Problema con malware o virus que no puedo borrar en mi notebook

Eliminar Malwares
1

Buenas tardes!!

Sucede lo siguiente hace un rato tengo probelmas para abrir firefox o se me pega en algunas ocaciones y me parece imposible esos suceso porque tengo un compu con disco ssd m2 de 256 gb más un hdd de 1tb, 8 gb de ram y un i7 de septima generacion ademas de un nvidia 1050 2gb, entonces para la solucion he pasado como tres veces el malwarebyte y adwarecleaner, me tiran el mismo resultado, quisiera saber que otro software seria mas efectivo? dejare los informes.

# -------------------------------
# Malwarebytes AdwCleaner 8.0.4.0
# -------------------------------
# Build:    04-03-2020
# Database: 2020-04-08.2 (Cloud)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start:    04-30-2020
# Duration: 00:00:01
# OS:       Windows 10 Home Single Language
# Cleaned:  1
# Failed:   0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted       HKLM\System\CurrentControlSet\Services\EventLog\Application\server

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner_Debug.log - [14910 octets] - [23/09/2019 01:28:53]
AdwCleaner[S00].txt - [2066 octets] - [23/09/2019 01:30:10]
AdwCleaner[S01].txt - [2795 octets] - [30/04/2020 13:09:49]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C01].txt ##########
Malwarebytes
www.malwarebytes.com

-Detalles del registro-
Fecha del análisis: 28/4/20
Hora del análisis: 22:35
Archivo de registro: 27eead5e-89c2-11ea-b208-c85b76eca271.json

-Información del software-
Versión: 3.8.3.2965
Versión de los componentes: 1.0.613
Versión del paquete de actualización: 1.0.15936
Licencia: Prueba

-Información del sistema-
SO: Windows 10 (Build 18362.778)
CPU: x64
Sistema de archivos: NTFS
Usuario: DESKTOP-4C37THT\Thanuz

-Resumen del análisis-
Tipo de análisis: Análisis personalizado
Análisis iniciado por:: Manual
Resultado: Completado
Objetos analizados: 966771
Amenazas detectadas: 3
Amenazas en cuarentena: 0
Tiempo transcurrido: 5 hr, 45 min, 12 seg

-Opciones de análisis-
Memoria: Activado
Inicio: Activado
Sistema de archivos: Activado
Archivo: Activado
Rootkits: Activado
Heurística: Activado
PUP: Detectar
PUM: Detectar

-Detalles del análisis-
Proceso: 0
(No hay elementos maliciosos detectados)

Módulo: 0
(No hay elementos maliciosos detectados)

Clave del registro: 0
(No hay elementos maliciosos detectados)

Valor del registro: 0
(No hay elementos maliciosos detectados)

Datos del registro: 0
(No hay elementos maliciosos detectados)

Secuencia de datos: 0
(No hay elementos maliciosos detectados)

Carpeta: 0
(No hay elementos maliciosos detectados)

Archivo: 3
MachineLearning/Anomalous.97%, D:\DISCO 1\USERS\THANUZ\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\6FDDZUMW.DEFAULT-RELEASE\CACHE2\ENTRIES\ADAE9D56F3F7B9EDEEE1AFFD5E94AA176DC7BA6E, Sin acciones por parte del usuario, 0, 392687, 1.0.15936, , unknown, 
PUP.Optional.BabylonToolBar, D:\THANUZ\SOPORTE TECNICO\RESPALDO\LENOVO LAS ROCAS\MIS DOCUMENTOS\UNLOCKER1.9.1.EXE, Sin acciones por parte del usuario, 2860, 76262, 1.0.15936, , unknown, 
Generic.Malware/Suspicious, D:\THANUZ\SOPORTE TECNICO\RESPALDO\LENOVO LAS ROCAS\MIS DOCUMENTOS\UNLOCKER1.9.1.EXE, Sin acciones por parte del usuario, 0, 392686, 1.0.15936, , unknown, 

Sector físico: 0
(No hay elementos maliciosos detectados)

WMI: 0
(No hay elementos maliciosos detectados)


(end)
2

Hola @Thanuz, bienvenido al nuevo Foro!

Viendo los reportes, veo que MalwareBytes no esta actualizado a su ultima versión, actualmente tienes la 3.8.3, y versión mas reciente y actual es la 4. Desinstala tu versión actual, y bájate la mas reciente desde nuestro manual de Malwarebytes.

Otra cosa, los reportes indican “Sin acciones por parte del usuario” sobre las amenazas detectadas… ¿Has enviado a la cuarentena lo detectado? Si no las has enviado, realiza un escaneo nuevamente con la versión 4 de Malwarebytes, envías todo a cuarentena lo detectado, reinicias el equipo(aunque no te lo pida), abres el programa nuevamente, y nos pasas el reporte.

3

Lo que sucede que malwarebyte lo actualice, entonces solo me analiza el disco sdd m2 principal disco “C:”, pero el hdd 1tb disco “D:” no me lo toma, pero la version anterior la 3.8.3 si me dejaba y quedo el informe ahi, ahora porque no hay “acciones del usuario” porque el malwarebyte se congelaba y me quede esperando como 3 hrs y nada, tuve que reiniciar más de una vez analizar por 3 hrs otra vez los disco presionaba el boton enviar a cuarentena y otra vez se congelaba, entonces como mencione al actualizar no me revizo el disco de 1 tb, ademas analice con adware cleaner mas de una vez reiniciando el compu y analizando otra vez con el mismo adwarecleaner y me daba el mismo resultado.

si em entendieron mi explicacion, quiero decir que malwarebyte ni adware cleaner me estan solucionando mi problema y deje los informes por si me podrian ayudar con otro software que me pueda analizar el computador y ayudar o que me genere un informe que pueda ser más legible para ustedes.

Gracias, saludos.

4

Hola @Thanuz.

Esos problemas que indicas que tienes has verificado SI te ocurren igualmente teniendo desconectado el disco de 1Tb…??

El “ssd m2 de 256 gb” de que marca y/o fabricante es y desde cuanto hace que lo tienes instalado…??

Saludos.

5

si quite el disco duro de 1 tb y funciona normal tambien lo probe sin el disco sdd m2 y todo normal, el ssd es wastern digital nvme 250 gb.

Saludos.

6

Hola.

Prueba a realizar los análisis con Malwarebytes y al terminar usa también AdwCleaner pero haces las verificaciones desde el modo seguro de windows :

Para acceder usa el 2º MÉTODO: de esta Faq de Windows 8(aplicable a Windows 10) :arrow_forward: ¿Cómo iniciar Windows 8/8.1 en Modo Seguro?, para trabajar desde ese modo de windows.

Al terminar los análisis nos pones los informes para verificar los resultados.

Saludos.

7

Hice el analisis con malwarebyte y adwarecleaner en modo seguro como lo reccomendo, me dio el mismo reporte de siempre, espero que me puedan ayudar, dejo los reporte aqui.

saludos.

    Malwarebytes
www.malwarebytes.com

-Detalles del registro-
Fecha del análisis: 30/4/20
Hora del análisis: 16:39
Archivo de registro: b044dff1-8b22-11ea-b6d5-000000000000.json

-Información del software-
Versión: 4.1.0.56
Versión de los componentes: 1.0.889
Versión del paquete de actualización: 1.0.23226
Licencia: Prueba

-Información del sistema-
SO: Windows 10 (Build 18362.778)
CPU: x64
Sistema de archivos: NTFS
Usuario: DESKTOP-4C37THT\Thanuz

-Resumen del análisis-
Tipo de análisis: Análisis personalizado
Análisis iniciado por:: Manual
Resultado: Completado
Objetos analizados: 962676
Amenazas detectadas: 2
Amenazas en cuarentena: 2
Tiempo transcurrido: 5 hr, 1 min, 41 seg

-Opciones de análisis-
Memoria: Activado
Inicio: Activado
Sistema de archivos: Activado
Archivo: Activado
Rootkits: Activado
Heurística: Activado
PUP: Detectar
PUM: Detectar

-Detalles del análisis-
Proceso: 0
(No hay elementos maliciosos detectados)

Módulo: 0
(No hay elementos maliciosos detectados)

Clave del registro: 0
(No hay elementos maliciosos detectados)

Valor del registro: 0
(No hay elementos maliciosos detectados)

Datos del registro: 0
(No hay elementos maliciosos detectados)

Secuencia de datos: 0
(No hay elementos maliciosos detectados)

Carpeta: 0
(No hay elementos maliciosos detectados)

Archivo: 2
Generic.Malware/Suspicious, D:\THANUZ\SOPORTE TECNICO\RESPALDO\LENOVO LAS ROCAS\MIS DOCUMENTOS\UNLOCKER1.9.1.EXE, En cuarentena, 0, 392686, 1.0.23226, , shuriken, 
PUP.Optional.BabylonToolBar, D:\THANUZ\SOPORTE TECNICO\RESPALDO\LENOVO LAS ROCAS\MIS DOCUMENTOS\UNLOCKER1.9.1.EXE, En cuarentena, 2863, 76262, 1.0.23226, , ame, 

Sector físico: 0
(No hay elementos maliciosos detectados)

WMI: 0
(No hay elementos maliciosos detectados)


(end)
    # -------------------------------
# Malwarebytes AdwCleaner 8.0.4.0
# -------------------------------
# Build:    04-03-2020
# Database: 2020-04-08.2 (Cloud)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start:    04-30-2020
# Duration: 00:00:01
# OS:       Windows 10 Home Single Language
# Cleaned:  1
# Failed:   0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted       HKLM\System\CurrentControlSet\Services\EventLog\Application\server

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner_Debug.log - [14910 octets] - [23/09/2019 01:28:53]
AdwCleaner[S00].txt - [2066 octets] - [23/09/2019 01:30:10]
AdwCleaner[S01].txt - [2795 octets] - [30/04/2020 13:09:49]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C01].txt ##########
8

Hola.

Bien… y despues de haber enviado esas infecciones a cuarentena desde el modo seguro… SI repites el análisis te encuentra algo…??

9

Sii vuelven a aprecer de nuevo las mismo reportes no se eliminan por completo =(

10

Realiza estos pasos :

:one: Desactiva temporalmente el Antivirus :arrow_forward: Cómo deshabilitar temporalmente su Antivirus, mientras estemos realizando TODOS los pasos.

Descargar en TU ESCRITORIO(y NO en otro lugar :face_with_monocle:)

:two: Farbar Recovery Scan Tool.-

  • Ejecuta FRST.exe.

  • En el mensaje de la ventana del Disclaimer o Responsabilidad, pulsamos Yes/Si

  • En la ventana principal pulsamos en el botón Analizar/Scan y esperamos a que concluya el proceso.

  • Se abrirán dos(2) archivos(Logs), Frst.txt y Addition.txt, estos quedaran grabados en el escritorio.

:three: Poner los dos informes en tu próxima respuesta.

Debes copiarlos y pegarlos con todo su contenido y usaras varios mensajes si recibes un mensaje de error indicando que es muy largo(mas de 50.000 caracteres aprox.).

Saludos.

12

Dejare unos link de google drive porque los reporte que genero el software en caracteres que soporta aqui el foro que son como 6500 algo asi los superoa entonces guarde los dos reportes en google drive y se los compartire aqui

Link FRST.txt: https://drive.google.com/open?id=1-BYHpHqBoJKMhBzPSOn24UDB0pkTJ5bX

Link Adittion.txt: https://drive.google.com/open?id=1tYJUcge6NVu-jMaweFjkHjDen6Xie-w-

Muchas gracias saludos.

13

Hola.

Por favor, los informes se deben poner en el tema, si te pasas de los caracteres(65.000) lo que debes hacer es dividir ese informe en varias respuestas(el mínimo posible) y podrás hacerlo perfectamente.

Saludos.

16

FRST.txt

Parte 1

Resultado del análisis realizado por Farbar Recovery Scan Tool (FRST) (x64) Versión: 03-05-2020
Ejecutado por Thanuz (administrador) sobre DESKTOP-4C37THT (LENOVO 80WK) (03-05-2020 17:46:58)
Ejecutado desde C:\Users\Thanuz\Escritorio
Perfiles cargados: Thanuz (Perfiles disponibles: Thanuz)
Platform: Windows 10 Home Single Language Versión 1903 18362.778 (X64) Idioma: Español (España, internacional)
Navegador predeterminado: FF
Modo de Inicio: Normal
Tutorial para Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Procesos (Lista blanca) =================

(Si una entrada es incluida en el fixlist, el proceso será cerrado. El archivo no será movido.)

() [Archivo no firmado] D:\Programas\Veyon\veyon-server.exe
() [Archivo no firmado] D:\Programas\Veyon\veyon-service.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDIntelligent.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Hewlett-Packard Company -> HP) C:\Windows\System32\HPSIsvc.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel(R) Online Connect -> Intel Corporation) C:\Program Files\Intel\Intel(R) Online Connect\ioc.exe
(Intel(R) Online Connect Access -> Intel(R) Corporation) C:\Program Files\Intel\Intel(R) Online Connect Access\IntelTechnologyAccessService.exe
(Intel(R) Online Connect Access -> Intel(R) Corporation) C:\Program Files\Intel\Intel(R) Online Connect Access\LegacyCsLoaderService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_f3a64c75ee4defb7\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_f3a64c75ee4defb7\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_38bfcb542ef4272e\IntelCpHDCPSvc.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_38bfcb542ef4272e\IntelCpHeciSvc.exe
(Lenovo -> ) C:\Program Files (x86)\Lenovo\System Update\SUService.exe
(LENOVO -> ) C:\Program Files\Lenovo\LenovoUtility\utility.exe
(LENOVO -> Lenovo(beijing) Limited) C:\Program Files\Lenovo\Nerve Center\bin\x64\HotkeyMonitor.exe
(LENOVO -> Lenovo(beijing) Limited) C:\Program Files\Lenovo\Nerve Center\bin\x64\LenovoNerveCenterTray.exe
(LENOVO -> Lenovo(beijing) Limited) C:\Program Files\Lenovo\Nerve Center\bin\x64\LenovoNerveCenterUpdateAgent.exe
(LENOVO -> Lenovo(beijing) Limited) C:\Program Files\Lenovo\Nerve Center\bin\x64\PluginLoaderSvc.exe
(LENOVO -> Lenovo(beijing) Limited) C:\Program Files\Lenovo\Nerve Center\bin\x86\GameRecorderSVC.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SecurityHealthHost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\usocoreworker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUI.exe
(Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2004.6-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2004.6-0\NisSrv.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(Parsec Cloud, Inc. -> Parsec) C:\Program Files\Parsec\pservice.exe
(SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Projector\Epson USB Display V1.7\EMP_UDSA.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Tim Kosse -> FileZilla Project) C:\Program Files (x86)\FileZilla Server\FileZilla Server.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <7>
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\steam.exe

==================== Registro (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.)

HKLM\...\Run: [NerveCenterTray] => C:\Program Files\Lenovo\Nerve Center\bin\x64\LenovoNerveCenterTray.exe [245088 2017-04-28] (LENOVO -> Lenovo(beijing) Limited)
HKLM\...\Run: [LenovoUtility] => C:\Program Files\Lenovo\LenovoUtility\utility.exe [791848 2019-06-10] (LENOVO -> )
HKLM-x32\...\Run: [EPSON_UD_START] => C:\Program Files (x86)\EPSON Projector\Epson USB Display V1.7\EMP_UD.exe [538728 2014-04-23] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [kpm_tray.exe] => "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 9.0.2\kpm_tray.exe"
HKLM-x32\...\Run: [FileZilla Server Interface] => C:\Program Files (x86)\FileZilla Server\FileZilla Server Interface.exe [2770088 2017-02-08] (Tim Kosse -> FileZilla Project)
HKU\S-1-5-21-197814337-2409111935-2844641891-1001\...\Run: [uTorrent] => C:\Users\Thanuz\AppData\Roaming\uTorrent\uTorrent.exe [2072816 2020-04-12] (BitTorrent Inc -> BitTorrent Inc.)
HKU\S-1-5-21-197814337-2409111935-2844641891-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3372832 2020-04-27] (Valve -> Valve Corporation)
HKU\S-1-5-21-197814337-2409111935-2844641891-1001\...\Run: [Discord] => C:\Users\Thanuz\AppData\Local\Discord\app-0.0.306\Discord.exe [90950968 2020-02-24] (Discord Inc. -> Discord Inc.)
HKU\S-1-5-21-197814337-2409111935-2844641891-1001\...\Run: [Spotify] => C:\Users\Thanuz\AppData\Roaming\Spotify\Spotify.exe [22899944 2020-04-30] (Spotify AB -> Spotify Ltd)
HKU\S-1-5-21-197814337-2409111935-2844641891-1001\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [91585088 2020-03-31] (Skype Software Sarl -> Skype Technologies S.A.)
HKU\S-1-5-21-197814337-2409111935-2844641891-1001\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [31756176 2020-04-29] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-197814337-2409111935-2844641891-1001\...\Run: [Parsec.App.0] => C:\Program Files\Parsec\parsecd.exe [396360 2020-02-18] (Parsec Cloud, Inc. -> Parsec)
HKU\S-1-5-21-197814337-2409111935-2844641891-1001\...\RunOnce: [Application Restart #2] => C:\Program Files\Lenovo\Nerve Center\bin\x64\LenovoNerveCenter.exe [2777952 2017-04-28] (LENOVO -> Lenovo(beijing) Limited)
HKU\S-1-5-21-197814337-2409111935-2844641891-1001\...\MountPoints2: {cf9eb5c6-aef1-11e9-a348-c85b76eca271} - "F:\EMP_UDSe.exe" /autorun
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Universal Media Server.lnk [2019-12-25]
ShortcutTarget: Universal Media Server.lnk -> D:\Programas\Universal Media Server\UMS.exe (Universal Media Server) [Archivo no firmado]
GroupPolicy: Restricción ? <==== ATENCIÓN
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restricción <==== ATENCIÓN

==================== Tareas programadas (Lista blanca) ============

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

Task: {04A0228F-9E4E-444E-9F8B-6AC893A40B01} - System32\Tasks\Lenovo\Lenovo Service Bridge\S-1-5-21-197814337-2409111935-2844641891-1001 => C:\Users\Thanuz\AppData\Local\Programs\Lenovo\Lenovo Service Bridge\LSBUpdater.exe [86824 2019-12-18] (Lenovo (Beijing) Limited -> Lenovo Group Limited)
Task: {0BEA983D-5E4E-4936-9E13-E7A3F11609A7} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3293168 2020-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {0EE52501-A210-4518-9327-94388BBF7A6F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1908.7-0\MpCmdRun.exe [467880 2019-09-18] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {29297455-22E2-42E9-8D26-2CF53DA0B951} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1908.7-0\MpCmdRun.exe [467880 2019-09-18] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {2EDDFC7B-55F1-40C7-B60E-4DE72C61BCA3} - System32\Tasks\IntelIOC-Upgrade-f1c8187b-2653-47cd-a9be-b554b98f68a7 => C:\Program Files (x86)\Intel\Intel(R) Online Connect Access\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [18152 2016-10-14] (Intel(R) Software Asset Manager -> Intel Corporation)
Task: {372D929F-6BC5-4D1A-8DCC-248BFD179F5D} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1126888 2020-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {3A63732E-B2BD-4E96-A48E-C7C9DAA62291} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
Task: {4C7F7E02-9F5C-4E3C-A4E5-637E25C37B8C} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1126888 2020-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {51DD0709-BB33-4622-96ED-F210A7C232D4} - System32\Tasks\IntelIOC-Upgrade-f1c8187b-2653-47cd-a9be-b554b98f68a7-Logon => C:\Program Files (x86)\Intel\Intel(R) Online Connect Access\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [18152 2016-10-14] (Intel(R) Software Asset Manager -> Intel Corporation)
Task: {555029EB-0AC4-4346-A698-F4B3AF668D87} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_363_Plugin.exe [1458232 2020-04-14] (Adobe Inc. -> Adobe)
Task: {55DB5912-7251-4819-A0CE-09A4D871C413} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1126888 2020-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {5B39E931-4551-4E27-98FB-05FEE8B94310} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [1758984 2020-03-09] (Lenovo -> )
Task: {6D163C7B-6301-40B3-A314-7AFE0F9B8EDE} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1908.7-0\MpCmdRun.exe [467880 2019-09-18] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {75DB5EA3-1DD3-4ACD-93A7-D25551978601} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1908.7-0\MpCmdRun.exe [467880 2019-09-18] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {83666856-779E-462B-8E52-8A810BAF7BFE} - System32\Tasks\NerveCenterUpdate => C:\Program Files\Lenovo\Nerve Center\bin\x64\LenovoNerveCenterUpdateAgent.exe [744800 2017-04-28] (LENOVO -> Lenovo(beijing) Limited)
Task: {89A031B9-B9BD-489F-AFEC-1E3A30B3EC52} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [850928 2020-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {8E6AE754-69B6-49E4-88AE-20FB092F2F50} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {8FAF5DA3-6D4B-4758-B024-40F32F27F9CE} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [543536 2016-10-13] (Intel(R) Trust Services -> Intel(R) Corporation)
Task: {94C243E5-CEE5-4F9E-9767-9726ADB77C5F} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {9FA781E9-9394-43AA-999D-1AAD50F44DA6} - System32\Tasks\TVT\TVSUUpdateTask_UserLogOn => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [1758984 2020-03-09] (Lenovo -> )
Task: {A9742085-9DF2-4EDA-B391-CC68D85F0E08} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-04-14] (Adobe Inc. -> Adobe)
Task: {C0A88E11-E91C-48E0-B33A-3473A7AE157B} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {C46909FF-D299-4558-BEDE-DF32804A10FE} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [646456 2020-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {CCA04494-C81E-4AA9-9D12-1EA1F7B06362} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [1660520 2020-03-01] (Avast Software s.r.o. -> Avast Software)
Task: {CDB122E6-A718-4A84-AD7F-7E7F7C5A1CB1} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe
Task: {CEBB76E4-503C-4819-A72A-57B48732D0FE} - System32\Tasks\Agent Activation Runtime\S-1-5-21-197814337-2409111935-2844641891-1001 => C:\Windows\System32\AgentActivationRuntimeStarter.exe [13312 2019-03-19] (Microsoft Windows -> )
Task: {D720F3B5-CAF5-41C3-A0EB-02186AA7FF34} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [850928 2020-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {DE7BB9B2-9784-4719-9B94-4EC95077AD44} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1126888 2020-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {F2B55F84-F169-454B-8964-03D4DDC16BF2} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {F71E8108-67BF-4FC6-95AD-11102ED9F087} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [126152 2020-04-10] (Mozilla Corporation -> Mozilla Foundation)

(Si una entrada es incluida en el fixlist, el archivo de tarea (.job) será movido. El archivo que está siendo ejecutado por la tarea no será movido.)

Task: C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job => C:\Windows\explorer.exe

==================== Internet (Lista blanca) ====================

(Si un elemento es incluido en el fixlist, y éste pertenece al registro, será eliminado o restaurado a su valor predeterminado.)

Hosts: 127.0.0.1 facebook.com
Tcpip\Parameters: [DhcpNameServer] 208.67.222.222 208.67.220.220
Tcpip\..\Interfaces\{093dad9e-4d37-4c2a-8c07-60f7c044d59a}: [DhcpNameServer] 208.67.222.222 208.67.220.220
Tcpip\..\Interfaces\{5c2eeb01-099b-409e-8250-6e6baa9132e9}: [DhcpNameServer] 200.83.1.5 200.30.192.15 190.160.0.11

Internet Explorer:
==================
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2014-01-22] (Microsoft Corporation -> Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2014-01-22] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2014-01-23] (Microsoft Corporation -> Microsoft Corporation)

FireFox:
========
FF DefaultProfile: jf7bglfq.default
FF ProfilePath: C:\Users\Thanuz\AppData\Roaming\Mozilla\Firefox\Profiles\jf7bglfq.default [2019-12-16]
FF ProfilePath: C:\Users\Thanuz\AppData\Roaming\Mozilla\Firefox\Profiles\i7046ywg.default-release-1561162607430 [2020-05-03]
FF Extension: (Adblock Plus - bloqueador de anuncios gratis) - C:\Users\Thanuz\AppData\Roaming\Mozilla\Firefox\Profiles\i7046ywg.default-release-1561162607430\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2020-04-18]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_363.dll [2020-04-14] (Adobe Inc. -> )
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_363.dll [2020-04-14] (Adobe Inc. -> )
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [Ningún archivo]
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [Ningún archivo]
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> D:\PROGRAMAS\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2019-06-26] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> D:\PROGRAMAS\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2019-06-26] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> D:\PROGRAMAS\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2019-06-26] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> D:\PROGRAMAS\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2019-06-26] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=3.0.7 -> D:\Programas\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.7.1 -> D:\Programas\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> D:\Programas\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin HKU\S-1-5-21-197814337-2409111935-2844641891-1001: @zoom.us/ZoomVideoPlugin -> C:\Users\Thanuz\AppData\Roaming\Zoom\bin\npzoomplugin.dll [2020-04-09] (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\kl_prefs_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.js [2019-07-01] <==== ATENCIÓN (Apunta a archivo *.cfg)
FF ExtraCheck: C:\Program Files\mozilla firefox\kl_config_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.cfg [2019-07-01] <==== ATENCIÓN

==================== Servicios (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [784512 2019-09-23] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
R2 EMP_UDSA; C:\Program Files (x86)\EPSON Projector\Epson USB Display V1.7\EMP_UDSA.exe [166504 2014-04-23] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [134872 2017-11-08] (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.)
R2 FileZilla Server; C:\Program Files (x86)\FileZilla Server\FileZilla Server.exe [859304 2017-02-08] (Tim Kosse -> FileZilla Project)
R2 GameRecorderSVC; C:\Program Files\Lenovo\Nerve Center\bin\x86\GameRecorderSVC.exe [392032 2017-04-28] (LENOVO -> Lenovo(beijing) Limited)
R2 HPSIService; C:\Windows\system32\HPSIsvc.exe [128272 2016-03-30] (Hewlett-Packard Company -> HP)
S3 iaStorAfsService; C:\Windows\IAStorAfsService\iaStorAfsService.exe [2413024 2018-04-05] (Intel Corporation -> Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [630048 2016-10-13] (Intel(R) Trust Services -> Intel(R) Corporation)
U3 Intel(R) Online Connect; C:\Program Files\Intel\Intel(R) Online Connect\ioc.exe [25312 2016-11-01] (Intel(R) Online Connect -> Intel Corporation)
S2 Intel(R) Online Connect Helper; C:\Program Files\Intel\Intel(R) Online Connect\iocHelperService.exe [34528 2016-11-01] (Intel(R) Online Connect -> Intel Corporation)
S3 Intel(R) Online Connect Software Asset Manager; C:\Program Files (x86)\Intel\Intel(R) Online Connect Access\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [18152 2016-10-14] (Intel(R) Software Asset Manager -> Intel Corporation)
R2 Intel(R) TechnologyAccessLegacyCSLoader; C:\Program Files\Intel\Intel(R) Online Connect Access\LegacyCsLoaderService.exe [173288 2016-10-17] (Intel(R) Online Connect Access -> Intel(R) Corporation)
R2 Intel(R) TechnologyAccessService; C:\Program Files\Intel\Intel(R) Online Connect Access\IntelTechnologyAccessService.exe [496872 2016-10-17] (Intel(R) Online Connect Access -> Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [177440 2016-11-08] (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [850928 2020-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
R2 Parsec; C:\Program Files\Parsec\pservice.exe [362568 2020-02-18] (Parsec Cloud, Inc. -> Parsec)
R2 PluginLoaderSvc; C:\Program Files\Lenovo\Nerve Center\bin\x64\PluginLoaderSvc.exe [966496 2017-04-28] (LENOVO -> Lenovo(beijing) Limited)
R2 RtkBtManServ; C:\Windows\RtkBtManServ.exe [709168 2019-05-20] (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [13216784 2020-04-09] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
S3 VBoxSDS; D:\Programas\VBoxSDS.exe [694016 2019-07-12] (Oracle Corporation -> Oracle Corporation)
R2 VeyonService; D:\Programas\Veyon\veyon-service.exe [20480 2019-05-22] () [Archivo no firmado]
S3 wampapache64; c:\wamp64\bin\apache\apache2.4.39\bin\httpd.exe [29696 2019-03-28] (Apache Software Foundation) [Archivo no firmado]
S3 wampmariadb64; c:\wamp64\bin\mariadb\mariadb10.3.14\bin\mysqld.exe [15813032 2019-04-01] (MariaDB Corporation Ab -> )
S3 wampmysqld64; c:\wamp64\bin\mysql\mysql5.7.26\bin\mysqld.exe [39644480 2019-04-13] (Oracle America, Inc. -> )
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2004.6-0\NisSrv.exe [3304992 2020-05-03] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2004.6-0\MsMpEng.exe [103376 2020-05-03] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000 

===================== Controladores (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

S3 BazisPortableCDBus; C:\Windows\System32\drivers\BazisPortableCDBus.sys [283480 2019-07-31] (Sysprogs OU -> Sysprogs OU)
R3 BHTPCRDR; C:\Windows\System32\drivers\bhtpcrdr.sys [173432 2016-08-10] (BayHub Technology Inc. -> BayHubTech/O2Micro )
R3 eppvad_simple; C:\Windows\system32\drivers\EMP_UDAU.sys [23040 2014-04-23] (Microsoft Windows Hardware Compatibility Publisher -> SEIKO EPSON CORPORATION)
R3 ETDSMBus; C:\Windows\system32\DRIVERS\ETDSMBus.sys [32328 2017-11-08] (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronic Corp.)
S3 FBNetFilter; C:\Windows\system32\Drivers\FBNetFlt.sys [46576 2017-04-28] (Lenovo (Beijing) Co., Ltd. -> Lenovo(beijing) Limited)
R0 iaStorAC; C:\Windows\System32\drivers\iaStorAC.sys [906216 2018-04-05] (Intel Corporation -> Intel Corporation)
S3 iaStorAfs; C:\Windows\System32\drivers\iaStorAfs.sys [69096 2018-04-05] (Intel Corporation -> Intel Corporation)
R3 keyboard; C:\Windows\System32\Drivers\keyboard.sys [18536 2019-06-25] (Francisco Lopes da Silva -> Oblita)
R3 mouse; C:\Windows\System32\Drivers\mouse.sys [18536 2019-06-25] (Francisco Lopes da Silva -> Oblita)
S3 mvusbews; C:\Windows\System32\Drivers\mvusbews.sys [29192 2016-03-16] (Microsoft Windows Hardware Compatibility Publisher -> Marvell Semiconductor, Inc.)
R1 ndisrd; C:\Windows\system32\DRIVERS\ndisrfl.sys [59792 2016-09-13] (Intel(R) Technology Access -> Intel Corporation)
R3 nvlddmkm; C:\Windows\System32\DriverStore\FileRepository\nvlti.inf_amd64_8156ccdc8580286a\nvlddmkm.sys [23446968 2020-04-11] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30336 2020-03-31] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [69840 2019-04-17] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvhci; C:\Windows\System32\drivers\nvvhci.sys [67456 2020-03-11] (NVIDIA Corporation -> NVIDIA Corporation)
R0 pwdrvio; C:\Windows\System32\pwdrvio.sys [19152 2013-09-30] (MiniTool Solution Ltd -> )
S3 pwdspio; C:\Windows\system32\pwdspio.sys [12504 2013-09-30] (MiniTool Solution Ltd -> )
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [1009128 2017-08-21] (Realtek Semiconductor Corp. -> Realtek )
R3 RtkBtFilter; C:\Windows\System32\drivers\RtkBtfilter.sys [779104 2019-05-20] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corporation)
R3 rtsuvc; C:\Windows\system32\DRIVERS\rtsuvc.sys [3238368 2017-10-23] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.)
R3 RTWlanE; C:\Windows\System32\drivers\rtwlane.sys [8138064 2018-01-23] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corporation )
S3 RTWlanE01; C:\Windows\System32\drivers\rtwlane01.sys [8169472 2019-03-19] (Microsoft Windows -> Realtek Semiconductor Corporation )
R3 SteamStreamingMicrophone; C:\Windows\system32\drivers\SteamStreamingMicrophone.sys [40736 2017-07-28] (Valve Corp. -> )
R3 SteamStreamingSpeakers; C:\Windows\system32\drivers\SteamStreamingSpeakers.sys [40736 2017-07-21] (Valve Corp. -> )
S3 usbrndis6; C:\Windows\System32\drivers\usb80236.sys [24576 2019-09-11] (Microsoft Windows -> Microsoft Corporation)
S3 usbscan; C:\Windows\system32\DRIVERS\usbscan.sys [49152 2019-03-19] (Microsoft Corporation) [Archivo no firmado]
R3 VBoxNetAdp; C:\Windows\system32\DRIVERS\VBoxNetAdp6.sys [237584 2019-07-12] (Oracle Corporation -> Oracle Corporation)
R1 VBoxNetLwf; C:\Windows\system32\DRIVERS\VBoxNetLwf.sys [248464 2019-07-12] (Oracle Corporation -> Oracle Corporation)
R3 ViGEmBus; C:\Windows\System32\drivers\ViGEmBus.sys [69168 2019-08-27] (Microsoft Windows Hardware Compatibility Publisher -> Benjamin Höglinger-Stelzer)
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [45960 2020-05-03] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [394680 2020-05-03] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [64944 2020-05-03] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)


==================== Un mes (creado) ===================

(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)

2020-05-03 17:46 - 2020-05-03 17:47 - 000030245 _____ C:\Users\Thanuz\Escritorio\FRST.txt
2020-05-03 17:46 - 2020-05-03 17:47 - 000030245 _____ C:\Users\Thanuz\Escritorio\FRST.txt
2020-05-03 17:46 - 2020-05-03 17:47 - 000000000 ____D C:\FRST
2020-05-03 17:39 - 2020-05-03 17:45 - 000000000 ____D C:\Users\Thanuz\Escritorio\Farbar Recovery Scan Tool
2020-05-03 17:39 - 2020-05-03 17:45 - 000000000 ____D C:\Users\Thanuz\Escritorio\Farbar Recovery Scan Tool
2020-05-03 17:32 - 2020-05-03 17:32 - 002283520 _____ (Farbar) C:\Users\Thanuz\Escritorio\FRST64.exe
2020-05-03 17:32 - 2020-05-03 17:32 - 002283520 _____ (Farbar) C:\Users\Thanuz\Escritorio\FRST64.exe
2020-04-30 22:46 - 2020-04-30 22:46 - 000001839 _____ C:\Users\Thanuz\Escritorio\malwarebyte 300420.txt
2020-04-30 22:46 - 2020-04-30 22:46 - 000001839 _____ C:\Users\Thanuz\Escritorio\malwarebyte 300420.txt
2020-04-30 16:39 - 2020-04-30 22:45 - 000000214 _____ C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job
2020-04-30 16:38 - 2020-04-30 23:37 - 000706038 _____ C:\Windows\ntbtlog.txt
2020-04-21 00:23 - 2020-04-11 17:55 - 001729232 _____ C:\Windows\system32\vulkaninfo-1-999-0-0-0.exe
2020-04-21 00:23 - 2020-04-11 17:55 - 001729232 _____ C:\Windows\system32\vulkaninfo.exe
2020-04-21 00:23 - 2020-04-11 17:55 - 001329360 _____ C:\Windows\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2020-04-21 00:23 - 2020-04-11 17:55 - 001329360 _____ C:\Windows\SysWOW64\vulkaninfo.exe
2020-04-21 00:23 - 2020-04-11 17:55 - 001078992 _____ C:\Windows\system32\vulkan-1-999-0-0-0.dll
2020-04-21 00:23 - 2020-04-11 17:55 - 001078992 _____ C:\Windows\system32\vulkan-1.dll
2020-04-21 00:23 - 2020-04-11 17:55 - 000937680 _____ C:\Windows\SysWOW64\vulkan-1-999-0-0-0.dll
2020-04-21 00:23 - 2020-04-11 17:55 - 000937680 _____ C:\Windows\SysWOW64\vulkan-1.dll
2020-04-21 00:23 - 2020-04-11 17:55 - 000450280 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2020-04-21 00:23 - 2020-04-11 17:55 - 000346856 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2020-04-21 00:23 - 2020-04-11 17:54 - 011945872 _____ (NVIDIA Corporation) C:\Windows\system32\nvptxJitCompiler.dll
2020-04-21 00:23 - 2020-04-11 17:54 - 010286480 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvptxJitCompiler.dll
2020-04-21 00:23 - 2020-04-11 17:53 - 017601632 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2020-04-21 00:23 - 2020-04-11 17:53 - 015158384 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2020-04-21 00:23 - 2020-04-11 17:53 - 005855856 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2020-04-21 00:23 - 2020-04-11 17:53 - 005159520 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2020-04-21 00:23 - 2020-04-11 17:53 - 002074232 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2020-04-21 00:23 - 2020-04-11 17:53 - 001722480 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6444587.dll
2020-04-21 00:23 - 2020-04-11 17:53 - 001566328 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2020-04-21 00:23 - 2020-04-11 17:53 - 001483376 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6444587.dll
2020-04-21 00:23 - 2020-04-11 17:53 - 001481328 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2020-04-21 00:23 - 2020-04-11 17:53 - 001350792 _____ (NVIDIA Corporation) C:\Windows\system32\nvfatbinaryLoader.dll
2020-04-21 00:23 - 2020-04-11 17:53 - 001142200 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2020-04-21 00:23 - 2020-04-11 17:53 - 001048504 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvfatbinaryLoader.dll
2020-04-21 00:23 - 2020-04-11 17:53 - 000811448 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2020-04-21 00:23 - 2020-04-11 17:53 - 000679864 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2020-04-21 00:23 - 2020-04-11 17:53 - 000676448 _____ C:\Windows\system32\nvofapi64.dll
2020-04-21 00:23 - 2020-04-11 17:53 - 000655312 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2020-04-21 00:23 - 2020-04-11 17:53 - 000546744 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2020-04-21 00:23 - 2020-04-11 17:53 - 000543160 _____ C:\Windows\SysWOW64\nvofapi.dll
2020-04-21 00:23 - 2020-04-11 17:51 - 004195688 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2020-04-19 22:11 - 2020-04-20 19:34 - 000000000 ____D C:\Users\Thanuz\Escritorio\Mario rpg español
2020-04-19 22:11 - 2020-04-20 19:34 - 000000000 ____D C:\Users\Thanuz\Escritorio\Mario rpg español
2020-04-19 21:58 - 2016-10-13 23:29 - 000680828 _____ C:\Users\Thanuz\Escritorio\Super Mario RPG (S)[50Hz] - 1.10.ips
2020-04-19 21:58 - 2016-10-13 23:29 - 000680828 _____ C:\Users\Thanuz\Escritorio\Super Mario RPG (S)[50Hz] - 1.10.ips
2020-04-19 17:34 - 2020-04-19 17:34 - 000000000 ____D C:\Users\Thanuz\Escritorio\Proyectos de vídeo
2020-04-19 17:34 - 2020-04-19 17:34 - 000000000 ____D C:\Users\Thanuz\Escritorio\Proyectos de vídeo
2020-04-18 18:27 - 2020-04-28 22:29 - 000000000 ____D C:\Users\Thanuz\AppData\LocalLow\uTorrent
2020-04-17 11:27 - 2007-11-11 08:34 - 620779520 _____ C:\Users\Thanuz\Escritorio\Windows_98_SE.iso
2020-04-17 11:27 - 2007-11-11 08:34 - 620779520 _____ C:\Users\Thanuz\Escritorio\Windows_98_SE.iso
2020-04-17 00:30 - 2020-04-17 00:30 - 025444352 _____ (Microsoft Corporation) C:\Windows\system32\Hydrogen.dll
2020-04-17 00:30 - 2020-04-17 00:30 - 022636544 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2020-04-17 00:30 - 2020-04-17 00:30 - 019850240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgehtml.dll
2020-04-17 00:30 - 2020-04-17 00:30 - 019812864 _____ (Microsoft Corporation) C:\Windows\system32\HologramWorld.dll
2020-04-17 00:30 - 2020-04-17 00:30 - 018027520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2020-04-17 00:30 - 2020-04-17 00:30 - 014818816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2020-04-17 00:30 - 2020-04-17 00:30 - 008013824 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2020-04-17 00:30 - 2020-04-17 00:30 - 007756800 _____ (Microsoft Corporation) C:\Windows\system32\Chakra.dll
2020-04-17 00:30 - 2020-04-17 00:30 - 007017472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2020-04-17 00:30 - 2020-04-17 00:30 - 006523048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Protection.PlayReady.dll
2020-04-17 00:30 - 2020-04-17 00:30 - 005910016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakra.dll
2020-04-17 00:30 - 2020-04-17 00:30 - 005040640 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2020-04-17 00:30 - 2020-04-17 00:30 - 004611584 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2020-04-17 00:30 - 2020-04-17 00:30 - 004538880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2020-04-17 00:30 - 2020-04-17 00:30 - 004129624 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
2020-04-17 00:30 - 2020-04-17 00:30 - 003753472 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_nt.dll
2020-04-17 00:30 - 2020-04-17 00:30 - 003742544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\OneCoreUAPCommonProxyStub.dll
2020-04-17 00:30 - 2020-04-17 00:30 - 003512320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2020-04-17 00:30 - 2020-04-17 00:30 - 002951832 _____ (Microsoft Corporation) C:\Windows\system32\mfmp4srcsnk.dll
2020-04-17 00:30 - 2020-04-17 00:30 - 002800640 _____ (Microsoft Corporation) C:\Windows\system32\WinSAT.exe
2020-04-17 00:30 - 2020-04-17 00:30 - 002800128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32kfull.sys
2020-04-17 00:30 - 2020-04-17 00:30 - 002494744 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2020-04-17 00:30 - 2020-04-17 00:30 - 002180408 _____ (Microsoft Corporation) C:\Windows\system32\workfolderssvc.dll
2020-04-17 00:30 - 2020-04-17 00:30 - 001870408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmp4srcsnk.dll
2020-04-17 00:30 - 2020-04-17 00:30 - 001729024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InstallService.dll
2020-04-17 00:30 - 2020-04-17 00:30 - 001697792 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll
2020-04-17 00:30 - 2020-04-17 00:30 - 001665216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2020-04-17 00:30 - 2020-04-17 00:30 - 001664896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2020-04-17 00:30 - 2020-04-17 00:30 - 001646048 _____ (Microsoft Corporation) C:\Windows\system32\gdi32full.dll
2020-04-17 00:30 - 2020-04-17 00:30 - 001610240 _____ (Microsoft Corporation) C:\Windows\system32\HologramCompositor.dll
2020-04-17 00:30 - 2020-04-17 00:30 - 001587712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aadtb.dll
2020-04-17 00:30 - 2020-04-17 00:30 - 001545216 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2020-04-17 00:30 - 2020-04-17 00:30 - 001484384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2020-04-17 00:30 - 2020-04-17 00:30 - 001477112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dcomp.dll
2020-04-17 00:30 - 2020-04-17 00:30 - 001458688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
2020-04-17 00:30 - 2020-04-17 00:30 - 001413840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32full.dll
2020-04-17 00:30 - 2020-04-17 00:30 - 001397576 _____ (Microsoft Corporation) C:\Windows\system32\hvix64.exe
2020-04-17 00:30 - 2020-04-17 00:30 - 001368576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wpc.dll
2020-04-17 00:30 - 2020-04-17 00:30 - 001368576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Input.Inking.dll
2020-04-17 00:30 - 2020-04-17 00:30 - 001310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjet40.dll
2020-04-17 00:30 - 2020-04-17 00:30 - 001264640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2020-04-17 00:30 - 2020-04-17 00:30 - 001245184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TokenBroker.dll
2020-04-17 00:30 - 2020-04-17 00:30 - 001151816 _____ (Microsoft Corporation) C:\Windows\system32\mfmpeg2srcsnk.dll
2020-04-17 00:30 - 2020-04-17 00:30 - 001081856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.Vpn.dll
2020-04-17 00:30 - 2020-04-17 00:30 - 001077064 _____ (Microsoft Corporation) C:\Windows\system32\hvax64.exe
2020-04-17 00:30 - 2020-04-17 00:30 - 001055376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2020-04-17 00:30 - 2020-04-17 00:30 - 001013000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmpeg2srcsnk.dll
2020-04-17 00:30 - 2020-04-17 00:30 - 001009152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpnapps.dll
2020-04-17 00:30 - 2020-04-17 00:30 - 001008128 _____ (Microsoft Corporation) C:\Windows\system32\StorSvc.dll
2020-04-17 00:30 - 2020-04-17 00:30 - 000993280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2020-04-17 00:30 - 2020-04-17 00:30 - 000983040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmkvsrcsnk.dll
2020-04-17 00:30 - 2020-04-17 00:30 - 000980832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webservices.dll
2020-04-17 00:30 - 2020-04-17 00:30 - 000912896 _____ (Microsoft Corporation) C:\Windows\system32\rasmans.dll
2020-04-17 00:30 - 2020-04-17 00:30 - 000892416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MbaeApiPublic.dll
2020-04-17 00:30 - 2020-04-17 00:30 - 000868864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\windowsperformancerecordercontrol.dll
2020-04-17 00:30 - 2020-04-17 00:30 - 000865280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2020-04-17 00:30 - 2020-04-17 00:30 - 000836608 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2020-04-17 00:30 - 2020-04-17 00:30 - 000835584 _____ (Microsoft Corporation) C:\Windows\system32\WorkfoldersControl.dll
2020-04-17 00:30 - 2020-04-17 00:30 - 000785920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2020-04-17 00:30 - 2020-04-17 00:30 - 000783480 _____ (Microsoft Corporation) C:\Windows\system32\tcblaunch.exe
2020-04-17 00:30 - 2020-04-17 00:30 - 000775696 _____ (Microsoft Corporation) C:\Windows\system32\securekernel.exe
2020-04-17 00:30 - 2020-04-17 00:30 - 000768528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll
2020-04-17 00:30 - 2020-04-17 00:30 - 000729600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FlightSettings.dll
2020-04-17 00:30 - 2020-04-17 00:30 - 000701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Mirage.Internal.dll
2020-04-17 00:30 - 2020-04-17 00:30 - 000701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BTAGService.dll
2020-04-17 00:30 - 2020-04-17 00:30 - 000689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CPFilters.dll
2020-04-17 00:30 - 2020-04-17 00:30 - 000686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2020-04-17 00:30 - 2020-04-17 00:30 - 000673704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppXDeploymentClient.dll
2020-04-17 00:30 - 2020-04-17 00:30 - 000673464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontdrvhost.exe
2020-04-17 00:30 - 2020-04-17 00:30 - 000668672 _____ (Microsoft Corporation) C:\Windows\system32\wsecedit.dll
2020-04-17 00:30 - 2020-04-17 00:30 - 000665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netlogon.dll
2020-04-17 00:30 - 2020-04-17 00:30 - 000647680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Internal.Management.dll
2020-04-17 00:30 - 2020-04-17 00:30 - 000632832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WpcWebFilter.dll
2020-04-17 00:30 - 2020-04-17 00:30 - 000629760 _____ (Microsoft Corporation) C:\Windows\system32\ipnathlp.dll
2020-04-17 00:30 - 2020-04-17 00:30 - 000628616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2020-04-17 00:30 - 2020-04-17 00:30 - 000595968 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2020-04-17 00:30 - 2020-04-17 00:30 - 000555008 _____ (Microsoft Corporation) C:\Windows\system32\appwiz.cpl
2020-04-17 00:30 - 2020-04-17 00:30 - 000538160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SHCore.dll
2020-04-17 00:30 - 2020-04-17 00:30 - 000532480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2020-04-17 00:30 - 2020-04-17 00:30 - 000529408 _____ (Microsoft Corporation) C:\Windows\system32\nltest.exe
2020-04-17 00:30 - 2020-04-17 00:30 - 000525312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsecedit.dll
2020-04-17 00:30 - 2020-04-17 00:30 - 000507152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\taskschd.dll
2020-04-17 00:30 - 2020-04-17 00:30 - 000491008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sppcext.dll
2020-04-17 00:30 - 2020-04-17 00:30 - 000487784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2020-04-17 00:30 - 2020-04-17 00:30 - 000456192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appwiz.cpl
2020-04-17 00:30 - 2020-04-17 00:30 - 000452096 _____ (Microsoft Corporation) C:\Windows\system32\rdpclip.exe
2020-04-17 00:30 - 2020-04-17 00:30 - 000444416 _____ (Microsoft Corporation) C:\Windows\system32\MSFlacDecoder.dll
2020-04-17 00:30 - 2020-04-17 00:30 - 000420152 _____ (Microsoft Corporation) C:\Windows\system32\MSAudDecMFT.dll
2020-04-17 00:30 - 2020-04-17 00:30 - 000415760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aepic.dll
2020-04-17 00:30 - 2020-04-17 00:30 - 000410112 _____ (Microsoft Corporation) C:\Windows\system32\rascustom.dll
2020-04-17 00:30 - 2020-04-17 00:30 - 000406480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Enumeration.dll
2020-04-17 00:30 - 2020-04-17 00:30 - 000381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntshrui.dll
2020-04-17 00:30 - 2020-04-17 00:30 - 000380416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSFlacDecoder.dll
2020-04-17 00:30 - 2020-04-17 00:30 - 000353792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrd3x40.dll
2020-04-17 00:30 - 2020-04-17 00:30 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msexcl40.dll
2020-04-17 00:30 - 2020-04-17 00:30 - 000336384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\es.dll
2020-04-17 00:30 - 2020-04-17 00:30 - 000324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32k.sys
2020-04-17 00:30 - 2020-04-17 00:30 - 000321536 _____ (Microsoft Corporation) C:\Windows\system32\wbadmin.exe
2020-04-17 00:30 - 2020-04-17 00:30 - 000277864 _____ (Microsoft Corporation) C:\Windows\system32\LsaIso.exe
2020-04-17 00:30 - 2020-04-17 00:30 - 000277504 _____ (Microsoft Corporation) C:\Windows\system32\scecli.dll
2020-04-17 00:30 - 2020-04-17 00:30 - 000268008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Storage.ApplicationData.dll
2020-04-17 00:30 - 2020-04-17 00:30 - 000241152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msltus40.dll
2020-04-17 00:30 - 2020-04-17 00:30 - 000234496 _____ (Microsoft Corporation) C:\Windows\system32\iasrad.dll
2020-04-17 00:30 - 2020-04-17 00:30 - 000227840 _____ (Microsoft Corporation) C:\Windows\system32\IndexedDbLegacy.dll
2020-04-17 00:30 - 2020-04-17 00:30 - 000225792 _____ (Microsoft Corporation) C:\Windows\system32\WorkFoldersShell.dll
2020-04-17 00:30 - 2020-04-17 00:30 - 000214528 _____ (Microsoft Corporation) C:\Windows\system32\srumsvc.dll
2020-04-17 00:30 - 2020-04-17 00:30 - 000214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scecli.dll
2020-04-17 00:30 - 2020-04-17 00:30 - 000211256 _____ (Microsoft Corporation) C:\Windows\system32\tcbloader.dll
2020-04-17 00:30 - 2020-04-17 00:30 - 000203264 _____ (Microsoft Corporation) C:\Windows\system32\LanguageComponentsInstaller.dll
2020-04-17 00:30 - 2020-04-17 00:30 - 000190048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\logoncli.dll
2020-04-17 00:30 - 2020-04-17 00:30 - 000187392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iasrad.dll
2020-04-17 00:30 - 2020-04-17 00:30 - 000185952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\deviceaccess.dll
2020-04-17 00:30 - 2020-04-17 00:30 - 000179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InstallServiceTasks.dll
2020-04-17 00:30 - 2020-04-17 00:30 - 000179712 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll
2020-04-17 00:30 - 2020-04-17 00:30 - 000179200 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.XamlHost.dll
2020-04-17 00:30 - 2020-04-17 00:30 - 000178176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srumsvc.dll
2020-04-17 00:30 - 2020-04-17 00:30 - 000175616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IndexedDbLegacy.dll
2020-04-17 00:30 - 2020-04-17 00:30 - 000163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\updatepolicy.dll
2020-04-17 00:30 - 2020-04-17 00:30 - 000155136 _____ (Microsoft Corporation) C:\Windows\system32\Chakradiag.dll
2020-04-17 00:30 - 2020-04-17 00:30 - 000139776 _____ (Microsoft Corporation) C:\Windows\system32\Chakrathunk.dll
2020-04-17 00:30 - 2020-04-17 00:30 - 000138752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\t2embed.dll
2020-04-17 00:30 - 2020-04-17 00:30 - 000135168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.XamlHost.dll
2020-04-17 00:30 - 2020-04-17 00:30 - 000130560 _____ (Microsoft Corporation) C:\Windows\system32\StorageUsage.dll
2020-04-17 00:30 - 2020-04-17 00:30 - 000123952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KerbClientShared.dll
2020-04-17 00:30 - 2020-04-17 00:30 - 000118272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\slc.dll
2020-04-17 00:30 - 2020-04-17 00:30 - 000117248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakradiag.dll
2020-04-17 00:30 - 2020-04-17 00:30 - 000105472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakrathunk.dll
2020-04-17 00:30 - 2020-04-17 00:30 - 000105472 _____ (Microsoft Corporation) C:\Windows\system32\WorkFolders.exe
2020-04-17 00:30 - 2020-04-17 00:30 - 000101888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sppc.dll
2020-04-17 00:30 - 2020-04-17 00:30 - 000099328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2020-04-17 00:30 - 2020-04-17 00:30 - 000093712 _____ (Microsoft Corporation) C:\Windows\system32\hvloader.dll
2020-04-17 00:30 - 2020-04-17 00:30 - 000090624 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2020-04-17 00:30 - 2020-04-17 00:30 - 000089336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32u.dll
2020-04-17 00:30 - 2020-04-17 00:30 - 000087552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dot3api.dll
2020-04-17 00:30 - 2020-04-17 00:30 - 000087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dot3msm.dll
2020-04-17 00:30 - 2020-04-17 00:30 - 000087040 _____ (Microsoft Corporation) C:\Windows\system32\iasacct.dll
2020-04-17 00:30 - 2020-04-17 00:30 - 000084280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hvservice.sys
2020-04-17 00:30 - 2020-04-17 00:30 - 000071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Custom.dll
2020-04-17 00:30 - 2020-04-17 00:30 - 000070144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2020-04-17 00:30 - 2020-04-17 00:30 - 000066624 _____ (Microsoft Corporation) C:\Windows\system32\iumcrypt.dll
2020-04-17 00:30 - 2020-04-17 00:30 - 000066048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iasacct.dll
2020-04-17 00:30 - 2020-04-17 00:30 - 000063488 _____ (Microsoft Corporation) C:\Windows\system32\srumapi.dll
2020-04-17 00:30 - 2020-04-17 00:30 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srumapi.dll
2020-04-17 00:30 - 2020-04-17 00:30 - 000050544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CloudNotifications.exe
2020-04-17 00:30 - 2020-04-17 00:30 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\iaspolcy.dll
2020-04-17 00:30 - 2020-04-17 00:30 - 000049152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tbauth.dll
2020-04-17 00:30 - 2020-04-17 00:30 - 000046080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf3216.dll
2020-04-17 00:30 - 2020-04-17 00:30 - 000040448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iaspolcy.dll
2020-04-17 00:30 - 2020-04-17 00:30 - 000031744 _____ (Microsoft Corporation) C:\Windows\system32\ias.dll
2020-04-17 00:30 - 2020-04-17 00:30 - 000029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cmintegrator.dll
2020-04-17 00:30 - 2020-04-17 00:30 - 000029184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TokenBrokerCookies.exe
2020-04-17 00:30 - 2020-04-17 00:30 - 000026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2020-04-17 00:30 - 2020-04-17 00:30 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2020-04-17 00:30 - 2020-04-17 00:30 - 000023552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ias.dll
2020-04-17 00:30 - 2020-04-17 00:30 - 000021520 _____ (Microsoft Corporation) C:\Windows\system32\kdhvcom.dll
2020-04-17 00:30 - 2020-04-17 00:30 - 000019968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\slcext.dll
2020-04-17 00:30 - 2020-04-17 00:30 - 000017920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll
2020-04-17 00:30 - 2020-04-17 00:30 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\icsunattend.exe
2020-04-17 00:30 - 2020-04-17 00:30 - 000015872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Custom.ps.dll
2020-04-17 00:30 - 2020-04-17 00:30 - 000011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2020-04-17 00:30 - 2020-04-17 00:30 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DMAlertListener.ProxyStub.dll
2020-04-17 00:30 - 2020-04-17 00:30 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimg32.dll
2020-04-17 00:30 - 2020-04-17 00:30 - 000002560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2020-04-17 00:30 - 2020-04-17 00:30 - 000000315 _____ C:\Windows\system32\DrtmAuth9.bin
2020-04-17 00:30 - 2020-04-17 00:30 - 000000315 _____ C:\Windows\system32\DrtmAuth8.bin
2020-04-17 00:30 - 2020-04-17 00:30 - 000000315 _____ C:\Windows\system32\DrtmAuth7.bin
2020-04-17 00:30 - 2020-04-17 00:30 - 000000315 _____ C:\Windows\system32\DrtmAuth6.bin
2020-04-17 00:30 - 2020-04-17 00:30 - 000000315 _____ C:\Windows\system32\DrtmAuth5.bin
2020-04-17 00:30 - 2020-04-17 00:30 - 000000315 _____ C:\Windows\system32\DrtmAuth4.bin
2020-04-17 00:30 - 2020-04-17 00:30 - 000000315 _____ C:\Windows\system32\DrtmAuth3.bin
2020-04-17 00:30 - 2020-04-17 00:30 - 000000315 _____ C:\Windows\system32\DrtmAuth2.bin
2020-04-17 00:30 - 2020-04-17 00:30 - 000000315 _____ C:\Windows\system32\DrtmAuth12.bin
2020-04-17 00:30 - 2020-04-17 00:30 - 000000315 _____ C:\Windows\system32\DrtmAuth11.bin
2020-04-17 00:30 - 2020-04-17 00:30 - 000000315 _____ C:\Windows\system32\DrtmAuth10.bin
2020-04-17 00:30 - 2020-04-17 00:30 - 000000315 _____ C:\Windows\system32\DrtmAuth1.bin
2020-04-17 00:29 - 2020-04-17 00:29 - 017790464 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2020-04-17 00:29 - 2020-04-17 00:29 - 009930552 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2020-04-17 00:29 - 2020-04-17 00:29 - 007849216 _____ (Microsoft Corporation) C:\Windows\system32\OneCoreUAPCommonProxyStub.dll
2020-04-17 00:29 - 2020-04-17 00:29 - 007604584 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Protection.PlayReady.dll
2020-04-17 00:29 - 2020-04-17 00:29 - 006168064 _____ (Microsoft Corporation) C:\Windows\system32\twinui.pcshell.dll
2020-04-17 00:29 - 2020-04-17 00:29 - 004563200 _____ (Microsoft Corporation) C:\Windows\system32\sppsvc.exe
2020-04-17 00:29 - 2020-04-17 00:29 - 003802624 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2020-04-17 00:29 - 2020-04-17 00:29 - 003729408 _____ (Microsoft Corporation) C:\Windows\system32\win32kfull.sys
2020-04-17 00:29 - 2020-04-17 00:29 - 003708928 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll
2020-04-17 00:29 - 2020-04-17 00:29 - 003587384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2020-04-17 00:29 - 2020-04-17 00:29 - 003547648 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2020-04-17 00:29 - 2020-04-17 00:29 - 003109376 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2020-04-17 00:29 - 2020-04-17 00:29 - 002986808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2020-04-17 00:29 - 2020-04-17 00:29 - 002871608 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2020-04-17 00:29 - 2020-04-17 00:29 - 002767928 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2020-04-17 00:29 - 2020-04-17 00:29 - 002717184 _____ (Microsoft Corporation) C:\Windows\system32\win32kbase.sys
2020-04-17 00:29 - 2020-04-17 00:29 - 002453504 _____ (Microsoft Corporation) C:\Windows\system32\InstallService.dll
2020-04-17 00:29 - 2020-04-17 00:29 - 002131456 _____ (Microsoft Corporation) C:\Windows\system32\WpcDesktopMonSvc.dll
2020-04-17 00:29 - 2020-04-17 00:29 - 002126144 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2020-04-17 00:29 - 2020-04-17 00:29 - 002114560 _____ (Microsoft Corporation) C:\Windows\system32\Windows.CloudStore.dll
2020-04-17 00:29 - 2020-04-17 00:29 - 002086656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2020-04-17 00:29 - 2020-04-17 00:29 - 001999960 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2020-04-17 00:29 - 2020-04-17 00:29 - 001960448 _____ (Microsoft Corporation) C:\Windows\system32\aadtb.dll
2020-04-17 00:29 - 2020-04-17 00:29 - 001945600 _____ (Microsoft Corporation) C:\Windows\system32\dcomp.dll
2020-04-17 00:29 - 2020-04-17 00:29 - 001942528 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2020-04-17 00:29 - 2020-04-17 00:29 - 001918976 _____ (Microsoft Corporation) C:\Windows\system32\wevtsvc.dll
2020-04-17 00:29 - 2020-04-17 00:29 - 001835008 _____ (Microsoft Corporation) C:\Windows\system32\enterprisecsps.dll
2020-04-17 00:29 - 2020-04-17 00:29 - 001783296 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Input.Inking.dll
2020-04-17 00:29 - 2020-04-17 00:29 - 001764336 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2020-04-17 00:29 - 2020-04-17 00:29 - 001762816 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2020-04-17 00:29 - 2020-04-17 00:29 - 001757096 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2020-04-17 00:29 - 2020-04-17 00:29 - 001726264 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2020-04-17 00:29 - 2020-04-17 00:29 - 001719808 _____ (Microsoft Corporation) C:\Windows\system32\Wpc.dll
2020-04-17 00:29 - 2020-04-17 00:29 - 001656904 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2020-04-17 00:29 - 2020-04-17 00:29 - 001612800 _____ (Microsoft Corporation) C:\Windows\system32\wpncore.dll
2020-04-17 00:29 - 2020-04-17 00:29 - 001603584 _____ (Microsoft Corporation) C:\Windows\system32\dosvc.dll
2020-04-17 00:29 - 2020-04-17 00:29 - 001512832 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2020-04-17 00:29 - 2020-04-17 00:29 - 001497600 _____ (Microsoft Corporation) C:\Windows\system32\TokenBroker.dll
2020-04-17 00:29 - 2020-04-17 00:29 - 001480192 _____ (Microsoft Corporation) C:\Windows\system32\usocoreworker.exe
2020-04-17 00:29 - 2020-04-17 00:29 - 001427456 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.Vpn.dll
2020-04-17 00:29 - 2020-04-17 00:29 - 001413704 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2020-04-17 00:29 - 2020-04-17 00:29 - 001378528 _____ (Microsoft Corporation) C:\Windows\system32\webservices.dll
2020-04-17 00:29 - 2020-04-17 00:29 - 001318912 _____ (Microsoft Corporation) C:\Windows\system32\wpnapps.dll
2020-04-17 00:29 - 2020-04-17 00:29 - 001300280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2020-04-17 00:29 - 2020-04-17 00:29 - 001263856 _____ (Microsoft Corporation) C:\Windows\system32\WpcMon.exe
2020-04-17 00:29 - 2020-04-17 00:29 - 001261808 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2020-04-17 00:29 - 2020-04-17 00:29 - 001257472 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2020-04-17 00:29 - 2020-04-17 00:29 - 001243648 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2020-04-17 00:29 - 2020-04-17 00:29 - 001180672 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Security.Authentication.Web.Core.dll
2020-04-17 00:29 - 2020-04-17 00:29 - 001153024 _____ (Microsoft Corporation) C:\Windows\system32\windowsperformancerecordercontrol.dll
2020-04-17 00:29 - 2020-04-17 00:29 - 001136128 _____ (Microsoft Corporation) C:\Windows\system32\MbaeApiPublic.dll
2020-04-17 00:29 - 2020-04-17 00:29 - 001127424 _____ (Microsoft Corporation) C:\Windows\system32\WpcRefreshTask.dll
2020-04-17 00:29 - 2020-04-17 00:29 - 001083904 _____ (Microsoft Corporation) C:\Windows\system32\MusUpdateHandlers.dll
2020-04-17 00:29 - 2020-04-17 00:29 - 001071616 _____ (Microsoft Corporation) C:\Windows\system32\BTAGService.dll
2020-04-17 00:29 - 2020-04-17 00:29 - 001011200 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2020-04-17 00:29 - 2020-04-17 00:29 - 000982840 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
2020-04-17 00:29 - 2020-04-17 00:29 - 000974336 _____ (Microsoft Corporation) C:\Windows\system32\uDWM.dll
2020-04-17 00:29 - 2020-04-17 00:29 - 000924672 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll
2020-04-17 00:29 - 2020-04-17 00:29 - 000923136 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Management.dll
2020-04-17 00:29 - 2020-04-17 00:29 - 000915192 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentClient.dll
2020-04-17 00:29 - 2020-04-17 00:29 - 000893952 _____ (Microsoft Corporation) C:\Windows\system32\FlightSettings.dll
2020-04-17 00:29 - 2020-04-17 00:29 - 000879616 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Management.Service.dll
2020-04-17 00:29 - 2020-04-17 00:29 - 000874296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms2.sys
2020-04-17 00:29 - 2020-04-17 00:29 - 000865280 _____ (Microsoft Corporation) C:\Windows\system32\netlogon.dll
2020-04-17 00:29 - 2020-04-17 00:29 - 000840704 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_Language.dll
2020-04-17 00:29 - 2020-04-17 00:29 - 000822208 _____ (Microsoft Corporation) C:\Windows\system32\fontdrvhost.exe
2020-04-17 00:29 - 2020-04-17 00:29 - 000811320 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2020-04-17 00:29 - 2020-04-17 00:29 - 000772096 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2020-04-17 00:29 - 2020-04-17 00:29 - 000759272 _____ (Microsoft Corporation) C:\Windows\system32\taskschd.dll
17

Parte 2

2020-04-17 00:29 - 2020-04-17 00:29 - 000747320 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2020-04-17 00:29 - 2020-04-17 00:29 - 000735744 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll
2020-04-17 00:29 - 2020-04-17 00:29 - 000722072 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2020-04-17 00:29 - 2020-04-17 00:29 - 000684560 _____ (Microsoft Corporation) C:\Windows\system32\SHCore.dll
2020-04-17 00:29 - 2020-04-17 00:29 - 000654912 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2020-04-17 00:29 - 2020-04-17 00:29 - 000638480 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2020-04-17 00:29 - 2020-04-17 00:29 - 000637240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2020-04-17 00:29 - 2020-04-17 00:29 - 000618296 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2020-04-17 00:29 - 2020-04-17 00:29 - 000605184 _____ (Microsoft Corporation) C:\Windows\system32\MusNotification.exe
2020-04-17 00:29 - 2020-04-17 00:29 - 000604984 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2020-04-17 00:29 - 2020-04-17 00:29 - 000589384 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2020-04-17 00:29 - 2020-04-17 00:29 - 000561464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2020-04-17 00:29 - 2020-04-17 00:29 - 000550400 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2020-04-17 00:29 - 2020-04-17 00:29 - 000530432 _____ (Microsoft Corporation) C:\Windows\system32\sppcext.dll
2020-04-17 00:29 - 2020-04-17 00:29 - 000524264 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Enumeration.dll
2020-04-17 00:29 - 2020-04-17 00:29 - 000516096 _____ (Microsoft Corporation) C:\Windows\system32\MusNotificationUx.exe
2020-04-17 00:29 - 2020-04-17 00:29 - 000515600 _____ (Microsoft Corporation) C:\Windows\system32\dcntel.dll
2020-04-17 00:29 - 2020-04-17 00:29 - 000513576 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2020-04-17 00:29 - 2020-04-17 00:29 - 000510792 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2020-04-17 00:29 - 2020-04-17 00:29 - 000498688 _____ (Microsoft Corporation) C:\Windows\system32\ntshrui.dll
2020-04-17 00:29 - 2020-04-17 00:29 - 000497152 _____ (Microsoft Corporation) C:\Windows\system32\wuuhext.dll
2020-04-17 00:29 - 2020-04-17 00:29 - 000477496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2020-04-17 00:29 - 2020-04-17 00:29 - 000469504 _____ (Microsoft Corporation) C:\Windows\system32\cloudAP.dll
2020-04-17 00:29 - 2020-04-17 00:29 - 000465208 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2020-04-17 00:29 - 2020-04-17 00:29 - 000459688 _____ (Microsoft Corporation) C:\Windows\system32\MusNotifyIcon.exe
2020-04-17 00:29 - 2020-04-17 00:29 - 000456504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdbss.sys
2020-04-17 00:29 - 2020-04-17 00:29 - 000441144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2020-04-17 00:29 - 2020-04-17 00:29 - 000437560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pci.sys
2020-04-17 00:29 - 2020-04-17 00:29 - 000416016 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2020-04-17 00:29 - 2020-04-17 00:29 - 000408064 _____ (Microsoft Corporation) C:\Windows\system32\domgmt.dll
2020-04-17 00:29 - 2020-04-17 00:29 - 000401408 _____ (Microsoft Corporation) C:\Windows\system32\es.dll
2020-04-17 00:29 - 2020-04-17 00:29 - 000374784 _____ (Microsoft Corporation) C:\Windows\system32\ncbservice.dll
2020-04-17 00:29 - 2020-04-17 00:29 - 000355840 _____ (Microsoft Corporation) C:\Windows\system32\WaaSMedicSvc.dll
2020-04-17 00:29 - 2020-04-17 00:29 - 000355328 _____ (Microsoft Corporation) C:\Windows\system32\WpcApi.dll
2020-04-17 00:29 - 2020-04-17 00:29 - 000343552 _____ (Microsoft Corporation) C:\Windows\system32\wpr.exe
2020-04-17 00:29 - 2020-04-17 00:29 - 000339304 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Storage.ApplicationData.dll
2020-04-17 00:29 - 2020-04-17 00:29 - 000330240 _____ (Microsoft Corporation) C:\Windows\system32\omadmclient.exe
2020-04-17 00:29 - 2020-04-17 00:29 - 000324408 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2020-04-17 00:29 - 2020-04-17 00:29 - 000323584 _____ (Microsoft Corporation) C:\Windows\system32\sppcommdlg.dll
2020-04-17 00:29 - 2020-04-17 00:29 - 000297272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys
2020-04-17 00:29 - 2020-04-17 00:29 - 000285184 _____ (Microsoft Corporation) C:\Windows\system32\WaaSMedicCapsule.dll
2020-04-17 00:29 - 2020-04-17 00:29 - 000278016 _____ (Microsoft Corporation) C:\Windows\system32\WpcTok.exe
2020-04-17 00:29 - 2020-04-17 00:29 - 000268288 _____ (Microsoft Corporation) C:\Windows\system32\dot3svc.dll
2020-04-17 00:29 - 2020-04-17 00:29 - 000265216 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2020-04-17 00:29 - 2020-04-17 00:29 - 000259776 _____ (Microsoft Corporation) C:\Windows\system32\logoncli.dll
2020-04-17 00:29 - 2020-04-17 00:29 - 000259072 _____ (Microsoft Corporation) C:\Windows\system32\VPNv2CSP.dll
2020-04-17 00:29 - 2020-04-17 00:29 - 000256000 _____ (Microsoft Corporation) C:\Windows\system32\UpdateDeploymentProvider.dll
2020-04-17 00:29 - 2020-04-17 00:29 - 000251704 _____ (Microsoft Corporation) C:\Windows\system32\offlinesam.dll
2020-04-17 00:29 - 2020-04-17 00:29 - 000251392 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\winnat.sys
2020-04-17 00:29 - 2020-04-17 00:29 - 000241152 _____ (Microsoft Corporation) C:\Windows\system32\policymanagerprecheck.dll
2020-04-17 00:29 - 2020-04-17 00:29 - 000231936 _____ (Microsoft Corporation) C:\Windows\system32\InstallServiceTasks.dll
2020-04-17 00:29 - 2020-04-17 00:29 - 000231912 _____ (Microsoft Corporation) C:\Windows\system32\deviceaccess.dll
2020-04-17 00:29 - 2020-04-17 00:29 - 000200192 _____ (Microsoft Corporation) C:\Windows\system32\updatepolicy.dll
2020-04-17 00:29 - 2020-04-17 00:29 - 000197632 _____ (Microsoft Corporation) C:\Windows\system32\Win32CompatibilityAppraiserCSP.dll
2020-04-17 00:29 - 2020-04-17 00:29 - 000193848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dumpsd.sys
2020-04-17 00:29 - 2020-04-17 00:29 - 000178192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\partmgr.sys
2020-04-17 00:29 - 2020-04-17 00:29 - 000169472 _____ (Microsoft Corporation) C:\Windows\system32\SpatialAudioLicenseSrv.exe
2020-04-17 00:29 - 2020-04-17 00:29 - 000164368 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2020-04-17 00:29 - 2020-04-17 00:29 - 000158720 _____ (Microsoft Corporation) C:\Windows\system32\umpo.dll
2020-04-17 00:29 - 2020-04-17 00:29 - 000152408 _____ (Microsoft Corporation) C:\Windows\system32\KerbClientShared.dll
2020-04-17 00:29 - 2020-04-17 00:29 - 000151352 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\scmbus.sys
2020-04-17 00:29 - 2020-04-17 00:29 - 000147696 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2020-04-17 00:29 - 2020-04-17 00:29 - 000142544 _____ (Microsoft Corporation) C:\Windows\system32\LicensingUI.exe
2020-04-17 00:29 - 2020-04-17 00:29 - 000140800 _____ (Microsoft Corporation) C:\Windows\system32\slc.dll
2020-04-17 00:29 - 2020-04-17 00:29 - 000136192 _____ (Microsoft Corporation) C:\Windows\system32\sppc.dll
2020-04-17 00:29 - 2020-04-17 00:29 - 000129024 _____ (Microsoft Corporation) C:\Windows\system32\UtcDecoderHost.exe
2020-04-17 00:29 - 2020-04-17 00:29 - 000127280 _____ (Microsoft Corporation) C:\Windows\system32\win32u.dll
2020-04-17 00:29 - 2020-04-17 00:29 - 000125952 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2020-04-17 00:29 - 2020-04-17 00:29 - 000122368 _____ (Microsoft Corporation) C:\Windows\system32\samlib.dll
2020-04-17 00:29 - 2020-04-17 00:29 - 000115120 _____ (Microsoft Corporation) C:\Windows\system32\phoneactivate.exe
2020-04-17 00:29 - 2020-04-17 00:29 - 000108032 _____ (Microsoft Corporation) C:\Windows\system32\wwanprotdim.dll
2020-04-17 00:29 - 2020-04-17 00:29 - 000105984 _____ (Microsoft Corporation) C:\Windows\system32\utcutil.dll
2020-04-17 00:29 - 2020-04-17 00:29 - 000103936 _____ (Microsoft Corporation) C:\Windows\system32\dot3msm.dll
2020-04-17 00:29 - 2020-04-17 00:29 - 000102216 _____ (Microsoft Corporation) C:\Windows\system32\changepk.exe
2020-04-17 00:29 - 2020-04-17 00:29 - 000096768 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Custom.dll
2020-04-17 00:29 - 2020-04-17 00:29 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\dot3api.dll
2020-04-17 00:29 - 2020-04-17 00:29 - 000089912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volmgr.sys
2020-04-17 00:29 - 2020-04-17 00:29 - 000089088 _____ (Microsoft Corporation) C:\Windows\system32\WaaSMedicAgent.exe
2020-04-17 00:29 - 2020-04-17 00:29 - 000088352 _____ (Microsoft Corporation) C:\Windows\system32\remoteaudioendpoint.dll
2020-04-17 00:29 - 2020-04-17 00:29 - 000076288 _____ (Microsoft Corporation) C:\Windows\system32\autopilot.dll
2020-04-17 00:29 - 2020-04-17 00:29 - 000071480 _____ (Microsoft Corporation) C:\Windows\system32\win32appinventorycsp.dll
2020-04-17 00:29 - 2020-04-17 00:29 - 000070656 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Management.EnrollmentStatusTracking.ConfigProvider.dll
2020-04-17 00:29 - 2020-04-17 00:29 - 000070656 _____ (Microsoft Corporation) C:\Windows\system32\keepaliveprovider.dll
2020-04-17 00:29 - 2020-04-17 00:29 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll
2020-04-17 00:29 - 2020-04-17 00:29 - 000064000 _____ (Microsoft Corporation) C:\Windows\system32\tbauth.dll
2020-04-17 00:29 - 2020-04-17 00:29 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\mf3216.dll
2020-04-17 00:29 - 2020-04-17 00:29 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\CloudNotifications.exe
2020-04-17 00:29 - 2020-04-17 00:29 - 000059192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storufs.sys
2020-04-17 00:29 - 2020-04-17 00:29 - 000058880 _____ C:\Windows\system32\runexehelper.exe
2020-04-17 00:29 - 2020-04-17 00:29 - 000057856 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2020-04-17 00:29 - 2020-04-17 00:29 - 000057344 _____ (Microsoft Corporation) C:\Windows\system32\audioresourceregistrar.dll
2020-04-17 00:29 - 2020-04-17 00:29 - 000051200 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe
2020-04-17 00:29 - 2020-04-17 00:29 - 000047000 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2020-04-17 00:29 - 2020-04-17 00:29 - 000045568 _____ (Microsoft Corporation) C:\Windows\system32\cmintegrator.dll
2020-04-17 00:29 - 2020-04-17 00:29 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.Resources.Common.dll
2020-04-17 00:29 - 2020-04-17 00:29 - 000043008 _____ (Microsoft Corporation) C:\Windows\system32\WiredNetworkCSP.dll
2020-04-17 00:29 - 2020-04-17 00:29 - 000043008 _____ (Microsoft Corporation) C:\Windows\system32\UpgradeResultsUI.exe
2020-04-17 00:29 - 2020-04-17 00:29 - 000039424 _____ (Microsoft Corporation) C:\Windows\system32\WpcProxyStubs.dll
2020-04-17 00:29 - 2020-04-17 00:29 - 000036864 _____ (Microsoft Corporation) C:\Windows\system32\TokenBrokerCookies.exe
2020-04-17 00:29 - 2020-04-17 00:29 - 000036152 _____ (Microsoft Corporation) C:\Windows\system32\DeviceCensus.exe
2020-04-17 00:29 - 2020-04-17 00:29 - 000033792 _____ (Microsoft Corporation) C:\Windows\system32\sxssrv.dll
2020-04-17 00:29 - 2020-04-17 00:29 - 000033080 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hwpolicy.sys
2020-04-17 00:29 - 2020-04-17 00:29 - 000031744 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll
2020-04-17 00:29 - 2020-04-17 00:29 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\KNetPwrDepBroker.sys
2020-04-17 00:29 - 2020-04-17 00:29 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\WaaSMedicPS.dll
2020-04-17 00:29 - 2020-04-17 00:29 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\flpydisk.sys
2020-04-17 00:29 - 2020-04-17 00:29 - 000023552 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Custom.ps.dll
2020-04-17 00:29 - 2020-04-17 00:29 - 000022528 _____ (Microsoft Corporation) C:\Windows\system32\slcext.dll
2020-04-17 00:29 - 2020-04-17 00:29 - 000022528 _____ (Microsoft Corporation) C:\Windows\system32\sbservicetrigger.dll
2020-04-17 00:29 - 2020-04-17 00:29 - 000018944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sfloppy.sys
2020-04-17 00:29 - 2020-04-17 00:29 - 000014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2020-04-17 00:29 - 2020-04-17 00:29 - 000012800 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll
2020-04-17 00:29 - 2020-04-17 00:29 - 000012288 _____ (Microsoft Corporation) C:\Windows\system32\pacjsworker.exe
2020-04-17 00:29 - 2020-04-17 00:29 - 000010752 _____ (Microsoft Corporation) C:\Windows\system32\DMAlertListener.ProxyStub.dll
2020-04-17 00:29 - 2020-04-17 00:29 - 000008192 _____ (Microsoft Corporation) C:\Windows\system32\msimg32.dll
2020-04-17 00:29 - 2020-04-17 00:29 - 000003072 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2020-04-17 00:24 - 2020-03-16 23:57 - 000390656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2020-04-17 00:24 - 2020-03-16 23:56 - 000492544 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2020-04-16 19:37 - 2020-04-16 20:06 - 755134238 _____ C:\Users\Thanuz\Escritorio\2020-04-16 19-37-27.mkv
2020-04-16 19:37 - 2020-04-16 20:06 - 755134238 _____ C:\Users\Thanuz\Escritorio\2020-04-16 19-37-27.mkv
2020-04-15 12:23 - 2020-04-15 12:23 - 000002152 _____ C:\ProgramData\Escritorio\FileZilla Server Interface.lnk
2020-04-15 12:23 - 2020-04-15 12:23 - 000002152 _____ C:\ProgramData\Escritorio\FileZilla Server Interface.lnk
2020-04-15 12:23 - 2020-04-15 12:23 - 000000000 ____D C:\Users\Thanuz\AppData\Roaming\FileZilla Server
2020-04-15 12:23 - 2020-04-15 12:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla Server
2020-04-15 12:23 - 2020-04-15 12:23 - 000000000 ____D C:\Program Files (x86)\FileZilla Server
2020-04-14 17:55 - 2020-04-30 11:18 - 000000000 ____D C:\Users\Thanuz\AppData\Local\TeamViewer
2020-04-14 17:55 - 2020-04-14 17:55 - 000001040 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer.lnk
2020-04-13 21:07 - 2020-04-20 02:55 - 000000000 ____D C:\Users\Thanuz\Escritorio\Dolphin Emulator
2020-04-13 21:07 - 2020-04-20 02:55 - 000000000 ____D C:\Users\Thanuz\Escritorio\Dolphin Emulator
2020-04-13 21:07 - 2020-04-13 21:24 - 000000000 ____D C:\Users\Thanuz\Escritorio\Dolphin-x64
2020-04-13 21:07 - 2020-04-13 21:24 - 000000000 ____D C:\Users\Thanuz\Escritorio\Dolphin-x64
2020-04-13 00:05 - 2020-04-13 00:17 - 000000000 ____D C:\Users\Thanuz\Escritorio\cemu_1.18.0
2020-04-13 00:05 - 2020-04-13 00:17 - 000000000 ____D C:\Users\Thanuz\Escritorio\cemu_1.18.0
2020-04-12 22:59 - 2018-08-05 10:43 - 000000000 ____D C:\Users\Thanuz\Escritorio\private
2020-04-12 22:59 - 2018-08-05 10:43 - 000000000 ____D C:\Users\Thanuz\Escritorio\private
2020-04-12 21:42 - 2019-08-20 11:16 - 031469482 _____ C:\Users\Thanuz\Escritorio\private.rar
2020-04-12 21:42 - 2019-08-20 11:16 - 031469482 _____ C:\Users\Thanuz\Escritorio\private.rar
2020-04-12 21:42 - 2019-08-20 11:16 - 000135420 _____ C:\Users\Thanuz\Escritorio\data.rar
2020-04-12 21:42 - 2019-08-20 11:16 - 000135420 _____ C:\Users\Thanuz\Escritorio\data.rar
2020-04-12 16:47 - 2020-04-12 16:47 - 000000000 ____D C:\Users\Thanuz\Escritorio\Zoom
2020-04-12 16:47 - 2020-04-12 16:47 - 000000000 ____D C:\Users\Thanuz\Escritorio\Zoom
2020-04-11 11:09 - 2020-04-11 12:13 - 854612803 _____ C:\Users\Thanuz\Escritorio\2020-04-11 11-09-02.mkv
2020-04-11 11:09 - 2020-04-11 12:13 - 854612803 _____ C:\Users\Thanuz\Escritorio\2020-04-11 11-09-02.mkv
2020-04-10 22:23 - 2020-04-10 22:23 - 000000000 ____D C:\Windows\system32\Tasks\Mozilla
2020-04-10 20:17 - 2020-04-12 13:37 - 000000000 ____D C:\Program Files\Mozilla Firefox
2020-04-09 18:09 - 2020-04-09 18:09 - 000000309 _____ C:\Windows\SysWOW64\InstallUtil.InstallLog
2020-04-09 18:09 - 2020-04-09 18:09 - 000000000 ____D C:\Windows\TempInst
2020-04-09 18:07 - 2020-04-09 18:07 - 000000000 ____D C:\Users\Thanuz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom
2020-04-07 17:10 - 1996-12-24 22:32 - 000524288 _____ C:\Users\Thanuz\Escritorio\Splatterhouse (USA).pce
2020-04-07 17:10 - 1996-12-24 22:32 - 000524288 _____ C:\Users\Thanuz\Escritorio\Splatterhouse (USA).pce
2020-04-07 14:49 - 2020-04-07 15:29 - 000000000 ____D C:\Users\Thanuz\Escritorio\hakchi2-ce-3.8.0
2020-04-07 14:49 - 2020-04-07 15:29 - 000000000 ____D C:\Users\Thanuz\Escritorio\hakchi2-ce-3.8.0
2020-04-07 14:46 - 2020-04-07 14:46 - 000000000 ____D C:\Users\Thanuz\Escritorio\dump
2020-04-07 14:46 - 2020-04-07 14:46 - 000000000 ____D C:\Users\Thanuz\Escritorio\dump
2020-04-07 13:49 - 2020-04-07 13:04 - 005157432 _____ (akeo.ie) C:\Users\Thanuz\Escritorio\zadig-2.5.exe
2020-04-07 13:49 - 2020-04-07 13:04 - 005157432 _____ (akeo.ie) C:\Users\Thanuz\Escritorio\zadig-2.5.exe
2020-04-04 09:29 - 2020-04-04 10:03 - 176599487 _____ C:\Users\Thanuz\Escritorio\2020-04-04 10-29-55.mkv
2020-04-04 09:29 - 2020-04-04 10:03 - 176599487 _____ C:\Users\Thanuz\Escritorio\2020-04-04 10-29-55.mkv
2020-04-03 18:42 - 2020-04-04 09:28 - 340826174 _____ C:\Users\Thanuz\Escritorio\2020-04-03 19-42-22.mkv
2020-04-03 18:42 - 2020-04-04 09:28 - 340826174 _____ C:\Users\Thanuz\Escritorio\2020-04-03 19-42-22.mkv

==================== Un mes (modificado) ==================

(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)

2020-05-03 17:46 - 2020-03-29 19:20 - 000000000 ___RD C:\Users\Thanuz\Escritorio
2020-05-03 17:45 - 2019-06-09 23:26 - 000000000 ____D C:\Users\Thanuz\AppData\Roaming\WhatsApp
2020-05-03 17:44 - 2019-08-20 17:47 - 000000000 ____D C:\Users\Thanuz\AppData\Roaming\vlc
2020-05-03 17:44 - 2019-06-09 00:57 - 000000000 ____D C:\Users\Thanuz\AppData\LocalLow\Mozilla
2020-05-03 17:38 - 2019-06-08 18:40 - 000000000 ____D C:\Windows\system32\Drivers\wd
2020-05-03 17:27 - 2019-03-19 00:52 - 000000000 ___HD C:\Windows\ELAMBKUP
2020-05-03 17:19 - 2019-06-09 01:02 - 000000000 ____D C:\ProgramData\NVIDIA
2020-05-03 17:19 - 2019-03-19 00:52 - 000000000 ____D C:\Windows\AppReadiness
2020-05-03 17:16 - 2019-06-08 18:40 - 000000000 ____D C:\Windows\system32\SleepStudy
2020-05-03 17:16 - 2019-03-19 00:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-05-01 16:34 - 2019-06-10 22:39 - 000000000 ____D C:\Users\Thanuz\AppData\Local\WhatsApp
2020-05-01 02:38 - 2019-03-19 00:52 - 000000000 ___HD C:\Program Files\WindowsApps
2020-04-30 23:49 - 2019-06-12 22:40 - 000000000 ____D C:\Program Files (x86)\Steam
2020-04-30 23:49 - 2019-06-09 00:49 - 000000000 __SHD C:\Users\Thanuz\IntelGraphicsProfiles
2020-04-30 23:42 - 2019-06-09 00:49 - 001773366 _____ C:\Windows\system32\PerfStringBackup.INI
2020-04-30 23:42 - 2019-03-19 07:59 - 000789814 _____ C:\Windows\system32\perfh00A.dat
2020-04-30 23:42 - 2019-03-19 07:59 - 000156068 _____ C:\Windows\system32\perfc00A.dat
2020-04-30 23:42 - 2019-03-19 00:50 - 000000000 ____D C:\Windows\INF
2020-04-30 23:38 - 2019-06-18 23:38 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2020-04-30 23:38 - 2019-06-08 18:40 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2020-04-30 23:37 - 2019-03-19 00:37 - 000786432 _____ C:\Windows\system32\config\BBI
2020-04-30 14:52 - 2019-03-19 00:37 - 000032768 _____ C:\Windows\system32\config\ELAM
2020-04-30 13:12 - 2019-06-09 23:38 - 000744808 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2020-04-30 13:10 - 2019-09-23 00:28 - 000000000 ____D C:\AdwCleaner
2020-04-30 13:07 - 2019-06-19 15:11 - 000000000 ____D C:\Users\Thanuz\AppData\Local\CrashDumps
2020-04-30 12:53 - 2019-07-01 08:58 - 000000000 ____D C:\Program Files\Common Files\AV
2020-04-30 12:47 - 2019-06-09 00:48 - 000000000 ____D C:\Users\Thanuz\AppData\Local\D3DSCache
2020-04-30 01:14 - 2020-03-30 19:20 - 000000000 ____D C:\Users\Thanuz\AppData\Roaming\Parsec
2020-04-30 01:14 - 2019-12-25 14:02 - 000000000 ____D C:\ProgramData\UMS
2020-04-30 01:14 - 2019-10-02 23:58 - 000000000 ____D C:\Users\Thanuz\AppData\Roaming\Spotify
2020-04-30 01:14 - 2019-10-02 23:58 - 000000000 ____D C:\Users\Thanuz\AppData\Local\Spotify
2020-04-30 01:14 - 2019-06-09 23:35 - 000000000 ____D C:\Users\Thanuz\AppData\Roaming\uTorrent
2020-04-25 18:35 - 2019-06-09 23:36 - 000000000 ____D C:\Users\Thanuz\AppData\Local\BitTorrentHelper
2020-04-21 16:45 - 2019-06-08 18:40 - 000456088 _____ C:\Windows\system32\FNTCACHE.DAT
2020-04-21 03:02 - 2019-06-09 00:45 - 000000000 ____D C:\Users\Thanuz
2020-04-21 03:02 - 2019-03-19 00:52 - 000000000 ____D C:\Windows\SystemResources
2020-04-21 03:02 - 2019-03-19 00:52 - 000000000 ____D C:\Windows\system32\PerceptionSimulation
2020-04-21 03:02 - 2019-03-19 00:52 - 000000000 ____D C:\Windows\system32\migwiz
2020-04-21 03:02 - 2019-03-19 00:52 - 000000000 ____D C:\Windows\ShellExperiences
2020-04-21 03:02 - 2019-03-19 00:52 - 000000000 ____D C:\Windows\Provisioning
2020-04-21 03:02 - 2019-03-19 00:52 - 000000000 ____D C:\Windows\bcastdvr
2020-04-21 03:01 - 2019-06-16 23:45 - 000000000 ____D C:\Users\Thanuz\AppData\Roaming\Discord
2020-04-21 02:42 - 2019-06-09 01:03 - 000000000 ____D C:\Users\Thanuz\AppData\Local\NVIDIA
2020-04-21 00:27 - 2019-06-15 20:03 - 000000000 ____D C:\Users\Thanuz\AppData\Local\UnrealEngine
2020-04-21 00:25 - 2019-03-19 00:52 - 000000000 ____D C:\Windows\Help
2020-04-21 00:21 - 2019-09-09 11:12 - 000003976 _____ C:\Windows\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-04-21 00:21 - 2019-09-09 11:12 - 000003940 _____ C:\Windows\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-04-21 00:21 - 2019-09-09 11:12 - 000003858 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-04-21 00:21 - 2019-09-09 11:12 - 000003858 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-04-21 00:21 - 2019-09-09 11:12 - 000003858 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-04-21 00:21 - 2019-09-09 11:12 - 000003858 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-04-21 00:21 - 2019-08-27 22:40 - 000004106 _____ C:\Windows\system32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-04-21 00:21 - 2019-06-30 14:44 - 000004308 _____ C:\Windows\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-04-21 00:21 - 2019-06-09 01:03 - 000003894 _____ C:\Windows\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-04-21 00:21 - 2019-06-09 01:03 - 000003654 _____ C:\Windows\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-04-21 00:21 - 2019-06-09 01:02 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2020-04-21 00:21 - 2019-06-09 01:02 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2020-04-21 00:21 - 2019-06-09 00:58 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2020-04-20 19:20 - 2019-11-08 22:43 - 000000600 _____ C:\Users\Thanuz\AppData\Roaming\winscp.rnd
2020-04-20 14:43 - 2019-06-09 00:48 - 000000000 ____D C:\Users\Thanuz\AppData\Local\PlaceholderTileLogoFolder
2020-04-20 02:06 - 2019-06-09 00:46 - 000000000 ____D C:\Users\Thanuz\AppData\Local\Packages
2020-04-17 21:19 - 2019-08-14 11:10 - 000000000 ____D C:\Users\Thanuz\.VirtualBox
2020-04-17 16:52 - 2019-08-14 15:09 - 000000000 ____D C:\Users\Thanuz\VirtualBox VMs
2020-04-17 11:28 - 2019-08-14 11:10 - 000000000 ____D C:\ProgramData\VirtualBox
2020-04-17 00:32 - 2019-03-19 00:37 - 000000000 ____D C:\Windows\CbsTemp
2020-04-16 20:40 - 2019-06-11 12:14 - 000000000 ____D C:\Users\Thanuz\AppData\Roaming\obs-studio
2020-04-14 19:17 - 2019-06-09 00:48 - 000003380 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-197814337-2409111935-2844641891-1001
2020-04-14 19:17 - 2019-06-09 00:48 - 000000000 ___RD C:\Users\Thanuz\OneDrive
2020-04-14 19:17 - 2019-06-09 00:45 - 000002445 _____ C:\Users\Thanuz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-04-14 12:38 - 2019-12-25 14:02 - 000000813 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Universal Media Server.lnk
2020-04-14 11:52 - 2019-06-09 01:12 - 000004578 _____ C:\Windows\system32\Tasks\Adobe Flash Player NPAPI Notifier
2020-04-14 11:52 - 2019-06-09 01:12 - 000004388 _____ C:\Windows\system32\Tasks\Adobe Flash Player Updater
2020-04-14 11:52 - 2019-03-19 00:52 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2020-04-14 11:52 - 2019-03-19 00:52 - 000000000 ____D C:\Windows\system32\Macromed
2020-04-12 13:37 - 2019-06-09 00:57 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2020-04-11 17:52 - 2019-06-09 01:01 - 004927960 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2020-04-11 00:08 - 2019-10-06 00:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2020-04-10 22:23 - 2019-06-09 00:57 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2020-04-09 20:08 - 2019-06-18 08:32 - 000000282 __RSH C:\ProgramData\ntuser.pol
2020-04-09 20:07 - 2019-08-31 22:57 - 000000000 ____D C:\Users\Thanuz\usb_driver
2020-04-09 19:58 - 2019-06-10 14:58 - 000000000 ____D C:\ProgramData\Lenovo
2020-04-09 19:35 - 2019-06-09 01:01 - 000000000 ____D C:\ProgramData\Package Cache
2020-04-09 18:09 - 2020-03-30 20:45 - 000000000 ____D C:\Windows\system32\Tasks\TVT
2020-04-09 18:09 - 2019-06-10 15:12 - 000000000 ____D C:\Program Files (x86)\Lenovo
2020-04-09 18:09 - 2019-06-10 14:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo
2020-04-09 18:07 - 2020-03-20 14:38 - 000000000 ____D C:\Users\Thanuz\AppData\Roaming\Zoom
2020-04-07 14:48 - 2019-06-07 00:19 - 001721576 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01009.dll
2020-04-07 13:58 - 2019-09-09 11:12 - 002799416 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2020-04-07 13:58 - 2019-09-09 11:12 - 002159592 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2020-04-07 13:58 - 2019-09-09 11:12 - 001314792 _____ (NVIDIA Corporation) C:\Windows\system32\NvRtmpStreamer64.dll
2020-04-03 20:21 - 2019-06-09 01:01 - 000057237 _____ C:\Windows\system32\nvinfo.pb
2020-04-03 17:56 - 2019-06-09 01:02 - 005581808 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2020-04-03 17:56 - 2019-06-09 01:02 - 002631664 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2020-04-03 17:55 - 2019-06-09 01:02 - 001759032 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2020-04-03 17:55 - 2019-06-09 01:02 - 001172464 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll
2020-04-03 17:55 - 2019-06-09 01:02 - 000446264 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2020-04-03 17:55 - 2019-06-09 01:02 - 000144360 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\oemdspif.dll
2020-04-03 17:55 - 2019-06-09 01:02 - 000121144 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2020-04-03 17:55 - 2019-06-09 01:02 - 000074736 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll
2020-04-03 06:08 - 2019-06-09 01:02 - 009037867 _____ C:\Windows\system32\nvcoproc.bin

==================== Archivos en la raíz de algunos directorios ========

2019-11-08 22:43 - 2020-04-20 19:20 - 000000600 _____ () C:\Users\Thanuz\AppData\Roaming\winscp.rnd
2019-12-12 13:56 - 2019-12-12 13:56 - 000003867 _____ () C:\Users\Thanuz\AppData\Local\recently-used.xbel

==================== SigCheck ============================

(No existe una corrección automática para los archivos que no pasan la verificación.)

==================== Final de FRST.txt ========================
18

Addition.txt

Resultados del Análisis Adicional de Farbar Recovery Scan Tool (x64) Versión: 03-05-2020
Ejecutado por Thanuz (03-05-2020 17:49:01)
Ejecutado desde C:\Users\Thanuz\Escritorio
Windows 10 Home Single Language Versión 1903 18362.778 (X64) (2019-06-08 22:41:58)
Modo de Inicio: Normal
==========================================================


==================== Cuentas: =============================

Administrador (S-1-5-21-197814337-2409111935-2844641891-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-197814337-2409111935-2844641891-503 - Limited - Disabled)
Invitado (S-1-5-21-197814337-2409111935-2844641891-501 - Limited - Enabled)
Thanuz (S-1-5-21-197814337-2409111935-2844641891-1001 - Administrator - Enabled) => C:\Users\Thanuz
WDAGUtilityAccount (S-1-5-21-197814337-2409111935-2844641891-504 - Limited - Disabled)

==================== Centro de Seguridad ========================

(Si una entrada es incluida en el fixlist, será eliminada.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Programas instalados ======================

(Solo los programas de adware con indicador "Oculto", pueden ser añadidos al fixlist para hacerlos visibles. Los programas adware deben ser desinstalados manualmente.)

µTorrent (HKU\S-1-5-21-197814337-2409111935-2844641891-1001\...\uTorrent) (Version: 3.5.5.45628 - BitTorrent Inc.)
Actualización de NVIDIA 38.0.5.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 38.0.5.0 - NVIDIA Corporation) Hidden
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.363 - Adobe)
Advanced IP Scanner 2.5 (HKLM-x32\...\{00D9EC92-0356-49F2-96B3-E9F3629A1C5B}) (Version: 2.5.3850 - Famatech)
Atom (HKU\S-1-5-21-197814337-2409111935-2844641891-1001\...\atom) (Version: 1.38.1 - GitHub Inc.)
AviSynth (HKLM-x32\...\AviSynth) (Version: 2.6.0 MT - )
Citra (HKU\S-1-5-21-197814337-2409111935-2844641891-1001\...\{a33c7cdd-87bd-4944-af7a-d7fd0ff4d570}) (Version: 1.0.0 - Citra Team)
Desinstalar impresora EPSON L380 Series (HKLM\...\EPSON L380 Series) (Version:  - Seiko Epson Corporation)
Discord (HKU\S-1-5-21-197814337-2409111935-2844641891-1001\...\Discord) (Version: 0.0.306 - Discord Inc.)
Eines de correcció del Microsoft Office 2013: català (HKLM-x32\...\{90150000-001F-0403-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Epic Games Launcher (HKLM-x32\...\{385D03C4-767B-4B5F-A627-61319D136EF4}) (Version: 1.1.236.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
EPSON L110 Series Printer Uninstall (HKLM\...\EPSON L110 Series) (Version:  - SEIKO EPSON Corporation)
Epson Software Updater (HKLM-x32\...\{FD036A57-F81D-4865-AAF0-811558EA76AE}) (Version: 4.5.1 - Seiko Epson Corporation)
Epson USB Display (HKLM-x32\...\{7650F538-6274-44EA-8F50-843479073333}) (Version: 1.70.000 - SEIKO EPSON CORPORATION)
Ferramentas de verificación de Microsoft Office 2013 - Galego (HKLM-x32\...\{90150000-001F-0456-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
FileZilla Server (HKLM-x32\...\FileZilla Server) (Version: beta 0.9.60 - FileZilla Project)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 9.6.0.25114 - Foxit Software Inc.)
GIMP 2.10.12 (HKLM\...\GIMP-2_is1) (Version: 2.10.12 - The GIMP Team)
HP LaserJet Pro M11-M13 Series (HKLM\...\HP LaserJet Pro M11-M13 Series) (Version:  - )
HPSSupply (HKLM-x32\...\{7902E313-FF0F-4493-ACB1-A8147B78DCD0}) (Version: 2.1.1.0000 - Hewlett Packard Development Company L.P.)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.6.0.1039 - Intel Corporation)
Intel(R) Online Connect Software Asset Manager (HKLM-x32\...\{4FA94F64-1A00-4426-BF58-D08EB592CE1B}) (Version: 3.4.2095 - Intel Corporation) Hidden
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Lenovo Nerve Sense (HKLM\...\{DCB4DFB5-93CA-4BDD-9D08-CE880626B46E}_is1) (Version: 2.6.11.8 - Lenovo)
Lenovo Service Bridge (HKU\S-1-5-21-197814337-2409111935-2844641891-1001\...\{2C74547D-EF88-47F4-85F5-BE46A31E26B7}_is1) (Version: 5.0.0.4 - Lenovo)
Lenovo System Update (HKLM-x32\...\TVSU_is1) (Version: 5.07.0095 - Lenovo)
LenovoUtility (HKLM-x32\...\{6ADA7E88-8D16-4D0D-BC90-2B93AC5E56DA}) (Version: 3.0.0.4 - Lenovo) Hidden
LenovoUtility (HKLM-x32\...\InstallShield_{6ADA7E88-8D16-4D0D-BC90-2B93AC5E56DA}) (Version: 3.0.0.4 - Lenovo)
maxima-5.43.0 (HKU\S-1-5-21-197814337-2409111935-2844641891-1001\...\maxima-5.43.0) (Version: 5.43.0 - Maxima Team)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}) (Version: 3.5.67.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM-x32\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft OneDrive (HKU\.DEFAULT\...\OneDriveSetup.exe) (Version: 18.151.0729.0013 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-197814337-2409111935-2844641891-1001\...\OneDriveSetup.exe) (Version: 19.232.1124.0012 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.25.28508 (HKLM-x32\...\{6913e92a-b64e-41c9-a5e6-cef39207fe89}) (Version: 14.25.28508.3 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.10.25008 (HKLM-x32\...\{c239cea1-d49e-4e16-8e87-8c055765f7ec}) (Version: 14.10.25008.0 - Microsoft Corporation)
MiniTool Partition Wizard Free 11 (HKLM\...\{05D996FA-ADCB-4D23-BA3C-A7C184A8FAC6}_is1) (Version:  - MiniTool Software Limited)
Mozilla Firefox 75.0 (x64 es-ES) (HKLM\...\Mozilla Firefox 75.0 (x64 es-ES)) (Version: 75.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 67.0.1 - Mozilla)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.19 - NVIDIA Corporation) Hidden
NVIDIA Controlador de gráficos 445.87 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 445.87 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.20.3.63 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.3.63 - NVIDIA Corporation)
NVIDIA Software del sistema PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 23.1.0 - OBS Project)
Oracle VM VirtualBox 6.0.10 (HKLM\...\{6A145EBB-FA61-4F90-BDE1-2308B1C26C0F}) (Version: 6.0.10 - Oracle Corporation)
Outils de vérification linguistique 2013 de Microsoft Office - Français (HKLM-x32\...\{90150000-001F-040C-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Panel de control de NVIDIA 445.87 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 445.87 - NVIDIA Corporation) Hidden
Parsec (HKLM-x32\...\Parsec) (Version:  - Parsec Cloud Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8555 - Realtek Semiconductor Corp.)
Revisores de Texto do Microsoft Office 2013 – Português do Brasil (HKLM-x32\...\{90150000-001F-0416-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Scratch Desktop 3.4.0 (HKU\S-1-5-21-197814337-2409111935-2844641891-1001\...\bad79d23-e888-5a7b-9e99-60ee89b6c8bf) (Version: 3.4.0 - Scratch Foundation)
Service Pack 1 for Microsoft Office 2013 (KB2817430) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{7F6C4883-A18C-459A-82C1-A2F9403F2DA6}) (Version:  - Microsoft)
Skype versión 8.58 (HKLM-x32\...\Skype_is1) (Version: 8.58 - Skype Technologies S.A.)
Software para dispositivos de chipset Intel® (HKLM-x32\...\{bb0592a7-5772-4736-9d55-2402740085db}) (Version: 10.1.1.38 - Intel(R) Corporation) Hidden
Spotify (HKU\S-1-5-21-197814337-2409111935-2844641891-1001\...\Spotify) (Version: 1.1.31.703.g256add22 - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.4.8332 - TeamViewer)
Universal Media Server (HKLM-x32\...\Universal Media Server) (Version: 9.4.1 - Universal Media Server)
Uplay (HKLM-x32\...\Uplay) (Version: 104.1 - Ubisoft)
Veyon (HKLM-x32\...\Veyon) (Version: 4.2.2.0 - Veyon Solutions)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.8 - VideoLAN)
Wampserver64 3.1.9 (HKLM\...\{wampserver64}_is1) (Version: 3.1.9 - Dominique Ottello aka Otomatic)
Western Digital SSD Dashboard (HKLM-x32\...\Western Digital SSD Dashboard) (Version: 2.5.1.0 - Western Digital Corporation or its affiliates)
WhatsApp (HKU\S-1-5-21-197814337-2409111935-2844641891-1001\...\WhatsApp) (Version: 2.2017.6 - WhatsApp)
WinRAR 5.71 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.71.0 - win.rar GmbH)
Zoom (HKU\S-1-5-21-197814337-2409111935-2844641891-1001\...\ZoomUMX) (Version: 4.6 - Zoom Video Communications, Inc.)

Packages:
=========
Bubble Witch 3 Saga -> C:\Program Files\WindowsApps\king.com.BubbleWitch3Saga_6.8.5.0_x86__kgqvnymyfvs32 [2020-04-10] (king.com)
Candy Crush Friends -> C:\Program Files\WindowsApps\king.com.CandyCrushFriends_1.36.5.0_x86__kgqvnymyfvs32 [2020-05-01] (king.com)
Centro de comando de gráficos Intel® -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.2727.0_x64__8j3eq9eme6ctt [2020-03-13] (INTEL CORP) [Startup Task]
Complemento de Fotos -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2017.39121.36610.0_x64__8wekyb3d8bbwe [2020-04-19] (Microsoft Corporation)
Complemento de motor del medio de Fotos -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-04-19] (Microsoft Corporation)
Intel® Graphics Control Panel -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsControlPanel_3.3.0.0_x64__8j3eq9eme6ctt [2020-02-23] (INTEL CORP)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-06-09] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-06-09] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.7.4282.0_x64__8wekyb3d8bbwe [2020-04-30] (Microsoft Studios) [MS Ad]
MSN El Tiempo -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-24] (Microsoft Corporation) [MS Ad]
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.96.725.0_x64__mcm4njqhnhss8 [2020-04-10] (Netflix, Inc.)

==================== Personalizado CLSID (Lista blanca): ==============

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> Ningún archivo
ContextMenuHandlers1: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => D:\PROGRAMAS\FOXIT READER\plugins\ConvertToPDFShellExtension_x64.dll [2019-06-28] (FOXIT SOFTWARE INC. -> Foxit Software Inc.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2020-04-03] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => D:\PROGRAMAS\FOXIT READER\plugins\ConvertToPDFShellExtension_x64.dll [2019-06-28] (FOXIT SOFTWARE INC. -> Foxit Software Inc.)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Lista blanca) ====================

==================== Accesos directos & WMI ========================

(Las entradas pueden ser listadas para ser restauradas o eliminadas.)

Shortcut: C:\Users\Thanuz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\maxima-5.43.0\Configure default LISP for Maxima.lnk -> C:\maxima-5.43.0\bin\lispselector.bat ()
Shortcut: C:\Users\Thanuz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\maxima-5.43.0\Maxima (command line).lnk -> C:\maxima-5.43.0\bin\maxima.bat ()
Shortcut: C:\Users\Thanuz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\maxima-5.43.0\XMaxima (simple GUI).lnk -> C:\maxima-5.43.0\bin\xmaxima.bat ()

==================== Módulos cargados (Lista blanca) =============

2019-05-22 07:55 - 2019-05-22 07:55 - 000248848 _____ () [Archivo no firmado] D:\Programas\Veyon\crypto\libqca-ossl.dll
2019-05-22 07:55 - 2019-05-22 07:55 - 000082944 _____ () [Archivo no firmado] D:\Programas\Veyon\libgcc_s_seh-1.dll
2019-05-22 07:55 - 2019-05-22 07:55 - 000634880 _____ () [Archivo no firmado] D:\Programas\Veyon\libjpeg-62.dll
2019-05-22 07:55 - 2019-05-22 07:55 - 000206336 _____ () [Archivo no firmado] D:\Programas\Veyon\libkldap-light.dll
2019-05-22 07:55 - 2019-05-22 07:55 - 000054272 _____ () [Archivo no firmado] D:\Programas\Veyon\liblber.dll
2019-05-22 07:55 - 2019-05-22 07:55 - 000251904 _____ () [Archivo no firmado] D:\Programas\Veyon\libldap.dll
2019-05-22 07:55 - 2019-05-22 07:55 - 000292352 _____ () [Archivo no firmado] D:\Programas\Veyon\libldap-common.dll
2019-05-22 07:55 - 2019-05-22 07:55 - 000138240 _____ () [Archivo no firmado] D:\Programas\Veyon\liblzo2-2.dll
2019-05-22 07:55 - 2019-05-22 07:55 - 000220672 _____ () [Archivo no firmado] D:\Programas\Veyon\libpng16-16.dll
2019-05-22 07:55 - 2019-05-22 07:55 - 000906240 _____ () [Archivo no firmado] D:\Programas\Veyon\libqca-qt5.dll
2019-05-22 07:55 - 2019-05-22 07:55 - 000131584 _____ () [Archivo no firmado] D:\Programas\Veyon\libsasl2-3.dll
2019-05-22 07:55 - 2019-05-22 07:55 - 000018432 _____ () [Archivo no firmado] D:\Programas\Veyon\libssp-0.dll
2019-05-22 07:55 - 2019-05-22 07:55 - 001384960 _____ () [Archivo no firmado] D:\Programas\Veyon\libstdc++-6.dll
2019-05-22 07:55 - 2019-05-22 07:55 - 000150032 _____ () [Archivo no firmado] D:\Programas\Veyon\plugins\authkeys.dll
2019-05-22 07:55 - 2019-05-22 07:55 - 000178192 _____ () [Archivo no firmado] D:\Programas\Veyon\plugins\builtindirectory.dll
2019-05-22 07:55 - 2019-05-22 07:55 - 000751120 _____ () [Archivo no firmado] D:\Programas\Veyon\plugins\builtin-ultravnc-server.dll
2019-05-22 07:55 - 2019-05-22 07:55 - 000088592 _____ () [Archivo no firmado] D:\Programas\Veyon\plugins\config.dll
2019-05-22 07:55 - 2019-05-22 07:55 - 000124944 _____ () [Archivo no firmado] D:\Programas\Veyon\plugins\demo.dll
2019-05-22 07:55 - 2019-05-22 07:55 - 000136720 _____ () [Archivo no firmado] D:\Programas\Veyon\plugins\desktopservices.dll
2019-05-22 07:55 - 2019-05-22 07:55 - 000037392 _____ () [Archivo no firmado] D:\Programas\Veyon\plugins\external-vnc-server.dll
2019-05-22 07:55 - 2019-05-22 07:55 - 000113168 _____ () [Archivo no firmado] D:\Programas\Veyon\plugins\filetransfer.dll
2019-05-22 07:55 - 2019-05-22 07:55 - 000095248 _____ () [Archivo no firmado] D:\Programas\Veyon\plugins\ldap.dll
2019-05-22 07:55 - 2019-05-22 07:55 - 000147984 _____ () [Archivo no firmado] D:\Programas\Veyon\plugins\powercontrol.dll
2019-05-22 07:55 - 2019-05-22 07:55 - 000129040 _____ () [Archivo no firmado] D:\Programas\Veyon\plugins\remoteaccess.dll
2019-05-22 07:55 - 2019-05-22 07:55 - 000046608 _____ () [Archivo no firmado] D:\Programas\Veyon\plugins\screenlock.dll
2019-05-22 07:55 - 2019-05-22 07:55 - 000036880 _____ () [Archivo no firmado] D:\Programas\Veyon\plugins\screenshot.dll
2019-05-22 07:55 - 2019-05-22 07:55 - 000053264 _____ () [Archivo no firmado] D:\Programas\Veyon\plugins\servicecontrol.dll
2019-05-22 07:55 - 2019-05-22 07:55 - 000073744 _____ () [Archivo no firmado] D:\Programas\Veyon\plugins\shell.dll
2019-05-22 07:55 - 2019-05-22 07:55 - 000022032 _____ () [Archivo no firmado] D:\Programas\Veyon\plugins\systemusergroups.dll
2019-05-22 07:55 - 2019-05-22 07:55 - 000056848 _____ () [Archivo no firmado] D:\Programas\Veyon\plugins\textmessage.dll
2019-05-22 07:55 - 2019-05-22 07:55 - 000213520 _____ () [Archivo no firmado] D:\Programas\Veyon\plugins\windows-platform.dll
2019-05-22 07:55 - 2019-05-22 07:55 - 001057792 _____ () [Archivo no firmado] D:\Programas\Veyon\veyon-core.dll
2019-05-22 07:55 - 2019-05-22 07:55 - 000122880 _____ () [Archivo no firmado] D:\Programas\Veyon\zlib1.dll
2019-05-22 07:55 - 2019-05-22 07:55 - 000020480 _____ (Francisco Lopes) [Archivo no firmado] D:\Programas\Veyon\interception.dll
2017-02-06 09:25 - 2017-02-06 09:25 - 001412608 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Archivo no firmado] C:\Program Files (x86)\FileZilla Server\libeay32.dll
2017-02-06 09:25 - 2017-02-06 09:25 - 000365056 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Archivo no firmado] C:\Program Files (x86)\FileZilla Server\ssleay32.dll
2019-05-22 07:55 - 2019-05-22 07:55 - 002681344 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [Archivo no firmado] D:\Programas\Veyon\libcrypto-1_1-x64.dll
2019-05-22 07:55 - 2019-05-22 07:55 - 000525312 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [Archivo no firmado] D:\Programas\Veyon\libssl-1_1-x64.dll
2019-05-22 07:55 - 2019-05-22 07:55 - 006015488 _____ (The Qt Company Ltd.) [Archivo no firmado] D:\Programas\Veyon\Qt5Core.dll
2019-05-22 07:55 - 2019-05-22 07:55 - 005866496 _____ (The Qt Company Ltd.) [Archivo no firmado] D:\Programas\Veyon\Qt5Gui.dll
2019-05-22 07:55 - 2019-05-22 07:55 - 001536512 _____ (The Qt Company Ltd.) [Archivo no firmado] D:\Programas\Veyon\Qt5Network.dll
2019-05-22 07:55 - 2019-05-22 07:55 - 005566464 _____ (The Qt Company Ltd.) [Archivo no firmado] D:\Programas\Veyon\Qt5Widgets.dll

==================== Alternate Data Streams (Lista blanca) ========

==================== Modo Seguro (Lista blanca) ==================

==================== Asociación (Lista blanca) =================

==================== Internet Explorer sitios de confianza/restringidos ==========

==================== Hosts contenido: =========================

(Si es necesario, la directiva Hosts: puede ser incluida en el fixlist para restablecer Hosts.)

2019-03-19 00:49 - 2019-09-10 08:29 - 000000848 _____ C:\Windows\system32\drivers\etc\hosts
127.0.0.1 facebook.com

2019-06-14 09:11 - 2019-09-23 12:59 - 000000657 _____ C:\Windows\system32\drivers\etc\hosts.ics
192.168.137.95 LAPTOP-8UT73BOB.mshome.net # 2019 8 1 26 13 20 32 48
2.168.137.131 LAPTOP-51CAE6V7.mshome.net # 2019 8 5 16 14 37 20 994
192.168.137.95 LAPTOP-8UT73BOB.mshome.net # 2019 8 5 16 15 31 49 62
62

==================== Otras Áreas ===========================

(Actualmente no existe una corrección automática para esta sección.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR
HKU\S-1-5-21-197814337-2409111935-2844641891-1001\Control Panel\Desktop\\Wallpaper -> D:\Descargas\1897260.png
DNS Servers: El medio no está conectado a internet.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Firewall de Windows está habilitado.

Network Binding:
=============
Ethernet 3: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled) 
Ethernet 3: Intel(R) Technology Access Filter Driver -> nt_ndisrd (enabled) 
VirtualBox Host-Only Network: Intel(R) Technology Access Filter Driver -> nt_ndisrd (enabled) 
VirtualBox Host-Only Network: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled) 
Ethernet: Intel(R) Technology Access Filter Driver -> nt_ndisrd (enabled) 
Ethernet: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled) 
Wi-Fi: Intel(R) Technology Access Filter Driver -> nt_ndisrd (enabled) 
Wi-Fi: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled) 

==================== MSCONFIG/TASK MANAGER elementos deshabilitados ==

(Si una entrada es incluida en el fixlist, será eliminada.)

HKLM\...\StartupApproved\StartupFolder: => "Universal Media Server.lnk"
HKLM\...\StartupApproved\Run32: => "Dropbox"
HKLM\...\StartupApproved\Run32: => "EPSON_UD_START"
HKLM\...\StartupApproved\Run32: => "FileZilla Server Interface"
HKU\S-1-5-21-197814337-2409111935-2844641891-1001\...\StartupApproved\Run: => "uTorrent"
HKU\S-1-5-21-197814337-2409111935-2844641891-1001\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-197814337-2409111935-2844641891-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-197814337-2409111935-2844641891-1001\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-197814337-2409111935-2844641891-1001\...\StartupApproved\Run: => "Skype for Desktop"
HKU\S-1-5-21-197814337-2409111935-2844641891-1001\...\StartupApproved\Run: => "Parsec.App.0"
HKU\S-1-5-21-197814337-2409111935-2844641891-1001\...\StartupApproved\Run: => "EpicGamesLauncher"

==================== Reglas de firewall (Lista blanca) ================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

FirewallRules: [{4496AC4A-4A7E-4723-83A9-C5BE1950F9B2}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{2674F553-D9E3-4A42-8B54-0AC00B07C012}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{0BE7B16F-6949-42E2-828C-4D9256F5EF47}] => (Allow) C:\Users\Thanuz\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{D5A522DF-83C3-4B67-AEC4-77F613B84AAD}] => (Allow) C:\Users\Thanuz\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{1066A2F7-F203-4736-B333-DB54F6F64303}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe Ningún archivo
FirewallRules: [{431D2301-DABB-4BCD-8A9D-A79DBA8192BF}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe Ningún archivo
FirewallRules: [{57928CCA-E508-4502-9F89-4F98CFF28795}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{CC6F237C-62A4-4BA8-B55B-2800F944E350}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{FC6EF052-D5CF-4FB1-9BAD-1342ABF0694E}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe Ningún archivo
FirewallRules: [{A8C23969-C3ED-47DC-845C-C43F3E643DB2}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe Ningún archivo
FirewallRules: [{BE93AAEA-9CA4-4730-BDAB-8A676070AB4A}] => (Allow) D:\SteamLibrary\steamapps\common\Wild Guns Reloaded\WildGunsReloaded.exe () [Archivo no firmado]
FirewallRules: [{43E567E4-6E48-4048-AA8A-DACD35895366}] => (Allow) D:\SteamLibrary\steamapps\common\Wild Guns Reloaded\WildGunsReloaded.exe () [Archivo no firmado]
FirewallRules: [{83DB3343-D1E3-4600-A926-241CD484D7DC}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{6079BB21-258F-4B27-8595-985A344F7FFC}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [TCP Query User{F6341285-DD72-4375-908D-7F51B53A0860}D:\programas\jump force\jump_force\binaries\win64\jump_force-win64-shipping.exe] => (Allow) D:\programas\jump force\jump_force\binaries\win64\jump_force-win64-shipping.exe Ningún archivo
FirewallRules: [UDP Query User{AD088374-7D5F-4502-ACA7-C174F5EBC075}D:\programas\jump force\jump_force\binaries\win64\jump_force-win64-shipping.exe] => (Allow) D:\programas\jump force\jump_force\binaries\win64\jump_force-win64-shipping.exe Ningún archivo
FirewallRules: [TCP Query User{F1EDC095-E7F6-4D35-8F1C-41310CA9FC8D}D:\musica\fightcade\fightcade 042\fightcade.exe] => (Allow) D:\musica\fightcade\fightcade 042\fightcade.exe Ningún archivo
FirewallRules: [UDP Query User{8F04DDA0-6D90-4493-BB17-4605C9F97BAB}D:\musica\fightcade\fightcade 042\fightcade.exe] => (Allow) D:\musica\fightcade\fightcade 042\fightcade.exe Ningún archivo
FirewallRules: [TCP Query User{29AF09C0-D224-4BBA-BC2E-F25D7A8EFACA}D:\musica\fightcade\fightcade 042\ggpofba.exe] => (Allow) D:\musica\fightcade\fightcade 042\ggpofba.exe Ningún archivo
FirewallRules: [UDP Query User{0027DAEF-1DFB-4883-BBFA-79B7AFE864BF}D:\musica\fightcade\fightcade 042\ggpofba.exe] => (Allow) D:\musica\fightcade\fightcade 042\ggpofba.exe Ningún archivo
FirewallRules: [TCP Query User{ED15D428-1D2A-4C0D-AFA4-0DBBB63222B4}D:\musica\fightcade\fightcade 042\ggpofba-ng.exe] => (Allow) D:\musica\fightcade\fightcade 042\ggpofba-ng.exe Ningún archivo
FirewallRules: [UDP Query User{6CCC989F-B6E4-47EB-BAB2-EED549FEB7E9}D:\musica\fightcade\fightcade 042\ggpofba-ng.exe] => (Allow) D:\musica\fightcade\fightcade 042\ggpofba-ng.exe Ningún archivo
FirewallRules: [TCP Query User{C81E0161-E028-4BF8-BB80-0C8D0BC44EDA}F:\video juegos\nintendo\nintendo3ds\software\boop.exe] => (Allow) F:\video juegos\nintendo\nintendo3ds\software\boop.exe Ningún archivo
FirewallRules: [UDP Query User{F822668B-54B2-4392-904D-1E58A5105C7B}F:\video juegos\nintendo\nintendo3ds\software\boop.exe] => (Allow) F:\video juegos\nintendo\nintendo3ds\software\boop.exe Ningún archivo
FirewallRules: [{77C14B29-DB54-446C-88F6-DF64DFFFD42E}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{50E0401D-BBF6-423A-847F-B0FFF59C7FCF}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{80991C58-4838-4F7C-B625-A705262E9F18}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{AD289226-66FE-4720-B88B-AFFB6B609773}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{9821E5B2-2A64-45C6-B052-806EB88E365B}] => (Allow) D:\SteamLibrary\steamapps\common\Ultimate Doom\base\dosbox.exe (DOSBox Team) [Archivo no firmado]
FirewallRules: [{CA4336D9-E925-49DF-B8FC-85B546C9E59B}] => (Allow) D:\SteamLibrary\steamapps\common\Ultimate Doom\base\dosbox.exe (DOSBox Team) [Archivo no firmado]
FirewallRules: [{63C29641-29F8-4925-8B56-1ED882EABF4E}] => (Allow) D:\SteamLibrary\steamapps\common\Batman Arkham Knight\Binaries\Win64\BatmanAK.exe (WARNER BROS. ENTERTAINMENT INC. -> Rocksteady Studios Ltd.) [Archivo no firmado]
FirewallRules: [{D1C6B42D-758B-48DA-ACED-EE403E35B021}] => (Allow) D:\SteamLibrary\steamapps\common\Batman Arkham Knight\Binaries\Win64\BatmanAK.exe (WARNER BROS. ENTERTAINMENT INC. -> Rocksteady Studios Ltd.) [Archivo no firmado]
FirewallRules: [{0D1BF02A-8740-4B3E-A71C-098B28576B76}] => (Allow) D:\SteamLibrary\steamapps\common\Tomb Raider (I)\dosbox.exe (DOSBox Team) [Archivo no firmado]
FirewallRules: [{DC560B39-FE88-4E46-A961-93D6013A926A}] => (Allow) D:\SteamLibrary\steamapps\common\Tomb Raider (I)\dosbox.exe (DOSBox Team) [Archivo no firmado]
FirewallRules: [{77598E72-5D9B-4211-A6A5-DEBABBABB1C8}] => (Allow) D:\SteamLibrary\steamapps\common\Left 4 Dead 2\left4dead2.exe () [Archivo no firmado]
FirewallRules: [{BD284B65-BD2F-43FB-976F-20F45EFE750C}] => (Allow) D:\SteamLibrary\steamapps\common\Left 4 Dead 2\left4dead2.exe () [Archivo no firmado]
FirewallRules: [TCP Query User{69FC5173-DA16-486F-8895-50ECBFBB49D6}D:\imagenes\boop.exe] => (Allow) D:\imagenes\boop.exe Ningún archivo
FirewallRules: [UDP Query User{EB93C8B2-B017-4AED-ACF5-B9421F1EE45C}D:\imagenes\boop.exe] => (Allow) D:\imagenes\boop.exe Ningún archivo
FirewallRules: [TCP Query User{C6D89CBB-AF6E-45ED-A8D6-2D01F62A7C4F}D:\programas\nightly-mingw\citra-qt.exe] => (Allow) D:\programas\nightly-mingw\citra-qt.exe () [Archivo no firmado]
FirewallRules: [UDP Query User{CA3DF6AC-D54C-4CE6-BD1A-DC0B56B5290A}D:\programas\nightly-mingw\citra-qt.exe] => (Allow) D:\programas\nightly-mingw\citra-qt.exe () [Archivo no firmado]
FirewallRules: [{493585AA-DBAA-4A62-B4E6-261A2B9DA592}] => (Allow) D:\Programas\Veyon\veyon-server.exe () [Archivo no firmado]
FirewallRules: [{AE084A62-C312-405C-89EB-0554B5F0E28E}] => (Allow) D:\Programas\Veyon\veyon-worker.exe () [Archivo no firmado]
FirewallRules: [TCP Query User{95430C5C-0627-47EF-AE6F-0D5F3E96A328}D:\escritorio\fightcade\fightcade 042\fightcade.exe] => (Allow) D:\escritorio\fightcade\fightcade 042\fightcade.exe Ningún archivo
FirewallRules: [UDP Query User{B418FC09-8DC1-486B-9149-8269E4E2B9CC}D:\escritorio\fightcade\fightcade 042\fightcade.exe] => (Allow) D:\escritorio\fightcade\fightcade 042\fightcade.exe Ningún archivo
FirewallRules: [{2C93B715-89EE-4253-89DE-295C888EA5B4}] => (Allow) D:\SteamLibrary\steamapps\common\Myths and Legends Online\Myths and Legends Online.exe () [Archivo no firmado]
FirewallRules: [{4D50E289-A4DC-494F-85D1-DB26ECFE20D0}] => (Allow) D:\SteamLibrary\steamapps\common\Myths and Legends Online\Myths and Legends Online.exe () [Archivo no firmado]
FirewallRules: [{A419B272-1B0A-45F9-9ABF-E1D67A7A1160}] => (Allow) D:\SteamLibrary\steamapps\common\DRAGON BALL FighterZ\DBFighterZ.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{8D6F00D2-C1AF-407F-A028-4C410A654556}] => (Allow) D:\SteamLibrary\steamapps\common\DRAGON BALL FighterZ\DBFighterZ.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{9708AAA1-94D5-4C39-834F-6A6308DBA98B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{44734B61-428F-4AF6-AF8E-DD28D57805A5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{7DE05F2E-64AB-4B5A-8317-C96E93B09C3F}] => (Allow) %systemroot%\system32\alg.exe Ningún archivo
FirewallRules: [{FC28457D-D247-4C12-9D27-64B8FFAF73C3}] => (Allow) %systemroot%\system32\alg.exe Ningún archivo
FirewallRules: [{78016FE7-0EB3-4CA9-891F-1CFF82A859BB}] => (Allow) %systemroot%\system32\alg.exe Ningún archivo
FirewallRules: [{27F768A8-8A13-4F5F-B7DA-8212E3B8676B}] => (Allow) D:\SteamLibrary\steamapps\common\Dead by Daylight\DeadByDaylight.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{9DDCBDD4-77B7-46A7-A649-BE3F0699B9F5}] => (Allow) D:\SteamLibrary\steamapps\common\Dead by Daylight\DeadByDaylight.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [TCP Query User{A1D5D7C5-6BA1-4879-B3D3-80344464E074}D:\steamlibrary\steamapps\common\dead by daylight\deadbydaylight\binaries\win64\deadbydaylight-win64-shipping.exe] => (Allow) D:\steamlibrary\steamapps\common\dead by daylight\deadbydaylight\binaries\win64\deadbydaylight-win64-shipping.exe (Epic Games, Inc.) [Archivo no firmado]
FirewallRules: [UDP Query User{F2335D10-A312-4DFC-800C-54270D98E0C0}D:\steamlibrary\steamapps\common\dead by daylight\deadbydaylight\binaries\win64\deadbydaylight-win64-shipping.exe] => (Allow) D:\steamlibrary\steamapps\common\dead by daylight\deadbydaylight\binaries\win64\deadbydaylight-win64-shipping.exe (Epic Games, Inc.) [Archivo no firmado]
FirewallRules: [{63D38604-9630-475B-BF53-2D486CAA8438}] => (Allow) D:\SteamLibrary\steamapps\common\The King of Fighters'98 Ultimate Match\KingOfFighters98UM.exe () [Archivo no firmado]
FirewallRules: [{C0980F00-5423-4B73-B5F7-9DC0029E6575}] => (Allow) D:\SteamLibrary\steamapps\common\The King of Fighters'98 Ultimate Match\KingOfFighters98UM.exe () [Archivo no firmado]
FirewallRules: [TCP Query User{E3FED11B-5B56-40E9-92F7-FE39C535259F}C:\users\thanuz\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\thanuz\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{085C68B1-BA55-416F-AD5C-916ED4E58901}C:\users\thanuz\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\thanuz\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{861ABB2C-7D05-4F9C-87D3-97F6ED41257E}] => (Allow) D:\SteamLibrary\steamapps\common\Move or Die\MoveOrDie.exe () [Archivo no firmado]
FirewallRules: [{F427273C-8E88-40A0-B0C1-EDA341EFA5F0}] => (Allow) D:\SteamLibrary\steamapps\common\Move or Die\MoveOrDie.exe () [Archivo no firmado]
FirewallRules: [{E96EDB0B-D1A4-40A6-A152-A8FAEE90EF01}] => (Allow) D:\SteamLibrary\steamapps\common\Move or Die\Editor.exe () [Archivo no firmado]
FirewallRules: [{EAFE21C6-F8AC-4CB4-A9F4-5A18BB22B117}] => (Allow) D:\SteamLibrary\steamapps\common\Move or Die\Editor.exe () [Archivo no firmado]
FirewallRules: [TCP Query User{3C916AEE-007C-4E80-BF38-EC053ACD6028}D:\steamlibrary\steamapps\common\move or die\love\win\love.exe] => (Allow) D:\steamlibrary\steamapps\common\move or die\love\win\love.exe () [Archivo no firmado]
FirewallRules: [UDP Query User{30FAAC52-1E84-45CD-8634-47784CAA7EE1}D:\steamlibrary\steamapps\common\move or die\love\win\love.exe] => (Allow) D:\steamlibrary\steamapps\common\move or die\love\win\love.exe () [Archivo no firmado]
FirewallRules: [{4B0FEA89-5CE5-4CEE-B699-D82A0FCF7E05}] => (Allow) D:\Programas\Universal Media Server\jre-x64\bin\javaw.exe
FirewallRules: [{3E242CF0-9BAB-42BB-8FEF-89AF9D7A183B}] => (Allow) C:\Users\Thanuz\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{05CB4348-E524-4DFF-A8EF-6601E5152DEC}] => (Allow) C:\Users\Thanuz\AppData\Roaming\Zoom\bin\airhost.exe Ningún archivo
FirewallRules: [{CD3B69B9-FC00-4E15-B07E-E7FAC1A61221}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Deceit\bin\win_x64\Deceit.exe Ningún archivo
FirewallRules: [{56B3C3D5-25E1-41FB-B64A-A4C691A4AC31}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Deceit\bin\win_x64\Deceit.exe Ningún archivo
FirewallRules: [{7AC6B9DB-2CA7-448F-930E-F689961678B6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Suzy\Proteus.exe (CAPCOM CO., LTD. -> Capcom)
FirewallRules: [{DCEF9C65-777E-469D-8A34-8D721EFD7985}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Suzy\Proteus.exe (CAPCOM CO., LTD. -> Capcom)
FirewallRules: [{38E5BF1D-3C58-4D59-95B3-1ECF059C60FF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mega Man X Legacy Collection\RXC1.exe (CAPCOM CO., LTD. -> )
FirewallRules: [{1AF4BE23-2C93-41A3-808C-98C6DD66B11A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mega Man X Legacy Collection\RXC1.exe (CAPCOM CO., LTD. -> )
FirewallRules: [{0E848D73-9BBC-4BE2-A862-47096BCB1185}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Street Fighter 30th Anniversary Collection\SF30thAnniversaryCollection.exe (CAPCOM CO., LTD. -> )
FirewallRules: [{F678BA59-B3D2-472E-A526-633C9278525A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Street Fighter 30th Anniversary Collection\SF30thAnniversaryCollection.exe (CAPCOM CO., LTD. -> )
FirewallRules: [{016556C8-575E-4AA2-B9E3-B299D08195D3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\RESIDENT EVIL REVELATIONS 2\rerev2.exe (CAPCOM CO., LTD. -> )
FirewallRules: [{262FC0FA-166D-4488-B842-63613C2A86CE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\RESIDENT EVIL REVELATIONS 2\rerev2.exe (CAPCOM CO., LTD. -> )
FirewallRules: [{C6B113A8-3FCE-4341-BA27-17FD5358831A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Uno\UNO.exe (UBISOFT ENTERTAINMENT INC. -> )
FirewallRules: [{9E11EA22-C7D6-423C-8F1B-F758FBDCC1EE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Uno\UNO.exe (UBISOFT ENTERTAINMENT INC. -> )
FirewallRules: [{77F86453-1D2E-46CD-BA48-F8CDD4ADEB7A}] => (Allow) C:\Program Files\Parsec\parsecd.exe (Parsec Cloud, Inc. -> Parsec)
FirewallRules: [TCP Query User{1D49307E-2BC8-4235-A864-F1CF7C2FA3B9}D:\thanuz\video juegos\nintendo\snes\snes9x\snes9x-x64.exe] => (Allow) D:\thanuz\video juegos\nintendo\snes\snes9x\snes9x-x64.exe (hxxp://www.snes9x.com) [Archivo no firmado]
FirewallRules: [UDP Query User{CA2ECDB8-FBD2-4399-B146-7D284A81D21A}D:\thanuz\video juegos\nintendo\snes\snes9x\snes9x-x64.exe] => (Allow) D:\thanuz\video juegos\nintendo\snes\snes9x\snes9x-x64.exe (hxxp://www.snes9x.com) [Archivo no firmado]
FirewallRules: [TCP Query User{1928D045-99C8-4E04-9168-93F3D3FCB1E1}C:\users\thanuz\escritorio\hakchi2 ce 3.8.0\hakchi.exe] => (Allow) C:\users\thanuz\escritorio\hakchi2 ce 3.8.0\hakchi.exe Ningún archivo
FirewallRules: [UDP Query User{9FFA8FA5-702C-4087-BB16-E30EE65C5D95}C:\users\thanuz\escritorio\hakchi2 ce 3.8.0\hakchi.exe] => (Allow) C:\users\thanuz\escritorio\hakchi2 ce 3.8.0\hakchi.exe Ningún archivo
FirewallRules: [TCP Query User{B3E35B30-A41F-4303-AF1B-5D0C7C05436F}C:\users\thanuz\escritorio\hakchi2-ce-3.8.0\hakchi.exe] => (Allow) C:\users\thanuz\escritorio\hakchi2-ce-3.8.0\hakchi.exe (Team Shinkansen) [Archivo no firmado]
FirewallRules: [UDP Query User{C5D2A819-010F-4EBF-9B07-CB0EA134D169}C:\users\thanuz\escritorio\hakchi2-ce-3.8.0\hakchi.exe] => (Allow) C:\users\thanuz\escritorio\hakchi2-ce-3.8.0\hakchi.exe (Team Shinkansen) [Archivo no firmado]
FirewallRules: [{39D6A265-0337-4337-9D82-603B8DAB4181}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe (Lenovo -> )
FirewallRules: [{77AB888D-35FF-4A28-A41D-2519BCC395F7}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe (Lenovo -> )
FirewallRules: [TCP Query User{211682CF-347E-49F6-8BB2-7971EDF92A7A}C:\users\thanuz\escritorio\dolphin-x64\dolphin.exe] => (Allow) C:\users\thanuz\escritorio\dolphin-x64\dolphin.exe () [Archivo no firmado]
FirewallRules: [UDP Query User{BB298509-21C6-4621-B5F4-C257AD62F124}C:\users\thanuz\escritorio\dolphin-x64\dolphin.exe] => (Allow) C:\users\thanuz\escritorio\dolphin-x64\dolphin.exe () [Archivo no firmado]
FirewallRules: [{EAAA8FBC-7D3B-4233-9DC0-EEAE5A8291AE}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{5DD02526-A292-4D98-9458-22EC449196A3}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{93E724A9-56A0-4569-A73A-144FD5DC2531}] => (Allow) D:\Programas\Universal Media Server\jre-x64\bin\javaw.exe
FirewallRules: [{D7D8D8D8-8A29-4D48-B846-596884F8F199}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{A4049CB6-572F-42A7-968E-57EEE0D1F2F2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{FF3C27BC-A0AC-4B02-B294-A0EEBE722CDF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{F476C80B-F889-4550-BF38-7E1B3EAF7C48}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{0C720916-3AEE-42EB-9D75-3B2C152986F0}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{9692D756-3A77-49AD-9C44-EFDA780E01BE}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{EF41FA28-6D83-4907-BCC8-C5D204573482}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{82E741E0-D3B0-409A-A08B-DD64D4D94E9F}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)

==================== Puntos de Restauración =========================

09-04-2020 19:35:21 Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.25.28508
17-04-2020 00:24:06 Windows Update
26-04-2020 18:46:51 Punto de control programado
30-04-2020 14:57:54 Removed Kaspersky Password Manager

==================== Dispositivos defectuosos en el Administrador de dispositivos ============

Name: Kaspersky Security Data Escort Adapter #2
Description: Kaspersky Security Data Escort Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Kaspersky Security Data Escort Provider
Service: kltap
Problem: : Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. (Code 19)
Resolution: A registry problem was detected.
 This can occur when more than one service is defined for a device, if there is a failure opening the service subkey, or if the driver name cannot be obtained from the service subkey. Try these options:
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Click "Uninstall", and then click "Scan for hardware changes" to load a usable driver.


==================== Errores del registro de eventos: ========================

Errores de aplicación:
==================
Error: (05/03/2020 05:27:38 PM) (Source: SecurityCenter) (EventID: 17) (User: )
Description: Security Center no pudo validar al autor de la llamada con el error %1.

Error: (04/30/2020 02:53:23 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Error del Servicio de instantáneas de volumen: error inesperado al llamar a la rutina CoCreateInstance. HR = 0x8007045b, Se está cerrando el sistema.
.

Error: (04/30/2020 02:53:23 PM) (Source: VSS) (EventID: 13) (User: )
Description: Información del Servicio de instantáneas de volumen: el servidor COM con CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} y el nombre CEventSystem no puede iniciarse. [0x8007045b, Se está cerrando el sistema.
]

Error: (04/30/2020 02:53:23 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Error del Servicio de instantáneas de volumen: error inesperado al llamar a la rutina CoCreateInstance. HR = 0x8007045b, Se está cerrando el sistema.
.

Error: (04/30/2020 02:53:23 PM) (Source: VSS) (EventID: 13) (User: )
Description: Información del Servicio de instantáneas de volumen: el servidor COM con CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} y el nombre CEventSystem no puede iniciarse. [0x8007045b, Se está cerrando el sistema.
]

Error: (04/30/2020 02:52:43 PM) (Source: SecurityCenter) (EventID: 17) (User: )
Description: Security Center no pudo validar al autor de la llamada con el error %1.

Error: (04/30/2020 01:14:44 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Error del Servicio de instantáneas de volumen: error inesperado al llamar a la rutina CoCreateInstance. HR = 0x8007045b, Se está cerrando el sistema.
.

Error: (04/30/2020 01:14:44 PM) (Source: VSS) (EventID: 13) (User: )
Description: Información del Servicio de instantáneas de volumen: el servidor COM con CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} y el nombre CEventSystem no puede iniciarse. [0x8007045b, Se está cerrando el sistema.
]


Errores del sistema:
=============
Error: (04/30/2020 11:37:54 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-4C37THT)
Description: Error de DCOM "1084" al intentar iniciar el servicio ShellHWDetection con argumentos "No disponible" para ejecutar el servidor:
{DD522ACC-F821-461A-A407-50B198B896DC}

Error: (04/30/2020 11:37:43 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-4C37THT)
Description: Error de DCOM "1084" al intentar iniciar el servicio netprofm con argumentos "No disponible" para ejecutar el servidor:
{A47979D2-C419-11D9-A5B4-001185AD2B89}

Error: (04/30/2020 11:36:01 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-4C37THT)
Description: Error de DCOM "1084" al intentar iniciar el servicio ShellHWDetection con argumentos "No disponible" para ejecutar el servidor:
{DD522ACC-F821-461A-A407-50B198B896DC}

Error: (04/30/2020 11:26:01 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-4C37THT)
Description: Error de DCOM "1084" al intentar iniciar el servicio ShellHWDetection con argumentos "No disponible" para ejecutar el servidor:
{DD522ACC-F821-461A-A407-50B198B896DC}

Error: (04/30/2020 11:16:01 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-4C37THT)
Description: Error de DCOM "1084" al intentar iniciar el servicio ShellHWDetection con argumentos "No disponible" para ejecutar el servidor:
{DD522ACC-F821-461A-A407-50B198B896DC}

Error: (04/30/2020 11:06:01 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-4C37THT)
Description: Error de DCOM "1084" al intentar iniciar el servicio ShellHWDetection con argumentos "No disponible" para ejecutar el servidor:
{DD522ACC-F821-461A-A407-50B198B896DC}

Error: (04/30/2020 10:56:19 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-4C37THT)
Description: Error de DCOM "1084" al intentar iniciar el servicio netprofm con argumentos "No disponible" para ejecutar el servidor:
{A47979D2-C419-11D9-A5B4-001185AD2B89}

Error: (04/30/2020 10:55:34 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-4C37THT)
Description: Error de DCOM "1084" al intentar iniciar el servicio ShellHWDetection con argumentos "No disponible" para ejecutar el servidor:
{DD522ACC-F821-461A-A407-50B198B896DC}


Windows Defender:
===================================
Date: 2019-06-26 21:39:16.483
Description: 
El examen de Antivirus de Windows Defender se detuvo antes de completarse.
Id. de examen: {FF2D765D-156A-4832-B85C-1951115D2A38}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM

Date: 2019-06-18 08:28:03.960
Description: 
Antivirus de Windows Defender detectó malware u otro software potencialmente no deseado.
Para más información, consulta lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=VirTool:INF/Autorun.gen!A&threatid=2147636088&enterprise=0
Nombre: VirTool:INF/Autorun.gen!A
Id.: 2147636088
Gravedad: Grave
Categoría: Herramienta
Ruta de acceso: file:_G:\autorun.inf; file:_H:\autorun.inf
Origen de detección: Equipo local
Tipo de detección: Genérico
Origen de detección: Protección en tiempo real
Usuario: DESKTOP-4C37THT\Thanuz
Nombre de proceso: C:\Windows\explorer.exe
Versión de inteligencia de seguridad: AV: 1.295.899.0, AS: 1.295.899.0, NIS: 1.295.899.0
Versión de motor: AM: 1.1.16000.6, NIS: 1.1.16000.6

Date: 2019-06-18 08:28:02.251
Description: 
Antivirus de Windows Defender detectó malware u otro software potencialmente no deseado.
Para más información, consulta lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=VirTool:INF/Autorun.gen!A&threatid=2147636088&enterprise=0
Nombre: VirTool:INF/Autorun.gen!A
Id.: 2147636088
Gravedad: Grave
Categoría: Herramienta
Ruta de acceso: file:_G:\autorun.inf
Origen de detección: Equipo local
Tipo de detección: Genérico
Origen de detección: Protección en tiempo real
Usuario: DESKTOP-4C37THT\Thanuz
Nombre de proceso: C:\Windows\explorer.exe
Versión de inteligencia de seguridad: AV: 1.295.899.0, AS: 1.295.899.0, NIS: 1.295.899.0
Versión de motor: AM: 1.1.16000.6, NIS: 1.1.16000.6

Date: 2019-06-17 10:38:04.894
Description: 
El examen de Antivirus de Windows Defender se detuvo antes de completarse.
Id. de examen: {3512CB01-71D6-4A81-B3B5-5D4C515FD585}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM

Date: 2019-06-17 08:33:22.738
Description: 
Antivirus de Windows Defender detectó malware u otro software potencialmente no deseado.
Para más información, consulta lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win32/AutoKMS&threatid=2147685180&enterprise=0
Nombre: HackTool:Win32/AutoKMS
Id.: 2147685180
Gravedad: Alta
Categoría: Herramienta
Ruta de acceso: file:_C:\Users\Thanuz\AppData\Local\Temp\Rar$DRb6648.25270\microsoft-toolkit-2.6.5\Microsoft Toolkit.exe
Origen de detección: Equipo local
Tipo de detección: FastPath
Origen de detección: Protección en tiempo real
Usuario: DESKTOP-4C37THT\Thanuz
Nombre de proceso: C:\Windows\explorer.exe
Versión de inteligencia de seguridad: AV: 1.295.848.0, AS: 1.295.848.0, NIS: 1.295.848.0
Versión de motor: AM: 1.1.16000.6, NIS: 1.1.16000.6

Date: 2020-05-03 17:48:41.178
Description: 
Antivirus de Windows Defender detectó un error al intentar actualizar la inteligencia de seguridad.
Nueva versión de inteligencia de seguridad: 
Versión anterior de inteligencia de seguridad: 1.313.2848.0
Origen de actualización: Servidor de Microsoft Update
Tipo de inteligencia de seguridad: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\SYSTEM
Versión actual del motor: 
Versión anterior del motor: 1.1.16900.4
Código de error: 0x80240438
Descripción del error: Se produjo un problema inesperado mientras se buscaban actualizaciones. Para obtener más información sobre cómo instalar o solucionar problemas en las actualizaciones, consulte Ayuda y soporte técnico. 

Date: 2020-04-30 22:55:26.049
Description: 
Antivirus de Windows Defender detectó un error al intentar actualizar la inteligencia de seguridad.
Nueva versión de inteligencia de seguridad: 
Versión anterior de inteligencia de seguridad: 1.313.2659.0
Origen de actualización: Servidor de Microsoft Update
Tipo de inteligencia de seguridad: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\SYSTEM
Versión actual del motor: 
Versión anterior del motor: 1.1.16900.4
Código de error: 0x8007043c
Descripción del error: El servicio no puede iniciarse en modo a prueba de errores 

Date: 2020-04-30 22:45:24.503
Description: 
La característica Protección en tiempo real de Antivirus de Windows Defender encontró un error:
Característica: Durante el acceso
Código de error: 0x8007043c
Descripción del error: El servicio no puede iniciarse en modo a prueba de errores 
Motivo: La inteligencia de seguridad antimalware dejó de funcionar por motivos desconocidos. En algunos casos, reiniciar el servicio puede que resuelva el problema.

Date: 2020-04-30 16:49:00.572
Description: 
Antivirus de Windows Defender detectó un error al intentar actualizar la inteligencia de seguridad.
Nueva versión de inteligencia de seguridad: 
Versión anterior de inteligencia de seguridad: 1.313.2659.0
Origen de actualización: Servidor de Microsoft Update
Tipo de inteligencia de seguridad: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\SYSTEM
Versión actual del motor: 
Versión anterior del motor: 1.1.16900.4
Código de error: 0x8007043c
Descripción del error: El servicio no puede iniciarse en modo a prueba de errores 

Date: 2020-04-30 16:38:58.340
Description: 
La característica Protección en tiempo real de Antivirus de Windows Defender encontró un error:
Característica: Durante el acceso
Código de error: 0x8007043c
Descripción del error: El servicio no puede iniciarse en modo a prueba de errores 
Motivo: La inteligencia de seguridad antimalware dejó de funcionar por motivos desconocidos. En algunos casos, reiniciar el servicio puede que resuelva el problema.

CodeIntegrity:
===================================

Date: 2020-04-30 12:49:02.395
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume7\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume7\Program Files (x86)\Kaspersky Lab\Kaspersky Free 20.0\x64\antimalware_provider.dll that did not meet the Windows signing level requirements.

Date: 2020-04-30 12:49:02.360
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume7\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume7\Program Files (x86)\Kaspersky Lab\Kaspersky Free 20.0\x64\antimalware_provider.dll that did not meet the Windows signing level requirements.

Date: 2020-04-30 12:49:02.060
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume7\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume7\Program Files (x86)\Kaspersky Lab\Kaspersky Free 20.0\x64\antimalware_provider.dll that did not meet the Windows signing level requirements.

Date: 2020-04-30 12:49:00.835
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume7\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume7\Program Files (x86)\Kaspersky Lab\Kaspersky Free 20.0\x64\antimalware_provider.dll that did not meet the Windows signing level requirements.

Date: 2020-04-30 12:49:00.815
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume7\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume7\Program Files (x86)\Kaspersky Lab\Kaspersky Free 20.0\x64\antimalware_provider.dll that did not meet the Windows signing level requirements.

Date: 2020-04-30 12:47:26.955
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume7\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume7\Program Files (x86)\Kaspersky Lab\Kaspersky Free 20.0\x64\antimalware_provider.dll that did not meet the Windows signing level requirements.

Date: 2020-04-30 12:47:26.939
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume7\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume7\Program Files (x86)\Kaspersky Lab\Kaspersky Free 20.0\x64\antimalware_provider.dll that did not meet the Windows signing level requirements.

Date: 2020-04-30 12:47:26.921
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume7\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume7\Program Files (x86)\Kaspersky Lab\Kaspersky Free 20.0\x64\antimalware_provider.dll that did not meet the Windows signing level requirements.

==================== Información de la memoria =========================== 

BIOS: LENOVO 4KCN45WW 01/11/2019
Placa base: LENOVO Provence-5R1
Procesador: Intel(R) Core(TM) i7-7700HQ CPU @ 2.80GHz
Porcentaje de memoria en uso: 46%
RAM física total: 8084.16 MB
RAM física disponible: 4323.36 MB
Virtual total: 18324.16 MB
Virtual disponible: 13135.98 MB

==================== Unidades ================================

Drive c: () (Fixed) (Total:232.87 GB) (Free:30.69 GB) NTFS
Drive d: (Windows) (Fixed) (Total:905.27 GB) (Free:263.18 GB) NTFS
Drive e: (LENOVO) (Fixed) (Total:25 GB) (Free:22.84 GB) NTFS

\\?\Volume{7c2d7166-ef5f-47a0-be1b-54df3d4454ed}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.52 GB) NTFS
\\?\Volume{457286bc-5fde-45ed-8e41-1324a8d8c095}\ (SYSTEM_DRV) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32

==================== MBR & Tabla de particiones ====================

==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 6F8C3D88)

Partition: GPT.

==========================================================
Disk: 1 (Size: 232.9 GB) (Disk ID: B7018520)

Partition: GPT.

==================== Final de Addition.txt =======================
19

Bien… y ahora sigue estos pasos, :arrow_forward: MUY Importante :arrow_backward: Realiza una copia de seguridad del registro :

  • Para hacerlo descarga :arrow_forward: DelFix.exe(en tu escritorio).

  • Doble clic para ejecutarlo.(Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona -Ejecutar como Administrador-).

  • Atención, ahora marca/selecciona únicamente la casilla :white_check_mark: Create registry backup, las demás casillas NO. :face_with_monocle:

  • Pulsar en Run.

Se abrirá el informe (DelFix.txt), guárdalo por si fuera necesario y cierra la herramienta.

:warning: Con los demás programas cerrados ve a :arrow_forward: Inicio :arrow_forward: Ejecutar :arrow_forward: y escribe Notepad.exe.

  • Ahora debes copiar y pegar los códigos/líneas que están en el interior del recuadro de más abajo, dentro del Notepad.
START
CREATERESTOREPOINT:
CLOSEPROCESSES:
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Ningún archivo
HKU\S-1-5-21-197814337-2409111935-2844641891-1001\...\MountPoints2: {cf9eb5c6-aef1-11e9-a348-c85b76eca271} - "F:\EMP_UDSe.exe" /autorun
GroupPolicy: Restricción ? <==== ATENCIÓN
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restricción <==== ATENCIÓN
Task: {CCA04494-C81E-4AA9-9D12-1EA1F7B06362} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [1660520 2020-03-01] (Avast Software s.r.o. -> Avast Software)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [Ningún archivo]
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [Ningún archivo]
FF Plugin-x32: @videolan.org/vlc,version=3.0.7 -> D:\Programas\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.7.1 -> D:\Programas\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\kl_prefs_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.js [2019-07-01] <==== ATENCIÓN (Apunta a archivo *.cfg)
FF ExtraCheck: C:\Program Files\mozilla firefox\kl_config_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.cfg [2019-07-01] <==== ATENCIÓN
HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
END

Guárdalo bajo el nombre de FIXLIST.TXT en el escritorio :arrow_backward: Esto es muy importante.

:o: Nota :o: Es importante que la herramienta FRST.exe(Farbar Recovery Scanner Tool) y FIXLIST.TXT se encuentren en la misma ubicación (escritorio) o si no, no trabajara.

Y ahora usa el 2º MÉTODO: de esta Faq de Windows 8(aplicable a Windows 10) :arrow_forward: ¿Cómo iniciar Windows 8/8.1 en Modo Seguro?, para trabajar desde ese modo de windows.

  • Ejecuta FRST.exe.(Si usas Windows Vista/7/8 o 10, presiona clic derecho y seleccionas -Ejecutar como Administrador-).

  • Presionar el botón FIX/Corregir y aguardar a que termine.

  • La Herramienta guardara el reporte de reparación en el escritorio (FIXLOG.TXT).

Pegar el contenido de este fichero en tu próxima respuesta. :+1:

Reiniciar el equipo y comprobar su funcionamiento en relación al problema planteado y comentarlo.

Saludos.

20

Fixlog.txt

Resultados de la corrección de Farbar Recovery Scan Tool (x64) Versión: 03-05-2020
Ejecutado por Thanuz (04-05-2020 12:49:21) Run:1
Ejecutado desde C:\Users\Thanuz\Escritorio
Perfiles cargados: Thanuz (Perfiles disponibles: Thanuz)
Modo de Inicio: Safe Mode (minimal)
==============================================

fixlist contenido:
*****************
CLOSEPROCESSES:
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Ningún archivo
HKU\S-1-5-21-197814337-2409111935-2844641891-1001\...\MountPoints2: {cf9eb5c6-aef1-11e9-a348-c85b76eca271} - "F:\EMP_UDSe.exe" /autorun
GroupPolicy: Restricción ? <==== ATENCIÓN
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restricción <==== ATENCIÓN
Task: {CCA04494-C81E-4AA9-9D12-1EA1F7B06362} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [1660520 2020-03-01] (Avast Software s.r.o. -> Avast Software)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [Ningún archivo]
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [Ningún archivo]
FF Plugin-x32: @videolan.org/vlc,version=3.0.7 -> D:\Programas\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.7.1 -> D:\Programas\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\kl_prefs_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.js [2019-07-01] <==== ATENCIÓN (Apunta a archivo *.cfg)
FF ExtraCheck: C:\Program Files\mozilla firefox\kl_config_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.cfg [2019-07-01] <==== ATENCIÓN
HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
END
*****************

Procesos cerrados correctamente.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00asw => eliminado correctamente
HKU\S-1-5-21-197814337-2409111935-2844641891-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{cf9eb5c6-aef1-11e9-a348-c85b76eca271} => eliminado correctamente
C:\Windows\system32\GroupPolicy\Machine => movido correctamente
C:\Windows\system32\GroupPolicy\GPT.ini => movido correctamente
C:\Windows\SysWOW64\GroupPolicy\GPT.ini => movido correctamente
HKLM\SOFTWARE\Policies\Mozilla => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{CCA04494-C81E-4AA9-9D12-1EA1F7B06362}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CCA04494-C81E-4AA9-9D12-1EA1F7B06362}" => eliminado correctamente
C:\Windows\System32\Tasks\Avast Software\Overseer => movido correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Avast Software\Overseer" => eliminado correctamente
HKLM\Software\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp => eliminado correctamente
HKLM\Software\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf => eliminado correctamente
"HKLM\Software\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=3.0.7 -> D:\Programas\VLC\npvlc.dll [2019-08-14] (VideoLAN" => no encontrado
D:\Programas\VLC\npvlc.dll => movido correctamente
"HKLM\Software\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=3.0.7.1 -> D:\Programas\VLC\npvlc.dll [2019-08-14] (VideoLAN" => no encontrado
"D:\Programas\VLC\npvlc.dll" => no encontrado
C:\Program Files\mozilla firefox\defaults\pref\kl_prefs_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.js => movido correctamente
C:\Program Files\mozilla firefox\kl_config_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.cfg => movido correctamente
C:\Windows\System32\Drivers\etc\hosts => movido correctamente
Hosts restaurado correctamente.

========= RemoveProxy: =========

"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => eliminado correctamente
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => eliminado correctamente
"HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => eliminado correctamente
"HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => eliminado correctamente
"HKU\S-1-5-21-197814337-2409111935-2844641891-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => eliminado correctamente
"HKU\S-1-5-21-197814337-2409111935-2844641891-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => eliminado correctamente


========= Final de RemoveProxy: =========


========= netsh winsock reset =========


El cat logo Winsock se restableci¢ correctamente.
Debe reiniciar el equipo para completar el restablecimiento.


========= Final de CMD: =========


========= ipconfig /renew =========


Configuraci¢n IP de Windows


========= Final de CMD: =========


========= ipconfig /flushdns =========


Configuraci¢n IP de Windows

Se vaci¢ correctamente la cach‚ de resoluci¢n de DNS.

========= Final de CMD: =========


========= bitsadmin /reset /allusers =========


BITSADMIN version 3.0
BITS administration utility.
(C) Copyright Microsoft Corp.

Unable to connect to BITS - 0x8007043c

========= Final de CMD: =========


========= netsh advfirewall reset =========


Error al intentar ponerse en contacto con el servicio Firewall de Windows Defender. Aseg£rate de que el servicio se est  ejecutando e intenta la solicitud de nuevo.


========= Final de CMD: =========


========= netsh advfirewall set allprofiles state ON =========


Error al intentar ponerse en contacto con el servicio Firewall de Windows Defender. Aseg£rate de que el servicio se est  ejecutando e intenta la solicitud de nuevo.


========= Final de CMD: =========


========= netsh int ipv4 reset =========

No hay valores configurados por el usuario para restablecer.


========= Final de CMD: =========


========= netsh int ipv6 reset =========

No hay valores configurados por el usuario para restablecer.


========= Final de CMD: =========


=========== EmptyTemp: ==========

BITS transfer queue => 11034624 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 72941404 B
Java, Flash, Steam htmlcache => 66019041 B
Windows/system/drivers => 10894049 B
Edge => 1347069 B
Chrome => 0 B
Firefox => 1154613213 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 466196 B
NetworkService => 599768 B
Thanuz => 1698365831 B

RecycleBin => 871410457 B
EmptyTemp: => 3.6 GB datos temporales eliminados.

================================


El sistema necesita reiniciarse.

==== Final de Fixlog 12:50:08 ====
21

Muy bien… y como sigue el problema que tenias al inicio :

:thinking: