Problema para eliminar Trojan.Agent.Generic


#1

Hoy al usar el antivirus Malwarebytes, me ha detectado 6 virus con el nombre de “Trojan.Agent.Generic”. Los puse en cuarentena y los elimine, pero al volver ha hacer el análisis volvían a estar, no tengo idea de que debo hacer, podrían ayudarme? Este es el informe:

Malwarebytes
www.malwarebytes.com

-Detalles del registro-
Fecha del análisis: 13/11/18
Hora del análisis: 10:39
Archivo de registro: 0229c786-e728-11e8-a397-38d5470e9683.json

-Información del software-
Versión: 3.5.1.2522
Versión de los componentes: 1.0.365
Versión del paquete de actualización: 1.0.7819
Licencia: Caducado

-Información del sistema-
SO: Windows 10 (Build 17134.345)
CPU: x64
Sistema de archivos: NTFS
Usuario: DESKTOP-QOV3LPL\Usuario

-Resumen del análisis-
Tipo de análisis: Análisis de amenazas
Análisis iniciado por:: Manual
Resultado: Completado
Objetos analizados: 327322
Amenazas detectadas: 6
Amenazas en cuarentena: 6
Tiempo transcurrido: 16 min, 20 seg

-Opciones de análisis-
Memoria: Activado
Inicio: Activado
Sistema de archivos: Activado
Archivo: Activado
Rootkits: Desactivado
Heurística: Activado
PUP: Detectar
PUM: Detectar

-Detalles del análisis-
Proceso: 0
(No hay elementos maliciosos detectados)

Módulo: 0
(No hay elementos maliciosos detectados)

Clave del registro: 0
(No hay elementos maliciosos detectados)

Valor del registro: 1
Trojan.Agent.Generic, HKU\S-1-5-21-3172669990-3237348719-737654103-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|e036c8a7, En cuarentena, [3705], [597397],1.0.7819

Datos del registro: 0
(No hay elementos maliciosos detectados)

Secuencia de datos: 0
(No hay elementos maliciosos detectados)

Carpeta: 1
Trojan.Agent.Generic, C:\PROGRAMDATA\e036c8a7, En cuarentena, [3705], [597397],1.0.7819

Archivo: 4
Trojan.Agent.Generic, C:\PROGRAMDATA\e036c8a7\test.au3, En cuarentena, [3705], [597397],1.0.7819
Trojan.Agent.Generic, C:\ProgramData\e036c8a7\e036c8a7.exe, En cuarentena, [3705], [597397],1.0.7819
Trojan.Agent.Generic, C:\ProgramData\e036c8a7\PE.bin, En cuarentena, [3705], [597397],1.0.7819
Trojan.Agent.Generic, C:\ProgramData\e036c8a7\shell.txt, En cuarentena, [3705], [597397],1.0.7819

Sector físico: 0
(No hay elementos maliciosos detectados)

WMI: 0
(No hay elementos maliciosos detectados)


(end)

Gracias de antemano.


#2

Hola Dissension, [email protected] al foro

Vas a volver a analizar con Malwarebytes pero primero lo actualizas y de seguido realizas los demás pasos.

Realiza los siguientes pasos, aunque hayas hecho alguno, sin cambiar el orden:

1) Descarga, actualiza y ejecuta Malwarebytes’ Anti-Malware, revisa en detalle el manual, para que sepas usarlo y configurarlo.

  • Realiza un Análisis de amenazas, actualizando si te lo pide.
  • Pulsar en “Cuarentena seleccionado” para enviarlo a la cuarentena y Reinicias el sistema.
  • En el apartado del manual Informes :arrow_forward: Informe de análisis encontrarás el reporte de MBAM, clic en Exportar :arrow_forward: Copiar al portapapeles.

2) Descarga AdwCleaner | InfoSpyware en el escritorio.

  • Desactiva temporalmente el Antivirus :arrow_forward: Cómo deshabilitar temporalmente su Antivirus.
  • Cierra también todos los programas que tengas abiertos.
  • Ejecuta Adwcleaner.exe (Si usas Windows Vista/7 u 8 presiona clic derecho y selecciona "Ejecutar como Administrador".)
  • Pulsar en el botón Escanear, y espera a que se realice el proceso, inmediatamente pulsa sobre el botón Limpiar.
  • Espera a que se complete y sigue las instrucciones, si te pidiera Reiniciar el sistema Aceptas.
  • Guardas el reporte que te aparecerá, para copiarlo y pegarlo en tu próxima respuesta.
  • El informe también se puede encontrar en C:\AdwCleaner\AdwCleaner[C1].txt

3) Descarga CCleaner

  • Instala Ccleaner
  • Abres Ccleaner en la pestaña limpiador dejas como esta configurada predeterminadamente, haces clic en analizar esperas que termine :arrow_forward: clic en ejecutar limpiador
  • Clic en la pestaña Registro :arrow_forward: clic en buscar problemas esperas que termine :arrow_forward: clic en Reparar Seleccionadas y haces una copia de seguridad
  • Vuelves a darle clic en buscar problemas hasta que no encuentre ninguno.

Pega los reportes de Malwarebytes y AdwCleaner y comentas como va el problema.

Un saludo


#3

Gracias por contestar. Ya he hecho todo lo que me has pedido. Estos son los informes:

Malwarebytes
www.malwarebytes.com

-Detalles del registro-
Fecha del análisis: 13/11/18
Hora del análisis: 20:38
Archivo de registro: b7c48c04-e77b-11e8-be86-38d5470e9683.json

-Información del software-
Versión: 3.6.1.2711
Versión de los componentes: 1.0.482
Versión del paquete de actualización: 1.0.7829
Licencia: Gratis

-Información del sistema-
SO: Windows 10 (Build 17134.345)
CPU: x64
Sistema de archivos: NTFS
Usuario: DESKTOP-QOV3LPL\Usuario

-Resumen del análisis-
Tipo de análisis: Análisis de amenazas
Análisis iniciado por:: Manual
Resultado: Completado
Objetos analizados: 321898
Amenazas detectadas: 7
Amenazas en cuarentena: 7
Tiempo transcurrido: 5 min, 1 seg

-Opciones de análisis-
Memoria: Activado
Inicio: Activado
Sistema de archivos: Activado
Archivo: Activado
Rootkits: Desactivado
Heurística: Activado
PUP: Detectar
PUM: Detectar

-Detalles del análisis-
Proceso: 0
(No hay elementos maliciosos detectados)

Módulo: 0
(No hay elementos maliciosos detectados)

Clave del registro: 0
(No hay elementos maliciosos detectados)

Valor del registro: 1
Trojan.Agent.Generic, HKU\S-1-5-21-3172669990-3237348719-737654103-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|e036c8a7, En cuarentena, [3706], [597397],1.0.7829

Datos del registro: 0
(No hay elementos maliciosos detectados)

Secuencia de datos: 0
(No hay elementos maliciosos detectados)

Carpeta: 1
Trojan.Agent.Generic, C:\PROGRAMDATA\e036c8a7, En cuarentena, [3706], [597397],1.0.7829

Archivo: 5
Trojan.Agent.Generic, C:\PROGRAMDATA\e036c8a7\test.au3, En cuarentena, [3706], [597397],1.0.7829
Trojan.Agent.Generic, C:\ProgramData\e036c8a7\e036c8a7.exe, En cuarentena, [3706], [597397],1.0.7829
Trojan.Agent.Generic, C:\ProgramData\e036c8a7\PE.bin, En cuarentena, [3706], [597397],1.0.7829
Trojan.Agent.Generic, C:\ProgramData\e036c8a7\PE2.bin, En cuarentena, [3706], [597397],1.0.7829
Trojan.Agent.Generic, C:\ProgramData\e036c8a7\shell.txt, En cuarentena, [3706], [597397],1.0.7829

Sector físico: 0
(No hay elementos maliciosos detectados)

WMI: 0
(No hay elementos maliciosos detectados)


(end)
# -------------------------------
# Malwarebytes AdwCleaner 7.2.4.0
# -------------------------------
# Build:    09-25-2018
# Database: 2018-11-12.1 (Cloud)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start:    11-13-2018
# Duration: 00:00:01
# OS:       Windows 10 Home
# Cleaned:  1
# Failed:   0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted       C:\ProgramData\E036C8A7

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1242 octets] - [29/04/2018 19:34:17]
AdwCleaner[S01].txt - [1339 octets] - [13/11/2018 20:54:37]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C01].txt ##########

#4

Hola

Descarga Farbar Recovery Scan Tool.en el escritorio, seleccionando la versión adecuada para la arquitectura(32 o 64bits) de tu equipo. :arrow_forward: ¿Cómo saber si mi Windows es de 32 o 64 bits.?

  • Ejecuta FRST.exe.
  • En el mensaje de la ventana del Disclaimer, pulsamos Yes
  • En la ventana principal pulsamos en el botón Scan y esperamos a que concluya el proceso.
  • Se abrirán dos(2) archivos(Logs), Frst.txt y Addition.txt, estos quedaran grabados en el escritorio.

Pon los dos reportes generados.

Debes copiarlos y pegarlos con todo su contenido y usaras varios mensajes si recibes un mensaje de error indicando que es muy largo(mas de 50.000 caracteres aprox.).

Un saludo


#5

Este es el FRST.txt:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 11.11.2018
Ran by Usuario (administrator) on DESKTOP-QOV3LPL (14-11-2018 01:06:32)
Running from C:\Users\Usuario\Downloads
Loaded Profiles: Usuario (Available Profiles: Usuario)
Platform: Windows 10 Home Version 1803 17134.345 (X64) Language: Español (España, internacional)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Hi-Rez Studios) C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.34.81.0_x64__kzf8qxf38zg5c\SkypeApp.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.34.81.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\vbc.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Windows\SysWOW64\systeminfo.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
() C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.172\deploy\LeagueClient.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe
(Discord Inc.) C:\Users\Usuario\AppData\Local\Discord\app-0.0.301\Discord.exe
(Discord Inc.) C:\Users\Usuario\AppData\Local\Discord\app-0.0.301\Discord.exe
(Discord Inc.) C:\Users\Usuario\AppData\Local\Discord\app-0.0.301\Discord.exe
(Discord Inc.) C:\Users\Usuario\AppData\Local\Discord\app-0.0.301\Discord.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTShellHlp.exe
() C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18082.13811.0_x64__8wekyb3d8bbwe\Video.UI.exe
() C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.172\deploy\LeagueClientUx.exe
() C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.172\deploy\LeagueClientUxRender.exe
() C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.172\deploy\LeagueClientUxRender.exe
(Microsoft Corporation) C:\Windows\System32\GameBarPresenceWriter.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8783616 2015-12-25] (Realtek Semiconductor)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [242392 2018-10-11] (AVAST Software)
HKLM-x32\...\Run: [amd_dc_opt] => C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [77824 2008-07-22] (AMD)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe* [588704 2018-03-28] ()
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe [1178912 2016-03-16] (Intel Corporation)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-21-3172669990-3237348719-737654103-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [729704 2018-04-03] (Disc Soft Ltd)
HKU\S-1-5-21-3172669990-3237348719-737654103-1001\...\Run: [Spotify] => C:\Users\Usuario\AppData\Roaming\Spotify\Spotify.exe [25061776 2018-09-14] (Spotify Ltd)
HKU\S-1-5-21-3172669990-3237348719-737654103-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27832264 2017-10-06] (Skype Technologies S.A.)
HKU\S-1-5-21-3172669990-3237348719-737654103-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3131680 2018-11-10] (Valve Corporation)
HKU\S-1-5-21-3172669990-3237348719-737654103-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [18630056 2018-09-10] (Piriform Ltd)
HKU\S-1-5-21-3172669990-3237348719-737654103-1001\...\Run: [e036c8a7] => C:\ProgramData\e036c8a7\e036c8a7.exe [0 ] (AutoIt Team)
HKU\S-1-5-21-3172669990-3237348719-737654103-1001\...\Run: [e036c8a72] => C:\ProgramData\gciQPwd\e036c8a7.exe [937776 2018-11-14] (AutoIt Team)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\GIGABYTE OC_GURU.lnk [2016-10-27]
ShortcutTarget: GIGABYTE OC_GURU.lnk -> C:\Program Files (x86)\GIGABYTE\GIGABYTE OC_GURU II\OC_GURU.exe (GIGABYTE Technology Co.,Ltd.)
Startup: C:\Users\Usuario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\7e036c8a7ef5f606be37219963a0e6f5.lnk [2018-11-13]
ShortcutTarget: 7e036c8a7ef5f606be37219963a0e6f5.lnk -> C:\DESKTOP-QOV3LPL\fjxiirthfi.exe (AutoIt Team)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 87.216.1.65 87.216.1.66
Tcpip\..\Interfaces\{837489b5-6785-422d-bfde-b37b7c4019de}: [DhcpNameServer] 87.216.1.65 87.216.1.66
Tcpip\..\Interfaces\{b88664f2-6e3a-4177-86f8-96a96b1b408d}: [DhcpNameServer] 192.168.2.1

Internet Explorer:
==================
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_172\bin\ssv.dll [2018-04-27] (Oracle Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_172\bin\jp2ssv.dll [2018-04-27] (Oracle Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_172\bin\ssv.dll [2018-04-27] (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_172\bin\jp2ssv.dll [2018-04-27] (Oracle Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2012-10-01] (Microsoft Corporation)

FireFox:
========
FF DefaultProfile: 8bsuao8y.default
FF ProfilePath: C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\8bsuao8y.default [2018-11-13]
FF Extension: (Avast SafePrice) - C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\8bsuao8y.default\Extensions\[email protected] [2017-07-03]
FF Extension: (Avast Online Security) - C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\8bsuao8y.default\Extensions\[email protected] [2018-06-22]
FF Plugin: @java.com/DTPlugin,version=11.172.2 -> C:\Program Files\Java\jre1.8.0_172\bin\dtplugin\npDeployJava1.dll [2018-04-27] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.172.2 -> C:\Program Files\Java\jre1.8.0_172\bin\plugin2\npjp2.dll [2018-04-27] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1232202.dll [2018-03-09] (Adobe Systems, Inc.)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2018-04-08] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2018-04-08] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2018-04-08] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2018-04-08] (Foxit Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=5.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2016-03-16] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.172.2 -> C:\Program Files (x86)\Java\jre1.8.0_172\bin\dtplugin\npDeployJava1.dll [2018-04-27] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.172.2 -> C:\Program Files (x86)\Java\jre1.8.0_172\bin\plugin2\npjp2.dll [2018-04-27] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2018-10-10] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2018-10-10] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-06-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-06-15] (Google Inc.)
FF Plugin HKU\S-1-5-21-3172669990-3237348719-737654103-1001: @my.com/Games -> C:\Users\Usuario\AppData\Local\MyComGames\NPMyComDetector.dll [2017-04-25] (MY.COM B.V.)

Chrome: 
=======
CHR Profile: C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default [2018-11-14]
CHR Extension: (Documentos) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13]
CHR Extension: (Google Drive) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-17]
CHR Extension: (YouTube) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-10-31]
CHR Extension: (Avast SafePrice | Comparaciones, ofertas y cupones) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2018-10-04]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-22]
CHR Extension: (Avast Online Security) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2018-09-26]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-03]
CHR Extension: (Gmail) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-10-31]
CHR Extension: (Chrome Media Router) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-10-18]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [8188768 2018-10-11] (AVAST Software)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-04-12] (AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [325024 2018-10-11] (AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-04-12] (AVAST Software)
S3 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [57504 2018-10-11] (AVAST Software)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [6971400 2017-12-10] ()
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [3606120 2018-04-03] (Disc Soft Ltd)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [774272 2018-06-13] (EasyAntiCheat Ltd)
S3 EvoSvc; C:\Program Files\Echobit\Evolve\EvoSvc.exe [1583488 2017-09-14] (Echobit LLC)
U2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9728 2018-05-30] (Hi-Rez Studios) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [974632 2016-02-19] (Intel(R) Corporation)
R3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2016-03-02] (Intel Corporation) [File not signed]
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [8704 2016-03-02] (Intel Corporation) [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [209184 2016-03-16] (Intel Corporation)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6347056 2018-09-19] (Malwarebytes)
S3 npggsvc; C:\WINDOWS\SysWOW64\GameMon.des [5660512 2016-08-16] (INCA Internet Co., Ltd.)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [773160 2018-10-10] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [773160 2018-10-10] (NVIDIA Corporation)
S4 ssh-agent; C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [495616 2018-03-10] ()
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [7500048 2016-09-20] (TeamViewer GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4451616 2018-04-12] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [107136 2018-09-21] (Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000 
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2014-09-09] ()
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [201408 2018-10-11] (AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdrivera.sys [230512 2018-10-11] (AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsha.sys [201928 2018-10-11] (AVAST Software)
R0 aswblog; C:\WINDOWS\System32\drivers\aswbloga.sys [346760 2018-10-11] (AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniva.sys [59664 2018-10-11] (AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [15360 2018-06-22] (AVAST Software)
R1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [185240 2018-10-11] (AVAST Software)
S3 aswHwid; C:\WINDOWS\System32\drivers\aswHwid.sys [47064 2018-10-11] (AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42456 2018-10-11] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [163376 2018-10-11] (AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [111968 2018-10-11] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [88112 2018-10-11] (AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [1028840 2018-10-11] (AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [467904 2018-10-11] (AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [208640 2018-10-11] (AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [381144 2018-10-11] (AVAST Software)
R3 athr; C:\WINDOWS\System32\drivers\athw10x.sys [4318648 2016-07-26] (Qualcomm Atheros Communications, Inc.)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2018-05-14] (Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2018-05-14] (Disc Soft Ltd)
R3 EvolveVirtualAdapter; C:\WINDOWS\System32\drivers\evolve.sys [21656 2017-09-14] (Echobit, LLC)
S3 keyboard; C:\Windows\System32\Drivers\keyboard.sys [20728 2017-10-31] (Shengniu, Inc.)
S3 ksapi64; C:\WINDOWS\system32\drivers\ksapi64.sys [89776 2017-12-07] (Kingsoft Corporation)
S3 mouse; C:\Windows\System32\Drivers\mouse.sys [20728 2017-10-31] (Shengniu, Inc.)
S3 nddvd; C:\WINDOWS\System32\drivers\nddvd.sys [18680 2016-10-08] (Windows (R) Win 7 DDK provider)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_f4187dc256a67a6b\nvlddmkm.sys [20337064 2018-10-12] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30792 2018-08-21] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [69544 2018-06-08] (NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [65792 2018-04-24] (NVIDIA Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [604160 2018-04-12] (Realtek )
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44616 2018-04-12] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [331680 2018-04-12] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [44032 2018-04-12] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-11-14 01:08 - 2018-11-14 01:08 - 000000000 ____D C:\ProgramData\uwSGafj
2018-11-14 01:06 - 2018-11-14 01:07 - 000022997 _____ C:\Users\Usuario\Downloads\FRST.txt
2018-11-14 01:06 - 2018-11-14 01:06 - 000000000 ____D C:\FRST
2018-11-14 01:05 - 2018-11-14 01:05 - 002415616 _____ (Farbar) C:\Users\Usuario\Downloads\FRST64.exe
2018-11-13 21:07 - 2018-11-13 21:07 - 000045492 _____ C:\Users\Usuario\Downloads\cc_20181113_210720.reg
2018-11-13 20:57 - 2018-11-13 20:57 - 000000000 ___HD C:\ProgramData\e036c8a7
2018-11-13 20:40 - 2018-11-13 20:40 - 007592144 _____ (Malwarebytes) C:\Users\Usuario\Downloads\adwcleaner_7.2.4.0.exe
2018-11-13 12:38 - 2018-11-13 12:38 - 000000000 ____D C:\Users\Usuario\AppData\Local\mbamtray
2018-11-13 12:38 - 2018-11-13 12:38 - 000000000 ____D C:\Users\Usuario\AppData\Local\mbam
2018-11-13 12:37 - 2018-11-13 12:37 - 000001912 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2018-11-13 12:37 - 2018-11-13 12:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2018-11-13 10:31 - 2018-11-13 10:31 - 000000000 ____D C:\Users\Usuario\Downloads\The Purge La noche de las bestias [BluRay Rip][AC3 2.0 Español Castellano][2013]
2018-11-13 10:30 - 2018-11-13 10:30 - 000018735 _____ C:\Users\Usuario\Downloads\the-purge-la-noche-de-las-bestias-HDRip1,75gb.torrent
2018-11-13 02:32 - 2018-11-13 03:09 - 1866090496 ____R C:\Users\Usuario\Downloads\Pr1meraPug4HDR.DivxTotal.avi
2018-11-13 02:27 - 2018-11-13 02:27 - 000018259 _____ C:\Users\Usuario\Downloads\Primera_Puga_HDR.torrent
2018-11-11 13:46 - 2018-11-11 13:46 - 000015166 _____ C:\Users\Usuario\Downloads\la-noche-de-halloween-bluray-rip-ac3-2-0-espaa-a-ol-castellano-1978.torrent
2018-11-11 13:46 - 2018-11-11 13:46 - 000000000 ____D C:\Users\Usuario\Downloads\La Noche De Halloween [BluRay Rip][AC3 2.0 Español Castellano][1978]
2018-11-09 15:33 - 2018-11-11 13:46 - 000000000 ____D C:\Users\Usuario\Downloads\Jurassic World 2 [BluRayRIP][AC3 5.1 Castellano][2018][www.descargas2020.com]
2018-11-09 15:32 - 2018-11-09 15:32 - 000012803 _____ C:\Users\Usuario\Downloads\jurassic-world-2-blurayrip-ac3-5-1.torrent
2018-11-08 11:19 - 2018-11-08 11:20 - 000000023 _____ C:\Users\Usuario\Desktop\codigothewitcher.txt
2018-11-08 11:17 - 2018-11-08 11:17 - 000000221 _____ C:\Users\Usuario\Desktop\The Witcher 2 Assassins of Kings Enhanced Edition.url
2018-11-06 17:15 - 2018-11-06 17:17 - 000000000 ____D C:\Program Files (x86)\Destiny 2
2018-11-03 18:01 - 2018-11-03 18:02 - 005112480 _____ (Husdawg, LLC) C:\Users\Usuario\Downloads\Detection.exe
2018-11-01 14:47 - 2018-11-01 14:47 - 000000222 _____ C:\Users\Usuario\Desktop\Tomb Raider.url
2018-10-27 06:01 - 2018-10-10 23:38 - 000133432 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2018-10-27 05:58 - 2018-10-12 16:38 - 000978312 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2018-10-27 05:58 - 2018-10-12 16:38 - 000978312 _____ C:\WINDOWS\system32\vulkan-1.dll
2018-10-27 05:58 - 2018-10-12 16:38 - 000845184 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2018-10-27 05:58 - 2018-10-12 16:38 - 000845184 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2018-10-27 05:58 - 2018-10-12 16:38 - 000268168 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2018-10-27 05:58 - 2018-10-12 16:38 - 000268168 _____ C:\WINDOWS\system32\vulkaninfo.exe
2018-10-27 05:58 - 2018-10-12 16:38 - 000243616 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2018-10-27 05:58 - 2018-10-12 16:38 - 000243616 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2018-10-27 05:58 - 2018-10-12 16:37 - 002017888 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6441634.dll
2018-10-27 05:58 - 2018-10-12 16:37 - 001997736 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2018-10-27 05:58 - 2018-10-12 16:37 - 001508112 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2018-10-27 05:58 - 2018-10-12 16:37 - 001468464 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6441634.dll
2018-10-27 05:58 - 2018-10-12 16:37 - 001455560 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2018-10-27 05:58 - 2018-10-12 16:37 - 001122672 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2018-10-27 05:58 - 2018-10-12 16:37 - 000631664 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2018-10-27 05:58 - 2018-10-12 16:37 - 000522184 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2018-10-27 05:58 - 2018-10-12 16:36 - 040254128 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2018-10-27 05:58 - 2018-10-12 16:36 - 035151944 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2018-10-27 05:58 - 2018-10-12 16:36 - 004937960 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2018-10-27 05:58 - 2018-10-12 16:36 - 004310600 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2018-10-27 05:58 - 2018-10-12 16:36 - 000750256 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvDecMFTMjpeg.dll
2018-10-27 05:58 - 2018-10-12 16:36 - 000608488 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvDecMFTMjpeg.dll
2018-10-27 05:58 - 2018-10-12 13:36 - 035298072 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2018-10-27 05:58 - 2018-10-12 13:36 - 029973400 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2018-10-27 05:58 - 2018-10-12 13:36 - 015907200 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2018-10-27 05:58 - 2018-10-12 13:36 - 013202856 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2018-10-27 05:58 - 2018-10-12 13:36 - 001462184 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
2018-10-27 05:58 - 2018-10-12 13:36 - 001167376 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2018-10-27 05:58 - 2018-10-12 13:36 - 001145512 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
2018-10-27 05:58 - 2018-10-12 13:36 - 000914552 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2018-10-27 05:58 - 2018-10-12 13:36 - 000822552 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmcumd.dll
2018-10-27 05:58 - 2018-10-12 13:36 - 000794416 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2018-10-27 05:58 - 2018-10-12 13:36 - 000637456 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2018-10-27 05:58 - 2018-10-12 13:35 - 019705728 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2018-10-27 05:58 - 2018-10-12 13:35 - 016984816 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2018-10-27 05:58 - 2018-10-12 13:35 - 004249528 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2018-10-27 05:58 - 2018-10-12 00:16 - 000047576 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdap64.dll
2018-10-25 04:13 - 2018-10-25 04:55 - 2451566592 _____ C:\Users\Usuario\Downloads\Pesadilla en Elm Street (HDRip) [Ciclo especial Halloween] (EliteTorrent.net).avi
2018-10-25 04:12 - 2018-10-25 04:13 - 000012454 _____ C:\Users\Usuario\Downloads\pesadilla-en-elm-street-hdrip-ciclo-halloween-JTbpn.torrent
2018-10-24 19:51 - 2018-09-04 23:36 - 001476904 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcupdate_GenuineIntel.dll
2018-10-23 17:30 - 2018-10-23 17:30 - 000001419 _____ C:\Users\Usuario\Desktop\Don't Starve.lnk
2018-10-23 17:30 - 2018-10-23 17:30 - 000000000 ____D C:\Users\Usuario\AppData\Roaming\Don't Starve
2018-10-23 17:24 - 2018-10-23 17:24 - 000000000 ____D C:\Program Files (x86)\R.G. Mechanics
2018-10-23 17:23 - 2018-10-23 17:23 - 000000000 ____D C:\Users\Usuario\Downloads\Don't Starve
2018-10-21 07:59 - 2018-10-21 07:59 - 000063232 _____ C:\Users\Usuario\Downloads\mod_publish_data_file.zip

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-11-14 01:05 - 2018-04-08 13:58 - 000000000 ____D C:\Users\Usuario\AppData\Roaming\1a88b58f5bcc7b94b78391a9229a0488
2018-11-14 01:02 - 2018-04-12 00:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2018-11-14 00:51 - 2018-06-25 16:57 - 000004114 _____ C:\WINDOWS\System32\Tasks\Microsoft Office 15 Sync Maintenance for DESKTOP-QOV3LPL-Usuario DESKTOP-QOV3LPL
2018-11-14 00:51 - 2018-06-25 16:57 - 000003548 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2018-11-14 00:51 - 2018-06-25 16:57 - 000003398 _____ C:\WINDOWS\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-11-14 00:51 - 2018-06-25 16:57 - 000003324 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2018-11-14 00:51 - 2018-06-25 16:57 - 000003196 _____ C:\WINDOWS\System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-11-14 00:51 - 2018-06-25 16:57 - 000003194 _____ C:\WINDOWS\System32\Tasks\CCleaner Update
2018-11-14 00:51 - 2018-06-25 16:57 - 000003152 _____ C:\WINDOWS\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-11-14 00:51 - 2018-06-25 16:57 - 000003016 _____ C:\WINDOWS\System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-11-14 00:51 - 2018-06-25 16:57 - 000003016 _____ C:\WINDOWS\System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-11-14 00:51 - 2018-06-25 16:57 - 000003016 _____ C:\WINDOWS\System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-11-14 00:51 - 2018-06-25 16:57 - 000002984 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-11-14 00:51 - 2018-06-25 16:57 - 000002956 _____ C:\WINDOWS\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-11-14 00:51 - 2018-06-25 16:57 - 000002914 _____ C:\WINDOWS\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-11-14 00:51 - 2018-06-25 16:57 - 000002856 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3172669990-3237348719-737654103-1001
2018-11-14 00:51 - 2018-06-25 16:57 - 000002838 _____ C:\WINDOWS\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-11-14 00:51 - 2018-06-25 16:57 - 000002832 _____ C:\WINDOWS\System32\Tasks\LuoMo-G10-GmTaskPlan
2018-11-14 00:51 - 2018-06-25 16:57 - 000002744 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-11-14 00:51 - 2018-06-25 16:57 - 000002218 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2018-11-14 00:51 - 2018-06-25 16:57 - 000000000 ____D C:\WINDOWS\System32\Tasks\AVAST Software
2018-11-13 22:20 - 2018-06-26 13:27 - 000000000 ____D C:\Users\Usuario\AppData\Local\D3DSCache
2018-11-13 22:08 - 2016-11-08 21:30 - 000000000 ____D C:\ProgramData\NVIDIA
2018-11-13 22:07 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\NDF
2018-11-13 22:07 - 2017-11-16 14:08 - 000000000 ____D C:\Users\Usuario\AppData\Local\AVAST Software
2018-11-13 22:05 - 2018-04-08 13:57 - 000000000 ___HD C:\DESKTOP-QOV3LPL
2018-11-13 22:05 - 2016-11-05 20:41 - 000000000 ____D C:\Program Files (x86)\Steam
2018-11-13 21:06 - 2018-06-25 16:57 - 000004264 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
2018-11-13 21:04 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2018-11-13 21:04 - 2017-09-10 16:30 - 000000000 ____D C:\Users\Usuario\AppData\Roaming\BitTorrent
2018-11-13 21:04 - 2016-10-30 20:07 - 000000000 ____D C:\Users\Usuario\AppData\Local\CrashDumps
2018-11-13 20:56 - 2018-06-25 16:57 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-11-13 20:56 - 2016-11-01 05:38 - 000000000 ____D C:\Program Files (x86)\Hi-Rez Studios
2018-11-13 20:55 - 2018-04-29 18:33 - 000000000 ____D C:\AdwCleaner
2018-11-13 20:55 - 2018-04-11 22:04 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2018-11-13 20:31 - 2018-06-25 16:27 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-11-13 20:29 - 2018-01-01 18:01 - 000000000 ____D C:\Users\Usuario\Downloads\activarwindows
2018-11-13 12:48 - 2018-04-12 00:38 - 000000000 ___HD C:\Program Files\WindowsApps
2018-11-13 12:48 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-11-13 12:41 - 2018-04-29 18:11 - 000152688 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2018-11-13 03:09 - 2016-10-27 17:20 - 000002299 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-11-13 03:09 - 2016-10-27 17:20 - 000002258 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-11-12 18:25 - 2016-10-31 19:45 - 000000000 ____D C:\Users\Usuario\AppData\Local\Battle.net
2018-11-12 18:23 - 2016-10-31 19:42 - 000000000 ____D C:\Program Files (x86)\Battle.net
2018-11-09 14:29 - 2018-06-25 16:48 - 001768608 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-11-09 14:29 - 2018-04-12 17:18 - 000786502 _____ C:\WINDOWS\system32\perfh00A.dat
2018-11-09 14:29 - 2018-04-12 17:18 - 000155134 _____ C:\WINDOWS\system32\perfc00A.dat
2018-11-09 14:29 - 2018-04-12 00:36 - 000000000 ____D C:\WINDOWS\INF
2018-11-09 09:19 - 2016-11-06 01:06 - 000000000 ____D C:\Program Files (x86)\Hearthstone
2018-11-07 01:41 - 2017-02-07 21:34 - 000000000 ____D C:\Program Files (x86)\FirestormLauncher
2018-11-06 22:30 - 2017-11-21 15:57 - 000000000 ____D C:\Users\Usuario\AppData\Local\MSfree Inc
2018-10-31 13:32 - 2016-11-17 14:24 - 000000000 ____D C:\Users\Usuario\AppData\Roaming\DAEMON Tools Lite
2018-10-28 10:31 - 2016-10-27 17:36 - 000000000 ____D C:\Users\Usuario\AppData\Local\NVIDIA
2018-10-27 06:02 - 2017-12-14 10:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2018-10-27 06:02 - 2016-11-08 21:30 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2018-10-27 06:01 - 2016-11-08 21:29 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2018-10-27 06:00 - 2016-11-08 21:29 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2018-10-27 05:42 - 2017-12-14 10:55 - 000001443 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2018-10-27 05:42 - 2016-10-27 17:57 - 000000000 ____D C:\Users\Usuario\AppData\Local\NVIDIA Corporation
2018-10-26 16:00 - 2018-04-12 11:36 - 000002496 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2018-10-26 16:00 - 2018-04-12 11:36 - 000002461 _____ C:\Users\Public\Desktop\Avast Secure Browser.lnk
2018-10-24 19:57 - 2018-04-12 00:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-10-23 17:39 - 2017-01-13 17:32 - 000000000 ____D C:\Users\Usuario\AppData\Local\SKIDROW
2018-10-23 08:27 - 2018-06-25 17:02 - 000000000 ____D C:\ProgramData\Packages
2018-10-21 17:35 - 2017-01-13 17:18 - 000000000 ____D C:\Users\Usuario\Documents\Klei
2018-10-21 07:41 - 2017-04-12 01:42 - 000000000 ____D C:\Program Files\Guild Wars 2
2018-10-20 04:55 - 2018-07-20 15:30 - 000002403 _____ C:\Users\Usuario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-10-20 04:55 - 2016-10-27 16:06 - 000000000 ___RD C:\Users\Usuario\OneDrive
2018-10-17 10:27 - 2016-10-27 17:36 - 000000000 ____D C:\Users\Usuario\AppData\Local\Google

==================== Files in the root of some directories =======

2017-09-02 17:56 - 2017-07-04 17:56 - 000000032 _____ () C:\ProgramData\hash.dat
2017-03-22 19:29 - 2017-03-22 19:29 - 039504576 _____ () C:\Users\Usuario\AppData\Roaming\gameboxsetup.exe
2017-01-05 17:33 - 2016-11-23 14:37 - 000000570 _____ () C:\Users\Usuario\AppData\Local\TroubleshooterConfig.json

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-06-25 16:27

==================== End of FRST.txt ============================

#6

Este es el Addition.txt, la primera parte:

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11.11.2018
Ran by Usuario (14-11-2018 01:08:11)
Running from C:\Users\Usuario\Downloads
Windows 10 Home Version 1803 17134.345 (X64) (2018-06-25 15:58:41)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrador (S-1-5-21-3172669990-3237348719-737654103-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3172669990-3237348719-737654103-503 - Limited - Disabled)
Invitado (S-1-5-21-3172669990-3237348719-737654103-501 - Limited - Disabled)
Usuario (S-1-5-21-3172669990-3237348719-737654103-1001 - Administrator - Enabled) => C:\Users\Usuario
WDAGUtilityAccount (S-1-5-21-3172669990-3237348719-737654103-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 16.04 (x64) (HKLM\...\7-Zip) (Version: 16.04 - Igor Pavlov)
7-Zip 18.01 (x64 edition) (HKLM\...\{23170F69-40C1-2702-1801-000001000000}) (Version: 18.01.00.0 - Igor Pavlov)
Actualización de NVIDIA 33.2.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 33.2.0.0 - NVIDIA Corporation) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 29.0.0.112 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.3 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.3.2.202 - Adobe Systems, Inc.)
Atom (HKU\S-1-5-21-3172669990-3237348719-737654103-1001\...\atom) (Version: 1.13.0 - GitHub Inc.)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 18.7.2354 - AVAST Software)
Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 69.1.867.100 - AVAST Software)
Avast Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.4.136.333 - AVAST Software) Hidden
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Bethesda.net Launcher (HKLM-x32\...\{3448917E-E4FE-4E30-9502-9FD52EABB6F5}_is1) (Version: 1.13.1 - Bethesda Softworks)
BitTorrent (HKU\S-1-5-21-3172669990-3237348719-737654103-1001\...\BitTorrent) (Version: 7.10.4.44633 - BitTorrent Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.46 - Piriform)
CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.7.6389 - CDBurnerXP)
CloudPirates (HKU\S-1-5-21-3172669990-3237348719-737654103-1001\...\CloudPirates) (Version: 1.36 - My.com B.V.)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.8.0.0410 - Disc Soft Ltd)
Dauntless (HKLM\...\{03AFDFA7-7A23-41B1-AAC2-3898591127D3}) (Version: 1.00.0000 - Phoenix Labs)
Discord (HKU\S-1-5-21-3172669990-3237348719-737654103-1001\...\Discord) (Version: 0.0.301 - Discord Inc.)
DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 416.34 - NVIDIA Corporation) Hidden
Don't Starve (HKLM-x32\...\Don't Starve_R.G. Mechanics_is1) (Version:  - R.G. Mechanics, spider91)
Dual-Core Optimizer (HKLM-x32\...\{9FD6F1A8-5550-46AF-8509-271DF0E768B5}) (Version: 1.1.4.0169 - AMD)
Eines de correcció del Microsoft Office 2013: català (HKLM\...\{90150000-001F-0403-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Epic Games Launcher (HKLM-x32\...\{56C7F9B4-77A1-48C3-AE0A-E402992F1F9B}) (Version: 1.1.94.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Evolve (HKLM\...\{670B1B49-9FD3-4827-9B41-471EFF580AA8}) (Version: 1.8.18 - Echobit, LLC)
Fallout Shelter (HKLM-x32\...\Fallout Shelter) (Version:  - Bethesda Softworks)
Ferramentas de verificación de Microsoft Office 2013 - Galego (HKLM\...\{90150000-001F-0456-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Firestorm Launcher versión 1.3 (HKLM-x32\...\{008D5963-9A73-4472-8C16-A5BF04491B9D}_is1) (Version: 1.3 - Firestorm)
ForHonor (HKLM-x32\...\Uplay Install 569) (Version:  - Ubisoft)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 9.1.0.5096 - Foxit Software Inc.)
G10 GM (HKLM-x32\...\{80E8FC0C-D182-424A-BF48-6B4F55EC38E4}_is1) (Version: 1.0 - )
GIGABYTE OC_GURU II (HKLM-x32\...\{EA298EC1-2B8F-4DA9-8C5B-BC1FCBBAD72F}) (Version: 1.90.0000 - GIGABYTE Technology Co.,Ltd.) Hidden
GIGABYTE OC_GURU II (HKLM-x32\...\InstallShield_{EA298EC1-2B8F-4DA9-8C5B-BC1FCBBAD72F}) (Version: 1.90.0000 - GIGABYTE Technology Co.,Ltd.)
Google Chrome (HKLM-x32\...\{16C1182D-6E13-3989-A4BC-360B106D5C4E}) (Version: 70.0.3538.102 - Google, Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
Guild Wars 2 (HKLM\...\Guild Wars 2) (Version:  - NCsoft Corporation, Ltd.)
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
Hearthstone Deck Tracker (HKU\S-1-5-21-3172669990-3237348719-737654103-1001\...\HearthstoneDeckTracker) (Version: 1.7.5 - HearthSim)
Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version:  - Blizzard Entertainment)
HiPatch (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF000}) (Version: 5.0.7.4 - Hi-Rez Studios)
Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.4.1186 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4463 - Intel Corporation)
Intel® Security Assist (HKLM-x32\...\{8B08DDA1-FDE7-4897-8EB6-E0B048A6D88B}) (Version: 1.0.1.618 - Intel Corporation)
Java 8 Update 111 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180111F0}) (Version: 8.0.1110.14 - Oracle Corporation)
Java 8 Update 111 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180111F0}) (Version: 8.0.1110.14 - Oracle Corporation)
Java 8 Update 172 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180172F0}) (Version: 8.0.1720.11 - Oracle Corporation)
Java 8 Update 172 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180172F0}) (Version: 8.0.1720.11 - Oracle Corporation)
K-Lite Codec Pack 12.4.4 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 12.4.4 - KLCP)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
League of Legends (HKLM-x32\...\{43B7EA02-3A90-4E6A-8E50-5DAAB3F772A3}) (Version: 4.1.2 - Riot Games) Hidden
League of Legends (HKLM-x32\...\League of Legends 4.1.2) (Version: 4.1.2 - Riot Games)
Malwarebytes versión 3.6.1.2711 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.6.1.2711 - Malwarebytes)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3172669990-3237348719-737654103-1001\...\OneDriveSetup.exe) (Version: 18.172.0826.0010 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.10.25008 (HKLM-x32\...\{f1e7e313-06df-4c56-96a9-99fdfd149c51}) (Version: 14.10.25008.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.10.25008 (HKLM-x32\...\{c239cea1-d49e-4e16-8e87-8c055765f7ec}) (Version: 14.10.25008.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Moonlighter (HKLM-x32\...\Moonlighter_is1) (Version:  - )
Mozilla Firefox 49.0.2 (x86 es-ES) (HKLM-x32\...\Mozilla Firefox 49.0.2 (x86 es-ES)) (Version: 49.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 49.0.2 - Mozilla)
MTGArena (HKLM-x32\...\{12078308-3873-4711-8575-1C0BE679207C}) (Version: 0.1.873.0 - Wizards of the Coast)
My.com Game Center (HKU\S-1-5-21-3172669990-3237348719-737654103-1001\...\MyComGames) (Version: 3.196 - My.com B.V.)
Notepad++ (64-bit x64) (HKLM\...\Notepad++) (Version: 7.2 - Notepad++ Team)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.11 - NVIDIA Corporation) Hidden
NVIDIA Controlador de 3D Vision 416.34 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 416.34 - NVIDIA Corporation)
NVIDIA Controlador de audio HD 1.3.37.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.37.5 - NVIDIA Corporation)
NVIDIA Controlador de gráficos 416.34 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 416.34 - NVIDIA Corporation)
NVIDIA Controlador de la controladora 3D Vision 390.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 390.41 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.15.0.186 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.15.0.186 - NVIDIA Corporation)
NVIDIA Software del sistema PhysX 9.18.0907 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.18.0907 - NVIDIA Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 20.1.3 - OBS Project)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Outils de vérification linguistique 2013 de Microsoft Office - Français (HKLM\...\{90150000-001F-040C-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Panel de control de NVIDIA 416.34 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 416.34 - NVIDIA Corporation) Hidden
Paquete de controladores de Windows - Qualcomm Atheros Communications Inc. (athr) Net  (07/19/2016 10.0.0.344) (HKLM\...\95987408263946D692028AE835B2B05729D9A24B) (Version: 07/19/2016 10.0.0.344 - Qualcomm Atheros Communications Inc.)
PBE (HKLM-x32\...\PBE 1.0) (Version: 1.0 - Riot Games, Inc)
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 2.4.0 - pdfforge GmbH)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7701 - Realtek Semiconductor Corp.)
Revisores de Texto do Microsoft Office 2013 – Português do Brasil (HKLM\...\{90150000-001F-0416-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Skype™ 7.40 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.40.151 - Skype Technologies S.A.)
Software para dispositivos de chipset Intel® (HKLM-x32\...\{fb610cea-ba50-4d4b-a717-cf025419035c}) (Version: 10.1.1.13 - Intel(R) Corporation) Hidden
Spotify (HKU\S-1-5-21-3172669990-3237348719-737654103-1001\...\Spotify) (Version: 1.0.89.313.g34a58dea - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.66695 - TeamViewer)
The Elder Scrolls Legends (HKLM-x32\...\The Elder Scrolls Legends) (Version:  - Bethesda Softworks)
The Walking Dead Gold Repack (HKLM-x32\...\The Walking Dead Gold Repack) (Version: 9.99 - VictorVal)
The Walking Dead Season 2 (HKLM-x32\...\The Walking Dead Season 2_is1) (Version:  - )
Traducción The Walking Dead [Temporada 2][Episodio 4] (HKLM-x32\...\Traducción The Walking Dead [Temporada 2][Episodio 4]_is1) (Version: 1.2 - Satrnova)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{DE083343-D24D-4495-919E-18C65EC0F289}) (Version: 2.8.0.0 - Microsoft Corporation)
Uplay (HKLM-x32\...\Uplay) (Version: 61.0 - Ubisoft)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.4 - VideoLAN)
WinRAR 5.40 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-10-11] (AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-10-11] (AVAST Software)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-01-28] (Igor Pavlov)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-10-11] (AVAST Software)
ContextMenuHandlers1: [cm_64bit] -> {69E19770-EA24-49e2-B997-405EDBEF4C05} =>  -> No File
ContextMenuHandlers1: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x64.dll [2018-04-16] (Foxit Software Inc.)
ContextMenuHandlers1: [PDFCreator.ShellContextMenu] -> {d9cea52e-100d-4159-89ea-76e845bc13e1} => C:\Windows\system32\mscoree.dll [2018-04-12] (Microsoft Corporation)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-14] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-14] (Alexander Roshal)
ContextMenuHandlers2: [cm_64bit] -> {69E19770-EA24-49e2-B997-405EDBEF4C05} =>  -> No File
ContextMenuHandlers2: [DaemonShellExtDriveLite] -> {C06369D6-E77D-4626-9656-1256312BD576} => C:\Program Files\DAEMON Tools Lite\DTShl64.dll [2018-04-03] (Disc Soft Ltd)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-10-11] (AVAST Software)
ContextMenuHandlers3: [DaemonShellExtImageLite] -> {1D1B5D7B-0FC9-452E-902C-12BACD4FBC20} => C:\Program Files\DAEMON Tools Lite\DTShl64.dll [2018-04-03] (Disc Soft Ltd)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-01-28] (Igor Pavlov)
ContextMenuHandlers4: [cm_64bit] -> {69E19770-EA24-49e2-B997-405EDBEF4C05} =>  -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} =>  -> No File
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2018-10-11] (NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-01-28] (Igor Pavlov)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-10-11] (AVAST Software)
ContextMenuHandlers6: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x64.dll [2018-04-16] (Foxit Software Inc.)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-14] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-14] (Alexander Roshal)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {03ED202E-8441-4B09-AF8A-8A392279E758} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2018-10-11] (AVAST Software)
Task: {040869C1-7DCE-47BE-BB9F-D400BF13C7AC} - System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-10-10] (NVIDIA Corporation)
Task: {08905DAE-B6C5-4740-92BD-AF02F3877FDD} - System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-10-10] (NVIDIA Corporation)
Task: {2A932E11-3DB0-4E75-9702-890ADCE94E12} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2018-10-10] (NVIDIA Corporation)
Task: {2E47117C-C5AB-441F-B188-E428FE1828C6} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {3CE7BD23-A5A8-4961-9334-C7AB96FA7266} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2018-10-10] (NVIDIA Corporation)
Task: {4FEF94CA-EF04-45D2-B58E-5943B7ED1DEB} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [2016-10-10] ()
Task: {5474FC46-7DDD-4293-B6FD-793C7D1BFF91} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-10-10] (NVIDIA Corporation)
Task: {5D02A70D-71F0-4FD0-9BB2-911AC9CF4BD1} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {65B85F6F-35B3-4459-A179-28255D5B7B25} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\WINDOWS\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-04-12] ()
Task: {69C3125B-53BF-4CD5-9AF8-F0F1F2CDA376} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2018-04-12] (AVAST Software)
Task: {77ABB9C2-F992-4260-A920-B35CC833D0E1} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-10-27] (Google Inc.)
Task: {7DE8275E-1367-4674-A393-F08B78F12C15} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2012-10-01] (Microsoft Corporation)
Task: {83274EB6-EBBA-48B5-A5C4-1F12DF6C027F} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [2016-02-19] (Intel(R) Corporation)
Task: {8A3A0CFB-9575-4005-A3CF-1D7615E13FBB} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {8BE34698-5ED7-46D8-A769-C63EFC39838F} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-10-10] (NVIDIA Corporation)
Task: {8E7C8DC4-D8CC-4B06-9C56-EB75E3256E8D} - System32\Tasks\LuoMo-G10-GmTaskPlan => C:\Program Files\G10 GM\EasySMX.exe [2016-12-26] ()
Task: {9E2CF705-43B4-40C5-A9AE-9A7033708F48} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2018-10-10] (NVIDIA Corporation)
Task: {A0E25C55-8929-410C-BB81-BAD25B0EB4B1} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {A1043283-44F6-4B4F-81BB-E37C8C86A2AE} - System32\Tasks\Microsoft Office 15 Sync Maintenance for DESKTOP-QOV3LPL-Usuario DESKTOP-QOV3LPL => C:\Program Files\Microsoft Office\Office15\MsoSync.exe [2012-10-01] (Microsoft Corporation)
Task: {A901AD2C-A28F-4481-9862-3103D5D989DF} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2018-04-12] (AVAST Software)
Task: {A94D6FA5-5B6C-4EF1-B90B-9302C70447C1} - System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-10-10] (NVIDIA Corporation)
Task: {AEF7128E-CFF2-4663-9551-9B77E5EB83AD} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-10-10] (NVIDIA Corporation)
Task: {BCDCB4A9-02F7-4BDD-AD70-B0AAE5A6D6C1} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-10-10] (NVIDIA Corporation)
Task: {C29786F0-4832-45A9-B7A8-89BE92EB4DFA} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-09-10] (Piriform Ltd)
Task: {D6A36A1E-3AC9-4A12-AB32-26E268FEFAFA} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-10-10] (NVIDIA Corporation)
Task: {E10564C2-1D9C-421A-AD9E-C8CDC6D74E6D} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe [2016-10-27] ()
Task: {F4450E0C-82CE-4734-819B-27B3964B0455} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2018-11-09] (AVAST Software)
Task: {F92CDBB7-D67B-4D1B-B9DB-44642B0F9499} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-09-10] (Piriform Ltd)
Task: {FE4BE687-BC82-42A5-8971-6D8887934496} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-10-27] (Google Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2018-06-20 01:27 - 2018-10-10 21:04 - 001314856 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2018-04-12 00:34 - 2018-04-12 00:34 - 000491744 _____ () C:\Windows\System32\InputHost.dll
2018-04-12 00:34 - 2018-04-12 00:34 - 000472064 _____ () C:\Windows\ShellExperiences\TileControl.dll
2018-04-12 00:34 - 2018-04-12 00:34 - 002759168 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll
2018-10-10 11:09 - 2018-09-20 04:38 - 002185728 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2018-10-04 17:16 - 2018-10-04 17:16 - 000009216 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.34.81.0_x64__kzf8qxf38zg5c\ImagePipelineNative.dll
2018-11-13 08:58 - 2018-11-13 08:58 - 000060416 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.34.81.0_x64__kzf8qxf38zg5c\ChakraBridge.dll
2018-11-13 08:58 - 2018-11-13 09:00 - 000019456 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.34.81.0_x64__kzf8qxf38zg5c\SkypeProxiesAndStubs.dll
2018-11-13 08:58 - 2018-11-13 08:59 - 010873344 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.34.81.0_x64__kzf8qxf38zg5c\LibWrapper.dll
2018-11-13 08:58 - 2018-11-13 09:00 - 002834432 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.34.81.0_x64__kzf8qxf38zg5c\skypert.dll
2018-11-13 08:58 - 2018-11-13 08:59 - 000685568 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.34.81.0_x64__kzf8qxf38zg5c\RtmMvrUap.dll
2018-11-13 08:58 - 2018-11-13 09:00 - 000183808 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.34.81.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
2018-11-07 12:32 - 2018-11-07 12:32 - 003446400 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.172\deploy\LeagueClient.exe
2018-10-27 06:03 - 2018-10-27 06:04 - 035118592 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18082.13811.0_x64__8wekyb3d8bbwe\Video.UI.exe
2018-10-27 06:03 - 2018-10-27 06:03 - 000290816 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18082.13811.0_x64__8wekyb3d8bbwe\SharedUI.dll
2018-10-27 06:03 - 2018-10-27 06:03 - 005987328 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18082.13811.0_x64__8wekyb3d8bbwe\EntCommon.dll
2017-09-26 05:49 - 2017-09-26 05:49 - 003553704 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18082.13811.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-10-27 06:03 - 2018-10-27 06:03 - 009064448 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18082.13811.0_x64__8wekyb3d8bbwe\EntPlat.dll
2018-11-07 12:32 - 2018-11-07 12:32 - 001711744 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.172\deploy\LeagueClientUx.exe
2018-11-07 12:32 - 2018-11-07 12:32 - 000895616 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.172\deploy\LeagueClientUxRender.exe
2018-11-13 08:59 - 2018-11-13 09:01 - 000478720 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2018-11-13 08:59 - 2018-11-13 09:01 - 066031104 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2018-11-08 11:01 - 2018-11-08 11:07 - 000010752 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\RenderingPlugin.dll
2017-12-13 17:59 - 2017-12-13 18:05 - 002523136 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\UnityEngineDelegates.dll
2018-11-08 11:01 - 2018-11-08 11:05 - 003715072 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\MediaEngineCSWrapper.dll
2018-11-08 11:01 - 2018-11-08 11:07 - 000036352 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\WinMLWrapper.UWP.dll
2018-08-17 19:49 - 2018-08-17 19:56 - 002480640 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\opencv_imgproc320.dll
2018-08-17 19:49 - 2018-08-17 19:55 - 002280960 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\opencv_core320.dll
2018-03-30 04:39 - 2018-03-30 04:43 - 002283008 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\TrackingDLLUWP.dll
2018-11-13 08:59 - 2018-11-13 09:01 - 014097920 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\PhotosApp.Windows.dll
2018-11-08 11:01 - 2018-11-08 11:05 - 003569152 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\MediaEngine.dll
2018-11-13 08:59 - 2018-11-13 08:59 - 002863616 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\AppCore.Windows.dll
2018-08-30 18:59 - 2018-08-30 19:04 - 000973312 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\RuntimeConfiguration.dll
2018-07-30 03:18 - 2018-07-31 16:14 - 004584960 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-11-13 03:09 - 2018-11-08 23:14 - 005020504 _____ () C:\Program Files (x86)\Google\Chrome\Application\70.0.3538.102\libglesv2.dll
2018-11-13 03:09 - 2018-11-08 23:14 - 000116056 _____ () C:\Program Files (x86)\Google\Chrome\Application\70.0.3538.102\libegl.dll
2018-10-09 10:04 - 2018-10-09 10:04 - 004389888 _____ () C:\Program Files\WindowsApps\Microsoft.OneConnect_5.1809.2571.0_x64__8wekyb3d8bbwe\OneConnect.dll
2016-03-16 00:54 - 2016-03-16 00:54 - 001243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2017-12-14 10:55 - 2018-10-10 21:04 - 001032744 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2018-03-03 16:35 - 2018-03-03 16:35 - 067126928 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2018-10-11 21:56 - 2018-10-11 21:56 - 000598232 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll
2018-11-07 12:34 - 2018-11-07 12:34 - 000113792 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.172\deploy\zlib.dll
2018-11-07 12:34 - 2018-11-07 12:34 - 000128640 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.172\deploy\yaml.dll
2018-11-07 12:32 - 2018-11-07 12:32 - 002082432 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.172\deploy\Plugins\rcp-be-patch\rcp-be-patch.dll
2018-11-07 12:32 - 2018-08-15 10:36 - 000614528 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.172\deploy\Plugins\rcp-be-rso-auth\rcp-be-rso-auth.dll
2018-11-07 12:32 - 2018-08-29 07:31 - 000550528 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.172\deploy\Plugins\rcp-be-riot-messaging-service\rcp-be-riot-messaging-service.dll
2018-11-07 12:32 - 2018-03-22 06:10 - 000492160 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.172\deploy\Plugins\rcp-be-entitlements\rcp-be-entitlements.dll
2018-11-07 12:32 - 2018-11-07 12:32 - 001589720 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.172\deploy\Plugins\rcp-be-lol-patch\rcp-be-lol-patch.dll
2018-11-07 12:32 - 2018-09-12 21:02 - 001392600 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.172\deploy\Plugins\rcp-be-patcher\rcp-be-patcher.dll
2018-11-07 12:32 - 2018-08-01 09:15 - 000999040 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.172\deploy\Plugins\rcp-be-lol-login\rcp-be-lol-login.dll
2018-11-07 12:32 - 2017-11-08 06:35 - 000522368 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.172\deploy\Plugins\rcp-be-lol-platform-config\rcp-be-lol-platform-config.dll
2018-11-07 12:32 - 2018-08-01 09:15 - 000733824 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.172\deploy\Plugins\rcp-be-lol-summoner\rcp-be-lol-summoner.dll
2018-11-07 12:32 - 2018-10-10 10:35 - 000514688 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.172\deploy\Plugins\rcp-be-lol-ranked-stats\rcp-be-lol-ranked-stats.dll
2018-11-07 12:32 - 2018-09-12 21:02 - 000452224 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.172\deploy\Plugins\rcp-be-lol-maps\rcp-be-lol-maps.dll
2018-11-07 12:32 - 2018-10-25 00:58 - 000600536 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.172\deploy\Plugins\rcp-be-lol-game-queues\rcp-be-lol-game-queues.dll
2018-11-07 12:32 - 2017-07-19 16:41 - 000539264 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.172\deploy\Plugins\rcp-be-lol-player-preferences\rcp-be-lol-player-preferences.dll
2018-11-07 12:32 - 2018-09-12 21:02 - 000587736 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.172\deploy\Plugins\rcp-be-lol-game-settings\rcp-be-lol-game-settings.dll
2018-11-07 12:32 - 2018-07-20 01:51 - 000535168 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.172\deploy\Plugins\rcp-be-lol-settings\rcp-be-lol-settings.dll
2018-11-07 12:32 - 2018-11-07 12:32 - 000747136 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.172\deploy\Plugins\rcp-be-lol-gameflow\rcp-be-lol-gameflow.dll
2018-11-07 12:32 - 2017-11-08 06:35 - 000479360 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.172\deploy\Plugins\rcp-be-lol-pre-end-of-game\rcp-be-lol-pre-end-of-game.dll
2018-11-07 12:32 - 2018-10-25 00:58 - 000763864 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.172\deploy\Plugins\rcp-be-sanitizer\rcp-be-sanitizer.dll
2018-11-07 12:32 - 2017-07-19 16:41 - 000444544 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.172\deploy\Plugins\rcp-be-lol-riot-messaging-service\rcp-be-lol-riot-messaging-service.dll
2018-11-07 12:32 - 2018-05-16 09:29 - 000501888 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.172\deploy\Plugins\rcp-be-lol-acs\rcp-be-lol-acs.dll
2018-11-07 12:32 - 2018-09-12 21:02 - 000481920 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.172\deploy\Plugins\rcp-be-player-notifications\rcp-be-player-notifications.dll
2018-11-07 12:32 - 2018-08-01 09:15 - 000443008 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.172\deploy\Plugins\rcp-be-lol-loyalty\rcp-be-lol-loyalty.dll
2018-11-07 12:32 - 2018-05-31 06:28 - 000778368 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.172\deploy\Plugins\rcp-be-lol-collections\rcp-be-lol-collections.dll
2018-11-07 12:32 - 2018-11-07 12:32 - 000625792 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.172\deploy\Plugins\rcp-be-lol-champions\rcp-be-lol-champions.dll
2018-11-07 12:32 - 2017-11-21 16:00 - 000446592 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.172\deploy\Plugins\rcp-be-lol-kr-shutdown-law\rcp-be-lol-kr-shutdown-law.dll
2018-11-07 12:32 - 2018-10-25 00:58 - 000843736 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.172\deploy\Plugins\rcp-be-lol-leagues\rcp-be-lol-leagues.dll
2018-11-07 12:32 - 2018-08-29 07:31 - 000691328 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.172\deploy\Plugins\rcp-be-lol-store\rcp-be-lol-store.dll
2018-11-07 12:32 - 2018-11-07 12:32 - 000616064 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.172\deploy\Plugins\rcp-be-lol-inventory\rcp-be-lol-inventory.dll
2018-11-07 12:32 - 2018-11-07 12:32 - 000887768 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.172\deploy\Plugins\rcp-be-lol-lobby-team-builder\rcp-be-lol-lobby-team-builder.dll
2018-11-07 12:32 - 2018-11-07 12:32 - 000548312 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.172\deploy\Plugins\rcp-be-lol-queue-eligibility\rcp-be-lol-queue-eligibility.dll
2018-11-07 12:32 - 2018-10-25 00:58 - 000628696 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.172\deploy\Plugins\rcp-be-lol-matchmaking\rcp-be-lol-matchmaking.dll
2018-11-07 12:32 - 2017-07-19 16:41 - 000518272 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.172\deploy\Plugins\rcp-be-lol-spectator\rcp-be-lol-spectator.dll
2018-11-07 12:32 - 2018-10-25 00:58 - 001550808 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.172\deploy\Plugins\rcp-be-lol-chat\rcp-be-lol-chat.dll
2018-11-07 12:32 - 2018-11-07 12:32 - 001633240 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.172\deploy\Plugins\rcp-be-lol-lobby\rcp-be-lol-lobby.dll
2018-11-07 12:32 - 2018-08-29 07:31 - 000740992 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.172\deploy\Plugins\rcp-be-lol-champ-select-legacy\rcp-be-lol-champ-select-legacy.dll
2018-11-07 12:32 - 2018-08-29 07:31 - 000563840 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.172\deploy\Plugins\rcp-be-lol-champ-select\rcp-be-lol-champ-select.dll
2018-11-07 12:32 - 2018-11-07 12:32 - 000560600 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.172\deploy\Plugins\rcp-be-lol-loadouts\rcp-be-lol-loadouts.dll
2018-11-07 12:32 - 2017-07-19 16:41 - 000493696 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.172\deploy\Plugins\rcp-be-lol-heartbeat\rcp-be-lol-heartbeat.dll
2018-11-07 12:32 - 2017-07-19 16:41 - 000518272 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.172\deploy\Plugins\rcp-be-lol-shutdown\rcp-be-lol-shutdown.dll
2018-11-07 12:32 - 2018-06-27 15:51 - 000923264 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.172\deploy\Plugins\rcp-be-lol-loot\rcp-be-lol-loot.dll
2018-11-07 12:32 - 2018-09-26 17:23 - 000417240 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.172\deploy\Plugins\rcp-be-lol-kickout\rcp-be-lol-kickout.dll
2018-11-07 12:32 - 2018-11-07 12:32 - 000418264 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.172\deploy\Plugins\rcp-be-lol-license-agreement\rcp-be-lol-license-agreement.dll
2018-11-07 12:32 - 2017-07-19 16:41 - 000479360 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.172\deploy\Plugins\rcp-be-lol-kr-playtime-reminder\rcp-be-lol-kr-playtime-reminder.dll
2018-11-07 12:32 - 2018-03-03 18:42 - 000439936 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.172\deploy\Plugins\rcp-be-lol-game-client-chat\rcp-be-lol-game-client-chat.dll
2018-11-07 12:32 - 2018-09-26 17:23 - 000650880 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.172\deploy\Plugins\rcp-be-lol-end-of-game\rcp-be-lol-end-of-game.dll
2018-11-07 12:32 - 2017-07-19 16:41 - 000522368 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.172\deploy\Plugins\rcp-be-lol-active-boosts\rcp-be-lol-active-boosts.dll
2018-11-07 12:32 - 2018-11-07 12:32 - 000835200 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.172\deploy\Plugins\rcp-be-lol-ranked\rcp-be-lol-ranked.dll
2018-11-07 12:32 - 2017-11-08 06:35 - 000594560 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.172\deploy\Plugins\rcp-be-lol-pft\rcp-be-lol-pft.dll
2018-11-07 12:32 - 2018-05-07 09:53 - 000598656 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.172\deploy\Plugins\rcp-be-lol-player-behavior\rcp-be-lol-player-behavior.dll
2018-11-07 12:32 - 2018-06-13 11:17 - 000485504 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.172\deploy\Plugins\rcp-be-lol-suggested-players\rcp-be-lol-suggested-players.dll
2018-11-07 12:32 - 2017-07-19 16:41 - 000530560 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.172\deploy\Plugins\rcp-be-lol-service-status\rcp-be-lol-service-status.dll
2018-11-07 12:32 - 2017-07-19 16:41 - 000558720 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.172\deploy\Plugins\rcp-be-lol-leaver-buster\rcp-be-lol-leaver-buster.dll
2018-11-07 12:32 - 2018-08-01 09:15 - 000562816 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.172\deploy\Plugins\rcp-be-lol-match-history\rcp-be-lol-match-history.dll
2018-11-07 12:32 - 2017-08-23 08:44 - 000715392 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.172\deploy\Plugins\rcp-be-recofriender\rcp-be-recofriender.dll
2018-11-07 12:32 - 2018-05-31 06:28 - 000716928 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.172\deploy\Plugins\rcp-be-lol-clubs\rcp-be-lol-clubs.dll
2018-11-07 12:32 - 2017-07-26 13:46 - 000530560 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.172\deploy\Plugins\rcp-be-lol-clubs-public\rcp-be-lol-clubs-public.dll
2018-11-07 12:32 - 2017-11-08 06:35 - 000574080 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.172\deploy\Plugins\rcp-be-lol-esport-stream-notifications\rcp-be-lol-esport-stream-notifications.dll
2018-11-07 12:32 - 2018-05-07 09:53 - 000451200 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.172\deploy\Plugins\rcp-be-lol-player-level-up\rcp-be-lol-player-level-up.dll
2018-11-07 12:32 - 2017-07-19 16:41 - 000487040 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.172\deploy\Plugins\rcp-be-lol-tencent-qt\rcp-be-lol-tencent-qt.dll
2018-11-07 12:32 - 2017-07-19 16:41 - 000546432 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.172\deploy\Plugins\rcp-be-lol-player-messaging\rcp-be-lol-player-messaging.dll
2018-11-07 12:32 - 2018-01-10 18:06 - 000484992 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.172\deploy\Plugins\rcp-be-lol-purchase-widget\rcp-be-lol-purchase-widget.dll
2018-11-07 12:32 - 2018-05-31 06:28 - 000546432 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.172\deploy\Plugins\rcp-be-lol-personalized-offers\rcp-be-lol-personalized-offers.dll
2018-11-07 12:32 - 2018-07-20 01:51 - 000618624 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.172\deploy\Plugins\rcp-be-lol-recommendations\rcp-be-lol-recommendations.dll
2018-11-07 12:32 - 2017-11-08 06:35 - 000469632 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.172\deploy\Plugins\rcp-be-lol-user-experience\rcp-be-lol-user-experience.dll
2018-11-07 12:32 - 2017-11-08 06:35 - 000542848 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.172\deploy\Plugins\rcp-be-lol-simple-dialog-messages\rcp-be-lol-simple-dialog-messages.dll
2018-11-07 12:32 - 2017-07-19 16:41 - 000610944 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.172\deploy\Plugins\rcp-be-lol-highlights\rcp-be-lol-highlights.dll
2018-11-07 12:32 - 2018-06-27 15:51 - 000627840 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.172\deploy\Plugins\rcp-be-lol-honor-v2\rcp-be-lol-honor-v2.dll
2018-11-07 12:32 - 2018-01-10 18:06 - 000465024 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.172\deploy\Plugins\rcp-be-network-testing\rcp-be-network-testing.dll
2018-11-07 12:32 - 2018-11-07 12:32 - 000613848 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.172\deploy\Plugins\rcp-be-lol-missions\rcp-be-lol-missions.dll
2018-11-07 12:32 - 2017-09-13 16:43 - 000584832 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.172\deploy\Plugins\rcp-be-lol-item-sets\rcp-be-lol-item-sets.dll
2018-11-07 12:32 - 2018-01-24 17:18 - 000500352 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.172\deploy\Plugins\rcp-be-lol-email-verification\rcp-be-lol-email-verification.dll
2018-11-07 12:32 - 2018-07-20 01:51 - 000471680 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.172\deploy\Plugins\rcp-be-lol-geoinfo\rcp-be-lol-geoinfo.dll
2018-11-07 12:32 - 2018-10-10 10:35 - 000487552 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.172\deploy\Plugins\rcp-be-lol-content-targeting\rcp-be-lol-content-targeting.dll
2018-11-07 12:32 - 2018-11-07 12:32 - 001277568 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.172\deploy\Plugins\rcp-be-lol-clash\rcp-be-lol-clash.dll
2018-11-07 12:32 - 2018-09-12 21:02 - 000658560 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.172\deploy\Plugins\rcp-be-lol-replays\rcp-be-lol-replays.dll
2018-11-07 12:32 - 2018-10-10 10:35 - 000745944 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.172\deploy\Plugins\rcp-be-voice-chat\rcp-be-voice-chat.dll
2018-11-07 12:32 - 2018-09-26 17:23 - 000656000 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.172\deploy\Plugins\rcp-be-gcloud-voice-chat\rcp-be-gcloud-voice-chat.dll
2018-11-07 12:32 - 2018-08-29 07:31 - 000635008 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.172\deploy\Plugins\rcp-be-lol-premade-voice\rcp-be-lol-premade-voice.dll
2018-11-07 12:32 - 2018-10-10 10:35 - 000502232 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.172\deploy\Plugins\rcp-be-lol-featured-modes\rcp-be-lol-featured-modes.dll
2018-11-07 12:32 - 2018-09-26 17:23 - 000597976 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.172\deploy\Plugins\rcp-be-lol-npe-tutorial-path\rcp-be-lol-npe-tutorial-path.dll
2018-11-07 12:32 - 2018-10-10 10:35 - 000482264 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.172\deploy\Plugins\rcp-be-lol-catalog\rcp-be-lol-catalog.dll
2018-11-07 12:32 - 2018-11-07 12:32 - 000540288 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.172\deploy\Plugins\rcp-be-lol-regalia\rcp-be-lol-regalia.dll
2018-11-07 12:32 - 2017-11-21 16:00 - 000451712 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.172\deploy\Plugins\rcp-be-payments\rcp-be-payments.dll
2018-11-07 12:32 - 2018-10-10 10:35 - 000558720 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.172\deploy\Plugins\rcp-be-lol-banners\rcp-be-lol-banners.dll
2018-11-07 12:32 - 2018-05-16 09:29 - 000484480 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.172\deploy\Plugins\rcp-be-lol-trophies\rcp-be-lol-trophies.dll
2018-11-07 12:32 - 2018-11-07 12:32 - 000753280 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.172\deploy\Plugins\rcp-be-lol-perks\rcp-be-lol-perks.dll
2018-11-07 12:32 - 2018-05-16 09:29 - 000455296 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.172\deploy\Plugins\rcp-be-lol-discord-rp\rcp-be-lol-discord-rp.dll
2018-11-07 12:32 - 2018-02-07 10:04 - 000530560 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.172\deploy\Plugins\rcp-be-lol-account-verification\rcp-be-lol-account-verification.dll
2018-11-07 12:32 - 2018-10-10 10:35 - 000565208 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.172\deploy\Plugins\rcp-be-lol-career-stats\rcp-be-lol-career-stats.dll
2018-11-07 12:32 - 2018-09-26 17:23 - 000433112 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.172\deploy\Plugins\rcp-be-lol-worlds-token-card\rcp-be-lol-worlds-token-card.dll
2018-05-03 11:57 - 2018-04-30 22:01 - 001891672 _____ () C:\Users\Usuario\AppData\Local\Discord\app-0.0.301\ffmpeg.dll
2018-05-03 11:57 - 2018-04-30 22:01 - 001937752 _____ () C:\Users\Usuario\AppData\Local\Discord\app-0.0.301\libglesv2.dll
2018-05-03 11:57 - 2018-04-30 22:01 - 000095576 _____ () C:\Users\Usuario\AppData\Local\Discord\app-0.0.301\libegl.dll
2018-05-03 11:57 - 2018-11-07 13:33 - 011283288 _____ () \\?\C:\Users\Usuario\AppData\Roaming\discord\0.0.301\modules\discord_voice\discord_voice.node
2018-05-03 11:57 - 2018-11-13 22:10 - 001639256 _____ () \\?\C:\Users\Usuario\AppData\Roaming\discord\0.0.301\modules\discord_utils\discord_utils.node
2018-05-03 11:57 - 2018-05-03 11:57 - 001910104 _____ () \\?

#7

Este es el Addition.txt, la segunda parte:

\C:\Users\Usuario\AppData\Roaming\discord\0.0.301\modules\discord_spellcheck\node_modules\cld\build\Release\cld.node
2018-05-03 11:57 - 2018-05-03 11:57 - 000422744 _____ () \\?\C:\Users\Usuario\AppData\Roaming\discord\0.0.301\modules\discord_spellcheck\node_modules\spellchecker\build\Release\spellchecker.node
2018-05-03 11:57 - 2018-05-03 11:57 - 000145240 _____ () \\?\C:\Users\Usuario\AppData\Roaming\discord\0.0.301\modules\discord_spellcheck\node_modules\keyboard-layout\build\Release\keyboard-layout-manager.node
2018-05-03 11:57 - 2018-05-03 11:57 - 000512856 _____ () \\?\C:\Users\Usuario\AppData\Roaming\discord\0.0.301\modules\discord_erlpack\discord_erlpack.node
2018-05-03 11:57 - 2018-11-07 13:33 - 001630040 _____ () \\?\C:\Users\Usuario\AppData\Roaming\discord\0.0.301\modules\discord_game_utils\discord_game_utils.node
2018-10-02 19:02 - 2018-10-10 23:10 - 009621848 _____ () \\?\C:\Users\Usuario\AppData\Roaming\discord\0.0.301\modules\discord_cloudsync\discord_cloudsync.node
2018-05-03 11:57 - 2018-11-13 22:10 - 001718104 _____ () \\?\C:\Users\Usuario\AppData\Roaming\discord\0.0.301\modules\discord_overlay2\discord_overlay2.node
2018-05-03 11:57 - 2018-05-03 11:57 - 002722648 _____ () \\?\C:\Users\Usuario\AppData\Roaming\discord\0.0.301\modules\discord_rpc\discord_rpc.node
2018-08-20 17:42 - 2018-11-13 22:10 - 001261400 _____ () \\?\C:\Users\Usuario\AppData\Roaming\discord\0.0.301\modules\discord_modules\discord_modules.node
2018-08-20 17:42 - 2018-11-07 13:33 - 024896856 _____ () \\?\C:\Users\Usuario\AppData\Roaming\discord\0.0.301\modules\discord_dispatch\discord_dispatch.node
2018-05-03 11:57 - 2018-05-03 11:57 - 001249112 _____ () \\?\C:\Users\Usuario\AppData\Roaming\discord\0.0.301\modules\discord_vigilante\discord_vigilante.node
2018-05-03 11:57 - 2018-11-13 22:10 - 001639256 _____ () \\?\C:\Users\Usuario\AppData\Roaming\discord\0.0.301\modules\discord_hook\discord_hook.node
2018-11-07 12:32 - 2018-11-07 12:32 - 055045760 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.172\deploy\libcef.dll
2018-11-07 12:32 - 2018-11-07 12:32 - 000832640 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.172\deploy\ffmpeg.dll
2018-11-07 12:32 - 2018-11-07 12:32 - 001801344 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.172\deploy\libglesv2.dll
2018-11-07 12:32 - 2018-11-07 12:32 - 000022144 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.172\deploy\libegl.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\Public\AppData:CSM [480]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-07-10 12:04 - 2018-11-12 16:17 - 000000828 _____ C:\WINDOWS\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3172669990-3237348719-737654103-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Usuario\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\bilgewater_thecity_02.jpg
DNS Servers: 87.216.1.65 - 87.216.1.66
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

HKU\S-1-5-21-3172669990-3237348719-737654103-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-3172669990-3237348719-737654103-1001\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-3172669990-3237348719-737654103-1001\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-3172669990-3237348719-737654103-1001\...\StartupApproved\Run: => "Spotify Web Helper"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [UDP Query User{42B2B329-0A2F-4692-8A21-82CFAAEE8375}C:\program files (x86)\the long dark vigilant flame\tld.exe] => (Block) C:\program files (x86)\the long dark vigilant flame\tld.exe
FirewallRules: [TCP Query User{965319CB-CA83-48AD-9B0B-D02531B092A6}C:\program files (x86)\the long dark vigilant flame\tld.exe] => (Block) C:\program files (x86)\the long dark vigilant flame\tld.exe
FirewallRules: [{1FC02380-3A56-4B30-B2D5-EF66DB3BEE92}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{DFADD5FE-B2D5-4B3C-94DE-CCD284CBBE5B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{9805F6D2-E0C5-4C33-800F-73BBC8A92CAB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Realm Royale\Binaries\Win64\RealmEAC.exe
FirewallRules: [{B50FEF34-E9B0-45D9-8939-14BEBA9BC5EC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Realm Royale\Binaries\Win64\RealmEAC.exe
FirewallRules: [{0DF92DD6-E17C-418D-B87D-C535A8ED054D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\How to Survive\Detect.exe
FirewallRules: [{C0A381FD-B5F8-4CC1-914B-C5E817630C4D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\How to Survive\Detect.exe
FirewallRules: [{75B406C1-B7E1-4B34-9975-0091965378A1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\How to Survive\HowToSurvive.exe
FirewallRules: [{0487DA58-BDAA-4BD7-8E92-92156A67A857}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\How to Survive\HowToSurvive.exe
FirewallRules: [{E38AAF9F-5B57-48FB-8CD8-D75A6C4AD25A}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
FirewallRules: [{135C0D42-CE0C-4B23-9616-7AE0FEC3BC9B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DEATHGARDEN - Closed Alpha\TheExit.exe
FirewallRules: [{C6600670-23DF-43C4-81E6-604C693C672A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DEATHGARDEN - Closed Alpha\TheExit.exe
FirewallRules: [{B5EBA4BB-072B-4DF8-B8E1-9489BC5F9252}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ShadowOfMordor\x64\ShadowOfMordor.exe
FirewallRules: [{D6111404-0AE4-45BF-ABA0-148073748A48}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ShadowOfMordor\x64\ShadowOfMordor.exe
FirewallRules: [UDP Query User{28ACB5F3-8410-40AB-BD67-6CD145D8B7F6}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [TCP Query User{752F1176-6D09-4A45-B3E5-0074EA9BA100}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [{356E9AE0-4FD8-4A18-89FA-23CD6C693A3F}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{267FBE07-48C4-435C-8605-1139E0B0944A}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{4617B9CC-B62A-4A95-9912-CEC16273D5C4}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{109169AD-8D1B-4D62-A065-D2911992D48B}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{A5037FED-57DC-49EF-906E-3906A38A8FE5}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{E177F8EC-FB64-4E70-B74C-8C10C4E1D8F2}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{ACBE389F-34FE-499A-99ED-D0D20ABD4BB8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{F5C8EDB1-F233-46A2-8939-204A3A6A02D4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{E18EF154-71DA-4674-946D-522A062899B9}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{0482AD21-FD4D-4F49-85EE-4E4C1013BE9A}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{7D2E10A0-3EDC-4560-8B37-3CFA2F997DA5}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{6FF801C2-F86B-46C5-AE5F-F7B5DCE9213D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{179E06D4-CE77-4230-8585-D662AEC8D90C}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{EB8DE84A-7E9A-4F45-B181-CC5C0E663995}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{CB7BB95F-9303-47B1-87ED-21FB80F39813}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{E990036B-A65F-47BE-8B13-5C32AEEBD0E6}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Block) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe
FirewallRules: [UDP Query User{02F30468-2F0E-4BDF-BCEE-2C267DF3516B}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Block) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe
FirewallRules: [TCP Query User{5AFF2C06-A7CE-4BEF-9458-611D3A19D39D}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Block) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [UDP Query User{DE4B4560-17E6-46FC-AA9C-B7FCB1BD262F}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Block) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [{FEEA2C97-6D5C-4747-A69C-0A977664918F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Paladins\Binaries\Win32\HirezBridge.exe
FirewallRules: [{38BEB57B-58BA-4833-ADA9-1E3872FD92AB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Paladins\Binaries\Win32\HirezBridge.exe
FirewallRules: [TCP Query User{1C7A97B2-3099-41B1-A48F-0CA119A5D2E9}C:\program files (x86)\steam\steamapps\common\paladins\binaries\win32\paladins.exe] => (Block) C:\program files (x86)\steam\steamapps\common\paladins\binaries\win32\paladins.exe
FirewallRules: [UDP Query User{F173B694-D80C-44BB-9BCC-8E562C53575D}C:\program files (x86)\steam\steamapps\common\paladins\binaries\win32\paladins.exe] => (Block) C:\program files (x86)\steam\steamapps\common\paladins\binaries\win32\paladins.exe
FirewallRules: [TCP Query User{935DF126-C00F-4A02-86EC-433648901F63}C:\program files (x86)\steam\steamapps\common\dead by daylight\deadbydaylight\binaries\win64\deadbydaylight-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dead by daylight\deadbydaylight\binaries\win64\deadbydaylight-win64-shipping.exe
FirewallRules: [UDP Query User{20DECAE8-8004-4D33-85C0-BD030C8458EA}C:\program files (x86)\steam\steamapps\common\dead by daylight\deadbydaylight\binaries\win64\deadbydaylight-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dead by daylight\deadbydaylight\binaries\win64\deadbydaylight-win64-shipping.exe
FirewallRules: [TCP Query User{6EF90A2B-7BCF-4C5D-9FFC-C1AF4763ACFE}C:\program files\java\jre1.8.0_111\bin\javaw.exe] => (Block) C:\program files\java\jre1.8.0_111\bin\javaw.exe
FirewallRules: [UDP Query User{A76890A4-3408-4E5E-9F8C-0D61C0E3D23D}C:\program files\java\jre1.8.0_111\bin\javaw.exe] => (Block) C:\program files\java\jre1.8.0_111\bin\javaw.exe
FirewallRules: [{269AB89F-AE44-42E3-8462-E617B02FC57D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dead by Daylight\DeadByDaylight.exe
FirewallRules: [{A3633A82-8376-4AEF-B75A-715CDEAF6906}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dead by Daylight\DeadByDaylight.exe
FirewallRules: [TCP Query User{CD9FE878-B0B5-4E66-B0B3-FD8555B4B8F1}C:\users\usuario\appdata\local\mycomgames\mycomgames.exe] => (Allow) C:\users\usuario\appdata\local\mycomgames\mycomgames.exe
FirewallRules: [UDP Query User{04C12B66-6374-49D2-8701-A61A9905C74F}C:\users\usuario\appdata\local\mycomgames\mycomgames.exe] => (Allow) C:\users\usuario\appdata\local\mycomgames\mycomgames.exe
FirewallRules: [TCP Query User{5D55FA08-D3A3-4C58-920B-E346F80AF6C6}C:\users\usuario\downloads\cat.quest\cat quest.exe] => (Allow) C:\users\usuario\downloads\cat.quest\cat quest.exe
FirewallRules: [UDP Query User{248E72E2-9DF1-465C-ADE9-795269754D09}C:\users\usuario\downloads\cat.quest\cat quest.exe] => (Allow) C:\users\usuario\downloads\cat.quest\cat quest.exe
FirewallRules: [{93A1C1E0-B7C8-4140-8DAD-4B5F814893F2}] => (Block) C:\users\usuario\downloads\cat.quest\cat quest.exe
FirewallRules: [{6A8331E6-7B2A-4494-9448-113E0A8358E8}] => (Block) C:\users\usuario\downloads\cat.quest\cat quest.exe
FirewallRules: [{96A1B40E-8557-42BC-B99C-E93DC8222143}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Path of Exile\PathOfExileSteam.exe
FirewallRules: [{92C99552-A42F-44B7-853D-034598CBB89F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Path of Exile\PathOfExileSteam.exe
FirewallRules: [{F5D1DE2B-DA54-4041-A0AB-64B5A0FADCB8}] => (Allow) C:\Users\Usuario\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{91DFF8FC-855B-4850-BC62-871A989F7599}] => (Allow) C:\Users\Usuario\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [TCP Query User{3D9A0029-CEDD-4489-B4B0-D67117E7AAA1}C:\users\usuario\downloads\don't starve together v226323\bin\dontstarve_steam.exe] => (Allow) C:\users\usuario\downloads\don't starve together v226323\bin\dontstarve_steam.exe
FirewallRules: [UDP Query User{44956D5C-77A9-4782-BB03-D17D6483E6D0}C:\users\usuario\downloads\don't starve together v226323\bin\dontstarve_steam.exe] => (Allow) C:\users\usuario\downloads\don't starve together v226323\bin\dontstarve_steam.exe
FirewallRules: [TCP Query User{F86CEF54-1A8D-47B9-817A-A8B0A41FF08E}C:\users\usuario\downloads\don't starve together v226323\bin\dontstarve_dedicated_server_nullrenderer.exe] => (Allow) C:\users\usuario\downloads\don't starve together v226323\bin\dontstarve_dedicated_server_nullrenderer.exe
FirewallRules: [UDP Query User{7337D676-AE03-49EE-9645-714B0E523B2E}C:\users\usuario\downloads\don't starve together v226323\bin\dontstarve_dedicated_server_nullrenderer.exe] => (Allow) C:\users\usuario\downloads\don't starve together v226323\bin\dontstarve_dedicated_server_nullrenderer.exe
FirewallRules: [{5F39083A-C750-44A7-8F9C-903DA67C77D1}] => (Allow) C:\Program Files\Echobit\Evolve\EvoSvc.exe
FirewallRules: [{55A17C16-44A5-4E2D-AD62-C420E93520CC}] => (Allow) C:\Program Files\Echobit\Evolve\EvolveClient.exe
FirewallRules: [TCP Query User{540FEA9E-0592-4708-BD00-50DC6E7A8413}C:\users\usuario\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\usuario\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{48F53763-EE65-44E6-AC0A-E3963BB67B61}C:\users\usuario\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\usuario\appdata\roaming\spotify\spotify.exe
FirewallRules: [{E7F01E72-5A92-42D1-9112-C7DAA362D251}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Battlerite\Battlerite.exe
FirewallRules: [{FE0C26D1-FD82-472C-8818-4F67590ACC70}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Battlerite\Battlerite.exe
FirewallRules: [TCP Query User{561EE78E-155B-4E5B-8A0E-BF717F622919}C:\program files (x86)\steam\steamapps\common\realm royale\binaries\win64\realm.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\realm royale\binaries\win64\realm.exe
FirewallRules: [UDP Query User{BE9BA89A-F783-4ED0-B684-C866273C0BF2}C:\program files (x86)\steam\steamapps\common\realm royale\binaries\win64\realm.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\realm royale\binaries\win64\realm.exe
FirewallRules: [{1941FDBF-4827-4A40-ADD7-068204F67A83}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{3A7C9275-79C8-4956-930A-0B4A62B96C9F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{9422840D-AF7D-4A54-9EC2-963006C98015}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{058D15A9-CCEF-4116-9FFC-91090199A9C3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{0CB79852-78AE-4099-ABC1-9BB46F86C3BE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\Launcher.exe
FirewallRules: [{81EB520F-59DD-4371-94E7-94AED23C7BA5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\RemoteCrashSender.exe
FirewallRules: [{E2BF9875-CA21-484F-ADC2-5C10037400B3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{6C8E2D75-E96E-44CB-BC8C-B500A35DE85C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{1D7C096F-6F7E-4D69-B04F-683A75B2655D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{9FDF40A7-DD51-4A2B-A788-D54898F5D45D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{FB7FA526-E97B-4B40-94BF-D14F2A21759E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\Launcher.exe
FirewallRules: [{9FE6FFEB-17A5-473D-AFD7-3F9712FBC41E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\RemoteCrashSender.exe
FirewallRules: [TCP Query User{846F54DA-D518-4EFC-81E6-5EF11E9D5584}C:\program files (x86)\heroes of the storm\versions\base66182\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base66182\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{147A0892-B396-4B2F-8AB7-1D038F1D3576}C:\program files (x86)\heroes of the storm\versions\base66182\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base66182\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{312B796D-381B-42A4-B6C6-5F1E5C1A7C0F}C:\program files (x86)\steam\steamapps\common\deathgarden - closed alpha\theexit\binaries\win64\theexit-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\deathgarden - closed alpha\theexit\binaries\win64\theexit-win64-shipping.exe
FirewallRules: [UDP Query User{8CE5AB78-F716-43F2-B702-B9114E20EA24}C:\program files (x86)\steam\steamapps\common\deathgarden - closed alpha\theexit\binaries\win64\theexit-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\deathgarden - closed alpha\theexit\binaries\win64\theexit-win64-shipping.exe
FirewallRules: [TCP Query User{AE38681A-E315-4BD6-8BAC-89AC644F2F17}C:\program files (x86)\dead island definitive edition\deadislandgame.exe] => (Allow) C:\program files (x86)\dead island definitive edition\deadislandgame.exe
FirewallRules: [UDP Query User{DBD17123-BC0F-4378-AF61-DB694DC20775}C:\program files (x86)\dead island definitive edition\deadislandgame.exe] => (Allow) C:\program files (x86)\dead island definitive edition\deadislandgame.exe
FirewallRules: [{0DB5725C-1563-4A3E-A188-871235644B47}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
FirewallRules: [{D7024E10-515B-4C6E-9314-EC20E17EB52A}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
FirewallRules: [{F09FBDFF-A5E4-4A6A-85F2-92AC463894DA}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{2CDC7B32-6891-4592-B67F-3A0D4B403216}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{FC785DAB-F069-4D86-AC47-D28FE6028606}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [{6C02A810-828F-469B-8DA2-E534E1B2F3C7}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [TCP Query User{0CC1705C-F3B1-4C02-9152-B35CAF48AD9C}C:\program files (x86)\wizards of the coast\mtga\mtga.exe] => (Allow) C:\program files (x86)\wizards of the coast\mtga\mtga.exe
FirewallRules: [UDP Query User{9774305F-9623-4A4B-833C-8A6B46A8212A}C:\program files (x86)\wizards of the coast\mtga\mtga.exe] => (Allow) C:\program files (x86)\wizards of the coast\mtga\mtga.exe
FirewallRules: [{F1E545C5-5D39-447D-8FCF-630323812105}] => (Allow) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
FirewallRules: [{454FD1F1-54FC-4108-835C-18F08299582C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{B629BBAC-6EA2-47E3-860A-2F551F98C8C1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{062825FA-10EE-4513-86E7-0D27CE34BAC9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{FC628D6C-48A4-4F98-A58B-46F225440584}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{7022EED3-7D35-4D72-AB27-9F72D54B0B12}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tomb Raider\TombRaider.exe
FirewallRules: [{65DEB632-2F17-445A-9A92-143404848AE7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tomb Raider\TombRaider.exe
FirewallRules: [{83CB559E-DCD9-4962-8057-F66A70C32B6F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Albion Online\launcher\AlbionLauncher.exe
FirewallRules: [{C45844DF-FAF9-419E-B665-658BCDF60555}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Albion Online\launcher\AlbionLauncher.exe
FirewallRules: [{9C290471-2E7F-47E1-A152-30181B2F63C9}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Restore Points =========================

02-11-2018 10:35:57 Punto de control programado
10-11-2018 17:46:28 Punto de control programado

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (11/13/2018 12:42:25 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: mbam.exe, versión: 3.1.0.1644, marca de tiempo: 0x5bc8b269
Nombre del módulo con errores: Qt5Core.dll, versión: 5.11.1.0, marca de tiempo: 0x5b9bc256
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x0019d749
Identificador del proceso con errores: 0xb384
Hora de inicio de la aplicación con errores: 0x01d47b45eb72268c
Ruta de acceso de la aplicación con errores: C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
Ruta de acceso del módulo con errores: C:\Program Files\Malwarebytes\Anti-Malware\Qt5Core.dll
Identificador del informe: 02449ae6-dc19-4b3a-97a7-72bff7fac598
Nombre completo del paquete con errores: 
Identificador de aplicación relativa del paquete con errores:

Error: (11/13/2018 03:09:21 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: svchost.exe_WpnUserService, versión: 10.0.17134.1, marca de tiempo: 0xa38b9ab2
Nombre del módulo con errores: NotificationController.dll, versión: 10.0.17134.165, marca de tiempo: 0xe0385185
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x000000000007a24d
Identificador del proceso con errores: 0x8728
Hora de inicio de la aplicación con errores: 0x01d47aef1ce18704
Ruta de acceso de la aplicación con errores: C:\WINDOWS\system32\svchost.exe
Ruta de acceso del módulo con errores: C:\Windows\System32\NotificationController.dll
Identificador del informe: 346f7661-d108-41d5-81b5-f62fce49cdef
Nombre completo del paquete con errores: 
Identificador de aplicación relativa del paquete con errores:

Error: (11/12/2018 10:12:02 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: svchost.exe_WpnUserService, versión: 10.0.17134.1, marca de tiempo: 0xa38b9ab2
Nombre del módulo con errores: NotificationController.dll, versión: 10.0.17134.165, marca de tiempo: 0xe0385185
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x000000000007c686
Identificador del proceso con errores: 0xa7e8
Hora de inicio de la aplicación con errores: 0x01d47abdc35ac408
Ruta de acceso de la aplicación con errores: C:\WINDOWS\system32\svchost.exe
Ruta de acceso del módulo con errores: C:\Windows\System32\NotificationController.dll
Identificador del informe: c81d51ba-6e46-436b-a16b-4cc204ab96f0
Nombre completo del paquete con errores: 
Identificador de aplicación relativa del paquete con errores:

Error: (11/12/2018 06:25:41 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: El programa Hearthstone.exe, versión 12.4.0.27641, dejó de interactuar con Windows y se cerró. Para ver si hay más información disponible acerca del problema, comprueba el historial de problemas en la sección Seguridad y mantenimiento del Panel de control.

Identificador de proceso: 5284

Hora de inicio: 01d47aac8910e30a

Hora de finalización: 17

Ruta de la aplicación: C:\Program Files (x86)\Hearthstone\Hearthstone.exe

Identificador de informe: 4df24071-cc5a-4520-97cf-978cdbe5bf8c

Nombre completo de paquete con errores: 

Identificador de aplicación relativa del paquete con errores:

Error: (11/12/2018 12:29:11 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: svchost.exe_WpnUserService, versión: 10.0.17134.1, marca de tiempo: 0xa38b9ab2
Nombre del módulo con errores: NotificationController.dll, versión: 10.0.17134.165, marca de tiempo: 0xe0385185
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x000000000007c686
Identificador del proceso con errores: 0x1690
Hora de inicio de la aplicación con errores: 0x01d47a78a8ae31bf
Ruta de acceso de la aplicación con errores: C:\WINDOWS\system32\svchost.exe
Ruta de acceso del módulo con errores: C:\Windows\System32\NotificationController.dll
Identificador del informe: 8f76f1c6-e0e8-461c-b81b-a143672df9f5
Nombre completo del paquete con errores: 
Identificador de aplicación relativa del paquete con errores:

Error: (11/11/2018 06:17:36 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: El programa DeadByDaylight-Win64-Shipping.exe, versión 4.13.2.0, dejó de interactuar con Windows y se cerró. Para ver si hay más información disponible acerca del problema, comprueba el historial de problemas en la sección Seguridad y mantenimiento del Panel de control.

Identificador de proceso: 73e0

Hora de inicio: 01d479dbd7301e22

Hora de finalización: 4294967295

Ruta de la aplicación: C:\Program Files (x86)\Steam\steamapps\common\Dead by Daylight\DeadByDaylight\Binaries\Win64\DeadByDaylight-Win64-Shipping.exe

Identificador de informe: 8fc2c40e-5184-4ac5-808c-da6be3898ef9

Nombre completo de paquete con errores: 

Identificador de aplicación relativa del paquete con errores:

Error: (11/11/2018 02:12:40 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: svchost.exe_WpnUserService, versión: 10.0.17134.1, marca de tiempo: 0xa38b9ab2
Nombre del módulo con errores: NotificationController.dll, versión: 10.0.17134.165, marca de tiempo: 0xe0385185
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x000000000007a24d
Identificador del proceso con errores: 0xa1a0
Hora de inicio de la aplicación con errores: 0x01d479bbe3478f56
Ruta de acceso de la aplicación con errores: C:\WINDOWS\system32\svchost.exe
Ruta de acceso del módulo con errores: C:\Windows\System32\NotificationController.dll
Identificador del informe: c1acea9e-84da-4f36-a03a-ec4c7dee4349
Nombre completo del paquete con errores: 
Identificador de aplicación relativa del paquete con errores:

Error: (11/11/2018 02:25:52 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: svchost.exe_WpnUserService, versión: 10.0.17134.1, marca de tiempo: 0xa38b9ab2
Nombre del módulo con errores: NotificationController.dll, versión: 10.0.17134.165, marca de tiempo: 0xe0385185
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x000000000007c686
Identificador del proceso con errores: 0x5678
Hora de inicio de la aplicación con errores: 0x01d47949de06637a
Ruta de acceso de la aplicación con errores: C:\WINDOWS\system32\svchost.exe
Ruta de acceso del módulo con errores: C:\Windows\System32\NotificationController.dll
Identificador del informe: b29b9122-663d-49c7-80b6-fac910b7e9d5
Nombre completo del paquete con errores: 
Identificador de aplicación relativa del paquete con errores:


System errors:
=============
Error: (11/14/2018 01:05:50 AM) (Source: DCOM) (EventID: 10001) (User: DESKTOP-QOV3LPL)
Description: No se puede iniciar un servidor DCOM: {9AA46009-3CE0-458A-A354-715610A075E6} como No disponible/No disponible. Error 
"5"
al iniciar este comando:
C:\WINDOWS\System32\rundll32.exe C:\WINDOWS\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding

Error: (11/14/2018 01:05:49 AM) (Source: DCOM) (EventID: 10001) (User: DESKTOP-QOV3LPL)
Description: No se puede iniciar un servidor DCOM: {9AA46009-3CE0-458A-A354-715610A075E6} como No disponible/No disponible. Error 
"5"
al iniciar este comando:
C:\WINDOWS\System32\rundll32.exe C:\WINDOWS\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding

Error: (11/14/2018 01:05:49 AM) (Source: DCOM) (EventID: 10001) (User: DESKTOP-QOV3LPL)
Description: No se puede iniciar un servidor DCOM: {9AA46009-3CE0-458A-A354-715610A075E6} como No disponible/No disponible. Error 
"5"
al iniciar este comando:
C:\WINDOWS\System32\rundll32.exe C:\WINDOWS\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding

Error: (11/14/2018 01:05:49 AM) (Source: DCOM) (EventID: 10001) (User: DESKTOP-QOV3LPL)
Description: No se puede iniciar un servidor DCOM: {9AA46009-3CE0-458A-A354-715610A075E6} como No disponible/No disponible. Error 
"5"
al iniciar este comando:
C:\WINDOWS\System32\rundll32.exe C:\WINDOWS\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding

Error: (11/14/2018 01:05:49 AM) (Source: DCOM) (EventID: 10001) (User: DESKTOP-QOV3LPL)
Description: No se puede iniciar un servidor DCOM: {9AA46009-3CE0-458A-A354-715610A075E6} como No disponible/No disponible. Error 
"5"
al iniciar este comando:
C:\WINDOWS\System32\rundll32.exe C:\WINDOWS\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding

Error: (11/14/2018 01:02:41 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-QOV3LPL)
Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 y APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 al usuario DESKTOP-QOV3LPL\Usuario con SID (S-1-5-21-3172669990-3237348719-737654103-1001) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.

Error: (11/14/2018 12:54:57 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-QOV3LPL)
Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 y APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 al usuario DESKTOP-QOV3LPL\Usuario con SID (S-1-5-21-3172669990-3237348719-737654103-1001) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.

Error: (11/13/2018 11:02:36 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-QOV3LPL)
Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 y APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 al usuario DESKTOP-QOV3LPL\Usuario con SID (S-1-5-21-3172669990-3237348719-737654103-1001) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.


CodeIntegrity:
===================================

Date: 2018-10-02 15:52:24.789
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\FlightSettings.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-10-02 15:52:24.777
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\FlightSettings.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-10-02 15:52:24.719
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\FlightSettings.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-10-02 15:52:24.705
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\FlightSettings.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-10-02 15:52:24.637
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\dsreg.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-10-02 15:52:24.622
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\dsreg.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-10-02 15:52:20.570
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\aepic.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-10-02 15:52:20.397
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\aepic.dll because the set of per-page image hashes could not be found on the system.

==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i5-6400 CPU @ 2.70GHz
Percentage of memory in use: 49%
Total physical RAM: 8112.65 MB
Available physical RAM: 4104.89 MB
Total Virtual: 9392.65 MB
Available Virtual: 4432.44 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:930.56 GB) (Free:321.15 GB) NTFS

\\?\Volume{6483a14c-0000-0000-0000-100000000000}\ (Reservado para el sistema) (Fixed) (Total:0.49 GB) (Free:0.45 GB) NTFS
\\?\Volume{6483a14c-0000-0000-0000-f0c2e8000000}\ () (Fixed) (Total:0.46 GB) (Free:0.07 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 6483A14C)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=930.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=476 MB) - (Type=27)

==================== End of Addition.txt ============================

#8

Hola

Ya puedes perdonar, se me pasó este tema :disappointed_relieved:, si en un par de días no respondo, me puedes mandar un mensaje para avisarme :+1:

:arrow_forward: MUY Importante :arrow_backward: Realiza una copia de seguridad del registro :

  • Para hacerlo descarga :arrow_forward: DelFix.exe( en tu escritorio).

  • Doble clic para ejecutarlo.(Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona -Ejecutar como Administrador-).

  • Atención, ahora marca/selecciona únicamente la casilla "Create registry backup", las demás NO.

  • Pulsar en Run.

Se abrirá el informe (DelFix.txt), guárdalo por si fuera necesario y cierra la herramienta.

:warning: Con los demás programas cerrados ve a :arrow_forward: Inicio :arrow_forward: Ejecutar :arrow_forward: y escribe Notepad.exe.

  • Ahora debes copiar y pegar los códigos/líneas que están en el interior del recuadro de más abajo, dentro del Notepad.
START
CREATERESTOREPOINT:
CLOSEPROCESSES:

HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKU\S-1-5-21-3172669990-3237348719-737654103-1001\...\Run: [e036c8a7] => C:\ProgramData\e036c8a7\e036c8a7.exe [0 ] (AutoIt Team)
HKU\S-1-5-21-3172669990-3237348719-737654103-1001\...\Run: [e036c8a72] => C:\ProgramData\gciQPwd\e036c8a7.exe [937776 2018-11-14] (AutoIt Team)
Startup: C:\Users\Usuario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\7e036c8a7ef5f606be37219963a0e6f5.lnk [2018-11-13]
ShortcutTarget: 7e036c8a7ef5f606be37219963a0e6f5.lnk -> C:\DESKTOP-QOV3LPL\fjxiirthfi.exe (AutoIt Team)
CHR Extension: (Chrome Media Router) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-10-18]
2018-11-14 01:08 - 2018-11-14 01:08 - 000000000 ____D C:\ProgramData\uwSGafj
2018-11-13 20:57 - 2018-11-13 20:57 - 000000000 ___HD C:\ProgramData\e036c8a7
2018-11-14 01:05 - 2018-04-08 13:58 - 000000000 ____D C:\Users\Usuario\AppData\Roaming\1a88b58f5bcc7b94b78391a9229a0488
ContextMenuHandlers1: [cm_64bit] -> {69E19770-EA24-49e2-B997-405EDBEF4C05} =>  -> No File
ContextMenuHandlers2: [cm_64bit] -> {69E19770-EA24-49e2-B997-405EDBEF4C05} =>  -> No File
ContextMenuHandlers4: [cm_64bit] -> {69E19770-EA24-49e2-B997-405EDBEF4C05} =>  -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} =>  -> No File
Task: {A0E25C55-8929-410C-BB81-BAD25B0EB4B1} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
AlternateDataStreams: C:\Users\Public\AppData:CSM [480]

HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
END

Guárdalo bajo el nombre de FIXLIST.TXT en el escritorio :arrow_backward: Esto es muy importante.

:o: Nota :o: Es importante que la herramienta FRST.exe (Farbar Recovery Scanner Tool) y FIXLIST.TXT se encuentren en la misma ubicación (escritorio) o si no, no trabajara.


  • Ejecuta FRST.exe.(Si usas Windows Vista/7/8 o 10, presiona clic derecho y seleccionas -Ejecutar como Administrador-).
  • Presionar el botón FIX y aguardar a que termine.
  • La Herramienta guardara el reporte de reparación en el escritorio (FIXLOG.TXT).

Pega el contenido de este fichero en tu próxima respuesta.

Reiniciar el equipo y comprobar su funcionamiento en relación al problema planteado y comentarlo.

Un saludo


#9

Hola, gracias por responder :grinning: Antes de hacer los pasos que me has dado, tengo que decirte que pensé que andabas ocupada y busque alguna otra opción para intentar quitar estos virus. He echo un reinicio del sistema en modo seguro(creo que asi se llama) y al volver a analizar el sistema con Malwarebytes no me detecto ningún virus, aunque sigo teniéndolos en la pestaña de cuarentena. Dicho esto aqui tienes lo que me pediste:

Fix result of Farbar Recovery Scan Tool (x64) Version: 21.11.2018
Ran by Usuario (23-11-2018 03:04:25) Run:1
Running from C:\Users\Usuario\Desktop
Loaded Profiles: Usuario (Available Profiles: Usuario)
Boot Mode: Normal

No estoy seguro de si lo hice bien, aunque estoy seguro de que los pasos los seguí como decías, ya que me salio una pantalla azul y me ponía que estaba reparando un problema o algo así. Coméntame si hice algo mal, gracias.


#10

Hola

Pon el reporte de FRST completo y vemos si a eliminado todo lo del script.

Lo que está en cuarentena de Malwarebytes ya no puede afectar a tu equipo, puedes también eliminar la cuarentena.

Un saludo


#11

Lo que te pase es todo el contenido que venia en Fixlog.txt. Hize algo mal y por eso no esta completo?


#12

Hola

Si, algo mal se debió hacer, vuelve a realizar los pasos de nuevo, lee atentamente las indicaciones.

Un saludo