Buenas noches, Llevo varios días sufriendo una ralentización del portatil. No ha sido hasta hoy cuando he visto al culpable, el proceso notepad.exe se estaba zampando 2Gb de RAM. He finalizado el proceso y vuelta a empezar. Por cierto, también pensaba, que a veces me ha sucedido, que estaba pendiente una actualización de windows y que he hecho hoy mismo también, y me ha llevado casi una hora por culpa de la lentitud general. Tengo windows 7 home premium sobre un asus de 6gb de Ram. Me he leido las incidencias de varios compañeros y he seguido los pasos iniciales: Primero Ccleaner como hago siempre. El antivirus no me ha detectado nada. Malwarebytes sí que me ha detectado incidencias, las he mandado a cuarentena, luego os pego el informe. Y para finalizar el Adwcleaner , también añado abajo el log. He reiniciado el equipo y he vuelto a entrar en modo seguro para volver a repetir todo de nuevo. Bueno, ahora ya no es constante pero vuelve a aparecer el notepad.exe de vez en cuando, lo sé cuando salta el ventilador (un infierno) y cuando entro en el Administrador de Tareas el proceso se finaliza solo (apenas me da tiempo a visualizarlo). Es como el juego del escondite pero maldita la gracia que me hace. En fin, veo que no sólo no hay un método general sino que ha algunos compañeros se les está resistiendo el asunto. Sólo quería compartir mi experiencia, que en mi caso desaparece al entrar al administrador de tareas. Un saludo
Malwarebytes
www.malwarebytes.com
-Detalles del registro-
Fecha del análisis: 11/12/19
Hora del análisis: 17:44
Archivo de registro: 803ea9f0-1c35-11ea-9426-00ff2167bd68.json
-Información del software-
Versión: 4.0.4.49
Versión de los componentes: 1.0.770
Versión del paquete de actualización: 1.0.16010
Licencia: Gratis
-Información del sistema-
SO: Windows 7 Service Pack 1
CPU: x64
Sistema de archivos: NTFS
Usuario: Asus-PC\Asus
-Resumen del análisis-
Tipo de análisis: Análisis de amenazas
Análisis iniciado por:: Manual
Resultado: Completado
Objetos analizados: 296391
Amenazas detectadas: 129
Amenazas en cuarentena: 129
Tiempo transcurrido: 14 min, 29 seg
-Opciones de análisis-
Memoria: Activado
Inicio: Activado
Sistema de archivos: Activado
Archivo: Activado
Rootkits: Desactivado
Heurística: Activado
PUP: Detectar
PUM: Detectar
-Detalles del análisis-
Proceso: 0
(No hay elementos maliciosos detectados)
Módulo: 0
(No hay elementos maliciosos detectados)
Clave del registro: 70
PUP.Optional.Babylon, HKLM\SOFTWARE\WOW6432NODE\BabylonToolbar, En cuarentena, 382, 235651, 1.0.16010, , ame,
PUP.Optional.SpeedyPC, HKLM\SOFTWARE\WOW6432NODE\SpeedyPC Software, En cuarentena, 1598, 396735, 1.0.16010, , ame,
PUP.Optional.uTorrentBar, HKLM\SOFTWARE\WOW6432NODE\uTorrentBar_ES, En cuarentena, 1876, 244412, 1.0.16010, , ame,
PUP.Optional.Conduit, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}, En cuarentena, 201, 236865, , , ,
PUP.Optional.Conduit, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}, En cuarentena, 201, 236865, , , ,
PUP.Optional.Conduit, HKU\S-1-5-21-3049655351-1514379235-1721816859-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}, En cuarentena, 201, 236865, 1.0.16010, , ame,
PUP.Optional.Babylon, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\dhkplhfnhceodhffomolpfigojocbpcb, En cuarentena, 382, 235653, 1.0.16010, , ame,
PUP.Optional.BabylonToolBar, HKU\S-1-5-21-3049655351-1514379235-1721816859-1001\SOFTWARE\BabylonToolbar, En cuarentena, 2855, 235657, 1.0.16010, , ame,
PUP.Optional.InstallCore, HKU\S-1-5-21-3049655351-1514379235-1721816859-1001\SOFTWARE\InstallCore, En cuarentena, 479, 239563, 1.0.16010, , ame,
PUP.Optional.OfferBox, HKU\S-1-5-21-3049655351-1514379235-1721816859-1001\SOFTWARE\OfferBox, En cuarentena, 2351, 256801, 1.0.16010, , ame,
PUP.Optional.SpeedyPC, HKU\S-1-5-21-3049655351-1514379235-1721816859-1001\SOFTWARE\SpeedyPC Software, En cuarentena, 1598, 396736, 1.0.16010, , ame,
PUP.Optional.PriceGong, HKU\S-1-5-21-3049655351-1514379235-1721816859-1001\SOFTWARE\APPDATALOW\SOFTWARE\PriceGong, En cuarentena, 1462, 241946, 1.0.16010, , ame,
PUP.Optional.uTorrentBar, HKU\S-1-5-21-3049655351-1514379235-1721816859-1001\SOFTWARE\APPDATALOW\SOFTWARE\uTorrentBar_ES, En cuarentena, 1876, 244410, 1.0.16010, , ame,
PUP.Optional.Conduit.Generic, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\NPIECJLHKNGDINOEEKMCCDBJDGCLMNBK, En cuarentena, 1324, 443284, , , ,
PUP.Optional.Conduit.Generic, HKU\S-1-5-21-3049655351-1514379235-1721816859-1001\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\npiecjlhkngdinoeekmccdbjdgclmnbk, En cuarentena, 1324, 443284, 1.0.16010, , ame,
PUP.Optional.Conduit.Generic, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{9710C0C9-88DF-432A-8754-AFC3B431545A}, En cuarentena, 1324, 443512, 1.0.16010, , ame,
PUP.Optional.RelevantKnowledge, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\TRACING\rlvknlg_RASAPI32, En cuarentena, 1402, 184776, 1.0.16010, , ame,
PUP.Optional.RelevantKnowledge, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\TRACING\rlvknlg_RASMANCS, En cuarentena, 1402, 184776, 1.0.16010, , ame,
PUP.Optional.BabylonToolBar, HKLM\SOFTWARE\CLASSES\TYPELIB\{35C1605E-438B-4D64-AAB1-8885F097A9B1}, En cuarentena, 2855, 167676, , , ,
PUP.Optional.BabylonToolBar, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{35C1605E-438B-4D64-AAB1-8885F097A9B1}, En cuarentena, 2855, 167676, , , ,
PUP.Optional.BabylonToolBar, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{35C1605E-438B-4D64-AAB1-8885F097A9B1}, En cuarentena, 2855, 167676, , , ,
PUP.Optional.BabylonToolBar, HKLM\SOFTWARE\CLASSES\APPID\{35C1605E-438B-4D64-AAB1-8885F097A9B1}, En cuarentena, 2855, 167676, , , ,
PUP.Optional.BabylonToolBar, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\{35C1605E-438B-4D64-AAB1-8885F097A9B1}, En cuarentena, 2855, 167676, , , ,
PUP.Optional.BabylonToolBar, HKLM\SOFTWARE\CLASSES\WOW6432NODE\APPID\{35C1605E-438B-4D64-AAB1-8885F097A9B1}, En cuarentena, 2855, 167676, 1.0.16010, , ame,
PUP.Optional.BabylonToolBar, HKLM\SOFTWARE\CLASSES\INTERFACE\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A}, En cuarentena, 2855, 167677, , , ,
PUP.Optional.BabylonToolBar, HKLM\SOFTWARE\CLASSES\INTERFACE\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1}, En cuarentena, 2855, 167677, , , ,
PUP.Optional.BabylonToolBar, HKLM\SOFTWARE\CLASSES\INTERFACE\{706D4A4B-184A-4434-B331-296B07493D2D}, En cuarentena, 2855, 167677, , , ,
PUP.Optional.BabylonToolBar, HKLM\SOFTWARE\CLASSES\INTERFACE\{8BE10F21-185F-4CA0-B789-9921674C3993}, En cuarentena, 2855, 167677, , , ,
PUP.Optional.BabylonToolBar, HKLM\SOFTWARE\CLASSES\INTERFACE\{94C0B25D-3359-4B10-B227-F96A77DB773F}, En cuarentena, 2855, 167677, , , ,
PUP.Optional.BabylonToolBar, HKLM\SOFTWARE\CLASSES\INTERFACE\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}, En cuarentena, 2855, 167677, , , ,
PUP.Optional.BabylonToolBar, HKLM\SOFTWARE\CLASSES\INTERFACE\{B173667F-8395-4317-8DD6-45AD1FE00047}, En cuarentena, 2855, 167677, , , ,
PUP.Optional.BabylonToolBar, HKLM\SOFTWARE\CLASSES\INTERFACE\{B32672B3-F656-46E0-B584-FE61C0BB6037}, En cuarentena, 2855, 167677, , , ,
PUP.Optional.BabylonToolBar, HKLM\SOFTWARE\CLASSES\INTERFACE\{BFE569F7-646C-4512-969B-9BE3E580D393}, En cuarentena, 2855, 167677, , , ,
PUP.Optional.BabylonToolBar, HKLM\SOFTWARE\CLASSES\INTERFACE\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}, En cuarentena, 2855, 167677, , , ,
PUP.Optional.BabylonToolBar, HKLM\SOFTWARE\CLASSES\INTERFACE\{C2996524-2187-441F-A398-CD6CB6B3D020}, En cuarentena, 2855, 167677, , , ,
PUP.Optional.BabylonToolBar, HKLM\SOFTWARE\CLASSES\INTERFACE\{E047E227-5342-4D94-80F7-CFB154BF55BD}, En cuarentena, 2855, 167677, , , ,
PUP.Optional.BabylonToolBar, HKLM\SOFTWARE\CLASSES\INTERFACE\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}, En cuarentena, 2855, 167677, , , ,
PUP.Optional.BabylonToolBar, HKLM\SOFTWARE\CLASSES\INTERFACE\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}, En cuarentena, 2855, 167677, , , ,
PUP.Optional.BabylonToolBar, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A}, En cuarentena, 2855, 167677, , , ,
PUP.Optional.BabylonToolBar, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1}, En cuarentena, 2855, 167677, , , ,
PUP.Optional.BabylonToolBar, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{706D4A4B-184A-4434-B331-296B07493D2D}, En cuarentena, 2855, 167677, , , ,
PUP.Optional.BabylonToolBar, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{8BE10F21-185F-4CA0-B789-9921674C3993}, En cuarentena, 2855, 167677, , , ,
PUP.Optional.BabylonToolBar, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{94C0B25D-3359-4B10-B227-F96A77DB773F}, En cuarentena, 2855, 167677, , , ,
PUP.Optional.BabylonToolBar, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}, En cuarentena, 2855, 167677, , , ,
PUP.Optional.BabylonToolBar, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{B173667F-8395-4317-8DD6-45AD1FE00047}, En cuarentena, 2855, 167677, , , ,
PUP.Optional.BabylonToolBar, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{B32672B3-F656-46E0-B584-FE61C0BB6037}, En cuarentena, 2855, 167677, , , ,
PUP.Optional.BabylonToolBar, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{BFE569F7-646C-4512-969B-9BE3E580D393}, En cuarentena, 2855, 167677, , , ,
PUP.Optional.BabylonToolBar, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}, En cuarentena, 2855, 167677, , , ,
PUP.Optional.BabylonToolBar, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{C2996524-2187-441F-A398-CD6CB6B3D020}, En cuarentena, 2855, 167677, , , ,
PUP.Optional.BabylonToolBar, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{E047E227-5342-4D94-80F7-CFB154BF55BD}, En cuarentena, 2855, 167677, , , ,
PUP.Optional.BabylonToolBar, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}, En cuarentena, 2855, 167677, , , ,
PUP.Optional.BabylonToolBar, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}, En cuarentena, 2855, 167677, , , ,
PUP.Optional.BabylonToolBar, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A}, En cuarentena, 2855, 167677, , , ,
PUP.Optional.BabylonToolBar, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1}, En cuarentena, 2855, 167677, , , ,
PUP.Optional.BabylonToolBar, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{706D4A4B-184A-4434-B331-296B07493D2D}, En cuarentena, 2855, 167677, , , ,
PUP.Optional.BabylonToolBar, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{8BE10F21-185F-4CA0-B789-9921674C3993}, En cuarentena, 2855, 167677, , , ,
PUP.Optional.BabylonToolBar, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{94C0B25D-3359-4B10-B227-F96A77DB773F}, En cuarentena, 2855, 167677, , , ,
PUP.Optional.BabylonToolBar, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}, En cuarentena, 2855, 167677, , , ,
PUP.Optional.BabylonToolBar, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{B173667F-8395-4317-8DD6-45AD1FE00047}, En cuarentena, 2855, 167677, , , ,
PUP.Optional.BabylonToolBar, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{B32672B3-F656-46E0-B584-FE61C0BB6037}, En cuarentena, 2855, 167677, , , ,
PUP.Optional.BabylonToolBar, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{BFE569F7-646C-4512-969B-9BE3E580D393}, En cuarentena, 2855, 167677, , , ,
PUP.Optional.BabylonToolBar, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}, En cuarentena, 2855, 167677, , , ,
PUP.Optional.BabylonToolBar, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{C2996524-2187-441F-A398-CD6CB6B3D020}, En cuarentena, 2855, 167677, , , ,
PUP.Optional.BabylonToolBar, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{E047E227-5342-4D94-80F7-CFB154BF55BD}, En cuarentena, 2855, 167677, , , ,
PUP.Optional.BabylonToolBar, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}, En cuarentena, 2855, 167677, , , ,
PUP.Optional.BabylonToolBar, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}, En cuarentena, 2855, 167677, , , ,
PUP.Optional.BabylonToolBar, HKLM\SOFTWARE\CLASSES\TYPELIB\{6E8BF012-2C85-4834-B10A-1B31AF173D70}, En cuarentena, 2855, 167677, , , ,
PUP.Optional.BabylonToolBar, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{6E8BF012-2C85-4834-B10A-1B31AF173D70}, En cuarentena, 2855, 167677, , , ,
PUP.Optional.BabylonToolBar, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{6E8BF012-2C85-4834-B10A-1B31AF173D70}, En cuarentena, 2855, 167677, 1.0.16010, , ame,
PUP.Optional.BabylonToolBar, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{8375D9C8-634F-4ECB-8CF5-C7416BA5D542}, En cuarentena, 2855, 167678, 1.0.16010, , ame,
Valor del registro: 7
PUP.Optional.Conduit, HKU\S-1-5-21-3049655351-1514379235-1721816859-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|URL, En cuarentena, 201, 236865, 1.0.16010, , ame,
PUP.Optional.Conduit, HKU\S-1-5-21-3049655351-1514379235-1721816859-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|TOPRESULTURL, En cuarentena, 201, 236865, 1.0.16010, , ame,
PUP.Optional.Babylon, HKU\S-1-5-21-3049655351-1514379235-1721816859-1001\SOFTWARE\GOOGLE\CHROME\PREFERENCEMACS\Default\extensions.settings|DHKPLHFNHCEODHFFOMOLPFIGOJOCBPCB, En cuarentena, 382, 235653, , , ,
PUP.Optional.Conduit.Generic, HKU\S-1-5-21-3049655351-1514379235-1721816859-1001\SOFTWARE\GOOGLE\CHROME\PREFERENCEMACS\Default\extensions.settings|NPIECJLHKNGDINOEEKMCCDBJDGCLMNBK, En cuarentena, 1324, 443284, , , ,
PUP.Optional.Conduit.Generic, HKU\S-1-5-21-3049655351-1514379235-1721816859-1001\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\npiecjlhkngdinoeekmccdbjdgclmnbk|PATH, En cuarentena, 1324, 443284, 1.0.16010, , ame,
PUP.Optional.Conduit.Generic, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{9710C0C9-88DF-432A-8754-AFC3B431545A}|APPPATH, En cuarentena, 1324, 443512, 1.0.16010, , ame,
PUP.Optional.Conduit.Generic, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\npiecjlhkngdinoeekmccdbjdgclmnbk|PATH, En cuarentena, 1324, 443285, 1.0.16010, , ame,
Datos del registro: 1
PUP.Optional.Conduit, HKU\S-1-5-21-3049655351-1514379235-1721816859-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|START PAGE, Sustituido, 201, 293058, 1.0.16010, , ame,
Secuencia de datos: 0
(No hay elementos maliciosos detectados)
Carpeta: 7
PUP.Optional.uTorrentBar, C:\PROGRAM FILES (X86)\uTorrentBar_ES, En cuarentena, 1876, 180208, 1.0.16010, , ame,
PUP.Optional.Conduit, C:\Users\Asus\AppData\LocalLow\Conduit\Community Alerts\Dialogs\AppNotificationDialog, En cuarentena, 201, 182117, , , ,
PUP.Optional.Conduit, C:\Users\Asus\AppData\LocalLow\Conduit\Community Alerts\Dialogs, En cuarentena, 201, 182117, , , ,
PUP.Optional.Conduit, C:\Users\Asus\AppData\LocalLow\Conduit\Community Alerts, En cuarentena, 201, 182117, , , ,
PUP.Optional.Conduit, C:\USERS\ASUS\APPDATA\LOCALLOW\CONDUIT, En cuarentena, 201, 182117, 1.0.16010, , ame,
PUP.Optional.Babylon, C:\USERS\ASUS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Data\LevelDB, En cuarentena, 382, 455059, , , ,
PUP.Optional.Babylon, C:\USERS\ASUS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Data\LevelDB, En cuarentena, 382, 455059, , , ,
Archivo: 44
PUP.Optional.uTorrentBar, C:\Program Files (x86)\uTorrentBar_ES\GottenAppsContextMenu.xml, En cuarentena, 1876, 180208, , , ,
PUP.Optional.uTorrentBar, C:\Program Files (x86)\uTorrentBar_ES\OtherAppsContextMenu.xml, En cuarentena, 1876, 180208, , , ,
PUP.Optional.uTorrentBar, C:\Program Files (x86)\uTorrentBar_ES\SharedAppsContextMenu.xml, En cuarentena, 1876, 180208, , , ,
PUP.Optional.uTorrentBar, C:\Program Files (x86)\uTorrentBar_ES\toolbar.cfg, En cuarentena, 1876, 180208, , , ,
PUP.Optional.uTorrentBar, C:\Program Files (x86)\uTorrentBar_ES\ToolbarContextMenu.xml, En cuarentena, 1876, 180208, , , ,
PUP.Optional.Conduit, C:\Users\Asus\AppData\LocalLow\Conduit\Community Alerts\Dialogs\AppNotificationDialog\AppNotification.js, En cuarentena, 201, 182117, , , ,
PUP.Optional.Conduit, C:\Users\Asus\AppData\LocalLow\Conduit\Community Alerts\Dialogs\DialogsAPI.js, En cuarentena, 201, 182117, , , ,
PUP.Optional.Conduit, C:\Users\Asus\AppData\LocalLow\Conduit\Community Alerts\Dialogs\PIE.htc, En cuarentena, 201, 182117, , , ,
PUP.Optional.Conduit, C:\Users\Asus\AppData\LocalLow\Conduit\Community Alerts\Dialogs\settings.js, En cuarentena, 201, 182117, , , ,
PUP.Optional.Babylon, C:\USERS\ASUS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Sustituido, 382, 235653, , , ,
PUP.Optional.Conduit.Generic, C:\USERS\ASUS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Sustituido, 1324, 443284, , , ,
PUP.Optional.Babylon, C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\347SBSQ3.DEFAULT\PREFS.JS, Sustituido, 382, 301501, 1.0.16010, , ame,
PUP.Optional.Babylon, C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\347SBSQ3.DEFAULT\PREFS.JS, Sustituido, 382, 301501, 1.0.16010, , ame,
PUP.Optional.Babylon, C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\347SBSQ3.DEFAULT\PREFS.JS, Sustituido, 382, 301501, 1.0.16010, , ame,
PUP.Optional.Babylon, C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\347SBSQ3.DEFAULT\PREFS.JS, Sustituido, 382, 301501, 1.0.16010, , ame,
PUP.Optional.Babylon, C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\347SBSQ3.DEFAULT\PREFS.JS, Sustituido, 382, 301501, 1.0.16010, , ame,
PUP.Optional.Babylon, C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\347SBSQ3.DEFAULT\PREFS.JS, Sustituido, 382, 301501, 1.0.16010, , ame,
PUP.Optional.Babylon, C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\347SBSQ3.DEFAULT\PREFS.JS, Sustituido, 382, 301501, 1.0.16010, , ame,
PUP.Optional.Babylon, C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\347SBSQ3.DEFAULT\PREFS.JS, Sustituido, 382, 301501, 1.0.16010, , ame,
PUP.Optional.Babylon, C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\347SBSQ3.DEFAULT\PREFS.JS, Sustituido, 382, 301501, 1.0.16010, , ame,
PUP.Optional.Babylon, C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\347SBSQ3.DEFAULT\PREFS.JS, Sustituido, 382, 301501, 1.0.16010, , ame,
PUP.Optional.Babylon, C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\347SBSQ3.DEFAULT\PREFS.JS, Sustituido, 382, 301501, 1.0.16010, , ame,
PUP.Optional.Babylon, C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\347SBSQ3.DEFAULT\PREFS.JS, Sustituido, 382, 301501, 1.0.16010, , ame,
PUP.Optional.Babylon, C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\347SBSQ3.DEFAULT\PREFS.JS, Sustituido, 382, 301501, 1.0.16010, , ame,
PUP.Optional.Babylon, C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\347SBSQ3.DEFAULT\PREFS.JS, Sustituido, 382, 301501, 1.0.16010, , ame,
PUP.Optional.Babylon, C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\347SBSQ3.DEFAULT\PREFS.JS, Sustituido, 382, 301501, 1.0.16010, , ame,
PUP.Optional.Conduit, C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\347SBSQ3.DEFAULT\PREFS.JS, Sustituido, 201, 301520, 1.0.16010, , ame,
PUP.Optional.WinBing, C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\347SBSQ3.DEFAULT\SEARCHPLUGINS\BING-LAVASOFT-FF59.XML, En cuarentena, 5333, 678452, 1.0.16010, , ame,
PUP.Optional.OpenCandy, C:\USERS\ASUS\APPDATA\ROAMING\UTORRENT\UPDATES\3.4.2_38913.EXE, En cuarentena, 1210, 747337, 1.0.16010, , ame,
Generic.Malware/Suspicious, C:\USERS\ASUS\DESKTOP\ADOBE ILLUSTRATOR CS3 PORTABLE\ADOBE ILLUSTRATOR CS3\ADOBE ILLUSTRATOR CS3.EXE, En cuarentena, 0, 392686, 1.0.16010, , shuriken,
RiskWare.ExtensionMismatch, C:\USERS\ASUS\DESKTOP\RECOVE\2017-06-24 21.54.38_1.JPG, En cuarentena, 10944, 79314, 1.0.16010, , ame,
PUP.Optional.Babylon, C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000005.ldb, En cuarentena, 382, 455059, , , ,
PUP.Optional.Babylon, C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000021.ldb, En cuarentena, 382, 455059, , , ,
PUP.Optional.Babylon, C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000023.log, En cuarentena, 382, 455059, , , ,
PUP.Optional.Babylon, C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000024.ldb, En cuarentena, 382, 455059, , , ,
PUP.Optional.Babylon, C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\CURRENT, En cuarentena, 382, 455059, , , ,
PUP.Optional.Babylon, C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOCK, En cuarentena, 382, 455059, , , ,
PUP.Optional.Babylon, C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG, En cuarentena, 382, 455059, , , ,
PUP.Optional.Babylon, C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG.old, En cuarentena, 382, 455059, , , ,
PUP.Optional.Babylon, C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\MANIFEST-000001, En cuarentena, 382, 455059, , , ,
PUP.Optional.Babylon, C:\USERS\ASUS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Sustituido, 382, 455059, 1.0.16010, , ame,
PUP.Optional.Babylon, C:\USERS\ASUS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Sustituido, 382, 455059, 1.0.16010, , ame,
RiskWare.ExtensionMismatch, C:\USERS\ASUS\DESKTOP\RECOVE\2016-11-24 19.28.23.JPG, En cuarentena, 10944, 79314, 1.0.16010, , ame,
RiskWare.ExtensionMismatch, C:\USERS\ASUS\DESKTOP\RECOVE\2017-06-24 21.54.38.JPG, En cuarentena, 10944, 79314, 1.0.16010, , ame,
Sector físico: 0
(No hay elementos maliciosos detectados)
WMI: 0
(No hay elementos maliciosos detectados)
(end)# -------------------------------
# Malwarebytes AdwCleaner 8.0.0.0
# -------------------------------
# Build:11-21-2019
# Database: 2019-11-26.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start:12-11-2019
# Duration: 00:00:36
# OS: Windows 7 Home Premium
# Scanned: 35225
# Detected: 77
***** [ Services ] *****
No malicious services found.
***** [ Folders ] *****
PUP.Optional.Legacy C:\Program Files (x86)\myfree codec
PUP.Optional.Legacy C:\ProgramData\Microsoft\Windows\Start Menu\Programs\myfree codec
PUP.Optional.MyPCBackupC:\Program Files (x86)\MyPC Backup
PUP.Optional.WebCompanion C:\ProgramData\Application Data\Lavasoft\Web Companion
PUP.Optional.WebCompanion C:\ProgramData\Lavasoft\Web Companion
PUP.Optional.WebCompanion C:\Users\Asus\AppData\Local\Lavasoft\WEBCOMPANION.EXE_URL_SIQ0LWF3TZGXP2KHFKLLYBK3IDTBEHNG
***** [ Files ] *****
PUP.Optional.Legacy C:\Users\Asus\AppData\Roaming\Mozilla\Firefox\Profiles\347sbsq3.default\invalidprefs.js
***** [ DLL ] *****
No malicious DLLs found.
***** [ WMI ] *****
No malicious WMI found.
***** [ Shortcuts ] *****
No malicious shortcuts found.
***** [ Tasks ] *****
No malicious tasks found.
***** [ Registry ] *****
PUP.Optional.BrowseFox.A HKLM\Software\Wow6432Node\\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
PUP.Optional.Conduit HKLM\Software\Wow6432Node\Conduit
PUP.Optional.Legacy HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B}
PUP.Optional.Legacy HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
PUP.Optional.Legacy HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
PUP.Optional.Legacy HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\MyFreeCodec
PUP.Optional.Legacy HKCU\Software\Myfree Codec
PUP.Optional.Legacy HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
PUP.Optional.Legacy HKLM\SOFTWARE\Classes\AppID\escort.DLL
PUP.Optional.Legacy HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
PUP.Optional.Legacy HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
PUP.Optional.Legacy HKLM\SOFTWARE\Classes\AppID\esrv.EXE
PUP.Optional.Legacy HKLM\Software\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
PUP.Optional.Legacy HKLM\Software\Classes\Installer\Features\3192AA38321C641458DBDAF83979D193
PUP.Optional.Legacy HKLM\Software\Classes\Installer\Products\3192AA38321C641458DBDAF83979D193
PUP.Optional.Legacy HKLM\Software\Classes\Installer\UpgradeCodes\20E71B53321C641458DBDAF83979D193
PUP.Optional.Legacy HKLM\Software\Classes\Prod.cap
PUP.Optional.Legacy HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\20E71B53321C641458DBDAF83979D193
PUP.Optional.Legacy HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4B2468513CA2D6943A1A233CD3F88CE7
PUP.Optional.Legacy HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\3192AA38321C641458DBDAF83979D193
PUP.Optional.Legacy HKLM\Software\Wow6432Node\Myfree Codec
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\AppID\escorTlbr.DLL
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\AppID\escort.DLL
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\AppID\escortApp.DLL
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\AppID\escortEng.DLL
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\AppID\esrv.EXE
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\CLSID\{5C3B5DAA-0AFF-4808-90FB-0F2F2D760E36}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{83AA2913-C123-4146-85BD-AD8F93971D39}
PUP.Optional.SofTonicAssistant HKCU\Software\Softonic
PUP.Optional.WebBar HKCU\Software\AppDataLow\Toolbar
PUP.Optional.WebCompanion HKCU\Software\Lavasoft\Web Companion
PUP.Optional.WebCompanion HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
PUP.Optional.WebCompanion HKLM\Software\Wow6432Node\Lavasoft\Web Companion
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries found.
***** [ Chromium URLs ] *****
No malicious Chromium URLs found.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries found.
***** [ Firefox URLs ] *****
No malicious Firefox URLs found.
***** [ Preinstalled Software ] *****
Preinstalled.ASUSGames Folder C:\Program Files (x86)\ASUS\GAME PARK\BUBBLETOWN
Preinstalled.ASUSGames Folder C:\Program Files (x86)\ASUS\GAME PARK\DEADTIME STORIES
Preinstalled.ASUSGames Folder C:\Program Files (x86)\ASUS\GAME PARK\DREAM DAY FIRST HOME
Preinstalled.ASUSGames Folder C:\Program Files (x86)\ASUS\GAME PARK\DREAM VACATION SOLITAIRE
Preinstalled.ASUSGames Folder C:\Program Files (x86)\ASUS\GAME PARK\FARM FRENZY 3 - MADAGASCAR
Preinstalled.ASUSGames Folder C:\Program Files (x86)\ASUS\GAME PARK\GALAPAGO
Preinstalled.ASUSGames Folder C:\Program Files (x86)\ASUS\GAME PARK\GAMECONSOLE
Preinstalled.ASUSGames Folder C:\Program Files (x86)\ASUS\GAME PARK\GO GO GOURMET CHEF OF THE YEAR
Preinstalled.ASUSGames Folder C:\Program Files (x86)\ASUS\GAME PARK\MAHJONG MEMOIRS
Preinstalled.ASUSGames Folder C:\Program Files (x86)\ASUS\GAME PARK\PLANTS VS ZOMBIES
Preinstalled.ASUSGames Folder C:\Program Files (x86)\ASUS\GAME PARK\TURBO FIESTA
Preinstalled.ASUSGames Folder C:\Program Files (x86)\ASUS\GAME PARK\WORLD OF GOO
Preinstalled.ASUSInstantOn Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{749F674B-2674-47E8-879C-5626A06B2A91}
Preinstalled.ASUSProductRegistration Folder C:\Program Files (x86)\ASUS\APRP
Preinstalled.ASUSProductRegistration Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Run|ASUSPRP
Preinstalled.ASUSSplendid Folder C:\Program Files (x86)\ASUS\SPLENDID
Preinstalled.ASUSSplendid Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D41522A5-CF2B-41F2-B2C3-E4A99C821A8C}
Preinstalled.ASUSSplendid Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ACMON
Preinstalled.ASUSSplendid Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{0969AF05-4FF6-4C00-9406-43599238DE0D}
Preinstalled.ASUSVibe Folder C:\Program Files (x86)\ASUS\ASUSVIBE
Preinstalled.ASUSVibe Folder C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS\ASUSVIBE
Preinstalled.ASUSVibe Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\Asus Vibe2.0
Preinstalled.ASUSVirtualCamera Folder C:\Program Files (x86)\ASUS\VIRTUALCAMERA
Preinstalled.ASUSVirtualCamera Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}
Preinstalled.ASUSWebStorage Folder C:\Program Files (x86)\ASUS\ASUS WEBSTORAGE
Preinstalled.ASUSWebStorage Folder C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS\ASUS WEBSTORAGE
Preinstalled.ASUSWebStorage Registry HKLM\Software\Classes\CLSID\{6D4133E5-0742-4ADC-8A8C-9303440F7190}
Preinstalled.ASUSWebStorage Registry HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\ASUSWebStorage
Preinstalled.ASUSWebStorage Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\ASUS WebStorage
Preinstalled.CyberLinkLabelPrint Folder C:\Program Files (x86)\CYBERLINK\LABELPRINT
Preinstalled.CyberLinkLabelPrint Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}
Preinstalled.CyberLinkLabelPrint Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{C59C179C-668D-49A9-B6EA-0121CCFC1243}
Preinstalled.LenovoPower2Go Registry HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\CLMLServer
Preinstalled.LenovoPower2Go Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}
Preinstalled.LenovoPower2Go Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{40BF1E83-20EB-11D8-97C5-0009C5020658}
Preinstalled.PackardBellGamesBundle Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113832110}
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ########### -------------------------------
# Malwarebytes AdwCleaner 8.0.0.0
# -------------------------------
# Build:11-21-2019
# Database: 2019-11-26.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start:12-11-2019
# Duration: 00:00:12
# OS: Windows 7 Home Premium
# Cleaned: 41
# Failed: 0
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
Deleted C:\Program Files (x86)\MyPC Backup
Deleted C:\Program Files (x86)\myfree codec
Deleted C:\ProgramData\Application Data\Lavasoft\Web Companion
Deleted C:\ProgramData\Lavasoft\Web Companion
Deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\myfree codec
Deleted C:\Users\Asus\AppData\Local\Lavasoft\WEBCOMPANION.EXE_URL_SIQ0LWF3TZGXP2KHFKLLYBK3IDTBEHNG
***** [ Files ] *****
Deleted C:\Users\Asus\AppData\Roaming\Mozilla\Firefox\Profiles\347sbsq3.default\invalidprefs.js
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
Deleted HKCU\Software\AppDataLow\Toolbar
Deleted HKCU\Software\Lavasoft\Web Companion
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B}
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\MyFreeCodec
Deleted HKCU\Software\Myfree Codec
Deleted HKCU\Software\Softonic
Deleted HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Deleted HKLM\SOFTWARE\Classes\AppID\escort.DLL
Deleted HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Deleted HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Deleted HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Deleted HKLM\Software\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Deleted HKLM\Software\Classes\Installer\Features\3192AA38321C641458DBDAF83979D193
Deleted HKLM\Software\Classes\Installer\Products\3192AA38321C641458DBDAF83979D193
Deleted HKLM\Software\Classes\Installer\UpgradeCodes\20E71B53321C641458DBDAF83979D193
Deleted HKLM\Software\Classes\Prod.cap
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\20E71B53321C641458DBDAF83979D193
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4B2468513CA2D6943A1A233CD3F88CE7
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\3192AA38321C641458DBDAF83979D193
Deleted HKLM\Software\Wow6432Node\Conduit
Deleted HKLM\Software\Wow6432Node\Lavasoft\Web Companion
Deleted HKLM\Software\Wow6432Node\Myfree Codec
Deleted HKLM\Software\Wow6432Node\\Classes\AppID\escorTlbr.DLL
Deleted HKLM\Software\Wow6432Node\\Classes\AppID\escort.DLL
Deleted HKLM\Software\Wow6432Node\\Classes\AppID\escortApp.DLL
Deleted HKLM\Software\Wow6432Node\\Classes\AppID\escortEng.DLL
Deleted HKLM\Software\Wow6432Node\\Classes\AppID\esrv.EXE
Deleted HKLM\Software\Wow6432Node\\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{5C3B5DAA-0AFF-4808-90FB-0F2F2D760E36}
Deleted HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{83AA2913-C123-4146-85BD-AD8F93971D39}
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
***** [ Preinstalled Software ] *****
No Preinstalled Software cleaned.
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [9223 octets] - [11/12/2019 18:05:56]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########Hola @francisco_torrontegu y Bienvenido al Foro.!!!
Efectivamente parece que tenemos nueva variante de esta infección y NO es igual en todos los casos. 
Quiero que ejecutes los pasos que te pondre a continuacion PERO HAZLOS en el preciso momento que veas que la infección está ACTIVA y NO lances el Administrador de tareas para que NO se paralice el proceso.
Realiza estos pasos :
Desactiva temporalmente el Antivirus 
Cómo deshabilitar temporalmente su Antivirus, mientras estemos realizando TODOS los pasos.
Descargar en TU ESCRITORIO(y NO en otro lugar )
- Farbar Recovery Scan Tool. seleccionando la versión adecuada para la arquitectura(32 o 64bits) de tu equipo.
Como saber si Mi Windows es de 32 o 64 Bits ?.
Farbar Recovery Scan Tool.-
-
Ejecuta FRST.exe.
-
En el mensaje de la ventana del Disclaimer, pulsamos Yes
-
En la ventana principal pulsamos en el botón Scan y esperamos a que concluya el proceso.
-
Se abrirán dos(2) archivos(Logs), Frst.txt y Addition.txt, estos quedaran grabados en el escritorio.
Poner los dos informes en tu próxima respuesta.
Debes copiarlos y pegarlos con todo su contenido y usaras varios mensajes si recibes un mensaje de error indicando que es muy largo(mas de 50.000 caracteres aprox.).
Saludos
Gracias Javier,
He tenido problemas con la desactivación del antivirus, otras veces lo había desactivado sin problemas. No se si estará relacionado, al final lo he desintalado y he reinciado. Tenía el Panda Dome online gratuito. Al reiniciar el neotepad.exe ya no desaparece del administrador de tareas. Ha pasado el Farbar siguiendo tus instrucciones. La primera vez se me ha colgado cuando escaneaba c:\windows\system32\appidapi.dll No se si es relevante A la segunda ha terminado el escanado. Te pego los reportes. Un saludo
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 07-12-2019
Ran by Asus (administrator) on ASUS-PC (ASUSTeK Computer Inc. K53SD) (12-12-2019 10:08:35)
Running from C:\Users\Asus\Desktop
Loaded Profiles: Asus (Available Profiles: Asus)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Español (España, internacional)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(ASUS) [File not signed] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\FaceLogon\smartlogon.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\Common Files\InstantOn\InsOnSrv.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\Common Files\InstantOn\InsOnWMI.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Windows\System32\FBAgent.exe
(Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Brother\Brmfcmon\BrMfcMon.exe
(Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe
(Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Brother\ControlCenter3\BrccMCtl.exe
(Firebird Project) [File not signed] C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbguard.exe
(Firebird Project) [File not signed] C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbserver.exe
(Fitbit, Inc. -> Fitbit, Inc.) [File not signed] C:\Program Files (x86)\Fitbit Connect\FitbitConnectService.exe
(Intel Corporation - Mobile Wireless Group -> Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel Corporation - Mobile Wireless Group -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
(Intel Corporation - Mobile Wireless Group -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel Corporation - Mobile Wireless Group -> Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Intel Corporation - Mobile Wireless Group -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Iomega Corp -> ) C:\Program Files\Iomega\QuikProtect\QpMonitor.exe
(Iomega Corp -> Iomega Corporation - An EMC Company) C:\Program Files\Iomega\QuikProtect\startQuikProtect.exe
(LenovoEMC Ltd.) [File not signed] C:\Program Files (x86)\LenovoEMC Storage Manager\pCloudd.exe
(LenovoEMC Products USA, LLC -> LenovoEMC) C:\Program Files (x86)\LenovoEMC Storage Manager\LenovoEMCStorageManager.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Dynamic Code Publisher -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\WerFault.exe
(Nero AG -> Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(PacketVideo Corporation -> ) C:\Program Files (x86)\Twonky\TwonkyServer\twonkyproxy.exe
(PacketVideo Corporation -> ) C:\Program Files (x86)\Twonky\TwonkyServer\twonkyserver.exe
(PacketVideo Corporation -> ) C:\Program Files (x86)\Twonky\TwonkyServer\twonkywebdav.exe
(PacketVideo Corporation -> PacketVideo) C:\Program Files (x86)\Twonky\TwonkyServer\twonkystarter.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Sonic Focus, Inc. -> Virage Logic Corporation / Sonic Focus) C:\Program Files (x86)\ASUS\ASUS Sonic Focus\SonicFocusTray.exe
(SUPERAntiSpyware.com -> SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Synology Inc. -> ) [File not signed] C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe
(Synology Inc. -> ) [File not signed] C:\Program Files (x86)\Synology\SynologyDrive\bin\vss-service-x64.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2816808 2011-07-21] (Synaptics Incorporated -> Synaptics Incorporated)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2277992 2011-11-03] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [IntelPAN] => C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1935120 2011-07-28] (Intel Corporation - Mobile Wireless Group -> Intel(R) Corporation)
HKLM\...\Run: [SynAsusAcpi] => C:\Program Files\Synaptics\SynTP\SynAsusAcpi.exe [98088 2011-07-21] (Synaptics Incorporated -> Synaptics Incorporated)
HKLM\...\Run: [QuiKProtect] => C:\Program Files\Iomega\QuikProtect\StartQuikProtect.exe [58672 2010-06-24] (Iomega Corp -> Iomega Corporation - An EMC Company)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\nvspcap64.dll [1854400 2016-11-17] (NVIDIA Corporation -> NVIDIA Corporation)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2872400 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508240 2015-08-05] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [3331312 2011-10-19] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) [File not signed]
HKLM-x32\...\Run: [ATKOSD2] => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [5716608 2011-07-22] (ASUSTeK Computer Inc. -> ASUS)
HKLM-x32\...\Run: [ATKMEDIA] => C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [170624 2010-10-07] (ASUSTeK Computer Inc. -> ASUS)
HKLM-x32\...\Run: [HControlUser] => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUSTeK Computer Inc. -> ASUS)
HKLM-x32\...\Run: [Wireless Console 3] => C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [2317312 2011-09-13] (ASUS) [File not signed]
HKLM-x32\...\Run: [SonicMasterTray] => C:\Program Files (x86)\ASUS\ASUS Sonic Focus\SonicFocusTray.exe [984400 2010-07-09] (Sonic Focus, Inc. -> Virage Logic Corporation / Sonic Focus)
HKLM-x32\...\Run: [SSBkgdUpdate] => C:\Program Files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [210472 2006-10-25] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
HKLM-x32\...\Run: [IndexSearch] => C:\Program Files (x86)\ScanSoft\PaperPort\IndexSearch.exe [46368 2008-07-09] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
HKLM-x32\...\Run: [PPort11reminder] => C:\Program Files (x86)\ScanSoft\PaperPort\Ereg\Ereg.exe [328992 2007-08-31] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
HKLM-x32\...\Run: [BrMfcWnd] => C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe [1159168 2009-05-26] (Brother Industries, Ltd.) [File not signed]
HKLM-x32\...\Run: [ControlCenter3] => C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe [114688 2008-12-24] (Brother Industries, Ltd.) [File not signed]
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [File not signed]
HKU\S-1-5-21-3049655351-1514379235-1721816859-1001\...\Run: [Dropbox Update] => C:\Users\Asus\AppData\Local\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-06] (Dropbox, Inc -> Dropbox, Inc.)
HKU\S-1-5-21-3049655351-1514379235-1721816859-1001\...\Run: [] => [X]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\78.0.3904.108\Installer\chrmstp.exe [2019-11-19] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{73FA19D0-2D75-11D2-995D-00C04F98BBC9}] ->
HKLM\Software\...\Authentication\Credential Providers: [{06FE45A8-6D92-44ba-A0F1-9A9BCDC8F5A7}] -> C:\Program Files (x86)\ASUS\FaceLogon\system\FaceCredentialProvider64.dll [2011-10-03] (ASUSTeK Computer Inc. -> ASUS)
HKLM\Software\...\Authentication\Credential Providers: [{F8A0B131-5F68-486c-8040-7E8FC3C85BB6}] -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL [2011-03-29] (Microsoft Corporation -> Microsoft Corp.)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [185632 2015-11-17] (NVIDIA Corporation PE Sign v2014 -> NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [164008 2015-11-17] (NVIDIA Corporation PE Sign v2014 -> NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\LenovoEMC Storage Manager.lnk [2017-12-14]
ShortcutTarget: LenovoEMC Storage Manager.lnk -> C:\Program Files (x86)\LenovoEMC Storage Manager\LenovoEMCStorageManager.exe (LenovoEMC Products USA, LLC -> LenovoEMC)
Startup: C:\Users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2019-12-09]
ShortcutTarget: Dropbox.lnk -> C:\Users\Asus\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
GroupPolicyScripts: Restriction <==== ATTENTION
GroupPolicyScripts-x32: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {000F758A-D46A-44F7-A644-3EE4E8E1DBD0} - \{ED71624D-6A9A-4A05-86C5-3364E3A61A28} -> No File <==== ATTENTION
Task: {02124FDA-A27C-4D77-BF3A-A35B09F99C3B} - \{25F347D5-83FC-4F72-8B3E-E1B6EEC401B0} -> No File <==== ATTENTION
Task: {02D863E9-044B-45DF-90E9-07B4254AD266} - \{CBA2B57D-3EDE-424E-802D-6281CA87518C} -> No File <==== ATTENTION
Task: {07078F74-CA74-4A10-86D5-A09B40D0EB99} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {0DF4DA5B-13BA-4963-9E5A-BDB8C522E1DC} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [436160 2016-11-17] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {1225F4AF-4F30-45D7-89CC-D90C77AA183C} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_303_Plugin.exe [1457720 2019-12-10] (Adobe Inc. -> Adobe)
Task: {130CC738-6ABB-4551-BF79-C63802F186E8} - \{222710A5-9FBA-4F17-8847-2F7A352BFA5F} -> No File <==== ATTENTION
Task: {15A48D3F-5819-4E02-A3EE-2F8017B42FE1} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [781248 2016-11-17] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {16370FC1-9E88-40FD-B0D2-B780E0E1A791} - \{40B81E96-ABDC-4B17-ABCE-AC8131DCC40E} -> No File <==== ATTENTION
Task: {1792C709-400E-451A-9A10-1578D51003C6} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-12-10] (Adobe Inc. -> Adobe)
Task: {1B57795F-5C77-43D7-B353-94435BFC761B} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [629184 2016-11-17] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {214151EA-6EE7-41AD-920C-2ED5994D87AC} - \{75F1D49F-75A9-402B-8455-9C0C3E0DB4B0} -> No File <==== ATTENTION
Task: {217E3C6C-87E1-4D3E-AE5E-0506C10A01E5} - System32\Tasks\{D2BCEF67-1A72-4C78-ADC2-B8762207CEC1} => C:\Windows\system32\pcalua.exe -a C:\Users\Asus\Desktop\AHDETH-00244228-0042.EXE -d C:\Users\Asus\Desktop
Task: {21B9A782-D73A-46BB-98FA-9D6FA0335565} - \{7806A1E0-77AD-46C9-9DDF-7B31D835371D} -> No File <==== ATTENTION
Task: {342CAA50-8E18-4707-A27A-294130AA56F3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-29] (Google Inc -> Google Inc.)
Task: {387562C9-B57F-444F-A495-E30A958991F5} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-02-04] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {3AE0E402-3131-42C1-A4CB-B0FD06AC1F85} - System32\Tasks\AdobeAAMUpdater-1.0-Asus-PC-Asus => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508240 2015-08-05] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {475FEF49-CF9F-4AD7-AE70-D73E9AF965EF} - \{A5B5C5C0-A07F-46B0-8D28-9AFA1131D067} -> No File <==== ATTENTION
Task: {49065E41-B1D0-4320-86FC-770D2373DD03} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [704960 2016-11-17] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {49A89047-751F-4DCE-9927-8B5BCA01D760} - \{62777C40-DDE6-4065-BAF9-3D5BFC79A1DB} -> No File <==== ATTENTION
Task: {5AD76BF7-43EE-4C96-90BE-A89F63740DA4} - \ATKOSD2 -> No File <==== ATTENTION
Task: {5D305347-FC8D-4FA4-84DB-B61CD03509F1} - \{52F8F18F-D941-4FA3-9EBC-B7CD858AFA01} -> No File <==== ATTENTION
Task: {60BA98E3-0469-40FE-A0B1-B59EA8317D5B} - \{FE8269C1-2701-4A74-A10F-372830CD9AB7} -> No File <==== ATTENTION
Task: {63521E4E-B571-49B1-ABE0-C3F782C06727} - System32\Tasks\SidebarExecute => C:\Program Files (x86)\Windows Sidebar\sidebar.exe [1174016 2010-11-20] (Microsoft Windows -> Microsoft Corporation)
Task: {6BC60F53-BA1C-4ED4-9B9E-EA0C11EC8AF1} - \ASUS SmartLogon Console Sensor -> No File <==== ATTENTION
Task: {6E76BE43-27C5-42A5-8AE6-FCC53C587B2B} - \{B7FC0658-3336-458F-9A5B-6DBA6D1931F9} -> No File <==== ATTENTION
Task: {74053903-6AFB-472A-97BD-2D4CF16B6799} - \{D744480D-AF65-4E9D-973C-D90C5AC8E4B9} -> No File <==== ATTENTION
Task: {7AC3CF0A-3BB0-4FB7-9A6D-8FF344333EC4} - \{3B5C866A-6EE2-4024-9127-342F9325F04D} -> No File <==== ATTENTION
Task: {7BA6ED38-D98C-40AF-8EBA-0E6C9C6BAAF8} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe
Task: {7CA7D2BA-BDCC-4AB8-94BC-634BFE70C9B3} - \{BE9BCE0E-9FDE-4012-A1D7-6A58D25600D5} -> No File <==== ATTENTION
Task: {7D22542C-A8DC-4CE6-A527-2F4C9612DE75} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3049655351-1514379235-1721816859-1001Core => C:\Users\Asus\AppData\Local\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-06] (Dropbox, Inc -> Dropbox, Inc.)
Task: {8199DF8E-17AB-4FDC-B5A3-EBD972BB7E49} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3049655351-1514379235-1721816859-1001UA => C:\Users\Asus\AppData\Local\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-06] (Dropbox, Inc -> Dropbox, Inc.)
Task: {8AB9418E-6A61-47EB-862A-A1C078C5A438} - \ASUS P4G -> No File <==== ATTENTION
Task: {8B269AE7-A5C5-43D2-86AD-D15F663CF099} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [629184 2016-11-17] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {A4957275-B048-45B6-BF2E-F611AAF19891} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-29] (Google Inc -> Google Inc.)
Task: {A9C03838-7BFE-4EBA-AA0C-8948D1A20AB7} - \{31FAFBED-D2B0-42EE-90EF-9F888F894F32} -> No File <==== ATTENTION
Task: {B7E92E4B-9ECD-4BD8-B874-9296277904F9} - \{AB819BA2-C3D1-400C-9CE3-0D2E09703AB8} -> No File <==== ATTENTION
Task: {B96B0083-0AD6-41C7-A831-1CFAF0A24307} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [13797712 2018-09-10] (Piriform Ltd -> Piriform Ltd)
Task: {CFEF9519-54B6-4DCE-B8BE-119F5195E82D} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2872400 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {D41522A5-CF2B-41F2-B2C3-E4A99C821A8C} - \ACMON -> No File <==== ATTENTION
Task: {D9232461-A2E3-4845-928E-C2AB8517B3FD} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\Overseer.exe [1873288 2019-09-19] (AVAST Software s.r.o. -> AVAST Software)
Task: {DC978305-878F-4631-B8E3-89BE5240E74E} - \{5AA6144B-E7FF-4652-9A03-4AB3820C28AC} -> No File <==== ATTENTION
Task: {DE672E22-B312-42D2-9C80-60DEF7B99CC5} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [704960 2016-11-17] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {EDADDB31-C67E-414B-90D7-7F5DBFCD828F} - \{63CB1D58-0185-4576-8435-4B78A96B376E} -> No File <==== ATTENTION
Task: {F56FD78B-F038-4DF0-8EF4-AE8C4E3F1C47} - \Acrobat Update -> No File <==== ATTENTION
Task: {F7306115-DB2F-42A5-836F-E1E0EDB42FE2} - \{AF8D3D8F-EA22-4C47-BA83-828EEB4F63EB} -> No File <==== ATTENTION
Task: {FA580C49-0496-447D-A0A8-A45CD6EA09EB} - \{1864D485-62E7-4B40-B922-0701AFC98ABF} -> No File <==== ATTENTION
Task: {FC9CAB7B-4F94-46DF-8B3D-6EAB98D5168F} - \{5C5C52F9-A37B-481F-A4A4-AFBD9A9E6E45} -> No File <==== ATTENTION
Task: {FE388D24-6326-4B57-8C4D-FBF0F2CFBB8A} - \{626732E7-9845-43A5-BD37-44452CE009CE} -> No File <==== ATTENTION
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3049655351-1514379235-1721816859-1001Core.job => C:\Users\Asus\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3049655351-1514379235-1721816859-1001UA.job => C:\Users\Asus\AppData\Local\Dropbox\Update\DropboxUpdate.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Winsock: Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280 2011-03-29] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5 09 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280 2011-03-29] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5 10 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392 2011-03-29] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5-x64 09 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392 2011-03-29] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5-x64 10 C:\Program Files\Bonjour\mdnsNSP.dll [133392 2015-08-12] (Apple Inc. -> Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 80.58.61.250 80.58.61.254
Tcpip\..\Interfaces\{C8C05CCE-2792-435A-96AE-B13FABC09254}: [DhcpNameServer] 80.58.61.250 80.58.61.254
Internet Explorer:
==================
HKU\S-1-5-21-3049655351-1514379235-1721816859-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus.msn.com
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3049655351-1514379235-1721816859-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29] (Microsoft Corporation -> Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29] (Microsoft Corporation -> Microsoft Corp.)
BHO-x32: Adobe Acrobat Create PDF Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKU\S-1-5-21-3049655351-1514379235-1721816859-1001 -> No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File
FireFox:
========
FF DefaultProfile: 347sbsq3.default
FF ProfilePath: C:\Users\Asus\AppData\Roaming\Mozilla\Firefox\Profiles\347sbsq3.default [2019-12-12]
FF Homepage: Mozilla\Firefox\Profiles\347sbsq3.default -> www.google.es
FF Notifications: Mozilla\Firefox\Profiles\347sbsq3.default -> hxxps://web.wallapop.com
FF Extension: (Font Finder) - C:\Users\Asus\AppData\Roaming\Mozilla\Firefox\Profiles\347sbsq3.default\Extensions\[email protected] [2016-12-01] [Legacy]
FF Extension: (signTextJS) - C:\Users\Asus\AppData\Roaming\Mozilla\Firefox\Profiles\347sbsq3.default\Extensions\[email protected] [2017-06-15] [Legacy]
FF Extension: (Google Translator for Firefox) - C:\Users\Asus\AppData\Roaming\Mozilla\Firefox\Profiles\347sbsq3.default\Extensions\[email protected] [2018-12-02]
FF Extension: (Bulk Media Downloader) - C:\Users\Asus\AppData\Roaming\Mozilla\Firefox\Profiles\347sbsq3.default\Extensions\{72b2e02b-3a71-4895-886c-fd12ebe36ba3}.xpi [2017-11-16]
FF Extension: (Weather) - C:\Users\Asus\AppData\Roaming\Mozilla\Firefox\Profiles\347sbsq3.default\Extensions\{a79a9c4c-9c3f-4bf4-9e58-6574cc0b7ecb}.xpi [2019-11-18]
FF Extension: (DownThemAll!) - C:\Users\Asus\AppData\Roaming\Mozilla\Firefox\Profiles\347sbsq3.default\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2019-09-05]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: (Adobe Acrobat - Create PDF) - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2016-04-07] [Legacy] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_303.dll [2019-12-10] (Adobe Inc. -> )
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-08-06] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_303.dll [2019-12-10] (Adobe Inc. -> )
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-10-14] (Apple Inc. -> )
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2015-03-12] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2015-03-12] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-08-07] (NVIDIA Corporation PE Sign v2014 -> NVIDIA Corporation) [File not signed]
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-08-07] (NVIDIA Corporation PE Sign v2014 -> NVIDIA Corporation) [File not signed]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.35.342\npGoogleUpdate3.dll [2019-11-05] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.35.342\npGoogleUpdate3.dll [2019-11-05] (Google Inc -> Google LLC)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [No File]
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll [2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-03-12] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-08-06] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: ZEON/PDF,version=2.0 -> C:\Program Files (x86)\Nuance\PDF Reader\bin\nppdf.dll [2010-01-23] (Zeon Corporation -> Zeon Corporation)
FF Plugin HKU\S-1-5-21-3049655351-1514379235-1721816859-1001: sony.com/MediaGoDetector -> C:\Program Files (x86)\Sony\Media Go\npMediaGoDetector.dll [2015-04-21] (Sony Network Entertainment International LLC) [File not signed]
Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.google.es/
CHR Profile: C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default [2019-12-11]
CHR Extension: (Adobe Acrobat) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2019-10-02]
CHR Extension: (Player para ver Movistar+) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\kenfcfndncbbggmafjjeihkdclggbojn [2019-03-30]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-11]
CHR Extension: (Gmail) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-05-06]
CHR Extension: (Chrome Media Router) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-10-24]
CHR Profile: C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Guest Profile [2019-12-11]
CHR Profile: C:\Users\Asus\AppData\Local\Google\Chrome\User Data\System Profile [2019-12-11]
CHR Extension: (Presentaciones de Google) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-06-29]
CHR Extension: (Google Docs) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\aohghmighlieiainnegkcijnfilokake [2015-06-29]
CHR Extension: (Google Drive) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-06-29]
CHR Extension: (YouTube) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-06-29]
CHR Extension: (Búsqueda de Google) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-06-29]
CHR Extension: (Hojas de cálculo de Google) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-06-29]
CHR Extension: (Gmail) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-06-29]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2012-09-23]
CHR HKLM-x32\...\Chrome\Extension: [ihenkjeihefokohmemphikjnjbmegdik] - "C:\Program Files (x86)\Sony\Media Go\MediaGoDetector.crx" <not found>==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [173472 2017-01-31] (SUPERAntiSpyware.com -> SUPERAntiSpyware.com)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3147344 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2914896 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-03-02] (Apple Inc. -> Apple Inc.)
R2 FirebirdGuardianDefaultInstance; C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbguard.exe [98304 2012-11-01] (Firebird Project) [File not signed]
R3 FirebirdServerDefaultInstance; C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbserver.exe [3784704 2012-11-01] (Firebird Project) [File not signed]
R2 Fitbit Connect; C:\Program Files (x86)\Fitbit Connect\FitbitConnectService.exe [5906088 2015-10-28] (Fitbit, Inc. -> Fitbit, Inc.) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [File not signed]
S3 Macromedia Licensing Service; C:\Program Files (x86)\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe [68096 2012-09-28] () [File not signed]
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [6960640 2019-12-11] (Malwarebytes Inc -> Malwarebytes)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2011-07-28] (Intel Corporation - Mobile Wireless Group -> )
R2 NVIDIA Wireless Controller Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe [1163712 2016-11-17] (NVIDIA Corporation -> NVIDIA Corporation)
R2 PCloudd; C:\Program Files (x86)\LenovoEMC Storage Manager\pCloudd.exe [215040 2013-07-07] (LenovoEMC Ltd.) [File not signed]
R2 QPCopyEngine; C:\Program Files\Iomega\QuikProtect\QpMonitor.exe [394544 2010-06-24] (Iomega Corp -> )
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [File not signed]
R2 Synology Drive VSS Service x64; C:\Program Files (x86)\Synology\SynologyDrive\bin\vss-service-x64.exe [291864 2018-09-03] (Synology Inc. -> ) [File not signed]
R2 TwonkyProxy; C:\Program Files (x86)\Twonky\TwonkyServer\twonkyproxy.exe [545608 2012-07-05] (PacketVideo Corporation -> )
R2 TwonkyServer; C:\Program Files (x86)\Twonky\TwonkyServer\twonkystarter.exe [549704 2012-07-05] (PacketVideo Corporation -> PacketVideo)
R2 TwonkyWebDav; C:\Program Files (x86)\Twonky\TwonkyServer\twonkywebdav.exe [271176 2012-07-05] (PacketVideo Corporation -> )
R2 UsbClientService; C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe [248856 2017-08-08] (Synology Inc. -> ) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
R2 wlidsvc; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2292096 2011-03-29] (Microsoft Corporation -> Microsoft Corp.)
R2 NvContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -s NvContainerLocalSystem -a -f "C:\ProgramData\NVIDIA\NvContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem" -r -p 30000
S3 NvContainerNetworkService; "C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -s NvContainerNetworkService -f "C:\ProgramData\NVIDIA\NvContainerNetworkService.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\NetworkService" -r -p 30000
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 aftap0901; C:\Windows\System32\DRIVERS\aftap0901.sys [48624 2017-11-16] (AnchorFree Inc -> The OpenVPN Project)
R3 AMPPAL; C:\Windows\System32\DRIVERS\AMPPAL.sys [299008 2011-08-08] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
S3 AMPPALP; C:\Windows\System32\DRIVERS\amppal.sys [299008 2011-08-08] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
R3 asmthub3; C:\Windows\System32\DRIVERS\asmthub3.sys [129512 2011-10-04] (MCCI Internal Testing Software -> ASMedia Technology Inc)
R3 asmtxhci; C:\Windows\System32\DRIVERS\asmtxhci.sys [394728 2011-10-04] (MCCI Internal Testing Software -> ASMedia Technology Inc)
S3 athr; C:\Windows\System32\DRIVERS\athrx.sys [1542656 2009-10-05] (Microsoft Windows Hardware Compatibility Publisher -> Atheros Communications, Inc.)
R3 BrSerIb; C:\Windows\System32\DRIVERS\BrSerIb.sys [95344 2012-12-04] (Brother Industries, Ltd. -> Brother Industries Ltd.)
S3 BrSerIf; C:\Windows\System32\DRIVERS\BrSerIf.sys [97280 2006-12-12] (Microsoft Windows Hardware Compatibility Publisher -> Brother Industries Ltd.)
S3 BrUsbSer; C:\Windows\System32\DRIVERS\BrUsbSer.sys [19584 2006-09-03] (Microsoft Windows Hardware Compatibility Publisher -> Brother Industries Ltd.)
R3 BrUsbSIb; C:\Windows\System32\DRIVERS\BrUsbSIb.sys [21872 2012-12-04] (Brother Industries, Ltd. -> Brother Industries Ltd.)
R3 busenum; C:\Windows\System32\DRIVERS\busenum.sys [55776 2012-08-03] (Synology Inc. -> Windows (R) Win 7 DDK provider)
S3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [270912 2016-03-13] (DT Soft Ltd -> DT Soft Ltd)
S3 FsUsbExDisk; C:\Windows\SysWOW64\FsUsbExDisk.SYS [37344 2013-03-20] () [File not signed]
S3 ggsomc; C:\Windows\System32\DRIVERS\ggsomc.sys [30424 2015-04-16] (Sony Mobile Communications AB -> Sony Mobile Communications)
R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] (ASUSTeK Computer Inc. -> )
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [216544 2019-12-12] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [278344 2019-12-12] (Malwarebytes Inc -> Malwarebytes)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [27584 2016-11-17] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [46016 2016-11-17] (NVIDIA Corporation -> NVIDIA Corporation)
S3 pwdrvio; C:\Windows\system32\pwdrvio.sys [19032 2013-03-07] (MiniTool Solution Ltd -> )
S3 pwdspio; C:\Windows\system32\pwdspio.sys [9584 2013-03-07] (MiniTool Solution Ltd -> ) [File not signed]
S3 QsFsFltr; C:\Windows\System32\DRIVERS\QsFsFltr.sys [22584 2010-06-24] (Iomega Corp -> Windows (R) Win 7 DDK provider)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (Support.com, Inc. -> SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (Support.com, Inc. -> SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 SiSGbeLH; C:\Windows\System32\DRIVERS\SiSG664.sys [56832 2009-06-10] (Microsoft Windows -> Silicon Integrated Systems Corp.)
S3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2015-06-10] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
S3 vNICdrv; C:\Windows\System32\DRIVERS\vNICdrv.sys [20048 2013-03-29] (Iomega Corp -> Iomega Corporation)
U3 aswbdisk; no ImagePath
S2 RHDISK_AMD64; \??\C:\Program Files (x86)\Rohos\RHDISK_AMD64.SYS [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ===================
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-12-12 10:08 - 2019-12-12 10:11 - 000041982 _____ C:\Users\Asus\Desktop\FRST.txt
2019-12-12 10:07 - 2019-12-12 10:07 - 000216544 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
2019-12-12 10:04 - 2019-12-12 10:04 - 000278344 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2019-12-12 09:49 - 2019-12-12 10:10 - 000000000 ____D C:\FRST
2019-12-12 09:35 - 2019-12-12 09:35 - 002263552 _____ (Farbar) C:\Users\Asus\Desktop\FRST64.exe
2019-12-11 19:43 - 2019-12-11 19:44 - 000000000 ____D C:\Users\Asus\Desktop\2019
2019-12-11 18:03 - 2019-12-11 18:04 - 008218800 _____ (Malwarebytes) C:\Users\Asus\Desktop\adwcleaner_8.0.0.exe
2019-12-11 17:44 - 2019-12-11 17:44 - 000000000 ____D C:\Users\Asus\AppData\Local\cache
2019-12-11 17:43 - 2019-12-11 17:43 - 000153312 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2019-12-11 17:43 - 2019-12-11 17:43 - 000001950 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2019-12-11 17:43 - 2019-12-11 17:43 - 000001950 _____ C:\ProgramData\Desktop\Malwarebytes.lnk
2019-12-11 17:43 - 2019-12-11 17:43 - 000000000 ____D C:\Users\Asus\AppData\Local\mbamtray
2019-12-11 17:43 - 2019-12-11 17:43 - 000000000 ____D C:\Users\Asus\AppData\Local\mbam
2019-12-11 17:43 - 2019-12-11 17:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-12-11 17:41 - 2019-12-11 17:41 - 000000000 ____D C:\Program Files\Malwarebytes
2019-12-11 17:04 - 2019-12-11 17:04 - 001883976 _____ (Malwarebytes) C:\Users\Asus\Downloads\MBSetup.exe
2019-12-11 11:00 - 2019-11-15 02:58 - 000123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2019-12-11 11:00 - 2019-11-15 02:48 - 000142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2019-12-11 10:59 - 2019-12-06 06:27 - 000492032 _____ (Microsoft Corporation) C:\Windows\system32\EOSNotify.exe
2019-12-11 10:59 - 2019-11-28 04:33 - 000710072 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2019-12-11 10:59 - 2019-11-28 04:32 - 004061616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2019-12-11 10:59 - 2019-11-28 04:32 - 003967416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2019-12-11 10:59 - 2019-11-28 04:32 - 000627664 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2019-12-11 10:59 - 2019-11-28 04:32 - 000264120 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2019-12-11 10:59 - 2019-11-28 04:32 - 000155576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2019-12-11 10:59 - 2019-11-28 04:32 - 000097208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2019-12-11 10:59 - 2019-11-28 04:31 - 005554104 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2019-12-11 10:59 - 2019-11-28 04:31 - 001671504 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2019-12-11 10:59 - 2019-11-28 04:29 - 000361984 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2019-12-11 10:59 - 2019-11-28 04:29 - 000313344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2019-12-11 10:59 - 2019-11-28 04:28 - 000405504 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2019-12-11 10:59 - 2019-11-28 03:57 - 003233280 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2019-12-11 10:59 - 2019-11-21 03:16 - 000580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2019-12-11 10:59 - 2019-11-21 03:16 - 000496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2019-12-11 10:59 - 2019-11-21 01:48 - 000629984 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2019-12-11 10:59 - 2019-11-19 21:56 - 025753088 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2019-12-11 10:59 - 2019-11-19 21:18 - 000797184 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2019-12-11 10:59 - 2019-11-19 09:17 - 020290048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2019-12-11 10:59 - 2019-11-15 03:29 - 001330176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2019-12-11 10:59 - 2019-11-15 03:29 - 000583680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2019-12-11 10:59 - 2019-11-15 03:29 - 000479232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscms.dll
2019-12-11 10:59 - 2019-11-15 03:29 - 000215040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icm32.dll
2019-12-11 10:59 - 2019-11-15 03:29 - 000111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\t2embed.dll
2019-12-11 10:59 - 2019-11-15 03:29 - 000071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2019-12-11 10:59 - 2019-11-15 03:22 - 001574400 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2019-12-11 10:59 - 2019-11-15 03:22 - 000878080 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2019-12-11 10:59 - 2019-11-15 03:22 - 000151552 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll
2019-12-11 10:59 - 2019-11-15 03:22 - 000040960 _____ (Microsoft Corporation) C:\Windows\system32\WcsPlugInService.dll
2019-12-11 10:59 - 2019-11-15 03:22 - 000035840 _____ (Microsoft Corporation) C:\Windows\system32\printfilterpipelineprxy.dll
2019-12-11 10:59 - 2019-11-15 03:21 - 000623104 _____ (Microsoft Corporation) C:\Windows\system32\mscms.dll
2019-12-11 10:59 - 2019-11-15 03:21 - 000250880 _____ (Microsoft Corporation) C:\Windows\system32\icm32.dll
2019-12-11 10:59 - 2019-11-15 03:21 - 000101376 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2019-12-11 10:59 - 2019-11-15 03:06 - 000748544 _____ (Microsoft Corporation) C:\Windows\system32\printfilterpipelinesvc.exe
2019-12-11 10:59 - 2019-11-15 02:45 - 000327680 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2019-12-11 10:59 - 2019-11-14 12:34 - 003187712 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2019-12-11 10:59 - 2019-10-26 01:17 - 001717760 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2019-12-11 10:58 - 2019-11-28 04:32 - 001320248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2019-12-11 10:58 - 2019-11-28 04:29 - 001211392 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2019-12-11 10:58 - 2019-11-28 04:29 - 001114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2019-12-11 10:58 - 2019-11-28 04:29 - 001010176 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2019-12-11 10:58 - 2019-11-28 04:29 - 000834048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2019-12-11 10:58 - 2019-11-28 04:29 - 000690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2019-12-11 10:58 - 2019-11-28 04:29 - 000666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2019-12-11 10:58 - 2019-11-28 04:29 - 000644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2019-12-11 10:58 - 2019-11-28 04:29 - 000555520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2019-12-11 10:58 - 2019-11-28 04:29 - 000503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2019-12-11 10:58 - 2019-11-28 04:29 - 000345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2019-12-11 10:58 - 2019-11-28 04:29 - 000342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2019-12-11 10:58 - 2019-11-28 04:29 - 000312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2019-12-11 10:58 - 2019-11-28 04:29 - 000275968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2019-12-11 10:58 - 2019-11-28 04:29 - 000261632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2019-12-11 10:58 - 2019-11-28 04:29 - 000254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2019-12-11 10:58 - 2019-11-28 04:29 - 000243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2019-12-11 10:58 - 2019-11-28 04:29 - 000236032 _____ (Microsoft Corporation) C:\Windows\system32\srvsvc.dll
2019-12-11 10:58 - 2019-11-28 04:29 - 000223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2019-12-11 10:58 - 2019-11-28 04:29 - 000215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2019-12-11 10:58 - 2019-11-28 04:29 - 000210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2019-12-11 10:58 - 2019-11-28 04:29 - 000190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2019-12-11 10:58 - 2019-11-28 04:29 - 000172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2019-12-11 10:58 - 2019-11-28 04:29 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2019-12-11 10:58 - 2019-11-28 04:29 - 000141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2019-12-11 10:58 - 2019-11-28 04:29 - 000135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2019-12-11 10:58 - 2019-11-28 04:29 - 000096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2019-12-11 10:58 - 2019-11-28 04:29 - 000094208 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2019-12-11 10:58 - 2019-11-28 04:29 - 000082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2019-12-11 10:58 - 2019-11-28 04:29 - 000070144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2019-12-11 10:58 - 2019-11-28 04:29 - 000063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2019-12-11 10:58 - 2019-11-28 04:29 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2019-12-11 10:58 - 2019-11-28 04:29 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2019-12-11 10:58 - 2019-11-28 04:29 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2019-12-11 10:58 - 2019-11-28 04:29 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2019-12-11 10:58 - 2019-11-28 04:29 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2019-12-11 10:58 - 2019-11-28 04:29 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2019-12-11 10:58 - 2019-11-28 04:29 - 000022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2019-12-11 10:58 - 2019-11-28 04:29 - 000017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2019-12-11 10:58 - 2019-11-28 04:29 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2019-12-11 10:58 - 2019-11-28 04:29 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2019-12-11 10:58 - 2019-11-28 04:29 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\sscore.dll
2019-12-11 10:58 - 2019-11-28 04:29 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2019-12-11 10:58 - 2019-11-28 04:29 - 000005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2019-12-11 10:58 - 2019-11-28 04:29 - 000005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2019-12-11 10:58 - 2019-11-28 04:29 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2019-12-11 10:58 - 2019-11-28 04:29 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2019-12-11 10:58 - 2019-11-28 04:29 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2019-12-11 10:58 - 2019-11-28 04:29 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2019-12-11 10:58 - 2019-11-28 04:29 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2019-12-11 10:58 - 2019-11-28 04:29 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2019-12-11 10:58 - 2019-11-28 04:29 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2019-12-11 10:58 - 2019-11-28 04:29 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2019-12-11 10:58 - 2019-11-28 04:29 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2019-12-11 10:58 - 2019-11-28 04:29 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2019-12-11 10:58 - 2019-11-28 04:29 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2019-12-11 10:58 - 2019-11-28 04:29 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2019-12-11 10:58 - 2019-11-28 04:29 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2019-12-11 10:58 - 2019-11-28 04:29 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2019-12-11 10:58 - 2019-11-28 04:29 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2019-12-11 10:58 - 2019-11-28 04:29 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2019-12-11 10:58 - 2019-11-28 04:29 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2019-12-11 10:58 - 2019-11-28 04:29 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2019-12-11 10:58 - 2019-11-28 04:29 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2019-12-11 10:58 - 2019-11-28 04:29 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2019-12-11 10:58 - 2019-11-28 04:29 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2019-12-11 10:58 - 2019-11-28 04:29 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2019-12-11 10:58 - 2019-11-28 04:29 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2019-12-11 10:58 - 2019-11-28 04:28 - 001472512 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2019-12-11 10:58 - 2019-11-28 04:28 - 001162752 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2019-12-11 10:58 - 2019-11-28 04:28 - 000880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2019-12-11 10:58 - 2019-11-28 04:28 - 000733184 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2019-12-11 10:58 - 2019-11-28 04:28 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2019-12-11 10:58 - 2019-11-28 04:28 - 000463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2019-12-11 10:58 - 2019-11-28 04:28 - 000408576 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2019-12-11 10:58 - 2019-11-28 04:28 - 000316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2019-12-11 10:58 - 2019-11-28 04:28 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2019-12-11 10:58 - 2019-11-28 04:28 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2019-12-11 10:58 - 2019-11-28 04:28 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2019-12-11 10:58 - 2019-11-28 04:28 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2019-12-11 10:58 - 2019-11-28 04:28 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2019-12-11 10:58 - 2019-11-28 04:28 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2019-12-11 10:58 - 2019-11-28 04:28 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2019-12-11 10:58 - 2019-11-28 04:28 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2019-12-11 10:58 - 2019-11-28 04:28 - 000007168 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2019-12-11 10:58 - 2019-11-28 04:28 - 000006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2019-12-11 10:58 - 2019-11-28 04:28 - 000005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2019-12-11 10:58 - 2019-11-28 04:28 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2019-12-11 10:58 - 2019-11-28 04:28 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2019-12-11 10:58 - 2019-11-28 04:28 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2019-12-11 10:58 - 2019-11-28 04:28 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2019-12-11 10:58 - 2019-11-28 04:28 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2019-12-11 10:58 - 2019-11-28 04:28 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2019-12-11 10:58 - 2019-11-28 04:28 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2019-12-11 10:58 - 2019-11-28 04:28 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2019-12-11 10:58 - 2019-11-28 04:28 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2019-12-11 10:58 - 2019-11-28 04:28 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2019-12-11 10:58 - 2019-11-28 04:28 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2019-12-11 10:58 - 2019-11-28 04:28 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2019-12-11 10:58 - 2019-11-28 04:28 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2019-12-11 10:58 - 2019-11-28 04:28 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2019-12-11 10:58 - 2019-11-28 04:28 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2019-12-11 10:58 - 2019-11-28 04:28 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2019-12-11 10:58 - 2019-11-28 04:28 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2019-12-11 10:58 - 2019-11-28 04:28 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2019-12-11 10:58 - 2019-11-28 04:28 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2019-12-11 10:58 - 2019-11-28 04:28 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2019-12-11 10:58 - 2019-11-28 04:28 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2019-12-11 10:58 - 2019-11-28 04:28 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2019-12-11 10:58 - 2019-11-28 04:28 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2019-12-11 10:58 - 2019-11-28 04:28 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2019-12-11 10:58 - 2019-11-28 04:28 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2019-12-11 10:58 - 2019-11-28 04:28 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2019-12-11 10:58 - 2019-11-28 04:04 - 000009728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sscore.dll
2019-12-11 10:58 - 2019-11-28 04:03 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2019-12-11 10:58 - 2019-11-28 04:00 - 000148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2019-12-11 10:58 - 2019-11-28 04:00 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2019-12-11 10:58 - 2019-11-28 04:00 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2019-12-11 10:58 - 2019-11-28 03:59 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2019-12-11 10:58 - 2019-11-28 03:58 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2019-12-11 10:58 - 2019-11-28 03:58 - 000014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2019-12-11 10:58 - 2019-11-28 03:58 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2019-12-11 10:58 - 2019-11-28 03:58 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2019-12-11 10:58 - 2019-11-28 03:57 - 000338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2019-12-11 10:58 - 2019-11-28 03:57 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2019-12-11 10:58 - 2019-11-28 03:57 - 000006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2019-12-11 10:58 - 2019-11-28 03:57 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2019-12-11 10:58 - 2019-11-28 03:57 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2019-12-11 10:58 - 2019-11-28 03:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2019-12-11 10:58 - 2019-11-28 03:56 - 000296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2019-12-11 10:58 - 2019-11-28 03:56 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\videoprt.sys
2019-12-11 10:58 - 2019-11-28 03:53 - 000464384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2019-12-11 10:58 - 2019-11-28 03:53 - 000161280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2019-12-11 10:58 - 2019-11-28 03:52 - 000406016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2019-12-11 10:58 - 2019-11-28 03:52 - 000291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2019-12-11 10:58 - 2019-11-28 03:52 - 000169984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2019-12-11 10:58 - 2019-11-28 03:52 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2019-12-11 10:58 - 2019-11-28 03:51 - 000112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2019-12-11 10:58 - 2019-11-28 03:51 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdk8.sys
2019-12-11 10:58 - 2019-11-28 03:51 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelppm.sys
2019-12-11 10:58 - 2019-11-28 03:51 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\processr.sys
2019-12-11 10:58 - 2019-11-28 03:51 - 000044544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\npfs.sys
2019-12-11 10:58 - 2019-11-28 03:51 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2019-12-11 10:58 - 2019-11-23 08:48 - 000390752 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2019-12-11 10:58 - 2019-11-23 07:57 - 000341896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2019-12-11 10:58 - 2019-11-19 21:44 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2019-12-11 10:58 - 2019-11-19 21:44 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2019-12-11 10:58 - 2019-11-19 21:31 - 002910720 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2019-12-11 10:58 - 2019-11-19 21:30 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2019-12-11 10:58 - 2019-11-19 21:29 - 000417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2019-12-11 10:58 - 2019-11-19 21:29 - 000088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2019-12-11 10:58 - 2019-11-19 21:29 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2019-12-11 10:58 - 2019-11-19 21:22 - 000054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2019-12-11 10:58 - 2019-11-19 21:21 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2019-12-11 10:58 - 2019-11-19 21:19 - 000615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2019-12-11 10:58 - 2019-11-19 21:18 - 000814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2019-12-11 10:58 - 2019-11-19 21:18 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2019-12-11 10:58 - 2019-11-19 21:18 - 000116224 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2019-12-11 10:58 - 2019-11-19 21:17 - 005500928 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2019-12-11 10:58 - 2019-11-19 21:10 - 000969216 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2019-12-11 10:58 - 2019-11-19 21:07 - 000489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2019-12-11 10:58 - 2019-11-19 21:01 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2019-12-11 10:58 - 2019-11-19 21:00 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2019-12-11 10:58 - 2019-11-19 21:00 - 000087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2019-12-11 10:58 - 2019-11-19 20:56 - 000199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2019-12-11 10:58 - 2019-11-19 20:56 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2019-12-11 10:58 - 2019-11-19 20:54 - 000315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2019-12-11 10:58 - 2019-11-19 20:52 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2019-12-11 10:58 - 2019-11-19 20:43 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2019-12-11 10:58 - 2019-11-19 20:41 - 000809472 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2019-12-11 10:58 - 2019-11-19 20:41 - 000728064 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2019-12-11 10:58 - 2019-11-19 20:39 - 002132992 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2019-12-11 10:58 - 2019-11-19 20:39 - 001359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2019-12-11 10:58 - 2019-11-19 20:36 - 015445504 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2019-12-11 10:58 - 2019-11-19 20:26 - 004859392 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2019-12-11 10:58 - 2019-11-19 20:15 - 001566720 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2019-12-11 10:58 - 2019-11-19 20:04 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2019-12-11 10:58 - 2019-11-19 09:11 - 002724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2019-12-11 10:58 - 2019-11-19 08:59 - 000062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2019-12-11 10:58 - 2019-11-19 08:58 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2019-12-11 10:58 - 2019-11-19 08:58 - 000047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2019-12-11 10:58 - 2019-11-19 08:57 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2019-12-11 10:58 - 2019-11-19 08:56 - 002304000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2019-12-11 10:58 - 2019-11-19 08:53 - 000047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2019-12-11 10:58 - 2019-11-19 08:52 - 000030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2019-12-11 10:58 - 2019-11-19 08:50 - 000476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2019-12-11 10:58 - 2019-11-19 08:49 - 000662528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2019-12-11 10:58 - 2019-11-19 08:49 - 000620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2019-12-11 10:58 - 2019-11-19 08:49 - 000115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2019-12-11 10:58 - 2019-11-19 08:40 - 000416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2019-12-11 10:58 - 2019-11-19 08:36 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2019-12-11 10:58 - 2019-11-19 08:36 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2019-12-11 10:58 - 2019-11-19 08:35 - 000091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2019-12-11 10:58 - 2019-11-19 08:33 - 000168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2019-12-11 10:58 - 2019-11-19 08:33 - 000076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2019-12-11 10:58 - 2019-11-19 08:31 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2019-12-11 10:58 - 2019-11-19 08:30 - 000130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2019-12-11 10:58 - 2019-11-19 08:26 - 004112384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2019-12-11 10:58 - 2019-11-19 08:24 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2019-12-11 10:58 - 2019-11-19 08:23 - 002058752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2019-12-11 10:58 - 2019-11-19 08:23 - 000696320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2019-12-11 10:58 - 2019-11-19 08:22 - 001155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2019-12-11 10:58 - 2019-11-19 08:20 - 013838336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2019-12-11 10:58 - 2019-11-19 08:05 - 004387840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2019-12-11 10:58 - 2019-11-19 08:01 - 001331712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2019-12-11 10:58 - 2019-11-19 08:00 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2019-12-11 10:58 - 2019-11-15 03:32 - 000311008 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2019-12-11 10:58 - 2019-11-15 03:29 - 001425920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2019-12-11 10:58 - 2019-11-15 03:29 - 000026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleres.dll
2019-12-11 10:58 - 2019-11-15 03:29 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2019-12-11 10:58 - 2019-11-15 03:29 - 000010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2019-12-11 10:58 - 2019-11-15 03:25 - 000385248 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2019-12-11 10:58 - 2019-11-15 03:22 - 002072576 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2019-12-11 10:58 - 2019-11-15 03:22 - 000517632 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2019-12-11 10:58 - 2019-11-15 03:22 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\oleres.dll
2019-12-11 10:58 - 2019-11-15 03:21 - 000046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2019-12-11 10:58 - 2019-11-15 03:21 - 000041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2019-12-11 10:58 - 2019-11-15 03:21 - 000014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2019-12-11 10:58 - 2019-11-15 03:21 - 000008704 _____ (Microsoft Corporation) C:\Windows\system32\comcat.dll
2019-12-11 10:58 - 2019-11-15 03:04 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comcat.dll
2019-12-11 10:58 - 2019-11-15 02:59 - 000034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2019-12-11 10:58 - 2019-11-15 02:59 - 000033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WcsPlugInService.dll
2019-12-11 10:58 - 2019-11-05 22:25 - 000162016 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2019-12-10 12:27 - 2019-12-10 12:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2019-12-10 12:25 - 2019-12-10 12:26 - 043520576 _____ (SUPERAntiSpyware) C:\Users\Asus\Downloads\SUPERAntiSpyware.exe
2019-12-09 21:44 - 2019-12-10 15:58 - 000000000 ____D C:\Users\Asus\Desktop\GOOGLE FOTS
2019-12-09 18:13 - 2019-12-09 18:13 - 001397304 _____ (Google LLC) C:\Users\Asus\Downloads\installbackupandsync.exe
2019-12-09 12:52 - 2019-12-09 12:52 - 000000000 ____D C:\Users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2019-12-09 12:45 - 2019-12-10 12:15 - 000000000 ____D C:\Program Files\Mozilla Firefox
2019-12-01 22:04 - 2019-12-01 22:04 - 000009315 _____ C:\Users\Asus\Desktop\consumos diciembre m eugenia.xlsx
2019-11-29 11:50 - 2019-11-29 11:51 - 000140706 _____ C:\Users\Asus\Desktop\TEJADO ITURRIGORRI 2019.FH11
2019-11-29 11:25 - 2019-11-29 11:27 - 000000000 ____D C:\Users\Asus\Desktop\BASTE
2019-11-13 10:49 - 2019-11-05 22:25 - 000628224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2019-11-13 10:49 - 2019-11-05 22:25 - 000573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netlogon.dll
2019-11-13 10:49 - 2019-11-05 22:25 - 000337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2019-11-13 10:49 - 2019-11-05 22:25 - 000266752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\upnphost.dll
2019-11-13 10:49 - 2019-11-05 22:25 - 000175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netcorehc.dll
2019-11-13 10:49 - 2019-11-05 22:25 - 000083968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\userenv.dll
2019-11-13 10:49 - 2019-11-05 22:25 - 000046080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf3216.dll
2019-11-13 10:49 - 2019-11-05 22:24 - 001806848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2019-11-13 10:49 - 2019-11-05 22:24 - 001005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll
2019-11-13 10:49 - 2019-11-05 22:23 - 000368352 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msrpc.sys
2019-11-13 10:49 - 2019-11-05 22:22 - 000115936 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2019-11-13 10:49 - 2019-11-05 22:20 - 001068544 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2019-11-13 10:49 - 2019-11-05 22:20 - 000806400 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2019-11-13 10:49 - 2019-11-05 22:20 - 000706560 _____ (Microsoft Corporation) C:\Windows\system32\netlogon.dll
2019-11-13 10:49 - 2019-11-05 22:20 - 000572416 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll
2019-11-13 10:49 - 2019-11-05 22:20 - 000504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2019-11-13 10:49 - 2019-11-05 22:20 - 000354816 _____ (Microsoft Corporation) C:\Windows\system32\upnphost.dll
2019-11-13 10:49 - 2019-11-05 22:20 - 000246272 _____ (Microsoft Corporation) C:\Windows\system32\netcorehc.dll
2019-11-13 10:49 - 2019-11-05 22:20 - 000110592 _____ (Microsoft Corporation) C:\Windows\system32\userenv.dll
2019-11-13 10:49 - 2019-11-05 22:20 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\mf3216.dll
2019-11-13 10:49 - 2019-11-05 22:20 - 000053248 _____ (Microsoft Corporation) C:\Windows\system32\udhisapi.dll
2019-11-13 10:49 - 2019-11-05 22:19 - 001942016 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2019-11-13 10:49 - 2019-11-05 22:19 - 000114688 _____ (Microsoft Corporation) C:\Windows\system32\AxInstSv.dll
2019-11-13 10:49 - 2019-11-05 22:12 - 001312256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjet40.dll
2019-11-13 10:49 - 2019-11-05 22:03 - 000045056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\udhisapi.dll
2019-11-13 10:49 - 2019-11-05 22:03 - 000023552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\upnpcont.exe
2019-11-13 10:49 - 2019-11-05 21:57 - 000025600 _____ (Microsoft Corporation) C:\Windows\system32\upnpcont.exe
2019-11-13 10:49 - 2019-11-05 21:51 - 000058880 _____ (Microsoft Corporation) C:\Windows\system32\AxInstUI.exe
2019-11-13 10:49 - 2019-11-05 20:43 - 001251840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2019-11-13 10:49 - 2019-10-15 00:58 - 001650176 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2019-11-13 10:49 - 2019-10-15 00:58 - 001182208 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2019-11-13 10:49 - 2019-09-17 03:28 - 000738816 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2019-11-13 10:49 - 2019-09-10 03:27 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2019-11-13 10:49 - 2019-09-10 03:24 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2019-11-13 10:49 - 2019-09-10 01:09 - 000802816 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2019-11-13 10:49 - 2019-09-10 01:09 - 000634368 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2019-11-13 10:49 - 2019-09-10 01:09 - 000503808 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2019-11-13 10:49 - 2019-09-10 01:09 - 000456704 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2019-11-13 10:49 - 2019-09-10 01:09 - 000315904 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2019-11-13 10:49 - 2019-09-10 01:09 - 000257024 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2019-11-13 10:48 - 2019-11-05 22:25 - 002368000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2019-11-13 10:48 - 2019-11-05 22:25 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2019-11-13 10:48 - 2019-11-05 22:25 - 000004608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimg32.dll
2019-11-13 10:48 - 2019-11-05 22:20 - 003247616 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2019-11-13 10:48 - 2019-11-05 22:20 - 000025600 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2019-11-13 10:48 - 2019-11-05 22:20 - 000008192 _____ (Microsoft Corporation) C:\Windows\system32\msimg32.dll
2019-11-13 10:48 - 2019-11-05 22:19 - 000070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2019-11-13 10:48 - 2019-11-05 21:57 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2019-11-13 10:48 - 2019-11-05 21:50 - 000128512 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2019-11-13 10:48 - 2019-09-10 01:09 - 002863104 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-12-12 10:11 - 2018-06-22 19:06 - 000004128 _____ C:\Windows\system32\Tasks\CCleaner Update
2019-12-12 10:08 - 2019-10-03 13:52 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2019-12-12 10:08 - 2019-10-03 13:52 - 000000000 ___HD C:\ProgramData\Documents\AdobeGCData
2019-12-12 10:08 - 2013-11-27 19:34 - 000000000 ____D C:\ProgramData\TwonkyServer
2019-12-12 10:08 - 2009-07-14 05:45 - 000009920 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2019-12-12 10:08 - 2009-07-14 05:45 - 000009920 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2019-12-12 10:03 - 2011-12-13 11:27 - 000000000 ____D C:\ProgramData\NVIDIA
2019-12-12 10:02 - 2013-09-06 10:27 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-12-12 09:43 - 2015-06-17 13:47 - 000000998 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3049655351-1514379235-1721816859-1001UA.job
2019-12-12 09:38 - 2016-11-18 11:22 - 000000000 ____D C:\Users\Asus\AppData\LocalLow\Mozilla
2019-12-12 09:22 - 2012-02-16 12:23 - 000128136 _____ C:\Users\Asus\AppData\Local\GDIPFONTCACHEV1.DAT
2019-12-12 09:20 - 2009-07-14 05:45 - 007185000 _____ C:\Windows\system32\FNTCACHE.DAT
2019-12-12 09:19 - 2012-02-16 21:07 - 000000000 ____D C:\ProgramData\Panda Security
2019-12-12 09:19 - 2012-02-16 21:07 - 000000000 ____D C:\Program Files (x86)\Panda Security
2019-12-12 09:18 - 2012-02-16 21:12 - 000000000 ____D C:\Users\Asus\AppData\Roaming\Panda Security
2019-12-12 09:18 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf
2019-12-12 09:17 - 2014-06-20 11:37 - 000000000 ____D C:\Users\Asus\AppData\Local\Adobe
2019-12-11 20:43 - 2015-06-17 13:47 - 000000946 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3049655351-1514379235-1721816859-1001Core.job
2019-12-11 18:43 - 2012-05-02 19:01 - 000000000 ____D C:\Users\Asus\AppData\Roaming\uTorrent
2019-12-11 18:10 - 2011-12-13 11:34 - 000002042 _____ C:\Windows\system32\ServiceFilter.ini
2019-12-11 18:07 - 2018-06-22 18:59 - 000000000 ____D C:\Users\Asus\AppData\Local\Lavasoft
2019-12-11 18:07 - 2012-04-18 11:34 - 000000000 ____D C:\ProgramData\Lavasoft
2019-12-11 18:05 - 2018-04-11 09:35 - 000000000 ____D C:\AdwCleaner
2019-12-11 18:00 - 2017-12-21 15:41 - 000000000 ____D C:\Users\Asus\Desktop\recove
2019-12-11 17:43 - 2012-04-17 14:37 - 000000000 ____D C:\ProgramData\Malwarebytes
2019-12-11 17:36 - 2019-03-16 22:44 - 000000000 ____D C:\Users\Asus\AppData\Local\BitTorrentHelper
2019-12-11 16:50 - 2014-12-19 13:59 - 000000000 ____D C:\Users\Asus\AppData\Roaming\vlc
2019-12-11 16:27 - 2011-02-19 05:19 - 000702532 _____ C:\Windows\system32\perfh00A.dat
2019-12-11 16:27 - 2011-02-19 05:19 - 000142368 _____ C:\Windows\system32\perfc00A.dat
2019-12-11 16:27 - 2009-07-14 06:13 - 001594636 _____ C:\Windows\system32\PerfStringBackup.INI
2019-12-11 15:16 - 2011-10-19 05:11 - 001542846 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2019-12-11 15:11 - 2013-08-19 14:08 - 000000000 ____D C:\Windows\system32\MRT
2019-12-11 15:02 - 2012-02-23 14:40 - 129221664 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2019-12-10 18:56 - 2018-09-07 14:02 - 000000000 ____D C:\Users\Asus\AppData\Local\Spotify
2019-12-10 18:52 - 2018-09-07 14:01 - 000000000 ____D C:\Users\Asus\AppData\Roaming\Spotify
2019-12-10 18:07 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\system32\NDF
2019-12-10 13:55 - 2018-03-13 17:26 - 000004488 _____ C:\Windows\system32\Tasks\Adobe Flash Player NPAPI Notifier
2019-12-10 13:55 - 2016-04-14 09:05 - 000004320 _____ C:\Windows\system32\Tasks\Adobe Flash Player Updater
2019-12-10 13:55 - 2016-04-07 14:45 - 000842296 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerApp.exe
2019-12-10 13:55 - 2016-04-07 14:45 - 000175160 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2019-12-10 13:55 - 2012-02-21 14:49 - 000000000 ____D C:\Windows\system32\Macromed
2019-12-10 13:55 - 2011-10-19 05:25 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2019-12-10 12:48 - 2012-02-16 21:13 - 000000000 ____D C:\Program Files\SUPERAntiSpyware
2019-12-10 12:15 - 2017-06-26 22:13 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-12-10 10:17 - 2014-05-06 09:47 - 000000000 ___RD C:\Users\Asus\Dropbox
2019-12-10 09:15 - 2012-02-16 22:23 - 000000000 ____D C:\Program Files\Common Files\Adobe
2019-12-10 00:05 - 2012-02-16 21:16 - 000000000 ____D C:\Program Files\CCleaner
2019-12-09 21:04 - 2016-04-07 22:06 - 000271360 _____ C:\Users\Asus\Desktop\Copia de BANKINTER COMUN PATXI - JANIRE (25).xls
2019-12-09 12:53 - 2014-06-04 14:08 - 000000000 ____D C:\Users\Asus\AppData\Roaming\Dropbox
2019-12-04 17:02 - 2018-04-25 10:29 - 000000000 ____D C:\ProgramData\firebird
2019-12-03 18:32 - 2017-02-08 15:28 - 000000000 ____D C:\Users\Asus\AppData\Local\CrashDumps
2019-12-02 22:01 - 2012-02-23 13:07 - 000000000 ___RD C:\Users\Asus\Desktop\arenas torronteguisl
2019-11-30 19:05 - 2009-07-14 06:08 - 000032574 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2019-11-29 11:26 - 2017-03-03 15:16 - 000000000 ____D C:\Users\Asus\Desktop\barco
2019-11-26 10:57 - 2019-11-08 08:59 - 000011235 _____ C:\Users\Asus\Desktop\OBRAS.xlsx
2019-11-19 13:01 - 2014-04-05 15:26 - 000000000 ____D C:\Users\Asus\Desktop\Premiere
2019-11-19 08:12 - 2017-06-26 22:19 - 000002224 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-11-15 12:57 - 2014-05-09 13:05 - 000000000 ____D C:\Users\Asus\Desktop\MANUALES APARATOS
2019-11-15 12:57 - 2013-04-19 00:49 - 000000000 ____D C:\Users\Asus\Desktop\CP BILTOSAN
2019-11-14 23:16 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\rescache
2019-11-14 08:56 - 2015-04-17 07:53 - 000000000 ____D C:\Windows\system32\appraiser
2019-11-14 08:56 - 2014-05-06 14:35 - 000000000 ___SD C:\Windows\system32\CompatTel
2019-11-14 08:56 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\PolicyDefinitions
2019-11-12 22:03 - 2012-09-06 17:19 - 000748816 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
==================== Files in the root of some directories ========
2013-01-09 13:34 - 2013-01-09 13:43 - 095023320 ____T () C:\ProgramData\dsgsdgdsgdsgw.pad
2014-03-30 19:53 - 2014-03-30 19:53 - 000000132 _____ () C:\Users\Asus\AppData\Roaming\Adobe BMP Format CS6 Prefs
2017-05-09 16:30 - 2017-05-09 16:30 - 000000132 _____ () C:\Users\Asus\AppData\Roaming\Adobe GIF Format CS6 Prefs
2016-01-29 21:47 - 2016-02-14 17:03 - 000000132 _____ () C:\Users\Asus\AppData\Roaming\Adobe IllExport Filter CS6 Prefs
2014-05-27 14:41 - 2016-11-24 14:22 - 000000132 _____ () C:\Users\Asus\AppData\Roaming\Adobe PNG Format CS6 Prefs
2015-07-29 15:46 - 2015-07-29 15:46 - 000004536 _____ () C:\Users\Asus\AppData\Roaming\CamStudio.cfg
2014-05-20 13:22 - 2014-09-10 13:54 - 000000640 _____ () C:\Users\Asus\AppData\Roaming\Contact Sheet II.xml
2014-05-20 13:22 - 2014-09-10 13:54 - 000008057 _____ () C:\Users\Asus\AppData\Roaming\ContactSheetII.log
2015-07-28 09:50 - 2015-07-29 15:41 - 000000096 _____ () C:\Users\Asus\AppData\Roaming\version2.xml
2012-12-17 02:34 - 2012-12-17 02:34 - 054369963 _____ () C:\Users\Asus\AppData\Local\AdobeSetupUtility.zip.aamdownload
2012-12-17 02:34 - 2012-12-17 02:34 - 000000809 _____ () C:\Users\Asus\AppData\Local\AdobeSetupUtility.zip.aamdownload.aamd
2012-07-14 16:42 - 2012-12-18 11:07 - 000003584 _____ () C:\Users\Asus\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-05-06 19:47 - 2016-12-30 12:28 - 000465920 _____ (Dirección General de la Policía) C:\Users\Asus\AppData\Local\DNIeService.exe
2015-05-14 12:05 - 2015-05-14 12:05 - 000000001 _____ () C:\Users\Asus\AppData\Local\llftool.4.25.agreement
2018-10-01 08:02 - 2018-10-01 08:02 - 000000000 _____ () C:\Users\Asus\AppData\Local\oobelibMkey.log
2015-04-28 12:32 - 2015-04-28 12:33 - 028579392 _____ (Sony Mobile Communications ) C:\Users\Asus\AppData\Local\pcc.exe
2015-02-11 10:09 - 2018-04-16 16:41 - 000007614 _____ () C:\Users\Asus\AppData\Local\Resmon.ResmonCfg
2015-08-03 13:44 - 2015-08-03 13:46 - 000353118 _____ () C:\Users\Asus\AppData\Local\SquareClock.Production_HBMV1Icon.ico
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
LastRegBack: 2019-12-10 13:38
==================== End of FRST.txt ========================Additional scan result of Farbar Recovery Scan Tool (x64) Version: 07-12-2019
Ran by Asus (12-12-2019 10:18:22)
Running from C:\Users\Asus\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2012-02-16 11:23:28)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrador (S-1-5-21-3049655351-1514379235-1721816859-500 - Administrator - Disabled)
Asus (S-1-5-21-3049655351-1514379235-1721816859-1001 - Administrator - Enabled) => C:\Users\Asus
HomeGroupUser$ (S-1-5-21-3049655351-1514379235-1721816859-1003 - Limited - Enabled)
Invitado (S-1-5-21-3049655351-1514379235-1721816859-501 - Limited - Enabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKU\S-1-5-21-3049655351-1514379235-1721816859-1001\...\uTorrent) (Version: 3.5.5.45395 - BitTorrent Inc.)
Actualización de NVIDIA 2.13.0.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 2.13.0.21 - NVIDIA Corporation) Hidden
Adobe Acrobat XI Pro (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-000000000006}) (Version: 11.0.00 - Adobe Systems)
Adobe Connect 9 Add-in (HKU\S-1-5-21-3049655351-1514379235-1721816859-1001\...\Adobe Connect 9 Add-in) (Version: 11.9.979.366 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.303 - Adobe)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Photoshop Lightroom 4.2 64-bit (HKLM\...\{B71CCF77-38A2-4805-9759-A6F7D2C52F3A}) (Version: 4.2.1 - Adobe)
Adobe Premiere Pro CC (HKLM-x32\...\{505FF1AC-E7F5-4462-BBA7-08900E7E9EEF}) (Version: 7.0.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.01) - Español (HKLM-x32\...\{AC76BA86-7AD7-1034-7B44-AB0000000001}) (Version: 11.0.01 - Adobe Systems Incorporated)
Adobe Update Management Tool (HKLM-x32\...\{534A7A1A-7102-4AF6-23EA-7CD279C7B625}_is1) (Version: 6.2 - PainteR)
Alcor Micro USB Card Reader (HKLM-x32\...\{4555BB9E-E715-4260-A178-E8EFD2B653E3}) (Version: 1.2.0117.08443 - Alcor Micro Corp.) Hidden
Alcor Micro USB Card Reader (HKLM-x32\...\AmUStor) (Version: 1.2.0117.08443 - Alcor Micro Corp.)
Apple Application Support (32 bits) (HKLM-x32\...\{26356515-5821-40FA-9C3D-9785052A1062}) (Version: 4.3.1 - Apple Inc.)
Apple Application Support (64 bits) (HKLM\...\{C2651553-6CA3-4822-B2E6-BC4ACA6E0EA2}) (Version: 4.3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2E4AF2A6-50EA-4260-9BA4-5E582D11879A}) (Version: 9.3.0.15 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.)
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.14.2.0 - Asmedia Technology)
ASUS AI Recovery (HKLM-x32\...\{D39F0676-163E-4595-A917-E28F99BBD4D2}) (Version: 1.0.16 - ASUS)
ASUS FaceLogon (HKLM-x32\...\{64452561-169F-4A36-A2FF-B5E118EC65F5}) (Version: 1.0.0012 - ASUS)
ASUS LifeFrame3 (HKLM-x32\...\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}) (Version: 3.0.25 - ASUS)
ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 1.1.48 - ASUS)
ASUS Sonic Focus (HKLM-x32\...\{B0002707-4F7E-4745-88A7-852DA8A88635}) (Version: 1.0.0.5 - Synopsys )
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 1.02.0035 - ASUS)
ASUS Virtual Camera (HKLM-x32\...\{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}) (Version: 1.0.23 - asus)
ASUS WebStorage (HKLM-x32\...\ASUS WebStorage) (Version: 3.0.108.222 - eCareme Technologies, Inc.)
AsusScr_K3 Series_ENG (HKLM-x32\...\AsusScr_K3 Series_ENG) (Version: 1.0.0001 - ASUS)
AsusVibe2.0 (HKLM-x32\...\Asus Vibe2.0) (Version: 2.0.7.142 - ASUSTEK)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.33 - Atheros Communications Inc.)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0014 - ASUS)
Bing Bar (HKLM-x32\...\{1E03DB52-D5CB-4338-A338-E526DD4D4DB1}) (Version: 7.0.610.0 - Microsoft Corporation)
Bit4id - miniLector (HKLM-x32\...\Bit4id - miniLector) (Version: 3.3 - Bit4id)
bl (HKLM-x32\...\{2A075BB4-E976-4278-BF3F-E5C6945D84C0}) (Version: 1.0.0 - Your Company Name) Hidden
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Brother MFL-Pro Suite MFC-5890CN (HKLM-x32\...\{20E970DF-A7B2-4345-9DEB-72213A29645E}) (Version: 1.0.1.0 - Brother Industries, Ltd.)
Bubbletown (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115065740}) (Version: - Oberon Media)
Camera Control Pro 2 (HKLM-x32\...\{FE96C49B-DB90-405E-A00E-09E38372F880}) (Version: 2.0.0 - Nikon)
CamStudio 2.7.4 (HKLM\...\{04B83666-3A62-452B-85D3-70F8117F2329}_is1) (Version: 2.7.4 - CamStudio Open Source)
CCleaner (HKLM\...\CCleaner) (Version: 5.46 - Piriform)
Compresor WinRAR (HKLM-x32\...\WinRAR archiver) (Version: - )
Configurador_FNMT (HKLM-x32\...\{438D4C4C-B703-4971-9C3D-33FF8A010ADB}) (Version: 3.6 - FNMT-RCM)
Control ActiveX de Windows Live Mesh para conexiones remotas (HKLM-x32\...\{04668DF2-D32F-4555-9C7E-35523DCD6544}) (Version: 15.4.5722.2 - Microsoft Corporation)
Contrôle ActiveX Windows Live Mesh pour connexions à distance (HKLM-x32\...\{55D003F4-9599-44BF-BA9E-95D060730DD3}) (Version: 15.4.5722.2 - Microsoft Corporation)
Controlo ActiveX do Windows Live Mesh para Ligações Remotas (HKLM-x32\...\{E54EEB5D-41ED-40FE-B4A8-8565DB81469B}) (Version: 15.4.5722.2 - Microsoft Corporation)
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.3624 - CyberLink Corp.)
CyberLink Media Suite (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 8.0.2926 - CyberLink Corp.)
CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 7.0.0.1126 - CyberLink Corp.)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Deadtime Stories (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-118716773}) (Version: - Oberon Media)
Defraggler (HKLM\...\Defraggler) (Version: 2.18 - Piriform)
Diamacon (HKLM-x32\...\Diamacon) (Version: - )
Dream Day First Home (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113832110}) (Version: - Oberon Media)
Dream Vacation Solitaire (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111249233}) (Version: - Oberon Media)
Dropbox (HKU\S-1-5-21-3049655351-1514379235-1721816859-1001\...\Dropbox) (Version: 86.4.146 - Dropbox, Inc.)
DVD Flick 1.3.0.7 (HKLM-x32\...\DVD Flick_is1) (Version: 1.3.0.7 - Dennis Meuwissen)
DVD-lab PRO 2.3 (HKLM-x32\...\DVD-lab PRO 2.3_is1) (Version: - Mediachance)
eMule (HKLM-x32\...\eMule) (Version: - )
Farm Frenzy 3 - Madagascar (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-119205603}) (Version: - Oberon Media)
Fast Boot (HKLM\...\{13F4A7F3-EABC-4261-AF6B-1317777F0755}) (Version: 1.0.10 - ASUS)
Firebird 2.5.2.26539 (Win32) (HKLM-x32\...\FBDBServer_2_5_is1) (Version: 2.5.2.26539 - Firebird Project)
Fitbit Connect (HKLM-x32\...\{1015F4B1-B358-44EC-8B74-953F16E2DCD5}) (Version: 2.0.1.6742 - Fitbit Inc.)
G Suite Migration For Microsoft Outlook® 4.1.6.0 (HKLM-x32\...\{4CBFFA05-0AC4-4651-9FEC-D75E6CC3C711}) (Version: 4.1.6.0 - Google, Inc.)
G Suite Sync™ for Microsoft Outlook® 4.1.36.0 (HKLM-x32\...\{67B99A0A-C4DC-4765-8B67-C73FD10A8E12}) (Version: 4.1.36.0 - Google, Inc.)
Galapago (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111307457}) (Version: - Oberon Media)
Galeria de Fotografias do Windows Live (HKLM-x32\...\{0EC0B576-90F9-43C3-8FAD-A4902DF4B8F4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galería fotográfica de Windows Live (HKLM-x32\...\{E85A4EFC-82F2-4CEE-8A8E-62FDAD353A66}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (HKLM-x32\...\{488F0347-C4A7-4374-91A7-30818BEDA710}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Game Park Console (HKLM-x32\...\Game Park Console) (Version: 1.2.4.431 - Oberon Media Inc.)
Go Go Gourmet Chef of the Year (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115290153}) (Version: - Oberon Media)
Google Calendar Sync (HKLM-x32\...\Google Calendar Sync) (Version: - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 78.0.3904.108 - Google LLC)
Google Drive (HKLM-x32\...\{A8DC81F2-D365-4248-892A-FA3B5951F731}) (Version: 2.34.9392.7803 - Google, Inc.)
Google Earth Pro (HKLM\...\{70A0F34E-564B-4F93-ADD6-3BAEC6E44075}) (Version: 7.3.2.5776 - Google)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.341 - Google LLC) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
GoPro Studio 2.0.1 (HKLM-x32\...\GoPro Studio) (Version: 2.0.1 - WoodmanLabs Inc. d.b.a. GoPro)
HandBrake 0.9.6 (HKLM-x32\...\HandBrake) (Version: 0.9.6 - )
Idazki Desktop (HKLM-x32\...\idazki) (Version: 3.2.2 - Izenpe S.A.)
Image Trends' Fisheye-Hemi Plug-In 1.2.5 (HKLM-x32\...\{D2F46689-78FD-449E-810D-8C38600F711B}) (Version: 1.2.5 - Image Trends, Inc. )
Instalable DNIe (HKLM\...\{B4A6EF31-AC22-4BE2-A714-581FC66DBFAF}) (Version: 13.0.2 - Cuerpo Nacional de Policía)
InstantOn for NB (HKLM-x32\...\{749F674B-2674-47E8-879C-5626A06B2A91}) (Version: 2.1.6 - ASUS)
Intel PROSet Wireless (HKLM-x32\...\ProInst) (Version: - ) Hidden
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.4229 - Intel Corporation)
Intel(R) PROSet/Wireless WiFi Software (HKLM\...\{25FBDA9A-E868-4B3B-B9FF-D923818511A1}) (Version: 14.2.0000 - Intel Corporation)
Intel(R) Turbo Boost Technology Monitor 2.0 (HKLM\...\{B77EFA0B-9BD3-4122-9F9A-15A963B5EA24}) (Version: 2.1.23.0 - Intel)
Iomega QuikProtect (64-Bit) (HKLM\...\{B53FA0E4-739C-435F-9872-E3032F2E08FC}) (Version: 1.0.2.54 - Iomega Corporation an EMC Company)
iTunes (HKLM\...\{0D44E3A4-6C3D-45D7-B443-079509E5BE5D}) (Version: 12.3.2.35 - Apple Inc.)
Junk Mail filter update (HKLM-x32\...\{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
LenovoEMC Storage Manager (HKLM\...\LenovoEMC Storage Manager) (Version: 1.4.4.14439 - EMC)
Links 2003 (Downloadable Version) (remove only) (HKLM-x32\...\Links 2003 (Downloadable Version)) (Version: - )
Macromedia FreeHand MX (HKLM-x32\...\{8B4AE751-7055-4518-87B0-E148A8D50D0A}) (Version: 11 - Macromedia)
Macromedia FreeHand MXa (HKLM-x32\...\{939740B5-0064-4779-854A-8C1086181C05}) (Version: 11.0.2 - Macromedia)
Mahjong Memoirs (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-117948443}) (Version: - Oberon Media)
Malwarebytes version 4.0.4.49 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.0.4.49 - Malwarebytes)
Media Go (HKLM-x32\...\{70DB09B8-1BA5-410A-992F-1C1CE288229E}) (Version: 2.9.316 - Sony)
Media Go Network Downloader (HKLM-x32\...\{C52148B9-19E0-433A-9422-3451B1BEE20F}) (Version: 1.6.01.0 - Sony)
Media Go Video Playback Engine 2.16.101.12020 (HKLM-x32\...\{B4CF5698-38A5-494E-0EC3-799D00C42E17}) (Version: 2.16.101.12020 - Sony)
Mesh Runtime (HKLM-x32\...\{8C6D6116-B724-4810-8F2D-D047E6B7D68E}) (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.7.2 (español) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 3082) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft .NET Framework 4.7.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Professional Edition 2003 (HKLM-x32\...\{90110C0A-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 71.0 (x64 es-ES) (HKLM\...\Mozilla Firefox 71.0 (x64 es-ES)) (Version: 71.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 54.0 - Mozilla)
MSI to redistribute MS VS2005 CRT libraries (HKLM-x32\...\{A8D93648-9F7F-407D-915C-62044644C3DA}) (Version: 8.0.50727.42 - The Firebird Project)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Neat Video for Premiere (HKLM\...\Neat Video for Premiere_is1) (Version: 3.5 - ABSoft)
Nero Burning ROM 11 (HKLM-x32\...\{E656D89A-8CBB-497F-918F-8361A4071C26}) (Version: 11.0.10400 - Nero AG)
Nikon Message Center (HKLM-x32\...\{D2FCC1AE-6311-47C5-8130-C6C66D77DD71}) (Version: 0.92.000 - Nikon)
Nuance PDF Reader (HKLM-x32\...\{B480904D-F73F-4673-B034-8A5F492C9184}) (Version: 6.00.0041 - Nuance Communications, Inc.)
NVIDIA Controlador de 3D Vision 353.84 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 353.84 - NVIDIA Corporation)
NVIDIA Controlador de gráficos 353.84 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 353.84 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.1.2.31 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.1.2.31 - NVIDIA Corporation)
NVIDIA Software del sistema PhysX 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
NvNodejs (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvNodejs) (Version: 3.1.2.31 - NVIDIA Corporation) Hidden
NvTelemetry (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvTelemetry) (Version: 1.2.0.0 - NVIDIA Corporation) Hidden
OpenCPN 4.8.0 (HKLM-x32\...\OpenCPN 4.8.0) (Version: 4.8.0 - opencpn.org)
Panel de control de NVIDIA 353.84 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 353.84 - NVIDIA Corporation) Hidden
PaperPort Image Printer 64-bit (HKLM\...\{ABA4FAF1-6389-45F9-92CE-3914A4E5C471}) (Version: 1.00.0000 - Nuance Communications, Inc.)
Paquete de idioma de Microsoft Visual Studio 2010 Tools para Office Runtime (x64) - ESN (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - ESN) (Version: 10.0.50903 - Microsoft Corporation)
PDF Settings CS6 (HKLM-x32\...\{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}) (Version: 11.0 - Adobe Systems Incorporated) Hidden
ph (HKLM-x32\...\{185F9795-9663-4F13-9EF9-307A282ADB5A}) (Version: 1.0.0 - Your Company Name) Hidden
Plants vs Zombies (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-117080787}) (Version: - Oberon Media)
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
Raccolta foto di Windows Live (HKLM-x32\...\{ED16B700-D91F-44B0-867C-7EB5253CA38D}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
RE:Vision Effects Twixtor AE (HKLM\...\Twixtor AE 6_is1) (Version: 6.0.4 - Team V.R)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6499 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
Renta y Patrimonio 2017 (HKLM-x32\...\ST6UNST #2) (Version: - )
Renta y Patrimonio 2018 (HKLM-x32\...\ST6UNST #1) (Version: - )
ScanSoft PaperPort 11 (HKLM-x32\...\{02570AE0-BEE0-4A6C-BE3F-D806E9F2EA17}) (Version: 11.2.0000 - Nuance Communications, Inc.)
SEPIN, Sistema Experto Jurídico (HKLM-x32\...\SEPIN, Sistema Experto Jurídico) (Version: - )
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 7.1.0340 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController) (Version: 3.1.2.31 - NVIDIA Corporation) Hidden
Sony Vegas Pro 8.0 (HKLM-x32\...\{B7E2A724-2774-4AC2-9F0A-B58C7319B6E6}) (Version: 8.0.260 - Sony)
SoulSeek 157 NS 13e (HKLM-x32\...\Soulseek2) (Version: - )
Spotify (HKU\S-1-5-21-3049655351-1514379235-1721816859-1001\...\Spotify) (Version: 1.0.88.353.g15c26ea1 - Spotify AB)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 8.0.1046 - SUPERAntiSpyware.com)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.17.0 - Synaptics Incorporated)
Synology Assistant (remove only) (HKLM-x32\...\Synology Assistant) (Version: 6.1-15163 - Synology)
Synology Drive (remove only) (HKLM\...\Synology Drive) (Version: 5.1.2.10562 - Synology, Inc.)
TMPGEnc Video Mastering Works (HKLM-x32\...\TMPGEnc Video Mastering Works) (Version: - )
Turbo Fiesta (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115320460}) (Version: - Oberon Media)
Twonky 7.0 (HKLM-x32\...\TwonkyServer) (Version: 7.0.9.0 - PacketVideo)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.6 - VideoLAN)
Windows Driver Package - Dirección General de la Policía (UMPass) SmartCard (10/04/2015 1.0.2.4) (HKLM\...\8511265726450F16617C484913A433A328D3D65C) (Version: 10/04/2015 1.0.2.4 - Dirección General de la Policía)
Windows Driver Package - GoPro (WinUSB) Universal Serial Bus devices (03/07/2012 ) (HKLM\...\0B624A43DD66DBF5CF3EDFA9741A364E688062A4) (Version: 03/07/2012 - GoPro)
Windows Installer Clean Up (HKLM-x32\...\{121634B0-2F4B-11D3-ADA3-00C04F52DD52}) (Version: 3.00.00.0000 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen (HKLM-x32\...\{C32CE55C-12BA-4951-8797-0967FDEF556F}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{C63A1E60-B6A4-440B-89A5-1FC6E4AC1C94}) (Version: 15.4.5722.2 - Microsoft Corporation)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.32.0 - ASUS)
WinRAR 4.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
Wireless Console 3 (HKLM-x32\...\{C4BC5A5F-4A97-47CC-99C3-AB8E10572AFE}) (Version: 3.0.24 - ASUS)
World of Goo (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-116672750}) (Version: - Oberon Media)
Στοιχείο ελέγχου ActiveX του Windows Live Mesh για απομακρυσμένες συνδέσεις (HKLM-x32\...\{F665F3B8-01B4-46A9-8E47-FF8DC2208C9F}) (Version: 15.4.5722.2 - Microsoft Corporation)
Συλλογή φωτογραφιών του Windows Live (HKLM-x32\...\{C00C2A91-6CB3-483F-80B3-2958E29468F1}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Основные компоненты Windows Live (HKLM-x32\...\{E83DC314-C926-4214-AD58-147691D6FE9F}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Почта Windows Live (HKLM-x32\...\{B63F0CE3-CCD0-490A-9A9C-E1A3B3A17137}) (Version: 15.4.3502.0922 - Корпорация Майкрософт) Hidden
Фотоальбом Windows Live (HKLM-x32\...\{77F69CA1-E53D-4D77-8BA3-FA07606CC851}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Элемент управления Windows Live Mesh ActiveX для удаленных подключений (HKLM-x32\...\{BCB0D6F7-7EAB-4009-A6F2-8E0E7F317773}) (Version: 15.4.5722.2 - Microsoft Corporation)
גלריית התמונות של Windows Live (HKLM-x32\...\{CE929F09-3853-4180-BD90-30764BFF7136}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
פקד ActiveX של Windows Live Mesh עבור חיבורים מרוחקים (HKLM-x32\...\{9D4C7DFA-CBBB-4F06-BDAC-94D831406DF0}) (Version: 15.4.5722.2 - Microsoft Corporation)
بريد Windows Live (HKLM-x32\...\{0A4C4B29-5A9D-4910-A13C-B920D5758744}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
عنصر تحكم ActiveX الخاص بـ Windows Live Mesh للاتصالات البعيدة (HKLM-x32\...\{E18B30AA-6E2D-480C-B918-AF61009F4010}) (Version: 15.4.5722.2 - Microsoft Corporation)
معرض صور Windows Live (HKLM-x32\...\{FBCA06D2-4642-4F33-B20A-A7AB3F0D2E69}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
適用遠端連線的 Windows Live Mesh ActiveX 控制項 (HKLM-x32\...\{622DE1BE-9EDE-49D3-B349-29D64760342A}) (Version: 15.4.5722.2 - Microsoft Corporation)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3049655351-1514379235-1721816859-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Asus\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3049655351-1514379235-1721816859-1001_Classes\CLSID\{2C4A5D61-009C-4561-9A33-6AFD542FD237}\InprocServer32 -> C:\Users\Asus\AppData\Local\SynologyDrive\SynologyDrive.app\icon-overlay\20\x64\ContextMenu.dll () [File not signed]
CustomCLSID: HKU\S-1-5-21-3049655351-1514379235-1721816859-1001_Classes\CLSID\{472CE1AD-5D53-4BCF-A1FB-3982A5F55138}\InprocServer32 -> C:\Users\Asus\AppData\Local\SynologyDrive\SynologyDrive.app\icon-overlay\20\x64\iconOverlay.dll (TODO: <Company name>) [File not signed]
CustomCLSID: HKU\S-1-5-21-3049655351-1514379235-1721816859-1001_Classes\CLSID\{48AB5ADA-36B1-4137-99C9-2BD97F8788AB}\InprocServer32 -> C:\Users\Asus\AppData\Local\SynologyDrive\SynologyDrive.app\icon-overlay\20\x64\iconOverlay.dll (TODO: <Company name>) [File not signed]
CustomCLSID: HKU\S-1-5-21-3049655351-1514379235-1721816859-1001_Classes\CLSID\{A433C3E0-8B24-40EB-93C3-4B10D9959F58}\InprocServer32 -> C:\Users\Asus\AppData\Local\SynologyDrive\SynologyDrive.app\icon-overlay\20\x64\iconOverlay.dll (TODO: <Company name>) [File not signed]
CustomCLSID: HKU\S-1-5-21-3049655351-1514379235-1721816859-1001_Classes\CLSID\{AEB16659-2125-4ADA-A4AB-45EE21E86469}\InprocServer32 -> C:\Users\Asus\AppData\Local\SynologyDrive\SynologyDrive.app\icon-overlay\20\x64\iconOverlay.dll (TODO: <Company name>) [File not signed]
CustomCLSID: HKU\S-1-5-21-3049655351-1514379235-1721816859-1001_Classes\CLSID\{C701AD67-3DF0-47C9-89CB-DFA6207BE229}\InprocServer32 -> C:\Users\Asus\AppData\Local\SynologyDrive\SynologyDrive.app\icon-overlay\20\x64\iconOverlay.dll (TODO: <Company name>) [File not signed]
CustomCLSID: HKU\S-1-5-21-3049655351-1514379235-1721816859-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Asus\AppData\Roaming\Dropbox\bin\DropboxExt64.27.0.dll (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3049655351-1514379235-1721816859-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Asus\AppData\Roaming\Dropbox\bin\DropboxExt64.27.0.dll (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3049655351-1514379235-1721816859-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Asus\AppData\Roaming\Dropbox\bin\DropboxExt64.27.0.dll (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3049655351-1514379235-1721816859-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Asus\AppData\Roaming\Dropbox\bin\DropboxExt64.27.0.dll (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3049655351-1514379235-1721816859-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Asus\AppData\Roaming\Dropbox\bin\DropboxExt64.27.0.dll (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3049655351-1514379235-1721816859-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Asus\AppData\Roaming\Dropbox\bin\DropboxExt64.27.0.dll (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3049655351-1514379235-1721816859-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Asus\AppData\Roaming\Dropbox\bin\DropboxExt64.27.0.dll (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3049655351-1514379235-1721816859-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Asus\AppData\Roaming\Dropbox\bin\DropboxExt64.27.0.dll (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3049655351-1514379235-1721816859-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Asus\AppData\Roaming\Dropbox\bin\DropboxExt64.27.0.dll (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3049655351-1514379235-1721816859-1001_Classes\CLSID\{FB314EE1-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Asus\AppData\Roaming\Dropbox\bin\DropboxExt64.27.0.dll (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3049655351-1514379235-1721816859-1001_Classes\CLSID\{FB314EE2-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Asus\AppData\Roaming\Dropbox\bin\DropboxExt64.27.0.dll (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3049655351-1514379235-1721816859-1001_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Asus\AppData\Roaming\Dropbox\bin\DropboxExt64.27.0.dll (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ 01UnsuppModule] -> {AEB16659-2125-4ADA-A4AB-45EE21E86469} => C:\Users\Asus\AppData\Local\SynologyDrive\SynologyDrive.app\icon-overlay\20\x64\iconOverlay.dll [2018-10-19] (TODO: <Company name>) [File not signed]
ShellIconOverlayIdentifiers: [ 02SyncingModule] -> {48AB5ADA-36B1-4137-99C9-2BD97F8788AB} => C:\Users\Asus\AppData\Local\SynologyDrive\SynologyDrive.app\icon-overlay\20\x64\iconOverlay.dll [2018-10-19] (TODO: <Company name>) [File not signed]
ShellIconOverlayIdentifiers: [ 03SyncedModule] -> {472CE1AD-5D53-4BCF-A1FB-3982A5F55138} => C:\Users\Asus\AppData\Local\SynologyDrive\SynologyDrive.app\icon-overlay\20\x64\iconOverlay.dll [2018-10-19] (TODO: <Company name>) [File not signed]
ShellIconOverlayIdentifiers: [ 04ReadOnlyModule] -> {A433C3E0-8B24-40EB-93C3-4B10D9959F58} => C:\Users\Asus\AppData\Local\SynologyDrive\SynologyDrive.app\icon-overlay\20\x64\iconOverlay.dll [2018-10-19] (TODO: <Company name>) [File not signed]
ShellIconOverlayIdentifiers: [ 05NoPermModule] -> {C701AD67-3DF0-47C9-89CB-DFA6207BE229} => C:\Users\Asus\AppData\Local\SynologyDrive\SynologyDrive.app\icon-overlay\20\x64\iconOverlay.dll [2018-10-19] (TODO: <Company name>) [File not signed]
ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Asus\AppData\Roaming\Dropbox\bin\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Asus\AppData\Roaming\Dropbox\bin\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Asus\AppData\Roaming\Dropbox\bin\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Asus\AppData\Roaming\Dropbox\bin\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Asus\AppData\Roaming\Dropbox\bin\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Asus\AppData\Roaming\Dropbox\bin\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Asus\AppData\Roaming\Dropbox\bin\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Asus\AppData\Roaming\Dropbox\bin\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Asus\AppData\Roaming\Dropbox\bin\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Asus\AppData\Roaming\Dropbox\bin\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-04-23] (Google Inc -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-04-23] (Google Inc -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-04-23] (Google Inc -> Google)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers: [AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7190} => C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\ASUSWSShellExt64.dll [2011-05-25] (eCareme Technologies, Inc.) [File not signed]
ShellIconOverlayIdentifiers: [AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D808} => C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\ASUSWSShellExt64.dll [2011-05-25] (eCareme Technologies, Inc.) [File not signed]
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Asus\AppData\Roaming\Dropbox\bin\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Asus\AppData\Roaming\Dropbox\bin\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Asus\AppData\Roaming\Dropbox\bin\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Asus\AppData\Roaming\Dropbox\bin\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Asus\AppData\Roaming\Dropbox\bin\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Asus\AppData\Roaming\Dropbox\bin\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Asus\AppData\Roaming\Dropbox\bin\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Asus\AppData\Roaming\Dropbox\bin\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Asus\AppData\Roaming\Dropbox\bin\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Asus\AppData\Roaming\Dropbox\bin\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Asus\AppData\Roaming\Dropbox\bin\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Asus\AppData\Roaming\Dropbox\bin\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Asus\AppData\Roaming\Dropbox\bin\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Asus\AppData\Roaming\Dropbox\bin\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Asus\AppData\Roaming\Dropbox\bin\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Asus\AppData\Roaming\Dropbox\bin\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Asus\AppData\Roaming\Dropbox\bin\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Asus\AppData\Roaming\Dropbox\bin\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat Elements\ContextMenuShim64.dll [2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2018-04-23] (Google Inc -> Google)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2012-06-09] (Alexander Roshal) [File not signed]
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2012-06-09] (Alexander Roshal) [File not signed]
ContextMenuHandlers3: [BackupContextMenuExtension] -> {b1b96b20-da1d-4a3c-92c1-7229b32f2325} => C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\XPClient.DLL [2011-07-29] (eCareme Technologies, Inc.) [File not signed]
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-12-11] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2018-04-23] (Google Inc -> Google)
ContextMenuHandlers4: [MSSE] -> {0365FE2C-F183-4091-AC82-BFC39FB75C49} => -> No File
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers4: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2012-06-09] (Alexander Roshal) [File not signed]
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2015-06-01] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2015-08-07] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat Elements\ContextMenuShim64.dll [2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-12-11] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers6: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2012-06-09] (Alexander Roshal) [File not signed]
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2012-06-09] (Alexander Roshal) [File not signed]
ContextMenuHandlers1_S-1-5-21-3049655351-1514379235-1721816859-1001: [CloudStation.SyncFolderContextMenu] -> {2C4A5D61-009C-4561-9A33-6AFD542FD237} => C:\Users\Asus\AppData\Local\SynologyDrive\SynologyDrive.app\icon-overlay\20\x64\ContextMenu.dll [2018-10-19] () [File not signed]
ContextMenuHandlers1_S-1-5-21-3049655351-1514379235-1721816859-1001: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\Asus\AppData\Roaming\Dropbox\bin\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers4_S-1-5-21-3049655351-1514379235-1721816859-1001: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\Asus\AppData\Roaming\Dropbox\bin\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5_S-1-5-21-3049655351-1514379235-1721816859-1001: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\Asus\AppData\Roaming\Dropbox\bin\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers6_S-1-5-21-3049655351-1514379235-1721816859-1001: [CloudStation.SyncFolderContextMenu] -> {2C4A5D61-009C-4561-9A33-6AFD542FD237} => C:\Users\Asus\AppData\Local\SynologyDrive\SynologyDrive.app\icon-overlay\20\x64\ContextMenu.dll [2018-10-19] () [File not signed]
==================== Codecs (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Drivers32: [VIDC.CFHD] => C:\Windows\system32\CFHD.dll [1443328 2014-01-29] (CineForm Inc.) [File not signed]
HKLM\...\Drivers32: [vidc.mjpg] => C:\Windows\SysWOW64\mcmjpg32.dll [98304 2012-12-17] (MainConcept) [File not signed]
HKLM\...\Drivers32: [vidc.dvsd] => C:\Windows\SysWOW64\mcdvd_32.dll [261632 2012-12-17] (MainConcept) [File not signed]
HKLM\...\Drivers32: [VIDC.MP42] => C:\Windows\SysWOW64\mpg4c32.dll [413760 2012-12-17] (Microsoft Corporation) [File not signed]
HKLM\...\Drivers32: [VIDC.MPG4] => C:\Windows\SysWOW64\mpg4c32.dll [413760 2012-12-17] (Microsoft Corporation) [File not signed]
HKLM\...\Drivers32: [VIDC.MP43] => C:\Windows\SysWOW64\mpg4c32.dll [413760 2012-12-17] (Microsoft Corporation) [File not signed]
HKLM\...\Drivers32: [VIDC.CFHD] => C:\Windows\SysWOW64\CFHD.DLL [1474560 2014-01-29] (CineForm Inc.) [File not signed]
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
Shortcut: C:\Users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Yamb 2.1.0.0 beta 2\Yamb - Website.lnk -> hxxp://yamb.unite-video.com
ShortcutWithArgument: C:\Users\Asus\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\d249d9ddd424b688\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default
==================== Loaded Modules (Whitelisted) =============
2010-04-01 03:55 - 2010-04-01 03:55 - 000221184 _____ ( ) [File not signed] C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\LogicNP.EZNamespaceExtensions.dll
2009-03-02 03:07 - 2009-03-02 03:07 - 000200704 _____ ( ) [File not signed] C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\LogicNP.EZShellExtensions.dll
2011-09-13 22:33 - 2011-09-13 22:33 - 001163264 _____ () [File not signed] C:\Program Files (x86)\ASUS\Wireless Console 3\acAuth.dll
2012-02-17 21:13 - 2009-02-27 16:38 - 000139264 ____R () [File not signed] C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2011-07-28 05:07 - 2011-07-28 05:07 - 001501696 _____ () [File not signed] C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll
2018-10-19 21:44 - 2018-10-19 21:44 - 001294336 _____ () [File not signed] C:\Users\Asus\AppData\Local\SynologyDrive\SynologyDrive.app\icon-overlay\20\x64\ContextMenu.dll
2011-09-13 22:33 - 2011-09-13 22:33 - 000080384 _____ (ACTIONTEC Electronics,Inc) [File not signed] C:\Program Files (x86)\ASUS\Wireless Console 3\ATKWLIOC.DLL
2012-09-23 19:44 - 2012-09-23 19:44 - 000010240 _____ (Adobe Systems Inc.) [File not signed] C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\locale\es_es\Acrobat Elements\ContextMenuShim64.esp
2013-02-04 12:07 - 2012-06-09 19:20 - 000196096 _____ (Alexander Roshal) [File not signed] C:\Program Files\WinRAR\rarext.dll
2011-12-13 11:27 - 2010-12-21 02:49 - 001892352 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\xerces-c_2_7.dll
2011-09-13 22:33 - 2011-09-13 22:33 - 000036864 _____ (ATK) [File not signed] C:\Program Files (x86)\ASUS\Wireless Console 3\inter_f2.dll
2012-02-17 21:13 - 2007-01-16 00:00 - 000024223 _____ (Brother Industries, Ltd) [File not signed] C:\Program Files (x86)\Brother\Brmfcmon\brlm03a.dll
2012-02-17 21:13 - 2008-08-18 18:27 - 000122880 _____ (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Brother\Brmfcmon\brlmw03a.dll
2012-02-17 13:00 - 2008-12-14 09:14 - 000163840 _____ (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Brother\Brmfcmon\BRMFCWNDSpa.dll
2012-02-17 21:13 - 2010-03-10 17:16 - 000770048 _____ (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Brother\ControlCenter3\brccDCtl.dll
2012-02-17 21:13 - 2010-03-09 19:46 - 000372736 _____ (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Brother\ControlCenter3\brccFCtl.dll
2012-02-17 21:13 - 2009-09-28 12:38 - 005390336 _____ (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Brother\ControlCenter3\brccimg.dll
2012-02-17 21:13 - 2010-03-29 04:22 - 000159744 _____ (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Brother\ControlCenter3\brccspa.dll
2011-07-28 09:48 - 2011-07-28 09:48 - 000274432 _____ (eCareme Technologies, Inc.) [File not signed] C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\eCaremeDLL.dll
2011-07-29 10:37 - 2011-07-29 10:37 - 004526080 _____ (eCareme Technologies, Inc.) [File not signed] C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\XPClient.dll
2018-04-25 10:28 - 2012-11-01 10:59 - 000552960 _____ (Firebird Project) [File not signed] C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbclient.dll
2011-09-13 22:33 - 2011-09-13 22:33 - 002891264 _____ (FreeImage) [File not signed] C:\Program Files (x86)\ASUS\Wireless Console 3\FreeImage.dll
2018-04-25 10:28 - 2012-11-01 10:44 - 001568768 _____ (IBM Corporation and others) [File not signed] C:\Program Files (x86)\Firebird\Firebird_2_5\bin\icudt30.dll
2018-04-25 10:28 - 2012-11-01 10:43 - 000675840 _____ (IBM Corporation and others) [File not signed] C:\Program Files (x86)\Firebird\Firebird_2_5\bin\icuuc30.dll
2011-12-13 11:27 - 2010-12-21 02:45 - 000069632 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\StatusStrings.dll
2010-08-16 21:01 - 2010-08-16 21:01 - 000333312 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\BluetoothHS\BTHSSupplicant.dll
2011-09-01 02:46 - 2011-09-01 02:46 - 000117248 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\BluetoothHS\UsR3IoPort.dll
2011-07-28 05:20 - 2011-07-28 05:20 - 000333312 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\WiFi\bin\P2PSupplicant.dll
2011-07-28 05:55 - 2011-07-28 05:55 - 001746432 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Common Files\Intel\WirelessCommon\FrameworkPlugins\PanTray.dll
2011-07-28 06:20 - 2011-07-28 06:20 - 000045056 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Common Files\Intel\WirelessCommon\LangResources\ESN\FrWrkESN.dll
2011-07-28 05:44 - 2011-07-28 05:44 - 001077248 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Common Files\Intel\WirelessCommon\PsRegApi.dll
2011-07-28 05:46 - 2011-07-28 05:46 - 001045504 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Common Files\Intel\WirelessCommon\TraceApi.dll
2011-07-28 05:46 - 2011-07-28 05:46 - 003719168 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Intel\WiFi\bin\AmtWsMan.dll
2011-07-28 05:44 - 2011-07-28 05:44 - 000846336 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Intel\WiFi\bin\DbEngine.dll
2011-07-28 05:46 - 2011-07-28 05:46 - 000841728 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Intel\WiFi\bin\IntStngs.dll
2011-07-28 05:46 - 2011-07-28 05:46 - 000336896 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Intel\WiFi\bin\IWMSPROV.DLL
2011-07-28 06:24 - 2011-07-28 06:24 - 000096768 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Intel\WiFi\bin\LangResources\ESN\PanTrESN.dll
2011-07-28 05:51 - 2011-07-28 05:51 - 001278976 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Intel\WiFi\bin\MurocApi.dll
2011-07-28 05:53 - 2011-07-28 05:53 - 000570368 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Intel\WiFi\bin\PanApi.dll
2011-07-28 05:50 - 2011-07-28 05:50 - 002072576 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Intel\WiFi\bin\PfMgrApi.dll
2011-07-28 05:44 - 2011-07-28 05:44 - 000177152 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Intel\WiFi\bin\S24MUDLL.dll
2011-07-28 05:44 - 2011-07-28 05:44 - 000234496 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Intel\WiFi\bin\WiMAXCoEx.dll
2011-07-28 05:59 - 2011-07-28 05:59 - 002338816 _____ (Intel(R) Corporation) [File not signed] C:\Windows\System32\IWMSSvc.dll
2012-02-17 21:13 - 2003-06-30 00:00 - 000259584 _____ (LEAD Technologies, Inc.) [File not signed] C:\Program Files (x86)\Brother\ControlCenter3\LTDIS12n.dll
2012-02-17 21:13 - 2005-07-05 00:00 - 000131584 _____ (LEAD Technologies, Inc.) [File not signed] C:\Program Files (x86)\Brother\ControlCenter3\LTFIL12n.DLL
2012-02-17 21:13 - 2003-06-30 00:00 - 000406016 _____ (LEAD Technologies, Inc.) [File not signed] C:\Program Files (x86)\Brother\ControlCenter3\LTKRN12n.dll
2011-09-13 22:33 - 2011-09-13 22:33 - 000331776 _____ (Realtek Semiconductor Corp.) [File not signed] C:\Program Files (x86)\ASUS\Wireless Console 3\RtlLib.dll
2011-05-17 19:31 - 2011-05-17 19:31 - 000200704 _____ (Realtek) [File not signed] C:\Program Files (x86)\ASUS\Wireless Console 3\IpLib.dll
2011-09-13 22:33 - 2011-09-13 22:33 - 000303104 _____ (Silicon Integrated Systems Corp.) [File not signed] C:\Program Files (x86)\ASUS\Wireless Console 3\SiSPkt.dll
2009-10-29 02:41 - 2009-10-29 02:41 - 000270336 _____ (The Apache Software Foundation) [File not signed] C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\log4net.dll
2011-09-13 22:33 - 2011-09-13 22:33 - 001069056 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\ASUS\Wireless Console 3\LIBEAY32.dll
2015-09-11 15:09 - 2015-09-11 15:09 - 001427968 ____R (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Fitbit Connect\LIBEAY32.dll
2018-10-19 21:44 - 2018-10-19 21:44 - 002768896 _____ (TODO: <Company name>) [File not signed] C:\Users\Asus\AppData\Local\SynologyDrive\SynologyDrive.app\icon-overlay\20\x64\iconOverlay.dll
2013-07-07 01:04 - 2013-07-07 01:04 - 006302208 _____ (wxWidgets development team) [File not signed] C:\Program Files (x86)\LenovoEMC Storage Manager\wxmsw28u_vc_custom.dll
==================== Alternate Data Streams (Whitelisted) ========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\ProgramData\Temp:054203E4 [130]
AlternateDataStreams: C:\ProgramData\Temp:5216CD26 [256]
AlternateDataStreams: C:\ProgramData\Temp:5D458568 [118]
AlternateDataStreams: C:\ProgramData\Temp:77846FFE [140]
AlternateDataStreams: C:\ProgramData\Temp:888AFB86 [222]
AlternateDataStreams: C:\ProgramData\Temp:AC57032B [132]
AlternateDataStreams: C:\Users\Asus\AppData\Local\Archivos temporales de Internet:5tNdTyI9mqN4DpjO2QNkza5LK [2480]
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) =================
==================== Internet Explorer trusted/restricted ==========
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-3049655351-1514379235-1721816859-1001\...\fnmt.es -> hxxp://fnmt.es
IE trusted site: HKU\S-1-5-21-3049655351-1514379235-1721816859-1001\...\fnmt.es -> hxxps://fnmt.es
IE trusted site: HKU\S-1-5-21-3049655351-1514379235-1721816859-1001\...\fnmt.gob.es -> hxxps://fnmt.gob.es
IE trusted site: HKU\S-1-5-21-3049655351-1514379235-1721816859-1001\...\fnmt.gob.es -> hxxp://fnmt.gob.es
IE trusted site: HKU\S-1-5-21-3049655351-1514379235-1721816859-1001\...\localhost -> localhost
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-01-21 13:00 - 2016-03-01 19:55 - 000000855 _____ C:\Windows\system32\drivers\etc\hosts
127.0.0.1 localhost
2012-10-04 10:52 - 2012-12-27 15:51 - 000000375 _____ C:\Windows\system32\drivers\etc\hosts.ics
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Windows Live\Shared;;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\Google\Google Apps Sync\;C:\Program Files (x86)\Google\Google Apps Migration\;C:\Program Files (x86)\CineForm\Tools;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common
HKU\S-1-5-21-3049655351-1514379235-1721816859-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Asus\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: Media is not connected to internet.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Acrobat Speed Launcher.lnk => C:\Windows\pss\Adobe Acrobat Speed Launcher.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Acrobat Synchronizer.lnk => C:\Windows\pss\Adobe Acrobat Synchronizer.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Reader Synchronizer.lnk => C:\Windows\pss\Adobe Reader Synchronizer.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^AsusVibeLauncher.lnk => C:\Windows\pss\AsusVibeLauncher.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^CineForm Status.lnk => C:\Windows\pss\CineForm Status.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Google Calendar Sync.lnk => C:\Windows\pss\Google Calendar Sync.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Inicio rápido de Adobe Acrobat.lnk => C:\Windows\pss\Inicio rápido de Adobe Acrobat.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^TwonkyServer.lnk => C:\Windows\pss\TwonkyServer.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Asus^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\Windows\pss\Dropbox.lnk.Startup
MSCONFIG\startupreg: Acrobat Assistant 8.0 => "C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe"
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeBridge =>
MSCONFIG\startupreg: AdobeCEPServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: AdobeCS4ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: AdobeCS6ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: AdobeGCInvoker-1.0 => "C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe"
MSCONFIG\startupreg: AmIcoSinglun64 => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: ASUS Screen Saver Protector => C:\Windows\AsScrPro.exe
MSCONFIG\startupreg: ASUSWebStorage => C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\AsusWSPanel.exe /S
MSCONFIG\startupreg: CLMLServer => "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
MSCONFIG\startupreg: Fitbit Connect => "C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe" /autorun
MSCONFIG\startupreg: IntelTBRunOnce => wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: Nuance PDF Reader-reminder => "C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe" -r "C:\ProgramData\Nuance\PDF Reader\Ereg\Ereg.ini"
MSCONFIG\startupreg: PaperPort PTD => "C:\Program Files (x86)\ScanSoft\PaperPort\pptd40nt.exe"
MSCONFIG\startupreg: PDFPrint => "C:\Program Files (x86)\PDF24\pdf24.exe"
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: RtHDVCpl => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
MSCONFIG\startupreg: Sony PC Companion => "C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe" /Background
MSCONFIG\startupreg: Spotify => C:\Users\Asus\AppData\Roaming\Spotify\Spotify.exe --autostart --minimized
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: SUPERAntiSpyware => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
MSCONFIG\startupreg: SwitchBoard => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
MSCONFIG\startupreg: Trend Micro Client Framework => "C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe"
MSCONFIG\startupreg: Trend Micro Titanium => C:\Program Files\Trend Micro\Titanium\VizorShortCut.exe -ReFlush "none" "none"
MSCONFIG\startupreg: uTorrent => "C:\Users\Asus\AppData\Roaming\uTorrent\uTorrent.exe"
MSCONFIG\startupreg: VizorHtmlDialog.exe => "C:\Program Files\Trend Micro\Titanium\UIFramework\VizorHtmlDialog.exe" "DEF" "EULA" "C:\Program Files\Trend Micro\Titanium\UI\Installer.cmpt\resources\preinstall_01_welcome_trial.html" "DEF" "DEF" "DEF"==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{FDD96A5B-D830-49E1-B8D6-3C634B41B339}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{728C3760-A594-4DED-8B6E-8DD1C4E77369}] => (Allow) LPort=2869
FirewallRules: [{AC882C1F-EBF3-48BF-83D5-5954B640008A}] => (Allow) LPort=1900
FirewallRules: [{58629E3E-7D21-4FC5-8B74-2BCCDB9ECEDF}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{209F67F8-9274-4899-AF62-8973792805E9}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{D7BCDC7C-0E9F-4EFA-9984-DB2ABC01D5F2}C:\windows\system32\wfs.exe] => (Allow) C:\windows\system32\wfs.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [UDP Query User{9DDCF611-AC55-4725-ADAE-CE422AFC7FA6}C:\windows\system32\wfs.exe] => (Allow) C:\windows\system32\wfs.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [TCP Query User{E5671286-6FE5-4C76-B4B3-7DCD4C1371AD}C:\program files (x86)\links 2003\linksmmiii.exe] => (Block) C:\program files (x86)\links 2003\linksmmiii.exe (Microsoft Corporation) [File not signed]
FirewallRules: [UDP Query User{237AAA5B-ED89-48C7-A235-2F6D8ACB4166}C:\program files (x86)\links 2003\linksmmiii.exe] => (Block) C:\program files (x86)\links 2003\linksmmiii.exe (Microsoft Corporation) [File not signed]
FirewallRules: [TCP Query User{141EC677-DAD7-4C26-8D62-ACC24EE4C473}C:\program files (x86)\soulseekns\slsk.exe] => (Allow) C:\program files (x86)\soulseekns\slsk.exe () [File not signed]
FirewallRules: [UDP Query User{A99F4FD1-B6CA-4F3E-AA84-C2E40DAA24D3}C:\program files (x86)\soulseekns\slsk.exe] => (Allow) C:\program files (x86)\soulseekns\slsk.exe () [File not signed]
FirewallRules: [TCP Query User{270DEF3D-312B-40A0-9742-F7C874AF89C0}C:\program files (x86)\soulseekns\slsk.exe] => (Allow) C:\program files (x86)\soulseekns\slsk.exe () [File not signed]
FirewallRules: [UDP Query User{655CF794-5FAB-4F7F-8A8B-4262B8B36A2F}C:\program files (x86)\soulseekns\slsk.exe] => (Allow) C:\program files (x86)\soulseekns\slsk.exe () [File not signed]
FirewallRules: [TCP Query User{5BF922CC-D2AC-470E-A5AF-D5E49B483D67}C:\program files (x86)\links 2003\linksmmiii.exe] => (Block) C:\program files (x86)\links 2003\linksmmiii.exe (Microsoft Corporation) [File not signed]
FirewallRules: [UDP Query User{DBB48BBD-2170-4DCE-B55E-562E0B8FEFB4}C:\program files (x86)\links 2003\linksmmiii.exe] => (Block) C:\program files (x86)\links 2003\linksmmiii.exe (Microsoft Corporation) [File not signed]
FirewallRules: [{4B5AB3CB-7E58-4193-BA1E-FCA277E365C2}] => (Allow) C:\Windows\SysWOW64\muzapp.exe (Musiccity Co.Ltd.) [File not signed]
FirewallRules: [{6C5AB52E-26AC-402A-972F-C9F4B65ACEF7}] => (Allow) C:\Windows\SysWOW64\muzapp.exe (Musiccity Co.Ltd.) [File not signed]
FirewallRules: [{8743C940-170C-4097-854D-73B0D4EEAC68}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{3ECFC023-6247-41C0-9CC7-EDBF010EB38B}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{AAA136CA-7A7F-4CF3-B00A-A459F96DC57A}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{2563F44F-B4E7-4D5D-B097-6FAFFECE9B50}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{5D76EEA2-509F-4132-B70B-8CF734AF2602}] => (Allow) C:\Users\Asus\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{D98A4B4B-9AC3-45CD-8639-4133BCE7F851}] => (Allow) C:\Users\Asus\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [TCP Query User{9A766EF3-0A79-4322-B609-682F8F6F30AE}C:\program files (x86)\lenovoemc storage manager\lenovoemcstoragemanager.exe] => (Allow) C:\program files (x86)\lenovoemc storage manager\lenovoemcstoragemanager.exe (LenovoEMC Products USA, LLC -> LenovoEMC)
FirewallRules: [UDP Query User{CC01BE03-7EAB-44E8-B3B9-500D120AA7C3}C:\program files (x86)\lenovoemc storage manager\lenovoemcstoragemanager.exe] => (Allow) C:\program files (x86)\lenovoemc storage manager\lenovoemcstoragemanager.exe (LenovoEMC Products USA, LLC -> LenovoEMC)
FirewallRules: [{555976DA-7D22-4F34-9BCF-69FC2E3F9BE6}] => (Block) C:\program files (x86)\lenovoemc storage manager\lenovoemcstoragemanager.exe (LenovoEMC Products USA, LLC -> LenovoEMC)
FirewallRules: [{A5225C92-2AAD-442D-870B-9AC304F48013}] => (Block) C:\program files (x86)\lenovoemc storage manager\lenovoemcstoragemanager.exe (LenovoEMC Products USA, LLC -> LenovoEMC)
FirewallRules: [{F7A27093-3E41-4C8F-9D66-54BDE7568093}] => (Allow) C:\Program Files (x86)\Twonky\TwonkyServer\twonkystarter.exe (PacketVideo Corporation -> PacketVideo)
FirewallRules: [{1D9C2FA7-6835-4AAA-85B1-A1E74F8E6008}] => (Allow) C:\Program Files (x86)\Twonky\TwonkyServer\twonkystarter.exe (PacketVideo Corporation -> PacketVideo)
FirewallRules: [{AA67BD0A-69C9-4D6F-AB82-50D6DB2B5348}] => (Allow) C:\Program Files (x86)\Twonky\TwonkyServer\twonkystarter.exe (PacketVideo Corporation -> PacketVideo)
FirewallRules: [{31385214-CA9C-429A-8DBF-FD388C3DCE6A}] => (Allow) C:\Program Files (x86)\Twonky\TwonkyServer\twonkystarter.exe (PacketVideo Corporation -> PacketVideo)
FirewallRules: [{B2D684ED-211F-4610-93F2-215D63A61862}] => (Allow) C:\Program Files (x86)\Twonky\TwonkyServer\twonkyserver.exe (PacketVideo Corporation -> )
FirewallRules: [{6BC7935D-499B-4990-AE6E-FF4596F89EB4}] => (Allow) C:\Program Files (x86)\Twonky\TwonkyServer\twonkyserver.exe (PacketVideo Corporation -> )
FirewallRules: [{90B8E37D-1202-4B88-B61D-E9EEE308EE0C}] => (Allow) C:\Program Files (x86)\Twonky\TwonkyServer\twonkyserver.exe (PacketVideo Corporation -> )
FirewallRules: [{07C1995A-B791-43F5-9058-CC2AB062BFC5}] => (Allow) C:\Program Files (x86)\Twonky\TwonkyServer\twonkyserver.exe (PacketVideo Corporation -> )
FirewallRules: [TCP Query User{D49F3B9F-213A-4468-953D-5F7B95B63425}C:\program files\iomega\quikprotect\quikprotect.exe] => (Allow) C:\program files\iomega\quikprotect\quikprotect.exe (Iomega Corp -> Iomega Corporation)
FirewallRules: [UDP Query User{4072E044-7B97-428F-9269-DBEC83441FDB}C:\program files\iomega\quikprotect\quikprotect.exe] => (Allow) C:\program files\iomega\quikprotect\quikprotect.exe (Iomega Corp -> Iomega Corporation)
FirewallRules: [{089292AB-7F8C-4F67-B706-119D739F4B0B}] => (Block) C:\program files\iomega\quikprotect\quikprotect.exe (Iomega Corp -> Iomega Corporation)
FirewallRules: [{6AD7D291-6C3F-4D55-A74C-0FE80B2BE119}] => (Block) C:\program files\iomega\quikprotect\quikprotect.exe (Iomega Corp -> Iomega Corporation)
FirewallRules: [{75241D54-E761-447F-9CC6-2E92AAB4F063}] => (Allow) C:\Users\Asus\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [{D71B42FB-72C6-4AC1-A928-430F9A1F48F6}] => (Allow) C:\Users\Asus\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [{5F33124C-6FE8-4EC0-9C40-A20D1E17F700}] => (Allow) C:\Users\Asus\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [{5371D882-03C8-4F5D-BF5A-C64C78A9DB5B}] => (Allow) C:\Users\Asus\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [TCP Query User{869A7CD8-197E-403A-9E70-754A3C9BC2D7}C:\program files (x86)\videolan\vlc\vlc.exe] => (Block) C:\program files (x86)\videolan\vlc\vlc.exe No File
FirewallRules: [UDP Query User{FFEDDCA1-D4F1-47D9-88F3-D8B071BAE3D2}C:\program files (x86)\videolan\vlc\vlc.exe] => (Block) C:\program files (x86)\videolan\vlc\vlc.exe No File
FirewallRules: [{6C40831C-5D95-4451-B713-56D041527702}] => (Allow) C:\Users\Asus\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{5723E4F0-89BE-49CB-B700-59AAD664D843}] => (Allow) C:\Users\Asus\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{3F9B69DC-EE57-4E4A-B60F-D55E225189F4}] => (Allow) C:\Windows\SysWOW64\muzapp.exe (Musiccity Co.Ltd.) [File not signed]
FirewallRules: [{6CB1860C-B316-493E-A4E9-47CDD4F53E7D}] => (Allow) C:\Windows\SysWOW64\muzapp.exe (Musiccity Co.Ltd.) [File not signed]
FirewallRules: [{3C90F452-D402-4653-8B76-DF3DFD12B2DA}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{39BCADC7-5583-4284-BEAE-F7FBCDCDA450}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{B36FEE9F-5892-45BD-A2BE-4FFA360B9B61}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{7A57D8A9-FFC3-4DAF-B8CF-833C3FF51CBE}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{225D7689-7F9F-4B57-AEC2-4A77B9254DA0}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [TCP Query User{07EE54CA-9C13-4FF8-844C-D2ABC5FDBCE6}C:\program files (x86)\emule\emuletorrent.exe] => (Allow) C:\program files (x86)\emule\emuletorrent.exe () [File not signed]
FirewallRules: [UDP Query User{8C9368F0-9D5E-48FA-93CB-603AEE96A4D3}C:\program files (x86)\emule\emuletorrent.exe] => (Allow) C:\program files (x86)\emule\emuletorrent.exe () [File not signed]
FirewallRules: [TCP Query User{E376626E-3651-4CB3-B6E8-F0A0A3717FC8}C:\program files (x86)\emule\emule.exe] => (Allow) C:\program files (x86)\emule\emule.exe (hxxp://www.emule-project.net) [File not signed]
FirewallRules: [UDP Query User{0EBCA73F-F1B4-470A-8260-891F8149BA99}C:\program files (x86)\emule\emule.exe] => (Allow) C:\program files (x86)\emule\emule.exe (hxxp://www.emule-project.net) [File not signed]
FirewallRules: [{E061C1CA-41FB-4E7A-A28C-48806A3026B4}] => (Allow) LPort=9832
FirewallRules: [{4D5EEF42-3512-489C-8EAB-27F9E361588E}] => (Allow) LPort=28765
FirewallRules: [{C277979D-8C93-46AC-9C48-FAD98E4AE3B9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{6094A945-56C6-490B-8AC9-59523913098E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{33781B55-1A83-418C-B7E7-218E26DAC8DA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{F2715A7E-4351-4105-A66C-239AD946C968}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{FA94A354-B25E-45E7-9D8D-7AA6202218D8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{B7ABEDCD-21CA-4611-8AC5-67E625F31F34}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{1B154F18-7F5C-4CE4-8420-7B8572998D84}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{81EDB60B-C592-411A-829C-04F638FCF844}C:\program files (x86)\synology\assistant\dsassistant.exe] => (Allow) C:\program files (x86)\synology\assistant\dsassistant.exe (Synology Inc. -> ) [File not signed]
FirewallRules: [UDP Query User{58F1F733-6B85-4CE4-81C4-1275D18484DD}C:\program files (x86)\synology\assistant\dsassistant.exe] => (Allow) C:\program files (x86)\synology\assistant\dsassistant.exe (Synology Inc. -> ) [File not signed]
FirewallRules: [TCP Query User{869D1CA2-99C3-44F7-A6DF-ABF9C964B98D}C:\users\asus\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\asus\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{106FA21F-2FDF-49B0-9B4E-E65D1549CC86}C:\users\asus\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\asus\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{CA1CC09F-60A9-4F28-9E24-E4557308A1D5}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{6FE33449-4725-4E10-AF43-B28090745C85}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [TCP Query User{A143B2CC-5EDE-421B-8E9E-F8CC6CD85F59}C:\users\asus\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\asus\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{19658593-8BB5-4FD4-8E78-8B886C373861}C:\users\asus\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\asus\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{CCCC5103-50B8-49B8-978F-A840F4D4749C}C:\users\asus\appdata\local\synologydrive\synologydrive.app\bin\cloud-drive-ui.exe] => (Allow) C:\users\asus\appdata\local\synologydrive\synologydrive.app\bin\cloud-drive-ui.exe (Synology Inc. -> Synology Inc.) [File not signed]
FirewallRules: [UDP Query User{8283B40F-7332-4BFA-90A6-9D8DCACB3A30}C:\users\asus\appdata\local\synologydrive\synologydrive.app\bin\cloud-drive-ui.exe] => (Allow) C:\users\asus\appdata\local\synologydrive\synologydrive.app\bin\cloud-drive-ui.exe (Synology Inc. -> Synology Inc.) [File not signed]
FirewallRules: [{BA28A1FA-DC8E-47D4-9C5F-3B4D449CA2A3}] => (Block) C:\users\asus\appdata\local\synologydrive\synologydrive.app\bin\cloud-drive-ui.exe (Synology Inc. -> Synology Inc.) [File not signed]
FirewallRules: [{E8CC21E8-7974-4FB8-BD79-C46D1D763A26}] => (Block) C:\users\asus\appdata\local\synologydrive\synologydrive.app\bin\cloud-drive-ui.exe (Synology Inc. -> Synology Inc.) [File not signed]
FirewallRules: [{36D45820-BC5B-4FAA-AF47-CF045291B234}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel Corporation - Mobile Wireless Group -> )
FirewallRules: [TCP Query User{781940CB-A8E1-46F1-91D0-DCBBFFB18142}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{273D0B6A-EE34-40A0-A127-264DC8AD8681}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{F92439D6-41F7-4318-AE8F-4715E5DE4221}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{E887945D-1050-49D4-BA5A-33CDEC987BFF}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{D1294A22-9F50-4FD9-AED0-93AB0B1E8BC2}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
==================== Restore Points =========================
11-12-2019 15:00:50 Windows Update
11-12-2019 15:40:32 Windows Update
==================== Faulty Device Manager Devices ============
Name: RHDISK_AMD64
Description: RHDISK_AMD64
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: RHDISK_AMD64
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
==================== Event log errors: ========================
Application errors:
==================
Error: (12/12/2019 10:08:41 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: TwonkyServer.exe, versión: 0.0.0.0, marca de tiempo: 0x4ff5805c
Nombre del módulo con errores: TwonkyServer.exe, versión: 0.0.0.0, marca de tiempo: 0x4ff5805c
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x00039af3
Id. del proceso con errores: 0x2068
Hora de inicio de la aplicación con errores: 0x01d5b0cbb8036bac
Ruta de acceso de la aplicación con errores: C:\Program Files (x86)\Twonky\TwonkyServer\TwonkyServer.exe
Ruta de acceso del módulo con errores: C:\Program Files (x86)\Twonky\TwonkyServer\TwonkyServer.exe
Id. del informe: fd27e48b-1cbe-11ea-9841-c8600001e893
Error: (12/12/2019 10:08:28 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: TwonkyServer.exe, versión: 0.0.0.0, marca de tiempo: 0x4ff5805c
Nombre del módulo con errores: TwonkyServer.exe, versión: 0.0.0.0, marca de tiempo: 0x4ff5805c
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x0012efd0
Id. del proceso con errores: 0x21fc
Hora de inicio de la aplicación con errores: 0x01d5b0cbaa3e0617
Ruta de acceso de la aplicación con errores: C:\Program Files (x86)\Twonky\TwonkyServer\TwonkyServer.exe
Ruta de acceso del módulo con errores: C:\Program Files (x86)\Twonky\TwonkyServer\TwonkyServer.exe
Id. del informe: f542773f-1cbe-11ea-9841-c8600001e893
Error: (12/12/2019 10:08:02 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: TwonkyServer.exe, versión: 0.0.0.0, marca de tiempo: 0x4ff5805c
Nombre del módulo con errores: TwonkyServer.exe, versión: 0.0.0.0, marca de tiempo: 0x4ff5805c
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x00039af3
Id. del proceso con errores: 0x1fbc
Hora de inicio de la aplicación con errores: 0x01d5b0cba0b0c49c
Ruta de acceso de la aplicación con errores: C:\Program Files (x86)\Twonky\TwonkyServer\TwonkyServer.exe
Ruta de acceso del módulo con errores: C:\Program Files (x86)\Twonky\TwonkyServer\TwonkyServer.exe
Id. del informe: e5d7be1a-1cbe-11ea-9841-c8600001e893
Error: (12/12/2019 10:07:44 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: TwonkyServer.exe, versión: 0.0.0.0, marca de tiempo: 0x4ff5805c
Nombre del módulo con errores: TwonkyServer.exe, versión: 0.0.0.0, marca de tiempo: 0x4ff5805c
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x00039af3
Id. del proceso con errores: 0x137c
Hora de inicio de la aplicación con errores: 0x01d5b0cb0418de36
Ruta de acceso de la aplicación con errores: C:\Program Files (x86)\Twonky\TwonkyServer\TwonkyServer.exe
Ruta de acceso del módulo con errores: C:\Program Files (x86)\Twonky\TwonkyServer\TwonkyServer.exe
Id. del informe: db0de59b-1cbe-11ea-9841-c8600001e893
Error: (12/12/2019 10:03:59 AM) (Source: Windows Search Service) (EventID: 10021) (User: )
Description: No se pudo obtener la información del Registro del contador de rendimiento de WSearchIdxPi para la instancia debido al siguiente error: La operación se completó correctamente. 0x0.
Error: (12/12/2019 10:03:31 AM) (Source: Windows Search Service) (EventID: 3007) (User: )
Description: No se puede inicializar la supervisión de rendimiento para el objeto Recopilador; no se cargaron los contadores o no se pudo abrir el objeto de memoria compartida. Esto sólo afecta a la disponibilidad de contadores del rendimiento. Reinicie el equipo.
Contexto: aplicación , catálogo SystemIndex
Error: (12/12/2019 10:03:30 AM) (Source: Windows Search Service) (EventID: 3006) (User: )
Description: No se puede inicializar la supervisión del rendimiento para el servicio Recopilador; no se cargaron los contadores o no se puede abrir el objeto de memoria compartida. Esto sólo afecta a la disponibilidad de contadores del rendimiento. Reinicie el equipo.
Error: (12/12/2019 09:46:09 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: TwonkyServer.exe, versión: 0.0.0.0, marca de tiempo: 0x4ff5805c
Nombre del módulo con errores: TwonkyServer.exe, versión: 0.0.0.0, marca de tiempo: 0x4ff5805c
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x00039c19
Id. del proceso con errores: 0x18f8
Hora de inicio de la aplicación con errores: 0x01d5b0c891bb397c
Ruta de acceso de la aplicación con errores: C:\Program Files (x86)\Twonky\TwonkyServer\TwonkyServer.exe
Ruta de acceso del módulo con errores: C:\Program Files (x86)\Twonky\TwonkyServer\TwonkyServer.exe
Id. del informe: d74f1605-1cbb-11ea-a63c-c8600001e893
System errors:
=============
Error: (12/12/2019 10:03:01 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio RHDISK_AMD64 no pudo iniciarse debido al siguiente error:
El sistema no puede encontrar la ruta especificada.
Error: (12/12/2019 09:41:07 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio RHDISK_AMD64 no pudo iniciarse debido al siguiente error:
El sistema no puede encontrar la ruta especificada.
Error: (12/12/2019 09:34:08 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: El servicio Intel(R) Management and Security Application User Notification Service no respondió después de iniciar.
Error: (12/12/2019 09:32:44 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: El servidor {F9717507-6651-4EDB-BFF7-AE615179BCCF} no se registró con DCOM dentro del tiempo de espera requerido.
Error: (12/12/2019 09:32:05 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: El servicio Windows Update no respondió después de iniciar.
Error: (12/12/2019 09:29:18 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: El servicio Enumerador de bus IP PnP-X no respondió después de iniciar.
Error: (12/12/2019 09:29:02 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Se recibió la siguiente alerta irrecuperable: 40.
Error: (12/12/2019 09:29:02 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Se recibió la siguiente alerta irrecuperable: 70.
Windows Defender:
===================================
Date: 2015-09-02 04:10:02.693
Description:
El examen de Windows Defender se detuvo antes de completarse.
Id. de examen:{1AFF46DD-B429-4970-8D57-A977C6972BFA}
Tipo de examen:AntiSpyware
Parámetros de examen:Examen rápido
Usuario:NT AUTHORITY\Servicio de red
Date: 2012-11-23 10:35:23.037
Description:
Windows Defender detectó spyware u otro software potencialmente no deseado.
Para obtener más información, consulte lo siguiente:
http://go.microsoft.com/fwlink/?linkid=37020&name=TrojanDownloader:Win32/Renos.NL&threatid=154879
Nombre:TrojanDownloader:Win32/Renos.NL
Id.:154879
Gravedad:Grave
Categoría:Descargador troyano
Ruta de acceso encontrada:containerfile:C:\Users\Asus\AppData\Local\Temp\svchost.exe;file:C:\Users\Asus\AppData\Local\Temp\svchost.exe->(UPX);process:pid:2616
Tipo de detección:Concreto
Origen de detección:Sistema
Estado:Desconocido
Usuario:NT AUTHORITY\SYSTEM
Nombre de proceso:C:\Windows\System32\svchost.exe
Date: 2012-09-06 18:24:26.769
Description:
El examen de Windows Defender se detuvo antes de completarse.
Id. de examen:{042196E2-33E2-422A-B505-9A6BC12494B3}
Tipo de examen:AntiSpyware
Parámetros de examen:Examen rápido
Usuario:Asus-PC\Asus
Date: 2019-02-17 09:23:40.675
Description:
Windows Defender encontró un error al intentar actualizar las firmas.
Nueva versión de firma:1.287.4.0
Versión de firma anterior:1.285.1405.0
Origen de actualización:Carpeta de actualizaciones de firmas
Tipo de firma:AntiSpyware
Tipo de actualización:Diferencia
Usuario:NT AUTHORITY\SYSTEM
Versión de motor actual:1.1.15700.8
Versión de motor anterior:1.1.15700.8
Código de error:0x80070666
Descripción de error:Ya está instalada otra versión de este producto. La instalación de esta versión no puede continuar. Para configurar o quitar la versión existente de este producto, use Agregar o quitar programas del Panel de control.
Date: 2019-02-16 22:03:42.053
Description:
Windows Defender encontró un error al intentar actualizar las firmas.
Nueva versión de firma:1.287.4.0
Versión de firma anterior:1.285.1405.0
Origen de actualización:Carpeta de actualizaciones de firmas
Tipo de firma:AntiSpyware
Tipo de actualización:Diferencia
Usuario:NT AUTHORITY\SYSTEM
Versión de motor actual:1.1.15700.8
Versión de motor anterior:1.1.15700.8
Código de error:0x80070666
Descripción de error:Ya está instalada otra versión de este producto. La instalación de esta versión no puede continuar. Para configurar o quitar la versión existente de este producto, use Agregar o quitar programas del Panel de control.
Date: 2019-02-16 21:58:38.349
Description:
Windows Defender encontró un error al intentar actualizar las firmas.
Nueva versión de firma:1.287.4.0
Versión de firma anterior:1.285.1405.0
Origen de actualización:Carpeta de actualizaciones de firmas
Tipo de firma:AntiSpyware
Tipo de actualización:Diferencia
Usuario:NT AUTHORITY\SYSTEM
Versión de motor actual:1.1.15700.8
Versión de motor anterior:1.1.15700.8
Código de error:0x80070666
Descripción de error:Ya está instalada otra versión de este producto. La instalación de esta versión no puede continuar. Para configurar o quitar la versión existente de este producto, use Agregar o quitar programas del Panel de control.
Date: 2019-02-16 08:43:02.793
Description:
Windows Defender encontró un error al intentar actualizar las firmas.
Nueva versión de firma:1.287.4.0
Versión de firma anterior:1.285.1405.0
Origen de actualización:Carpeta de actualizaciones de firmas
Tipo de firma:AntiSpyware
Tipo de actualización:Diferencia
Usuario:NT AUTHORITY\SYSTEM
Versión de motor actual:1.1.15700.8
Versión de motor anterior:1.1.15700.8
Código de error:0x80070666
Descripción de error:Ya está instalada otra versión de este producto. La instalación de esta versión no puede continuar. Para configurar o quitar la versión existente de este producto, use Agregar o quitar programas del Panel de control.
Date: 2019-02-16 08:37:32.793
Description:
Windows Defender encontró un error al intentar actualizar las firmas.
Nueva versión de firma:1.287.4.0
Versión de firma anterior:1.285.1405.0
Origen de actualización:Carpeta de actualizaciones de firmas
Tipo de firma:AntiSpyware
Tipo de actualización:Diferencia
Usuario:NT AUTHORITY\SYSTEM
Versión de motor actual:1.1.15700.8
Versión de motor anterior:1.1.15700.8
Código de error:0x80070666
Descripción de error:Ya está instalada otra versión de este producto. La instalación de esta versión no puede continuar. Para configurar o quitar la versión existente de este producto, use Agregar o quitar programas del Panel de control.
CodeIntegrity:
===================================
Date: 2013-05-30 14:42:36.394
Description:
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\nvoptimusmft.dll porque el conjunto de hashes de imagen por página no se encuentra en el sistema.
Date: 2013-04-10 10:57:12.287
Description:
Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\SysWOW64\FsUsbExDisk.Sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.
Date: 2013-04-10 10:57:12.211
Description:
Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\SysWOW64\FsUsbExDisk.Sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.
Date: 2013-04-10 10:57:10.125
Description:
Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\SysWOW64\FsUsbExDisk.Sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.
Date: 2013-04-10 10:57:10.051
Description:
Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\SysWOW64\FsUsbExDisk.Sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.
Date: 2013-04-10 10:57:07.804
Description:
Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\SysWOW64\FsUsbExDisk.Sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.
Date: 2013-04-10 10:57:07.729
Description:
Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\SysWOW64\FsUsbExDisk.Sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.
Date: 2013-04-10 10:57:05.380
Description:
Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\SysWOW64\FsUsbExDisk.Sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.
==================== Memory info ===========================
BIOS: American Megatrends Inc. K53SD.202 11/02/2011
Motherboard: ASUSTeK Computer Inc. K53SD
Processor: Intel(R) Core(TM) i7-2670QM CPU @ 2.20GHz
Percentage of memory in use: 63%
Total physical RAM: 5920.05 MB
Available physical RAM: 2167.04 MB
Total Virtual: 11838.25 MB
Available Virtual: 8072.41 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:186.3 GB) (Free:37.13 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (DATA) (Fixed) (Total:254.46 GB) (Free:55.81 GB) NTFS
Drive f: (TOSHIBA EXT) (Fixed) (Total:1397.26 GB) (Free:384.56 GB) NTFS
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: E3102A4B)
Partition 1: (Not Active) - (Size=25 GB) - (Type=1C)
Partition 2: (Active) - (Size=186.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=254.5 GB) - (Type=07 NTFS)
==========================================================
Disk: 2 (MBR Code: Windows 7 or Vista) (Size: 1397.3 GB) (Disk ID: 39A204C9)
Partition 1: (Not Active) - (Size=1397.3 GB) - (Type=07 NTFS)
==================== End of Addition.txt =======================Bien… y ahora sigue estos pasos, MUY Importante 
Realiza una copia de seguridad del registro :
-
Para hacerlo descarga
DelFix.exe(en tu escritorio). -
Doble clic para ejecutarlo.(Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona -Ejecutar como Administrador-).
-
Atención, ahora marca/selecciona únicamente la casilla
Create registry backup, las demás casillas NO. -
Pulsar en Run.
Se abrirá el informe (DelFix.txt), guárdalo por si fuera necesario y cierra la herramienta.
Con los demás programas cerrados ve a Inicio Ejecutar y escribe Notepad.exe.
- Ahora debes copiar y pegar los códigos/líneas que están en el interior del recuadro de más abajo, dentro del Notepad.
START
CREATERESTOREPOINT:
CLOSEPROCESSES:
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-3049655351-1514379235-1721816859-1001\...\Run: [] => [X]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{73FA19D0-2D75-11D2-995D-00C04F98BBC9}] ->
GroupPolicyScripts: Restriction <==== ATTENTION
GroupPolicyScripts-x32: Restriction <==== ATTENTION
Task: {000F758A-D46A-44F7-A644-3EE4E8E1DBD0} - \{ED71624D-6A9A-4A05-86C5-3364E3A61A28} -> No File <==== ATTENTION
Task: {02124FDA-A27C-4D77-BF3A-A35B09F99C3B} - \{25F347D5-83FC-4F72-8B3E-E1B6EEC401B0} -> No File <==== ATTENTION
Task: {02D863E9-044B-45DF-90E9-07B4254AD266} - \{CBA2B57D-3EDE-424E-802D-6281CA87518C} -> No File <==== ATTENTION
Task: {130CC738-6ABB-4551-BF79-C63802F186E8} - \{222710A5-9FBA-4F17-8847-2F7A352BFA5F} -> No File <==== ATTENTION
Task: {16370FC1-9E88-40FD-B0D2-B780E0E1A791} - \{40B81E96-ABDC-4B17-ABCE-AC8131DCC40E} -> No File <==== ATTENTION
Task: {214151EA-6EE7-41AD-920C-2ED5994D87AC} - \{75F1D49F-75A9-402B-8455-9C0C3E0DB4B0} -> No File <==== ATTENTION
Task: {217E3C6C-87E1-4D3E-AE5E-0506C10A01E5} - System32\Tasks\{D2BCEF67-1A72-4C78-ADC2-B8762207CEC1} => C:\Windows\system32\pcalua.exe -a C:\Users\Asus\Desktop\AHDETH-00244228-0042.EXE -d C:\Users\Asus\Desktop
Task: {21B9A782-D73A-46BB-98FA-9D6FA0335565} - \{7806A1E0-77AD-46C9-9DDF-7B31D835371D} -> No File <==== ATTENTION
Task: {475FEF49-CF9F-4AD7-AE70-D73E9AF965EF} - \{A5B5C5C0-A07F-46B0-8D28-9AFA1131D067} -> No File <==== ATTENTION
Task: {49A89047-751F-4DCE-9927-8B5BCA01D760} - \{62777C40-DDE6-4065-BAF9-3D5BFC79A1DB} -> No File <==== ATTENTION
Task: {5AD76BF7-43EE-4C96-90BE-A89F63740DA4} - \ATKOSD2 -> No File <==== ATTENTION
Task: {5D305347-FC8D-4FA4-84DB-B61CD03509F1} - \{52F8F18F-D941-4FA3-9EBC-B7CD858AFA01} -> No File <==== ATTENTION
Task: {60BA98E3-0469-40FE-A0B1-B59EA8317D5B} - \{FE8269C1-2701-4A74-A10F-372830CD9AB7} -> No File <==== ATTENTION
Task: {6BC60F53-BA1C-4ED4-9B9E-EA0C11EC8AF1} - \ASUS SmartLogon Console Sensor -> No File <==== ATTENTION
Task: {6E76BE43-27C5-42A5-8AE6-FCC53C587B2B} - \{B7FC0658-3336-458F-9A5B-6DBA6D1931F9} -> No File <==== ATTENTION
Task: {74053903-6AFB-472A-97BD-2D4CF16B6799} - \{D744480D-AF65-4E9D-973C-D90C5AC8E4B9} -> No File <==== ATTENTION
Task: {7AC3CF0A-3BB0-4FB7-9A6D-8FF344333EC4} - \{3B5C866A-6EE2-4024-9127-342F9325F04D} -> No File <==== ATTENTION
Task: {7CA7D2BA-BDCC-4AB8-94BC-634BFE70C9B3} - \{BE9BCE0E-9FDE-4012-A1D7-6A58D25600D5} -> No File <==== ATTENTION
Task: {8AB9418E-6A61-47EB-862A-A1C078C5A438} - \ASUS P4G -> No File <==== ATTENTION
Task: {A9C03838-7BFE-4EBA-AA0C-8948D1A20AB7} - \{31FAFBED-D2B0-42EE-90EF-9F888F894F32} -> No File <==== ATTENTION
Task: {B7E92E4B-9ECD-4BD8-B874-9296277904F9} - \{AB819BA2-C3D1-400C-9CE3-0D2E09703AB8} -> No File <==== ATTENTION
Task: {D41522A5-CF2B-41F2-B2C3-E4A99C821A8C} - \ACMON -> No File <==== ATTENTION
Task: {D9232461-A2E3-4845-928E-C2AB8517B3FD} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\Overseer.exe [1873288 2019-09-19] (AVAST Software s.r.o. -> AVAST Software)
Task: {DC978305-878F-4631-B8E3-89BE5240E74E} - \{5AA6144B-E7FF-4652-9A03-4AB3820C28AC} -> No File <==== ATTENTION
Task: {EDADDB31-C67E-414B-90D7-7F5DBFCD828F} - \{63CB1D58-0185-4576-8435-4B78A96B376E} -> No File <==== ATTENTION
Task: {F56FD78B-F038-4DF0-8EF4-AE8C4E3F1C47} - \Acrobat Update -> No File <==== ATTENTION
Task: {F7306115-DB2F-42A5-836F-E1E0EDB42FE2} - \{AF8D3D8F-EA22-4C47-BA83-828EEB4F63EB} -> No File <==== ATTENTION
Task: {FA580C49-0496-447D-A0A8-A45CD6EA09EB} - \{1864D485-62E7-4B40-B922-0701AFC98ABF} -> No File <==== ATTENTION
Task: {FC9CAB7B-4F94-46DF-8B3D-6EAB98D5168F} - \{5C5C52F9-A37B-481F-A4A4-AFBD9A9E6E45} -> No File <==== ATTENTION
Task: {FE388D24-6326-4B57-8C4D-FBF0F2CFBB8A} - \{626732E7-9845-43A5-BD37-44452CE009CE} -> No File <==== ATTENTION
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3049655351-1514379235-1721816859-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
Toolbar: HKU\S-1-5-21-3049655351-1514379235-1721816859-1001 -> No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.35.342\npGoogleUpdate3.dll [2019-11-05] (Google Inc -> Google LLC)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [No File]
CHR HKLM-x32\...\Chrome\Extension: [ihenkjeihefokohmemphikjnjbmegdik] - "C:\Program Files (x86)\Sony\Media Go\MediaGoDetector.crx" <not found>
U3 aswbdisk; no ImagePath
S2 RHDISK_AMD64; \??\C:\Program Files (x86)\Rohos\RHDISK_AMD64.SYS [X]
2015-04-28 12:32 - 2015-04-28 12:33 - 028579392 _____ (Sony Mobile Communications ) C:\Users\Asus\AppData\Local\pcc.exe
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers4: [MSSE] -> {0365FE2C-F183-4091-AC82-BFC39FB75C49} => -> No File
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
AlternateDataStreams: C:\ProgramData\Temp:054203E4 [130]
AlternateDataStreams: C:\ProgramData\Temp:5216CD26 [256]
AlternateDataStreams: C:\ProgramData\Temp:5D458568 [118]
AlternateDataStreams: C:\ProgramData\Temp:77846FFE [140]
AlternateDataStreams: C:\ProgramData\Temp:888AFB86 [222]
AlternateDataStreams: C:\ProgramData\Temp:AC57032B [132]
AlternateDataStreams: C:\Users\Asus\AppData\Local\Archivos temporales de Internet:5tNdTyI9mqN4DpjO2QNkza5LK [2480]
HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
ENDGuárdalo bajo el nombre de FIXLIST.TXT en el escritorio Esto es muy importante.
Nota Es importante que la herramienta FRST.exe(Farbar Recovery Scanner Tool) y FIXLIST.TXT se encuentren en la misma ubicación (escritorio) o si no, no trabajara.
Y ahora inicia tu equipo desde el Modo Seguro – con funciones de Red, de Windows
-
Ejecuta FRST.exe.(Si usas Windows Vista/7/8 o 10, presiona clic derecho y seleccionas -Ejecutar como Administrador-).
-
Presionar el botón FIX y aguardar a que termine.
-
La Herramienta guardara el reporte de reparación en el escritorio (FIXLOG.TXT).
Pegar el contenido de este fichero en tu próxima respuesta. 
Reiniciar el equipo y comprobar su funcionamiento en relación al problema planteado y comentarlo.
Saludos.
Buenas de nuevo,
He hecho lo que me has indicado paso por paso:
- Copia de seguridad del registro
- Cerrar programas
- Desconectar router
- Abrir Notepad, pegar script guardar como FIXLIST.txt
- Entrar en modo seguro
- Ejecutar FRST.exe en modo FIX
- Reinicio
Inicialmente estaba convencido de que estaba solucionado, el sistema corría ligero y todo estaba OK. Cuando he vuelto a encender el router para pegar el reporte FIXLOG.txt y contestarte ha vuelto a aparecer el proceso notepad.exe. No se si tiene algo que ver o era inevitable. Tampoco si tenía que ejecutar FRST.exe con conexión a internet, lo he hecho desconectado.
EDITADO:
Más que sea la conexión lo que activa el proceso es NO TRABAJAR EN EL EQUIPO. Mientras hay actividad no salta nada, en el momento que me levanto cuando vuelvo ya está activado de nuevo el proceso. También, cuando tengo permanentemente abierto el administrador de tareas no se activa el proceso notepad.exe pero sí, una vez que no trabajo, empieza a subir el USO de la CPU de igual forma.
Saludos
Te pego el Fixlog:
Fix result of Farbar Recovery Scan Tool (x64) Version: 07-12-2019
Ran by Asus (12-12-2019 12:15:57) Run:1
Running from C:\Users\Asus\Desktop
Loaded Profiles: Asus (Available Profiles: Asus)
Boot Mode: Safe Mode (minimal)
==============================================
fixlist content:
*****************
START
CREATERESTOREPOINT:
CLOSEPROCESSES:
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-3049655351-1514379235-1721816859-1001\...\Run: [] => [X]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{73FA19D0-2D75-11D2-995D-00C04F98BBC9}] ->
GroupPolicyScripts: Restriction <==== ATTENTION
GroupPolicyScripts-x32: Restriction <==== ATTENTION
Task: {000F758A-D46A-44F7-A644-3EE4E8E1DBD0} - \{ED71624D-6A9A-4A05-86C5-3364E3A61A28} -> No File <==== ATTENTION
Task: {02124FDA-A27C-4D77-BF3A-A35B09F99C3B} - \{25F347D5-83FC-4F72-8B3E-E1B6EEC401B0} -> No File <==== ATTENTION
Task: {02D863E9-044B-45DF-90E9-07B4254AD266} - \{CBA2B57D-3EDE-424E-802D-6281CA87518C} -> No File <==== ATTENTION
Task: {130CC738-6ABB-4551-BF79-C63802F186E8} - \{222710A5-9FBA-4F17-8847-2F7A352BFA5F} -> No File <==== ATTENTION
Task: {16370FC1-9E88-40FD-B0D2-B780E0E1A791} - \{40B81E96-ABDC-4B17-ABCE-AC8131DCC40E} -> No File <==== ATTENTION
Task: {214151EA-6EE7-41AD-920C-2ED5994D87AC} - \{75F1D49F-75A9-402B-8455-9C0C3E0DB4B0} -> No File <==== ATTENTION
Task: {217E3C6C-87E1-4D3E-AE5E-0506C10A01E5} - System32\Tasks\{D2BCEF67-1A72-4C78-ADC2-B8762207CEC1} => C:\Windows\system32\pcalua.exe -a C:\Users\Asus\Desktop\AHDETH-00244228-0042.EXE -d C:\Users\Asus\Desktop
Task: {21B9A782-D73A-46BB-98FA-9D6FA0335565} - \{7806A1E0-77AD-46C9-9DDF-7B31D835371D} -> No File <==== ATTENTION
Task: {475FEF49-CF9F-4AD7-AE70-D73E9AF965EF} - \{A5B5C5C0-A07F-46B0-8D28-9AFA1131D067} -> No File <==== ATTENTION
Task: {49A89047-751F-4DCE-9927-8B5BCA01D760} - \{62777C40-DDE6-4065-BAF9-3D5BFC79A1DB} -> No File <==== ATTENTION
Task: {5AD76BF7-43EE-4C96-90BE-A89F63740DA4} - \ATKOSD2 -> No File <==== ATTENTION
Task: {5D305347-FC8D-4FA4-84DB-B61CD03509F1} - \{52F8F18F-D941-4FA3-9EBC-B7CD858AFA01} -> No File <==== ATTENTION
Task: {60BA98E3-0469-40FE-A0B1-B59EA8317D5B} - \{FE8269C1-2701-4A74-A10F-372830CD9AB7} -> No File <==== ATTENTION
Task: {6BC60F53-BA1C-4ED4-9B9E-EA0C11EC8AF1} - \ASUS SmartLogon Console Sensor -> No File <==== ATTENTION
Task: {6E76BE43-27C5-42A5-8AE6-FCC53C587B2B} - \{B7FC0658-3336-458F-9A5B-6DBA6D1931F9} -> No File <==== ATTENTION
Task: {74053903-6AFB-472A-97BD-2D4CF16B6799} - \{D744480D-AF65-4E9D-973C-D90C5AC8E4B9} -> No File <==== ATTENTION
Task: {7AC3CF0A-3BB0-4FB7-9A6D-8FF344333EC4} - \{3B5C866A-6EE2-4024-9127-342F9325F04D} -> No File <==== ATTENTION
Task: {7CA7D2BA-BDCC-4AB8-94BC-634BFE70C9B3} - \{BE9BCE0E-9FDE-4012-A1D7-6A58D25600D5} -> No File <==== ATTENTION
Task: {8AB9418E-6A61-47EB-862A-A1C078C5A438} - \ASUS P4G -> No File <==== ATTENTION
Task: {A9C03838-7BFE-4EBA-AA0C-8948D1A20AB7} - \{31FAFBED-D2B0-42EE-90EF-9F888F894F32} -> No File <==== ATTENTION
Task: {B7E92E4B-9ECD-4BD8-B874-9296277904F9} - \{AB819BA2-C3D1-400C-9CE3-0D2E09703AB8} -> No File <==== ATTENTION
Task: {D41522A5-CF2B-41F2-B2C3-E4A99C821A8C} - \ACMON -> No File <==== ATTENTION
Task: {D9232461-A2E3-4845-928E-C2AB8517B3FD} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\Overseer.exe [1873288 2019-09-19] (AVAST Software s.r.o. -> AVAST Software)
Task: {DC978305-878F-4631-B8E3-89BE5240E74E} - \{5AA6144B-E7FF-4652-9A03-4AB3820C28AC} -> No File <==== ATTENTION
Task: {EDADDB31-C67E-414B-90D7-7F5DBFCD828F} - \{63CB1D58-0185-4576-8435-4B78A96B376E} -> No File <==== ATTENTION
Task: {F56FD78B-F038-4DF0-8EF4-AE8C4E3F1C47} - \Acrobat Update -> No File <==== ATTENTION
Task: {F7306115-DB2F-42A5-836F-E1E0EDB42FE2} - \{AF8D3D8F-EA22-4C47-BA83-828EEB4F63EB} -> No File <==== ATTENTION
Task: {FA580C49-0496-447D-A0A8-A45CD6EA09EB} - \{1864D485-62E7-4B40-B922-0701AFC98ABF} -> No File <==== ATTENTION
Task: {FC9CAB7B-4F94-46DF-8B3D-6EAB98D5168F} - \{5C5C52F9-A37B-481F-A4A4-AFBD9A9E6E45} -> No File <==== ATTENTION
Task: {FE388D24-6326-4B57-8C4D-FBF0F2CFBB8A} - \{626732E7-9845-43A5-BD37-44452CE009CE} -> No File <==== ATTENTION
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3049655351-1514379235-1721816859-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
Toolbar: HKU\S-1-5-21-3049655351-1514379235-1721816859-1001 -> No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.35.342\npGoogleUpdate3.dll [2019-11-05] (Google Inc -> Google LLC)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [No File]
CHR HKLM-x32\...\Chrome\Extension: [ihenkjeihefokohmemphikjnjbmegdik] - "C:\Program Files (x86)\Sony\Media Go\MediaGoDetector.crx" <not found>
U3 aswbdisk; no ImagePath
S2 RHDISK_AMD64; \??\C:\Program Files (x86)\Rohos\RHDISK_AMD64.SYS [X]
2015-04-28 12:32 - 2015-04-28 12:33 - 028579392 _____ (Sony Mobile Communications ) C:\Users\Asus\AppData\Local\pcc.exe
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers4: [MSSE] -> {0365FE2C-F183-4091-AC82-BFC39FB75C49} => -> No File
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
AlternateDataStreams: C:\ProgramData\Temp:054203E4 [130]
AlternateDataStreams: C:\ProgramData\Temp:5216CD26 [256]
AlternateDataStreams: C:\ProgramData\Temp:5D458568 [118]
AlternateDataStreams: C:\ProgramData\Temp:77846FFE [140]
AlternateDataStreams: C:\ProgramData\Temp:888AFB86 [222]
AlternateDataStreams: C:\ProgramData\Temp:AC57032B [132]
AlternateDataStreams: C:\Users\Asus\AppData\Local\Archivos temporales de Internet:5tNdTyI9mqN4DpjO2QNkza5LK [2480]
HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
END
*****************
Error: Restore point can only be created in normal mode.
Processes closed successfully.
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\" => removed successfully
"HKU\S-1-5-21-3049655351-1514379235-1721816859-1001\Software\Microsoft\Windows\CurrentVersion\Run\\" => removed successfully
HKLM\Software\Microsoft\Active Setup\Installed Components\{2D46B6DC-2207-486B-B523-A557E6D54B47} => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components\{2D46B6DC-2207-486B-B523-A557E6D54B47} => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components\{73FA19D0-2D75-11D2-995D-00C04F98BBC9} => removed successfully
C:\Windows\system32\GroupPolicy\Machine => moved successfully
C:\Windows\system32\GroupPolicy\GPT.ini => moved successfully
C:\Windows\SysWOW64\GroupPolicy\GPT.ini => moved successfully
C:\Windows\SysWOW64\GroupPolicy\Machine => moved successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{000F758A-D46A-44F7-A644-3EE4E8E1DBD0} => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{000F758A-D46A-44F7-A644-3EE4E8E1DBD0} => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{ED71624D-6A9A-4A05-86C5-3364E3A61A28} => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{02124FDA-A27C-4D77-BF3A-A35B09F99C3B} => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{02124FDA-A27C-4D77-BF3A-A35B09F99C3B} => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{25F347D5-83FC-4F72-8B3E-E1B6EEC401B0} => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{02D863E9-044B-45DF-90E9-07B4254AD266} => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{02D863E9-044B-45DF-90E9-07B4254AD266} => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{CBA2B57D-3EDE-424E-802D-6281CA87518C} => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{130CC738-6ABB-4551-BF79-C63802F186E8} => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{130CC738-6ABB-4551-BF79-C63802F186E8} => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{222710A5-9FBA-4F17-8847-2F7A352BFA5F} => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{16370FC1-9E88-40FD-B0D2-B780E0E1A791} => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{16370FC1-9E88-40FD-B0D2-B780E0E1A791} => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{40B81E96-ABDC-4B17-ABCE-AC8131DCC40E} => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{214151EA-6EE7-41AD-920C-2ED5994D87AC} => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{214151EA-6EE7-41AD-920C-2ED5994D87AC} => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{75F1D49F-75A9-402B-8455-9C0C3E0DB4B0} => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{217E3C6C-87E1-4D3E-AE5E-0506C10A01E5} => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{217E3C6C-87E1-4D3E-AE5E-0506C10A01E5} => removed successfully
C:\Windows\System32\Tasks\{D2BCEF67-1A72-4C78-ADC2-B8762207CEC1} => moved successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{D2BCEF67-1A72-4C78-ADC2-B8762207CEC1} => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{21B9A782-D73A-46BB-98FA-9D6FA0335565} => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{21B9A782-D73A-46BB-98FA-9D6FA0335565} => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{7806A1E0-77AD-46C9-9DDF-7B31D835371D} => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{475FEF49-CF9F-4AD7-AE70-D73E9AF965EF} => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{475FEF49-CF9F-4AD7-AE70-D73E9AF965EF} => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{A5B5C5C0-A07F-46B0-8D28-9AFA1131D067} => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{49A89047-751F-4DCE-9927-8B5BCA01D760} => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{49A89047-751F-4DCE-9927-8B5BCA01D760} => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{62777C40-DDE6-4065-BAF9-3D5BFC79A1DB} => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{5AD76BF7-43EE-4C96-90BE-A89F63740DA4} => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5AD76BF7-43EE-4C96-90BE-A89F63740DA4} => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ATKOSD2 => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5D305347-FC8D-4FA4-84DB-B61CD03509F1} => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5D305347-FC8D-4FA4-84DB-B61CD03509F1} => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{52F8F18F-D941-4FA3-9EBC-B7CD858AFA01} => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{60BA98E3-0469-40FE-A0B1-B59EA8317D5B} => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{60BA98E3-0469-40FE-A0B1-B59EA8317D5B} => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{FE8269C1-2701-4A74-A10F-372830CD9AB7} => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{6BC60F53-BA1C-4ED4-9B9E-EA0C11EC8AF1} => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6BC60F53-BA1C-4ED4-9B9E-EA0C11EC8AF1} => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ASUS SmartLogon Console Sensor => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6E76BE43-27C5-42A5-8AE6-FCC53C587B2B} => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6E76BE43-27C5-42A5-8AE6-FCC53C587B2B} => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{B7FC0658-3336-458F-9A5B-6DBA6D1931F9} => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{74053903-6AFB-472A-97BD-2D4CF16B6799} => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{74053903-6AFB-472A-97BD-2D4CF16B6799} => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{D744480D-AF65-4E9D-973C-D90C5AC8E4B9} => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7AC3CF0A-3BB0-4FB7-9A6D-8FF344333EC4} => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7AC3CF0A-3BB0-4FB7-9A6D-8FF344333EC4} => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{3B5C866A-6EE2-4024-9127-342F9325F04D} => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7CA7D2BA-BDCC-4AB8-94BC-634BFE70C9B3} => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7CA7D2BA-BDCC-4AB8-94BC-634BFE70C9B3} => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{BE9BCE0E-9FDE-4012-A1D7-6A58D25600D5} => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{8AB9418E-6A61-47EB-862A-A1C078C5A438} => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8AB9418E-6A61-47EB-862A-A1C078C5A438} => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ASUS P4G => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A9C03838-7BFE-4EBA-AA0C-8948D1A20AB7} => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A9C03838-7BFE-4EBA-AA0C-8948D1A20AB7} => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{31FAFBED-D2B0-42EE-90EF-9F888F894F32} => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B7E92E4B-9ECD-4BD8-B874-9296277904F9} => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B7E92E4B-9ECD-4BD8-B874-9296277904F9} => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{AB819BA2-C3D1-400C-9CE3-0D2E09703AB8} => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{D41522A5-CF2B-41F2-B2C3-E4A99C821A8C} => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D41522A5-CF2B-41F2-B2C3-E4A99C821A8C} => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ACMON => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{D9232461-A2E3-4845-928E-C2AB8517B3FD}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D9232461-A2E3-4845-928E-C2AB8517B3FD}" => removed successfully
C:\Windows\System32\Tasks\Avast Software\Overseer => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Avast Software\Overseer" => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DC978305-878F-4631-B8E3-89BE5240E74E} => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DC978305-878F-4631-B8E3-89BE5240E74E} => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{5AA6144B-E7FF-4652-9A03-4AB3820C28AC} => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{EDADDB31-C67E-414B-90D7-7F5DBFCD828F} => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EDADDB31-C67E-414B-90D7-7F5DBFCD828F} => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{63CB1D58-0185-4576-8435-4B78A96B376E} => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{F56FD78B-F038-4DF0-8EF4-AE8C4E3F1C47} => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F56FD78B-F038-4DF0-8EF4-AE8C4E3F1C47} => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Acrobat Update" => not found
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F7306115-DB2F-42A5-836F-E1E0EDB42FE2} => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F7306115-DB2F-42A5-836F-E1E0EDB42FE2} => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{AF8D3D8F-EA22-4C47-BA83-828EEB4F63EB} => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FA580C49-0496-447D-A0A8-A45CD6EA09EB} => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FA580C49-0496-447D-A0A8-A45CD6EA09EB} => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{1864D485-62E7-4B40-B922-0701AFC98ABF} => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FC9CAB7B-4F94-46DF-8B3D-6EAB98D5168F} => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FC9CAB7B-4F94-46DF-8B3D-6EAB98D5168F} => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{5C5C52F9-A37B-481F-A4A4-AFBD9A9E6E45} => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FE388D24-6326-4B57-8C4D-FBF0F2CFBB8A} => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FE388D24-6326-4B57-8C4D-FBF0F2CFBB8A} => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{626732E7-9845-43A5-BD37-44452CE009CE} => removed successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => value restored successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => value restored successfully
"HKU\S-1-5-21-3049655351-1514379235-1721816859-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully
"HKU\S-1-5-21-3049655351-1514379235-1721816859-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{47833539-D0C5-4125-9FA8-0819E2EAAC93}" => removed successfully
HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE => removed successfully
HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE => removed successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.35.342\npGoogleUpdate3.dll [2019-11-05] (Google Inc" => not found
C:\Program Files (x86)\Google\Update\1.3.35.342\npGoogleUpdate3.dll => moved successfully
HKLM\Software\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.5 => removed successfully
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\ihenkjeihefokohmemphikjnjbmegdik => removed successfully
HKLM\System\CurrentControlSet\Services\aswbdisk => removed successfully
aswbdisk => service removed successfully
HKLM\System\CurrentControlSet\Services\RHDISK_AMD64 => removed successfully
RHDISK_AMD64 => service removed successfully
C:\Users\Asus\AppData\Local\pcc.exe => moved successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00asw => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avast => removed successfully
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\MSSE => removed successfully
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\Offline Files => removed successfully
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\Offline Files => removed successfully
C:\ProgramData\Temp => ":054203E4" ADS removed successfully
C:\ProgramData\Temp => ":5216CD26" ADS removed successfully
C:\ProgramData\Temp => ":5D458568" ADS removed successfully
C:\ProgramData\Temp => ":77846FFE" ADS removed successfully
C:\ProgramData\Temp => ":888AFB86" ADS removed successfully
C:\ProgramData\Temp => ":AC57032B" ADS removed successfully
C:\Users\Asus\AppData\Local\Archivos temporales de Internet => ":5tNdTyI9mqN4DpjO2QNkza5LK" ADS removed successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
========= RemoveProxy: =========
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer => removed successfully
HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Internet Explorer => removed successfully
HKU\S-1-5-21-3049655351-1514379235-1721816859-1001\SOFTWARE\Policies\Microsoft\Internet Explorer => removed successfully
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully
"HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully
"HKU\S-1-5-21-3049655351-1514379235-1721816859-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\S-1-5-21-3049655351-1514379235-1721816859-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully
========= End of RemoveProxy: =========
========= netsh winsock reset =========
El cat logo Winsock se restableci¢ correctamente.
Debe reiniciar el equipo para completar el restablecimiento.
========= End of CMD: =========
========= ipconfig /renew =========
Configuraci¢n IP de Windows
========= End of CMD: =========
========= ipconfig /flushdns =========
Configuraci¢n IP de Windows
No se puede vaciar la cach‚ de resoluci¢n de DNS: Error de una funci¢n durante la ejecuci¢n.
========= End of CMD: =========
========= bitsadmin /reset /allusers =========
BITSADMIN version 3.0 [ 7.5.7601 ]
BITS administration utility.
(C) Copyright 2000-2006 Microsoft Corp.
BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.
Unable to connect to BITS - 0x8007042c
No se puede iniciar el servicio o grupo de dependencia.
========= End of CMD: =========
========= netsh advfirewall reset =========
Error al intentar ponerse en contacto con el servicio Firewall de Windows. Aseg£rese de que el servicio se est ejecutando e intente la solicitud de nuevo.
========= End of CMD: =========
========= netsh advfirewall set allprofiles state ON =========
Error al intentar ponerse en contacto con el servicio Firewall de Windows. Aseg£rese de que el servicio se est ejecutando e intente la solicitud de nuevo.
========= End of CMD: =========
========= netsh int ipv4 reset =========
No hay valores configurados por el usuario para restablecer.
========= End of CMD: =========
========= netsh int ipv6 reset =========
No hay valores configurados por el usuario para restablecer.
========= End of CMD: =========
=========== EmptyTemp: ==========
BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 9886674 B
Java, Flash, Steam htmlcache => 1154 B
Windows/system/drivers => 30521008 B
Edge => 0 B
Chrome => 2392554 B
Firefox => 95779550 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 33186 B
systemprofile32 => 7558776 B
LocalService => 7558776 B
NetworkService => 7558916 B
UpdatusUser => 7558916 B
Asus => 15238560 B
RecycleBin => 0 B
EmptyTemp: => 183.6 MB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 12:16:59 ====Hola. 
Prueba unos pasos, APAGA totalmente TU equipo y APAGA también el ROUTER.
Despues enciendes el equipo y compruebas SI aparece el proceso, por supuesto con el ROUTER APAGADO.
Usa el equipo arrancando diversos programas que tengas instalados, incluidos los navegadores que por supuesto te dirán que NO te puedes conectar…
Realiza esas verificaciones y comprueba también SI cuando NO lo usas también se reproduce el problema.
SI todo va correcto y NO salta el proceso REINICIAS el equipo varias veces y en cada REINICIO vuelves a realizar las mismas verificaciones.
TODO ello sin encender el ROUTER durante TODOS los pasos.
Vuelves y nos comentas resultados.
Saludos.
Buenas Javier,
Ya voy sacando algo en claro:
ROUTER APAGADO:
En reposo todo OK
Abriendo programas, todo OK
Abriendo navegadores, todo OK
ROUTER ENCENDIDO:
En reposo, empieza el proceso notepad.exe
Abro el Adm. de Tareas y ocupa 2,481Gb, desaparece al instante
Mantengo abierto Adm de Tareas, no aparece el proceso pero aumenta el uso de procesador.
Mientras hay actividad de uso en el equipo, teclado o ratón no salta el proceso.
Sin actividad, salta al de 30 segundos aproximadamente.
Otro proceso que siempre está arriba de los que más usan RAM aunque sólo con 79 mb es werFault.exe*32. Igual es algo normal pero no me había fijado nunca en él hasta ahora.
Un saludo
Hola.
Bien… pues veamos SI el ROUTER tiene algo que ver en estos problemas. 
Sabes Hacer un RESET del ROUTER…??
Se hace pulsando(y manteniendo pulsado 5 segundos) un pequeño botón o agujero que suele estar en la parte trasera o inferior del aparato.
Hazlo con el ordenador APAGADO y cuando veas que TODAS las luces se han restablecido enciendes el ordenador y compruebas el funcionamiento.
Nos comentas resultados.
Saludos.
Buenos días,
Pues me temo que no es el ROUTER.
Antes de RESETEARLO lo he apagado y me he conectado con el MOVIL como punto de acceso, y el proceso ha vuelto a manifestarse.
Luego he apagado el equipo y he reseteado el ROUTER como me has dicho.
El proceso se activa cuando detecta una conexión y no hay actividad durante 30s. en el equipo.
He conseguido parar el uso de la RAM terminando el siguiente proceso:
Nombre de Imagen: fdggake.exe*32
Descripción: AutoIt v3 Sript (Beta)
Ahora ya no sale el notepad.exe pero la próxima vez que reincie tendré el mismo problema. El malwarebits y el adwcleane no me han detectado.
Tampoco tengo un punto de restauración del sistema.
Un saludo
Buenas de nuevo,
Tras detener el proceso fdggake.exe con descripción AutoIt v3 y reiniciar el equipo se ha solucionado el problema.
No tiene mucho sentido, creo porque la RAM es volatil y si hay un malware o un script malicioso debería aparecer al reiniciar, pero el hecho es que ha desaparecido.
Voy a esperar antes de cantar victoria pero pinta bien.
Un saludo y muchas gracias
Hola.
Pues efectivamente NO tiene mucho sentido, NI mucho NI poco. 
Ese proceso parece que sea nuevo o que haya “migrado-camuflado” de algún otro anterior, pero tampoco se veía claramente ningún otro proceso claro en los informes y pasos que hicimos anteriormente. 
Has apagado y encendido el equipo al menos tres veces seguidas para verificar que NO se autoreproduzca de nuevo…??
El proceso con el Notepad…YA tampoco se visualiza…??