POSIBLE VIRUS / oobelibMkey en Appdata local

Hola, buenas noches, hoy mismo me he percatado de la existencia de 2 archivos en el local de la carpeta appdata, los cuales eran el “oobelibMkey” y otro con un nombre bastante largo, los cuales he eliminado de manera rudimentaria, y he pasado el malwarebytes sobre todos mis discos (:C y :E) y no se ha encontrado nada. Al indagar por internet he visto que el nombre del archivo esta muy relacionado con virus, etc. Entonces esta noche he vuelto a comprobar si estaban los archivos y efectivamente, se ha creado el bloc de notas “oobelibMkey”, esta vez vacio, el anterior que ya eliminé contenia alguna serie de información en dos parrafos distintos.

Posteo el tema por si pueden ayudarme, de momento el pc va super bien y no he tenido ningun problema, salvo por la aparicion de este archivo. Nota: el de mi novia también le sucede lo mismo.

Muchas gracias por la atención.

Hola @paul_brester bienvenido al ForoSpyware

Realiza los siguientes pasos, aunque hayas hecho alguno, sin cambiar el orden:

1) Descarga, instala y ejecuta Malwarebytes’ Anti-Malware.

  • Presiona clic en “Use Malewarebytes Free” (Usar Malewarebyte gratis).

  • Pulsa en el botón “Open Malewarebytes Free”.

imagen

  • Presiona el botón “Scan” (Escaneo).

imagen

Una vez finalizado el escaneo aparecerá la siguiente pantalla:

imagen

  • Pulsa en “View report” (Ver informe).

  • Luego presionar el botón “Export” (Exportar). Elijes “Text file” (fichero de texto). Elijes un nombre y guardas ese archivo en el escritorio…

2) Descarga AdwCleaner | InfoSpyware en el escritorio.

  • Desactiva temporalmente el Antivirus >> Cómo deshabilitar temporalmente su Antivirus.
  • Cierra también todos los programas que tengas abiertos.
  • Ejecuta Adwcleaner.exe (Si usas Windows Vista/7 u 8 presiona clic derecho y selecciona "Ejecutar como Administrador".)
  • Pulsar en el botón Escanear, y espera a que se realice el proceso, inmediatamente pulsa sobre el botón Limpiar.
  • Espera a que se complete y sigue las instrucciones, si te pidiera Reiniciar el sistema Aceptas.
  • Guardas el reporte que te aparecerá, para copiarlo y pegarlo en tu próxima respuesta.
  • El informe también se puede encontrar en C:\AdwCleaner\AdwCleaner[C1].txt

3) Descarga CCleaner

  • Instala Ccleaner
  • Abres Ccleaner en la pestaña limpiador dejas como esta configurada predeterminadamente, haces clic en analizar esperas que termine >> clic en ejecutar limpiador
  • Clic en la pestaña Registro >> clic en buscar problemas esperas que termine >> clic en Reparar Seleccionadas y haces una copia de seguridad
  • Vuelves a darle clic en buscar problemas hasta que no encuentre ninguno.

Pega los reportes de Malwarebytes y AdwCleaner y comentas como va el problema.

¿Cómo pegar reportes en el foro?

Un saludo

AdwCleaner[C01]_Reporte.txt (1,8 KB) report_MWbytes_01.txt (1,5 KB)

Aquí estan ambos, el paso del ccleaner también esta completado al 100%

De nuevo muchas gracias por la atención.

Hola

Desactiva temporalmente el Antivirus >> Cómo deshabilitar temporalmente su Antivirus

Descarga Farbar Recovery Scan Tool.en el escritorio, seleccionando la versión adecuada para la arquitectura(32 o 64bits) de tu equipo >> ¿Como saber si mi Windows es de 32 o 64 bits.?

  • Ejecuta FRST.exe.
  • En el mensaje de la ventana del Disclaimer, pulsamos Yes
  • En la ventana principal pulsamos en el botón Scan y esperamos a que concluya el proceso.
  • Se abrirán dos(2) archivos(Logs), Frst.txt y Addition.txt, estos quedaran grabados en el escritorio.

Pon los dos reportes generados.

Debes copiarlos y pegarlos con todo su contenido y usaras varios mensajes si recibes un mensaje de error indicando que es muy largo(mas de 50.000 caracteres aprox.).

Un saludo

[CODE] Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 07-12-2019 Ran by Edu (administrator) on DESKTOP-T54B0C5 (Micro-Star International Co., Ltd. MS-7B79) (09-12-2019 16:11:29) Running from E:\Descargas Loaded Profiles: Edu (Available Profiles: Edu) Platform: Windows 10 Home Version 1903 18362.476 (X64) Language: Español (España, internacional) Default browser: FF Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(@ByELDI -> @ByELDI) [File not signed] C:\Program Files\KMSpico\Service_KMS.exe (Adobe Inc. -> ) C:\Program Files (x86)\Adobe\Adobe Sync\CoreSync\CoreSync.exe (Adobe Inc. -> Adobe Inc) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\Adobe Installer.exe (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe (Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe (Adobe Inc. -> Adobe Inc.) C:\Program Files\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe (Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe (Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\Creative Cloud Libraries\CCLibrary.exe (Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe (Adobe Systems Incorporated) C:\Program Files\WindowsApps\AdobeNotificationClient_1.0.1.22_x86__enpm4xejd91yc\AdobeNotificationClient.exe (AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe (A-Volute -> ) C:\Program Files\Nahimic\Nahimic2\UserInterface\Nahimic2Svc32.exe (A-Volute -> ) C:\Program Files\Nahimic\Nahimic2\UserInterface\x64\Nahimic2Svc64.exe (A-Volute -> Nahimic) C:\Program Files\Nahimic\Nahimic2\UserInterface\Nahimic2UILauncher.exe (Discord Inc. -> Discord Inc.) C:\Users\Edu\AppData\Local\Discord\app-0.0.305\Discord.exe (Discord Inc. -> Discord Inc.) C:\Users\Edu\AppData\Local\Discord\app-0.0.305\Discord.exe (Discord Inc. -> Discord Inc.) C:\Users\Edu\AppData\Local\Discord\app-0.0.305\Discord.exe (Discord Inc. -> Discord Inc.) C:\Users\Edu\AppData\Local\Discord\app-0.0.305\Discord.exe (Electronic Arts, Inc. -> Electronic Arts) E:\Program Files (x86)\Origin\OriginWebHelperService.exe (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGABYTE Technology Co.,Ltd.) C:\Program Files (x86)\GIGABYTE\AORUS ENGINE\AORUS.exe (Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.342\GoogleCrashHandler.exe (Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.342\GoogleCrashHandler64.exe (ICEpower a/s -> ICEpower a/s) C:\Windows\System32\ICEsoundService64.exe (Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub.exe (Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub.exe (Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub_agent.exe (Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub_updater.exe (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe (Microsoft Corporation -> Microsoft Corporation) C:\Users\Edu\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe (Microsoft Corporation) [File not signed] C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1910.0.0_x64__8wekyb3d8bbwe\Calculator.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_3.35.14003.0_x64__8wekyb3d8bbwe\GameBar.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_3.35.14003.0_x64__8wekyb3d8bbwe\GameBarFT.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeSH.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SecurityHealthHost.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT’L CO., LTD.) C:\MSI\MSIRegister\MSIRegisterService.exe (Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Node.js Foundation -> Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\libs\node.exe (Node.js Foundation -> Node.js) C:\Program Files\Common Files\Adobe\Creative Cloud Libraries\libs\node.exe (NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe (Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Valve -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve -> Valve Corporation) E:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation) E:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation) E:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation) E:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation) E:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation) E:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation) E:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation) E:\Program Files (x86)\Steam\Steam.exe (Wacom Technology Corp. -> Wacom Technology) C:\Program Files\Tablet\Wacom\WacomHost.exe (Wacom Technology Corporation -> Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe (Wacom Technology Corporation -> Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe (Wacom Technology Corporation -> Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe (Wacom Technology Corporation -> Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\WTabletServicePro.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM…\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9270216 2018-04-01] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM…\Run: [Nahimic2UILauncher] => C:\Program Files\Nahimic\Nahimic2\UserInterface\Nahimic2UILauncher.exe [734256 2018-03-12] (A-Volute -> Nahimic) HKLM…\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [268680 2019-10-05] (AVAST Software s.r.o. -> AVAST Software) HKLM…\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2872400 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated) HKLM-x32…\Run: [MSIRegister] => C:\MSI\MSIRegister\MSIRegister.exe [1263288 2018-02-27] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT’L CO., LTD.) HKLM-x32…\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation -> Microsoft Corporation) HKLM-x32…\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [644552 2019-07-04] (Oracle America, Inc. -> Oracle Corporation) HKLM-x32…\Run: [Adobe Creative Cloud] => C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2084920 2019-09-27] (Adobe Inc. -> Adobe Inc.) HKU\S-1-5-21-1607368136-3069782937-3934110308-1001…\Run: [Steam] => E:\Program Files (x86)\Steam\steam.exe [3289040 2019-11-29] (Valve -> Valve Corporation) HKU\S-1-5-21-1607368136-3069782937-3934110308-1001…\Run: [uTorrent] => C:\Users\Edu\AppData\Roaming\uTorrent\uTorrent.exe [2005224 2019-11-06] (BitTorrent Inc -> BitTorrent Inc.) HKU\S-1-5-21-1607368136-3069782937-3934110308-1001…\Run: [Discord] => C:\Users\Edu\AppData\Local\Discord\app-0.0.305\Discord.exe [81780056 2019-03-07] (Discord Inc. -> Discord Inc.) HKU\S-1-5-21-1607368136-3069782937-3934110308-1001…\Run: [Speech Recognition] => C:\WINDOWS\Speech\Common\sapisvr.exe [45056 2019-03-19] (Microsoft Windows -> Microsoft Corporation) HKU\S-1-5-21-1607368136-3069782937-3934110308-1001…\Run: [CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [144008 2019-11-26] (Adobe Inc. -> Adobe Systems Incorporated) HKU\S-1-5-21-1607368136-3069782937-3934110308-1001…\Run: [com.blitz.app] => C:\Users\Edu\AppData\Local\Blitz\Update.exe [1845320 2019-09-13] (Swift Media Entertainment, Inc. -> GitHub) HKU\S-1-5-21-1607368136-3069782937-3934110308-1001…\Run: [LoR deck tracker] => C:\Users\Edu\AppData\Local\RDT\app-0.3.9\RDT.exe [1047272 2019-11-19] (Gamers Net Inc -> Mobalytics) HKU\S-1-5-21-1607368136-3069782937-3934110308-1001…\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [24552064 2019-10-14] (Piriform Software Ltd -> Piriform Ltd) HKU\S-1-5-21-1607368136-3069782937-3934110308-1001…\Run: [LGHUB] => C:\Program Files\LGHUB\lghub.exe [71464072 2019-12-05] (Logitech Inc -> Logitech, Inc.) HKU\S-1-5-21-1607368136-3069782937-3934110308-1001…\Policies\Explorer: [] HKU\S-1-5-21-1607368136-3069782937-3934110308-1001…\MountPoints2: {5bb7312d-e70a-11e9-8908-00d861187458} - “D:\HiSuiteDownLoader.exe” HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\78.0.3904.108\Installer\chrmstp.exe [2019-11-21] (Google LLC -> Google LLC) Startup: C:\Users\Edu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\GIGABYTE AORUS GRAPHICS ENGINE.lnk [2018-12-24] ShortcutTarget: GIGABYTE AORUS GRAPHICS ENGINE.lnk -> C:\Program Files (x86)\GIGABYTE\AORUS ENGINE\autorun.exe () [File not signed] Startup: C:\Users\Edu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk [2019-11-23] ShortcutTarget: MEGAsync.lnk -> C:\ProgramData\MEGAsync\MEGAsync.exe (Mega Limited -> Mega Limited) Startup: C:\Users\Edu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Twitch.lnk [2019-11-22] ShortcutTarget: Twitch.lnk -> E:\Program Files (x86)\Twitch\Bin\Twitch.exe (Twitch Interactive, Inc. -> Twitch Interactive, Inc.) FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0D792A3F-7EFD-4446-AC75-B2D1764235FE} - System32\Tasks\AutoPico Daily Restart => C:\Program Files\KMSpico\AutoPico.exe [745664 2016-01-11] (@ByELDI -> @ByELDI) [File not signed] Task: {0F7D51A9-4533-4EA6-8F45-A84DCEB9B769} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [152216 2018-12-24] (Google Inc -> Google Inc.) Task: {106CFD8F-5438-4518-8FC7-47738737C47D} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_293_pepper.exe [1453112 2019-11-14] (Adobe Inc. -> Adobe) Task: {171B9263-3F59-4B9F-AF00-8BAE81325F33} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-09-27] (NVIDIA Corporation -> NVIDIA Corporation) Task: {1C9FE146-C79B-4B64-B441-B57017D95878} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [3933576 2019-10-05] (AVAST Software s.r.o. -> AVAST Software) Task: {1E69147D-6271-4065-90FD-1E3E90091670} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1133368 2019-10-24] (NVIDIA Corporation -> NVIDIA Corporation) Task: {2318C102-4605-42E3-9D30-2FE9AF3E0460} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_293_Plugin.exe [1457720 2019-11-14] (Adobe Inc. -> Adobe) Task: {3D6822B9-4DBB-491D-9744-33B17611BDD0} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-11-14] (Adobe Inc. -> Adobe) Task: {517A939D-2E2E-4D47-AA61-AA76A6F241D1} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2872400 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated) Task: {5516AC80-B9BE-47C9-A55D-F7B01DBE0265} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [913720 2019-10-24] (NVIDIA Corporation -> NVIDIA Corporation) Task: {5BC21703-6107-4785-A219-87A9B234BEF7} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1240656 2019-09-10] (Adobe Inc. -> Adobe Systems) Task: {658CEDEF-3A62-4422-87D8-1CC1E413B338} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [1179648 2017-07-07] () [File not signed] Task: {6770ED22-DD50-42AE-A80E-9F7375BB38D1} - System32\Tasks\Launcher GIGABYTE AORUS GRAPHICS ENGINE => C:\Program Files (x86)\GIGABYTE\AORUS ENGINE\AORUS.exe [30847432 2018-12-18] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGABYTE Technology Co.,Ltd.) Task: {74EB7841-E966-4023-95EF-04A17E13F377} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [608384 2019-10-14] (Piriform Software Ltd -> Piriform Software Ltd) Task: {75173F54-4B2A-4719-AAE1-7694552738DF} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1133368 2019-10-24] (NVIDIA Corporation -> NVIDIA Corporation) Task: {7F89ABF8-4F8C-44F4-A4C4-81A2B4F5A54F} - System32\Tasks\MSILEDKeeper_Host => C:\Program Files (x86)\MSI\MysticLight\LEDKeeper.exe [1000608 2018-12-06] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int’l Co., Ltd.) Task: {872808F8-FD89-4B77-A99E-64D63DDC2FBE} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [913720 2019-10-24] (NVIDIA Corporation -> NVIDIA Corporation) Task: {8B4A5F49-B9D0-44BF-82DE-A7EAF46C33DE} - System32\Tasks\Nahimic2svc32Run => C:\Program Files\Nahimic\Nahimic2\UserInterface\Nahimic2svc32.exe [4412464 2018-03-12] (A-Volute -> ) Task: {92FB722E-CE5F-4ED6-964A-AFB20CA1B009} - System32\Tasks\MSISW_Host => C:\WINDOWS\SysWOW64\muachost.exe [1692840 2015-08-18] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) Task: {93DAC093-A249-4B0D-89AF-F1CC156C66B5} - System32\Tasks\Nahimic2svc64Run => C:\Program Files\Nahimic\Nahimic2\UserInterface\x64\Nahimic2svc64.exe [520752 2018-03-12] (A-Volute -> ) Task: {A2E15E91-8AE3-4FC1-ACB3-A70B40F05603} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3301928 2019-10-25] (NVIDIA Corporation -> NVIDIA Corporation) Task: {A5A20977-345F-4FBC-A3A4-D97956E5D5DE} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [152216 2018-12-24] (Google Inc -> Google Inc.) Task: {C32C21F2-C7B7-432B-A2BA-B62C6EC271BA} - System32\Tasks\MEGA\MEGAsync Update Task S-1-5-21-1607368136-3069782937-3934110308-1001 => C:\ProgramData\MEGAsync\MEGAupdater.exe [615160 2019-09-05] (Mega Limited -> Mega Limited) Task: {C3B1A767-5F68-4572-9949-7937015C7163} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1133368 2019-10-24] (NVIDIA Corporation -> NVIDIA Corporation) Task: {C3D2ED43-537D-4652-A30D-B7C27A9ED643} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1133368 2019-10-24] (NVIDIA Corporation -> NVIDIA Corporation) Task: {CB94FB05-D4AA-4D50-BA32-8B78A89547B4} - System32\Tasks\Nahimic2UILauncherRun => C:\Program Files\Nahimic\Nahimic2\UserInterface\Nahimic2UILauncher.exe [734256 2018-03-12] (A-Volute -> Nahimic) Task: {D3129A5F-28C3-4FA3-B03D-4E91D034FF70} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [654456 2019-10-24] (NVIDIA Corporation -> NVIDIA Corporation) Task: {DDC3B855-8074-4C86-BE33-A35BFC401C36} - System32\Tasks\MSI_Toast_Server => C:\Program Files (x86)\MSI\MSI Toast Server\MSIToastServer.exe [30648 2017-07-10] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT’L CO., LTD.) Task: {E871A6F8-1E30-4E85-B901-A5AC1F94726E} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [18458752 2019-10-14] (Piriform Software Ltd -> Piriform Ltd) Task: {EC5D1A0C-E1F4-4EC8-AC36-D9671DA934BC} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [1873288 2019-09-19] (AVAST Software s.r.o. -> AVAST Software) Task: {F3C3F69B-79EC-491C-B33A-60F328094233} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-09-27] (NVIDIA Corporation -> NVIDIA Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\MSILEDKeeper_Host.job => C:\Program Files (x86)\MSI\MysticLight\LEDKeeper.exe Task: C:\WINDOWS\Tasks\MSISW_Host.job => C:\WINDOWS\SysWOW64\muachost.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip…\Interfaces{dc9db73c-9881-4d73-825e-f58976f52eab}: [DhcpNameServer] 192.168.1.1

Internet Explorer:

HKU\S-1-5-21-1607368136-3069782937-3934110308-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.es/ BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-27] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_221\bin\ssv.dll [2019-07-27] (Oracle America, Inc. -> Oracle Corporation) BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_221\bin\jp2ssv.dll [2019-07-27] (Oracle America, Inc. -> Oracle Corporation)

FireFox:

FF DefaultProfile: o6ledg3w.default FF ProfilePath: C:\Users\Edu\AppData\Roaming\Mozilla\Firefox\Profiles\o6ledg3w.default [2019-12-09] FF Notifications: Mozilla\Firefox\Profiles\o6ledg3w.default -> hxxps://aternos.org; hxxps://web.telegram.org; hxxps://mail.google.com; hxxps://web.whatsapp.com FF Extension: (Dark-ish Rainbow) - C:\Users\Edu\AppData\Roaming\Mozilla\Firefox\Profiles\o6ledg3w.default\Extensions{21f69c5d-b9e1-470f-a890-74454e954eee}.xpi [2019-11-26] FF Extension: (Adblock Plus - bloqueador de anuncios gratis) - C:\Users\Edu\AppData\Roaming\Mozilla\Firefox\Profiles\o6ledg3w.default\Extensions{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2019-10-23] FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_293.dll [2019-11-14] (Adobe Inc. -> ) FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2019-09-27] (Adobe Inc. -> Adobe Systems) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_293.dll [2019-11-14] (Adobe Inc. -> ) FF Plugin-x32: @java.com/DTPlugin,version=11.221.2 -> C:\Program Files (x86)\Java\jre1.8.0_221\bin\dtplugin\npDeployJava1.dll [2019-07-27] (Oracle America, Inc. -> Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.221.2 -> C:\Program Files (x86)\Java\jre1.8.0_221\bin\plugin2\npjp2.dll [2019-07-27] (Oracle America, Inc. -> Oracle Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.35.342\npGoogleUpdate3.dll [2019-11-05] (Google Inc -> Google LLC) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.35.342\npGoogleUpdate3.dll [2019-11-05] (Google Inc -> Google LLC) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-10-11] (Adobe Inc. -> Adobe Systems Inc.) FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2019-09-27] (Adobe Inc. -> Adobe Systems)

Chrome:

CHR HomePage: Default -> hxxps://www.google.com/ CHR StartupUrls: Default -> “hxxp://google.com/”,“hxxps://www.google.es/webhp?sourceid=chrome-instant&espv=210&ie=UTF-8”,“hxxps://www.google.com/”,“hxxp://es.msn.com/?pc=UP97&ocid=UP97DHP”,“hxxps://www.google.com/”,“hxxps://www.google.com/” CHR Notifications: Default -> hxxps://aternos.org; hxxps://mail.google.com CHR Profile: C:\Users\Edu\AppData\Local\Google\Chrome\User Data\Default [2019-12-08] CHR Extension: (Presentaciones) - C:\Users\Edu\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-12-24] CHR Extension: (Documentos) - C:\Users\Edu\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-12-25] CHR Extension: (Google Drive) - C:\Users\Edu\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-12-25] CHR Extension: (YouTube) - C:\Users\Edu\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-12-25] CHR Extension: (Honey) - C:\Users\Edu\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmnlcjabgnpnenekpadlanbbkooimhnj [2019-11-22] CHR Extension: (Adobe Acrobat) - C:\Users\Edu\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2019-09-30] CHR Extension: (Hojas de cálculo) - C:\Users\Edu\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-12-24] CHR Extension: (Avira Navegación segura) - C:\Users\Edu\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2019-12-05] CHR Extension: (Documentos de Google sin conexión) - C:\Users\Edu\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-12-25] CHR Extension: (AdBlock: el mejor bloqueador de anuncios) - C:\Users\Edu\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2019-12-06] CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Edu\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-04] CHR Extension: (Material Dark) - C:\Users\Edu\AppData\Local\Google\Chrome\User Data\Default\Extensions\npadhaijchjemiifipabpmeebeelbmpd [2018-12-25] CHR Extension: (DOLLARS) - C:\Users\Edu\AppData\Local\Google\Chrome\User Data\Default\Extensions\olhoeoklfihomklnhpinjdgokfcmakfp [2018-12-25] CHR Extension: (Gmail) - C:\Users\Edu\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-24] CHR Extension: (Chrome Media Router) - C:\Users\Edu\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-10-29] CHR HKLM-x32…\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [823352 2019-09-27] (Adobe Inc. -> Adobe Inc.) R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3147344 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated) R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2914896 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated) S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6085360 2019-10-09] (AVAST Software s.r.o. -> AVAST Software) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [996880 2019-10-05] (AVAST Software s.r.o. -> AVAST Software) R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [57504 2019-10-05] (AVAST Software s.r.o. -> AVAST Software) S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8402648 2019-11-19] (BattlEye Innovations e.K. -> ) S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [781440 2018-12-09] (EasyAntiCheat Oy -> EasyAntiCheat Ltd) R2 ICEsoundService; C:\WINDOWS\system32\ICEsoundService64.exe [483816 2018-04-01] (ICEpower a/s -> ICEpower a/s) R2 LGHUBUpdaterService; C:\Program Files\LGHUB/lghub_updater.exe [9839752 2019-12-05] (Logitech Inc -> Logitech, Inc.) R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6960640 2019-11-21] (Malwarebytes Inc -> Malwarebytes) R2 MDM; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [335872 2006-10-26] (Microsoft Corporation) [File not signed] R2 MSIREGISTER_MR; C:\MSI\MSIRegister\MSIRegisterService.exe [128976 2017-07-11] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT’L CO., LTD.) S2 MysticLight2_Service; C:\Program Files (x86)\MSI\MysticLight\MysticLight2_Service.exe [34488 2018-09-26] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int’l Co., Ltd.) R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-09-27] (NVIDIA Corporation -> NVIDIA Corporation) S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-09-27] (NVIDIA Corporation -> NVIDIA Corporation) S3 Origin Client Service; E:\Program Files (x86)\Origin\OriginClientService.exe [2425136 2019-11-12] (Electronic Arts, Inc. -> Electronic Arts) R2 Origin Web Helper Service; E:\Program Files (x86)\Origin\OriginWebHelperService.exe [3303736 2019-11-12] (Electronic Arts, Inc. -> Electronic Arts) R2 Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [745664 2016-01-11] (@ByELDI -> @ByELDI) [File not signed] S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1908.7-0\NisSrv.exe [3630832 2019-09-26] (Microsoft Windows Publisher -> Microsoft Corporation) S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1908.7-0\MsMpEng.exe [103168 2019-09-26] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WTabletServicePro; C:\Program Files\Tablet\Wacom\WTabletServicePro.exe [2258888 2018-12-19] (Wacom Technology Corporation -> Wacom Technology, Corp.) R2 NVDisplay.ContainerLocalSystem; “C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe” -s NVDisplay.ContainerLocalSystem -f “C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log” -l 3 -d “C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem” -r -p 30000

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 amdgpio2; C:\WINDOWS\System32\drivers\amdgpio2.sys [45832 2019-10-01] (Advanced Micro Devices INC. -> Advanced Micro Devices, Inc) R3 amdgpio3; C:\WINDOWS\System32\drivers\amdgpio3.sys [33144 2017-10-16] (AMD PMP-PE CB Code Signer v20160415 -> Advanced Micro Devices, Inc) R3 AMDPCIDev; C:\WINDOWS\System32\drivers\AMDPCIDev.sys [31592 2018-04-25] (Advanced Micro Devices Inc. -> Advanced Micro Devices) R0 amdpsp; C:\WINDOWS\System32\drivers\amdpsp.sys [137104 2017-11-07] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc. ) R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [37616 2019-10-05] (AVAST Software s.r.o. -> AVAST Software) R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [204824 2019-10-05] (AVAST Software s.r.o. -> AVAST Software) R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [274456 2019-10-05] (AVAST Software s.r.o. -> AVAST Software) R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [209552 2019-10-05] (AVAST Software s.r.o. -> AVAST Software) R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [65120 2019-10-05] (AVAST Software s.r.o. -> AVAST Software) R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [16304 2019-10-05] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software) R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42736 2019-10-05] (AVAST Software s.r.o. -> AVAST Software) R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [161544 2019-11-02] (AVAST Software s.r.o. -> AVAST Software) R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [110320 2019-10-05] (AVAST Software s.r.o. -> AVAST Software) R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [83792 2019-10-05] (AVAST Software s.r.o. -> AVAST Software) R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [848432 2019-10-05] (AVAST Software s.r.o. -> AVAST Software) R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [460448 2019-10-05] (AVAST Software s.r.o. -> AVAST Software) S2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [236024 2019-10-05] (AVAST Software s.r.o. -> AVAST Software) R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [316528 2019-10-05] (AVAST Software s.r.o. -> AVAST Software) R3 gdrv2; C:\Windows\gdrv2.sys [32720 2018-12-24] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.) R2 GLCKIO2; C:\Program Files (x86)\GIGABYTE\RGBFusion\GLCKIO2.sys [19392 2018-03-08] (ASUSTeK Computer Inc. -> ) R2 LGHUBTemperatureService; C:\ProgramData\LGHUB\depots\32197\driver_cpu_temperature\logi_core_temp.sys [25448 2019-12-05] (Logitech Inc. -> Logitech) R3 logi_joy_bus_enum; C:\WINDOWS\system32\drivers\logi_joy_bus_enum.sys [38136 2019-12-05] (Logitech Inc -> Logitech) R3 logi_joy_vir_hid; C:\WINDOWS\system32\drivers\logi_joy_vir_hid.sys [20624 2019-12-05] (WDKTestCert sqa,131523902232810150 -> Logitech, Inc.) R3 logi_joy_xlcore; C:\WINDOWS\system32\drivers\logi_joy_xlcore.sys [66808 2019-12-05] (Logitech Inc -> Logitech) R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [216544 2019-12-03] (Malwarebytes Inc -> Malwarebytes) S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [20936 2019-11-21] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes) R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [278344 2019-12-03] (Malwarebytes Inc -> Malwarebytes) R3 NTIOLib_MysticLight; C:\Program Files (x86)\MSI\MysticLight\Lib\NTIOLib_X64.sys [14288 2017-07-10] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_eb2e336f678f7f83\nvlddmkm.sys [22744696 2019-12-03] (NVIDIA Corporation -> NVIDIA Corporation) S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30336 2019-07-23] (NVIDIA Corporation -> NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [69840 2019-03-19] (NVIDIA Corporation -> NVIDIA Corporation) R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [75600 2019-09-05] (NVIDIA Corporation -> NVIDIA Corporation) R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [1010648 2017-10-20] (Realtek Semiconductor Corp. -> Realtek ) R3 UcmCxUcsiNvppc; C:\WINDOWS\system32\DRIVERS\UcmCxUcsiNvppc.sys [715224 2019-09-05] (NVIDIA Corporation -> NVIDIA Corporation) S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [46472 2019-09-26] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [346336 2019-09-26] (Microsoft Windows -> Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [53984 2019-09-26] (Microsoft Windows -> Microsoft Corporation) S3 xhunter1; C:\WINDOWS\xhunter1.sys [74552 2019-08-13] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-12-09 16:10 - 2019-12-09 16:11 - 000000000 ____D C:\FRST 2019-12-08 12:22 - 2019-12-08 12:22 - 000000000 ____D C:\WINDOWS\LastGood 2019-12-08 12:21 - 2019-12-03 21:36 - 001073872 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll 2019-12-08 12:21 - 2019-12-03 21:36 - 001073872 _____ C:\WINDOWS\system32\vulkan-1.dll 2019-12-08 12:21 - 2019-12-03 21:36 - 000931536 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll 2019-12-08 12:21 - 2019-12-03 21:36 - 000931536 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll 2019-12-08 12:21 - 2019-12-03 21:36 - 000848592 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe 2019-12-08 12:21 - 2019-12-03 21:36 - 000848592 _____ C:\WINDOWS\system32\vulkaninfo.exe 2019-12-08 12:21 - 2019-12-03 21:36 - 000706256 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe 2019-12-08 12:21 - 2019-12-03 21:36 - 000706256 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe 2019-12-08 12:21 - 2019-12-03 21:36 - 000450976 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll 2019-12-08 12:21 - 2019-12-03 21:36 - 000352512 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll 2019-12-08 12:21 - 2019-12-03 21:35 - 011842976 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll 2019-12-08 12:21 - 2019-12-03 21:35 - 010167216 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll 2019-12-08 12:21 - 2019-12-03 21:35 - 000825928 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmcumd.dll 2019-12-08 12:21 - 2019-12-03 21:35 - 000676824 _____ C:\WINDOWS\system32\nvofapi64.dll 2019-12-08 12:21 - 2019-12-03 21:35 - 000544728 _____ C:\WINDOWS\SysWOW64\nvofapi.dll 2019-12-08 12:21 - 2019-12-03 21:34 - 040511064 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll 2019-12-08 12:21 - 2019-12-03 21:34 - 035380104 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll 2019-12-08 12:21 - 2019-12-03 21:34 - 017458824 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll 2019-12-08 12:21 - 2019-12-03 21:34 - 005380744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll 2019-12-08 12:21 - 2019-12-03 21:34 - 004716176 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll 2019-12-08 12:21 - 2019-12-03 21:34 - 002074736 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll 2019-12-08 12:21 - 2019-12-03 21:34 - 001729520 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6444141.dll 2019-12-08 12:21 - 2019-12-03 21:34 - 001567688 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll 2019-12-08 12:21 - 2019-12-03 21:34 - 001491544 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6444141.dll 2019-12-08 12:21 - 2019-12-03 21:34 - 001482408 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll 2019-12-08 12:21 - 2019-12-03 21:34 - 001370280 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll 2019-12-08 12:21 - 2019-12-03 21:34 - 001144944 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll 2019-12-08 12:21 - 2019-12-03 21:34 - 001064408 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll 2019-12-08 12:21 - 2019-12-03 21:34 - 000813656 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll 2019-12-08 12:21 - 2019-12-03 21:34 - 000685800 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll 2019-12-08 12:21 - 2019-12-03 21:34 - 000556680 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll 2019-12-06 01:51 - 2019-12-06 13:00 - 000000000 ____D C:\Program Files\Mozilla Firefox 2019-12-05 17:06 - 2019-12-05 17:06 - 000142117 _____ C:\Users\Edu\Documents\PLANTILLA CARTA PNG.xcf 2019-12-05 17:06 - 2019-12-05 17:06 - 000018543 _____ C:\Users\Edu\AppData\Local\recently-used.xbel 2019-12-05 16:58 - 2019-12-05 16:58 - 000338612 _____ C:\Users\Edu\Documents\PLANTILLA BUENA.xcf 2019-12-05 12:29 - 2019-12-05 12:29 - 000000699 _____ C:\Users\Public\Desktop\PaintTool SAI Ver.1.lnk 2019-12-05 12:29 - 2019-12-05 12:29 - 000000699 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PaintTool SAI Ver.1.lnk 2019-12-05 11:30 - 2019-12-06 01:57 - 000000000 ____D C:\Users\Edu\AppData\Local\LGHUB 2019-12-05 11:30 - 2019-12-05 11:56 - 000000000 ____D C:\Users\Edu\AppData\Roaming\LGHUB 2019-12-05 11:30 - 2019-12-05 11:30 - 000000726 _____ C:\Users\Public\Desktop\Logitech G HUB.lnk 2019-12-05 11:30 - 2019-12-05 11:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logi 2019-12-05 11:30 - 2019-12-05 11:30 - 000000000 ____D C:\Program Files\LGHUB 2019-12-05 11:29 - 2019-12-05 11:30 - 000000000 ____D C:\ProgramData\LGHUB 2019-12-05 11:29 - 2019-12-05 11:29 - 000066808 _____ (Logitech) C:\WINDOWS\system32\Drivers\logi_joy_xlcore.sys 2019-12-05 11:29 - 2019-12-05 11:29 - 000038136 _____ (Logitech) C:\WINDOWS\system32\Drivers\logi_joy_bus_enum.sys 2019-12-05 11:29 - 2019-12-05 11:29 - 000020624 _____ (Logitech, Inc.) C:\WINDOWS\system32\Drivers\logi_joy_vir_hid.sys 2019-12-04 23:16 - 2019-12-04 23:16 - 000000000 ____D C:\Users\Edu\AppData\Local\EpicGamesLauncher 2019-12-04 23:16 - 2019-12-04 23:16 - 000000000 ____D C:\Users\Edu\AppData\Local\CrashReportClient 2019-12-03 21:44 - 2019-12-03 21:44 - 000278344 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys 2019-12-03 21:44 - 2019-12-03 21:44 - 000216544 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys 2019-12-02 13:05 - 2019-12-09 13:29 - 000000000 ____D C:\Users\Edu\Desktop\memÉ 2019-12-02 13:04 - 2019-12-05 17:05 - 000000000 ____D C:\Users\Edu\AppData\Local\gtk-2.0 2019-12-02 12:56 - 2019-12-02 12:56 - 000000000 ____D C:\Users\Edu\AppData\Roaming\GIMP 2019-12-02 12:56 - 2019-12-02 12:56 - 000000000 ____D C:\Users\Edu\AppData\Local\GIMP 2019-12-02 12:56 - 2019-12-02 12:56 - 000000000 ____D C:\Users\Edu\AppData\Local\gegl-0.4 2019-12-02 12:56 - 2019-12-02 12:56 - 000000000 ____D C:\Users\Edu\AppData\Local\babl-0.1 2019-12-02 12:51 - 2019-12-02 12:51 - 000000831 _____ C:\Users\Public\Desktop\GIMP 2.10.12.lnk 2019-12-02 12:51 - 2019-12-02 12:51 - 000000831 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.10.12.lnk 2019-12-02 12:24 - 2019-12-02 12:24 - 000000000 ___HD C:\OneDriveTemp 2019-11-30 22:06 - 2019-11-30 22:06 - 000000738 _____ C:\Users\Edu\Desktop\Limbo.lnk 2019-11-30 22:06 - 2019-11-30 22:06 - 000000000 ____D C:\Users\Edu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Limbo Full 2019-11-26 18:38 - 2019-11-26 18:38 - 000000000 ____D C:\Users\Edu\AppData\Local\SwGame 2019-11-26 18:17 - 2019-11-26 18:17 - 000001176 _____ C:\Users\Edu\Desktop\Star Wars Jedi Fallen Order.lnk 2019-11-26 18:17 - 2019-11-26 18:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Star Wars Jedi Fallen Order 2019-11-26 16:15 - 2019-11-26 17:01 - 000000000 ____D C:\Users\Edu\Downloads\Star.Wars.Jedi.Fallen.Order-CODEX 2019-11-23 23:28 - 2019-11-23 23:32 - 000000000 ____D C:\Users\Edu\Documents\MEGAsync Downloads 2019-11-23 23:28 - 2019-11-23 23:28 - 000000000 ___RD C:\Users\Edu\Documents\MEGA 2019-11-23 23:26 - 2019-11-23 23:26 - 000000799 _____ C:\Users\Public\Desktop\MEGAsync.lnk 2019-11-23 23:26 - 2019-11-23 23:26 - 000000000 ____D C:\WINDOWS\system32\Tasks\MEGA 2019-11-23 23:26 - 2019-11-23 23:26 - 000000000 ____D C:\Users\Edu\AppData\Local\Mega Limited 2019-11-23 23:26 - 2019-11-23 23:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MEGAsync 2019-11-23 23:26 - 2019-11-23 23:26 - 000000000 ____D C:\ProgramData\MEGAsync 2019-11-22 13:42 - 2019-11-22 13:42 - 000003422 _____ C:\WINDOWS\system32\cc3_20191122_134221.reg 2019-11-22 13:42 - 2019-11-22 13:42 - 000001060 _____ C:\WINDOWS\system32\cc4_20191122_134241.reg 2019-11-22 13:41 - 2019-11-22 13:42 - 000023522 _____ C:\WINDOWS\system32\cc2_20191122_134151.reg 2019-11-22 13:41 - 2019-11-22 13:41 - 000354252 _____ C:\WINDOWS\system32\cc_20191122_134119.reg 2019-11-22 13:36 - 2019-11-22 13:44 - 000000000 ____D C:\Users\Edu\Desktop\posible virus 2019-11-22 07:51 - 2019-11-22 07:51 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update 2019-11-22 07:51 - 2019-11-22 07:51 - 000002884 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC 2019-11-22 07:51 - 2019-11-22 07:51 - 000000863 _____ C:\Users\Public\Desktop\CCleaner.lnk 2019-11-22 07:51 - 2019-11-22 07:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner 2019-11-22 07:51 - 2019-11-22 07:51 - 000000000 ____D C:\Program Files\CCleaner 2019-11-22 07:48 - 2019-11-22 13:34 - 000000000 ____D C:\AdwCleaner 2019-11-21 12:38 - 2019-11-21 12:38 - 000000026 _____ C:\Users\Edu\Desktop\AYUNTAMIENTO EMPADRONAMIENTO.txt 2019-11-21 11:33 - 2019-11-21 11:33 - 000000000 ____D C:\Users\Edu\AppData\Local\cache 2019-11-21 11:12 - 2019-11-21 11:12 - 000001314 _____ C:\Users\Edu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\yuzu Maintenance Tool.lnk 2019-11-21 11:12 - 2019-11-21 11:12 - 000001170 _____ C:\Users\Edu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\yuzu.lnk 2019-11-21 11:11 - 2019-11-21 11:11 - 000000000 ____D C:\Users\Edu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Citra 2019-11-19 09:13 - 2019-11-19 09:13 - 000000000 ____D C:\WINDOWS\LastGood.Tmp 2019-11-19 09:12 - 2019-12-03 21:34 - 015027776 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll 2019-11-19 09:12 - 2019-12-03 21:34 - 000659088 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll 2019-11-19 09:12 - 2019-11-08 11:06 - 000659544 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\SET9F98.tmp 2019-11-19 09:12 - 2019-11-08 11:05 - 015026944 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\SETA2BA.tmp 2019-11-17 13:24 - 2019-11-17 13:24 - 000000401 _____ C:\Users\Edu\Desktop\ENTRENE.txt 2019-11-14 07:00 - 2019-11-14 07:00 - 025444352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll 2019-11-14 07:00 - 2019-11-14 07:00 - 019849216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll 2019-11-14 07:00 - 2019-11-14 07:00 - 018020352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2019-11-14 07:00 - 2019-11-14 07:00 - 009711616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll 2019-11-14 07:00 - 2019-11-14 07:00 - 008011264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll 2019-11-14 07:00 - 2019-11-14 07:00 - 007195648 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2019-11-14 07:00 - 2019-11-14 07:00 - 007015936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll 2019-11-14 07:00 - 2019-11-14 07:00 - 006232576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2019-11-14 07:00 - 2019-11-14 07:00 - 005914112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll 2019-11-14 07:00 - 2019-11-14 07:00 - 005501952 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll 2019-11-14 07:00 - 2019-11-14 07:00 - 004578816 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll 2019-11-14 07:00 - 2019-11-14 07:00 - 004307968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll 2019-11-14 07:00 - 2019-11-14 07:00 - 004129408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll 2019-11-14 07:00 - 2019-11-14 07:00 - 003487232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll 2019-11-14 07:00 - 2019-11-14 07:00 - 002956472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll 2019-11-14 07:00 - 2019-11-14 07:00 - 002399232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcGenral.dll 2019-11-14 07:00 - 2019-11-14 07:00 - 001866272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll

2019-11-14 07:00 - 2019-11-14 07:00 - 001610752 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll 2019-11-14 07:00 - 2019-11-14 07:00 - 001312256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll 2019-11-14 07:00 - 2019-11-14 07:00 - 001098712 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll 2019-11-14 07:00 - 2019-11-14 07:00 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll 2019-11-14 07:00 - 2019-11-14 07:00 - 000689664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll 2019-11-14 07:00 - 2019-11-14 07:00 - 000516544 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll 2019-11-14 07:00 - 2019-11-14 07:00 - 000431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BioFeedback.dll 2019-11-14 07:00 - 2019-11-14 07:00 - 000429568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll 2019-11-14 07:00 - 2019-11-14 07:00 - 000380928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcLayers.dll 2019-11-14 07:00 - 2019-11-14 07:00 - 000358400 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcGenral.dll 2019-11-14 07:00 - 2019-11-14 07:00 - 000327680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\upnphost.dll 2019-11-14 07:00 - 2019-11-14 07:00 - 000315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcLayers.dll 2019-11-14 07:00 - 2019-11-14 07:00 - 000249856 _____ (Gracenote, Inc.) C:\WINDOWS\SysWOW64\gnsdk_fp.dll 2019-11-14 07:00 - 2019-11-14 07:00 - 000219136 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscinterop.dll 2019-11-14 07:00 - 2019-11-14 07:00 - 000214528 _____ (Microsoft Corporation) C:\WINDOWS\system32\DiagSvc.dll 2019-11-14 07:00 - 2019-11-14 07:00 - 000186880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE 2019-11-14 07:00 - 2019-11-14 07:00 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IndexedDbLegacy.dll 2019-11-14 07:00 - 2019-11-14 07:00 - 000164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscinterop.dll 2019-11-14 07:00 - 2019-11-14 07:00 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll 2019-11-14 07:00 - 2019-11-14 07:00 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll 2019-11-14 07:00 - 2019-11-14 07:00 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll 2019-11-14 07:00 - 2019-11-14 07:00 - 000090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll 2019-11-14 07:00 - 2019-11-14 07:00 - 000086528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcXtrnal.dll 2019-11-14 07:00 - 2019-11-14 07:00 - 000083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl 2019-11-14 07:00 - 2019-11-14 07:00 - 000070144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll 2019-11-14 07:00 - 2019-11-14 07:00 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl 2019-11-14 07:00 - 2019-11-14 07:00 - 000065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll 2019-11-14 07:00 - 2019-11-14 07:00 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iemigplugin.dll 2019-11-14 07:00 - 2019-11-14 07:00 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\reg.exe 2019-11-14 07:00 - 2019-11-14 07:00 - 000058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\udhisapi.dll 2019-11-14 07:00 - 2019-11-14 07:00 - 000035328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\upnpcont.exe 2019-11-14 07:00 - 2019-11-14 07:00 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msimsg.dll 2019-11-14 07:00 - 2019-11-14 07:00 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimsg.dll 2019-11-14 07:00 - 2019-11-14 07:00 - 000015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcXtrnal.dll 2019-11-14 07:00 - 2019-11-14 07:00 - 000009216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spwmp.dll 2019-11-14 07:00 - 2019-11-14 07:00 - 000005632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdxm.ocx 2019-11-14 07:00 - 2019-11-14 07:00 - 000005632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxmasf.dll 2019-11-14 07:00 - 2019-11-14 07:00 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmploc.DLL 2019-11-14 06:59 - 2019-11-14 06:59 - 025901056 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll 2019-11-14 06:59 - 2019-11-14 06:59 - 022627840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2019-11-14 06:59 - 2019-11-14 06:59 - 014816256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll 2019-11-14 06:59 - 2019-11-14 06:59 - 007754240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll 2019-11-14 06:59 - 2019-11-14 06:59 - 006521768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll 2019-11-14 06:59 - 2019-11-14 06:59 - 006082808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll 2019-11-14 06:59 - 2019-11-14 06:59 - 005943296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll 2019-11-14 06:59 - 2019-11-14 06:59 - 005763848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll 2019-11-14 06:59 - 2019-11-14 06:59 - 005112320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll 2019-11-14 06:59 - 2019-11-14 06:59 - 004150272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AI.MachineLearning.dll 2019-11-14 06:59 - 2019-11-14 06:59 - 003967920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe 2019-11-14 06:59 - 2019-11-14 06:59 - 003752960 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll 2019-11-14 06:59 - 2019-11-14 06:59 - 003742544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneCoreUAPCommonProxyStub.dll 2019-11-14 06:59 - 2019-11-14 06:59 - 002800640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys 2019-11-14 06:59 - 2019-11-14 06:59 - 002586816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll 2019-11-14 06:59 - 2019-11-14 06:59 - 002576384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll 2019-11-14 06:59 - 2019-11-14 06:59 - 002562048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll 2019-11-14 06:59 - 2019-11-14 06:59 - 002305536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll 2019-11-14 06:59 - 2019-11-14 06:59 - 002258848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2019-11-14 06:59 - 2019-11-14 06:59 - 001916984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll 2019-11-14 06:59 - 2019-11-14 06:59 - 001691648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2019-11-14 06:59 - 2019-11-14 06:59 - 001664688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll 2019-11-14 06:59 - 2019-11-14 06:59 - 001413864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll 2019-11-14 06:59 - 2019-11-14 06:59 - 001399096 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe 2019-11-14 06:59 - 2019-11-14 06:59 - 001348096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll 2019-11-14 06:59 - 2019-11-14 06:59 - 001283072 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll 2019-11-14 06:59 - 2019-11-14 06:59 - 001189376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Graphics.Display.DisplayEnhancementService.dll 2019-11-14 06:59 - 2019-11-14 06:59 - 001154656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll 2019-11-14 06:59 - 2019-11-14 06:59 - 001072952 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe 2019-11-14 06:59 - 2019-11-14 06:59 - 001059840 _____ (Microsoft Corporation) C:\WINDOWS\HelpPane.exe 2019-11-14 06:59 - 2019-11-14 06:59 - 001017680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll 2019-11-14 06:59 - 2019-11-14 06:59 - 001007616 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll 2019-11-14 06:59 - 2019-11-14 06:59 - 000892696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll 2019-11-14 06:59 - 2019-11-14 06:59 - 000842752 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll 2019-11-14 06:59 - 2019-11-14 06:59 - 000832000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll 2019-11-14 06:59 - 2019-11-14 06:59 - 000822072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll 2019-11-14 06:59 - 2019-11-14 06:59 - 000774456 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe 2019-11-14 06:59 - 2019-11-14 06:59 - 000768528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll 2019-11-14 06:59 - 2019-11-14 06:59 - 000768488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll 2019-11-14 06:59 - 2019-11-14 06:59 - 000700416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BTAGService.dll 2019-11-14 06:59 - 2019-11-14 06:59 - 000679152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll 2019-11-14 06:59 - 2019-11-14 06:59 - 000673664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe 2019-11-14 06:59 - 2019-11-14 06:59 - 000669696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe 2019-11-14 06:59 - 2019-11-14 06:59 - 000669352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll 2019-11-14 06:59 - 2019-11-14 06:59 - 000663552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll 2019-11-14 06:59 - 2019-11-14 06:59 - 000632320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll 2019-11-14 06:59 - 2019-11-14 06:59 - 000599552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll 2019-11-14 06:59 - 2019-11-14 06:59 - 000595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll 2019-11-14 06:59 - 2019-11-14 06:59 - 000532480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll 2019-11-14 06:59 - 2019-11-14 06:59 - 000496640 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll 2019-11-14 06:59 - 2019-11-14 06:59 - 000487424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.FileExplorer.dll 2019-11-14 06:59 - 2019-11-14 06:59 - 000477184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uxtheme.dll 2019-11-14 06:59 - 2019-11-14 06:59 - 000469504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webio.dll 2019-11-14 06:59 - 2019-11-14 06:59 - 000455168 _____ (Microsoft Corporation) C:\WINDOWS\system32\upnphost.dll 2019-11-14 06:59 - 2019-11-14 06:59 - 000453632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll 2019-11-14 06:59 - 2019-11-14 06:59 - 000452920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe 2019-11-14 06:59 - 2019-11-14 06:59 - 000415544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll 2019-11-14 06:59 - 2019-11-14 06:59 - 000404904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll 2019-11-14 06:59 - 2019-11-14 06:59 - 000382976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll 2019-11-14 06:59 - 2019-11-14 06:59 - 000380944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll 2019-11-14 06:59 - 2019-11-14 06:59 - 000375720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll 2019-11-14 06:59 - 2019-11-14 06:59 - 000354816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Magnify.exe 2019-11-14 06:59 - 2019-11-14 06:59 - 000336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe 2019-11-14 06:59 - 2019-11-14 06:59 - 000332288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wldap32.dll 2019-11-14 06:59 - 2019-11-14 06:59 - 000327680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll 2019-11-14 06:59 - 2019-11-14 06:59 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys 2019-11-14 06:59 - 2019-11-14 06:59 - 000307712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll 2019-11-14 06:59 - 2019-11-14 06:59 - 000299520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll 2019-11-14 06:59 - 2019-11-14 06:59 - 000283136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll 2019-11-14 06:59 - 2019-11-14 06:59 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll 2019-11-14 06:59 - 2019-11-14 06:59 - 000251512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscapi.dll 2019-11-14 06:59 - 2019-11-14 06:59 - 000236032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptui.dll 2019-11-14 06:59 - 2019-11-14 06:59 - 000236032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cmd.exe 2019-11-14 06:59 - 2019-11-14 06:59 - 000227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\IndexedDbLegacy.dll 2019-11-14 06:59 - 2019-11-14 06:59 - 000224768 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE 2019-11-14 06:59 - 2019-11-14 06:59 - 000211968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFilterHost.exe 2019-11-14 06:59 - 2019-11-14 06:59 - 000199680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\accessibilitycpl.dll 2019-11-14 06:59 - 2019-11-14 06:59 - 000199480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe 2019-11-14 06:59 - 2019-11-14 06:59 - 000193800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\weretw.dll 2019-11-14 06:59 - 2019-11-14 06:59 - 000189440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fwpolicyiomgr.dll 2019-11-14 06:59 - 2019-11-14 06:59 - 000162816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincredui.dll 2019-11-14 06:59 - 2019-11-14 06:59 - 000160768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll 2019-11-14 06:59 - 2019-11-14 06:59 - 000157184 _____ (Microsoft Corporation) C:\WINDOWS\system32\RMapi.dll 2019-11-14 06:59 - 2019-11-14 06:59 - 000150528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmvdsitf.dll 2019-11-14 06:59 - 2019-11-14 06:59 - 000143872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SpatialAudioLicenseSrv.exe 2019-11-14 06:59 - 2019-11-14 06:59 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll 2019-11-14 06:59 - 2019-11-14 06:59 - 000136536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\omadmapi.dll 2019-11-14 06:59 - 2019-11-14 06:59 - 000131584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fwbase.dll 2019-11-14 06:59 - 2019-11-14 06:59 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tunnel.sys 2019-11-14 06:59 - 2019-11-14 06:59 - 000126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinHvPlatform.dll 2019-11-14 06:59 - 2019-11-14 06:59 - 000122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll 2019-11-14 06:59 - 2019-11-14 06:59 - 000113152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssitlb.dll 2019-11-14 06:59 - 2019-11-14 06:59 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll 2019-11-14 06:59 - 2019-11-14 06:59 - 000094720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Utilman.exe 2019-11-14 06:59 - 2019-11-14 06:59 - 000093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EaseOfAccessDialog.exe 2019-11-14 06:59 - 2019-11-14 06:59 - 000093496 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll 2019-11-14 06:59 - 2019-11-14 06:59 - 000089568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll 2019-11-14 06:59 - 2019-11-14 06:59 - 000084488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winhvr.sys 2019-11-14 06:59 - 2019-11-14 06:59 - 000084488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys 2019-11-14 06:59 - 2019-11-14 06:59 - 000081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dtdump.exe 2019-11-14 06:59 - 2019-11-14 06:59 - 000079360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sethc.exe 2019-11-14 06:59 - 2019-11-14 06:59 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usp10.dll 2019-11-14 06:59 - 2019-11-14 06:59 - 000074240 _____ (Microsoft Corporation) C:\WINDOWS\system32\reg.exe 2019-11-14 06:59 - 2019-11-14 06:59 - 000073024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll 2019-11-14 06:59 - 2019-11-14 06:59 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\udhisapi.dll 2019-11-14 06:59 - 2019-11-14 06:59 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AtBroker.exe 2019-11-14 06:59 - 2019-11-14 06:59 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ApiSetHost.AppExecutionAlias.dll 2019-11-14 06:59 - 2019-11-14 06:59 - 000061240 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvhostsvc.dll 2019-11-14 06:59 - 2019-11-14 06:59 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssprxy.dll 2019-11-14 06:59 - 2019-11-14 06:59 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msscntrs.dll 2019-11-14 06:59 - 2019-11-14 06:59 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\upnpcont.exe 2019-11-14 06:59 - 2019-11-14 06:59 - 000039936 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll 2019-11-14 06:59 - 2019-11-14 06:59 - 000038912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werdiagcontroller.dll 2019-11-14 06:59 - 2019-11-14 06:59 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe 2019-11-14 06:59 - 2019-11-14 06:59 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\posetup.dll 2019-11-14 06:59 - 2019-11-14 06:59 - 000021304 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdhvcom.dll 2019-11-14 06:59 - 2019-11-14 06:59 - 000018944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wfapigp.dll 2019-11-14 06:59 - 2019-11-14 06:59 - 000013824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDJPN.DLL 2019-11-14 06:59 - 2019-11-14 06:59 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dciman32.dll 2019-11-14 06:59 - 2019-11-14 06:59 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kbd106.dll 2019-11-14 06:59 - 2019-11-14 06:59 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll 2019-11-14 06:59 - 2019-11-14 06:59 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\lpk.dll 2019-11-14 06:58 - 2019-11-14 06:58 - 009928208 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2019-11-14 06:58 - 2019-11-14 06:58 - 007904152 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll 2019-11-14 06:58 - 2019-11-14 06:58 - 007600448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll 2019-11-14 06:58 - 2019-11-14 06:58 - 007262456 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll 2019-11-14 06:58 - 2019-11-14 06:58 - 006435840 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll 2019-11-14 06:58 - 2019-11-14 06:58 - 006166016 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll 2019-11-14 06:58 - 2019-11-14 06:58 - 004140544 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll 2019-11-14 06:58 - 2019-11-14 06:58 - 004047360 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll 2019-11-14 06:58 - 2019-11-14 06:58 - 004005888 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll 2019-11-14 06:58 - 2019-11-14 06:58 - 003791360 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll 2019-11-14 06:58 - 2019-11-14 06:58 - 003728384 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys 2019-11-14 06:58 - 2019-11-14 06:58 - 003387392 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll 2019-11-14 06:58 - 2019-11-14 06:58 - 003371928 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll 2019-11-14 06:58 - 2019-11-14 06:58 - 003263488 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll 2019-11-14 06:58 - 2019-11-14 06:58 - 003084800 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll 2019-11-14 06:58 - 2019-11-14 06:58 - 002988344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys 2019-11-14 06:58 - 2019-11-14 06:58 - 002871848 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe 2019-11-14 06:58 - 2019-11-14 06:58 - 002870784 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll 2019-11-14 06:58 - 2019-11-14 06:58 - 002772272 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2019-11-14 06:58 - 2019-11-14 06:58 - 002763016 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll 2019-11-14 06:58 - 2019-11-14 06:58 - 002703872 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll 2019-11-14 06:58 - 2019-11-14 06:58 - 002698768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys 2019-11-14 06:58 - 2019-11-14 06:58 - 002081976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll 2019-11-14 06:58 - 2019-11-14 06:58 - 001974824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refs.sys 2019-11-14 06:58 - 2019-11-14 06:58 - 001920512 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll 2019-11-14 06:58 - 2019-11-14 06:58 - 001856512 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2019-11-14 06:58 - 2019-11-14 06:58 - 001757096 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi 2019-11-14 06:58 - 2019-11-14 06:58 - 001743888 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll 2019-11-14 06:58 - 2019-11-14 06:58 - 001726480 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll 2019-11-14 06:58 - 2019-11-14 06:58 - 001656392 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll 2019-11-14 06:58 - 2019-11-14 06:58 - 001647064 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll 2019-11-14 06:58 - 2019-11-14 06:58 - 001451520 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocoreworker.exe 2019-11-14 06:58 - 2019-11-14 06:58 - 001394168 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll 2019-11-14 06:58 - 2019-11-14 06:58 - 001327064 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll 2019-11-14 06:58 - 2019-11-14 06:58 - 001257472 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll 2019-11-14 06:58 - 2019-11-14 06:58 - 001171704 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll 2019-11-14 06:58 - 2019-11-14 06:58 - 001069064 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll 2019-11-14 06:58 - 2019-11-14 06:58 - 001066496 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll 2019-11-14 06:58 - 2019-11-14 06:58 - 001062912 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll 2019-11-14 06:58 - 2019-11-14 06:58 - 000982840 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll 2019-11-14 06:58 - 2019-11-14 06:58 - 000975872 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll 2019-11-14 06:58 - 2019-11-14 06:58 - 000911824 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll 2019-11-14 06:58 - 2019-11-14 06:58 - 000874936 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll 2019-11-14 06:58 - 2019-11-14 06:58 - 000864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll 2019-11-14 06:58 - 2019-11-14 06:58 - 000849920 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe 2019-11-14 06:58 - 2019-11-14 06:58 - 000844800 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe 2019-11-14 06:58 - 2019-11-14 06:58 - 000822200 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe 2019-11-14 06:58 - 2019-11-14 06:58 - 000811536 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll 2019-11-14 06:58 - 2019-11-14 06:58 - 000747320 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll 2019-11-14 06:58 - 2019-11-14 06:58 - 000649728 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicesFlowBroker.dll 2019-11-14 06:58 - 2019-11-14 06:58 - 000642560 _____ (Microsoft Corporation) C:\WINDOWS\system32\osk.exe 2019-11-14 06:58 - 2019-11-14 06:58 - 000638264 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll 2019-11-14 06:58 - 2019-11-14 06:58 - 000618496 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll 2019-11-14 06:58 - 2019-11-14 06:58 - 000606720 _____ (Microsoft Corporation) C:\WINDOWS\system32\uxtheme.dll 2019-11-14 06:58 - 2019-11-14 06:58 - 000604984 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll 2019-11-14 06:58 - 2019-11-14 06:58 - 000598528 _____ (Microsoft Corporation) C:\WINDOWS\system32\webio.dll 2019-11-14 06:58 - 2019-11-14 06:58 - 000598016 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe 2019-11-14 06:58 - 2019-11-14 06:58 - 000586768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys 2019-11-14 06:58 - 2019-11-14 06:58 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SppExtComObj.Exe 2019-11-14 06:58 - 2019-11-14 06:58 - 000563712 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnprv.dll 2019-11-14 06:58 - 2019-11-14 06:58 - 000552448 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll 2019-11-14 06:58 - 2019-11-14 06:58 - 000550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys 2019-11-14 06:58 - 2019-11-14 06:58 - 000530944 _____ (Microsoft Corporation) C:\WINDOWS\system32\usosvc.dll 2019-11-14 06:58 - 2019-11-14 06:58 - 000522176 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe 2019-11-14 06:58 - 2019-11-14 06:58 - 000517432 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe 2019-11-14 06:58 - 2019-11-14 06:58 - 000514576 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll 2019-11-14 06:58 - 2019-11-14 06:58 - 000513536 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe 2019-11-14 06:58 - 2019-11-14 06:58 - 000513336 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll 2019-11-14 06:58 - 2019-11-14 06:58 - 000510792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64win.dll 2019-11-14 06:58 - 2019-11-14 06:58 - 000492032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Narrator.exe 2019-11-14 06:58 - 2019-11-14 06:58 - 000491520 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll 2019-11-14 06:58 - 2019-11-14 06:58 - 000477712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS 2019-11-14 06:58 - 2019-11-14 06:58 - 000466928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll 2019-11-14 06:58 - 2019-11-14 06:58 - 000465208 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll 2019-11-14 06:58 - 2019-11-14 06:58 - 000461320 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll 2019-11-14 06:58 - 2019-11-14 06:58 - 000457216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cldflt.sys 2019-11-14 06:58 - 2019-11-14 06:58 - 000446464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Magnify.exe 2019-11-14 06:58 - 2019-11-14 06:58 - 000443904 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll 2019-11-14 06:58 - 2019-11-14 06:58 - 000435200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll 2019-11-14 06:58 - 2019-11-14 06:58 - 000401920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wldap32.dll 2019-11-14 06:58 - 2019-11-14 06:58 - 000401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe 2019-11-14 06:58 - 2019-11-14 06:58 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll 2019-11-14 06:58 - 2019-11-14 06:58 - 000381952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppLockerCSP.dll 2019-11-14 06:58 - 2019-11-14 06:58 - 000372752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msrpc.sys 2019-11-14 06:58 - 2019-11-14 06:58 - 000368128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll 2019-11-14 06:58 - 2019-11-14 06:58 - 000350720 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_SpeechPrivacy.dll 2019-11-14 06:58 - 2019-11-14 06:58 - 000324624 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll 2019-11-14 06:58 - 2019-11-14 06:58 - 000308736 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll 2019-11-14 06:58 - 2019-11-14 06:58 - 000283648 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptui.dll 2019-11-14 06:58 - 2019-11-14 06:58 - 000280064 _____ (Microsoft Corporation) C:\WINDOWS\system32\cmd.exe 2019-11-14 06:58 - 2019-11-14 06:58 - 000247856 _____ (Microsoft Corporation) C:\WINDOWS\system32\weretw.dll 2019-11-14 06:58 - 2019-11-14 06:58 - 000241152 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanagerprecheck.dll 2019-11-14 06:58 - 2019-11-14 06:58 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe 2019-11-14 06:58 - 2019-11-14 06:58 - 000237056 _____ (Microsoft Corporation) C:\WINDOWS\system32\accessibilitycpl.dll 2019-11-14 06:58 - 2019-11-14 06:58 - 000235008 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwpolicyiomgr.dll 2019-11-14 06:58 - 2019-11-14 06:58 - 000225280 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll 2019-11-14 06:58 - 2019-11-14 06:58 - 000220472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe 2019-11-14 06:58 - 2019-11-14 06:58 - 000206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincredui.dll 2019-11-14 06:58 - 2019-11-14 06:58 - 000204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll 2019-11-14 06:58 - 2019-11-14 06:58 - 000202552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys 2019-11-14 06:58 - 2019-11-14 06:58 - 000197632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Win32CompatibilityAppraiserCSP.dll 2019-11-14 06:58 - 2019-11-14 06:58 - 000164776 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmapi.dll 2019-11-14 06:58 - 2019-11-14 06:58 - 000164368 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe 2019-11-14 06:58 - 2019-11-14 06:58 - 000162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwbase.dll 2019-11-14 06:58 - 2019-11-14 06:58 - 000159232 _____ (Microsoft Corporation) C:\WINDOWS\system32\srpapi.dll 2019-11-14 06:58 - 2019-11-14 06:58 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll 2019-11-14 06:58 - 2019-11-14 06:58 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssitlb.dll 2019-11-14 06:58 - 2019-11-14 06:58 - 000127064 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll 2019-11-14 06:58 - 2019-11-14 06:58 - 000125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll 2019-11-14 06:58 - 2019-11-14 06:58 - 000118784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Utilman.exe 2019-11-14 06:58 - 2019-11-14 06:58 - 000118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\EaseOfAccessDialog.exe 2019-11-14 06:58 - 2019-11-14 06:58 - 000113160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mountmgr.sys 2019-11-14 06:58 - 2019-11-14 06:58 - 000111104 _____ (Microsoft Corporation) C:\WINDOWS\system32\AxInstSv.dll 2019-11-14 06:58 - 2019-11-14 06:58 - 000105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\utcutil.dll 2019-11-14 06:58 - 2019-11-14 06:58 - 000105488 _____ (Microsoft Corporation) C:\WINDOWS\system32\icfupgd.dll 2019-11-14 06:58 - 2019-11-14 06:58 - 000100352 _____ (Microsoft Corporation) C:\WINDOWS\system32\sethc.exe 2019-11-14 06:58 - 2019-11-14 06:58 - 000092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe 2019-11-14 06:58 - 2019-11-14 06:58 - 000086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AtBroker.exe 2019-11-14 06:58 - 2019-11-14 06:58 - 000079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\usp10.dll 2019-11-14 06:58 - 2019-11-14 06:58 - 000071480 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll 2019-11-14 06:58 - 2019-11-14 06:58 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcadm.dll 2019-11-14 06:58 - 2019-11-14 06:58 - 000061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\vss_ps.dll 2019-11-14 06:58 - 2019-11-14 06:58 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\msscntrs.dll 2019-11-14 06:58 - 2019-11-14 06:58 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AxInstUI.exe 2019-11-14 06:58 - 2019-11-14 06:58 - 000051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcalua.exe 2019-11-14 06:58 - 2019-11-14 06:58 - 000048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nsiproxy.sys 2019-11-14 06:58 - 2019-11-14 06:58 - 000047616 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll 2019-11-14 06:58 - 2019-11-14 06:58 - 000044544 _____ (Microsoft Corporation) C:\WINDOWS\system32\werdiagcontroller.dll 2019-11-14 06:58 - 2019-11-14 06:58 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe 2019-11-14 06:58 - 2019-11-14 06:58 - 000036368 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe 2019-11-14 06:58 - 2019-11-14 06:58 - 000034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\winnsi.dll 2019-11-14 06:58 - 2019-11-14 06:58 - 000030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\nsisvc.dll 2019-11-14 06:58 - 2019-11-14 06:58 - 000028344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winnsi.dll 2019-11-14 06:58 - 2019-11-14 06:58 - 000025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidtel.exe 2019-11-14 06:58 - 2019-11-14 06:58 - 000024792 _____ (Microsoft Corporation) C:\WINDOWS\system32\nsi.dll 2019-11-14 06:58 - 2019-11-14 06:58 - 000024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfapigp.dll 2019-11-14 06:58 - 2019-11-14 06:58 - 000020352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nsi.dll 2019-11-14 06:58 - 2019-11-14 06:58 - 000018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\applockerfltr.sys 2019-11-14 06:58 - 2019-11-14 06:58 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\dciman32.dll 2019-11-14 06:58 - 2019-11-14 06:58 - 000012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcaevts.dll 2019-11-14 06:58 - 2019-11-14 06:58 - 000012288 _____ (Microsoft Corporation) C:\WINDOWS\system32\pacjsworker.exe 2019-11-14 06:58 - 2019-11-14 06:58 - 000003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpk.dll 2019-11-14 06:58 - 2019-11-14 06:58 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll 2019-11-14 06:58 - 2019-11-14 06:58 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tier2punctuations.dll 2019-11-14 06:57 - 2019-11-14 06:57 - 017787904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll 2019-11-14 06:57 - 2019-11-14 06:57 - 007849424 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll 2019-11-14 06:57 - 2019-11-14 06:57 - 007278592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll 2019-11-14 06:57 - 2019-11-14 06:57 - 006227104 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll 2019-11-14 06:57 - 2019-11-14 06:57 - 005890048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AI.MachineLearning.dll 2019-11-14 06:57 - 2019-11-14 06:57 - 004615616 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe 2019-11-14 06:57 - 2019-11-14 06:57 - 003703296 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll 2019-11-14 06:57 - 2019-11-14 06:57 - 003591208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys 2019-11-14 06:57 - 2019-11-14 06:57 - 003105792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll 2019-11-14 06:57 - 2019-11-14 06:57 - 002716672 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys 2019-11-14 06:57 - 2019-11-14 06:57 - 002284032 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll 2019-11-14 06:57 - 2019-11-14 06:57 - 002126112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll 2019-11-14 06:57 - 2019-11-14 06:57 - 002120704 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcDesktopMonSvc.dll 2019-11-14 06:57 - 2019-11-14 06:57 - 002114048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll 2019-11-14 06:57 - 2019-11-14 06:57 - 001942528 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll 2019-11-14 06:57 - 2019-11-14 06:57 - 001748480 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll 2019-11-14 06:57 - 2019-11-14 06:57 - 001687040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll 2019-11-14 06:57 - 2019-11-14 06:57 - 001428992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys 2019-11-14 06:57 - 2019-11-14 06:57 - 001413912 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll 2019-11-14 06:57 - 2019-11-14 06:57 - 001259416 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe 2019-11-14 06:57 - 2019-11-14 06:57 - 001149712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe 2019-11-14 06:57 - 2019-11-14 06:57 - 001094656 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcRefreshTask.dll 2019-11-14 06:57 - 2019-11-14 06:57 - 001070080 _____ (Microsoft Corporation) C:\WINDOWS\system32\BTAGService.dll 2019-11-14 06:57 - 2019-11-14 06:57 - 001027000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll 2019-11-14 06:57 - 2019-11-14 06:57 - 000913920 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll 2019-11-14 06:57 - 2019-11-14 06:57 - 000874536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys 2019-11-14 06:57 - 2019-11-14 06:57 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Service.dll 2019-11-14 06:57 - 2019-11-14 06:57 - 000765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe 2019-11-14 06:57 - 2019-11-14 06:57 - 000750080 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll 2019-11-14 06:57 - 2019-11-14 06:57 - 000735744 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll 2019-11-14 06:57 - 2019-11-14 06:57 - 000708096 _____ (Microsoft Corporation) C:\WINDOWS\system32\agentactivationruntimewindows.dll 2019-11-14 06:57 - 2019-11-14 06:57 - 000704000 _____ (Microsoft Corporation) C:\WINDOWS\system32\agentactivationruntime.dll 2019-11-14 06:57 - 2019-11-14 06:57 - 000657424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys 2019-11-14 06:57 - 2019-11-14 06:57 - 000644096 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpsvc.dll 2019-11-14 06:57 - 2019-11-14 06:57 - 000589592 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe 2019-11-14 06:57 - 2019-11-14 06:57 - 000551736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Vid.sys 2019-11-14 06:57 - 2019-11-14 06:57 - 000534528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.UserService.dll 2019-11-14 06:57 - 2019-11-14 06:57 - 000524800 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpusersvc.dll 2019-11-14 06:57 - 2019-11-14 06:57 - 000456192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.ConversationalAgent.dll 2019-11-14 06:57 - 2019-11-14 06:57 - 000441144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys 2019-11-14 06:57 - 2019-11-14 06:57 - 000416016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll 2019-11-14 06:57 - 2019-11-14 06:57 - 000359424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\MbbCx.sys 2019-11-14 06:57 - 2019-11-14 06:57 - 000322504 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll 2019-11-14 06:57 - 2019-11-14 06:57 - 000292664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys 2019-11-14 06:57 - 2019-11-14 06:57 - 000291256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscapi.dll 2019-11-14 06:57 - 2019-11-14 06:57 - 000278016 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcTok.exe 2019-11-14 06:57 - 2019-11-14 06:57 - 000277504 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_CapabilityAccess.dll 2019-11-14 06:57 - 2019-11-14 06:57 - 000265216 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll 2019-11-14 06:57 - 2019-11-14 06:57 - 000256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateDeploymentProvider.dll 2019-11-14 06:57 - 2019-11-14 06:57 - 000250880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winnat.sys 2019-11-14 06:57 - 2019-11-14 06:57 - 000239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\vdsbas.dll 2019-11-14 06:57 - 2019-11-14 06:57 - 000204816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spacedump.sys 2019-11-14 06:57 - 2019-11-14 06:57 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll 2019-11-14 06:57 - 2019-11-14 06:57 - 000184832 _____ (Microsoft Corporation) C:\WINDOWS\system32\AarSvc.dll 2019-11-14 06:57 - 2019-11-14 06:57 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmvdsitf.dll 2019-11-14 06:57 - 2019-11-14 06:57 - 000169472 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpatialAudioLicenseSrv.exe 2019-11-14 06:57 - 2019-11-14 06:57 - 000154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll 2019-11-14 06:57 - 2019-11-14 06:57 - 000132608 _____ (Microsoft Corporation) C:\WINDOWS\splwow64.exe 2019-11-14 06:57 - 2019-11-14 06:57 - 000129024 _____ (Microsoft Corporation) C:\WINDOWS\system32\UtcDecoderHost.exe 2019-11-14 06:57 - 2019-11-14 06:57 - 000123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplicationControlCSP.dll 2019-11-14 06:57 - 2019-11-14 06:57 - 000114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthenum.sys 2019-11-14 06:57 - 2019-11-14 06:57 - 000108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll 2019-11-14 06:57 - 2019-11-14 06:57 - 000098304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BTHUSB.SYS 2019-11-14 06:57 - 2019-11-14 06:57 - 000088568 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll 2019-11-14 06:57 - 2019-11-14 06:57 - 000087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApiSetHost.AppExecutionAlias.dll 2019-11-14 06:57 - 2019-11-14 06:57 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\CustomInstallExec.exe 2019-11-14 06:57 - 2019-11-14 06:57 - 000076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\autopilot.dll 2019-11-14 06:57 - 2019-11-14 06:57 - 000070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.EnrollmentStatusTracking.ConfigProvider.dll 2019-11-14 06:57 - 2019-11-14 06:57 - 000065272 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsManagementServiceWinRt.ProxyStub.dll 2019-11-14 06:57 - 2019-11-14 06:57 - 000057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll 2019-11-14 06:57 - 2019-11-14 06:57 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\audioresourceregistrar.dll 2019-11-14 06:57 - 2019-11-14 06:57 - 000047208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe 2019-11-14 06:57 - 2019-11-14 06:57 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BthMini.SYS 2019-11-14 06:57 - 2019-11-14 06:57 - 000027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscisvif.dll 2019-11-14 06:57 - 2019-11-14 06:57 - 000025088 _____ (Microsoft Corporation) C:\WINDOWS\system32\autopilotdiag.dll 2019-11-14 06:57 - 2019-11-14 06:57 - 000018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscproxystub.dll 2019-11-14 06:57 - 2019-11-14 06:57 - 000016896 _____ (Microsoft Corporation) C:\WINDOWS\system32\iscsilog.dll 2019-11-14 06:57 - 2019-11-14 06:57 - 000013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\dstokenclean.exe 2019-11-14 06:57 - 2019-11-14 06:57 - 000009216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscadminui.exe 2019-11-14 06:35 - 2019-10-17 07:17 - 000492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe 2019-11-14 06:35 - 2019-10-17 07:01 - 000390656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe 2019-11-13 17:56 - 2019-11-14 17:58 - 000000219 _____ C:\Users\Edu\Desktop\LIBROS CIENTIFIC.txt 2019-11-12 20:03 - 2019-11-12 20:03 - 000000000 ____D C:\ProgramData\Ubisoft 2019-11-09 16:07 - 2019-11-09 16:07 - 000000000 ____D C:\Users\Edu\AppData\LocalLow\Squad

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-12-09 16:09 - 2019-04-21 13:31 - 000000000 ____D C:\Users\Edu\AppData\LocalLow\Mozilla 2019-12-09 16:04 - 2019-05-17 22:00 - 000000000 ____D C:\Users\Edu\AppData\Local\Ubisoft Game Launcher 2019-12-09 16:04 - 2019-03-19 05:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2019-12-09 16:04 - 2018-12-24 21:30 - 000000000 ____D C:\ProgramData\NVIDIA 2019-12-09 11:47 - 2019-09-26 20:27 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2019-12-09 11:47 - 2019-02-17 11:19 - 000000000 ____D C:\Users\Edu\AppData\Roaming\WTablet 2019-12-08 23:54 - 2018-12-24 18:03 - 000000000 ____D C:\Users\Edu\AppData\Local\D3DSCache 2019-12-08 22:56 - 2019-01-04 20:37 - 000000000 ____D C:\Users\Edu\AppData\Roaming\discord 2019-12-08 19:47 - 2019-03-19 05:50 - 000000000 ____D C:\WINDOWS\INF 2019-12-08 12:23 - 2019-10-22 14:26 - 000000000 ___HD C:\temp 2019-12-07 19:41 - 2019-03-19 05:52 - 000000000 ___HD C:\Program Files\WindowsApps 2019-12-07 19:41 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\AppReadiness 2019-12-06 19:27 - 2019-10-12 14:15 - 000000000 ____D C:\Users\Edu\Desktop\D&D 2019-12-06 13:00 - 2019-04-21 13:31 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk 2019-12-06 13:00 - 2019-04-21 13:31 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2019-12-04 23:17 - 2019-01-07 19:26 - 000000000 ____D C:\Program Files\Common Files\Adobe 2019-12-04 23:17 - 2018-12-25 01:28 - 000000000 ____D C:\Users\Edu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam 2019-12-04 23:16 - 2018-12-24 20:10 - 000000000 ____D C:\Users\Edu\AppData\Roaming\Adobe 2019-12-04 23:12 - 2019-08-19 10:13 - 000000000 ____D C:\Users\Edu\AppData\Roaming\Blitz 2019-12-04 23:12 - 2019-08-19 10:13 - 000000000 ____D C:\Users\Edu\AppData\Local\Blitz 2019-12-04 23:11 - 2019-08-19 10:13 - 000000000 ____D C:\Users\Edu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Blitz Inc 2019-12-04 23:04 - 2019-10-25 11:47 - 000000000 ____D C:\games 2019-12-03 21:44 - 2019-07-16 22:20 - 000153312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys 2019-12-03 21:33 - 2019-09-18 22:41 - 004937792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll 2019-12-03 21:33 - 2019-09-18 22:41 - 004205784 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll 2019-12-02 22:27 - 2018-12-25 00:39 - 000000000 ____D C:\Users\Edu\AppData\Local\CrashDumps 2019-12-02 16:47 - 2019-10-03 10:15 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData 2019-12-02 12:30 - 2018-12-25 21:04 - 000000000 ____D C:\Users\Edu\AppData\Roaming\uTorrent 2019-12-02 12:29 - 2019-09-26 20:34 - 000003206 _____ C:\WINDOWS\system32\Tasks\Nahimic2UILauncherRun 2019-12-02 12:29 - 2019-09-26 20:34 - 000003194 _____ C:\WINDOWS\system32\Tasks\Nahimic2svc64Run 2019-12-02 12:29 - 2019-09-26 20:34 - 000003186 _____ C:\WINDOWS\system32\Tasks\Nahimic2svc32Run 2019-12-02 12:24 - 2019-10-22 15:12 - 000000000 ___RD C:\Users\Edu\Creative Cloud Files 2019-12-02 12:24 - 2019-06-06 20:29 - 000000000 ____D C:\Users\Edu\AppData\Local\BitTorrentHelper 2019-12-02 12:24 - 2018-12-24 20:12 - 000000000 ___RD C:\Users\Edu\OneDrive 2019-11-30 22:06 - 2019-10-06 01:06 - 000000000 ____D C:\WINDOWS\SysWOW64\directx 2019-11-29 23:14 - 2018-12-25 22:00 - 000000000 ____D C:\Users\Edu\AppData\Roaming\MPC-HC 2019-11-26 16:18 - 2019-09-13 19:47 - 000000000 ____D C:\Users\Edu\Downloads\Blasphemous_REPACK-HOODLUM 2019-11-24 14:06 - 2019-08-19 11:20 - 000000000 ____D C:\Users\Edu\AppData\Roaming\Blitz-helpers 2019-11-23 23:25 - 2019-10-06 01:08 - 000000000 ____D C:\Users\Edu\AppData\Roaming\rsilauncher 2019-11-23 18:45 - 2019-09-26 20:34 - 000003376 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1607368136-3069782937-3934110308-1001 2019-11-23 18:45 - 2019-09-26 20:29 - 000002395 _____ C:\Users\Edu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2019-11-23 11:57 - 2019-10-06 01:06 - 000001320 _____ C:\Users\Public\Desktop\RSI Launcher.lnk 2019-11-22 13:41 - 2019-09-26 20:37 - 001773366 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2019-11-22 13:41 - 2019-03-19 12:59 - 000788560 _____ C:\WINDOWS\system32\perfh00A.dat 2019-11-22 13:41 - 2019-03-19 12:59 - 000155850 _____ C:\WINDOWS\system32\perfc00A.dat 2019-11-22 13:39 - 2019-11-07 17:00 - 000000000 ____D C:\Users\Edu\AppData\Roaming\TS3Client 2019-11-22 13:39 - 2019-09-25 11:18 - 000000000 ___DC C:\WINDOWS\Panther 2019-11-22 13:35 - 2019-09-26 20:34 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2019-11-22 13:35 - 2019-03-19 05:37 - 000524288 _____ C:\WINDOWS\system32\config\BBI 2019-11-21 22:12 - 2018-12-24 20:31 - 000002299 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2019-11-21 22:12 - 2018-12-24 20:31 - 000002258 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2019-11-21 11:33 - 2019-07-16 22:20 - 000020936 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys 2019-11-21 11:33 - 2019-07-16 22:20 - 000002021 _____ C:\Users\Public\Desktop\Malwarebytes.lnk 2019-11-21 11:25 - 2019-09-26 20:29 - 000000000 ____D C:\Users\Edu 2019-11-21 01:56 - 2019-09-18 22:41 - 000056258 _____ C:\WINDOWS\system32\nvinfo.pb 2019-11-20 23:44 - 2018-12-24 23:03 - 005549368 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll 2019-11-20 23:44 - 2018-12-24 23:03 - 002652168 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll 2019-11-20 23:44 - 2018-12-24 23:03 - 001767448 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll 2019-11-20 23:44 - 2018-12-24 23:03 - 000668200 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll 2019-11-20 23:44 - 2018-12-24 23:03 - 000454968 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll 2019-11-20 23:44 - 2018-12-24 23:03 - 000130584 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll 2019-11-20 23:44 - 2018-12-24 23:03 - 000082784 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll 2019-11-20 18:54 - 2018-12-24 23:03 - 008785212 _____ C:\WINDOWS\system32\nvcoproc.bin 2019-11-19 09:13 - 2018-12-27 23:13 - 000000000 ____D C:\Users\Edu\AppData\Local\NVIDIA 2019-11-19 09:13 - 2018-12-24 21:28 - 000000000 ____D C:\Program Files\NVIDIA Corporation 2019-11-19 09:00 - 2019-10-18 13:20 - 000000000 ____D C:\Users\Edu\AppData\Local\RDT 2019-11-19 09:00 - 2019-10-18 13:19 - 000000000 ____D C:\Users\Edu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mobalytics 2019-11-16 11:28 - 2018-12-24 20:10 - 000000000 __RHD C:\Users\Public\AccountPictures 2019-11-16 11:28 - 2018-12-24 20:10 - 000000000 ___RD C:\Users\Edu\3D Objects 2019-11-16 11:26 - 2019-09-26 20:27 - 000501496 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2019-11-16 01:34 - 2019-09-26 20:31 - 000000248 ____H C:\WINDOWS\Tasks\MSILEDKeeper_Host.job 2019-11-16 01:33 - 2019-03-19 05:52 - 000000000 ___RD C:\WINDOWS\PrintDialog 2019-11-16 01:33 - 2019-03-19 05:52 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2019-11-16 01:33 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SystemResources 2019-11-16 01:33 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\appraiser 2019-11-16 01:33 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\ShellExperiences 2019-11-16 01:33 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\ShellComponents 2019-11-16 01:33 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\PolicyDefinitions 2019-11-16 01:33 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\DiagTrack 2019-11-16 01:33 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\bcastdvr 2019-11-15 12:58 - 2018-12-24 18:09 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2019-11-14 07:16 - 2018-12-24 23:52 - 000000000 ____D C:\WINDOWS\system32\MRT 2019-11-14 07:12 - 2019-03-19 05:37 - 000000000 ____D C:\WINDOWS\CbsTemp 2019-11-14 07:12 - 2018-12-24 23:51 - 128443096 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2019-11-14 05:07 - 2019-10-28 14:02 - 000004580 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player PPAPI Notifier 2019-11-14 05:07 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed 2019-11-14 05:07 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\Macromed 2019-11-14 04:07 - 2019-10-02 10:41 - 000004572 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player NPAPI Notifier 2019-11-11 00:55 - 2019-02-10 15:33 - 000000000 ____D C:\Users\Edu\AppData\Roaming.minecraft 2019-11-11 00:11 - 2019-02-11 17:16 - 000000000 ____D C:\Users\Edu\AppData\Local\ElevatedDiagnostics

==================== Files in the root of some directories ========

2019-11-22 16:47 - 2019-11-22 16:47 - 000000000 _____ () C:\Users\Edu\AppData\Local\oobelibMkey.log 2019-12-05 17:06 - 2019-12-05 17:06 - 000018543 _____ () C:\Users\Edu\AppData\Local\recently-used.xbel

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ======================== [/CODE]

[CODE] Additional scan result of Farbar Recovery Scan Tool (x64) Version: 07-12-2019 Ran by Edu (09-12-2019 16:12:24) Running from E:\Descargas Windows 10 Home Version 1903 18362.476 (X64) (2019-09-26 19:34:38) Boot Mode: Normal

==================== Accounts: =============================

Administrador (S-1-5-21-1607368136-3069782937-3934110308-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-1607368136-3069782937-3934110308-503 - Limited - Disabled) Edu (S-1-5-21-1607368136-3069782937-3934110308-1001 - Administrator - Enabled) => C:\Users\Edu Invitado (S-1-5-21-1607368136-3069782937-3934110308-501 - Limited - Disabled) WDAGUtilityAccount (S-1-5-21-1607368136-3069782937-3934110308-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Disabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF} AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with “Hidden” flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-1607368136-3069782937-3934110308-1001…\uTorrent) (Version: 3.5.5.45395 - BitTorrent Inc.) Actualización de NVIDIA 38.0.2.0 (HKLM…{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 38.0.2.0 - NVIDIA Corporation) Hidden Adobe Acrobat Reader DC - Español (HKLM-x32…{AC76BA86-7AD7-1034-7B44-AC0F074E4100}) (Version: 19.021.20056 - Adobe Systems Incorporated) Adobe Creative Cloud (HKLM-x32…\Adobe Creative Cloud) (Version: 5.0.0.354 - Adobe Systems Incorporated) Adobe Flash Player 32 NPAPI (HKLM-x32…\Adobe Flash Player NPAPI) (Version: 32.0.0.293 - Adobe) Adobe Flash Player 32 PPAPI (HKLM-x32…\Adobe Flash Player PPAPI) (Version: 32.0.0.293 - Adobe) Amazon Kindle (HKU\S-1-5-21-1607368136-3069782937-3934110308-1001…\Amazon Kindle) (Version: 1.26.0.55076 - Amazon) AMD Software (HKLM…\AMD Catalyst Install Manager) (Version: 17.7 - Advanced Micro Devices, Inc.) AORUS ENGINE (HKLM-x32…\AORUS ENGINE_is1) (Version: 1.5.0.1 - GIGABYTE Technology Co.,Inc.) Apex Legends (HKLM-x32…{D7FBF176-382D-484E-863A-DFD1124A2A1C}) (Version: 1.0.2.1 - Electronic Arts, Inc.) ApoDispatch Install Configurator (HKLM…{59C4F5A9-0BAC-479A-9B33-2404647845AE}) (Version: 2.5.3001 - Nahimic) Hidden Audacity 2.3.2 (HKLM-x32…\Audacity_is1) (Version: 2.3.2 - Audacity Team) AudioLaunchpad Install Configurator (HKLM…{A96C5D2A-6D33-403C-9067-4A02CE9791A8}) (Version: 2.5.3001 - Nahimic) Hidden AutoFirma (HKLM-x32…\AutoFirma) (Version: 1.6.5 - Gobierno de España) Avast Free Antivirus (HKLM-x32…\Avast Antivirus) (Version: 19.8.2393 - AVAST Software) Balanced (HKLM-x32…{EFD0705E-598B-46D4-8D5B-4539431764B8}) (Version: 2.02.0000 - Nombre de su organización) Hidden Battle.net (HKLM-x32…\Battle.net) (Version: - Blizzard Entertainment) Blender (HKLM…{E29A1273-2E7A-40E7-AA63-428A11D59429}) (Version: 2.79.2 - Blender Foundation) CCleaner (HKLM…\CCleaner) (Version: 5.63 - Piriform) Cheat Engine 7.0 (HKLM…\Cheat Engine 7.0_is1) (Version: - Cheat Engine) CheckDevices Install Configurator (HKLM…{B0F187E7-8703-4954-9A79-4E81920318BF}) (Version: 2.5.3001 - Nahimic) Hidden Citra (HKU\S-1-5-21-1607368136-3069782937-3934110308-1001…{c5a00bad-96e7-48bd-bd04-18db22c9db5a}) (Version: 1.0.0 - Citra Team) Discord (HKU\S-1-5-21-1607368136-3069782937-3934110308-1001…\Discord) (Version: 0.0.305 - Discord Inc.) Divinity Original Sin 2 Definitive Edition (HKLM-x32…\Divinity Original Sin 2 Definitive Edition_is1) (Version: - ) Epic Games Launcher Prerequisites (x64) (HKLM…{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden GIMP 2.10.12 (HKLM…\GIMP-2_is1) (Version: 2.10.12 - The GIMP Team) Google Chrome (HKLM-x32…\Google Chrome) (Version: 78.0.3904.108 - Google LLC) Google Update Helper (HKLM-x32…{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.341 - Google LLC) Hidden Java 8 Update 221 (HKLM-x32…{26A24AE4-039D-4CA4-87B4-2F32180221F0}) (Version: 8.0.2210.11 - Oracle Corporation) K-Lite Codec Pack 13.3.3 Full (HKLM-x32…\KLiteCodecPack_is1) (Version: 13.3.3 - KLCP) KMSpico (HKLM…{8B29D47F-92E2-4C20-9EE0-F710991F5D7C}_is1) (Version: - ) Launcher Prerequisites (x64) (HKLM-x32…{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden LauncherSetup Install (HKLM…{1FA55C77-CBF7-4611-81AE-DEBC2B411356}) (Version: 2.5.3001 - Nahimic) Hidden League of Legends (HKLM-x32…\League of Legends 1.0) (Version: 1.0 - Riot Games, Inc) Legends of Runeterra (HKU\S-1-5-21-1607368136-3069782937-3934110308-1001…\Riot Game bacon.live) (Version: - Riot Games, Inc) Limbo Full (HKLM-x32…\Limbo Full) (Version: - ) Logitech G HUB (HKLM…{521c89be-637f-4274-a840-baaf7460c2b2}) (Version: - Logitech) Malwarebytes version 4.0.4.49 (HKLM…{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.0.4.49 - Malwarebytes) MEGAsync (HKLM-x32…\MEGAsync) (Version: - Mega Limited) Microsoft Office Enterprise 2007 (HKLM-x32…\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-1607368136-3069782937-3934110308-1001…\OneDriveSetup.exe) (Version: 19.192.0926.0012 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32…{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM…{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM…{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM…{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32…{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32…{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM…{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32…{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32…{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32…{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32…{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32…{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32…{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32…{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation) Microsoft Visual C++ 2017 Redistributable (x64) - 14.15.26706 (HKLM-x32…{95ac1cfa-f4fb-4d1b-8912-7f9d5fbb140d}) (Version: 14.15.26706.0 - Microsoft Corporation) Microsoft Visual C++ 2017 Redistributable (x86) - 14.15.26706 (HKLM-x32…{7e9fae12-5bbf-47fb-b944-09c49e75c061}) (Version: 14.15.26706.0 - Microsoft Corporation) Minecraft (HKLM-x32…{2D1ED4EA-B59D-4665-ACB3-9325872A300D}) (Version: 1.0.4.0 - Mojang) Mozilla Firefox 71.0 (x64 es-ES) (HKLM…\Mozilla Firefox 71.0 (x64 es-ES)) (Version: 71.0 - Mozilla) Mozilla Maintenance Service (HKLM…\MozillaMaintenanceService) (Version: 66.0.3 - Mozilla) MSI MysticLight (HKLM-x32…{93874B70-6C5E-446A-AF4D-E5AC776A0386}}_is1) (Version: 3.0.0.37 - MSI) MSIRegister (HKLM-x32…{80B995A4-3A86-4690-98A6-563F1A788835}_is1) (Version: 2.0.0.12 - MSI) Nahimic 2+ Audio Driver (HKLM…{893DFE4F-0810-4CC6-A0EB-2A4E8EAE36B4}) (Version: 2.5.3001 - Nahimic) Hidden Nahimic 2+ Audio Driver (HKLM-x32…{7990154e-d2b0-4247-b52f-cc0299653b35}) (Version: 2.5.30 - Nahimic) NVAPI Monitor plugin for NvContainer (HKLM…{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.19 - NVIDIA Corporation) Hidden NVIDIA Controlador de audio HD 1.3.38.21 (HKLM…{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.21 - NVIDIA Corporation) NVIDIA Controlador de gráficos 441.41 (HKLM…{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 441.41 - NVIDIA Corporation) NVIDIA GeForce Experience 3.20.1.57 (HKLM…{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.1.57 - NVIDIA Corporation) NVIDIA Software del sistema PhysX 9.19.0218 (HKLM…{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation) NVIDIA USBC Driver 1.38.831.832 (HKLM…{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_USBC) (Version: 1.38.831.832 - NVIDIA Corporation) OBS Studio (HKLM-x32…\OBS Studio) (Version: 23.0.2 - OBS Project) OEM Application Profile (HKLM-x32…{7F5DCD33-1039-C3B2-9538-B645B65BBA63}) (Version: 1.00.0000 - Nombre de su organización) Origin (HKLM-x32…\Origin) (Version: 10.5.55.33574 - Electronic Arts, Inc.) PaintTool SAI Ver.1 (HKLM-x32…\PaintToolSAI) (Version: - ) Panel de control de NVIDIA 441.41 (HKLM…{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 441.41 - NVIDIA Corporation) Hidden ProductDaemonSetup Install (HKLM…{BAF83D79-BC90-4211-A1FA-ED0930D942D0}) (Version: 2.5.3001 - Nahimic) Hidden ProductNS Install Configurator (HKLM…{F79B4822-ECA4-4DDE-A560-70CF5FB4849A}) (Version: 2.5.3001 - Nahimic) Hidden Python 3.7.3 (32-bit) (HKU\S-1-5-21-1607368136-3069782937-3934110308-1001…{24ac8299-2abd-4ddd-8be3-031debb6093c}) (Version: 3.7.3150.0 - Python Software Foundation) Python 3.7.3 Core Interpreter (32-bit) (HKLM-x32…{33AB9CEA-621E-4064-9FB0-7048E79DB5B5}) (Version: 3.7.3150.0 - Python Software Foundation) Hidden Python 3.7.3 Development Libraries (32-bit) (HKLM-x32…{52DDE5D8-B45C-4C1D-81DD-D72317DE8B08}) (Version: 3.7.3150.0 - Python Software Foundation) Hidden Python 3.7.3 Documentation (32-bit) (HKLM-x32…{2BC067C0-B392-49C0-988B-C839C62D8B65}) (Version: 3.7.3150.0 - Python Software Foundation) Hidden Python 3.7.3 Executables (32-bit) (HKLM-x32…{E3E61712-C062-45E7-8348-D7DBF66FACFD}) (Version: 3.7.3150.0 - Python Software Foundation) Hidden Python 3.7.3 pip Bootstrap (32-bit) (HKLM-x32…{9846DC93-4A39-496F-8AE3-0E3AB4EF4385}) (Version: 3.7.3150.0 - Python Software Foundation) Hidden Python 3.7.3 Standard Library (32-bit) (HKLM-x32…{DC6190E7-D05E-465A-9FB6-7418BC901991}) (Version: 3.7.3150.0 - Python Software Foundation) Hidden Python 3.7.3 Tcl/Tk Support (32-bit) (HKLM-x32…{1341418F-C713-4943-ACB2-9F4D4743D193}) (Version: 3.7.3150.0 - Python Software Foundation) Hidden Python 3.7.3 Test Suite (32-bit) (HKLM-x32…{FE5E4BF9-7487-4CE8-A2AC-F78C6B4BE487}) (Version: 3.7.3150.0 - Python Software Foundation) Hidden Python 3.7.3 Utility Scripts (32-bit) (HKLM-x32…{AE9303AD-EBD0-4C85-A9D0-55B1BA972D11}) (Version: 3.7.3150.0 - Python Software Foundation) Hidden Python Launcher (HKLM-x32…{A28C27E4-A725-482A-9C65-61EDC0E4D583}) (Version: 3.7.6657.0 - Python Software Foundation) RDT (HKU\S-1-5-21-1607368136-3069782937-3934110308-1001…\RDT) (Version: 0.3.9 - Evgeniy Sologub) Realtek Ethernet Controller Driver (HKLM-x32…{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.23.1003.2017 - Realtek) Realtek High Definition Audio Driver (HKLM-x32…{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8412 - Realtek Semiconductor Corp.) RGB Fusion 2.0 (HKLM-x32…{FFA8F1FA-3C2C-4A94-AC0B-0DF47272C25F}) (Version: 3.18.1213.1 - GIGABYTE) RSI Launcher 1.3.0 (HKLM…\81bfc699-f883-50c7-b674-2483b6baae23) (Version: 1.3.0 - Cloud Imperium Games) SketchUp 2018 (HKLM…{5EAA3D58-258D-4D24-BA22-C8D8D704F515}) (Version: 18.0.16975 - Trimble Navigation Limited) SonicMapper Install Configurator (HKLM…{F018BD48-A434-445F-8E6D-97B0500939E6}) (Version: 2.5.3001 - Nahimic) Hidden Spotify (HKU\S-1-5-21-1607368136-3069782937-3934110308-1001…\Spotify) (Version: 1.1.12.451.gdb77255f - Spotify AB) Star Wars Jedi Fallen Order (HKLM-x32…\Star Wars Jedi Fallen Order_is1) (Version: - ) Steam (HKLM-x32…\Steam) (Version: 2.10.91.91 - Valve Corporation) Streamlabs OBS 0.16.3 (HKLM…\029c4619-0385-5543-9426-46f9987161d9) (Version: 0.16.3 - General Workings, Inc.) Sublime Text 2.0.2 (HKLM…\Sublime Text 2_is1) (Version: - ) Sublime Text 3 (HKLM…\Sublime Text 3_is1) (Version: - Sublime HQ Pty Ltd) Tableta Wacom (HKLM…\Wacom Tablet Driver) (Version: 6.3.32-4 - Wacom Technology Corp.) TeamSpeak 3 Client (HKLM…\TeamSpeak 3 Client) (Version: 3.3.2 - TeamSpeak Systems GmbH) The Outer Worlds (HKLM-x32…\The Outer Worlds_is1) (Version: - ) Tom Clancy’s Rainbow Six Siege (HKLM-x32…\Uplay Install 635) (Version: - Ubisoft Montreal) Twitch (HKU\S-1-5-21-1607368136-3069782937-3934110308-1001…{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 8.0.0 - Twitch Interactive, Inc.) UIInstallUpgrade (HKLM…{4BAA72F1-2106-4E28-B2C1-0A33C0A538E0}) (Version: 2.5.3001 - Nahimic) Hidden Update for Windows 10 for x64-based Systems (KB4023057) (HKLM…{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden UpdateAssistant (HKLM…{52C1DD03-104E-4AC6-9DC6-21D585721ED1}) (Version: 1.19.0.0 - Microsoft Corporation) Hidden Uplay (HKLM-x32…\Uplay) (Version: 87.0 - Ubisoft) VEGAS Pro 16.0 (HKLM…{0ABBD080-A716-11E8-974B-00155D6302F2}) (Version: 16.0.261 - VEGAS) WinDS PRO 2017.05.14 (HKLM…{4237FF56-4BD0-481E-BD44-C1A8DDA9C753}_is1) (Version: 2017.05.14 - WinDS PRO Central) WinRAR 5.61 (64-bit) (HKLM…\WinRAR archiver) (Version: 5.61.0 - win.rar GmbH)

Packages:

Adobe Notification Client -> C:\Program Files\WindowsApps\AdobeNotificationClient_1.0.1.22_x86__enpm4xejd91yc [2019-10-22] (Adobe Systems Incorporated) Bubble Witch 3 Saga -> C:\Program Files\WindowsApps\king.com.BubbleWitch3Saga_6.3.4.0_x86__kgqvnymyfvs32 [2019-11-19] (king.com) Candy Crush Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSaga_1.1652.1.0_x86__kgqvnymyfvs32 [2019-12-03] (king.com) Cooking Fever -> C:\Program Files\WindowsApps\NORDCURRENT.COOKINGFEVER_7.0.0.2_x86__m9bz608c1b9ra [2019-12-05] (Nordcurrent) Correo y Calendario -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.12228.20276.0_x64__8wekyb3d8bbwe [2019-11-26] (Microsoft Corporation) [MS Ad] Dragon Mania Legends -> C:\Program Files\WindowsApps\A278AB0D.DragonManiaLegends_4.9.2.1_x86__h6adky7gbf63m [2019-11-19] (Gameloft.) Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-19] (Microsoft Corporation) [MS Ad] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-19] (Microsoft Corporation) [MS Ad] Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.4.11052.0_x64__8wekyb3d8bbwe [2019-11-10] (Microsoft Studios) [MS Ad] MSN El Tiempo -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.33.13253.0_x64__8wekyb3d8bbwe [2019-11-23] (Microsoft Corporation) [MS Ad] Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.95.602.0_x64__mcm4njqhnhss8 [2019-10-25] (Netflix, Inc.) Undersea Life -> C:\Program Files\WindowsApps\Microsoft.UnderseaLife_1.0.0.0_neutral__8wekyb3d8bbwe [2019-07-16] (Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1607368136-3069782937-3934110308-1001_Classes\CLSID{0E270DAA-1BE6-48F2-AC49-634FCFAE3AEB} -> [Creative Cloud Files] => C:\Users\Edu\Creative Cloud Files [2019-10-22 15:12] CustomCLSID: HKU\S-1-5-21-1607368136-3069782937-3934110308-1001_Classes\CLSID{A4FC1436-371B-4961-947F-8A57E5D3F7ED} -> [MEGA] => C:\Users\Edu\Documents\MEGA [2019-11-23 23:28] CustomCLSID: HKU\S-1-5-21-1607368136-3069782937-3934110308-1001_Classes\CLSID{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Inc. -> Adobe Systems) ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2210608 2006-10-27] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2019-09-05] (Mega Limited -> ) ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2019-09-05] (Mega Limited -> ) ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2019-09-05] (Mega Limited -> ) ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> ) ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> ) ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> ) ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-10-05] (AVAST Software s.r.o. -> AVAST Software) ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2019-09-05] (Mega Limited -> ) ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2019-09-05] (Mega Limited -> ) ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2019-09-05] (Mega Limited -> ) ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> ) ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-10-05] (AVAST Software s.r.o. -> AVAST Software) ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2019-09-05] (Mega Limited -> ) ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2019-09-05] (Mega Limited -> ) ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-10-05] (AVAST Software s.r.o. -> AVAST Software) ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes) ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2019-09-05] (Mega Limited -> ) ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2019-09-05] (Mega Limited -> ) ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2019-11-20] (NVIDIA Corporation -> NVIDIA Corporation) ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> ) ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-10-05] (AVAST Software s.r.o. -> AVAST Software) ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM…\Drivers32: [vidc.i420] => lvcod64.dll HKLM…\Drivers32-x32: [vidc.i420] => lvcodec2.dll

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2018-12-24 21:27 - 2018-11-27 11:40 - 000025088 _____ () [File not signed] C:\Program Files (x86)\GIGABYTE\AORUS ENGINE\BSL430.dll 2018-12-24 21:27 - 2018-11-27 11:40 - 000225792 _____ () [File not signed] C:\Program Files (x86)\GIGABYTE\AORUS ENGINE\GvFireware.dll 2018-12-24 21:27 - 2018-11-27 11:40 - 000080896 _____ (GIGA-BYTE TECHNOLOGY CO., LTD.) [File not signed] C:\Program Files (x86)\GIGABYTE\AORUS ENGINE\yccV2.DLL 2018-12-24 21:27 - 2018-11-27 11:40 - 000287744 _____ (GIGABYTE Technology Co.,Ltd.) [File not signed] C:\Program Files (x86)\GIGABYTE\AORUS ENGINE\GVBIOSLib.dll 2018-12-24 21:27 - 2018-11-27 11:40 - 000628736 _____ (GIGABYTE Technology Co.,Ltd.) [File not signed] C:\Program Files (x86)\GIGABYTE\AORUS ENGINE\GvComW.dll 2018-12-24 21:27 - 2018-11-27 11:40 - 000013312 _____ (GIGABYTE Technology Co.,Ltd.) [File not signed] C:\Program Files (x86)\GIGABYTE\AORUS ENGINE\GvCrypt.dll 2018-12-24 21:27 - 2018-11-28 09:45 - 000430080 _____ (GIGABYTE Technology Co.,Ltd.) [File not signed] C:\Program Files (x86)\GIGABYTE\AORUS ENGINE\GVDisplay.dll 2018-12-24 21:27 - 2018-11-27 11:40 - 000240640 _____ (GIGABYTE Technology Co.,Ltd.) [File not signed] C:\Program Files (x86)\GIGABYTE\AORUS ENGINE\GvIllumLib.dll 2018-12-24 21:27 - 2018-11-27 11:40 - 000218112 _____ (GIGABYTE Technology Co.,Ltd.) [File not signed] C:\Program Files (x86)\GIGABYTE\AORUS ENGINE\GvOrderLib.dll 2003-04-03 19:05 - 2003-04-03 19:05 - 000024576 _____ (Microsoft Corporation) [File not signed] C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\3082\mdmui.dll 2006-10-26 13:40 - 2006-10-26 13:40 - 000192512 _____ (Microsoft Corporation) [File not signed] C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\msdbg2.dll 2006-10-26 13:40 - 2006-10-26 13:40 - 000192512 _____ (Microsoft Corporation) [File not signed] C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\pdm.dll 2019-09-26 21:19 - 2019-09-26 21:19 - 001093120 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.762_none_0c178a139ee2a7ed\MFC80U.DLL 2019-11-13 01:03 - 2019-06-11 07:21 - 001277440 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] E:\Program Files (x86)\Origin\LIBEAY32.dll 2019-11-13 01:03 - 2019-06-11 07:22 - 000279040 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] E:\Program Files (x86)\Origin\ssleay32.dll 2019-11-13 01:03 - 2019-07-12 08:23 - 001611264 _____ (The Qt Company Ltd) [File not signed] E:\Program Files (x86)\Origin\platforms\qwindows.dll 2019-11-13 01:03 - 2019-07-12 08:23 - 005487104 _____ (The Qt Company Ltd) [File not signed] E:\Program Files (x86)\Origin\Qt5Core.dll 2019-11-13 01:03 - 2019-07-12 08:23 - 005841920 _____ (The Qt Company Ltd) [File not signed] E:\Program Files (x86)\Origin\Qt5Gui.dll 2019-11-13 01:03 - 2019-07-12 08:23 - 001179136 _____ (The Qt Company Ltd) [File not signed] E:\Program Files (x86)\Origin\Qt5Network.dll 2019-11-13 01:03 - 2019-07-12 08:23 - 005089792 _____ (The Qt Company Ltd) [File not signed] E:\Program Files (x86)\Origin\Qt5Widgets.dll 2019-11-13 01:03 - 2019-07-12 08:23 - 000184832 _____ (The Qt Company Ltd) [File not signed] E:\Program Files (x86)\Origin\Qt5Xml.dll 2018-12-24 21:27 - 2018-11-27 11:40 - 002134016 _____ (TODO: ) [File not signed] C:\Program Files (x86)\GIGABYTE\AORUS ENGINE\GLedApi.DLL 2018-12-24 21:27 - 2018-11-27 11:40 - 000183296 _____ (TODO: ) [File not signed] C:\Program Files (x86)\GIGABYTE\AORUS ENGINE\GvAutoUpdate.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxlctlfudivqqsp29hfm [0] AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [476]

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The “AlternateShell” will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => “”=“Service” HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => “”=“Service”

==================== Association (Whitelisted) =================

==================== Internet Explorer trusted/restricted ==========

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2017-09-29 14:46 - 2019-01-04 10:22 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0;C:\Program Files\NVIDIA Corporation\NVIDIA NGX;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0;C:\WINDOWS\System32\OpenSSH;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\AutoFirma\AutoFirma;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0;%SYSTEMROOT%\System32\OpenSSH
HKU\S-1-5-21-1607368136-3069782937-3934110308-1001\Control Panel\Desktop\Wallpaper -> C:\Users\Edu\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\mononoke-critica-10.jpg DNS Servers: 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off) Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [UDP Query User{7C3D82B5-6CB6-4F7F-ACAB-42612978334A}C:\users\edu\appdata\local\blitz\current\blitz.exe] => (Allow) C:\users\edu\appdata\local\blitz\current\blitz.exe No File FirewallRules: [TCP Query User{3089C670-9EED-4C95-A1B8-ECE95C24041E}C:\users\edu\appdata\local\blitz\current\blitz.exe] => (Allow) C:\users\edu\appdata\local\blitz\current\blitz.exe No File FirewallRules: [{EA57D4A3-A7BA-48C6-97E1-F0A38282D0DF}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Mordhau\Mordhau.exe (Epic Games, Inc.) [File not signed] FirewallRules: [{94A65D01-C64D-4A79-988E-65E3B08757B2}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Mordhau\Mordhau.exe (Epic Games, Inc.) [File not signed] FirewallRules: [UDP Query User{2F6E354A-F0D7-428C-B78F-B10980CC74DD}E:\program files (x86)\destiny 2\destiny2.exe] => (Allow) E:\program files (x86)\destiny 2\destiny2.exe No File FirewallRules: [TCP Query User{C2DA1C3E-6530-498F-8FFC-00EAE3AD15EC}E:\program files (x86)\destiny 2\destiny2.exe] => (Allow) E:\program files (x86)\destiny 2\destiny2.exe No File FirewallRules: [UDP Query User{55161910-3DDC-4FAB-9E74-E2B8AFDA483F}E:\program files (x86)\steam\steamapps\common\remnant\remnant\binaries\win64\remnant-win64-shipping.exe] => (Allow) E:\program files (x86)\steam\steamapps\common\remnant\remnant\binaries\win64\remnant-win64-shipping.exe No File FirewallRules: [TCP Query User{FB3502D2-FEDC-41BD-A38F-F73DB7FB5A43}E:\program files (x86)\steam\steamapps\common\remnant\remnant\binaries\win64\remnant-win64-shipping.exe] => (Allow) E:\program files (x86)\steam\steamapps\common\remnant\remnant\binaries\win64\remnant-win64-shipping.exe No File FirewallRules: [UDP Query User{1DA2EDD5-98FA-4ED0-82FA-FD2DA5762E61}E:\program files (x86)\riot games\league of legends\game\league of legends.exe] => (Allow) E:\program files (x86)\riot games\league of legends\game\league of legends.exe (Riot Games, Inc. -> ) FirewallRules: [TCP Query User{E5AB3C15-48CB-4FFE-A7C2-D291FBDCBC48}E:\program files (x86)\riot games\league of legends\game\league of legends.exe] => (Allow) E:\program files (x86)\riot games\league of legends\game\league of legends.exe (Riot Games, Inc. -> ) FirewallRules: [{BD5C338E-30F6-417D-B4BB-80A4029648F9}] => (Allow) E:\Program Files (x86)\Ubisoft Game Launcher\games\Tom Clancy’s Rainbow Six Siege\RainbowSix.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft) FirewallRules: [{E1E257AF-73EF-4B99-8132-E2DAB673C9FF}] => (Allow) E:\Program Files (x86)\Ubisoft Game Launcher\games\Tom Clancy’s Rainbow Six Siege\RainbowSix.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft) FirewallRules: [{9C80AF7A-9CB0-4B8A-A0C5-6596E75B8EA6}] => (Allow) E:\Program Files (x86)\Ubisoft Game Launcher\games\Tom Clancy’s Rainbow Six Siege\RainbowSix_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations) FirewallRules: [{15F2F1A9-1B0A-4405-9B02-139281AE0E9C}] => (Allow) E:\Program Files (x86)\Ubisoft Game Launcher\games\Tom Clancy’s Rainbow Six Siege\RainbowSix_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations) FirewallRules: [{A0E79978-1CCE-4BE7-9EB6-BD8D79950A77}] => (Allow) E:\Program Files (x86)\Riot Games\League of Legends\LeagueClient.exe (Riot Games, Inc. -> ) FirewallRules: [{C2A0E8EB-BE32-4494-80EE-FD4639435CAA}] => (Allow) E:\Program Files (x86)\Riot Games\League of Legends\LeagueClient.exe (Riot Games, Inc. -> ) FirewallRules: [{C72F04DA-4459-498A-A458-4EB244763768}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\DarkestDungeon_windows\Darkest.exe () [File not signed] FirewallRules: [{4E4DF467-86C6-4831-BD50-1328273E992D}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\DarkestDungeon_windows\Darkest.exe () [File not signed] FirewallRules: [UDP Query User{AD9E2269-D286-4874-884E-583E9668FB1D}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [TCP Query User{782FB270-DFB4-4852-B25B-8FF2D697A84C}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{E7FD67D8-7D98-4096-A9FD-E9AEB8E9A154}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{99CA785D-1A25-44EA-97B2-550D25050835}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [UDP Query User{FB001B28-E6D1-4164-8ED2-DFA7EF63F745}E:\program files (x86)\minecraft\runtime\jre-x64\bin\javaw.exe] => (Allow) E:\program files (x86)\minecraft\runtime\jre-x64\bin\javaw.exe FirewallRules: [TCP Query User{E601A583-D8EB-435E-B699-815E80E1BE65}E:\program files (x86)\minecraft\runtime\jre-x64\bin\javaw.exe] => (Allow) E:\program files (x86)\minecraft\runtime\jre-x64\bin\javaw.exe FirewallRules: [UDP Query User{9362E649-3FF5-4BB3-9B35-96C25CECDFD3}E:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) E:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe No File FirewallRules: [TCP Query User{A7090399-094C-4D3F-B5BC-ACEBAF63A491}E:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) E:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe No File FirewallRules: [{2E082C2D-0AB1-4E8B-8C9F-DFB15B36E6D3}] => (Allow) LPort=5000 FirewallRules: [{671732D7-137B-4B78-9180-F8A24409B43B}] => (Allow) LPort=59550 FirewallRules: [UDP Query User{B68C43D8-B17E-4030-BD73-D03B44724B06}E:\program files (x86)\origin games\apex\r5apex.exe] => (Allow) E:\program files (x86)\origin games\apex\r5apex.exe (Electronic Arts, Inc. -> Respawn Entertainment) FirewallRules: [TCP Query User{4C1BF303-6C86-4F4A-8E40-A8DE0D0146DD}E:\program files (x86)\origin games\apex\r5apex.exe] => (Allow) E:\program files (x86)\origin games\apex\r5apex.exe (Electronic Arts, Inc. -> Respawn Entertainment) FirewallRules: [{A9A43D02-6D3D-476C-B411-2949731395E0}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\DARK SOULS III\Game\DarkSoulsIII.exe No File FirewallRules: [{9DF1F4A4-5733-4D3F-B08C-7A86157E06BE}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\DARK SOULS III\Game\DarkSoulsIII.exe No File FirewallRules: [{F45F2FFB-F27C-4CEB-A73B-2A2670725FB3}] => (Allow) E:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation) FirewallRules: [{B065B756-A9A5-456E-AECE-142B465DE505}] => (Allow) E:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation) FirewallRules: [UDP Query User{2BBE8D2E-4F6B-4C55-8D02-FF4A59A482D4}E:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) E:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe No File FirewallRules: [TCP Query User{002DB719-541C-4B66-93BC-4DA83EFFDC0C}E:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) E:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe No File FirewallRules: [{4AA1E6C6-B2EC-465A-ACE2-AA89CD460E71}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{4F1103B3-EC82-423E-A9F2-DC103861A756}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{F0E0D1A7-5156-41E7-8306-6582A7B424D7}] => (Allow) C:\Users\Edu\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.) FirewallRules: [{983D6330-EB46-466F-B4B0-E742D2740629}] => (Allow) C:\Users\Edu\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.) FirewallRules: [UDP Query User{3D138106-80AB-4B2E-991B-A3BFC9A1CCF2}C:\users\edu\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\edu\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [TCP Query User{8B468E09-2F1D-418B-8577-15C4CD6F04A3}C:\users\edu\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\edu\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{FF3185A6-7F4B-4CB4-AD6B-DA412E70E389}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Monster Hunter World\MonsterHunterWorld.exe (CAPCOM CO., LTD. -> CAPCOM CO., LTD.) FirewallRules: [{E86B65D9-6A7B-48C7-AA55-107EC09F5074}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Monster Hunter World\MonsterHunterWorld.exe (CAPCOM CO., LTD. -> CAPCOM CO., LTD.) FirewallRules: [{333F0DAA-322D-4F37-8867-8659ED558C67}] => (Allow) E:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation) FirewallRules: [{22AF7317-51EE-4B44-8466-0B802E62BEFD}] => (Allow) E:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation) FirewallRules: [TCP Query User{38F33188-321D-482D-B697-014E24A917C7}E:\program files (x86)\rober space industries\starcitizen\live\bin64\starcitizen.exe] => (Allow) E:\program files (x86)\rober space industries\starcitizen\live\bin64\starcitizen.exe (Cloud Imperium Games Corp.) [File not signed] FirewallRules: [UDP Query User{557754B3-0A21-4BCF-826B-814D8C85FCD9}E:\program files (x86)\rober space industries\starcitizen\live\bin64\starcitizen.exe] => (Allow) E:\program files (x86)\rober space industries\starcitizen\live\bin64\starcitizen.exe (Cloud Imperium Games Corp.) [File not signed] FirewallRules: [{857E8927-A29A-4271-9676-1A75D80F4A06}] => (Allow) E:\Program Files (x86)\Origin Games\Apex\EasyAntiCheat_launcher.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd) FirewallRules: [{B2899F87-C636-4270-A7FE-477D905721AE}] => (Allow) E:\Program Files (x86)\Origin Games\Apex\EasyAntiCheat_launcher.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd) FirewallRules: [TCP Query User{21E62864-117D-4ACE-8E19-F65D56B3A6DE}E:\games\divinity original sin 2 definitive edition\defed\bin\eocapp.exe] => (Allow) E:\games\divinity original sin 2 definitive edition\defed\bin\eocapp.exe (Larian Studios -> ) FirewallRules: [UDP Query User{5D07534B-388D-47F7-91DA-779F72B31763}E:\games\divinity original sin 2 definitive edition\defed\bin\eocapp.exe] => (Allow) E:\games\divinity original sin 2 definitive edition\defed\bin\eocapp.exe (Larian Studios -> ) FirewallRules: [{61C9A050-2F0F-4A02-9794-2D4B38E9ABD3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{F7F33A68-5A2A-42E4-B489-6A420FEED50D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{AB788934-F45F-4731-B8D3-38AAF0BEED22}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{B4571994-401F-4F69-90E4-4992EB18D8A5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{FE3E91D0-6308-4442-A426-35AFED950AE6}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) FirewallRules: [{D3325134-6F40-48A9-9AE0-47B6BE887031}] => (Allow) LPort=26820 FirewallRules: [{334FB5C1-A77D-4B0E-8B84-68B3AF2C3136}] => (Allow) LPort=26822 FirewallRules: [TCP Query User{0E1220C2-8D7C-46D5-BA8D-359542DED0D4}E:\games\star wars jedi fallen order\swgame\binaries\win64\starwarsjedifallenorder.exe] => (Allow) E:\games\star wars jedi fallen order\swgame\binaries\win64\starwarsjedifallenorder.exe (Respawn Entertainment) [File not signed] FirewallRules: [UDP Query User{01F40FA1-CE24-44C4-986F-5DC2BE1C8B05}E:\games\star wars jedi fallen order\swgame\binaries\win64\starwarsjedifallenorder.exe] => (Allow) E:\games\star wars jedi fallen order\swgame\binaries\win64\starwarsjedifallenorder.exe (Respawn Entertainment) [File not signed] FirewallRules: [TCP Query User{AF194CB1-627D-429C-8C92-1CAF712071A0}C:\users\edu\appdata\local\blitz\app-1.4.8\blitz.exe] => (Allow) C:\users\edu\appdata\local\blitz\app-1.4.8\blitz.exe No File FirewallRules: [UDP Query User{4F7CC329-4B80-4FE8-A537-2D23C6A948B8}C:\users\edu\appdata\local\blitz\app-1.4.8\blitz.exe] => (Allow) C:\users\edu\appdata\local\blitz\app-1.4.8\blitz.exe No File FirewallRules: [TCP Query User{C33245A7-015B-484D-A21A-AA49956E8488}C:\program files\lghub\lghub_agent.exe] => (Allow) C:\program files\lghub\lghub_agent.exe (Logitech Inc -> Logitech, Inc.) FirewallRules: [UDP Query User{029FFF90-E0F6-4BD8-A01B-D8DD47C091B2}C:\program files\lghub\lghub_agent.exe] => (Allow) C:\program files\lghub\lghub_agent.exe (Logitech Inc -> Logitech, Inc.)

==================== Restore Points =========================

22-11-2019 15:35:36 Punto de control programado 30-11-2019 04:06:33 Punto de control programado

==================== Faulty Device Manager Devices ============

==================== Event log errors: ========================

Application errors:

Error: (12/09/2019 04:09:41 PM) (Source: ESENT) (EventID: 455) (User: ) Description: svchost (19944,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) al abrir un archivo de registro C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (12/09/2019 03:50:18 PM) (Source: ESENT) (EventID: 455) (User: ) Description: svchost (16608,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) al abrir un archivo de registro C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (12/09/2019 03:39:07 PM) (Source: ESENT) (EventID: 455) (User: ) Description: svchost (16772,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) al abrir un archivo de registro C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (12/09/2019 02:52:15 PM) (Source: ESENT) (EventID: 455) (User: ) Description: svchost (17452,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) al abrir un archivo de registro C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (12/09/2019 02:13:56 PM) (Source: ESENT) (EventID: 455) (User: ) Description: svchost (11228,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) al abrir un archivo de registro C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (12/09/2019 01:50:10 PM) (Source: ESENT) (EventID: 455) (User: ) Description: svchost (2104,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) al abrir un archivo de registro C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (12/09/2019 01:35:34 PM) (Source: ESENT) (EventID: 455) (User: ) Description: svchost (24684,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) al abrir un archivo de registro C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (12/09/2019 01:20:23 PM) (Source: ESENT) (EventID: 455) (User: ) Description: svchost (6592,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) al abrir un archivo de registro C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

System errors:

Error: (12/08/2019 12:22:58 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: El servicio NVIDIA LocalSystem Container terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 6000 milisegundos: Reiniciar el servicio.

Error: (12/08/2019 12:22:58 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: El servicio NVIDIA LocalSystem Container se cerró con el siguiente error: Un ejecutable de comandos genéricos devolvió un resultado que indica un error.

Error: (12/04/2019 09:07:07 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: El servicio Mozilla Maintenance Service se cerró con el siguiente error: Función incorrecta.

Error: (12/02/2019 12:24:31 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: El servicio Steam Client Service no pudo iniciarse debido al siguiente error: El servicio no respondió a tiempo a la solicitud de inicio o de control.

Error: (12/02/2019 12:24:31 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Se agotó el tiempo de espera (30000 ms) para la conexión con el servicio Steam Client Service.

Error: (12/02/2019 02:25:19 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY) Description: El servidor {49EBD8BE-1A92-4A86-A651-70AC565E0FEB} no se registró con DCOM dentro del tiempo de espera requerido.

Error: (12/02/2019 02:25:19 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY) Description: El servidor {49EBD8BE-1A92-4A86-A651-70AC565E0FEB} no se registró con DCOM dentro del tiempo de espera requerido.

Error: (12/02/2019 02:25:16 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-T54B0C5) Description: El servidor {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} no se registró con DCOM dentro del tiempo de espera requerido.

Windows Defender:

Date: 2019-09-27 00:25:58.256 Description: Antivirus de Windows Defender detectó malware u otro software potencialmente no deseado. Para más información, consulta lo siguiente: https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:MSIL/AutoKMS&threatid=2147711767&enterprise=0 Nombre: HackTool:MSIL/AutoKMS Id.: 2147711767 Gravedad: Alta Categoría: Herramienta Ruta de acceso: file:_C:\Program Files\KMSpico\Service_KMS.exe Origen de detección: Equipo local Tipo de detección: Concreto Origen de detección: Protección en tiempo real Usuario: NT AUTHORITY\SYSTEM Nombre de proceso: C:\Program Files\AVAST Software\Avast\aswidsagent.exe Versión de inteligencia de seguridad: AV: 1.303.217.0, AS: 1.303.217.0, NIS: 1.303.217.0 Versión de motor: AM: 1.1.16400.2, NIS: 1.1.16400.2

Date: 2019-09-27 00:25:52.711 Description: Antivirus de Windows Defender detectó malware u otro software potencialmente no deseado. Para más información, consulta lo siguiente: https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win64/AutoKMS&threatid=2147723334&enterprise=0 Nombre: HackTool:Win64/AutoKMS Id.: 2147723334 Gravedad: Alta Categoría: Herramienta Ruta de acceso: file:_C:\Windows\SECOH-QAD.exe Origen de detección: Equipo local Tipo de detección: Concreto Origen de detección: Protección en tiempo real Usuario: NT AUTHORITY\Servicio de red Nombre de proceso: C:\Windows\System32\svchost.exe Versión de inteligencia de seguridad: AV: 1.303.217.0, AS: 1.303.217.0, NIS: 1.303.217.0 Versión de motor: AM: 1.1.16400.2, NIS: 1.1.16400.2

Date: 2019-09-27 00:25:11.863 Description: Antivirus de Windows Defender detectó malware u otro software potencialmente no deseado. Para más información, consulta lo siguiente: https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:MSIL/AutoKMS&threatid=2147711767&enterprise=0 Nombre: HackTool:MSIL/AutoKMS Id.: 2147711767 Gravedad: Alta Categoría: Herramienta Ruta de acceso: file:_C:\Program Files\KMSpico\AutoPico.exe; file:_C:\Program Files\KMSpico\Service_KMS.exe; process:_pid:3148,ProcessStart:132139998643492426; service:_Service KMSELDI Origen de detección: Equipo local Tipo de detección: Concreto Origen de detección: Sistema Usuario: NT AUTHORITY\SYSTEM Nombre de proceso: C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.18362.350_none_5f2790f858f0e2a7\TiWorker.exe Versión de inteligencia de seguridad: AV: 1.303.217.0, AS: 1.303.217.0, NIS: 1.303.217.0 Versión de motor: AM: 1.1.16400.2, NIS: 1.1.16400.2

Date: 2019-09-26 23:59:01.337 Description: Antivirus de Windows Defender detectó malware u otro software potencialmente no deseado. Para más información, consulta lo siguiente: https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:MSIL/AutoKMS&threatid=2147711767&enterprise=0 Nombre: HackTool:MSIL/AutoKMS Id.: 2147711767 Gravedad: Alta Categoría: Herramienta Ruta de acceso: file:_C:\Program Files\KMSpico\AutoPico.exe; file:_C:\Program Files\KMSpico\Service_KMS.exe; process:_pid:3148,ProcessStart:132139998643492426; service:_Service KMSELDI Origen de detección: Equipo local Tipo de detección: Concreto Origen de detección: Sistema Usuario: NT AUTHORITY\SYSTEM Nombre de proceso: C:\Windows\System32\svchost.exe Versión de inteligencia de seguridad: AV: 1.303.217.0, AS: 1.303.217.0, NIS: 1.303.217.0 Versión de motor: AM: 1.1.16400.2, NIS: 1.1.16400.2

Date: 2019-09-26 23:40:32.252 Description: Antivirus de Windows Defender detectó malware u otro software potencialmente no deseado. Para más información, consulta lo siguiente: https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:MSIL/AutoKMS&threatid=2147711767&enterprise=0 Nombre: HackTool:MSIL/AutoKMS Id.: 2147711767 Gravedad: Alta Categoría: Herramienta Ruta de acceso: file:_C:\Program Files\KMSpico\Service_KMS.exe; process:_pid:3148,ProcessStart:132139998643492426; service:_Service KMSELDI Origen de detección: Equipo local Tipo de detección: Concreto Origen de detección: Sistema Usuario: NT AUTHORITY\SYSTEM Nombre de proceso: C:\Program Files\KMSpico\Service_KMS.exe Versión de inteligencia de seguridad: AV: 1.303.217.0, AS: 1.303.217.0, NIS: 1.303.217.0 Versión de motor: AM: 1.1.16400.2, NIS: 1.1.16400.2

Date: 2019-09-26 23:40:31.902 Description: Antivirus de Windows Defender encontró un error crítico al realizar una acción en malware u otro software potencialmente no deseado. Para más información, consulta lo siguiente: https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win64/AutoKMS&threatid=2147723334&enterprise=0 Nombre: HackTool:Win64/AutoKMS Id.: 2147723334 Gravedad: Alta Categoría: Herramienta Ruta de acceso: file:_C:\Windows\SECOH-QAD.dll; file:_C:\Windows\SECOH-QAD.exe Origen de detección: Equipo local Tipo de detección: Concreto Origen de detección: Sistema Usuario: NT AUTHORITY\SYSTEM Nombre de proceso: Unknown Acción: Cuarentena Estado de acción: No additional actions required Código de error: 0x80070490 Descripción del error: No se ha encontrado el elemento. Versión de inteligencia de seguridad: AV: 1.303.217.0, AS: 1.303.217.0, NIS: 1.303.217.0 Versión del motor: AM: 1.1.16400.2, NIS: 1.1.16400.2

Date: 2019-09-26 23:40:31.889 Description: Antivirus de Windows Defender encontró un error crítico al realizar una acción en malware u otro software potencialmente no deseado. Para más información, consulta lo siguiente: https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:MSIL/AutoKMS&threatid=2147711767&enterprise=0 Nombre: HackTool:MSIL/AutoKMS Id.: 2147711767 Gravedad: Alta Categoría: Herramienta Ruta de acceso: file:_C:\Program Files\KMSpico\Service_KMS.exe; process:_pid:3148,ProcessStart:132139998643492426; service:_Service KMSELDI Origen de detección: Equipo local Tipo de detección: Concreto Origen de detección: Sistema Usuario: NT AUTHORITY\SYSTEM Nombre de proceso: C:\Program Files\KMSpico\Service_KMS.exe Acción: Cuarentena Estado de acción: No additional actions required Código de error: 0x80070490 Descripción del error: No se ha encontrado el elemento. Versión de inteligencia de seguridad: AV: 1.303.217.0, AS: 1.303.217.0, NIS: 1.303.217.0 Versión del motor: AM: 1.1.16400.2, NIS: 1.1.16400.2

Date: 2019-09-26 21:41:28.517 Description: Antivirus de Windows Defender encontró un error crítico al realizar una acción en malware u otro software potencialmente no deseado. Para más información, consulta lo siguiente: https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win64/AutoKMS&threatid=2147723334&enterprise=0 Nombre: HackTool:Win64/AutoKMS Id.: 2147723334 Gravedad: Alta Categoría: Herramienta Ruta de acceso: file:_C:\Windows\SECOH-QAD.dll; file:_C:\Windows\SECOH-QAD.exe Origen de detección: Equipo local Tipo de detección: Concreto Origen de detección: Protección en tiempo real Usuario: NT AUTHORITY\SYSTEM Nombre de proceso: C:\Windows\System32\svchost.exe Acción: Cuarentena Estado de acción: No additional actions required Código de error: 0x80070490 Descripción del error: No se ha encontrado el elemento. Versión de inteligencia de seguridad: AV: 1.283.1381.0, AS: 1.283.1381.0, NIS: 1.283.1381.0 Versión del motor: AM: 1.1.15500.2, NIS: 1.1.15500.2

Date: 2019-09-26 21:35:59.078 Description: Antivirus de Windows Defender encontró un error crítico al realizar una acción en malware u otro software potencialmente no deseado. Para más información, consulta lo siguiente: https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:MSIL/AutoKMS&threatid=2147711767&enterprise=0 Nombre: HackTool:MSIL/AutoKMS Id.: 2147711767 Gravedad: Alta Categoría: Herramienta Ruta de acceso: file:_C:\Program Files\KMSpico\Service_KMS.exe; process:_pid:3148,ProcessStart:132139998643492426; service:_Service KMSELDI Origen de detección: Equipo local Tipo de detección: Concreto Origen de detección: Sistema Usuario: NT AUTHORITY\SYSTEM Nombre de proceso: C:\Program Files\KMSpico\Service_KMS.exe Acción: Cuarentena Estado de acción: No additional actions required Código de error: 0x80070490 Descripción del error: No se ha encontrado el elemento. Versión de inteligencia de seguridad: AV: 1.283.1381.0, AS: 1.283.1381.0, NIS: 1.283.1381.0 Versión del motor: AM: 1.1.15500.2, NIS: 1.1.15500.2

CodeIntegrity:

Date: 2019-12-09 16:11:10.591 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.

Date: 2019-12-09 11:48:02.388 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.

Date: 2019-12-09 11:48:02.385 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.

Date: 2019-12-09 11:48:02.380 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.

Date: 2019-12-09 11:48:02.376 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.

Date: 2019-12-09 11:48:02.367 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.

Date: 2019-12-08 19:48:54.210 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.

Date: 2019-12-08 19:48:54.207 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.

==================== Memory info ===========================

BIOS: American Megatrends Inc. 1.40 06/26/2018 Motherboard: Micro-Star International Co., Ltd. X470 GAMING PRO (MS-7B79) Processor: AMD Ryzen 7 2700X Eight-Core Processor Percentage of memory in use: 44% Total physical RAM: 16333.54 MB Available physical RAM: 9124.36 MB Total Virtual: 21269.82 MB Available Virtual: 9696.29 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:232.29 GB) (Free:38.34 GB) NTFS Drive d: (Star Wars Jedi Fallen Order) (CDROM) (Total:54.16 GB) (Free:0 GB) UDF Drive e: (DATOS) (Fixed) (Total:1863 GB) (Free:1157.77 GB) NTFS

\?\Volume{680c2fd4-fc75-4eac-b5cb-2fd2ed76fa92}\ (Recuperación) (Fixed) (Total:0.49 GB) (Free:0.05 GB) NTFS \?\Volume{e6c6bb88-b36c-4e94-8cdc-ce770fff32dd}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

========================================================== Disk: 0 (Protective MBR) (Size: 232.9 GB) (Disk ID: 00000000)

Partition: GPT.

========================================================== Disk: 1 (Protective MBR) (Size: 1863 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt ======================= [/CODE]

Aquí estan ambos archivos en 4 mensajes. He de pedir perdon por la demora, pero he tenido unas semanas duras en temas de salud, hospitales, y educativo, por tanto no he podido siquiera conectarme en unas semanas. Muchas gracias de antemano, un saludo.