Una aplicacion "itools4.exe" crece de tamaño y me llena el temp del roaming/local

Buenas. Me aparece una aplicacion itools4.exe, que cuando va pasando el tiempo incrementa de tamaño y me llena el disco c: Se encuentra en c:/usuarios/user/appdata/local/temp

El panda antivirus pro impide cada cierto tiempo que se ejecute la aplicacion C:\Users\user\AppData\Roaming\fdhgbfdegb\dcwnnpzalagu.exe

Pero no puedo verla en esa carpeta.

Tan solo he podido ver una referencia en una web rusa: https://bhf.io/threads/513806/

Pero no entiendo nada.

Gracias de antemano.

Hola caraguia, bienvenido

Realiza los siguientes pasos, aunque hayas hecho alguno, sin cambiar el orden:

1) Descarga, actualiza y ejecuta Malwarebytes’ Anti-Malware, revisa en detalle el manual, para que sepas usarlo y configurarlo.

• Realiza un Análisis de amenazas, actualizando si te lo pide.
• Pulsar en “Cuarentena seleccionado” para enviarlo a la cuarentena y Reinicias el sistema.
• En el apartado del manual Informes >> Informe de análisis encontrarás el reporte de MBAM, clic en Exportar >> Copiar al portapapeles.

2) Descarga AdwCleaner | InfoSpyware en el escritorio.

• Desactiva temporalmente el Antivirus >> Cómo deshabilitar temporalmente su Antivirus.
• Cierra también todos los programas que tengas abiertos.
• Ejecuta Adwcleaner.exe (Si usas Windows Vista/7 u 8 presiona clic derecho y selecciona "Ejecutar como Administrador".)
• Pulsar en el botón Escanear, y espera a que se realice el proceso, inmediatamente pulsa sobre el botón Limpiar.
• Espera a que se complete y sigue las instrucciones, si te pidiera Reiniciar el sistema Aceptas.
• Guardas el reporte que te aparecerá, para copiarlo y pegarlo en tu próxima respuesta.
• El informe también se puede encontrar en C:\AdwCleaner\AdwCleaner[C1].txt

3) Descarga CCleaner

• Instala Ccleaner
• Abres Ccleaner en la pestaña limpiador dejas como esta configurada predeterminadamente, haces clic en analizar esperas que termine >> clic en ejecutar limpiador
• Clic en la pestaña Registro >> clic en buscar problemas esperas que termine >> clic en Reparar Seleccionadas y haces una copia de seguridad
• Vuelves a darle clic en buscar problemas hasta que no encuentre ninguno.

Pega los reportes de Malwarebytes y AdwCleaner y comentas como va el problema.

¿Cómo pegar reportes en el foro?

Un saludo

Buenas. Creo que se solucionó pasando el eset on line. Pero aquí te pongo lo que me pediste:

Reporte del malwarebytes:

www.malwarebytes.com

-Detalles del registro-
Fecha del análisis: 29/12/18
Hora del análisis: 18:15
Archivo de registro: 5222709c-0b8d-11e9-a121-e0d55e2b1942.json

-Información del software-
Versión: 3.6.1.2711
Versión de los componentes: 1.0.508
Versión del paquete de actualización: 1.0.8549
Licencia: Prueba

-Información del sistema-
SO: Windows 10 (Build 17763.195)
CPU: x64
Sistema de archivos: NTFS
Usuario: DESKTOP-315EU31\CARAGUIA-PC

-Resumen del análisis-
Tipo de análisis: Análisis de amenazas
Análisis iniciado por:: Manual
Resultado: Completado
Objetos analizados: 392324
Amenazas detectadas: 0
Amenazas en cuarentena: 0
Tiempo transcurrido: 1 min, 23 seg

-Opciones de análisis-
Memoria: Activado
Inicio: Activado
Sistema de archivos: Activado
Archivo: Activado
Rootkits: Desactivado
Heurística: Activado
PUP: Detectar
PUM: Detectar

-Detalles del análisis-
Proceso: 0
(No hay elementos maliciosos detectados)

Módulo: 0
(No hay elementos maliciosos detectados)

Clave del registro: 0
(No hay elementos maliciosos detectados)

Valor del registro: 0
(No hay elementos maliciosos detectados)

Datos del registro: 0
(No hay elementos maliciosos detectados)

Secuencia de datos: 0
(No hay elementos maliciosos detectados)

Carpeta: 0
(No hay elementos maliciosos detectados)

Archivo: 0
(No hay elementos maliciosos detectados)

Sector físico: 0
(No hay elementos maliciosos detectados)

WMI: 0
(No hay elementos maliciosos detectados)


(end)

AdwCleaner

# Malwarebytes AdwCleaner 7.2.6.0
# -------------------------------
# Build:    12-18-2018
# Database: 2018-12-21.2 (Cloud)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start:    12-29-2018
# Duration: 00:00:01
# OS:       Windows 10 Pro
# Cleaned:  29
# Failed:   0


***** [ Services ] *****

Deleted       panda_url_filtering

***** [ Folders ] *****

Deleted       C:\ProgramData\Tencent
Deleted       C:\Program Files (x86)\Common Files\Tencent
Deleted       C:\Users\CARAGUIA-PC\AppData\Roaming\Tencent
Deleted       C:\Users\CARAGUIA-PC\AppData\Roaming\imminent
Deleted       C:\Program Files (x86)\pandasecuritytb
Deleted       C:\Users\CARAGUIA-PC\AppData\LocalLow\pandasecuritytb
Deleted       C:\Program Files\Panda Security URL Filtering

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted       HKCU\Software\csastats
Deleted       HKLM\Software\Wow6432Node\Classes\AppID\DownloadProxy.EXE
Deleted       HKLM\SOFTWARE\Classes\AppID\DownloadProxy.EXE
Deleted       HKLM\Software\Wow6432Node\Classes\Interface\{B9E49847-9822-4139-BC55-7173ED1ADA11}
Deleted       HKLM\Software\Wow6432Node\Classes\CLSID\{B9E49847-9822-4139-BC55-7173ED1ADA11}
Deleted       HKLM\Software\Wow6432Node\Classes\CLSID\{70DE12EA-79F4-46BC-9812-86DB50A2FD64}
Deleted       HKLM\Software\Wow6432Node\Classes\Interface\{E7270EC6-0113-4A78-B610-E501D0A9E48E}
Deleted       HKLM\Software\Classes\Interface\{E7270EC6-0113-4A78-B610-E501D0A9E48E}
Deleted       HKLM\Software\Wow6432Node\Classes\Interface\{6B3732AA-F6D4-4F16-9E22-49EDC52C9514}
Deleted       HKLM\Software\Wow6432Node\Classes\AppID\{51BEE30D-EEC8-4BA3-930B-298B8E759EB1}
Deleted       HKLM\Software\Classes\AppID\{51BEE30D-EEC8-4BA3-930B-298B8E759EB1}
Deleted       HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{AACD3294-30F4-4B42-BC14-BA44A98CF44A}
Deleted       HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{2C13D583-5663-4F52-8285-E6EDF75A41A6}
Deleted       HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{25715092-642D-4C0C-B8C3-182104A1FE5B}
Deleted       HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{A2D1ED1C-8C7C-4A54-A351-74383C58F2A3}
Deleted       HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{08BBB1E6-B758-4B3E-A30A-CE0B860FBD86}
Deleted       HKLM\Software\Classes\METNSD
Deleted       HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\hawaii-photoreal.com
Deleted       HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\hawaii-photoreal.com
Deleted       HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon|Userinit

***** [ Chromium (and derivatives) ] *****

Deleted       cccpiddacjljmfbbgeimpelpndgpoknn

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [4330 octets] - [29/12/2018 18:21:08]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

Un saludo.

Hola

Aunque se haya resuelto vamos a utilizar FRST, ya que veo unas entradas detectadas con AdwCleaner para ver que no haya quedado ningún resto en tu equipo.

Descarga Farbar Recovery Scan Tool.en el escritorio, seleccionando la versión adecuada para la arquitectura(32 o 64bits) de tu equipo. [color=#FF8C00][size=1] ¿Cómo saber si mi Windows es de 32 o 64 bits.?[/size][/color]

• Ejecuta FRST.exe.
• En el mensaje de la ventana del Disclaimer, pulsamos Yes
• En la ventana principal pulsamos en el botón Scan y esperamos a que concluya el proceso.
• Se abrirán dos(2) archivos(Logs), Frst.txt y Addition.txt, estos quedaran grabados en el escritorio.

Pon los dos reportes generados.

Debes copiarlos y pegarlos con todo su contenido y usaras varios mensajes si recibes un mensaje de error indicando que es muy largo(mas de 50.000 caracteres aprox.).

Un saludo

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 29.12.2018
Ran by CARAGUIA-PC (administrator) on DESKTOP-315EU31 (30-12-2018 23:25:28)
Running from D:\Users\CARAGUIA\Desktop
Loaded Profiles: CARAGUIA-PC & OVRLibraryService (Available Profiles: CARAGUIA-PC & OVRLibraryService)
Platform: Windows 10 Pro Version 1809 17763.195 (X64) Language: Español (España, internacional)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Stardock Software, Inc) C:\Program Files (x86)\Stardock\Groupy\GroupySrv.exe
() C:\Program Files (x86)\Jeppesen\CDA\cda.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Connection Service\Creative.AudPosService.exe
(Flexera Software LLC) C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files (x86)\GIGABYTE\AppCenter\AdjustService.exe
(Jeppesen) C:\Program Files (x86)\Jeppesen\JWC\JWC.exe
(Rivet Networks) C:\Program Files\Killer Networking\Killer Control Center\KillerNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(GIGA-BYTE TECHNOLOGY CO., LTD.) C:\Program Files (x86)\GIGABYTE\EasyTuneEngineService\OcButtonService.exe
(Facebook Technologies, LLC) C:\Program Files\Oculus\Support\oculus-runtime\OVRServiceLauncher.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Tobias Erichsen) C:\Program Files (x86)\Tobias Erichsen\rtpMIDI\rtpMIDISvc.exe
(Wondershare) C:\Program Files (x86)\Wondershare\WAF\2.4.3.225\WsAppService.exe
(Wondershare) C:\Program Files (x86)\Wondershare\dr.fone toolkit para iOS\Library\DriverInstaller\DriverInstall.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Facebook Technologies, LLC) C:\Program Files\Oculus\Support\oculus-runtime\OVRServer_x64.exe
() C:\Program Files\Oculus\Support\oculus-runtime\OVRRedir.exe
(Stardock Software, Inc) C:\Program Files (x86)\Stardock\Groupy\GroupyHelp64.exe
(Stardock Software, Inc) C:\Program Files (x86)\Stardock\Groupy\GroupyHelp32.exe
(Starock Software, Inc) C:\Program Files (x86)\Stardock\Groupy\GroupyCtrl.exe
() C:\Program Files (x86)\GIGABYTE\AppCenter\ApCent.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Windows\System32\Speech_OneCore\common\SpeechRuntime.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.36.52.0_x64__kzf8qxf38zg5c\SkypeApp.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.36.52.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
(Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeSH.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(GIGA-BYTE TECHNOLOGY CO., LTD.) C:\Program Files (x86)\GIGABYTE\EasyTuneEngineService\EasyTuneEngineService.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.36.52.0_x64__kzf8qxf38zg5c\SkypeBridge\SkypeBridge.exe
() C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18102.12011.0_x64__8wekyb3d8bbwe\Video.UI.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(Logitech) C:\Program Files\Logitech\Flight Rudder Pedals\RudderPedals_Profiler.exe
(Derek Mayer) C:\Users\CARAGUIA-PC\AppData\Local\Programs\SimBrief Downloader\SimBrief Downloader.exe
(Derek Mayer) C:\Users\CARAGUIA-PC\AppData\Local\Programs\SimBrief Downloader\SimBrief Downloader.exe
(Derek Mayer) C:\Users\CARAGUIA-PC\AppData\Local\Programs\SimBrief Downloader\SimBrief Downloader.exe
(GIGA-BYTE TECHNOLOGY CO., LTD.) C:\Program Files (x86)\GIGABYTE\EasyTuneEngineService\GraphicsCardEngine.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iTunes_12092.6.37131.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe
(Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
() C:\Program Files (x86)\Jeppesen\CDA\CDAMonitor.exe
(Duet, Inc.) C:\Program Files\Kairos\Duet Display\duet.exe
(GIGABYTE Technology Co.,Ltd.) C:\Program Files (x86)\GIGABYTE\AORUS ENGINE\AORUS.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft) C:\Program Files (x86)\GIGABYTE\GService\GCloud.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11810.1001.12.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\SystemApps\InputApp_cw5n1h2txyewy\WindowsInternal.ComposableShell.Experiences.TextInput.InputApp.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(VS Revo Group) D:\Users\CARAGUIA\Desktop\Revo.Uninstaller.Pro.3.1.8.Portable.KaranPC\x64\RevoUnPro.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Flight Rudder Pedals] => C:\Program Files\Logitech\Flight Rudder Pedals\RudderPedals_Profiler.exe [19968 2018-02-14] (Logitech)
HKLM-x32\...\Run: [Discord] => C:\ProgramData\SquirrelMachineInstalls\Discord.exe [60074328 2018-07-04] (Discord Inc.)
HKLM-x32\...\Run: [Duet Display] => C:\Program Files\Kairos\Duet Display\duet.exe [2127864 2018-08-17] (Duet, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601424 2018-10-06] (Oracle Corporation)
HKLM-x32\...\RunOnce: [PreRun] => C:\Program Files (x86)\GIGABYTE\AppCenter\PreRun.exe [14632 2016-02-26] ()
HKU\S-1-5-21-759811077-1501555437-92379397-1001\...\Run: [SimBrief Downloader] => C:\Users\CARAGUIA-PC\AppData\Local\Programs\SimBrief Downloader\SimBrief Downloader.exe [81042864 2018-11-27] (Derek Mayer)
HKU\S-1-5-21-759811077-1501555437-92379397-1001\...\Run: [Spotify] => C:\Users\CARAGUIA-PC\AppData\Roaming\Spotify\Spotify.exe [25972968 2018-12-23] (Spotify Ltd)
HKU\S-1-5-21-759811077-1501555437-92379397-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [19589208 2018-12-10] (Piriform Software Ltd)
HKU\S-1-5-21-759811077-1501555437-92379397-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12292018185634198\...\Run: [SimBrief Downloader] => C:\Users\CARAGUIA-PC\AppData\Local\Programs\SimBrief Downloader\SimBrief Downloader.exe [81042864 2018-11-27] (Derek Mayer)
HKU\S-1-5-21-759811077-1501555437-92379397-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12292018185634198\...\Run: [Spotify] => C:\Users\CARAGUIA-PC\AppData\Roaming\Spotify\Spotify.exe [25972968 2018-12-23] (Spotify Ltd)
HKU\S-1-5-21-759811077-1501555437-92379397-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12292018185634198\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [19589208 2018-12-10] (Piriform Software Ltd)
HKU\S-1-5-80-3238277391-1891473654-1195688043-4149050645-2494734967\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2018-09-15] (Microsoft Corporation)
HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\system32\rtvcvfw64.dll [246272 2012-09-28] ()
HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\system32\frapsv64.dll [71680 2013-02-26] (Beepa P/L)
HKLM\...\Drivers32-x32: [VIDC.RTV1] => C:\Windows\SysWOW64\rtvcvfw32.dll [247296 2012-09-28] ()
HKLM\...\Drivers32-x32: [VIDC.FPS1] => C:\Windows\SysWOW64\frapsvid.dll [65536 2013-02-26] (Beepa P/L)
HKLM\...\Drivers32-x32: [msacm.lhacm] => C:\Windows\SysWOW64\lhacm.acm [34064 2018-10-09] (Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\Installer\chrmstp.exe [2018-12-14] (Google Inc.)
Lsa: [Authentication Packages] msv1_0 SshdPinAuthLsa

Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CDA Monitor.lnk [2018-09-04]
ShortcutTarget: CDA Monitor.lnk -> C:\Program Files (x86)\Jeppesen\CDA\CDAMonitor.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Killer Control Center.lnk [2018-06-24]
ShortcutTarget: Killer Control Center.lnk -> C:\Program Files\Killer Networking\Killer Control Center\KillerControlCenter.exe (Rivet Networks)
Startup: C:\Users\CARAGUIA-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\GIGABYTE AORUS GRAPHICS ENGINE.lnk [2018-07-26]
ShortcutTarget: GIGABYTE AORUS GRAPHICS ENGINE.lnk -> C:\Program Files (x86)\GIGABYTE\AORUS ENGINE\autorun.exe ()
Startup: C:\Users\CARAGUIA-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Stardock ObjectDock.lnk [2018-07-20]
ShortcutTarget: Stardock ObjectDock.lnk -> D:\Program Files (x86)\Stardock\ObjectDock\ObjectDock.exe (Stardock)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 87.216.1.65 87.216.1.66
Tcpip\..\Interfaces\{150262db-4132-45a2-a407-781b9c443c52}: [DhcpNameServer] 87.216.1.65 87.216.1.66
Tcpip\..\Interfaces\{978f27f6-2045-44b5-8087-b06950ca9d9b}: [DhcpNameServer] 87.216.1.65 87.216.1.66
Tcpip\..\Interfaces\{99e92e94-c2fb-4546-bbc8-147054770050}: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{c51c9de7-9b83-42b9-8a10-0dd67bb68f7d}: [DhcpNameServer] 172.20.10.1

Internet Explorer:
==================
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\ssv.dll [2018-11-29] (Oracle Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2018-07-22] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\jp2ssv.dll [2018-11-29] (Oracle Corporation)
Toolbar: HKLM - No Name - {b60873b9-51aa-4566-b2fc-c16de2ec8bff} -  No File
Toolbar: HKLM-x32 - No Name - {b60873b9-51aa-4566-b2fc-c16de2ec8bff} -  No File
Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2018-06-12] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2018-06-12] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2018-06-12] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2018-06-12] (Microsoft Corporation)

Edge: 
======
Edge Extension: (360 Viewer) -> EdgeExtension_Microsoft360Viewer_8wekyb3d8bbwe => C:\Program Files\WindowsApps\Microsoft.360Viewer_2.3.1.0_neutral__8wekyb3d8bbwe [2018-12-15]

FireFox:
========
FF DefaultProfile: 2t6r1rle.default
FF ProfilePath: C:\Users\CARAGUIA-PC\AppData\Roaming\Mozilla\Firefox\Profiles\2t6r1rle.default [2018-12-30]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.191.2 -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\dtplugin\npDeployJava1.dll [2018-11-29] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.191.2 -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\plugin2\npjp2.dll [2018-11-29] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2018-11-16] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2018-11-16] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-20] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-20] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-12-04] (Adobe Systems Inc.)

Chrome: 
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://google.es/
CHR StartupUrls: Default -> "hxxp://google.es/"
CHR DefaultSearchKeyword: Default -> google.com_
CHR Profile: C:\Users\CARAGUIA-PC\AppData\Local\Google\Chrome\User Data\Default [2018-12-30]
CHR Extension: (Presentaciones) - C:\Users\CARAGUIA-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-06-23]
CHR Extension: (Documentos) - C:\Users\CARAGUIA-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-06-23]
CHR Extension: (Google Drive) - C:\Users\CARAGUIA-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-17]
CHR Extension: (Turn Off the Lights) - C:\Users\CARAGUIA-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfbmjmiodbnnpllbbbfblcplfjjepjdn [2018-12-29]
CHR Extension: (MEGA) - C:\Users\CARAGUIA-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\bigefpfhnfcobdlfbedofhhaibnlghod [2018-12-22]
CHR Extension: (YouTube) - C:\Users\CARAGUIA-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-06-23]
CHR Extension: (X-notifier (for Gmail™,Hotmail,Yahoo,AOL...)) - C:\Users\CARAGUIA-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\cdfjbkbddpfnoplfhceolpopfoepleco [2018-12-27]
CHR Extension: (¿Qué cocino hoy?) - C:\Users\CARAGUIA-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\enadeelnincmhhilgbiphjbjnnagnhmh [2018-06-23]
CHR Extension: (MyJDownloader Browser Extension) - C:\Users\CARAGUIA-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\fbcohnmimjicjdomonkcbcpbpnhggkip [2018-11-07]
CHR Extension: (Hojas de cálculo) - C:\Users\CARAGUIA-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-06-23]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\CARAGUIA-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-11]
CHR Extension: (AdBlock) - C:\Users\CARAGUIA-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2018-12-11]
CHR Extension: (Unlimited Free VPN - Hola) - C:\Users\CARAGUIA-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio [2018-12-26]
CHR Extension: (No Coin - Block miners on the web!) - C:\Users\CARAGUIA-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\gojamcfopckidlocpkbelmpjcgmbgjcl [2018-08-23]
CHR Extension: (Youtube Categories) - C:\Users\CARAGUIA-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\hennlecbpnfiibglfmhmnplnhmioboei [2018-07-28]
CHR Extension: (Collections for Youtube™) - C:\Users\CARAGUIA-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\honnkfdoebhajgiblfcegjnlfkoallck [2018-07-28]
CHR Extension: (Youtube Subscription(Collection) Manager) - C:\Users\CARAGUIA-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdmnjgijlmjgmimahnillepgcgeemffb [2018-12-27]
CHR Extension: (Evernote Web) - C:\Users\CARAGUIA-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\lbfehkoinhhcknnbdgnnmjhiladcgbol [2018-06-23]
CHR Extension: (Pocket) - C:\Users\CARAGUIA-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjcnijlhddpbdemagnpefmlkjdagkogk [2018-06-23]
CHR Extension: (Video Deck for YouTube™) - C:\Users\CARAGUIA-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpoakikepagdiphlmfaeifpojdmbnegj [2018-06-23]
CHR Extension: (Keepa - Amazon Price Tracker) - C:\Users\CARAGUIA-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\neebplgakaahbhdphmkckjjcegoiijjo [2018-08-23]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\CARAGUIA-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-06-23]
CHR Extension: (Gmail) - C:\Users\CARAGUIA-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-06-23]
CHR Extension: (Chrome Media Router) - C:\Users\CARAGUIA-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-12-14]
CHR Extension: (Youtube Collections) - C:\Users\CARAGUIA-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\pmeoacbdkacmcjgfcadjigglammpehep [2018-07-28]
CHR Extension: (Diigo Web Collector - Capture and Annotate) - C:\Users\CARAGUIA-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnhplgjpclknigjpccbcnmicgcieojbh [2018-12-29]
CHR Profile: C:\Users\CARAGUIA-PC\AppData\Local\Google\Chrome\User Data\Guest Profile [2018-12-29]
CHR Profile: C:\Users\CARAGUIA-PC\AppData\Local\Google\Chrome\User Data\System Profile [2018-12-29]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

HKLM\SYSTEM\CurrentControlSet\Services\aswSP <==== ATTENTION (Rootkit!)
HKLM\SYSTEM\CurrentControlSet\Services\aswMonFlt <==== ATTENTION (Rootkit!)
HKLM\SYSTEM\CurrentControlSet\Services\aswSnx <==== ATTENTION (Rootkit!)

S3 AppleChargerSrv; C:\WINDOWS\System32\AppleChargerSrv.exe [31272 2010-04-06] ()
R2 CDA; C:\Program Files (x86)\Jeppesen\CDA\CDA.exe [134088 2016-04-01] ()
R2 Creative.AudPosService; C:\Program Files (x86)\Creative\Connection Service\Creative.AudPosService.exe [10752 2017-02-28] (Creative Technology Ltd) [File not signed]
S3 DuetUpdater; C:\Program Files\Kairos\Duet Display\DuetUpdater.exe [937976 2018-08-17] (Kairos)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [779392 2018-06-29] (EasyAntiCheat Ltd)
R2 EasyTuneEngineService; C:\Program Files (x86)\GIGABYTE\EasyTuneEngineService\EasyTuneEngineService.exe [146864 2018-04-12] (GIGA-BYTE TECHNOLOGY CO., LTD.)
R2 gadjservice; C:\Program Files (x86)\GIGABYTE\AppCenter\AdjustService.exe [17920 2015-06-25] () [File not signed]
R2 Groupy; C:\Program Files (x86)\Stardock\Groupy\GroupySrv.exe [229776 2018-06-26] (Stardock Software, Inc)
R2 Gservice; C:\Program Files (x86)\GIGABYTE\GService\GCloud.exe [19888 2016-12-02] (Microsoft)
S3 HwmRecordService; C:\Program Files (x86)\GIGABYTE\SIV\HwmRecordService.exe [117704 2018-01-10] (GIGA-BYTE TECHNOLOGY CO., LTD.)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\SocketHeciServer.exe [758552 2018-03-02] (Intel(R) Corporation)
S2 Intel(R) TPM Provisioning Service; C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\TPMProvisioningService.exe [719640 2018-03-02] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [205968 2017-12-03] (Intel Corporation)
R2 JWC; C:\Program Files (x86)\Jeppesen\JWC\JWC.exe [658016 2014-10-06] (Jeppesen)
R2 Killer Network Service x64; C:\Program Files\Killer Networking\Killer Control Center\KillerNetworkService.exe [2318016 2018-04-02] (Rivet Networks)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6347056 2018-09-19] (Malwarebytes)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [787336 2018-11-16] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [787336 2018-11-16] (NVIDIA Corporation)
R2 OcButtonService; C:\Program Files (x86)\GIGABYTE\EasyTuneEngineService\OcButtonService.exe [123312 2018-04-12] (GIGA-BYTE TECHNOLOGY CO., LTD.)
S3 OVRLibraryService; C:\Program Files\Oculus\Support\oculus-librarian\OVRLibraryService.exe [142776 2018-12-12] (Facebook Technologies, LLC)
R2 OVRService; C:\Program Files\Oculus\Support\oculus-runtime\OVRServiceLauncher.exe [1681848 2018-12-12] (Facebook Technologies, LLC)
R2 rtpMIDIService; C:\Program Files (x86)\Tobias Erichsen\rtpMIDI\rtpMIDISvc.exe [3958416 2016-11-19] (Tobias Erichsen)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5381624 2018-09-15] (Microsoft Corporation)
S4 ssh-agent; C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [384512 2018-09-15] ()
S3 sshd; C:\WINDOWS\System32\OpenSSH\sshd.exe [974848 2018-12-12] ()
S3 SshdBroker; C:\WINDOWS\System32\SshdBroker.dll [289280 2018-11-30] (Microsoft Corporation)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [11644656 2018-09-10] (TeamViewer GmbH)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\NisSrv.exe [3880120 2018-12-28] (Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\MsMpEng.exe [114208 2018-12-28] (Microsoft Corporation)
R2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.4.3.225\WsAppService.exe [473824 2017-05-05] (Wondershare)
R2 WsDrvInst; C:\Program Files (x86)\Wondershare\dr.fone toolkit para iOS\Library\DriverInstaller\DriverInstall.exe [119008 2017-06-28] (Wondershare)
S2 HCloverService; C:\Program Files (x86)\Clover\CloverSvc.dll [X]
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000 
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AmUStor; C:\WINDOWS\system32\drivers\AmUStor.SYS [109008 2018-06-24] ()
R1 AppleCharger; C:\WINDOWS\System32\DRIVERS\AppleCharger.sys [22240 2013-10-28] ()
S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20640 2018-05-10] (Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (Apple Inc.)
R4 ddkmd; C:\Windows\system32\drivers\ddkmd.sys [313144 2018-07-02] (OSBASE)
R0 ddkmdldr; C:\WINDOWS\System32\drivers\ddkmdldr.sys [40272 2018-07-02] (OSBASE)
R3 duetbus; C:\WINDOWS\System32\drivers\duetbus.sys [32512 2018-04-27] (Duet, Inc.)
R3 e2xw10x64; C:\WINDOWS\System32\drivers\e2xw10x64.sys [165608 2017-10-30] (Qualcomm Atheros, Inc.)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [152688 2018-12-04] (Malwarebytes)
R3 gdrv; C:\Windows\gdrv.sys [26792 2018-07-04] (GIGA-BYTE TECHNOLOGY CO., LTD.)
R3 gdrv2; C:\WINDOWS\gdrv2.sys [32720 2018-12-05] (GIGA-BYTE TECHNOLOGY CO., LTD.)
S3 GLCKIO; C:\ProgramData\ASUS\GLKIO\690b33e1-0462-4e84-9bea-c7552b45432a.sys [18712 2018-07-04] ()
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2018-06-24] (REALiX(tm))
R0 iaStorAC; C:\WINDOWS\System32\drivers\iaStorAC.sys [942128 2018-06-24] (Intel Corporation)
R3 LSaiMini; C:\WINDOWS\System32\drivers\LSaiMini.sys [20720 2018-02-14] (Logitech)
R3 LSaiNtBus; C:\WINDOWS\system32\drivers\LSaiBus.sys [60336 2018-02-14] (Logitech)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [198512 2018-12-29] (Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [126624 2018-12-29] (Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [72536 2018-12-29] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [261032 2018-12-29] (Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [113016 2018-12-30] (Malwarebytes)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_e59b844303b9907e\nvlddmkm.sys [20395400 2018-11-16] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30336 2018-10-25] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [70024 2018-10-01] (NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [74576 2018-10-01] (NVIDIA Corporation)
R3 Oculus_ViGEmBus; C:\WINDOWS\System32\drivers\Oculus_ViGEmBus.sys [32856 2018-08-31] (Facebook Inc.)
R3 RfeCoSvc; C:\WINDOWS\system32\DRIVERS\RfeCo10X64.sys [141480 2018-04-02] (Rivet Networks, LLC.)
R3 SaiH0BAC; C:\WINDOWS\system32\DRIVERS\SaiH0BAC.sys [176128 2007-07-02] (Saitek)
R3 SaiH0C2D; C:\WINDOWS\system32\DRIVERS\SaiH0C2D.sys [176128 2007-07-02] (Saitek)
R3 SaiK0763; C:\WINDOWS\system32\DRIVERS\SaiK0763.sys [217408 2018-02-14] (Logitech)
R0 secnvme; C:\WINDOWS\System32\drivers\secnvme.sys [134120 2018-02-13] (Samsung Electronics Co., Ltd)
R3 teVirtualMIDI64; C:\WINDOWS\system32\DRIVERS\teVirtualMIDI64.sys [41016 2016-08-31] (Tobias Erichsen)
S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2016-03-28] (Apple, Inc.) [File not signed]
S1 UsbCharger; C:\WINDOWS\System32\DRIVERS\UsbCharger.sys [22240 2013-10-24] ()
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [46680 2018-12-28] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [330936 2018-12-28] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [62136 2018-12-28] (Microsoft Corporation)
R3 ysusb_w10_64; C:\WINDOWS\system32\drivers\ysusb_w10_64.sys [173536 2018-05-17] (Yamaha Corporation)
S3 panda_url_filteringd; \??\C:\Program Files\Panda Security URL Filtering\panda_url_filteringd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-12-30 23:25 - 2018-12-30 23:25 - 000000000 ____D C:\FRST
2018-12-29 18:35 - 2018-12-29 18:35 - 000000000 ____D C:\Users\CARAGUIA-PC\AppData\Roaming\AVAST Software
2018-12-29 18:27 - 2018-12-29 18:57 - 000000000 ____D C:\Users\CARAGUIA-PC\AppData\Local\AVAST Software
2018-12-29 18:26 - 2018-12-30 22:30 - 000000000 ____D C:\WINDOWS\System32\Tasks\Avast Software
2018-12-29 18:26 - 2018-12-29 18:26 - 001028680 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswf8f08075970936aa.tmp
2018-12-29 18:26 - 2018-12-29 18:26 - 000469272 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswd7e7e5acbae29b9f.tmp
2018-12-29 18:26 - 2018-12-29 18:26 - 000380464 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw27e774b2879df13c.tmp
2018-12-29 18:26 - 2018-12-29 18:26 - 000239840 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswba24bd457a7a16ce.tmp
2018-12-29 18:26 - 2018-12-29 18:26 - 000208472 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw785615499a55f1e2.tmp
2018-12-29 18:26 - 2018-12-29 18:26 - 000201240 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswf8fd8fe53bef61fa.tmp
2018-12-29 18:26 - 2018-12-29 18:26 - 000163208 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswc12e4a4379b51291.tmp
2018-12-29 18:26 - 2018-12-29 18:26 - 000111800 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw86057cae592f9407.tmp
2018-12-29 18:26 - 2018-12-29 18:26 - 000087432 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswef0fc1ec2291a10e.tmp
2018-12-29 18:26 - 2018-12-29 18:26 - 000046384 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswa3fb1a24fe29bfb9.tmp
2018-12-29 18:26 - 2018-12-29 18:26 - 000042288 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw61b0a6438765301f.tmp
2018-12-29 18:26 - 2018-12-29 18:26 - 000015360 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbb8b8200f5b02afe.tmp
2018-12-29 18:26 - 2018-12-29 18:26 - 000000000 ____D C:\Program Files\Common Files\AVAST Software
2018-12-29 18:26 - 2018-12-29 18:25 - 000346592 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw5d8681c562ec9036.tmp
2018-12-29 18:26 - 2018-12-29 18:25 - 000230344 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw8cde1942963021e9.tmp
2018-12-29 18:26 - 2018-12-29 18:25 - 000201768 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswc69aaf7e91a85ad1.tmp
2018-12-29 18:26 - 2018-12-29 18:25 - 000059496 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswc51c544809bbc570.tmp
2018-12-29 18:25 - 2018-12-29 18:25 - 000000000 ____D C:\Program Files\AVAST Software
2018-12-29 18:24 - 2018-12-30 22:30 - 000002988 _____ C:\WINDOWS\System32\Tasks\CCleaner Update
2018-12-29 18:24 - 2018-12-30 22:30 - 000002232 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2018-12-29 18:24 - 2018-12-29 19:30 - 000000000 ____D C:\ProgramData\AVAST Software
2018-12-29 18:24 - 2018-12-29 18:24 - 000000863 _____ C:\Users\Public\Desktop\CCleaner.lnk
2018-12-29 18:24 - 2018-12-29 18:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2018-12-29 18:24 - 2018-12-29 18:24 - 000000000 ____D C:\Program Files\CCleaner
2018-12-29 18:23 - 2018-12-30 23:09 - 000113016 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2018-12-29 18:23 - 2018-12-29 18:23 - 000126624 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2018-12-29 18:23 - 2018-12-29 18:23 - 000072536 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2018-12-29 18:22 - 2018-12-29 18:56 - 000261032 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2018-12-29 18:20 - 2018-12-29 18:21 - 000000000 ____D C:\AdwCleaner
2018-12-29 18:14 - 2018-12-29 18:14 - 000198512 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2018-12-27 23:03 - 2018-12-27 23:03 - 000000000 ____D C:\Users\CARAGUIA-PC\.tizen
2018-12-27 22:53 - 2018-12-27 22:53 - 000000000 ____D C:\Users\CARAGUIA-PC\.eclipse
2018-12-25 18:51 - 2018-12-27 18:46 - 000001118 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Audition CC 2019.lnk
2018-12-25 13:41 - 2018-12-25 13:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PreSonus
2018-12-25 13:41 - 2018-12-25 13:41 - 000000000 ____D C:\Program Files\PreSonus
2018-12-23 00:00 - 2018-12-30 23:05 - 000000000 ____D C:\Users\CARAGUIA-PC\GearWatchDesigner
2018-12-22 23:52 - 2018-12-23 00:00 - 000000000 ____D C:\Program Files (x86)\GearWatchDesigner
2018-12-22 23:52 - 2018-12-22 23:52 - 000000000 ____D C:\Users\CARAGUIA-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GearWatchDesigner
2018-12-22 23:02 - 2018-12-22 23:02 - 000000000 ____D C:\Users\CARAGUIA-PC\AppData\Local\ESET
2018-12-20 09:20 - 2018-12-20 09:20 - 009677624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2018-12-20 09:20 - 2018-12-20 09:20 - 007856640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2018-12-20 09:20 - 2018-12-20 09:20 - 007645584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2018-12-20 09:20 - 2018-12-20 09:20 - 006541440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2018-12-20 09:20 - 2018-12-20 09:20 - 006057984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2018-12-20 09:20 - 2018-12-20 09:20 - 005439808 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2018-12-20 09:20 - 2018-12-20 09:20 - 003550384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2018-12-20 09:20 - 2018-12-20 09:20 - 002469632 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2018-12-20 09:20 - 2018-12-20 09:20 - 002323696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2018-12-20 09:20 - 2018-12-20 09:20 - 001388032 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2018-12-20 09:20 - 2018-12-20 09:20 - 001255952 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2018-12-20 09:20 - 2018-12-20 09:20 - 001051176 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2018-12-20 09:20 - 2018-12-20 09:20 - 000840192 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2018-12-20 09:20 - 2018-12-20 09:20 - 000684032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2018-12-20 09:20 - 2018-12-20 09:20 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2018-12-20 09:20 - 2018-12-20 09:20 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2018-12-20 09:20 - 2018-12-20 09:20 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2018-12-20 09:20 - 2018-12-20 09:20 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2018-12-20 09:20 - 2018-12-20 09:20 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2018-12-20 09:20 - 2018-12-20 09:20 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2018-12-20 09:20 - 2018-12-20 09:20 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2018-12-20 09:20 - 2018-12-20 09:20 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2018-12-19 00:33 - 2018-12-19 01:29 - 000000000 ____D C:\Users\CARAGUIA-PC\Doctor Web
2018-12-19 00:33 - 2018-12-19 00:33 - 000000000 ____D C:\ProgramData\Doctor Web
2018-12-19 00:21 - 2018-12-19 00:24 - 000000000 ____D C:\ProgramData\HitmanPro
2018-12-19 00:13 - 2018-12-19 00:13 - 000001912 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2018-12-19 00:13 - 2018-12-19 00:13 - 000000000 ____D C:\Users\CARAGUIA-PC\AppData\Local\mbamtray
2018-12-19 00:13 - 2018-12-19 00:13 - 000000000 ____D C:\Users\CARAGUIA-PC\AppData\Local\mbam
2018-12-19 00:13 - 2018-12-19 00:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2018-12-19 00:13 - 2018-12-19 00:13 - 000000000 ____D C:\ProgramData\Malwarebytes
2018-12-19 00:13 - 2018-12-19 00:13 - 000000000 ____D C:\Program Files\Malwarebytes
2018-12-19 00:13 - 2018-12-04 08:09 - 000152688 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2018-12-15 16:57 - 2018-12-17 18:44 - 000000000 ____D C:\WINDOWS\Panther
2018-12-12 23:04 - 2018-12-12 23:04 - 000000020 ___SH C:\Users\OVRLibraryService\ntuser.ini
2018-12-12 18:32 - 2018-12-12 18:32 - 026807296 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2018-12-12 18:32 - 2018-12-12 18:32 - 024617472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2018-12-12 18:32 - 2018-12-12 18:32 - 023440384 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2018-12-12 18:32 - 2018-12-12 18:32 - 022112072 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2018-12-12 18:32 - 2018-12-12 18:32 - 020811776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2018-12-12 18:32 - 2018-12-12 18:32 - 019284992 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramWorld.dll
2018-12-12 18:32 - 2018-12-12 18:32 - 019024384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2018-12-12 18:32 - 2018-12-12 18:32 - 017520640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2018-12-12 18:32 - 2018-12-12 18:32 - 015224832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2018-12-12 18:32 - 2018-12-12 18:32 - 012858368 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2018-12-12 18:32 - 2018-12-12 18:32 - 012151296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2018-12-12 18:32 - 2018-12-12 18:32 - 011724288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2018-12-12 18:32 - 2018-12-12 18:32 - 009941504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2018-12-12 18:32 - 2018-12-12 18:32 - 007724776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2018-12-12 18:32 - 2018-12-12 18:32 - 007685016 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2018-12-12 18:32 - 2018-12-12 18:32 - 006925824 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2018-12-12 18:32 - 2018-12-12 18:32 - 006306152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2018-12-12 18:32 - 2018-12-12 18:32 - 006132736 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2018-12-12 18:32 - 2018-12-12 18:32 - 005764608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2018-12-12 18:32 - 2018-12-12 18:32 - 005585056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2018-12-12 18:32 - 2018-12-12 18:32 - 005565440 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2018-12-12 18:32 - 2018-12-12 18:32 - 005312512 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2018-12-12 18:32 - 2018-12-12 18:32 - 005130752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2018-12-12 18:32 - 2018-12-12 18:32 - 005113008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2018-12-12 18:32 - 2018-12-12 18:32 - 004918784 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2018-12-12 18:32 - 2018-12-12 18:32 - 004765184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2018-12-12 18:32 - 2018-12-12 18:32 - 004588736 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2018-12-12 18:32 - 2018-12-12 18:32 - 004306432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2018-12-12 18:32 - 2018-12-12 18:32 - 004300800 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2018-12-12 18:32 - 2018-12-12 18:32 - 003983360 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2018-12-12 18:32 - 2018-12-12 18:32 - 003662336 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2018-12-12 18:32 - 2018-12-12 18:32 - 003601920 _____ (Microsoft Corporation) C:\WINDOWS\system32\tellib.dll
2018-12-12 18:32 - 2018-12-12 18:32 - 003577856 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2018-12-12 18:32 - 2018-12-12 18:32 - 003566080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2018-12-12 18:32 - 2018-12-12 18:32 - 003556352 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2018-12-12 18:32 - 2018-12-12 18:32 - 003504640 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2018-12-12 18:32 - 2018-12-12 18:32 - 003427328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2018-12-12 18:32 - 2018-12-12 18:32 - 003380224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2018-12-12 18:32 - 2018-12-12 18:32 - 003379000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2018-12-12 18:32 - 2018-12-12 18:32 - 003334144 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2018-12-12 18:32 - 2018-12-12 18:32 - 003108864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2018-12-12 18:32 - 2018-12-12 18:32 - 003092480 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2018-12-12 18:32 - 2018-12-12 18:32 - 002988544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2018-12-12 18:32 - 2018-12-12 18:32 - 002927104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2018-12-12 18:32 - 2018-12-12 18:32 - 002883584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2018-12-12 18:32 - 2018-12-12 18:32 - 002843136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2018-12-12 18:32 - 2018-12-12 18:32 - 002777224 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2018-12-12 18:32 - 2018-12-12 18:32 - 002765312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2018-12-12 18:32 - 2018-12-12 18:32 - 002721792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2018-12-12 18:32 - 2018-12-12 18:32 - 002689536 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2018-12-12 18:32 - 2018-12-12 18:32 - 002654208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2018-12-12 18:32 - 2018-12-12 18:32 - 002630656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2018-12-12 18:32 - 2018-12-12 18:32 - 002626360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2018-12-12 18:32 - 2018-12-12 18:32 - 002618880 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2018-12-12 18:32 - 2018-12-12 18:32 - 002466304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2018-12-12 18:32 - 2018-12-12 18:32 - 002435296 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2018-12-12 18:32 - 2018-12-12 18:32 - 002346496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2018-12-12 18:32 - 2018-12-12 18:32 - 002275896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2018-12-12 18:32 - 2018-12-12 18:32 - 002186752 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2018-12-12 18:32 - 2018-12-12 18:32 - 002149352 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2018-12-12 18:32 - 2018-12-12 18:32 - 002020560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2018-12-12 18:32 - 2018-12-12 18:32 - 001994768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2018-12-12 18:32 - 2018-12-12 18:32 - 001969464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refs.sys
2018-12-12 18:32 - 2018-12-12 18:32 - 001884672 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2018-12-12 18:32 - 2018-12-12 18:32 - 001863168 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2018-12-12 18:32 - 2018-12-12 18:32 - 001842600 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3D12.dll
2018-12-12 18:32 - 2018-12-12 18:32 - 001819136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2018-12-12 18:32 - 2018-12-12 18:32 - 001762816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2018-12-12 18:32 - 2018-12-12 18:32 - 001751560 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntVirtualization.dll
2018-12-12 18:32 - 2018-12-12 18:32 - 001720936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2018-12-12 18:32 - 2018-12-12 18:32 - 001715712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ISM.dll
2018-12-12 18:32 - 2018-12-12 18:32 - 001711104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2018-12-12 18:32 - 2018-12-12 18:32 - 001699840 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2018-12-12 18:32 - 2018-12-12 18:32 - 001696216 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2018-12-12 18:32 - 2018-12-12 18:32 - 001688576 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2018-12-12 18:32 - 2018-12-12 18:32 - 001675712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2018-12-12 18:32 - 2018-12-12 18:32 - 001674688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2018-12-12 18:32 - 2018-12-12 18:32 - 001672056 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2018-12-12 18:32 - 2018-12-12 18:32 - 001671680 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsPrint.dll
2018-12-12 18:32 - 2018-12-12 18:32 - 001664904 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2018-12-12 18:32 - 2018-12-12 18:32 - 001641592 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2018-12-12 18:32 - 2018-12-12 18:32 - 001602560 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2018-12-12 18:32 - 2018-12-12 18:32 - 001506304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2018-12-12 18:32 - 2018-12-12 18:32 - 001496064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2018-12-12 18:32 - 2018-12-12 18:32 - 001483264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2018-12-12 18:32 - 2018-12-12 18:32 - 001467344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2018-12-12 18:32 - 2018-12-12 18:32 - 001466872 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2018-12-12 18:32 - 2018-12-12 18:32 - 001456736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3D12.dll
2018-12-12 18:32 - 2018-12-12 18:32 - 001401864 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystemController.dll
2018-12-12 18:32 - 2018-12-12 18:32 - 001391096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Taskmgr.exe
2018-12-12 18:32 - 2018-12-12 18:32 - 001360696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2018-12-12 18:32 - 2018-12-12 18:32 - 001341376 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2018-12-12 18:32 - 2018-12-12 18:32 - 001315840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll
2018-12-12 18:32 - 2018-12-12 18:32 - 001309696 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2018-12-12 18:32 - 2018-12-12 18:32 - 001294864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2018-12-12 18:32 - 2018-12-12 18:32 - 001294848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2018-12-12 18:32 - 2018-12-12 18:32 - 001287776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2018-12-12 18:32 - 2018-12-12 18:32 - 001282432 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfreadwrite.dll
2018-12-12 18:32 - 2018-12-12 18:32 - 001279024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Taskmgr.exe
2018-12-12 18:32 - 2018-12-12 18:32 - 001267712 _____ (Microsoft Corporation) C:\WINDOWS\system32\APMon.dll
2018-12-12 18:32 - 2018-12-12 18:32 - 001259000 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2018-12-12 18:32 - 2018-12-12 18:32 - 001249792 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2018-12-12 18:32 - 2018-12-12 18:32 - 001219584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2018-12-12 18:32 - 2018-12-12 18:32 - 001199104 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2018-12-12 18:32 - 2018-12-12 18:32 - 001192448 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2018-12-12 18:32 - 2018-12-12 18:32 - 001182720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl
2018-12-12 18:32 - 2018-12-12 18:32 - 001180760 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2018-12-12 18:32 - 2018-12-12 18:32 - 001177632 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2018-12-12 18:32 - 2018-12-12 18:32 - 001166336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl
2018-12-12 18:32 - 2018-12-12 18:32 - 001162280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2018-12-12 18:32 - 2018-12-12 18:32 - 001110528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsPrint.dll
2018-12-12 18:32 - 2018-12-12 18:32 - 001073448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2018-12-12 18:32 - 2018-12-12 18:32 - 001064448 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll
2018-12-12 18:32 - 2018-12-12 18:32 - 001057976 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2adec.dll
2018-12-12 18:32 - 2018-12-12 18:32 - 001057792 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2018-12-12 18:32 - 2018-12-12 18:32 - 001056256 _____ (Microsoft Corporation) C:\WINDOWS\system32\pidgenx.dll
2018-12-12 18:32 - 2018-12-12 18:32 - 001053352 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2018-12-12 18:32 - 2018-12-12 18:32 - 001051960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ClipSp.sys
2018-12-12 18:32 - 2018-12-12 18:32 - 001048576 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2018-12-12 18:32 - 2018-12-12 18:32 - 001019392 _____ (Microsoft Corporation) C:\WINDOWS\system32\termsrv.dll
2018-12-12 18:32 - 2018-12-12 18:32 - 001005568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2018-12-12 18:32 - 2018-12-12 18:32 - 000964976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2018-12-12 18:32 - 2018-12-12 18:32 - 000955392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll
2018-12-12 18:32 - 2018-12-12 18:32 - 000953856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSWorkspace.dll
2018-12-12 18:32 - 2018-12-12 18:32 - 000949248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2018-12-12 18:32 - 2018-12-12 18:32 - 000947200 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2018-12-12 18:32 - 2018-12-12 18:32 - 000925184 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2018-12-12 18:32 - 2018-12-12 18:32 - 000918304 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2018-12-12 18:32 - 2018-12-12 18:32 - 000915968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Graphics.Display.DisplayEnhancementService.dll
2018-12-12 18:32 - 2018-12-12 18:32 - 000912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2018-12-12 18:32 - 2018-12-12 18:32 - 000901632 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2018-12-12 18:32 - 2018-12-12 18:32 - 000897848 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2018-12-12 18:32 - 2018-12-12 18:32 - 000890368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2018-12-12 18:32 - 2018-12-12 18:32 - 000882688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2018-12-12 18:32 - 2018-12-12 18:32 - 000854784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2adec.dll
2018-12-12 18:32 - 2018-12-12 18:32 - 000854016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2018-12-12 18:32 - 2018-12-12 18:32 - 000836096 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2018-12-12 18:32 - 2018-12-12 18:32 - 000833536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2018-12-12 18:32 - 2018-12-12 18:32 - 000817160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntStreamingManager.dll
2018-12-12 18:32 - 2018-12-12 18:32 - 000803328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.OnlineId.dll
2018-12-12 18:32 - 2018-12-12 18:32 - 000801792 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2018-12-12 18:32 - 2018-12-12 18:32 - 000782968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2018-12-12 18:32 - 2018-12-12 18:32 - 000772096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2018-12-12 18:32 - 2018-12-12 18:32 - 000763032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfreadwrite.dll
2018-12-12 18:32 - 2018-12-12 18:32 - 000756640 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2018-12-12 18:32 - 2018-12-12 18:32 - 000752128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2018-12-12 18:32 - 2018-12-12 18:32 - 000729088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2018-12-12 18:32 - 2018-12-12 18:32 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\system32\FrameServer.dll
2018-12-12 18:32 - 2018-12-12 18:32 - 000681984 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2018-12-12 18:32 - 2018-12-12 18:32 - 000680184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2018-12-12 18:32 - 2018-12-12 18:32 - 000669184 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplicationFrame.dll
2018-12-12 18:32 - 2018-12-12 18:32 - 000663552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2018-12-12 18:32 - 2018-12-12 18:32 - 000663552 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2018-12-12 18:32 - 2018-12-12 18:32 - 000663040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2018-12-12 18:32 - 2018-12-12 18:32 - 000660496 _____ (Microsoft Corporation) C:\WINDOWS\system32\computecore.dll
2018-12-12 18:32 - 2018-12-12 18:32 - 000653312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2018-12-12 18:32 - 2018-12-12 18:32 - 000650040 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2018-12-12 18:32 - 2018-12-12 18:32 - 000647168 _____ (Microsoft Corporation) C:\WINDOWS\system32\w32time.dll
2018-12-12 18:32 - 2018-12-12 18:32 - 000609792 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2018-12-12 18:32 - 2018-12-12 18:32 - 000593920 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2018-12-12 18:32 - 2018-12-12 18:32 - 000585728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2018-12-12 18:32 - 2018-12-12 18:32 - 000582240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2018-12-12 18:32 - 2018-12-12 18:32 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SppExtComObj.Exe
2018-12-12 18:32 - 2018-12-12 18:32 - 000566584 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2018-12-12 18:32 - 2018-12-12 18:32 - 000542720 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll
2018-12-12 18:32 - 2018-12-12 18:32 - 000535048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2018-12-12 18:32 - 2018-12-12 18:32 - 000532480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2018-12-12 18:32 - 2018-12-12 18:32 - 000519992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Vid.sys
2018-12-12 18:32 - 2018-12-12 18:32 - 000518656 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2018-12-12 18:32 - 2018-12-12 18:32 - 000515584 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2018-12-12 18:32 - 2018-12-12 18:32 - 000514112 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2018-12-12 18:32 - 2018-12-12 18:32 - 000514048 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpusersvc.dll
2018-12-12 18:32 - 2018-12-12 18:32 - 000506408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2018-12-12 18:32 - 2018-12-12 18:32 - 000500224 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_PCDisplay.dll
2018-12-12 18:32 - 2018-12-12 18:32 - 000494080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.dll
2018-12-12 18:32 - 2018-12-12 18:32 - 000494080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Activities.dll
2018-12-12 18:32 - 2018-12-12 18:32 - 000492032 _____ (Microsoft Corporation) C:\WINDOWS\system32\defragsvc.dll
2018-12-12 18:32 - 2018-12-12 18:32 - 000478208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2018-12-12 18:32 - 2018-12-12 18:32 - 000473616 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2018-12-12 18:32 - 2018-12-12 18:32 - 000457216 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpshell.exe
2018-12-12 18:32 - 2018-12-12 18:32 - 000454160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2018-12-12 18:32 - 2018-12-12 18:32 - 000454144 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2018-12-12 18:32 - 2018-12-12 18:32 - 000451072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2018-12-12 18:32 - 2018-12-12 18:32 - 000449024 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2018-12-12 18:32 - 2018-12-12 18:32 - 000430904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Classpnp.sys
2018-12-12 18:32 - 2018-12-12 18:32 - 000429056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TileDataRepository.dll
2018-12-12 18:32 - 2018-12-12 18:32 - 000424960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2018-12-12 18:32 - 2018-12-12 18:32 - 000421376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2018-12-12 18:32 - 2018-12-12 18:32 - 000417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\eeprov.dll
2018-12-12 18:32 - 2018-12-12 18:32 - 000415744 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2018-12-12 18:32 - 2018-12-12 18:32 - 000407552 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2018-12-12 18:32 - 2018-12-12 18:32 - 000406528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.dll
2018-12-12 18:32 - 2018-12-12 18:32 - 000402576 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave.dll
2018-12-12 18:32 - 2018-12-12 18:32 - 000400384 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll
2018-12-12 18:32 - 2018-12-12 18:32 - 000398848 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2018-12-12 18:32 - 2018-12-12 18:32 - 000398416 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave_secure.dll
2018-12-12 18:32 - 2018-12-12 18:32 - 000394240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2018-12-12 18:32 - 2018-12-12 18:32 - 000383288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msrpc.sys
2018-12-12 18:32 - 2018-12-12 18:32 - 000378368 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2018-12-12 18:32 - 2018-12-12 18:32 - 000371200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Diagnostics.dll
2018-12-12 18:32 - 2018-12-12 18:32 - 000363520 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpinit.exe
2018-12-12 18:32 - 2018-12-12 18:32 - 000358400 _____ (Microsoft Corporation) C:\WINDOWS\regedit.exe
2018-12-12 18:32 - 2018-12-12 18:32 - 000349184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2018-12-12 18:32 - 2018-12-12 18:32 - 000330752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2018-12-12 18:32 - 2018-12-12 18:32 - 000329728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AboveLockAppHost.dll
2018-12-12 18:32 - 2018-12-12 18:32 - 000329216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\regedit.exe
2018-12-12 18:32 - 2018-12-12 18:32 - 000317440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mssecflt.sys
2018-12-12 18:32 - 2018-12-12 18:32 - 000316416 _____ (Microsoft Corporation) C:\WINDOWS\system32\FSClient.dll
2018-12-12 18:32 - 2018-12-12 18:32 - 000312832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
2018-12-12 18:32 - 2018-12-12 18:32 - 000310784 _____ (Microsoft Corporation) C:\WINDOWS\system32\icsvcext.dll
2018-12-12 18:32 - 2018-12-12 18:32 - 000306704 _____ (Microsoft Corporation) C:\WINDOWS\system32\computestorage.dll
2018-12-12 18:32 - 2018-12-12 18:32 - 000303616 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll
2018-12-12 18:32 - 2018-12-12 18:32 - 000301096 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpeffects.dll
2018-12-12 18:32 - 2018-12-12 18:32 - 000300024 _____ (Microsoft Corporation) C:\WINDOWS\system32\icsvc.dll
2018-12-12 18:32 - 2018-12-12 18:32 - 000298536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2018-12-12 18:32 - 2018-12-12 18:32 - 000297984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.Diagnostics.dll
2018-12-12 18:32 - 2018-12-12 18:32 - 000294072 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscapi.dll
2018-12-12 18:32 - 2018-12-12 18:32 - 000290816 _____ (Microsoft Corporation) C:\WINDOWS\system32\wkssvc.dll
2018-12-12 18:32 - 2018-12-12 18:32 - 000289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2018-12-12 18:32 - 2018-12-12 18:32 - 000286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wisp.dll
2018-12-12 18:32 - 2018-12-12 18:32 - 000284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2018-12-12 18:32 - 2018-12-12 18:32 - 000275768 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2018-12-12 18:32 - 2018-12-12 18:32 - 000266240 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2018-12-12 18:32 - 2018-12-12 18:32 - 000262656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2018-12-12 18:32 - 2018-12-12 18:32 - 000252536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscapi.dll
2018-12-12 18:32 - 2018-12-12 18:32 - 000241680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpeffects.dll
2018-12-12 18:32 - 2018-12-12 18:32 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2018-12-12 18:32 - 2018-12-12 18:32 - 000228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2018-12-12 18:32 - 2018-12-12 18:32 - 000226816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wisp.dll
2018-12-12 18:32 - 2018-12-12 18:32 - 000218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscinterop.dll
2018-12-12 18:32 - 2018-12-12 18:32 - 000218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpdxm.dll
2018-12-12 18:32 - 2018-12-12 18:32 - 000200192 _____ (Microsoft Corporation) C:\WINDOWS\system32\ACPBackgroundManagerPolicy.dll
2018-12-12 18:32 - 2018-12-12 18:32 - 000197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\bthserv.dll
2018-12-12 18:32 - 2018-12-12 18:32 - 000193016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2018-12-12 18:32 - 2018-12-12 18:32 - 000182784 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2018-12-12 18:32 - 2018-12-12 18:32 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2018-12-12 18:32 - 2018-12-12 18:32 - 000178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\appsruprov.dll
2018-12-12 18:32 - 2018-12-12 18:32 - 000176440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2018-12-12 18:32 - 2018-12-12 18:32 - 000175104 _____ (Microsoft Corporation) C:\WINDOWS\system32\energyprov.dll
2018-12-12 18:32 - 2018-12-12 18:32 - 000167424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpdxm.dll
2018-12-12 18:32 - 2018-12-12 18:32 - 000166400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscinterop.dll
2018-12-12 18:32 - 2018-12-12 18:32 - 000165376 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompPkgSrv.exe
2018-12-12 18:32 - 2018-12-12 18:32 - 000164344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storahci.sys
2018-12-12 18:32 - 2018-12-12 18:32 - 000164288 _____ (Microsoft Corporation) C:\WINDOWS\system32\vertdll.dll
2018-12-12 18:32 - 2018-12-12 18:32 - 000156984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2018-12-12 18:32 - 2018-12-12 18:32 - 000151872 _____ (Microsoft Corporation) C:\WINDOWS\system32\rmclient.dll
2018-12-12 18:32 - 2018-12-12 18:32 - 000148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\CastingShellExt.dll
2018-12-12 18:32 - 2018-12-12 18:32 - 000146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2018-12-12 18:32 - 2018-12-12 18:32 - 000144384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2018-12-12 18:32 - 2018-12-12 18:32 - 000140600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tm.sys
2018-12-12 18:32 - 2018-12-12 18:32 - 000134144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CastingShellExt.dll
2018-12-12 18:32 - 2018-12-12 18:32 - 000130088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2018-12-12 18:32 - 2018-12-12 18:32 - 000125440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpshell.dll
2018-12-12 18:32 - 2018-12-12 18:32 - 000120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2018-12-12 18:32 - 2018-12-12 18:32 - 000114648 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompPkgSup.dll
2018-12-12 18:32 - 2018-12-12 18:32 - 000114344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rmclient.dll
2018-12-12 18:32 - 2018-12-12 18:32 - 000111104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthenum.sys
2018-12-12 18:32 - 2018-12-12 18:32 - 000102392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bindflt.sys
2018-12-12 18:32 - 2018-12-12 18:32 - 000096768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpshell.dll
2018-12-12 18:32 - 2018-12-12 18:32 - 000095744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2018-12-12 18:32 - 2018-12-12 18:32 - 000095544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storqosflt.sys
2018-12-12 18:32 - 2018-12-12 18:32 - 000094224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fileinfo.sys
2018-12-12 18:32 - 2018-12-12 18:32 - 000094208 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdatastore.dll
2018-12-12 18:32 - 2018-12-12 18:32 - 000091640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CompPkgSup.dll
2018-12-12 18:32 - 2018-12-12 18:32 - 000090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volmgr.sys
2018-12-12 18:32 - 2018-12-12 18:32 - 000087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcnfs.sys
2018-12-12 18:32 - 2018-12-12 18:32 - 000083472 _____ (Microsoft Corporation) C:\WINDOWS\system32\vid.dll
2018-12-12 18:32 - 2018-12-12 18:32 - 000083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe
2018-12-12 18:32 - 2018-12-12 18:32 - 000079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vpci.sys
2018-12-12 18:32 - 2018-12-12 18:32 - 000078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvSysprep.dll
2018-12-12 18:32 - 2018-12-12 18:32 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\offreg.dll
2018-12-12 18:32 - 2018-12-12 18:32 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\iscsiwmi.dll
2018-12-12 18:32 - 2018-12-12 18:32 - 000071168 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdBth.dll
2018-12-12 18:32 - 2018-12-12 18:32 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iscsiwmi.dll
2018-12-12 18:32 - 2018-12-12 18:32 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdBth.dll
2018-12-12 18:32 - 2018-12-12 18:32 - 000058880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offreg.dll
2018-12-12 18:32 - 2018-12-12 18:32 - 000056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\msscntrs.dll
2018-12-12 18:32 - 2018-12-12 18:32 - 000055608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\iorate.sys
2018-12-12 18:32 - 2018-12-12 18:32 - 000051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mmcss.sys
2018-12-12 18:32 - 2018-12-12 18:32 - 000046392 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser_broker.exe
2018-12-12 18:32 - 2018-12-12 18:32 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnsruprov.dll
2018-12-12 18:32 - 2018-12-12 18:32 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\perfts.dll
2018-12-12 18:32 - 2018-12-12 18:32 - 000030208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\perfts.dll
2018-12-12 18:32 - 2018-12-12 18:32 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2018-12-12 18:32 - 2018-12-12 18:32 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2018-12-12 18:30 - 2018-12-12 18:30 - 000000000 ____D C:\WINDOWS\PCHEALTH
2018-12-11 16:45 - 2018-12-11 16:45 - 000000000 ____D C:\Users\CARAGUIA-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinDirStat
2018-12-11 16:45 - 2018-12-11 16:45 - 000000000 ____D C:\Program Files (x86)\WinDirStat
2018-12-05 07:08 - 2018-12-05 07:08 - 000032720 ____N (GIGA-BYTE TECHNOLOGY CO., LTD.) C:\WINDOWS\gdrv2.sys
2018-12-05 01:19 - 2018-12-05 01:19 - 000000000 ____D C:\Users\CARAGUIA-PC\.android
2018-12-05 01:18 - 2018-12-05 01:18 - 000001195 _____ C:\Users\Public\Desktop\iTools 3.lnk
2018-12-05 01:18 - 2018-12-05 01:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTools 3
2018-12-05 01:12 - 2018-12-05 01:13 - 000000000 ____D C:\Users\CARAGUIA-PC\AppData\Roaming\Wondershare
2018-12-05 01:11 - 2018-12-05 01:11 - 000001616 _____ C:\Users\Public\Desktop\dr.fone toolkit para iOS.lnk
2018-12-05 01:11 - 2018-12-05 01:11 - 000000000 ____D C:\ProgramData\Wondershare
2018-12-05 01:11 - 2018-12-05 01:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare
2018-12-05 01:11 - 2018-12-05 01:11 - 000000000 ____D C:\Program Files (x86)\Wondershare
2018-12-05 01:11 - 2017-01-12 11:45 - 000076384 _____ (hxxp://libusb-win32.sourceforge.net) C:\WINDOWS\SysWOW64\libusb0.dll
2018-12-05 01:11 - 2017-01-12 11:45 - 000052832 _____ (hxxp://libusb-win32.sourceforge.net) C:\WINDOWS\SysWOW64\Drivers\libusb0.sys
2018-12-05 01:11 - 2015-02-27 10:35 - 000000232 _____ C:\WINDOWS\SysWOW64\dllhost.exe.config
2018-12-05 01:06 - 2018-12-22 23:06 - 000000000 __SHD C:\Users\CARAGUIA-PC\AppData\Roaming\znjqvhcbhcns
2018-12-05 01:06 - 2018-12-05 01:06 - 000000000 ____D C:\Users\CARAGUIA-PC\AppData\Roaming\HD
2018-12-05 00:56 - 2018-12-27 18:51 - 000000000 ____D C:\Program Files\Common Files\Apple
2018-12-05 00:56 - 2018-12-05 00:56 - 000000000 ____D C:\Program Files\Bonjour
2018-12-05 00:56 - 2018-12-05 00:56 - 000000000 ____D C:\Program Files (x86)\Bonjour
2018-12-05 00:54 - 2018-12-05 01:21 - 000000000 ____D C:\Program Files (x86)\ThinkSky
2018-12-03 23:22 - 2018-12-03 23:22 - 000000000 ____D C:\Users\CARAGUIA-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Saved Groups
2018-12-03 23:18 - 2018-12-03 23:18 - 000000000 ____D C:\Program Files (x86)\Stardock
2018-12-03 22:36 - 2018-12-03 23:19 - 000095744 _____ C:\WINDOWS\womtrust.dll
2018-12-03 22:36 - 2018-12-03 23:19 - 000081408 _____ C:\WINDOWS\wontrust.dll
2018-12-03 22:34 - 2018-12-03 22:34 - 000000000 ____D C:\Users\CARAGUIA-PC\Downloads\Stardock
2018-11-30 04:10 - 2018-11-30 04:10 - 004886016 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2018-11-30 04:10 - 2018-11-30 04:10 - 003951192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.dll
2018-11-30 04:10 - 2018-11-30 04:10 - 003744256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2018-11-30 04:10 - 2018-11-30 04:10 - 003337800 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2018-11-30 04:10 - 2018-11-30 04:10 - 002985328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.dll
2018-11-30 04:10 - 2018-11-30 04:10 - 002879488 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsservices.dll
2018-11-30 04:10 - 2018-11-30 04:10 - 002702536 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2018-11-30 04:10 - 2018-11-30 04:10 - 002594872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2018-11-30 04:10 - 2018-11-30 04:10 - 002488320 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2018-11-30 04:10 - 2018-11-30 04:10 - 002429752 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVCORE.DLL
2018-11-30 04:10 - 2018-11-30 04:10 - 002278240 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2018-11-30 04:10 - 2018-11-30 04:10 - 002185728 _____ (Microsoft Corporation) 

C:\WINDOWS\system32\wlidsvc.dll
2018-11-30 04:10 - 2018-11-30 04:10 - 002160160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVCORE.DLL
2018-11-30 04:10 - 2018-11-30 04:10 - 002086400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsservices.dll
2018-11-30 04:10 - 2018-11-30 04:10 - 002085168 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll

2018-11-30 04:10 - 2018-11-30 04:10 - 002072384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll

2018-11-30 04:10 - 2018-11-30 04:10 - 001975296 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll

2018-11-30 04:10 - 2018-11-30 04:10 - 001903616 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll

2018-11-30 04:10 - 2018-11-30 04:10 - 001899160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll

2018-11-30 04:10 - 2018-11-30 04:10 - 001749504 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll

2018-11-30 04:10 - 2018-11-30 04:10 - 001612808 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVIntegration.dll

2018-11-30 04:10 - 2018-11-30 04:10 - 001462272 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll

2018-11-30 04:10 - 2018-11-30 04:10 - 001395248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll

2018-11-30 04:10 - 2018-11-30 04:10 - 001387496 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll

2018-11-30 04:10 - 2018-11-30 04:10 - 001331264 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll

2018-11-30 04:10 - 2018-11-30 04:10 - 001289400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll

2018-11-30 04:10 - 2018-11-30 04:10 - 001254912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll

2018-11-30 04:10 - 2018-11-30 04:10 - 001221528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe

2018-11-30 04:10 - 2018-11-30 04:10 - 001212416 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll

2018-11-30 04:10 - 2018-11-30 04:10 - 001200920 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll

2018-11-30 04:10 - 2018-11-30 04:10 - 001097312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll

2018-11-30 04:10 - 2018-11-30 04:10 - 001032704 _____ (Microsoft Corporation)

C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll

2018-11-30 04:10 - 2018-11-30 04:10 - 001026992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll

2018-11-30 04:10 - 2018-11-30 04:10 - 001024920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll

2018-11-30 04:10 - 2018-11-30 04:10 - 000949760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.Internal.dll

2018-11-30 04:10 - 2018-11-30 04:10 - 000889344 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneService.dll

2018-11-30 04:10 - 2018-11-30 04:10 - 000883200 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll

2018-11-30 04:10 - 2018-11-30 04:10 - 000829440 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll

2018-11-30 04:10 - 2018-11-30 04:10 - 000828936 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVOrchestration.dll

2018-11-30 04:10 - 2018-11-30 04:10 - 000787456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll

2018-11-30 04:10 - 2018-11-30 04:10 - 000744960 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll

2018-11-30 04:10 - 2018-11-30 04:10 - 000743432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVReporting.dll

2018-11-30 04:10 - 2018-11-30 04:10 - 000703488 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll

2018-11-30 04:10 - 2018-11-30 04:10 - 000690688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll

2018-11-30 04:10 - 2018-11-30 04:10 - 000667152 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVCatalog.dll

2018-11-30 04:10 - 2018-11-30 04:10 - 000654848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll

2018-11-30 04:10 - 2018-11-30 04:10 - 000649736 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPublishing.dll

2018-11-30 04:10 - 2018-11-30 04:10 - 000604336 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe

2018-11-30 04:10 - 2018-11-30 04:10 - 000578048 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofmsvc.dll

2018-11-30 04:10 - 2018-11-30 04:10 - 000577024 _____ (Microsoft Corporation) C:\WINDOWS\system32\HolographicExtensions.dll

2018-11-30 04:10 - 2018-11-30 04:10 - 000531976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll

2018-11-30 04:10 - 2018-11-30 04:10 - 000495624 _____ (Microsoft Corporation) C:\WINDOWS\system32\TransportDSA.dll

2018-11-30 04:10 - 2018-11-30 04:10 - 000468992 _____ (Microsoft Corporation) C:\WINDOWS\system32\coml2.dll

2018-11-30 04:10 - 2018-11-30 04:10 - 000398848 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll

2018-11-30 04:10 - 2018-11-30 04:10 - 000373768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\coml2.dll

2018-11-30 04:10 - 2018-11-30 04:10 - 000359424 _____ (Microsoft Corporation)

C:\WINDOWS\system32\dusmsvc.dll

2018-11-30 04:10 - 2018-11-30 04:10 - 000275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll

2018-11-30 04:10 - 2018-11-30 04:10 - 000273408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll

2018-11-30 04:10 - 2018-11-30 04:10 - 000256512 _____ (Microsoft Corporation) C:\WINDOWS\system32\prnntfy.dll

2018-11-30 04:10 - 2018-11-30 04:10 - 000246784 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll

2018-11-30 04:10 - 2018-11-30 04:10 - 000241664 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll

2018-11-30 04:10 - 2018-11-30 04:10 - 000222720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\prnntfy.dll

2018-11-30 04:10 - 2018-11-30 04:10 - 000195072 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrrun.dll

2018-11-30 04:10 - 2018-11-30 04:10 - 000173568 _____ (Microsoft Corporation) C:\WINDOWS\system32\WPTaskScheduler.dll

2018-11-30 04:10 - 2018-11-30 04:10 - 000165376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrrun.dll

2018-11-30 04:10 - 2018-11-30 04:10 - 000152064 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll

2018-11-30 04:10 - 2018-11-30 04:10 - 000109568 _____ (Microsoft Corporation) C:\WINDOWS\system32\dab.dll

2018-11-30 04:10 - 2018-11-30 04:10 - 000092160 _____ (Microsoft Corporation)

C:\WINDOWS\system32\nlaapi.dll

2018-11-30 04:10 - 2018-11-30 04:10 - 000075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\SMSRouter.dll

2018-11-30 04:10 - 2018-11-30 04:10 - 000075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSManMigrationPlugin.dll

2018-11-30 04:10 - 2018-11-30 04:10 - 000070144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nlaapi.dll

2018-11-30 04:10 - 2018-11-30 04:10 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSManMigrationPlugin.dll

2018-11-30 04:10 - 2018-11-30 04:10 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSManHTTPConfig.exe

2018-11-30 04:10 - 2018-11-30 04:10 - 000032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSManHTTPConfig.exe

2018-11-30 04:10 - 2018-11-30 04:10 - 000030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\msisip.dll

2018-11-30 04:10 - 2018-11-30 04:10 - 000024064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msisip.dll

2018-11-30 04:09 - 2018-12-14 09:07 - 000000000 ____D C:\WINDOWS\holoshell

2018-11-30 04:08 - 2018-11-30 04:08 - 001368296 _____ C:\WINDOWS\system32\PerceptionSimulationRightHandModel.glb

2018-11-30 04:08 - 2018-11-30 04:08 - 001366268 _____ C:\WINDOWS\system32\PerceptionSimulationLeftHandModel.glb

2018-11-30 04:08 - 2018-11-30 04:08 - 001303040 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebManagement.exe

2018-11-30 04:08 - 2018-11-30 04:08 - 000909312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wdp.dll

2018-11-30 04:08 - 2018-11-30 04:08 - 000635904 _____ (Microsoft Corporation) C:\WINDOWS\system32\HolographicBenchmark.exe

2018-11-30 04:08 - 2018-11-30 04:08 - 000616448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wdp.dll

2018-11-30 04:08 - 2018-11-30 04:08 - 000295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\PerceptionSimulationREST.dll

2018-11-30 04:08 - 2018-11-30 04:08 - 000289280 _____ (Microsoft Corporation) C:\WINDOWS\system32\SshdBroker.dll

2018-11-30 04:08 - 2018-11-30 04:08 - 000155648 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeveloperToolsSvc.exe

2018-11-30 04:08 - 2018-11-30 04:08 - 000111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\SshdPinAuthLsa.dll

2018-11-30 04:08 - 2018-11-30 04:08 - 000097792 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevToolsLauncher.exe

2018-11-30 04:08 - 2018-11-30 04:08 - 000093184 _____ (Microsoft Corporation) C:\WINDOWS\system32\debugregsvc.dll

2018-11-30 04:08 - 2018-11-30 04:08 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeployUtil.exe

2018-11-30 04:08 - 2018-11-30 04:08 - 000032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\debugregsvcapi.dll

2018-11-30 04:08 - 2018-11-30 04:08 - 000020480 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeveloperTools.ProxyStub.dll

2018-11-30 04:08 - 2018-11-30 04:08 - 000000002 _____ C:\WINDOWS\system32\hologramcompositor.lock

2018-11-30 01:57 - 2018-12-30 19:11 - 001773362 _____ C:\WINDOWS\system32\PerfStringBackup.INI

2018-11-30 01:56 - 2018-12-30 22:30 - 000002848 _____ C:\WINDOWS\System32\Tasks\OneDrive

Standalone Update Task-S-1-5-21-759811077-1501555437-92379397-1001

2018-11-30 01:56 - 2018-11-30 01:56 - 000000000 ____D C:\ProgramData\Microsoft OneDrive

2018-11-30 01:54 - 2018-12-30 22:30 - 000003548 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA

2018-11-30 01:54 - 2018-12-30 22:30 - 000003482 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task

2018-11-30 01:54 - 2018-12-30 22:30 - 000003398 _____ C:\WINDOWS\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}

2018-11-30 01:54 - 2018-12-30 22:30 - 000003324 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore

2018-11-30 01:54 - 2018-12-30 22:30 - 000003196 _____ C:\WINDOWS\System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}

2018-11-30 01:54 - 2018-12-30 22:30 - 000003174 _____ C:\WINDOWS\System32\Tasks\Intel PTT EK Recertification

2018-11-30 01:54 - 2018-12-30 22:30 - 000003152 _____ C:\WINDOWS\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}

2018-11-30 01:54 - 2018-12-30 22:30 - 000003016 _____ C:\WINDOWS\System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}

2018-11-30 01:54 - 2018-12-30 22:30 - 000003016 _____ C:\WINDOWS\System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}

2018-11-30 01:54 - 2018-12-30 22:30 - 000003016 _____ C:\WINDOWS\System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}

2018-11-30 01:54 - 2018-12-30 22:30 - 000002984 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}

2018-11-30 01:54 - 2018-12-30 22:30 - 000002956 _____ C:\WINDOWS\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}

2018-11-30 01:54 - 2018-12-30 22:30 - 000002914 _____ C:\WINDOWS\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}

2018-11-30 01:54 - 2018-12-30 22:30 - 000002838 _____ C:\WINDOWS\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}

2018-11-30 01:54 - 2018-12-30 22:30 - 000002832 _____ C:\WINDOWS\System32\Tasks\DuetUpdater

2018-11-30 01:54 - 2018-12-30 22:30 - 000002778 _____ C:\WINDOWS\System32\Tasks\Red Giant Link

2018-11-30 01:54 - 2018-12-30 22:30 - 000002744 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}

2018-11-30 01:54 - 2018-12-30 22:30 - 000002602 _____ C:\WINDOWS\System32\Tasks\GraphicsCardEngine

2018-11-30 01:54 - 2018-12-30 22:30 - 000002592 _____ C:\WINDOWS\System32\Tasks\Launcher GIGABYTE AORUS GRAPHICS ENGINE

2018-11-30 01:54 - 2018-12-30 22:30 - 000002518 _____ C:\WINDOWS\System32\Tasks\EasyTune

2018-11-30 01:54 - 2018-12-30 22:30 - 000002502 _____ C:\WINDOWS\System32\Tasks\SIV

2018-11-30 01:54 - 2018-12-29 18:56 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT

2018-11-30 01:54 - 2018-11-30 01:54 - 000002572 _____ C:\WINDOWS\System32\Tasks\V-Tuner

2018-11-30 01:54 - 2018-11-30 01:54 - 000000020 ___SH C:\Users\CARAGUIA-PC\ntuser.ini

2018-11-30 01:54 - 2018-11-30 01:54 - 000000000 ____D C:\Users\CARAGUIA-PC\AppData\Local\PackageStaging

2018-11-30 01:53 - 2018-12-17 18:44 - 000001908 _____ C:\WINDOWS\diagwrn.xml

2018-11-30 01:53 - 2018-12-17 18:44 - 000001908 _____ C:\WINDOWS\diagerr.xml

2018-11-30 01:52 - 2018-11-30 01:52 - 000000322 ____H C:\WINDOWS\Tasks\Intel PTT EK Recertification.job

2018-11-30 01:50 - 2018-11-30 01:50 - 000001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk

2018-11-30 01:49 - 2018-12-30 22:52 - 000000000 ____D C:\Users\OVRLibraryService

2018-11-30 01:49 - 2018-12-29 18:56 - 000000000 ____D C:\Users\CARAGUIA-PC

2018-11-30 01:49 - 2018-12-20 09:19 - 000002411 _____ C:\Users\CARAGUIA-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk

2018-11-30 01:49 - 2018-11-30 01:49 - 000000000 _SHDL C:\Users\OVRLibraryService\Reciente

2018-11-30 01:49 - 2018-11-30 01:49 - 000000000 _SHDL C:\Users\OVRLibraryService\Plantillas

2018-11-30 01:49 - 2018-11-30 01:49 - 000000000 _SHDL C:\Users\OVRLibraryService\Mis documentos

2018-11-30 01:49 - 2018-11-30 01:49 - 000000000 _SHDL C:\Users\OVRLibraryService\Menú Inicio

2018-11-30 01:49 - 2018-11-30 01:49 - 000000000 _SHDL C:\Users\OVRLibraryService\Impresoras

2018-11-30 01:49 - 2018-11-30 01:49 - 000000000 _SHDL C:\Users\OVRLibraryService\Entorno de red

2018-11-30 01:49 - 2018-11-30 01:49 - 000000000 _SHDL C:\Users\OVRLibraryService\Datos de programa

2018-11-30 01:49 - 2018-11-30 01:49 - 000000000 _SHDL C:\Users\OVRLibraryService\Configuración local

2018-11-30 01:49 - 2018-11-30 01:49 - 000000000 _SHDL C:\Users\OVRLibraryService\AppData\Roaming\Microsoft\Windows\Start Menu\Programas

2018-11-30 01:49 - 2018-11-30 01:49 - 000000000 _SHDL C:\Users\OVRLibraryService\AppData\Local\Historial

2018-11-30 01:49 - 2018-11-30 01:49 - 000000000 _SHDL C:\Users\OVRLibraryService\AppData\Local\Datos de programa

2018-11-30 01:49 - 2018-11-30 01:49 - 000000000 _SHDL C:\Users\OVRLibraryService\AppData\Local\Archivos temporales de Internet

2018-11-30 01:49 - 2018-11-30 01:49 - 000000000 _SHDL C:\Users\CARAGUIA-PC\Reciente

2018-11-30 01:49 - 2018-11-30 01:49 - 000000000 _SHDL C:\Users\CARAGUIA-PC\Plantillas

2018-11-30 01:49 - 2018-11-30 01:49 - 000000000 _SHDL C:\Users\CARAGUIA-PC\Mis documentos

2018-11-30 01:49 - 2018-11-30 01:49 - 000000000 _SHDL C:\Users\CARAGUIA-PC\Menú Inicio

2018-11-30 01:49 - 2018-11-30 01:49 - 000000000 _SHDL C:\Users\CARAGUIA-PC\Impresoras

2018-11-30 01:49 - 2018-11-30 01:49 - 000000000 _SHDL C:\Users\CARAGUIA-PC\Entorno de red

2018-11-30 01:49 - 2018-11-30 01:49 - 000000000 _SHDL C:\Users\CARAGUIA-PC\Datos de programa

2018-11-30 01:49 - 2018-11-30 01:49 - 000000000 _SHDL C:\Users\CARAGUIA-PC\Configuración local

2018-11-30 01:49 - 2018-11-30 01:49 - 000000000 _SHDL C:\Users\CARAGUIA-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programas

2018-11-30 01:49 - 2018-11-30 01:49 - 000000000 _SHDL C:\Users\CARAGUIA-PC\AppData\Local\Historial

2018-11-30 01:49 - 2018-11-30 01:49 - 000000000 _SHDL C:\Users\CARAGUIA-PC\AppData\Local\Datos de programa

2018-11-30 01:49 - 2018-11-30 01:49 - 000000000 _SHDL C:\Users\CARAGUIA-PC\AppData\Local\Archivos temporales de Internet

2018-11-30 01:49 - 2018-11-30 01:49 - 000000000 ____D C:\ProgramData\USOShared

2018-11-30 01:49 - 2018-11-16 00:29 - 000133160 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe

2018-11-30 01:49 - 2018-09-15 08:29 - 000001105 _____ C:\Users\OVRLibraryService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk

2018-11-30 01:49 - 2018-09-15 08:28 - 002864640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll

2018-11-30 01:47 - 2018-12-30 23:24 - 000000000 ____D C:\WINDOWS\system32\SleepStudy

2018-11-30 01:47 - 2018-12-29 18:22 - 000475952 _____ C:\WINDOWS\system32\FNTCACHE.DAT

2018-11-30 01:39 - 2018-11-30 01:46 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate

2018-11-30 01:39 - 2018-11-30 01:39 - 000000000 ____D C:\WINDOWS\ServiceProfiles

2018-11-30 01:38 - 2018-11-30 01:38 - 000000000 ____D C:\WINDOWS\SysWOW64\XPSViewer

2018-11-30 01:38 - 2018-11-30 01:38 - 000000000 ____D C:\Program Files\Reference Assemblies

2018-11-30 01:38 - 2018-11-30 01:38 - 000000000 ____D C:\Program Files\MSBuild

2018-11-30 01:38 - 2018-11-30 01:38 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies

2018-11-30 01:38 - 2018-11-30 01:38 - 000000000 ____D C:\Program Files (x86)\MSBuild

2018-11-30 01:38 - 2018-09-09 17:17 - 001167960 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll

2018-11-30 01:38 - 2018-09-09 17:16 - 000126064 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll

2018-11-30 01:38 - 2018-09-09 17:16 - 000035440 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe

2018-11-30 01:38 - 2018-08-29 17:56 - 000780376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll

2018-11-30 01:38 - 2018-08-29 17:56 - 000104560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll

2018-11-30 01:38 - 2018-08-29 17:56 - 000036896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe

2018-11-30 01:34 - 2018-11-30 01:34 - 000008192 _____ C:\WINDOWS\system32\config\userdiff

2018-11-30 01:25 - 2018-11-30 01:29 - 000000000 ____D C:\ESD

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-12-30 23:24 - 2018-09-15 08:33 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2018-12-30 22:24 - 2018-10-20 10:51 - 000000000 ____D C:\Users\CARAGUIA-PC\AppData\Local\Spotify
2018-12-30 22:20 - 2018-06-25 06:46 - 000000000 ____D C:\Users\CARAGUIA-PC\AppData\Roaming\uTorrent
2018-12-30 21:09 - 2018-10-20 10:51 - 000000000 ____D C:\Users\CARAGUIA-PC\AppData\Roaming\Spotify
2018-12-30 19:11 - 2018-09-15 17:37 - 000788392 _____ C:\WINDOWS\system32\perfh00A.dat
2018-12-30 19:11 - 2018-09-15 17:37 - 000155682 _____ C:\WINDOWS\system32\perfc00A.dat
2018-12-30 19:11 - 2018-09-15 08:31 - 000000000 ____D C:\WINDOWS\INF
2018-12-30 12:25 - 2018-06-23 19:37 - 000000000 ____D C:\ProgramData\NVIDIA
2018-12-30 01:00 - 2018-09-04 18:52 - 000000000 ____D C:\ProgramData\Jeppesen
2018-12-29 18:56 - 2018-09-07 09:15 - 000000000 ____D C:\Users\CARAGUIA-PC\AppData\Roaming\duet
2018-12-29 18:56 - 2018-08-31 10:47 - 000000000 ____D C:\Users\CARAGUIA-PC\AppData\Local\Oculus
2018-12-29 18:56 - 2018-07-21 18:18 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2018-12-29 18:29 - 2018-07-21 18:18 - 000000000 ____D C:\Users\CARAGUIA-PC\AppData\Roaming\TeamViewer
2018-12-29 18:29 - 2018-06-29 13:18 - 000000000 ____D C:\Program Files (x86)\Steam
2018-12-29 18:27 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2018-12-29 18:27 - 2018-06-25 10:30 - 000000000 ____D C:\Users\CARAGUIA-PC\AppData\Local\CrashDumps
2018-12-29 18:26 - 2018-09-15 08:33 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2018-12-29 18:23 - 2018-09-23 22:17 - 000000000 ____D C:\Users\CARAGUIA-PC\AppData\Roaming\SimBrief Downloader
2018-12-29 18:21 - 2018-09-15 07:09 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2018-12-28 23:59 - 2018-06-24 16:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico
2018-12-28 23:59 - 2018-06-24 16:08 - 000000000 ____D C:\Program Files\KMSpico
2018-12-28 17:30 - 2018-06-23 19:03 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2018-12-28 17:20 - 2018-06-24 16:13 - 000000000 ____D C:\Users\CARAGUIA-PC\AppData\Roaming\Panda Security
2018-12-28 17:20 - 2018-06-24 16:12 - 000000000 ____D C:\ProgramData\Panda Security
2018-12-28 17:20 - 2018-06-24 09:58 - 000592616 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2018-12-25 18:55 - 2018-06-24 16:57 - 000001270 _____ C:\Users\Public\Desktop\eLicenser Control Center.lnk
2018-12-25 18:55 - 2018-06-24 16:57 - 000000049 _____ C:\WINDOWS\SysWOW64\SYNSOPOS.exe.cfg
2018-12-25 18:55 - 2018-06-24 16:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eLicenser
2018-12-25 18:50 - 2018-06-24 16:06 - 000000000 ____D C:\Program Files\Adobe
2018-12-25 13:43 - 2018-10-04 23:25 - 000000016 _____ C:\Users\CARAGUIA-PC\AppData\Roaming\msregsvv.dll
2018-12-25 13:43 - 2018-10-04 23:25 - 000000016 _____ C:\ProgramData\autobk.inc
2018-12-25 13:43 - 2018-06-24 16:24 - 000000000 ____D C:\ProgramData\PreSonus
2018-12-25 13:41 - 2018-09-30 10:51 - 000000000 ____D C:\Users\CARAGUIA-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASIO4ALL v2
2018-12-25 13:41 - 2018-09-30 10:51 - 000000000 ____D C:\Program Files (x86)\ASIO4ALL v2
2018-12-25 13:41 - 2018-06-24 16:24 - 000000000 ____D C:\Users\CARAGUIA-PC\AppData\Roaming\PreSonus
2018-12-25 13:29 - 2018-06-25 07:29 - 000000000 ____D C:\Users\CARAGUIA-PC\AppData\Local\D3DSCache
2018-12-22 23:27 - 2018-09-15 08:33 - 000000000 ___HD C:\Program Files\WindowsApps
2018-12-22 23:27 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-12-22 23:21 - 2018-09-15 17:40 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2018-12-22 23:21 - 2018-09-15 17:40 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2018-12-22 23:21 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\bcastdvr
2018-12-20 09:20 - 2018-09-15 08:23 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-12-20 09:19 - 2018-06-23 19:54 - 000000000 ___RD C:\Users\CARAGUIA-PC\OneDrive
2018-12-19 00:19 - 2018-06-24 10:02 - 137260640 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2018-12-19 00:16 - 2018-10-12 17:45 - 000000000 ____D C:\Program Files (x86)\EZCA2
2018-12-14 09:08 - 2018-06-23 19:52 - 000000000 __RHD C:\Users\Public\AccountPictures
2018-12-14 09:08 - 2018-06-23 19:52 - 000000000 ___RD C:\Users\CARAGUIA-PC\3D Objects
2018-12-14 09:07 - 2018-09-15 17:38 - 000000000 ____D C:\WINDOWS\system32\OpenSSH
2018-12-14 09:07 - 2018-09-15 08:33 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2018-12-14 09:07 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\TextInput
2018-12-14 09:07 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\system32\oobe
2018-12-14 09:07 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\system32\migwiz
2018-12-14 09:07 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\system32\appraiser
2018-12-14 09:07 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\ShellExperiences
2018-12-14 09:07 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\ShellComponents
2018-12-14 00:13 - 2018-06-23 20:07 - 000002299 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-12-14 00:13 - 2018-06-23 20:07 - 000002258 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-12-13 23:00 - 2018-10-02 22:29 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2018-12-12 23:07 - 2018-08-31 10:50 - 000000000 ____D C:\Program Files\Oculus
2018-12-12 18:32 - 2018-09-15 08:29 - 000090424 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2018-12-12 18:31 - 2018-06-24 10:02 - 000000000 ____D C:\WINDOWS\system32\MRT
2018-12-11 18:14 - 2018-07-28 17:02 - 000000112 _____ C:\Users\CARAGUIA-PC\AppData\Local\X-Plane_drm_11.prf
2018-12-11 18:13 - 2018-08-08 23:37 - 000000102 _____ C:\Users\CARAGUIA-PC\AppData\Local\X-Plane_xdd_11.prf
2018-12-11 17:54 - 2018-06-23 19:52 - 000000000 ____D C:\Users\CARAGUIA-PC\AppData\Local\Packages
2018-12-11 17:51 - 2018-06-24 10:37 - 000000000 ____D C:\ProgramData\Package Cache
2018-12-11 15:31 - 2018-09-15 07:09 - 000000000 ____D C:\WINDOWS\servicing
2018-12-05 07:08 - 2018-07-04 04:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIGABYTE
2018-12-05 01:22 - 2018-07-31 16:42 - 000000000 ____D C:\Users\CARAGUIA-PC\AppData\Roaming\iFunbox_UserCache
2018-12-05 01:22 - 2018-07-31 15:05 - 000000000 ____D C:\ProgramData\ThinkSky
2018-12-05 00:56 - 2018-06-27 19:05 - 000000000 ____D C:\ProgramData\Apple
2018-12-05 00:30 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\ServiceState
2018-12-04 01:22 - 2018-07-28 16:42 - 000000037 _____ C:\Users\CARAGUIA-PC\AppData\Local\X-Plane Installer.prf
2018-12-03 23:18 - 2018-07-20 10:18 - 000000000 ____D C:\Users\CARAGUIA-PC\AppData\Local\Stardock
2018-12-03 23:18 - 2018-07-20 10:18 - 000000000 ____D C:\ProgramData\Stardock
2018-12-03 23:18 - 2018-07-20 10:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Stardock
2018-12-03 22:10 - 2018-09-23 16:20 - 000000000 ____D C:\Users\CARAGUIA-PC\AppData\LocalLow\Clover
2018-12-02 12:19 - 2018-09-23 22:17 - 000002543 _____ C:\Users\CARAGUIA-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SimBrief Downloader.lnk
2018-12-01 04:53 - 2018-09-15 08:36 - 000835688 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2018-12-01 04:53 - 2018-09-15 08:36 - 000179808 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2018-11-30 17:03 - 2018-07-07 11:40 - 000000000 ____D C:\Users\CARAGUIA-PC\AppData\Roaming\OculusClient
2018-11-30 16:41 - 2018-09-16 23:19 - 000000000 ____D C:\Program Files (x86)\Navigraph
2018-11-30 16:38 - 2018-06-23 19:53 - 000000000 ____D C:\Users\CARAGUIA-PC\AppData\Local\PlaceholderTileLogoFolder
2018-11-30 16:28 - 2018-06-25 07:29 - 000000000 ____D C:\Users\CARAGUIA-PC\AppData\Local\NVIDIA
2018-11-30 04:21 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\appcompat
2018-11-30 04:09 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\SystemApps
2018-11-30 02:11 - 2018-07-09 11:30 - 000000000 ____D C:\ProgramData\Packages
2018-11-30 01:54 - 2018-09-15 08:33 - 000000000 ___RD C:\Program Files\Windows Defender
2018-11-30 01:54 - 2018-09-15 08:33 - 000000000 ____D C:\Program Files\windows nt
2018-11-30 01:54 - 2018-09-15 07:09 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2018-11-30 01:54 - 2018-06-23 19:52 - 000000000 ____D C:\Users\CARAGUIA-PC\AppData\Local\ConnectedDevicesPlatform
2018-11-30 01:52 - 2018-09-15 08:33 - 000000000 __RHD C:\Users\Public\Libraries
2018-11-30 01:52 - 2018-09-15 08:33 - 000000000 ___RD C:\WINDOWS\PrintDialog
2018-11-30 01:50 - 2018-10-20 11:23 - 000000000 ____D C:\Users\CARAGUIA-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sidify
2018-11-30 01:50 - 2018-10-15 19:07 - 000000000 ____D C:\Users\CARAGUIA-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Nektar
2018-11-30 01:50 - 2018-10-11 19:06 - 000000000 ____D C:\Users\CARAGUIA-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Python 3.7
2018-11-30 01:50 - 2018-08-31 10:37 - 000000000 ____D C:\Users\CARAGUIA-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revive
2018-11-30 01:50 - 2018-08-21 22:12 - 000000000 ____D C:\Users\CARAGUIA-PC\AppData\Roaming\Microsoft\Windows\Start Menu\SteamVR
2018-11-30 01:50 - 2018-07-25 05:29 - 000000000 ____D C:\Users\CARAGUIA-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RivaTuner Statistics Server
2018-11-30 01:50 - 2018-07-25 05:28 - 000000000 ____D C:\Users\CARAGUIA-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSI Afterburner
2018-11-30 01:50 - 2018-07-22 11:44 - 000000000 ____D C:\Users\CARAGUIA-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Carenado 390 Premier 1A P3DV4
2018-11-30 01:50 - 2018-07-07 14:11 - 000000000 ____D C:\Users\CARAGUIA-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HandBrake
2018-11-30 01:50 - 2018-07-04 16:37 - 000000000 ____D C:\Users\CARAGUIA-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc
2018-11-30 01:50 - 2018-06-29 13:55 - 000000000 ____D C:\Users\CARAGUIA-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2018-11-30 01:50 - 2018-06-24 10:33 - 000000000 ____D C:\Users\CARAGUIA-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2018-11-30 01:50 - 2018-06-23 20:08 - 000000000 ____D C:\Users\CARAGUIA-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome
2018-11-30 01:49 - 2018-09-15 08:33 - 000000000 __RSD C:\WINDOWS\media
2018-11-30 01:49 - 2018-09-15 08:33 - 000000000 ____D C:\ProgramData\USOPrivate
2018-11-30 01:49 - 2018-06-24 10:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2018-11-30 01:49 - 2018-06-23 19:37 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2018-11-30 01:49 - 2018-06-23 19:37 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2018-11-30 01:48 - 2018-06-23 19:37 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2018-11-30 01:46 - 2018-11-11 00:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Plan-G v3.2.1
2018-11-30 01:46 - 2018-10-30 21:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FS-FlightControl
2018-11-30 01:46 - 2018-10-20 10:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TunesKit Spotify Converter
2018-11-30 01:46 - 2018-10-15 08:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FSDreamTeam
2018-11-30 01:46 - 2018-10-12 19:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\FS Cabin Crew
2018-11-30 01:46 - 2018-10-12 18:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SimObject Display Engine
2018-11-30 01:46 - 2018-10-12 17:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EZCA2
2018-11-30 01:46 - 2018-10-11 22:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ImageMagick 7.0.8 Q8 (64-bit)
2018-11-30 01:46 - 2018-10-09 12:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Teamspeak2 RC2
2018-11-30 01:46 - 2018-10-04 22:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IK Multimedia
2018-11-30 01:46 - 2018-09-28 23:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\REAPER (x64)
2018-11-30 01:46 - 2018-09-23 14:46 - 000000000 ____D C:\WINDOWS\system32\appmgmt
2018-11-30 01:46 - 2018-09-23 12:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriversCloud.com
2018-11-30 01:46 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2018-11-30 01:46 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\system32\spool
2018-11-30 01:46 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\system32\NDF
2018-11-30 01:46 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\Help
2018-11-30 01:46 - 2018-09-15 08:33 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2018-11-30 01:46 - 2018-09-15 08:31 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2018-11-30 01:46 - 2018-09-07 09:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Duet Display
2018-11-30 01:46 - 2018-09-05 23:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2018-11-30 01:46 - 2018-09-04 18:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\novaPDF 7
2018-11-30 01:46 - 2018-09-04 18:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Jeppesen
2018-11-30 01:46 - 2018-09-04 18:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\aerosoft - Professional Flight Planner X
2018-11-30 01:46 - 2018-08-31 10:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Oculus
2018-11-30 01:46 - 2018-08-21 11:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Duplicate Cleaner Pro
2018-11-30 01:46 - 2018-08-11 16:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hellblade - Senua's Sacrifice VR [GOG.com]
2018-11-30 01:46 - 2018-07-25 16:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OBS Studio
2018-11-30 01:46 - 2018-07-25 05:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Simware - Valencia X - PREPAR3D V4.x
2018-11-30 01:46 - 2018-07-25 05:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\aerosoft - Malaga X - PREPAR3D V4.x
2018-11-30 01:46 - 2018-07-20 02:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Envdir
2018-11-30 01:46 - 2018-07-20 01:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TOGA - ENVTEX v1.1.1
2018-11-30 01:46 - 2018-07-05 12:39 - 000000000 __RSD C:\WINDOWS\SysWOW64\WindowsDevicePortal
2018-11-30 01:46 - 2018-07-05 12:39 - 000000000 __RSD C:\WINDOWS\system32\WindowsDevicePortal
2018-11-30 01:46 - 2018-07-05 12:39 - 000000000 ___RD C:\WINDOWS\WebManagement
2018-11-30 01:46 - 2018-07-03 08:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Orbx
2018-11-30 01:46 - 2018-06-29 13:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2018-11-30 01:46 - 2018-06-27 19:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Servicios de impresión de Bonjour
2018-11-30 01:46 - 2018-06-27 19:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\rtpMIDI
2018-11-30 01:46 - 2018-06-24 16:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steinberg UR44
2018-11-30 01:46 - 2018-06-24 13:21 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Herramientas de Microsoft Office 2016
2018-11-30 01:46 - 2018-06-24 13:18 - 000000000 ____D C:\WINDOWS\SHELLNEW
2018-11-30 01:46 - 2018-06-24 11:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Killer Networking
2018-11-30 01:46 - 2018-06-24 10:37 - 000000000 ____D C:\Program Files\Intel
2018-11-30 01:46 - 2018-06-24 10:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2018-11-30 01:46 - 2018-06-23 19:33 - 000000000 ___HD C:\WINDOWS\system32\CanonIJ Uninstaller Information
2018-11-30 01:46 - 2018-06-23 19:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MG5200 series
2018-11-30 01:46 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2018-11-30 01:44 - 2018-09-15 08:36 - 000000000 ____D C:\WINDOWS\Setup
2018-11-30 01:42 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\InfusedApps
2018-11-30 01:39 - 2018-10-09 11:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IVAO
2018-11-30 01:39 - 2018-09-28 23:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avid
2018-11-30 01:39 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2018-11-30 01:39 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\Resources
2018-11-30 01:39 - 2018-07-22 11:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\A2A Simulations
2018-11-30 01:39 - 2018-07-19 17:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HiFi
2018-11-30 01:39 - 2018-07-03 23:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Flight One Software
2018-11-30 01:39 - 2018-06-29 23:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lockheed Martin
2018-11-30 01:39 - 2018-06-24 10:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Creative
2018-11-30 01:39 - 2018-06-24 10:41 - 000000000 ____D C:\WINDOWS\system32\Drivers\NVIDIA Corporation
2018-11-30 01:38 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\SysWOW64\MUI
2018-11-30 01:38 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\system32\MUI
2018-11-30 01:37 - 2018-11-29 23:43 - 000000000 ____H C:\$WINRE_BACKUP_PARTITION.MARKER
2018-11-30 00:13 - 2018-11-29 23:34 - 000000036 _____ C:\WINDOWS\progress.ini
2018-11-30 00:09 - 2018-11-29 23:31 - 000000731 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Asistente para actualización a Windows 10.lnk

==================== Files in the root of some directories =======

2018-10-12 19:25 - 2018-10-12 19:25 - 000000199 _____ () C:\Users\CARAGUIA-PC\FSDreamTeam_GSX Level 2 Expansion.reg
2018-10-12 19:24 - 2018-10-15 08:13 - 000000179 _____ () C:\Users\CARAGUIA-PC\FSDreamTeam_GSX.reg
2018-10-12 17:45 - 2018-10-12 17:45 - 000088000 _____ () C:\Program Files (x86)\unEZCA2.exe
2018-09-06 09:09 - 2018-09-06 09:09 - 000000261 _____ () C:\Users\CARAGUIA-PC\AppData\Roaming\Instalador de OpenSceneryX.plist
2018-10-04 23:25 - 2018-12-25 13:43 - 000000016 _____ () C:\Users\CARAGUIA-PC\AppData\Roaming\msregsvv.dll
2018-11-14 00:28 - 2018-11-21 00:12 - 000002695 _____ () C:\Users\CARAGUIA-PC\AppData\Roaming\WED.prefs
2018-08-26 10:46 - 2018-08-26 10:46 - 000001456 _____ () C:\Users\CARAGUIA-PC\AppData\Local\Adobe Guardar para Web 13.0 Prefs
2018-07-28 17:02 - 2018-10-08 23:50 - 000000093 _____ () C:\Users\CARAGUIA-PC\AppData\Local\X-Plane 11 Preferences.prf
2018-07-28 16:42 - 2018-12-04 01:22 - 000000037 _____ () C:\Users\CARAGUIA-PC\AppData\Local\X-Plane Installer.prf
2018-07-28 17:02 - 2018-12-11 18:14 - 000000112 _____ () C:\Users\CARAGUIA-PC\AppData\Local\X-Plane_drm_11.prf
2018-07-28 16:47 - 2018-09-15 15:06 - 000000087 _____ () C:\Users\CARAGUIA-PC\AppData\Local\x-plane_install_11.txt
2018-08-08 23:37 - 2018-12-11 18:13 - 000000102 _____ () C:\Users\CARAGUIA-PC\AppData\Local\X-Plane_xdd_11.prf
2018-09-16 21:15 - 2018-09-16 21:15 - 000000067 _____ () C:\Users\CARAGUIA-PC\AppData\Local\ZIBO Updater.HID
2018-09-16 21:15 - 2018-09-16 21:41 - 000006532 _____ () C:\Users\CARAGUIA-PC\AppData\Local\ZIBO Updater.log

Some files in TEMP:
====================
2018-12-30 23:05 - 2018-12-30 23:05 - 000695808 ____N () C:\Users\CARAGUIA-PC\AppData\Local\Temp\sqlite-3.8.11.2-0e4c984c-1a88-472f-a176-cdcbcf219ac0-sqlitejdbc.dll

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

==================== End of FRST.txt ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 29.12.2018
Ran by CARAGUIA-PC (30-12-2018 23:25:52)
Running from D:\Users\CARAGUIA\Desktop
Windows 10 Pro Version 1809 17763.195 (X64) (2018-11-30 00:54:46)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrador (S-1-5-21-759811077-1501555437-92379397-500 - Administrator - Disabled)
CARAGUIA-PC (S-1-5-21-759811077-1501555437-92379397-1001 - Administrator - Enabled) => C:\Users\CARAGUIA-PC
DefaultAccount (S-1-5-21-759811077-1501555437-92379397-503 - Limited - Disabled)
Invitado (S-1-5-21-759811077-1501555437-92379397-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-759811077-1501555437-92379397-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-759811077-1501555437-92379397-1001\...\uTorrent) (Version: 3.5.3.44428 - BitTorrent Inc.)
µTorrent (HKU\S-1-5-21-759811077-1501555437-92379397-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12292018185634198\...\uTorrent) (Version: 3.5.3.44428 - BitTorrent Inc.)
390 Premier 1A (HKLM-x32\...\390 Premier 1Aver 1.1 P3DV4) (Version: ver 1.1 - Carenado)
737NG CFM Immersion Soundpack HD v1.1 (HKLM-x32\...\{1B3E6A66-F2C2-4096-B54D-906EF2F8A096}) (Version: 1.1 - Immersive Audio) Hidden
737NG CFM Immersion Soundpack HD v1.1 (HKU\S-1-5-21-759811077-1501555437-92379397-1001\...\737NG CFM Immersion Soundpack HD v1.1 1.1) (Version: 1.1 - Immersive Audio)
737NG CFM Immersion Soundpack HD v1.1 (HKU\S-1-5-21-759811077-1501555437-92379397-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12292018185634198\...\737NG CFM Immersion Soundpack HD v1.1 1.1) (Version: 1.1 - Immersive Audio)
Accu-Sim C172 Trainer for Prepar3D v4 (HKLM\...\{302515FC-52A8-448F-A0D7-DBBAB94D9FD2}) (Version: 18.4.22.0 - A2A Simulations Inc.) Hidden
Accu-Sim C172 Trainer for Prepar3D v4 (HKLM\...\Accu-Sim C172 Trainer for Prepar3D v4 18.4.22.0) (Version: 18.4.22.0 - A2A Simulations Inc.)
Accu-Sim C182 Skylane for Prepar3D v4 (HKLM\...\{4044E80F-E0F7-468B-AA36-842CFE83392D}) (Version: 18.4.22.0 - A2A Simulations Inc.) Hidden
Accu-Sim C182 Skylane for Prepar3D v4 (HKLM\...\Accu-Sim C182 Skylane for Prepar3D v4 18.4.22.0) (Version: 18.4.22.0 - A2A Simulations Inc.)
Accu-Sim Cherokee 180 for Prepar3D v4 (HKLM\...\{CBE7D9F4-A93A-444D-BE17-E6EC7372C1DE}) (Version: 18.4.22.0 - A2A Simulations Inc.) Hidden
Accu-Sim Cherokee 180 for Prepar3D v4 (HKLM\...\Accu-Sim Cherokee 180 for Prepar3D v4 18.4.22.0) (Version: 18.4.22.0 - A2A Simulations Inc.)
Accu-Sim Comanche 250 for Prepar3D v4 (HKLM\...\{F8362F65-9491-4422-BA27-DAA5FE7275DB}) (Version: 18.4.22.0 - A2A Simulations Inc.) Hidden
Accu-Sim Comanche 250 for Prepar3D v4 (HKLM\...\Accu-Sim Comanche 250 for Prepar3D v4 18.4.22.0) (Version: 18.4.22.0 - A2A Simulations Inc.)
Active Sky Cloud Art (HKLM-x32\...\{07caf7e6-e5ca-445a-855d-635155519848}_is1) (Version: 1.0.6452.28605 - HiFi Technologies, Inc.)
Active Sky for P3Dv4 (HKLM-x32\...\{4cb690b0-f4e3-404c-babc-cc780cc6fcb1}_is1) (Version: 1.0.6641.21513 - HiFi Technologies, Inc.)
Actualización de NVIDIA 34.0.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 34.0.0.0 - NVIDIA Corporation) Hidden
Adobe Acrobat Reader DC - Español (HKLM-x32\...\{AC76BA86-7AD7-1034-7B44-AC0F074E4100}) (Version: 19.010.20064 - Adobe Systems Incorporated)
Adobe Audition CC 2019 (HKLM-x32\...\AUDT_12_0_1) (Version: 12.0.1 - Adobe Systems Incorporated)
Adobe Lightroom Classic CC (HKLM-x32\...\LTRM_7_4) (Version: 7.4 - Adobe Systems Incorporated)
Adobe Media Encoder CC 2019 (HKLM-x32\...\AME_13_0_1) (Version: 13.0.1 - Adobe Systems Incorporated)
Aerosoft's - Malaga X - PREPAR3D V4.x (HKLM-x32\...\Malaga X - PREPAR3D V4.x) (Version: 1.04 - Aerosoft)
aerosoft's - Professional Flight Planner X (HKLM-x32\...\{1A5D2729-4A3B-4CD5-85C8-4896FD44B78D}) (Version: 1.28 - aerosoft)
AORUS ENGINE (HKLM-x32\...\AORUS ENGINE_is1) (Version: 1.3.6 - GIGABYTE Technology Co.,Inc.)
Apple Application Support (64 bits) (HKLM\...\{0CB84A7D-9697-4526-A819-60FB050E8F05}) (Version: 7.0.2 - Apple Inc.)
ASConnect for P3Dv4 Installer (HKLM-x32\...\{dd86cb93-47a1-4936-95c1-fb1e25c393b8}_is1) (Version: 1.0.0.34 - HiFi Technologies, Inc.)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.13 - Michael Tippach)
Asistente para actualización a Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22589 - Microsoft Corporation)
Basic FX Suite (HKLM\...\{C22B4160-10E1-409E-9407-B643D5000AF5}) (Version: 1.0.1 - Yamaha Corporation) Hidden
Basic FX Suite (HKLM-x32\...\InstallShield_{C22B4160-10E1-409E-9407-B643D5000AF5}) (Version: 1.0.1 - Yamaha Corporation)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Canon MG5200 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5200_series) (Version:  - )
Carenado C208B Grand Caravan FSX/P3D (HKLM-x32\...\Carenado C208B Grand Caravan FSX/P3D) (Version: 1.0 - Carenado)
CCleaner (HKLM\...\CCleaner) (Version: 5.51 - Piriform)
Connection Service versión 1.1.2.0 (HKLM-x32\...\Connection Service_is1) (Version: 1.1.2.0 - Creative Technology Ltd.)
Creative ALchemy (HKLM-x32\...\ALchemy) (Version: 1.45 - Creative Technology Limited)
Custom Shop version 1.8.0 (HKLM-x32\...\{21BAD046-50EC-49E2-BE7B-F9729704F2C3}_is1) (Version: 1.8.0 - IK Multimedia)
Discord (HKU\S-1-5-21-759811077-1501555437-92379397-1001\...\Discord) (Version: 0.0.301 - Discord Inc.)
Discord (HKU\S-1-5-21-759811077-1501555437-92379397-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12292018185634198\...\Discord) (Version: 0.0.301 - Discord Inc.)
DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 417.01 - NVIDIA Corporation) Hidden
dr.fone toolkit para iOS (Version 8.5.0) (HKLM-x32\...\{A26F8BBD-EC10-4bdc-8AD8-F146825A8A63}_is1) (Version: 8.5.0.54 - Wondershare Technology Co.,Ltd.)
DriversCloud.com (64 bits) (HKLM\...\{A05439B0-F943-46C3-85B6-1C9D02A090E8}) (Version: 10.0.7.0 - Cybelsoft)
Duet Display (HKLM\...\{50D013BA-EB07-4DF2-AACB-8931E10EAA4F}) (Version: 1.5.3.3 - Kairos) Hidden
Duet Display (HKLM\...\Duet Display 1.5.3.3) (Version: 1.5.3.3 - Kairos)
Duplicate Cleaner Pro 4.1.0 (HKLM-x32\...\Duplicate Cleaner Pro) (Version: 4.1.0 - DigitalVolcano Software Ltd)
Eines de correcció del Microsoft Office 2016: català (HKLM\...\{90160000-001F-0403-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
eLicenser Control (HKLM-x32\...\eLicenser Control) (Version: 6.9.3.8190 - Steinberg Media Technologies GmbH)
Envdir (HKLM-x32\...\{9321E1F5-D4D5-49D4-96B8-6D6308D235C0}_is1) (Version: 1.1.2.5 - TOGA projects)
EZdok Camera Version 2 (HKLM-x32\...\EZdok Camera Version 2) (Version:  - )
Ferramentas de verificación de Microsoft Office 2016 - Galego (HKLM\...\{90160000-001F-0456-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Flight Rudder Pedals (HKLM\...\{6D9386A8-0B74-4A22-83A9-D441217AC130}) (Version: 8.0.150.0 - Logitech)
FS Cabin Crew Spanish Edition (HKLM-x32\...\{308E0012-7C49-4026-819E-A8A9A4CFE6E0}) (Version: 1.00.0000 - drubware.net)
FSDreamTeam GSX version 2.5.0.9 (HKLM-x32\...\FSDreamTeam GSX_is1) (Version: 2.5.0.9 - VIRTUALI Sagl)
FS-FlightControl 1.3.32 (HKLM\...\FS-FlightControl_is1) (Version: 1.3.32 - FS-FlightControl.com)
Galaxy Watch Designer 1.6.2 (HKLM-x32\...\Gear Watch Designer) (Version: 1.6.2 - Samsung Electronics)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 71.0.3578.98 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.23 - Google Inc.) Hidden
GService (HKLM-x32\...\{D9CB4282-7B2A-4840-AD1D-9DA72B973DD9}) (Version: 1.16.1202.1 - GIGABYTE)
H25B_H850XP FSX/P3D (HKLM-x32\...\H25B_H850XP FSX/P3D) (Version: 1.1 - Carenado)
HandBrake 1.0.7 (HKLM-x32\...\HandBrake) (Version: 1.0.7 - )
Hellblade: Senua's Sacrifice VR (HKLM-x32\...\1923443149_is1) (Version: 1.0 - GOG.com)
Herramientas de corrección de Microsoft Office 2016: español (HKLM\...\{90160000-001F-0C0A-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Host OpenAL (HKLM-x32\...\Host OpenAL) (Version: 2.02 - Creative Technology Limited)
IK Multimedia Authorization Manager version 1.0.19 (HKLM\...\{85BC0DCB-69E5-4279-AA25-F108EF896588}_is1) (Version: 1.0.19 - IK Multimedia)
ImageMagick 7.0.8-10 Q8 (64-bit) (2018-08-14) (HKLM\...\ImageMagick 7.0.8 Q8 (64-bit)_is1) (Version: 7.0.8 - ImageMagick Studio LLC)
Intel(R) C++ Redistributables on Intel(R) 64 (HKLM-x32\...\{F70BCE36-25F2-4475-A918-6209B3D85BF3}) (Version: 15.0.179 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.7.0.1069 - Intel Corporation)
Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.49.166.0 - Intel Corporation) Hidden
Intel(R) Trusted Connect Services Client (HKLM-x32\...\{df682aff-4294-4ad1-aaa7-276931d5781f}) (Version: 1.49.166.0 - Intel Corporation) Hidden
iTools 3 version 3.3.9.0 (HKLM-x32\...\{9AD3B3CA-16DF-4113-9178-89263F2E3820}_is1) (Version: 3.3.9.0 - Thinksky, Inc.)
IvAp v2.0.2 (build 2773) (HKLM-x32\...\IvAp-v2_is1) (Version:  - IVAO)
Java 8 Update 191 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180191F0}) (Version: 8.0.1910.12 - Oracle Corporation)
Jeppesen Format Print Driver (HKLM-x32\...\{986090B3-C3B8-4DD4-8BB1-6561F74915FF}) (Version: 1.1.0.8 - Jeppesen)
Jeppesen Program and Data Installation (HKLM-x32\...\{4173F0BF-2363-4DC3-92A9-446B69DBB134}) (Version: 1.0.0.0 - Jeppesen)
Jeppesen Weather Service (HKLM-x32\...\{3E1D1CE6-FF37-4A5D-9714-D6F48CFD589D}) (Version: 2.8.3.63 - Jeppesen)
Killer Performance Driver Suite (HKLM\...\{086AF290-0E96-4EF9-B8A1-617836F0BE44}) (Version: 1.5.1859 - Rivet Networks)
loopMIDIBlockLegacy (HKLM-x32\...\{AEAF7978-3204-451D-8593-BC53EBDDA31D}) (Version: 9.9.9.9 - Tobias Erichsen) Hidden
Malwarebytes versión 3.6.1.2711 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.6.1.2711 - Malwarebytes)
Microsoft Access database engine 2010 (Spanish) (HKLM\...\{90140000-00D1-0C0A-1000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Flight Simulator SimConnect Client v10.0.61259.0 (HKLM-x32\...\{D61CA184-3F6D-4A50-B2CC-7A18447D6A8D}) (Version: 10.0.61259.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 (HKLM\...\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-759811077-1501555437-92379397-1001\...\OneDriveSetup.exe) (Version: 18.222.1104.0007 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-759811077-1501555437-92379397-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12292018185634198\...\OneDriveSetup.exe) (Version: 18.222.1104.0007 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{d491dd9d-2eda-4d75-b504-1a201436e7fd}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{3994d355-238a-4612-af93-26d13deddef1}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.13.26020 (HKLM-x32\...\{7474cd6e-76cc-4257-837e-5b9261e526af}) (Version: 14.13.26020.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.13.26020 (HKLM-x32\...\{5c045b7f-e561-4794-91f8-c6cda0893107}) (Version: 14.13.26020.0 - Microsoft Corporation)
Miroslav Philharmonik 2 version 2.0.5 (HKLM\...\{CF8EE134-AD62-4D47-81A5-A42CAE3B1710}_is1) (Version: 2.0.5 - IK Multimedia)
Mozilla Firefox 62.0 (x64 es-ES) (HKLM\...\Mozilla Firefox 62.0 (x64 es-ES)) (Version: 62.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 62.0 - Mozilla)
MSI Afterburner 4.5.0 (HKLM-x32\...\Afterburner) (Version: 4.5.0 - MSI Co., LTD)
novaPDF for SDK v7 (novaPDF 7.7 printer) (HKLM\...\novaPDF for SDK v7_is1) (Version: 7.7.3987 - Softland)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.12 - NVIDIA Corporation) Hidden
NVIDIA Controlador de 3D Vision 417.01 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 417.01 - NVIDIA Corporation)
NVIDIA Controlador de gráficos 417.01 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 417.01 - NVIDIA Corporation)
NVIDIA Controlador de la controladora 3D Vision 390.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 390.41 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.16.0.122 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.16.0.122 - NVIDIA Corporation)
NVIDIA Software del sistema PhysX 9.18.0907 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.18.0907 - NVIDIA Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 21.1.2 - OBS Project)
Oculus (HKLM\...\Oculus) (Version: <3 - Oculus VR, LLC)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
OverlayEditor (HKLM-x32\...\OverlayEditor) (Version: 2.61 - Jonathan Harris <[email protected]>)
Panel de control de NVIDIA 417.01 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 417.01 - NVIDIA Corporation) Hidden
Plan-G v3.2.1 version 3.2.1 (HKLM-x32\...\{BC13ABF2-2C08-42A6-A5C4-AFCE666ABE58}_is1) (Version: 3.2.1 - TA Software)
PMDG 737 6700 NGX Expansion P3D (HKLM-x32\...\{51CE3C56-7069-4055-AC02-FDCA5A0C0D0C}) (Version: 1.20.8465 - PMDG Simulations, LLC.)
PMDG 737-8900 NGX Base Package P3D (HKLM-x32\...\{0EA92925-36E7-40CB-A714-118AB046099B}) (Version: 1.20.8885 - PMDG Simulations, LLC.)
Prepar3D v4 Content (HKLM\...\{87040041-993B-42AF-BEA0-6086FEB45184}) (Version: 4.3.29.25520 - Lockheed Martin)
Prepar3D v4 Professional Plus (HKLM-x32\...\{30a38ea8-952b-40ed-8f28-8357d559085b}) (Version: 4.3.29.25520 - Lockheed Martin)
Prepar3D v4 Professional Plus Client (HKLM\...\{53DFB31A-C7E4-42D2-98D9-E715C42D6AFF}) (Version: 4.3.29.25520 - Lockheed Martin)
Prepar3D v4 Scenery (HKLM\...\{C953A291-C0D5-414E-8211-778D5E53D73A}) (Version: 4.3.29.25520 - Lockheed Martin)
Prepar3D v4 SDK 4.3.29.25520 (HKLM\...\{8131B7C6-F594-4DB6-A743-DDB2495B346A}) (Version: 4.3.29.25520 - Lockheed Martin)
PreSonus Studio One 4 (HKLM\...\Studio One 4_is1) (Version: 4.1.1 - PreSonus)
Python 3.7.0 (32-bit) (HKU\S-1-5-21-759811077-1501555437-92379397-1001\...\{ece37911-ffeb-4f29-95d6-abcf555d7364}) (Version: 3.7.150.0 - Python Software Foundation)
Python 3.7.0 (32-bit) (HKU\S-1-5-21-759811077-1501555437-92379397-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12292018185634198\...\{ece37911-ffeb-4f29-95d6-abcf555d7364}) (Version: 3.7.150.0 - Python Software Foundation)
Python 3.7.0 Add to Path (32-bit) (HKLM-x32\...\{1960E5AE-BA13-4FA1-B0CE-55B9F0291903}) (Version: 3.7.150.0 - Python Software Foundation) Hidden
Python 3.7.0 Core Interpreter (32-bit) (HKLM-x32\...\{13BB06D9-FD38-47E5-946E-C2606C554030}) (Version: 3.7.150.0 - Python Software Foundation) Hidden
Python 3.7.0 Development Libraries (32-bit) (HKLM-x32\...\{B424BE74-3C96-4974-8754-9D6442286112}) (Version: 3.7.150.0 - Python Software Foundation) Hidden
Python 3.7.0 Documentation (32-bit) (HKLM-x32\...\{ABEE159E-FE5B-4E58-BDD7-1DED2F10AAEB}) (Version: 3.7.150.0 - Python Software Foundation) Hidden
Python 3.7.0 Executables (32-bit) (HKLM-x32\...\{4642A126-F999-4407-801B-C1C89BDA58C5}) (Version: 3.7.150.0 - Python Software Foundation) Hidden
Python 3.7.0 pip Bootstrap (32-bit) (HKLM-x32\...\{69CFC76B-3434-4919-8885-BA7960725137}) (Version: 3.7.150.0 - Python Software Foundation) Hidden
Python 3.7.0 Standard Library (32-bit) (HKLM-x32\...\{09160A5D-8B99-4A89-9E9D-8A6D8E9C7EC1}) (Version: 3.7.150.0 - Python Software Foundation) Hidden
Python 3.7.0 Tcl/Tk Support (32-bit) (HKLM-x32\...\{8A09EA6B-C86C-4ECA-8742-C4C1BCA96845}) (Version: 3.7.150.0 - Python Software Foundation) Hidden
Python 3.7.0 Test Suite (32-bit) (HKLM-x32\...\{717DB3B4-C457-447B-A8A6-6921A4D917EF}) (Version: 3.7.150.0 - Python Software Foundation) Hidden
Python 3.7.0 Utility Scripts (32-bit) (HKLM-x32\...\{FC756D1E-1252-406E-8414-E11FAF97F3C7}) (Version: 3.7.150.0 - Python Software Foundation) Hidden
Python Launcher (HKLM-x32\...\{D6BDDB48-938A-4384-A7BE-2B4E4931B111}) (Version: 3.7.6386.0 - Python Software Foundation)
REAPER (x64) (HKLM\...\REAPER) (Version:  - )
Revisores de Texto do Microsoft Office 2016 – Português (Brasil) (HKLM\...\{90160000-001F-0416-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Revive Dashboard (HKLM-x32\...\Revive) (Version:  - )
RGB Fusion (HKLM-x32\...\{FFA8F1FA-3C2C-4A94-AC0B-0DF47272C25F}) (Version: 2.18.0308.1 - GIGABYTE)
RivaTuner Statistics Server 7.1.0 (HKLM-x32\...\RTSS) (Version: 7.1.0 - Unwinder)
rtpMIDI (HKLM-x32\...\{11db5383-f3c3-46ed-98c2-a3e51d672eb0}) (Version: 1.1.8.240 - Tobias Erichsen)
rtpMIDI (HKLM-x32\...\{4679F64B-170C-42C3-94A4-DD934F47FCF4}) (Version: 1.1.8.240 - Tobias Erichsen) Hidden
rtpMIDIBlockLegacy (HKLM-x32\...\{FD937297-84C3-41A5-B5DF-1FAEEE669D68}) (Version: 9.9.9.9 - Tobias Erichsen) Hidden
Samsung NVM Express Driver (HKLM-x32\...\{bfb0503a-76b9-415a-b0a3-dd55d2a01ebe}) (Version: 3.0.0.1802 - Samsung Electronics)
Samsung NVM Express Driver 3.0.0.1802 (HKLM\...\{03FE2BA9-9538-4195-83E3-09B43901141E}) (Version: 3.0.0.1802 - Samsung Electronics Co., Ltd) Hidden
Servicios de impresión de Bonjour (HKLM\...\{0DA20600-6130-443B-9D4B-F30520315FA6}) (Version: 2.0.2.0 - Apple Inc.)
Sibelius (HKLM\...\{A9FBA22D-F4E4-43D6-BCD4-D69D576D6DBA}) (Version: 18.7.0.2009 - Avid Technology)
Sidify Music Converter 1.3.4 (HKLM-x32\...\Sidify Music Converter) (Version: 1.3.4 - Sidify)
SimBrief Downloader 1.4.5 (only current user) (HKU\S-1-5-21-759811077-1501555437-92379397-1001\...\32e4cdf1-1f8f-586a-9551-9c0929bc3c38) (Version: 1.4.5 - Derek Mayer)
SimBrief Downloader 1.4.5 (only current user) (HKU\S-1-5-21-759811077-1501555437-92379397-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12292018185634198\...\32e4cdf1-1f8f-586a-9551-9c0929bc3c38) (Version: 1.4.5 - Derek Mayer)
Simware's - Valencia X - PREPAR3D V4.x (HKLM-x32\...\Valencia X - PREPAR3D V4.x) (Version: 1.14 - Simware)
Software para dispositivos de chipset Intel® (HKLM-x32\...\{0d3983ba-7e6e-4cfe-b7d0-9e8a966f9872}) (Version: 10.1.17661.8081 - Intel(R) Corporation) Hidden
Spotify (HKU\S-1-5-21-759811077-1501555437-92379397-1001\...\Spotify) (Version: 1.0.96.181.gf6bc1b6b - Spotify AB)
Spotify (HKU\S-1-5-21-759811077-1501555437-92379397-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12292018185634198\...\Spotify) (Version: 1.0.96.181.gf6bc1b6b - Spotify AB)
Stardock Groupy (HKLM-x32\...\Stardock Groupy) (Version: 1.17 - Stardock Software, Inc.)
Stardock ObjectDock (HKLM-x32\...\Stardock ObjectDock) (Version: 2.20 - Stardock Software, Inc.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Steinberg UR44 Applications (HKLM\...\{A4117569-BA6B-4A48-9664-955A6E4D75CA}) (Version: 2.1.1 - Yamaha Corporation) Hidden
Steinberg UR44 Applications (HKLM-x32\...\InstallShield_{A4117569-BA6B-4A48-9664-955A6E4D75CA}) (Version: 2.1.1 - Yamaha Corporation)
TeamSpeak 2 RC2 (HKLM-x32\...\Teamspeak 2 RC2_is1) (Version: 2.0.32.60 - Dominating Bytes Design)
TeamViewer 13 (HKLM-x32\...\TeamViewer) (Version: 13.2.26558 - TeamViewer)
teVirtualMIDI64 (HKLM\...\{3158659B-4AD6-4311-85C0-B79DD98F441E}) (Version: 1.2.11.41 - Tobias Erichsen) Hidden
TOGA - ENVTEX v1.1.1 (HKLM-x32\...\TOGA-ENVTEX-16D30A87-70CB-47CC-AAB0-600D0A4EDC8E_is1) (Version: 1.1.1.0 - SimMarket)
Trapcode Suite (HKLM\...\Trapcode Suite v14.1.1) (Version:  - Red Giant LLC)
TunesKit Spotify Converter 1.3.3.201 (HKLM-x32\...\TunesKit Spotify Converter_is1) (Version:  - TunesKit, Inc.)
UE4 Prerequisites (x64) (HKLM\...\{36EAD5CF-44EF-4FCF-8BE1-D96C4835D7A4}) (Version: 1.0.11.0 - Epic Games, Inc.) Hidden
UE4 Prerequisites (x64) (HKLM-x32\...\{2890ae6b-90e9-448d-b3e6-97e43c21e2fd}) (Version: 1.0.13.0 - Epic Games, Inc.) Hidden
Ultimate Terrain Lights For P3D V4 (HKLM-x32\...\Ultimate Terrain Lights For P3D V4) (Version:  - )
Ultimate Terrain X - Europe V2.1 (P3D V4 Support)   (HKLM-x32\...\Ultimate Terrain X - Europe V2.1 (P3D V4 Support)  ) (Version:  - )
Update for Skype for Business 2016 (KB4461545) 64-Bit Edition (HKLM\...\{90160000-0011-0000-1000-0000000FF1CE}_Office16.PROPLUS_{9692F654-B481-4DD4-8EAF-B6EBFA09C764}) (Version:  - Microsoft)
Update for Skype for Business 2016 (KB4461545) 64-Bit Edition (HKLM\...\{90160000-00C1-0000-1000-0000000FF1CE}_Office16.PROPLUS_{9692F654-B481-4DD4-8EAF-B6EBFA09C764}) (Version:  - Microsoft)
Update for Skype for Business 2016 (KB4461545) 64-Bit Edition (HKLM\...\{90160000-012B-0C0A-1000-0000000FF1CE}_Office16.PROPLUS_{9692F654-B481-4DD4-8EAF-B6EBFA09C764}) (Version:  - Microsoft)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{C5FDDED7-DEC7-48B4-AFD8-DFB8A0FD199A}) (Version: 2.51.0.0 - Microsoft Corporation)
UTX Europe V2.1 Install Manager (HKLM-x32\...\UTX Europe V2.1 Install Manager) (Version:  - )
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1-4) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
WinDirStat 1.1.2 (HKU\S-1-5-21-759811077-1501555437-92379397-1001\...\WinDirStat) (Version:  - )
WinDirStat 1.1.2 (HKU\S-1-5-21-759811077-1501555437-92379397-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12292018185634198\...\WinDirStat) (Version:  - )
WinRAR 5.50 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)
Yamaha Steinberg USB Driver (HKLM\...\{B291AFD1-72C6-40E8-823F-3FA483B119BC}) (Version: 1.10.1 - Yamaha Corporation) Hidden
Yamaha Steinberg USB Driver (HKLM-x32\...\yUninstall_{2938B185-2D57-47B0-9FC8-C90A67BA9277}) (Version: 1.10.1 - Yamaha Corporation)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} =>  -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} =>  -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> No File
ContextMenuHandlers1: [UAContextMenu] -> {A9B8E64D-3F7E-4D32-8FC9-E391DEE67D75} =>  -> No File
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes)
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} =>  -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} =>  -> No File
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2018-11-16] (NVIDIA Corporation)
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> No File
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes)
ContextMenuHandlers6: [UAContextMenu] -> {A9B8E64D-3F7E-4D32-8FC9-E391DEE67D75} =>  -> No File
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (Alexander Roshal)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {07D7BF71-80B6-48C3-9E9A-944B1AC21C77} - System32\Tasks\SIV => C:\Program Files (x86)\GIGABYTE\SIV\thermald.exe [2018-01-10] (GIGA-BYTE TECHNOLOGY CO., LTD.)
Task: {1AE3E7DE-273E-4843-A4FB-147EF0CCE126} - System32\Tasks\GraphicsCardEngine => C:\Program Files (x86)\GIGABYTE\EasyTuneEngineService\GraphicsCardEngineStarter.exe [2018-04-12] (GIGA-BYTE TECHNOLOGY CO., LTD.)
Task: {1C507396-B144-4178-B6A0-F6FCF874DA04} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-08-14] (Adobe Systems Incorporated)
Task: {233AC1F9-3120-4FF1-9EDB-71FACDADBAA2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-06-23] (Google Inc.)
Task: {316081ED-7D41-430B-B767-4416109EEA86} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2018-11-16] (NVIDIA Corporation)
Task: {3766764D-CC46-4ABC-9448-08B0AC111424} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2018-11-16] (NVIDIA Corporation)
Task: {3E16CBE1-0678-4048-9B1B-973870F89558} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-06-23] (Google Inc.)
Task: {3FF81708-EF05-4031-A040-84EAA15E14FD} - System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-11-16] (NVIDIA Corporation)
Task: {43A3E6D5-1C95-480F-B4C7-BE407A3D3E6E} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-12-10] (Piriform Software Ltd)
Task: {502D2E75-48E9-410F-9A62-CDC6A9558B12} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2015-07-31] (Microsoft Corporation)
Task: {52B15624-31C8-450A-B6D3-7D73FE01FD5D} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [2015-07-31] (Microsoft Corporation)
Task: {5AF0FE7D-360A-4273-8804-C1F139EBC344} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [2015-07-31] (Microsoft Corporation)
Task: {74598017-53D8-437C-A896-8D7374107280} - System32\Tasks\Red Giant Link => C:\Program [Argument = Files (x86)\Red Giant Link\Red Giant Link.exe]
Task: {764E93F2-A522-442B-B1BE-23E00AF8BCDF} - System32\Tasks\DuetUpdater => C:\Program Files\Kairos\Duet Display\DuetUpdater.exe [2018-08-17] (Kairos)
Task: {7693D2D0-43CB-408A-8734-7DD1B3548D2D} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-11-16] (NVIDIA Corporation)
Task: {A412E66F-D1F3-4F6E-B13F-8FECAAB13127} - System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-11-16] (NVIDIA Corporation)
Task: {A8985D64-848D-4085-8B5E-A57A493F1ADF} - System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-11-16] (NVIDIA Corporation)
Task: {A8BD2602-E988-4F0A-B765-B369520FDA7C} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-11-16] (NVIDIA Corporation)
Task: {B9C563F1-9540-4899-994A-2D4426AB06DF} - no filepath
Task: {BA98A02E-5DE6-4BF4-B5B3-F51D22244AD0} - System32\Tasks\V-Tuner => C:\Program Files (x86)\GIGABYTE\VTuner\VTuner.exe [2017-08-17] (GIGA-BYTE TECHNOLOGY CO., LTD.)
Task: {BEC40DBE-FBA7-421B-8807-D4B221FA6AB3} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-11-16] (NVIDIA Corporation)
Task: {C99BB3BA-6E27-4511-8EC3-6E2021BC9670} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2018-11-16] (NVIDIA Corporation)
Task: {CBE2392D-6FC2-400B-89E2-0313F3CDF309} - System32\Tasks\Launcher GIGABYTE AORUS GRAPHICS ENGINE => C:\Program Files (x86)\GIGABYTE\AORUS ENGINE\AORUS.exe [2018-07-16] (GIGABYTE Technology Co.,Ltd.)
Task: {CCABED4C-626E-4EB8-AADF-C5A4143E09DE} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-12-10] (Piriform Ltd)
Task: {D13403D1-8071-4A4B-835E-9413768621BD} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-11-16] (NVIDIA Corporation)
Task: {DD386D15-1134-40D0-A35A-09A4DA9BE847} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [2018-12-29] (AVAST Software)
Task: {E13AF2EE-527C-4507-9D68-E031B6C1C5B9} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\IntelPTTEKRecertification.exe [2018-03-02] (Intel(R) Corporation)
Task: {E39F8E32-F4B6-44B2-B8AF-D84A6CFEB7B8} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\WINDOWS\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-09-15] ()
Task: {EA03E2FB-5ACF-476C-A544-D6A2E8AFE553} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-11-16] (NVIDIA Corporation)
Task: {F832A3F9-8F69-434B-A991-867012EAC69A} - System32\Tasks\EasyTune => C:\Program Files (x86)\GIGABYTE\EasyTune\etinit.exe [2017-09-25] (GIGA-BYTE TECHNOLOGY CO., LTD.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Intel PTT EK Recertification.job => C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\IntelPTTEKRecertification.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


ShortcutWithArgument: C:\Users\CARAGUIA-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\Pocket.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory=Default --app-id=mjcnijlhddpbdemagnpefmlkjdagkogk

==================== Loaded Modules (Whitelisted) ==============

2018-09-15 08:28 - 2018-09-15 08:28 - 000834088 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2018-09-04 19:02 - 2016-04-01 07:30 - 000134088 _____ () C:\Program Files (x86)\Jeppesen\CDA\CDA.exe
2015-06-25 09:45 - 2015-06-25 09:45 - 000017920 _____ () C:\Program Files (x86)\GIGABYTE\AppCenter\AdjustService.exe
2018-06-24 10:42 - 2018-11-16 12:53 - 001315208 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2018-12-19 00:13 - 2018-11-15 11:01 - 002712432 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2018-12-19 00:13 - 2018-11-21 11:07 - 002842608 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2018-08-31 10:50 - 2018-12-12 23:04 - 001760696 _____ () C:\Program Files\Oculus\Support\oculus-runtime\OVRRedir.exe
2018-09-15 08:28 - 2018-09-15 08:28 - 000474624 _____ () C:\Windows\ShellExperiences\TileControl.dll
2018-12-12 18:32 - 2018-12-12 18:32 - 002801152 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll
2018-09-20 14:16 - 2018-09-20 14:16 - 002446768 _____ () C:\Program Files (x86)\GIGABYTE\AppCenter\ApCent.exe
2018-09-15 08:28 - 2018-09-15 08:28 - 001740288 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2018-10-04 20:58 - 2018-10-04 20:58 - 000009216 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.36.52.0_x64__kzf8qxf38zg5c\ImagePipelineNative.dll
2018-12-14 09:11 - 2018-12-14 09:11 - 000060416 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.36.52.0_x64__kzf8qxf38zg5c\ChakraBridge.dll
2018-12-14 09:11 - 2018-12-14 09:12 - 000019456 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.36.52.0_x64__kzf8qxf38zg5c\SkypeProxiesAndStubs.dll
2018-12-14 09:11 - 2018-12-14 09:12 - 010927616 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.36.52.0_x64__kzf8qxf38zg5c\LibWrapper.dll
2018-12-14 09:11 - 2018-12-14 09:12 - 002916864 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.36.52.0_x64__kzf8qxf38zg5c\skypert.dll
2018-12-14 09:11 - 2018-12-14 09:12 - 000688128 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.36.52.0_x64__kzf8qxf38zg5c\RtmMvrUap.dll
2018-12-14 09:11 - 2018-12-14 09:12 - 000182272 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.36.52.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
2018-12-10 22:55 - 2018-12-10 22:55 - 034870272 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18102.12011.0_x64__8wekyb3d8bbwe\Video.UI.exe
2018-12-10 22:55 - 2018-12-10 22:55 - 000292352 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18102.12011.0_x64__8wekyb3d8bbwe\SharedUI.dll
2018-04-12 17:29 - 2018-04-12 17:29 - 000902656 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18102.12011.0_x64__8wekyb3d8bbwe\Microsoft.Membership.MeControl.UI.Xaml.dll
2018-11-29 14:17 - 2018-11-29 14:17 - 004202208 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18102.12011.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-12-10 22:55 - 2018-12-10 22:55 - 005967872 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18102.12011.0_x64__8wekyb3d8bbwe\EntCommon.dll
2018-12-10 22:55 - 2018-12-10 22:55 - 009072128 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18102.12011.0_x64__8wekyb3d8bbwe\EntPlat.dll
2018-06-24 10:42 - 2018-11-16 12:52 - 101252488 _____ () C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\libcef.dll
2018-06-24 10:42 - 2018-11-16 12:52 - 004620168 _____ () C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\libglesv2.dll
2018-06-24 10:42 - 2018-11-16 12:52 - 000108936 _____ () C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\libegl.dll
2018-12-02 12:19 - 2018-11-27 19:39 - 001960448 ____N () C:\Users\CARAGUIA-PC\AppData\Local\Programs\SimBrief Downloader\ffmpeg.dll
2018-12-02 12:19 - 2018-11-27 19:39 - 003429376 ____N () C:\Users\CARAGUIA-PC\AppData\Local\Programs\SimBrief Downloader\libglesv2.dll
2018-12-02 12:19 - 2018-11-27 19:39 - 000017408 ____N () C:\Users\CARAGUIA-PC\AppData\Local\Programs\SimBrief Downloader\libegl.dll
2018-12-10 22:55 - 2018-12-10 22:55 - 000088888 _____ () C:\Program Files\WindowsApps\AppleInc.iTunes_12092.6.37131.0_x64__nzyj5cx40ttqa\zlib1.dll
2018-12-10 22:55 - 2018-12-10 22:55 - 001356088 _____ () C:\Program Files\WindowsApps\AppleInc.iTunes_12092.6.37131.0_x64__nzyj5cx40ttqa\libxml2.dll
2018-09-04 19:02 - 2016-04-01 07:30 - 000187848 _____ () C:\Program Files (x86)\Jeppesen\CDA\CDAMonitor.exe
2018-04-27 16:30 - 2018-04-27 16:30 - 000503808 _____ () C:\WINDOWS\SYSTEM32\turbojpeg.dll
2018-11-07 08:58 - 2018-11-07 08:58 - 000194048 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11810.1001.12.0_x64__8wekyb3d8bbwe\WinStore.Preview.dll
2018-11-07 08:58 - 2018-11-07 08:58 - 002538056 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11810.1001.12.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-11-07 08:58 - 2018-11-07 08:58 - 001754112 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11810.1001.12.0_x64__8wekyb3d8bbwe\Microsoft.Membership.MeControl.dll
2018-11-16 17:35 - 2018-11-16 17:37 - 000478720 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2018-11-16 17:35 - 2018-11-16 17:37 - 066031104 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2018-06-23 20:10 - 2018-06-23 20:10 - 002523136 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\UnityEngineDelegates.dll
2018-11-16 17:35 - 2018-11-16 17:37 - 000010752 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\RenderingPlugin.dll
2018-11-16 17:35 - 2018-11-16 17:37 - 003715072 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\MediaEngineCSWrapper.dll
2018-11-16 17:35 - 2018-11-16 17:37 - 000036352 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\WinMLWrapper.UWP.dll
2018-08-21 05:07 - 2018-08-21 05:07 - 002480640 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\opencv_imgproc320.dll
2018-08-21 05:07 - 2018-08-21 05:07 - 002280960 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\opencv_core320.dll
2018-06-23 20:10 - 2018-06-23 20:10 - 002283008 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\TrackingDLLUWP.dll
2018-11-16 17:35 - 2018-11-16 17:37 - 014097920 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\PhotosApp.Windows.dll
2018-11-16 17:35 - 2018-11-16 17:37 - 003569152 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\MediaEngine.dll
2018-11-16 17:35 - 2018-11-16 17:37 - 002863616 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\AppCore.Windows.dll
2018-08-29 20:57 - 2018-08-29 20:58 - 000973312 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\RuntimeConfiguration.dll
2018-07-26 18:18 - 2018-07-26 18:19 - 004584960 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-12-12 18:32 - 2018-12-12 18:32 - 002084352 _____ () C:\Windows\System32\speech_onecore\engines\tts\MSTTSEngine_OneCore.dll
2018-12-12 18:32 - 2018-12-12 18:32 - 000768000 _____ () C:\Windows\System32\speech_onecore\engines\tts\MSTTSLoc_OneCore.DLL
2018-12-14 00:13 - 2018-12-12 06:11 - 005237216 _____ () C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\libglesv2.dll
2018-12-14 00:13 - 2018-12-12 06:11 - 000117216 _____ () C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\libegl.dll
2018-11-30 16:38 - 2018-11-30 16:38 - 036389376 _____ () C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCO.LTD.SamsungHMDOdysseyHome_2.0.14.0_x64__3c1yjt4zspk6g\HMD Odyssey Home.dll
2018-11-30 16:38 - 2018-11-30 16:38 - 002923968 _____ () C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCO.LTD.SamsungHMDOdysseyHome_2.0.14.0_x64__3c1yjt4zspk6g\UnityEngineDelegates.dll
2018-09-04 19:02 - 2016-04-01 07:30 - 000117248 _____ () C:\Program Files (x86)\Jeppesen\CDA\jcommon.dll
2018-09-04 19:02 - 2016-04-01 07:30 - 000079360 _____ () C:\Program Files (x86)\Jeppesen\CDA\CDAClient.dll
2018-09-04 19:02 - 2016-04-01 07:30 - 000075776 _____ () C:\Program Files (x86)\Jeppesen\CDA\CDAConfig.dll
2018-09-04 19:02 - 2016-04-01 07:30 - 000154112 _____ () C:\Program Files (x86)\Jeppesen\CDA\cdacommon.dll
2018-09-04 19:02 - 2016-04-01 07:30 - 000124416 _____ () C:\Program Files (x86)\Jeppesen\CDA\UpdateMgr.dll
2018-09-04 19:02 - 2016-04-01 07:30 - 000144896 _____ () C:\Program Files (x86)\Jeppesen\CDA\DataMgr.dll
2018-09-04 19:02 - 2016-04-01 07:30 - 000238080 _____ () C:\Program Files (x86)\Jeppesen\CDA\DownloadMgr.dll
2018-09-04 19:02 - 2016-04-01 07:30 - 000272896 _____ () C:\Program Files (x86)\Jeppesen\CDA\tcutil.dll
2018-09-04 19:02 - 2016-04-01 07:30 - 000079872 _____ () C:\Program Files (x86)\Jeppesen\CDA\CDAMsg.dll
2018-09-04 19:02 - 2016-04-01 07:30 - 000544256 _____ () C:\Program Files (x86)\Jeppesen\CDA\CDACrypt.dll
2018-10-01 10:02 - 2014-10-06 19:20 - 000021600 _____ () C:\Program Files (x86)\Jeppesen\JWC\boost_system-vc110-mt-1_53.dll
2018-10-01 10:02 - 2014-10-06 19:19 - 000046176 _____ () C:\Program Files (x86)\Jeppesen\JWC\boost_date_time-vc110-mt-1_53.dll
2018-10-01 10:02 - 2014-10-06 19:19 - 000106080 _____ () C:\Program Files (x86)\Jeppesen\JWC\boost_filesystem-vc110-mt-1_53.dll
2018-10-01 10:02 - 2014-10-06 19:20 - 000639584 _____ () C:\Program Files (x86)\Jeppesen\JWC\boost_regex-vc110-mt-1_53.dll
2018-10-01 10:02 - 2014-10-06 19:20 - 000086112 _____ () C:\Program Files (x86)\Jeppesen\JWC\boost_thread-vc110-mt-1_53.dll
2018-10-01 10:02 - 2014-10-06 19:20 - 000025696 _____ () C:\Program Files (x86)\Jeppesen\JWC\PPM.dll
2018-10-01 10:02 - 2014-10-06 19:20 - 000356960 _____ () C:\Program Files (x86)\Jeppesen\JWC\boost_program_options-vc110-mt-1_53.dll
2018-10-01 10:02 - 2014-10-06 19:19 - 000066656 _____ () C:\Program Files (x86)\Jeppesen\JWC\boost_iostreams-vc110-mt-1_53.dll
2018-10-01 10:02 - 2014-10-06 19:20 - 000074336 _____ () C:\Program Files (x86)\Jeppesen\JWC\zlib.dll
2018-10-01 10:02 - 2014-10-06 19:20 - 000240736 _____ () C:\Program Files (x86)\Jeppesen\JWC\plugins\JWCConnect.dll
2018-10-30 15:26 - 2018-10-30 15:26 - 001863680 _____ () C:\Program Files (x86)\GIGABYTE\AppCenter\BDR_info.dll
2018-06-24 10:42 - 2018-11-16 12:53 - 001033096 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2017-12-01 12:43 - 2017-12-01 12:43 - 000141824 _____ () C:\Program Files (x86)\GIGABYTE\EasyTuneEngineService\ycc.dll
2018-07-26 23:25 - 2017-01-12 10:15 - 000225792 _____ () C:\Program Files (x86)\GIGABYTE\AORUS ENGINE\GvFireware.dll
2018-07-26 23:25 - 2017-01-12 10:15 - 000025088 _____ () C:\Program Files (x86)\GIGABYTE\AORUS ENGINE\BSL430.dll
2017-12-03 11:18 - 2017-12-03 11:18 - 001244304 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll

==================== Alternate Data Streams (Whitelisted) =========

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2018-04-12 00:38 - 2018-12-19 01:29 - 000000876 _____ C:\WINDOWS\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path: C:\Program Files\ImageMagick-7.0.8-Q8;C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Program Files\Oculus\Support\oculus-runtime;C:\Program Files (x86)\Common Files\Intel\Shared Libraries\redist\intel64\compiler;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\iCLS\;C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\Common Files\Propellerhead Software\ReWire\;C:\Program Files\Common Files\Propellerhead Software\ReWire\;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12292018185634174\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12292018185634184\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-21-759811077-1501555437-92379397-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\CARAGUIA-PC\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\img0.jpg
HKU\S-1-5-21-759811077-1501555437-92379397-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12292018185634198\Control Panel\Desktop\\Wallpaper -> C:\Users\CARAGUIA-PC\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\img0.jpg
HKU\S-1-5-80-3238277391-1891473654-1195688043-4149050645-2494734967\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
DNS Servers: 87.216.1.65 - 87.216.1.66
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is disabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

HKLM\...\StartupApproved\StartupFolder: => "Killer Control Center.lnk"
HKU\S-1-5-21-759811077-1501555437-92379397-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-759811077-1501555437-92379397-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12292018185634198\...\StartupApproved\Run: => "OneDrive"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{B5B8DE65-F5B0-48B3-858B-491A92B0AF56}] => (Allow) LPort=9009
FirewallRules: [{EE4B5A4C-E671-49DD-94A4-5020CB32A382}] => (Allow) C:\Program Files (x86)\Tobias Erichsen\rtpMIDI\rtpMIDISvc.exe (Tobias Erichsen)
FirewallRules: [{4EE985E3-DF3C-4B2F-A543-064B8116A177}] => (Allow) LPort=9009
FirewallRules: [{BB197CB4-F59A-4A47-8190-EE6EFFB76790}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation)
FirewallRules: [{F89D13ED-8193-45B5-BD05-4164319F195B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation)
FirewallRules: [{46F560FE-E182-441D-B6DC-A6C6E1F7F2FF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation)
FirewallRules: [{AB9515DB-2763-40C3-A0F0-848B8BB21CC0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation)
FirewallRules: [{24963670-9FD5-4F9D-9EA2-B1A0FA1F2592}] => (Allow) LPort=9009
FirewallRules: [{BF93D8F2-1974-4C85-8B69-0D7581474011}] => (Allow) LPort=9009
FirewallRules: [UDP Query User{A96C90CD-E664-432F-A7DB-0B9BD5018F5D}C:\program files (x86)\gigabyte\aorus engine\aorus.exe] => (Allow) C:\program files (x86)\gigabyte\aorus engine\aorus.exe (GIGABYTE Technology Co.,Ltd.)
FirewallRules: [TCP Query User{517D5E7F-A659-48AD-843A-398356A0A63C}C:\program files (x86)\gigabyte\aorus engine\aorus.exe] => (Allow) C:\program files (x86)\gigabyte\aorus engine\aorus.exe (GIGABYTE Technology Co.,Ltd.)
FirewallRules: [UDP Query User{1E078386-2B42-4007-B39A-AF0F1539E2CA}C:\users\caraguia-pc\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\caraguia-pc\appdata\roaming\spotify\spotify.exe (Spotify Ltd)
FirewallRules: [TCP Query User{5DBB26C1-CBD8-4EB7-84A2-65A7B7F2BEF3}C:\users\caraguia-pc\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\caraguia-pc\appdata\roaming\spotify\spotify.exe (Spotify Ltd)
FirewallRules: [{8EEB9DF0-436D-435B-960F-FAEB6D90FBF9}] => (Allow) LPort=9009
FirewallRules: [{772FBE45-1F61-4AF9-AAEC-1FA3AAA006B2}] => (Allow) LPort=9009
FirewallRules: [{2E3616DC-EE05-45D2-A8DB-101EEB2F8066}] => (Allow) LPort=9009
FirewallRules: [{03E501BD-2C35-4489-80F5-F8B87E6C48B8}] => (Allow) LPort=9009
FirewallRules: [{8F3BD38A-2B10-4A70-A5AA-1D08AF35951D}] => (Allow) LPort=9009
FirewallRules: [{46BC8679-3DB1-4C65-B45A-98301AACB1DA}] => (Allow) LPort=9009
FirewallRules: [{A6E0FB09-3592-4BE8-B1C1-56029454D512}] => (Allow) LPort=9009
FirewallRules: [{E9025EDE-BC7C-4F7C-B2ED-03C3E75F860A}] => (Allow) LPort=9009
FirewallRules: [{3315E001-7D5B-4C26-B0F9-84CA748B627A}] => (Allow) LPort=9009
FirewallRules: [{BB11D6DB-B33E-4FEF-8808-34D01EBE4C77}] => (Allow) LPort=9009
FirewallRules: [{5596BEEB-A293-4B14-A077-F19BE4AC082E}] => (Allow) C:\Program Files (x86)\Tobias Erichsen\rtpMIDI\rtpMIDISvc.exe (Tobias Erichsen)
FirewallRules: [{837107D9-491A-482D-8C34-B8CFE15A5689}] => (Allow) C:\Program Files\FS-FlightControl\FS-FlightControl.exe (AB-Tools.com GmbH)
FirewallRules: [{4DAE84EF-5BD4-4712-8619-6ABB10385062}] => (Allow) C:\Program Files\FS-FlightControl\FS-FlightControl.exe (AB-Tools.com GmbH)
FirewallRules: [{6AD4D776-B8E5-4B5E-B70E-900766086785}] => (Allow) LPort=9009
FirewallRules: [{DD6F4489-5B2A-4953-B923-54B3E9ECAD86}] => (Allow) LPort=9009
FirewallRules: [{6817D3D7-82D1-4F92-9793-CEADB1CEEF13}] => (Allow) LPort=9009
FirewallRules: [{7107DC02-BDEC-4A13-8FC8-F9FBB6F39036}] => (Allow) C:\Program Files (x86)\Tobias Erichsen\rtpMIDI\rtpMIDISvc.exe (Tobias Erichsen)
FirewallRules: [{40811910-5592-4E4E-87D0-217E3E264B3F}] => (Allow) LPort=9009
FirewallRules: [{4C7428B0-9134-4151-A01C-BC96C585A368}] => (Allow) LPort=9009
FirewallRules: [{43556024-ECE9-4B6A-9AB0-DB56F796CCD0}] => (Allow) LPort=9009
FirewallRules: [{8F6209D0-6F50-4EB4-8000-8B8C324CF3B2}] => (Allow) LPort=9009
FirewallRules: [{CBC9DDD5-839C-4584-BD2F-3B19E34E03D1}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH)
FirewallRules: [{3A7F8F07-68F3-4B7E-85E6-701304719D24}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH)
FirewallRules: [{7491DDC2-92DF-4CA9-A11F-A418DE48C178}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH)
FirewallRules: [{83F05F61-24E1-44C0-879C-A85525ACBB18}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH)
FirewallRules: [{C0954933-172C-4E23-8A98-3F25E40D0B22}] => (Allow) LPort=9009
FirewallRules: [{663A2B4D-F5C0-411E-A531-569241057D25}] => (Allow) C:\Program Files (x86)\Tobias Erichsen\rtpMIDI\rtpMIDISvc.exe (Tobias Erichsen)
FirewallRules: [{F97A2379-5FF9-4443-BDD5-77D70E62B9BA}] => (Allow) LPort=9009
FirewallRules: [{B3C8E24B-475E-4047-869B-54876EA01C0B}] => (Allow) LPort=9009
FirewallRules: [{7A4FBC4E-4661-4A0C-B434-3CB51A266BE8}] => (Allow) LPort=9009
FirewallRules: [{A372FB6B-E4FB-4C44-A190-83502328BBE5}] => (Allow) LPort=9009
FirewallRules: [{34A1DB36-A90B-4421-97D8-686212BF52B0}] => (Allow) C:\Program Files (x86)\Tobias Erichsen\rtpMIDI\rtpMIDISvc.exe (Tobias Erichsen)
FirewallRules: [{F9A63BA7-9241-4979-BE31-A0D74E526E7C}] => (Allow) LPort=9009
FirewallRules: [{14471F62-AF96-44FD-8F61-B15D6D99C361}] => (Allow) LPort=9009
FirewallRules: [{410432AC-F633-4A82-9A30-AEFDAA79D3C0}] => (Allow) C:\Program Files (x86)\Tobias Erichsen\rtpMIDI\rtpMIDISvc.exe (Tobias Erichsen)
FirewallRules: [{589AAF55-BC9D-4BEE-A85E-66A058BD62BF}] => (Allow) LPort=9009
FirewallRules: [{09A68456-A035-4205-AB54-E71F7213C37B}] => (Allow) LPort=9009
FirewallRules: [{352B6642-1F9B-489F-847B-DFB37BC4A2B9}] => (Allow) LPort=9009
FirewallRules: [{31AFA1D1-C88A-42B8-B786-AC07001BBFD4}] => (Allow) LPort=9009
FirewallRules: [{381EA0E7-382E-4859-9D43-6B3C63A37505}] => (Allow) LPort=9009
FirewallRules: [{401CA8A1-533B-4F76-A30A-8233BAD614A6}] => (Allow) LPort=9009
FirewallRules: [{0EE92148-1DEB-4300-92CD-081848593977}] => (Allow) LPort=9009
FirewallRules: [{BC13A311-A132-4132-9EC7-DEA55F334F9D}] => (Allow) LPort=9009
FirewallRules: [{1E7C6154-AA16-44E6-B190-CBA2F3F468AE}] => (Allow) LPort=9009
FirewallRules: [{71236A5B-90E7-45F4-BD0E-7609BE641020}] => (Allow) LPort=9009
FirewallRules: [{991CC9EC-6EDA-4724-A773-A75B80B0E7A6}] => (Allow) LPort=9009
FirewallRules: [{C7AFEA23-39C5-42ED-9520-29B9392F6FD3}] => (Allow) LPort=9009
FirewallRules: [{D764A684-8DFF-41D2-9CBD-2CB5F2805630}] => (Allow) LPort=9009
FirewallRules: [{1DF2AEAA-1E90-4A08-87C3-ED6046C33307}] => (Allow) LPort=9009
FirewallRules: [{CE9B7CFA-C253-480D-8C13-699BCB5B92C6}] => (Allow) C:\Program Files (x86)\Tobias Erichsen\rtpMIDI\rtpMIDISvc.exe (Tobias Erichsen)
FirewallRules: [{81B0D09D-2EC5-4049-9ACD-B543157D8C21}] => (Allow) LPort=9009
FirewallRules: [{B2357E5E-00B0-4E1D-9F90-DE3839E172DA}] => (Allow) LPort=9009
FirewallRules: [{BFD577D7-A8F5-4EA5-949E-5954EAF9DA92}] => (Allow) LPort=9009
FirewallRules: [{E872F8D0-8369-49B4-BCF6-08AB85D080AB}] => (Allow) C:\Program Files (x86)\Tobias Erichsen\rtpMIDI\rtpMIDISvc.exe (Tobias Erichsen)
FirewallRules: [{312F2378-6E0A-430E-BF21-BE1719608417}] => (Allow) LPort=9009
FirewallRules: [{592B37A2-FFB2-487C-AB67-8587902F5AF6}] => (Allow) C:\Program Files (x86)\Tobias Erichsen\rtpMIDI\rtpMIDISvc.exe (Tobias Erichsen)
FirewallRules: [{158720DE-221F-491A-A2A1-F8D78B2686CB}] => (Allow) LPort=9009
FirewallRules: [{9B56E765-C6D2-4F29-BF9B-4B345247BC4B}] => (Allow) C:\Program Files (x86)\Tobias Erichsen\rtpMIDI\rtpMIDISvc.exe (Tobias Erichsen)
FirewallRules: [{76F724C2-50BC-4388-8AE4-9AD02C75BCBD}] => (Allow) C:\Program Files\DriversCloud.com\DriversCloud.exe (CybelSoft)
FirewallRules: [{FB6F19E2-A16E-4074-8F9F-92B62709EF42}] => (Allow) C:\Program Files\DriversCloud.com\DriversCloud.exe (CybelSoft)
FirewallRules: [{67604B03-0357-48C4-A581-945FDD79BFA2}] => (Allow) LPort=9009
FirewallRules: [{2C372585-5C8B-48F3-8ADF-379D3369A128}] => (Allow) C:\Program Files (x86)\Tobias Erichsen\rtpMIDI\rtpMIDISvc.exe (Tobias Erichsen)
FirewallRules: [{3BABC558-E66F-453F-A5F3-2728AEF2C995}] => (Allow) LPort=9009
FirewallRules: [{F8D40F6D-2C7B-4382-BFD4-F2F14892F5A4}] => (Allow) C:\Program Files (x86)\Tobias Erichsen\rtpMIDI\rtpMIDISvc.exe (Tobias Erichsen)
FirewallRules: [{DF9B1533-154E-4801-BB29-ADF19800D30D}] => (Allow) LPort=9009
FirewallRules: [{BA298EB2-D608-4E8B-AECD-5C202269DCB4}] => (Allow) C:\Program Files (x86)\Tobias Erichsen\rtpMIDI\rtpMIDISvc.exe (Tobias Erichsen)
FirewallRules: [{386816B5-AB5A-437C-A520-A9FE7BE10466}] => (Allow) LPort=9009
FirewallRules: [{FB8C6D20-2310-4B4B-9964-1DD920EB0E30}] => (Allow) LPort=9009
FirewallRules: [{49E9A683-1F58-4611-AFB4-E108DC06F6ED}] => (Allow) C:\Program Files (x86)\Tobias Erichsen\rtpMIDI\rtpMIDISvc.exe (Tobias Erichsen)
FirewallRules: [{8304799B-347D-43AF-AF55-E532D8654097}] => (Allow) LPort=9009
FirewallRules: [{56D6BE83-CC86-4FF8-9F3F-57E3A00571FB}] => (Allow) LPort=9009
FirewallRules: [{BF9846C9-8666-47F7-86C8-23171131512F}] => (Allow) C:\Program Files\Kairos\Duet Display\duet.exe (Duet, Inc.)
FirewallRules: [{7804B398-5CD8-4E31-9634-BECDE16C71CA}] => (Allow) LPort=9009
FirewallRules: [{B67EB10A-8C69-45C7-BD1E-E8AE0A7392CF}] => (Allow) LPort=9009
FirewallRules: [{B2A501FB-0419-4186-AA08-67BFA7AC2AB8}] => (Allow) K:\SteamLibrary\steamapps\common\SKYBOX VR Video Player\SteamVR_SourceVRPlayer.exe ()
FirewallRules: [{4F053D87-FAB6-4F7A-82DB-1F8DE3FDBB04}] => (Allow) K:\SteamLibrary\steamapps\common\SKYBOX VR Video Player\SteamVR_SourceVRPlayer.exe ()
FirewallRules: [{259EFD8A-3FD6-4D20-9323-29DA10F25021}] => (Allow) C:\Program Files\Oculus\Support\oculus-client\OculusClient.exe (Oculus VR, LLC)
FirewallRules: [{EF4A2C3C-B256-4C99-902E-37B09BD2591E}] => (Allow) C:\Program Files\Oculus\Support\oculus-client\OculusClient.exe (Oculus VR, LLC)
FirewallRules: [{B3F64F7D-2A04-4D6D-A0A0-8A84552595E8}] => (Allow) C:\Program Files\Oculus\Support\oculus-worlds\Home2\Binaries\Win64\Home2-Win64-Shipping.exe (Epic Games, Inc.)
FirewallRules: [{2BC03EF5-7BF6-4341-884F-1C52293857D0}] => (Allow) C:\Program Files\Oculus\Support\oculus-worlds\Home2\Binaries\Win64\Home2-Win64-Shipping.exe (Epic Games, Inc.)
FirewallRules: [{44659ECD-4DC7-41CE-B6D6-ACDA980BEC6D}] => (Allow) C:\Program Files\Oculus\Support\oculus-worlds\Home2.exe ()
FirewallRules: [{BF025ADC-4355-453D-9A50-B9A5D1FF3B4E}] => (Allow) C:\Program Files\Oculus\Support\oculus-worlds\Home2.exe ()
FirewallRules: [{43666583-60ED-442A-9F0E-F93D1A885E5C}] => (Allow) C:\Program Files\Oculus\Support\oculus-runtime\OVRServer_x64.exe (Facebook Technologies, LLC)
FirewallRules: [{6D7A4C8C-31E6-4C19-9953-7AE6A9254541}] => (Allow) C:\Program Files\Oculus\Support\oculus-runtime\OVRServer_x64.exe (Facebook Technologies, LLC)
FirewallRules: [{2D6C8DAB-C27B-40C9-A3C3-9FEF74B7B65F}] => (Allow) C:\Program Files\Oculus\Support\oculus-runtime\OVRServiceLauncher.exe (Facebook Technologies, LLC)
FirewallRules: [{F9EEA582-F1BC-451F-A2EE-B4977FB464AF}] => (Allow) C:\Program Files\Oculus\Support\oculus-runtime\OVRServiceLauncher.exe (Facebook Technologies, LLC)
FirewallRules: [{93B00703-8898-45A7-8477-8DB82D469E1C}] => (Allow) C:\Program Files\Oculus\Support\oculus-runtime\OVRRedir.exe ()
FirewallRules: [{8918CA2B-1E63-4A41-9D45-A0709C21FD49}] => (Allow) C:\Program Files\Oculus\Support\oculus-runtime\OVRRedir.exe ()
FirewallRules: [{65E5C147-31C3-4315-9211-CBE1CD28EE10}] => (Allow) LPort=9009
FirewallRules: [{C8EDE768-526A-4701-8033-7B72E0A214C4}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corporation)
FirewallRules: [{DBBCD35C-EE20-4A3C-8FE1-0DECD2033DFD}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corporation)
FirewallRules: [{1BF2073F-AFAB-4AF5-8EA5-5609028D82AA}] => (Allow) LPort=9009
FirewallRules: [{DC3A9FAD-1F57-4B77-A51C-C0E78D35FD88}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
FirewallRules: [{DE1336A7-2943-494F-B225-5A96E26C4E27}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
FirewallRules: [{9709AE55-A285-4B5E-AFAA-857C3EBB1CB7}] => (Allow) LPort=9009
FirewallRules: [{590D554A-9598-4B77-8F30-A34F51A63743}] => (Allow) LPort=9009
FirewallRules: [{48D9E73C-5F96-4A14-A847-35615DA62839}] => (Allow) C:\Program Files (x86)\Tobias Erichsen\rtpMIDI\rtpMIDISvc.exe (Tobias Erichsen)
FirewallRules: [{E8D77C5A-CE4A-419F-A5AC-9D0EDDD64162}] => (Allow) K:\SteamLibrary\steamapps\common\MixedRealityVRDriver\bin\win64\Launch.exe (Microsoft Corporation)
FirewallRules: [{4C0DA05C-CE7E-4739-BF7A-0CA5F2D71ACD}] => (Allow) K:\SteamLibrary\steamapps\common\MixedRealityVRDriver\bin\win64\Launch.exe (Microsoft Corporation)
FirewallRules: [{23718B4F-04DF-4B56-913B-B7E2CE287D7A}] => (Allow) LPort=9009
FirewallRules: [{B37714F2-8A09-4D2D-BA0D-2FA5D59F3ABB}] => (Allow) C:\Program Files (x86)\Tobias Erichsen\rtpMIDI\rtpMIDISvc.exe (Tobias Erichsen)
FirewallRules: [{25EAB471-F6D8-4240-9754-60893D96706F}] => (Allow) LPort=9009
FirewallRules: [{85783836-3DCE-427D-A86F-2ADC24084B4C}] => (Allow) K:\SteamLibrary\steamapps\common\Bigscreen\Bigscreen.exe ()
FirewallRules: [{512B15EB-06CE-4446-9AC3-8ABA151E0024}] => (Allow) K:\SteamLibrary\steamapps\common\Bigscreen\Bigscreen.exe ()
FirewallRules: [{F665DFB2-8F35-452E-A53B-46E7D2EB1F01}] => (Allow) LPort=9009
FirewallRules: [{915B08C1-80FD-4117-A0EB-3BB8F5EF66EF}] => (Allow) LPort=9009
FirewallRules: [{3C198345-87D1-473C-A4D8-C26DF3F819C1}] => (Allow) LPort=9009
FirewallRules: [{4F11E7C8-D553-47B9-87F5-17731930E3D5}] => (Allow) C:\Program Files (x86)\Tobias Erichsen\rtpMIDI\rtpMIDISvc.exe (Tobias Erichsen)
FirewallRules: [{75BFAE1D-27FE-44D8-B7A5-A68DEC91CACA}] => (Allow) LPort=9009
FirewallRules: [{76EED606-284D-4511-AAD7-4A8E95B1E513}] => (Allow) LPort=9009
FirewallRules: [{A9517DCC-F7C5-4EA4-A2F8-3A83970F6D1E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SteamVR\tools\steamvr_environments\game\bin\win64\steamtourscfg.exe ()
FirewallRules: [{74F4B384-ABC5-43FC-AC98-31778BC944F3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SteamVR\tools\steamvr_environments\game\bin\win64\steamtourscfg.exe ()
FirewallRules: [{B714E7A7-560F-4E8A-B912-FE39A7A0D96E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SteamVR\tools\steamvr_environments\game\bin\win64\steamtours.exe ()
FirewallRules: [{F77D591F-9BDC-434E-BAE7-5C37D254D241}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SteamVR\tools\steamvr_environments\game\bin\win64\steamtours.exe ()
FirewallRules: [{C2A11D85-A4FC-4BEE-BE55-EA980723B9C4}] => (Allow) LPort=9009
FirewallRules: [{E4D226E0-D6F1-4B0A-B260-D35CD0858463}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SteamVR\bin\win32\vrstartup.exe ()
FirewallRules: [{250FB440-3BF0-4DF6-ACAD-9EA473BC02C4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SteamVR\bin\win32\vrstartup.exe ()
FirewallRules: [{E8128403-66A3-4229-936A-4847B442A6D1}] => (Allow) LPort=9009
FirewallRules: [{0E4B1DE1-393C-4595-B972-971ACA8180DF}] => (Allow) LPort=9009
FirewallRules: [{35A7D5CC-97D2-42B1-870A-A3CC760F21B7}] => (Allow) LPort=9009
FirewallRules: [{016B55AA-C3F5-4D83-9E9A-30F12E19528B}] => (Allow) LPort=9009
FirewallRules: [{E1731488-ECC4-4BAB-BBA1-E6F2A177D17F}] => (Allow) LPort=9009
FirewallRules: [{44C48742-8669-44A9-BFAD-39D3BCBBAD65}] => (Allow) LPort=9009
FirewallRules: [{69DBF1D2-78AF-4402-8154-EFE97727F661}] => (Allow) LPort=9009
FirewallRules: [{662E5AAD-1FA1-46F6-8651-E469A6C766FB}] => (Allow) LPort=9009
FirewallRules: [{66F66632-1BEE-4778-A75C-03D715E3835F}] => (Allow) LPort=9009
FirewallRules: [{16F5FE91-A743-4775-B45F-59125964BEC3}] => (Allow) C:\Program Files (x86)\Tobias Erichsen\rtpMIDI\rtpMIDISvc.exe (Tobias Erichsen)
FirewallRules: [{41AC9750-2B58-4183-B867-740B901FC426}] => (Allow) LPort=9009
FirewallRules: [{5B29561A-BD8B-4A5D-8F04-4731F19EBFD9}] => (Allow) LPort=9009
FirewallRules: [{38E2ABD0-09AE-49A6-B0D0-FBDDFF774D25}] => (Allow) LPort=9009
FirewallRules: [{DE006378-B752-4F6E-800D-850E64F24BCA}] => (Allow) C:\Program Files (x86)\Tobias Erichsen\rtpMIDI\rtpMIDISvc.exe (Tobias Erichsen)
FirewallRules: [{EBD2ACD9-FCA8-4402-9A4E-E8A627CAEFDC}] => (Allow) LPort=9009
FirewallRules: [{806BEE05-AB01-41CA-894B-E3C4C687B8BE}] => (Allow) LPort=9009
FirewallRules: [{BA938E10-CB5C-47B1-BB9E-BF7A932F6163}] => (Allow) LPort=9009
FirewallRules: [{56BEAB1E-B1C4-48ED-81E6-6AB3102AA43E}] => (Allow) LPort=9009
FirewallRules: [{4E21D384-E7F3-4AEF-9FAE-2AF0642F98DE}] => (Allow) LPort=9009
FirewallRules: [{3F1DB267-D581-48F4-8729-65D162EFCB1A}] => (Allow) LPort=9009
FirewallRules: [OpenSSH-Server-In-TCP] => (Allow) %SystemRoot%\system32\OpenSSH\sshd.exe ()
FirewallRules: [{41CB1EE2-06BE-459D-BFBD-1056B09447B7}] => (Allow) LPort=9009
FirewallRules: [{00E84D71-FE96-4E87-B99B-98159EA817A7}] => (Allow) LPort=9009
FirewallRules: [{01E0CD91-945C-4D19-AC1C-5FF787ABF240}] => (Allow) C:\Program Files (x86)\Tobias Erichsen\rtpMIDI\rtpMIDISvc.exe (Tobias Erichsen)
FirewallRules: [{B594C9FD-7600-4726-B49D-8874B45F62DD}] => (Allow) LPort=9009
FirewallRules: [{D2152BDB-FA2E-44B6-8BA1-9C998414D7AA}] => (Allow) C:\Program Files (x86)\Tobias Erichsen\rtpMIDI\rtpMIDISvc.exe (Tobias Erichsen)
FirewallRules: [{5DEF0275-4D1C-4762-9E5C-2B64B9F194DC}] => (Allow) C:\Program Files (x86)\Tobias Erichsen\rtpMIDI\rtpMIDISvc.exe (Tobias Erichsen)
FirewallRules: [{9E9505D5-63BE-4796-9F74-5FF22C65F9B0}] => (Allow) LPort=9009
FirewallRules: [{525DD0F7-1F15-4957-8AF1-AAD61CCA99F5}] => (Allow) C:\Program Files (x86)\Tobias Erichsen\rtpMIDI\rtpMIDISvc.exe (Tobias Erichsen)
FirewallRules: [{F2690E78-8C3B-49EB-99C6-349F9CB2DC1D}] => (Allow) LPort=9009
FirewallRules: [{86A79342-E4A5-4E0E-8775-19BF866BC26C}] => (Allow) C:\Program Files (x86)\GIGABYTE\AppCenter\gcupd.exe ()
FirewallRules: [{6CDDFCC2-6A8B-4798-A6C5-9C7E72880418}] => (Allow) C:\Program Files (x86)\GIGABYTE\AppCenter\ApCent.exe ()
FirewallRules: [{DFBEE5B3-16F5-48EB-9213-92DBA1F2E296}] => (Allow) C:\Program Files (x86)\GIGABYTE\AppCenter\gcupd.exe ()
FirewallRules: [{CFA13917-824C-4B41-9013-E73691692F27}] => (Allow) C:\Program Files (x86)\GIGABYTE\AppCenter\ApCent.exe ()
FirewallRules: [{434A29A2-6755-49EB-BDFB-7E779F084A1E}] => (Allow) K:\SteamLibrary\steamapps\common\Empyrion - Galactic Survival\EmpyrionLauncher.exe (Eleon Game Studios)
FirewallRules: [{73B478FA-6122-4467-9483-090522D6AEB3}] => (Allow) K:\SteamLibrary\steamapps\common\Empyrion - Galactic Survival\EmpyrionLauncher.exe (Eleon Game Studios)
FirewallRules: [{32049412-F0B8-4D1A-9070-9BF97449BBD1}] => (Allow) C:\Program Files (x86)\Tobias Erichsen\rtpMIDI\rtpMIDISvc.exe (Tobias Erichsen)
FirewallRules: [{EB203C6A-8B0E-4C23-A320-149F6C38AC8E}] => (Allow) C:\Program Files (x86)\Tobias Erichsen\rtpMIDI\rtpMIDISvc.exe (Tobias Erichsen)
FirewallRules: [{8BA3B80C-9405-4AFD-9448-9064C88D1A63}] => (Allow) G:1\SteamLibrary\steamapps\common\Empyrion - Galactic Survival\EmpyrionLauncher.exe No File
FirewallRules: [{0A349D7E-AE56-4361-AB3A-DB25D7FB2BE2}] => (Allow) G:1\SteamLibrary\steamapps\common\Empyrion - Galactic Survival\EmpyrionLauncher.exe No File
FirewallRules: [{831453AC-AFC0-427A-B167-E927AFCE181D}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
FirewallRules: [{66AE1CBB-96BC-4933-B3DE-948C07AB962D}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
FirewallRules: [{51B390A3-D2A7-4995-9C7A-B05431F82D80}] => (Allow) C:\Program Files (x86)\Tobias Erichsen\rtpMIDI\rtpMIDISvc.exe (Tobias Erichsen)
FirewallRules: [{4FBEE9DF-3F5A-4E02-AED8-6C7F27559F15}] => (Allow) C:\Program Files (x86)\Tobias Erichsen\rtpMIDI\rtpMIDISvc.exe (Tobias Erichsen)
FirewallRules: [UDP Query User{FCDF62E9-8A7E-4B2A-B32A-F0D11A80D6D5}C:\program files (x86)\creative\connection service\connection service.exe] => (Allow) C:\program files (x86)\creative\connection service\connection service.exe (Creative Technology Ltd.)
FirewallRules: [TCP Query User{2D3E4CB4-8FA5-43C3-B15E-8E8E9C5B41C7}C:\program files (x86)\creative\connection service\connection service.exe] => (Allow) C:\program files (x86)\creative\connection service\connection service.exe (Creative Technology Ltd.)
FirewallRules: [{CEBA7714-46E3-4E76-B16E-097E95F5992B}] => (Allow) C:\Program Files (x86)\Driver Booster\App\DriverBooster\DBDownloader.exe (IObit)
FirewallRules: [{784FD584-2DC0-46EC-A728-67C02A0753A9}] => (Allow) C:\Program Files (x86)\Driver Booster\App\DriverBooster\DBDownloader.exe (IObit)
FirewallRules: [{120EFAAE-95DA-48D6-B2B6-9B8D013E1108}] => (Allow) C:\Program Files (x86)\Driver Booster\App\DriverBooster\DriverBooster.exe (IObit)
FirewallRules: [{D7E956F1-DC5C-423C-9271-C8D54F1BDC8A}] => (Allow) C:\Program Files (x86)\Driver Booster\App\DriverBooster\DriverBooster.exe (IObit)
FirewallRules: [{6082EC05-4189-4723-A4BD-CC596960065D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation)
FirewallRules: [{BAF95031-9865-46DD-8D48-B895ED2E6565}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation)
FirewallRules: [{886F3637-1735-492C-BC63-68910A4B184E}] => (Allow) LPort=9009
FirewallRules: [{0B150C42-B9A0-4130-B219-92B77195F453}] => (Allow) C:\Program Files (x86)\Tobias Erichsen\rtpMIDI\rtpMIDISvc.exe (Tobias Erichsen)
FirewallRules: [{BE4E32F9-FCAA-4E8E-B080-6802C642DE72}] => (Allow) LPort=9009
FirewallRules: [{3F5C2840-1B7E-4D39-9D4B-D40579A818DE}] => (Allow) LPort=9009
FirewallRules: [{B8446408-AA3F-405E-95C3-EAC52332D48C}] => (Allow) LPort=9009
FirewallRules: [{9A0B6299-75B6-412C-8632-5F161A2EBD9D}] => (Allow) LPort=9009
FirewallRules: [{8C37C8D7-657B-4F48-AFF5-EB4933765EFE}] => (Allow) LPort=9009
FirewallRules: [{68B564C4-2635-48CF-B24E-D30890ECACDC}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
FirewallRules: [{38C268A2-6BF6-483D-99CC-37174916ACD5}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.)
FirewallRules: [{98556458-618C-4651-98EE-AEE37893787A}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.)
FirewallRules: [{03CF6BEA-9CCC-4921-9581-4475CD4AFCFE}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc.)
FirewallRules: [{6C83657E-A17E-4452-A656-42B5A03A42D5}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc.)
FirewallRules: [{6AAD7BA9-31E3-4044-A7F7-1692CCB9BF62}] => (Allow) C:\Program Files (x86)\GIGABYTE\AppCenter\ApCent.exe ()
FirewallRules: [{863FF904-34F2-4D9D-982D-B8BA957650B2}] => (Allow) C:\Program Files (x86)\GIGABYTE\AppCenter\gcupd.exe ()
FirewallRules: [{D1048BDD-7BD8-4FB8-90D6-646AE99A79DA}] => (Allow) LPort=9009
FirewallRules: [{127C2942-FABE-4D2B-818A-13EFD2EF7AB6}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12092.6.37131.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc.)
FirewallRules: [{8ACD1B66-25C5-41FE-8AB4-57041234DAC9}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12092.6.37131.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc.)
FirewallRules: [{801152D5-D295-4C13-B391-5555D164EA6D}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12092.6.37131.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc.)
FirewallRules: [{BE00B7F4-5102-4A8A-B988-97D2F5846BA1}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12092.6.37131.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc.)
FirewallRules: [{177BEDAE-F6B8-4A52-BF2D-0D70A80F4CC7}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12092.6.37131.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc.)
FirewallRules: [{49E1E3F5-8D0D-4DD7-BA47-F4E0B3168AD6}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12092.6.37131.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc.)
FirewallRules: [{B1DE103D-E479-4390-BFDD-3DBDB9A01DDE}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12092.6.37131.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc.)
FirewallRules: [{63797591-D3F0-458F-9194-04E91F7F0AE1}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12092.6.37131.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc.)
FirewallRules: [{8F26AF5C-83D9-42BA-A533-51FC1EFCA9FB}] => (Allow) C:\Program Files (x86)\Tobias Erichsen\rtpMIDI\rtpMIDISvc.exe (Tobias Erichsen)
FirewallRules: [{034B73CF-E133-4DDE-8430-76519A270C04}] => (Allow) LPort=9009
FirewallRules: [{40983872-BBC5-460D-A967-46479F43BA2C}] => (Allow) C:\Program Files\Oculus\Support\oculus-dash\dash\bin\OculusDash.exe ()
FirewallRules: [{A6A3C6D6-6DE2-42C6-BD51-D49911FDC951}] => (Allow) C:\Program Files\Oculus\Support\oculus-dash\dash\bin\OculusDash.exe ()
FirewallRules: [{1317B3DE-6F6A-4976-86B3-1E5482FFD387}] => (Allow) K:\SteamLibrary\steamapps\common\Google Spotlight Stories - Son of Jaguar\win64\storyplayer.exe ()
FirewallRules: [{39B3B36B-9E66-45AE-B77F-0FA7E89AB234}] => (Allow) K:\SteamLibrary\steamapps\common\Google Spotlight Stories - Son of Jaguar\win64\storyplayer.exe ()
FirewallRules: [{73260E99-1AAE-4E43-BD36-90E8A5D294B5}] => (Allow) K:\SteamLibrary\steamapps\common\Back to the Moon\win64\storyplayer.exe ()
FirewallRules: [{746C51AC-D1B0-4DEE-9391-F8774FB4ABCC}] => (Allow) K:\SteamLibrary\steamapps\common\Back to the Moon\win64\storyplayer.exe ()
FirewallRules: [{041D1235-09AD-4AD8-9A6D-6280267B2C34}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
FirewallRules: [{FDEE74D3-41AF-4442-9BA1-2659EDFC7A02}] => (Allow) LPort=9009
FirewallRules: [{9898F744-CD1C-4428-9393-2603691610DB}] => (Allow) LPort=9009
FirewallRules: [{9FB621E2-37ED-4BFE-AF76-2A5BA64125EC}] => (Allow) C:\Program Files (x86)\Tobias Erichsen\rtpMIDI\rtpMIDISvc.exe (Tobias Erichsen)
FirewallRules: [{C84CC214-7999-424F-A043-DB06BA838F08}] => (Allow) LPort=9009
FirewallRules: [{C75A9F9D-A3EA-4080-9DD6-9FF77590354A}] => (Allow) C:\Program Files (x86)\Tobias Erichsen\rtpMIDI\rtpMIDISvc.exe (Tobias Erichsen)
FirewallRules: [{2284612A-DB9E-4377-BF0A-3FBB95382215}] => (Allow) LPort=9009
FirewallRules: [{6AE919C3-0EE1-4C4F-8510-02A5CEDF2EBF}] => (Allow) C:\Program Files (x86)\Tobias Erichsen\rtpMIDI\rtpMIDISvc.exe (Tobias Erichsen)
FirewallRules: [{599BFB6B-79B1-49F2-AA7C-22702EEB13B5}] => (Allow) LPort=9009
FirewallRules: [{A9ED7AFF-60CC-458C-AD2A-A325414323A7}] => (Allow) C:\Program Files (x86)\Tobias Erichsen\rtpMIDI\rtpMIDISvc.exe (Tobias Erichsen)
FirewallRules: [{0DCB6E5B-CE08-4B24-8CE1-D4D59BA8E6DF}] => (Allow) LPort=9009
FirewallRules: [{646E83F4-7B3D-47A7-9541-235BDEFF96A2}] => (Allow) LPort=9009
FirewallRules: [{D01B0E75-9E62-4E17-A897-99FEC089F137}] => (Allow) LPort=9009
FirewallRules: [{2C14D0C6-D28A-46DB-881A-89E24CA2757B}] => (Allow) LPort=9009
FirewallRules: [{4AC1F466-A09F-4A69-BA8F-44C6415ADE49}] => (Allow) LPort=9009
FirewallRules: [{82619EB2-2D17-4E9D-981A-1EF2C02451F5}] => (Allow) LPort=9009
FirewallRules: [{D4D2F304-2C4F-4EB6-A106-62DE6866A786}] => (Allow) LPort=9009
FirewallRules: [{8310785F-0034-4434-917A-0C53A2545539}] => (Allow) K:\SteamLibrary\steamapps\common\Google Spotlight Stories Piggy\win64\storyplayer.exe ()
FirewallRules: [{1DE148F3-BCA1-42E6-B19F-6C6BACB3CB4F}] => (Allow) K:\SteamLibrary\steamapps\common\Google Spotlight Stories Piggy\win64\storyplayer.exe ()
FirewallRules: [{7F734212-9B8F-4043-BB89-112A166B2EF6}] => (Allow) C:\Program Files (x86)\Tobias Erichsen\rtpMIDI\rtpMIDISvc.exe (Tobias Erichsen)
FirewallRules: [{362C32F9-1910-41CA-9DF8-C1C3E3A941F7}] => (Allow) LPort=9009
FirewallRules: [{9A015B5E-6F56-41E2-A62B-B022AE146D64}] => (Allow) C:\Program Files (x86)\Tobias Erichsen\rtpMIDI\rtpMIDISvc.exe (Tobias Erichsen)
FirewallRules: [{3CCA663C-1E71-4D53-9858-4D69C2CF591C}] => (Allow) LPort=9009
FirewallRules: [{20474D8C-1A99-4F0E-B008-1D9A1CE04F8A}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Ltd)
FirewallRules: [{4B36684F-6E7F-4CCD-8D77-C25F630E6B84}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Ltd)
FirewallRules: [{2463636D-4150-4CD3-BEAD-C8277A2D95F0}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software)
FirewallRules: [{31B933D1-7A2D-4F56-BC11-0F17D8C7F3D6}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software)
FirewallRules: [{7C1AAFA9-7312-4373-9358-BD716FCE1E34}] => (Allow) C:\Program Files (x86)\Tobias Erichsen\rtpMIDI\rtpMIDISvc.exe (Tobias Erichsen)
FirewallRules: [{3C68DD15-2E12-42A6-A9A2-3A07E4B04B77}] => (Allow) LPort=9009

==================== Restore Points =========================

27-12-2018 18:50:29 Removed Apple Mobile Device Support
28-12-2018 17:19:06 Revo Uninstaller Pro's restore point - Panda Antivirus Pro
30-12-2018 22:51:47 Revo Uninstaller Pro's restore point - Avast Free Antivirus

==================== Faulty Device Manager Devices =============

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (12/30/2018 11:25:03 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Error al generar el contexto de activación para "C:\Program Files (x86)\Jeppesen\JeppView for Windows\JeppView.exe". Error en el archivo de manifiesto o directiva "" en la línea .
Una versión de componente requerida por la aplicación está en conflicto con la versión de otro componente activo.
Los componentes en conflicto son:.
Componente 1: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17763.195_none_4d616d831b9c5e9f.manifest.
Componente 2: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17763.195_none_05b436ac07203599.manifest.

Error: (12/30/2018 10:59:23 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Error al generar el contexto de activación para "C:\Program Files (x86)\Jeppesen\JeppView for Windows\JeppView.exe". Error en el archivo de manifiesto o directiva "" en la línea .
Una versión de componente requerida por la aplicación está en conflicto con la versión de otro componente activo.
Los componentes en conflicto son:.
Componente 1: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17763.195_none_4d616d831b9c5e9f.manifest.
Componente 2: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17763.195_none_05b436ac07203599.manifest.

Error: (12/30/2018 10:51:29 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Error del Servicio de instantáneas de volumen: error inesperado al consultar la interfaz IVssWriterCallback. HR = 0x80070005, Acceso denegado.
.
A menudo ocurre por una configuración de seguridad incorrecta en el proceso de escritura o de solicitud.


Operación:
   Recopilando datos del escritor

Contexto:
   Id. de clase del escritor: {e8132975-6f93-4464-a53e-1050253ae220}
   Nombre del escritor: System Writer
   Id. de instancia del escritor: {58c4ecb8-4b44-4544-ac93-e539d194ff78}

Error: (12/30/2018 10:43:05 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Error al generar el contexto de activación para "C:\Program Files (x86)\Jeppesen\JeppView for Windows\JeppView.exe". Error en el archivo de manifiesto o directiva "" en la línea .
Una versión de componente requerida por la aplicación está en conflicto con la versión de otro componente activo.
Los componentes en conflicto son:.
Componente 1: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17763.195_none_4d616d831b9c5e9f.manifest.
Componente 2: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17763.195_none_05b436ac07203599.manifest.

Error: (12/30/2018 07:09:13 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Error al generar el contexto de activación para "C:\Program Files (x86)\Jeppesen\JeppView for Windows\JeppView.exe". Error en el archivo de manifiesto o directiva "" en la línea .
Una versión de componente requerida por la aplicación está en conflicto con la versión de otro componente activo.
Los componentes en conflicto son:.
Componente 1: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17763.195_none_4d616d831b9c5e9f.manifest.
Componente 2: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17763.195_none_05b436ac07203599.manifest.

Error: (12/29/2018 06:58:27 PM) (Source: SecurityCenter) (EventID: 17) (User: )
Description: Security Center no pudo validar al autor de la llamada con el error %1.

Error: (12/29/2018 06:56:27 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Error al generar el contexto de activación para "C:\Program Files (x86)\Jeppesen\JeppView for Windows\JeppView.exe". Error en el archivo de manifiesto o directiva "" en la línea .
Una versión de componente requerida por la aplicación está en conflicto con la versión de otro componente activo.
Los componentes en conflicto son:.
Componente 1: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17763.195_none_4d616d831b9c5e9f.manifest.
Componente 2: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17763.195_none_05b436ac07203599.manifest.

Error: (12/29/2018 06:56:23 PM) (Source: Killer Network Service) (EventID: 16) (User: )
Description: Event-ID 16


System errors:
=============
Error: (12/30/2018 11:26:45 PM) (Source: Disk) (EventID: 7) (User: )
Description: El dispositivo, \Device\Harddisk2\DR2, tiene un bloque defectuoso.

Error: (12/30/2018 11:26:44 PM) (Source: Disk) (EventID: 7) (User: )
Description: El dispositivo, \Device\Harddisk2\DR2, tiene un bloque defectuoso.

Error: (12/30/2018 11:26:43 PM) (Source: Disk) (EventID: 7) (User: )
Description: El dispositivo, \Device\Harddisk2\DR2, tiene un bloque defectuoso.

Error: (12/30/2018 11:26:42 PM) (Source: Disk) (EventID: 7) (User: )
Description: El dispositivo, \Device\Harddisk2\DR2, tiene un bloque defectuoso.

Error: (12/30/2018 11:26:41 PM) (Source: Disk) (EventID: 7) (User: )
Description: El dispositivo, \Device\Harddisk2\DR2, tiene un bloque defectuoso.

Error: (12/30/2018 11:26:40 PM) (Source: Disk) (EventID: 7) (User: )
Description: El dispositivo, \Device\Harddisk2\DR2, tiene un bloque defectuoso.

Error: (12/30/2018 11:26:39 PM) (Source: Disk) (EventID: 7) (User: )
Description: El dispositivo, \Device\Harddisk2\DR2, tiene un bloque defectuoso.

Error: (12/30/2018 11:26:38 PM) (Source: Disk) (EventID: 7) (User: )
Description: El dispositivo, \Device\Harddisk2\DR2, tiene un bloque defectuoso.


Windows Defender:
===================================
Date: 2018-12-29 18:15:34.304
Description: 
Antivirus de Windows Defender detectó malware u otro software potencialmente no deseado.
Para obtener más información consulte lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win64/AutoKMS&threatid=2147723334&enterprise=0
Nombre: HackTool:Win64/AutoKMS
Id.: 2147723334
Gravedad: Alta
Categoría: Herramienta
Ruta de acceso: file:_C:\Windows\SECOH-QAD.dll; file:_C:\Windows\SECOH-QAD.exe
Origen de detección: Equipo local
Tipo de detección: Concreto
Fuente de detección: Protección en tiempo real
Usuario: NT AUTHORITY\SYSTEM
Nombre de proceso: C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
Versión de firma: AV: 1.283.1777.0, AS: 1.283.1777.0, NIS: 1.283.1777.0
Versión de motor: AM: 1.1.15500.2, NIS: 1.1.15500.2

Date: 2018-12-29 18:15:34.074
Description: 
Antivirus de Windows Defender detectó malware u otro software potencialmente no deseado.
Para obtener más información consulte lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win64/AutoKMS&threatid=2147723334&enterprise=0
Nombre: HackTool:Win64/AutoKMS
Id.: 2147723334
Gravedad: Alta
Categoría: Herramienta
Ruta de acceso: file:_C:\Windows\SECOH-QAD.exe
Origen de detección: Equipo local
Tipo de detección: Concreto
Fuente de detección: Protección en tiempo real
Usuario: NT AUTHORITY\SYSTEM
Nombre de proceso: C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
Versión de firma: AV: 1.283.1777.0, AS: 1.283.1777.0, NIS: 1.283.1777.0
Versión de motor: AM: 1.1.15500.2, NIS: 1.1.15500.2

Date: 2018-12-28 23:59:19.760
Description: 
Antivirus de Windows Defender detectó malware u otro software potencialmente no deseado.
Para obtener más información consulte lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:MSIL/AutoKMS&threatid=2147711767&enterprise=0
Nombre: HackTool:MSIL/AutoKMS
Id.: 2147711767
Gravedad: Alta
Categoría: Herramienta
Ruta de acceso: file:_C:\Program Files\KMSpico\AutoPico.exe; file:_C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico\AutoPico.lnk; file:_C:\WINDOWS\System32\Tasks\AutoPico Daily Restart; regkey:_HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{ADC4A836-4EBD-4901-9FD2-24C189EAAADB}; regkey:_HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AutoPico Daily Restart; startup:_C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico\AutoPico.lnk; taskscheduler:_C:\WINDOWS\System32\Tasks\AutoPico Daily Restart
Origen de detección: Equipo local
Tipo de detección: Concreto
Fuente de detección: Protección en tiempo real
Usuario: NT AUTHORITY\SYSTEM
Nombre de proceso: C:\Windows\System32\svchost.exe
Versión de firma: AV: 1.283.1707.0, AS: 1.283.1707.0, NIS: 1.283.1707.0
Versión de motor: AM: 1.1.15500.2, NIS: 1.1.15500.2

Date: 2018-12-28 23:59:00.372
Description: 
Antivirus de Windows Defender detectó malware u otro software potencialmente no deseado.
Para obtener más información consulte lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:MSIL/AutoKMS&threatid=2147711767&enterprise=0
Nombre: HackTool:MSIL/AutoKMS
Id.: 2147711767
Gravedad: Alta
Categoría: Herramienta
Ruta de acceso: file:_C:\Program Files\KMSpico\AutoPico.exe
Origen de detección: Equipo local
Tipo de detección: Concreto
Fuente de detección: Protección en tiempo real
Usuario: NT AUTHORITY\SYSTEM
Nombre de proceso: C:\Windows\System32\svchost.exe
Versión de firma: AV: 1.283.1707.0, AS: 1.283.1707.0, NIS: 1.283.1707.0
Versión de motor: AM: 1.1.15500.2, NIS: 1.1.15500.2

Date: 2018-12-28 17:38:25.535
Description: 
Antivirus de Windows Defender detectó malware u otro software potencialmente no deseado.
Para obtener más información consulte lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:MSIL/AutoKMS&threatid=2147711767&enterprise=0
Nombre: HackTool:MSIL/AutoKMS
Id.: 2147711767
Gravedad: Alta
Categoría: Herramienta
Ruta de acceso: file:_C:\Program Files\KMSpico\KMSELDI.exe; file:_C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico\KMSpico.lnk; regkey:_HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{8B29D47F-92E2-4C20-9EE0-F710991F5D7C}_is1; startup:_C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico\KMSpico.lnk; uninstall:_HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{8B29D47F-92E2-4C20-9EE0-F710991F5D7C}_is1
Origen de detección: Equipo local
Tipo de detección: Concreto
Fuente de detección: Protección en tiempo real
Usuario: DESKTOP-315EU31\CARAGUIA-PC
Nombre de proceso: D:\Users\CARAGUIA\Desktop\Revo.Uninstaller.Pro.3.1.8.Portable.KaranPC\x64\RevoUnPro.exe
Versión de firma: AV: 1.283.1704.0, AS: 1.283.1704.0, NIS: 1.283.1704.0
Versión de motor: AM: 1.1.15500.2, NIS: 1.1.15500.2

CodeIntegrity:
===================================

Date: 2018-12-30 23:19:47.024
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume8\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume8\Program Files\Bonjour\mdnsNSP.dll that did not meet the Windows signing level requirements.

Date: 2018-12-30 23:19:47.022
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume8\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume8\Program Files\Bonjour\mdnsNSP.dll that did not meet the Windows signing level requirements.

Date: 2018-12-30 23:19:07.230
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume8\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume8\Program Files\Bonjour\mdnsNSP.dll that did not meet the Windows signing level requirements.

Date: 2018-12-30 23:19:07.228
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume8\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume8\Program Files\Bonjour\mdnsNSP.dll that did not meet the Windows signing level requirements.

Date: 2018-12-30 23:11:25.338
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume8\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume8\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2018-12-30 23:11:25.337
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume8\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume8\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2018-12-30 23:03:28.692
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume8\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume8\Program Files\Bonjour\mdnsNSP.dll that did not meet the Windows signing level requirements.

Date: 2018-12-30 23:03:28.691
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume8\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume8\Program Files\Bonjour\mdnsNSP.dll that did not meet the Windows signing level requirements.

==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i7-8700K CPU @ 3.70GHz
Percentage of memory in use: 17%
Total physical RAM: 32708.09 MB
Available physical RAM: 26937.48 MB
Total Virtual: 37572.09 MB
Available Virtual: 29488.13 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:232.88 GB) (Free:110.85 GB) NTFS
Drive d: (SISTEMA) (Fixed) (Total:324.28 GB) (Free:115.57 GB) NTFS
Drive f: (X_PLANE) (Fixed) (Total:232.88 GB) (Free:86.52 GB) NTFS
Drive g: (SIMULADORES) (Fixed) (Total:232.89 GB) (Free:127.9 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive h: (ALMACEN TERA3) (Fixed) (Total:2470.23 GB) (Free:1759.2 GB) NTFS
Drive k: (ALMACEN RAPID) (Fixed) (Total:2794.5 GB) (Free:1774.43 GB) NTFS
Drive l: (SAMSUNG) (Fixed) (Total:1863.01 GB) (Free:399.23 GB) NTFS
Drive p: (INTENSO) (Fixed) (Total:4657.52 GB) (Free:2086.95 GB) NTFS


==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 232.9 GB) (Disk ID: E0B8DD01)
Partition 1: (Active) - (Size=232.9 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 2794.5 GB) (Disk ID: EBB3EBB3)

Partition: GPT.

========================================================
Disk: 2 (MBR Code: Windows 7/8/10) (Size: 1863 GB) (Disk ID: 8FA1BAFF)
Partition 1: (Active) - (Size=1863 GB) - (Type=07 NTFS)

========================================================
Disk: 3 (MBR Code: Windows 7/8/10) (Size: 232.9 GB) (Disk ID: B43F1C0A)
Partition 1: (Not Active) - (Size=232.9 GB) - (Type=07 NTFS)

========================================================
Disk: 4 (Protective MBR) (Size: 2794.5 GB) (Disk ID: 00000000)

Partition: GPT.

========================================================
Disk: 5 (MBR Code: Windows 7/8/10) (Size: 232.9 GB) (Disk ID: DD07DC78)
Partition 1: (Not Active) - (Size=232.9 GB) - (Type=07 NTFS)
Attempted reading MBR returned 0 bytes.
 Could not read MBR for disk 6.

========================================================
Disk: 7 (MBR Code: Windows 7/8/10) (Size: 1863 GB) (Disk ID: 0262BFA8)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================


FELIZ AÑO y gracias.

Hola

El programa “iTools” lo has instalado tu? Veo entradas en el reporte de FRST y, si no quieres tenerlo en tu equipo, lo incluyo para eliminarlo.

Un saludo

si, si . lo instalé, pero creo que venia de un sitio no muy recomendado por lo que veo.

Hola

Hay que tener mucho cuidado con las descargas que no sean de sus páginas oficiales.

Lo quieres mantener instalado? Ahora ya no te daba problemas

Un saludo

Instale una version . La 3.3 y esta si es estable y no da problemas. Si se puede la dejo por que va bien. La version 4 es la que daba problemas. Un saludo.

Hola

La versión 4 ya no está en tu equipo, la que está es la 3 y como no te da problemas, no la tocaremos.

MUY Importante Realiza una copia de seguridad del registro :

• Para hacerlo descarga DelFix.exe( en tu escritorio).

• Doble clic para ejecutarlo.(Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona -Ejecutar como Administrador-).

• Atención, ahora marca/selecciona únicamente la casilla "Create registry backup", las demás NO.

• Pulsar en Run.

Se abrirá el informe (DelFix.txt), guárdalo por si fuera necesario y cierra la herramienta.

Con los demás programas cerrados ve a Inicio Ejecutar y escribe Notepad.exe.

• Ahora debes copiar y pegar los códigos/líneas que están en el interior del recuadro de más abajo, dentro del Notepad.

START
CREATERESTOREPOINT:
CLOSEPROCESSES:
Toolbar: HKLM - No Name - {b60873b9-51aa-4566-b2fc-c16de2ec8bff} -  No File
Toolbar: HKLM-x32 - No Name - {b60873b9-51aa-4566-b2fc-c16de2ec8bff} -  No File
HKLM\SYSTEM\CurrentControlSet\Services\aswSP <==== ATTENTION (Rootkit!)
HKLM\SYSTEM\CurrentControlSet\Services\aswMonFlt <==== ATTENTION (Rootkit!)
HKLM\SYSTEM\CurrentControlSet\Services\aswSnx <==== ATTENTION (Rootkit!)
S3 panda_url_filteringd; \??\C:\Program Files\Panda Security URL Filtering\panda_url_filteringd.sys [X]
2018-12-05 01:06 - 2018-12-22 23:06 - 000000000 __SHD C:\Users\CARAGUIA-PC\AppData\Roaming\znjqvhcbhcns
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} =>  -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} =>  -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> No File
ContextMenuHandlers1: [UAContextMenu] -> {A9B8E64D-3F7E-4D32-8FC9-E391DEE67D75} =>  -> No File
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} =>  -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} =>  -> No File
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> No File
ContextMenuHandlers6: [UAContextMenu] -> {A9B8E64D-3F7E-4D32-8FC9-E391DEE67D75} =>  -> No File
Task: {B9C563F1-9540-4899-994A-2D4426AB06DF} - no filepath
ShortcutWithArgument: C:\Users\CARAGUIA-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\Pocket.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory=Default --app-id=mjcnijlhddpbdemagnpefmlkjdagkogk

HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
END

Guárdalo bajo el nombre de FIXLIST.TXT en el escritorio Esto es muy importante.

Nota Es importante que la herramienta FRST.exe (Farbar Recovery Scanner Tool) y FIXLIST.TXT se encuentren en la misma ubicación (escritorio) o si no, no trabajara.

• Ejecuta FRST.exe.(Si usas Windows Vista/7/8 o 10, presiona clic derecho y seleccionas -Ejecutar como Administrador-).
• Presionar el botón FIX y aguardar a que termine.
• La Herramienta guardara el reporte de reparación en el escritorio (FIXLOG.TXT).

Pega el contenido de este fichero en tu próxima respuesta.

Reiniciar el equipo y comprobar su funcionamiento en relación al problema planteado y comentarlo.

Un saludo

Este es el log que me pediste: UN saludo y muchas gracias.

Yo creo que ya estará solucionado no?

Fix result of Farbar Recovery Scan Tool (x64) Version: 01.01.2019
Ran by CARAGUIA-PC (04-01-2019 16:56:28) Run:1
Running from D:\Users\CARAGUIA\Desktop
Loaded Profiles: CARAGUIA-PC (Available Profiles: CARAGUIA-PC & OVRLibraryService)
Boot Mode: Normal
==============================================

fixlist content:
*****************
START
CREATERESTOREPOINT:
CLOSEPROCESSES:
Toolbar: HKLM - No Name - {b60873b9-51aa-4566-b2fc-c16de2ec8bff} -  No File
Toolbar: HKLM-x32 - No Name - {b60873b9-51aa-4566-b2fc-c16de2ec8bff} -  No File
HKLM\SYSTEM\CurrentControlSet\Services\aswSP <==== ATTENTION (Rootkit!)
HKLM\SYSTEM\CurrentControlSet\Services\aswMonFlt <==== ATTENTION (Rootkit!)
HKLM\SYSTEM\CurrentControlSet\Services\aswSnx <==== ATTENTION (Rootkit!)
S3 panda_url_filteringd; \??\C:\Program Files\Panda Security URL Filtering\panda_url_filteringd.sys [X]
2018-12-05 01:06 - 2018-12-22 23:06 - 000000000 __SHD C:\Users\CARAGUIA-PC\AppData\Roaming\znjqvhcbhcns
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} =>  -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} =>  -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> No File
ContextMenuHandlers1: [UAContextMenu] -> {A9B8E64D-3F7E-4D32-8FC9-E391DEE67D75} =>  -> No File
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} =>  -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} =>  -> No File
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> No File
ContextMenuHandlers6: [UAContextMenu] -> {A9B8E64D-3F7E-4D32-8FC9-E391DEE67D75} =>  -> No File
Task: {B9C563F1-9540-4899-994A-2D4426AB06DF} - no filepath
ShortcutWithArgument: C:\Users\CARAGUIA-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\Pocket.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory=Default --app-id=mjcnijlhddpbdemagnpefmlkjdagkogk

HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
END
*****************

Restore point was successfully created.
Processes closed successfully.
"HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{b60873b9-51aa-4566-b2fc-c16de2ec8bff}" => removed successfully
HKLM\Software\Classes\CLSID\{b60873b9-51aa-4566-b2fc-c16de2ec8bff} => not found
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{b60873b9-51aa-4566-b2fc-c16de2ec8bff}" => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{b60873b9-51aa-4566-b2fc-c16de2ec8bff} => not found
HKLM\SYSTEM\CurrentControlSet\Services\aswSP <==== ATTENTION (Rootkit!) => Error: No automatic fix found for this entry.
HKLM\SYSTEM\CurrentControlSet\Services\aswMonFlt <==== ATTENTION (Rootkit!) => Error: No automatic fix found for this entry.
HKLM\SYSTEM\CurrentControlSet\Services\aswSnx <==== ATTENTION (Rootkit!) => Error: No automatic fix found for this entry.
HKLM\System\CurrentControlSet\Services\panda_url_filteringd => removed successfully
panda_url_filteringd => service removed successfully
C:\Users\CARAGUIA-PC\AppData\Roaming\znjqvhcbhcns => moved successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00asw => removed successfully
HKLM\Software\Classes\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => not found
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\7-Zip => removed successfully
HKLM\Software\Classes\CLSID\{23170F69-40C1-278A-1000-000100020000} => not found
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\ANotepad++64 => removed successfully
HKLM\Software\Classes\CLSID\{B298D29A-A6ED-11DE-BA8C-A68E55D89593} => not found
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\BriefcaseMenu => removed successfully
"HKLM\Software\Classes\CLSID\{85BBD920-42A0-1069-A2E4-08002B30309D}" => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\UAContextMenu => removed successfully
HKLM\Software\Classes\CLSID\{A9B8E64D-3F7E-4D32-8FC9-E391DEE67D75} => not found
HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\{4A7C4306-57E0-4C0C-83A9-78C1528F618C} => removed successfully
HKLM\Software\Classes\CLSID\{4A7C4306-57E0-4C0C-83A9-78C1528F618C} => not found
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\7-Zip => removed successfully
HKLM\Software\Classes\CLSID\{23170F69-40C1-278A-1000-000100020000} => not found
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\BriefcaseMenu => removed successfully
HKLM\Software\Classes\CLSID\{85BBD920-42A0-1069-A2E4-08002B30309D} => not found
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\UAContextMenu => removed successfully
HKLM\Software\Classes\CLSID\{A9B8E64D-3F7E-4D32-8FC9-E391DEE67D75} => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B9C563F1-9540-4899-994A-2D4426AB06DF}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B9C563F1-9540-4899-994A-2D4426AB06DF}" => removed successfully
C:\Users\CARAGUIA-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\Pocket.lnk => Shortcut argument removed successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

========= RemoveProxy: =========

"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully
"HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully
"HKU\S-1-5-21-759811077-1501555437-92379397-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\S-1-5-21-759811077-1501555437-92379397-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully


========= End of RemoveProxy: =========


========= netsh winsock reset =========


El cat logo Winsock se restableci¢ correctamente.
Debe reiniciar el equipo para completar el restablecimiento.


========= End of CMD: =========


========= ipconfig /renew =========


Configuraci¢n IP de Windows

No se puede realizar ninguna operaci¢n en Ethernet mientras los medios
est‚n desconectados.
No se puede realizar ninguna operaci¢n en Conexi¢n de red Bluetooth 2 mientras los medios
est‚n desconectados.

Adaptador de Ethernet Ethernet:

   Estado de los medios. . . . . . . . . . . : medios desconectados
   Sufijo DNS espec¡fico para la conexi¢n. . : 

Adaptador de Ethernet Ethernet 2:

   Sufijo DNS espec¡fico para la conexi¢n. . : Home
   V¡nculo: direcci¢n IPv6 local. . . : fe80::bdb8:15d4:77e2:4744%3
   Direcci¢n IPv4. . . . . . . . . . . . . . : 192.168.1.130
   M scara de subred . . . . . . . . . . . . : 255.255.255.0
   Puerta de enlace predeterminada . . . . . : 192.168.1.1

Adaptador de Ethernet Conexi¢n de red Bluetooth 2:

   Estado de los medios. . . . . . . . . . . : medios desconectados
   Sufijo DNS espec¡fico para la conexi¢n. . : 

========= End of CMD: =========


========= ipconfig /flushdns =========


Configuraci¢n IP de Windows

Se vaci¢ correctamente la cach‚ de resoluci¢n de DNS.

========= End of CMD: =========


========= bitsadmin /reset /allusers =========


BITSADMIN version 3.0
BITS administration utility.
(C) Copyright Microsoft Corp.

Unable to cancel {F918BC58-3571-497E-8465-DCE2CCEE81CF}.
Unable to cancel {EADB2809-CAA0-4F68-8059-22BEB05D7D23}.
Unable to cancel {28D47C09-EC04-440C-A1D5-99583FCF5777}.
Unable to cancel {757176D3-29FD-4A16-AE85-00996ED32BA1}.
Unable to cancel {0E5D7A90-0352-4D16-B852-736544C9338F}.
Unable to cancel {9C890799-9A2C-440D-8A26-AEDCBD8ED272}.
Unable to cancel {B4889E36-D90B-449B-8FCD-52A99D5A63CC}.
Unable to cancel {3E82F47B-F99E-4790-BDEC-125E0A01356E}.
Unable to cancel {12716ECB-6AF0-478B-9C94-20A61C1E441C}.
0 out of 9 jobs canceled.

========= End of CMD: =========


========= netsh advfirewall reset =========

Aceptar


========= End of CMD: =========


========= netsh advfirewall set allprofiles state ON =========

Aceptar


========= End of CMD: =========


========= netsh int ipv4 reset =========

Reenv¡o de compartimiento se restableci¢ correctamente.
Compartimiento se restableci¢ correctamente.
Protocolo de control se restableci¢ correctamente.
Solicitud de secuencia eco se restableci¢ correctamente.
Global se restableci¢ correctamente.
Interfaz se restableci¢ correctamente.
Direcci¢n de difusi¢n por proximidad (a se restableci¢ correctamente.
Direcciones de multidifusi¢n se restableci¢ correctamente.
Direcci¢n de unidifusi¢n se restableci¢ correctamente.
Vecino se restableci¢ correctamente.
Ruta de acceso se restableci¢ correctamente.
Posible se restableci¢ correctamente.
Directiva de prefijo se restableci¢ correctamente.
Vecino de proxy se restableci¢ correctamente.
Ruta se restableci¢ correctamente.
Prefijo de sitio se restableci¢ correctamente.
Subinterfaz se restableci¢ correctamente.
Patr¢n de reactivaci¢n se restableci¢ correctamente.
Resolver vecino se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
Error al restablecer .
Acceso denegado.

 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.


========= End of CMD: =========


========= netsh int ipv6 reset =========

Reenv¡o de compartimiento se restableci¢ correctamente.
Compartimiento se restableci¢ correctamente.
Protocolo de control se restableci¢ correctamente.
Solicitud de secuencia eco se restableci¢ correctamente.
Global se restableci¢ correctamente.
Interfaz se restableci¢ correctamente.
Direcci¢n de difusi¢n por proximidad (a se restableci¢ correctamente.
Direcciones de multidifusi¢n se restableci¢ correctamente.
Direcci¢n de unidifusi¢n se restableci¢ correctamente.
Vecino se restableci¢ correctamente.
Ruta de acceso se restableci¢ correctamente.
Posible se restableci¢ correctamente.
Directiva de prefijo se restableci¢ correctamente.
Vecino de proxy se restableci¢ correctamente.
Ruta se restableci¢ correctamente.
Prefijo de sitio se restableci¢ correctamente.
Subinterfaz se restableci¢ correctamente.
Patr¢n de reactivaci¢n se restableci¢ correctamente.
Resolver vecino se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
Error al restablecer .
Acceso denegado.

 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.


========= End of CMD: =========


=========== EmptyTemp: ==========

BITS transfer queue => 10772480 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 169909107 B
Java, Flash, Steam htmlcache => 62290216 B
Windows/system/drivers => 114766 B
Edge => 56458069 B
Chrome => 404864702 B
Firefox => 16443630 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 4498 B
LocalService => 0 B
NetworkService => 10042 B
NetworkService => 0 B
CARAGUIA-PC => 23370995 B
OVRLibraryService => 0 B

RecycleBin => 0 B
EmptyTemp: => 709.8 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 16:58:06 ====

Hola

Si se resolvieron los problemas que planteaste al iniciar el tema, entonces ya estaría solucionado

Sigue estos pasos, para eliminar las herramientas utilizadas:

Para hacerlo utiliza de nuevo/descarga >> DelFix.exe en tu escritorio.

• Doble clic para ejecutarlo. (Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona - Ejecutar como Administrador -).

• Marca todas las casillas, y pulsas en Run

Se abrirá el informe (DelFix.txt), puedes cerrarlo.

Nos comentas si está ya todo bien.

Un saludo