Problema Trojan.BitCoinMiner.COMSPECRST

Hola, hace unos días mi equipo tenía un proceso que ocupaba el 90-98% de CPU y no me dejaba hacer practicamente nada. Siguiendo sus recomendaciones instalé MalwareBytes e hice un análisis completo que adjunto aquí, espero puedan ayudarme. Gracias!!

Malwarebytes
www.malwarebytes.com

-Detalles del registro-
Fecha del análisis: 27/4/20
Hora del análisis: 15:19
Archivo de registro: c1feb670-8272-11ea-a267-201a0624df4b.json

-Información del software-
Versión: 4.1.0.56
Versión de los componentes: 1.0.875
Versión del paquete de actualización: 1.0.22664
Licencia: Prueba

-Información del sistema-
SO: Windows 10 (Build 18362.778)
CPU: x64
Sistema de archivos: NTFS
Usuario: DESKTOP

-Resumen del análisis-
Tipo de análisis: Análisis de amenazas
Análisis iniciado por:: Manual
Resultado: Completado
Objetos analizados: 387958
Amenazas detectadas: 6
Amenazas en cuarentena: 0
Tiempo transcurrido: 32 min, 37 seg

-Opciones de análisis-
Memoria: Activado
Inicio: Activado
Sistema de archivos: Activado
Archivo: Activado
Rootkits: Activado
Heurística: Activado
PUP: Advertencia
PUM: Advertencia

-Detalles del análisis-
Proceso: 0
(No hay elementos maliciosos detectados)

Módulo: 0
(No hay elementos maliciosos detectados)

Clave del registro: 3
Trojan.BitCoinMiner.COMSPECRST, HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\CreateExplorerShellUnelevatedTask, Sin acciones por parte del usuario, 4028, -1, 0.0.0, , action, 
Trojan.BitCoinMiner.COMSPECRST, HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{36B193E8-09E0-495E-BF03-B1743D1D473A}, Sin acciones por parte del usuario, 4028, -1, 0.0.0, , action, 
Trojan.BitCoinMiner.COMSPECRST, HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{36B193E8-09E0-495E-BF03-B1743D1D473A}, Sin acciones por parte del usuario, 4028, -1, 0.0.0, , action, 

Valor del registro: 2
Trojan.BitCoinMiner.COMSPECRST, HKU\S-1-5-21-1198290506-3008176589-532644284-1006\SOFTWARE\MICROSOFT\COMMAND PROCESSOR|AUTORUN, Sin acciones por parte del usuario, 4028, 756074, 1.0.22664, , ame, 
Trojan.BitCoinMiner.COMSPECRST, HKU\S-1-5-21-1198290506-3008176589-532644284-1006\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON|SHELL, Sin acciones por parte del usuario, 4028, -1, 0.0.0, , action, 

Datos del registro: 0
(No hay elementos maliciosos detectados)

Secuencia de datos: 0
(No hay elementos maliciosos detectados)

Carpeta: 0
(No hay elementos maliciosos detectados)

Archivo: 1
Trojan.BitCoinMiner.COMSPECRST, C:\WINDOWS\SYSTEM32\TASKS\CreateExplorerShellUnelevatedTask, Sin acciones por parte del usuario, 4028, -1, 0.0.0, , action, 

Sector físico: 0
(No hay elementos maliciosos detectados)

WMI: 0
(No hay elementos maliciosos detectados)


(end)

Hola @tem4 y Bienvenido al Foro…!!

En el informe aparece como que [u]“Sin acciones por parte del usuario”[/u] debes eliminar lo encontrado por Malwarebytes, realmente NO lo hiciste…??

Nos comentas.

Saludos.

Hola @JavierHF, gracias por la bienvenida. No, no hice nada, ya que leí en otros post que siempre pedían ese registro primero.

Saludos

Bien… pues SI NO hiciste nada, ahora para revisar tu máquina, sigue estos pasos, en el orden indicado y leyendo todo lo explicado. :+1:

:one: Desactiva temporalmente el Antivirus :arrow_forward: Cómo deshabilitar temporalmente su Antivirus, mientras estemos realizando TODOS los pasos.

Vamos a descargar en TU ESCRITORIO(y NO en otro lugar :face_with_monocle:) todas las herramientas que vamos a utilizar en este procedimiento (pero no las ejecutes todavía) :


:two: Ejecutas las herramientas de una en una y en el orden indicado :



CCleaner.-

  • Instalas y Ejecutas CCleaner siguiendo los pasos indicados en el manual.

  • Úsalo primero en su opción de Limpiador para borrar cookies, temporales de Internet y todos los archivos que te muestre como obsoletos.

  • Después usa su opción de Registro para limpiar todo el registro de Windows(haciendo copia de seguridad).

Malwarebytes.-

  • Instalas y Ejecutas MBAM siguiendo los pasos indicados en el manual.

  • Realiza un Análisis Personalizado. :white_check_mark:

  • Seleccionando TODOS a Cuarentena para enviarlo a la cuarentena y Reinicias el sistema.

  • En el apartado del programa :arrow_forward: Historial de detecciones :arrow_backward: encontrarás el informe de MBAM, que debes copiar y pegar en tu próxima respuesta, para poder analizarlo.

AdwCleaner.-

  • Ejecuta Adwcleaner.exe.

  • Pulsamos en el botón Analizar ahora, y espera a que se realice el proceso, inmediatamente pulsa siempre sobre el botón Iniciar Reparación.

  • Espera a que se complete y sigue las instrucciones, si te pidiera Reiniciar el sistema Aceptas.

  • El log/informe lo encontramos en la pestaña “Informes”, volviendo a abrir el programa si fuese necesario, para poder copiarlo y pegarlo en tu próxima respuesta.

  • El informe también se puede encontrar en C:\AdwCleaner\Logs\AdwCleaner[C00].txt

Junkware Removal Tool.-

  • Ejecuta JRT.exe.

  • Y pulsar cualquier tecla para continuar, esperar pacientemente a que termine el proceso.

  • Si en algún momento te pide Reiniciar hazlo.

  • Al finalizar, un registro/informe (JRT.txt) se guardara en el escritorio y se abrirá automáticamente.

  • Copia y pega el contenido de JRT.txt en tu próxima respuesta.

Farbar Recovery Scan Tool.-

  • Ejecuta FRST.exe.

  • En el mensaje de la ventana del Disclaimer/Responsabilidad, pulsamos Sí/Yes

  • En la ventana principal pulsamos en el botón Analizar/Scan y esperamos a que concluya el proceso.

  • Se abrirán dos(2) archivos(Logs), Frst.txt y Addition.txt, estos quedaran grabados en el escritorio.

:three: Poner los informes en tu próxima respuesta de :

  • Malwarebytes, AdwCleaner, JRT, FRST + Addition.txt, y en ese orden. :+1:

Debes copiarlos y pegarlos con todo su contenido y usaras varios mensajes si recibes un mensaje de error indicando que es muy largo(más de 64.000 caracteres aprox.).

Y nos cuentas como funciona tu equipo en relación al problema planteado. :face_with_monocle:

Saludos.

Gracias por tu respuesta!, adjunto los reportes en orden:

Malwarebytes:

Malwarebytes


-Detalles del registro-
Fecha del análisis: 27/4/20
Hora del análisis: 12:35
Archivo de registro: 2145a4b2-88a5-11ea-8575-201a0624df4b.json

-Información del software-
Versión: 4.1.0.56
Versión de los componentes: 1.0.875
Versión del paquete de actualización: 1.0.23034
Licencia: Prueba

-Información del sistema-
SO: Windows 10 (Build 18362.778)
CPU: x64
Sistema de archivos: NTFS
Usuario: DESKTOP\Not

-Resumen del análisis-
Tipo de análisis: Análisis de amenazas
Análisis iniciado por:: Manual
Resultado: Completado
Objetos analizados: 387707
Amenazas detectadas: 0
Amenazas en cuarentena: 0
Tiempo transcurrido: 33 min, 23 seg

-Opciones de análisis-
Memoria: Activado
Inicio: Activado
Sistema de archivos: Activado
Archivo: Activado
Rootkits: Activado
Heurística: Activado
PUP: Advertencia
PUM: Advertencia

-Detalles del análisis-
Proceso: 0
(No hay elementos maliciosos detectados)

Módulo: 0
(No hay elementos maliciosos detectados)

Clave del registro: 0
(No hay elementos maliciosos detectados)

Valor del registro: 0
(No hay elementos maliciosos detectados)

Datos del registro: 0
(No hay elementos maliciosos detectados)

Secuencia de datos: 0
(No hay elementos maliciosos detectados)

Carpeta: 0
(No hay elementos maliciosos detectados)

Archivo: 0
(No hay elementos maliciosos detectados)

Sector físico: 0
(No hay elementos maliciosos detectados)

WMI: 0
(No hay elementos maliciosos detectados)


(end)

AdwCleaner:

# -------------------------------
# Malwarebytes AdwCleaner 8.0.4.0
# -------------------------------
# Build:    04-03-2020
# Database: 2020-04-03.1 (Local)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start:    04-27-2020
# Duration: 00:00:02
# OS:       Windows 10 Pro
# Cleaned:  2
# Failed:   2


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

Deleted       Preinstalled.HPSupportAssistant   Folder   C:\ProgramData\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK
Deleted       Preinstalled.HPUsageTrackingLEDM   Registry   HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|HPUsageTrackingLEDM
Not Deleted   Preinstalled.HPSupportAssistant   Folder   C:\Program Files (x86)\HEWLETT-PACKARD\HP SUPPORT SOLUTIONS
Not Deleted   Preinstalled.HPUsageTrackingLEDM   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Run|HPUsageTrackingLEDM


AdwCleaner[S03].txt - [2190 octets] - [27/04/2020 13:13:27]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C03].txt ##########

(Tuve que dividir en varios post)

JRT:

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.4 (07.09.2017)
Operating System: Windows 10 Enterprise x64 
Ran by Not (Administrator) on 27/04/2020 at 13:30:56,16
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 1 

Successfully deleted: C:\Users\Note3\AppData\Roaming\Mozilla\Firefox\Profiles\r2r42679.default\extensions\staged (Folder) 

Deleted the following from C:\Users\Note3\AppData\Roaming\Mozilla\Firefox\Profiles\r2r42679.default\prefs.js
user_pref(extensions.hxxprequester.history, [{\timeStamp\:1491190525483,\requestTransaction\:{\hxxpMethod\:\POST\,\url\:\hxxp://www.portaldisc.com/single_proc.ph



Registry: 0 





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 27/04/2020 at 13:47:50,83
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

FRST:

Resultado del análisis realizado por Farbar Recovery Scan Tool (FRST) (x64) Versión: 19-04-2020
Ejecutado por Not (administrador) sobre DESKTOP (27-04-2020 13:52:54)
Ejecutado desde C:\Users\Not\Desktop
Perfiles cargados: Not (Perfiles disponibles: Not & Administrador)
Platform: Windows 10 Pro Versión 1903 18362.778 (X64) Idioma: Español (España, internacional)
Navegador predeterminado: FF
Modo de Inicio: Normal
Tutorial para Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Procesos (Lista blanca) =================

(Si una entrada es incluida en el fixlist, el proceso será cerrado. El archivo no será movido.)

() [Archivo no firmado] C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\capiws.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Adobe Systems Incorporated -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Arvato Digital Services Canada Inc -> arvato digital services llc) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Arvato Digital Services Canada Inc -> arvato digital services llc) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswEngSrv.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\wsc_proxy.exe
(Conexant Systems, Inc. -> Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(Conexant Systems, Inc. -> Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(Hewlett-Packard Company -> Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Hewlett-Packard Company -> HP) C:\Windows\System32\HPSIsvc.exe
(Huawei Technologies Co., Ltd. -> ) [Archivo no firmado] C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
(Huawei Technologies Co.,Ltd. -> ) C:\Program Files (x86)\MobileBrServ\mbbService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(LogMeIn, Inc. -> LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe
(LogMeIn, Inc. -> LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\System32\WirelessKB850NotificationService.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S60RPB.EXE
(SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION) C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe
(SEIKO EPSON CORPORATION) [Archivo no firmado] C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSvc.exe
(Sublime HQ Pty Ltd -> ) C:\Program Files\Sublime Text 3\plugin_host.exe
(Sublime HQ Pty Ltd -> Sublime HQ Pty Ltd) C:\Program Files\Sublime Text 3\sublime_text.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Wacom Technology Corp. -> Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\WTabletServiceCon.exe

==================== Registro (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.)

HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [935104 2014-11-25] (Conexant Systems, Inc. -> Conexant Systems, Inc.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2397120 2016-06-14] (NVIDIA Corporation -> NVIDIA Corporation)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176440 2017-01-19] (Apple Inc. -> Apple Inc.)
HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Run: [Greenshot] => C:\Program Files\Greenshot\Greenshot.exe [527792 2017-08-09] (Open Source Developer, Robin Krom -> Greenshot)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-10] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3022416 2020-03-04] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [MouseDriver] => C:\Windows\system32\TiltWheelMouse.exe [241152 2012-12-19] (Microsoft Windows Hardware Compatibility Publisher -> Pixart Imaging Inc)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3242696 2015-10-07] (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [6287872 2020-04-14] (Dropbox, Inc -> Dropbox, Inc.)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [979328 2010-10-12] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [HPUsageTrackingLEDM] => "C:\Program Files (x86)\HP\HP UT LEDM\bin\hppusg.exe" "C:\Program Files (x86)\HP\HP UT LEDM\"
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-09-22] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2410968 2018-09-13] (Adobe Systems Incorporated -> Adobe Inc.)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5890504 2019-04-02] (LogMeIn, Inc. -> LogMeIn Inc.)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1313408 2017-07-05] (Canon Inc. -> CANON INC.)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restricción <==== ATENCIÓN
HKU\S-1-5-21-1198290506-3008176589-532644284-1006\...\Run: [Combin] => C:\Program Files (x86)\Open Media LLC\combin\combin.exe [17001144 2020-02-19] (Open Media LLC -> Open Media LLC)
HKU\S-1-5-21-1198290506-3008176589-532644284-1006\...\Run: [EPLTarget\P0000000000000000] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIHLL.EXE [283232 2016-03-11] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
HKU\S-1-5-21-1198290506-3008176589-532644284-1006\...\MountPoints2: {eaeebaaa-1610-11ea-9fd7-201a0624df4b} - "D:\AutoRun.exe" 
HKLM\Software\...\AppCompatFlags\Custom\iisexpress.exe: [{9f4f4a9b-eec5-4906-92fe-d1f43ccf5c8d}.sdb] -> IIS Express Application Compatibility Database for x64
HKLM\Software\...\AppCompatFlags\Custom\iisexpress.exe: [{fdfba1f3-74ae-4255-9c10-a0f552b4610f}.sdb] -> IIS Express Application Compatibility Database for x86
HKLM\Software\...\AppCompatFlags\InstalledSDB\{9f4f4a9b-eec5-4906-92fe-d1f43ccf5c8d}: [DatabasePath] -> C:\WINDOWS\AppPatch\CustomSDB\{9f4f4a9b-eec5-4906-92fe-d1f43ccf5c8d}.sdb [2012-03-20]
HKLM\Software\...\AppCompatFlags\InstalledSDB\{fdfba1f3-74ae-4255-9c10-a0f552b4610f}: [DatabasePath] -> C:\WINDOWS\AppPatch\CustomSDB\{fdfba1f3-74ae-4255-9c10-a0f552b4610f}.sdb [2012-03-20]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.122\Installer\chrmstp.exe [2020-04-25] (Google LLC -> Google LLC)
IFEO\SppExtComObj.exe: [Debugger] C:\WINDOWS\SECOH-QAD.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\OpenVPN Connect.lnk [2019-07-22]
ShortcutTarget: OpenVPN Connect.lnk -> C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\ovpntray.exe () [Archivo no firmado]
BootExecute: autocheck autochk * PCloudBroom64.exe \systemroot\system32\BroomData.bit
GroupPolicy: Restricción ? <==== ATENCIÓN
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restricción <==== ATENCIÓN
CHR HKLM\SOFTWARE\Policies\Google: Restricción <==== ATENCIÓN

==================== Tareas programadas (Lista blanca) ============

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

Task: {013CBCB3-533B-406B-BA61-D7A3941B5A18} - System32\Tasks\SessionAgent => C:\windows\ics32.exe
Task: {0830FA47-CBC8-487D-B573-20D9221A02AF} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1198290506-3008176589-532644284-1001UA => C:\Users\Note\AppData\Local\Google\Update\GoogleUpdate.exe
Task: {0CF7034B-7465-4397-BE6C-082734F5B842} - System32\Tasks\npcapwatchdog => C:\Program Files\Npcap\CheckStatus.bat [862 2019-04-30] () [Archivo no firmado]
Task: {1907915E-61D2-4B02-817E-FDDF06FA95E0} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2016-03-16] (Google Inc -> Google Inc.)
Task: {32A518E6-A6EC-4C89-B0EA-AC680D9F3E6E} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-02-28] (Dropbox, Inc -> Dropbox, Inc.)
Task: {3D1D47DB-7604-44C0-9DE9-91E40979C73B} - System32\Tasks\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [3325032 2020-04-19] (Avast Software s.r.o. -> AVAST Software)
Task: {46144FB6-EAE8-4F23-888E-6500139562DD} - System32\Tasks\Lenovo\Lenovo Service Bridge\S-1-5-21-1198290506-3008176589-532644284-1001 => "C:\WINDOWS\system32\rundll32.exe" dfshim.dll,ShOpenVerbShortcut C:\Users\Note\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo\Lenovo Service Bridge.appref-ms
Task: {49E1D5E3-EAF5-4B1C-945C-AFE69F0CA2F2} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe
Task: {5A7F4273-D3C2-4351-9184-A24E74BE832D} - System32\Tasks\AdobeAAMUpdater-1.0-DESKTOP-1KICU29-Note => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-10] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {674DB110-9437-4A08-95EC-3F57B0D709F1} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe
Task: {6C4BE3FB-E122-4393-BBE9-963406606F33} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [651400 2017-09-20] (Hewlett Packard -> HP Inc.)
Task: {77E58A5A-D2F7-4626-AFA4-1BC3B06667F7} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [107072 2016-05-09] (Hewlett-Packard Company -> Hewlett-Packard)
Task: {7C0CD73A-8523-4288-8C16-2D14DCAE2A84} - System32\Tasks\CorelUpdateHelperTaskCore => c:\Program Files (x86)\Corel\CUH\v2\CUH.exe [1656568 2018-06-21] (Corel Corporation -> Corel Corporation)
Task: {948F82C3-F5C1-4177-95A0-E8E0EBC3BCF3} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {9AD49C17-D2C9-4E70-964F-CE1660388DDA} - System32\Tasks\AutoPico Daily Restart => C:\Program Files\KMSpico\AutoPico.exe [745664 2016-01-11] (@ByELDI -> @ByELDI) [Archivo no firmado]
Task: {9B0A1455-B376-4FEC-8B90-4A5D8577E0BC} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2016-03-16] (Google Inc -> Google Inc.)
Task: {A52E020B-73CC-4C39-A849-FCED7220F21A} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1660520 2020-04-19] (Avast Software s.r.o. -> Avast Software)
Task: {A7F1029A-F630-493B-906F-BD1035857147} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [1626328 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {AFAFE83B-3FD3-429C-A3F9-8DDEA2CAC342} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_363_Plugin.exe [1458232 2020-04-15] (Adobe Inc. -> Adobe)
Task: {BCFD9215-694D-4BFA-BA93-D1A9DEE01A39} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-04-15] (Adobe Inc. -> Adobe)
Task: {C71C4A03-61B4-404B-8178-B211144B198A} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [18227896 2020-03-19] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {CD694370-A78C-4616-BDDD-356137704905} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3022416 2020-03-04] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {D208AF18-7CAD-4E1E-962F-B408532781BB} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {D500799C-D2E0-4704-8678-29E8C8643DFF} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2020-03-19] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {DD2CBD08-34BF-4E8F-B1CE-5709D9D1F184} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [127176 2020-04-26] (Mozilla Corporation -> Mozilla Foundation)
Task: {DF0FD42A-6D50-4403-ACAD-4ABE51CA714A} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-02-28] (Dropbox, Inc -> Dropbox, Inc.)
Task: {E7AB0794-C609-48FD-9894-42B4B0E65A3F} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => C:\Program Files (x86)\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe
Task: {F3F1B6E3-4059-475C-A938-DE997E5EFCA2} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1198290506-3008176589-532644284-1001Core => C:\Users\Note\AppData\Local\Google\Update\GoogleUpdate.exe

(Si una entrada es incluida en el fixlist, el archivo de tarea (.job) será movido. El archivo que está siendo ejecutado por la tarea no será movido.)

Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

==================== Internet (Lista blanca) ====================

(Si un elemento es incluido en el fixlist, y éste pertenece al registro, será eliminado o restaurado a su valor predeterminado.)

ProxyServer: [S-1-5-21-1198290506-3008176589-532644284-1006] => 142.93.121.59:8080
Hosts: Hay más de una entrada en Hosts. Consulte la sección Hosts de Addition.txt
Tcpip\Parameters: [DhcpNameServer] 200.28.0.129 200.28.4.129
Tcpip\..\Interfaces\{30540a4a-84a7-4785-8dc7-af603af286ea}: [DhcpNameServer] 192.168.8.1 192.168.8.1
Tcpip\..\Interfaces\{33d6b28e-0768-45c1-af8c-3abd391daec1}: [DhcpNameServer] 200.28.0.129 200.28.4.129
Tcpip\..\Interfaces\{66b1c4c2-5de1-44ab-b41d-c2090670bbaa}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{b91f51ff-5b4e-4c9d-9cbf-d211971aae0c}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{c809cdfc-dc27-49fe-a2ec-320e94380a39}: [DhcpNameServer] 192.168.42.129

Internet Explorer:
==================
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2019-07-18] (Microsoft Corporation -> Microsoft Corporation)
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (Canon Inc. -> CANON INC.)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_111\bin\ssv.dll [2016-12-10] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-12-10] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: E-Web Print -> {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} -> C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (Canon Inc. -> CANON INC.)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2018-07-18] (Microsoft Corporation -> Microsoft Corporation)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (Canon Inc. -> CANON INC.)
Toolbar: HKLM-x32 - E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (Canon Inc. -> CANON INC.)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2017-08-15] (Microsoft Corporation -> Microsoft Corporation)

FireFox:
========
FF DefaultProfile: r2r42679.default
FF ProfilePath: C:\Users\Not\AppData\Roaming\Mozilla\Firefox\Profiles\r2r42679.default [2020-04-27]
FF NetworkProxy: Mozilla\Firefox\Profiles\r2r42679.default -> backup.ftp", "hxxp://127.0.0.1"
FF Notifications: Mozilla\Firefox\Profiles\r2r42679.default -> hxxps://web.whatsapp.com; hxxp://ui.pogobot.club; hxxps://www.youtube.com; hxxps://www.wunderlist.com
FF Extension: (Grammarly for Firefox) - C:\Users\Not\AppData\Roaming\Mozilla\Firefox\Profiles\r2r42679.default\Extensions\[email protected] [2019-12-28]
FF Extension: (ADB Helper) - C:\Users\Not\AppData\Roaming\Mozilla\Firefox\Profiles\r2r42679.default\Extensions\[email protected] [2018-08-08] [Heredado]
FF Extension: (Spanish (Spain) Dictionary) - C:\Users\Not\AppData\Roaming\Mozilla\Firefox\Profiles\r2r42679.default\Extensions\[email protected] [2019-02-05]
FF Extension: (OneTab) - C:\Users\Not\AppData\Roaming\Mozilla\Firefox\Profiles\r2r42679.default\Extensions\[email protected] [2019-09-09]
FF Extension: (Live HTTP headers (clone)) - C:\Users\Not\AppData\Roaming\Mozilla\Firefox\Profiles\r2r42679.default\Extensions\[email protected] [2017-01-06] [Heredado]
FF Extension: (Strava, export gpx track) - C:\Users\Not\AppData\Roaming\Mozilla\Firefox\Profiles\r2r42679.default\Extensions\[email protected] [2019-10-04]
FF Extension: (uBlock Origin) - C:\Users\Not\AppData\Roaming\Mozilla\Firefox\Profiles\r2r42679.default\Extensions\[email protected] [2020-04-25]
FF Extension: (Lyrics Here by Rob W) - C:\Users\Not\AppData\Roaming\Mozilla\Firefox\Profiles\r2r42679.default\Extensions\[email protected] [2018-10-22]
FF Extension: (Northern Lights Multi Color) - C:\Users\Not\AppData\Roaming\Mozilla\Firefox\Profiles\r2r42679.default\Extensions\{32f99c2a-f057-4757-ae5c-4962e665bf6c}.xpi [2019-05-14]
FF Extension: (Cookie Editor) - C:\Users\Not\AppData\Roaming\Mozilla\Firefox\Profiles\r2r42679.default\Extensions\{48df221a-8316-4d17-9191-7fc5ea5f14c0}.xpi [2019-03-22]
FF Extension: (HTTP request Maker) - C:\Users\Not\AppData\Roaming\Mozilla\Firefox\Profiles\r2r42679.default\Extensions\{72945602-809d-47eb-a0bd-208a7c2078b1}.xpi [2019-07-18]
FF Extension: (Tamper Data) - C:\Users\Not\AppData\Roaming\Mozilla\Firefox\Profiles\r2r42679.default\Extensions\{9c51bd27-6ed8-4000-a2bf-36cb95c0c947}.xpi [2016-04-27] [Heredado]
FF Extension: (HTTP Header Live) - C:\Users\Not\AppData\Roaming\Mozilla\Firefox\Profiles\r2r42679.default\Extensions\{ed102056-8b4f-43a9-99cd-6d1b25abe87e}.xpi [2019-08-20]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension
FF Extension: (SmartPrintButton) - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension [2011-01-26] [Heredado] [no firmado]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on
FF Extension: (E-Web Print) - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on [2016-12-12] [Heredado] [no firmado]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_363.dll [2020-04-15] (Adobe Inc. -> )
FF Plugin: @java.com/DTPlugin,version=11.111.2 -> C:\Program Files\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll [2016-12-10] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2016-12-10] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.0-git -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-12-28] (VideoLAN) [Archivo no firmado]
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom) [Archivo no firmado]
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2018-09-13] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom) [Archivo no firmado]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_363.dll [2020-04-15] (Adobe Inc. -> )
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [Ningún archivo]
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [Ningún archivo]
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2020-04-09] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2020-04-09] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2020-04-09] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2020-04-09] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2017-09-12] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.2.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-04-26] (VideoLAN -> VideoLAN)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom) [Archivo no firmado]
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2018-09-13] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: wacom.com/WacomTabletPlugin -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom) [Archivo no firmado]
FF Plugin-x32: www.sii.cl/CSignedXmlAutII -> C:\Program Files (x86)\Firma Electronica SII\npCSignedXmlAutII.dll [2016-01-20] (Servicio de Impuestos Internos -> Servicio de Impuestos Internos) [Archivo no firmado]
FF Plugin ProgramFiles/Appdata: C:\Users\Not\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2019-03-14]
FF Plugin ProgramFiles/Appdata: C:\Users\Not\AppData\Roaming\mozilla\plugins\npo1d.dll [2019-03-14]

Chrome: 
=======
CHR Profile: C:\Users\Not\AppData\Local\Google\Chrome\User Data\Default [2020-04-26]
CHR Extension: (Presentaciones) - C:\Users\Not\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-03-14]
CHR Extension: (Documentos) - C:\Users\Not\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-03-14]
CHR Extension: (Google Drive) - C:\Users\Not\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-03-14]
CHR Extension: (YouTube) - C:\Users\Not\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-03-14]
CHR Extension: (Live HTTP Headers) - C:\Users\Not\AppData\Local\Google\Chrome\User Data\Default\Extensions\eaiimeeggnhceafhencnejheejddlcpa [2019-03-14]
CHR Extension: (Hojas de cálculo) - C:\Users\Not\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-03-14]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\Not\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-04-26]
CHR Extension: (Advanced REST client) - C:\Users\Not\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgmloofddffdnphfgcellkdfbfbjeloo [2019-03-14]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Not\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-13]
CHR Extension: (Gmail) - C:\Users\Not\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-07-24]
CHR Extension: (Chrome Media Router) - C:\Users\Not\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-04-26]

==================== Servicios (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [818136 2018-09-13] (Adobe Systems Incorporated -> Adobe Inc.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3374160 2020-03-04] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3103824 2020-03-04] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-09-22] (Apple Inc. -> Apple Inc.)
S3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [5504928 2020-04-19] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [345384 2020-04-19] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\Avast Software\Avast\wsc_proxy.exe [58048 2020-04-19] (Avast Software s.r.o. -> AVAST Software)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-02-28] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-02-28] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [44552 2020-04-14] (Dropbox, Inc -> Dropbox, Inc.)
R2 EpsonBidirectionalService; C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe [94208 2006-12-19] (SEIKO EPSON CORPORATION) [Archivo no firmado]
R2 EPSON_PM_RPCV4_06; C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S60RPB.EXE [152640 2013-04-15] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [144072 2015-10-07] (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.)
R2 Hamachi2Svc; C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe [3361736 2019-04-02] (LogMeIn, Inc. -> LogMeIn Inc.)
S2 HP LaserJet Service; C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [136704 2009-06-24] (HP) [Archivo no firmado]
R2 HPSIService; C:\Windows\system32\HPSIsvc.exe [126880 2012-09-26] (Hewlett-Packard Company -> HP)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [28552 2016-04-26] (Hewlett-Packard Company -> Hewlett-Packard Company)
R2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [190784 2018-08-23] (Huawei Technologies Co., Ltd. -> ) [Archivo no firmado]
R2 igfxCUIService1.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [337888 2016-05-03] (Intel(R) pGFX -> Intel Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe [419248 2016-05-27] (LogMeIn, Inc. -> LogMeIn, Inc.)
S2 LxssManagerUser; C:\WINDOWS\system32\lxss\LxssManager.dll [632832 2020-02-20] (Microsoft Windows -> Microsoft Corporation)
R2 LxssManagerUser_8e53a; C:\WINDOWS\system32\svchost.exe [53744 2019-03-19] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 LxssManagerUser_8e53a; C:\WINDOWS\SysWOW64\svchost.exe [45448 2019-03-19] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6933272 2020-04-19] (Malwarebytes Inc -> Malwarebytes)
R2 Mobile Broadband HL Service; C:\Program Files (x86)\MobileBrServ\mbbservice.exe [242264 2016-03-24] (Huawei Technologies Co.,Ltd. -> )
S2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2521024 2016-06-14] (NVIDIA Corporation -> NVIDIA Corporation)
R2 OpenVPNAccessClient; C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\capiws.exe [23552 2019-02-26] () [Archivo no firmado]
R2 PSI_SVC_2; C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [277360 2014-04-30] (Arvato Digital Services Canada Inc -> arvato digital services llc)
R2 PSI_SVC_2_x64; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [337776 2014-04-30] (Arvato Digital Services Canada Inc -> arvato digital services llc)
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-02-28] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5930136 2020-04-16] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [13172752 2020-01-22] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4098056 2019-03-19] (Microsoft Corporation -> Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [113992 2019-03-19] (Microsoft Corporation -> Microsoft Corporation)
R2 WirelessKB850NotificationService; C:\WINDOWS\system32\WirelessKB850NotificationService.exe [176624 2018-05-14] (Microsoft Corporation -> Microsoft Corporation)
R2 WTabletServiceCon; C:\Program Files\Tablet\Pen\WTabletServiceCon.exe [656664 2014-08-19] (Wacom Technology Corp. -> Wacom Technology, Corp.)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem"
S3 SUService; "C:\Program Files (x86)\Lenovo\System Update\SUService.exe" [X]

===================== Controladores (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [37856 2020-04-19] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [206120 2020-04-19] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [234776 2020-04-19] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [178968 2020-04-19] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [60696 2020-04-19] (Avast Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [16304 2020-04-19] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42984 2020-04-19] (Avast Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [175920 2020-04-19] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [500960 2020-04-20] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [109480 2020-04-19] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [85056 2020-04-19] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [851808 2020-04-19] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [459408 2020-04-19] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [235696 2020-04-19] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [317280 2020-04-19] (Avast Software s.r.o. -> AVAST Software)
S3 CH341SER_A64; C:\WINDOWS\System32\Drivers\CH341S64.SYS [69016 2019-03-04] (Microsoft Windows Hardware Compatibility Publisher -> www.winchiphead.com)
R3 dc3d; C:\WINDOWS\System32\drivers\dc3d.sys [47616 2011-05-18] (Hardware Group Test Cert -> Microsoft Corporation)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [129152 2016-04-25] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [153312 2020-04-19] (Malwarebytes Corporation -> Malwarebytes)
R3 Hamachi; C:\WINDOWS\System32\drivers\Hamdrv.sys [45680 2015-11-12] (Microsoft Windows Hardware Compatibility Publisher -> LogMeIn Inc.)
S3 hidkmdf; C:\WINDOWS\System32\drivers\hidkmdf.sys [14136 2014-08-06] (Wacom Technology Corp. -> Windows (R) Win 7 DDK provider)
S3 HWHandSet; C:\WINDOWS\system32\DRIVERS\hw_quusbmdm.sys [226560 2018-08-23] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R3 L1C; C:\WINDOWS\System32\drivers\L1C63x64.sys [121344 2019-03-19] (Microsoft Windows -> Qualcomm Atheros Co., Ltd.)
R0 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [214496 2020-04-19] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [20936 2020-04-19] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [195432 2020-04-27] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [73584 2020-04-27] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248968 2020-04-27] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [124560 2020-04-27] (Malwarebytes Inc -> Malwarebytes)
S3 mvusbews; C:\WINDOWS\System32\Drivers\mvusbews.sys [20480 2012-09-26] (Microsoft Windows Hardware Compatibility Publisher -> Marvell Semiconductor, Inc.)
R3 NETwNe64; C:\WINDOWS\System32\drivers\NETwew01.sys [3343872 2019-03-19] (Microsoft Windows -> Intel Corporation)
R1 npcap; C:\WINDOWS\system32\DRIVERS\npcap.sys [69744 2019-12-17] (Insecure.Com LLC -> Insecure.Com LLC.)
S4 npcap_wifi; C:\WINDOWS\system32\DRIVERS\npcap.sys [69744 2019-12-17] (Insecure.Com LLC -> Insecure.Com LLC.)
R2 NPF; C:\WINDOWS\System32\drivers\npf.sys [36600 2013-02-28] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvltwu.inf_amd64_0221ce4ec0827f74\nvlddmkm.sys [14190520 2017-01-17] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [26560 2016-06-14] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [56384 2016-04-14] (NVIDIA Corporation -> NVIDIA Corporation)
R3 P9Rdr; C:\WINDOWS\System32\drivers\p9rdr.sys [88888 2020-02-20] (Microsoft Windows -> Microsoft Corporation)
S3 PSKMAD; C:\WINDOWS\System32\DRIVERS\PSKMAD.sys [50320 2015-01-29] (Panda Security S.L. -> Panda Security, S.L.)
R3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [422656 2016-03-09] (Realtek Semiconductor Corp -> Realsil Semiconductor Corporation)
S3 Secdrv; C:\WINDOWS\SysWOW64\drivers\SECDRV.SYS [11968 2006-07-18] () [Archivo no firmado]
S3 SliceDisk5; C:\Program Files\A-FF Find and Mount\slicedisk-x64.sys [31824 2011-02-25] (OOO Sfera-Tehno -> Atola) [Archivo no firmado]
S3 ssudobex; C:\WINDOWS\system32\DRIVERS\ssudobex.sys [203672 2013-05-02] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.(www.devguru.co.kr))
S3 ssudserd; C:\WINDOWS\system32\DRIVERS\ssudserd.sys [214832 2015-12-08] (DEVGURU CO LTD -> DEVGURU Co., LTD.(www.devguru.co.kr))
R3 tapoas; C:\WINDOWS\System32\drivers\tapoas.sys [27136 2016-04-21] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
S3 t_mouse.sys; C:\WINDOWS\system32\DRIVERS\t_mouse.sys [6144 2012-12-19] (Microsoft Windows Hardware Compatibility Publisher -> )
S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2015-11-05] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
S3 usbrndis6; C:\WINDOWS\System32\drivers\usb80236.sys [24576 2019-10-25] (Microsoft Windows -> Microsoft Corporation)
R3 VBAudioVMVAIOMME; C:\WINDOWS\System32\drivers\vbaudio_vmvaio64_win10.sys [71712 2020-04-26] (Vincent Burel -> Windows (R) Win 7 DDK provider)
R1 VBoxNetAdp; C:\WINDOWS\system32\DRIVERS\VBoxNetAdp6.sys [127456 2016-03-04] (Oracle Corporation -> Oracle Corporation)
R1 VBoxNetLwf; C:\WINDOWS\system32\DRIVERS\VBoxNetLwf.sys [205784 2016-03-04] (Oracle Corporation -> Oracle Corporation)
R0 VMSNPXY; C:\WINDOWS\System32\drivers\VmsProxyHNic.sys [39736 2020-04-16] (Microsoft Windows -> Microsoft Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [46472 2019-03-19] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [26880 2015-11-12] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [333784 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [62432 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessKeyboardFilter; C:\WINDOWS\System32\drivers\WirelessKeyboardFilter.sys [49896 2016-07-22] (Microsoft Corporation -> Microsoft Corporation)

==================== NetSvcs (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

==================== Un mes (creado) ===================

(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)

2020-04-27 13:52 - 2020-04-27 13:56 - 000042018 _____ C:\Users\Not\Desktop\FRST.txt
2020-04-27 13:19 - 2020-04-27 13:47 - 000000000 ____D C:\Users\Not\AppData\LocalLow\IGDump
2020-04-27 13:19 - 2020-04-27 13:19 - 000073584 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2020-04-27 13:18 - 2020-04-27 13:18 - 000195432 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2020-04-27 13:18 - 2020-04-27 13:18 - 000124560 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2020-04-27 13:17 - 2020-04-27 13:17 - 000248968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2020-04-27 12:32 - 2020-04-27 12:33 - 008196784 _____ (Malwarebytes) C:\Users\Not\Downloads\adwcleaner_8.0.4.exe
2020-04-27 10:48 - 2020-04-27 10:48 - 000255928 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\72725176.sys
2020-04-27 10:47 - 2020-04-27 12:13 - 000000000 ____D C:\Users\Not\Desktop\mbar
2020-04-27 10:47 - 2020-04-27 12:13 - 000000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2020-04-27 02:02 - 2020-04-27 02:02 - 000001044 _____ C:\WINDOWS\SysWOW64\BroomData.bit
2020-04-27 02:02 - 2013-04-08 15:30 - 000022752 _____ C:\WINDOWS\system32\PCloudBroom64.exe
2020-04-27 01:52 - 2020-04-27 01:52 - 000000000 ___HD C:\Users\Public\Documents\AdobeGC
2020-04-27 00:49 - 2020-04-27 01:52 - 000881038 _____ C:\WINDOWS\system32\PHOOKSmf2.TXT
2020-04-27 00:37 - 2020-04-27 02:02 - 000894054 _____ C:\WINDOWS\system32\PHOOKSmf.txt
2020-04-27 00:27 - 2020-04-27 02:02 - 000000000 ____D C:\WINDOWS\system32\DBBK
2020-04-27 00:26 - 2015-01-29 18:21 - 000050320 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\PSKMAD.sys
2020-04-27 00:25 - 2020-04-27 00:25 - 000001355 _____ C:\Users\Public\Desktop\Panda Cloud Cleaner.lnk
2020-04-27 00:25 - 2020-04-27 00:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Security
2020-04-27 00:25 - 2020-04-27 00:25 - 000000000 ____D C:\Program Files (x86)\Panda Security
2020-04-27 00:25 - 2015-09-14 13:03 - 000039672 _____ C:\WINDOWS\system32\Drivers\DasPtct.SYS
2020-04-27 00:23 - 2020-04-27 00:25 - 014178840 _____ (Malwarebytes Corp.) C:\Users\Not\Downloads\mbar-1.10.3.1001.exe
2020-04-27 00:18 - 2020-04-27 00:22 - 038186040 _____ (Panda Security ) C:\Users\Not\Downloads\PandaCloudCleaner.exe
2020-04-27 00:12 - 2020-04-27 00:12 - 000062122 _____ C:\Users\Not\Downloads\CV.odt
2020-04-26 21:58 - 2020-04-26 21:58 - 000000000 ____D C:\ProgramData\Panda Security
2020-04-26 21:57 - 2020-04-26 21:57 - 003228632 _____ (Panda Security, S.L.) C:\Users\Not\Downloads\PANDAFREEAV.exe
2020-04-26 03:49 - 2020-04-26 03:49 - 000000000 ____D C:\Users\Not\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VB Audio
2020-04-26 03:49 - 2020-04-26 03:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VB Audio
2020-04-26 03:48 - 2020-04-26 03:48 - 000071712 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\Drivers\vbaudio_vmvaio64_win10.sys
2020-04-26 03:48 - 2020-04-26 03:48 - 000000000 ____D C:\Program Files\VB
2020-04-26 03:48 - 2020-04-26 03:48 - 000000000 ____D C:\Program Files (x86)\VB
2020-04-26 03:47 - 2020-04-26 03:47 - 011226600 _____ (VB-AUDIO Software) C:\Users\Not\Downloads\VoicemeeterSetup.exe
2020-04-20 22:21 - 2020-04-20 22:21 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2020-04-20 02:45 - 2020-04-20 02:45 - 000000000 ____D C:\Users\Not\AppData\LocalLow\United Soft Media Verlag GmbH
2020-04-19 21:37 - 2020-04-20 18:09 - 000000000 ____D C:\Users\Not\AppData\Local\ESET
2020-04-19 21:37 - 2020-04-19 21:37 - 000000749 _____ C:\Users\Not\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk
2020-04-19 21:36 - 2020-04-19 21:37 - 014566496 _____ (ESET spol. s r.o.) C:\Users\Not\Downloads\esetonlinescanner.exe
2020-04-19 21:19 - 2020-04-19 21:19 - 000000000 ___HD C:\$AV_ASW
2020-04-19 19:40 - 2020-04-27 13:55 - 000000000 ____D C:\FRST
2020-04-19 19:39 - 2020-04-19 19:39 - 002281984 _____ (Farbar) C:\Users\Not\Desktop\FRST64.exe
2020-04-19 19:36 - 2020-04-19 19:36 - 006546576 _____ (techPowerUp (www.techpowerup.com)) C:\Users\Not\Downloads\GPU-Z.2.22.0.exe
2020-04-19 19:02 - 2020-04-27 12:32 - 001790024 _____ (Malwarebytes) C:\Users\Not\Downloads\JRT.exe
2020-04-19 17:20 - 2020-04-19 17:21 - 000881554 _____ C:\Users\Not\Documents\Ccleaner registro backup_20200419_172025.reg
2020-04-19 16:59 - 2020-04-19 16:59 - 000000000 ____D C:\Users\Not\AppData\Roaming\Avast Software
2020-04-19 16:52 - 2020-04-19 16:52 - 000002088 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Free Antivirus.lnk
2020-04-19 16:48 - 2020-04-19 16:48 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2020-04-19 16:47 - 2020-04-27 13:34 - 000004264 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2020-04-19 16:46 - 2020-04-20 18:19 - 000500960 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetHub.sys
2020-04-19 16:46 - 2020-04-19 16:48 - 000459408 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2020-04-19 16:46 - 2020-04-19 16:46 - 000851808 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2020-04-19 16:46 - 2020-04-19 16:46 - 000337048 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2020-04-19 16:46 - 2020-04-19 16:46 - 000317280 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2020-04-19 16:46 - 2020-04-19 16:46 - 000235696 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2020-04-19 16:46 - 2020-04-19 16:46 - 000234776 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2020-04-19 16:46 - 2020-04-19 16:46 - 000206120 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2020-04-19 16:46 - 2020-04-19 16:46 - 000178968 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2020-04-19 16:46 - 2020-04-19 16:46 - 000175920 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2020-04-19 16:46 - 2020-04-19 16:46 - 000109480 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2020-04-19 16:46 - 2020-04-19 16:46 - 000085056 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2020-04-19 16:46 - 2020-04-19 16:46 - 000060696 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2020-04-19 16:46 - 2020-04-19 16:46 - 000042984 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2020-04-19 16:46 - 2020-04-19 16:46 - 000037856 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2020-04-19 16:46 - 2020-04-19 16:46 - 000016304 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswElam.sys
2020-04-19 16:46 - 2020-04-19 16:46 - 000000000 ____D C:\Program Files\Common Files\Avast Software
2020-04-19 16:45 - 2020-04-19 16:45 - 000000000 ____D C:\Program Files\Avast Software
2020-04-19 16:44 - 2020-04-19 16:46 - 000000000 ____D C:\ProgramData\Avast Software
2020-04-19 16:44 - 2020-04-19 16:44 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2020-04-19 16:39 - 2020-04-19 16:40 - 022267336 _____ (Piriform Software Ltd) C:\Users\Not\Downloads\ccsetup565.exe
2020-04-19 16:00 - 2020-04-19 16:41 - 000214496 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2020-04-19 15:14 - 2020-04-19 15:14 - 001928352 _____ (Malwarebytes) C:\Users\Not\Downloads\MBSetup-0009996.0009996-consumer.exe
2020-04-18 22:47 - 2020-04-18 22:47 - 000000000 ____D C:\Users\Public\Knoll Software
2020-04-18 21:49 - 2020-04-18 21:49 - 007378835 _____ C:\Users\Not\Downloads\PES 2019 OF PTE 3.1 #11-04-2020.rar
2020-04-18 14:48 - 2020-04-18 14:48 - 000000000 ____D C:\Users\Not\Documents\CPY_SAVES
2020-04-18 14:40 - 2020-04-18 14:40 - 000000526 _____ C:\Users\Not\AppData\Roaming\Microsoft\Windows\Start Menu\Pro Evolution Soccer 2019.lnk
2020-04-18 11:59 - 2020-04-18 13:46 - 000000000 ____D C:\Users\Not\Desktop\Herramienas
2020-04-18 11:58 - 2020-04-18 11:58 - 000000000 ____D C:\Users\Not\Desktop\Mane
2020-04-18 00:56 - 2020-04-18 00:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2020-04-18 00:55 - 2020-04-18 00:55 - 001573568 _____ C:\Users\Not\Downloads\SteamSetup.exe
2020-04-17 18:42 - 2020-04-17 18:43 - 032230644 _____ C:\Users\Not\Downloads\craftbukkit-1.15.2.jar
2020-04-17 16:19 - 2020-04-17 16:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2020-04-16 17:21 - 2020-04-16 17:21 - 025444352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2020-04-16 17:21 - 2020-04-16 17:21 - 022636544 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2020-04-16 17:21 - 2020-04-16 17:21 - 019850240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2020-04-16 17:21 - 2020-04-16 17:21 - 019812864 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramWorld.dll
2020-04-16 17:21 - 2020-04-16 17:21 - 018027520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2020-04-16 17:21 - 2020-04-16 17:21 - 008013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2020-04-16 17:21 - 2020-04-16 17:21 - 007756800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2020-04-16 17:21 - 2020-04-16 17:21 - 007017472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2020-04-16 17:21 - 2020-04-16 17:21 - 005910016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2020-04-16 17:21 - 2020-04-16 17:21 - 004611584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2020-04-16 17:21 - 2020-04-16 17:21 - 004538880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2020-04-16 17:21 - 2020-04-16 17:21 - 004129624 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2020-04-16 17:21 - 2020-04-16 17:21 - 003512320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2020-04-16 17:21 - 2020-04-16 17:21 - 002951832 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2020-04-16 17:21 - 2020-04-16 17:21 - 002800640 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSAT.exe
2020-04-16 17:21 - 2020-04-16 17:21 - 002494744 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2020-04-16 17:21 - 2020-04-16 17:21 - 002399544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmswitch.sys
2020-04-16 17:21 - 2020-04-16 17:21 - 002369576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.AppAgent.dll
2020-04-16 17:21 - 2020-04-16 17:21 - 002188600 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystems64.dll
2020-04-16 17:21 - 2020-04-16 17:21 - 002180408 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2020-04-16 17:21 - 2020-04-16 17:21 - 001870408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2020-04-16 17:21 - 2020-04-16 17:21 - 001659408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft.Uev.AppAgent.dll
2020-04-16 17:21 - 2020-04-16 17:21 - 001610240 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2020-04-16 17:21 - 2020-04-16 17:21 - 001545216 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe
2020-04-16 17:21 - 2020-04-16 17:21 - 001495864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppVEntSubsystems32.dll
2020-04-16 17:21 - 2020-04-16 17:21 - 001458688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2020-04-16 17:21 - 2020-04-16 17:21 - 001413840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2020-04-16 17:21 - 2020-04-16 17:21 - 001397576 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2020-04-16 17:21 - 2020-04-16 17:21 - 001386296 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystemController.dll
2020-04-16 17:21 - 2020-04-16 17:21 - 001310720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2020-04-16 17:21 - 2020-04-16 17:21 - 001264640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe
2020-04-16 17:21 - 2020-04-16 17:21 - 001151816 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2020-04-16 17:21 - 2020-04-16 17:21 - 001077064 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2020-04-16 17:21 - 2020-04-16 17:21 - 001013000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2020-04-16 17:21 - 2020-04-16 17:21 - 001008128 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2020-04-16 17:21 - 2020-04-16 17:21 - 000983040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll
2020-04-16 17:21 - 2020-04-16 17:21 - 000836608 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2020-04-16 17:21 - 2020-04-16 17:21 - 000835584 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll
2020-04-16 17:21 - 2020-04-16 17:21 - 000783480 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2020-04-16 17:21 - 2020-04-16 17:21 - 000775696 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2020-04-16 17:21 - 2020-04-16 17:21 - 000744960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.Office2013CustomActions.dll
2020-04-16 17:21 - 2020-04-16 17:21 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2020-04-16 17:21 - 2020-04-16 17:21 - 000689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2020-04-16 17:21 - 2020-04-16 17:21 - 000686080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2020-04-16 17:21 - 2020-04-16 17:21 - 000668672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsecedit.dll
2020-04-16 17:21 - 2020-04-16 17:21 - 000555008 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2020-04-16 17:21 - 2020-04-16 17:21 - 000532480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2020-04-16 17:21 - 2020-04-16 17:21 - 000529408 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe
2020-04-16 17:21 - 2020-04-16 17:21 - 000525312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsecedit.dll
2020-04-16 17:21 - 2020-04-16 17:21 - 000514560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft.Uev.Office2013CustomActions.dll
2020-04-16 17:21 - 2020-04-16 17:21 - 000456192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appwiz.cpl
2020-04-16 17:21 - 2020-04-16 17:21 - 000452096 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpclip.exe
2020-04-16 17:21 - 2020-04-16 17:21 - 000444416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSFlacDecoder.dll
2020-04-16 17:21 - 2020-04-16 17:21 - 000420152 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAudDecMFT.dll
2020-04-16 17:21 - 2020-04-16 17:21 - 000381440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntshrui.dll
2020-04-16 17:21 - 2020-04-16 17:21 - 000380416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSFlacDecoder.dll
2020-04-16 17:21 - 2020-04-16 17:21 - 000353792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2020-04-16 17:21 - 2020-04-16 17:21 - 000341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2020-04-16 17:21 - 2020-04-16 17:21 - 000321536 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbadmin.exe
2020-04-16 17:21 - 2020-04-16 17:21 - 000241152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msltus40.dll
2020-04-16 17:21 - 2020-04-16 17:21 - 000234496 _____ (Microsoft Corporation) C:\WINDOWS\system32\iasrad.dll
2020-04-16 17:21 - 2020-04-16 17:21 - 000227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\IndexedDbLegacy.dll
2020-04-16 17:21 - 2020-04-16 17:21 - 000225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersShell.dll
2020-04-16 17:21 - 2020-04-16 17:21 - 000216888 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetMgmtIF.dll
2020-04-16 17:21 - 2020-04-16 17:21 - 000214528 _____ (Microsoft Corporation) C:\WINDOWS\system32\srumsvc.dll
2020-04-16 17:21 - 2020-04-16 17:21 - 000214016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scecli.dll
2020-04-16 17:21 - 2020-04-16 17:21 - 000211256 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcbloader.dll
2020-04-16 17:21 - 2020-04-16 17:21 - 000192824 _____ (Microsoft Corporation) C:\WINDOWS\system32\nvspinfo.exe
2020-04-16 17:21 - 2020-04-16 17:21 - 000187392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iasrad.dll
2020-04-16 17:21 - 2020-04-16 17:21 - 000179200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.XamlHost.dll
2020-04-16 17:21 - 2020-04-16 17:21 - 000178176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srumsvc.dll
2020-04-16 17:21 - 2020-04-16 17:21 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IndexedDbLegacy.dll
2020-04-16 17:21 - 2020-04-16 17:21 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2020-04-16 17:21 - 2020-04-16 17:21 - 000140088 _____ C:\WINDOWS\system32\nmscrub.exe
2020-04-16 17:21 - 2020-04-16 17:21 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
2020-04-16 17:21 - 2020-04-16 17:21 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2020-04-16 17:21 - 2020-04-16 17:21 - 000135168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.XamlHost.dll
2020-04-16 17:21 - 2020-04-16 17:21 - 000130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorageUsage.dll
2020-04-16 17:21 - 2020-04-16 17:21 - 000129336 _____ (Microsoft Corporation) C:\WINDOWS\system32\nmbind.exe
2020-04-16 17:21 - 2020-04-16 17:21 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2020-04-16 17:21 - 2020-04-16 17:21 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll
2020-04-16 17:21 - 2020-04-16 17:21 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFolders.exe
2020-04-16 17:21 - 2020-04-16 17:21 - 000093712 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2020-04-16 17:21 - 2020-04-16 17:21 - 000090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
2020-04-16 17:21 - 2020-04-16 17:21 - 000087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\iasacct.dll
2020-04-16 17:21 - 2020-04-16 17:21 - 000084280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2020-04-16 17:21 - 2020-04-16 17:21 - 000070144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll
2020-04-16 17:21 - 2020-04-16 17:21 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iasacct.dll
2020-04-16 17:21 - 2020-04-16 17:21 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\srumapi.dll
2020-04-16 17:21 - 2020-04-16 17:21 - 000050688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srumapi.dll
2020-04-16 17:21 - 2020-04-16 17:21 - 000050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\iaspolcy.dll
2020-04-16 17:21 - 2020-04-16 17:21 - 000048440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\VmsProxy.sys
2020-04-16 17:21 - 2020-04-16 17:21 - 000045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.Office2010CustomActions.dll
2020-04-16 17:21 - 2020-04-16 17:21 - 000040448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iaspolcy.dll
2020-04-16 17:21 - 2020-04-16 17:21 - 000039736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\VmsProxyHNic.sys
2020-04-16 17:21 - 2020-04-16 17:21 - 000036352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft.Uev.Office2010CustomActions.dll
2020-04-16 17:21 - 2020-04-16 17:21 - 000031744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ias.dll
2020-04-16 17:21 - 2020-04-16 17:21 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msimsg.dll
2020-04-16 17:21 - 2020-04-16 17:21 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimsg.dll
2020-04-16 17:21 - 2020-04-16 17:21 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ias.dll
2020-04-16 17:21 - 2020-04-16 17:21 - 000021520 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdhvcom.dll
2020-04-16 17:21 - 2020-04-16 17:21 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DMAlertListener.ProxyStub.dll
2020-04-16 17:21 - 2020-04-16 17:21 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth9.bin
2020-04-16 17:21 - 2020-04-16 17:21 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2020-04-16 17:21 - 2020-04-16 17:21 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2020-04-16 17:21 - 2020-04-16 17:21 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2020-04-16 17:21 - 2020-04-16 17:21 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2020-04-16 17:21 - 2020-04-16 17:21 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2020-04-16 17:21 - 2020-04-16 17:21 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2020-04-16 17:21 - 2020-04-16 17:21 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2020-04-16 17:21 - 2020-04-16 17:21 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth12.bin
2020-04-16 17:21 - 2020-04-16 17:21 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth11.bin
2020-04-16 17:21 - 2020-04-16 17:21 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth10.bin
2020-04-16 17:21 - 2020-04-16 17:21 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2020-04-16 17:20 - 2020-04-16 17:20 - 014818816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2020-04-16 17:20 - 2020-04-16 17:20 - 009930552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2020-04-16 17:20 - 2020-04-16 17:20 - 007604584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2020-04-16 17:20 - 2020-04-16 17:20 - 006523048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2020-04-16 17:20 - 2020-04-16 17:20 - 006168064 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2020-04-16 17:20 - 2020-04-16 17:20 - 005040640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2020-04-16 17:20 - 2020-04-16 17:20 - 004563200 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2020-04-16 17:20 - 2020-04-16 17:20 - 003802624 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2020-04-16 17:20 - 2020-04-16 17:20 - 003753472 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2020-04-16 17:20 - 2020-04-16 17:20 - 003742544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneCoreUAPCommonProxyStub.dll
2020-04-16 17:20 - 2020-04-16 17:20 - 003729408 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2020-04-16 17:20 - 2020-04-16 17:20 - 003547648 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2020-04-16 17:20 - 2020-04-16 17:20 - 002986808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2020-04-16 17:20 - 2020-04-16 17:20 - 002871608 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2020-04-16 17:20 - 2020-04-16 17:20 - 002800128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2020-04-16 17:20 - 2020-04-16 17:20 - 002767928 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2020-04-16 17:20 - 2020-04-16 17:20 - 002453504 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll
2020-04-16 17:20 - 2020-04-16 17:20 - 002086656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2020-04-16 17:20 - 2020-04-16 17:20 - 001999960 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2020-04-16 17:20 - 2020-04-16 17:20 - 001945600 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2020-04-16 17:20 - 2020-04-16 17:20 - 001918976 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2020-04-16 17:20 - 2020-04-16 17:20 - 001835008 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2020-04-16 17:20 - 2020-04-16 17:20 - 001764336 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2020-04-16 17:20 - 2020-04-16 17:20 - 001757096 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2020-04-16 17:20 - 2020-04-16 17:20 - 001729024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll
2020-04-16 17:20 - 2020-04-16 17:20 - 001726264 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2020-04-16 17:20 - 2020-04-16 17:20 - 001697792 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2020-04-16 17:20 - 2020-04-16 17:20 - 001665216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2020-04-16 17:20 - 2020-04-16 17:20 - 001664896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2020-04-16 17:20 - 2020-04-16 17:20 - 001656904 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2020-04-16 17:20 - 2020-04-16 17:20 - 001646048 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2020-04-16 17:20 - 2020-04-16 17:20 - 001612800 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2020-04-16 17:20 - 2020-04-16 17:20 - 001603584 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2020-04-16 17:20 - 2020-04-16 17:20 - 001587712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2020-04-16 17:20 - 2020-04-16 17:20 - 001512832 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2020-04-16 17:20 - 2020-04-16 17:20 - 001484384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2020-04-16 17:20 - 2020-04-16 17:20 - 001480192 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocoreworker.exe
2020-04-16 17:20 - 2020-04-16 17:20 - 001477112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll
2020-04-16 17:20 - 2020-04-16 17:20 - 001427456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Vpn.dll
2020-04-16 17:20 - 2020-04-16 17:20 - 001378528 _____ (Microsoft Corporation) C:\WINDOWS\system32\webservices.dll
2020-04-16 17:20 - 2020-04-16 17:20 - 001368576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll
2020-04-16 17:20 - 2020-04-16 17:20 - 001368576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2020-04-16 17:20 - 2020-04-16 17:20 - 001318912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2020-04-16 17:20 - 2020-04-16 17:20 - 001300280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2020-04-16 17:20 - 2020-04-16 17:20 - 001261808 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2020-04-16 17:20 - 2020-04-16 17:20 - 001257472 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2020-04-16 17:20 - 2020-04-16 17:20 - 001245184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2020-04-16 17:20 - 2020-04-16 17:20 - 001243648 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2020-04-16 17:20 - 2020-04-16 17:20 - 001153024 _____ (Microsoft Corporation) C:\WINDOWS\system32\windowsperformancerecordercontrol.dll
2020-04-16 17:20 - 2020-04-16 17:20 - 001136128 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll
2020-04-16 17:20 - 2020-04-16 17:20 - 001083904 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2020-04-16 17:20 - 2020-04-16 17:20 - 001081856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Vpn.dll
2020-04-16 17:20 - 2020-04-16 17:20 - 001055376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2020-04-16 17:20 - 2020-04-16 17:20 - 001011200 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2020-04-16 17:20 - 2020-04-16 17:20 - 001009152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2020-04-16 17:20 - 2020-04-16 17:20 - 000993280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSWorkspace.dll
2020-04-16 17:20 - 2020-04-16 17:20 - 000982840 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2020-04-16 17:20 - 2020-04-16 17:20 - 000980832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webservices.dll
2020-04-16 17:20 - 2020-04-16 17:20 - 000974336 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2020-04-16 17:20 - 2020-04-16 17:20 - 000924672 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2020-04-16 17:20 - 2020-04-16 17:20 - 000923136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2020-04-16 17:20 - 2020-04-16 17:20 - 000915192 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2020-04-16 17:20 - 2020-04-16 17:20 - 000912896 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2020-04-16 17:20 - 2020-04-16 17:20 - 000892416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApiPublic.dll
2020-04-16 17:20 - 2020-04-16 17:20 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windowsperformancerecordercontrol.dll
2020-04-16 17:20 - 2020-04-16 17:20 - 000865280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2020-04-16 17:20 - 2020-04-16 17:20 - 000865280 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2020-04-16 17:20 - 2020-04-16 17:20 - 000840704 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Language.dll
2020-04-16 17:20 - 2020-04-16 17:20 - 000822208 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2020-04-16 17:20 - 2020-04-16 17:20 - 000811320 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2020-04-16 17:20 - 2020-04-16 17:20 - 000785920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2020-04-16 17:20 - 2020-04-16 17:20 - 000772096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2020-04-16 17:20 - 2020-04-16 17:20 - 000768528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2020-04-16 17:20 - 2020-04-16 17:20 - 000759272 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskschd.dll
2020-04-16 17:20 - 2020-04-16 17:20 - 000747320 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2020-04-16 17:20 - 2020-04-16 17:20 - 000729600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FlightSettings.dll
2020-04-16 17:20 - 2020-04-16 17:20 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BTAGService.dll
2020-04-16 17:20 - 2020-04-16 17:20 - 000684560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2020-04-16 17:20 - 2020-04-16 17:20 - 000673704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2020-04-16 17:20 - 2020-04-16 17:20 - 000673464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2020-04-16 17:20 - 2020-04-16 17:20 - 000665088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2020-04-16 17:20 - 2020-04-16 17:20 - 000647680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2020-04-16 17:20 - 2020-04-16 17:20 - 000638480 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2020-04-16 17:20 - 2020-04-16 17:20 - 000632832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2020-04-16 17:20 - 2020-04-16 17:20 - 000629760 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll
2020-04-16 17:20 - 2020-04-16 17:20 - 000628616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2020-04-16 17:20 - 2020-04-16 17:20 - 000618296 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2020-04-16 17:20 - 2020-04-16 17:20 - 000605184 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2020-04-16 17:20 - 2020-04-16 17:20 - 000604984 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2020-04-16 17:20 - 2020-04-16 17:20 - 000595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2020-04-16 17:20 - 2020-04-16 17:20 - 000561464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2020-04-16 17:20 - 2020-04-16 17:20 - 000550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2020-04-16 17:20 - 2020-04-16 17:20 - 000538160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2020-04-16 17:20 - 2020-04-16 17:20 - 000530432 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2020-04-16 17:20 - 2020-04-16 17:20 - 000516096 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2020-04-16 17:20 - 2020-04-16 17:20 - 000515600 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2020-04-16 17:20 - 2020-04-16 17:20 - 000513576 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2020-04-16 17:20 - 2020-04-16 17:20 - 000510792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64win.dll
2020-04-16 17:20 - 2020-04-16 17:20 - 000507152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskschd.dll
2020-04-16 17:20 - 2020-04-16 17:20 - 000498688 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll
2020-04-16 17:20 - 2020-04-16 17:20 - 000497152 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2020-04-16 17:20 - 2020-04-16 17:20 - 000491008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppcext.dll
2020-04-16 17:20 - 2020-04-16 17:20 - 000487784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\advapi32.dll
2020-04-16 17:20 - 2020-04-16 17:20 - 000477496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2020-04-16 17:20 - 2020-04-16 17:20 - 000465208 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2020-04-16 17:20 - 2020-04-16 17:20 - 000459688 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2020-04-16 17:20 - 2020-04-16 17:20 - 000456504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2020-04-16 17:20 - 2020-04-16 17:20 - 000415760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2020-04-16 17:20 - 2020-04-16 17:20 - 000410112 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2020-04-16 17:20 - 2020-04-16 17:20 - 000408064 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2020-04-16 17:20 - 2020-04-16 17:20 - 000406480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Enumeration.dll
2020-04-16 17:20 - 2020-04-16 17:20 - 000401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\es.dll
2020-04-16 17:20 - 2020-04-16 17:20 - 000374784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncbservice.dll
2020-04-16 17:20 - 2020-04-16 17:20 - 000355840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicSvc.dll
2020-04-16 17:20 - 2020-04-16 17:20 - 000343552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpr.exe
2020-04-16 17:20 - 2020-04-16 17:20 - 000336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\es.dll
2020-04-16 17:20 - 2020-04-16 17:20 - 000330240 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
2020-04-16 17:20 - 2020-04-16 17:20 - 000324408 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2020-04-16 17:20 - 2020-04-16 17:20 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2020-04-16 17:20 - 2020-04-16 17:20 - 000323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcommdlg.dll
2020-04-16 17:20 - 2020-04-16 17:20 - 000285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicCapsule.dll
2020-04-16 17:20 - 2020-04-16 17:20 - 000277864 _____ (Microsoft Corporation) C:\WINDOWS\system32\LsaIso.exe
2020-04-16 17:20 - 2020-04-16 17:20 - 000277504 _____ (Microsoft Corporation) C:\WINDOWS\system32\scecli.dll
2020-04-16 17:20 - 2020-04-16 17:20 - 000268008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2020-04-16 17:20 - 2020-04-16 17:20 - 000259776 _____ (Microsoft Corporation) C:\WINDOWS\system32\logoncli.dll
2020-04-16 17:20 - 2020-04-16 17:20 - 000259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\VPNv2CSP.dll
2020-04-16 17:20 - 2020-04-16 17:20 - 000251704 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinesam.dll
2020-04-16 17:20 - 2020-04-16 17:20 - 000241152 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanagerprecheck.dll
2020-04-16 17:20 - 2020-04-16 17:20 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallServiceTasks.dll
2020-04-16 17:20 - 2020-04-16 17:20 - 000203264 _____ (Microsoft Corporation) C:\WINDOWS\system32\LanguageComponentsInstaller.dll
2020-04-16 17:20 - 2020-04-16 17:20 - 000197632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Win32CompatibilityAppraiserCSP.dll
2020-04-16 17:20 - 2020-04-16 17:20 - 000190048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\logoncli.dll
2020-04-16 17:20 - 2020-04-16 17:20 - 000185952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceaccess.dll
2020-04-16 17:20 - 2020-04-16 17:20 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallServiceTasks.dll
2020-04-16 17:20 - 2020-04-16 17:20 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2020-04-16 17:20 - 2020-04-16 17:20 - 000178192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2020-04-16 17:20 - 2020-04-16 17:20 - 000164368 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2020-04-16 17:20 - 2020-04-16 17:20 - 000163840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2020-04-16 17:20 - 2020-04-16 17:20 - 000152408 _____ (Microsoft Corporation) C:\WINDOWS\system32\KerbClientShared.dll
2020-04-16 17:20 - 2020-04-16 17:20 - 000147696 _____ (Microsoft Corporation) C:\WINDOWS\system32\smss.exe
2020-04-16 17:20 - 2020-04-16 17:20 - 000142544 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingUI.exe
2020-04-16 17:20 - 2020-04-16 17:20 - 000140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\slc.dll
2020-04-16 17:20 - 2020-04-16 17:20 - 000136192 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppc.dll
2020-04-16 17:20 - 2020-04-16 17:20 - 000127280 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2020-04-16 17:20 - 2020-04-16 17:20 - 000125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2020-04-16 17:20 - 2020-04-16 17:20 - 000123952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KerbClientShared.dll
2020-04-16 17:20 - 2020-04-16 17:20 - 000122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\samlib.dll
2020-04-16 17:20 - 2020-04-16 17:20 - 000118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\slc.dll
2020-04-16 17:20 - 2020-04-16 17:20 - 000115120 _____ (Microsoft Corporation) C:\WINDOWS\system32\phoneactivate.exe
2020-04-16 17:20 - 2020-04-16 17:20 - 000105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\utcutil.dll
2020-04-16 17:20 - 2020-04-16 17:20 - 000102216 _____ (Microsoft Corporation) C:\WINDOWS\system32\changepk.exe
2020-04-16 17:20 - 2020-04-16 17:20 - 000101888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppc.dll
2020-04-16 17:20 - 2020-04-16 17:20 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2020-04-16 17:20 - 2020-04-16 17:20 - 000089336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2020-04-16 17:20 - 2020-04-16 17:20 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicAgent.exe
2020-04-16 17:20 - 2020-04-16 17:20 - 000087552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dot3api.dll
2020-04-16 17:20 - 2020-04-16 17:20 - 000087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dot3msm.dll
2020-04-16 17:20 - 2020-04-16 17:20 - 000071680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Custom.dll
2020-04-16 17:20 - 2020-04-16 17:20 - 000071480 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll
2020-04-16 17:20 - 2020-04-16 17:20 - 000070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\keepaliveprovider.dll
2020-04-16 17:20 - 2020-04-16 17:20 - 000066624 _____ (Microsoft Corporation) C:\WINDOWS\system32\iumcrypt.dll
2020-04-16 17:20 - 2020-04-16 17:20 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcadm.dll
2020-04-16 17:20 - 2020-04-16 17:20 - 000060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
2020-04-16 17:20 - 2020-04-16 17:20 - 000058880 _____ C:\WINDOWS\system32\runexehelper.exe
2020-04-16 17:20 - 2020-04-16 17:20 - 000051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcalua.exe
2020-04-16 17:20 - 2020-04-16 17:20 - 000050544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudNotifications.exe
2020-04-16 17:20 - 2020-04-16 17:20 - 000049152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tbauth.dll
2020-04-16 17:20 - 2020-04-16 17:20 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf3216.dll
2020-04-16 17:20 - 2020-04-16 17:20 - 000045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\cmintegrator.dll
2020-04-16 17:20 - 2020-04-16 17:20 - 000043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpgradeResultsUI.exe
2020-04-16 17:20 - 2020-04-16 17:20 - 000036152 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2020-04-16 17:20 - 2020-04-16 17:20 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\sxssrv.dll
2020-04-16 17:20 - 2020-04-16 17:20 - 000033080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hwpolicy.sys
2020-04-16 17:20 - 2020-04-16 17:20 - 000031744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wksprtPS.dll
2020-04-16 17:20 - 2020-04-16 17:20 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cmintegrator.dll
2020-04-16 17:20 - 2020-04-16 17:20 - 000029184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerCookies.exe
2020-04-16 17:20 - 2020-04-16 17:20 - 000028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicPS.dll
2020-04-16 17:20 - 2020-04-16 17:20 - 000022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\slcext.dll
2020-04-16 17:20 - 2020-04-16 17:20 - 000022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\sbservicetrigger.dll
2020-04-16 17:20 - 2020-04-16 17:20 - 000019968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\slcext.dll
2020-04-16 17:20 - 2020-04-16 17:20 - 000017920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wksprtPS.dll
2020-04-16 17:20 - 2020-04-16 17:20 - 000017920 _____ (Microsoft Corporation) C:\WINDOWS\system32\icsunattend.exe
2020-04-16 17:20 - 2020-04-16 17:20 - 000015872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Custom.ps.dll
2020-04-16 17:20 - 2020-04-16 17:20 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\dciman32.dll
2020-04-16 17:20 - 2020-04-16 17:20 - 000012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcaevts.dll
2020-04-16 17:20 - 2020-04-16 17:20 - 000012288 _____ (Microsoft Corporation) C:\WINDOWS\system32\pacjsworker.exe
2020-04-16 17:20 - 2020-04-16 17:20 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dciman32.dll
2020-04-16 17:20 - 2020-04-16 17:20 - 000010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMAlertListener.ProxyStub.dll
2020-04-16 17:20 - 2020-04-16 17:20 - 000008192 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimg32.dll
2020-04-16 17:20 - 2020-04-16 17:20 - 000007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msimg32.dll
2020-04-16 17:20 - 2020-04-16 17:20 - 000003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpk.dll
2020-04-16 17:20 - 2020-04-16 17:20 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\lpk.dll
2020-04-16 17:19 - 2020-04-16 17:19 - 017790464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2020-04-16 17:19 - 2020-04-16 17:19 - 007849216 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2020-04-16 17:19 - 2020-04-16 17:19 - 003980800 _____ (Microsoft Corporation) C:\WINDOWS\system32\tellib.dll
2020-04-16 17:19 - 2020-04-16 17:19 - 003708928 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2020-04-16 17:19 - 2020-04-16 17:19 - 003587384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2020-04-16 17:19 - 2020-04-16 17:19 - 003109376 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2020-04-16 17:19 - 2020-04-16 17:19 - 002717184 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2020-04-16 17:19 - 2020-04-16 17:19 - 002131456 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcDesktopMonSvc.dll
2020-04-16 17:19 - 2020-04-16 17:19 - 002126144 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2020-04-16 17:19 - 2020-04-16 17:19 - 002114560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
2020-04-16 17:19 - 2020-04-16 17:19 - 001960448 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2020-04-16 17:19 - 2020-04-16 17:19 - 001942528 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2020-04-16 17:19 - 2020-04-16 17:19 - 001783296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2020-04-16 17:19 - 2020-04-16 17:19 - 001762816 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2020-04-16 17:19 - 2020-04-16 17:19 - 001719808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
2020-04-16 17:19 - 2020-04-16 17:19 - 001497600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2020-04-16 17:19 - 2020-04-16 17:19 - 001413704 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2020-04-16 17:19 - 2020-04-16 17:19 - 001263856 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2020-04-16 17:19 - 2020-04-16 17:19 - 001180672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2020-04-16 17:19 - 2020-04-16 17:19 - 001127424 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcRefreshTask.dll
2020-04-16 17:19 - 2020-04-16 17:19 - 001071616 _____ (Microsoft Corporation) C:\WINDOWS\system32\BTAGService.dll
2020-04-16 17:19 - 2020-04-16 17:19 - 000893952 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll
2020-04-16 17:19 - 2020-04-16 17:19 - 000879616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Service.dll
2020-04-16 17:19 - 2020-04-16 17:19 - 000874296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2020-04-16 17:19 - 2020-04-16 17:19 - 000735744 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2020-04-16 17:19 - 2020-04-16 17:19 - 000722072 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2020-04-16 17:19 - 2020-04-16 17:19 - 000654912 _____ (Microsoft Corporation) C:\WINDOWS\system32\advapi32.dll
2020-04-16 17:19 - 2020-04-16 17:19 - 000637240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2020-04-16 17:19 - 2020-04-16 17:19 - 000589384 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2020-04-16 17:19 - 2020-04-16 17:19 - 000524264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Enumeration.dll
2020-04-16 17:19 - 2020-04-16 17:19 - 000469504 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2020-04-16 17:19 - 2020-04-16 17:19 - 000441144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2020-04-16 17:19 - 2020-04-16 17:19 - 000437560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2020-04-16 17:19 - 2020-04-16 17:19 - 000416016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2020-04-16 17:19 - 2020-04-16 17:19 - 000355328 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcApi.dll
2020-04-16 17:19 - 2020-04-16 17:19 - 000339304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2020-04-16 17:19 - 2020-04-16 17:19 - 000297272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2020-04-16 17:19 - 2020-04-16 17:19 - 000278016 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcTok.exe
2020-04-16 17:19 - 2020-04-16 17:19 - 000268288 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3svc.dll
2020-04-16 17:19 - 2020-04-16 17:19 - 000265216 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2020-04-16 17:19 - 2020-04-16 17:19 - 000256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateDeploymentProvider.dll
2020-04-16 17:19 - 2020-04-16 17:19 - 000251392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winnat.sys
2020-04-16 17:19 - 2020-04-16 17:19 - 000231912 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll
2020-04-16 17:19 - 2020-04-16 17:19 - 000200192 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2020-04-16 17:19 - 2020-04-16 17:19 - 000193848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2020-04-16 17:19 - 2020-04-16 17:19 - 000169472 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpatialAudioLicenseSrv.exe
2020-04-16 17:19 - 2020-04-16 17:19 - 000158720 _____ (Microsoft Corporation) C:\WINDOWS\system32\umpo.dll
2020-04-16 17:19 - 2020-04-16 17:19 - 000151352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\scmbus.sys
2020-04-16 17:19 - 2020-04-16 17:19 - 000129024 _____ (Microsoft Corporation) C:\WINDOWS\system32\UtcDecoderHost.exe
2020-04-16 17:19 - 2020-04-16 17:19 - 000108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanprotdim.dll
2020-04-16 17:19 - 2020-04-16 17:19 - 000103936 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3msm.dll
2020-04-16 17:19 - 2020-04-16 17:19 - 000096768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Custom.dll
2020-04-16 17:19 - 2020-04-16 17:19 - 000092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3api.dll
2020-04-16 17:19 - 2020-04-16 17:19 - 000089912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volmgr.sys
2020-04-16 17:19 - 2020-04-16 17:19 - 000088352 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll
2020-04-16 17:19 - 2020-04-16 17:19 - 000076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\autopilot.dll
2020-04-16 17:19 - 2020-04-16 17:19 - 000070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.EnrollmentStatusTracking.ConfigProvider.dll
2020-04-16 17:19 - 2020-04-16 17:19 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\tbauth.dll
2020-04-16 17:19 - 2020-04-16 17:19 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudNotifications.exe
2020-04-16 17:19 - 2020-04-16 17:19 - 000059192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storufs.sys
2020-04-16 17:19 - 2020-04-16 17:19 - 000057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2020-04-16 17:19 - 2020-04-16 17:19 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\audioresourceregistrar.dll
2020-04-16 17:19 - 2020-04-16 17:19 - 000047000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2020-04-16 17:19 - 2020-04-16 17:19 - 000044032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.Common.dll
2020-04-16 17:19 - 2020-04-16 17:19 - 000043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiredNetworkCSP.dll
2020-04-16 17:19 - 2020-04-16 17:19 - 000039424 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcProxyStubs.dll
2020-04-16 17:19 - 2020-04-16 17:19 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerCookies.exe
2020-04-16 17:19 - 2020-04-16 17:19 - 000030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\KNetPwrDepBroker.sys
2020-04-16 17:19 - 2020-04-16 17:19 - 000028160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\flpydisk.sys
2020-04-16 17:19 - 2020-04-16 17:19 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Custom.ps.dll
2020-04-16 17:19 - 2020-04-16 17:19 - 000018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sfloppy.sys
2020-04-16 17:00 - 2020-03-16 23:57 - 000390656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2020-04-16 17:00 - 2020-03-16 23:56 - 000492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2020-04-16 12:40 - 2020-04-26 15:48 - 000000000 ____D C:\Program Files\Mozilla Firefox
2020-04-15 20:31 - 2020-04-15 20:31 - 000000000 ____D C:\WINDOWS\Panther
2020-04-15 13:41 - 2020-04-15 13:41 - 000000000 ____D C:\Users\Not\AppData\Roaming\Alien Skin
2020-04-15 13:41 - 2020-04-15 13:41 - 000000000 ____D C:\Users\Not\AppData\Local\Alien Skin
2020-04-15 13:38 - 2020-04-15 13:39 - 000000000 ____D C:\ProgramData\Alien Skin
2020-04-15 13:38 - 2020-04-15 13:39 - 000000000 ____D C:\Program Files\Exposure Software
2020-04-15 13:38 - 2020-04-15 13:38 - 000000000 ____D C:\Program Files\Alien Skin
2020-04-15 13:37 - 2020-04-15 13:37 - 006230072 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerInstaller.exe
2020-04-14 23:56 - 2020-04-18 22:13 - 000000000 ____D C:\Users\Not\.megabasterd7.24
2020-04-14 08:19 - 2020-04-14 08:19 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2020-04-14 08:19 - 2020-04-14 08:19 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2020-04-14 08:19 - 2020-04-14 08:19 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2020-04-14 08:19 - 2020-04-14 08:19 - 000044552 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2020-04-13 12:30 - 2020-04-13 12:30 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wacom
2020-04-13 12:30 - 2020-04-13 12:30 - 000000000 ____D C:\Users\Not\AppData\Roaming\WTablet
2020-04-13 12:30 - 2020-04-13 12:30 - 000000000 ____D C:\Program Files\TabletPlugins
2020-04-13 12:30 - 2020-04-13 12:30 - 000000000 ____D C:\Program Files (x86)\TabletPlugins
2020-04-13 12:30 - 2014-08-19 15:12 - 002006808 _____ (Wacom Technology, Corp.) C:\WINDOWS\system32\WacomMT.dll
2020-04-13 12:30 - 2014-08-19 15:12 - 001991448 _____ (Wacom Technology, Corp.) C:\WINDOWS\system32\Pen_Tablet.dll
2020-04-13 12:30 - 2014-08-19 15:12 - 001984792 _____ (Wacom Technology, Corp.) C:\WINDOWS\system32\Pen_Touch_Tablet.dll
2020-04-13 12:30 - 2014-08-19 15:12 - 001858328 _____ (Wacom Technology, Corp.) C:\WINDOWS\system32\Wintab32.dll
2020-04-13 12:30 - 2014-08-19 15:12 - 001614104 _____ (Wacom Technology, Corp.) C:\WINDOWS\SysWOW64\Pen_Tablet.dll
2020-04-13 12:30 - 2014-08-19 15:12 - 001610008 _____ (Wacom Technology, Corp.) C:\WINDOWS\SysWOW64\WacomMT.dll
2020-04-13 12:30 - 2014-08-19 15:12 - 001607448 _____ (Wacom Technology, Corp.) C:\WINDOWS\SysWOW64\Pen_Touch_Tablet.dll
2020-04-13 12:30 - 2014-08-19 15:12 - 001493784 _____ (Wacom Technology, Corp.) C:\WINDOWS\SysWOW64\Wintab32.dll
2020-04-13 12:30 - 2014-08-06 14:15 - 000102200 _____ (Wacom Technology) C:\WINDOWS\system32\Drivers\wachidrouter.sys
2020-04-13 12:30 - 2014-08-06 14:15 - 000015160 _____ (Wacom Technology) C:\WINDOWS\system32\Drivers\wacomrouterfilter.sys
2020-04-13 12:30 - 2014-08-06 14:15 - 000014136 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\Drivers\hidkmdf.sys
2020-04-13 12:27 - 2020-04-13 12:29 - 040103880 _____ C:\Users\Not\Downloads\pentablet_5.3.5-3.exe
2020-04-13 10:17 - 2020-04-13 12:24 - 000000000 ____D C:\Users\Not\AppData\Local\Wacom
2020-04-09 21:59 - 2020-04-09 21:59 - 000000000 ____D C:\Users\Not\Desktop\Tor Browser
2020-04-09 21:46 - 2020-04-09 21:51 - 068183384 _____ C:\Users\Not\Downloads\torbrowser-install-win64-9.0.9_en-US.exe
2020-04-08 00:04 - 2020-04-08 00:04 - 000000000 ____D C:\Users\Not\AppData\Roaming\Astra Image
2020-04-07 23:42 - 2020-04-07 23:42 - 000000000 ____D C:\Users\Not\AppData\Local\PIPP_Application
2020-04-07 20:48 - 2020-04-07 20:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ut Video Codec Suite
2020-04-07 20:48 - 2020-04-07 20:48 - 000000000 ____D C:\Program Files\utvideo
2020-04-07 20:48 - 2020-04-07 20:48 - 000000000 ____D C:\Program Files (x86)\QuickTime
2020-04-07 20:48 - 2016-05-03 22:06 - 000304640 _____ C:\WINDOWS\system32\utv_core.dll
2020-04-07 20:48 - 2016-05-03 22:06 - 000273920 _____ (TODO: <会社名>) C:\WINDOWS\system32\utv_dmo.dll
2020-04-07 20:48 - 2016-05-03 22:06 - 000132608 _____ C:\WINDOWS\system32\utv_vcm.dll
2020-04-07 20:48 - 2016-05-03 22:05 - 000221696 _____ C:\WINDOWS\SysWOW64\utv_core.dll
2020-04-07 20:48 - 2016-05-03 22:05 - 000213504 _____ (TODO: <会社名>) C:\WINDOWS\SysWOW64\utv_dmo.dll
2020-04-07 20:48 - 2016-05-03 22:05 - 000109056 _____ C:\WINDOWS\SysWOW64\utv_vcm.dll
2020-04-07 20:47 - 2020-04-07 20:48 - 000000000 ____D C:\Program Files\PIPP
2020-04-07 20:47 - 2020-04-07 20:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PIPP
2020-04-07 20:41 - 2020-04-07 20:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Astra Image (64-bit)
2020-04-07 20:41 - 2020-04-07 20:41 - 000000000 ____D C:\Program Files\Astra Image (64-bit)
2020-04-02 13:40 - 2020-04-02 13:44 - 068132600 _____ C:\Users\Not\Downloads\torbrowser-install-win64-9.0.7_en-US.exe
2020-04-02 13:01 - 2020-04-04 15:16 - 000000000 ____D C:\Users\Not\AppData\Roaming\tor
2020-04-01 23:07 - 2020-04-01 23:07 - 000000000 ____D C:\Users\Not\AppData\Local\Progress_Software_EAD
2020-04-01 23:06 - 2020-04-01 23:20 - 000000000 ____D C:\Users\Not\Documents\Fiddler2
2020-04-01 23:05 - 2020-04-01 23:05 - 000002296 _____ C:\Users\Not\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Fiddler ScriptEditor.lnk
2020-04-01 23:05 - 2020-04-01 23:05 - 000002156 _____ C:\Users\Not\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Fiddler 4.lnk
2020-04-01 23:04 - 2020-04-01 23:04 - 006644448 _____ (Progress Software EAD) C:\Users\Not\Downloads\FiddlerSetup.exe
2020-03-28 17:36 - 2020-03-28 17:41 - 113958410 _____ C:\Users\Not\Downloads\progress-telerik-fiddler.AppImage


==================== Un mes (modificado) ==================

(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)

2020-04-27 13:40 - 2019-03-14 22:42 - 000000000 ____D C:\Users\Not\AppData\LocalLow\Mozilla
2020-04-27 13:26 - 2019-03-19 00:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-04-27 13:18 - 2019-03-15 12:10 - 000000000 __SHD C:\Users\Not\IntelGraphicsProfiles
2020-04-27 13:17 - 2019-10-25 14:18 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-04-27 13:17 - 2017-01-28 09:44 - 000000000 ____D C:\ProgramData\NVIDIA
2020-04-27 13:17 - 2016-02-28 20:32 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2020-04-27 13:16 - 2019-03-19 00:37 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2020-04-27 13:09 - 2019-10-25 13:37 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-04-27 10:49 - 2016-02-28 21:48 - 000000000 ____D C:\ProgramData\Malwarebytes
2020-04-27 02:05 - 2019-10-25 13:37 - 000494456 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-04-27 02:02 - 2019-11-26 13:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\lenovo
2020-04-27 02:02 - 2019-09-05 20:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Stellarium
2020-04-27 02:02 - 2019-03-14 22:45 - 000000000 ____D C:\Users\Not\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2020-04-27 02:02 - 2016-06-08 15:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support
2020-04-27 02:02 - 2016-03-27 14:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kingo ROOT
2020-04-26 23:53 - 2019-03-19 00:52 - 000000000 ___HD C:\Program Files\WindowsApps
2020-04-26 23:53 - 2019-03-19 00:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-04-26 23:39 - 2019-09-29 22:44 - 000000000 ____D C:\Users\Not\Desktop\Concurso
2020-04-26 21:47 - 2019-03-14 22:28 - 000000000 ____D C:\Users\Not\AppData\Local\CrashDumps
2020-04-26 18:37 - 2019-03-14 22:50 - 000000000 ____D C:\Users\Not\AppData\Roaming\transmission
2020-04-26 18:16 - 2019-03-14 22:50 - 000000000 ____D C:\Users\Not\AppData\Roaming\vlc
2020-04-26 16:03 - 2019-10-25 14:05 - 001773366 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-04-26 16:03 - 2019-03-19 07:59 - 000789814 _____ C:\WINDOWS\system32\perfh00A.dat
2020-04-26 16:03 - 2019-03-19 07:59 - 000156068 _____ C:\WINDOWS\system32\perfc00A.dat
2020-04-26 16:03 - 2019-03-19 00:50 - 000000000 ____D C:\WINDOWS\INF
2020-04-26 15:48 - 2016-02-28 01:32 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2020-04-26 00:39 - 2017-11-08 06:43 - 000000841 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2020-04-25 21:12 - 2019-10-04 15:25 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2020-04-25 21:12 - 2016-03-16 12:03 - 000002299 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-04-21 01:23 - 2019-03-14 22:45 - 000000000 ____D C:\Users\Not\AppData\Roaming\FileZilla
2020-04-20 22:54 - 2019-03-14 22:27 - 000000128 _____ C:\Users\Not\AppData\Local\PUTTY.RND
2020-04-19 22:25 - 2016-06-08 15:22 - 000000000 ____D C:\ProgramData\Hewlett-Packard
2020-04-19 21:55 - 2020-02-25 15:21 - 000000000 ____D C:\Users\Not\AppData\Roaming\.minecraft
2020-04-19 21:50 - 2020-02-26 15:12 - 000000000 ____D C:\Users\Not\AppData\Roaming\.tlauncher
2020-04-19 21:19 - 2016-02-28 10:30 - 000000000 ____D C:\Program Files\KMSpico
2020-04-19 19:12 - 2016-02-28 23:57 - 000001020 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2020-04-19 19:12 - 2016-02-28 23:57 - 000001016 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2020-04-19 19:10 - 2019-03-14 22:45 - 000000000 ____D C:\Users\Not\AppData\Roaming\Hewlett-Packard
2020-04-19 19:10 - 2019-03-14 22:30 - 000000000 ____D C:\Users\Not\AppData\Local\Hewlett-Packard
2020-04-19 19:10 - 2019-02-28 15:16 - 000000000 ____D C:\Users\Administrador\AppData\Roaming\Hewlett-Packard
2020-04-19 19:10 - 2016-12-19 15:52 - 000000000 ____D C:\Program Files (x86)\Lenovo
2020-04-19 19:10 - 2016-06-08 13:51 - 000000000 ____D C:\Program Files (x86)\Hewlett-Packard
2020-04-19 18:59 - 2020-03-26 17:53 - 000002236 _____ C:\WINDOWS\system32\Tasks\npcapwatchdog
2020-04-19 18:59 - 2019-10-25 14:18 - 000003610 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2020-04-19 18:59 - 2019-10-25 14:18 - 000003594 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachineUA
2020-04-19 18:59 - 2019-10-25 14:18 - 000003386 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2020-04-19 18:59 - 2019-10-25 14:18 - 000003370 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachineCore
2020-04-19 18:59 - 2019-10-25 14:18 - 000002918 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1198290506-3008176589-532644284-1006
2020-04-19 18:59 - 2019-10-25 14:18 - 000002296 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC
2020-04-19 17:51 - 2019-03-19 00:52 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2020-04-19 16:59 - 2019-03-14 22:50 - 000000000 ____D C:\Users\Not\AppData\Roaming\TeamViewer
2020-04-19 16:59 - 2019-03-14 22:03 - 000000000 ____D C:\Users\Not\AppData\Local\LogMeIn Hamachi
2020-04-19 16:46 - 2019-03-19 00:52 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2020-04-19 16:44 - 2017-01-18 14:23 - 000000000 ____D C:\Program Files\CCleaner
2020-04-19 15:17 - 2019-10-29 22:50 - 000153312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2020-04-19 15:17 - 2019-10-29 22:50 - 000020936 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2020-04-18 21:31 - 2019-10-25 13:48 - 000000000 ____D C:\Users\Not
2020-04-18 14:48 - 2019-03-14 22:53 - 000000000 ____D C:\Users\Not\Documents\KONAMI
2020-04-18 14:48 - 2016-04-15 20:05 - 000000000 ____D C:\ProgramData\KONAMI
2020-04-18 12:42 - 2019-03-26 11:41 - 000000430 _____ C:\Users\Not\AppData\Local\filelightrc
2020-04-18 12:02 - 2019-03-14 22:54 - 000000000 ____D C:\Users\Not\Desktop\Insta Post Export
2020-04-18 11:59 - 2019-03-14 22:58 - 000000000 ____D C:\Users\Not\Desktop\Nyumba
2020-04-18 01:31 - 2019-08-20 18:51 - 000000000 ____D C:\torrent
2020-04-18 00:40 - 2019-03-14 22:42 - 000000000 ____D C:\Users\Not\AppData\Local\Steam
2020-04-17 16:18 - 2016-02-28 23:57 - 000000000 ____D C:\Program Files (x86)\Dropbox
2020-04-16 22:09 - 2019-09-05 20:28 - 000000000 ____D C:\Users\Not\AppData\Roaming\Stellarium
2020-04-16 20:28 - 2019-03-14 22:27 - 000001456 _____ C:\Users\Not\AppData\Local\Adobe Guardar para Web 13.0 Prefs
2020-04-16 17:28 - 2019-03-19 08:01 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2020-04-16 17:28 - 2019-03-19 00:52 - 000000000 ____D C:\WINDOWS\SystemResources
2020-04-16 17:28 - 2019-03-19 00:52 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2020-04-16 17:28 - 2019-03-19 00:52 - 000000000 ____D C:\WINDOWS\system32\migwiz
2020-04-16 17:28 - 2019-03-19 00:52 - 000000000 ____D C:\WINDOWS\ShellExperiences
2020-04-16 17:28 - 2019-03-19 00:52 - 000000000 ____D C:\WINDOWS\Provisioning
2020-04-16 17:28 - 2019-03-19 00:52 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2020-04-16 17:28 - 2019-03-19 00:52 - 000000000 ____D C:\WINDOWS\bcastdvr
2020-04-16 17:27 - 2019-03-19 00:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-04-15 23:39 - 2019-03-14 22:28 - 000000000 ____D C:\Users\Not\AppData\Local\ElevatedDiagnostics
2020-04-15 21:34 - 2019-03-14 22:03 - 000000000 ____D C:\Users\Not\AppData\Roaming\Adobe
2020-04-15 20:02 - 2019-03-26 17:43 - 000000000 ____D C:\Users\Not\AppData\Local\D3DSCache
2020-04-15 13:37 - 2019-10-25 14:18 - 000004618 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player NPAPI Notifier
2020-04-15 13:37 - 2019-10-25 14:18 - 000004394 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player Updater
2020-04-15 13:37 - 2019-03-19 00:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2020-04-15 13:37 - 2019-03-19 00:52 - 000000000 ____D C:\WINDOWS\system32\Macromed
2020-04-15 13:20 - 2018-12-12 12:41 - 000000000 ____D C:\Program Files\Tablet
2020-04-14 23:56 - 2019-12-15 18:14 - 000000000 ____D C:\Users\Not\.megabasterd_old_backups
2020-04-14 23:09 - 2013-09-21 10:20 - 000000000 ____D C:\Users\Not\Desktop\libro el espacio 2 tomas
2020-04-14 21:32 - 2019-10-25 13:48 - 000002397 _____ C:\Users\Not\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-04-14 21:32 - 2019-03-15 08:15 - 000000000 ___RD C:\Users\Not\OneDrive
2020-04-13 12:08 - 2019-02-28 15:12 - 000000000 ____D C:\Users\Administrador\AppData\Roaming\WTablet
2020-04-13 10:17 - 2020-01-12 16:47 - 000000000 ____D C:\Users\Not\.android
2020-04-07 19:29 - 2019-03-14 22:03 - 000000000 ____D C:\Users\Not\AppData\Local\Packages
2020-04-02 16:27 - 2018-04-25 10:10 - 000000602 _____ C:\WINDOWS\system32\Drivers\etc\hosts.ics

==================== Archivos en la raíz de algunos directorios ========

2019-03-14 22:42 - 2017-02-08 00:46 - 000000132 _____ () C:\Users\Not\AppData\Roaming\Prefs. de formato PNG de Adobe CS6
2019-03-14 22:27 - 2020-04-16 20:28 - 000001456 _____ () C:\Users\Not\AppData\Local\Adobe Guardar para Web 13.0 Prefs
2019-03-26 11:41 - 2020-04-18 12:42 - 000000430 _____ () C:\Users\Not\AppData\Local\filelightrc
2019-03-14 22:27 - 2018-09-29 12:04 - 000000000 _____ () C:\Users\Not\AppData\Local\oobelibMkey.log
2019-03-14 22:27 - 2020-04-20 22:54 - 000000128 _____ () C:\Users\Not\AppData\Local\PUTTY.RND
2019-03-14 22:27 - 2017-02-07 19:05 - 000001251 _____ () C:\Users\Not\AppData\Local\recently-used.xbel
2019-03-14 22:27 - 2016-05-09 12:48 - 000000017 _____ () C:\Users\Not\AppData\Local\resmon.resmoncfg
2019-03-14 22:27 - 2018-10-23 16:57 - 000000177 _____ () C:\Users\Not\AppData\Local\uts.ini

==================== SigCheck ============================

(No existe una corrección automática para los archivos que no pasan la verificación.)

==================== Final de FRST.txt ========================

Addition:

Resultados del Análisis Adicional de Farbar Recovery Scan Tool (x64) Versión: 19-04-2020
Ejecutado por Not (27-04-2020 13:58:28)
Ejecutado desde C:\Users\Not\Desktop
Windows 10 Pro Versión 1903 18362.778 (X64) (2019-10-25 18:19:47)
Modo de Inicio: Normal
==========================================================


==================== Cuentas: =============================

Administrador (S-1-5-21-1198290506-3008176589-532644284-500 - Administrator - Enabled) => C:\Users\Administrador
DefaultAccount (S-1-5-21-1198290506-3008176589-532644284-503 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1198290506-3008176589-532644284-1004 - Limited - Enabled)
Invitado (S-1-5-21-1198290506-3008176589-532644284-501 - Limited - Disabled)
Not (S-1-5-21-1198290506-3008176589-532644284-1006 - Administrator - Enabled) => C:\Users\Not
WDAGUtilityAccount (S-1-5-21-1198290506-3008176589-532644284-504 - Limited - Disabled)

==================== Centro de Seguridad ========================

(Si una entrada es incluida en el fixlist, será eliminada.)

AV: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Disabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AS: Malwarebytes (Disabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Programas instalados ======================

(Solo los programas de adware con indicador "Oculto", pueden ser añadidos al fixlist para hacerlos visibles. Los programas adware deben ser desinstalados manualmente.)

.NET Reflector Desktop 10 (HKLM-x32\...\{9D3C3535-B929-4ABC-AD4E-34D3EA21C297}) (Version: 10.1.8.1633 - Red Gate Software Ltd)
Actualización de NVIDIA 2.11.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 2.11.4.0 - NVIDIA Corporation) Hidden
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.7.0.400 - Adobe Systems Incorporated)
Adobe Dreamweaver CC (2017 Beta) (HKLM-x32\...\DRWV_16_6_1) (Version: 16.6.1 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.363 - Adobe)
Adobe Lightroom (HKLM-x32\...\{8048A5DF-8A70-5BE1-954B-E0FDE1BD0D0D}) (Version: 6.13 - Adobe Systems Incorporated)
Adobe Lightroom Classic CC (HKLM-x32\...\LTRM_7_0_1) (Version: 7.0.1 - Adobe Systems Incorporated)
Adobe Lightroom Classic CC (HKLM-x32\...\LTRM_7_5) (Version: 7.5 - Adobe Systems Incorporated)
Adobe Photoshop CC 2018 (HKLM-x32\...\PHSP_19_1_6) (Version: 19.1.6 - Adobe Systems Incorporated)
Age of Empires II Medicina - Rykros95 (HKLM-x32\...\Age of Empires II Medicina - Rykros95) (Version:  - )
Android Studio (HKLM\...\Android Studio) (Version: 3.5 - Google LLC)
Apple Application Support (32 bits) (HKLM-x32\...\{9BA1A894-B42F-4805-BC8C-349C905A3930}) (Version: 5.3.1 - Apple Inc.)
Apple Application Support (64 bits) (HKLM\...\{7EAC8A42-9FAC-4F6B-AABF-C08C9F2E0F13}) (Version: 5.3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{55BB2110-FB43-49B3-93F4-945A0CFB0A6C}) (Version: 10.0.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
Arduino (HKLM-x32\...\Arduino) (Version: 1.8.10 - Arduino LLC)
Astra Image (64-bit) (HKLM\...\Astra Image (64-bit)_is1) (Version: 5.1.7.0 - Astra Image Company)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 20.2.2401 - Avast Software)
balenaEtcher 1.5.5 (only current user) (HKU\S-1-5-21-1198290506-3008176589-532644284-1006\...\d2f3b6c7-6f49-59e2-b8a5-f72e33900c2b) (Version: 1.5.5 - Balena Inc.)
Bizagi Modeler (HKLM\...\{47be02e6-64a7-49a8-a734-1298e6f252a1}) (Version: 3.1.0011 - Bizagi Limited) Hidden
Bizagi Modeler (HKLM-x32\...\InstallShield_{47be02e6-64a7-49a8-a734-1298e6f252a1}) (Version: 3.1.0011 - Bizagi Limited)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Brother Printer Setting Tool (HKLM-x32\...\{8DA2E2DC-C572-4F87-89FC-833DB588CC7B}) (Version: 1.6.0041 - Brother Industries, Ltd.)
Brother P-touch Editor 5.2 (HKLM-x32\...\{456127E4-D660-4680-8C96-609AD6C485E2}) (Version: 5.2.0010 - Brother Industries, Ltd.)
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.7.0.0 - Canon Inc.)
Canon MG2400 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG2400_series) (Version: 1.02 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.3.0 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.8.5 - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.65 - Piriform)
Combin 1.5 (HKLM-x32\...\{E5AE22D7-8918-455B-AC82-7462A2FEF01F}) (Version: 1.5.6.995 - Open Media LLC)
Composer - Php Dependency Manager (HKLM-x32\...\{7315AF68-E777-496A-A6A2-4763A98ED35A}_is1) (Version:  - getcomposer.org)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.66.16.50 - Conexant)
Conexant SmartAudio (HKLM\...\SAII) (Version: 6.0.224.0 - Conexant Systems)
Corel Update Manager (HKLM\...\{B8C05FFE-C36F-4F17-AD20-739E4BC65AC9}) (Version: 2.9.389 - Corel corporation) Hidden
CPUID CPU-Z 1.76 (HKLM\...\CPUID CPU-Z_is1) (Version:  - ) <==== ATENCIÓN
Desinstalador de impresoras EPSON TX230 Series (HKLM\...\EPSON TX230 Series) (Version:  - SEIKO EPSON Corporation)
DiskInternals Linux Reader (HKLM-x32\...\DiskInternals Linux Reader) (Version: 2.3 - DiskInternals Research)
Dolby Digital Plus Advanced Audio (HKLM\...\{B0BFC63F-EA07-419E-960B-3FB2ED5DD0B2}) (Version: 7.6.5.1 - Dolby Laboratories Inc)
Dropbox (HKLM-x32\...\Dropbox) (Version: 95.4.441 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.295.1 - Dropbox, Inc.) Hidden
Easy2Convert RAW to JPG 2.6 (HKLM-x32\...\{861F7125-C9A3-4564-8C60-ED7E0F5DDEE2}_is1) (Version: 2.6 - Easy2Convert Software)
Eines de correcció del Microsoft Office 2013: català (HKLM\...\{90150000-001F-0403-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
ELAN Touchpad 11.15.0.18_X64 (HKLM\...\Elantech) (Version: 11.15.0.18 - ELAN Microelectronic Corp.)
Epson Customer Participation (HKLM\...\{814FA673-A085-403C-9545-747FC1495069}) (Version: 1.0.0.0 - SEIKO EPSON CORPORATION)
Epson Event Manager (HKLM-x32\...\{8ED43F7E-A8F6-4898-AF11-B6158F2EDF94}) (Version: 2.50.0000 - SEIKO EPSON CORPORATION)
Epson E-Web Print (HKLM-x32\...\{6BF9F374-EC67-4808-A90C-F127DE6D989D}) (Version: 1.23.0000 - SEIKO EPSON CORPORATION)
EPSON L220 Series Printer Uninstall (HKLM\...\EPSON L220 Series) (Version:  - SEIKO EPSON Corporation)
EPSON L300 Series Printer Uninstall (HKLM\...\EPSON L300 Series) (Version:  - SEIKO EPSON Corporation)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
Epson Software Updater (HKLM-x32\...\{7BAC3F7A-B963-468E-982E-B5608A87408D}) (Version: 4.4.4 - SEIKO EPSON CORPORATION)
EpsonNet Print (HKLM-x32\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.4j - SEIKO EPSON CORPORATION)
Exposure Software Exposure X5 (HKLM\...\Exposure Software Exposure X5) (Version:  - Exposure Software)
Ferramentas de verificación de Microsoft Office 2013 - Galego (HKLM\...\{90150000-001F-0456-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
FileASSASSIN (HKLM-x32\...\FileASSASSIN) (Version: 1.06 - Malwarebytes)
Filelight (HKLM-x32\...\Filelight) (Version: master-4ea9498 - KDE)
FileZilla Client 3.47.2.1 (HKLM-x32\...\FileZilla Client) (Version: 3.47.2.1 - Tim Kosse)
Find and Mount 2.32 (HKLM\...\Find and Mount_is1) (Version: 2.32 - A-FF Data Recovery)
Firma Electronica SII versión 1.4.1 (HKLM-x32\...\{A6B16D24-EF9D-40D6-8F4D-0D96AE815ACB}_is1) (Version: 1.4.1 - Servicio de Impuestos Internos)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 9.7.2.29539 - Foxit Software Inc.)
GameRanger (HKU\S-1-5-21-1198290506-3008176589-532644284-1006\...\GameRanger) (Version:  - GameRanger Technologies)
Git version 2.8.3 (HKLM\...\Git_is1) (Version: 2.8.3 - The Git Development Community)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 81.0.4044.122 - Google LLC)
Google Talk Plugin (HKLM-x32\...\{F9B579C2-D854-300A-BE62-A09EB9D722E4}) (Version: 5.41.3.0 - Google)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
Greenshot 1.2.10.6 (HKLM\...\Greenshot_is1) (Version: 1.2.10.6 - Greenshot)
Herramienta de descarga USB/DVD de Windows 7 (HKLM-x32\...\{266F443F-A296-406F-9EE8-DF4A1061C6CE}) (Version: 1.0.30 - Microsoft Corporation)
HiSuite (HKLM-x32\...\Hi Suite) (Version: 8.0.1.303 - Huawei Technologies Co.,Ltd)
HP LaserJet Professional P1100-P1560-P1600 Series (HKLM\...\HP LaserJet Professional P1100-P1560-P1600 Series) (Version:  - )
hppLaserJetService (HKLM-x32\...\{D371F551-0DB9-4CEC-844B-4C90CE91EA0B}) (Version: 001.001.0.0 - Hewlett-Packard) Hidden
hppP1100P1560P1600SeriesLaserJetService (HKLM-x32\...\{0E448256-D515-4C3E-A5BE-0A7B76CED5D4}) (Version: 001.001.0.0 - Hewlett-Packard) Hidden
HPSSupply (HKLM-x32\...\{7902E313-FF0F-4493-ACB1-A8147B78DCD0}) (Version: 2.1.1.0000 - Hewlett Packard Development Company L.P.)
iCare Data Recovery (HKLM-x32\...\{43D63B27-661F-428E-97B7-70D0604D28E8}_is1) (Version: 7.9.0 - iCare Recovery)
IIS 8.0 Express (HKLM\...\{AF5A2906-0FBB-41B5-AADC-FB6AA12A3973}) (Version: 8.0.1508 - Microsoft Corporation)
IIS Express Application Compatibility Database for x64 (HKLM\...\{9f4f4a9b-eec5-4906-92fe-d1f43ccf5c8d}.sdb) (Version:  - )
IIS Express Application Compatibility Database for x86 (HKLM\...\{fdfba1f3-74ae-4255-9c10-a0f552b4610f}.sdb) (Version:  - )
Inkscape 0.92.0 (HKLM-x32\...\Inkscape) (Version: 0.92.0 - Inkscape Project)
Intel® Hardware Accelerated Execution Manager (HKLM\...\{754CC9DC-3DB4-4FB2-B71E-87331DB9EA17}) (Version: 7.5.4 - Intel Corporation)
iTunes (HKLM\...\{9D0D2A8B-7E7B-4D88-8D50-24286ED6A5EB}) (Version: 12.5.5.5 - Apple Inc.)
Java 8 Update 111 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180111F0}) (Version: 8.0.1110.14 - Oracle Corporation)
Java SE Development Kit 8 Update 74 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180740}) (Version: 8.0.740.2 - Oracle Corporation)
Jihosoft File Recovery versión 7.3 (HKLM-x32\...\{D2374CA9-88C6-42C9-A4D7-245D5D06D909}_is1) (Version: 7.3 - HONGKONG JIHO CO., LIMITED)
JPEGminiPro (HKLM-x32\...\{BDA5035A-6D14-4F36-B6D6-B569D3019259}) (Version: 1.9.7.3 - Beamr Imaging LTD)
LEGO MINDSTORMS NXT Driver for x64 (HKLM\...\{89C4C60E-490D-43D1-A4EE-92877306DEC3}) (Version: 1.17.769 - LEGO)
LogMeIn Hamachi (HKLM-x32\...\{ECC0FA07-863E-44BC-8B1D-DA22F96E5FB7}) (Version: 2.2.0.633 - LogMeIn, Inc.) Hidden
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.633 - LogMeIn, Inc.)
Machete Lite 4.5 (HKLM-x32\...\{9CAD3C91-3257-485E-A054-1A553E4502D1}) (Version: 4.5.11 - MacheteSoft)
Malwarebytes version 4.1.0.56 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.1.0.56 - Malwarebytes)
MarketResearch (HKLM-x32\...\{175F0111-2968-4935-8F70-33108C6A4DE3}) (Version: 130.0.374.000 - Hewlett-Packard) Hidden
Microsoft Access database engine 2010 (English) (HKLM-x32\...\{90140000-00D1-0409-0000-0000000FF1CE}) (Version: 14.0.6029.1000 - Microsoft Corporation)
Microsoft Age of Empires II (HKLM-x32\...\Age of Empires 2.0) (Version:  - )
Microsoft Age of Empires II: The Conquerors Expansion (HKLM-x32\...\Age of Empires II: The Conquerors Expansion 1.0) (Version:  - )
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUSR) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1198290506-3008176589-532644284-1006\...\OneDriveSetup.exe) (Version: 19.232.1124.0012 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{402ED4A1-8F5B-387A-8688-997ABF58B8F2}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x64 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.23.27820 (HKLM-x32\...\{852adda4-4c78-4a38-b583-c0b360a329d6}) (Version: 14.23.27820.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.24.28127 (HKLM-x32\...\{282975d8-55fe-4991-bbbb-06a72581ce58}) (Version: 14.24.28127.4 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.24.28127 (HKLM-x32\...\{e31cb1a4-76b5-46a5-a084-3fa419e82201}) (Version: 14.24.28127.4 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.12.25810 (HKLM-x32\...\{e2ee15e2-a480-4bc5-bfb7-e9803d1d9823}) (Version: 14.12.25810.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.16.27033 (HKLM-x32\...\{cc3a7c63-31fb-4129-9024-63ebefd86a95}) (Version: 14.16.27033.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.12.25810 (HKLM-x32\...\{56e11d69-7cc9-40a5-a4f9-8f6190c4d84d}) (Version: 14.12.25810.0 - Microsoft Corporation)
Microsoft Visual C++ Compiler Package for Python 2.7 (HKLM-x32\...\{692514A8-5484-45FC-B0AE-BE2DF7A75891}) (Version: 9.0.1.30729 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{449EFED6-5F86-4428-8EB2-3DA1F6E67CE4}) (Version: 1.20.146.0 - Microsoft)
Minecraft Launcher (HKLM-x32\...\{E15F69FA-660D-45CC-B28F-6CBC4CAD2091}) (Version: 1.0.0.0 - Mojang)
mitmproxy (HKLM-x32\...\mitmproxy 5.0.1) (Version: 5.0.1 - mitmproxy.org)
Mobile Broadband HL Service (HKLM-x32\...\Mobile Broadband HL Service) (Version: 22.001.29.00.03 - Huawei Technologies Co.,Ltd)
MotioninJoy Gamepad tool 0.7.1001 (HKLM\...\{330DAC67-5B62-452A-A0E4-6B4A5923940F}_is1) (Version: 0.7.1001 - www.motioninjoy.com)
Mozilla Firefox 76.0 (x64 es-CL) (HKLM\...\Mozilla Firefox 76.0 (x64 es-CL)) (Version: 76.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 57.0 - Mozilla)
MPC-HC 1.7.13 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.7.13 - MPC-HC Team)
NEF to JPG (HKLM-x32\...\{13D87B39-2A3B-4675-A0D9-B8B01EA2F8E3}_is1) (Version:  - neftojpg.com)
NetBeans IDE 8.2 (HKLM\...\nbi-nb-base-8.2.0.0.201609300101) (Version: 8.2 - NetBeans.org)
Nik Collection (HKLM-x32\...\Nik Collection) (Version: 1.2.11 - Google)
Node.js (HKLM\...\{84F68739-3B44-4D36-ABDB-2151A23C9C3D}) (Version: 6.10.0 - Node.js Foundation)
Npcap (HKLM-x32\...\NpcapInst) (Version: 0.9986 - Nmap Project)
NVIDIA Software del sistema PhysX 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 20.1.0 - OBS Project)
OpenShot Video Editor versión 2.4.3 (HKLM\...\{4BB0DCDC-BC24-49EC-8937-72956C33A470}_is1) (Version: 2.4.3 - OpenShot Studios, LLC)
OpenVPN Connect (HKLM-x32\...\{4B477462-6FF2-49EE-8810-2F9B58741460}) (Version: 2.7.1.101 - OpenVPN Technologies)
Oracle VM VirtualBox 5.0.16 (HKLM\...\{F2E958A1-9215-4C7D-9A2E-F0740B8CA5B7}) (Version: 5.0.16 - Oracle Corporation)
Outils de vérification linguistique 2013 de Microsoft Office - Français (HKLM\...\{90150000-001F-040C-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Panda Cloud Cleaner (HKLM-x32\...\{92B2B132-C7F0-43DC-921A-4493C04F78A4}_is1) (Version: 1.1.10 - Panda Security)
Panel de control de NVIDIA 376.54 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 376.54 - NVIDIA Corporation) Hidden
Paquete de controladores de Windows - Google, Inc. (WinUSB) AndroidUsbDeviceClass  (08/27/2012 7.0.0000.00004) (HKLM\...\BE156A27AFEAEA39D6A7C9D25CFA8DAFAF91756B) (Version: 08/27/2012 7.0.0000.00004 - Google, Inc.)
Paquete de controladores de Windows - Google, Inc. (WinUSB) AndroidUsbDeviceClass  (08/27/2012 7.0.0000.00004) (HKLM\...\D43FD4059F47ACA9539247D6CF690AAEA503AF2D) (Version: 08/27/2012 7.0.0000.00004 - Google, Inc.)
Paquete de controladores de Windows - Google, Inc. (WinUSB) AndroidUsbDeviceClass  (08/28/2014 11.0.0000.00000) (HKLM\...\092555911492C6959D2596D612F52DCA71881CA2) (Version: 08/28/2014 11.0.0000.00000 - Google, Inc.)
Paquete de controladores de Windows - SAMSUNG Electronics Co., Ltd.  (dg_ssudbus) USB  (12/02/2015 2.12.1.0) (HKLM\...\85A33267F12961AF9ED9AE799DEDA5E62BEA236F) (Version: 12/02/2015 2.12.1.0 - SAMSUNG Electronics Co., Ltd. )
Paquete de controladores de Windows - SAMSUNG Electronics Co., Ltd.  (ssudmdm) Modem  (12/02/2015 2.12.1.0) (HKLM\...\88ED314360B98E6E82E7CC3201FAEB4A9FD291B4) (Version: 12/02/2015 2.12.1.0 - SAMSUNG Electronics Co., Ltd. )
Paquete de idioma de Microsoft Visual Studio 2010 Tools para Office Runtime (x64) - ESN (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - ESN) (Version: 10.0.50903 - Microsoft Corporation)
ParticleShop - Core (HKLM\...\{08E7567C-74B3-4956-B575-F55BFCC77C31}) (Version: 1.3 - Corel Corporation) Hidden
ParticleShop - IPM (HKLM\...\{9E99AA1D-F1DC-442D-B9D9-8DD3EE529AE9}) (Version: 1.3 - Corel Corporation) Hidden
ParticleShop - IPM Content (HKLM\...\{67BDB811-383B-4D2B-870E-F27D2511F200}) (Version: 1.3 - Corel Corporation) Hidden
ParticleShop (HKLM\...\_{6F224046-E164-4B78-9867-3AE494271D29}) (Version: 1.3.0.570 - Corel Corporation)
ParticleShop (HKLM\...\{6F224046-E164-4B78-9867-3AE494271D29}) (Version: 1.3 - Corel Corporation) Hidden
ParticleShop (HKLM\...\{D4F483F8-71F1-457F-AB1B-31C61529B658}) (Version: 1.3 - Corel Corporation) Hidden
PDF Booklet Creator (HKLM-x32\...\{2B24D83D-49B8-4F30-A8D8-F233121FB639}) (Version: 1.1.0.0 - opensource.marten.dk)
PhoneGap Desktop version 0.4.5 (HKLM-x32\...\com.adobe.phonegap.desktop_is1) (Version: 0.4.5 - Adobe Inc.)
PIPP 2.5.9 (HKLM\...\PIPP) (Version: 2.5.9 - Chris Garry)
PixInsight (HKLM\...\{89FF21A3-FA74-4ACD-BDCF-8817790F5807}) (Version: 1.8.5.1353 - Pleiades Astrophoto) Hidden
PixInsight (HKLM-x32\...\PixInsight 1.8.5.1353) (Version: 1.8.5.1353 - Pleiades Astrophoto)
Popcorn Time Community (HKLM-x32\...\{F9BC7890-4FE5-4391-8C59-CD0C556EF115}) (Version: 0.4.0 - YTS.ph) <==== ATENCIÓN
Pro Evolution Soccer 2019 version final (HKLM-x32\...\Pro Evolution Soccer 2019_is1) (Version: final - The)
Progress Telerik Fiddler (HKU\S-1-5-21-1198290506-3008176589-532644284-1006\...\Fiddler2) (Version: 5.0.20194.41348 - Progress Software EAD)
Python 2.7.11 (64-bit) (HKLM\...\{16E52445-1392-469F-9ADB-FC03AF00CD62}) (Version: 2.7.11150 - Python Software Foundation)
Python 3.4.4 (64-bit) (HKLM\...\{56ebf7cf-f2b2-30ed-9de5-307fc2ce3449}) (Version: 3.4.4150 - Python Software Foundation)
Python 3.6.3 Core Interpreter (64-bit) (HKLM\...\{5CAB3F9C-AC0C-4796-984C-292FF82FB112}) (Version: 3.6.3150.0 - Python Software Foundation) Hidden
Python 3.6.3 Development Libraries (64-bit) (HKLM\...\{B6B221CE-20AA-46D6-8156-911613216968}) (Version: 3.6.3150.0 - Python Software Foundation) Hidden
Python 3.6.3 Documentation (64-bit) (HKLM\...\{404A8C42-6B82-4B32-AC7F-0583644A04F2}) (Version: 3.6.3150.0 - Python Software Foundation) Hidden
Python 3.6.3 Executables (64-bit) (HKLM\...\{D3ABC2C4-85AF-4AFD-94D4-F2B84F49BFEA}) (Version: 3.6.3150.0 - Python Software Foundation) Hidden
Python 3.6.3 pip Bootstrap (64-bit) (HKLM\...\{48EC8399-294B-40F5-8274-E2AFBF0CFCBE}) (Version: 3.6.3150.0 - Python Software Foundation) Hidden
Python 3.6.3 Standard Library (64-bit) (HKLM\...\{60B3332C-989F-4609-8D4F-7B1FD1DB0A5D}) (Version: 3.6.3150.0 - Python Software Foundation) Hidden
Python 3.6.3 Tcl/Tk Support (64-bit) (HKLM\...\{8FE3FFD1-2F7E-4EBB-A4B7-627E279DA70E}) (Version: 3.6.3150.0 - Python Software Foundation) Hidden
Python 3.6.3 Test Suite (64-bit) (HKLM\...\{2C6B5217-ACF4-4082-B19C-3463C9340E41}) (Version: 3.6.3150.0 - Python Software Foundation) Hidden
Python 3.6.3 Utility Scripts (64-bit) (HKLM\...\{E3F016B8-A524-4F97-9095-944C31A971E0}) (Version: 3.6.3150.0 - Python Software Foundation) Hidden
Python 3.8.1 (32-bit) (HKU\S-1-5-21-1198290506-3008176589-532644284-1006\...\{4e3c79d9-fd08-4d23-ba50-d6f19553b0ee}) (Version: 3.8.1150.0 - Python Software Foundation)
Python Launcher (HKLM-x32\...\{C093353B-F9EE-4A06-923D-C1B340B82886}) (Version: 3.6.6119.0 - Python Software Foundation)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10586.31222 - Realtek Semiconduct Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.52 - Piriform)
Registro de usuario de Canon MG2400 series (HKLM-x32\...\Registro de usuario de Canon MG2400 series) (Version:  - ‭Canon Inc.)
ReiBoot for Android  (HKLM-x32\...\ReiBoot for Android) (Version:  - Tenorshare, Inc.)
Revisores de Texto do Microsoft Office 2013 – Português do Brasil (HKLM\...\{90150000-001F-0416-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.24.0 - SAMSUNG Electronics Co., Ltd.)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version:  - Microsoft)
SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 7.1.0280 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController) (Version: 2.11.4.0 - NVIDIA Corporation) Hidden
Spark AR Studio (HKLM\...\{9EEB1ED3-06FA-4520-AD02-0FC08EDAE28D}) (Version: 82.0.16 - Facebook Inc.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Stellarium 0.19.1.17131 (HKLM\...\Stellarium_is1) (Version: 0.19.1.17131 - Stellarium team)
Sublime Text 3 (HKLM\...\Sublime Text 3_is1) (Version:  - Sublime HQ Pty Ltd)
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.2.2756 - TeamViewer)
Transmission-Qt (HKLM\...\Transmission-Qt) (Version: 2.84.6 - Transmission)
TreeSize Free V4.0.3 (HKLM-x32\...\TreeSize Free_is1) (Version: 4.0.3 - JAM Software)
Universal Adb Driver (HKLM-x32\...\{C0E08D8D-6076-4117-B644-2AF34F35B757}) (Version: 1.0.4 - ClockworkMod)
Update for Skype for Business 2015 (KB4475564) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{CD0EE05F-11E6-46FA-BB7B-D2A28C47A4F3}) (Version:  - Microsoft)
Update for Skype for Business 2015 (KB4475564) 64-Bit Edition (HKLM\...\{90150000-012B-0C0A-1000-0000000FF1CE}_Office15.PROPLUSR_{CD0EE05F-11E6-46FA-BB7B-D2A28C47A4F3}) (Version:  - Microsoft)
Update for Skype for Business 2015 (KB4475564) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{CD0EE05F-11E6-46FA-BB7B-D2A28C47A4F3}) (Version:  - Microsoft)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden
Update for Windows 10 for x64-based Systems (KB4480730) (HKLM\...\{344F3227-F502-4219-9DC4-1967E586FAFA}) (Version: 2.51.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM\...\{F339C545-24DC-4870-AA32-6EB6B0500B95}) (Version: 1.24.0.0 - Microsoft Corporation) Hidden
Ut Video Codec Suite (HKLM\...\utvideo_is1) (Version: 16.1.0 - UMEZAWA Takeshi)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.0-git - VideoLAN)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.3 - VideoLAN)
Voicemeeter, The Virtual Mixing Console (HKLM-x32\...\VB:Voicemeeter {17359A74-1236-5467}) (Version:  - VB-Audio Software)
Vulkan Run Time Libraries 1.0.3.0 (HKLM\...\VulkanRT1.0.3.0) (Version: 1.0.3.0 - LunarG, Inc.)
WebTablet FB Plugin 32 bit (HKLM-x32\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.7 - Wacom Technology Corp.)
WebTablet FB Plugin 64 bit (HKLM\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.7 - Wacom Technology Corp.)
WebTorrent (HKU\S-1-5-21-1198290506-3008176589-532644284-1006\...\WebTorrent) (Version: 0.20.0 - WebTorrent, LLC)
Windows Setup Remediations (x64) (KB4023057) (HKLM\...\{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb) (Version:  - )
WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)
WinRAR 5.31 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH)
Wireshark 3.0.9 64-bit (HKLM-x32\...\Wireshark) (Version: 3.0.9 - The Wireshark developer community, hxxps://www.wireshark.org)
XAMPP (HKLM\...\xampp) (Version: 7.4.3-0 - Bitnami)
XAMPP (HKLM-x32\...\xampp) (Version: 7.2.9-0 - Bitnami)
ZAR X (HKLM\...\{85DA9B81-D7F9-4165-8E62-F776B57213F8}_is1) (Version:  - www.z-a-recovery.com)

Packages:
=========
Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.1.0.0_x64__tf1gferkr813w [2019-11-05] (Autodesk Inc.)
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.2.169.0_x64__rz1tebttyb220 [2020-04-19] (Dolby Laboratories)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-10] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-10] (Microsoft Corporation) [MS Ad]
Microsoft News: Noticias destacadas en español -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-23] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.6.4030.0_x64__8wekyb3d8bbwe [2020-04-16] (Microsoft Studios) [MS Ad]
MSN Deportes -> C:\Program Files\WindowsApps\Microsoft.BingSports_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-25] (Microsoft Corporation) [MS Ad]
MSN Dinero -> C:\Program Files\WindowsApps\Microsoft.BingFinance_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-23] (Microsoft Corporation) [MS Ad]
MSN El Tiempo -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-25] (Microsoft Corporation) [MS Ad]
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.131.703.0_x86__zpdnekdrzrea0 [2020-04-25] (Spotify AB) [Startup Task]

==================== Personalizado CLSID (Lista blanca): ==============

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

CustomCLSID: HKU\S-1-5-21-1198290506-3008176589-532644284-1006_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel(R) pGFX -> Intel Corporation)
ShellIconOverlayIdentifiers: [   AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} =>  -> Ningún archivo
ShellIconOverlayIdentifiers: [   AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} =>  -> Ningún archivo
ShellIconOverlayIdentifiers: [   AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} =>  -> Ningún archivo
ShellIconOverlayIdentifiers: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} =>  -> Ningún archivo
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} =>  -> Ningún archivo
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} =>  -> Ningún archivo
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2020-04-19] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers-x32: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} =>  -> Ningún archivo
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} =>  -> Ningún archivo
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} =>  -> Ningún archivo
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2020-04-19] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> Ningún archivo
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\ConvertToPDFShellExtension_x64.dll [2020-04-09] (FOXIT SOFTWARE INC. -> Foxit Software Inc.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-02-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-02-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2020-04-19] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers3-x32: [FAExt] -> {05672D66-9736-42F5-8BEB-FA1DD3CA51C4} => C:\Program Files (x86)\FileASSASSIN\FileASSASSINExt.dll [2007-03-30] (Malwarebytes) [Archivo no firmado]
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} =>  -> Ningún archivo
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} =>  -> Ningún archivo
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> Ningún archivo
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2016-05-03] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2016-12-29] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} =>  -> Ningún archivo
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2020-04-19] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> Ningún archivo
ContextMenuHandlers6: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\ConvertToPDFShellExtension_x64.dll [2020-04-09] (FOXIT SOFTWARE INC. -> Foxit Software Inc.)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-02-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-02-03] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Lista blanca) ====================

(Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.)

HKLM\...\Drivers32: [VIDC.ULRA] => C:\WINDOWS\system32\utv_vcm.dll [132608 2016-05-03] () [Archivo no firmado]
HKLM\...\Drivers32: [VIDC.ULRG] => C:\WINDOWS\system32\utv_vcm.dll [132608 2016-05-03] () [Archivo no firmado]
HKLM\...\Drivers32: [VIDC.ULY0] => C:\WINDOWS\system32\utv_vcm.dll [132608 2016-05-03] () [Archivo no firmado]
HKLM\...\Drivers32: [VIDC.ULY2] => C:\WINDOWS\system32\utv_vcm.dll [132608 2016-05-03] () [Archivo no firmado]
HKLM\...\Drivers32: [VIDC.ULH0] => C:\WINDOWS\system32\utv_vcm.dll [132608 2016-05-03] () [Archivo no firmado]
HKLM\...\Drivers32: [VIDC.ULH2] => C:\WINDOWS\system32\utv_vcm.dll [132608 2016-05-03] () [Archivo no firmado]
HKLM\...\Drivers32: [VIDC.UQY2] => C:\WINDOWS\system32\utv_vcm.dll [132608 2016-05-03] () [Archivo no firmado]
HKLM\...\Drivers32: [VIDC.UQRG] => C:\WINDOWS\system32\utv_vcm.dll [132608 2016-05-03] () [Archivo no firmado]
HKLM\...\Drivers32: [VIDC.UQRA] => C:\WINDOWS\system32\utv_vcm.dll [132608 2016-05-03] () [Archivo no firmado]
HKLM\...\Drivers32: [VIDC.ULRA] => C:\WINDOWS\system32\utv_vcm.dll [132608 2016-05-03] () [Archivo no firmado]
HKLM\...\Drivers32: [VIDC.ULRG] => C:\WINDOWS\system32\utv_vcm.dll [132608 2016-05-03] () [Archivo no firmado]
HKLM\...\Drivers32: [VIDC.ULY0] => C:\WINDOWS\system32\utv_vcm.dll [132608 2016-05-03] () [Archivo no firmado]
HKLM\...\Drivers32: [VIDC.ULY2] => C:\WINDOWS\system32\utv_vcm.dll [132608 2016-05-03] () [Archivo no firmado]
HKLM\...\Drivers32: [VIDC.ULH0] => C:\WINDOWS\system32\utv_vcm.dll [132608 2016-05-03] () [Archivo no firmado]
HKLM\...\Drivers32: [VIDC.ULH2] => C:\WINDOWS\system32\utv_vcm.dll [132608 2016-05-03] () [Archivo no firmado]
HKLM\...\Drivers32: [VIDC.UQY2] => C:\WINDOWS\system32\utv_vcm.dll [132608 2016-05-03] () [Archivo no firmado]
HKLM\...\Drivers32: [VIDC.UQRG] => C:\WINDOWS\system32\utv_vcm.dll [132608 2016-05-03] () [Archivo no firmado]
HKLM\...\Drivers32: [VIDC.UQRA] => C:\WINDOWS\system32\utv_vcm.dll [132608 2016-05-03] () [Archivo no firmado]

==================== Accesos directos & WMI ========================

(Las entradas pueden ser listadas para ser restauradas o eliminadas.)

ShortcutWithArgument: C:\Users\Not\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ruby 2.3.3-p222-x64\Start Command Prompt with Ruby.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /E:ON /K C:\Ruby23-x64\bin\setrbvars.bat
ShortcutWithArgument: C:\Users\Not\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Visual C++ Compiler Package for Python 2.7\Visual C++ 2008 32-bit Command Prompt.lnk -> C:\Windows\SysWOW64\cmd.exe (Microsoft Corporation) -> /k ""C:\Users\Note\AppData\Local\Programs\Common\Microsoft\Visual C++ for Python\9.0\vcvarsall.bat" x86"
ShortcutWithArgument: C:\Users\Not\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Visual C++ Compiler Package for Python 2.7\Visual C++ 2008 64-bit Command Prompt.lnk -> C:\Windows\SysWOW64\cmd.exe (Microsoft Corporation) -> /k ""C:\Users\Note\AppData\Local\Programs\Common\Microsoft\Visual C++ for Python\9.0\vcvarsall.bat" amd64"
ShortcutWithArgument: C:\Users\Not\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Visual C++ Compiler Package for Python 2.7\Visual C++ 2008 64-bit Cross Tools Command Prompt.lnk -> C:\Windows\SysWOW64\cmd.exe (Microsoft Corporation) -> /k ""C:\Users\Note\AppData\Local\Programs\Common\Microsoft\Visual C++ for Python\9.0\vcvarsall.bat" x86_amd64"
ShortcutWithArgument: C:\Users\Not\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\Advanced REST client.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) ->  --profile-directory=Default --app-id=hgmloofddffdnphfgcellkdfbfbjeloo

==================== Módulos cargados (Lista blanca) =============

2016-12-17 20:44 - 2016-12-17 20:44 - 000091648 _____ () [Archivo no firmado] C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\_ctypes.pyd
2016-12-17 20:46 - 2016-12-17 20:46 - 001016832 _____ () [Archivo no firmado] C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\_hashlib.pyd
2016-12-17 20:45 - 2016-12-17 20:45 - 000046592 _____ () [Archivo no firmado] C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\_socket.pyd
2016-12-17 20:45 - 2016-12-17 20:45 - 001410048 _____ () [Archivo no firmado] C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\_ssl.pyd
2019-02-26 07:54 - 2019-02-26 07:54 - 000061952 _____ () [Archivo no firmado] C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\OpenSSL.crypto.pyd
2019-02-26 07:54 - 2019-02-26 07:54 - 000009728 _____ () [Archivo no firmado] C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\OpenSSL.rand.pyd
2019-02-26 07:54 - 2019-02-26 07:54 - 000039936 _____ () [Archivo no firmado] C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\OpenSSL.SSL.pyd
2016-12-17 20:44 - 2016-12-17 20:44 - 000136704 _____ () [Archivo no firmado] C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\pyexpat.pyd
2019-02-26 07:54 - 2019-02-26 07:54 - 000006656 _____ () [Archivo no firmado] C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\pyovpnc.pyd
2018-08-07 08:41 - 2018-08-07 08:41 - 000397824 _____ () [Archivo no firmado] C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\pythoncom27.dll
2018-08-07 08:41 - 2018-08-07 08:41 - 000110592 _____ () [Archivo no firmado] C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\pywintypes27.dll
2016-12-17 20:44 - 2016-12-17 20:44 - 000010240 _____ () [Archivo no firmado] C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\select.pyd
2018-08-07 08:41 - 2018-08-07 08:41 - 000027648 _____ () [Archivo no firmado] C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\servicemanager.pyd
2019-02-26 07:54 - 2019-02-26 07:54 - 000007168 _____ () [Archivo no firmado] C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\twisted.protocols._c_urlarg.pyd
2016-12-17 20:44 - 2016-12-17 20:44 - 000687104 _____ () [Archivo no firmado] C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\unicodedata.pyd
2018-08-07 08:41 - 2018-08-07 08:41 - 000100864 _____ () [Archivo no firmado] C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\win32api.pyd
2018-08-07 08:41 - 2018-08-07 08:41 - 000381952 _____ () [Archivo no firmado] C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\win32com.shell.shell.pyd
2018-08-07 08:41 - 2018-08-07 08:41 - 000018432 _____ () [Archivo no firmado] C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\win32event.pyd
2018-08-07 08:41 - 2018-08-07 08:41 - 000119808 _____ () [Archivo no firmado] C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\win32file.pyd
2018-08-07 08:41 - 2018-08-07 08:41 - 000024064 _____ () [Archivo no firmado] C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\win32pipe.pyd
2018-08-07 08:41 - 2018-08-07 08:41 - 000036864 _____ () [Archivo no firmado] C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\win32process.pyd
2018-08-07 08:41 - 2018-08-07 08:41 - 000017408 _____ () [Archivo no firmado] C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\win32profile.pyd
2018-08-07 08:41 - 2018-08-07 08:41 - 000108544 _____ () [Archivo no firmado] C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\win32security.pyd
2018-08-07 08:41 - 2018-08-07 08:41 - 000042496 _____ () [Archivo no firmado] C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\win32service.pyd
2018-08-07 08:41 - 2018-08-07 08:41 - 000022528 _____ () [Archivo no firmado] C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\win32ts.pyd
2019-02-26 07:54 - 2019-02-26 07:54 - 000019456 _____ () [Archivo no firmado] C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\zope.interface._zope_interface_coptimizations.pyd
2009-06-25 09:27 - 2009-06-25 09:27 - 000541184 _____ (Marvell Semiconductor, Inc.) [Archivo no firmado] C:\WINDOWS\System32\mvtcpmon.dll
2009-06-25 09:25 - 2009-06-25 09:25 - 000144896 _____ (OpenSLP) [Archivo no firmado] C:\WINDOWS\System32\slp64.dll
2016-12-17 20:43 - 2016-12-17 20:43 - 002639872 _____ (Python Software Foundation) [Archivo no firmado] C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\PYTHON27.DLL
2020-02-24 16:47 - 2020-02-24 16:47 - 007088640 _____ (Python Software Foundation) [Archivo no firmado] C:\Program Files\Sublime Text 3\python33.dll
2016-03-11 12:46 - 2007-09-18 15:44 - 000421888 _____ (SEIKO EPSON CORPORATION) [Archivo no firmado] C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBIPDev.dll
2016-03-11 12:46 - 2007-09-10 14:03 - 000110592 _____ (SEIKO EPSON CORPORATION) [Archivo no firmado] C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBLPBidiDev.dll
2016-03-11 12:46 - 2006-12-26 13:58 - 000233544 _____ (SEIKO EPSON CORPORATION) [Archivo no firmado] C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBMSDev.dll
2016-03-11 12:46 - 2004-11-17 15:56 - 000286720 _____ (SEIKO EPSON CORPORATION) [Archivo no firmado] C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBNWDev.dll
2016-03-11 12:46 - 2007-09-10 14:32 - 000135168 _____ (SEIKO EPSON CORPORATION) [Archivo no firmado] C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBRSVC.dll
2016-03-11 12:46 - 2006-08-30 00:02 - 000106496 _____ (SEIKO EPSON CORPORATION) [Archivo no firmado] C:\Program Files (x86)\Common Files\EPSON\EBAPI\epLocalBidi.dll
2016-03-11 12:43 - 2010-09-13 14:00 - 000558592 _____ (SEIKO EPSON CORPORATION) [Archivo no firmado] C:\WINDOWS\System32\enppmon.dll
2016-03-11 12:43 - 2008-05-14 18:22 - 000252416 _____ (SEIKO EPSON CORPORATION) [Archivo no firmado] C:\WINDOWS\System32\enpres.dll
2019-02-26 07:53 - 2019-02-26 07:53 - 001258496 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Archivo no firmado] C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\LIBEAY32.dll
2019-02-26 07:53 - 2019-02-26 07:53 - 000274432 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Archivo no firmado] C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\SSLEAY32.dll

==================== Alternate Data Streams (Lista blanca) ========

(Si una entrada es incluida en el fixlist, solamente los ADS serán eliminados.)

AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxlctlfudivq`qsp`29hfm [0]

==================== Modo Seguro (Lista blanca) ==================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El "AlternateShell" será restaurado.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Asociación (Lista blanca) =================

(Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado.)

HKU\S-1-5-21-1198290506-3008176589-532644284-1006\Software\Classes\exefile:  <==== ATENCIÓN
HKU\S-1-5-21-1198290506-3008176589-532644284-1006\Software\Classes\.exe: exefile =>  <==== ATENCIÓN

==================== Internet Explorer sitios de confianza/restringidos ==========

==================== Hosts contenido: =========================

(Si es necesario, la directiva Hosts: puede ser incluida en el fixlist para restablecer Hosts.)

2015-10-30 03:24 - 2019-09-05 21:20 - 000001263 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 lmlicenses.wip4.adobe.com
127.0.0.1 lm.licenses.adobe.com
127.0.0.1                   activate.adobe.com
127.0.0.1                   practivate.adobe.com
127.0.0.1                   na1r.services.adobe.com
127.0.0.1                   hlrcv.stage.adobe.com
127.94.0.1	client.openvpn.net
127.0.0.1                   pixinsight.com

2018-04-25 10:10 - 2020-04-02 16:27 - 000000602 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
407
192.168.137.1 DESKTOP.mshome.net # 2025 3 3 26 19 59 55 631
13 3 115

==================== Otras Áreas ===========================

(Actualmente no existe una corrección automática para esta sección.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\Git\cmd;C:\xampp\php;C:\ProgramData\ComposerSetup\bin;C:\Program Files\Java\jdk1.8.0_74/bin;C:\Users\Note\AppData\Roaming\Composer\vendor\bin;C:\Users\Note\AppData\Roaming\npm;C:\python27\Scripts;C:\adb;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\nodejs\;C:\VXIPNP\WinNT\Bin;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-1198290506-3008176589-532644284-1006\Control Panel\Desktop\\Wallpaper -> 
DNS Servers: El medio no está conectado a internet.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Firewall de Windows está deshabilitado.

Network Binding:
=============
Ethernet 4: Conmutador virtual extensible para Hyper-V -> vms_pp (disabled) 
Ethernet 4: Npcap Packet Driver (NPCAP) -> INSECURE_NPCAP (enabled) 
Ethernet 4: Npcap Packet Driver (NPCAP) (Wi-Fi) -> INSECURE_NPCAP_WIFI (enabled) 
Ethernet 4: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled) 
Ethernet 2: Npcap Packet Driver (NPCAP) (Wi-Fi) -> INSECURE_NPCAP_WIFI (enabled) 
Ethernet 2: Npcap Packet Driver (NPCAP) -> INSECURE_NPCAP (enabled) 
Ethernet 2: Conmutador virtual extensible para Hyper-V -> vms_pp (disabled) 
Ethernet 2: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled) 
Wi-Fi: Conmutador virtual extensible para Hyper-V -> vms_pp (disabled) 
Wi-Fi: Npcap Packet Driver (NPCAP) -> INSECURE_NPCAP (enabled) 
Wi-Fi: Npcap Packet Driver (NPCAP) (Wi-Fi) -> INSECURE_NPCAP_WIFI (enabled) 
Wi-Fi: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled) 
Ethernet: Npcap Packet Driver (NPCAP) -> INSECURE_NPCAP (enabled) 
Ethernet: Npcap Packet Driver (NPCAP) (Wi-Fi) -> INSECURE_NPCAP_WIFI (enabled) 
Ethernet: Conmutador virtual extensible para Hyper-V -> vms_pp (disabled) 
Ethernet: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled) 

==================== MSCONFIG/TASK MANAGER elementos deshabilitados ==

(Si una entrada es incluida en el fixlist, será eliminada.)

HKLM\...\StartupApproved\StartupFolder: => "OpenVPN Connect.lnk"
HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "ETDCtrl"
HKLM\...\StartupApproved\Run: => "ShadowPlay"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run: => "WindowsDefender"
HKLM\...\StartupApproved\Run: => "XboxStat"
HKLM\...\StartupApproved\Run: => "MouseDriver"
HKLM\...\StartupApproved\Run32: => "Dropbox"
HKLM\...\StartupApproved\Run32: => "LogMeIn Hamachi Ui"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "EEventManager"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKLM\...\StartupApproved\Run32: => "CanonQuickMenu"
HKLM\...\StartupApproved\Run32: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "AdobeGCInvoker-1.0"
HKU\S-1-5-21-1198290506-3008176589-532644284-1006\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1198290506-3008176589-532644284-1006\...\StartupApproved\Run: => "Combin"
HKU\S-1-5-21-1198290506-3008176589-532644284-1006\...\StartupApproved\Run: => "EPLTarget\P0000000000000000"
HKU\S-1-5-21-1198290506-3008176589-532644284-1006\...\StartupApproved\Run: => "OneDriveSetup"
==================== Reglas de firewall (Lista blanca) ================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

FirewallRules: [UDP Query User{B74562E5-02AB-4CDF-B65B-1DCCBCD86D9D}F:\aoe2\age2_x1.exe] => (Block) F:\aoe2\age2_x1.exe (Microsoft Corporation) [Archivo no firmado]
FirewallRules: [TCP Query User{775171F2-F840-4BB0-B77B-86D67E208677}F:\aoe2\age2_x1.exe] => (Block) F:\aoe2\age2_x1.exe (Microsoft Corporation) [Archivo no firmado]
FirewallRules: [UDP Query User{55E74CE9-4B7F-4864-81AB-06985D3C9A9A}C:\program files\filezilla ftp client\filezilla.exe] => (Allow) C:\program files\filezilla ftp client\filezilla.exe (Tim Kosse -> FileZilla Project)
FirewallRules: [TCP Query User{527D35CB-66D6-4B33-A34D-2DDD7FC55447}C:\program files\filezilla ftp client\filezilla.exe] => (Allow) C:\program files\filezilla ftp client\filezilla.exe (Tim Kosse -> FileZilla Project)
FirewallRules: [{7DE0913F-52CF-4266-B1A8-619BBC5C2DC4}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{CCF17016-A19A-40B9-A950-8D319B215222}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{A7D26686-8841-4A8C-A182-6D4E193C596F}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{52F9EA1F-BCD8-4982-8FA2-E03931DF1779}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{53EDC532-D381-4A18-8E47-DA81771AA9EC}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{B598367F-40C5-4E16-B6CC-0823DBCD4A78}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{1CE07FF1-2838-4FA3-A0E8-940C61D727BF}C:\python27\pokemongo-bot\scripts\python.exe] => (Block) C:\python27\pokemongo-bot\scripts\python.exe () [Archivo no firmado]
FirewallRules: [TCP Query User{C24050B0-B3CE-4650-BF6A-C7D1A7CDA947}C:\python27\pokemongo-bot\scripts\python.exe] => (Block) C:\python27\pokemongo-bot\scripts\python.exe () [Archivo no firmado]
FirewallRules: [{1AFDB0B7-8D25-4038-9B8C-36D336253FDA}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{30B0F2B9-B1B3-4AEE-9421-0F053C1C7D5E}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{11A846E2-07C4-4DE0-B9B6-13A305169C34}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{412A9710-F4C2-4A1B-8037-A14682670482}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [UDP Query User{71AE0367-7BD1-4205-BD87-B5893318072D}C:\program files\nodejs\node.exe] => (Block) C:\program files\nodejs\node.exe (Node.js Foundation -> Node.js)
FirewallRules: [TCP Query User{0E4A70C5-9881-4A3D-AA3A-01678AD7E5A8}C:\program files\nodejs\node.exe] => (Block) C:\program files\nodejs\node.exe (Node.js Foundation -> Node.js)
FirewallRules: [UDP Query User{CB4057C8-D73B-4558-9BF4-2D7D3666399B}C:\program files (x86)\adobe\phonegap\phonegap desktop\phonegap.exe] => (Block) C:\program files (x86)\adobe\phonegap\phonegap desktop\phonegap.exe (GitHub, Inc.) [Archivo no firmado]
FirewallRules: [TCP Query User{5FED57D5-0BF5-468F-A0AF-487BA76CBF38}C:\program files (x86)\adobe\phonegap\phonegap desktop\phonegap.exe] => (Block) C:\program files (x86)\adobe\phonegap\phonegap desktop\phonegap.exe (GitHub, Inc.) [Archivo no firmado]
FirewallRules: [{94AC9BBC-42B0-4F54-8D37-0C6440E709C3}] => (Allow) LPort=427
FirewallRules: [{D956EA61-BCD6-4F23-BC66-0DA63589B801}] => (Allow) LPort=161
FirewallRules: [{761DBD1F-24D2-446B-930E-F429CDC134B3}] => (Allow) LPort=427
FirewallRules: [{EB6287E1-FFC4-4062-9C0B-B2F01BA9C8E7}] => (Allow) LPort=9100
FirewallRules: [UDP Query User{1F5BDC89-F220-4C9B-A33F-314F170A3C9F}C:\program files\transmission\transmission-qt.exe] => (Allow) C:\program files\transmission\transmission-qt.exe (Open Source Developer, René Berber -> Transmission Project) [Archivo no firmado]
FirewallRules: [TCP Query User{A8D8E5BF-E8E2-42A4-AF93-8C0360E4698D}C:\program files\transmission\transmission-qt.exe] => (Allow) C:\program files\transmission\transmission-qt.exe (Open Source Developer, René Berber -> Transmission Project) [Archivo no firmado]
FirewallRules: [UDP Query User{0D53992F-F426-4D66-891D-2F24B6B4B89F}C:\program files\java\jdk1.8.0_74\bin\java.exe] => (Block) C:\program files\java\jdk1.8.0_74\bin\java.exe
FirewallRules: [TCP Query User{9B68CA9F-8671-4814-86B7-E1C7E91C9ED6}C:\program files\java\jdk1.8.0_74\bin\java.exe] => (Block) C:\program files\java\jdk1.8.0_74\bin\java.exe
FirewallRules: [UDP Query User{A9308DF4-4B95-49C3-AEB1-5359248037B9}C:\program files\android\android studio\bin\studio64.exe] => (Allow) C:\program files\android\android studio\bin\studio64.exe (Google LLC -> JetBrains s.r.o.)
FirewallRules: [TCP Query User{6F11201B-CCE3-4966-8753-BCC756C06702}C:\program files\android\android studio\bin\studio64.exe] => (Allow) C:\program files\android\android studio\bin\studio64.exe (Google LLC -> JetBrains s.r.o.)
FirewallRules: [UDP Query User{D64ED62B-9742-4894-9EFF-3893E98A60C8}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe (Apache Software Foundation) [Archivo no firmado]
FirewallRules: [TCP Query User{8E24F02F-4F63-4A13-8E87-1E23B4E7E877}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe (Apache Software Foundation) [Archivo no firmado]
FirewallRules: [UDP Query User{0F972AC4-5D22-4846-89D7-D07C10A2E6C8}C:\program files\oracle\virtualbox\virtualbox.exe] => (Block) C:\program files\oracle\virtualbox\virtualbox.exe (Oracle Corporation -> Oracle Corporation)
FirewallRules: [TCP Query User{67E31F7B-4EC0-447D-A8A0-7CE7E4DEE5EF}C:\program files\oracle\virtualbox\virtualbox.exe] => (Block) C:\program files\oracle\virtualbox\virtualbox.exe (Oracle Corporation -> Oracle Corporation)
FirewallRules: [UDP Query User{A813ADD1-AE11-4333-BECC-FBDDDA54E4F4}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Block) C:\program files (x86)\epson software\event manager\eeventmanager.exe (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
FirewallRules: [TCP Query User{0DA02172-5A0D-4542-94BB-F8E286A27DCD}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Block) C:\program files (x86)\epson software\event manager\eeventmanager.exe (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
FirewallRules: [{DE6C0143-F570-4B7F-8966-F461A6344D34}] => (Allow) C:\Program Files (x86)\TorrentsTime Media Player\bin\chromecast\node.exe Ningún archivo
FirewallRules: [{46A7EEEA-FF4D-4B7E-B8E3-5751E0C54502}] => (Allow) C:\Program Files (x86)\TorrentsTime Media Player\bin\chromecast\node.exe Ningún archivo
FirewallRules: [{097B6E5F-BA50-4D7D-882E-DA0F3EA4DD4D}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{0A72DDFB-FD2D-4FDA-8F8A-47B931DE3BBD}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{8D8E288C-3EFC-4E6D-A7D0-70279109068C}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{E98E53C0-41DF-4E2B-AD8E-16FD03CCD211}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{98FC6B5B-D1F7-4C49-A145-3492B0D6B5F1}] => (Allow) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe (LogMeIn, Inc. -> LogMeIn, Inc.)
FirewallRules: [{E4947E0F-E5E0-4797-A02D-BA627BD52065}] => (Allow) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe (LogMeIn, Inc. -> LogMeIn, Inc.)
FirewallRules: [{14C2FAAA-4089-4132-962C-349E733212FC}] => (Allow) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe (LogMeIn, Inc. -> LogMeIn, Inc.)
FirewallRules: [{A41A786A-801B-42D5-B98B-3F5D39194144}] => (Allow) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe (LogMeIn, Inc. -> LogMeIn, Inc.)
FirewallRules: [{09AEB9AB-7BE3-47A5-83B4-263A3FE76715}] => (Allow) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn, Inc. -> LogMeIn Inc.)
FirewallRules: [{3CF33C5F-1A25-441F-A341-61A060602CBA}] => (Allow) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn, Inc. -> LogMeIn Inc.)
FirewallRules: [{C3AB18ED-3A8A-449D-B6FB-A3ED8666D5F7}] => (Allow) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn, Inc. -> LogMeIn Inc.)
FirewallRules: [{26B8D4A3-3596-4CDA-AD90-7D727B63C505}] => (Allow) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn, Inc. -> LogMeIn Inc.)
FirewallRules: [UDP Query User{436A6555-4A1B-406E-A7A3-231D7CC03632}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [TCP Query User{892B2CAB-439D-46DB-A6D6-92FFEF9DC64E}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [UDP Query User{E45C6624-4D70-4D97-A5AF-F73B78D8BCCB}D:\age\age2_x1\age2_x1.exe] => (Allow) D:\age\age2_x1\age2_x1.exe Ningún archivo
FirewallRules: [TCP Query User{A50DB24A-BD74-4D31-80CD-078F55139F8B}D:\age\age2_x1\age2_x1.exe] => (Allow) D:\age\age2_x1\age2_x1.exe Ningún archivo
FirewallRules: [{D76D02D9-AA7C-46AC-9921-262A9278CB99}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{350AB384-3C6E-4CF6-A1DC-C847CC4B8DB6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{F985705C-1C81-405C-8EC3-B36B710ABA9E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{2FD89CE8-F901-41BA-80A6-BDEB1DA47454}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [TCP Query User{53B7AF07-4FD5-4E43-82C9-BE074E384C14}C:\ruby23-x64\bin\ruby.exe] => (Block) C:\ruby23-x64\bin\ruby.exe (hxxp://www.ruby-lang.org/) [Archivo no firmado]
FirewallRules: [UDP Query User{6F8EC937-E377-4689-A6FC-5BFB59949EA1}C:\ruby23-x64\bin\ruby.exe] => (Block) C:\ruby23-x64\bin\ruby.exe (hxxp://www.ruby-lang.org/) [Archivo no firmado]
FirewallRules: [{19B14FE7-939C-4806-ACA1-21B00E4991AC}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{B9C0030F-2BAC-4388-94A6-032B892C0EFC}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{C9927AA9-48D8-424C-812E-3BB366525A86}] => (Allow) C:\Program Files (x86)\Keenai Desktop\Keenai.Desktop.exe (Ricoh Innovations Corporation,Inc.) [Archivo no firmado]
FirewallRules: [{284C0D98-0C90-4D61-AEC5-EED0DC2D4C13}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{639672EC-9D0D-4455-A79B-108DB3A2349D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{25F04558-5C70-45D7-9E77-7AAEC330833A}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{E260B70E-68FF-44F9-9567-AC274D91C87D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [TCP Query User{845E5BDA-37F8-4F16-A530-14A8981FEAE0}C:\program files\openshot video editor\launch.exe] => (Allow) C:\program files\openshot video editor\launch.exe () [Archivo no firmado]
FirewallRules: [UDP Query User{6CA217D8-819D-4195-9063-36BF9AEE7161}C:\program files\openshot video editor\launch.exe] => (Allow) C:\program files\openshot video editor\launch.exe () [Archivo no firmado]
FirewallRules: [TCP Query User{2EC247EB-FB6C-4A38-A9B2-DA87C5B49C53}C:\program files (x86)\arduino\java\bin\javaw.exe] => (Allow) C:\program files (x86)\arduino\java\bin\javaw.exe
FirewallRules: [UDP Query User{40EB7D3E-1139-41E2-A87B-92797750C7C2}C:\program files (x86)\arduino\java\bin\javaw.exe] => (Allow) C:\program files (x86)\arduino\java\bin\javaw.exe
FirewallRules: [TCP Query User{1FCF834D-0070-462D-BCD5-FF4A64F42840}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [UDP Query User{06F1BE9D-A276-4AE5-B163-4069EA91235C}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [TCP Query User{D1312C57-6677-4E00-ACC1-8E168BC93147}C:\users\not\appdata\local\webtorrent\app-0.20.0\webtorrent.exe] => (Allow) C:\users\not\appdata\local\webtorrent\app-0.20.0\webtorrent.exe (WebTorrent LLC -> WebTorrent)
FirewallRules: [UDP Query User{375BD19E-FF95-40E7-BAFD-4B11EE8A993F}C:\users\not\appdata\local\webtorrent\app-0.20.0\webtorrent.exe] => (Allow) C:\users\not\appdata\local\webtorrent\app-0.20.0\webtorrent.exe (WebTorrent LLC -> WebTorrent)
FirewallRules: [{BDF6F16D-C591-40FE-A5DF-92067A75FCD2}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe Ningún archivo
FirewallRules: [{D3184526-C3E9-483C-BBD5-CD08450D71E5}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe Ningún archivo
FirewallRules: [{C5C0E0F2-2090-4087-9394-A9FE9BB58FAA}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{7251CB7F-892B-48A5-90CA-C74D6D261991}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{12AE513B-196D-4C26-9322-BF30B6C26088}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{5BBC453A-FB1F-44F2-8551-626D8C78ECA5}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{13D87226-33B8-4CC9-8618-77CD3D4DC573}] => (Allow) %systemroot%\system32\alg.exe Ningún archivo
FirewallRules: [{E9899B47-FA11-4396-8B34-BFB743C0C93B}] => (Allow) %systemroot%\system32\alg.exe Ningún archivo
FirewallRules: [{FD8C6909-72AC-4C99-834A-AF8B2BFF4CC8}] => (Allow) %systemroot%\system32\alg.exe Ningún archivo
FirewallRules: [{F017589A-36EE-4885-8FC6-26A784E075E6}] => (Allow) %systemroot%\system32\alg.exe Ningún archivo
FirewallRules: [{4516EC70-EBB6-4DFA-9E6C-B01A119EE299}] => (Allow) %systemroot%\system32\alg.exe Ningún archivo
FirewallRules: [{6B7C91BA-4AE9-4983-8574-02C4E7CAD746}] => (Allow) %systemroot%\system32\alg.exe Ningún archivo
FirewallRules: [{2C1E5A6B-F0EF-4485-90A7-B5B6F9B90C02}] => (Allow) %systemroot%\system32\alg.exe Ningún archivo
FirewallRules: [{D2318A37-8ACE-4089-86D4-9C5222B0F417}] => (Allow) %systemroot%\system32\alg.exe Ningún archivo
FirewallRules: [{C6A3A498-BB5A-4203-8FBC-1B73D5BE01C0}] => (Allow) %systemroot%\system32\alg.exe Ningún archivo
FirewallRules: [{5F3EFC21-D052-4888-ACBB-9F4ACF73D931}] => (Allow) C:\Users\Not\AppData\Local\Programs\Fiddler\Fiddler.exe (Progress Software Corporation -> Progress Software EAD)
FirewallRules: [{F91501D8-9B42-4FCF-B4A1-CD87458B5264}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [{9F34572A-507E-4E75-B737-BFE1174A7800}] => (Allow) F:\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{50E0BAE0-03B6-4782-AAE3-6CF26DD027D1}] => (Allow) F:\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{0D9CD907-8C8D-4ACD-845F-F4389B43AE94}] => (Allow) F:\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{19B55C3E-C8A8-4A7D-B7E7-E28E68AFBC89}] => (Allow) F:\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{DF1EB793-F83A-4962-8467-55D350BB3CAA}] => (Allow) F:\Steam\steamapps\common\Catan Universe\CatanUniverse.exe () [Archivo no firmado]
FirewallRules: [{417FACAA-C7C6-4CFE-816C-86B8759EC146}] => (Allow) F:\Steam\steamapps\common\Catan Universe\CatanUniverse.exe () [Archivo no firmado]
FirewallRules: [{46809869-A42D-41C6-83B5-ADEACBA4725E}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{60746A67-ED1E-4B40-B50F-CF2E2897D0A3}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.131.703.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{C316620D-F9E0-47D0-ADC7-1E6647C08E73}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.131.703.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{BD328574-23EE-4B1B-9035-51B955E71AD6}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.131.703.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{913527BB-7A54-4EDD-A841-27E401193D31}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.131.703.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{A2812442-13B1-4B3A-8F81-F225256A891F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.131.703.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{EE38D995-2031-4CCB-B994-BA67F693CB4E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.131.703.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{EDA07E75-3F51-4AAE-9F6C-FA0EF35FDE4D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.131.703.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{9049F1ED-9F59-4C00-ADFC-8D6874241E54}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.131.703.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)

==================== Puntos de Restauración =========================

18-04-2020 01:37:41 Punto de control programado
19-04-2020 19:23:20 JRT Pre-Junkware Removal
27-04-2020 13:13:54 AdwCleaner_BeforeCleaning_27/04/2020_13:13:47

==================== Dispositivos defectuosos en el Administrador de dispositivos ============

==================== Errores del registro de eventos: ========================

Errores de aplicación:
==================
Error: (04/27/2020 01:34:15 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Error del Servicio de instantáneas de volumen: error inesperado al llamar a la rutina QueryFullProcessImageNameW. HR = 0x80070006, Controlador no válido.
.


Operación:
   Ejecutando operación asincrónica

Contexto:
   Estado actual: DoSnapshotSet

Error: (04/27/2020 02:16:13 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Error del Servicio de instantáneas de volumen: error inesperado al llamar a la rutina CoCreateInstance. HR = 0x8007045b, Se está cerrando el sistema.
.

Error: (04/27/2020 02:16:13 AM) (Source: VSS) (EventID: 13) (User: )
Description: Información del Servicio de instantáneas de volumen: el servidor COM con CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} y el nombre CEventSystem no puede iniciarse. [0x8007045b, Se está cerrando el sistema.
]

Error: (04/27/2020 12:17:28 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: El programa WINWORD.EXE (versión 15.0.5163.1000) dejó de interactuar con Windows y se cerró. Para ver si hay más información disponible sobre el problema, comprueba el historial de problemas en el panel de control de seguridad y mantenimiento.

Id. de proceso: 2354

Hora de Inicio: 01d61c4a014ab6b4

Hora de finalización: 57

Ruta de la aplicación: C:\Program Files\Microsoft Office\Office15\WINWORD.EXE

Id. de informe: 430ef930-c0de-4136-8301-1da86a6b8819

Nombre completo del paquete con errores: 

Id. de la aplicación relativa al paquete con errores: 

Tipo de bloqueo: Cross-thread

Error: (04/26/2020 09:47:16 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: GameBar.exe, versión: 5.120.4062.0, marca de tiempo: 0x5e8b4797
Nombre del módulo con errores: ucrtbase.dll, versión: 10.0.18362.387, marca de tiempo: 0x4361b720
Código de excepción: 0xc0000409
Desplazamiento de errores: 0x000000000006db8e
Identificador del proceso con errores: 0x379c
Hora de inicio de la aplicación con errores: 0x01d61c35b9e12af2
Ruta de acceso de la aplicación con errores: C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.120.4062.0_x64__8wekyb3d8bbwe\GameBar.exe
Ruta de acceso del módulo con errores: C:\WINDOWS\System32\ucrtbase.dll
Identificador del informe: 96af77df-bb69-4afb-af10-9046bff0c63a
Nombre completo del paquete con errores: Microsoft.XboxGamingOverlay_5.120.4062.0_x64__8wekyb3d8bbwe
Identificador de aplicación relativa del paquete con errores: App

Error: (04/25/2020 11:59:02 PM) (Source: Software Protection Platform Service) (EventID: 1017) (User: )
Description: Error al instalar la prueba de compra. 0xC004F069
Pkey parcial=KD4D3
ACID=?
Error detallado[?]

Error: (04/25/2020 08:59:23 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: mbamtray.exe, versión: 4.0.0.620, marca de tiempo: 0x5e8e029a
Nombre del módulo con errores: Qt5Core.dll, versión: 5.14.1.0, marca de tiempo: 0x5e8272e4
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x0000000000219d05
Identificador del proceso con errores: 0x47c
Hora de inicio de la aplicación con errores: 0x01d61b64a3355738
Ruta de acceso de la aplicación con errores: C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
Ruta de acceso del módulo con errores: C:\Program Files\Malwarebytes\Anti-Malware\Qt5Core.dll
Identificador del informe: 205e2007-55ee-4226-9e45-15772ac826c9
Nombre completo del paquete con errores: 
Identificador de aplicación relativa del paquete con errores:

Error: (04/20/2020 11:59:32 PM) (Source: Software Protection Platform Service) (EventID: 1017) (User: )
Description: Error al instalar la prueba de compra. 0xC004F069
Pkey parcial=KD4D3
ACID=?
Error detallado[?]


Errores del sistema:
=============
Error: (04/27/2020 01:28:50 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: El servicio Servicio Orquestador de actualizaciones no respondió después de iniciar.

Error: (04/27/2020 01:23:43 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: El servicio Administrador de mapas descargados no respondió después de iniciar.

Error: (04/27/2020 01:18:21 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio Windows Presentation Foundation Font Cache 3.0.0.0 no pudo iniciarse debido al siguiente error: 
El servicio no respondió a tiempo a la solicitud de inicio o de control.

Error: (04/27/2020 01:18:21 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Se agotó el tiempo de espera (30000 ms) para la conexión con el servicio Windows Presentation Foundation Font Cache 3.0.0.0.

Error: (04/27/2020 01:17:31 PM) (Source: RemoteAccess) (EventID: 20063) (User: )
Description: El Administrador de conexiones de acceso remoto no se pudo iniciar por un error al inicializar el motor del protocolo [IKEv2]. Solicitud no compatible.

Error: (04/27/2020 01:17:31 PM) (Source: RemoteAccess) (EventID: 20063) (User: )
Description: El Administrador de conexiones de acceso remoto no se pudo iniciar por un error al inicializar el motor del protocolo [rasgreeng.dll]. No se puede encontrar el módulo especificado.

Error: (04/27/2020 01:17:15 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio SAService no pudo iniciarse debido al siguiente error: 
El sistema no puede encontrar el archivo especificado.

Error: (04/27/2020 01:16:35 PM) (Source: volmgr) (EventID: 46) (User: )
Description: Error en la inicialización del archivo de volcado

Windows Defender:
===================================
Date: 2020-04-27 13:49:45.262
Description: 
El examen de Antivirus de Windows Defender se detuvo antes de completarse.
Id. de examen: {A0DE5F9E-610C-4255-BFAA-40F59508C004}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM

Date: 2020-04-27 13:39:25.880
Description: 
El examen de Antivirus de Windows Defender se detuvo antes de completarse.
Id. de examen: {259694A9-ED3F-40AF-8BA8-273C412B6C56}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM

Date: 2020-04-27 02:01:05.285
Description: 
El examen de Antivirus de Windows Defender se detuvo antes de completarse.
Id. de examen: {783DBBFE-9850-4F89-9D4E-B1D8B31EE196}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM

Date: 2020-04-27 00:36:24.025
Description: 
El examen de Antivirus de Windows Defender se detuvo antes de completarse.
Id. de examen: {0A0EA0FD-EFFB-49C2-9B61-D1983884E832}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM

Date: 2020-04-27 00:00:32.952
Description: 
El examen de Antivirus de Windows Defender se detuvo antes de completarse.
Id. de examen: {DF6142AE-C282-477D-90C2-6A9334F1B879}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM

Date: 2020-04-27 13:52:52.963
Description: 
Antivirus de Windows Defender detectó un error al intentar actualizar la inteligencia de seguridad.
Nueva versión de inteligencia de seguridad: 
Versión anterior de inteligencia de seguridad: 1.253.928.0
Origen de actualización: Centro de protección contra malware de Microsoft
Tipo de inteligencia de seguridad: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\Servicio de red
Versión actual del motor: 
Versión anterior del motor: 1.1.14202.0
Código de error: 0x80072ee7
Descripción del error: No se pudo resolver el nombre de servidor o su dirección 

Date: 2020-04-27 13:52:52.962
Description: 
Antivirus de Windows Defender detectó un error al intentar actualizar la inteligencia de seguridad.
Nueva versión de inteligencia de seguridad: 
Versión anterior de inteligencia de seguridad: 1.253.928.0
Origen de actualización: Centro de protección contra malware de Microsoft
Tipo de inteligencia de seguridad: AntiSpyware
Tipo de actualización: Completa
Usuario: NT AUTHORITY\Servicio de red
Versión actual del motor: 
Versión anterior del motor: 1.1.14202.0
Código de error: 0x80072ee7
Descripción del error: No se pudo resolver el nombre de servidor o su dirección 

Date: 2020-04-27 13:52:52.962
Description: 
Antivirus de Windows Defender detectó un error al intentar actualizar la inteligencia de seguridad.
Nueva versión de inteligencia de seguridad: 
Versión anterior de inteligencia de seguridad: 1.253.928.0
Origen de actualización: Centro de protección contra malware de Microsoft
Tipo de inteligencia de seguridad: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\Servicio de red
Versión actual del motor: 
Versión anterior del motor: 1.1.14202.0
Código de error: 0x80072ee7
Descripción del error: No se pudo resolver el nombre de servidor o su dirección 

Date: 2020-04-27 13:52:52.945
Description: 
Antivirus de Windows Defender detectó un error al intentar actualizar la inteligencia de seguridad.
Nueva versión de inteligencia de seguridad: 
Versión anterior de inteligencia de seguridad: 1.253.928.0
Origen de actualización: Centro de protección contra malware de Microsoft
Tipo de inteligencia de seguridad: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\Servicio de red
Versión actual del motor: 
Versión anterior del motor: 1.1.14202.0
Código de error: 0x80072ee7
Descripción del error: No se pudo resolver el nombre de servidor o su dirección 

Date: 2020-04-27 13:52:52.944
Description: 
Antivirus de Windows Defender detectó un error al intentar actualizar la inteligencia de seguridad.
Nueva versión de inteligencia de seguridad: 
Versión anterior de inteligencia de seguridad: 1.253.928.0
Origen de actualización: Centro de protección contra malware de Microsoft
Tipo de inteligencia de seguridad: AntiSpyware
Tipo de actualización: Completa
Usuario: NT AUTHORITY\Servicio de red
Versión actual del motor: 
Versión anterior del motor: 1.1.14202.0
Código de error: 0x80072ee7
Descripción del error: No se pudo resolver el nombre de servidor o su dirección 

CodeIntegrity:
===================================

Date: 2020-04-27 13:20:46.551
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume4\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.

Date: 2020-04-27 13:20:46.500
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume4\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.

Date: 2020-04-27 13:19:42.626
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.

Date: 2020-04-27 10:44:07.417
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume4\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.

Date: 2020-04-27 10:44:07.341
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume4\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.

Date: 2020-04-27 10:43:00.312
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.

Date: 2020-04-27 10:35:18.036
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume4\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.

Date: 2020-04-27 02:08:15.716
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume4\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.

==================== Información de la memoria =========================== 

BIOS: LENOVO 7BCN28WW(V1.11) 07/19/2013
Placa base: LENOVO
Procesador: Intel(R) Core(TM) i3-3110M CPU @ 2.40GHz
Porcentaje de memoria en uso: 31%
RAM física total: 12153.77 MB
RAM física disponible: 8316.3 MB
Virtual total: 12153.77 MB
Virtual disponible: 8769.5 MB

==================== Unidades ================================

Drive c: () (Fixed) (Total:308.2 GB) (Free:15.57 GB) NTFS
Drive f: (Nuevo vol) (Fixed) (Total:58.57 GB) (Free:5.44 GB) NTFS

\\?\Volume{8d86ba9e-01e7-4888-b586-90b740e37198}\ () (Fixed) (Total:0.77 GB) (Free:0.3 GB) NTFS
\\?\Volume{a8a38953-4e74-4846-846b-f4d1ed66ac7d}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Tabla de particiones ====================

==========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 3C43EC47)

Partition: GPT.

==================== Final de Addition.txt =======================

Muchas gracias por tu ayuda!, copié todo en el orden solicitado

Bien… y ahora sigue estos pasos, :arrow_forward: MUY Importante :arrow_backward: Realiza una copia de seguridad del registro :

  • Para hacerlo descarga :arrow_forward: DelFix.exe(en tu escritorio).

  • Doble clic para ejecutarlo.(Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona -Ejecutar como Administrador-).

  • Atención, ahora marca/selecciona únicamente la casilla :white_check_mark: Create registry backup, las demás casillas NO. :face_with_monocle:

  • Pulsar en Run.

Se abrirá el informe (DelFix.txt), guárdalo por si fuera necesario y cierra la herramienta.

:warning: Con los demás programas cerrados ve a :arrow_forward: Inicio :arrow_forward: Ejecutar :arrow_forward: y escribe Notepad.exe.

  • Ahora debes copiar y pegar los códigos/líneas que están en el interior del recuadro de más abajo, dentro del Notepad.
START
CREATERESTOREPOINT:
CLOSEPROCESSES:
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => -> Ningún archivo
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => -> Ningún archivo
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => -> Ningún archivo
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => -> Ningún archivo
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => -> Ningún archivo
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => -> Ningún archivo
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> Ningún archivo
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => -> Ningún archivo
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> Ningún archivo
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> Ningún archivo
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> Ningún archivo
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> Ningún archivo
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Ningún archivo
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => -> Ningún archivo
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> Ningún archivo
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxlctlfudivq`qsp`29hfm [0]
HKU\S-1-5-21-1198290506-3008176589-532644284-1006\Software\Classes\exefile: <==== ATENCIÓN
HKU\S-1-5-21-1198290506-3008176589-532644284-1006\Software\Classes\.exe: exefile => <==== ATENCIÓN
IFEO\SppExtComObj.exe: [Debugger] C:\WINDOWS\SECOH-QAD.exe
GroupPolicy: Restricción ? <==== ATENCIÓN
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restricción <==== ATENCIÓN
CHR HKLM\SOFTWARE\Policies\Google: Restricción <==== ATENCIÓN
Task: {013CBCB3-533B-406B-BA61-D7A3941B5A18} - System32\Tasks\SessionAgent => C:\windows\ics32.exe
ProxyServer: [S-1-5-21-1198290506-3008176589-532644284-1006] => 142.93.121.59:8080
FF NetworkProxy: Mozilla\Firefox\Profiles\r2r42679.default -> backup.ftp", "hxxp://127.0.0.1"
FF Plugin: @java.com/DTPlugin,version=11.111.2 -> C:\Program Files\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll [2016-12-10] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2016-12-10] (Oracle America, Inc. -> Oracle Corporation)
S3 SUService; "C:\Program Files (x86)\Lenovo\System Update\SUService.exe" [X]
S3 PSKMAD; C:\WINDOWS\System32\DRIVERS\PSKMAD.sys [50320 2015-01-29] (Panda Security S.L. -> Panda Security, S.L.)
HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
END

Guárdalo bajo el nombre de FIXLIST.TXT en el escritorio :arrow_backward: Esto es muy importante.

:o: Nota :o: Es importante que la herramienta FRST.exe(Farbar Recovery Scanner Tool) y FIXLIST.TXT se encuentren en la misma ubicación (escritorio) o si no, no trabajara.

Y ahora usa el 2º MÉTODO: de esta Faq de Windows 8(aplicable a Windows 10) :arrow_forward: ¿Cómo iniciar Windows 8/8.1 en Modo Seguro?, para trabajar desde ese modo de windows.

  • Ejecuta FRST.exe.(Si usas Windows Vista/7/8 o 10, presiona clic derecho y seleccionas -Ejecutar como Administrador-).

  • Presionar el botón FIX/Corregir y aguardar a que termine.

  • La Herramienta guardara el reporte de reparación en el escritorio (FIXLOG.TXT).

Pegar el contenido de este fichero en tu próxima respuesta. :+1:

Reiniciar el equipo y comprobar su funcionamiento en relación al problema planteado y comentarlo.

Saludos.