Buenas, vengo teniendo este problema desde octubre del año pasado, al arrancar mi pc el uso del disco estaba exageradamente alto, al 100%, cosa que también se veía por el led que indica que el disco está en uso, resulta que con el tiempo también dejó de funcionar windows update y no se aplicaban las actualizaciones (siempre volvía a una versión anterior luego de actualizar), entre cosa y cosa resulta que tenía archivos dañados, buscando y buscando al parecer está infectada con el virus secoh-qad.dll, que es el responsable de estropear los archivos de windows y de poner tan al palo el disco de la pc, al parecer es eso lo que está provocando todo según lo que leí, también resulta que ese virus viene con el secoh-qad.exe, pero yo no tengo nada con ese nombre, solo el .dll ¿sera que saben como poder volver mi pc a la normalidad?
Realiza los siguientes pasos, , sin cambiar el orden
1) Descarga, instala y ejecuta Malwarebytes’ Anti-Malware.
-
Presiona clic en “Use Malewarebytes Free” (Usar Malewarebyte gratis).
-
Pulsa en el botón “Open Malewarebytes Free”.
- Presiona el botón “Scan” (Escaneo).
Una vez finalizado el escaneo aparecerá la siguiente pantalla:
-
Pulsa en “View report” (Ver informe).
-
Luego presionar el botón “Export” (Exportar). Elijes “Text file” (fichero de texto). Elijes un nombre y guardas ese archivo en el escritorio…
2) Descarga Adwcleaner en el escritorio.
-
Desactiva tu antivirus
Como deshabilitar temporalmente un antivirus y cualquier programa de seguridad. -
Ejecuta Adwcleaner.exe (Si usas Windows Vista/7 u 8 presiona clic derecho y selecciona "Ejecutar como Administrador.")
-
Pulsar en el botón Analizar Ahora, y espera a que se realice el proceso, inmediatamente pulsa sobre el botón Iniciar Reparacion.
-
Espera a que se complete y sigue las instrucciones, si te pidiera Reiniciar el sistema Aceptas.
-
Si no encuentra nada, pulsamos “Omitir Reparación”
-
El log lo encontramos en la pestaña “Informes”, volviendo a abrir el programa, si es necesario o en"C:\AdwCleaner\Logs\AdwCleaner[C0].txt"
Puedes mirar su manual >> Manual de Adwcleaner
3) Descarga Ccleaner
Instalalo y ejecútalo. En la pestaña limpiador dejas como esta configurada predeterminadamente, haces clic en analizar esperas que termine > clic en ejecutar limpiador. Clic en la pestaña Registro > clic en buscar problemas esperas que termine > clic en Reparar Seleccionadas y haces una copia de seguridad.
Pega los reportes de Malwarebytes, AdwCleaner y comentas como va el problema.
En eso estoy, apenas tengo todo lo envio
luego de hacer la reparacion con el adwcleaner, me pidio reiniciar, al reiniciarse todo normal, solo que despues de poner la contraseña dijo “preparando windows”, ahora en el escritorio no hay nada, es como si la hubiera formateado, pero en el disco sigue figurando que tengo el espacio utilizado por las aplicaciones que tenía
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 03-01-2020
# Duration: 00:00:03
# OS: Windows 10 Home
# Cleaned: 17
# Failed: 0
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
Deleted C:\Program Files (x86)\Common Files\IObit\Advanced SystemCare
Deleted C:\Program Files (x86)\IObit\Advanced SystemCare
Deleted C:\ProgramData\IObit\Advanced SystemCare
Deleted C:\Users\usuario\AppData\LocalLow\IObit\Advanced SystemCare
Deleted C:\Users\usuario\AppData\LocalLow\pandasecuritytb
Deleted C:\Users\usuario\AppData\Roaming\IObit\Advanced SystemCare
***** [ Files ] *****
Deleted C:\Users\usuario\Downloads\SpyHunter-Installer.exe
Deleted C:\Users\usuario\Downloads\WIPERSOFT-INSTALLER.EXE
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
Deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Blackjack +.lnk
***** [ Tasks ] *****
Deleted C:\Windows\System32\Tasks\DRIVER BOOSTER SCHEDULER
***** [ Registry ] *****
Deleted HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E7482158-6086-4410-8D74-CA2A9D06B810}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Driver Booster Scheduler
Deleted HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon|Userinit
Deleted HKLM\Software\Wow6432Node\IOBIT\ASC
Deleted HKLM\Software\Wow6432Node\IObit\Advanced SystemCare
Deleted HKLM\Software\Wow6432Node\IObit\RealTimeProtector
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
***** [ Hosts File Entries ] *****
No malicious hosts file entries cleaned.
***** [ Preinstalled Software ] *****
No Preinstalled Software cleaned.
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [7876 octets] - [01/03/2020 15:57:49]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
ese es el registro del ADWCLEANER
Malwarebytes
www.malwarebytes.com
-Detalles del registro-
Fecha del análisis: 1/3/20
Hora del análisis: 15:46
Archivo de registro: e89556f6-5bec-11ea-9a59-10e7c6fab24d.json
-Información del software-
Versión: 4.1.0.56
Versión de los componentes: 1.0.835
Versión del paquete de actualización: 1.0.20076
Licencia: Prueba
-Información del sistema-
SO: Windows 10 (Build 17134.1304)
CPU: x64
Sistema de archivos: NTFS
Usuario: LAPTOP-VENGBCQ4\usuario
-Resumen del análisis-
Tipo de análisis: Análisis de amenazas
Análisis iniciado por:: Manual
Resultado: Completado
Objetos analizados: 315824
Amenazas detectadas: 0
Amenazas en cuarentena: 0
Tiempo transcurrido: 4 min, 26 seg
-Opciones de análisis-
Memoria: Activado
Inicio: Activado
Sistema de archivos: Activado
Archivo: Activado
Rootkits: Desactivado
Heurística: Activado
PUP: Detectar
PUM: Detectar
-Detalles del análisis-
Proceso: 0
(No hay elementos maliciosos detectados)
Módulo: 0
(No hay elementos maliciosos detectados)
Clave del registro: 0
(No hay elementos maliciosos detectados)
Valor del registro: 0
(No hay elementos maliciosos detectados)
Datos del registro: 0
(No hay elementos maliciosos detectados)
Secuencia de datos: 0
(No hay elementos maliciosos detectados)
Carpeta: 0
(No hay elementos maliciosos detectados)
Archivo: 0
(No hay elementos maliciosos detectados)
Sector físico: 0
(No hay elementos maliciosos detectados)
WMI: 0
(No hay elementos maliciosos detectados)
(end)
este el del Malwarebytes
Reinicia de nuevo y dime si ahora carga todo bien
Si, la reinicie y ya esta todo en su lugar otra vez, el registro del adw lo saqué de la carpeta como me indicaste pero mientras la pc no me mostraba mi escritorio, está bien o lo hago de nuevo?
Vamos a ver si hay algo mas…
-
Desactiva Temporalmente tu antivirus y cualquier programa de seguridad.
-
Descarga a Tu Escritorio >> Esto es muy importante<<.,Fabar Recovery Scan Tool, considerando la versión adecuada para tu equipo. (32 o 64 bits)
¿Cómo saber si mi Windows es de 32 o 64 bits? -
Doble clic para ejecutar Frst.exe. En la ventana del Disclaimer, presiona Si.
-
En la nueva ventana que se abre, presiona el botón Analizar y espera a que concluya el análisis.
-
Se abrirán dos (2) archivos (Logs), Frst.txt y Addition.txt, que estarán grabados en Tu escritorio.
En Tu próxima respuesta, copias y pegas los dos reportes Frst.txt y Addition.txt de FRST
Nota: Si el/los reportes solicitados no entraran en una sola respuesta porque superan la cantidad de caracteres permitidos, puedes utilizar dos o mas respuestas para pegarlos completamente.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 26-02-2020
Ran by usuario (administrator) on LAPTOP-VENGBCQ4 (HP HP Pavilion Laptop 15-cs0xxx) (01-03-2020 17:15:46)
Running from C:\Users\usuario\Desktop
Loaded Profiles: usuario (Available Profiles: usuario)
Platform: Windows 10 Home Version 1803 17134.1304 (X64) Language: Inglés (Estados Unidos)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.) C:\windows\System32\ETDCtrl.exe
(ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.) C:\windows\System32\ETDService.exe
(EnigmaSoft Limited -> EnigmaSoft Limited) C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe
(EnigmaSoft Limited -> EnigmaSoft Limited) C:\Program Files\EnigmaSoft\SpyHunter\ShMonitor.exe
(EnigmaSoft Limited -> EnigmaSoft Limited) C:\Program Files\EnigmaSoft\SpyHunter\SpyHunter5.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.442\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.442\GoogleCrashHandler64.exe
(Hewlett-Packard Company -> Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartBridge.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe
(HP Inc. -> HP Inc.) C:\Program Files\HPCommRecovery\HPCommRecovery.exe
(Intel Corporation -> Intel Corporation) C:\windows\System32\DriverStore\FileRepository\ki130350.inf_amd64_696b7c6764071b63\igfxCUIService.exe
(Intel Corporation -> Intel Corporation) C:\windows\System32\DriverStore\FileRepository\ki130350.inf_amd64_696b7c6764071b63\igfxEM.exe
(Intel Corporation -> Intel Corporation) C:\windows\System32\Intel\DPTF\esif_uf.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\windows\System32\DriverStore\FileRepository\iaahcic.inf_amd64_120314e52c04567c\RstMwService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\usuario\AppData\Local\Microsoft\OneDrive\19.232.1124.0008\FileCoAuth.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\usuario\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation -> Microsoft Corporation) C:\windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Microsoft Windows -> Microsoft Corporation) C:\windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\windows\System32\wlanext.exe
(Microsoft Windows -> Microsoft Corporation) C:\windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUI.exe
(Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.) C:\windows\RtkBtAudioServ.exe
(Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.) C:\windows\RtkBtManServ.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2001.10-0\MsMpEng.exe
(NATIVE INSTRUMENTS GmbH -> Native Instruments GmbH) C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Panda Security S.L. -> Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe
(Panda Security S.L. -> Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe
(Panda Security S.L. -> Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe
(Panda Security S.L. -> Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor Corp. -> Realtek) C:\Program Files (x86)\Realtek\PCIE Wireless LAN\RtlS5Wake\RtlS5Wake.exe
(Realtek Semiconductor Corp.) [File not signed] C:\Program Files (x86)\Realtek\REALTEK Bluetooth\BTDevMgr.exe
(Visicom Media Inc. -> Visicom Media Inc.) C:\Program Files\Panda Security URL Filtering\Panda_URL_Filteringb.exe
(WildTangent Inc -> ) C:\Program Files (x86)\WildTangent Games\Integration\WildTangentHelperService.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-11] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [321096 2017-11-28] (Intel(R) Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [RtlS5Wake] => C:\Program Files (x86)\Realtek\PCIE Wireless LAN\RtlS5Wake\RtlS5Wake.exe [2107232 2017-12-19] (Realtek Semiconductor Corp. -> Realtek)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2872400 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-11] (Microsoft Windows -> Microsoft Corporation)
HKLM-x32\...\Run: [RtlS5Wake] => C:\Program Files (x86)\Realtek\PCIE Wireless LAN\RtlS5Wake\RtlS5Wake.exe [2107232 2017-12-19] (Realtek Semiconductor Corp. -> Realtek)
HKLM-x32\...\Run: [PSUAMain] => C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe [153296 2018-05-30] (Panda Security S.L. -> Panda Security, S.L.)
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe [707624 2018-08-08] (HP Inc. -> HP Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [645648 2019-10-05] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-4167822763-1012268071-2674635290-1001\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [36098448 2020-02-03] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-4167822763-1012268071-2674635290-1001\...\Run: [Voobly] => C:\Program Files (x86)\Voobly\voobly.exe [172032 2019-05-14] (Voobly) [File not signed]
HKU\S-1-5-21-4167822763-1012268071-2674635290-1001\...\Policies\Explorer: [NolowDiskSpaceChecks] 1
HKU\S-1-5-21-4167822763-1012268071-2674635290-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\windows\System32\logon.scr
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\80.0.3987.122\Installer\chrmstp.exe [2020-02-24] (Google LLC -> Google LLC)
Startup: C:\Users\usuario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk [2019-04-02]
ShortcutTarget: MEGAsync.lnk -> C:\Users\usuario\AppData\Local\MEGAsync\MEGAsync.exe (Mega Limited -> Mega Limited)
GroupPolicyScripts: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {11762397-C566-41BA-97C1-3FC288505512} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [655736 2019-07-31] (HP Inc. -> HP Inc.)
Task: {12CDDED2-5BB4-4302-AC5F-811F986C0E20} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [316632 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {19DB18C4-7ACA-4E0B-BB65-21EBE5C56DAC} - System32\Tasks\Hewlett-Packard\HP CoolSense\HP CoolSense Start at Logon => C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [1354552 2014-05-19] (Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.)
Task: {1C4C5ACA-3D2F-4633-AAD0-14A7C3D748C5} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2872400 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {1C567085-5E12-4ABC-B253-7557C2EF08C8} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1134104 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {235E49A4-BB55-4FE1-8301-475D36423DF0} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1506680 2019-06-14] (HP Inc. -> HP Inc.)
Task: {2DDD903F-02EA-4767-8412-0C49A536C2D9} - System32\Tasks\HPJumpStartLaunch => C:\Program Files (x86)\HP\HP JumpStart Launch\HPJumpStartLaunch.exe [461824 2017-10-06] (HP Inc. -> HP Inc.)
Task: {342D9811-4736-4B43-8DB8-660B2F9FB067} - System32\Tasks\HPAudioSwitch => C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe [1644472 2019-06-21] (HP Inc. -> HP Inc.)
Task: {361B55B1-11F4-4CC4-AB79-1FBFA227DC6F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [308088 2020-02-12] (HP Inc. -> HP Inc.)
Task: {37207B4A-C58E-46EA-A72D-158F3F52FF58} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-03-25] (Google Inc -> Google Inc.)
Task: {448881C0-8430-4319-8893-D59CF2C8CB9A} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {45FFA054-FFCF-46F5-9501-7520F41C5789} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [914456 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {49E9BE99-B7AD-47C2-9D00-897E26C55E83} - System32\Tasks\RtHDVBg_Session => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1506384 2019-04-01] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {4F549F43-8FE1-452B-9E2A-7914F32262C7} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [198696 2017-09-27] (HP Inc. -> HP Inc.)
Task: {55221999-B9C3-4CCA-84FC-8B1933DA63F1} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2001.10-0\MpCmdRun.exe [473544 2020-03-01] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {57179B40-96F1-40DE-8876-34D9C0F96DCB} - no filepath
Task: {6677B146-DEA9-4AC4-BA33-80CED3AD2949} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner64.exe [23153344 2019-07-11] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {6C47DB80-20FB-4B41-887E-26062C94434D} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1134104 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {6EE7626C-0E7D-4B0A-AFC4-0490EBDA33BF} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [655736 2019-07-31] (HP Inc. -> HP Inc.)
Task: {80BA2026-6538-4B6A-AD10-76F52F7B956B} - no filepath
Task: {8196FFE6-D315-4623-BF9E-3A621A6F14A3} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1134104 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {8C9CD5B0-F500-4DD2-AEE9-98284E432D87} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1134104 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {8D823E54-BFE3-4985-9645-A1E206AE5373} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {8E50A877-1F4D-47CD-AB88-F8180BA894CC} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2001.10-0\MpCmdRun.exe [473544 2020-03-01] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {97FC6FAE-BD15-44FE-8769-F217B1C4C663} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-12-05] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {9C4C2A77-57B0-4A31-898D-EEFA3422DF7F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1114488 2020-01-07] (HP Inc. -> HP Inc.)
Task: {A8007119-E30C-4219-84E7-5A0658E435E1} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3302880 2019-12-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {A91E4ADE-549E-468C-B486-BDC44B457081} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1506680 2019-06-14] (HP Inc. -> HP Inc.)
Task: {AA72E826-8BBC-4C03-80F9-8EFE39CFA53A} - System32\Tasks\HPCeeScheduleForusuario => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [97656 2018-09-11] (HP Inc. -> HP Inc.)
Task: {AD381352-05A5-488A-A152-D3905A903F47} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2001.10-0\MpCmdRun.exe [473544 2020-03-01] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {B305B646-851F-43BD-9089-EA92A0D7BA5D} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-12-05] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {B8361A92-B54A-4944-B288-796FEF93884B} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [914456 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {C61DDDA0-A153-460B-90B9-7BF9DF6AC611} - no filepath
Task: {C6BC60AD-92D2-493F-A83E-DC7C0E585139} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [147832 2020-02-24] (HP Inc. -> HP Inc.)
Task: {C8485845-1C85-4102-AD0E-C7B4F7204951} - System32\Tasks\Driver Booster SkipUAC (usuario) => C:\Program Files (x86)\Driver Booster\DriverBooster.exe [7647504 2019-09-17] (IObit Information Technology -> IObit) [File not signed]
Task: {C8953CE0-4600-43DA-83C4-17B1092FF93A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-03-25] (Google Inc -> Google Inc.)
Task: {D32CB4C7-8BB2-4EDA-B8F2-745DF537556D} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9269352 2019-04-01] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {D8C1966C-6E17-4AB6-A9C7-63710D45E6A3} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [653848 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {EACA2548-38F8-4BC1-A5F3-E79815E415A3} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1114488 2020-01-07] (HP Inc. -> HP Inc.)
Task: {F1EA057B-8442-40A0-BD16-11D8E34C5CF2} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2001.10-0\MpCmdRun.exe [473544 2020-03-01] (Microsoft Windows Publisher -> Microsoft Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\windows\Tasks\CreateExplorerShellUnelevatedTask.job => C:\windows\explorer.exe
Task: C:\windows\Tasks\HPCeeScheduleForusuario.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{cd0af423-2d7c-4b1e-be32-799c4743e905}: [DhcpNameServer] 192.168.0.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hp17win10.msn.com/?pc=HCTE
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp17win10.msn.com/?pc=HCTE
HKU\S-1-5-21-4167822763-1012268071-2674635290-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hp17win10.msn.com/?pc=HCTE
HKU\S-1-5-21-4167822763-1012268071-2674635290-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp17win10.msn.com/?pc=HCTE
SearchScopes: HKLM -> {64F37E6C-A707-4549-B509-5D0A5B8CA144} URL = hxxp://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us2-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM-x32 -> {64F37E6C-A707-4549-B509-5D0A5B8CA144} URL = hxxp://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us2-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKU\S-1-5-21-4167822763-1012268071-2674635290-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE15
SearchScopes: HKU\S-1-5-21-4167822763-1012268071-2674635290-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE15
SearchScopes: HKU\S-1-5-21-4167822763-1012268071-2674635290-1001 -> {64F37E6C-A707-4549-B509-5D0A5B8CA144} URL = hxxp://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us2-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office16\OCHelper.dll [2017-08-23] (Microsoft Corporation -> Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2017-10-27] (HP Inc. -> HP Inc.)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_231\bin\ssv.dll [2019-10-24] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2017-07-11] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_231\bin\jp2ssv.dll [2019-10-24] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2017-10-27] (HP Inc. -> HP Inc.)
Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2017-08-15] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2017-08-15] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2017-08-15] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2017-08-15] (Microsoft Corporation -> Microsoft Corporation)
Edge:
======
DownloadDir: C:\Users\usuario\Downloads
FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2017-09-20] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: @java.com/DTPlugin,version=11.231.2 -> C:\Program Files (x86)\Java\jre1.8.0_231\bin\dtplugin\npDeployJava1.dll [2019-10-24] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.231.2 -> C:\Program Files (x86)\Java\jre1.8.0_231\bin\plugin2\npjp2.dll [2019-10-24] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2017-08-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\Microsoft Office\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2017-09-20] (Adobe Systems Incorporated -> Adobe Systems)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default [2020-03-01]
CHR Notifications: Default -> hxxps://forospyware.com; hxxps://tinder.com; hxxps://web.whatsapp.com
CHR Extension: (Presentaciones) - C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-03-25]
CHR Extension: (Just Black) - C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\aghfnjkcakhmadgdomlmlhhaocbkloab [2019-06-11]
CHR Extension: (Documentos) - C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-03-25]
CHR Extension: (Google Drive) - C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-03-25]
CHR Extension: (YouTube) - C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-03-25]
CHR Extension: (Adblock para Youtube™) - C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmedhionkhpnakcndndgjdbohmhepckk [2020-02-16]
CHR Extension: (Hojas de cálculo) - C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-03-25]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-01-14]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-03]
CHR Extension: (Gmail) - C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-15]
CHR Extension: (Chrome Media Router) - C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-02-06]
CHR Profile: C:\Users\usuario\AppData\Local\Google\Chrome\User Data\System Profile [2020-01-29]
CHR HKLM\...\Chrome\Extension: [fagakgcelolinfnkfgekcnedpaklfcok]
CHR HKLM-x32\...\Chrome\Extension: [fagakgcelolinfnkfgekcnedpaklfcok]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3147344 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2914896 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8403672 2019-08-05] (BattlEye Innovations e.K. -> )
R2 BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [305664 2017-11-02] (Realtek Semiconductor Corp.) [File not signed]
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [803440 2020-02-03] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
R2 EsgShKernel; C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe [11958496 2020-03-01] (EnigmaSoft Limited -> EnigmaSoft Limited)
R2 esifsvc; C:\windows\System32\Intel\DPTF\esif_uf.exe [1865224 2019-03-02] (Intel Corporation -> Intel Corporation)
R2 ETDService; C:\windows\System32\ETDService.exe [237464 2019-03-02] (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.)
R2 HP Comm Recover; C:\Program Files\HPCommRecovery\HPCommRecovery.exe [1321096 2018-09-28] (HP Inc. -> HP Inc.)
R2 HPJumpStartBridge; c:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartBridge.exe [477184 2017-10-06] (HP Inc. -> HP Inc.)
S3 hpqcaslwmiex; C:\Program Files (x86)\HP\Shared\hpqwmiex.exe [1075744 2017-10-11] (HP Inc. -> HP)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [361848 2019-12-06] (HP Inc. -> HP Inc.)
R2 HPWMISVC; C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe [628768 2017-07-13] (HP Inc. -> HP Inc.)
S3 iaStorAfsService; C:\windows\IAStorAfsService\iaStorAfsService.exe [2410672 2018-01-31] (Intel(R) Rapid Storage Technology -> Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\SocketHeciServer.exe [760008 2018-04-12] (Intel(R) Trust Services -> Intel(R) Corporation)
S2 Intel(R) TPM Provisioning Service; C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\TPMProvisioningService.exe [720072 2018-04-12] (Intel(R) Trust Services -> Intel(R) Corporation)
S2 IntelAudioService; C:\windows\system32\cAVS\Intel(R) Audio Service\IntelAudioService.exe [204248 2018-03-08] (Microsoft Windows Hardware Compatibility Publisher -> Intel)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [218176 2018-06-13] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [6933272 2020-03-01] (Malwarebytes Inc -> Malwarebytes)
R2 NanoServiceMain; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe [109024 2017-11-08] (Panda Security S.L. -> Panda Security, S.L.)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-12-05] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-12-05] (NVIDIA Corporation -> NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2329904 2019-08-29] (Electronic Arts, Inc. -> Electronic Arts)
S2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3204912 2019-08-29] (Electronic Arts, Inc. -> Electronic Arts)
S3 Panda VPN Service; C:\Program Files (x86)\Panda Security\Panda Security Protection\Hydra.Sdk.Windows.Service.exe [320848 2017-11-19] (AnchorFree Inc -> )
R2 PandaAgent; C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe [84176 2019-02-19] (Panda Security S.L. -> Panda Security, S.L.)
R2 panda_url_filtering; C:\Program Files\Panda Security URL Filtering\Panda_URL_Filteringb.exe [246256 2016-11-22] (Visicom Media Inc. -> Visicom Media Inc.)
R2 PSUAService; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe [48784 2018-05-30] (Panda Security S.L. -> Panda Security, S.L.)
S3 rkrtservice; C:\Program Files\RogueKiller\RogueKillerSvc.exe [16647736 2020-02-24] (Adlice -> )
R2 RstMwService; C:\windows\System32\DriverStore\FileRepository\iaahcic.inf_amd64_120314e52c04567c\RstMwService.exe [2156512 2019-10-15] (Intel(R) Rapid Storage Technology -> Intel Corporation)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [268368 2019-04-01] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
R2 RtkBtAudioServ; C:\windows\RtkBtAudioServ.exe [269848 2019-03-24] (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.)
R2 RtkBtManServ; C:\windows\RtkBtManServ.exe [738712 2019-11-30] (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.)
R2 ShMonitor; C:\Program Files\EnigmaSoft\SpyHunter\ShMonitor.exe [524512 2020-03-01] (EnigmaSoft Limited -> EnigmaSoft Limited)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2001.10-0\NisSrv.exe [3285864 2020-03-01] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WildTangentHelper; C:\Program Files (x86)\WildTangent Games\Integration\WildTangentHelperService.exe [1657136 2020-02-12] (WildTangent Inc -> )
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2001.10-0\MsMpEng.exe [103168 2020-03-01] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 Accelerometer; C:\windows\System32\drivers\Accelerometer.sys [53904 2019-07-22] (HP Inc. -> HP)
R3 aftap0901; C:\windows\System32\drivers\aftap0901.sys [48624 2017-11-16] (AnchorFree Inc -> The OpenVPN Project)
S3 AppleKmdfFilter; C:\windows\System32\drivers\AppleKmdfFilter.sys [20640 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
S3 AppleLowerFilter; C:\windows\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
S3 dg_ssudbus; C:\windows\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 dptf_acpi; C:\windows\System32\drivers\dptf_acpi.sys [78680 2019-03-02] (Intel Corporation -> Intel Corporation)
S3 dptf_cpu; C:\windows\System32\drivers\dptf_cpu.sys [71000 2019-03-02] (Intel Corporation -> Intel Corporation)
R3 EnigmaFileMonDriver; C:\windows\System32\drivers\EnigmaFileMonDriver.sys [68424 2020-03-01] (EnigmaSoft Limited -> EnigmaSoft Limited)
S3 esif_lf; C:\windows\System32\drivers\esif_lf.sys [402264 2019-03-02] (Intel Corporation -> Intel Corporation)
S3 ETDSMBus; C:\windows\System32\drivers\ETDSMBus.sys [34200 2019-03-02] (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronic Corp.)
S3 Hamachi; C:\windows\System32\drivers\Hamdrv.sys [45680 2017-02-02] (Microsoft Windows Hardware Compatibility Publisher -> LogMeIn Inc.)
R0 hpdskflt; C:\windows\System32\drivers\hpdskflt.sys [41104 2019-07-22] (HP Inc. -> HP)
R1 HWiNFO32; C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [27552 2019-03-24] (Martin Malik - REALiX -> REALiX(tm))
R0 iaStorAC; C:\windows\System32\drivers\iaStorAC.sys [1035744 2019-10-15] (Intel(R) Rapid Storage Technology -> Intel Corporation)
S3 iaStorAfs; C:\windows\System32\drivers\iaStorAfs.sys [69632 2018-01-31] (Intel(R) Rapid Storage Technology -> Intel Corporation)
R2 MBAMChameleon; C:\windows\System32\Drivers\MbamChameleon.sys [214496 2020-03-01] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\windows\System32\DRIVERS\MbamElam.sys [20936 2020-03-01] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\windows\System32\Drivers\mbamswissarmy.sys [248968 2020-03-01] (Malwarebytes Inc -> Malwarebytes)
R1 NNSALPC; C:\windows\system32\DRIVERS\NNSALPC.sys [108000 2017-11-06] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSHTTP; C:\windows\system32\DRIVERS\NNSHTTP.sys [211936 2017-11-06] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSHTTPS; C:\windows\system32\DRIVERS\NNSHTTPS.sys [121312 2017-11-06] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSIDS; C:\windows\system32\DRIVERS\NNSIDS.sys [126432 2017-11-06] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSNAHSL; C:\windows\system32\DRIVERS\NNSNAHSL.sys [99512 2017-09-26] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSPICC; C:\windows\system32\DRIVERS\NNSPICC.sys [118240 2017-11-06] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSPIHSW; C:\windows\system32\DRIVERS\NNSPIHSW.sys [91616 2017-11-06] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSPOP3; C:\windows\system32\DRIVERS\NNSPOP3.sys [135648 2017-11-06] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSPROT; C:\windows\system32\DRIVERS\NNSPROT.sys [336352 2017-11-06] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSPRV; C:\windows\system32\DRIVERS\NNSPRV.sys [249312 2017-11-06] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSSMTP; C:\windows\system32\DRIVERS\NNSSMTP.sys [123360 2017-11-06] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSSTRM; C:\windows\system32\DRIVERS\NNSSTRM.sys [281056 2017-11-06] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSTLSC; C:\windows\system32\DRIVERS\NNSTLSC.sys [125920 2017-11-06] (Panda Security S.L. -> Panda Security, S.L.)
R3 nvlddmkm; C:\windows\System32\DriverStore\FileRepository\nvhmi.inf_amd64_0b228628c244f0b7\nvlddmkm.sys [23251968 2019-12-28] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30336 2019-12-07] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\windows\system32\drivers\nvvad64v.sys [69840 2019-04-17] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvhci; C:\windows\System32\drivers\nvvhci.sys [75600 2019-08-23] (NVIDIA Corporation -> NVIDIA Corporation)
R3 panda_url_filteringd; C:\Program Files\Panda Security URL Filtering\panda_url_filteringd.sys [51288 2014-03-19] (Visicom Media Inc. -> Visicom Media Inc.)
R2 PSINAflt; C:\windows\system32\DRIVERS\PSINAflt.sys [191448 2017-11-08] (Panda Security S.L. -> Panda Security, S.L.)
R2 PSINFile; C:\windows\System32\DRIVERS\PSINFile.sys [153992 2018-01-22] (Panda Security S.L. -> Panda Security, S.L.)
R1 PSINKNC; C:\windows\system32\DRIVERS\PSINKNC.sys [207248 2018-01-30] (Panda Security S.L. -> Panda Security, S.L.)
R2 PSINProc; C:\windows\System32\DRIVERS\PSINProc.sys [146912 2017-10-16] (Panda Security S.L. -> Panda Security, S.L.)
R2 PSINProt; C:\windows\system32\DRIVERS\PSINProt.sys [159200 2017-10-16] (Panda Security S.L. -> Panda Security, S.L.)
R2 PSINReg; C:\windows\system32\DRIVERS\PSINReg.sys [129504 2017-10-16] (Panda Security S.L. -> Panda Security, S.L.)
U3 PSKMAD; C:\windows\System32\DRIVERS\PSKMAD.sys [72648 2017-05-22] (Panda Security S.L. -> Panda Security, S.L.)
R3 rt640x64; C:\windows\System32\drivers\rt640x64.sys [1158944 2019-08-31] (Realtek Semiconductor Corp. -> Realtek )
R3 RtkBtFilter; C:\windows\system32\DRIVERS\RtkBtfilter.sys [787232 2019-11-30] (WDKTestCert VSAuto,131800073559665678 -> Realtek Semiconductor Corporation)
R3 RTWlanE; C:\windows\System32\drivers\rtwlane.sys [11459368 2019-08-17] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corporation )
S3 RvNetMP60; C:\windows\System32\drivers\RvNetMP60.sys [69048 2019-08-16] (Famatech Corp. -> Famatech Corp.)
S3 RzDev_005c; C:\windows\System32\drivers\RzDev_005c.sys [44560 2020-01-29] (Razer USA Ltd. -> Razer Inc)
R3 ScpVBus; C:\windows\System32\drivers\ScpVBus.sys [39168 2013-05-19] (Bruce James -> Scarlet.Crush Productions)
S3 Secdrv; C:\windows\SysWOW64\drivers\SECDRV.SYS [11616 2001-08-29] () [File not signed]
R3 SmbDrvI; C:\windows\System32\drivers\Smb_driver_Intel.sys [56840 2019-03-24] (Synaptics Incorporated -> Synaptics Incorporated)
S3 ssudmdm; C:\windows\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 VBoxNetAdp; C:\windows\system32\DRIVERS\VBoxNetAdp6.sys [236048 2018-12-18] (Oracle Corporation -> Oracle Corporation)
S0 WdBoot; C:\windows\System32\drivers\wd\WdBoot.sys [45960 2020-03-01] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\windows\System32\drivers\wd\WdFilter.sys [376544 2020-03-01] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\windows\System32\drivers\wd\WdNisDrv.sys [53984 2020-03-01] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver64; C:\windows\System32\drivers\WirelessButtonDriver64.sys [35392 2019-11-15] (HP Inc. -> HP)
R3 xtouch; C:\windows\System32\drivers\xtouch.sys [182800 2020-01-27] (Microsoft Windows Hardware Compatibility Publisher -> )
S3 AmUStor; \SystemRoot\system32\drivers\AmUStor.SYS [X]
S3 cpuz143; \??\C:\WINDOWS\temp\cpuz143\cpuz143_x64.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One month (created) ===================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-03-01 17:15 - 2020-03-01 17:17 - 000044703 _____ C:\Users\usuario\Desktop\FRST.txt
2020-03-01 17:15 - 2020-03-01 17:16 - 000000000 ____D C:\FRST
2020-03-01 17:12 - 2020-03-01 17:12 - 002279424 _____ (Farbar) C:\Users\usuario\Desktop\FRST64.exe
2020-03-01 17:10 - 2020-03-01 17:11 - 019255000 _____ (Microsoft Corporation) C:\Users\usuario\Downloads\MediaCreationTool1909.exe
2020-03-01 16:38 - 2020-03-01 16:38 - 000000000 ___HD C:\OneDriveTemp
2020-03-01 16:35 - 2020-03-01 16:35 - 000248968 _____ (Malwarebytes) C:\windows\system32\Drivers\mbamswissarmy.sys
2020-03-01 16:34 - 2017-05-22 02:01 - 000072648 _____ (Panda Security, S.L.) C:\windows\system32\Drivers\PSKMAD.sys
2020-03-01 16:24 - 2020-03-01 16:24 - 000002896 _____ C:\windows\system32\Tasks\CCleanerSkipUAC
2020-03-01 16:11 - 2020-03-01 16:11 - 000003384 _____ C:\windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-4167822763-1012268071-2674635290-1001
2020-03-01 16:02 - 2020-03-01 16:35 - 000068424 _____ (EnigmaSoft Limited) C:\windows\system32\Drivers\EnigmaFileMonDriver.sys
2020-03-01 15:56 - 2020-03-01 15:59 - 000000000 ____D C:\AdwCleaner
2020-03-01 15:52 - 2020-03-01 15:53 - 008356016 _____ (Malwarebytes) C:\Users\usuario\Downloads\adwcleaner_8.0.2.exe
2020-03-01 15:52 - 2020-03-01 15:52 - 000001549 _____ C:\Users\usuario\Desktop\registroMalwareBytes.txt
2020-03-01 15:44 - 2020-03-01 15:44 - 000214496 _____ (Malwarebytes) C:\windows\system32\Drivers\MbamChameleon.sys
2020-03-01 15:44 - 2020-03-01 15:44 - 000153312 _____ (Malwarebytes) C:\windows\system32\Drivers\mbae64.sys
2020-03-01 15:44 - 2020-03-01 15:44 - 000020936 _____ (Malwarebytes) C:\windows\system32\Drivers\MbamElam.sys
2020-03-01 15:44 - 2020-03-01 15:44 - 000002036 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2020-03-01 15:44 - 2020-03-01 15:44 - 000002036 _____ C:\ProgramData\Desktop\Malwarebytes.lnk
2020-03-01 15:44 - 2020-03-01 15:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2020-03-01 15:43 - 2020-03-01 15:43 - 001928352 _____ (Malwarebytes) C:\Users\usuario\Downloads\MBSetup (1).exe
2020-03-01 03:21 - 2020-03-01 03:21 - 000001066 _____ C:\Users\Public\Desktop\SpyHunter5.lnk
2020-03-01 03:21 - 2020-03-01 03:21 - 000001066 _____ C:\ProgramData\Desktop\SpyHunter5.lnk
2020-03-01 03:21 - 2020-03-01 03:21 - 000000000 ____D C:\sh5ldr
2020-03-01 03:21 - 2020-03-01 03:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EnigmaSoft
2020-03-01 03:21 - 2020-03-01 03:21 - 000000000 ____D C:\ProgramData\EnigmaSoft Limited
2020-03-01 03:21 - 2020-03-01 03:21 - 000000000 ____D C:\Program Files\EnigmaSoft
2020-03-01 02:15 - 2020-03-01 02:15 - 000000912 _____ C:\Users\Public\Desktop\RogueKiller.lnk
2020-03-01 02:15 - 2020-03-01 02:15 - 000000912 _____ C:\ProgramData\Desktop\RogueKiller.lnk
2020-03-01 02:15 - 2020-03-01 02:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller
2020-03-01 02:15 - 2020-03-01 02:15 - 000000000 ____D C:\Program Files\RogueKiller
2020-03-01 02:14 - 2020-03-01 03:01 - 000000000 ____D C:\ProgramData\RogueKiller
2020-03-01 00:07 - 2020-03-01 00:09 - 047658504 _____ (Adlice Software ) C:\Users\usuario\Downloads\RogueKiller_setup.exe
2020-02-28 15:42 - 2020-02-29 23:45 - 000000372 _____ C:\windows\Tasks\HPCeeScheduleForusuario.job
2020-02-28 15:42 - 2020-02-28 15:42 - 000003272 _____ C:\windows\system32\Tasks\HPCeeScheduleForusuario
2020-02-27 01:31 - 2020-02-27 01:31 - 000002254 _____ C:\Users\usuario\Desktop\Discord.lnk
2020-02-25 23:53 - 2020-02-26 01:03 - 000000000 ____D C:\Program Files (x86)\Voobly
2020-02-25 23:53 - 2020-02-26 01:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Voobly
2020-02-25 23:49 - 2020-02-25 23:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games
2020-02-25 23:49 - 2020-02-25 23:49 - 000002276 _____ C:\Users\usuario\Desktop\Age of Empires II.lnk
2020-02-25 23:49 - 2001-08-29 23:02 - 000011616 _____ C:\windows\SysWOW64\Drivers\SECDRV.SYS
2020-02-25 23:39 - 2020-02-25 23:39 - 000000000 ____D C:\Program Files (x86)\Microsoft Games
2020-02-25 23:23 - 2020-02-25 23:23 - 010459605 _____ (Voobly ) C:\Users\usuario\Downloads\voobly-v2.2.5.65.exe
2020-02-25 17:22 - 2020-02-25 17:22 - 000000000 ____D C:\Users\usuario\AppData\Local\mbamtray
2020-02-25 17:22 - 2020-02-25 17:22 - 000000000 ____D C:\Users\usuario\AppData\Local\mbam
2020-02-25 17:22 - 2020-02-25 17:22 - 000000000 ____D C:\Users\usuario\AppData\Local\cache
2020-02-25 17:21 - 2020-02-25 17:21 - 000000000 ____D C:\ProgramData\Malwarebytes
2020-02-25 17:21 - 2020-02-25 17:21 - 000000000 ____D C:\Program Files\Malwarebytes
2020-02-25 17:20 - 2020-02-25 17:20 - 001924728 _____ (Malwarebytes) C:\Users\usuario\Downloads\MBSetup.exe
2020-02-24 19:59 - 2020-02-24 19:59 - 000000214 _____ C:\windows\Tasks\CreateExplorerShellUnelevatedTask.job
2020-02-16 17:51 - 2020-02-16 17:50 - 000748816 ____N (Microsoft Corporation) C:\windows\system32\MpSigStub.exe
2020-02-14 20:27 - 2020-02-14 20:27 - 000002380 _____ C:\Users\usuario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-02-12 18:08 - 2020-02-03 20:18 - 000835688 _____ (Adobe) C:\windows\SysWOW64\FlashPlayerApp.exe
2020-02-12 18:08 - 2020-02-03 20:18 - 000179608 _____ (Adobe) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2020-02-11 20:04 - 2020-02-05 09:34 - 004527584 _____ (Microsoft Corporation) C:\windows\system32\sppsvc.exe
2020-02-11 20:04 - 2020-02-05 09:34 - 001617360 _____ (Microsoft Corporation) C:\windows\system32\sppobjs.dll
2020-02-11 20:04 - 2020-02-05 09:33 - 021412488 _____ (Microsoft Corporation) C:\windows\system32\shell32.dll
2020-02-11 20:04 - 2020-02-05 09:18 - 012879872 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2020-02-11 20:04 - 2020-02-05 09:17 - 008629760 _____ (Microsoft Corporation) C:\windows\system32\mstscax.dll
2020-02-11 20:04 - 2020-02-05 09:16 - 004491264 _____ (Microsoft Corporation) C:\windows\system32\xpsrchvw.exe
2020-02-11 20:04 - 2020-02-05 09:14 - 000957440 _____ (Microsoft Corporation) C:\windows\system32\sppcext.dll
2020-02-11 20:04 - 2020-02-05 09:13 - 003613696 _____ (Microsoft Corporation) C:\windows\system32\win32kfull.sys
2020-02-11 20:04 - 2020-02-05 08:06 - 020402192 _____ (Microsoft Corporation) C:\windows\SysWOW64\shell32.dll
2020-02-11 20:04 - 2020-02-05 07:52 - 012075520 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2020-02-11 20:04 - 2020-02-05 07:50 - 007992832 _____ (Microsoft Corporation) C:\windows\SysWOW64\mstscax.dll
2020-02-11 20:04 - 2020-02-05 07:48 - 002881536 _____ (Microsoft Corporation) C:\windows\SysWOW64\win32kfull.sys
2020-02-11 20:04 - 2020-02-05 07:48 - 000901120 _____ (Microsoft Corporation) C:\windows\SysWOW64\sppcext.dll
2020-02-11 20:04 - 2020-02-05 04:42 - 003180080 _____ (Microsoft Corporation) C:\windows\system32\d3d11.dll
2020-02-11 20:04 - 2020-02-05 04:42 - 001613096 _____ (Microsoft Corporation) C:\windows\system32\D3D12.dll
2020-02-11 20:04 - 2020-02-05 04:25 - 001213264 _____ (Microsoft Corporation) C:\windows\system32\ClipUp.exe
2020-02-11 20:04 - 2020-02-05 04:25 - 001035040 _____ (Microsoft Corporation) C:\windows\system32\ApplyTrustOffline.exe
2020-02-11 20:04 - 2020-02-05 04:23 - 005627792 _____ (Microsoft Corporation) C:\windows\system32\StartTileData.dll
2020-02-11 20:04 - 2020-02-05 04:23 - 001224504 _____ (Microsoft Corporation) C:\windows\system32\hvix64.exe
2020-02-11 20:04 - 2020-02-05 04:23 - 001027384 _____ (Microsoft Corporation) C:\windows\system32\hvax64.exe
2020-02-11 20:04 - 2020-02-05 04:21 - 009081656 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2020-02-11 20:04 - 2020-02-05 04:21 - 007519896 _____ (Microsoft Corporation) C:\windows\system32\Windows.Media.Protection.PlayReady.dll
2020-02-11 20:04 - 2020-02-05 04:21 - 007447904 _____ (Microsoft Corporation) C:\windows\system32\windows.storage.dll
2020-02-11 20:04 - 2020-02-05 04:21 - 004404720 _____ (Microsoft Corporation) C:\windows\system32\mfcore.dll
2020-02-11 20:04 - 2020-02-05 04:21 - 002811192 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dxgkrnl.sys
2020-02-11 20:04 - 2020-02-05 04:21 - 002371296 _____ (Microsoft Corporation) C:\windows\system32\msmpeg2vdec.dll
2020-02-11 20:04 - 2020-02-05 04:21 - 001943128 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll
2020-02-11 20:04 - 2020-02-05 04:19 - 006570368 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Media.Protection.PlayReady.dll
2020-02-11 20:04 - 2020-02-05 04:19 - 006054320 _____ (Microsoft Corporation) C:\windows\SysWOW64\windows.storage.dll
2020-02-11 20:04 - 2020-02-05 04:19 - 004790184 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfcore.dll
2020-02-11 20:04 - 2020-02-05 04:19 - 002331480 _____ (Microsoft Corporation) C:\windows\SysWOW64\msmpeg2vdec.dll
2020-02-11 20:04 - 2020-02-05 04:19 - 001620472 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntdll.dll
2020-02-11 20:04 - 2020-02-05 04:11 - 022016512 _____ (Microsoft Corporation) C:\windows\SysWOW64\edgehtml.dll
2020-02-11 20:04 - 2020-02-05 04:04 - 025854976 _____ (Microsoft Corporation) C:\windows\system32\edgehtml.dll
2020-02-11 20:04 - 2020-02-05 04:03 - 019393536 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2020-02-11 20:04 - 2020-02-05 04:02 - 002700800 _____ (Microsoft Corporation) C:\windows\SysWOW64\tquery.dll
2020-02-11 20:04 - 2020-02-05 04:01 - 005883904 _____ (Microsoft Corporation) C:\windows\SysWOW64\mos.dll
2020-02-11 20:04 - 2020-02-05 04:01 - 002969600 _____ (Microsoft Corporation) C:\windows\SysWOW64\cdp.dll
2020-02-11 20:04 - 2020-02-05 04:00 - 022745088 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2020-02-11 20:04 - 2020-02-05 04:00 - 003687936 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2020-02-11 20:04 - 2020-02-05 03:59 - 009084928 _____ (Microsoft Corporation) C:\windows\system32\BingMaps.dll
2020-02-11 20:04 - 2020-02-05 03:59 - 007057920 _____ (Microsoft Corporation) C:\windows\system32\mos.dll
2020-02-11 20:04 - 2020-02-05 03:59 - 005770752 _____ (Microsoft Corporation) C:\windows\SysWOW64\Chakra.dll
2020-02-11 20:04 - 2020-02-05 03:58 - 004710400 _____ (Microsoft Corporation) C:\windows\system32\cdp.dll
2020-02-11 20:04 - 2020-02-05 03:58 - 002258432 _____ (Microsoft Corporation) C:\windows\SysWOW64\mssrch.dll
2020-02-11 20:04 - 2020-02-05 03:57 - 004516864 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2020-02-11 20:04 - 2020-02-05 03:57 - 004382720 _____ (Microsoft Corporation) C:\windows\system32\EdgeContent.dll
2020-02-11 20:04 - 2020-02-05 03:57 - 003403264 _____ (Microsoft Corporation) C:\windows\system32\AppXDeploymentServer.dll
2020-02-11 20:04 - 2020-02-05 03:56 - 003392512 _____ (Microsoft Corporation) C:\windows\system32\tquery.dll
2020-02-11 20:04 - 2020-02-05 03:55 - 006031360 _____ (Microsoft Corporation) C:\windows\system32\d2d1.dll
2020-02-11 20:04 - 2020-02-05 03:55 - 004849664 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2020-02-11 20:04 - 2020-02-05 03:55 - 001765888 _____ (Microsoft Corporation) C:\windows\system32\audiosrv.dll
2020-02-11 20:04 - 2020-02-05 03:55 - 000782336 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2020-02-11 20:04 - 2020-02-05 03:54 - 007572992 _____ (Microsoft Corporation) C:\windows\system32\Chakra.dll
2020-02-11 20:04 - 2020-02-05 03:54 - 003093504 _____ (Microsoft Corporation) C:\windows\system32\diagtrack.dll
2020-02-11 20:04 - 2020-02-05 03:53 - 002922496 _____ (Microsoft Corporation) C:\windows\system32\wuaueng.dll
2020-02-11 20:04 - 2020-02-05 03:53 - 002739200 _____ (Microsoft Corporation) C:\windows\system32\mssrch.dll
2020-02-11 20:04 - 2020-02-05 03:52 - 004938240 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2020-02-11 20:04 - 2020-02-05 03:52 - 002379264 _____ (Microsoft Corporation) C:\windows\system32\WebRuntimeManager.dll
2020-02-11 20:04 - 2020-02-05 03:52 - 002161152 _____ (Microsoft Corporation) C:\windows\system32\win32kbase.sys
2020-02-11 20:04 - 2020-02-05 03:52 - 001059840 _____ (Microsoft Corporation) C:\windows\system32\SearchIndexer.exe
2020-02-11 20:04 - 2020-02-05 03:51 - 000910848 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2020-02-11 20:03 - 2020-02-05 09:42 - 000506088 _____ (Microsoft Corporation) C:\windows\system32\systemreset.exe
2020-02-11 20:03 - 2020-02-05 09:39 - 000094224 _____ (Microsoft Corporation) C:\windows\system32\rdpudd.dll
2020-02-11 20:03 - 2020-02-05 09:34 - 001639864 _____ (Microsoft Corporation) C:\windows\system32\user32.dll
2020-02-11 20:03 - 2020-02-05 09:32 - 001047352 _____ (Microsoft Corporation) C:\windows\system32\ReAgent.dll
2020-02-11 20:03 - 2020-02-05 09:20 - 000064000 _____ (Microsoft Corporation) C:\windows\system32\iemigplugin.dll
2020-02-11 20:03 - 2020-02-05 09:19 - 000008704 _____ (Microsoft Corporation) C:\windows\system32\f3ahvoas.dll
2020-02-11 20:03 - 2020-02-05 09:18 - 000172544 _____ (Microsoft Corporation) C:\windows\system32\rdsdwmdr.dll
2020-02-11 20:03 - 2020-02-05 09:18 - 000106496 _____ (Microsoft Corporation) C:\windows\system32\fdSSDP.dll
2020-02-11 20:03 - 2020-02-05 09:17 - 000056832 _____ (Microsoft Corporation) C:\windows\system32\SrTasks.exe
2020-02-11 20:03 - 2020-02-05 09:16 - 001030144 _____ (Microsoft Corporation) C:\windows\system32\termsrv.dll
2020-02-11 20:03 - 2020-02-05 09:16 - 000810496 _____ C:\windows\system32\MBR2GPT.EXE
2020-02-11 20:03 - 2020-02-05 09:16 - 000575488 _____ (Microsoft Corporation) C:\windows\system32\dfrgui.exe
2020-02-11 20:03 - 2020-02-05 09:16 - 000247808 _____ (Microsoft Corporation) C:\windows\system32\srrstr.dll
2020-02-11 20:03 - 2020-02-05 09:16 - 000192512 _____ (Microsoft Corporation) C:\windows\system32\recdisc.exe
2020-02-11 20:03 - 2020-02-05 09:16 - 000147456 _____ (Microsoft Corporation) C:\windows\system32\sdrsvc.dll
2020-02-11 20:03 - 2020-02-05 09:16 - 000091136 _____ (Microsoft Corporation) C:\windows\system32\wsqmcons.exe
2020-02-11 20:03 - 2020-02-05 09:15 - 002019840 _____ (Microsoft Corporation) C:\windows\system32\ResetEngine.dll
2020-02-11 20:03 - 2020-02-05 09:15 - 001609728 _____ (Microsoft Corporation) C:\windows\system32\rdpcorets.dll
2020-02-11 20:03 - 2020-02-05 09:15 - 001194496 _____ (Microsoft Corporation) C:\windows\system32\sdengin2.dll
2020-02-11 20:03 - 2020-02-05 09:15 - 000625152 _____ (Microsoft Corporation) C:\windows\system32\BootMenuUX.dll
2020-02-11 20:03 - 2020-02-05 09:15 - 000482304 _____ (Microsoft Corporation) C:\windows\system32\srcore.dll
2020-02-11 20:03 - 2020-02-05 09:15 - 000308224 _____ (Microsoft Corporation) C:\windows\system32\tapisrv.dll
2020-02-11 20:03 - 2020-02-05 09:15 - 000266752 _____ (Microsoft Corporation) C:\windows\system32\rstrui.exe
2020-02-11 20:03 - 2020-02-05 09:15 - 000120832 _____ (Microsoft Corporation) C:\windows\system32\wercplsupport.dll
2020-02-11 20:03 - 2020-02-05 09:14 - 001211904 _____ (Microsoft Corporation) C:\windows\system32\sdclt.exe
2020-02-11 20:03 - 2020-02-05 09:14 - 000489472 _____ (Microsoft Corporation) C:\windows\system32\werui.dll
2020-02-11 20:03 - 2020-02-05 09:14 - 000420864 _____ (Microsoft Corporation) C:\windows\system32\rdpclip.exe
2020-02-11 20:03 - 2020-02-05 09:13 - 004054016 _____ (Microsoft Corporation) C:\windows\system32\msi.dll
2020-02-11 20:03 - 2020-02-05 09:13 - 001364992 _____ (Microsoft Corporation) C:\windows\system32\bcastdvruserservice.dll
2020-02-11 20:03 - 2020-02-05 09:13 - 000878592 _____ (Microsoft Corporation) C:\windows\system32\CPFilters.dll
2020-02-11 20:03 - 2020-02-05 09:13 - 000577024 _____ (Microsoft Corporation) C:\windows\system32\SppExtComObj.Exe
2020-02-11 20:03 - 2020-02-05 09:12 - 001290240 _____ (Microsoft Corporation) C:\windows\system32\werconcpl.dll
2020-02-11 20:03 - 2020-02-05 09:12 - 001180672 _____ (Microsoft Corporation) C:\windows\system32\reseteng.dll
2020-02-11 20:03 - 2020-02-05 09:12 - 000440832 _____ (Microsoft Corporation) C:\windows\system32\LockAppBroker.dll
2020-02-11 20:03 - 2020-02-05 09:12 - 000210944 _____ (Microsoft Corporation) C:\windows\system32\DWWIN.EXE
2020-02-11 20:03 - 2020-02-05 09:11 - 000174080 _____ (Microsoft Corporation) C:\windows\system32\ResetEngOnline.dll
2020-02-11 20:03 - 2020-02-05 09:11 - 000149504 _____ (Microsoft Corporation) C:\windows\system32\fdWSD.dll
2020-02-11 20:03 - 2020-02-05 08:07 - 001628488 _____ (Microsoft Corporation) C:\windows\SysWOW64\user32.dll
2020-02-11 20:03 - 2020-02-05 08:02 - 000917816 _____ (Microsoft Corporation) C:\windows\SysWOW64\ReAgent.dll
2020-02-11 20:03 - 2020-02-05 07:54 - 000090112 _____ (Microsoft Corporation) C:\windows\SysWOW64\fdSSDP.dll
2020-02-11 20:03 - 2020-02-05 07:53 - 000131072 _____ (Microsoft Corporation) C:\windows\SysWOW64\fdWSD.dll
2020-02-11 20:03 - 2020-02-05 07:51 - 000561152 _____ (Microsoft Corporation) C:\windows\SysWOW64\dfrgui.exe
2020-02-11 20:03 - 2020-02-05 07:50 - 003397632 _____ (Microsoft Corporation) C:\windows\SysWOW64\xpsrchvw.exe
2020-02-11 20:03 - 2020-02-05 07:49 - 000425984 _____ (Microsoft Corporation) C:\windows\SysWOW64\werui.dll
2020-02-11 20:03 - 2020-02-05 07:49 - 000176640 _____ (Microsoft Corporation) C:\windows\SysWOW64\DWWIN.EXE
2020-02-11 20:03 - 2020-02-05 07:48 - 000704000 _____ (Microsoft Corporation) C:\windows\SysWOW64\CPFilters.dll
2020-02-11 20:03 - 2020-02-05 07:48 - 000375808 _____ (Microsoft Corporation) C:\windows\SysWOW64\LockAppBroker.dll
2020-02-11 20:03 - 2020-02-05 07:48 - 000254464 _____ (Microsoft Corporation) C:\windows\SysWOW64\tapisrv.dll
2020-02-11 20:03 - 2020-02-05 07:47 - 004053504 _____ (Microsoft Corporation) C:\windows\SysWOW64\msi.dll
2020-02-11 20:03 - 2020-02-05 04:41 - 001299168 _____ (Microsoft Corporation) C:\windows\SysWOW64\D3D12.dll
2020-02-11 20:03 - 2020-02-05 04:40 - 002417952 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3d11.dll
2020-02-11 20:03 - 2020-02-05 04:23 - 000722744 _____ (Microsoft Corporation) C:\windows\system32\wimgapi.dll
2020-02-11 20:03 - 2020-02-05 04:23 - 000568104 _____ (Microsoft Corporation) C:\windows\system32\tcblaunch.exe
2020-02-11 20:03 - 2020-02-05 04:23 - 000527376 _____ (Microsoft Corporation) C:\windows\system32\wimserv.exe
2020-02-11 20:03 - 2020-02-05 04:23 - 000491208 _____ (Microsoft Corporation) C:\windows\system32\mf.dll
2020-02-11 20:03 - 2020-02-05 04:23 - 000405816 _____ (Microsoft Corporation) C:\windows\system32\wifitask.exe
2020-02-11 20:03 - 2020-02-05 04:23 - 000324928 _____ (Microsoft Corporation) C:\windows\system32\wow64.dll
2020-02-11 20:03 - 2020-02-05 04:23 - 000076088 _____ (Microsoft Corporation) C:\windows\system32\Drivers\hvservice.sys
2020-02-11 20:03 - 2020-02-05 04:22 - 000777304 _____ (Microsoft Corporation) C:\windows\system32\wer.dll
2020-02-11 20:03 - 2020-02-05 04:22 - 000495416 _____ (Microsoft Corporation) C:\windows\system32\WerFault.exe
2020-02-11 20:03 - 2020-02-05 04:22 - 000441072 _____ (Microsoft Corporation) C:\windows\system32\Faultrep.dll
2020-02-11 20:03 - 2020-02-05 04:22 - 000248880 _____ (Microsoft Corporation) C:\windows\system32\weretw.dll
2020-02-11 20:03 - 2020-02-05 04:22 - 000210448 _____ (Microsoft Corporation) C:\windows\system32\wermgr.exe
2020-02-11 20:03 - 2020-02-05 04:22 - 000159656 _____ (Microsoft Corporation) C:\windows\system32\WerFaultSecure.exe
2020-02-11 20:03 - 2020-02-05 04:21 - 001934808 _____ (Microsoft Corporation) C:\windows\system32\AudioEng.dll
2020-02-11 20:03 - 2020-02-05 04:21 - 001780352 _____ (Microsoft Corporation) C:\windows\system32\mfasfsrcsnk.dll
2020-02-11 20:03 - 2020-02-05 04:21 - 001459120 _____ (Microsoft Corporation) C:\windows\system32\winload.efi
2020-02-11 20:03 - 2020-02-05 04:21 - 001285432 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ndis.sys
2020-02-11 20:03 - 2020-02-05 04:21 - 001260776 _____ (Microsoft Corporation) C:\windows\system32\winload.exe
2020-02-11 20:03 - 2020-02-05 04:21 - 001209696 _____ (Microsoft Corporation) C:\windows\system32\AudioSes.dll
2020-02-11 20:03 - 2020-02-05 04:21 - 001141504 _____ (Microsoft Corporation) C:\windows\system32\winresume.efi
2020-02-11 20:03 - 2020-02-05 04:21 - 001098064 _____ (Microsoft Corporation) C:\windows\system32\msvproc.dll
2020-02-11 20:03 - 2020-02-05 04:21 - 001032968 _____ (Microsoft Corporation) C:\windows\system32\ClipSVC.dll
2020-02-11 20:03 - 2020-02-05 04:21 - 000983936 _____ (Microsoft Corporation) C:\windows\system32\winresume.exe
2020-02-11 20:03 - 2020-02-05 04:21 - 000930616 _____ (Microsoft Corporation) C:\windows\system32\WWAHost.exe
2020-02-11 20:03 - 2020-02-05 04:21 - 000791352 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dxgmms2.sys
2020-02-11 20:03 - 2020-02-05 04:21 - 000694184 _____ (Microsoft Corporation) C:\windows\system32\StructuredQuery.dll
2020-02-11 20:03 - 2020-02-05 04:21 - 000605496 _____ (Microsoft Corporation) C:\windows\system32\securekernel.exe
2020-02-11 20:03 - 2020-02-05 04:21 - 000594032 _____ (Microsoft Corporation) C:\windows\system32\audiodg.exe
2020-02-11 20:03 - 2020-02-05 04:21 - 000550520 _____ (Microsoft Corporation) C:\windows\SysWOW64\mf.dll
2020-02-11 20:03 - 2020-02-05 04:21 - 000413720 _____ (Microsoft Corporation) C:\windows\system32\AUDIOKSE.dll
2020-02-11 20:03 - 2020-02-05 04:21 - 000412984 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dxgmms1.sys
2020-02-11 20:03 - 2020-02-05 04:21 - 000383288 _____ (Microsoft Corporation) C:\windows\system32\Drivers\clfs.sys
2020-02-11 20:03 - 2020-02-05 04:21 - 000335672 _____ (Microsoft Corporation) C:\windows\system32\moshostcore.dll
2020-02-11 20:03 - 2020-02-05 04:21 - 000260800 _____ (Microsoft Corporation) C:\windows\system32\mfps.dll
2020-02-11 20:03 - 2020-02-05 04:20 - 000665736 _____ (Microsoft Corporation) C:\windows\SysWOW64\wer.dll
2020-02-11 20:03 - 2020-02-05 04:20 - 000435512 _____ (Microsoft Corporation) C:\windows\SysWOW64\WerFault.exe
2020-02-11 20:03 - 2020-02-05 04:20 - 000385784 _____ (Microsoft Corporation) C:\windows\SysWOW64\Faultrep.dll
2020-02-11 20:03 - 2020-02-05 04:20 - 000192312 _____ (Microsoft Corporation) C:\windows\SysWOW64\wermgr.exe
2020-02-11 20:03 - 2020-02-05 04:20 - 000146712 _____ (Microsoft Corporation) C:\windows\SysWOW64\WerFaultSecure.exe
2020-02-11 20:03 - 2020-02-05 04:19 - 001805656 _____ (Microsoft Corporation) C:\windows\SysWOW64\AudioEng.dll
2020-02-11 20:03 - 2020-02-05 04:19 - 001379280 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfasfsrcsnk.dll
2020-02-11 20:03 - 2020-02-05 04:19 - 001130568 _____ (Microsoft Corporation) C:\windows\SysWOW64\msvproc.dll
2020-02-11 20:03 - 2020-02-05 04:19 - 001011872 _____ (Microsoft Corporation) C:\windows\SysWOW64\AudioSes.dll
2020-02-11 20:03 - 2020-02-05 04:19 - 000829752 _____ (Microsoft Corporation) C:\windows\SysWOW64\WWAHost.exe
2020-02-11 20:03 - 2020-02-05 04:19 - 000607544 _____ (Microsoft Corporation) C:\windows\SysWOW64\wimgapi.dll
2020-02-11 20:03 - 2020-02-05 04:19 - 000538704 _____ (Microsoft Corporation) C:\windows\SysWOW64\StructuredQuery.dll
2020-02-11 20:03 - 2020-02-05 04:19 - 000385816 _____ (Microsoft Corporation) C:\windows\SysWOW64\AUDIOKSE.dll
2020-02-11 20:03 - 2020-02-05 04:19 - 000129296 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfps.dll
2020-02-11 20:03 - 2020-02-05 04:02 - 006647296 _____ (Microsoft Corporation) C:\windows\SysWOW64\BingMaps.dll
2020-02-11 20:03 - 2020-02-05 04:00 - 001361408 _____ (Microsoft Corporation) C:\windows\SysWOW64\MSPhotography.dll
2020-02-11 20:03 - 2020-02-05 04:00 - 000074240 _____ (Microsoft Corporation) C:\windows\SysWOW64\dtdump.exe
2020-02-11 20:03 - 2020-02-05 04:00 - 000037888 _____ (Microsoft Corporation) C:\windows\SysWOW64\Websocket.dll
2020-02-11 20:03 - 2020-02-05 04:00 - 000032768 _____ (Microsoft Corporation) C:\windows\SysWOW64\werdiagcontroller.dll
2020-02-11 20:03 - 2020-02-05 03:59 - 001295360 _____ (Microsoft Corporation) C:\windows\SysWOW64\MSVPXENC.dll
2020-02-11 20:03 - 2020-02-05 03:59 - 000392704 _____ (Microsoft Corporation) C:\windows\SysWOW64\MapConfiguration.dll
2020-02-11 20:03 - 2020-02-05 03:59 - 000365568 _____ (Microsoft Corporation) C:\windows\SysWOW64\rdpencom.dll
2020-02-11 20:03 - 2020-02-05 03:59 - 000288768 _____ (Microsoft Corporation) C:\windows\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2020-02-11 20:03 - 2020-02-05 03:59 - 000071168 _____ (Microsoft Corporation) C:\windows\SysWOW64\keyiso.dll
2020-02-11 20:03 - 2020-02-05 03:59 - 000052736 _____ (Microsoft Corporation) C:\windows\SysWOW64\rtutils.dll
2020-02-11 20:03 - 2020-02-05 03:58 - 005307392 _____ (Microsoft Corporation) C:\windows\SysWOW64\d2d1.dll
2020-02-11 20:03 - 2020-02-05 03:58 - 001986560 _____ (Microsoft Corporation) C:\windows\SysWOW64\MapGeocoder.dll
2020-02-11 20:03 - 2020-02-05 03:58 - 001540096 _____ (Microsoft Corporation) C:\windows\SysWOW64\rdpserverbase.dll
2020-02-11 20:03 - 2020-02-05 03:58 - 000608768 _____ (Microsoft Corporation) C:\windows\SysWOW64\EdgeManager.dll
2020-02-11 20:03 - 2020-02-05 03:58 - 000578560 _____ (Microsoft Corporation) C:\windows\SysWOW64\webplatstorageserver.dll
2020-02-11 20:03 - 2020-02-05 03:58 - 000144384 _____ (Microsoft Corporation) C:\windows\system32\mssprxy.dll
2020-02-11 20:03 - 2020-02-05 03:58 - 000094720 _____ (Microsoft Corporation) C:\windows\system32\MapsCSP.dll
2020-02-11 20:03 - 2020-02-05 03:57 - 002449408 _____ (Microsoft Corporation) C:\windows\SysWOW64\MapRouter.dll
2020-02-11 20:03 - 2020-02-05 03:57 - 001862656 _____ (Microsoft Corporation) C:\windows\SysWOW64\xpsservices.dll
2020-02-11 20:03 - 2020-02-05 03:57 - 001236480 _____ (Microsoft Corporation) C:\windows\SysWOW64\rdpbase.dll
2020-02-11 20:03 - 2020-02-05 03:57 - 000185856 _____ (Microsoft Corp.) C:\windows\system32\Defrag.exe
2020-02-11 20:03 - 2020-02-05 03:57 - 000099328 _____ (Microsoft Corporation) C:\windows\system32\utcutil.dll
2020-02-11 20:03 - 2020-02-05 03:57 - 000046080 _____ (Microsoft Corporation) C:\windows\system32\Websocket.dll
2020-02-11 20:03 - 2020-02-05 03:56 - 001076736 _____ (Microsoft Corporation) C:\windows\SysWOW64\rdpcore.dll
2020-02-11 20:03 - 2020-02-05 03:56 - 000978944 _____ (Microsoft Corporation) C:\windows\SysWOW64\JpMapControl.dll
2020-02-11 20:03 - 2020-02-05 03:56 - 000859136 _____ (Microsoft Corporation) C:\windows\SysWOW64\SearchIndexer.exe
2020-02-11 20:03 - 2020-02-05 03:56 - 000848384 _____ (Microsoft Corporation) C:\windows\SysWOW64\ShareHost.dll
2020-02-11 20:03 - 2020-02-05 03:56 - 000735744 _____ (Microsoft Corporation) C:\windows\SysWOW64\MsSpellCheckingFacility.dll
2020-02-11 20:03 - 2020-02-05 03:56 - 000669696 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2020-02-11 20:03 - 2020-02-05 03:56 - 000530432 _____ (Microsoft Corporation) C:\windows\system32\MapConfiguration.dll
2020-02-11 20:03 - 2020-02-05 03:56 - 000409088 _____ (Microsoft Corporation) C:\windows\system32\rdpencom.dll
2020-02-11 20:03 - 2020-02-05 03:56 - 000395776 _____ (Microsoft Corporation) C:\windows\system32\Search.ProtocolHandler.MAPI2.dll
2020-02-11 20:03 - 2020-02-05 03:56 - 000334336 _____ (Microsoft Corporation) C:\windows\system32\NmaDirect.dll
2020-02-11 20:03 - 2020-02-05 03:56 - 000326144 _____ (Microsoft Corporation) C:\windows\system32\SettingsHandlers_Flights.dll
2020-02-11 20:03 - 2020-02-05 03:56 - 000227328 _____ (Microsoft Corporation) C:\windows\system32\SearchFilterHost.exe
2020-02-11 20:03 - 2020-02-05 03:56 - 000203264 _____ (Microsoft Corporation) C:\windows\system32\wersvc.dll
2020-02-11 20:03 - 2020-02-05 03:56 - 000162304 _____ (Microsoft Corporation) C:\windows\system32\dssvc.dll
2020-02-11 20:03 - 2020-02-05 03:56 - 000145408 _____ (Microsoft Corporation) C:\windows\SysWOW64\mssph.dll
2020-02-11 20:03 - 2020-02-05 03:56 - 000064000 _____ (Microsoft Corporation) C:\windows\system32\rtutils.dll
2020-02-11 20:03 - 2020-02-05 03:55 - 000894464 _____ (Microsoft Corporation) C:\windows\system32\webplatstorageserver.dll
2020-02-11 20:03 - 2020-02-05 03:55 - 000795648 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Security.Authentication.OnlineId.dll
2020-02-11 20:03 - 2020-02-05 03:55 - 000735744 _____ (Microsoft Corporation) C:\windows\SysWOW64\mssvp.dll
2020-02-11 20:03 - 2020-02-05 03:55 - 000729088 _____ (Microsoft Corporation) C:\windows\SysWOW64\NMAA.dll
2020-02-11 20:03 - 2020-02-05 03:55 - 000726528 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2020-02-11 20:03 - 2020-02-05 03:55 - 000713216 _____ (Microsoft Corporation) C:\windows\SysWOW64\BingOnlineServices.dll
2020-02-11 20:03 - 2020-02-05 03:55 - 000705024 _____ (Microsoft Corporation) C:\windows\SysWOW64\MapControlCore.dll
2020-02-11 20:03 - 2020-02-05 03:55 - 000345088 _____ (Microsoft Corporation) C:\windows\SysWOW64\SearchProtocolHost.exe
2020-02-11 20:03 - 2020-02-05 03:55 - 000089088 _____ (Microsoft Corporation) C:\windows\system32\keyiso.dll
2020-02-11 20:03 - 2020-02-05 03:54 - 003381248 _____ (Microsoft Corporation) C:\windows\system32\MapRouter.dll
2020-02-11 20:03 - 2020-02-05 03:54 - 002929152 _____ (Microsoft Corporation) C:\windows\system32\xpsservices.dll
2020-02-11 20:03 - 2020-02-05 03:54 - 002825728 _____ (Microsoft Corporation) C:\windows\system32\MapGeocoder.dll
2020-02-11 20:03 - 2020-02-05 03:54 - 001932288 _____ (Microsoft Corporation) C:\windows\system32\edgeangle.dll
2020-02-11 20:03 - 2020-02-05 03:54 - 001708544 _____ (Microsoft Corporation) C:\windows\system32\MSPhotography.dll
2020-02-11 20:03 - 2020-02-05 03:54 - 001549824 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2020-02-11 20:03 - 2020-02-05 03:54 - 001218048 _____ (Microsoft Corporation) C:\windows\system32\rdpcore.dll
2020-02-11 20:03 - 2020-02-05 03:54 - 000972800 _____ (Microsoft Corporation) C:\windows\system32\sysmain.dll
2020-02-11 20:03 - 2020-02-05 03:54 - 000808960 _____ (Microsoft Corporation) C:\windows\system32\EdgeManager.dll
2020-02-11 20:03 - 2020-02-05 03:54 - 000396800 _____ (Microsoft Corporation) C:\windows\system32\profsvc.dll
2020-02-11 20:03 - 2020-02-05 03:53 - 002179584 _____ (Microsoft Corporation) C:\windows\system32\AppXDeploymentExtensions.onecore.dll
2020-02-11 20:03 - 2020-02-05 03:53 - 001563648 _____ (Microsoft Corporation) C:\windows\system32\AppXDeploymentExtensions.desktop.dll
2020-02-11 20:03 - 2020-02-05 03:53 - 001023488 _____ (Microsoft Corporation) C:\windows\system32\ShareHost.dll
2020-02-11 20:03 - 2020-02-05 03:53 - 000686592 _____ (Microsoft Corporation) C:\windows\system32\AudioEndpointBuilder.dll
2020-02-11 20:03 - 2020-02-05 03:53 - 000491520 _____ (Microsoft Corporation) C:\windows\system32\defragsvc.dll
2020-02-11 20:03 - 2020-02-05 03:52 - 001264640 _____ (Microsoft Corporation) C:\windows\system32\JpMapControl.dll
2020-02-11 20:03 - 2020-02-05 03:52 - 001225216 _____ (Microsoft Corporation) C:\windows\system32\MapsStore.dll
2020-02-11 20:03 - 2020-02-05 03:52 - 000604672 _____ (Microsoft Corporation) C:\windows\system32\ipnathlp.dll
2020-02-11 20:03 - 2020-02-05 03:51 - 001724928 _____ (Microsoft Corporation) C:\windows\system32\rdpserverbase.dll
2020-02-11 20:03 - 2020-02-05 03:51 - 001421312 _____ (Microsoft Corporation) C:\windows\system32\rdpbase.dll
2020-02-11 20:03 - 2020-02-05 03:51 - 001084928 _____ (Microsoft Corporation) C:\windows\system32\wifinetworkmanager.dll
2020-02-11 20:03 - 2020-02-05 03:51 - 000943616 _____ (Microsoft Corporation) C:\windows\system32\BingOnlineServices.dll
2020-02-11 20:03 - 2020-02-05 03:51 - 000927232 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.dll
2020-02-11 20:03 - 2020-02-05 03:51 - 000896000 _____ (Microsoft Corporation) C:\windows\system32\Windows.Security.Authentication.OnlineId.dll
2020-02-11 20:03 - 2020-02-05 03:51 - 000884736 _____ (Microsoft Corporation) C:\windows\system32\MapControlCore.dll
2020-02-11 20:03 - 2020-02-05 03:51 - 000884224 _____ (Microsoft Corporation) C:\windows\system32\NMAA.dll
2020-02-11 20:03 - 2020-02-05 03:51 - 000796672 _____ (Microsoft Corporation) C:\windows\system32\mssvp.dll
2020-02-11 20:03 - 2020-02-05 03:51 - 000776704 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2020-02-11 20:03 - 2020-02-05 03:51 - 000637440 _____ (Microsoft Corporation) C:\windows\system32\cdpsvc.dll
2020-02-11 20:03 - 2020-02-05 03:51 - 000406528 _____ (Microsoft Corporation) C:\windows\system32\SearchProtocolHost.exe
2020-02-11 20:03 - 2020-02-05 03:51 - 000176640 _____ (Microsoft Corporation) C:\windows\system32\mssph.dll
2020-02-11 20:03 - 2020-02-05 02:31 - 000001314 _____ C:\windows\system32\tcbres.wim
2020-02-11 20:03 - 2019-08-07 05:08 - 000710232 _____ (Microsoft Corporation) C:\windows\system32\Drivers\cng.sys
2020-02-11 20:03 - 2019-08-07 05:08 - 000170296 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2020-02-04 00:13 - 2020-02-04 00:13 - 000003518 _____ C:\windows\system32\Tasks\AdobeGCInvoker-1.0
2020-02-03 23:28 - 2020-02-03 23:28 - 000000000 ____D C:\Users\usuario\AppData\Local\DBFighterZ
2020-02-03 23:04 - 2020-02-03 23:04 - 000000222 _____ C:\Users\usuario\Desktop\DRAGON BALL FighterZ.url
2020-02-03 17:17 - 2020-02-03 17:17 - 000000219 _____ C:\Users\usuario\Desktop\Portal 2.url
2020-02-02 19:22 - 2020-02-02 19:52 - 1065696976 ____H C:\Users\usuario\Downloads\.getxfer.1252.2.mega
2020-02-02 19:17 - 2020-02-02 19:17 - 000000000 ____D C:\Users\usuario\AppData\Local\MegaDownloader
2020-02-02 15:40 - 2020-02-02 15:40 - 000000000 ____D C:\Users\usuario\AppData\Local\SKIDROW
2020-02-02 14:54 - 2020-02-03 04:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hydrogen - 0.9.7
2020-02-02 14:54 - 2020-02-02 14:54 - 000000000 ____D C:\Program Files (x86)\Hydrogen
2020-02-02 14:43 - 2020-02-02 14:43 - 000000000 ____D C:\Program Files (x86)\Valve
2020-02-02 14:10 - 2020-02-03 12:02 - 000000000 ___HD C:\$WINDOWS.~BT
2020-02-02 13:45 - 2020-02-02 14:06 - 000000000 ___HD C:\$GetCurrent
2020-02-01 12:14 - 2020-02-01 18:34 - 000000000 ____D C:\Users\usuario\AppData\LocalLow\uTorrent
2020-01-31 20:49 - 2020-02-02 15:39 - 000000000 ____D C:\Users\usuario\Downloads\Portal 2 [MULTI6][PCDVD][SKIDROW][WwW.GamesTorrents.CoM]
2020-01-31 00:02 - 2020-01-31 00:02 - 000000000 ____D C:\Users\usuario\AppData\Local\ElevatedDiagnostics
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-03-01 16:53 - 2019-01-10 17:35 - 000000000 ____D C:\Users\usuario\Desktop\Fran
2020-03-01 16:40 - 2019-01-03 22:37 - 000000000 ____D C:\ProgramData\NVIDIA
2020-03-01 16:38 - 2019-01-06 15:13 - 000000000 ___RD C:\Users\usuario\OneDrive
2020-03-01 16:37 - 2018-04-11 20:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-03-01 16:36 - 2019-01-06 15:11 - 000000000 __SHD C:\Users\usuario\IntelGraphicsProfiles
2020-03-01 16:34 - 2019-03-03 15:23 - 000000006 ____H C:\windows\Tasks\SA.DAT
2020-03-01 16:32 - 2019-01-06 15:37 - 000000000 ____D C:\Program Files\Panda Security URL Filtering
2020-03-01 16:32 - 2018-04-11 18:04 - 000786432 _____ C:\windows\system32\config\BBI
2020-03-01 16:31 - 2018-04-11 20:38 - 000000000 ____D C:\windows\AppReadiness
2020-03-01 16:27 - 2019-02-04 22:38 - 000000000 ____D C:\Program Files (x86)\Steam
2020-03-01 16:27 - 2018-04-11 20:38 - 000000000 ____D C:\windows\LiveKernelReports
2020-03-01 16:27 - 2018-04-11 20:36 - 000000000 ____D C:\windows\INF
2020-03-01 16:13 - 2019-03-03 15:23 - 000000000 ____D C:\windows\system32\Drivers\wd
2020-03-01 16:06 - 2019-03-03 19:18 - 000785764 _____ C:\windows\system32\perfh00A.dat
2020-03-01 16:06 - 2019-03-03 19:18 - 000154952 _____ C:\windows\system32\perfc00A.dat
2020-03-01 16:06 - 2019-03-03 15:11 - 001864256 _____ C:\windows\system32\PerfStringBackup.INI
2020-03-01 16:00 - 2019-03-24 15:02 - 000000000 ____D C:\Users\usuario\AppData\LocalLow\IObit
2020-03-01 16:00 - 2019-03-24 15:01 - 000000000 ____D C:\ProgramData\IObit
2020-03-01 16:00 - 2019-03-24 15:01 - 000000000 ____D C:\Program Files (x86)\IObit
2020-03-01 16:00 - 2019-03-24 14:59 - 000000000 ____D C:\Users\usuario\AppData\Roaming\IObit
2020-03-01 15:44 - 2018-04-11 20:38 - 000000000 ____D C:\windows\ELAMBKUP
2020-03-01 15:11 - 2019-03-03 14:45 - 000000000 ____D C:\windows\system32\SleepStudy
2020-03-01 04:55 - 2019-02-05 21:58 - 000000000 ____D C:\Users\usuario\AppData\Roaming\Discord
2020-03-01 02:50 - 2019-08-30 23:14 - 000000000 ____D C:\Users\usuario\AppData\Roaming\Blitz
2020-03-01 00:07 - 2019-11-20 16:05 - 000004224 _____ C:\windows\system32\Tasks\User_Feed_Synchronization-{12EC82A9-D10A-4EB0-86EF-AE3FB1BAB794}
2020-02-29 23:15 - 2019-08-30 23:14 - 000000000 ____D C:\Users\usuario\AppData\Roaming\Blitz-helpers
2020-02-29 23:13 - 2019-09-14 14:34 - 000000000 ____D C:\Users\usuario\AppData\Local\Blitz
2020-02-29 17:41 - 2019-02-13 13:59 - 000000000 ____D C:\Users\usuario\AppData\Local\CrashDumps
2020-02-28 03:02 - 2019-03-06 19:06 - 000000000 ____D C:\Users\usuario\AppData\Local\D3DSCache
2020-02-28 02:18 - 2018-04-11 20:38 - 000000000 ___HD C:\Program Files\WindowsApps
2020-02-28 01:46 - 2019-03-03 14:45 - 005187296 _____ C:\windows\system32\FNTCACHE.DAT
2020-02-28 01:41 - 2018-04-11 20:30 - 000000000 ____D C:\windows\CbsTemp
2020-02-28 01:29 - 2020-01-29 19:29 - 000000000 ____D C:\Users\usuario\AppData\Roaming\Adobe
2020-02-28 01:28 - 2019-10-07 22:07 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2020-02-28 01:28 - 2019-10-07 22:07 - 000000000 ___HD C:\ProgramData\Documents\AdobeGCData
2020-02-27 01:31 - 2019-02-05 21:58 - 000000000 ____D C:\Users\usuario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc
2020-02-27 01:30 - 2019-02-05 21:58 - 000000000 ____D C:\Users\usuario\AppData\Local\Discord
2020-02-26 19:10 - 2019-02-04 16:19 - 000000000 ____D C:\Users\usuario\AppData\Roaming\Spotify
2020-02-25 23:18 - 2019-11-24 18:05 - 000000000 ____D C:\Users\usuario\Downloads\rars que capaz necesite
2020-02-25 17:42 - 2019-02-04 16:23 - 000000000 ____D C:\Users\usuario\AppData\Local\Spotify
2020-02-24 20:48 - 2019-02-07 20:50 - 000000000 ____D C:\Users\usuario\AppData\Roaming\Origin
2020-02-24 20:14 - 2019-08-30 23:20 - 000007605 _____ C:\Users\usuario\AppData\Local\Resmon.ResmonCfg
2020-02-24 15:28 - 2018-04-11 20:38 - 000000000 ____D C:\windows\system32\NDF
2020-02-24 15:10 - 2019-03-25 19:15 - 000002306 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-02-24 15:10 - 2019-03-25 19:15 - 000002265 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-02-24 15:10 - 2019-03-25 19:15 - 000002265 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2020-02-24 03:28 - 2019-03-03 14:55 - 000000000 ____D C:\Users\usuario
2020-02-12 18:08 - 2018-04-11 20:38 - 000000000 ____D C:\windows\system32\SecureBootUpdates
2020-02-12 18:07 - 2019-03-02 13:41 - 000000000 ____D C:\windows\system32\MRT
2020-02-12 18:05 - 2019-03-02 13:41 - 120407888 ____C (Microsoft Corporation) C:\windows\system32\MRT.exe
2020-02-12 02:09 - 2018-04-11 20:38 - 000000000 ____D C:\windows\TextInput
2020-02-12 02:09 - 2018-04-11 20:38 - 000000000 ____D C:\windows\SysWOW64\oobe
2020-02-12 02:09 - 2018-04-11 20:38 - 000000000 ____D C:\windows\SysWOW64\Dism
2020-02-12 02:09 - 2018-04-11 20:38 - 000000000 ____D C:\windows\system32\SystemResetPlatform
2020-02-12 02:09 - 2018-04-11 20:38 - 000000000 ____D C:\windows\system32\oobe
2020-02-12 02:09 - 2018-04-11 20:38 - 000000000 ____D C:\windows\ShellExperiences
2020-02-12 02:09 - 2018-04-11 20:38 - 000000000 ____D C:\windows\bcastdvr
2020-02-12 02:09 - 2018-04-11 18:04 - 000000000 ____D C:\windows\system32\Dism
2020-02-12 02:09 - 2018-04-11 18:04 - 000000000 ____D C:\windows\servicing
2020-02-04 21:31 - 2019-03-25 19:14 - 000003558 _____ C:\windows\system32\Tasks\GoogleUpdateTaskMachineUA
2020-02-04 21:31 - 2019-03-25 19:14 - 000003434 _____ C:\windows\system32\Tasks\GoogleUpdateTaskMachineCore
2020-02-03 23:33 - 2019-06-12 17:51 - 000000000 ____D C:\Users\usuario\AppData\Local\UnrealEngine
2020-02-03 23:32 - 2019-02-08 12:03 - 000000000 ____D C:\Users\usuario\AppData\Roaming\EasyAntiCheat
2020-02-03 23:15 - 2019-12-16 00:05 - 000001456 _____ C:\Users\usuario\AppData\Local\Adobe Guardar para Web 13.0 Prefs
2020-02-03 23:04 - 2019-02-17 19:33 - 000000000 ____D C:\Users\usuario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2020-02-03 18:00 - 2019-02-14 14:19 - 000000000 ____D C:\Games
2020-02-03 17:57 - 2019-06-12 17:59 - 000000000 ____D C:\Program Files\Epic Games
2020-02-03 17:34 - 2020-01-14 19:01 - 000000000 ____D C:\Users\usuario\AppData\Roaming\Adobe-BackupByPhotoshopCS6Portable
2020-02-03 12:06 - 2019-01-10 17:14 - 000000000 ____D C:\Users\usuario\AppData\Local\Hewlett-Packard
2020-02-03 04:58 - 2019-12-28 16:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TunesKit Spotify Converter
2020-02-03 04:58 - 2019-12-17 23:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OBS Studio
2020-02-03 04:58 - 2019-11-12 20:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2020-02-03 04:58 - 2019-10-30 23:45 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Herramientas de Microsoft Office 2016
2020-02-03 04:58 - 2019-10-30 23:40 - 000000000 ____D C:\windows\SHELLNEW
2020-02-03 04:58 - 2019-10-30 01:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2020-02-03 04:58 - 2019-10-24 19:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 7
2020-02-03 04:58 - 2019-10-10 18:38 - 000000000 ____D C:\windows\SysWOW64\%LOCALAPPDATA%
2020-02-03 04:58 - 2019-08-10 15:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2020-02-03 04:58 - 2019-07-08 14:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Audition CS6
2020-02-03 04:58 - 2019-06-19 14:32 - 000000000 ____D C:\Program Files\UNP
2020-02-03 04:58 - 2019-05-22 21:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Los Sims 4
2020-02-03 04:58 - 2019-04-20 16:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\League of Legends
2020-02-03 04:58 - 2019-04-02 17:03 - 000000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2020-02-03 04:58 - 2019-03-11 23:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dragonball Xenoverse
2020-02-03 04:58 - 2019-02-19 13:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cuphead
2020-02-03 04:58 - 2019-02-09 20:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Image-Line
2020-02-03 04:58 - 2019-02-05 12:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Dome
2020-02-03 04:58 - 2019-02-04 22:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2020-02-03 04:58 - 2019-01-06 15:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2020-02-03 04:58 - 2019-01-03 23:00 - 000000000 ____D C:\windows\SysWOW64\WildTangent
2020-02-03 04:58 - 2019-01-03 22:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2020-02-03 04:58 - 2019-01-03 22:36 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2020-02-03 04:58 - 2019-01-03 22:34 - 000000000 ____D C:\Program Files (x86)\Realtek
2020-02-03 04:58 - 2019-01-03 22:33 - 000000000 ____D C:\windows\system32\Intel
2020-02-03 04:58 - 2019-01-03 22:33 - 000000000 ____D C:\Program Files\Intel
2020-02-03 04:58 - 2018-04-11 20:38 - 000000000 ____D C:\windows\SysWOW64\GroupPolicy
2020-02-03 04:58 - 2018-04-11 20:38 - 000000000 ____D C:\windows\system32\WinBioDatabase
2020-02-03 04:58 - 2018-04-11 20:38 - 000000000 ____D C:\windows\system32\spool
2020-02-03 04:58 - 2018-04-11 20:38 - 000000000 ____D C:\windows\system32\MsDtc
2020-02-03 04:58 - 2018-04-11 20:38 - 000000000 ____D C:\windows\system32\catroot2.old
2020-02-03 04:58 - 2018-04-11 20:38 - 000000000 ____D C:\windows\Registration
2020-02-03 04:58 - 2018-04-11 20:38 - 000000000 ____D C:\windows\Help
2020-02-03 04:58 - 2018-04-11 20:38 - 000000000 ____D C:\Program Files\Common Files\system
2020-02-03 04:58 - 2018-04-11 20:38 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2020-02-03 04:58 - 2018-03-20 09:06 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support
2020-02-03 04:58 - 2018-03-20 09:06 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2020-02-03 04:58 - 2017-10-05 20:38 - 000000000 __RHD C:\Users\Public\AccountPictures
2020-02-03 04:58 - 2017-09-29 10:46 - 000000000 ____D C:\windows\system32\GroupPolicy
2020-02-03 04:57 - 2019-08-30 23:14 - 000000000 ____D C:\Users\usuario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Blitz Inc
2020-02-03 04:57 - 2019-04-02 15:43 - 000000000 ____D C:\Users\usuario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MEGAsync
2020-02-03 04:57 - 2019-02-09 20:51 - 000000000 ____D C:\Users\usuario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line
2020-02-03 04:57 - 2019-01-23 22:27 - 000000000 ____D C:\Users\usuario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASIO4ALL v2
2020-02-03 04:57 - 2019-01-06 15:25 - 000000000 ____D C:\Users\usuario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2020-02-02 23:38 - 2019-03-25 19:18 - 000000000 ____D C:\Temp
2020-02-02 23:38 - 2019-01-03 22:37 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2020-02-02 23:36 - 2019-01-03 22:36 - 000000000 ____D C:\Program Files (x86)\VulkanRT
2020-02-02 19:14 - 2019-04-02 15:46 - 000000000 ___RD C:\Users\usuario\Documents\MEGA
2020-02-02 15:57 - 2019-03-03 15:23 - 000001908 _____ C:\windows\diagwrn.xml
2020-02-02 15:57 - 2019-03-03 15:23 - 000001908 _____ C:\windows\diagerr.xml
2020-02-02 15:56 - 2019-03-02 16:17 - 000000000 ___DC C:\windows\Panther
2020-02-02 15:27 - 2019-03-03 15:23 - 000000000 ____D C:\windows\system32\Tasks\Hewlett-Packard
2020-02-02 15:27 - 2018-03-20 09:06 - 000000000 ____D C:\Program Files (x86)\Hewlett-Packard
2020-02-02 15:24 - 2019-01-06 15:11 - 000000000 ____D C:\Users\usuario\AppData\Local\HP
2020-02-02 15:24 - 2018-03-20 09:06 - 000000000 ____D C:\Program Files (x86)\HP
2020-02-02 15:09 - 2018-03-20 09:45 - 000000000 ____D C:\SWSetup
2020-02-02 14:09 - 2019-11-27 21:48 - 000000036 _____ C:\windows\progress.ini
2020-02-02 14:06 - 2019-11-27 20:43 - 000000000 ____D C:\Windows10Upgrade
2020-02-01 18:34 - 2019-02-13 21:16 - 000000000 ____D C:\Users\usuario\AppData\Roaming\uTorrent
2020-02-01 14:24 - 2019-04-02 20:04 - 000000000 ____D C:\Users\usuario\AppData\Local\BitTorrentHelper
==================== Files in the root of some directories ========
2019-12-16 00:05 - 2020-02-03 23:15 - 000001456 _____ () C:\Users\usuario\AppData\Local\Adobe Guardar para Web 13.0 Prefs
2019-04-06 00:32 - 2019-12-06 21:59 - 000000205 _____ () C:\Users\usuario\AppData\Local\oobelibMkey.log
2019-08-30 23:20 - 2020-02-24 20:14 - 000007605 _____ () C:\Users\usuario\AppData\Local\Resmon.ResmonCfg
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
hasta aca corresponde al FRST.TXT
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 26-02-2020
Ran by usuario (01-03-2020 17:17:50)
Running from C:\Users\usuario\Desktop
Windows 10 Home Version 1803 17134.1304 (X64) (2019-03-03 18:26:14)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-4167822763-1012268071-2674635290-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-4167822763-1012268071-2674635290-503 - Limited - Disabled)
Guest (S-1-5-21-4167822763-1012268071-2674635290-501 - Limited - Disabled)
usuario (S-1-5-21-4167822763-1012268071-2674635290-1001 - Administrator - Enabled) => C:\Users\usuario
WDAGUtilityAccount (S-1-5-21-4167822763-1012268071-2674635290-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Panda Dome (Disabled - Up to date) {CF440CD9-5435-10B1-04E0-7768B6F10320}
AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Panda Dome (Disabled - Up to date) {7425ED3D-720F-1F3F-3E50-4C1ACD76499D}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKU\S-1-5-21-4167822763-1012268071-2674635290-1001\...\uTorrent) (Version: 3.5.5.45505 - BitTorrent Inc.)
Actualización de NVIDIA 38.0.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 38.0.4.0 - NVIDIA Corporation) Hidden
Adobe After Effects CC 2018 (HKLM-x32\...\AEFT_15_1_1) (Version: 15.1.1 - Adobe Systems Incorporated)
Adobe Audition CS6 (HKLM-x32\...\{2A069423-BB63-4E0E-842B-8535E28CD7F7}_is1) (Version: 5.0.0.708 - El Abuelo Sawa)
Adobe Premiere Pro CC 2017 (HKLM-x32\...\PPRO_11_0_0) (Version: 11.0.0 - Adobe Systems Incorporated)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.14 - Michael Tippach)
Asistente para actualización a Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22899 - Microsoft Corporation)
Blitz (HKU\S-1-5-21-4167822763-1012268071-2674635290-1001\...\Blitz) (Version: 1.6.24 - Blitz Inc.)
CCleaner (HKLM\...\CCleaner) (Version: - )
Cuphead (HKLM-x32\...\Cuphead_is1) (Version: - )
Discord (HKU\S-1-5-21-4167822763-1012268071-2674635290-1001\...\Discord) (Version: 0.0.306 - Discord Inc.)
Dragonball Xenoverse (HKLM-x32\...\Dragonball Xenoverse_is1) (Version: - )
Driver Booster (HKLM-x32\...\IObit Driver Booster Pro 7.0.2.407) (Version: - )
Eines de correcció del Microsoft Office 2016: català (HKLM\...\{90160000-001F-0403-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Energy Star (HKLM\...\{5CB22648-35F8-41BC-9C35-1E41FE6E12A5}) (Version: 1.1.1 - HP Inc.)
Epic Games Launcher (HKLM-x32\...\{BB514C00-3DAB-4E6E-8F41-58A61FA35851}) (Version: 1.1.206.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Ferramentas de verificación de Microsoft Office 2016 - Galego (HKLM\...\{90160000-001F-0456-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
FL Studio 20 (HKLM-x32\...\FL Studio 20) (Version: - Image-Line)
FL Studio ASIO (HKLM-x32\...\FL Studio ASIO) (Version: - Image-Line)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 80.0.3987.122 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.441 - Google LLC) Hidden
Herramientas de corrección de Microsoft Office 2016: español (HKLM\...\{90160000-001F-0C0A-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Hotline Miami (HKLM-x32\...\Hotline Miami_is1) (Version: - )
HP Audio Switch (HKLM-x32\...\{3A5141D4-47DB-4302-9B1C-272BE585BC8A}) (Version: 1.0.179.0 - HP Inc.)
HP Connection Optimizer (HKLM-x32\...\{6468C4A5-E47E-405F-B675-A70A70983EA6}) (Version: 2.0.15.0 - HP Inc.)
HP CoolSense (HKLM-x32\...\{ADE2F6A7-E7BD-4955-BD66-30903B223DDF}) (Version: 2.20.41 - Hewlett-Packard Company)
HP Documentation (HKLM\...\HP_Documentation) (Version: 1.0.0.0 - HP Inc.)
HP ePrint SW (HKLM-x32\...\{cdb5f70f-5107-4613-bf69-15de903b5b5d}) (Version: 5.5.22560 - HP Inc.)
HP JumpStart Apps (HKLM-x32\...\HP JumpStart Apps) (Version: 7.0.32 - HP Inc.)
HP JumpStart Bridge (HKLM-x32\...\{3FC961DB-BD36-4D8D-B276-0C456A2BB638}) (Version: 1.4.0.441 - HP Inc.)
HP JumpStart Launch (HKLM-x32\...\{F213102E-FD30-4E22-AF73-4C682D65FFEE}) (Version: 1.4.441.0 - HP Inc.)
HP PC Hardware Diagnostics Windows (HKLM-x32\...\{DF16F6E3-6550-468A-9C0C-306B4F60D501}) (Version: 1.5.8.0 - HP Inc.)
HP Support Assistant (HKLM-x32\...\{4AAC4B07-77EF-4BCF-88DC-D24E4DE683E8}) (Version: 8.8.24.33 - HP Inc.)
HP Support Solutions Framework (HKLM-x32\...\{63F82052-C045-4F97-A3CA-C41D2CCA1FFA}) (Version: 12.14.49.15 - HP Inc.)
HP System Event Utility (HKLM-x32\...\{57058272-92B0-4EFA-8FDD-ED3E5D689D37}) (Version: 1.4.32 - HP Inc.)
Hydrogen (Advanced drum machine for GNU/Linux) (HKLM-x32\...\ON) (Version: 0.9.7 - Hydrogen Developers)
Intel(R) C++ Redistributables on Intel(R) 64 (HKLM-x32\...\{F70BCE36-25F2-4475-A918-6209B3D85BF3}) (Version: 15.0.179 - Intel Corporation)
Intel(R) Chipset Device Software (HKLM-x32\...\{44ded3eb-1686-46a6-9770-fd79096c29f7}) (Version: 10.1.1.45 - Intel(R) Corporation) Hidden
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.3.10207.5567 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 1824.12.0.1140 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 24.20.100.6344 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 15.9.1.1020 - Intel Corporation)
Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.49.213.1 - Intel Corporation) Hidden
Intel(R) Trusted Connect Services Client (HKLM-x32\...\{3b132227-4567-48a1-9f85-0d0dad4346ee}) (Version: 1.49.213.1 - Intel Corporation) Hidden
Java 8 Update 231 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180231F0}) (Version: 8.0.2310.11 - Oracle Corporation)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
League of Legends (HKLM-x32\...\League of Legends 1.0) (Version: 1.0 - Riot Games, Inc)
Los Sims™ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.54.120.1020 - Electronic Arts Inc.)
Malwarebytes version 4.1.0.56 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.1.0.56 - Malwarebytes)
MEGAsync (HKLM-x32\...\MEGAsync) (Version: - Mega Limited)
Microsoft Age of Empires II (HKLM-x32\...\Age of Empires 2.0) (Version: - )
Microsoft Age of Empires II: The Conquerors Expansion (HKLM-x32\...\Age of Empires II: The Conquerors Expansion 1.0) (Version: - )
Microsoft Office Professional Plus 2016 (HKLM\...\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft OneDrive (HKU\.DEFAULT\...\OneDriveSetup.exe) (Version: 18.151.0729.0013 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-4167822763-1012268071-2674635290-1001\...\OneDriveSetup.exe) (Version: 19.232.1124.0008 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.21.27702 (HKLM-x32\...\{f4220b74-9edd-4ded-bc8b-0342c1e164d8}) (Version: 14.21.27702.2 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.21.27702 (HKLM-x32\...\{49697869-be8e-427d-81a0-c334d1d14950}) (Version: 14.21.27702.2 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
Native Instruments Controller Editor (HKLM-x32\...\Native Instruments Controller Editor) (Version: - Native Instruments)
Native Instruments Guitar Rig 5 (HKLM-x32\...\Native Instruments Guitar Rig 5) (Version: 5.2.0.2770 - Native Instruments)
Native Instruments Rig Kontrol 3 (HKLM-x32\...\Native Instruments Rig Kontrol 3) (Version: - Native Instruments)
Native Instruments Rig Kontrol 3 Driver (HKLM-x32\...\Native Instruments Rig Kontrol 3 Driver) (Version: - Native Instruments)
Native Instruments Service Center (HKLM-x32\...\Native Instruments Service Center) (Version: 2.4.4.1428 - Native Instruments)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.19 - NVIDIA Corporation) Hidden
NVIDIA Controlador de gráficos 441.87 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 441.87 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.20.2.34 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.2.34 - NVIDIA Corporation)
NVIDIA Software del sistema PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Origin (HKLM-x32\...\Origin) (Version: 10.5.46.29856 - Electronic Arts, Inc.)
Panda Devices Agent (HKLM-x32\...\{DB0164A2-ADE9-4FEE-B080-D506BDD6427F}) (Version: 1.08.09 - Panda Security) Hidden
Panda Devices Agent (HKLM-x32\...\Panda Devices Agent) (Version: 1.03.09 - Panda Security) Hidden
Panda Dome (HKLM\...\{DC22166B-6F26-4E2E-BFDE-CC3578246940}) (Version: 9.14.00 - Panda Security) Hidden
Panda Dome (HKLM-x32\...\Panda Universal Agent Endpoint) (Version: 18.6.0 - Panda Security)
Panel de control de NVIDIA 441.87 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 441.87 - NVIDIA Corporation) Hidden
REALTEK Bluetooth Driver (HKLM-x32\...\{9D3D8C60-A5EF-4123-B2B9-172095903AB}) (Version: 1.0.0.83 - REALTEK Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.23.1003.2017 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8581 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{A5107464-AA9B-4177-8129-5FF2F42DD322}) (Version: 1.0.0.108 - REALTEK Semiconductor Corp.)
Revisores de Texto do Microsoft Office 2016 – Português (Brasil) (HKLM\...\{90160000-001F-0416-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
RogueKiller versión 14.2.1.0 (HKLM\...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: 14.2.1.0 - Adlice Software)
Spotify (HKU\S-1-5-21-4167822763-1012268071-2674635290-1001\...\Spotify) (Version: 1.1.26.501.gbe11e53b - Spotify AB)
SpyHunter 5 (HKLM-x32\...\SpyHunter5) (Version: 5.8.7.163 - EnigmaSoft Limited)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TunesKit Spotify Converter 1.3.3.201 (HKLM-x32\...\TunesKit Spotify Converter_is1) (Version: - TunesKit, Inc.)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden
Update for Windows 10 for x64-based Systems (KB4480730) (HKLM\...\{3BAE4496-6F6C-4330-A8AA-B93D3D346FA5}) (Version: 2.53.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM\...\{F339C545-24DC-4870-AA32-6EB6B0500B95}) (Version: 1.24.0.0 - Microsoft Corporation) Hidden
Voobly Game Data (HKLM-x32\...\Voobly_is1) (Version: Voobly Game Datas - Voobly)
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.1.1.28 - WildTangent)
WildTangent Helper (HKLM-x32\...\{A39303AB-4898-4F12-BAA0-0B8630F86DB4}) (Version: 1.0.0.400 - WildTangent) Hidden
WildTangent ShortcutProvider (HKLM-x32\...\{80831F60-19D7-43B3-A60C-5CAF8C478DF6}) (Version: 1.0.0.36 - WildTangent) Hidden
WinRAR 5.40 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
Packages:
=========
Ajuste de espacio -> C:\Windows\SystemApps\RoomAdjustment_cw5n1h2txyewy [2019-03-03] (Microsoft Corporation)
Amazon -> C:\Program Files\WindowsApps\Amazon.com.Amazon_2018.519.2815.0_x64__343d40qqvtj1t [2020-02-18] (Amazon.com)
Descubrir la realidad mixta -> C:\Windows\SystemApps\MixedRealityLearning_cw5n1h2txyewy [2019-03-03] (Microsoft Corporation)
Dropbox promotion -> C:\Program Files\WindowsApps\C27EB4BA.DropboxOEM_20.4.3.0_x64__xbfy0k16fey96 [2020-01-15] (Dropbox Inc.)
ELAN Touchpad Setting -> C:\Program Files\WindowsApps\ELANMicroelectronicsCorpo.ELANTouchpadSetting_11.2.63.0_x64__stws0m115j6hg [2019-04-04] (ELAN Microelectronics Corporation)
HP JumpStart -> C:\Program Files\WindowsApps\AD2F1837.HPJumpStart_1.4.464.0_x86__v10z8vjag6ke6 [2019-01-03] (HP Inc.)
Instagram -> C:\Program Files\WindowsApps\Facebook.InstagramBeta_41.1788.50991.0_x86__8xx8rvfyw5nnt [2019-03-04] (Instagram)
Microsoft Access -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Access_16051.12527.20194.0_x86__8wekyb3d8bbwe [2020-02-28] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-03-02] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-03-02] (Microsoft Corporation) [MS Ad]
Microsoft Excel -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Excel_16051.12527.20194.0_x86__8wekyb3d8bbwe [2020-02-28] (Microsoft Corporation)
Microsoft Office Desktop Apps -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop_16051.12527.20194.0_x86__8wekyb3d8bbwe [2020-02-28] (Microsoft Corporation)
Microsoft Outlook -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Outlook_16051.12527.20194.0_x86__8wekyb3d8bbwe [2020-02-28] (Microsoft Corporation)
Microsoft PowerPoint -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.PowerPoint_16051.12527.20194.0_x86__8wekyb3d8bbwe [2020-02-28] (Microsoft Corporation)
Microsoft Publisher -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Publisher_16051.12527.20194.0_x86__8wekyb3d8bbwe [2020-02-28] (Microsoft Corporation)
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.5.12061.0_x64__8wekyb3d8bbwe [2019-12-11] (Microsoft Studios) [MS Ad]
Microsoft Word -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Word_16051.12527.20194.0_x86__8wekyb3d8bbwe [2020-02-28] (Microsoft Corporation)
MPEG-2 Video Extension -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.22661.0_x64__8wekyb3d8bbwe [2019-09-24] (Microsoft Corporation)
MSN Weather -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.34.13393.0_x64__8wekyb3d8bbwe [2019-12-17] (Microsoft Corporation) [MS Ad]
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.95.602.0_x64__mcm4njqhnhss8 [2019-10-24] (Netflix, Inc.)
Novedades para ti -> C:\Windows\SystemApps\WhatsNew_cw5n1h2txyewy [2019-03-03] (Microsoft Corporation)
Priceline.com: The Best Deals on Hotels, Flights and Rental Cars -> C:\Program Files\WindowsApps\PricelinePartnerNetwork.Priceline.comTheBestDealso_1.4.4.0_x64__mgae2k3ys4ra0 [2019-03-02] (Priceline Partner Network)
Sign In -> C:\Windows\SystemApps\WebAuthBridgeInternet_cw5n1h2txyewy [2019-03-03] (ms-resource:PublisherDisplayName)
Sign In -> C:\Windows\SystemApps\WebAuthBridgeInternetSso_cw5n1h2txyewy [2019-03-03] (ms-resource:PublisherDisplayName)
Sign In -> C:\Windows\SystemApps\WebAuthBridgeIntranetSso_cw5n1h2txyewy [2019-03-03] (ms-resource:PublisherDisplayName)
Simple Solitaire -> C:\Program Files\WindowsApps\26720RandomSaladGamesLLC.SimpleSolitaire_6.17.77.0_x64__kx24dqmazqk8j [2020-02-25] (Random Salad Games LLC) [MS Ad]
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.Twitter_6.1.4.1000_neutral__wgeqdkkx372wm [2019-04-12] (Twitter Inc.)
WildTangent Games -> C:\Program Files\WindowsApps\WildTangentGames.63435CFB65F55_2.0.82.0_x64__qt5r5pa5dyg8m [2019-12-23] (WildTangent Games)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-4167822763-1012268071-2674635290-1001_Classes\CLSID\{9ADA7872-3FEE-4A4D-8A91-67AC7AC4DB38} -> [MEGA] => C:\Users\usuario\Documents\MEGA [2019-04-02 15:46]
CustomCLSID: HKU\S-1-5-21-4167822763-1012268071-2674635290-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems Incorporated -> Adobe Systems)
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\usuario\AppData\Local\MEGAsync\ShellExtX64.dll [2019-09-27] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\usuario\AppData\Local\MEGAsync\ShellExtX64.dll [2019-09-27] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\usuario\AppData\Local\MEGAsync\ShellExtX64.dll [2019-09-27] (Mega Limited -> )
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\usuario\AppData\Local\MEGAsync\ShellExtX64.dll [2019-09-27] (Mega Limited -> )
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\usuario\AppData\Local\MEGAsync\ShellExtX64.dll [2019-09-27] (Mega Limited -> )
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\usuario\AppData\Local\MEGAsync\ShellExtX64.dll [2019-09-27] (Mega Limited -> )
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\usuario\AppData\Local\MEGAsync\ShellExtX64.dll [2019-09-27] (Mega Limited -> )
ContextMenuHandlers1: [UAContextMenu] -> {A9B8E64D-3F7E-4D32-8FC9-E391DEE67D75} => C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAShell.dll [2018-05-30] (Panda Security S.L. -> Panda Security, S.L.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-15] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-15] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\usuario\AppData\Local\MEGAsync\ShellExtX64.dll [2019-09-27] (Mega Limited -> )
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-03-01] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\usuario\AppData\Local\MEGAsync\ShellExtX64.dll [2019-09-27] (Mega Limited -> )
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\usuario\AppData\Local\MEGAsync\ShellExtX64.dll [2019-09-27] (Mega Limited -> )
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\ki130350.inf_amd64_696b7c6764071b63\igfxDTCM.dll [2019-03-02] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\windows\system32\nvshext.dll [2019-12-24] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-03-01] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [UAContextMenu] -> {A9B8E64D-3F7E-4D32-8FC9-E391DEE67D75} => C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAShell.dll [2018-05-30] (Panda Security S.L. -> Panda Security, S.L.)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-15] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-15] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Drivers32: [msacm.vorbis] => C:\windows\system32\vorbis.acm [1470976 2015-03-11] (HMS hxxp://hp.vector.co.jp/authors/VA012897/) [File not signed]
HKLM\...\Drivers32: [msacm.vorbis] => C:\Windows\SysWOW64\vorbis.acm [1554944 2015-03-11] (HMS hxxp://hp.vector.co.jp/authors/VA012897/) [File not signed]
HKLM\...\Drivers32: [vidc.VP60] => C:\WINDOWS\SysWOW64\vp6vfw.dll [447752 2014-09-16] (Electronic Arts -> On2.com)
HKLM\...\Drivers32: [vidc.VP61] => C:\WINDOWS\SysWOW64\vp6vfw.dll [447752 2014-09-16] (Electronic Arts -> On2.com)
HKLM\...\Drivers32: [vidc.iv50] => C:\windows\SysWOW64\ir50_32original.dll [746496 2018-04-11] (Microsoft Windows -> Intel Corporation)
HKLM\...\Drivers32: [msacm.iac2] => C:\windows\SysWOW64\iac25_32.ax [197632 2018-04-11] (Microsoft Windows -> Intel Corporation)
HKLM\...\Drivers32: [VIDC.IV41] => C:\Windows\SysWOW64\IR41_32.AX [9216 2018-04-11] (Microsoft Windows -> Microsoft Corporation)
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2020-02-28 03:10 - 2020-02-28 03:10 - 000138240 _____ ( ) [File not signed] C:\windows\assembly\NativeImages_v4.0.30319_32\Interop.IWs06dcaa36#\a64d3d3189f6ee1286e36461e829ca47\Interop.IWshRuntimeLibrary.ni.dll
2020-02-28 03:04 - 2020-02-28 03:04 - 000160768 _____ () [File not signed] C:\windows\assembly\NativeImages_v4.0.30319_32\BRIDGECommon\4f4f63097e8351dd63d41c9f2d3bffea\BRIDGECommon.ni.dll
2020-02-28 03:07 - 2020-02-28 03:07 - 000125440 _____ () [File not signed] C:\windows\assembly\NativeImages_v4.0.30319_32\BridgeExtension\a48d1a85125e1223e006b08de0153ccd\BridgeExtension.ni.dll
2020-02-28 03:08 - 2020-02-28 03:08 - 000395264 _____ () [File not signed] C:\windows\assembly\NativeImages_v4.0.30319_32\CleanStartController\c4cb51f46e15a4179c1d487a73228ddd\CleanStartController.ni.dll
2020-02-28 03:08 - 2020-02-28 03:08 - 000145920 _____ () [File not signed] C:\windows\assembly\NativeImages_v4.0.30319_32\Registratio4eabc192#\201be6536f7ce748f602921911b9b238\RegistrationUtilities.ni.dll
2020-02-28 03:10 - 2020-02-28 03:10 - 000134656 _____ (hardcodet.net) [File not signed] C:\windows\assembly\NativeImages_v4.0.30319_32\Hardcodet.W6cab32f3#\7c0b5ff579ab4cb0b0bf9b2664ee678d\Hardcodet.Wpf.TaskbarNotification.ni.dll
2020-02-28 03:07 - 2020-02-28 03:07 - 000136192 _____ (HP Inc.) [File not signed] C:\windows\assembly\NativeImages_v4.0.30319_32\CommonPortable\8bcff7975d0973d9051a045d29d80b3d\CommonPortable.ni.dll
2020-02-28 03:10 - 2020-02-28 03:10 - 001701888 _____ (Mark Heath & Contributors) [File not signed] C:\windows\assembly\NativeImages_v4.0.30319_32\NAudio\06469fbfa074d6feeb56e17503887ff3\NAudio.ni.dll
2020-02-28 03:10 - 2020-02-28 03:10 - 003060736 _____ (Newtonsoft) [File not signed] C:\windows\assembly\NativeImages_v4.0.30319_32\Newtonsoft.Json\84dce829f712f5fbefbd9d845a22cf78\Newtonsoft.Json.ni.dll
2020-02-28 03:04 - 2020-02-28 03:04 - 002306560 _____ (Newtonsoft) [File not signed] C:\windows\assembly\NativeImages_v4.0.30319_32\Newtonsoft.Json\8f223f26f56a5085078c4f1713075f39\Newtonsoft.Json.ni.dll
2020-02-28 03:10 - 2020-02-28 03:10 - 000793088 _____ (The Apache Software Foundation) [File not signed] C:\windows\assembly\NativeImages_v4.0.30319_32\log4net\c4f23578b894af3dd1593b70a2b2b400\log4net.ni.dll
==================== Alternate Data Streams (Whitelisted) ========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Users\usuario\OneDrive:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.SyncRootIdentity [118]
AlternateDataStreams: C:\Users\usuario\AppData\Local\5beZCtQuE70c:OAFUXjuWT8rxgvKs25cEZC011TW [1898]
AlternateDataStreams: C:\Users\usuario\AppData\Local\Temp:SJu2r1heB8Qznt8lcBgUT73Wg [2260]
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) =================
==================== Internet Explorer trusted/restricted ==========
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2017-09-29 10:46 - 2017-09-29 10:44 - 000000824 _____ C:\windows\system32\drivers\etc\hosts
2019-11-05 21:15 - 2019-11-05 21:15 - 000000375 _____ C:\windows\system32\drivers\etc\hosts.ics
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Program Files (x86)\Common Files\Intel\Shared Libraries\redist\intel64\compiler;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\iCLS\;C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\;C:\windows\system32;C:\windows;C:\windows\System32\Wbem;C:\windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR
HKU\S-1-5-21-4167822763-1012268071-2674635290-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\usuario\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\427408.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\Run32: => "LogMeIn Hamachi Ui"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "RadminVPN"
HKU\S-1-5-21-4167822763-1012268071-2674635290-1001\...\StartupApproved\StartupFolder: => "MEGAsync.lnk"
HKU\S-1-5-21-4167822763-1012268071-2674635290-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-4167822763-1012268071-2674635290-1001\...\StartupApproved\Run: => "EpicGamesLauncher"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{EB6CB2CC-A8BC-43FA-A64F-6BC155D1D7FB}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{ED157770-BF68-4462-AD8A-69BE2DB953A7}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{42E444F5-84DD-48A7-9ACC-ED83020C1E4F}] => (Allow) C:\Users\usuario\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{9CD662AF-C01A-4AEF-B637-54DB28C815B2}] => (Allow) C:\Users\usuario\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [UDP Query User{835CEA8A-ED0F-4590-B7F7-027B7C95B2AC}C:\users\usuario\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\usuario\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{9C23F443-A6AD-407A-9513-53601A6DBF95}C:\users\usuario\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\usuario\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{F9467BFC-B673-475C-9C2B-DDE090526CCF}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{3BD96FD0-5778-4454-B917-0FE4C991F610}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [UDP Query User{8B56A065-5B78-4935-BE0F-756D4D6D0F81}C:\users\usuario\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\usuario\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{33DD0E56-5E27-4825-929C-7E00E5AB4F03}C:\users\usuario\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\usuario\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{933D3AB8-277C-4176-A17B-215846CB3C8E}C:\riot games\league of legends\game\league of legends.exe] => (Allow) C:\riot games\league of legends\game\league of legends.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [UDP Query User{7BB33F6F-8082-497B-8A3D-67022F7D783E}C:\riot games\league of legends\game\league of legends.exe] => (Allow) C:\riot games\league of legends\game\league of legends.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [TCP Query User{C9B0877B-4D04-4871-9259-646B1BDDFE4F}C:\riot games\league of legends\game\league of legends.exe] => (Allow) C:\riot games\league of legends\game\league of legends.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [UDP Query User{9ED7A062-9C46-4972-BF28-944922685599}C:\riot games\league of legends\game\league of legends.exe] => (Allow) C:\riot games\league of legends\game\league of legends.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [{27F714EF-C539-40CF-BAC6-D876A4EAE77D}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4.exe (Electronic Arts, Inc. -> Electronic Arts Inc.)
FirewallRules: [{0BEC3B86-2202-4FA4-9CE9-71068FB4C445}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4.exe (Electronic Arts, Inc. -> Electronic Arts Inc.)
FirewallRules: [{FE4F0521-F785-45DA-AFA9-37C5847D310F}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4_x64.exe (Electronic Arts, Inc. -> Electronic Arts Inc.)
FirewallRules: [{90BD853E-F807-4CF7-951D-94493699353A}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4_x64.exe (Electronic Arts, Inc. -> Electronic Arts Inc.)
FirewallRules: [TCP Query User{416000BC-0630-4198-9C69-AC33F940B82B}C:\users\usuario\appdata\local\blitz\current\blitz.exe] => (Allow) C:\users\usuario\appdata\local\blitz\current\blitz.exe (Swift Media Entertainment, Inc. -> Blitz Inc.)
FirewallRules: [UDP Query User{DDBF52BD-BF4E-4492-BBCB-CA7A15FCBD88}C:\users\usuario\appdata\local\blitz\current\blitz.exe] => (Allow) C:\users\usuario\appdata\local\blitz\current\blitz.exe (Swift Media Entertainment, Inc. -> Blitz Inc.)
FirewallRules: [{77C0DF13-4A37-43CF-B8BA-7C36A6DB4A2E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{CF62302B-DA25-48BB-AC1F-DA2B1A3868F7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{31DF3FD0-0462-4F2A-BCC7-D5BD3EB987BD}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{327F374F-0239-44B1-9ED6-6C4A9015C1A8}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{371286F6-6E70-4A42-8060-267CE102B574}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{87BC8331-8BB6-4725-A8A0-A5D02A59F36C}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{873F7DB1-BB29-4953-852F-2CE3B645E997}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{79F9DDCD-F6FE-4793-A1DB-049612533BAD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{22E4F0EF-78D3-4958-B1DF-D6B8B59754CF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GarrysMod\hl2.exe () [File not signed]
FirewallRules: [{DDFAECCA-407E-4297-8532-CA9C79121503}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GarrysMod\hl2.exe () [File not signed]
FirewallRules: [TCP Query User{0235C725-7FB5-4445-814B-0EDC4430AEBE}C:\program files (x86)\java\jre1.8.0_231\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_231\bin\javaw.exe
FirewallRules: [UDP Query User{E2EFB979-CAB6-4BE5-B9FF-B86871382FE5}C:\program files (x86)\java\jre1.8.0_231\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_231\bin\javaw.exe
FirewallRules: [{50A5429C-0B82-4A28-9642-C4D687C783F7}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12104.2.43056.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{71575D3C-E650-4206-916A-8FB0AE5D767C}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12104.2.43056.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{C2BD5AE1-70E6-46DB-B6E0-B2C63FDE5914}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12104.2.43056.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{086B64B7-445E-4F81-A6C6-18C8A244AE0F}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12104.2.43056.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{B5D402D2-D7A1-41E6-8447-105CB9F78B83}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12104.2.43056.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{76081617-4A3A-4B34-BA0A-6A7E48794334}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12104.2.43056.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{5BE206B9-7535-4E7E-92C5-267C5AC6009F}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12104.2.43056.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{D6A9A3EF-79E9-4645-A1CA-E64B81E330A4}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12104.2.43056.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{82D645E7-EAB0-48C7-B253-3E7619A6ED5A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{FD48BCDA-C111-4050-9FF9-45987779C6CC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{ABF53EC4-4B19-48A0-9FDD-832DE4D1C7A3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{B65A20E8-72EE-4ED6-8C2B-3D7865B9B6E5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{3EA470BD-A4C2-408C-88E5-73A90168A394}C:\users\usuario\appdata\local\blitz\current\blitz.exe] => (Allow) C:\users\usuario\appdata\local\blitz\current\blitz.exe (Swift Media Entertainment, Inc. -> Blitz Inc.)
FirewallRules: [UDP Query User{7C1DC2C5-0F12-48CF-B368-088133790B87}C:\users\usuario\appdata\local\blitz\current\blitz.exe] => (Allow) C:\users\usuario\appdata\local\blitz\current\blitz.exe (Swift Media Entertainment, Inc. -> Blitz Inc.)
FirewallRules: [{75F620BD-9B2F-471F-A437-359D1FAFF087}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Portal 2\portal2.exe () [File not signed]
FirewallRules: [{0886D0D0-1A79-4A66-97B2-742D6A5C6157}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Portal 2\portal2.exe () [File not signed]
FirewallRules: [{F24594CC-2D27-4507-A043-1ACB2D4B665B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DRAGON BALL FighterZ\DBFighterZ.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{8D6F6D57-015B-4B1E-BFFD-58CC28E8F79B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DRAGON BALL FighterZ\DBFighterZ.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{A96B2AE0-E155-417F-9DE1-22464C2CED9D}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [TCP Query User{5D62F918-D0A1-4457-8294-E9F4F65927DB}C:\program files (x86)\microsoft games\age of empires ii\empires2.exe] => (Allow) C:\program files (x86)\microsoft games\age of empires ii\empires2.exe (Microsoft Corporation) [File not signed]
FirewallRules: [UDP Query User{20D53EE3-9677-409D-8F0F-4D31E4913AE1}C:\program files (x86)\microsoft games\age of empires ii\empires2.exe] => (Allow) C:\program files (x86)\microsoft games\age of empires ii\empires2.exe (Microsoft Corporation) [File not signed]
FirewallRules: [TCP Query User{3F93680A-8E96-41E6-931D-1BB322F770B1}C:\program files (x86)\voobly\voobly.exe] => (Allow) C:\program files (x86)\voobly\voobly.exe (Voobly) [File not signed]
FirewallRules: [UDP Query User{416B2952-0BA1-46F0-95F3-0D068B31C209}C:\program files (x86)\voobly\voobly.exe] => (Allow) C:\program files (x86)\voobly\voobly.exe (Voobly) [File not signed]
FirewallRules: [TCP Query User{8288FEB6-4544-470B-848C-DD7B2EDC014E}C:\program files (x86)\microsoft games\age of empires ii\age2_x1\age2_x1.exe] => (Allow) C:\program files (x86)\microsoft games\age of empires ii\age2_x1\age2_x1.exe (Microsoft Corporation) [File not signed]
FirewallRules: [UDP Query User{D2106138-69EC-4A8D-8F80-FF78E94753E4}C:\program files (x86)\microsoft games\age of empires ii\age2_x1\age2_x1.exe] => (Allow) C:\program files (x86)\microsoft games\age of empires ii\age2_x1\age2_x1.exe (Microsoft Corporation) [File not signed]
FirewallRules: [{70228729-D6D7-4CCD-9E0D-CC923F2F20D6}] => (Allow) C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Outlook_16051.12527.20194.0_x86__8wekyb3d8bbwe\Office16\OUTLOOK.exe (Microsoft Corporation -> Microsoft Corporation)
==================== Restore Points =========================
25-02-2020 05:01:34 Instalador de Módulos de Windows
01-03-2020 16:10:51 Windows Update
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (03/01/2020 04:10:51 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Error del Servicio de instantáneas de volumen: error inesperado al llamar a la rutina ConvertStringSidToSid(S-1-5-21-4167822763-1012268071-2674635290-1001.bak). HR = 0x80070539, La estructura del identificador de seguridad no es válida.
.
Operación:
Evento OnIdentify
Recopilando datos del escritor
Contexto:
Contexto de ejecución: Shadow Copy Optimization Writer
Id. de clase del escritor: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
Nombre del escritor: Shadow Copy Optimization Writer
Id. de instancia del escritor: {0e39b6b6-03ba-4787-83b5-b0f93afa1bbe}
Error: (03/01/2020 04:05:17 PM) (Source: ESENT) (EventID: 522) (User: )
Description: ShellExperienceHost (10028,P,98) TILEREPOSITORYS-1-5-21-4167822763-1012268071-2674635290-1001: Al intentar abrir el dispositivo con el nombre "\\.\C:" que contiene "C:\", se produjo un error del sistema 5 (0x00000005): "Acceso denegado. ". La operación se cerrará con el error -1032 (0xfffffbf8).
Error: (03/01/2020 04:05:16 PM) (Source: ESENT) (EventID: 522) (User: )
Description: backgroundTaskHost (7924,P,98) TILEREPOSITORYS-1-5-21-4167822763-1012268071-2674635290-1001: Al intentar abrir el dispositivo con el nombre "\\.\C:" que contiene "C:\", se produjo un error del sistema 5 (0x00000005): "Acceso denegado. ". La operación se cerrará con el error -1032 (0xfffffbf8).
Error: (03/01/2020 04:05:09 PM) (Source: HP Active Health) (EventID: 88) (User: )
Description: -- SECURITY WARNING -- ActiveHealthProperties.ini has been tampered with, resetting it
Error: (03/01/2020 04:05:09 PM) (Source: HP Active Health) (EventID: 88) (User: )
Description: -- SECURITY WARNING -- ActiveHealthState.ini has been tampered with, resetting it
Error: (03/01/2020 04:05:09 PM) (Source: HP Active Health) (EventID: 80) (User: )
Description: -- SECURITY WARNING -- Unable to deserialize super secret file hashes. Will assume evil is afoot - all Validate() calls will return DOESNT_MATCH
at HP.ActiveHealth.Commons.Security.HashStore.LoadHashesFromFile()
Error: (03/01/2020 04:02:35 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1511) (User: LAPTOP-VENGBCQ4)
Description: Windows no encuentra el perfil local y está iniciando la sesión con un perfil temporal. Los cambios que se efectúen en este perfil se perderán cuando se cierre la sesión.
Error: (03/01/2020 04:02:34 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1515) (User: LAPTOP-VENGBCQ4)
Description: Windows hizo una copia de seguridad de este perfil de usuario. Windows intentará automáticamente usar la copia de seguridad del perfil la próxima vez que este usuario inicie sesión.
System errors:
=============
Error: (03/01/2020 05:01:41 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
y APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
al usuario NT AUTHORITY\LOCAL SERVICE con SID (S-1-5-19) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.
Error: (03/01/2020 05:00:45 PM) (Source: DCOM) (EventID: 10016) (User: LAPTOP-VENGBCQ4)
Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
y APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
al usuario LAPTOP-VENGBCQ4\usuario con SID (S-1-5-21-4167822763-1012268071-2674635290-1001) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.
Error: (03/01/2020 04:42:46 PM) (Source: DCOM) (EventID: 10016) (User: LAPTOP-VENGBCQ4)
Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
y APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
al usuario LAPTOP-VENGBCQ4\usuario con SID (S-1-5-21-4167822763-1012268071-2674635290-1001) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.
Error: (03/01/2020 04:40:21 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: El servicio Administrador de mapas descargado no respondió después de iniciar.
Error: (03/01/2020 04:36:14 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
y APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
al usuario NT AUTHORITY\LOCAL SERVICE con SID (S-1-5-19) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.
Error: (03/01/2020 04:34:54 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio Origin Web Helper Service no pudo iniciarse debido al siguiente error:
El servicio no respondió a tiempo a la solicitud de inicio o de control.
Error: (03/01/2020 04:34:54 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Se agotó el tiempo de espera (30000 ms) para la conexión con el servicio Origin Web Helper Service.
Error: (03/01/2020 04:26:42 PM) (Source: DCOM) (EventID: 10016) (User: LAPTOP-VENGBCQ4)
Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
y APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
al usuario LAPTOP-VENGBCQ4\usuario con SID (S-1-5-21-4167822763-1012268071-2674635290-1001) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.
Windows Defender:
===================================
Date: 2020-03-01 02:44:47.559
Description:
Antivirus de Windows Defender detectó malware u otro software potencialmente no deseado.
Para obtener más información consulte lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win64/AutoKMS&threatid=2147723334&enterprise=0
Nombre: HackTool:Win64/AutoKMS
Id.: 2147723334
Gravedad: Alta
Categoría: Herramienta
Ruta de acceso: file:_C:\windows\SECOH-QAD.dll
Origen de detección: Equipo local
Tipo de detección: Concreto
Fuente de detección: Protección en tiempo real
Usuario: LAPTOP-VENGBCQ4\usuario
Nombre de proceso: C:\Program Files\RogueKiller\RogueKiller64.exe
Versión de firma: AV: 1.311.335.0, AS: 1.311.335.0, NIS: 1.311.335.0
Versión de motor: AM: 1.1.16800.2, NIS: 1.1.16800.2
Date: 2020-03-01 02:38:09.774
Description:
Antivirus de Windows Defender detectó malware u otro software potencialmente no deseado.
Para obtener más información consulte lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win32/Crack&threatid=2147734096&enterprise=0
Nombre: HackTool:Win32/Crack
Id.: 2147734096
Gravedad: Alta
Categoría: Herramienta
Ruta de acceso: file:_C:\Program Files (x86)\Devolver Digital\Hotline Miami\steam_api.dll
Origen de detección: Equipo local
Tipo de detección: Concreto
Fuente de detección: Protección en tiempo real
Usuario: LAPTOP-VENGBCQ4\usuario
Nombre de proceso: C:\Program Files (x86)\Devolver Digital\Hotline Miami\HotlineGL.exe
Versión de firma: AV: 1.311.335.0, AS: 1.311.335.0, NIS: 1.311.335.0
Versión de motor: AM: 1.1.16800.2, NIS: 1.1.16800.2
Date: 2020-02-16 17:50:50.954
Description:
Antivirus de Windows Defender detectó malware u otro software potencialmente no deseado.
Para obtener más información consulte lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win64/AutoKMS&threatid=2147723334&enterprise=0
Nombre: HackTool:Win64/AutoKMS
Id.: 2147723334
Gravedad: Alta
Categoría: Herramienta
Ruta de acceso: file:_C:\windows\SECOH-QAD.exe
Origen de detección: Equipo local
Tipo de detección: Concreto
Fuente de detección: Sistema
Usuario: NT AUTHORITY\SYSTEM
Nombre de proceso: Unknown
Versión de firma: AV: 1.305.564.0, AS: 1.305.564.0, NIS: 1.305.564.0
Versión de motor: AM: 1.1.16500.1, NIS: 1.1.16500.1
Date: 2019-11-22 20:39:02.513
Description:
Antivirus de Windows Defender detectó malware u otro software potencialmente no deseado.
Para obtener más información consulte lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win64/AutoKMS&threatid=2147723334&enterprise=0
Nombre: HackTool:Win64/AutoKMS
Id.: 2147723334
Gravedad: Alta
Categoría: Herramienta
Ruta de acceso: file:_C:\windows\SECOH-QAD.exe
Origen de detección: Equipo local
Tipo de detección: Concreto
Fuente de detección: Sistema
Usuario: NT AUTHORITY\SYSTEM
Nombre de proceso: Unknown
Versión de firma: AV: 1.305.564.0, AS: 1.305.564.0, NIS: 1.305.564.0
Versión de motor: AM: 1.1.16500.1, NIS: 1.1.16500.1
Date: 2019-10-31 00:31:00.514
Description:
Antivirus de Windows Defender detectó malware u otro software potencialmente no deseado.
Para obtener más información consulte lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win64/AutoKMS&threatid=2147723334&enterprise=0
Nombre: HackTool:Win64/AutoKMS
Id.: 2147723334
Gravedad: Alta
Categoría: Herramienta
Ruta de acceso: file:_C:\windows\SECOH-QAD.exe
Origen de detección: Equipo local
Tipo de detección: Concreto
Fuente de detección: Protección en tiempo real
Usuario: NT AUTHORITY\LOCAL SERVICE
Nombre de proceso: C:\windows\System32\svchost.exe
Versión de firma: AV: 1.305.564.0, AS: 1.305.564.0, NIS: 1.305.564.0
Versión de motor: AM: 1.1.16500.1, NIS: 1.1.16500.1
CodeIntegrity:
===================================
Date: 2020-03-01 15:52:19.049
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.
Date: 2020-03-01 15:44:58.174
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.
Date: 2020-03-01 15:44:57.706
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.
Date: 2020-02-29 22:36:27.316
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.
Date: 2020-02-29 22:04:56.087
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.
Date: 2020-02-29 22:02:29.216
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.
Date: 2020-02-29 22:02:25.517
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.
Date: 2020-02-29 22:02:22.600
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
BIOS: Insyde F.02 05/04/2018
Motherboard: HP 84BF
Processor: Intel(R) Core(TM) i7-8550U CPU @ 1.80GHz
Percentage of memory in use: 32%
Total physical RAM: 16268.47 MB
Available physical RAM: 11034.83 MB
Total Virtual: 18700.47 MB
Available Virtual: 12502.03 MB
==================== Drives ================================
Drive c: (WINDOWS) (Fixed) (Total:877.61 GB) (Free:530.66 GB) NTFS
Drive d: (RECOVERY) (Fixed) (Total:15.02 GB) (Free:1.8 GB) NTFS ==>[system with boot components (obtained from drive)]
\\?\Volume{1b9c5fe9-87da-4294-a037-de6a6ff80c44}\ (Windows RE tools) (Fixed) (Total:0.96 GB) (Free:0.41 GB) NTFS
\\?\Volume{b18cee9c-0dca-4bee-8b2a-23b4c3a09c66}\ () (Fixed) (Total:0.25 GB) (Free:0.18 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: B4683848)
Partition: GPT.
==================== End of Addition.txt =======================Aclaro que tengo una partición hecha en el disco porque utilizo Ubuntu para la carrera
Olvidé mencionar que el archivo secoh-qad.dll y secoh-qad.exe generalmente vienen incluidos en el kmspico, usados para activar windows o en mi caso, el que use para activar office360
Primeramente desinstalas Spyhunter, con Revo, pues Spyhunter es un falso antimalware
Descarga e instalas >> Revo Uninstaller | InfoSpyware
Luego, segun manual de Revo >> http://www.forospyware.com/t243205.html, desinstalas el / los programas indicados, seleccionando cuando lo indique Revo, el Modo Avanzado
Marcas NOMBRE PROGRAMA y pulsas desinstalar en el menu de Revo, en Modo Avanzado
Cuando lo hagas, se iniciara el desinstalador de NOMBRE DE PROGRAMA y al finalizar (si alguno te pide reiniciar, pulsas en NO o Cancelar y continuas con Revo), realizas:
-
Pulsas Analizar en Revo, para que analice los restos del programa
-
Pulsas seleccionar todo, para eliminar restos del registro
-
Pulsas borrar todo
-
Pulsas siguiente
-
Pulsas seleccionar todo, para eliminar, si hay, carpetas
-
Pulsas borrar todo
-
Pulsas finalizar
Luego:
Bien… y ahora sigue estos pasos, MUY Importante ~ Realiza una copia de seguridad del registro :
-
Para hacerlo descarga Delfix en tu escritorio.
-
Doble clic para ejecutarlo.(Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona "Ejecutar como Administrador.")
-
Atención, ahora marca/selecciona únicamente la casilla "Create registry backup", las demás NO
-
Pulsar en Run.
Se abrirá el informe (DelFix.txt), guárdalo por si fuera necesario y cierra la herramienta.
En el equipo con los demas programas cerrados:
Inicio >>> Ejecutar >>>Escribes notepad.exe.
Ahora copia y pega estos archivos dentro del Notepad:
Start
CreateRestorePoint:
CloseProcesses:
GroupPolicyScripts: Restriction <==== ATTENTION
Task: {57179B40-96F1-40DE-8876-34D9C0F96DCB} - no filepath
Task: {80BA2026-6538-4B6A-AD10-76F52F7B956B} - no filepath
Task: {C61DDDA0-A153-460B-90B9-7BF9DF6AC611} - no filepath
SearchScopes: HKLM -> {64F37E6C-A707-4549-B509-5D0A5B8CA144} URL = hxxp://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us2-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM-x32 -> {64F37E6C-A707-4549-B509-5D0A5B8CA144} URL = hxxp://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us2-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
S3 AmUStor; \SystemRoot\system32\drivers\AmUStor.SYS [X]
S3 cpuz143; \??\C:\WINDOWS\temp\cpuz143\cpuz143_x64.sys [X]
AlternateDataStreams: C:\Users\usuario\OneDrive:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.SyncRootIdentity [118]
AlternateDataStreams: C:\Users\usuario\AppData\Local\5beZCtQuE70c:OAFUXjuWT8rxgvKs25cEZC011TW [1898]
AlternateDataStreams: C:\Users\usuario\AppData\Local\Temp:SJu2r1heB8Qznt8lcBgUT73Wg [2260]
HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
END
Lo guardas bajo el nombre de fixlist.txt en el escritorio <<< Esto es muy importante.<<
Nota: Es importante que la Hta Frst.exe y fixlist.txt se encuentren en la misma ubicación (escritorio) o si no no trabajara.
-
Ejecutas Frst.exe.
-
Presionas el botón Corregir y aguardas a que termine.
-
La Herramienta guardara el reporte en tu escritorio (Fixlog.txt).
Lo pegas en tu próxima respuesta, comentado como va el problema
Ademas tu version de windows 10 esta obsoleta…entra en windows update y dale a buscar e instala todo,…realizalo mismo hasta que no quede nada,deberias actualizar a la version 1909
Estoy en proceso, si, sobre lo de windows 10, no se me actualiza, le doy a buscar actualización y no encuentra nada, ademas las veces que llego la 1909, luego de instalarse, cuando se prende sale un cartel que dice “volviendo a una versión anterior” y vuelve a la 1803, de eso no en encontrado solución, probé de todo
https://www.microsoft.com/es-es/software-download/windows10
Descarga la herramienta de creación de medios
- Haz clic en Descargar herramienta y selecciona Ejecutar . Tienes que ser un administrador para ejecutar esta herramienta.
- En la página de los Términos de licencia , si aceptas los mismos, selecciona Aceptar .
- En la página ¿Qué quieres hacer? , selecciona Actualizar su PC ahora y después haz clic en Siguiente .
- Después de descargar e instalar la herramienta, se te guiará por el procedimiento para configurar Windows 10 en tu PC. Todas las ediciones de Windows 10 están disponibles al seleccionar Windows 10,
Fix result of Farbar Recovery Scan Tool (x64) Version: 26-02-2020
Ran by usuario (01-03-2020 18:46:52) Run:1
Running from C:\Users\usuario\Desktop
Loaded Profiles: usuario (Available Profiles: usuario)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CreateRestorePoint:
CloseProcesses:
GroupPolicyScripts: Restriction <==== ATTENTION
Task: {57179B40-96F1-40DE-8876-34D9C0F96DCB} - no filepath
Task: {80BA2026-6538-4B6A-AD10-76F52F7B956B} - no filepath
Task: {C61DDDA0-A153-460B-90B9-7BF9DF6AC611} - no filepath
SearchScopes: HKLM -> {64F37E6C-A707-4549-B509-5D0A5B8CA144} URL = hxxp://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us2-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM-x32 -> {64F37E6C-A707-4549-B509-5D0A5B8CA144} URL = hxxp://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us2-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
S3 AmUStor; \SystemRoot\system32\drivers\AmUStor.SYS [X]
S3 cpuz143; \??\C:\WINDOWS\temp\cpuz143\cpuz143_x64.sys [X]
AlternateDataStreams: C:\Users\usuario\OneDrive:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.SyncRootIdentity [118]
AlternateDataStreams: C:\Users\usuario\AppData\Local\5beZCtQuE70c:OAFUXjuWT8rxgvKs25cEZC011TW [1898]
AlternateDataStreams: C:\Users\usuario\AppData\Local\Temp:SJu2r1heB8Qznt8lcBgUT73Wg [2260]
HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
END
*****************
Restore point was successfully created.
Processes closed successfully.
C:\windows\system32\GroupPolicy\Machine => moved successfully
C:\windows\system32\GroupPolicy\GPT.ini => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{57179B40-96F1-40DE-8876-34D9C0F96DCB}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{57179B40-96F1-40DE-8876-34D9C0F96DCB}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{80BA2026-6538-4B6A-AD10-76F52F7B956B}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{80BA2026-6538-4B6A-AD10-76F52F7B956B}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C61DDDA0-A153-460B-90B9-7BF9DF6AC611}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C61DDDA0-A153-460B-90B9-7BF9DF6AC611}" => removed successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{64F37E6C-A707-4549-B509-5D0A5B8CA144} => removed successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{64F37E6C-A707-4549-B509-5D0A5B8CA144} => removed successfully
HKLM\System\CurrentControlSet\Services\AmUStor => removed successfully
AmUStor => service removed successfully
HKLM\System\CurrentControlSet\Services\cpuz143 => removed successfully
cpuz143 => service removed successfully
C:\Users\usuario\OneDrive => ":${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.SyncRootIdentity" ADS could not remove.
C:\Users\usuario\AppData\Local\5beZCtQuE70c => ":OAFUXjuWT8rxgvKs25cEZC011TW" ADS removed successfully
C:\Users\usuario\AppData\Local\Temp => ":SJu2r1heB8Qznt8lcBgUT73Wg" ADS removed successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
========= RemoveProxy: =========
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer => removed successfully
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully
"HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully
"HKU\S-1-5-21-4167822763-1012268071-2674635290-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\S-1-5-21-4167822763-1012268071-2674635290-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully
========= End of RemoveProxy: =========
========= netsh winsock reset =========
El cat logo Winsock se restableci¢ correctamente.
Debe reiniciar el equipo para completar el restablecimiento.
========= End of CMD: =========
========= ipconfig /renew =========
Configuraci¢n IP de Windows
No se puede realizar ninguna operaci¢n en Ethernet mientras los medios
est‚n desconectados.
No se puede realizar ninguna operaci¢n en Local Area Connection* 1 mientras los medios
est‚n desconectados.
No se puede realizar ninguna operaci¢n en Local Area Connection* 3 mientras los medios
est‚n desconectados.
No se puede realizar ninguna operaci¢n en Ethernet 2 mientras los medios
est‚n desconectados.
Adaptador de Ethernet Ethernet:
Estado de los medios. . . . . . . . . . . : medios desconectados
Sufijo DNS espec¡fico para la conexi¢n. . :
Adaptador de LAN inal mbrica Local Area Connection* 1:
Estado de los medios. . . . . . . . . . . : medios desconectados
Sufijo DNS espec¡fico para la conexi¢n. . :
Adaptador de LAN inal mbrica Local Area Connection* 3:
Estado de los medios. . . . . . . . . . . : medios desconectados
Sufijo DNS espec¡fico para la conexi¢n. . :
Adaptador de Ethernet Ethernet 2:
Estado de los medios. . . . . . . . . . . : medios desconectados
Sufijo DNS espec¡fico para la conexi¢n. . :
Adaptador de LAN inal mbrica Wi-Fi:
Sufijo DNS espec¡fico para la conexi¢n. . : fibertel.com.ar
V¡nculo: direcci¢n IPv6 local. . . : fe80::c5fb:d848:203e:ba39%18
Direcci¢n IPv4. . . . . . . . . . . . . . : 192.168.0.222
M scara de subred . . . . . . . . . . . . : 255.255.255.0
Puerta de enlace predeterminada . . . . . : 192.168.0.1
========= End of CMD: =========
========= ipconfig /flushdns =========
Configuraci¢n IP de Windows
Se vaci¢ correctamente la cach‚ de resoluci¢n de DNS.
========= End of CMD: =========
========= bitsadmin /reset /allusers =========
BITSADMIN version 3.0
BITS administration utility.
(C) Copyright Microsoft Corp.
0 out of 0 jobs canceled.
========= End of CMD: =========
========= netsh advfirewall reset =========
Aceptar
========= End of CMD: =========
========= netsh advfirewall set allprofiles state ON =========
Aceptar
========= End of CMD: =========
========= netsh int ipv4 reset =========
Reenv¡o de compartimiento se restableci¢ correctamente.
Compartimiento se restableci¢ correctamente.
Protocolo de control se restableci¢ correctamente.
Solicitud de secuencia eco se restableci¢ correctamente.
Global se restableci¢ correctamente.
Interfaz se restableci¢ correctamente.
Direcci¢n de difusi¢n por proximidad (a se restableci¢ correctamente.
Direcciones de multidifusi¢n se restableci¢ correctamente.
Direcci¢n de unidifusi¢n se restableci¢ correctamente.
Vecino se restableci¢ correctamente.
Ruta de acceso se restableci¢ correctamente.
Posible se restableci¢ correctamente.
Directiva de prefijo se restableci¢ correctamente.
Vecino de proxy se restableci¢ correctamente.
Ruta se restableci¢ correctamente.
Prefijo de sitio se restableci¢ correctamente.
Subinterfaz se restableci¢ correctamente.
Patr¢n de reactivaci¢n se restableci¢ correctamente.
Resolver vecino se restableci¢ correctamente.
se restableci¢ correctamente.
se restableci¢ correctamente.
se restableci¢ correctamente.
se restableci¢ correctamente.
Error al restablecer .
Acceso denegado.
se restableci¢ correctamente.
se restableci¢ correctamente.
se restableci¢ correctamente.
se restableci¢ correctamente.
se restableci¢ correctamente.
se restableci¢ correctamente.
se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.
========= End of CMD: =========
========= netsh int ipv6 reset =========
Reenv¡o de compartimiento se restableci¢ correctamente.
Compartimiento se restableci¢ correctamente.
Protocolo de control se restableci¢ correctamente.
Solicitud de secuencia eco se restableci¢ correctamente.
Global se restableci¢ correctamente.
Interfaz se restableci¢ correctamente.
Direcci¢n de difusi¢n por proximidad (a se restableci¢ correctamente.
Direcciones de multidifusi¢n se restableci¢ correctamente.
Direcci¢n de unidifusi¢n se restableci¢ correctamente.
Vecino se restableci¢ correctamente.
Ruta de acceso se restableci¢ correctamente.
Posible se restableci¢ correctamente.
Directiva de prefijo se restableci¢ correctamente.
Vecino de proxy se restableci¢ correctamente.
Ruta se restableci¢ correctamente.
Prefijo de sitio se restableci¢ correctamente.
Subinterfaz se restableci¢ correctamente.
Patr¢n de reactivaci¢n se restableci¢ correctamente.
Resolver vecino se restableci¢ correctamente.
se restableci¢ correctamente.
se restableci¢ correctamente.
se restableci¢ correctamente.
se restableci¢ correctamente.
Error al restablecer .
Acceso denegado.
se restableci¢ correctamente.
se restableci¢ correctamente.
se restableci¢ correctamente.
se restableci¢ correctamente.
se restableci¢ correctamente.
se restableci¢ correctamente.
se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.
========= End of CMD: =========
=========== EmptyTemp: ==========
BITS transfer queue => 11821056 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 53718903 B
Java, Flash, Steam htmlcache => 390114609 B
Windows/system/drivers => 7232520 B
Edge => 1298552 B
Chrome => 563311769 B
Firefox => 0 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 997170693 B
systemprofile32 => 997170693 B
LocalService => 998095154 B
NetworkService => 998096674 B
usuario => 1409582337 B
RecycleBin => 0 B
EmptyTemp: => 6 GB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 18:51:32 ====
adjunto el fixlog, por el momento la pc arranca bien, ya no veo tan seguido el sunto del disco al 100% y el proceso System que siempre estaba arriba del todo en el administrador de tareas ahora pasó a estar abajo aunque ahora hay un proceso llamado “antimalware service ejecutable” que consume bastante, pero por el momento el disco no ha vuelto a llegar al 100%
Por el otro lado hice lo que me dijiste de actualizar windows, nuevamente volvió a una versión anterior, durante el reinicio saltó un pantallaso azul, luego al terminar de iniciarse dijo el error, es el 0xC1900101 0x40017 the installation failed in the SECOND BOOT phasen with an error during BOOT operation
antimalware service es Malwarebytes, que quizas activaste la version de prueba con la proteccion real.
Para lo de windows,trata de hacer un inicio limpio
https://support.microsoft.com/es-es/help/929135/how-to-perform-a-clean-boot-in-windows
Luego trata de nuevo de actualizar en ese modo
buenísimo, trato de hacer el inicio limpio y te comento como va todo, en el fixlog está todo bien?
Si,por lo demas,parece todo bien