POP.Optional. Detecta antyspware y vuelve

Buenas le paso el malware bytes y adwcleaner me detecta estos archivos lo borro reiniciando y regresan me gustaria borrarlos por completo

v2xu1u.png1116×439 10.2 KB

Buenas @savide bienvenido al Foro.

Para revisar tu máquina, sigue estos pasos, en el orden indicado y leyendo todo lo explicado.

Desactiva temporalmente el Antivirus Cómo deshabilitar temporalmente su Antivirus, mientras estemos realizando TODOS los pasos.

Vamos a descargar en TU ESCRITORIO(y NO en otro lugar ) todas las herramientas que vamos a utilizar en este procedimiento (pero no las ejecutes todavía) :

• CCleaner + Manual.

• Malwarebytes’ Anti-Malware + Manual. revisa en detalle el manual, para que sepas usarlo y configurarlo correctamente.

• AdwCleaner + Manual.

• Junkware Removal Tool.

• Farbar Recovery Scan Tool. seleccionando la versión adecuada para la arquitectura(32 o 64bits) de tu equipo. [color=#FF8C00][size=1] ¿Cómo saber si mi Windows es de 32 o 64 bits.?[/size][/color]

Ejecutas las herramientas de una en una y en el orden indicado :

CCleaner.-

• Instalas y Ejecutas CCleaner siguiendo los pasos indicados en el manual.

• Úsalo primero en su opción de Limpiador para borrar cookies, temporales de Internet y todos los archivos que te muestre como obsoletos.

• Después usa su opción de Registro para limpiar todo el registro de Windows(haciendo copia de seguridad).

Malwarebytes.-

• Instalas y Ejecutas MBAM siguiendo los pasos indicados en el manual.

• Realiza un Análisis Completo.

• Seleccionando TODOS a Cuarentena para enviarlo a la cuarentena y Reinicias el sistema.

• En el apartado del manual Historial encontrarás el informe del MBAM, que debes copiar y pegar en tu próxima respuesta, para analizarlo.

AdwCleaner.-

• Ejecuta Adwcleaner.exe.

• Pulsamos en el botón Analizar ahora, y espera a que se realice el proceso, inmediatamente pulsa siempre sobre el botón Iniciar Reparación.

• Espera a que se complete y sigue las instrucciones, si te pidiera Reiniciar el sistema Aceptas.

• El log/informe lo encontramos en la pestaña “Informes”, volviendo a abrir el programa si fuese necesario, para poder copiarlo y pegarlo en tu próxima respuesta.

• El informe también se puede encontrar en C:\AdwCleaner\Logs\AdwCleaner[C00].txt

Junkware Removal Tool.-

• Ejecuta JRT.exe.

• Y pulsar cualquier tecla para continuar, esperar pacientemente a que termine el proceso.

• Si en algún momento te pide Reiniciar hazlo.

• Al finalizar, un registro/informe (JRT.txt) se guardara en el escritorio y se abrirá automáticamente.

• Copia y pega el contenido de JRT.txt en tu próxima respuesta.

Farbar Recovery Scan Tool.-

• Ejecuta FRST.exe.

• En el mensaje de la ventana del Disclaimer, pulsamos Yes

• En la ventana principal pulsamos en el botón Scan y esperamos a que concluya el proceso.

• Se abrirán dos(2) archivos(Logs), Frst.txt y Addition.txt, estos quedaran grabados en el escritorio.

Poner los informes en tu próxima respuesta de :

• Malwarebytes, AdwCleaner, JRT, FRST + Addition.txt, y en ese orden.

Debes copiarlos y pegarlos con todo su contenido y usaras varios mensajes si recibes un mensaje de error indicando que es muy largo(mas de 50.000 caracteres aprox.).

Y nos cuentas como funciona tu equipo en relación al problema planteado.

Saludos Javier.

Buenas JAvier,

Gracias por la ayuda, ya he realizado los pasos que me has puesto con exactitud e reiniciado pero al pasar de nuevo el adwcleaner sigue saliendo esas PUP.Optional.XXXX , en principio no tengo ninguna problema cone l pc pero no creo que sea bueno tener eso ahi. Te adjunto los logs en orden .

Malwarebytes
www.malwarebytes.com

-Detalles del registro-
Fecha del análisis: 14/6/19
Hora del análisis: 21:38
Archivo de registro: fdff10e2-8edb-11e9-8b68-1c1b0df589b6.json

-Información del software-
Versión: 3.7.1.2839
Versión de los componentes: 1.0.586
Versión del paquete de actualización: 1.0.11054
Licencia: Prueba

-Información del sistema-
SO: Windows 10 (Build 17763.557)
CPU: x64
Sistema de archivos: NTFS
Usuario: DESKTOP-QJF5P18\Rock_

-Resumen del análisis-
Tipo de análisis: Análisis de amenazas
Análisis iniciado por:: Manual
Resultado: Completado
Objetos analizados: 394240
Amenazas detectadas: 7
Amenazas en cuarentena: 7
Tiempo transcurrido: 2 min, 47 seg

-Opciones de análisis-
Memoria: Activado
Inicio: Activado
Sistema de archivos: Activado
Archivo: Activado
Rootkits: Desactivado
Heurística: Activado
PUP: Detectar
PUM: Detectar

-Detalles del análisis-
Proceso: 0
(No hay elementos maliciosos detectados)

Módulo: 0
(No hay elementos maliciosos detectados)

Clave del registro: 0
(No hay elementos maliciosos detectados)

Valor del registro: 0
(No hay elementos maliciosos detectados)

Datos del registro: 0
(No hay elementos maliciosos detectados)

Secuencia de datos: 0
(No hay elementos maliciosos detectados)

Carpeta: 0
(No hay elementos maliciosos detectados)

Archivo: 7
PUP.Optional.Trovi, C:\USERS\ROCK_\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Data\SyncData.sqlite3, Sustituido, [430], [454808],1.0.11054
PUP.Optional.Trovi, C:\USERS\ROCK_\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Sustituido, [430], [454808],1.0.11054
PUP.Optional.SweetPage, C:\USERS\ROCK_\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Data\SyncData.sqlite3, Sustituido, [398], [455284],1.0.11054
PUP.Optional.SweetPage, C:\USERS\ROCK_\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Sustituido, [398], [455284],1.0.11054
PUP.Optional.SweetPage, C:\USERS\ROCK_\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Sustituido, [398], [455284],1.0.11054
PUP.Optional.Conduit, C:\USERS\ROCK_\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Sustituido, [208], [454835],1.0.11054
PUP.Optional.Spigot, C:\USERS\ROCK_\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Sustituido, [163], [475078],1.0.11054

Sector físico: 0
(No hay elementos maliciosos detectados)

WMI: 0
(No hay elementos maliciosos detectados)


(end)

# -------------------------------
# Mode: Scan
# -------------------------------
# Start:    06-14-2019
# Duration: 00:00:08
# OS:       Windows 10 Pro
# Scanned:  27198
# Detected: 0


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.


AdwCleaner[S00].txt - [1267 octets] - [14/06/2019 19:36:09]
AdwCleaner[C00].txt - [1433 octets] - [14/06/2019 19:36:21]
AdwCleaner[S01].txt - [1516 octets] - [14/06/2019 19:37:50]
AdwCleaner[C01].txt - [1628 octets] - [14/06/2019 19:38:10]
AdwCleaner[S02].txt - [1638 octets] - [14/06/2019 19:39:30]
AdwCleaner[S03].txt - [1554 octets] - [14/06/2019 21:43:15]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S04].txt ##########

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.4 (07.09.2017)
Operating System: Windows 10 Enterprise x64 
Ran by Rock_ (Administrator) on 14/06/2019 at 21:45:13,15
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 0 




Registry: 0 





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 14/06/2019 at 21:46:55,92
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 12-06-2019 01
Ran by Rock_ (administrator) on DESKTOP-QJF5P18 (Gigabyte Technology Co., Ltd. B250M-DS3H) (14-06-2019 21:47:54)
Running from C:\Users\Rock_\Desktop
Loaded Profiles: Rock_ & SQLTELEMETRY$SQLEXPRESS & MSSQL$SQLEXPRESS (Available Profiles: Rock_ & SQLTELEMETRY$SQLEXPRESS & MSSQL$SQLEXPRESS & DefaultAppPool)
Platform: Windows 10 Pro Version 1809 17763.557 (X64) Language: Español (España, internacional)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Adobe Systems Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.141.333\AvastBrowserCrashHandler.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.141.333\AvastBrowserCrashHandler64.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.11\GoogleCrashHandler.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.11\GoogleCrashHandler64.exe
(Kaspersky Lab -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\avp.exe
(Kaspersky Lab -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\avpui.exe
(Kaspersky Lab -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 3.0\ksde.exe
(Kaspersky Lab -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 3.0\ksdeui.exe
(Malwarebytes Corporation -> Malwarebytes) E:\Program Files\Anti-Malware\MBAMService.exe
(Malwarebytes Corporation -> Malwarebytes) E:\Program Files\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL13.SQLEXPRESS\MSSQL\Binn\sqlceip.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL13.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\snmp.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Nitro Software, Inc. -> ) E:\Program Files\Nitro\Nitro_UpdateService.exe
(Nitro Software, Inc. -> Nitro Software, Inc.) E:\Program Files\Nitro\NitroPDFDriverService11x64.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9235936 2017-08-10] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2849872 2019-05-04] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2407008 2017-07-13] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [Newskill Renshi PRO Gaming laser mouse] => E:\Program Files\NewSkill rensh\Monitor.exe [180224 2015-04-14] () [File not signed]
HKLM-x32\...\Run: [KeePass 2 PreLoad] => C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe [3312208 2019-05-04] (Open Source Developer, Dominik Reichl -> Dominik Reichl)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-123870419-2932056986-2441981344-1001\...\Run: [Steam] => E:\Program Files\Steam\steam.exe [3148576 2019-06-14] (Valve -> Valve Corporation)
HKU\S-1-5-21-123870419-2932056986-2441981344-1001\...\Run: [f.lux] => C:\Users\Rock_\AppData\Local\FluxSoftware\Flux\flux.exe [1378824 2019-05-07] (F.lux Software LLC -> f.lux Software LLC)
HKU\S-1-5-21-123870419-2932056986-2441981344-1001\...\Policies\Explorer: [NoInternetOpenWith] 1
HKU\S-1-5-21-123870419-2932056986-2441981344-1001\...\MountPoints2: {b1f28144-711b-11e9-8174-1c1b0df589b6} - "F:\HiSuiteDownLoader.exe" 
HKU\S-1-5-21-123870419-2932056986-2441981344-1001\...\MountPoints2: {b1f281c7-711b-11e9-8174-1c1b0df589b6} - "F:\HiSuiteDownLoader.exe" 
HKU\S-1-5-80-1985561900-798682989-2213159822-1904180398-3434236965\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2018-09-15] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-80-3880006512-4290199581-1648723128-3569869737-3631323133\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2018-09-15] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-18\...\RunOnce: [Application Restart #1] => C:\Windows\System32\osk.exe [637952 2018-09-15] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-18\...\RunOnce: [Application Restart #0] => C:\Windows\System32\osk.exe [637952 2018-09-15] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\system32\rtvcvfw64.dll [246272 2012-09-28] () [File not signed]
HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\SysWOW64\rtvcvfw32.dll [247296 2012-09-28] () [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\74.0.3729.169\Installer\chrmstp.exe [2019-05-23] (Google LLC -> Google Inc.)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{30C521FB-255B-46C8-9F0D-EE5AE371C9AA}] -> C:\Program Files (x86)\AVAST Software\Browser\Application\74.0.1376.131\Installer\chrmstp.exe [2019-06-13] (AVAST Software s.r.o. -> AVAST Software)
Startup: C:\Users\Rock_\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Enviar a OneNote.lnk [2018-05-12]
ShortcutTarget: Enviar a OneNote.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
Startup: C:\Users\Rock_\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk [2018-12-30]
ShortcutTarget: MEGAsync.lnk -> C:\Users\Rock_\AppData\Local\MEGAsync\MEGAsync.exe (Mega Limited -> Mega Limited)
GroupPolicy: Restriction ? <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {05C5D19B-A467-4222-96C5-F012D5F40ED3} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335872 2019-03-12] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {194414CD-983E-43F3-AC64-31EEC6BD1E47} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [976832 2018-03-14] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {19BA08E6-F2A9-4DF6-8DF8-413E68063473} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [662464 2018-03-14] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {1D75F913-D1F8-4FDA-9FE8-D58BF12F2905} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1448488 2019-06-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {21C37D36-10B1-4FA7-A6D5-D70F09242E77} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [510912 2018-03-14] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {2BFCE6D1-C356-4CF5-B4D8-41BA61829674} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-06-07] (AVAST Software s.r.o. -> AVAST Software)
Task: {2CF6317F-CEE5-4F9E-9CED-448ADF011BD4} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe [113600 2019-06-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {2D88E92A-861E-487D-A4BB-29055AAE1275} - System32\Tasks\[email protected] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2849872 2019-05-04] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {30BBC3DC-2092-4294-A74E-CDA268EEF2FE} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-06-04] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {3247CDB0-CFC4-4E57-B9E7-83C9056BD861} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe [113600 2019-06-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {336726F9-5B26-4DCD-BB51-32696C2C2C8A} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [522688 2018-03-14] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {3559B5B6-9DA5-4DED-BBAA-D891C65BE2ED} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-08-26] (Google Inc -> Google Inc.)
Task: {3685979E-5F05-4FB7-B3F9-2D4AFBD3F84E} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2281944 2019-06-04] (AVAST Software s.r.o. -> AVAST Software)
Task: {439EDD50-C887-4398-A5CD-401783CF434E} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4544576 2019-06-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {4987A34A-47E6-44AE-9AFC-77E924A66F3A} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2069952 2018-03-14] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {4C7EBD44-4252-4434-B95C-0932B0B3815D} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26803792 2019-06-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {5EE23635-8BD3-44B6-95F3-866A6600AA3A} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1448488 2019-06-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {60473229-8123-4E31-A4F4-252385D83AA8} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [757184 2018-03-14] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {7A090ED2-A4F1-493E-BA86-92D108AC65EA} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4544576 2019-06-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {7F90E1CA-666C-4077-A56E-FDB01694025D} - System32\Tasks\MEGA\MEGAsync Update Task S-1-5-21-123870419-2932056986-2441981344-1001 => C:\Users\Rock_\AppData\Local\MEGAsync\MEGAupdater.exe [615160 2019-06-05] (Mega Limited -> Mega Limited)
Task: {7FEB4E09-1D78-4FD2-A45A-78DD0C204B16} - System32\Tasks\Microsoft\VisualStudio\VSIX Auto Update 15.0.437 => E:\Program Files\Visual Studio\Common7\IDE\VSIXAutoUpdate.exe [180712 2017-10-11] (Microsoft Corporation -> )
Task: {9225C32C-B060-40A3-9A0C-D4BACE7CF097} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [1958568 2019-05-14] (AVAST Software s.r.o. -> AVAST Software)
Task: {9E0ED668-BBAC-47CD-9E76-F000EB136D0F} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [16664352 2019-06-04] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {A6753ABB-E069-420C-BEFE-AFE90CAE3961} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-06-07] (AVAST Software s.r.o. -> AVAST Software)
Task: {A7AF8E9E-D722-4D6A-A69C-CEB72F24F7EE} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26803792 2019-06-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {AD40609B-C805-416E-8797-573838E24741} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-08-26] (Google Inc -> Google Inc.)
Task: {D90CCD24-9DBD-4C56-9AC0-00C5F060F111} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1503848 2019-06-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {DD3136E3-768D-4975-A505-0FE883284258} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_156_pepper.exe
Task: {DDF15E96-00B6-46EE-943E-00F0BA396838} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe [469952 2018-03-14] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {E69B1D97-0690-413F-A80A-93BFAF7872EE} - System32\Tasks\Avast Secure Browser Heartbeat Task (Logon) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [1958568 2019-05-14] (AVAST Software s.r.o. -> AVAST Software)
Task: {E78D80F7-1B06-41FF-B266-D4303B1BC7E0} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [662464 2018-03-14] (NVIDIA Corporation -> NVIDIA Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{55e54fdf-1cef-4bb2-b974-603e9f57df22}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{bb6750cf-b69b-4595-a4de-4b78e5866db2}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{d02f5238-5dca-4544-bb74-59fcef8996f2}: [NameServer] 8.8.8.8,8.8.4.4

Internet Explorer:
==================
HKU\S-1-5-21-123870419-2932056986-2441981344-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.es/
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2019-06-12] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2019-03-13] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-05-17] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-05-17] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-05-17] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-05-17] (Microsoft Corporation -> Microsoft Corporation)

FireFox:
========
FF DefaultProfile: tluq3hr6.default
FF ProfilePath: C:\Users\Rock_\AppData\Roaming\Mozilla\Firefox\Profiles\tluq3hr6.default [2019-06-14]
FF Extension: (Avast SafePrice | Comparaciones, ofertas y cupones) - C:\Users\Rock_\AppData\Roaming\Mozilla\Firefox\Profiles\tluq3hr6.default\Extensions\[email protected] [2018-11-22] [UpdateUrl:hxxps://firefoxext.avcdn.net/firefoxext/avast/sp/update.json]
FF Extension: (uBlock Origin) - C:\Users\Rock_\AppData\Roaming\Mozilla\Firefox\Profiles\tluq3hr6.default\Extensions\[email protected] [2019-05-24]
FF Extension: (Avast Online Security) - C:\Users\Rock_\AppData\Roaming\Mozilla\Firefox\Profiles\tluq3hr6.default\Extensions\[email protected] [2019-05-18]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\FFExt\light_plugin_firefox\addon.xpi
FF Extension: (Kaspersky Protection) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\FFExt\light_plugin_firefox\addon.xpi [2019-04-15]
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt => not found
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\FFExt\light_plugin_firefox\addon.xpi
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VLC\npvlc.dll [No File]
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2017-07-13] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2019-03-13] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2019-03-13] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-16] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-16] (Google Inc -> Google LLC)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2017-07-13] (Adobe Systems Incorporated -> Adobe Systems)

Chrome: 
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxps://www.google.com/
CHR StartupUrls: Default -> "hxxps://www.google.es/"
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\Rock_\AppData\Local\Google\Chrome\User Data\Default [2019-06-14]
CHR Extension: (Presentaciones) - C:\Users\Rock_\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-12]
CHR Extension: (Material Incognito Dark Theme) - C:\Users\Rock_\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahifcnpnjgbadkjdhagpfjfkmlapfoel [2019-01-24]
CHR Extension: (Kaspersky Protection) - C:\Users\Rock_\AppData\Local\Google\Chrome\User Data\Default\Extensions\amkpcclbbgegoafihnpgomddadjhcadd [2018-12-12]
CHR Extension: (Documentos) - C:\Users\Rock_\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-12]
CHR Extension: (Google Drive) - C:\Users\Rock_\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-17]
CHR Extension: (YouTube) - C:\Users\Rock_\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-08-26]
CHR Extension: (uBlock Origin) - C:\Users\Rock_\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2019-05-26]
CHR Extension: (Hojas de cálculo) - C:\Users\Rock_\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-12]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Rock_\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-04]
CHR Extension: (Gmail) - C:\Users\Rock_\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-24]
CHR Extension: (Chrome Media Router) - C:\Users\Rock_\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-05-23]
CHR Profile: C:\Users\Rock_\AppData\Local\Google\Chrome\User Data\Profile 1 [2019-06-14]
CHR Extension: (Presentaciones) - C:\Users\Rock_\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-04-02]
CHR Extension: (Kaspersky Protection) - C:\Users\Rock_\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\amkpcclbbgegoafihnpgomddadjhcadd [2019-04-02]
CHR Extension: (Documentos) - C:\Users\Rock_\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2019-04-02]
CHR Extension: (Google Drive) - C:\Users\Rock_\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-04-02]
CHR Extension: (YouTube) - C:\Users\Rock_\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-04-02]
CHR Extension: (Hojas de cálculo) - C:\Users\Rock_\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-04-02]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\Rock_\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-05-01]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Rock_\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-04-02]
CHR Extension: (Gmail) - C:\Users\Rock_\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-02]
CHR Extension: (Chrome Media Router) - C:\Users\Rock_\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-06-02]
CHR Profile: C:\Users\Rock_\AppData\Local\Google\Chrome\User Data\System Profile [2019-06-08]
CHR HKLM\...\Chrome\Extension: [amkpcclbbgegoafihnpgomddadjhcadd] - hxxps://chrome.google.com/webstore/detail/amkpcclbbgegoafihnpgomddadjhcadd
CHR HKLM\...\Chrome\Extension: [kaebhgioafceeldhgjmendlfhbfjefmo] - C:\Program Files\EagleGet\addon\[email protected] <not found>
CHR HKLM-x32\...\Chrome\Extension: [amkpcclbbgegoafihnpgomddadjhcadd] - hxxps://chrome.google.com/webstore/detail/amkpcclbbgegoafihnpgomddadjhcadd

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [814688 2017-07-13] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3117648 2019-05-04] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2888272 2019-05-04] (Adobe Inc. -> Adobe Systems, Incorporated)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-06-07] (AVAST Software s.r.o. -> AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-06-07] (AVAST Software s.r.o. -> AVAST Software)
S3 AvastSecureBrowserElevationService; C:\Program Files (x86)\AVAST Software\Browser\Application\74.0.1376.131\elevation_service.exe [1079424 2019-05-14] (AVAST Software s.r.o. -> AVAST Software)
R2 AVP19.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\avp.exe [619640 2018-03-01] (Kaspersky Lab -> AO Kaspersky Lab)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [6971400 2017-11-20] (BattlEye Innovations e.K. -> )
S3 c2wts; C:\Program Files\Windows Identity Foundation\v3.5\c2wtshost.exe [5632 2018-09-15] (Microsoft Windows -> Microsoft Corporation)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11409480 2019-06-07] (Microsoft Corporation -> Microsoft Corporation)
S3 klvssbridge64_19.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\x64\vssbridge64.exe [414352 2018-12-12] (Kaspersky Lab -> AO Kaspersky Lab)
R2 KSDE3.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 3.0\ksde.exe [617016 2018-03-01] (Kaspersky Lab -> AO Kaspersky Lab)
R2 MBAMService; E:\Program Files\Anti-Malware\mbamservice.exe [6562472 2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
S3 MsMpiLaunchSvc; C:\Program Files\Microsoft MPI\Bin\msmpilaunchsvc.exe [23040 2016-03-04] () [File not signed]
R2 MSSQL$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL13.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [392856 2018-08-18] (Microsoft Corporation -> Microsoft Corporation)
R2 NitroDriverReadSpool11; E:\Program Files\Nitro\NitroPDFDriverService11x64.exe [327368 2017-03-09] (Nitro Software, Inc. -> Nitro Software, Inc.)
R2 NitroUpdateService; E:\Program Files\Nitro\Nitro_UpdateService.exe [419016 2017-03-09] (Nitro Software, Inc. -> )
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [522688 2018-03-14] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [522688 2018-03-14] (NVIDIA Corporation -> NVIDIA Corporation)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5382448 2019-04-09] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 SNMP; C:\WINDOWS\System32\snmp.exe [53248 2019-03-08] (Microsoft Windows -> Microsoft Corporation)
S4 SQLAgent$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL13.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [565912 2018-08-18] (Microsoft Corporation -> Microsoft Corporation)
R2 SQLTELEMETRY$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL13.SQLEXPRESS\MSSQL\Binn\sqlceip.exe [254616 2018-08-18] (Microsoft Corporation -> Microsoft Corporation)
S3 sshd; C:\WINDOWS\System32\OpenSSH\sshd.exe [974848 2019-03-08] (Microsoft Windows -> )
S3 SshdBroker; C:\WINDOWS\System32\SshdBroker.dll [288768 2019-03-08] (Microsoft Windows -> Microsoft Corporation)
S3 VSStandardCollectorService150; C:\Program Files (x86)\Microsoft Visual Studio\Shared\Common\DiagnosticsHub.Collection.Service\StandardCollector.Service.exe [129144 2017-08-23] (Microsoft Corporation -> Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3831576 2019-06-14] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [110944 2018-09-15] (Microsoft Corporation -> Microsoft Corporation)
S2 HuaweiHiSuiteService64.exe; "C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe" -/service [X]
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 aswTap; C:\WINDOWS\System32\drivers\aswTap.sys [53904 2017-08-26] (AVAST Software s.r.o. -> The OpenVPN Project)
R3 athr; C:\WINDOWS\System32\drivers\athwnx.sys [4233728 2018-09-15] (Microsoft Windows -> Qualcomm Atheros Communications, Inc.)
R0 cm_km; C:\WINDOWS\System32\DRIVERS\cm_km.sys [243400 2018-01-27] (Kaspersky Lab -> AO Kaspersky Lab)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [153328 2019-06-14] (Malwarebytes Corporation -> Malwarebytes)
S3 ew_usbccgpfilter; C:\WINDOWS\System32\drivers\ew_usbccgpfilter.sys [18944 2018-11-19] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2018-10-22] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R2 IntelHaxm; C:\WINDOWS\system32\DRIVERS\IntelHaxm.sys [126064 2017-07-12] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
R0 klbackupdisk; C:\WINDOWS\System32\DRIVERS\klbackupdisk.sys [75600 2019-04-15] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klbackupflt; C:\WINDOWS\System32\DRIVERS\klbackupflt.sys [125568 2019-04-15] (Kaspersky Lab -> AO Kaspersky Lab)
R1 kldisk; C:\WINDOWS\system32\DRIVERS\kldisk.sys [91472 2019-04-15] (Kaspersky Lab -> AO Kaspersky Lab)
S0 klelam; C:\WINDOWS\System32\DRIVERS\klelam.sys [29208 2017-03-30] (Microsoft Windows Early Launch Anti-malware Publisher -> AO Kaspersky Lab)
R3 klflt; C:\WINDOWS\system32\DRIVERS\klflt.sys [236672 2019-06-03] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klhk; C:\WINDOWS\System32\drivers\klhk.sys [1093248 2019-06-03] (Kaspersky Lab -> AO Kaspersky Lab)
S3 klids; C:\ProgramData\Kaspersky Lab\AVP19.0.0\Bases\klids.sys [197464 2019-05-29] (Kaspersky Lab -> AO Kaspersky Lab)
R1 KLIF; C:\WINDOWS\System32\DRIVERS\klif.sys [1168000 2019-06-03] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klim6; C:\WINDOWS\system32\DRIVERS\klim6.sys [58704 2019-04-15] (Kaspersky Lab -> AO Kaspersky Lab)
R3 klkbdflt; C:\WINDOWS\system32\DRIVERS\klkbdflt.sys [60536 2019-04-15] (Kaspersky Lab -> AO Kaspersky Lab)
R3 klmouflt; C:\WINDOWS\system32\DRIVERS\klmouflt.sys [60784 2019-04-15] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klpd; C:\WINDOWS\System32\DRIVERS\klpd.sys [50304 2019-04-15] (Kaspersky Lab -> AO Kaspersky Lab)
S3 klpnpflt; C:\WINDOWS\system32\DRIVERS\klpnpflt.sys [46416 2019-04-15] (Kaspersky Lab -> AO Kaspersky Lab)
R3 kltap; C:\WINDOWS\System32\drivers\kltap.sys [48080 2018-02-12] (AnchorFree Inc -> The OpenVPN Project)
R0 klupd_klif_arkmon; C:\WINDOWS\System32\Drivers\klupd_klif_arkmon.sys [245272 2019-04-29] (Kaspersky Lab -> AO Kaspersky Lab)
R3 klupd_klif_kimul; C:\WINDOWS\System32\Drivers\klupd_klif_kimul.sys [99152 2019-04-09] (Kaspersky Lab -> AO Kaspersky Lab)
R3 klupd_klif_klark; C:\WINDOWS\System32\Drivers\klupd_klif_klark.sys [302368 2019-04-29] (Kaspersky Lab -> AO Kaspersky Lab)
R0 klupd_klif_klbg; C:\WINDOWS\System32\Drivers\klupd_klif_klbg.sys [116104 2019-04-29] (Kaspersky Lab -> AO Kaspersky Lab)
R3 klupd_klif_mark; C:\WINDOWS\System32\Drivers\klupd_klif_mark.sys [198768 2019-05-04] (Kaspersky Lab -> AO Kaspersky Lab)
S4 klwfp; C:\WINDOWS\system32\DRIVERS\klwfp.sys [104576 2019-04-15] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klwtp; C:\WINDOWS\system32\DRIVERS\klwtp.sys [184960 2019-04-15] (Kaspersky Lab -> AO Kaspersky Lab)
R1 kneps; C:\WINDOWS\system32\DRIVERS\kneps.sys [218240 2019-04-15] (Kaspersky Lab -> AO Kaspersky Lab)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [199768 2019-06-14] (Malwarebytes Corporation -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [20936 2019-02-01] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [127136 2019-06-14] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [73912 2019-06-14] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [275232 2019-06-14] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [117344 2019-06-14] (Malwarebytes Corporation -> Malwarebytes)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_ref_pubwu.inf_amd64_2e7fa54192fe16d0\nvlddmkm.sys [16936048 2017-11-09] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [31168 2018-03-14] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [59240 2017-12-15] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [58816 2018-03-14] (NVIDIA Corporation -> NVIDIA Corporation)
S4 RsFx0411; C:\WINDOWS\System32\DRIVERS\RsFx0411.sys [261792 2018-07-26] (Microsoft Corporation -> Microsoft Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [605696 2018-09-15] (Microsoft Windows -> Realtek )
R3 ScpVBus; C:\WINDOWS\System32\drivers\ScpVBus.sys [39168 2013-05-19] (Bruce James -> Scarlet.Crush Productions)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46584 2018-09-15] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [340008 2018-09-15] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [61992 2018-09-15] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-06-14 21:47 - 2019-06-14 21:48 - 000036119 _____ C:\Users\Rock_\Desktop\FRST.txt
2019-06-14 21:47 - 2019-06-14 21:47 - 000000000 ____D C:\FRST
2019-06-14 21:46 - 2019-06-14 21:46 - 000000553 _____ C:\Users\Rock_\Desktop\JRT.txt
2019-06-14 21:44 - 2019-06-14 21:44 - 000001615 _____ C:\Users\Rock_\Desktop\AdwCleaner[S04].txt
2019-06-14 21:42 - 2019-06-14 21:42 - 000002478 _____ C:\Users\Rock_\Desktop\Informe_Malware_Bytes.txt
2019-06-14 21:36 - 2019-06-14 21:37 - 000002984 _____ C:\Users\Rock_\Desktop\cc_20190614.reg
2019-06-14 21:27 - 2019-06-14 21:27 - 002418688 _____ (Farbar) C:\Users\Rock_\Desktop\FRST64.exe
2019-06-14 21:26 - 2019-06-14 21:26 - 001790024 _____ (Malwarebytes) C:\Users\Rock_\Desktop\JRT.exe
2019-06-14 19:46 - 2019-06-14 19:46 - 000275232 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2019-06-14 19:46 - 2019-06-14 19:46 - 000199768 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2019-06-14 19:46 - 2019-06-14 19:46 - 000127136 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2019-06-14 19:46 - 2019-06-14 19:46 - 000117344 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2019-06-14 19:46 - 2019-06-14 19:46 - 000073912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2019-06-14 19:35 - 2019-06-14 19:36 - 000000000 ____D C:\AdwCleaner
2019-06-14 19:35 - 2019-06-14 19:35 - 007025360 _____ (Malwarebytes) C:\Users\Rock_\Desktop\adwcleaner_7.3.exe
2019-06-14 19:18 - 2019-06-14 19:18 - 000000000 ____D C:\Users\Rock_\AppData\Local\mbam
2019-06-14 19:17 - 2019-06-14 19:46 - 000153328 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2019-06-14 19:17 - 2019-06-14 19:17 - 000000822 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2019-06-14 19:17 - 2019-06-14 19:17 - 000000000 ____D C:\Users\Rock_\AppData\Local\mbamtray
2019-06-14 19:17 - 2019-06-14 19:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-06-14 19:17 - 2019-06-14 19:17 - 000000000 ____D C:\ProgramData\Malwarebytes
2019-06-14 19:17 - 2019-02-01 11:20 - 000020936 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2019-06-14 00:18 - 2019-06-14 00:18 - 026808320 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-06-14 00:18 - 2019-06-14 00:18 - 023438336 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-06-14 00:18 - 2019-06-14 00:18 - 020816384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2019-06-14 00:18 - 2019-06-14 00:18 - 018999296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-06-14 00:18 - 2019-06-14 00:18 - 015221248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2019-06-14 00:18 - 2019-06-14 00:18 - 012869120 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2019-06-14 00:18 - 2019-06-14 00:18 - 012162048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2019-06-14 00:18 - 2019-06-14 00:18 - 007875072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-06-14 00:18 - 2019-06-14 00:18 - 007724992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2019-06-14 00:18 - 2019-06-14 00:18 - 006547144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-06-14 00:18 - 2019-06-14 00:18 - 006441472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2019-06-14 00:18 - 2019-06-14 00:18 - 006309256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2019-06-14 00:18 - 2019-06-14 00:18 - 006068224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-06-14 00:18 - 2019-06-14 00:18 - 005764608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2019-06-14 00:18 - 2019-06-14 00:18 - 005588184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2019-06-14 00:18 - 2019-06-14 00:18 - 005210904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2019-06-14 00:18 - 2019-06-14 00:18 - 005112792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2019-06-14 00:18 - 2019-06-14 00:18 - 004883968 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2019-06-14 00:18 - 2019-06-14 00:18 - 004661760 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2019-06-14 00:18 - 2019-06-14 00:18 - 004627456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2019-06-14 00:18 - 2019-06-14 00:18 - 003906560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2019-06-14 00:18 - 2019-06-14 00:18 - 003743744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2019-06-14 00:18 - 2019-06-14 00:18 - 003426816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2019-06-14 00:18 - 2019-06-14 00:18 - 002469440 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2019-06-14 00:18 - 2019-06-14 00:18 - 002323696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2019-06-14 00:18 - 2019-06-14 00:18 - 002276192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2019-06-14 00:18 - 2019-06-14 00:18 - 002096128 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2019-06-14 00:18 - 2019-06-14 00:18 - 002017280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2019-06-14 00:18 - 2019-06-14 00:18 - 001899160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2019-06-14 00:18 - 2019-06-14 00:18 - 001761280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2019-06-14 00:18 - 2019-06-14 00:18 - 001750016 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2019-06-14 00:18 - 2019-06-14 00:18 - 001618944 ____R (The ICU Project) C:\WINDOWS\SysWOW64\icuin.dll
2019-06-14 00:18 - 2019-06-14 00:18 - 001485312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2019-06-14 00:18 - 2019-06-14 00:18 - 001466496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2019-06-14 00:18 - 2019-06-14 00:18 - 001387520 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2019-06-14 00:18 - 2019-06-14 00:18 - 001311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2019-06-14 00:18 - 2019-06-14 00:18 - 001309696 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2019-06-14 00:18 - 2019-06-14 00:18 - 001260048 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2019-06-14 00:18 - 2019-06-14 00:18 - 001254912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2019-06-14 00:18 - 2019-06-14 00:18 - 001223168 _____ (Microsoft Corporation) C:\WINDOWS\system32\HoloSI.PCShell.dll
2019-06-14 00:18 - 2019-06-14 00:18 - 001098136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2019-06-14 00:18 - 2019-06-14 00:18 - 001072640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2019-06-14 00:18 - 2019-06-14 00:18 - 001000448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2019-06-14 00:18 - 2019-06-14 00:18 - 000972288 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2019-06-14 00:18 - 2019-06-14 00:18 - 000927744 _____ (Microsoft Corporation) C:\WINDOWS\system32\assignedaccessmanagersvc.dll
2019-06-14 00:18 - 2019-06-14 00:18 - 000912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2019-06-14 00:18 - 2019-06-14 00:18 - 000898048 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2019-06-14 00:18 - 2019-06-14 00:18 - 000833024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2019-06-14 00:18 - 2019-06-14 00:18 - 000804352 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2019-06-14 00:18 - 2019-06-14 00:18 - 000791040 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2019-06-14 00:18 - 2019-06-14 00:18 - 000787456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2019-06-14 00:18 - 2019-06-14 00:18 - 000669184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2019-06-14 00:18 - 2019-06-14 00:18 - 000667136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapi.dll
2019-06-14 00:18 - 2019-06-14 00:18 - 000663040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2019-06-14 00:18 - 2019-06-14 00:18 - 000618496 _____ (Microsoft Corporation) C:\WINDOWS\system32\AssignedAccessManager.dll
2019-06-14 00:18 - 2019-06-14 00:18 - 000570368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll
2019-06-14 00:18 - 2019-06-14 00:18 - 000553664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryPS.dll
2019-06-14 00:18 - 2019-06-14 00:18 - 000540720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StateRepository.Core.dll
2019-06-14 00:18 - 2019-06-14 00:18 - 000532992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2019-06-14 00:18 - 2019-06-14 00:18 - 000496128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppcext.dll
2019-06-14 00:18 - 2019-06-14 00:18 - 000451104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2019-06-14 00:18 - 2019-06-14 00:18 - 000427688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppResolver.dll
2019-06-14 00:18 - 2019-06-14 00:18 - 000398848 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2019-06-14 00:18 - 2019-06-14 00:18 - 000375296 _____ (Microsoft Corporation) C:\WINDOWS\system32\esentutl.exe
2019-06-14 00:18 - 2019-06-14 00:18 - 000370688 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2019-06-14 00:18 - 2019-06-14 00:18 - 000362496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskcomp.dll
2019-06-14 00:18 - 2019-06-14 00:18 - 000353280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2019-06-14 00:18 - 2019-06-14 00:18 - 000351744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2019-06-14 00:18 - 2019-06-14 00:18 - 000345600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll

2019-06-14 00:18 - 2019-06-14 00:18 - 000341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2019-06-14 00:18 - 2019-06-14 00:18 - 000331264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esentutl.exe
2019-06-14 00:18 - 2019-06-14 00:18 - 000311808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapibase.dll
2019-06-14 00:18 - 2019-06-14 00:18 - 000287912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SIHClient.exe
2019-06-14 00:18 - 2019-06-14 00:18 - 000280576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovhost.dll
2019-06-14 00:18 - 2019-06-14 00:18 - 000241152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msltus40.dll
2019-06-14 00:18 - 2019-06-14 00:18 - 000228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2019-06-14 00:18 - 2019-06-14 00:18 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2019-06-14 00:18 - 2019-06-14 00:18 - 000177152 _____ (Microsoft Corporation) C:\WINDOWS\system32\spacebridge.dll
2019-06-14 00:18 - 2019-06-14 00:18 - 000162304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryUpgrade.dll
2019-06-14 00:18 - 2019-06-14 00:18 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2019-06-14 00:18 - 2019-06-14 00:18 - 000122680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll
2019-06-14 00:18 - 2019-06-14 00:18 - 000087864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryBroker.dll
2019-06-14 00:18 - 2019-06-14 00:18 - 000070144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usoapi.dll
2019-06-14 00:18 - 2019-06-14 00:18 - 000051712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerUI.dll
2019-06-14 00:18 - 2019-06-14 00:18 - 000047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AssignedAccessRuntime.dll
2019-06-14 00:18 - 2019-06-14 00:18 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf3216.dll
2019-06-14 00:18 - 2019-06-14 00:18 - 000031744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryCore.dll
2019-06-14 00:18 - 2019-06-14 00:18 - 000019968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\slcext.dll
2019-06-14 00:17 - 2019-06-14 00:17 - 022114960 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2019-06-14 00:17 - 2019-06-14 00:17 - 017484800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2019-06-14 00:17 - 2019-06-14 00:17 - 009682744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-06-14 00:17 - 2019-06-14 00:17 - 007884288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2019-06-14 00:17 - 2019-06-14 00:17 - 007687576 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2019-06-14 00:17 - 2019-06-14 00:17 - 007645392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-06-14 00:17 - 2019-06-14 00:17 - 006926336 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2019-06-14 00:17 - 2019-06-14 00:17 - 005297152 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2019-06-14 00:17 - 2019-06-14 00:17 - 005086208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2019-06-14 00:17 - 2019-06-14 00:17 - 004997096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2019-06-14 00:17 - 2019-06-14 00:17 - 004588544 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2019-06-14 00:17 - 2019-06-14 00:17 - 003983872 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2019-06-14 00:17 - 2019-06-14 00:17 - 003637248 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2019-06-14 00:17 - 2019-06-14 00:17 - 003385344 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-06-14 00:17 - 2019-06-14 00:17 - 003363640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2019-06-14 00:17 - 2019-06-14 00:17 - 003344896 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2019-06-14 00:17 - 2019-06-14 00:17 - 003270144 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2019-06-14 00:17 - 2019-06-14 00:17 - 003091968 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2019-06-14 00:17 - 2019-06-14 00:17 - 002999808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2019-06-14 00:17 - 2019-06-14 00:17 - 002928640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2019-06-14 00:17 - 2019-06-14 00:17 - 002926096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2019-06-14 00:17 - 2019-06-14 00:17 - 002777736 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2019-06-14 00:17 - 2019-06-14 00:17 - 002707968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2019-06-14 00:17 - 2019-06-14 00:17 - 002690048 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2019-06-14 00:17 - 2019-06-14 00:17 - 002653696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2019-06-14 00:17 - 2019-06-14 00:17 - 002638336 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe
2019-06-14 00:17 - 2019-06-14 00:17 - 002627600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2019-06-14 00:17 - 2019-06-14 00:17 - 002422272 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2019-06-14 00:17 - 2019-06-14 00:17 - 002189312 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-06-14 00:17 - 2019-06-14 00:17 - 002085168 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2019-06-14 00:17 - 2019-06-14 00:17 - 001929216 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2019-06-14 00:17 - 2019-06-14 00:17 - 001903616 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2019-06-14 00:17 - 2019-06-14 00:17 - 001860608 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2019-06-14 00:17 - 2019-06-14 00:17 - 001860096 ____R (The ICU Project) C:\WINDOWS\system32\icuin.dll
2019-06-14 00:17 - 2019-06-14 00:17 - 001701888 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2019-06-14 00:17 - 2019-06-14 00:17 - 001700312 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-06-14 00:17 - 2019-06-14 00:17 - 001670840 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2019-06-14 00:17 - 2019-06-14 00:17 - 001644544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2019-06-14 00:17 - 2019-06-14 00:17 - 001616384 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2019-06-14 00:17 - 2019-06-14 00:17 - 001605120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-06-14 00:17 - 2019-06-14 00:17 - 001483872 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2019-06-14 00:17 - 2019-06-14 00:17 - 001471040 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-06-14 00:17 - 2019-06-14 00:17 - 001462272 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2019-06-14 00:17 - 2019-06-14 00:17 - 001342904 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2019-06-14 00:17 - 2019-06-14 00:17 - 001331536 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2019-06-14 00:17 - 2019-06-14 00:17 - 001315328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2019-06-14 00:17 - 2019-06-14 00:17 - 001313792 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2019-06-14 00:17 - 2019-06-14 00:17 - 001298952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2019-06-14 00:17 - 2019-06-14 00:17 - 001256448 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2019-06-14 00:17 - 2019-06-14 00:17 - 001255936 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2019-06-14 00:17 - 2019-06-14 00:17 - 001253688 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-06-14 00:17 - 2019-06-14 00:17 - 001229824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2019-06-14 00:17 - 2019-06-14 00:17 - 001219424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryPS.dll
2019-06-14 00:17 - 2019-06-14 00:17 - 001180184 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2019-06-14 00:17 - 2019-06-14 00:17 - 001054712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-06-14 00:17 - 2019-06-14 00:17 - 001048592 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-06-14 00:17 - 2019-06-14 00:17 - 001032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2019-06-14 00:17 - 2019-06-14 00:17 - 001005056 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2019-06-14 00:17 - 2019-06-14 00:17 - 000998912 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2019-06-14 00:17 - 2019-06-14 00:17 - 000971776 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2019-06-14 00:17 - 2019-06-14 00:17 - 000924160 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2019-06-14 00:17 - 2019-06-14 00:17 - 000887808 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2019-06-14 00:17 - 2019-06-14 00:17 - 000872448 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2019-06-14 00:17 - 2019-06-14 00:17 - 000863544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2019-06-14 00:17 - 2019-06-14 00:17 - 000853504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2019-06-14 00:17 - 2019-06-14 00:17 - 000850760 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2019-06-14 00:17 - 2019-06-14 00:17 - 000773632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2019-06-14 00:17 - 2019-06-14 00:17 - 000769536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2019-06-14 00:17 - 2019-06-14 00:17 - 000758688 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2019-06-14 00:17 - 2019-06-14 00:17 - 000756736 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2019-06-14 00:17 - 2019-06-14 00:17 - 000752144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2019-06-14 00:17 - 2019-06-14 00:17 - 000749568 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2019-06-14 00:17 - 2019-06-14 00:17 - 000735232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2019-06-14 00:17 - 2019-06-14 00:17 - 000730592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2019-06-14 00:17 - 2019-06-14 00:17 - 000699392 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Language.dll
2019-06-14 00:17 - 2019-06-14 00:17 - 000692736 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2019-06-14 00:17 - 2019-06-14 00:17 - 000679424 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2019-06-14 00:17 - 2019-06-14 00:17 - 000676048 _____ (Microsoft Corporation) C:\WINDOWS\system32\StateRepository.Core.dll
2019-06-14 00:17 - 2019-06-14 00:17 - 000663552 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2019-06-14 00:17 - 2019-06-14 00:17 - 000651576 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2019-06-14 00:17 - 2019-06-14 00:17 - 000651064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2019-06-14 00:17 - 2019-06-14 00:17 - 000615440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2019-06-14 00:17 - 2019-06-14 00:17 - 000604344 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2019-06-14 00:17 - 2019-06-14 00:17 - 000594944 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2019-06-14 00:17 - 2019-06-14 00:17 - 000586040 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2019-06-14 00:17 - 2019-06-14 00:17 - 000555232 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppResolver.dll
2019-06-14 00:17 - 2019-06-14 00:17 - 000543744 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2019-06-14 00:17 - 2019-06-14 00:17 - 000531968 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2019-06-14 00:17 - 2019-06-14 00:17 - 000522752 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2019-06-14 00:17 - 2019-06-14 00:17 - 000515152 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2019-06-14 00:17 - 2019-06-14 00:17 - 000513904 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2019-06-14 00:17 - 2019-06-14 00:17 - 000506192 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2019-06-14 00:17 - 2019-06-14 00:17 - 000495616 _____ (Microsoft Corporation) C:\WINDOWS\system32\DDDS.dll
2019-06-14 00:17 - 2019-06-14 00:17 - 000478720 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskcomp.dll
2019-06-14 00:17 - 2019-06-14 00:17 - 000476160 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2019-06-14 00:17 - 2019-06-14 00:17 - 000474936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2019-06-14 00:17 - 2019-06-14 00:17 - 000462136 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2019-06-14 00:17 - 2019-06-14 00:17 - 000430904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Classpnp.sys
2019-06-14 00:17 - 2019-06-14 00:17 - 000424960 _____ (Microsoft Corporation) C:\WINDOWS\system32\SDDS.dll
2019-06-14 00:17 - 2019-06-14 00:17 - 000419368 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmicmiplugin.dll
2019-06-14 00:17 - 2019-06-14 00:17 - 000404792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2019-06-14 00:17 - 2019-06-14 00:17 - 000398208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2019-06-14 00:17 - 2019-06-14 00:17 - 000389120 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingASDS.dll
2019-06-14 00:17 - 2019-06-14 00:17 - 000386576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2019-06-14 00:17 - 2019-06-14 00:17 - 000375544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2019-06-14 00:17 - 2019-06-14 00:17 - 000365056 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationControllerPS.dll
2019-06-14 00:17 - 2019-06-14 00:17 - 000359936 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2019-06-14 00:17 - 2019-06-14 00:17 - 000351232 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicSvc.dll
2019-06-14 00:17 - 2019-06-14 00:17 - 000340480 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovhost.dll
2019-06-14 00:17 - 2019-06-14 00:17 - 000292664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2019-06-14 00:17 - 2019-06-14 00:17 - 000282424 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2019-06-14 00:17 - 2019-06-14 00:17 - 000279040 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvsvc.dll
2019-06-14 00:17 - 2019-06-14 00:17 - 000275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2019-06-14 00:17 - 2019-06-14 00:17 - 000262160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2019-06-14 00:17 - 2019-06-14 00:17 - 000257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicCapsule.dll
2019-06-14 00:17 - 2019-06-14 00:17 - 000247608 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthAgent.dll
2019-06-14 00:17 - 2019-06-14 00:17 - 000246784 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2019-06-14 00:17 - 2019-06-14 00:17 - 000244224 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpnServiceDS.dll
2019-06-14 00:17 - 2019-06-14 00:17 - 000240128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winnat.sys
2019-06-14 00:17 - 2019-06-14 00:17 - 000237056 _____ (Microsoft Corporation) C:\WINDOWS\system32\pku2u.dll
2019-06-14 00:17 - 2019-06-14 00:17 - 000218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\wdigest.dll
2019-06-14 00:17 - 2019-06-14 00:17 - 000196920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spacedump.sys
2019-06-14 00:17 - 2019-06-14 00:17 - 000195072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryUpgrade.dll
2019-06-14 00:17 - 2019-06-14 00:17 - 000177152 _____ (Microsoft Corporation) C:\WINDOWS\system32\LanguageComponentsInstaller.dll
2019-06-14 00:17 - 2019-06-14 00:17 - 000166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\FilterDS.dll
2019-06-14 00:17 - 2019-06-14 00:17 - 000165376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spacebridge.dll
2019-06-14 00:17 - 2019-06-14 00:17 - 000165376 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompPkgSrv.exe
2019-06-14 00:17 - 2019-06-14 00:17 - 000156984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2019-06-14 00:17 - 2019-06-14 00:17 - 000152896 _____ (Microsoft Corporation) C:\WINDOWS\system32\userenv.dll
2019-06-14 00:17 - 2019-06-14 00:17 - 000152400 _____ (Microsoft Corporation) C:\WINDOWS\system32\KerbClientShared.dll
2019-06-14 00:17 - 2019-06-14 00:17 - 000137056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\userenv.dll
2019-06-14 00:17 - 2019-06-14 00:17 - 000125528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KerbClientShared.dll
2019-06-14 00:17 - 2019-06-14 00:17 - 000114648 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompPkgSup.dll
2019-06-14 00:17 - 2019-06-14 00:17 - 000111104 _____ (Microsoft Corporation) C:\WINDOWS\system32\AxInstSv.dll
2019-06-14 00:17 - 2019-06-14 00:17 - 000108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\usoapi.dll
2019-06-14 00:17 - 2019-06-14 00:17 - 000101176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
2019-06-14 00:17 - 2019-06-14 00:17 - 000097792 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingFilterDS.dll
2019-06-14 00:17 - 2019-06-14 00:17 - 000091424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CompPkgSup.dll
2019-06-14 00:17 - 2019-06-14 00:17 - 000090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Microsoft.Bluetooth.Legacy.LEEnumerator.sys
2019-06-14 00:17 - 2019-06-14 00:17 - 000090424 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2019-06-14 00:17 - 2019-06-14 00:17 - 000080400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2019-06-14 00:17 - 2019-06-14 00:17 - 000076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicAgent.exe
2019-06-14 00:17 - 2019-06-14 00:17 - 000069120 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2019-06-14 00:17 - 2019-06-14 00:17 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerUI.dll
2019-06-14 00:17 - 2019-06-14 00:17 - 000060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
2019-06-14 00:17 - 2019-06-14 00:17 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AssignedAccessRuntime.dll
2019-06-14 00:17 - 2019-06-14 00:17 - 000048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\UsoClient.exe
2019-06-14 00:17 - 2019-06-14 00:17 - 000041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryCore.dll
2019-06-14 00:17 - 2019-06-14 00:17 - 000035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2019-06-14 00:17 - 2019-06-14 00:17 - 000031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2019-06-14 00:17 - 2019-06-14 00:17 - 000022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\slcext.dll
2019-06-14 00:17 - 2019-06-14 00:17 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2019-06-14 00:17 - 2019-06-14 00:17 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2019-06-14 00:17 - 2019-06-14 00:17 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2019-06-14 00:17 - 2019-06-14 00:17 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2019-06-14 00:17 - 2019-06-14 00:17 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2019-06-14 00:17 - 2019-06-14 00:17 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2019-06-14 00:17 - 2019-06-14 00:17 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2019-06-14 00:17 - 2019-06-14 00:17 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2019-06-14 00:17 - 2019-06-14 00:17 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2019-06-14 00:17 - 2019-06-14 00:17 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2019-06-13 18:22 - 2019-06-13 18:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Herramientas de Microsoft Office
2019-06-12 21:33 - 2019-06-12 21:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoScribe
2019-06-12 21:33 - 2019-06-12 21:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sparkol VideoScribe
2019-06-12 21:33 - 2019-06-12 21:33 - 000000000 ____D C:\ProgramData\com.sparkol.VideoScribeDesktop
2019-06-12 21:32 - 2019-06-12 21:32 - 073775104 _____ C:\Users\Rock_\Downloads\VideoScribe.msi
2019-06-12 19:11 - 2019-06-12 19:11 - 000000000 ____D C:\Users\Rock_\AppData\Local\Plugin.VegasOfxStitch
2019-06-12 19:11 - 2019-06-12 19:11 - 000000000 ____D C:\Users\Rock_\AppData\Local\Plugin.MxOfxRotation
2019-06-12 19:11 - 2019-06-12 19:11 - 000000000 ____D C:\Users\Rock_\AppData\Local\MAGIX
2019-06-12 19:09 - 2019-06-12 19:09 - 000000719 _____ C:\Users\Public\Desktop\VEGAS Pro 16.0.lnk
2019-06-12 19:08 - 2019-06-12 19:08 - 000000000 ____D C:\Users\Rock_\AppData\Local\VEGAS
2019-06-12 19:08 - 2019-06-12 19:08 - 000000000 ____D C:\Program Files\Common Files\OFX
2019-06-12 19:08 - 2019-06-12 19:08 - 000000000 ____D C:\Program Files (x86)\VEGAS
2019-06-12 18:51 - 2019-06-12 18:51 - 001993528 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcupdate_GenuineIntel.dll
2019-06-09 23:34 - 2019-06-09 23:34 - 000000000 ____D C:\Users\Rock_\AppData\Roaming\KeePass
2019-06-08 12:29 - 2019-06-08 12:29 - 000000000 ____D C:\Users\Rock_\AppData\Local\Tempzxpsignf91c8159bbd28318
2019-06-08 12:29 - 2019-06-08 12:29 - 000000000 ____D C:\Users\Rock_\AppData\Local\Tempzxpsignbf30b228db3f1992
2019-06-08 12:29 - 2019-06-08 12:29 - 000000000 ____D C:\Users\Rock_\AppData\Local\Tempzxpsign2bbb65be9426b43c
2019-06-08 12:24 - 2019-06-08 12:24 - 000000000 ____D C:\Users\Rock_\Intel
2019-06-07 23:49 - 2019-06-07 23:49 - 000000000 ____D C:\Users\Rock_\AppData\Local\Tempzxpsign8a05cdc34bc85cb0
2019-06-07 23:48 - 2019-06-07 23:48 - 000000000 ____D C:\Users\Rock_\AppData\Local\Tempzxpsignb12773294a75957d
2019-06-07 23:48 - 2019-06-07 23:48 - 000000000 ____D C:\Users\Rock_\AppData\Local\Tempzxpsign6b28f552c209dbf4
2019-06-04 22:41 - 2019-06-04 22:41 - 000000000 ____D C:\Users\Rock_\AppData\Local\Tempzxpsignf8f1e1ccd5eccab8
2019-06-04 22:41 - 2019-06-04 22:41 - 000000000 ____D C:\Users\Rock_\AppData\Local\Tempzxpsign8c408a2b8d343835
2019-06-04 22:41 - 2019-06-04 22:41 - 000000000 ____D C:\Users\Rock_\AppData\Local\Tempzxpsign11c08a1b1e69b1df
2019-06-01 17:40 - 2019-06-01 17:40 - 000000020 ___SH C:\Users\DefaultAppPool\ntuser.ini
2019-05-31 08:59 - 2019-05-31 08:59 - 000000000 ____D C:\Users\Rock_\AppData\Local\Tempzxpsignf21611c0b74f84f9
2019-05-31 08:59 - 2019-05-31 08:59 - 000000000 ____D C:\Users\Rock_\AppData\Local\Tempzxpsignc46a0f69fedb503a
2019-05-31 08:59 - 2019-05-31 08:59 - 000000000 ____D C:\Users\Rock_\AppData\Local\Tempzxpsign9ad17c2c58e4ffdb
2019-05-29 19:17 - 2019-05-29 19:17 - 000000000 ____D C:\Users\Rock_\AppData\Local\Tempzxpsignf74eb700ec4b141f
2019-05-29 19:17 - 2019-05-29 19:17 - 000000000 ____D C:\Users\Rock_\AppData\Local\Tempzxpsigndf2b41f6929881b4
2019-05-29 19:17 - 2019-05-29 19:17 - 000000000 ____D C:\Users\Rock_\AppData\Local\Tempzxpsign3d63d3133bb8f82c
2019-05-27 21:08 - 2019-05-27 21:08 - 000001186 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KeePass 2.lnk
2019-05-27 21:08 - 2019-05-27 21:08 - 000001174 _____ C:\Users\Rock_\Desktop\KeePass 2.lnk
2019-05-27 21:08 - 2019-05-27 21:08 - 000000000 ____D C:\Program Files (x86)\KeePass Password Safe 2
2019-05-26 23:00 - 2019-05-26 23:00 - 000000000 ____D C:\Users\Rock_\AppData\Local\Tempzxpsignfd73448b81592336
2019-05-26 23:00 - 2019-05-26 23:00 - 000000000 ____D C:\Users\Rock_\AppData\Local\Tempzxpsign9b634ad855c534d1
2019-05-26 23:00 - 2019-05-26 23:00 - 000000000 ____D C:\Users\Rock_\AppData\Local\Tempzxpsign8799ae4d83ac4070
2019-05-26 22:59 - 2019-05-26 22:59 - 000000000 ____D C:\Users\Rock_\AppData\Local\Tempzxpsigna890825f3805617f
2019-05-26 22:58 - 2019-05-26 22:58 - 000000000 ____D C:\Users\Rock_\AppData\Local\Tempzxpsignfde76970fb8d7d9b
2019-05-26 22:58 - 2019-05-26 22:58 - 000000000 ____D C:\Users\Rock_\AppData\Local\Tempzxpsigna8fd180d4f75475a
2019-05-26 22:58 - 2019-05-26 22:58 - 000000000 ____D C:\Users\Rock_\AppData\Local\Tempzxpsign5f95a476fb124040
2019-05-26 22:19 - 2019-05-26 22:19 - 000000000 ____D C:\Users\Rock_\AppData\Local\Tempzxpsignf736c0eafc7abc01
2019-05-26 22:19 - 2019-05-26 22:19 - 000000000 ____D C:\Users\Rock_\AppData\Local\Tempzxpsignd01fe68e2a1ec070
2019-05-21 22:13 - 2019-05-21 22:13 - 000000000 ____D C:\Users\Rock_\AppData\Local\Tempzxpsign0ef7a59736076c43
2019-05-21 22:11 - 2019-05-21 22:11 - 000000000 ____D C:\Users\Rock_\AppData\Local\Tempzxpsignfb52ba13dc0e016f
2019-05-21 22:11 - 2019-05-21 22:11 - 000000000 ____D C:\Users\Rock_\AppData\Local\Tempzxpsignf7efefbd32d0ba82
2019-05-21 22:11 - 2019-05-21 22:11 - 000000000 ____D C:\Users\Rock_\AppData\Local\Tempzxpsign0ac02b34a1693bda
2019-05-21 20:37 - 2019-05-21 20:37 - 000000000 ____D C:\Users\Rock_\AppData\Roaming\VideoScribeDesktop
2019-05-21 20:37 - 2019-05-21 20:37 - 000000000 ____D C:\Users\Rock_\AppData\Roaming\Macromedia
2019-05-21 20:36 - 2019-06-12 21:33 - 000001224 _____ C:\Users\Public\Desktop\VideoScribe.lnk
2019-05-21 20:36 - 2019-06-12 21:33 - 000000000 __SHD C:\WINDOWS\SysWOW64\AI_RecycleBin
2019-05-21 20:36 - 2019-05-21 20:36 - 000000000 ____D C:\Program Files (x86)\Sparkol
2019-05-21 00:09 - 2019-05-21 00:10 - 000000000 ____D C:\Users\Rock_\Desktop\Music New
2019-05-17 10:16 - 2019-05-17 10:16 - 003602944 _____ (Microsoft Corporation) C:\WINDOWS\system32\tellib.dll
2019-05-17 10:16 - 2019-05-17 10:16 - 003557888 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2019-05-17 10:16 - 2019-05-17 10:16 - 001641616 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2019-05-17 10:16 - 2019-05-17 10:16 - 001395264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2019-05-17 10:16 - 2019-05-17 10:16 - 001290752 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2019-05-17 10:16 - 2019-05-17 10:16 - 001062400 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll
2019-05-17 10:16 - 2019-05-17 10:16 - 001026792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2019-05-17 10:16 - 2019-05-17 10:16 - 000895792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2019-05-17 10:16 - 2019-05-17 10:16 - 000865280 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2019-05-17 10:16 - 2019-05-17 10:16 - 000840192 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2019-05-17 10:16 - 2019-05-17 10:16 - 000807464 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2019-05-17 10:16 - 2019-05-17 10:16 - 000703488 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2019-05-17 10:16 - 2019-05-17 10:16 - 000684032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2019-05-17 10:16 - 2019-05-17 10:16 - 000680184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2019-05-17 10:16 - 2019-05-17 10:16 - 000660992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2019-05-17 10:16 - 2019-05-17 10:16 - 000525824 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe
2019-05-17 10:16 - 2019-05-17 10:16 - 000508432 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2019-05-17 10:16 - 2019-05-17 10:16 - 000495104 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2019-05-17 10:16 - 2019-05-17 10:16 - 000449376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2019-05-17 10:16 - 2019-05-17 10:16 - 000444944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2019-05-17 10:16 - 2019-05-17 10:16 - 000427520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2019-05-17 10:16 - 2019-05-17 10:16 - 000387832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2019-05-17 10:16 - 2019-05-17 10:16 - 000376320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspbde40.dll
2019-05-17 10:16 - 2019-05-17 10:16 - 000317240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mssecflt.sys
2019-05-17 10:16 - 2019-05-17 10:16 - 000254952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys
2019-05-17 10:16 - 2019-05-17 10:16 - 000223544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelppm.sys
2019-05-17 10:16 - 2019-05-17 10:16 - 000217088 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
2019-05-17 10:16 - 2019-05-17 10:16 - 000216064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
2019-05-17 10:16 - 2019-05-17 10:16 - 000212792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2019-05-17 10:16 - 2019-05-17 10:16 - 000203272 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcbloader.dll
2019-05-17 10:16 - 2019-05-17 10:16 - 000202768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\amdk8.sys
2019-05-17 10:16 - 2019-05-17 10:16 - 000201016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\amdppm.sys
2019-05-17 10:16 - 2019-05-17 10:16 - 000198456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\processr.sys
2019-05-17 10:16 - 2019-05-17 10:16 - 000192824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2019-05-17 10:16 - 2019-05-17 10:16 - 000181248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE
2019-05-17 10:16 - 2019-05-17 10:16 - 000179728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys
2019-05-17 10:16 - 2019-05-17 10:16 - 000179200 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2019-05-17 10:16 - 2019-05-17 10:16 - 000177976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2019-05-17 10:16 - 2019-05-17 10:16 - 000163240 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
2019-05-17 10:16 - 2019-05-17 10:16 - 000147736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe
2019-05-17 10:16 - 2019-05-17 10:16 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2019-05-17 10:16 - 2019-05-17 10:16 - 000128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-kernel-processor-power-events.dll
2019-05-17 10:16 - 2019-05-17 10:16 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2019-05-17 10:16 - 2019-05-17 10:16 - 000122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
2019-05-17 10:16 - 2019-05-17 10:16 - 000121656 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdnet.dll
2019-05-17 10:16 - 2019-05-17 10:16 - 000098816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2019-05-17 10:16 - 2019-05-17 10:16 - 000092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BTHUSB.SYS
2019-05-17 10:16 - 2019-05-17 10:16 - 000088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2019-05-17 10:16 - 2019-05-17 10:16 - 000079872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dtdump.exe
2019-05-17 10:16 - 2019-05-17 10:16 - 000066688 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptdll.dll
2019-05-17 10:16 - 2019-05-17 10:16 - 000055792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptdll.dll

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-06-14 21:45 - 2018-12-12 23:17 - 000000000 ____D C:\ProgramData\Kaspersky Lab
2019-06-14 21:45 - 2017-08-26 20:12 - 000000000 ____D C:\ProgramData\NVIDIA
2019-06-14 21:36 - 2018-09-15 09:31 - 000000000 ____D C:\WINDOWS\INF
2019-06-14 21:36 - 2017-09-20 00:32 - 000000000 ____D C:\Users\Rock_\AppData\Roaming\Notepad++
2019-06-14 21:26 - 2018-09-15 09:33 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-06-14 21:24 - 2019-03-08 00:51 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-06-14 19:47 - 2019-03-08 01:03 - 002175260 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-06-14 19:47 - 2018-09-15 18:37 - 000863872 _____ C:\WINDOWS\system32\perfh00A.dat
2019-06-14 19:47 - 2018-09-15 18:37 - 000186054 _____ C:\WINDOWS\system32\perfc00A.dat
2019-06-14 19:38 - 2019-03-08 01:01 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-06-14 19:38 - 2018-09-15 08:09 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2019-06-14 19:17 - 2018-09-15 09:33 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2019-06-14 19:15 - 2019-03-08 00:51 - 000453880 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-06-14 19:15 - 2017-09-15 14:08 - 000000000 ___RD C:\Users\Rock_\3D Objects
2019-06-14 19:15 - 2017-08-26 19:48 - 000000000 __RHD C:\Users\Public\AccountPictures
2019-06-14 19:14 - 2018-09-15 09:33 - 000000000 ___RD C:\Program Files\Windows Defender
2019-06-14 19:14 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2019-06-14 19:14 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\system32\migwiz
2019-06-14 19:14 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\system32\inetsrv
2019-06-14 19:14 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-06-14 16:13 - 2018-09-15 09:33 - 000000000 ___HD C:\Program Files\WindowsApps
2019-06-14 16:13 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-06-14 16:09 - 2018-09-15 09:23 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-06-13 18:22 - 2019-04-26 01:12 - 000002580 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype Empresarial.lnk
2019-06-13 18:22 - 2019-04-26 01:12 - 000002531 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2019-06-13 18:22 - 2019-04-26 01:12 - 000002512 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2019-06-13 18:22 - 2019-04-26 01:12 - 000002494 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2019-06-13 18:22 - 2019-04-26 01:12 - 000002487 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2019-06-13 18:22 - 2019-04-26 01:12 - 000002485 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2019-06-13 18:22 - 2019-04-26 01:12 - 000002443 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2019-06-13 18:22 - 2019-04-26 01:12 - 000002439 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
2019-06-13 18:21 - 2017-08-27 16:50 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2019-06-13 18:19 - 2019-04-18 02:37 - 000003856 _____ C:\WINDOWS\System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly)
2019-06-13 18:19 - 2019-04-18 02:37 - 000003272 _____ C:\WINDOWS\System32\Tasks\Avast Secure Browser Heartbeat Task (Logon)
2019-06-13 18:19 - 2018-06-07 23:48 - 000002496 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2019-06-12 19:11 - 2017-08-28 13:48 - 000000000 ____D C:\Users\Rock_\AppData\Roaming\VEGAS Pro
2019-06-12 19:11 - 2017-08-28 13:48 - 000000000 ____D C:\Users\Rock_\AppData\Local\VEGAS Pro
2019-06-12 19:11 - 2017-08-28 13:48 - 000000000 ____D C:\ProgramData\VEGAS Pro
2019-06-12 19:09 - 2017-08-28 13:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VEGAS
2019-06-12 19:08 - 2017-08-28 13:45 - 000000000 ____D C:\ProgramData\VEGAS
2019-06-12 19:08 - 2017-08-28 13:44 - 000000000 ____D C:\Users\Rock_\AppData\Roaming\Sony
2019-06-12 19:04 - 2017-11-13 20:22 - 000000000 ____D C:\Users\Rock_\AppData\Roaming\AIMP
2019-06-12 18:53 - 2018-09-15 09:36 - 000835688 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2019-06-12 18:53 - 2018-09-15 09:36 - 000179816 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2019-06-12 18:53 - 2017-08-26 21:02 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-06-12 18:51 - 2017-08-26 21:02 - 135349160 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-06-12 18:45 - 2018-09-15 09:33 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2019-06-12 18:45 - 2017-08-26 21:47 - 000000000 ____D C:\ProgramData\Package Cache
2019-06-11 21:10 - 2018-09-15 08:09 - 000008192 _____ C:\WINDOWS\system32\config\ELAM
2019-06-11 18:52 - 2017-09-04 21:36 - 000007982 _____ C:\WINDOWS\BRRBCOM.INI
2019-06-11 18:34 - 2019-03-08 01:01 - 000004210 _____ C:\WINDOWS\System32\Tasks\CCleaner Update
2019-06-08 20:03 - 2018-05-12 12:58 - 000000863 _____ C:\Users\Public\Desktop\CCleaner.lnk
2019-06-08 20:03 - 2018-05-12 12:58 - 000000000 ____D C:\Program Files\CCleaner
2019-06-08 20:00 - 2018-11-22 22:34 - 000000000 ____D C:\Users\Rock_\AppData\Roaming\Postman
2019-06-08 19:55 - 2017-10-24 15:02 - 000000000 ____D C:\Users\Rock_\AppData\Local\Packages
2019-06-08 12:24 - 2019-03-08 00:54 - 000000000 ____D C:\Users\Rock_
2019-06-05 20:45 - 2018-12-30 22:25 - 000000000 ____D C:\Users\Rock_\AppData\Local\MEGAsync
2019-06-03 23:02 - 2018-12-12 23:17 - 001168000 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klif.sys
2019-06-03 23:02 - 2018-12-12 23:17 - 000236672 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klflt.sys
2019-06-03 23:00 - 2018-08-06 15:26 - 001093248 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klhk.sys
2019-06-03 23:00 - 2018-08-06 15:26 - 000152288 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\klhkum.dll
2019-06-01 17:40 - 2019-03-08 00:54 - 000000000 ____D C:\Users\DefaultAppPool
2019-05-29 21:19 - 2018-06-21 23:31 - 000000000 ____D C:\ProgramData\Packages
2019-05-27 19:49 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\ServiceState
2019-05-26 01:38 - 2017-08-27 16:30 - 000000000 ____D C:\Users\Rock_\AppData\LocalLow\Mozilla
2019-05-23 16:06 - 2017-08-26 20:00 - 000002299 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-05-23 16:06 - 2017-08-26 20:00 - 000002258 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-05-18 17:56 - 2019-03-05 23:52 - 000000000 ___DC C:\WINDOWS\Panther
2019-05-18 17:56 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2019-05-18 17:56 - 2017-09-20 00:24 - 000000000 ____D C:\Users\Rock_\AppData\Local\CrashDumps
2019-05-17 17:33 - 2018-09-15 09:33 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2019-05-17 12:59 - 2017-08-26 19:48 - 000000000 ____D C:\Users\Rock_\AppData\Local\VirtualStore
2019-05-16 08:56 - 2019-03-08 01:01 - 000003620 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2019-05-16 08:56 - 2019-03-08 01:01 - 000003496 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore

==================== Files in the root of some directories ================

2017-09-19 23:49 - 2017-09-19 23:49 - 000000000 _____ () C:\Users\Rock_\.mongorc.js
2018-09-28 22:15 - 2018-09-28 22:15 - 000000000 _____ () C:\Users\Rock_\AppData\Local\oobelibMkey.log

==================== FLock ================

2019-06-14 21:30 C:\System Volume Information
2017-08-26 19:45 C:\WINDOWS\CSC

==================== SigCheck ===============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12-06-2019 01
Ran by Rock_ (14-06-2019 21:48:56)
Running from C:\Users\Rock_\Desktop
Windows 10 Pro Version 1809 17763.557 (X64) (2019-03-07 23:02:04)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrador (S-1-5-21-123870419-2932056986-2441981344-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-123870419-2932056986-2441981344-503 - Limited - Disabled)
Invitado (S-1-5-21-123870419-2932056986-2441981344-501 - Limited - Disabled)
Rock_ (S-1-5-21-123870419-2932056986-2441981344-1001 - Administrator - Enabled) => C:\Users\Rock_
WDAGUtilityAccount (S-1-5-21-123870419-2932056986-2441981344-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AV: Kaspersky Free (Disabled - Up to date) {0AB30972-4BAC-7BEE-CBCA-B8F9E68797D8}
AS: Kaspersky Free (Disabled - Up to date) {B1D2E896-6D96-7460-F17A-838B9D00DD65}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

.NET Core SDK 1.1.0 (x64) (HKLM\...\{DF68596E-0F41-41CC-BAD9-9F30A9662D90}) (Version: 4.16.5124 - Microsoft Corporation) Hidden
.NET Core SDK 1.1.0 (x64) (HKLM-x32\...\{67d148ca-6fe2-47ec-bf5c-fbd64345d511}) (Version: 1.1.0 - Microsoft Corporation)
Active Directory Authentication Library for SQL Server (HKLM\...\{985F0D27-46AC-4473-8F67-720A39D7A1E4}) (Version: 14.0.800.90 - Microsoft Corporation)
Actualización de NVIDIA 31.1.10.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 31.1.10.0 - NVIDIA Corporation) Hidden
Adobe Audition CC 2017 (HKLM-x32\...\AUDT_10_1_1) (Version: 10.1.1 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.2.0.211 - Adobe Systems Incorporated)
Adobe Photoshop CC 2017 (HKLM-x32\...\PHSP_18_1_1) (Version: 18.1.1 - Adobe Systems Incorporated)
AIMP (HKLM-x32\...\AIMP) (Version: v4.51.2084, 01.12.2018 - AIMP DevTeam)
Ansel (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel) (Version: 387.92 - NVIDIA Corporation) Hidden
Archivos auxiliares de instalación de Microsoft SQL Server 2008 (HKLM\...\{A4B617AA-D956-4CA3-AF96-CEE4D23319FC}) (Version: 10.3.5500.0 - Microsoft Corporation)
Assassin's Creed IV Black Flag (HKLM-x32\...\Uplay Install 273) (Version:  - Ubisoft)
Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 74.0.1376.131 - Los creadores de Avast Secure Browser)
Avast Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.4.141.333 - AVAST Software) Hidden
BrLauncher (HKLM-x32\...\{C661197A-6B93-4E37-9E3F-2A1DFCD64234}) (Version: 1.1.15.0 - Brother Industries Ltd.) Hidden
BrLogRx (HKLM-x32\...\{B556F816-FF4D-4BB6-9339-ED28639E2EF3}) (Version: 1.0.2.1 - Brother Industries Ltd.) Hidden
Brother Printer Driver (HKLM-x32\...\{0648F446-BAE9-402F-9BEC-8B333959D8FB}) (Version: 1.2.0.0 - Brother Industries Ltd.) Hidden
Brother Scanner Driver (HKLM-x32\...\{A242EB06-0518-48A3-AF7A-5973BE9CAF7B}) (Version: 1.0.7.3 - Brother Industries Ltd.) Hidden
BrSupportTools (HKLM-x32\...\{F8F9EB58-33BA-4FF8-80E7-66D87D2E0C3C}) (Version: 1.0.9.0 - Brother Industries Ltd.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.58 - Piriform)
ClickOnce Bootstrapper Package for Microsoft .NET Framework (HKLM-x32\...\{E598B692-764A-413C-8530-59163D6B4AE3}) (Version: 4.6.01590 - Microsoft Corporation) Hidden
Configurador_FNMT (HKLM-x32\...\{438D4C4C-B703-4971-9C3D-33FF8A010ADB}) (Version: 3.7 - FNMT-RCM)
ControlCenter4 (HKLM-x32\...\{9ADB625A-7F6D-4C48-9058-4767A55D5424}) (Version: 4.2.438.1 - Brother Insutries Ltd.) Hidden
Core Temp 1.11 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 1.11 - ALCPU)
DeviceDetect (HKLM-x32\...\{F805D16D-AB79-4DC7-A60F-436621995275}) (Version: 1.2.1.0 - Brother Industries Ltd.) Hidden
DiagnosticsHub_CollectionService (HKLM\...\{311C382C-6FDC-45ED-A04C-629A852D6148}) (Version: 15.0.26823 - Microsoft Corporation) Hidden
Entity Framework 6.1.3 Tools  for Visual Studio 15 (HKLM-x32\...\{F8C0447E-D45C-4E52-94E8-C6340AAC9DB8}) (Version: 6.1.60104.0 - Microsoft Corporation) Hidden
f.lux (HKU\S-1-5-21-123870419-2932056986-2441981344-1001\...\Flux) (Version:  - f.lux Software LLC)
GDR 4223 para SQL Server 2016 (KB4293801) (64-bit) (HKLM\...\KB4293801) (Version: 13.1.4223.10 - Microsoft Corporation)
GDR 4224 para SQL Server 2016 (KB4458842) (64-bit) (HKLM\...\KB4458842) (Version: 13.1.4224.16 - Microsoft Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 74.0.3729.169 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden
HowToGuide (HKLM-x32\...\{36580EEB-4EDF-4880-BBD4-097E2C645ECD}) (Version: 1.0.1.0 - Brother Industries Ltd.) Hidden
icecap_collection_neutral (HKLM-x32\...\{743913D7-41D9-48C0-977D-FC87743A9BEC}) (Version: 15.0.26621 - Microsoft Corporation) Hidden
icecap_collection_x64 (HKLM\...\{6BC73140-3CB6-486A-8350-BF35F54EFA19}) (Version: 15.0.26621 - Microsoft Corporation) Hidden
icecap_collectionresources (HKLM-x32\...\{29A92183-DC28-4253-8F18-4A2A4DE2A124}) (Version: 15.0.26621 - Microsoft Corporation) Hidden
icecap_collectionresources (HKLM-x32\...\{67941F0C-2930-4C3F-983C-1089D2759B42}) (Version: 15.0.26621 - Microsoft Corporation) Hidden
icecap_collectionresourcesx64 (HKLM-x32\...\{304B71E2-BA3A-419C-B632-3DFBB4AFE42B}) (Version: 15.0.26621 - Microsoft Corporation) Hidden
icecap_collectionresourcesx64 (HKLM-x32\...\{CE21BF65-6442-4040-BBA5-82732C054E9F}) (Version: 15.0.26621 - Microsoft Corporation) Hidden
IIS 10.0 Express (HKLM\...\{A54DCC30-E1EA-4912-A7F9-6C5A3AF1FB3A}) (Version: 10.0.1738 - Microsoft Corporation)
IIS Express Application Compatibility Database for x64 (HKLM\...\{08274920-8908-45c2-9258-8ad67ff77b09}.sdb) (Version:  - )
IIS Express Application Compatibility Database for x86 (HKLM\...\{ad846bae-d44b-4722-abad-f7420e08bcd9}.sdb) (Version:  - )
Intel® Hardware Accelerated Execution Manager (HKLM\...\{22676F90-06C7-4DC0-96C2-FAE79AB306F4}) (Version: 6.2.0 - Intel Corporation)
IntelliTraceProfilerProxy (HKLM-x32\...\{0A2EDF2C-9A71-43D7-964A-696BB7CEAC65}) (Version: 15.0.25.0 - Microsoft Corporation) Hidden
Java SE Development Kit 8 Update 131 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180131}) (Version: 8.0.1310.11 - Oracle Corporation)
Kaspersky Free (HKLM-x32\...\{718613F4-492D-4272-ACC3-D04A8EF0F883}) (Version: 19.0.0.1088 - Kaspersky Lab) Hidden
Kaspersky Free (HKLM-x32\...\InstallWIX_{718613F4-492D-4272-ACC3-D04A8EF0F883}) (Version: 19.0.0.1088 - Kaspersky Lab)
Kaspersky Secure Connection (HKLM-x32\...\{F10AA188-7166-430E-8810-FEAB2AD73DE3}) (Version: 19.0.0.1088 - Kaspersky Lab) Hidden
Kaspersky Secure Connection (HKLM-x32\...\InstallWIX_{F10AA188-7166-430E-8810-FEAB2AD73DE3}) (Version: 19.0.0.1088 - Kaspersky Lab)
KeePass Password Safe 2.42.1 (HKLM-x32\...\KeePassPasswordSafe2_is1) (Version: 2.42.1 - Dominik Reichl)
Malwarebytes versión 3.7.1.2839 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.7.1.2839 - Malwarebytes)
MEGAsync (HKLM-x32\...\MEGAsync) (Version:  - Mega Limited)
Microsoft .NET Core SDK - 2.0.3 (x64) (HKLM-x32\...\{5c81045f-7a1c-4d79-9c41-32a11f6615fc}) (Version: 2.0.3 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK - Paquete de idioma ESN (HKLM-x32\...\{DAA3E771-CB41-40A4-8AAF-258BA650B0AA}) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK (HKLM-x32\...\{1948E039-EC79-4591-951D-9867A8C14C90}) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft ASP.NET MVC 3 - ESN (HKLM-x32\...\{79B56745-1296-490E-86A7-AE07A034AB26}) (Version: 3.0.20105.0 - Microsoft Corporation)
Microsoft ASP.NET MVC 3 (HKLM-x32\...\{D32EF103-4016-4C15-BCB0-700C0A7A2309}) (Version: 3.0.50813.0 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft ASP.NET Web Pages - ESN (HKLM-x32\...\{9763733B-6453-4EC3-BFD2-92FB60889204}) (Version: 1.0.20105.0 - Microsoft Corporation)
Microsoft ASP.NET Web Pages (HKLM-x32\...\{631471BE-DEAB-454B-A9AC-CE3EB42C28B3}) (Version: 1.0.20105.0 - Microsoft Corporation)
Microsoft Azure Authoring Tools - v2.9.5.3 (HKLM\...\{086C537B-DE1A-4A11-8441-6AAF076174B8}) (Version: 2.9.8699.20 - Microsoft Corporation)
Microsoft Azure Compute Emulator - v2.9.5.3 (HKLM\...\Microsoft Azure Compute Emulator - v2.9.5.3) (Version: 2.9.8699.20 - Microsoft Corporation)
Microsoft Azure Libraries for .NET – v2.9 (HKLM\...\{C5C91AA6-3E83-430E-8B7A-6B790083F28D}) (Version: 3.0.0127.060 - Microsoft Corporation)
Microsoft Azure Storage Emulator - v5.2 (HKLM-x32\...\Microsoft Azure Storage Emulator - v5.2) (Version: 5.2.17193.1427 - Microsoft Corporation)
Microsoft Help Viewer 1.1 (HKLM\...\Microsoft Help Viewer 1.1) (Version: 1.1.40219 - Microsoft Corporation)
Microsoft Help Viewer 1.1 Language Pack - ESN (HKLM\...\Microsoft Help Viewer 1.1 Language Pack - ESN) (Version: 1.1.40219 - Microsoft Corporation)
Microsoft Help Viewer 2.0 (HKLM-x32\...\Microsoft Help Viewer 2.0) (Version: 2.0.50727 - Microsoft Corporation)
Microsoft Help Viewer 2.2 (HKLM-x32\...\Microsoft Help Viewer 2.2) (Version: 2.2.23107 - Microsoft Corporation)
Microsoft Identity Extensions (HKLM\...\{F99F24BF-0B90-463E-9658-3FD2EFC3C992}) (Version: 2.0.1459.0 - Microsoft Corporation)
Microsoft MPI (7.0.12437.8) (HKLM\...\{8499ACD3-C1E3-45AB-BF96-DA491727EBE1}) (Version: 7.0.12437.8 - Microsoft Corporation)
Microsoft ODBC Driver 13 for SQL Server (HKLM\...\{BDD69A69-900F-4F45-9E95-DEE03EB86538}) (Version: 13.1.4224.16 - Microsoft Corporation)
Microsoft Office 365 ProPlus - es-es (HKLM\...\O365ProPlusRetail - es-es) (Version: 16.0.11727.20104 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft Silverlight 5 SDK - ESN (HKLM-x32\...\{8CD5ABF3-C30B-4A94-811F-0A2C5510B72C}) (Version: 5.0.61118.0 - Microsoft Corporation)
Microsoft SOAP Toolkit 3.0 (HKLM-x32\...\{BCB4C18A-ACA6-4383-8688-E19933A705DD}) (Version: 3.0.1325.4 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework  (HKLM\...\{36E619BC-A234-4EC3-849B-779A7C865A45}) (Version: 11.0.2316.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework  (HKLM-x32\...\{FBA6F90E-36EC-4FC9-9B25-3834E3BD46A8}) (Version: 11.0.2316.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Express LocalDB  (HKLM\...\{68FC0046-2F69-497C-ABCC-47C6C54AB253}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects  (HKLM-x32\...\{E0476CC7-E960-49B8-AAC1-7F95931A3E6B}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (x64) (HKLM\...\{E3A180B5-6020-4EA4-AD9D-742B53D1D2EC}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client  (HKLM\...\{15A835D2-48C4-4C13-8D7F-C2742104D2D1}) (Version: 11.3.6518.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL Compiler Service  (HKLM\...\{89AF07BA-5B5E-442C-AF41-AA6C63E60749}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL ScriptDom  (HKLM\...\{6EB540BD-BA76-44E9-928A-AB7508F448B8}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2016 (64-bit) (HKLM\...\Microsoft SQL Server SQLServer2016) (Version:  - Microsoft Corporation)
Microsoft SQL Server 2016 LocalDB  (HKLM\...\{9B1E97ED-D082-4BA0-A0BB-183988B82E64}) (Version: 13.1.4224.16 - Microsoft Corporation)
Microsoft SQL Server 2016 Setup (English) (HKLM\...\{4778E63C-956E-46C2-92E8-37AFAB3DCDAC}) (Version: 13.1.4224.16 - Microsoft Corporation)
Microsoft SQL Server 2016 T-SQL Language Service  (HKLM\...\{A7AA9182-126E-4B53-858A-B495B1070185}) (Version: 13.0.14500.10 - Microsoft Corporation)
Microsoft SQL Server 2016 T-SQL ScriptDom (HKLM\...\{F7E9FDCF-FF09-421C-815A-E1B6E1B488EF}) (Version: 13.1.4001.0 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 ESN (HKLM\...\{D7126FFC-90BA-4120-8FFB-3688C9931A09}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools - ESN (11.1.20627.00) (HKLM-x32\...\{1E8D35CF-17C5-41D7-ADF8-F9979AB271B1}) (Version: 11.1.20627.00 - Microsoft Corporation)
Microsoft SQL Server Data Tools Build Utilities - ESN (11.1.20627.00) (HKLM-x32\...\{DF5FCA82-ABFC-4DA4-A456-6AD0083746BD}) (Version: 11.1.20627.00 - Microsoft Corporation)
Microsoft SQL Server Data-Tier Application Framework (x86) - es-ES (HKLM-x32\...\{533D5150-02CB-43B5-92D8-1CCB8BD7AB08}) (Version: 13.0.3225.4 - Microsoft Corporation)
Microsoft SQL Server Management Studio - 17.2 (HKLM-x32\...\{6ce0f2ad-2643-496c-9b48-d0587d3e10a9}) (Version: 14.0.17177.0 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{73E68BD3-5ABA-4529-A2C8-4ECED6952092}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (x64) (HKLM\...\{0EA5B5B6-4537-4989-B522-69772E79CE49}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2014 (HKLM-x32\...\{718FFB65-F6E4-4D62-861F-ED10ED32C936}) (Version: 12.0.2402.11 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2017 RC1 (HKLM\...\{A825DFF0-A610-49A3-BF7C-C5772A0F488B}) (Version: 14.0.800.90 - Microsoft Corporation)
Microsoft System CLR Types para SQL Server 2012 (HKLM-x32\...\{247E8762-752C-4F2C-9CE2-A2BE787A1C19}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft System CLR Types para SQL Server 2012 (x64) (HKLM\...\{A46A6021-355D-4909-8A03-C35D332A6578}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft System CLR Types para SQL Server 2017 CTP2.1 (HKLM-x32\...\{7A891D71-0623-4597-A912-1FE534FA7383}) (Version: 14.0.600.250 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.11.25325 (HKLM-x32\...\{6c6356fe-cbfa-4944-9bed-a9e99f45cb7a}) (Version: 14.11.25325.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.11.25325 (HKLM-x32\...\{404c9c27-8377-4fd1-b607-7ca635db4e49}) (Version: 14.11.25325.0 - Microsoft Corporation)
Microsoft Visual Studio Code (User) (HKU\S-1-5-21-123870419-2932056986-2441981344-1001\...\{771FD6B0-FA20-440A-A002-3B3BAC16DC50}_is1) (Version: 1.33.1 - Microsoft Corporation)
Microsoft Visual Studio Installer (HKLM\...\{6F320B93-EE3C-4826-85E0-ADF79F8D4C61}) (Version: 1.18.1089.1204 - Microsoft Corporation)
Microsoft Web Deploy 3.6 (HKLM\...\{65C71B09-C33D-4F60-93EA-DF3AD1D40600}) (Version: 10.0.1981 - Microsoft Corporation)
Microsoft Web Deploy dbSqlPackage Provider - ESN (HKLM-x32\...\{F07BB259-CA70-4443-9E32-7B1F3F2703C7}) (Version: 10.3.20225.0 - Microsoft Corporation)
Mozilla Firefox 67.0 (x64 es-ES) (HKU\S-1-5-21-123870419-2932056986-2441981344-1001\...\Mozilla Firefox 67.0 (x64 es-ES)) (Version: 67.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 55.0.3 - Mozilla)
Newskill Renshi PRO Gaming laser mouse (HKLM-x32\...\{CF14367C-43D0-4946-AEA3-1CD7F80A49CB}) (Version: 1.0 - Newskill)
Nitro Pro (HKLM\...\{DED283CF-9FC6-4AC2-9D25-86A5E7740E16}) (Version: 11.0.3.173 - Nitro)
Node.js (HKLM\...\{E28DA1B0-B6BD-4CE7-849E-F4E1B5896428}) (Version: 8.5.0 - Node.js Foundation)
NVIDIA Controlador de la controladora 3D Vision 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.13.1.30 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.13.1.30 - NVIDIA Corporation)
NVIDIA Software del sistema PhysX 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.11727.20104 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.11727.20104 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.11727.20104 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0C0A-0000-0000000FF1CE}) (Version: 16.0.11727.20104 - Microsoft Corporation) Hidden
Panel de control de NVIDIA 388.13 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 388.13 - NVIDIA Corporation) Hidden
Paquete acumulativo de Intellisense de Microsoft .NET Framework para Visual Studio (español) (HKLM-x32\...\{235CD9C1-7DED-4D31-98E4-34CE0618BD7E}) (Version: 4.6.01604 - Microsoft Corporation) Hidden
Paquete de idioma de Visor de Ayuda de Microsoft 2.0 - ESN (HKLM-x32\...\{53436849-2E5A-3433-A5BE-F7A10403C651}) (Version: 2.0.50727 - Microsoft Corporation) Hidden
Paquete de idioma de Visor de Ayuda de Microsoft 2.0 - ESN (HKLM-x32\...\Paquete de idioma de Visor de Ayuda de Microsoft 2.0 - ESN) (Version: 2.0.50727 - Microsoft Corporation)
Postman-win64-6.5.2 (HKU\S-1-5-21-123870419-2932056986-2441981344-1001\...\Postman) (Version: 6.5.2 - Postman)
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8228 - Realtek Semiconductor Corp.)
Requisitos previos para SSDT  (HKLM-x32\...\{42335F51-334C-4805-9FFC-3A33F40A245D}) (Version: 11.0.2100.60 - Microsoft Corporation)
ScannerUtilityInstaller (HKLM-x32\...\{5B645FE2-19E9-4B15-B5B2-3D8766F6FA27}) (Version: 1.0.0.0 - Brother) Hidden
SDK de Microsoft .NET Framework 4.6.1 (español) (HKLM-x32\...\{07570008-8840-4A14-A752-1367157138A5}) (Version: 4.6.01055 - Microsoft Corporation) Hidden
Service Pack 1 para SQL Server 2016 (KB3182545) (64-bit) (HKLM\...\KB3182545) (Version: 13.1.4001.0 - Microsoft Corporation)
Servicio de lenguaje T-SQL de Microsoft SQL Server 2012  (HKLM-x32\...\{0E22C06E-DCC1-48D6-9A47-3671F673B8C1}) (Version: 11.0.2100.60 - Microsoft Corporation)
Sparkol VideoScribe (HKLM-x32\...\{D7DC6370-26EF-4313-9AE7-F86E80642873}) (Version: 3.3.2001 - Sparkol) Hidden
Sparkol VideoScribe (HKLM-x32\...\Sparkol VideoScribe 3.3.2001) (Version: 3.3.2001 - Sparkol)
Spotify (HKU\S-1-5-21-123870419-2932056986-2441981344-1001\...\Spotify) (Version: 1.0.94.262.g3d5c231c - Spotify AB)
SQL Server 2016 Batch Parser (HKLM\...\{D7A905DB-9A1E-4670-9488-F979F8A77A58}) (Version: 13.0.1601.5 - Microsoft Corporation) Hidden
SQL Server 2016 Common Files (HKLM\...\{57846DA8-8B5D-4466-B850-E8CDFC94046C}) (Version: 13.1.4001.0 - Microsoft Corporation) Hidden
SQL Server 2016 Common Files (HKLM\...\{8F49A432-9467-48AA-AAE6-78BCA6729452}) (Version: 13.1.4001.0 - Microsoft Corporation) Hidden
SQL Server 2016 Connection Info (HKLM\...\{01525D66-F23F-49AB-B10F-4DABC4FC6653}) (Version: 13.0.14500.10 - Microsoft Corporation) Hidden
SQL Server 2016 Connection Info (HKLM\...\{74940EE5-66DB-42E3-AC30-295D13B461A7}) (Version: 13.0.14500.10 - Microsoft Corporation) Hidden
SQL Server 2016 Database Engine Services (HKLM\...\{51574D2C-DE28-4441-BDC2-967F0FFC0918}) (Version: 13.1.4001.0 - Microsoft Corporation) Hidden
SQL Server 2016 Database Engine Services (HKLM\...\{575DC6B9-A50C-478D-8F25-615423553C02}) (Version: 13.1.4001.0 - Microsoft Corporation) Hidden
SQL Server 2016 Database Engine Shared (HKLM\...\{686A81C0-C8E4-46F6-952F-B19A28E8C430}) (Version: 13.1.4001.0 - Microsoft Corporation) Hidden
SQL Server 2016 Database Engine Shared (HKLM\...\{E57345C1-9382-4DFA-A519-0FE62AC28683}) (Version: 13.1.4001.0 - Microsoft Corporation) Hidden
SQL Server 2016 DMF (HKLM\...\{2FFF0757-4360-42F5-8814-16BB5CF0145F}) (Version: 13.0.1601.5 - Microsoft Corporation) Hidden
SQL Server 2016 DMF (HKLM\...\{DDD197E1-1D50-44F0-8838-F74827B09D90}) (Version: 13.0.1601.5 - Microsoft Corporation) Hidden
SQL Server 2016 Shared Management Objects (HKLM\...\{EE70A6C4-C59C-4A36-865E-2DB9C0E4C833}) (Version: 13.0.14500.10 - Microsoft Corporation) Hidden
SQL Server 2016 Shared Management Objects (HKLM\...\{F8001E21-CFCC-47AD-A3B1-6B3EB6D35E48}) (Version: 13.0.14500.10 - Microsoft Corporation) Hidden
SQL Server 2016 Shared Management Objects Extensions (HKLM\...\{646BAF29-64C4-4D02-B192-37468061E1D6}) (Version: 13.0.1601.5 - Microsoft Corporation) Hidden
SQL Server 2016 Shared Management Objects Extensions (HKLM\...\{B6E1A5EB-1C58-4A04-B76B-E5FE1BE22CA1}) (Version: 13.0.1601.5 - Microsoft Corporation) Hidden
SQL Server 2016 SQL Diagnostics (HKLM\...\{766BE25E-D2B5-4E76-BCB0-29B801BADB3F}) (Version: 13.0.1601.5 - Microsoft Corporation) Hidden
SQL Server 2016 XEvent (HKLM\...\{7C648836-4C38-4943-A577-58DBF95BDC52}) (Version: 13.0.1601.5 - Microsoft Corporation) Hidden
SQL Server 2016 XEvent (HKLM\...\{8CF2CA8E-3984-46B9-B493-F844F3774FA1}) (Version: 13.0.1601.5 - Microsoft Corporation) Hidden
SQL Server 2017 RC1 Batch Parser (HKLM\...\{0FF55602-38F3-4D41-B4A3-01254248C668}) (Version: 14.0.800.90 - Microsoft Corporation) Hidden
SQL Server 2017 RC1 Client Tools Extensions (HKLM\...\{683FA9A8-D65D-4235-83D8-9F4E6737F4CA}) (Version: 14.0.800.90 - Microsoft Corporation) Hidden
SQL Server 2017 RC1 Client Tools Extensions (HKLM\...\{F2FD3B29-E8D8-4967-BED3-DDBC61D1975C}) (Version: 14.0.800.90 - Microsoft Corporation) Hidden
SQL Server 2017 RC1 Common Files (HKLM-x32\...\{3EFBCF30-7835-40C0-A482-61FCD200D6B0}) (Version: 14.0.800.90 - Microsoft Corporation) Hidden
SQL Server 2017 RC1 Common Files (HKLM-x32\...\{5666DCCC-0A10-4DEA-9D72-0CBE4597B272}) (Version: 14.0.800.90 - Microsoft Corporation) Hidden
SQL Server 2017 RC1 Connection Info (HKLM\...\{1B420087-3F15-4584-84E7-17004B8F73DD}) (Version: 14.0.800.90 - Microsoft Corporation) Hidden
SQL Server 2017 RC1 Connection Info (HKLM\...\{6E7DE51A-63FC-4636-8110-D81FEABE11D8}) (Version: 14.0.800.90 - Microsoft Corporation) Hidden
SQL Server 2017 RC1 DMF (HKLM\...\{33CA5408-FAF8-45EA-BC34-339D708D5CD2}) (Version: 14.0.800.90 - Microsoft Corporation) Hidden
SQL Server 2017 RC1 DMF (HKLM\...\{75D22F08-F052-4D85-BB0D-98572ECAB0DC}) (Version: 14.0.800.90 - Microsoft Corporation) Hidden
SQL Server 2017 RC1 Integration Services Scale Out Management Portal (HKLM\...\{4886060D-2480-465D-8A1E-71297E66AC72}) (Version: 14.0.800.77 - Microsoft Corporation) Hidden
SQL Server 2017 RC1 Integration Services Scale Out Management Portal (HKLM\...\{90D6ACA0-1265-41EA-8EC6-FA686EDABEC2}) (Version: 14.0.800.77 - Microsoft Corporation) Hidden
SQL Server 2017 RC1 Management Studio Extensions (HKLM-x32\...\{1A240E41-E06A-4601-A64F-75E371DBA6A3}) (Version: 14.0.800.90 - Microsoft Corporation) Hidden
SQL Server 2017 RC1 Management Studio Extensions (HKLM-x32\...\{FD3B8367-14B9-4778-856D-8CFAA216FC20}) (Version: 14.0.800.90 - Microsoft Corporation) Hidden
SQL Server 2017 RC1 Shared Management Objects (HKLM\...\{53A9C556-6706-4B55-95F0-743E1A6F2C82}) (Version: 14.0.800.90 - Microsoft Corporation) Hidden
SQL Server 2017 RC1 Shared Management Objects (HKLM\...\{DE6154BD-9C09-4561-9B85-99536C37A9E2}) (Version: 14.0.800.90 - Microsoft Corporation) Hidden
SQL Server 2017 RC1 Shared Management Objects Extensions (HKLM\...\{0655C937-E277-49BA-A001-A5EB2D0B4E06}) (Version: 14.0.800.90 - Microsoft Corporation) Hidden
SQL Server 2017 RC1 Shared Management Objects Extensions (HKLM\...\{CA0AD573-54A1-47BC-A050-4BACA38E4CC7}) (Version: 14.0.800.90 - Microsoft Corporation) Hidden
SQL Server 2017 RC1 SQL Diagnostics (HKLM\...\{28D17C9F-CB6C-4E9B-932A-7E709CAD4366}) (Version: 14.0.800.90 - Microsoft Corporation) Hidden
SQL Server 2017 RC1 XEvent (HKLM\...\{D1C9CE67-E0C6-4B18-B185-8CBA583FF9C8}) (Version: 14.0.800.90 - Microsoft Corporation) Hidden
SQL Server 2017 RC1 XEvent (HKLM\...\{E13EF9DC-DD28-43D0-B861-40E04C93D490}) (Version: 14.0.800.90 - Microsoft Corporation) Hidden
Sql Server Customer Experience Improvement Program (HKLM\...\{0D9BD39A-A870-4FDF-B590-1E9787CF16D9}) (Version: 13.1.4001.0 - Microsoft Corporation) Hidden
SQL Server Management Studio (HKLM\...\{510DB6E6-7CF0-4B25-A51E-3AED7E25D507}) (Version: 14.0.17177.0 - Microsoft Corporation) Hidden
SQL Server Management Studio (HKLM\...\{CD1FA99A-EEF9-44BE-8A89-8FB17F1C5437}) (Version: 14.0.17177.0 - Microsoft Corporation) Hidden
SQL Server Management Studio for Analysis Services (HKLM\...\{19EE06F5-A411-4AE3-8024-437639E0A063}) (Version: 14.0.17177.0 - Microsoft Corporation) Hidden
SQL Server Management Studio for Reporting Services (HKLM\...\{BFDE25C2-FA72-4449-9A7B-B785DA052D99}) (Version: 14.0.17177.0 - Microsoft Corporation) Hidden
SSMS Post Install Tasks (HKLM\...\{14A0B7B6-1D73-42E1-AD69-CDBC9AEB979A}) (Version: 14.0.17177.0 - Microsoft Corporation) Hidden
TypeScript SDK (HKLM-x32\...\{CFA1F87E-EF2B-4785-812C-4BEEA22CFD06}) (Version: 2.3.5.0 - Microsoft Corporation) Hidden
Unity (HKLM-x32\...\Unity) (Version: 2018.3.1f1 - Unity Technologies ApS)
Update for  (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{1FD817A6-63E1-4519-BFD4-228DABB7AB6B}) (Version: 2.55.0.0 - Microsoft Corporation)
Uplay (HKLM-x32\...\Uplay) (Version: 45.0 - Ubisoft)
vcpp_crt.redist.clickonce (HKLM-x32\...\{C36E80D0-EED5-481F-9852-1EBB0DD122B6}) (Version: 14.11.25325 - Microsoft Corporation) Hidden
vcpp_crt.redist.clickonce (HKLM-x32\...\{DCC9FA24-1F40-4D51-B3FA-6A97F65DD9C6}) (Version: 14.11.25325 - Microsoft Corporation) Hidden
VEGAS Pro 16.0 (HKLM\...\{0ABBD080-A716-11E8-974B-00155D6302F2}) (Version: 16.0.261 - VEGAS)
VideoPad, editor de vídeo (HKLM-x32\...\VideoPad) (Version: 5.05 - NCH Software)
Visual Studio Enterprise 2017 (HKLM-x32\...\d5abb508) (Version: 15.4.27004.2009 - Microsoft Corporation)
VS JIT Debugger (HKLM\...\{75068E51-7C37-4003-84C2-C67461C8D60A}) (Version: 16.0.71.0 - Microsoft Corporation) Hidden
VS Script Debugging Common (HKLM\...\{A9ED1B56-3819-4B14-A929-89DD3E16E216}) (Version: 16.0.71.0 - Microsoft Corporation) Hidden
VS WCF Debugging (HKLM\...\{EF9A8134-DF80-46A8-85AF-7FBD1E848C12}) (Version: 16.0.71.0 - Microsoft Corporation) Hidden
vs_BlendMsi (HKLM-x32\...\{028492D7-855B-4018-B0A8-B5411EED541A}) (Version: 15.0.26621 - Microsoft Corporation) Hidden
vs_clickoncebootstrappermsi (HKLM-x32\...\{DCAD4F0C-21F2-4955-9C0A-2B7CEA610A74}) (Version: 15.0.26621 - Microsoft Corporation) Hidden
vs_clickoncebootstrappermsires (HKLM-x32\...\{C32010D8-3E5A-4E2F-874E-9AAEB2384006}) (Version: 15.0.26621 - Microsoft Corporation) Hidden
vs_clickoncesigntoolmsi (HKLM-x32\...\{440B670C-9862-487A-A381-57173D344039}) (Version: 15.0.26621 - Microsoft Corporation) Hidden
vs_codecoveragemsi (HKLM-x32\...\{4047FD10-8010-453A-A110-EA2CF71591B9}) (Version: 15.0.26621 - Microsoft Corporation) Hidden
vs_communitymsi (HKLM-x32\...\{52100697-9C66-44F3-BA20-68F8148CDF9B}) (Version: 15.0.26711 - Microsoft Corporation) Hidden
vs_communitymsires (HKLM-x32\...\{340226AB-D0EF-4715-A331-AB3A416B5018}) (Version: 15.0.26621 - Microsoft Corporation) Hidden
vs_communitymsires (HKLM-x32\...\{40040E64-50EB-4FCF-B209-DA0B20821759}) (Version: 15.0.26621 - Microsoft Corporation) Hidden
vs_devenvmsi (HKLM-x32\...\{BFFA2FFB-1095-4ADD-A352-368806D2412B}) (Version: 15.0.26621 - Microsoft Corporation) Hidden
vs_enterprisemsi (HKLM-x32\...\{6E0FB913-0E76-44B5-B0D4-2B71A7984BD2}) (Version: 15.0.26621 - Microsoft Corporation) Hidden
vs_filehandler_amd64 (HKLM-x32\...\{DDEF2BD0-F728-4D04-A085-B5ACC9ADC311}) (Version: 15.0.26711 - Microsoft Corporation) Hidden
vs_filehandler_x86 (HKLM-x32\...\{2512A3CE-E1E4-46D5-8B40-28DA3AE2261E}) (Version: 15.0.26711 - Microsoft Corporation) Hidden
vs_FileTracker_Singleton (HKLM-x32\...\{384F31FB-B99D-48A7-9D72-E1FEBEC2201A}) (Version: 15.0.26621 - Microsoft Corporation) Hidden
vs_minshellinteropmsi (HKLM-x32\...\{D0772A03-7FC2-4B20-AC1F-B278299AA9C7}) (Version: 15.0.26621 - Microsoft Corporation) Hidden
vs_minshellmsi (HKLM-x32\...\{66555B06-A474-4F98-A9D4-D753E5EBABE8}) (Version: 15.0.26906 - Microsoft Corporation) Hidden
vs_minshellmsires (HKLM-x32\...\{6DFE6F8D-B61D-4348-AB70-4ABF1210DFD5}) (Version: 15.0.26621 - Microsoft Corporation) Hidden
vs_minshellmsires (HKLM-x32\...\{E70CC1B8-7ED5-4495-9C52-603FE87F38F4}) (Version: 15.0.26621 - Microsoft Corporation) Hidden
vs_networkemulationmsi_x64 (HKLM-x32\...\{DC5A810D-6264-4280-8475-4CB6B36D84AE}) (Version: 15.0.26621 - Microsoft Corporation) Hidden
vs_professionalmsi (HKLM-x32\...\{C135A30B-7258-4E11-8660-87C5642A4AAE}) (Version: 15.0.26621 - Microsoft Corporation) Hidden
vs_SQLClickOnceBootstrappermsi (HKLM-x32\...\{5C682D5E-7168-47C6-87CD-53E2103B08AC}) (Version: 15.0.26621 - Microsoft Corporation) Hidden
vs_tipsmsi (HKLM-x32\...\{032E21D1-556F-49D6-9518-CF53202AF63B}) (Version: 15.0.26621 - Microsoft Corporation) Hidden
Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0) (Version: 1.0.61.0 - LunarG, Inc.) Hidden
WCF RIA Services V1.0 SP2 (HKLM-x32\...\{3A523AF9-D32F-4C85-8388-0335731F3405}) (Version: 4.1.61829.0 - Microsoft Corporation)
WinDirStat 1.1.2 (HKU\S-1-5-21-123870419-2932056986-2441981344-1001\...\WinDirStat) (Version:  - )
WinRAR 5.40 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
Workflow Manager Client 1.0 (HKLM\...\{1B0B9544-5D83-4B35-AC27-EFB17D35EE51}) (Version: 2.1.10525.2 - Microsoft Corporation) Hidden
Workflow Manager Client 1.0 (HKLM\...\{69CD1F2D-DF68-4E23-9108-1B70783F2855}) (Version: 2.1.10525.2 - Microsoft Corporation) Hidden

Packages:
=========
Complemento de Fotos -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2017.39121.36610.0_x64__8wekyb3d8bbwe [2018-09-13] (Microsoft Corporation)
EdgeDevtoolsPlugin -> C:\Windows\SystemApps\Microsoft.EdgeDevtoolsPlugin_cw5n1h2txyewy [2019-03-08] (Microsoft Corporation)
Keeper - Password Manager & Secure File Storage -> C:\Program Files\WindowsApps\KeeperSecurityInc.Keeper_14.0.20.0_x64__kejf07qmg0jnm [2019-05-02] (Keeper Security Inc)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-25] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-25] (Microsoft Corporation) [MS Ad]
MSN El Tiempo -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.28.10351.0_x64__8wekyb3d8bbwe [2019-02-12] (Microsoft Corporation) [MS Ad]

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-123870419-2932056986-2441981344-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems Incorporated -> Adobe Systems)
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Rock_\AppData\Local\MEGAsync\ShellExtX64.dll [2019-06-05] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Rock_\AppData\Local\MEGAsync\ShellExtX64.dll [2019-06-05] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Rock_\AppData\Local\MEGAsync\ShellExtX64.dll [2019-06-05] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Sync\CoreSyncExtension\CoreSync_x64.dll [2017-08-14] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Sync\CoreSyncExtension\CoreSync_x64.dll [2017-08-14] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Sync\CoreSyncExtension\CoreSync_x64.dll [2017-08-14] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} =>  -> No File
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Rock_\AppData\Local\MEGAsync\ShellExtX64.dll [2019-06-05] (Mega Limited -> )
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Rock_\AppData\Local\MEGAsync\ShellExtX64.dll [2019-06-05] (Mega Limited -> )
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Rock_\AppData\Local\MEGAsync\ShellExtX64.dll [2019-06-05] (Mega Limited -> )
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} =>  -> No File
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Adobe\Adobe Sync\CoreSyncExtension\CoreSync_x64.dll [2017-08-14] (Adobe Systems Incorporated -> )
ContextMenuHandlers1: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => E:\Program Files\AIMP\System\aimp_menu64.dll [2019-04-20] (Artem Izmaylov -> AIMP DevTeam)
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} =>  -> No File
ContextMenuHandlers1: [Kaspersky Anti-Virus 19.0.0] -> {755D388B-420B-4692-A974-84AAF0E577D3} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\x64\ShellEx.dll [2019-04-15] (Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Rock_\AppData\Local\MEGAsync\ShellExtX64.dll [2019-06-05] (Mega Limited -> )
ContextMenuHandlers1: [NP8ShellExtension] -> {9C4B85B8-956C-49BF-9BA5-101384E562B2} => E:\Program Files\Nitro\NPShellExtension.dll [2017-03-09] (Nitro Software, Inc. -> Nitro PDF)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-15] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-15] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [Kaspersky Anti-Virus 19.0.0] -> {755D388B-420B-4692-A974-84AAF0E577D3} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\x64\ShellEx.dll [2019-04-15] (Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Rock_\AppData\Local\MEGAsync\ShellExtX64.dll [2019-06-05] (Mega Limited -> )
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => E:\Program Files\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Rock_\AppData\Local\MEGAsync\ShellExtX64.dll [2019-06-05] (Mega Limited -> )
ContextMenuHandlers4: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => E:\Program Files\AIMP\System\aimp_menu64.dll [2019-04-20] (Artem Izmaylov -> AIMP DevTeam)
ContextMenuHandlers4: [Kaspersky Anti-Virus 19.0.0] -> {755D388B-420B-4692-A974-84AAF0E577D3} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\x64\ShellEx.dll [2019-04-15] (Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Rock_\AppData\Local\MEGAsync\ShellExtX64.dll [2019-06-05] (Mega Limited -> )
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} =>  -> No File
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2017-10-27] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Adobe\Adobe Sync\CoreSyncExtension\CoreSync_x64.dll [2017-08-14] (Adobe Systems Incorporated -> )
ContextMenuHandlers6: [Kaspersky Anti-Virus 19.0.0] -> {755D388B-420B-4692-A974-84AAF0E577D3} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\x64\ShellEx.dll [2019-04-15] (Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => E:\Program Files\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-15] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-15] (win.rar GmbH -> Alexander Roshal)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


Shortcut: C:\Users\Rock_\Favorites\Sitio para descargas de NCH Software.lnk -> hxxp://www.nchsoftware.com/es/index.htm

==================== Loaded Modules (Whitelisted) ==============

2017-09-04 21:36 - 2005-04-22 13:36 - 000143360 _____ () [File not signed] C:\WINDOWS\system32\BrSNMP64.dll
2017-09-04 21:36 - 2013-03-08 15:44 - 000087040 _____ (Brother Industries, Ltd.) [File not signed] C:\WINDOWS\system32\BrNetSti.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-123870419-2932056986-2441981344-1001\...\fnmt.es -> hxxp://fnmt.es
IE trusted site: HKU\S-1-5-21-123870419-2932056986-2441981344-1001\...\fnmt.es -> hxxps://fnmt.es
IE trusted site: HKU\S-1-5-21-123870419-2932056986-2441981344-1001\...\fnmt.gob.es -> hxxps://fnmt.gob.es
IE trusted site: HKU\S-1-5-21-123870419-2932056986-2441981344-1001\...\fnmt.gob.es -> hxxp://fnmt.gob.es

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2017-03-18 23:03 - 2018-11-15 17:58 - 000000828 _____ C:\WINDOWS\system32\drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files\Microsoft MPI\Bin\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\dotnet\;E:\Program Files\QuickTime\QTSystem\;C:\Program Files (x86)\Microsoft SQL Server\Client SDK\ODBC\130\Tools\Binn\;C:\Program Files (x86)\Microsoft SQL Server\140\Tools\Binn\;C:\Program Files (x86)\Microsoft SQL Server\140\DTS\Binn\;C:\Program Files (x86)\Microsoft SQL Server\140\Tools\Binn\ManagementStudio\;C:\Program Files\Microsoft SQL Server\Client SDK\ODBC\130\Tools\Binn\;C:\Program Files (x86)\Microsoft SQL Server\130\Tools\Binn\;C:\Program Files\Microsoft SQL Server\130\Tools\Binn\;C:\Program Files\Microsoft SQL Server\130\DTS\Binn\;E:\Program Files\nodejs\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Microsoft ASP.NET\ASP.NET Web Pages\v1.0\;C:\Program Files\Microsoft SQL Server\110\Tools\Binn\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-123870419-2932056986-2441981344-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Rock_\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\background-909387_1280.jpg
HKU\S-1-5-80-1985561900-798682989-2213159822-1904180398-3434236965\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-80-3880006512-4290199581-1648723128-3569869737-3631323133\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
DNS Servers: Media is not connected to internet.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKU\S-1-5-21-123870419-2932056986-2441981344-1001\...\StartupApproved\StartupFolder: => "Enviar a OneNote.lnk"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [OpenSSH-Server-In-TCP] => (Allow) %SystemRoot%\system32\OpenSSH\sshd.exe (Microsoft Windows -> )
FirewallRules: [SNMP-In-UDP] => (Allow) %SystemRoot%\system32\snmp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [SNMP-Out-UDP] => (Allow) %SystemRoot%\system32\snmp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [SNMP-In-UDP-NoScope] => (Allow) %SystemRoot%\system32\snmp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [SNMP-Out-UDP-NoScope] => (Allow) %SystemRoot%\system32\snmp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [UDP Query User{1E8B18B0-663C-4FAE-B2B9-8D57575637ED}E:\program files\unity\editor\unity.exe] => (Allow) E:\program files\unity\editor\unity.exe (Unity Technologies Aps -> Unity Technologies ApS)
FirewallRules: [TCP Query User{9001E97C-7D50-404C-934C-980AF4D54006}E:\program files\unity\editor\unity.exe] => (Allow) E:\program files\unity\editor\unity.exe (Unity Technologies Aps -> Unity Technologies ApS)
FirewallRules: [{1832DEE3-F413-4E25-BED6-D68505FE2AE6}] => (Block) E:\Program Files\Unity\Editor\Unity.exe (Unity Technologies Aps -> Unity Technologies ApS)
FirewallRules: [{1EE972DA-5E12-444B-A3AA-105A4082E3A3}] => (Allow) E:\Program Files\Unity\Editor\Unity.exe (Unity Technologies Aps -> Unity Technologies ApS)
FirewallRules: [{C9A68B5E-E107-4EC2-B493-E35B206ED1EC}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{09CA2E58-640D-47AB-A4A7-91000BF45A53}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{F541261B-0FF1-4E48-984C-E1D606831BC0}] => (Allow) E:\Program Files\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{5C5A053A-2DB8-48F3-BC12-EF63D4A01264}] => (Allow) E:\Program Files\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{8F02C16C-8043-4647-88B3-7816076E0B76}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{8FE2AF3D-28E5-4FE9-808B-9F400F241F65}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{C9C03D5A-6620-4C28-A3A7-5233DC0B5B25}] => (Allow) E:\Program Files\Steam\steamapps\common\Outlast\OutlastLauncher.exe (Red Barrels Inc.) [File not signed]
FirewallRules: [{D07005AB-9FF9-41A5-AB8C-4AC4305000B9}] => (Allow) E:\Program Files\Steam\steamapps\common\Outlast\OutlastLauncher.exe (Red Barrels Inc.) [File not signed]
FirewallRules: [{449CA2AC-EDB5-4506-A310-97EDC5119C3D}] => (Allow) C:\Program Files\Microsoft MPI\Bin\smpd.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{B48AE5DA-0368-45A9-8E82-6F6FCDA55042}] => (Allow) C:\Program Files\Microsoft MPI\Bin\smpd.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{530205EC-58CD-4219-ABEE-820B8FB869E3}] => (Allow) C:\Program Files\Microsoft MPI\Bin\mpiexec.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{B9517C2B-4BD4-4049-9FD2-7531DCFCF203}] => (Allow) C:\Program Files\Microsoft MPI\Bin\mpiexec.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{69049875-D576-406E-92B2-57A15315337A}] => (Allow) C:\Program Files\Microsoft MPI\Bin\msmpilaunchsvc.exe () [File not signed]
FirewallRules: [{06D64D6F-A4E6-4756-9C3F-C82C6992654C}] => (Allow) C:\Program Files\Microsoft MPI\Bin\msmpilaunchsvc.exe () [File not signed]
FirewallRules: [{5FC5C5D2-ED54-4375-9A43-D68998ABB120}] => (Allow) E:\Program Files\Steam\steamapps\common\The Walking Dead\WalkingDead101.exe (Telltale Games) [File not signed]
FirewallRules: [{DEEF563A-023C-41EC-8702-C63A29E42A15}] => (Allow) E:\Program Files\Steam\steamapps\common\The Walking Dead\WalkingDead101.exe (Telltale Games) [File not signed]
FirewallRules: [{E0BFB49D-39C3-4D37-BE1A-B4B0A8B56F51}] => (Allow) E:\Program Files\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{64CC9AEC-DBEA-42D9-A9FB-808DA0A32EF7}] => (Allow) E:\Program Files\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{5DF0F79D-366F-4BEA-8EEE-0335AEFB4CB8}] => (Allow) LPort=54925
FirewallRules: [{4C807DB9-117A-47D7-B7F6-46FFB16CABA4}] => (Allow) E:\Program Files\Steam\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [{A716A6A7-F72C-4791-B788-911D34EAD19D}] => (Allow) E:\Program Files\Steam\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [{43CDAF14-CD58-4251-8934-D5D7498535FC}] => (Allow) E:\Program Files\Steam\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations)
FirewallRules: [{911826AD-C57B-4AAC-892D-833C3EC465DE}] => (Allow) E:\Program Files\Steam\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations)
FirewallRules: [{223BDCCD-4743-4836-9A61-EFBDC4379495}] => (Allow) E:\Program Files\Ubisoft Game Launcher\games\Assassin's Creed IV Black Flag\AC4BFSP.exe (Ubisoft Entertainment SA -> )
FirewallRules: [{DA1F458C-F54C-4EC2-8338-62F733EC8BEC}] => (Allow) E:\Program Files\Ubisoft Game Launcher\games\Assassin's Creed IV Black Flag\AC4BFSP.exe (Ubisoft Entertainment SA -> )
FirewallRules: [{CE44AE54-D1AE-4705-B2F6-F1B812B26E7F}] => (Allow) E:\Program Files\Ubisoft Game Launcher\games\Assassin's Creed IV Black Flag\AC4BFMP.exe (Ubisoft Entertainment SA -> )
FirewallRules: [{97F72C83-F6E3-4C06-9EB6-A918BD42CE0E}] => (Allow) E:\Program Files\Ubisoft Game Launcher\games\Assassin's Creed IV Black Flag\AC4BFMP.exe (Ubisoft Entertainment SA -> )
FirewallRules: [{0A96A653-EE91-4F53-948C-07171F2A873E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{26625A55-2D22-40F8-8636-F9DDC3462954}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{4513939F-71EF-4D96-96C9-FC5135D98724}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{F4B54AE7-FBD9-4C20-88A2-A3215EDDB64F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{6160734C-B21D-4AEE-AF40-F93EA78B2395}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{DFDD5B6D-6581-4DB6-A841-35CB791EA427}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{A1D2C820-DEFF-4615-B994-B4BC77B1BBEB}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F83446F0-ABF7-4981-B912-41B8F4B11D13}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{433B43EC-DE60-4F40-AF37-5D66C85F1486}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{5B0CB559-D67B-4AD5-B89B-67790F4775E4}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.)
FirewallRules: [{295B211D-ECAF-457C-8FFF-70E0FE682FAE}] => (Allow) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe (AVAST Software s.r.o. -> AVAST Software)

==================== Restore Points =========================

ATTENTION: System Restore is disabled

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (06/14/2019 07:38:50 PM) (Source: PerfNet) (EventID: 2004) (User: )
Description: No se puede abrir el objeto de rendimiento del servicio del servidor. Los primeros cuatro bytes (DWORD) de la sección de datos contienen el código de estado.

Error: (06/14/2019 07:36:58 PM) (Source: PerfNet) (EventID: 2004) (User: )
Description: No se puede abrir el objeto de rendimiento del servicio del servidor. Los primeros cuatro bytes (DWORD) de la sección de datos contienen el código de estado.

Error: (06/14/2019 07:21:15 PM) (Source: Microsoft-Windows-Perflib) (EventID: 1023) (User: NT AUTHORITY)
Description: Windows no puede cargar el archivo DLL del contador extensible "C:\WINDOWS\system32\sysmain.dll" (código de error de Win32 126).

Error: (06/14/2019 07:15:08 PM) (Source: PerfNet) (EventID: 2004) (User: )
Description: No se puede abrir el objeto de rendimiento del servicio del servidor. Los primeros cuatro bytes (DWORD) de la sección de datos contienen el código de estado.

Error: (06/14/2019 07:14:06 PM) (Source: .NET Runtime) (EventID: 1025) (User: )
Description: Aplicación: avpui.exe
Versión de Framework: v4.0.30319
Descripción: la aplicación solicitó la finalización del proceso a través de System.Environment.FailFast(mensaje de cadena).
Mensaje: Terminate on shutting down of the current session
Pila:
   en System.Environment.FailFast(System.String, System.Exception)
   en KasperskyLab.UI.Common.ExceptionPolicy.ProcessFirstChanceException(System.Object, System.Runtime.ExceptionServices.FirstChanceExceptionEventArgs)
   en MS.Win32.Penimc.IPimcManager2.GetTablet(UInt32, MS.Win32.Penimc.IPimcTablet2 ByRef)
   en System.Windows.Input.PenThreadWorker+WorkerOperationGetTabletInfo.OnDoWork()
   en System.Windows.Input.PenThreadWorker+WorkerOperation.DoWork()
   en System.Windows.Input.PenThreadWorker.ThreadProc()
   en System.Threading.ThreadHelper.ThreadStart_Context(System.Object)
   en System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   en System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   en System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
   en System.Threading.ThreadHelper.ThreadStart()

Error: (06/13/2019 07:19:22 PM) (Source: Microsoft-Windows-Perflib) (EventID: 1023) (User: NT AUTHORITY)
Description: Windows no puede cargar el archivo DLL del contador extensible "C:\WINDOWS\system32\sysmain.dll" (código de error de Win32 126).

Error: (06/13/2019 07:19:19 PM) (Source: Microsoft-Windows-Perflib) (EventID: 1017) (User: NT AUTHORITY)
Description: Se deshabilitó la recopilación de datos de los contadores de rendimiento del servicio "ASP.NET_64_2.0.50727" debido a uno o más errores generados por la biblioteca de contadores de rendimiento de este servicio. Los errores que exigieron esta acción se escribieron en el registro de eventos de la aplicación. Corrija estos errores antes de habilitar los contadores de rendimiento para este servicio.

Error: (06/13/2019 07:19:19 PM) (Source: Microsoft-Windows-Perflib) (EventID: 1022) (User: NT AUTHORITY)
Description: Windows no puede abrir el archivo DLL del contador extensible de 64 bits "C:\WINDOWS\Microsoft.NET\Framework64\v2.0.50727\aspnet_perf.dll" en un entorno de 32 bits (código de error de Win32 193). Ponte en contacto con el proveedor de archivos para obtener una versión de 32 bits. También puedes abrir el archivo DLL del contador extensible de 64 bits mediante la versión de 64 bits del monitor de rendimiento. Para usar esta herramienta, abre la carpeta Windows, a continuación la carpeta System32 e inicia Perfmon.exe.


System errors:
=============
Error: (06/14/2019 09:45:20 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: El servicio NVIDIA LocalSystem Container terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 6000 milisegundos: Reiniciar el servicio.

Error: (06/14/2019 09:45:20 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: El servicio NVIDIA Display Container LS terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 1000 milisegundos: Reiniciar el servicio.

Error: (06/14/2019 09:36:17 PM) (Source: DCOM) (EventID: 10000) (User: DESKTOP-QJF5P18)
Description: No se puede iniciar un servidor DCOM: {0358B920-0AC7-461F-98F4-58E32CD89148}. Error 
"0"
al iniciar este comando:
C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}

Error: (06/14/2019 07:53:45 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-QJF5P18)
Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID 
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
 y APPID 
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
 al usuario DESKTOP-QJF5P18\Rock_ con SID (S-1-5-21-123870419-2932056986-2441981344-1001) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.

Error: (06/14/2019 07:43:08 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio HuaweiHiSuiteService64.exe se terminó de manera inesperada. Esto ha sucedido 1 veces.

Error: (06/14/2019 07:41:31 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-QJF5P18)
Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID 
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
 y APPID 
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
 al usuario DESKTOP-QJF5P18\Rock_ con SID (S-1-5-21-123870419-2932056986-2441981344-1001) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.

Error: (06/14/2019 07:40:41 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: La configuración de permisos específico de la aplicación no concede el permiso Iniciar Local para la aplicación de servidor COM con CLSID 
Windows.SecurityCenter.SecurityAppBroker
 y APPID 
No disponible
 al usuario NT AUTHORITY\SYSTEM con SID (S-1-5-18) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.

Error: (06/14/2019 07:40:41 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: La configuración de permisos específico de la aplicación no concede el permiso Iniciar Local para la aplicación de servidor COM con CLSID 
Windows.SecurityCenter.WscBrokerManager
 y APPID 
No disponible
 al usuario NT AUTHORITY\SYSTEM con SID (S-1-5-18) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.


CodeIntegrity:
===================================

Date: 2019-06-14 21:45:09.942
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\avp.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-06-14 21:41:17.852
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-06-14 21:41:16.638
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-06-14 21:41:07.064
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-06-14 21:41:04.858
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-06-14 21:41:00.610
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-06-14 21:40:59.511
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-06-14 21:40:59.033
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

==================== Memory info =========================== 

BIOS: American Megatrends Inc. F4 02/21/2017
Motherboard: Gigabyte Technology Co., Ltd. B250M-DS3H-CF
Processor: Intel(R) Core(TM) i3-7100 CPU @ 3.90GHz
Percentage of memory in use: 40%
Total physical RAM: 8150.79 MB
Available physical RAM: 4813.42 MB
Total Virtual: 9750.79 MB
Available Virtual: 5167.35 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:111.3 GB) (Free:48.72 GB) NTFS
Drive d: (Reservado para el sistema) (Fixed) (Total:0.49 GB) (Free:0.46 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive e: (DISCO 1TB) (Fixed) (Total:931.51 GB) (Free:485.56 GB) NTFS


==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 111.8 GB) (Disk ID: A206DDA3)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=111.3 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: B60DC778)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

Hola.

Por favor, ponme el informe de AdwCleaner donde salen esas infecciones.

Después de REINICIAR el equipo accedes o usas algún navegador o programa antes de volver a pasar AdwCleaner…??

Tienes alguna cuenta/usuario de algún navegador “sincronizado” con algún otro dispositivo/equipo…??

No , no accedi a ningun programa directamente a adwcleaner. Tal vez el chrome con el del movil este sincronizado. Aqui lo dejo

-------------------------------
# Malwarebytes AdwCleaner 7.3.0.0
# -------------------------------
# Build:    04-04-2019
# Database: 2019-05-27.1 (Cloud)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start:    06-14-2019
# Duration: 00:00:11
# OS:       Windows 10 Pro
# Scanned:  27501
# Detected: 4


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

PUP.Optional.Legacy             Trovi search
PUP.Optional.SweetPage.ShrtCln  sweet-page
PUP.Optional.SweetPage.ShrtCln  sweet-page
PUP.Optional.Trovi              Trovi search

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.


AdwCleaner[S00].txt - [1267 octets] - [14/06/2019 19:36:09]
AdwCleaner[C00].txt - [1433 octets] - [14/06/2019 19:36:21]
AdwCleaner[S01].txt - [1516 octets] - [14/06/2019 19:37:50]
AdwCleaner[C01].txt - [1628 octets] - [14/06/2019 19:38:10]
AdwCleaner[S02].txt - [1638 octets] - [14/06/2019 19:39:30]
AdwCleaner[S03].txt - [1554 octets] - [14/06/2019 21:43:15]
AdwCleaner[S04].txt - [1615 octets] - [14/06/2019 21:43:52]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S05].txt ##########

Hola.

Bien… pues APAGA totalmente TU móvil e inmediatamente revisa en el navegador(Chrome) del PC siguiendo estos pasos :

• Escribes en la barra de direcciones chrome://settings/syncSetup

Y comprueba/desactiva la opción “Sincronizar todo” y después de hacerlo :

• Escribes en la barra de direcciones chrome://settings/resetProfileSettings y aceptas la opción de “Restablecer la configuración”.

Después de hacerlo cierras el navegador lo vuelves a iniciar y compruebas que se haya desactivado la sincronización correctamente y de momento lo dejas desactivado.

REINICIAS el equipo y verificas con AdwCleaner si te siguen saliendo esos PUP

Nos comentas resultados.

Saludos.

Buenas Javier , gracias por la ayuda ya lo he desincronziado reinciiado y vuelto a analizar y me han vuelto a salir, copio reporte.

Lo volvi a pasar despues de reiniciar y ya no me salen volvere a probarlo despues de abrir el chrome.

# -------------------------------
# Malwarebytes AdwCleaner 7.3.0.0
# -------------------------------
# Build:    04-04-2019
# Database: 2019-05-27.1 (Cloud)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start:    06-16-2019
# Duration: 00:00:02
# OS:       Windows 10 Pro
# Cleaned:  4
# Failed:   0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

Deleted       Trovi search
Deleted       Trovi search
Deleted       sweet-page
Deleted       sweet-page

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1267 octets] - [14/06/2019 19:36:09]
AdwCleaner[C00].txt - [1433 octets] - [14/06/2019 19:36:21]
AdwCleaner[S01].txt - [1516 octets] - [14/06/2019 19:37:50]
AdwCleaner[C01].txt - [1628 octets] - [14/06/2019 19:38:10]
AdwCleaner[S02].txt - [1638 octets] - [14/06/2019 19:39:30]
AdwCleaner[S03].txt - [1554 octets] - [14/06/2019 21:43:15]
AdwCleaner[S04].txt - [1615 octets] - [14/06/2019 21:43:52]
AdwCleaner[S05].txt - [1821 octets] - [14/06/2019 21:59:16]
AdwCleaner[S06].txt - [1882 octets] - [16/06/2019 11:16:33]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C06].txt ##########

Malwarebytes
www.malwarebytes.com

-Detalles del registro-
Fecha del análisis: 16/6/19
Hora del análisis: 11:27
Archivo de registro: ee356eca-9018-11e9-ad1c-1c1b0df589b6.json

-Información del software-
Versión: 3.7.1.2839
Versión de los componentes: 1.0.586
Versión del paquete de actualización: 1.0.11074
Licencia: Prueba

-Información del sistema-
SO: Windows 10 (Build 17763.557)
CPU: x64
Sistema de archivos: NTFS
Usuario: DESKTOP-QJF5P18\Rock_

-Resumen del análisis-
Tipo de análisis: Análisis de amenazas
Análisis iniciado por:: Manual
Resultado: Completado
Objetos analizados: 394257
Amenazas detectadas: 1
Amenazas en cuarentena: 1
Tiempo transcurrido: 2 min, 56 seg

-Opciones de análisis-
Memoria: Activado
Inicio: Activado
Sistema de archivos: Activado
Archivo: Activado
Rootkits: Desactivado
Heurística: Activado
PUP: Detectar
PUM: Detectar

-Detalles del análisis-
Proceso: 0
(No hay elementos maliciosos detectados)

Módulo: 0
(No hay elementos maliciosos detectados)

Clave del registro: 0
(No hay elementos maliciosos detectados)

Valor del registro: 0
(No hay elementos maliciosos detectados)

Datos del registro: 0
(No hay elementos maliciosos detectados)

Secuencia de datos: 0
(No hay elementos maliciosos detectados)

Carpeta: 0
(No hay elementos maliciosos detectados)

Archivo: 1
PUP.Optional.Spigot, C:\USERS\ROCK_\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Sustituido, [163], [475078],1.0.11074

Sector físico: 0
(No hay elementos maliciosos detectados)

WMI: 0
(No hay elementos maliciosos detectados)


(end)

Buenas noticias!,

He vueltoa pasar Adwcleaner y Malware y ya no me detecta las entradas maliciosas. Tema de sincronizar chrome del movil,asi que supongo que el movil tengo malware. Un saludo.

Hola.

Que te vuelvan a aparecer después de dessincronizar y REINICIAR entraba dentro de lo esperado.

Y que YA no hayan vuelto a salir después de pasar ADW y MBAM era lo normal también.

Ahora quedaría que inicies de nuevo Chrome en tu PC y vuelvas a verificar con AdwCleaner.

Si sigue todo en orden prueba a sincronizar de nuevo con el móvil, SI yo no me equivoco el que “manda” en la sincronización es el PC… lo que ocurre es que mientras NO se hace la dessincronizacion se mantiene la infección que va “pasando” desde el PC al movil.

Prueba y nos comentas.