Pues lo dicho. Cuando estoy navegando con firefox, se me abre una pagina con que me ha tocado un premio de telefonica… que suerte la mia…
Ire pasando los programas que teneis, ya he visto el orden y como hacerlo en otros hilos e intento poneros los logs e informes por aqui.
En principio solo me pasa con firefox, y especialmente cuando entro a la pagina del pais… Sera casualidad estoy ultimo…
Gracias
Hola @Mrpetete Bienvenidoal foro!!!
Cuando tengas los reportes los pones para revisarlos y comentas como sigue el problema después de utilizarlos.
Un saludo
Malwarebytes, AdwCleaner, JRT, FRST + Addition.txt van en este orden, empiezo.
Malwarebytes
www.malwarebytes.com
-Detalles del registro-
Fecha del análisis: 4/5/20
Hora del análisis: 12:35
Archivo de registro: 0180bbdc-8df3-11ea-9762-002618b0ccb9.json
-Información del software-
Versión: 4.1.0.56
Versión de los componentes: 1.0.889
Versión del paquete de actualización: 1.0.23322
Licencia: Prueba
-Información del sistema-
SO: Windows 10 (Build 18362.778)
CPU: x64
Sistema de archivos: NTFS
Usuario: petete-PC\petete
-Resumen del análisis-
Tipo de análisis: Análisis de amenazas
Análisis iniciado por:: Manual
Resultado: Completado
Objetos analizados: 365231
Amenazas detectadas: 0
Amenazas en cuarentena: 0
Tiempo transcurrido: 5 min, 28 seg
-Opciones de análisis-
Memoria: Activado
Inicio: Activado
Sistema de archivos: Activado
Archivo: Activado
Rootkits: Desactivado
Heurística: Activado
PUP: Detectar
PUM: Detectar
-Detalles del análisis-
Proceso: 0
(No hay elementos maliciosos detectados)
Módulo: 0
(No hay elementos maliciosos detectados)
Clave del registro: 0
(No hay elementos maliciosos detectados)
Valor del registro: 0
(No hay elementos maliciosos detectados)
Datos del registro: 0
(No hay elementos maliciosos detectados)
Secuencia de datos: 0
(No hay elementos maliciosos detectados)
Carpeta: 0
(No hay elementos maliciosos detectados)
Archivo: 0
(No hay elementos maliciosos detectados)
Sector físico: 0
(No hay elementos maliciosos detectados)
WMI: 0
(No hay elementos maliciosos detectados)
(end)# -------------------------------
# Malwarebytes AdwCleaner 8.0.4.0
# -------------------------------
# Build: 04-03-2020
# Database: 2020-04-03.1 (Local)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 05-04-2020
# Duration: 00:00:42
# OS: Windows 10 Pro
# Scanned: 32067
# Detected: 0
***** [ Services ] *****
No malicious services found.
***** [ Folders ] *****
No malicious folders found.
***** [ Files ] *****
No malicious files found.
***** [ DLL ] *****
No malicious DLLs found.
***** [ WMI ] *****
No malicious WMI found.
***** [ Shortcuts ] *****
No malicious shortcuts found.
***** [ Tasks ] *****
No malicious tasks found.
***** [ Registry ] *****
No malicious registry entries found.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries found.
***** [ Chromium URLs ] *****
No malicious Chromium URLs found.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries found.
***** [ Firefox URLs ] *****
No malicious Firefox URLs found.
***** [ Hosts File Entries ] *****
No malicious hosts file entries found.
***** [ Preinstalled Software ] *****
No Preinstalled Software found.
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.4 (07.09.2017)
Operating System: Windows 10 Enterprise x64
Ran by petete (Administrator) on 04/05/2020 at 13:07:47,91
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
File System: 0
Registry: 0
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 04/05/2020 at 13:10:42,92
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Resultado del análisis realizado por Farbar Recovery Scan Tool (FRST) (x64) Versión: 03-05-2020
Ejecutado por petete (administrador) sobre PETETE-PC (04-05-2020 13:14:54)
Ejecutado desde C:\Users\petete\Desktop
Perfiles cargados: petete (Perfiles disponibles: petete & DefaultAppPool)
Platform: Windows 10 Pro Versión 1903 18362.778 (X64) Idioma: Español (España, internacional)
Navegador predeterminado: Chrome
Modo de Inicio: Normal
Tutorial para Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Procesos (Lista blanca) =================
(Si una entrada es incluida en el fixlist, el proceso será cerrado. El archivo no será movido.)
(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe <2>
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1910.0.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2004.6-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2004.6-0\NisSrv.exe
(Nitro Software, Inc. -> ) C:\Program Files\Nitro\Pro 10\Nitro_UpdateService.exe
(Nitro Software, Inc. -> Nitro Software, Inc.) C:\Program Files\Nitro\Pro 10\NitroPDFDriverService10x64.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Shanghai Microvirt Software Technology Co., Ltd. -> ) C:\Program Files\Microvirt\MEmu\MemuService.exe
==================== Registro (Lista blanca) ===================
(Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8843784 2016-08-01] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2777392 2015-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\nvspcap64.dll [1842080 2015-11-05] (NVIDIA Corporation PE Sign v2014 -> NVIDIA Corporation) [Archivo no firmado]
HKLM\...\Run: [WindowsDefender] => "%ProgramFiles%\Windows Defender\MSASCuiL.exe"
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-1718926927-2883716816-2102457450-1000\...\Run: [Spotify] => C:\Users\petete\AppData\Roaming\Spotify\Spotify.exe [21099408 2018-01-17] (Spotify AB -> Spotify Ltd)
HKU\S-1-5-21-1718926927-2883716816-2102457450-1000\...\Run: [Spotify Web Helper] => C:\Users\petete\AppData\Roaming\Spotify\SpotifyWebHelper.exe [780688 2018-01-17] (Spotify AB -> Spotify Ltd)
HKU\S-1-5-21-1718926927-2883716816-2102457450-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [27775672 2020-05-01] (Piriform Software Ltd -> Piriform Software Ltd)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.129\Installer\chrmstp.exe [2020-04-28] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] ->
GroupPolicy: Restricción ? <==== ATENCIÓN
CHR HKLM\SOFTWARE\Policies\Google: Restricción <==== ATENCIÓN
==================== Tareas programadas (Lista blanca) ============
(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)
Task: {03D1B20E-3547-4463-B509-FF1EA83ED324} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2020-05-01] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {0A7FD646-AA4D-44F2-979B-3F2992AB6B89} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> Ningún archivo <==== ATENCIÓN
Task: {0BF3EC43-A202-470D-B52A-BFD6C1E386F0} - \Microsoft\Windows\UNP\RunCampaignManager -> Ningún archivo <==== ATENCIÓN
Task: {0F91CA5F-5FD4-40E3-8519-C3D5F64FCE75} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {109047BA-349D-4423-AEFC-5DF0E7889D11} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-04-15] (Adobe Inc. -> Adobe)
Task: {11956FA6-4062-4F96-A55E-CB843A9FE22F} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {1593E07F-A3A9-4F30-80F1-02A9670EB057} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Ningún archivo <==== ATENCIÓN
Task: {16A6A6A7-1EC6-4ACD-AACD-05F50B111555} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Ningún archivo <==== ATENCIÓN
Task: {21680786-6EC0-42AD-9304-AEE6DDAE7ACC} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {231759F1-A2DD-4178-B52F-607EBB0335DE} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {2952308E-6373-45BA-B338-D92A3D79DEB3} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-30] (Google Inc -> Google Inc.)
Task: {2969DECA-4F3D-460C-8B6D-ACE92E528077} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {3174CF8C-2584-4F76-8AF0-364BD0086D58} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {32033C58-761D-40D3-8EE6-6F6B813C6C55} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {321136EA-B9C5-4E28-BF29-4A051F1AF95A} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> Ningún archivo <==== ATENCIÓN
Task: {33C2F166-ABA3-44BC-808B-8C28E4986FDD} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Ningún archivo <==== ATENCIÓN
Task: {35BD64D2-3E93-4B3C-AAE3-F48DAE754D7E} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Ningún archivo <==== ATENCIÓN
Task: {390D4736-C4F8-4ADE-AA54-8FEC5783B058} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe [126152 2020-04-07] (Mozilla Corporation -> Mozilla Foundation)
Task: {3942B16B-0701-4675-BC2C-F486EC4FDCFB} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => c:\Program Files\Microsoft Security Client\MpCmdRun.exe
Task: {3D37D8CB-D4F4-48D4-BB1B-0D3E67E3418B} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4F47-879B-29A80C355D61}
Task: {4514F009-ECFE-4B69-9CFC-47BC8530804D} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {486D715E-6AA2-44CF-BC48-B6990CBB53C6} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControlsMigration => {343D770D-7788-47C2-B62A-B7C4CED925CB}
Task: {50538990-DA4F-4B55-ABE9-2CD5038D8BE1} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {509E9E82-9685-42DF-A7C3-5FB46BBA7FCF} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> Ningún archivo <==== ATENCIÓN
Task: {5942C4BA-0962-41DE-B7E9-AEF1A7A971E3} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {5B42DD9C-5A26-4F27-BB95-34603F0997E5} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControls => {DFA14C43-F385-4170-99CC-1B7765FA0E4A}
Task: {5CFC376A-1FD4-4EF7-9D7F-F121169E5B49} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDFE067B1}
Task: {6038E375-6230-4921-B7CB-4FC24CD45C66} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Ningún archivo <==== ATENCIÓN
Task: {604BCEEB-9455-4805-B39B-1E4E787E8A1D} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {61A0F4C8-AF89-4779-8651-578192686F3F} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {6423A72D-678A-464B-BA9E-F732E8131699} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Ningún archivo <==== ATENCIÓN
Task: {6CE01626-3388-4BD2-8473-43303B4ACEFE} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Ningún archivo <==== ATENCIÓN
Task: {71B902C0-4D98-45A7-809B-0851FF282CDC} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {71CB6ABE-6F3C-4C3C-9CBE-C9E0E464FB19} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}
Task: {85746F89-B101-40A7-B099-C1A18B864B52} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {87F481EE-FE46-42BC-86A1-20ECC5DCAE54} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {8A2801AA-72D5-4B41-8F75-81668CF79852} - System32\Tasks\NvNotifier_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\GFExperience.Deployer\NvNotifier.exe [1920976 2019-10-04] (NVIDIA Corporation -> )
Task: {8AA51FB7-94BB-433E-A18A-D663FAA63494} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {8DBA3F26-E957-4D12-B5BB-750476B5DA02} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43DA-BFD7-FBEEA2180A1E}
Task: {94213753-DFF8-4861-A309-C24758E07AE5} - \Microsoft\Windows\Setup\EOONotify -> Ningún archivo <==== ATENCIÓN
Task: {94BC42AD-0169-4ED6-96CE-082812CE52EF} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {9638401A-C9C1-4C6E-9A0B-91493842EA2A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2004.6-0\MpCmdRun.exe [485944 2020-05-01] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {9F2D68D4-7ADB-43BF-B1D5-8F9B5EB16D13} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}
Task: {A43D866A-7AE9-4EB3-B7FB-D44F6742839F} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {AADFD208-B99D-4F29-9270-FE679CB9F72D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-30] (Google Inc -> Google Inc.)
Task: {B0CBAB43-44FC-469B-A4CE-87426761FDCE} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {B71D242B-EF4D-46F0-A36F-0AEAAE8B56E7} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [23571128 2020-05-01] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {C3414D30-AE7E-4BB2-9B22-7B76ADFE0629} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1242704 2020-02-25] (Adobe Inc. -> Adobe Systems)
Task: {C4D89B09-84A9-444C-9B00-F000A42ECDF4} - \Microsoft\Windows\Setup\GWXTriggers\Time-Weekend -> Ningún archivo <==== ATENCIÓN
Task: {C4E52DFD-6AD8-47F2-8C13-5D84E070D57E} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {C67A187D-2CAB-41C5-94B1-91C0CC5A01F7} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Ningún archivo <==== ATENCIÓN
Task: {CB2956C5-A973-4DB5-AC32-FB989962F6BF} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {CCF87B56-F10E-4A46-8C10-9DE23E118789} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {D29C0E93-4EC6-4CF2-B5B4-CDAD18679BE3} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2004.6-0\MpCmdRun.exe [485944 2020-05-01] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {D9B3F203-DBFD-40D6-80F9-26618883B688} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Ningún archivo <==== ATENCIÓN
Task: {DB223E94-DDC0-4989-BA3C-0460CDD8F31C} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> Ningún archivo <==== ATENCIÓN
Task: {E1A13F5F-030C-4C74-B633-99B7359350DE} - System32\Tasks\{C4D3AE12-4876-4985-A116-60A174759EAB} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\Revouninstaller.exe" -d "C:\Program Files (x86)\VS Revo Group\Revo Uninstaller"
Task: {E26003C2-F08E-4215-BEBA-28D426EAD2E2} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2004.6-0\MpCmdRun.exe [485944 2020-05-01] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {E614C5A3-7BF4-471F-99B5-59779E0AD7A6} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => C:\Program Files (x86)\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [16832 2015-07-08] (LENOVO -> Lenovo)
Task: {E8BB48BB-3852-4D94-A0E0-C529F298C9BF} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2004.6-0\MpCmdRun.exe [485944 2020-05-01] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {E8C640B9-7E01-4E4F-B475-0624D1D701F1} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_363_Plugin.exe [1458232 2020-04-15] (Adobe Inc. -> Adobe)
Task: {EE517547-600A-492D-AE60-5E1AD872F2BB} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {F27F273A-01C6-46DE-9CBE-1397E480C59C} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Ningún archivo <==== ATENCIÓN
Task: {FC4BF101-3CBE-4D3A-95FF-BCF07A2E3552} - \Microsoft\Windows\Setup\gwx\rundetector -> Ningún archivo <==== ATENCIÓN
(Si una entrada es incluida en el fixlist, el archivo de tarea (.job) será movido. El archivo que está siendo ejecutado por la tarea no será movido.)
==================== Internet (Lista blanca) ====================
(Si un elemento es incluido en el fixlist, y éste pertenece al registro, será eliminado o restaurado a su valor predeterminado.)
Tcpip\Parameters: [DhcpNameServer] 80.58.61.254 80.58.61.250
Tcpip\..\Interfaces\{6031537c-a964-4026-80c1-bdacc84f7993}: [DhcpNameServer] 80.58.61.254 80.58.61.250
Tcpip\..\Interfaces\{a04b1c62-cacc-4387-9b43-989b30580a80}: [DhcpNameServer] 80.58.61.254 80.58.61.250
Tcpip\..\Interfaces\{a37541df-8092-4b80-8f52-f6786787eeb4}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKU\S-1-5-21-1718926927-2883716816-2102457450-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.es/
SearchScopes: HKLM -> {fcd9f10e-0daa-405f-bca0-0dd3f37c59d9} URL =
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1718926927-2883716816-2102457450-1000 -> DefaultScope {2f23ab71-4ac6-41f2-a955-ea576e553146} URL = hxxps://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1718926927-2883716816-2102457450-1000 -> {2f23ab71-4ac6-41f2-a955-ea576e553146} URL = hxxps://www.google.com/search?q={searchTerms}
BHO: Sin Nombre -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> Ningún archivo
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
DPF: HKLM-x32 {B178DBD1-25DF-4187-9BE0-05D123B91B98} hxxps://servicios4.jcyl.es/websigner/cab/WebSigner2.cab
Edge:
======
DownloadDir: C:\Users\petete\Downloads
Edge HomeButtonPage: HKU\S-1-5-21-1718926927-2883716816-2102457450-1000 -> hxxp://www.google.es/
FireFox:
========
FF DefaultProfile: bd8o5k48.default
FF ProfilePath: C:\Users\petete\AppData\Roaming\Mozilla\Firefox\Profiles\bd8o5k48.default [2020-05-04]
FF Homepage: Mozilla\Firefox\Profiles\bd8o5k48.default -> hxxps://www.google.es/
FF NewTab: Mozilla\Firefox\Profiles\bd8o5k48.default -> about:newtab
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_363.dll [2020-04-15] (Adobe Inc. -> )
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_363.dll [2020-04-15] (Adobe Inc. -> )
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro\Pro 10\npnitromozilla.dll [2016-07-22] (Nitro Software, Inc. -> Nitro PDF)
FF Plugin-x32: @raidcall.en/RCplugin -> C:\Users\petete\AppData\Roaming\raidcall\plugins\nprcplugin.dll [2014-05-27] (Raidcall) [Archivo no firmado]
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-03-06] (Adobe Inc. -> Adobe Systems Inc.)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\petete\AppData\Local\Google\Chrome\User Data\Default [2020-05-04]
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com/","hxxp://www.google.com/"
CHR Extension: (Presentaciones) - C:\Users\petete\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-15]
CHR Extension: (Documentos) - C:\Users\petete\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-15]
CHR Extension: (Google Drive) - C:\Users\petete\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-17]
CHR Extension: (YouTube) - C:\Users\petete\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25]
CHR Extension: (Búsqueda de Google) - C:\Users\petete\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-28]
CHR Extension: (ARC Welder) - C:\Users\petete\AppData\Local\Google\Chrome\User Data\Default\Extensions\emfinbmielocnlhgmfkkmkngdoccbadn [2018-02-10]
CHR Extension: (Hojas de cálculo) - C:\Users\petete\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-15]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\petete\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-04-21]
CHR Extension: (App Runtime for Chrome (Beta)) - C:\Users\petete\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfaihdlpglflfgpfjcifdjdjcckigekc [2018-12-13]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\petete\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-07]
CHR Extension: (Gmail) - C:\Users\petete\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-05-06]
CHR Extension: (Chrome Media Router) - C:\Users\petete\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-04-22]
CHR Extension: (WhatsApp) - C:\Users\petete\Documents\com.whatsapp.apk_export_mibqo [2016-05-25]
CHR HKLM-x32\...\Chrome\Extension: [eedgghdcpmmmilkmfpnklknlenbiolec]
CHR HKLM-x32\...\Chrome\Extension: [kpdmjodecdegfglgaapafjleomjjlpnh]
==================== Servicios (Lista blanca) ===================
(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [802432 2020-03-30] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1156400 2015-11-05] (NVIDIA Corporation -> NVIDIA Corporation)
S2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [6933272 2020-05-02] (Malwarebytes Inc -> Malwarebytes)
R2 MEmuSVC; C:\Program Files\Microvirt\MEmu\MemuService.exe [85304 2019-07-02] (Shanghai Microvirt Software Technology Co., Ltd. -> )
R2 NitroDriverReadSpool10; C:\Program Files\Nitro\Pro 10\NitroPDFDriverService10x64.exe [327320 2016-07-22] (Nitro Software, Inc. -> Nitro Software, Inc.)
R2 NitroUpdateService; C:\Program Files\Nitro\Pro 10\Nitro_UpdateService.exe [417944 2016-07-22] (Nitro Software, Inc. -> )
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1872688 2015-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
S2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [4804400 2015-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5930136 2020-04-15] (Microsoft Windows Publisher -> Microsoft Corporation)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2004.6-0\NisSrv.exe [3304992 2020-05-01] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2004.6-0\MsMpEng.exe [103376 2020-05-01] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
===================== Controladores (Lista blanca) ===================
(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [231936 2019-10-02] (Microsoft Corporation) [Archivo no firmado]
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R1 HWiNFO32; C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [27552 2016-08-01] (Martin Malik - REALiX -> REALiX(tm))
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [20936 2020-05-02] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R1 MEmuDrv; C:\WINDOWS\system32\DRIVERS\MEmuDrv.sys [319448 2019-04-15] (Shanghai Microvirt Software Technology Co., Ltd. -> Maiwei Corporation)
R3 MTsensor; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [17280 2013-05-17] (ASUSTeK Computer Inc. -> )
S3 netr28ux; C:\WINDOWS\System32\drivers\netr28ux.sys [2224128 2019-03-19] (Microsoft Windows -> MediaTek Inc.)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_db678424d2641c3d\nvlddmkm.sys [22094728 2019-10-04] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19760 2015-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [67432 2018-07-02] (NVIDIA Corporation -> NVIDIA Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [1106256 2018-07-02] (Realtek Semiconductor Corp. -> Realtek )
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166760 2019-09-26] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [45960 2020-05-01] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [394680 2020-05-01] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [64944 2020-05-01] (Microsoft Windows -> Microsoft Corporation)
U3 idsvc; no ImagePath
S3 VMnetAdapter; \SystemRoot\system32\DRIVERS\vmnetadapter.sys [X]
Segunda parte del FRST
==================== NetSvcs (Lista blanca) ===================
(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)
==================== Un mes (creado) ===================
(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)
2020-05-04 13:14 - 2020-05-04 13:16 - 000026996 _____ C:\Users\petete\Desktop\FRST.txt
2020-05-04 12:32 - 2020-05-04 13:13 - 000000000 ____D C:\Users\petete\Desktop\limpieza virus
2020-05-04 12:26 - 2020-05-04 12:26 - 002283520 _____ (Farbar) C:\Users\petete\Desktop\FRST64.exe
2020-05-04 12:22 - 2020-05-04 12:22 - 000002033 _____ C:\Users\petete\Desktop\Malwarebytes.lnk
2020-05-04 12:21 - 2020-05-04 12:21 - 000000978 _____ C:\Users\petete\Desktop\escrito seg social baja mara.txt
2020-05-04 11:43 - 2020-05-04 11:43 - 000000881 _____ C:\Users\petete\Desktop\CCleaner.lnk
2020-05-04 11:42 - 2020-05-04 11:42 - 001790024 _____ (Malwarebytes) C:\Users\petete\Desktop\JRT.exe
2020-05-04 10:15 - 2019-09-26 04:44 - 000166760 _____ (Samsung Electronics Co., Ltd.) C:\WINDOWS\system32\Drivers\ssudmdm.sys
2020-05-03 13:46 - 2020-05-03 13:46 - 000000000 ____D C:\Users\petete\AppData\LocalLow\Riot Games
2020-05-03 13:44 - 2020-05-03 13:44 - 000001609 _____ C:\Users\petete\Desktop\Legends of Runeterra.lnk
2020-05-03 13:44 - 2020-05-03 13:44 - 000000000 ____D C:\Users\petete\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Riot Games
2020-05-03 13:42 - 2020-05-03 13:43 - 068294336 _____ (Riot Games, Inc.) C:\Users\petete\Downloads\Legends_Of_Runeterra_Installer.exe
2020-05-02 18:17 - 2020-05-04 13:16 - 000000000 ____D C:\FRST
2020-05-02 17:15 - 2020-05-02 17:15 - 000020936 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2020-05-02 17:15 - 2020-05-02 17:15 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2020-05-02 17:04 - 2020-05-02 17:04 - 025306104 _____ (Piriform Software Ltd) C:\Users\petete\Downloads\ccsetup566.exe
2020-05-02 17:01 - 2020-05-04 10:14 - 000004210 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2020-05-02 17:01 - 2020-05-02 17:01 - 000002878 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC
2020-05-02 17:01 - 2020-05-02 17:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2020-05-02 17:01 - 2020-05-02 17:01 - 000000000 ____D C:\Program Files\CCleaner
2020-05-02 15:03 - 2020-05-02 15:03 - 000000000 ____D C:\Users\petete\AppData\Local\mbam
2020-05-02 14:31 - 2020-05-02 17:15 - 000153312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2020-05-02 14:31 - 2020-05-02 14:31 - 000000000 ____D C:\Users\petete\AppData\Local\mbamtray
2020-05-02 14:31 - 2020-05-02 14:31 - 000000000 ____D C:\Program Files\Malwarebytes
2020-05-02 14:30 - 2020-05-02 14:30 - 000000000 ____D C:\ProgramData\MB2Migration
2020-05-02 13:16 - 2020-05-02 13:16 - 000000000 ____D C:\Users\petete\AppData\Local\OneDrive
2020-05-01 22:22 - 2020-05-01 22:22 - 000000000 ____D C:\Users\petete\AppData\Roaming\Albion
2020-05-01 22:18 - 2020-05-01 22:18 - 000000000 ____D C:\Users\petete\AppData\LocalLow\Sandbox Interactive GmbH
2020-05-01 21:56 - 2020-05-01 21:56 - 000001255 _____ C:\Users\petete\Desktop\AlbionOnline.lnk
2020-05-01 21:56 - 2020-05-01 21:56 - 000000000 ____D C:\Users\petete\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Albion Online
2020-05-01 21:56 - 2020-05-01 21:56 - 000000000 ____D C:\Users\petete\AppData\Local\Sandbox Interactive GmbH
2020-05-01 21:56 - 2020-05-01 21:56 - 000000000 ____D C:\Users\petete\.QtWebEngineProcess
2020-05-01 21:56 - 2020-05-01 21:56 - 000000000 ____D C:\Users\petete\.Albion Online Launcher
2020-05-01 21:54 - 2020-05-01 21:56 - 000000000 ____D C:\Program Files (x86)\AlbionOnline
2020-05-01 21:53 - 2020-05-01 21:53 - 050022608 _____ C:\Users\petete\Downloads\albion-online-setup.exe
2020-04-29 12:59 - 2020-05-02 11:54 - 000000000 ____D C:\Users\petete\AppData\Roaming\discord
2020-04-29 12:59 - 2020-04-29 12:59 - 000002281 _____ C:\Users\petete\Desktop\Discord.lnk
2020-04-29 12:59 - 2020-04-29 12:59 - 000000000 ____D C:\Users\petete\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc
2020-04-29 12:58 - 2020-04-29 12:59 - 000000000 ____D C:\Users\petete\AppData\Local\Discord
2020-04-29 12:58 - 2020-04-29 12:58 - 062620472 _____ (Discord Inc.) C:\Users\petete\Downloads\DiscordSetup.exe
2020-04-24 20:05 - 2020-04-24 20:05 - 000681416 _____ C:\Users\petete\Downloads\retribuciones sanitarios madrid 2020.pdf
2020-04-24 19:43 - 2020-04-24 19:43 - 000017471 _____ C:\Users\petete\Downloads\nomina de marzo.pdf
2020-04-24 19:42 - 2020-04-24 19:42 - 000017588 _____ C:\Users\petete\Downloads\_95977~ldb42168m159412.pdf
2020-04-24 19:42 - 2020-04-24 19:42 - 000017523 _____ C:\Users\petete\Downloads\_95979~ldb42168m159411.pdf
2020-04-21 17:02 - 2020-04-21 17:02 - 000258864 _____ C:\Users\petete\Desktop\Documento.pdf
2020-04-15 11:49 - 2020-04-15 11:49 - 025444352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2020-04-15 11:49 - 2020-04-15 11:49 - 019850240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2020-04-15 11:49 - 2020-04-15 11:49 - 019812864 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramWorld.dll
2020-04-15 11:49 - 2020-04-15 11:49 - 018027520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2020-04-15 11:49 - 2020-04-15 11:49 - 007017472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2020-04-15 11:49 - 2020-04-15 11:49 - 005910016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2020-04-15 11:49 - 2020-04-15 11:49 - 004129624 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2020-04-15 11:49 - 2020-04-15 11:49 - 003512320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2020-04-15 11:49 - 2020-04-15 11:49 - 002951832 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2020-04-15 11:49 - 2020-04-15 11:49 - 002494744 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2020-04-15 11:49 - 2020-04-15 11:49 - 002369576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.AppAgent.dll
2020-04-15 11:49 - 2020-04-15 11:49 - 002188600 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystems64.dll
2020-04-15 11:49 - 2020-04-15 11:49 - 001870408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2020-04-15 11:49 - 2020-04-15 11:49 - 001659408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft.Uev.AppAgent.dll
2020-04-15 11:49 - 2020-04-15 11:49 - 001610240 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2020-04-15 11:49 - 2020-04-15 11:49 - 001495864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppVEntSubsystems32.dll
2020-04-15 11:49 - 2020-04-15 11:49 - 001386296 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystemController.dll
2020-04-15 11:49 - 2020-04-15 11:49 - 001310720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2020-04-15 11:49 - 2020-04-15 11:49 - 001264640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe
2020-04-15 11:49 - 2020-04-15 11:49 - 001151816 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2020-04-15 11:49 - 2020-04-15 11:49 - 001013000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2020-04-15 11:49 - 2020-04-15 11:49 - 000983040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll
2020-04-15 11:49 - 2020-04-15 11:49 - 000744960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.Office2013CustomActions.dll
2020-04-15 11:49 - 2020-04-15 11:49 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2020-04-15 11:49 - 2020-04-15 11:49 - 000689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2020-04-15 11:49 - 2020-04-15 11:49 - 000686080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2020-04-15 11:49 - 2020-04-15 11:49 - 000525312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsecedit.dll
2020-04-15 11:49 - 2020-04-15 11:49 - 000514560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft.Uev.Office2013CustomActions.dll
2020-04-15 11:49 - 2020-04-15 11:49 - 000456192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appwiz.cpl
2020-04-15 11:49 - 2020-04-15 11:49 - 000444416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSFlacDecoder.dll
2020-04-15 11:49 - 2020-04-15 11:49 - 000420152 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAudDecMFT.dll
2020-04-15 11:49 - 2020-04-15 11:49 - 000380416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSFlacDecoder.dll
2020-04-15 11:49 - 2020-04-15 11:49 - 000353792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2020-04-15 11:49 - 2020-04-15 11:49 - 000341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2020-04-15 11:49 - 2020-04-15 11:49 - 000321536 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbadmin.exe
2020-04-15 11:49 - 2020-04-15 11:49 - 000241152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msltus40.dll
2020-04-15 11:49 - 2020-04-15 11:49 - 000187392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iasrad.dll
2020-04-15 11:49 - 2020-04-15 11:49 - 000179200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.XamlHost.dll
2020-04-15 11:49 - 2020-04-15 11:49 - 000178176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srumsvc.dll
2020-04-15 11:49 - 2020-04-15 11:49 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IndexedDbLegacy.dll
2020-04-15 11:49 - 2020-04-15 11:49 - 000135168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.XamlHost.dll
2020-04-15 11:49 - 2020-04-15 11:49 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2020-04-15 11:49 - 2020-04-15 11:49 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll
2020-04-15 11:49 - 2020-04-15 11:49 - 000070144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll
2020-04-15 11:49 - 2020-04-15 11:49 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iasacct.dll
2020-04-15 11:49 - 2020-04-15 11:49 - 000050688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srumapi.dll
2020-04-15 11:49 - 2020-04-15 11:49 - 000045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.Office2010CustomActions.dll
2020-04-15 11:49 - 2020-04-15 11:49 - 000040448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iaspolcy.dll
2020-04-15 11:49 - 2020-04-15 11:49 - 000036352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft.Uev.Office2010CustomActions.dll
2020-04-15 11:49 - 2020-04-15 11:49 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msimsg.dll
2020-04-15 11:49 - 2020-04-15 11:49 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ias.dll
2020-04-15 11:48 - 2020-04-15 11:48 - 022636544 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2020-04-15 11:48 - 2020-04-15 11:48 - 014818816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2020-04-15 11:48 - 2020-04-15 11:48 - 009930552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2020-04-15 11:48 - 2020-04-15 11:48 - 008013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2020-04-15 11:48 - 2020-04-15 11:48 - 007756800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2020-04-15 11:48 - 2020-04-15 11:48 - 007604584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2020-04-15 11:48 - 2020-04-15 11:48 - 006523048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2020-04-15 11:48 - 2020-04-15 11:48 - 005040640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2020-04-15 11:48 - 2020-04-15 11:48 - 004611584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2020-04-15 11:48 - 2020-04-15 11:48 - 004563200 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2020-04-15 11:48 - 2020-04-15 11:48 - 004538880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2020-04-15 11:48 - 2020-04-15 11:48 - 003802624 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2020-04-15 11:48 - 2020-04-15 11:48 - 003753472 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2020-04-15 11:48 - 2020-04-15 11:48 - 003742544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneCoreUAPCommonProxyStub.dll
2020-04-15 11:48 - 2020-04-15 11:48 - 003547648 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2020-04-15 11:48 - 2020-04-15 11:48 - 002986808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2020-04-15 11:48 - 2020-04-15 11:48 - 002871608 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2020-04-15 11:48 - 2020-04-15 11:48 - 002800640 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSAT.exe
2020-04-15 11:48 - 2020-04-15 11:48 - 002800128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2020-04-15 11:48 - 2020-04-15 11:48 - 002767928 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2020-04-15 11:48 - 2020-04-15 11:48 - 002180408 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2020-04-15 11:48 - 2020-04-15 11:48 - 002086656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2020-04-15 11:48 - 2020-04-15 11:48 - 001999960 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2020-04-15 11:48 - 2020-04-15 11:48 - 001945600 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2020-04-15 11:48 - 2020-04-15 11:48 - 001835008 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2020-04-15 11:48 - 2020-04-15 11:48 - 001757096 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2020-04-15 11:48 - 2020-04-15 11:48 - 001729024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll
2020-04-15 11:48 - 2020-04-15 11:48 - 001726264 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2020-04-15 11:48 - 2020-04-15 11:48 - 001697792 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2020-04-15 11:48 - 2020-04-15 11:48 - 001665216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2020-04-15 11:48 - 2020-04-15 11:48 - 001664896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2020-04-15 11:48 - 2020-04-15 11:48 - 001646048 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2020-04-15 11:48 - 2020-04-15 11:48 - 001587712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2020-04-15 11:48 - 2020-04-15 11:48 - 001545216 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe
2020-04-15 11:48 - 2020-04-15 11:48 - 001512832 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2020-04-15 11:48 - 2020-04-15 11:48 - 001484384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2020-04-15 11:48 - 2020-04-15 11:48 - 001477112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll
2020-04-15 11:48 - 2020-04-15 11:48 - 001458688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2020-04-15 11:48 - 2020-04-15 11:48 - 001413840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2020-04-15 11:48 - 2020-04-15 11:48 - 001397576 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2020-04-15 11:48 - 2020-04-15 11:48 - 001368576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll
2020-04-15 11:48 - 2020-04-15 11:48 - 001368576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2020-04-15 11:48 - 2020-04-15 11:48 - 001300280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2020-04-15 11:48 - 2020-04-15 11:48 - 001261808 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2020-04-15 11:48 - 2020-04-15 11:48 - 001257472 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2020-04-15 11:48 - 2020-04-15 11:48 - 001245184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2020-04-15 11:48 - 2020-04-15 11:48 - 001243648 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2020-04-15 11:48 - 2020-04-15 11:48 - 001153024 _____ (Microsoft Corporation) C:\WINDOWS\system32\windowsperformancerecordercontrol.dll
2020-04-15 11:48 - 2020-04-15 11:48 - 001081856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Vpn.dll
2020-04-15 11:48 - 2020-04-15 11:48 - 001077064 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2020-04-15 11:48 - 2020-04-15 11:48 - 001055376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2020-04-15 11:48 - 2020-04-15 11:48 - 001009152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2020-04-15 11:48 - 2020-04-15 11:48 - 001008128 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2020-04-15 11:48 - 2020-04-15 11:48 - 000993280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSWorkspace.dll
2020-04-15 11:48 - 2020-04-15 11:48 - 000982840 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2020-04-15 11:48 - 2020-04-15 11:48 - 000980832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webservices.dll
2020-04-15 11:48 - 2020-04-15 11:48 - 000974336 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2020-04-15 11:48 - 2020-04-15 11:48 - 000924672 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2020-04-15 11:48 - 2020-04-15 11:48 - 000923136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2020-04-15 11:48 - 2020-04-15 11:48 - 000912896 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2020-04-15 11:48 - 2020-04-15 11:48 - 000892416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApiPublic.dll
2020-04-15 11:48 - 2020-04-15 11:48 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windowsperformancerecordercontrol.dll
2020-04-15 11:48 - 2020-04-15 11:48 - 000865280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2020-04-15 11:48 - 2020-04-15 11:48 - 000865280 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2020-04-15 11:48 - 2020-04-15 11:48 - 000840704 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Language.dll
2020-04-15 11:48 - 2020-04-15 11:48 - 000836608 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2020-04-15 11:48 - 2020-04-15 11:48 - 000835584 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll
2020-04-15 11:48 - 2020-04-15 11:48 - 000822208 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2020-04-15 11:48 - 2020-04-15 11:48 - 000811320 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2020-04-15 11:48 - 2020-04-15 11:48 - 000785920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2020-04-15 11:48 - 2020-04-15 11:48 - 000783480 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2020-04-15 11:48 - 2020-04-15 11:48 - 000775696 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2020-04-15 11:48 - 2020-04-15 11:48 - 000772096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2020-04-15 11:48 - 2020-04-15 11:48 - 000768528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2020-04-15 11:48 - 2020-04-15 11:48 - 000759272 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskschd.dll
2020-04-15 11:48 - 2020-04-15 11:48 - 000747320 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2020-04-15 11:48 - 2020-04-15 11:48 - 000729600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FlightSettings.dll
2020-04-15 11:48 - 2020-04-15 11:48 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BTAGService.dll
2020-04-15 11:48 - 2020-04-15 11:48 - 000673704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2020-04-15 11:48 - 2020-04-15 11:48 - 000673464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2020-04-15 11:48 - 2020-04-15 11:48 - 000668672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsecedit.dll
2020-04-15 11:48 - 2020-04-15 11:48 - 000665088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2020-04-15 11:48 - 2020-04-15 11:48 - 000647680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2020-04-15 11:48 - 2020-04-15 11:48 - 000638480 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2020-04-15 11:48 - 2020-04-15 11:48 - 000632832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2020-04-15 11:48 - 2020-04-15 11:48 - 000629760 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll
2020-04-15 11:48 - 2020-04-15 11:48 - 000628616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2020-04-15 11:48 - 2020-04-15 11:48 - 000618296 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2020-04-15 11:48 - 2020-04-15 11:48 - 000604984 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2020-04-15 11:48 - 2020-04-15 11:48 - 000595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2020-04-15 11:48 - 2020-04-15 11:48 - 000561464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2020-04-15 11:48 - 2020-04-15 11:48 - 000555008 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2020-04-15 11:48 - 2020-04-15 11:48 - 000538160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2020-04-15 11:48 - 2020-04-15 11:48 - 000532480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2020-04-15 11:48 - 2020-04-15 11:48 - 000530432 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2020-04-15 11:48 - 2020-04-15 11:48 - 000529408 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe
2020-04-15 11:48 - 2020-04-15 11:48 - 000515600 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2020-04-15 11:48 - 2020-04-15 11:48 - 000513576 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2020-04-15 11:48 - 2020-04-15 11:48 - 000510792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64win.dll
2020-04-15 11:48 - 2020-04-15 11:48 - 000507152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskschd.dll
2020-04-15 11:48 - 2020-04-15 11:48 - 000498688 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll
2020-04-15 11:48 - 2020-04-15 11:48 - 000497152 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2020-04-15 11:48 - 2020-04-15 11:48 - 000491008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppcext.dll
2020-04-15 11:48 - 2020-04-15 11:48 - 000487784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\advapi32.dll
2020-04-15 11:48 - 2020-04-15 11:48 - 000477496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2020-04-15 11:48 - 2020-04-15 11:48 - 000465208 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2020-04-15 11:48 - 2020-04-15 11:48 - 000456504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2020-04-15 11:48 - 2020-04-15 11:48 - 000452096 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpclip.exe
2020-04-15 11:48 - 2020-04-15 11:48 - 000415760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2020-04-15 11:48 - 2020-04-15 11:48 - 000410112 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2020-04-15 11:48 - 2020-04-15 11:48 - 000406480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Enumeration.dll
2020-04-15 11:48 - 2020-04-15 11:48 - 000401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\es.dll
2020-04-15 11:48 - 2020-04-15 11:48 - 000381440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntshrui.dll
2020-04-15 11:48 - 2020-04-15 11:48 - 000343552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpr.exe
2020-04-15 11:48 - 2020-04-15 11:48 - 000336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\es.dll
2020-04-15 11:48 - 2020-04-15 11:48 - 000330240 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
2020-04-15 11:48 - 2020-04-15 11:48 - 000324408 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2020-04-15 11:48 - 2020-04-15 11:48 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2020-04-15 11:48 - 2020-04-15 11:48 - 000323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcommdlg.dll
2020-04-15 11:48 - 2020-04-15 11:48 - 000277864 _____ (Microsoft Corporation) C:\WINDOWS\system32\LsaIso.exe
2020-04-15 11:48 - 2020-04-15 11:48 - 000277504 _____ (Microsoft Corporation) C:\WINDOWS\system32\scecli.dll
2020-04-15 11:48 - 2020-04-15 11:48 - 000268008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2020-04-15 11:48 - 2020-04-15 11:48 - 000259776 _____ (Microsoft Corporation) C:\WINDOWS\system32\logoncli.dll
2020-04-15 11:48 - 2020-04-15 11:48 - 000251704 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinesam.dll
2020-04-15 11:48 - 2020-04-15 11:48 - 000234496 _____ (Microsoft Corporation) C:\WINDOWS\system32\iasrad.dll
2020-04-15 11:48 - 2020-04-15 11:48 - 000227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\IndexedDbLegacy.dll
2020-04-15 11:48 - 2020-04-15 11:48 - 000225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersShell.dll
2020-04-15 11:48 - 2020-04-15 11:48 - 000214528 _____ (Microsoft Corporation) C:\WINDOWS\system32\srumsvc.dll
2020-04-15 11:48 - 2020-04-15 11:48 - 000214016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scecli.dll
2020-04-15 11:48 - 2020-04-15 11:48 - 000211256 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcbloader.dll
2020-04-15 11:48 - 2020-04-15 11:48 - 000203264 _____ (Microsoft Corporation) C:\WINDOWS\system32\LanguageComponentsInstaller.dll
2020-04-15 11:48 - 2020-04-15 11:48 - 000197632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Win32CompatibilityAppraiserCSP.dll
2020-04-15 11:48 - 2020-04-15 11:48 - 000190048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\logoncli.dll
2020-04-15 11:48 - 2020-04-15 11:48 - 000185952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceaccess.dll
2020-04-15 11:48 - 2020-04-15 11:48 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallServiceTasks.dll
2020-04-15 11:48 - 2020-04-15 11:48 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2020-04-15 11:48 - 2020-04-15 11:48 - 000178192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2020-04-15 11:48 - 2020-04-15 11:48 - 000164368 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2020-04-15 11:48 - 2020-04-15 11:48 - 000163840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2020-04-15 11:48 - 2020-04-15 11:48 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2020-04-15 11:48 - 2020-04-15 11:48 - 000147696 _____ (Microsoft Corporation) C:\WINDOWS\system32\smss.exe
2020-04-15 11:48 - 2020-04-15 11:48 - 000142544 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingUI.exe
2020-04-15 11:48 - 2020-04-15 11:48 - 000140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\slc.dll
2020-04-15 11:48 - 2020-04-15 11:48 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
2020-04-15 11:48 - 2020-04-15 11:48 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2020-04-15 11:48 - 2020-04-15 11:48 - 000136192 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppc.dll
2020-04-15 11:48 - 2020-04-15 11:48 - 000130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorageUsage.dll
2020-04-15 11:48 - 2020-04-15 11:48 - 000125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2020-04-15 11:48 - 2020-04-15 11:48 - 000123952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KerbClientShared.dll
2020-04-15 11:48 - 2020-04-15 11:48 - 000122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\samlib.dll
2020-04-15 11:48 - 2020-04-15 11:48 - 000118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\slc.dll
2020-04-15 11:48 - 2020-04-15 11:48 - 000115120 _____ (Microsoft Corporation) C:\WINDOWS\system32\phoneactivate.exe
2020-04-15 11:48 - 2020-04-15 11:48 - 000105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\utcutil.dll
2020-04-15 11:48 - 2020-04-15 11:48 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFolders.exe
2020-04-15 11:48 - 2020-04-15 11:48 - 000102216 _____ (Microsoft Corporation) C:\WINDOWS\system32\changepk.exe
2020-04-15 11:48 - 2020-04-15 11:48 - 000101888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppc.dll
2020-04-15 11:48 - 2020-04-15 11:48 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2020-04-15 11:48 - 2020-04-15 11:48 - 000093712 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2020-04-15 11:48 - 2020-04-15 11:48 - 000090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
2020-04-15 11:48 - 2020-04-15 11:48 - 000089336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2020-04-15 11:48 - 2020-04-15 11:48 - 000087552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dot3api.dll
2020-04-15 11:48 - 2020-04-15 11:48 - 000087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dot3msm.dll
2020-04-15 11:48 - 2020-04-15 11:48 - 000087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\iasacct.dll
2020-04-15 11:48 - 2020-04-15 11:48 - 000084280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2020-04-15 11:48 - 2020-04-15 11:48 - 000071680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Custom.dll
2020-04-15 11:48 - 2020-04-15 11:48 - 000071480 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll
2020-04-15 11:48 - 2020-04-15 11:48 - 000066624 _____ (Microsoft Corporation) C:\WINDOWS\system32\iumcrypt.dll
2020-04-15 11:48 - 2020-04-15 11:48 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcadm.dll
2020-04-15 11:48 - 2020-04-15 11:48 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\srumapi.dll
2020-04-15 11:48 - 2020-04-15 11:48 - 000060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
2020-04-15 11:48 - 2020-04-15 11:48 - 000058880 _____ C:\WINDOWS\system32\runexehelper.exe
2020-04-15 11:48 - 2020-04-15 11:48 - 000051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcalua.exe
2020-04-15 11:48 - 2020-04-15 11:48 - 000050544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudNotifications.exe
2020-04-15 11:48 - 2020-04-15 11:48 - 000050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\iaspolcy.dll
2020-04-15 11:48 - 2020-04-15 11:48 - 000049152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tbauth.dll
2020-04-15 11:48 - 2020-04-15 11:48 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf3216.dll
2020-04-15 11:48 - 2020-04-15 11:48 - 000043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpgradeResultsUI.exe
2020-04-15 11:48 - 2020-04-15 11:48 - 000036152 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2020-04-15 11:48 - 2020-04-15 11:48 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\sxssrv.dll
2020-04-15 11:48 - 2020-04-15 11:48 - 000033080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hwpolicy.sys
2020-04-15 11:48 - 2020-04-15 11:48 - 000031744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wksprtPS.dll
2020-04-15 11:48 - 2020-04-15 11:48 - 000031744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ias.dll
2020-04-15 11:48 - 2020-04-15 11:48 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cmintegrator.dll
2020-04-15 11:48 - 2020-04-15 11:48 - 000029184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerCookies.exe
2020-04-15 11:48 - 2020-04-15 11:48 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimsg.dll
2020-04-15 11:48 - 2020-04-15 11:48 - 000022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\slcext.dll
2020-04-15 11:48 - 2020-04-15 11:48 - 000021520 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdhvcom.dll
2020-04-15 11:48 - 2020-04-15 11:48 - 000019968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\slcext.dll
2020-04-15 11:48 - 2020-04-15 11:48 - 000017920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wksprtPS.dll
2020-04-15 11:48 - 2020-04-15 11:48 - 000017920 _____ (Microsoft Corporation) C:\WINDOWS\system32\icsunattend.exe
2020-04-15 11:48 - 2020-04-15 11:48 - 000015872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Custom.ps.dll
2020-04-15 11:48 - 2020-04-15 11:48 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\dciman32.dll
2020-04-15 11:48 - 2020-04-15 11:48 - 000012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcaevts.dll
2020-04-15 11:48 - 2020-04-15 11:48 - 000012288 _____ (Microsoft Corporation) C:\WINDOWS\system32\pacjsworker.exe
2020-04-15 11:48 - 2020-04-15 11:48 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dciman32.dll
2020-04-15 11:48 - 2020-04-15 11:48 - 000010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMAlertListener.ProxyStub.dll
2020-04-15 11:48 - 2020-04-15 11:48 - 000008192 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimg32.dll
2020-04-15 11:48 - 2020-04-15 11:48 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DMAlertListener.ProxyStub.dll
2020-04-15 11:48 - 2020-04-15 11:48 - 000007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msimg32.dll
2020-04-15 11:48 - 2020-04-15 11:48 - 000003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpk.dll
2020-04-15 11:48 - 2020-04-15 11:48 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\lpk.dll
2020-04-15 11:48 - 2020-04-15 11:48 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth9.bin
2020-04-15 11:48 - 2020-04-15 11:48 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2020-04-15 11:48 - 2020-04-15 11:48 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2020-04-15 11:48 - 2020-04-15 11:48 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2020-04-15 11:48 - 2020-04-15 11:48 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2020-04-15 11:48 - 2020-04-15 11:48 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2020-04-15 11:48 - 2020-04-15 11:48 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2020-04-15 11:48 - 2020-04-15 11:48 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2020-04-15 11:48 - 2020-04-15 11:48 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth12.bin
2020-04-15 11:48 - 2020-04-15 11:48 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth11.bin
2020-04-15 11:48 - 2020-04-15 11:48 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth10.bin
2020-04-15 11:48 - 2020-04-15 11:48 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2020-04-15 11:47 - 2020-04-15 11:47 - 017790464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2020-04-15 11:47 - 2020-04-15 11:47 - 007849216 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2020-04-15 11:47 - 2020-04-15 11:47 - 006168064 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2020-04-15 11:47 - 2020-04-15 11:47 - 003980800 _____ (Microsoft Corporation) C:\WINDOWS\system32\tellib.dll
2020-04-15 11:47 - 2020-04-15 11:47 - 003729408 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2020-04-15 11:47 - 2020-04-15 11:47 - 003708928 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2020-04-15 11:47 - 2020-04-15 11:47 - 003587384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2020-04-15 11:47 - 2020-04-15 11:47 - 003109376 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2020-04-15 11:47 - 2020-04-15 11:47 - 002717184 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2020-04-15 11:47 - 2020-04-15 11:47 - 002453504 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll
2020-04-15 11:47 - 2020-04-15 11:47 - 002131456 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcDesktopMonSvc.dll
2020-04-15 11:47 - 2020-04-15 11:47 - 002126144 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2020-04-15 11:47 - 2020-04-15 11:47 - 002114560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
2020-04-15 11:47 - 2020-04-15 11:47 - 001960448 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2020-04-15 11:47 - 2020-04-15 11:47 - 001942528 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2020-04-15 11:47 - 2020-04-15 11:47 - 001918976 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2020-04-15 11:47 - 2020-04-15 11:47 - 001783296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2020-04-15 11:47 - 2020-04-15 11:47 - 001764336 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2020-04-15 11:47 - 2020-04-15 11:47 - 001762816 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2020-04-15 11:47 - 2020-04-15 11:47 - 001719808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
2020-04-15 11:47 - 2020-04-15 11:47 - 001656904 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2020-04-15 11:47 - 2020-04-15 11:47 - 001612800 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2020-04-15 11:47 - 2020-04-15 11:47 - 001603584 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2020-04-15 11:47 - 2020-04-15 11:47 - 001497600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2020-04-15 11:47 - 2020-04-15 11:47 - 001480192 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocoreworker.exe
2020-04-15 11:47 - 2020-04-15 11:47 - 001427456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Vpn.dll
2020-04-15 11:47 - 2020-04-15 11:47 - 001413704 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2020-04-15 11:47 - 2020-04-15 11:47 - 001378528 _____ (Microsoft Corporation) C:\WINDOWS\system32\webservices.dll
2020-04-15 11:47 - 2020-04-15 11:47 - 001318912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2020-04-15 11:47 - 2020-04-15 11:47 - 001263856 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2020-04-15 11:47 - 2020-04-15 11:47 - 001180672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2020-04-15 11:47 - 2020-04-15 11:47 - 001136128 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll
2020-04-15 11:47 - 2020-04-15 11:47 - 001127424 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcRefreshTask.dll
2020-04-15 11:47 - 2020-04-15 11:47 - 001083904 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2020-04-15 11:47 - 2020-04-15 11:47 - 001071616 _____ (Microsoft Corporation) C:\WINDOWS\system32\BTAGService.dll
2020-04-15 11:47 - 2020-04-15 11:47 - 001011200 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2020-04-15 11:47 - 2020-04-15 11:47 - 000915192 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2020-04-15 11:47 - 2020-04-15 11:47 - 000893952 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll
2020-04-15 11:47 - 2020-04-15 11:47 - 000879616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Service.dll
2020-04-15 11:47 - 2020-04-15 11:47 - 000874296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2020-04-15 11:47 - 2020-04-15 11:47 - 000735744 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2020-04-15 11:47 - 2020-04-15 11:47 - 000722072 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2020-04-15 11:47 - 2020-04-15 11:47 - 000684560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2020-04-15 11:47 - 2020-04-15 11:47 - 000654912 _____ (Microsoft Corporation) C:\WINDOWS\system32\advapi32.dll
2020-04-15 11:47 - 2020-04-15 11:47 - 000637240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2020-04-15 11:47 - 2020-04-15 11:47 - 000605184 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2020-04-15 11:47 - 2020-04-15 11:47 - 000589384 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2020-04-15 11:47 - 2020-04-15 11:47 - 000550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2020-04-15 11:47 - 2020-04-15 11:47 - 000524264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Enumeration.dll
2020-04-15 11:47 - 2020-04-15 11:47 - 000516096 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2020-04-15 11:47 - 2020-04-15 11:47 - 000469504 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2020-04-15 11:47 - 2020-04-15 11:47 - 000459688 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2020-04-15 11:47 - 2020-04-15 11:47 - 000441144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2020-04-15 11:47 - 2020-04-15 11:47 - 000437560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2020-04-15 11:47 - 2020-04-15 11:47 - 000416016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2020-04-15 11:47 - 2020-04-15 11:47 - 000408064 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2020-04-15 11:47 - 2020-04-15 11:47 - 000374784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncbservice.dll
2020-04-15 11:47 - 2020-04-15 11:47 - 000355840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicSvc.dll
2020-04-15 11:47 - 2020-04-15 11:47 - 000355328 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcApi.dll
2020-04-15 11:47 - 2020-04-15 11:47 - 000339304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2020-04-15 11:47 - 2020-04-15 11:47 - 000297272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2020-04-15 11:47 - 2020-04-15 11:47 - 000285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicCapsule.dll
2020-04-15 11:47 - 2020-04-15 11:47 - 000278016 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcTok.exe
2020-04-15 11:47 - 2020-04-15 11:47 - 000268288 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3svc.dll
2020-04-15 11:47 - 2020-04-15 11:47 - 000265216 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2020-04-15 11:47 - 2020-04-15 11:47 - 000259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\VPNv2CSP.dll
2020-04-15 11:47 - 2020-04-15 11:47 - 000256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateDeploymentProvider.dll
2020-04-15 11:47 - 2020-04-15 11:47 - 000251392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winnat.sys
2020-04-15 11:47 - 2020-04-15 11:47 - 000241152 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanagerprecheck.dll
2020-04-15 11:47 - 2020-04-15 11:47 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallServiceTasks.dll
2020-04-15 11:47 - 2020-04-15 11:47 - 000231912 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll
2020-04-15 11:47 - 2020-04-15 11:47 - 000200192 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2020-04-15 11:47 - 2020-04-15 11:47 - 000193848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2020-04-15 11:47 - 2020-04-15 11:47 - 000169472 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpatialAudioLicenseSrv.exe
2020-04-15 11:47 - 2020-04-15 11:47 - 000158720 _____ (Microsoft Corporation) C:\WINDOWS\system32\umpo.dll
2020-04-15 11:47 - 2020-04-15 11:47 - 000152408 _____ (Microsoft Corporation) C:\WINDOWS\system32\KerbClientShared.dll
2020-04-15 11:47 - 2020-04-15 11:47 - 000151352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\scmbus.sys
2020-04-15 11:47 - 2020-04-15 11:47 - 000129024 _____ (Microsoft Corporation) C:\WINDOWS\system32\UtcDecoderHost.exe
2020-04-15 11:47 - 2020-04-15 11:47 - 000127280 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2020-04-15 11:47 - 2020-04-15 11:47 - 000108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanprotdim.dll
2020-04-15 11:47 - 2020-04-15 11:47 - 000103936 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3msm.dll
2020-04-15 11:47 - 2020-04-15 11:47 - 000096768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Custom.dll
2020-04-15 11:47 - 2020-04-15 11:47 - 000092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3api.dll
2020-04-15 11:47 - 2020-04-15 11:47 - 000089912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volmgr.sys
2020-04-15 11:47 - 2020-04-15 11:47 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicAgent.exe
2020-04-15 11:47 - 2020-04-15 11:47 - 000088352 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll
2020-04-15 11:47 - 2020-04-15 11:47 - 000076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\autopilot.dll
2020-04-15 11:47 - 2020-04-15 11:47 - 000070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.EnrollmentStatusTracking.ConfigProvider.dll
2020-04-15 11:47 - 2020-04-15 11:47 - 000070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\keepaliveprovider.dll
2020-04-15 11:47 - 2020-04-15 11:47 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\tbauth.dll
2020-04-15 11:47 - 2020-04-15 11:47 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudNotifications.exe
2020-04-15 11:47 - 2020-04-15 11:47 - 000059192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storufs.sys
2020-04-15 11:47 - 2020-04-15 11:47 - 000057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2020-04-15 11:47 - 2020-04-15 11:47 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\audioresourceregistrar.dll
2020-04-15 11:47 - 2020-04-15 11:47 - 000047000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2020-04-15 11:47 - 2020-04-15 11:47 - 000045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\cmintegrator.dll
2020-04-15 11:47 - 2020-04-15 11:47 - 000044032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.Common.dll
2020-04-15 11:47 - 2020-04-15 11:47 - 000043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiredNetworkCSP.dll
2020-04-15 11:47 - 2020-04-15 11:47 - 000039424 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcProxyStubs.dll
2020-04-15 11:47 - 2020-04-15 11:47 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerCookies.exe
2020-04-15 11:47 - 2020-04-15 11:47 - 000030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\KNetPwrDepBroker.sys
2020-04-15 11:47 - 2020-04-15 11:47 - 000028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicPS.dll
2020-04-15 11:47 - 2020-04-15 11:47 - 000028160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\flpydisk.sys
2020-04-15 11:47 - 2020-04-15 11:47 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Custom.ps.dll
2020-04-15 11:47 - 2020-04-15 11:47 - 000022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\sbservicetrigger.dll
2020-04-15 11:47 - 2020-04-15 11:47 - 000018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sfloppy.sys
2020-04-15 11:06 - 2020-04-15 11:06 - 006230072 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerInstaller.exe
2020-04-15 11:01 - 2020-04-15 11:02 - 000492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2020-04-15 11:01 - 2020-04-15 11:02 - 000390656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2020-04-08 21:23 - 2020-04-08 21:28 - 000000000 ____D C:\Users\petete\Documents\Path of Building
2020-04-08 21:22 - 2020-04-08 21:23 - 000000000 ____D C:\ProgramData\Path of Building
2020-04-08 21:22 - 2020-04-08 21:22 - 000001176 _____ C:\Users\Public\Desktop\Path of Building.lnk
2020-04-08 21:22 - 2020-04-08 21:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Path of Building
2020-04-08 21:22 - 2020-04-08 21:22 - 000000000 ____D C:\Program Files (x86)\Path of Building
2020-04-08 21:10 - 2020-04-08 21:11 - 000000000 ____D C:\Users\petete\Documents\Visual Studio 2005
2020-04-08 21:06 - 2020-04-08 21:07 - 000009538 _____ C:\Users\petete\Desktop\Nuevo documento de texto.txt
2020-04-08 16:42 - 2020-05-03 17:04 - 000002283 _____ C:\Users\petete\Desktop\Blitz.lnk
2020-04-08 16:42 - 2020-04-11 11:29 - 000000000 ____D C:\Users\petete\AppData\Local\blitz-updater
2020-04-08 16:42 - 2020-04-08 16:42 - 000002291 _____ C:\Users\petete\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Blitz.lnk
2020-04-08 10:05 - 2020-04-08 10:05 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2020-04-07 22:12 - 2020-04-16 09:41 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2020-04-07 13:04 - 2020-04-07 13:04 - 001227949 _____ C:\Users\petete\Downloads\Manual_Style_(ES-PT-EN-IT)_161121.pdf
2020-04-06 21:37 - 2020-04-06 21:37 - 000099512 _____ C:\Users\petete\Downloads\CONSIDERACION JUEVES Y VIERNES SANTO COVID-19_18375332.pdf
==================== Un mes (modificado) ==================
(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)
2020-05-04 13:08 - 2014-09-02 00:59 - 000000000 ____D C:\ProgramData\NVIDIA
2020-05-04 13:05 - 2019-03-19 06:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-05-04 12:57 - 2019-10-02 00:08 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-05-04 12:31 - 2019-03-19 06:50 - 000000000 ____D C:\WINDOWS\INF
2020-05-04 12:29 - 2016-12-07 18:04 - 000000000 ____D C:\Users\petete\AppData\LocalLow\Mozilla
2020-05-04 11:11 - 2019-10-02 00:38 - 000004210 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{8BB06305-C263-41F7-A6B8-B269FE2E88D5}
2020-05-03 18:11 - 2016-07-21 22:17 - 000000000 ___RD C:\Users\petete\OneDrive
2020-05-03 17:04 - 2020-03-25 17:59 - 000000000 ____D C:\Users\petete\AppData\Roaming\Blitz
2020-05-03 16:45 - 2014-10-17 01:01 - 000000000 ____D C:\Program Files (x86)\Java
2020-05-03 13:46 - 2019-12-22 12:14 - 000000000 ____D C:\Users\petete\AppData\Local\Riot Games
2020-05-03 13:44 - 2017-06-26 12:57 - 000001681 _____ C:\Users\Public\Desktop\League of Legends.lnk
2020-05-03 13:44 - 2017-06-26 12:57 - 000000000 ____D C:\Riot Games
2020-05-02 21:25 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-05-02 17:55 - 2014-09-02 00:07 - 000000000 ____D C:\Users\petete\AppData\Roaming\vlc
2020-05-02 17:15 - 2019-03-19 06:52 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2020-05-02 17:09 - 2020-03-20 22:07 - 000000000 ____D C:\Program Files (x86)\Steam
2020-05-02 17:09 - 2015-06-04 18:28 - 000000000 ____D C:\Users\petete\AppData\Roaming\TS3Client
2020-05-02 17:09 - 2015-02-11 16:37 - 000000000 ____D C:\Program Files (x86)\PDFCreator
2020-05-02 17:09 - 2014-10-28 13:00 - 000000000 ____D C:\Users\petete\AppData\Roaming\PhotoScape
2020-05-02 17:09 - 2014-09-17 12:25 - 000000000 ____D C:\Users\petete\AppData\Roaming\uTorrent
2020-05-02 17:08 - 2019-09-16 21:53 - 000000000 ___DC C:\WINDOWS\Panther
2020-05-02 17:08 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2020-05-02 17:08 - 2015-11-12 14:34 - 000000000 ____D C:\Users\petete\AppData\Local\CrashDumps
2020-05-02 16:51 - 2019-03-19 06:37 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2020-05-02 15:23 - 2019-10-02 00:38 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-05-02 15:22 - 2019-03-19 06:37 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2020-05-02 14:31 - 2016-07-21 17:05 - 000000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2020-05-02 14:31 - 2015-01-28 12:35 - 000000000 ____D C:\ProgramData\Malwarebytes
2020-05-02 13:32 - 2015-11-05 16:22 - 000000000 ____D C:\Users\petete\AppData\Local\Lenovo
2020-05-01 23:55 - 2019-03-19 06:52 - 000000000 ___HD C:\Program Files\WindowsApps
2020-05-01 22:17 - 2018-03-27 13:26 - 000000000 ____D C:\Users\petete\AppData\Roaming\EasyAntiCheat
2020-05-01 22:04 - 2014-09-04 21:01 - 000000000 ____D C:\juegos
2020-05-01 21:56 - 2019-10-02 00:20 - 000000000 ____D C:\Users\petete
2020-05-01 21:55 - 2015-11-11 15:09 - 000000000 ____D C:\ProgramData\Package Cache
2020-05-01 16:35 - 2018-02-16 12:14 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2020-04-29 12:59 - 2020-03-25 17:58 - 000000000 ____D C:\Users\petete\AppData\Local\SquirrelTemp
2020-04-28 10:38 - 2014-09-01 23:59 - 000002299 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-04-24 20:24 - 2016-02-19 16:24 - 000000000 ____D C:\Users\petete\AppData\Local\Might & Magic Heroes Online
2020-04-23 14:57 - 2016-10-10 18:14 - 000000000 ____D C:\Users\petete\.afirma
2020-04-22 10:23 - 2019-10-02 00:30 - 002012042 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-04-22 10:23 - 2019-03-19 13:59 - 000864082 _____ C:\WINDOWS\system32\perfh00A.dat
2020-04-22 10:23 - 2019-03-19 13:59 - 000186264 _____ C:\WINDOWS\system32\perfc00A.dat
2020-04-21 11:47 - 2019-10-22 19:41 - 000000000 ____D C:\Users\petete\Downloads\MEmu Download
2020-04-21 11:09 - 2019-10-22 19:40 - 000000000 ____D C:\Users\petete\.MemuHyperv
2020-04-20 16:02 - 2018-02-16 11:58 - 000000000 ____D C:\Users\petete\AppData\Local\Packages
2020-04-18 16:01 - 2019-10-02 00:38 - 000003370 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1718926927-2883716816-2102457450-1000
2020-04-18 16:01 - 2019-10-02 00:20 - 000002443 _____ C:\Users\petete\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-04-16 09:42 - 2019-10-02 00:08 - 000442016 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-04-16 09:41 - 2015-10-28 21:02 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2020-04-15 13:30 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\SystemResources
2020-04-15 13:30 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2020-04-15 13:30 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\migwiz
2020-04-15 13:29 - 2019-03-19 14:01 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2020-04-15 13:29 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\ShellExperiences
2020-04-15 13:29 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\Provisioning
2020-04-15 13:29 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2020-04-15 13:29 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\bcastdvr
2020-04-15 11:55 - 2019-03-19 06:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-04-15 11:08 - 2019-10-02 00:38 - 000004608 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player NPAPI Notifier
2020-04-15 11:07 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\Macromed
2020-04-15 11:06 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2020-04-08 21:23 - 2014-09-02 00:59 - 000000000 ____D C:\Users\petete\AppData\Local\NVIDIA
2020-04-08 21:11 - 2018-05-19 11:05 - 000000000 ____D C:\Users\petete\AppData\Local\Microsoft Help
2020-04-08 18:12 - 2019-10-09 21:16 - 000000000 ____D C:\Users\petete\Desktop\evo bank
2020-04-08 16:41 - 2020-03-25 18:00 - 000000000 ____D C:\Users\petete\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Blitz Inc
2020-04-08 16:41 - 2020-03-25 17:58 - 000000000 ____D C:\Users\petete\AppData\Local\Blitz
2020-04-08 10:04 - 2015-10-28 21:02 - 000001163 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2020-04-07 10:18 - 2018-05-15 08:09 - 000000000 ____D C:\Users\petete\Desktop\antiguos documentos movil
2020-04-07 10:17 - 2020-03-14 19:14 - 000025693 _____ C:\Users\petete\Desktop\Control de temperatura HSC.xlsx
2020-04-07 10:11 - 2019-11-15 21:34 - 000000000 ____D C:\Users\petete\Desktop\experto supervisor
2020-04-05 13:35 - 2014-11-25 14:16 - 000000000 ____D C:\Users\petete\Desktop\ibis y declaraciones
2020-04-04 10:22 - 2020-04-01 21:19 - 000000000 ____D C:\Users\petete\Desktop\documentos declaración
==================== Archivos en la raíz de algunos directorios ========
2015-10-09 22:55 - 2015-10-09 22:55 - 000000000 ____H () C:\Users\petete\AppData\Local\BIT93A8.tmp
2014-11-18 01:47 - 2014-11-18 01:51 - 000004608 _____ () C:\Users\petete\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-09-02 00:03 - 2016-07-21 17:39 - 000007621 _____ () C:\Users\petete\AppData\Local\Resmon.ResmonCfg
2015-10-09 22:55 - 2015-10-09 22:55 - 000000000 _____ () C:\Users\petete\AppData\Local\{0CA78415-34E9-4730-8A7E-AC2273D834EC}
==================== SigCheck ============================
(No existe una corrección automática para los archivos que no pasan la verificación.)
==================== Final de FRST.txt ========================
y audition
Resultados del Análisis Adicional de Farbar Recovery Scan Tool (x64) Versión: 03-05-2020
Ejecutado por petete (04-05-2020 13:18:11)
Ejecutado desde C:\Users\petete\Desktop
Windows 10 Pro Versión 1903 18362.778 (X64) (2019-10-01 22:40:16)
Modo de Inicio: Normal
==========================================================
==================== Cuentas: =============================
Administrador (S-1-5-21-1718926927-2883716816-2102457450-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1718926927-2883716816-2102457450-503 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1718926927-2883716816-2102457450-1002 - Limited - Enabled)
Invitado (S-1-5-21-1718926927-2883716816-2102457450-501 - Limited - Disabled)
petete (S-1-5-21-1718926927-2883716816-2102457450-1000 - Administrator - Enabled) => C:\Users\petete
WDAGUtilityAccount (S-1-5-21-1718926927-2883716816-2102457450-504 - Limited - Disabled)
==================== Centro de Seguridad ========================
(Si una entrada es incluida en el fixlist, será eliminada.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
==================== Programas instalados ======================
(Solo los programas de adware con indicador "Oculto", pueden ser añadidos al fixlist para hacerlos visibles. Los programas adware deben ser desinstalados manualmente.)
µTorrent (HKU\S-1-5-21-1718926927-2883716816-2102457450-1000\...\uTorrent) (Version: 3.4.2.38913 - BitTorrent Inc.)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Actualización de NVIDIA 2.9.0.48 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 2.9.0.48 - NVIDIA Corporation)
Adobe Acrobat Reader DC - Español (HKLM-x32\...\{AC76BA86-7AD7-1034-7B44-AC0F074E4100}) (Version: 20.006.20042 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.363 - Adobe)
Albion Online (HKLM-x32\...\SandboxAlbionOnline) (Version: - Sandbox Interactive GmbH)
AutoFirma (HKLM-x32\...\AutoFirma) (Version: 1.6.5 - Gobierno de España)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Blitz 1.8.4 (HKU\S-1-5-21-1718926927-2883716816-2102457450-1000\...\153f8ce0-b97a-575b-ba12-4ff8b1481894) (Version: 1.8.4 - Blitz Inc.)
calibre 64bit (HKLM\...\{39CE621D-C455-4054-8824-712AAAE0C60C}) (Version: 2.22.0 - Kovid Goyal)
CCleaner (HKLM\...\CCleaner) (Version: 5.66 - Piriform)
Configurador_FNMT (HKLM-x32\...\{438D4C4C-B703-4971-9C3D-33FF8A010ADB}) (Version: 3.7 - FNMT-RCM)
Discord (HKU\S-1-5-21-1718926927-2883716816-2102457450-1000\...\Discord) (Version: 0.0.306 - Discord Inc.)
Divinity Original Sin 2 Definitive Edition (HKLM-x32\...\Divinity Original Sin 2 Definitive Edition_is1) (Version: - )
Dragons Dogma Dark Arisen (HKLM-x32\...\Dragons Dogma Dark Arisen_is1) (Version: - )
Driver Easy 5.6.3 (HKLM\...\DriverEasy_is1) (Version: 5.6.3 - Easeware)
Epic Games Launcher (HKLM-x32\...\{BF267CB6-EC73-4AA9-991E-7BEA0B87419B}) (Version: 1.1.144.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
GFExperience.Deployer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.Deployer) (Version: 3.19.0.107 - NVIDIA Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 81.0.4044.129 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
IVA 2016 1.00 (HKLM-x32\...\6663-8884-0599-8584) (Version: 1.00 - AEAT)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
League of Legends (HKLM-x32\...\{62292933-30AF-4962-B6BB-59191D386D94}) (Version: 4.2.1 - Riot Games) Hidden
League of Legends (HKLM-x32\...\League of Legends 4.2.1) (Version: 4.2.1 - Riot Games)
Legends of Runeterra (HKU\S-1-5-21-1718926927-2883716816-2102457450-1000\...\Riot Game bacon.live) (Version: - Riot Games, Inc)
Malwarebytes version 4.1.0.56 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.1.0.56 - Malwarebytes)
MEmu (HKLM-x32\...\MEmu) (Version: 6.2.7.0 - Microvirt Software Technology Co. Ltd.)
Metric Collection SDK (HKLM-x32\...\{DDAA788F-52E6-44EA-ADB8-92837B11BF26}) (Version: 1.1.0012.00 - Lenovo Group Limited) Hidden
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1718926927-2883716816-2102457450-1000\...\OneDriveSetup.exe) (Version: 19.232.1124.0012 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft SOAP Toolkit 3.0 (HKLM-x32\...\{BCB4C18A-ACA6-4383-8688-E19933A705DD}) (Version: 3.0.1325.4 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24123 (HKLM-x32\...\{2cbcedbb-f38c-48a3-a3e1-6c6fd821a7f4}) (Version: 14.0.24123.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Might & Magic Heroes Online - Standalone Client (HKU\S-1-5-21-1718926927-2883716816-2102457450-1000\...\Might & Magic Heroes Online) (Version: - )
Mozilla Firefox 75.0 (x64 es-ES) (HKLM\...\Mozilla Firefox 75.0 (x64 es-ES)) (Version: 75.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 75.0.0.7398 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nitro Pro 10 (HKLM\...\{7242D889-1E07-40C9-8FC6-670707B34EE1}) (Version: 10.5.9.9 - Nitro)
NVIDIA Controlador de audio HD 1.3.38.16 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.16 - NVIDIA Corporation)
NVIDIA Controlador de gráficos 432.00 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 432.00 - NVIDIA Corporation)
NVIDIA Controlador de la controladora 3D Vision 340.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 340.50 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.8.0.80 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.8.0.80 - NVIDIA Corporation)
NVIDIA Software del sistema PhysX 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
OSC Third Party Libraries (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_OSCLib) (Version: 1.1 - NVIDIA Corporation) Hidden
Panel de control de NVIDIA 432.00 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 432.00 - NVIDIA Corporation) Hidden
Paquete de idioma de Microsoft Visual Studio 2010 Tools para Office Runtime (x64) - ESN (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - ESN) (Version: 10.0.50903 - Microsoft Corporation)
Path of Building version 1.4.168 (HKLM-x32\...\{72FA9AB7-189F-4BDE-8856-72DEB90C157B}_is1) (Version: 1.4.168 - Openarl)
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 0.9.6 - Frank Heindörfer, Philip Chinery)
PhotoScape (HKLM-x32\...\PhotoScape) (Version: - )
RaidCall (HKLM-x32\...\RaidCall) (Version: 7.3.6-1.0.12972.94 - raidcall.com)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7889 - Realtek Semiconductor Corp.)
Renta 2014 1.25 (HKLM-x32\...\8330-1526-1221-2374) (Version: 1.25 - AEAT)
Revo Uninstaller 2.0.3 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.3 - VS Revo Group, Ltd.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 4.1.0260 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController) (Version: 2.8.0.80 - NVIDIA Corporation) Hidden
Skype™ 7.15 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.15.103 - Skype Technologies S.A.)
Sniper Ghost Warrior 2 (HKLM-x32\...\Sniper Ghost Warrior 2_is1) (Version: - )
Spotify (HKU\S-1-5-21-1718926927-2883716816-2102457450-1000\...\Spotify) (Version: 1.0.72.117.g6bd7cc73 - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version: - TechPowerUp)
The Elder Scrolls V Skyrim Special Edition MULTi7 - ElAmigos versión 1.4.2 (HKLM-x32\...\{365ED34A-2AFE-425F-92F9-9FCE0BD68FA6}_is1) (Version: 1.4.2 - Bethesda Softworks)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.4 - VideoLAN)
Windows Setup Remediations (x64) (KB4023057) (HKLM\...\{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb) (Version: - )
WinRAR 5.30 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.30.0 - win.rar GmbH)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment)
Packages:
=========
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.2.169.0_x64__rz1tebttyb220 [2020-04-19] (Dolby Laboratories)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-25] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-25] (Microsoft Corporation) [MS Ad]
Microsoft News: Noticias destacadas en español -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-27] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.7.4282.0_x64__8wekyb3d8bbwe [2020-05-01] (Microsoft Studios) [MS Ad]
MSN Deportes -> C:\Program Files\WindowsApps\Microsoft.BingSports_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-27] (Microsoft Corporation) [MS Ad]
MSN Dinero -> C:\Program Files\WindowsApps\Microsoft.BingFinance_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-27] (Microsoft Corporation) [MS Ad]
MSN El Tiempo -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-27] (Microsoft Corporation) [MS Ad]
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.131.703.0_x86__zpdnekdrzrea0 [2020-04-23] (Spotify AB) [Startup Task]
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.Twitter_6.1.4.1000_neutral__wgeqdkkx372wm [2018-09-24] (Twitter Inc.)
WindowsDVDPlayer -> C:\Program Files\WindowsApps\Microsoft.WindowsDVDPlayer_3.6.13291.0_x64__8wekyb3d8bbwe [2016-07-21] (Microsoft Corporation)
==================== Personalizado CLSID (Lista blanca): ==============
(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)
ShellExecuteHooks: Sin Nombre - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - -> Ningún archivo
ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [4171480 2013-12-19] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2010-11-18] (Igor Pavlov) [Archivo no firmado]
ContextMenuHandlers1: [Notepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> Ningún archivo
ContextMenuHandlers1: [NP8ShellExtension] -> {9C4B85B8-956C-49BF-9BA5-101384E562B2} => C:\Program Files\Nitro\Pro 10\NPShellExtension.dll [2016-07-22] (Nitro Software, Inc. -> Nitro PDF)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2015-11-18] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2015-11-18] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2010-11-18] (Igor Pavlov) [Archivo no firmado]
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} => -> Ningún archivo
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2019-10-03] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2015-11-18] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2015-11-18] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Lista blanca) ====================
==================== Accesos directos & WMI ========================
(Las entradas pueden ser listadas para ser restauradas o eliminadas.)
ShortcutWithArgument: C:\Users\petete\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\ARC Welder.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=emfinbmielocnlhgmfkkmkngdoccbadn
ShortcutWithArgument: C:\Users\petete\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\WhatsApp.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=fkbcemjokbagjjedpbmimcgbcoldicoh
==================== Módulos cargados (Lista blanca) =============
2015-02-11 16:37 - 2005-03-12 02:07 - 000087040 _____ () [Archivo no firmado] C:\WINDOWS\System32\pdfcmnnt.dll
2010-11-18 21:08 - 2010-11-18 21:08 - 000086016 _____ (Igor Pavlov) [Archivo no firmado] C:\Program Files\7-Zip\7-zip.dll
2014-09-02 00:59 - 2015-12-08 20:50 - 001183440 _____ (NVIDIA Corporation PE Sign v2014 -> NVIDIA Corporation) [Archivo no firmado] C:\Program Files\NVIDIA Corporation\NvStreamSrv\rxinput.dll
==================== Alternate Data Streams (Lista blanca) ========
(Si una entrada es incluida en el fixlist, solamente los ADS serán eliminados.)
AlternateDataStreams: C:\Users\Public\AppData:CSM [464]
==================== Modo Seguro (Lista blanca) ==================
(Si una entrada es incluida en el fixlist, será eliminada del registro. El "AlternateShell" será restaurado.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Asociación (Lista blanca) =================
==================== Internet Explorer sitios de confianza/restringidos ==========
(Si una entrada es incluida en el fixlist, será eliminada del registro.)
IE trusted site: HKU\S-1-5-21-1718926927-2883716816-2102457450-1000\...\fnmt.es -> hxxp://fnmt.es
IE trusted site: HKU\S-1-5-21-1718926927-2883716816-2102457450-1000\...\fnmt.es -> hxxps://fnmt.es
IE trusted site: HKU\S-1-5-21-1718926927-2883716816-2102457450-1000\...\fnmt.gob.es -> hxxps://fnmt.gob.es
IE trusted site: HKU\S-1-5-21-1718926927-2883716816-2102457450-1000\...\fnmt.gob.es -> hxxp://fnmt.gob.es
==================== Hosts contenido: =========================
(Si es necesario, la directiva Hosts: puede ser incluida en el fixlist para restablecer Hosts.)
2009-07-14 04:34 - 2009-06-10 23:00 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
2018-02-16 13:44 - 2018-02-16 13:45 - 000000375 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
==================== Otras Áreas ===========================
(Actualmente no existe una corrección automática para esta sección.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\Calibre2\;C:\Program Files (x86)\Skype\Phone\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\AutoFirma\AutoFirma
HKU\S-1-5-21-1718926927-2883716816-2102457450-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\petete\Desktop\cosas salvadas\cosas para guardar\fotos y videos\2010_12_04\IMG_1962.JPG
DNS Servers: El medio no está conectado a internet.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (Ningún archivo)
Firewall de Windows está habilitado.
==================== MSCONFIG/TASK MANAGER elementos deshabilitados ==
(Si una entrada es incluida en el fixlist, será eliminada.)
HKLM\...\StartupApproved\Run: => "RTHDVCPL"
HKLM\...\StartupApproved\Run: => "NvBackend"
HKLM\...\StartupApproved\Run: => "ShadowPlay"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "BCSSync"
HKU\S-1-5-21-1718926927-2883716816-2102457450-1000\...\StartupApproved\Run: => "DAEMON Tools Pro Agent"
HKU\S-1-5-21-1718926927-2883716816-2102457450-1000\...\StartupApproved\Run: => "BlueStacks Agent"
HKU\S-1-5-21-1718926927-2883716816-2102457450-1000\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-1718926927-2883716816-2102457450-1000\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-1718926927-2883716816-2102457450-1000\...\StartupApproved\Run: => "com.blitz.app"
HKU\S-1-5-21-1718926927-2883716816-2102457450-1000\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
==================== Reglas de firewall (Lista blanca) ================
(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)
FirewallRules: [UDP Query User{723E0CD5-7DEA-4750-8A89-44B0EC4DDCF5}C:\program files\autofirma\autofirma\jre\bin\javaw.exe] => (Allow) C:\program files\autofirma\autofirma\jre\bin\javaw.exe
FirewallRules: [TCP Query User{5424ACC2-758A-461C-8C15-ED97A000F93D}C:\program files\autofirma\autofirma\jre\bin\javaw.exe] => (Allow) C:\program files\autofirma\autofirma\jre\bin\javaw.exe
FirewallRules: [{22289F50-F67D-4F16-A6E6-59D3EF0432B7}] => (Allow) C:\Program Files\Easeware\DriverEasy\DriverEasy.exe (Easeware Technology Limited -> Easeware)
FirewallRules: [UDP Query User{CAA1CD90-6F3A-448A-B8EC-6D6775A75FBA}C:\users\petete\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\petete\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{745E7AB6-3E7A-4819-BDA9-164958EBB790}C:\users\petete\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\petete\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{340F2DE0-1FEE-4C1E-A929-900937DC83F8}C:\users\petete\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\petete\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{84BD3DF3-F67C-438D-99B6-2475B9F4F9B6}C:\users\petete\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\petete\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{3FCCA8F3-2473-4627-962F-37C8C98E7E9B}C:\program files\autofirma\autofirma\jre\bin\javaw.exe] => (Allow) C:\program files\autofirma\autofirma\jre\bin\javaw.exe
FirewallRules: [TCP Query User{05BFAE38-220B-4EA0-9802-B71200EC3F6F}C:\program files\autofirma\autofirma\jre\bin\javaw.exe] => (Allow) C:\program files\autofirma\autofirma\jre\bin\javaw.exe
FirewallRules: [{E815003F-8D90-4EC1-B731-343F3523768D}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{95C54D45-37CB-49DB-85DC-F2E3656F14DE}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{ABFE1815-6C92-41F8-B8F6-669B9A1FD8F8}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [{641DA8F2-56FE-4B19-B48D-CF43092E5FC3}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [TCP Query User{8534F005-4C97-4C2C-A639-F7ED20DF02C2}C:\program files (x86)\sniper ghost warrior 2\bin32\sniperghostwarrior2.exe] => (Block) C:\program files (x86)\sniper ghost warrior 2\bin32\sniperghostwarrior2.exe (City Interactive S.A.) [Archivo no firmado]
FirewallRules: [UDP Query User{EDEDA482-4062-4068-97AE-7DACB692C595}C:\program files (x86)\sniper ghost warrior 2\bin32\sniperghostwarrior2.exe] => (Block) C:\program files (x86)\sniper ghost warrior 2\bin32\sniperghostwarrior2.exe (City Interactive S.A.) [Archivo no firmado]
FirewallRules: [{1AD3F135-2DEC-43FA-9C9B-CD5C4BA83001}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{8756EB7C-C60B-4495-B501-F215C809E561}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{AF1168F4-89C9-4E66-BF30-4E8D546BD000}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{C57A8F7D-160A-4F72-998C-2733E54BAB73}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{F33581ED-A64F-46B3-863B-27A8BF9C0061}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{D7A3C6C2-A757-4800-9790-8CC2EFE38B85}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{17448893-6317-4BD2-8C38-712AC599C234}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{0D97CF75-9218-4881-B361-71E90E9BDCD1}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{B7887585-C2C6-4FCD-914B-249E03D97A24}] => (Allow) %systemroot%\system32\alg.exe Ningún archivo
FirewallRules: [TCP Query User{903B1F89-F601-4BC1-806F-9DE6E7C00F52}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{3361FE48-5BC8-4470-BE38-7E77769155D9}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{FB27B939-E766-412B-B1A0-D02760BDB38F}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{98593F5A-0837-4F72-AE2A-3F75478EB011}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{455119F3-FCDB-4644-9D9C-511540B50D73}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{FCCC7587-73A7-41A5-9BD8-0937C81D7E2C}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{1D578053-5FE9-440C-A5E2-435E5CA81A34}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{5F216BA7-33D3-473B-94AC-B2A3FA97E68E}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{748F91B2-C629-4B0F-8004-798A20A8C302}C:\riot games\league of legends\game\league of legends.exe] => (Allow) C:\riot games\league of legends\game\league of legends.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [UDP Query User{C9B3716A-9B27-47F2-8C49-9DEB7044F275}C:\riot games\league of legends\game\league of legends.exe] => (Allow) C:\riot games\league of legends\game\league of legends.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [TCP Query User{5E76AAC4-37C2-4A85-9CF9-62B873D1E23A}C:\users\petete\appdata\roaming\utorrent\updates\3.5.5_45608.exe] => (Allow) C:\users\petete\appdata\roaming\utorrent\updates\3.5.5_45608.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [UDP Query User{D411F9A8-909C-4304-A9AD-3BBD595256EA}C:\users\petete\appdata\roaming\utorrent\updates\3.5.5_45608.exe] => (Allow) C:\users\petete\appdata\roaming\utorrent\updates\3.5.5_45608.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{13A98D59-712B-466B-BAA2-2B9D93D1F0FC}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{E0E08598-4E8A-41B3-BDBB-A1EF0F0426F6}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [TCP Query User{FB453544-C50F-4C30-A467-BFF2F4AB1639}C:\program files (x86)\divinity original sin 2 definitive edition\defed\bin\eocapp.exe] => (Allow) C:\program files (x86)\divinity original sin 2 definitive edition\defed\bin\eocapp.exe (Larian Studios -> )
FirewallRules: [UDP Query User{DC1DFDC4-C2CB-4177-9042-2ED877AC9507}C:\program files (x86)\divinity original sin 2 definitive edition\defed\bin\eocapp.exe] => (Allow) C:\program files (x86)\divinity original sin 2 definitive edition\defed\bin\eocapp.exe (Larian Studios -> )
FirewallRules: [{066FD18C-5795-498F-9635-AA8C4FBA1305}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{356A2877-EB0F-4CD1-A53C-63CB9B34CEFE}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{80EB107A-39A2-41B2-A745-827E33AF93B2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{A9DC1931-8C6A-44B3-BA1B-EA95F861CE2D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{6470846D-D375-4914-9B9D-413349C329C1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Path of Exile\PathOfExileSteam.exe (Grinding Gear Games Limited -> )
FirewallRules: [{850E0201-F740-40F7-ACFD-2489A81360CA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Path of Exile\PathOfExileSteam.exe (Grinding Gear Games Limited -> )
FirewallRules: [TCP Query User{8F43F767-01AB-4C80-A57B-A1B10F4BB639}C:\users\petete\appdata\local\programs\blitz\blitz.exe] => (Allow) C:\users\petete\appdata\local\programs\blitz\blitz.exe (Swift Media Entertainment, Inc. -> Blitz Inc.)
FirewallRules: [UDP Query User{D30BE842-54F7-42E9-B2B2-5157037BEB02}C:\users\petete\appdata\local\programs\blitz\blitz.exe] => (Allow) C:\users\petete\appdata\local\programs\blitz\blitz.exe (Swift Media Entertainment, Inc. -> Blitz Inc.)
FirewallRules: [{5F46CDC6-B4C9-4959-9C3B-0D3A0E93D82F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.131.703.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{27659465-BB0A-4448-8847-E3012EC5325B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.131.703.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{322447F6-748E-49D0-91D3-CD4C52C33E50}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.131.703.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{F912623C-1BD7-4777-824B-6C07937A6721}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.131.703.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{D6AE7DD2-E81E-412F-9E0E-06ADAB780F75}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.131.703.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{9FE50839-F35D-4073-A330-2160DE3551ED}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.131.703.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{36171160-9CE6-4500-A37D-8F9DB5024271}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.131.703.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{76C1594A-30A7-4417-91D9-9DD6AA2CF6FB}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.131.703.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{C20AD358-284C-443A-9D3B-6A523C55B690}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
==================== Puntos de Restauración =========================
22-04-2020 12:20:26 Punto de control programado
29-04-2020 13:14:01 Punto de control programado
02-05-2020 13:31:02 AdwCleaner_BeforeCleaning_02/05/2020_13:31:00
02-05-2020 17:31:49 JRT Pre-Junkware Removal
02-05-2020 17:47:25 JRT Pre-Junkware Removal
04-05-2020 13:07:48 JRT Pre-Junkware Removal
==================== Dispositivos defectuosos en el Administrador de dispositivos ============
==================== Errores del registro de eventos: ========================
Errores de aplicación:
==================
Error: (05/04/2020 01:13:50 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (14584,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) al abrir un archivo de registro C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (05/04/2020 12:17:16 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (9288,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) al abrir un archivo de registro C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (05/04/2020 11:40:30 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (7996,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) al abrir un archivo de registro C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (05/04/2020 11:30:23 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (14956,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) al abrir un archivo de registro C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (05/04/2020 11:24:51 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (19600,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) al abrir un archivo de registro C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (05/04/2020 11:11:21 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (14860,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) al abrir un archivo de registro C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (05/04/2020 10:24:05 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (15012,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) al abrir un archivo de registro C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (05/03/2020 07:57:24 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (11576,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) al abrir un archivo de registro C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Errores del sistema:
=============
Error: (05/04/2020 01:08:46 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: El servicio NVIDIA Display Container LS terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 6000 milisegundos: Reiniciar el servicio.
Error: (05/04/2020 12:30:58 PM) (Source: DCOM) (EventID: 10000) (User: petete-PC)
Description: No se puede iniciar un servidor DCOM: {0358B920-0AC7-461F-98F4-58E32CD89148}. Error
"2147942767"
al iniciar este comando:
C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}
Error: (05/02/2020 05:47:57 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: El servicio NVIDIA Display Container LS terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 6000 milisegundos: Reiniciar el servicio.
Error: (05/02/2020 05:32:47 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: El servicio NVIDIA Display Container LS terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 6000 milisegundos: Reiniciar el servicio.
Error: (05/02/2020 05:07:14 PM) (Source: DCOM) (EventID: 10000) (User: petete-PC)
Description: No se puede iniciar un servidor DCOM: {0358B920-0AC7-461F-98F4-58E32CD89148}. Error
"2147942767"
al iniciar este comando:
C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}
Error: (05/02/2020 03:22:01 PM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: El servicio Malwarebytes Service no se cerró correctamente después de recibir un control de aviso de apagado.
Error: (05/02/2020 02:30:49 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: El servicio NVIDIA Display Container LS terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 6000 milisegundos: Reiniciar el servicio.
Error: (05/02/2020 02:30:49 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: El servicio Message Queue Server terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 120000 milisegundos: Reiniciar el servicio.
Windows Defender:
===================================
Date: 2020-05-04 11:41:38.490
Description:
El examen de Antivirus de Windows Defender se detuvo antes de completarse.
Id. de examen: {3123FA79-D50F-4244-A947-FD21C3C19066}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM
Date: 2020-05-04 11:24:59.339
Description:
El examen de Antivirus de Windows Defender se detuvo antes de completarse.
Id. de examen: {42DAB932-FA53-44C3-82D3-2F11174B5063}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM
Date: 2020-05-01 22:02:37.000
Description:
Antivirus de Windows Defender detectó malware u otro software potencialmente no deseado.
Para más información, consulta lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Meredrop&threatid=2147575279&enterprise=0
Nombre: Trojan:Win32/Meredrop
Id.: 2147575279
Gravedad: Grave
Categoría: Caballo de Troya
Ruta de acceso: file:_F:\TiNYiSO\TiNYiSO.exe
Origen de detección: Equipo local
Tipo de detección: Concreto
Origen de detección: Protección en tiempo real
Usuario: petete-PC\petete
Nombre de proceso: C:\Windows\explorer.exe
Versión de inteligencia de seguridad: AV: 1.313.2718.0, AS: 1.313.2718.0, NIS: 1.313.2718.0
Versión de motor: AM: 1.1.16900.4, NIS: 1.1.16900.4
Date: 2020-04-17 14:37:44.605
Description:
El examen de Antivirus de Windows Defender se detuvo antes de completarse.
Id. de examen: {E2178ECB-BD02-4F22-9944-B64371CB1119}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM
Date: 2020-04-07 20:22:12.395
Description:
El examen de Antivirus de Windows Defender se detuvo antes de completarse.
Id. de examen: {EEF9D40D-D0FB-4647-B37E-45D727B15A6E}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM
Date: 2020-05-04 13:11:04.613
Description:
Antivirus de Windows Defender detectó un error al intentar actualizar la inteligencia de seguridad.
Nueva versión de inteligencia de seguridad:
Versión anterior de inteligencia de seguridad: 1.313.2862.0
Origen de actualización: Servidor de Microsoft Update
Tipo de inteligencia de seguridad: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\SYSTEM
Versión actual del motor:
Versión anterior del motor: 1.1.16900.4
Código de error: 0x80240438
Descripción del error: Se produjo un problema inesperado mientras se buscaban actualizaciones. Para obtener más información sobre cómo instalar o solucionar problemas en las actualizaciones, consulte Ayuda y soporte técnico.
Date: 2020-05-02 17:00:57.059
Description:
Antivirus de Windows Defender detectó un error al intentar actualizar la inteligencia de seguridad.
Nueva versión de inteligencia de seguridad:
Versión anterior de inteligencia de seguridad: 1.313.2779.0
Origen de actualización: Servidor de Microsoft Update
Tipo de inteligencia de seguridad: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\SYSTEM
Versión actual del motor:
Versión anterior del motor: 1.1.16900.4
Código de error: 0x80240438
Descripción del error: Se produjo un problema inesperado mientras se buscaban actualizaciones. Para obtener más información sobre cómo instalar o solucionar problemas en las actualizaciones, consulte Ayuda y soporte técnico.
Date: 2020-05-02 16:51:27.868
Description:
La característica Protección en tiempo real de Antivirus de Windows Defender encontró un error:
Característica: Supervisión de comportamiento
Código de error: 0x80508023
Descripción del error: El programa no encontró malware ni otro software potencialmente no deseado en este dispositivo.
Motivo: La inteligencia de seguridad antimalware dejó de funcionar por motivos desconocidos. En algunos casos, reiniciar el servicio puede que resuelva el problema.
Date: 2020-04-19 16:47:46.315
Description:
Antivirus de Windows Defender detectó un error al intentar actualizar la inteligencia de seguridad.
Nueva versión de inteligencia de seguridad:
Versión anterior de inteligencia de seguridad: 1.313.1813.0
Origen de actualización: Servidor de Microsoft Update
Tipo de inteligencia de seguridad: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\SYSTEM
Versión actual del motor:
Versión anterior del motor: 1.1.16900.4
Código de error: 0x8024402c
Descripción del error: Se produjo un problema inesperado mientras se buscaban actualizaciones. Para obtener más información sobre cómo instalar o solucionar problemas en las actualizaciones, consulte Ayuda y soporte técnico.
Date: 2020-04-16 09:53:48.613
Description:
El motor de Antivirus de Windows Defender finalizó debido a un error inesperado.
Tipo de error: Bloqueo
Código de excepción: 0xc0000005
Recurso: file:C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sniper Ghost Warrior 2\Eliminar contenido local....lnk
CodeIntegrity:
===================================
Date: 2020-04-16 10:50:51.030
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.
Date: 2020-04-16 10:50:51.008
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.
Date: 2020-04-16 10:50:50.984
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll that did not meet the Microsoft signing level requirements.
Date: 2020-04-16 10:50:50.911
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.
Date: 2020-04-16 10:50:50.897
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.
Date: 2020-04-16 10:50:50.879
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll that did not meet the Microsoft signing level requirements.
Date: 2020-04-16 10:50:49.720
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll that did not meet the Microsoft signing level requirements.
Date: 2020-04-16 10:50:49.563
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll that did not meet the Microsoft signing level requirements.
==================== Información de la memoria ===========================
BIOS: American Megatrends Inc. 0603 05/19/2009
Placa base: ASUSTeK Computer INC. P6T
Procesador: Intel(R) Core(TM) i7 CPU 920 @ 2.67GHz
Porcentaje de memoria en uso: 49%
RAM física total: 6134.11 MB
RAM física disponible: 3119.48 MB
Virtual total: 13814.11 MB
Virtual disponible: 10305.51 MB
==================== Unidades ================================
Drive c: () (Fixed) (Total:930.9 GB) (Free:212.26 GB) NTFS
Drive d: (Bluebirds) (CDROM) (Total:0 GB) (Free:0 GB) CDFS
\\?\Volume{2f807ac2-3221-11e4-9780-806e6f6e6963}\ (Reservado para el sistema) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS
\\?\Volume{00000001-0000-0000-0000-30c0e8000000}\ () (Fixed) (Total:0.51 GB) (Free:0.08 GB) NTFS
==================== MBR & Tabla de particiones ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 00000001)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=930.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=521 MB) - (Type=27)
==================== Final de Addition.txt =======================
Hola
MUY Importante 
Realiza una copia de seguridad del registro :
Para hacerlo descarga DelFix.exe( en tu escritorio).
Doble clic para ejecutarlo.(Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona -Ejecutar como Administrador-).
Atención, ahora marca/selecciona únicamente la casilla "Create registry backup", las demás NO.
Pulsar en Run.
Se abrirá el informe (DelFix.txt), guárdalo por si fuera necesario y cierra la herramienta.
A continuación 
con los demás programas cerrados ve a Inicio Ejecutar y escribe Notepad.exe.
START
CREATERESTOREPOINT:
CLOSEPROCESSES:
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] ->
GroupPolicy: Restricción ? <==== ATENCIÓN
CHR HKLM\SOFTWARE\Policies\Google: Restricción <==== ATENCIÓN
Task: {0A7FD646-AA4D-44F2-979B-3F2992AB6B89} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> Ningún archivo <==== ATENCIÓN
Task: {0BF3EC43-A202-470D-B52A-BFD6C1E386F0} - \Microsoft\Windows\UNP\RunCampaignManager -> Ningún archivo <==== ATENCIÓN
Task: {1593E07F-A3A9-4F30-80F1-02A9670EB057} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Ningún archivo <==== ATENCIÓN
Task: {16A6A6A7-1EC6-4ACD-AACD-05F50B111555} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Ningún archivo <==== ATENCIÓN
Task: {321136EA-B9C5-4E28-BF29-4A051F1AF95A} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> Ningún archivo <==== ATENCIÓN
Task: {33C2F166-ABA3-44BC-808B-8C28E4986FDD} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Ningún archivo <==== ATENCIÓN
Task: {35BD64D2-3E93-4B3C-AAE3-F48DAE754D7E} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Ningún archivo <==== ATENCIÓN
Task: {509E9E82-9685-42DF-A7C3-5FB46BBA7FCF} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> Ningún archivo <==== ATENCIÓN
Task: {6038E375-6230-4921-B7CB-4FC24CD45C66} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Ningún archivo <==== ATENCIÓN
Task: {6423A72D-678A-464B-BA9E-F732E8131699} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Ningún archivo <==== ATENCIÓN
Task: {6CE01626-3388-4BD2-8473-43303B4ACEFE} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Ningún archivo <==== ATENCIÓN
Task: {94213753-DFF8-4861-A309-C24758E07AE5} - \Microsoft\Windows\Setup\EOONotify -> Ningún archivo <==== ATENCIÓN
Task: {C4D89B09-84A9-444C-9B00-F000A42ECDF4} - \Microsoft\Windows\Setup\GWXTriggers\Time-Weekend -> Ningún archivo <==== ATENCIÓN
Task: {C67A187D-2CAB-41C5-94B1-91C0CC5A01F7} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Ningún archivo <==== ATENCIÓN
Task: {D9B3F203-DBFD-40D6-80F9-26618883B688} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Ningún archivo <==== ATENCIÓN
Task: {DB223E94-DDC0-4989-BA3C-0460CDD8F31C} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> Ningún archivo <==== ATENCIÓN
Task: {F27F273A-01C6-46DE-9CBE-1397E480C59C} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Ningún archivo <==== ATENCIÓN
Task: {FC4BF101-3CBE-4D3A-95FF-BCF07A2E3552} - \Microsoft\Windows\Setup\gwx\rundetector -> Ningún archivo <==== ATENCIÓN
SearchScopes: HKLM -> {fcd9f10e-0daa-405f-bca0-0dd3f37c59d9} URL =
SearchScopes: HKU\S-1-5-21-1718926927-2883716816-2102457450-1000 -> DefaultScope {2f23ab71-4ac6-41f2-a955-ea576e553146} URL = hxxps://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1718926927-2883716816-2102457450-1000 -> {2f23ab71-4ac6-41f2-a955-ea576e553146} URL = hxxps://www.google.com/search?q={searchTerms}
BHO: Sin Nombre -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> Ningún archivo
CHR Extension: (Chrome Media Router) - C:\Users\petete\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-04-22]
CHR HKLM-x32\...\Chrome\Extension: [eedgghdcpmmmilkmfpnklknlenbiolec]
CHR HKLM-x32\...\Chrome\Extension: [kpdmjodecdegfglgaapafjleomjjlpnh]
U3 idsvc; no ImagePath
S3 VMnetAdapter; \SystemRoot\system32\DRIVERS\vmnetadapter.sys [X]
2015-10-09 22:55 - 2015-10-09 22:55 - 000000000 _____ () C:\Users\petete\AppData\Local\{0CA78415-34E9-4730-8A7E-AC2273D834EC}
ShellExecuteHooks: Sin Nombre - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - -> Ningún archivo
ContextMenuHandlers1: [Notepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> Ningún archivo
AlternateDataStreams: C:\Users\Public\AppData:CSM [464]
HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
ENDGuárdalo bajo el nombre de FIXLIST.TXT en el escritorio Esto es muy importante.
Nota Es importante que la herramienta FRST.exe (Farbar Recovery Scanner Tool) y FIXLIST.TXT se encuentren en la misma ubicación (escritorio) o si no, no trabajara.
Y ahora usa el 2º MÉTODO: de esta Faq de Windows 8(aplicable a Windows 10) ¿Cómo iniciar Windows 8/8.1 en Modo Seguro?, para trabajar desde ese modo de windows.
Pega el contenido de este fichero en tu próxima respuesta.
Reiniciar el equipo y comprobar su funcionamiento en relación al problema planteado y comentarlo.
Un saludo
Resultados de la corrección de Farbar Recovery Scan Tool (x64) Versión: 03-05-2020
Ejecutado por petete (04-05-2020 22:05:10) Run:1
Ejecutado desde C:\Users\petete\Desktop
Perfiles cargados: petete (Perfiles disponibles: petete)
Modo de Inicio: Safe Mode (with Networking)
==============================================
fixlist contenido:
*****************
START
CREATERESTOREPOINT:
CLOSEPROCESSES:
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] ->
GroupPolicy: Restricción ? <==== ATENCIÓN
CHR HKLM\SOFTWARE\Policies\Google: Restricción <==== ATENCIÓN
Task: {0A7FD646-AA4D-44F2-979B-3F2992AB6B89} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> Ningún archivo <==== ATENCIÓN
Task: {0BF3EC43-A202-470D-B52A-BFD6C1E386F0} - \Microsoft\Windows\UNP\RunCampaignManager -> Ningún archivo <==== ATENCIÓN
Task: {1593E07F-A3A9-4F30-80F1-02A9670EB057} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Ningún archivo <==== ATENCIÓN
Task: {16A6A6A7-1EC6-4ACD-AACD-05F50B111555} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Ningún archivo <==== ATENCIÓN
Task: {321136EA-B9C5-4E28-BF29-4A051F1AF95A} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> Ningún archivo <==== ATENCIÓN
Task: {33C2F166-ABA3-44BC-808B-8C28E4986FDD} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Ningún archivo <==== ATENCIÓN
Task: {35BD64D2-3E93-4B3C-AAE3-F48DAE754D7E} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Ningún archivo <==== ATENCIÓN
Task: {509E9E82-9685-42DF-A7C3-5FB46BBA7FCF} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> Ningún archivo <==== ATENCIÓN
Task: {6038E375-6230-4921-B7CB-4FC24CD45C66} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Ningún archivo <==== ATENCIÓN
Task: {6423A72D-678A-464B-BA9E-F732E8131699} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Ningún archivo <==== ATENCIÓN
Task: {6CE01626-3388-4BD2-8473-43303B4ACEFE} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Ningún archivo <==== ATENCIÓN
Task: {94213753-DFF8-4861-A309-C24758E07AE5} - \Microsoft\Windows\Setup\EOONotify -> Ningún archivo <==== ATENCIÓN
Task: {C4D89B09-84A9-444C-9B00-F000A42ECDF4} - \Microsoft\Windows\Setup\GWXTriggers\Time-Weekend -> Ningún archivo <==== ATENCIÓN
Task: {C67A187D-2CAB-41C5-94B1-91C0CC5A01F7} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Ningún archivo <==== ATENCIÓN
Task: {D9B3F203-DBFD-40D6-80F9-26618883B688} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Ningún archivo <==== ATENCIÓN
Task: {DB223E94-DDC0-4989-BA3C-0460CDD8F31C} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> Ningún archivo <==== ATENCIÓN
Task: {F27F273A-01C6-46DE-9CBE-1397E480C59C} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Ningún archivo <==== ATENCIÓN
Task: {FC4BF101-3CBE-4D3A-95FF-BCF07A2E3552} - \Microsoft\Windows\Setup\gwx\rundetector -> Ningún archivo <==== ATENCIÓN
SearchScopes: HKLM -> {fcd9f10e-0daa-405f-bca0-0dd3f37c59d9} URL =
SearchScopes: HKU\S-1-5-21-1718926927-2883716816-2102457450-1000 -> DefaultScope {2f23ab71-4ac6-41f2-a955-ea576e553146} URL = hxxps://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1718926927-2883716816-2102457450-1000 -> {2f23ab71-4ac6-41f2-a955-ea576e553146} URL = hxxps://www.google.com/search?q={searchTerms}
BHO: Sin Nombre -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> Ningún archivo
CHR Extension: (Chrome Media Router) - C:\Users\petete\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-04-22]
CHR HKLM-x32\...\Chrome\Extension: [eedgghdcpmmmilkmfpnklknlenbiolec]
CHR HKLM-x32\...\Chrome\Extension: [kpdmjodecdegfglgaapafjleomjjlpnh]
U3 idsvc; no ImagePath
S3 VMnetAdapter; \SystemRoot\system32\DRIVERS\vmnetadapter.sys [X]
2015-10-09 22:55 - 2015-10-09 22:55 - 000000000 _____ () C:\Users\petete\AppData\Local\{0CA78415-34E9-4730-8A7E-AC2273D834EC}
ShellExecuteHooks: Sin Nombre - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - -> Ningún archivo
ContextMenuHandlers1: [Notepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> Ningún archivo
AlternateDataStreams: C:\Users\Public\AppData:CSM [464]
HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
END
*****************
Error: El punto de restauración solamente puede ser creado en modo normal.
Procesos cerrados correctamente.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers\{503739d0-4c5e-4cfd-b3ba-d881334f0df2}" => eliminado correctamente
C:\WINDOWS\system32\GroupPolicy\Machine => movido correctamente
C:\WINDOWS\system32\GroupPolicy\GPT.ini => movido correctamente
C:\WINDOWS\SysWOW64\GroupPolicy\GPT.ini => movido correctamente
HKLM\SOFTWARE\Policies\Google => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0A7FD646-AA4D-44F2-979B-3F2992AB6B89}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0A7FD646-AA4D-44F2-979B-3F2992AB6B89}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0BF3EC43-A202-470D-B52A-BFD6C1E386F0}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0BF3EC43-A202-470D-B52A-BFD6C1E386F0}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager" => no encontrado
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1593E07F-A3A9-4F30-80F1-02A9670EB057}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1593E07F-A3A9-4F30-80F1-02A9670EB057}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{16A6A6A7-1EC6-4ACD-AACD-05F50B111555}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{16A6A6A7-1EC6-4ACD-AACD-05F50B111555}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{321136EA-B9C5-4E28-BF29-4A051F1AF95A}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{321136EA-B9C5-4E28-BF29-4A051F1AF95A}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\OfficeSoftwareProtectionPlatform\SvcRestartTask" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{33C2F166-ABA3-44BC-808B-8C28E4986FDD}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{33C2F166-ABA3-44BC-808B-8C28E4986FDD}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{35BD64D2-3E93-4B3C-AAE3-F48DAE754D7E}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{35BD64D2-3E93-4B3C-AAE3-F48DAE754D7E}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{509E9E82-9685-42DF-A7C3-5FB46BBA7FCF}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{509E9E82-9685-42DF-A7C3-5FB46BBA7FCF}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6038E375-6230-4921-B7CB-4FC24CD45C66}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6038E375-6230-4921-B7CB-4FC24CD45C66}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{6423A72D-678A-464B-BA9E-F732E8131699}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6423A72D-678A-464B-BA9E-F732E8131699}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6CE01626-3388-4BD2-8473-43303B4ACEFE}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6CE01626-3388-4BD2-8473-43303B4ACEFE}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{94213753-DFF8-4861-A309-C24758E07AE5}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{94213753-DFF8-4861-A309-C24758E07AE5}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\EOONotify" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C4D89B09-84A9-444C-9B00-F000A42ECDF4}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C4D89B09-84A9-444C-9B00-F000A42ECDF4}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-Weekend" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C67A187D-2CAB-41C5-94B1-91C0CC5A01F7}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C67A187D-2CAB-41C5-94B1-91C0CC5A01F7}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D9B3F203-DBFD-40D6-80F9-26618883B688}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D9B3F203-DBFD-40D6-80F9-26618883B688}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DB223E94-DDC0-4989-BA3C-0460CDD8F31C}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DB223E94-DDC0-4989-BA3C-0460CDD8F31C}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{F27F273A-01C6-46DE-9CBE-1397E480C59C}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F27F273A-01C6-46DE-9CBE-1397E480C59C}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FC4BF101-3CBE-4D3A-95FF-BCF07A2E3552}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FC4BF101-3CBE-4D3A-95FF-BCF07A2E3552}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\rundetector" => eliminado correctamente
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{fcd9f10e-0daa-405f-bca0-0dd3f37c59d9} => eliminado correctamente
"HKU\S-1-5-21-1718926927-2883716816-2102457450-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => eliminado correctamente
HKU\S-1-5-21-1718926927-2883716816-2102457450-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2f23ab71-4ac6-41f2-a955-ea576e553146} => eliminado correctamente
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E} => eliminado correctamente
CHR Extension: (Chrome Media Router) - C:\Users\petete\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-04-22] => Error: Ninguna corrección automática encontrada para esta entrada.
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\eedgghdcpmmmilkmfpnklknlenbiolec => eliminado correctamente
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\kpdmjodecdegfglgaapafjleomjjlpnh => eliminado correctamente
HKLM\System\CurrentControlSet\Services\idsvc => eliminado correctamente
idsvc => servicio eliminado correctamente
HKLM\System\CurrentControlSet\Services\VMnetAdapter => eliminado correctamente
VMnetAdapter => servicio eliminado correctamente
C:\Users\petete\AppData\Local\{0CA78415-34E9-4730-8A7E-AC2273D834EC} => movido correctamente
"HKLM\Software\Microsoft\Windows\CurrentVersion\explorer\ShellExecuteHooks\\{B5A7F190-DDA6-4420-B3BA-52453494E6CD}" => eliminado correctamente
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\Notepad++64 => eliminado correctamente
C:\Users\Public\AppData => ":CSM" ADS eliminado correctamente
C:\Windows\System32\Drivers\etc\hosts => movido correctamente
Hosts restaurado correctamente.
========= RemoveProxy: =========
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => eliminado correctamente
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => eliminado correctamente
"HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => eliminado correctamente
"HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => eliminado correctamente
"HKU\S-1-5-21-1718926927-2883716816-2102457450-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => eliminado correctamente
"HKU\S-1-5-21-1718926927-2883716816-2102457450-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => eliminado correctamente
========= Final de RemoveProxy: =========
========= netsh winsock reset =========
El cat logo Winsock se restableci¢ correctamente.
Debe reiniciar el equipo para completar el restablecimiento.
========= Final de CMD: =========
========= ipconfig /renew =========
Configuraci¢n IP de Windows
No se puede realizar ninguna operaci¢n en Conexi¢n de rea local mientras los medios
est‚n desconectados.
No se puede realizar ninguna operaci¢n en Wi-Fi mientras los medios
est‚n desconectados.
No se puede realizar ninguna operaci¢n en Conexi¢n de rea local* 5 mientras los medios
est‚n desconectados.
========= Final de CMD: =========
========= ipconfig /flushdns =========
Configuraci¢n IP de Windows
Se vaci¢ correctamente la cach‚ de resoluci¢n de DNS.
========= Final de CMD: =========
========= bitsadmin /reset /allusers =========
BITSADMIN version 3.0
BITS administration utility.
(C) Copyright Microsoft Corp.
Unable to connect to BITS - 0x8007043c
El servicio no puede iniciarse en modo a prueba de errores
========= Final de CMD: =========
========= netsh advfirewall reset =========
Aceptar
========= Final de CMD: =========
========= netsh advfirewall set allprofiles state ON =========
Aceptar
========= Final de CMD: =========
========= netsh int ipv4 reset =========
Reenv¡o de compartimiento se restableci¢ correctamente.
Compartimiento se restableci¢ correctamente.
Protocolo de control se restableci¢ correctamente.
Solicitud de secuencia eco se restableci¢ correctamente.
Global se restableci¢ correctamente.
Interfaz se restableci¢ correctamente.
Direcci¢n de difusi¢n por proximidad (a se restableci¢ correctamente.
Direcciones de multidifusi¢n se restableci¢ correctamente.
Direcci¢n de unidifusi¢n se restableci¢ correctamente.
Vecino se restableci¢ correctamente.
Ruta de acceso se restableci¢ correctamente.
Posible se restableci¢ correctamente.
Directiva de prefijo se restableci¢ correctamente.
Vecino de proxy se restableci¢ correctamente.
Ruta se restableci¢ correctamente.
Prefijo de sitio se restableci¢ correctamente.
Subinterfaz se restableci¢ correctamente.
Patr¢n de reactivaci¢n se restableci¢ correctamente.
Resolver vecino se restableci¢ correctamente.
se restableci¢ correctamente.
se restableci¢ correctamente.
se restableci¢ correctamente.
se restableci¢ correctamente.
Error al restablecer .
Acceso denegado.
se restableci¢ correctamente.
se restableci¢ correctamente.
se restableci¢ correctamente.
se restableci¢ correctamente.
se restableci¢ correctamente.
se restableci¢ correctamente.
se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.
========= Final de CMD: =========
========= netsh int ipv6 reset =========
Reenv¡o de compartimiento se restableci¢ correctamente.
Compartimiento se restableci¢ correctamente.
Protocolo de control se restableci¢ correctamente.
Solicitud de secuencia eco se restableci¢ correctamente.
Global se restableci¢ correctamente.
Interfaz se restableci¢ correctamente.
Direcci¢n de difusi¢n por proximidad (a se restableci¢ correctamente.
Direcciones de multidifusi¢n se restableci¢ correctamente.
Direcci¢n de unidifusi¢n se restableci¢ correctamente.
Vecino se restableci¢ correctamente.
Ruta de acceso se restableci¢ correctamente.
Posible se restableci¢ correctamente.
Directiva de prefijo se restableci¢ correctamente.
Vecino de proxy se restableci¢ correctamente.
Ruta se restableci¢ correctamente.
Prefijo de sitio se restableci¢ correctamente.
Subinterfaz se restableci¢ correctamente.
Patr¢n de reactivaci¢n se restableci¢ correctamente.
Resolver vecino se restableci¢ correctamente.
se restableci¢ correctamente.
se restableci¢ correctamente.
se restableci¢ correctamente.
se restableci¢ correctamente.
Error al restablecer .
Acceso denegado.
se restableci¢ correctamente.
se restableci¢ correctamente.
se restableci¢ correctamente.
se restableci¢ correctamente.
se restableci¢ correctamente.
se restableci¢ correctamente.
se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.
========= Final de CMD: =========
=========== EmptyTemp: ==========
BITS transfer queue => 7888896 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 18784185 B
Java, Flash, Steam htmlcache => 35214126 B
Windows/system/drivers => 1482089 B
Edge => 26326 B
Chrome => 26505758 B
Firefox => 781464060 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 16674 B
Users => 16674 B
ProgramData => 16674 B
Public => 16674 B
systemprofile => 16674 B
systemprofile32 => 16674 B
LocalService => 25034 B
NetworkService => 26678 B
petete => 18554185 B
DefaultAppPool => 18587243 B
RecycleBin => 0 B
EmptyTemp: => 866.6 MB datos temporales eliminados.
================================
El sistema necesita reiniciarse.
==== Final de Fixlog 22:07:08 ====
Parece que de momento no se vuelve a abrir. Espero que hayas dado con la tecla!!
Lo unico que al reiniciar con conexion a internet… el ordenador no esta conectado a la red mediante cable, sino por pincho wifi. Asi que al pasar el programa no estaba conectado ya que los drivers no se cargaron y no reconocia el pincho. No se si debo de cambiar eso para que sea realmente efectivo
No se si tengo que pasar alguna cosilla mas o ya me das el ok
Hola
No te preocupes, no hay problema 
Sigue estos pasos, para eliminar las herramientas utilizadas:
Para hacerlo utiliza de nuevo/descarga >> DelFix.exe en tu escritorio.
Doble clic para ejecutarlo. (Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona - Ejecutar como Administrador)
Marca todas las casillas, y pulsas en Run
Se abrirá el informe (DelFix.txt), puedes cerrarlo.
Confirmanos si sigue bien el problema.
Un saludo
Despues de varios dias, no me volvio a salir nada. Muchas gracias ^^
Hola @Mrpetete
Gracias a ti por confiar en ForoSpyware. Ha sido un placer ayudarte 
Nos alegramos que se te haya resuelto Damos el tema por solucionado.
Un saludo