E307D} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\Windows\explorer.exe /NOUACCHECK
Task: {4F43B9EC-BA97-4FFE-9BCD-243494905C01} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {5126C602-59CD-422A-B9DE-A6F38F25DF40} - System32\Tasks\{FE0BB373-C334-4163-9F91-0B8B5EA2BB09} => "c:\program files (x86)\mozilla firefox\firefox.exe" hxxp://ui.skype.com/ui/0/6.1.73.129.457/es/abandoninstall?page=tsMain
Task: {52E0F425-4AB2-48B4-81EE-9B67A33F87A6} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION
Task: {53EE1840-8B7B-41B8-940D-92064ACF2D26} - \Microsoft\Windows\Setup\GWXTriggers\Time-Weekend -> No File <==== ATTENTION
Task: {53FB524F-C373-4003-90AC-5A8C93BB9EB8} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {57B65FF3-F51B-424D-A7FF-BFA44609E656} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {57C14D35-38B1-4097-B22F-3192E3FD2471} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe (Dropbox, Inc -> Dropbox, Inc.)
Task: {5A0D11DA-8A0D-442C-96B8-FAF34F9FD3DE} - System32\Tasks\S-1-5-21-921242894-1989990284-1724683343-1000\DataSenseLiveTileTask => C:\WINDOWS\System32\DataUsageLiveTileTask.exe (Microsoft Windows -> Microsoft Corporation)
Task: {5C87952F-AF8E-4567-B534-3C13E5A71467} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => c:\Program Files\Microsoft Security Client\MpCmdRun.exe
Task: {5FAA5C50-E727-4FA6-99EC-7CBD7512173E} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {68D4EBF7-C1A0-4817-B344-B384CEF4AC0B} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {7137F2BD-168D-4D24-9691-98A848EBF32B} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe (Piriform Software Ltd -> Piriform Software Ltd)
Task: {71A39E0A-F5AA-437C-A522-275712A97092} - System32\Tasks\{B6C92AF0-234E-488A-95C6-2B5393307A8F} => C:\windows\system32\pcalua.exe -a "C:\Users\Jesús Saavedra\Downloads\sk1wv360.exe" -d "C:\Users\Jesús Saavedra\Downloads"
Task: {726A6BE6-2E8A-4543-BBBB-5D9ACBFCAA22} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {736050A6-1961-4ACF-96FB-C7E3D3031E89} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1903.4-0\MpCmdRun.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {73F37133-0F88-4A1C-9A62-D36E13CF47F9} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1903.4-0\MpCmdRun.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {7DDEF5EA-A712-44E6-B225-C788E132B2AA} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe (HP Inc. -> HP Inc.)
Task: {840BDD5E-C282-4DB3-9044-B6F0A05E76F2} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe (Apple Inc. -> Apple Inc.)
Task: {8621B46A-2336-45BB-99B6-960CD3E53FE0} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {89F2F03A-74C8-45CF-8B71-A592DEA8BA09} - System32\Tasks\Java Platform SE Auto Updater => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Oracle America, Inc. -> Oracle Corporation)
Task: {8A026BB3-6F85-4593-B3EA-0D42B87BB3B5} - \Microsoft\Windows\Setup\gwx\rundetector -> No File <==== ATTENTION
Task: {8A2B67D9-294A-4F61-978E-4E1927A1CE72} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {8CBA7FD3-F1E9-4B56-94BD-06F3AE4F6B5D} - System32\Tasks\{5CBE22C1-6482-44E3-813D-6DD2C7197048} => C:\windows\system32\pcalua.exe -a C:\Users\JESSSA~1\AppData\Local\Temp\jre-8u60-windows-au.exe -d C:\windows\SysWOW64 -c /installmethod=jau FAMILYUPGRADE=1 <==== ATTENTION
Task: {8E97A8BE-6CFF-4BEB-B771-BA88A6842EBD} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe (Apple Inc. -> Apple Inc.)
Task: {8EDCFAA7-DD92-43A8-9DAC-3E45A988E64D} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
Task: {961E1D2C-3C4B-4204-AE55-F0EA85B6BF86} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {96C447D7-D90F-4F18-9DDA-59330C5B79C3} - System32\Tasks\Ad-Aware Update (Weekly) => C:\Program Files (x86)\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe (Lavasoft Limited -> Lavasoft Limited )
Task: {9743E740-7E3D-4D5E-9CF6-F06C03219A94} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe (Dropbox, Inc -> Dropbox, Inc.)
Task: {9A005282-E757-4132-8063-AC091D13B947} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {9D6FDA1B-318E-4ED4-82EC-1A8CFC4DBB54} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {A1703B1F-7B18-4958-B5C2-0D698C76E2E9} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {A1A2ED16-20E8-44B1-BB78-016AB414D70C} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe (HP Inc. -> HP Inc.)
Task: {A1D2F3FE-E786-4D25-878D-F4B915B80239} - System32\Tasks\{4F958F87-B943-424C-AD8F-68D808BEC5A2} => C:\windows\system32\pcalua.exe -a C:\ProgramData\{ECC164E0-3133-4C70-A831-F08DB2940F70}\Ad-AwareInstall.exe
Task: {A5964BE4-6281-4D02-BEDD-C70F2EC1019D} - System32\Tasks\SidebarExecute => C:\Program Files\Windows Sidebar\sidebar.exe
Task: {A87946BD-D87E-406A-BBF7-98A5892E11ED} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {ABFAED16-DDBF-4EFB-A782-F051AC3EBF8E} - System32\Tasks\G2MUpdateTask-S-1-5-21-921242894-1989990284-1724683343-1000 => C:\Users\Jesús Saavedra\AppData\Local\GoToMeeting\12692\g2mupdate.exe (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {AE4E775C-26B6-451C-8A69-1DD02F775119} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {AF91B4F6-B7A8-49D4-8DCE-26B375C32AC1} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {B28747CF-43D4-4F18-8C08-4E5DE7CA1A76} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1903.4-0\MpCmdRun.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {B56B36DA-D27B-492B-986A-2EDDED46DE25} - System32\Tasks\G2MUploadTask-S-1-5-21-921242894-1989990284-1724683343-1000 => C:\Users\Jesús Saavedra\AppData\Local\GoToMeeting\12692\g2mupload.exe (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {BE399A9C-5667-491E-8453-FD88A24BADD1} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {C0608D3C-CD7E-42D8-B179-0C627F0D8DEF} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1903.4-0\MpCmdRun.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {C0E91AE1-62C6-4D74-ABE8-33ABD62819F3} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {C1CADC67-C3EA-4AF7-8933-1A73FDD1B96B} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {C36CAAB6-C698-42EE-9CE4-18A229BD49E5} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {CCC45F4D-4616-47B6-9D09-7196FED98F0A} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {D1DBD469-2E5E-499C-972A-1DEA069C84A3} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {D3FEBDA6-8EB0-4549-83E2-81D6E982F87D} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {D85C0B85-DF7B-4126-B009-246BE62E5383} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {DEBE6652-F903-41E4-87C5-410BE41C9568} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {EAB001C5-F03A-4629-9470-33287FF0BA41} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-921242894-1989990284-1724683343-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: {EC66CD51-E15B-4F47-A602-564AA767C2D2} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {EC94E78C-1798-45E2-B4A4-388403BB4B6B} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION
Task: {ED04BAC3-D3F1-498E-89B8-D27ED04026F3} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe (HP Inc. -> HP Inc.)
Task: {EDF66ABA-10D4-4CFD-AD0B-125994D0BA8E} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-921242894-1989990284-1724683343-1003 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: {F159334C-CF38-4068-82FD-518439CBF207} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {F45B5275-D2B7-4085-93A3-6D5C2C59B439} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {F6C0E2F3-26E8-442A-BC77-3B8729244B79} - System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance => C:\Program Files (x86)\AVG\AVG PC TuneUp\tuscanx.exe
Task: {FBBF0C57-2243-4D42-A641-31B487DB716F} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-921242894-1989990284-1724683343-1000.job => C:\Users\Jesús Saavedra\AppData\Local\GoToMeeting\12692\g2mupdate.exe
Task: C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-921242894-1989990284-1724683343-1000.job => C:\Users\Jesús Saavedra\AppData\Local\GoToMeeting\12692\g2mupload.exe
Task: C:\WINDOWS\Tasks\HPCeeScheduleForJesús I. Saavedra.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]

Shortcut: C:\Users\Jesús Saavedra\Favorites\Sitio para descargas de NCH Software.lnk -> hxxp://www.nchsoftware.com/es/index.htm

ShortcutWithArgument: C:\Users\Jesús Saavedra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Cisco WebEx IM.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory=Default --app-id=gdgodbfllkenehbjembldlmkjjdafigh

==================== Loaded Modules (Whitelisted) ==============

2006-12-19 11:00 - 2006-12-19 11:00 - 000081920 _____ (Prolific Technology Inc.) [File not signed] C:\windows\SysWOW64\IoctlSvc.exe
2013-01-18 17:40 - 2013-01-18 17:40 - 000577536 ____C (Research In Motion Limited) [File not signed] C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe
2010-04-06 01:15 - 2010-04-06 01:15 - 000167936 ____C (Brio) [File not signed] C:\Program Files\FolderSize\FolderSizeSvc.exe
2011-07-01 15:40 - 2011-07-01 15:40 - 000150016 ____C (TOSHIBA Corporation) [File not signed] C:\Program Files\TOSHIBA\TPHM\TPCHCTL.dll
2011-07-01 15:40 - 2011-07-01 15:40 - 000132608 ____C (TOSHIBA Corporation) [File not signed] C:\Program Files\TOSHIBA\TPHM\TPCHDISK.dll
2013-02-23 12:17 - 2013-02-23 12:17 - 000166400 _____ (Brice Lambson) [File not signed] C:\Program Files\Image Resizer for Windows\ShellExtensions.dll
2011-11-09 02:46 - 2010-12-20 21:45 - 000069632 ____C (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\StatusStrings.dll
2011-11-09 02:46 - 2010-12-20 21:49 - 001892352 ____C (Apache Software Foundation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\xerces-c_2_7.dll
2019-04-17 17:19 - 2019-03-13 09:22 - 004571648 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Widgets.dll
2019-04-17 17:19 - 2019-03-13 09:22 - 000438272 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5WinExtras.dll
2019-04-17 17:19 - 2019-03-13 09:22 - 005139968 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Gui.dll
2019-04-17 17:19 - 2019-03-13 09:22 - 003084800 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Quick.dll
2019-04-17 17:19 - 2019-03-13 09:22 - 002234880 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Network.dll
2019-04-17 17:19 - 2019-03-13 09:22 - 002950144 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Qml.dll
2019-04-17 17:19 - 2019-03-13 09:22 - 005010944 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Core.dll
2019-04-17 17:19 - 2019-03-13 09:22 - 001181184 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\platforms\qwindows.dll
2019-04-17 17:19 - 2019-03-13 09:22 - 000124928 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\styles\qwindowsvistastyle.dll
2019-04-17 17:19 - 2019-03-13 09:22 - 000026112 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\imageformats\qico.dll
2019-04-17 17:19 - 2019-03-13 09:22 - 000020992 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\imageformats\qsvg.dll
2019-04-17 17:19 - 2019-03-13 09:22 - 000259584 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Svg.dll
2019-04-17 17:20 - 2019-03-13 09:22 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick.2\qtquick2plugin.dll
2019-04-17 17:20 - 2019-03-13 09:22 - 000729088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls\qtquickcontrolsplugin.dll
2019-04-17 17:20 - 2019-03-13 09:22 - 000073216 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Layouts\qquicklayoutsplugin.dll
2019-04-17 17:20 - 2019-03-13 09:22 - 000179712 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Dialogs\dialogplugin.dll
2019-04-17 17:20 - 2019-03-13 09:22 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Window.2\windowplugin.dll
2019-04-17 17:20 - 2019-03-13 09:22 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQml\Models.2\modelsplugin.dll
2019-04-17 17:20 - 2019-03-13 09:22 - 000101888 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\PrivateWidgets\widgetsplugin.dll
2019-04-17 17:19 - 2019-03-13 09:22 - 000035328 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\iconengines\qsvgicon.dll
2019-04-17 23:15 - 2016-08-13 23:36 - 005217280 _____ (Artifex Software et al.) [File not signed] C:\Program Files (x86)\SumatraPDF\libmupdf.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:0B4227B4 [124]
AlternateDataStreams: C:\ProgramData\TEMP:A1EDB939 [114]
AlternateDataStreams: C:\ProgramData\TEMP:D1B5B4F1 [112]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 22:34 - 2018-12-09 08:28 - 000000027 ____N C:\WINDOWS\system32\drivers\etc\hosts

127.0.0.1       localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path: C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\ecl\home;C:\ecl\macros;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files (x86)\Skype\Phone\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-921242894-1989990284-1724683343-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Jesús Saavedra\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 8.8.8.8 - 4.4.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: )
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn)
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)
Windows Firewall is enabled.
#14

Primeramente, deberías desinstalar, usando Revo, Format Factory, pues aunque el programa en si mismo funciona muy bien, es puro malware escondido

uego, segun manual de Revo >> http://www.forospyware.com/t243205.html, desinstalas el / los programas indicados, seleccionando cuando lo indique Revo, el Modo Avanzado

Marcas NOMBRE PROGRAMA y pulsas desinstalar en el menu de Revo, en Modo Avanzado

Cuando lo hagas, se iniciara el desinstalador de NOMBRE DE PROGRAMA y al finalizar (si alguno te pide reiniciar, pulsas en NO o Cancelar y continuas con Revo), realizas:

  • Pulsas Analizar en Revo, para que analice los restos del programa

  • Pulsas seleccionar todo, para eliminar restos del registro

  • Pulsas borrar todo

  • Pulsas siguiente

  • Pulsas seleccionar todo, para eliminar, si hay, carpetas

  • Pulsas borrar todo

  • Pulsas finalizar


______________________________________________________________________________

Bien… y ahora sigue estos pasos, MUY Importante ~ Realiza una copia de seguridad del registro :

  • Para hacerlo descarga Delfix en tu escritorio.

  • Doble clic para ejecutarlo.(Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona "Ejecutar como Administrador.")

  • Atención, ahora marca/selecciona únicamente la casilla "Create registry backup", las demás NO

  • Pulsar en Run.

Se abrirá el informe (DelFix.txt), guárdalo por si fuera necesario y cierra la herramienta.


En el equipo con los demas programas cerrados:

Inicio >>> Ejecutar >>>Escribes notepad.exe.

Ahora copia y pega estos archivos dentro del Notepad:


Start
CreateRestorePoint:
CloseProcesses:

CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
CHR HKU\S-1-5-21-921242894-1989990284-1724683343-1000\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
FF Plugin: @videolan.org/vlc,version=2.1.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\autoconf_warsaw.js [2018-04-10] <==== ATTENTION (Points to *.cfg file)
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\warsaw.cfg [2018-04-10] <==== ATTENTION
CHR HKU\S-1-5-21-921242894-1989990284-1724683343-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [ohfdiojichmakejoojpjejpmhhdfngch] - <no Path/update_url>
U3 aspnet_state; no ImagePath
S3 SWDUMon; \SystemRoot\system32\DRIVERS\SWDUMon.sys [X]
2009-08-04 13:54 - 2009-08-04 13:54 - 000000087 ____C () C:\Program Files (x86)\AUTORUN.INF
2009-01-23 15:25 - 2015-09-08 15:45 - 000184320 ____C () C:\Program Files (x86)\SecSNMP.dll
2006-12-21 22:14 - 2006-12-21 22:14 - 000016948 ____C () C:\Program Files (x86)\Setup.dat
2009-08-11 18:18 - 2009-08-11 18:18 - 000777320 ____C () C:\Program Files (x86)\Setup.exe
2006-09-01 18:35 - 2015-09-08 15:46 - 004218880 ____C () C:\Program Files (x86)\Ssres.dll
2015-03-31 04:14 - 2015-03-31 04:14 - 000005655 ____C () C:\Users\Jesús Saavedra\AppData\Roaming\aTc838ba8Cr1dirnHZk2UfF7x
2015-03-31 04:14 - 2015-03-31 04:14 - 000004387 ____C () C:\Users\Jesús Saavedra\AppData\Roaming\NX8DdnnvtqOBLE9F
2019-04-17 23:06 - 2014-10-18 22:32 - 000242272 _____ (Krzysztof Kowalczyk) C:\Users\Jesús Saavedra\AppData\Local\Temp\sum~inst.exe
2019-02-08 12:35 - 2019-02-08 12:35 - 000000000 _____ () C:\Users\Jesús Saavedra\AppData\Local\{5E41F176-7348-4459-A3E1-B084FA761ED0}
Task: {2DF79931-ADE5-411C-9747-81A3343C4743} - \RealPlayer (32-bit)  -> No File <==== ATTENTION
Task: {2F3581A7-04CA-4DED-9023-F46BDA5CE952} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {32AA6A10-AF07-44AE-92CA-AE63EC50ED5D} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {52E0F425-4AB2-48B4-81EE-9B67A33F87A6} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION
Task: {53EE1840-8B7B-41B8-940D-92064ACF2D26} - \Microsoft\Windows\Setup\GWXTriggers\Time-Weekend -> No File <==== ATTENTION
Task: {53FB524F-C373-4003-90AC-5A8C93BB9EB8} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {8A026BB3-6F85-4593-B3EA-0D42B87BB3B5} - \Microsoft\Windows\Setup\gwx\rundetector -> No File <==== ATTENTION
Task: {9D6FDA1B-318E-4ED4-82EC-1A8CFC4DBB54} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {AF91B4F6-B7A8-49D4-8DCE-26B375C32AC1} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {BE399A9C-5667-491E-8453-FD88A24BADD1} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {CCC45F4D-4616-47B6-9D09-7196FED98F0A} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {D1DBD469-2E5E-499C-972A-1DEA069C84A3} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {D3FEBDA6-8EB0-4549-83E2-81D6E982F87D} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {EC94E78C-1798-45E2-B4A4-388403BB4B6B} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION
Task: {F159334C-CF38-4068-82FD-518439CBF207} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {F45B5275-D2B7-4085-93A3-6D5C2C59B439} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {FBBF0C57-2243-4D42-A641-31B487DB716F} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]
Shortcut: C:\Users\Jesús Saavedra\Favorites\Sitio para descargas de NCH Software.lnk -> hxxp://www.nchsoftware.com/es/index.htm
ShortcutWithArgument: C:\Users\Jesús Saavedra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Cisco WebEx IM.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory=Default --app-id=gdgodbfllkenehbjembldlmkjjdafigh
AlternateDataStreams: C:\ProgramData\TEMP:0B4227B4 [124]
AlternateDataStreams: C:\ProgramData\TEMP:A1EDB939 [114]
AlternateDataStreams: C:\ProgramData\TEMP:D1B5B4F1 [112]


HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
END

Lo guardas bajo el nombre de fixlist.txt en el escritorio <<< Esto es muy importante.<<

Nota: Es importante que la Hta Frst.exe y fixlist.txt se encuentren en la misma ubicación (escritorio) o si no no trabajara.

  • Y ahora usa esta Faq de Windows ¿Cómo iniciar Windows en Modo Seguro (Aplicable a Windows 10)?, para trabajar desde ese modo de windows. (Usa el Metodo 1 y si no puedes, usa el Metodo 2)

  • Ejecutas Frst.exe.

  • Presionas el botón Fix y aguardas a que termine.

  • La Herramienta guardara el reporte en tu escritorio (Fixlog.txt).

Lo pegas en tu próxima respuesta, comentado como va el pc

#15

Gracias por la recomendación, varios mensaje borré por no colocarle el formato solicitado, y cuando escribí las 3 respuestas previas con los logs, el último quedó incompleto. Luego recibí su respuesta con explicaciones de como proceder. Pero no posteé la última parte del log anterior, de Adittion porque el sistema me penalizó con 1 horas sin poder escribir porque había escrito muchos mensajes de manera consecutiva. Luego ayer no pude conectar al internet.

Entonces, la parte que faltaba del Adittion, la coloco formateada a continuación.

Dígame por favor si continuo con el procedimiento tal cual Ud. me lo sugirió.

==================== MSCONFIG/TASK MANAGER disabled items ==

        If an entry is included in the fixlist, it will be removed.

        MSCONFIG\Services: avgsvc => 2
        MSCONFIG\Services: XblAuthManager => 3
        MSCONFIG\Services: XblGameSave => 3
        MSCONFIG\Services: XboxNetApiSvc => 3
        MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Inicio^RealTimes.lnk => C:\windows\pss\RealTimes.lnk.CommonStartup
        MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk => C:\windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup
        MSCONFIG\startupfolder: C:^Users^Jesús Saavedra^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\windows\pss\Dropbox.lnk.Startup
        MSCONFIG\startupfolder: C:^Users^Jesús Saavedra^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Facebook Messenger.lnk => C:\windows\pss\Facebook Messenger.lnk.Startup
        MSCONFIG\startupfolder: C:^Users^Jesús Saavedra^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2007 Screen Clipper and Launcher.lnk => C:\windows\pss\OneNote 2007 Screen Clipper and Launcher.lnk.Startup
        MSCONFIG\startupreg: Acrobat Assistant 8.0 => "C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe"
        MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
        MSCONFIG\startupreg: Adobe Speed Launcher => 1423670928
        MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
        MSCONFIG\startupreg: AppleIEDAV => C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe
        MSCONFIG\startupreg: ApplePhotoStreams => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
        MSCONFIG\startupreg: ares => "C:\Program Files (x86)\Ares\Ares.exe" -h
        MSCONFIG\startupreg: Autodesk Sync => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe
        MSCONFIG\startupreg: BlackBerryAutoUpdate => C:\Program Files (x86)\Common Files\Research In Motion\Auto Update\RIMAutoUpdate.exe /background
        MSCONFIG\startupreg: com.apple.dav.bookmarks.daemon => C:\Program Files (x86)\Common Files\Apple\Internet Services\BookmarkDAV_client.exe
        MSCONFIG\startupreg: Facebook Update => "C:\Users\Jesús Saavedra\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
        MSCONFIG\startupreg: Google Desktop Search => "C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktop.exe" /startup
        MSCONFIG\startupreg: GoogleDriveSync => "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
        MSCONFIG\startupreg: HP Software Update => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
        MSCONFIG\startupreg: HSON => %ProgramFiles%\TOSHIBA\TBS\HSON.exe
        MSCONFIG\startupreg: iCloudDrive => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
        MSCONFIG\startupreg: iCloudServices => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
        MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
        MSCONFIG\startupreg: msnmsgr => "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
        MSCONFIG\startupreg: NortonOnlineBackupReminder => "C:\Program Files (x86)\Toshiba\Toshiba Online Backup\Activation\TOBuActivation.exe" UNATTENDED
        MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
        MSCONFIG\startupreg: Samsung Common SM => "C:\windows\Samsung\ComSMMgr\ssmmgr.exe" /autorun
        MSCONFIG\startupreg: SkyDrive => "C:\Users\Jesús Saavedra\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe" /background
        MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
        MSCONFIG\startupreg: Spybot-S&D Cleaning => "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe" /autoclean
        MSCONFIG\startupreg: swg => "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
        MSCONFIG\startupreg: TkBellExe => "C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe"  -osboot
        MSCONFIG\startupreg: ToshibaAppPlace => "C:\Program Files (x86)\Toshiba\Toshiba App Place\ToshibaAppPlace.exe"
        MSCONFIG\startupreg: ToshibaServiceStation => "C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60
        MSCONFIG\startupreg: TosWaitSrv => C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe
        MSCONFIG\startupreg: Uninstall C: => 
        MSCONFIG\startupreg: uTorrent => "C:\Users\Jesús Saavedra\AppData\Roaming\uTorrent\uTorrent.exe"  /MINIMIZED
        HKLM\...\StartupApproved\StartupFolder: => "RealTimes.lnk"
        HKLM\...\StartupApproved\StartupFolder: => "HP Digital Imaging Monitor.lnk"
        HKLM\...\StartupApproved\Run: => "SynTPEnh"
        HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
        HKLM\...\StartupApproved\Run: => "TCrdMain"
        HKLM\...\StartupApproved\Run: => "TPwrMain"
        HKLM\...\StartupApproved\Run: => "WindowsDefender"
        HKLM\...\StartupApproved\Run: => "iTunesHelper"
        HKLM\...\StartupApproved\Run: => "AvgUi"
        HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0"
        HKLM\...\StartupApproved\Run32: => "GrooveMonitor"
        HKLM\...\StartupApproved\Run32: => "RIMBBLaunchAgent.exe"
        HKLM\...\StartupApproved\Run32: => "RealDownloader"
        HKLM\...\StartupApproved\Run32: => "TkBellExe"
        HKLM\...\StartupApproved\Run32: => "AvgUi"
        HKLM\...\StartupApproved\Run32: => "HP Software Update"
        HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
        HKLM\...\StartupApproved\Run32: => "AdobeAAMUpdater-1.0"
        HKU\S-1-5-21-921242894-1989990284-1724683343-1000\...\StartupApproved\StartupFolder: => "wesbuagu.lnk"
        HKU\S-1-5-21-921242894-1989990284-1724683343-1000\...\StartupApproved\Run: => "Uninstall C:\Users\Jesús Saavedra\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64"
        HKU\S-1-5-21-921242894-1989990284-1724683343-1000\...\StartupApproved\Run: => "Uninstall C:\Users\Jesús Saavedra\AppData\Local\Microsoft\OneDrive\17.3.5930.0814"
        HKU\S-1-5-21-921242894-1989990284-1724683343-1000\...\StartupApproved\Run: => "CCleaner Monitoring"
        HKU\S-1-5-21-921242894-1989990284-1724683343-1000\...\StartupApproved\Run: => "Adobe Acrobat Synchronizer"
        HKU\S-1-5-21-921242894-1989990284-1724683343-1000\...\StartupApproved\Run: => "iCloudServices"
        HKU\S-1-5-21-921242894-1989990284-1724683343-1000\...\StartupApproved\Run: => "Skype"
        HKU\S-1-5-21-921242894-1989990284-1724683343-1000\...\StartupApproved\Run: => "PQYUUDNZ62HHBZF"
        HKU\S-1-5-21-921242894-1989990284-1724683343-1000\...\StartupApproved\Run: => "8NPABKO3458V01K"
        HKU\S-1-5-21-921242894-1989990284-1724683343-1000\...\StartupApproved\Run: => "CZA0LXYFS1VLQUZ"
        HKU\S-1-5-21-921242894-1989990284-1724683343-1000\...\StartupApproved\Run: => "Q0I4U89XGABX7WB"
        HKU\S-1-5-21-921242894-1989990284-1724683343-1000\...\StartupApproved\Run: => "SDBSHCXHN7SM1QF"

        ==================== FirewallRules (Whitelisted) ===============

        (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

        FirewallRules: [{E087D1E5-B7B0-4D93-9419-EF3AC235AF8C}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
        FirewallRules: [{3E247275-F65B-4D7A-AA68-83362D419573}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
        FirewallRules: [{F6EB7C69-613E-45FF-BCE4-020C525CF71D}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
        FirewallRules: [UDP Query User{493FE357-94A7-4C45-B1B2-EB0A3E03FB31}C:\program files (x86)\reiboot\reiboot.exe] => (Allow) C:\program files (x86)\reiboot\reiboot.exe (Tenorshare Co.,Ltd. -> Tenorshare) [File not signed]
        FirewallRules: [TCP Query User{C6F70687-6841-4C3C-8E46-53ED5F0D4230}C:\program files (x86)\reiboot\reiboot.exe] => (Allow) C:\program files (x86)\reiboot\reiboot.exe (Tenorshare Co.,Ltd. -> Tenorshare) [File not signed]
        FirewallRules: [{D71D2D12-693C-4199-8690-6DCFD010B53B}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
        FirewallRules: [{DB208F9E-FA27-4953-8D78-AD3259BF6267}] => (Allow) C:\WINDOWS\SysWOW64\msiexec.exe (Microsoft Windows -> Microsoft Corporation)
        FirewallRules: [{51B5DDAE-812A-4142-A33F-6A68A3A240EA}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
        FirewallRules: [{2C4A5268-B166-4A49-9D12-79EEF3C16383}] => (Allow) C:\Users\Jesús Saavedra\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
        FirewallRules: [{266F6F4A-23AC-4074-8F5B-930BD208A1E8}] => (Allow) C:\Users\Jesús Saavedra\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
        FirewallRules: [{6A4C15CA-AB97-4B0C-AADF-EF213224AAAA}] => (Allow) C:\Users\Jesús Saavedra\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
        FirewallRules: [{C8D39426-0E19-4D78-9A97-C5D27C9EACDE}] => (Allow) C:\Users\Jesús Saavedra\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
        FirewallRules: [{167B7487-A659-4277-B31F-65F87DB9D1CD}] => (Allow) C:\Users\Jesús Saavedra\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
        FirewallRules: [{E4DA5F04-B84E-412E-9647-EEEEFED222A6}] => (Allow) C:\Users\Jesús Saavedra\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
        FirewallRules: [{CC5A112F-AC6F-46EF-BA38-D5A2C17874BF}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe (Hewlett-Packard Company -> Hewlett-Packard)
        FirewallRules: [{B1633219-9674-434A-BAC5-36206E80C53F}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe (Hewlett Packard -> Hewlett-Packard)
        FirewallRules: [{E780C2E2-4153-45D1-800C-96CC757C7BAC}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe (Hewlett Packard -> Hewlett-Packard Co.)
        FirewallRules: [{65209CC8-958B-4AFE-A7A7-2F614CF2C0A0}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcopy2.exe (Hewlett Packard -> Hewlett-Packard Co.)
        FirewallRules: [{31D6D858-8908-460E-BB82-A0D1D25727F6}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe (Hewlett Packard -> Hewlett-Packard Co.)
        FirewallRules: [{3A0EBFDD-04EB-4001-9B45-19FAF25830B1}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett Packard -> Hewlett-Packard Co.)
        FirewallRules: [{7B85C398-87AC-4326-9753-6712105C4BAF}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPPSdr\HPDiagnosticCoreUI.exe (Hewlett Packard -> Hewlett-Packard)
        FirewallRules: [{DF781E20-0BAF-4CFA-826A-7473C8237E49}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPPSdr\HPDiagnosticCoreUI.exe (Hewlett Packard -> Hewlett-Packard)
        FirewallRules: [{8644DF03-92DC-4475-8424-D25C26F6CB56}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
        FirewallRules: [{2268FFD3-2E91-4867-B489-874189492F7B}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
        FirewallRules: [{00015D07-87D1-4F3B-9211-4C7754407329}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe (Microsoft Corporation -> Microsoft Corporation)
        FirewallRules: [{FC223444-060E-40B5-87BD-E7B1160D261E}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe (Microsoft Corporation -> Microsoft Corporation)
        FirewallRules: [{A9656646-A169-44D8-A9BB-B67A6CA2B561}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
        FirewallRules: [{51BA57C4-40E6-42E4-8A04-4E13BDABC399}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
        FirewallRules: [{58C0E2EA-4817-4B40-8989-5D4D4FBD0343}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
        FirewallRules: [{6E1DFD3C-7A03-4E65-8943-2C4FB14C1101}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
        FirewallRules: [UDP Query User{F5E00923-6CC2-4CDC-8FDF-73D551B2CC32}C:\users\jesús saavedra\appdata\local\jdownloader 2.0\jdownloader2.exe] => (Allow) C:\users\jesús saavedra\appdata\local\jdownloader 2.0\jdownloader2.exe (Appwork GmbH -> AppWork GmbH)
        FirewallRules: [TCP Query User{E269023C-2BFA-4523-B8DB-878C90BA12F5}C:\users\jesús saavedra\appdata\local\jdownloader 2.0\jdownloader2.exe] => (Allow) C:\users\jesús saavedra\appdata\local\jdownloader 2.0\jdownloader2.exe (Appwork GmbH -> AppWork GmbH)
        FirewallRules: [{34EEEDF4-EE30-4D32-B660-7D4A75F4071D}] => (Allow) C:\Program Files (x86)\Research In Motion\BlackBerry Desktop\Rim.Desktop.exe (Research In Motion -> Research In Motion)
        FirewallRules: [{87B108DC-12EF-44F9-A620-488282C4DCA1}] => (Allow) C:\Program Files (x86)\Research In Motion\BlackBerry Desktop\Rim.Desktop.exe (Research In Motion -> Research In Motion)
        FirewallRules: [{655C3074-E7D2-4FA1-B86C-E000F4F64C8E}] => (Allow) LPort=4482
        FirewallRules: [{225C0DF4-C510-4336-9C11-E23DAE2E5949}] => (Allow) LPort=4482
        FirewallRules: [{1FCC7604-CF8E-4221-8BCF-08879EF0E51B}] => (Allow) LPort=4481
        FirewallRules: [{C312AB06-E06E-45D9-A69B-164BECFF965B}] => (Allow) LPort=4481
        FirewallRules: [{9F0BC909-82AD-4476-96BA-E525EE69E547}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe (Hewlett Packard -> Hewlett-Packard Co.)
        FirewallRules: [{42AD7D85-EA5A-40E5-897A-A6D83E364B7A}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe (Hewlett Packard -> Hewlett-Packard Co.)
        FirewallRules: [{3931DF7A-9492-499C-B36E-1146AF37FCB6}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe (Hewlett Packard -> Hewlett-Packard Co.)
        FirewallRules: [{48582832-8D25-4BDF-8240-28D6BC64EB22}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe (Hewlett Packard -> Hewlett-Packard Co.)
        FirewallRules: [UDP Query User{81352855-638B-4184-B4FE-C6CE8F9C6099}C:\program files (x86)\ares\chatserver.exe] => (Allow) C:\program files (x86)\ares\chatserver.exe (Ares Development Group) [File not signed]
        FirewallRules: [TCP Query User{9A0091FE-F396-4ED8-A41E-9139801541FB}C:\program files (x86)\ares\chatserver.exe] => (Allow) C:\program files (x86)\ares\chatserver.exe (Ares Development Group) [File not signed]
        FirewallRules: [UDP Query User{EB99DBEA-B34A-4D3D-AC9D-3DF1BDBD4348}C:\program files (x86)\ares\ares.exe] => (Allow) C:\program files (x86)\ares\ares.exe (Ares Development Group) [File not signed]
        FirewallRules: [TCP Query User{49057C65-6679-45F1-A9B4-FBD0029EF0E0}C:\program files (x86)\ares\ares.exe] => (Allow) C:\program files (x86)\ares\ares.exe (Ares Development Group) [File not signed]
        FirewallRules: [UDP Query User{D5BB1068-ED0A-4643-A12F-362F61C713ED}C:\program files (x86)\ares\ares.exe] => (Allow) C:\program files (x86)\ares\ares.exe (Ares Development Group) [File not signed]
        FirewallRules: [TCP Query User{DFC109BD-B797-4948-BD1C-498D9C0E9214}C:\program files (x86)\ares\ares.exe] => (Allow) C:\program files (x86)\ares\ares.exe (Ares Development Group) [File not signed]
        FirewallRules: [{CBC0F2FD-431D-47E6-9B3F-D70737CAA7C3}] => (Allow) C:\Program Files (x86)\Samsung\Samsung Universal Print Driver 2\PrinterSelector\SUPDApp.exe (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
        FirewallRules: [TCP Query User{4DBDA1F8-64E4-4F29-88AC-70518EF03F2C}C:\program files (x86)\ares\chatserver.exe] => (Block) C:\program files (x86)\ares\chatserver.exe (Ares Development Group) [File not signed]
        FirewallRules: [UDP Query User{73204F1E-3280-49BC-A089-B6A1E687FBF0}C:\program files (x86)\ares\chatserver.exe] => (Block) C:\program files (x86)\ares\chatserver.exe (Ares Development Group) [File not signed]
        FirewallRules: [{9C4C01DF-6B6F-4D5C-BB39-039EAC9E0E7B}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe (Microsoft Corporation -> Microsoft Corporation)
        FirewallRules: [{959A53C7-F99E-45B2-B775-11BEBFCB0E0C}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe (Microsoft Corporation -> Microsoft Corporation)
        FirewallRules: [{D47DD8B5-8E31-41F7-A0AD-A7E3E3181104}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
        FirewallRules: [{0FCC0A30-5B8B-4EAD-96CA-8996D12A937A}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
        FirewallRules: [{FF13610C-A6DB-4BE3-BB72-2C91C8AA39E9}] => (Allow) C:\Windows\SysWOW64\rundll32.exe (Microsoft Windows -> Microsoft Corporation)
        FirewallRules: [{E4A97135-CAC3-4867-A46B-7FF8C62B6CC7}] => (Allow) C:\Windows\SysWOW64\rundll32.exe (Microsoft Windows -> Microsoft Corporation)
        FirewallRules: [{C789566C-A0E5-4CB1-920F-D2E4572D932D}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.)
        FirewallRules: [{B3B2425A-7851-478D-A900-64B62C4FC5FE}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)

        ==================== Restore Points =========================

        23-03-2019 12:28:28 Scheduled Checkpoint
        04-04-2019 13:30:48 Scheduled Checkpoint
        14-04-2019 09:50:18 Scheduled Checkpoint
        17-04-2019 10:21:21 Windows Update

        ==================== Faulty Device Manager Devices =============


        ==================== Event log errors: =========================

        Application errors:
        ==================
        Error: (04/18/2019 08:02:53 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
        Description: Event-ID 0

        Error: (04/18/2019 07:55:48 AM) (Source: Bonjour Service) (EventID: 100) (User: )
        Description: Task Scheduling Error: m->NextScheduledSPRetry 24319156

        Error: (04/18/2019 07:55:48 AM) (Source: Bonjour Service) (EventID: 100) (User: )
        Description: Task Scheduling Error: m->NextScheduledEvent 24319156

        Error: (04/18/2019 07:55:48 AM) (Source: Bonjour Service) (EventID: 100) (User: )
        Description: Task Scheduling Error: Continuously busy for more than a second

        Error: (04/18/2019 01:10:45 AM) (Source: Bonjour Service) (EventID: 100) (User: )
        Description: Task Scheduling Error: m->NextScheduledSPRetry 15531

        Error: (04/18/2019 01:10:45 AM) (Source: Bonjour Service) (EventID: 100) (User: )
        Description: Task Scheduling Error: m->NextScheduledEvent 15531

        Error: (04/18/2019 01:10:45 AM) (Source: Bonjour Service) (EventID: 100) (User: )
        Description: Task Scheduling Error: Continuously busy for more than a second

        Error: (04/17/2019 10:50:47 PM) (Source: SecurityCenter) (EventID: 16) (User: )
        Description: Error while updating  status to SECURITY_PRODUCT_STATE_OFF.


        System errors:
        =============
        Error: (04/18/2019 08:00:12 AM) (Source: DCOM) (EventID: 10016) (User: JESUSSAAVEDRAPC)
        Description: La configuración de permisos application-specific no concede el permiso Activation Local para la aplicación de servidor COM con CLSID 
        {D63B10C5-BB46-4990-A94F-E40B9D520160}
         y APPID 
        {9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
         al usuario JESUSSAAVEDRAPC\Jesús I. Saavedra con SID (S-1-5-21-921242894-1989990284-1724683343-1000) en la dirección LocalHost (Using LRPC) que se ejecuta en el contenedor de aplicaciones con SID Unavailable (Unavailable). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.

        Error: (04/18/2019 07:59:05 AM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
        Description: Error de DCOM "1053" al intentar iniciar el servicio gupdate con argumentos "/comsvc" para ejecutar el servidor:
        {4EB61BAC-A3B6-4760-9581-655041EF4D69}

        Error: (04/18/2019 07:59:05 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
        Description: El servicio Google Update Servicio (gupdate) no pudo iniciarse debido al siguiente error: 
        El servicio no respondió a tiempo a la solicitud de inicio o de control.

        Error: (04/18/2019 07:59:05 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
        Description: Se agotó el tiempo de espera (30000 ms) para la conexión con el servicio Google Update Servicio (gupdate).

        Error: (04/18/2019 07:56:03 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
        Description: La configuración de permisos application-specific no concede el permiso Activation Local para la aplicación de servidor COM con CLSID 
        {D63B10C5-BB46-4990-A94F-E40B9D520160}
         y APPID 
        {9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
         al usuario NT AUTHORITY\LOCAL SERVICE con SID (S-1-5-19) en la dirección LocalHost (Using LRPC) que se ejecuta en el contenedor de aplicaciones con SID Unavailable (Unavailable). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.

        Error: (04/18/2019 01:10:24 AM) (Source: DCOM) (EventID: 10010) (User: JESUSSAAVEDRAPC)
        Description: El servidor {A463FCB9-6B1C-4E0D-A80B-A2CA7999E25D} no se registró con DCOM dentro del tiempo de espera requerido.

        Error: (04/17/2019 10:56:08 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
        Description: El servidor {B91D5831-B1BD-4608-8198-D72E155020F7} no se registró con DCOM dentro del tiempo de espera requerido.

        Error: (04/17/2019 10:56:04 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
        Description: La configuración de permisos application-specific no concede el permiso Activation Local para la aplicación de servidor COM con CLSID 
        {D63B10C5-BB46-4990-A94F-E40B9D520160}
         y APPID 
        {9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
         al usuario NT AUTHORITY\LOCAL SERVICE con SID (S-1-5-19) en la dirección LocalHost (Using LRPC) que se ejecuta en el contenedor de aplicaciones con SID Unavailable (Unavailable). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.


        Windows Defender:
        ===================================
        Date: 2019-04-17 23:52:54.718
        Description: 
        El acceso controlado a carpetas impidió que C:\Program Files\CCleaner\CCUpdate.exe realizara cambios en la memoria.
        Tiempo de detección: 2019-04-18T03:52:54.717Z
        Usuario: NT AUTHORITY\SYSTEM
        Ruta de acceso: \Device\Harddisk0\DR0
        Nombre del proceso: C:\Program Files\CCleaner\CCUpdate.exe
        Versión de la firma: 1.291.2168.0
        Versión del motor: 1.1.15800.1
        Versión del producto: 4.18.1903.4

        Date: 2019-04-17 22:04:00.037
        Description: 
        El acceso controlado a carpetas impidió que C:\Program Files\CCleaner\CCUpdate.exe realizara cambios en la memoria.
        Tiempo de detección: 2019-04-18T02:04:00.036Z
        Usuario: JESUSSAAVEDRAPC\Jesús I. Saavedra
        Ruta de acceso: \Device\Harddisk0\DR0
        Nombre del proceso: C:\Program Files\CCleaner\CCUpdate.exe
        Versión de la firma: 1.291.2163.0
        Versión del motor: 1.1.15800.1
        Versión del producto: 4.18.1903.4

        Date: 2019-04-17 22:03:50.604
        Description: 
        El acceso controlado a carpetas impidió que C:\Program Files\CCleaner\CCUpdate.exe realizara cambios en la memoria.
        Tiempo de detección: 2019-04-18T02:03:50.603Z
        Usuario: JESUSSAAVEDRAPC\Jesús I. Saavedra
        Ruta de acceso: \Device\Harddisk0\DR0
        Nombre del proceso: C:\Program Files\CCleaner\CCUpdate.exe
        Versión de la firma: 1.291.2163.0
        Versión del motor: 1.1.15800.1
        Versión del producto: 4.18.1903.4

        Date: 2019-04-17 21:58:28.263
        Description: 
        El acceso controlado a carpetas impidió que C:\Users\Jesús Saavedra\Desktop\ccsetup556.exe realizara cambios en la memoria.
        Tiempo de detección: 2019-04-18T01:58:28.262Z
        Usuario: JESUSSAAVEDRAPC\Jesús I. Saavedra
        Ruta de acceso: \Device\Harddisk0\DR0
        Nombre del proceso: C:\Users\Jesús Saavedra\Desktop\ccsetup556.exe
        Versión de la firma: 1.291.2163.0
        Versión del motor: 1.1.15800.1
        Versión del producto: 4.18.1903.4

        Date: 2019-04-17 09:04:44.832
        Description: 
        El examen de Antivirus de Windows Defender se detuvo antes de completarse.
        Id. de examen: {DDBCD8B4-1037-4A8E-8F2B-F691B5D191BD}
        Tipo de examen: Antimalware
        Parámetros de examen: Examen rápido
        Usuario: NT AUTHORITY\SYSTEM

        Date: 2019-04-17 12:32:20.023
        Description: 
        Antivirus de Windows Defender encontró un error al intentar actualizar las firmas.
        Nueva versión de firma: 
        Versión de firma anterior: 1.291.2129.0
        Origen de actualización: Servidor de Microsoft Update
        Tipo de firma: AntiVirus
        Tipo de actualización: Completa
        Usuario: NT AUTHORITY\SYSTEM
        Versión de motor actual: 
        Versión de motor anterior: 1.1.15800.1
        Código de error: 0x80240438
        Descripción del error: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support. 

        Date: 2019-04-17 11:30:46.235
        Description: 
        Antivirus de Windows Defender encontró un error al intentar actualizar las firmas.
        Nueva versión de firma: 
        Versión de firma anterior: 1.291.2129.0
        Origen de actualización: Servidor de Microsoft Update
        Tipo de firma: AntiVirus
        Tipo de actualización: Completa
        Usuario: NT AUTHORITY\SYSTEM
        Versión de motor actual: 
        Versión de motor anterior: 1.1.15800.1
        Código de error: 0x80240016
        Descripción del error: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support. 

        Date: 2019-04-17 11:10:18.558
        Description: 
        Antivirus de Windows Defender encontró un error al intentar actualizar las firmas.
        Nueva versión de firma: 
        Versión de firma anterior: 1.291.2129.0
        Origen de actualización: Servidor de Microsoft Update
        Tipo de firma: AntiVirus
        Tipo de actualización: Completa
        Usuario: NT AUTHORITY\SYSTEM
        Versión de motor actual: 
        Versión de motor anterior: 1.1.15800.1
        Código de error: 0x8024402c
        Descripción del error: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support. 

        Date: 2019-04-16 21:39:26.357
        Description: 
        Antivirus de Windows Defender encontró un error al intentar actualizar las firmas.
        Nueva versión de firma: 
        Versión de firma anterior: 1.289.648.0
        Origen de actualización: Centro de protección contra malware de Microsoft
        Tipo de firma: AntiVirus
        Tipo de actualización: Completa
        Usuario: NT AUTHORITY\NETWORK SERVICE
        Versión de motor actual: 
        Versión de motor anterior: 1.1.15700.9
        Código de error: 0x80072ee7
        Descripción del error: The server name or address could not be resolved 

        Date: 2019-04-16 21:39:26.357
        Description: 
        Antivirus de Windows Defender encontró un error al intentar actualizar las firmas.
        Nueva versión de firma: 
        Versión de firma anterior: 1.289.648.0
        Origen de actualización: Centro de protección contra malware de Microsoft
        Tipo de firma: AntiSpyware
        Tipo de actualización: Completa
        Usuario: NT AUTHORITY\NETWORK SERVICE
        Versión de motor actual: 
        Versión de motor anterior: 1.1.15700.9
        Código de error: 0x80072ee7
        Descripción del error: The server name or address could not be resolved 

        CodeIntegrity:
        ===================================

        Date: 2019-04-18 08:56:06.068
        Description: 
        Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

        Date: 2019-04-18 08:56:03.547
        Description: 
        Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

        Date: 2019-04-18 08:56:03.466
        Description: 
        Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

        Date: 2019-04-18 08:56:03.366
        Description: 
        Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

        Date: 2019-04-18 08:56:03.280
        Description: 
        Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

        Date: 2019-04-18 08:56:03.225
        Description: 
        Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

        Date: 2019-04-18 08:56:03.102
        Description: 
        Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

        Date: 2019-04-18 08:55:54.268
        Description: 
        Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

        ==================== Memory info =========================== 

        Processor: Intel(R) Core(TM) i3-2330M CPU @ 2.20GHz
        Percentage of memory in use: 59%
        Total physical RAM: 6091.86 MB
        Available physical RAM: 2459.82 MB
        Total Virtual: 12235.86 MB
        Available Virtual: 8509.57 MB

        ==================== Drives ================================

        Drive c: (TI106234W0C) (Fixed) (Total:579.24 GB) (Free:33.2 GB) NTFS ==>[system with boot components (obtained from drive)]

        \\?\Volume{9643e244-0a9d-11e1-b712-806e6f6e6963}\ (System) (Fixed) (Total:1.46 GB) (Free:1.21 GB) NTFS
        \\?\Volume{9deb38f3-0000-0000-0000-002d91000000}\ () (Fixed) (Total:0.94 GB) (Free:0.45 GB) NTFS

        ==================== MBR & Partition Table ==================

        ========================================================
        Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 596.2 GB) (Disk ID: 9DEB38F3)
        Partition 1: (Active) - (Size=1.5 GB) - (Type=27)
        Partition 2: (Not Active) - (Size=579.2 GB) - (Type=07 NTFS)
        Partition 3: (Not Active) - (Size=965 MB) - (Type=27)
        Partition 4: (Not Active) - (Size=14.5 GB) - (Type=17)

        ==================== End of Addition.txt ============================
#16

Continua con lo indicado, si

#17

Bien, ya desde las primeras indicaciones dejaron de aparecer el símbolo del sistema y la ventana donde indicaba que faltaba un archivo. En general veo que la velocidad de inicio es mayor, y luego de todos estos procedimientos, entiendo hay mayor rendimiento y no ya procesos en segundo plano que consuman recurso sin mi consentimiento. No sé como comporbar eso con un status anterior.

copio aquí el log solicitado:

Fix result of Farbar Recovery Scan Tool (x64) Version: 17.04.2019
Ran by Jesús I. Saavedra (20-04-2019 17:22:24) Run:1
Running from C:\Users\Jesús Saavedra\Desktop
Loaded Profiles: Jesús I. Saavedra (Available Profiles: Jesús I. Saavedra & Temporal Europa)
Boot Mode: Safe Mode (with Networking)
==============================================

fixlist content:
*****************
Start
CreateRestorePoint:
CloseProcesses:

CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
CHR HKU\S-1-5-21-921242894-1989990284-1724683343-1000\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
FF Plugin: @videolan.org/vlc,version=2.1.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\autoconf_warsaw.js [2018-04-10] <==== ATTENTION (Points to *.cfg file)
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\warsaw.cfg [2018-04-10] <==== ATTENTION
CHR HKU\S-1-5-21-921242894-1989990284-1724683343-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [ohfdiojichmakejoojpjejpmhhdfngch] - <no Path/update_url>
U3 aspnet_state; no ImagePath
S3 SWDUMon; \SystemRoot\system32\DRIVERS\SWDUMon.sys [X]
2009-08-04 13:54 - 2009-08-04 13:54 - 000000087 ____C () C:\Program Files (x86)\AUTORUN.INF
2009-01-23 15:25 - 2015-09-08 15:45 - 000184320 ____C () C:\Program Files (x86)\SecSNMP.dll
2006-12-21 22:14 - 2006-12-21 22:14 - 000016948 ____C () C:\Program Files (x86)\Setup.dat
2009-08-11 18:18 - 2009-08-11 18:18 - 000777320 ____C () C:\Program Files (x86)\Setup.exe
2006-09-01 18:35 - 2015-09-08 15:46 - 004218880 ____C () C:\Program Files (x86)\Ssres.dll
2015-03-31 04:14 - 2015-03-31 04:14 - 000005655 ____C () C:\Users\Jes�s Saavedra\AppData\Roaming\aTc838ba8Cr1dirnHZk2UfF7x
2015-03-31 04:14 - 2015-03-31 04:14 - 000004387 ____C () C:\Users\Jes�s Saavedra\AppData\Roaming\NX8DdnnvtqOBLE9F
2019-04-17 23:06 - 2014-10-18 22:32 - 000242272 _____ (Krzysztof Kowalczyk) C:\Users\Jes�s Saavedra\AppData\Local\Temp\sum~inst.exe
2019-02-08 12:35 - 2019-02-08 12:35 - 000000000 _____ () C:\Users\Jes�s Saavedra\AppData\Local\{5E41F176-7348-4459-A3E1-B084FA761ED0}
Task: {2DF79931-ADE5-411C-9747-81A3343C4743} - \RealPlayer (32-bit)  -> No File <==== ATTENTION
Task: {2F3581A7-04CA-4DED-9023-F46BDA5CE952} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {32AA6A10-AF07-44AE-92CA-AE63EC50ED5D} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {52E0F425-4AB2-48B4-81EE-9B67A33F87A6} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION
Task: {53EE1840-8B7B-41B8-940D-92064ACF2D26} - \Microsoft\Windows\Setup\GWXTriggers\Time-Weekend -> No File <==== ATTENTION
Task: {53FB524F-C373-4003-90AC-5A8C93BB9EB8} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {8A026BB3-6F85-4593-B3EA-0D42B87BB3B5} - \Microsoft\Windows\Setup\gwx\rundetector -> No File <==== ATTENTION
Task: {9D6FDA1B-318E-4ED4-82EC-1A8CFC4DBB54} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {AF91B4F6-B7A8-49D4-8DCE-26B375C32AC1} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {BE399A9C-5667-491E-8453-FD88A24BADD1} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {CCC45F4D-4616-47B6-9D09-7196FED98F0A} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {D1DBD469-2E5E-499C-972A-1DEA069C84A3} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {D3FEBDA6-8EB0-4549-83E2-81D6E982F87D} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {EC94E78C-1798-45E2-B4A4-388403BB4B6B} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION
Task: {F159334C-CF38-4068-82FD-518439CBF207} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {F45B5275-D2B7-4085-93A3-6D5C2C59B439} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {FBBF0C57-2243-4D42-A641-31B487DB716F} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]
Shortcut: C:\Users\Jes�s Saavedra\Favorites\Sitio para descargas de NCH Software.lnk -> hxxp://www.nchsoftware.com/es/index.htm
ShortcutWithArgument: C:\Users\Jes�s Saavedra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Cisco WebEx IM.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory=Default --app-id=gdgodbfllkenehbjembldlmkjjdafigh
AlternateDataStreams: C:\ProgramData\TEMP:0B4227B4 [124]
AlternateDataStreams: C:\ProgramData\TEMP:A1EDB939 [114]
AlternateDataStreams: C:\ProgramData\TEMP:D1B5B4F1 [112]


HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
END
*****************

Error: Restore point can only be created in normal mode.
Processes closed successfully.
HKLM\SOFTWARE\Policies\Google => removed successfully
HKU\S-1-5-21-921242894-1989990284-1724683343-1000\SOFTWARE\Policies\Google => removed successfully
"HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN" => not found
C:\Program Files\VideoLAN\VLC\npvlc.dll => moved successfully
"HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN" => not found
"C:\Program Files\VideoLAN\VLC\npvlc.dll" => not found
"HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN" => not found
"C:\Program Files\VideoLAN\VLC\npvlc.dll" => not found
"HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.2.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN" => not found
"C:\Program Files\VideoLAN\VLC\npvlc.dll" => not found
"HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN" => not found
"C:\Program Files\VideoLAN\VLC\npvlc.dll" => not found
C:\Program Files (x86)\mozilla firefox\defaults\pref\autoconf_warsaw.js => moved successfully
C:\Program Files (x86)\mozilla firefox\warsaw.cfg => moved successfully
HKU\S-1-5-21-921242894-1989990284-1724683343-1000\SOFTWARE\Google\Chrome\Extensions\ohfdiojichmakejoojpjejpmhhdfngch => removed successfully
HKLM\System\CurrentControlSet\Services\aspnet_state => removed successfully
aspnet_state => service removed successfully
HKLM\System\CurrentControlSet\Services\SWDUMon => removed successfully
SWDUMon => service removed successfully
C:\Program Files (x86)\AUTORUN.INF => moved successfully
C:\Program Files (x86)\SecSNMP.dll => moved successfully
C:\Program Files (x86)\Setup.dat => moved successfully
C:\Program Files (x86)\Setup.exe => moved successfully
C:\Program Files (x86)\Ssres.dll => moved successfully
"C:\Users\Jes�s Saavedra\AppData\Roaming\aTc838ba8Cr1dirnHZk2UfF7x" => not found
"C:\Users\Jes�s Saavedra\AppData\Roaming\NX8DdnnvtqOBLE9F" => not found
"C:\Users\Jes�s Saavedra\AppData\Local\Temp\sum~inst.exe" => not found
"C:\Users\Jes�s Saavedra\AppData\Local\{5E41F176-7348-4459-A3E1-B084FA761ED0}" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2DF79931-ADE5-411C-9747-81A3343C4743}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2DF79931-ADE5-411C-9747-81A3343C4743}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\RealPlayer (32-bit) " => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2F3581A7-04CA-4DED-9023-F46BDA5CE952}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2F3581A7-04CA-4DED-9023-F46BDA5CE952}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{32AA6A10-AF07-44AE-92CA-AE63EC50ED5D}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{32AA6A10-AF07-44AE-92CA-AE63EC50ED5D}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{52E0F425-4AB2-48B4-81EE-9B67A33F87A6}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{52E0F425-4AB2-48B4-81EE-9B67A33F87A6}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{53EE1840-8B7B-41B8-940D-92064ACF2D26}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{53EE1840-8B7B-41B8-940D-92064ACF2D26}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-Weekend" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{53FB524F-C373-4003-90AC-5A8C93BB9EB8}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{53FB524F-C373-4003-90AC-5A8C93BB9EB8}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8A026BB3-6F85-4593-B3EA-0D42B87BB3B5}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8A026BB3-6F85-4593-B3EA-0D42B87BB3B5}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\rundetector" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9D6FDA1B-318E-4ED4-82EC-1A8CFC4DBB54}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9D6FDA1B-318E-4ED4-82EC-1A8CFC4DBB54}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{AF91B4F6-B7A8-49D4-8DCE-26B375C32AC1}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AF91B4F6-B7A8-49D4-8DCE-26B375C32AC1}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BE399A9C-5667-491E-8453-FD88A24BADD1}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BE399A9C-5667-491E-8453-FD88A24BADD1}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CCC45F4D-4616-47B6-9D09-7196FED98F0A}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CCC45F4D-4616-47B6-9D09-7196FED98F0A}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{D1DBD469-2E5E-499C-972A-1DEA069C84A3}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D1DBD469-2E5E-499C-972A-1DEA069C84A3}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D3FEBDA6-8EB0-4549-83E2-81D6E982F87D}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D3FEBDA6-8EB0-4549-83E2-81D6E982F87D}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{EC94E78C-1798-45E2-B4A4-388403BB4B6B}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EC94E78C-1798-45E2-B4A4-388403BB4B6B}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\OfficeSoftwareProtectionPlatform\SvcRestartTask" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F159334C-CF38-4068-82FD-518439CBF207}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F159334C-CF38-4068-82FD-518439CBF207}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{F45B5275-D2B7-4085-93A3-6D5C2C59B439}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F45B5275-D2B7-4085-93A3-6D5C2C59B439}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FBBF0C57-2243-4D42-A641-31B487DB716F}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FBBF0C57-2243-4D42-A641-31B487DB716F}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d" => removed successfully
"CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"" => removed successfully
"BVTFilter" => removed successfully
"BVTConsumer" => removed successfully
"C:\Users\Jes�s Saavedra\Favorites\Sitio para descargas de NCH Software.lnk" => not found
"C:\Users\Jes�s Saavedra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Cisco WebEx IM.lnk" => not found
C:\ProgramData\TEMP => ":0B4227B4" ADS removed successfully
C:\ProgramData\TEMP => ":A1EDB939" ADS removed successfully
C:\ProgramData\TEMP => ":D1B5B4F1" ADS removed successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

========= RemoveProxy: =========

"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully
"HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully
"HKU\S-1-5-21-921242894-1989990284-1724683343-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\S-1-5-21-921242894-1989990284-1724683343-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully


========= End of RemoveProxy: =========


========= netsh winsock reset =========


El cat logo Winsock se restableci¢ correctamente.
Debe reiniciar el equipo para completar el restablecimiento.


========= End of CMD: =========


========= ipconfig /renew =========


Configuraci¢n IP de Windows

No se puede realizar ninguna operaci¢n en Local Area Connection mientras los medios
est‚n desconectados.
No se puede realizar ninguna operaci¢n en Wireless Network Connection mientras los medios
est‚n desconectados.
No se puede realizar ninguna operaci¢n en Local Area Connection* 2 mientras los medios
est‚n desconectados.
No se puede realizar ninguna operaci¢n en Local Area Connection* 4 mientras los medios
est‚n desconectados.

========= End of CMD: =========


========= ipconfig /flushdns =========


Configuraci¢n IP de Windows

Se vaci¢ correctamente la cach‚ de resoluci¢n de DNS.

========= End of CMD: =========


========= bitsadmin /reset /allusers =========


BITSADMIN version 3.0
BITS administration utility.
(C) Copyright Microsoft Corp.

Unable to connect to BITS - 0x8007043c

========= End of CMD: =========


========= netsh advfirewall reset =========

Aceptar


========= End of CMD: =========


========= netsh advfirewall set allprofiles state ON =========

Aceptar


========= End of CMD: =========


========= netsh int ipv4 reset =========

Reenv¡o de compartimiento se restableci¢ correctamente.
Compartimiento se restableci¢ correctamente.
Protocolo de control se restableci¢ correctamente.
Solicitud de secuencia eco se restableci¢ correctamente.
Global se restableci¢ correctamente.
Interfaz se restableci¢ correctamente.
Direcci¢n de difusi¢n por proximidad (a se restableci¢ correctamente.
Direcciones de multidifusi¢n se restableci¢ correctamente.
Direcci¢n de unidifusi¢n se restableci¢ correctamente.
Vecino se restableci¢ correctamente.
Ruta de acceso se restableci¢ correctamente.
Posible se restableci¢ correctamente.
Directiva de prefijo se restableci¢ correctamente.
Vecino de proxy se restableci¢ correctamente.
Ruta se restableci¢ correctamente.
Prefijo de sitio se restableci¢ correctamente.
Subinterfaz se restableci¢ correctamente.
Patr¢n de reactivaci¢n se restableci¢ correctamente.
Resolver vecino se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
Error al restablecer .
Acceso denegado.

 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.


========= End of CMD: =========


========= netsh int ipv6 reset =========

Reenv¡o de compartimiento se restableci¢ correctamente.
Compartimiento se restableci¢ correctamente.
Protocolo de control se restableci¢ correctamente.
Solicitud de secuencia eco se restableci¢ correctamente.
Global se restableci¢ correctamente.
Interfaz se restableci¢ correctamente.
Direcci¢n de difusi¢n por proximidad (a se restableci¢ correctamente.
Direcciones de multidifusi¢n se restableci¢ correctamente.
Direcci¢n de unidifusi¢n se restableci¢ correctamente.
Vecino se restableci¢ correctamente.
Ruta de acceso se restableci¢ correctamente.
Posible se restableci¢ correctamente.
Directiva de prefijo se restableci¢ correctamente.
Vecino de proxy se restableci¢ correctamente.
Ruta se restableci¢ correctamente.
Prefijo de sitio se restableci¢ correctamente.
Subinterfaz se restableci¢ correctamente.
Patr¢n de reactivaci¢n se restableci¢ correctamente.
Resolver vecino se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
Error al restablecer .
Acceso denegado.

 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.


========= End of CMD: =========


=========== EmptyTemp: ==========

BITS transfer queue => 12083200 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 13855856 B
Java, Flash, Steam htmlcache => 1154 B
Windows/system/drivers => 33995307 B
Edge => 31045530 B
Chrome => 398517522 B
Firefox => 42653616 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 29482 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 29482 B
LocalService => 0 B
NetworkService => 37548 B
NetworkService => 0 B
Jesús Saavedra => 45912961 B
Temporal Europa => 136260 B

RecycleBin => 52154286 B
EmptyTemp: => 601.2 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 17:25:53 ====
#18

No te preocupes, el problema planteado está solucionado y hemos eliminado todo el resto de infección y eliminar algunas cosas que hacían un incorrecto funcionamiento del PC.

Para eliminar las herramientas usadas en la desinfección, realizas:

  • Descargas y Ejecutas >> Delfix, en tu escritorio.

  • Doble clic para ejecutarlo.(Si usas Windows Vista/7 /8 /10,presiona clic derecho y selecciona >>;Ejecutar como Administrador.)

  • Marca solamente la casilla Remove disinfection tools

  • Pulsar en Run.

Se abrirá el informe (DelFix.txt), guárdalo por si fuera necesario y cierra la herramienta.

Si queda alguna herramienta, la desinstalas desde panel de Windows y aquellas que no estén listadas, se eliminan directamente.


Me alegro de haberte podido ayudar! :+1:


TEMA SOLUCIONADO

#19

Muchísimas gracias Miguel!

#20

De nada!!!:wink:

cerrado #21

Este tema se cerró automáticamente 2 días después del último post. No se permiten nuevas respuestas.