Virus ventanas emergentes que ningún antivirus puede eliminar

Hola @RicardoTS

Desactiva temporalmente el Antivirus >> Cómo deshabilitar temporalmente su Antivirus

Descarga Farbar Recovery Scan Tool.en el escritorio, seleccionando la versión adecuada para la arquitectura(32 o 64bits) de tu equipo. :arrow_forward: ¿Cómo saber si mi Windows es de 32 o 64 bits.?

  • Ejecuta FRST.exe.
  • En el mensaje de la ventana del Disclaimer, pulsamos Yes
  • En la ventana principal pulsamos en el botón Scan y esperamos a que concluya el proceso.
  • Se abrirán dos(2) archivos(Logs), Frst.txt y Addition.txt, estos quedaran grabados en el escritorio.

Pon los dos reportes generados.

Debes copiarlos y pegarlos con todo su contenido y usaras varios mensajes si recibes un mensaje de error indicando que es muy largo(mas de 50.000 caracteres aprox.).

Un saludo

Hola gracias por tu atención, he hecho lo que me dijiste Aqui están los reportes y si son largos de narices

FRST.txt

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 29-07-2019
Ran by Ricardo (administrator) on DESKTOP-C7V7QKB (29-07-2019 18:37:36)
Running from C:\Users\Ricardo\Downloads
Loaded Profiles: Ricardo (Available Profiles: Ricardo)
Platform: Windows 10 Home N Version 1809 17763.615 (X64) Language: Español (España, internacional)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskScSrv.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19051.16210.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1905.30.0_x64__8wekyb3d8bbwe\Calculator.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.YourPhone_1.19062.451.0_x64__8wekyb3d8bbwe\YourPhone.exe
(AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(Blizzard Entertainment, Inc. -> Blizzard Entertainment) C:\Program Files (x86)\Battle.net\Battle.net.exe
(Blizzard Entertainment, Inc. -> Blizzard Entertainment) C:\Program Files (x86)\Battle.net\Battle.net.exe
(Blizzard Entertainment, Inc. -> Blizzard Entertainment) C:\ProgramData\Battle.net\Agent\Agent.6732\Agent.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.11\GoogleCrashHandler.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.11\GoogleCrashHandler64.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Kaspersky Lab -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\avp.exe
(Kaspersky Lab -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\avpui.exe
(Kaspersky Lab -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 3.0\ksde.exe
(Kaspersky Lab -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 3.0\ksdeui.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\Ricardo\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.WindowsStore_11905.1001.4.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUI.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1907.4-0\MsMpEng.exe
(Mixbyte Inc -> Ellora Assets Corp.) C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Open Source Developer, Phillip Gibbons -> Highresolution Enterprises) C:\Users\Ricardo\Downloads\XMouseButtonControl 2.18.2 Portable\64bit (x64)\XMouseButtonControl.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18391144 2019-01-09] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [WindowsDefender] => "%ProgramFiles%\Windows Defender\MSASCuiL.exe"
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-1621665563-1515332978-2589713378-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [731240 2018-12-17] (AVB Disc Soft, SIA -> Disc Soft Ltd)
HKU\S-1-5-21-1621665563-1515332978-2589713378-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [22691064 2019-06-04] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-1621665563-1515332978-2589713378-1001\...\MountPoints2: {f104d951-1c0f-11e9-b904-7085c25aa4df} - "D:\setup.exe" 
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\75.0.3770.142\Installer\chrmstp.exe [2019-07-16] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{73FA19D0-2D75-11D2-995D-00C04F98BBC9}] -> 
BootExecute: autocheck autochk * sh4native Sh4Removal
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {001F34B9-2117-4B3F-ADD0-D059EE1CA1EF} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [849264 2019-04-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {0371FD36-C411-47FF-A387-C1F763DCE8B3} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [781680 2019-04-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {1ACE0798-8E6D-4C2A-B598-C83E821859EC} - System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [876912 2019-04-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {205B2FA4-0861-4D0E-A1DE-C2B8B8BDC964} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [590704 2019-04-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {3ACBC087-A6E4-4AD3-BDBD-8D2BF22971A8} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe
Task: {4A113B53-A372-4156-8509-37780E1CAD25} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-06-04] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {51ECA61C-0DDD-4B2B-8E58-9D9B06777213} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [849264 2019-04-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {6E443EFC-2F37-4E0B-8C68-90D7AC9CAB06} - System32\Tasks\Chameleon Folder-Ricardo => "C:\Program Files (x86)\Chameleon Explorer\ChameleonFolder.exe" 
Task: {88456F98-C086-4C24-8FC3-A1CC16256B62} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe /NOUACCHECK
Task: {93B47CAF-E9ED-4CCF-8975-CC361CC9E509} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [876912 2019-04-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {9594606B-A8A9-4B85-81CD-8E04F6A09521} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-01-24] (Google Inc -> Google Inc.)
Task: {9B57CB91-A491-404F-9527-24AC57B65BCE} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [648048 2019-04-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {A6353AE0-4C42-4C29-A362-91E993F504F6} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
Task: {A7B4E8E4-3595-41E0-AFAA-C404E6152837} - System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [876912 2019-04-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {ACC2CDB1-A66E-4AA7-94CA-D4DE3CBE7861} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [16664352 2019-06-04] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {AF54E4D6-03F5-4C96-8EC9-53B410E7C742} - System32\Tasks\Driver Easy Scheduled Scan => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe [3617760 2019-07-05] (Easeware Technology Limited -> Easeware)
Task: {B3B23956-9FAD-4D97-9811-2CC0F7A6DB1C} - System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [876912 2019-04-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {BB5DB4A5-23F8-4CA8-8FDC-E544FEDF64D9} - System32\Tasks\Microsoft_Hardware_Launch_rundll32_exe => rundll32.exe url.dll,OpenURL hxxp://go.microsoft.com/fwlink/?LinkID=521839
Task: {D7515BEE-7C8C-4484-B908-960B79CCB2A0} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3728752 2019-04-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {F2C06BE8-9055-476A-B769-9CD30142E6A7} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [781680 2019-04-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {F30E1813-C69D-46F4-83D6-37EBCA1C2F2A} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
Task: {F903C61B-BB09-4E7C-9058-52847E9B1E2C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-01-24] (Google Inc -> Google Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Driver Easy Scheduled Scan.job => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{4e593250-3b0e-4a88-b915-c2555c63aee3}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{ea9bfbe9-efec-4410-b7d8-4431106c0743}: [NameServer] 8.8.8.8,8.8.4.4

Internet Explorer:
==================
HKU\S-1-5-21-1621665563-1515332978-2589713378-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://es.search.yahoo.com/yhs/web?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__hp_WCYID10454__190309__yaie
BHO: Kaspersky Protection -> {EC1E29BB-F56A-45D8-B023-D3EF710FA0E0} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\x64\IEExt\ie_plugin.dll [2019-04-18] (Kaspersky Lab -> AO Kaspersky Lab)
BHO-x32: Kaspersky Protection -> {EC1E29BB-F56A-45D8-B023-D3EF710FA0E0} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\IEExt\ie_plugin.dll [2019-04-18] (Kaspersky Lab -> AO Kaspersky Lab)

FireFox:
========
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\FFExt\light_plugin_firefox\addon.xpi
FF Extension: (Kaspersky Protection) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\FFExt\light_plugin_firefox\addon.xpi [2019-04-18]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\FFExt\light_plugin_firefox\addon.xpi
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)

Chrome: 
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Ricardo\AppData\Local\Google\Chrome\User Data\Default [2019-07-29]
CHR Extension: (Presentaciones) - C:\Users\Ricardo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-01-25]
CHR Extension: (Documentos) - C:\Users\Ricardo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-01-25]
CHR Extension: (Hojas de cálculo) - C:\Users\Ricardo\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-01-25]
CHR Extension: (Video DownloadHelper) - C:\Users\Ricardo\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjnegcaeklhafolokijcfjliaokphfk [2019-07-24]
CHR Extension: (Gmail) - C:\Users\Ricardo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-24]
CHR Extension: (Chrome Media Router) - C:\Users\Ricardo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-06-21]
CHR Profile: C:\Users\Ricardo\AppData\Local\Google\Chrome\User Data\Guest Profile [2019-07-29]
CHR Profile: C:\Users\Ricardo\AppData\Local\Google\Chrome\User Data\System Profile [2019-07-29]
CHR HKLM\...\Chrome\Extension: [amkpcclbbgegoafihnpgomddadjhcadd] - hxxps://chrome.google.com/webstore/detail/amkpcclbbgegoafihnpgomddadjhcadd
CHR HKLM-x32\...\Chrome\Extension: [amkpcclbbgegoafihnpgomddadjhcadd] - hxxps://chrome.google.com/webstore/detail/amkpcclbbgegoafihnpgomddadjhcadd

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 Autodesk Licensing Service; C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskScSrv.exe [68608 2019-07-07] () [File not signed]
R2 AVP19.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\avp.exe [619640 2018-03-01] (Kaspersky Lab -> AO Kaspersky Lab)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [3644008 2018-12-17] (AVB Disc Soft, SIA -> Disc Soft Ltd)
S3 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [73088 2019-02-27] (Mixbyte Inc -> Freemake)
R2 FreemakeVideoCapture; C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe [15744 2019-02-27] (Mixbyte Inc -> Ellora Assets Corp.)
S3 klvssbridge64_19.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\x64\vssbridge64.exe [414352 2019-01-24] (Kaspersky Lab -> AO Kaspersky Lab)
R2 KSDE3.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 3.0\ksde.exe [617016 2018-03-01] (Kaspersky Lab -> AO Kaspersky Lab)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6744288 2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [781680 2019-04-02] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [781680 2019-04-02] (NVIDIA Corporation -> NVIDIA Corporation)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1907.4-0\NisSrv.exe [2552416 2019-07-27] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1907.4-0\MsMpEng.exe [108832 2019-07-27] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000 
R2 NvTelemetryContainer; "C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvTelemetry\plugins" -r

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 amdgpio2; C:\WINDOWS\System32\drivers\amdgpio2.sys [34568 2019-04-17] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc)
R3 amdgpio3; C:\WINDOWS\System32\drivers\amdgpio3.sys [24528 2019-07-19] (AMD PMP-PE CB Code Signer v20160415 -> Advanced Micro Devices, Inc)
S3 amdkmcsp; C:\WINDOWS\system32\DRIVERS\amdkmcsp.sys [101232 2017-06-12] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc. )
R3 AMDPCIDev; C:\WINDOWS\System32\drivers\AMDPCIDev.sys [32544 2019-07-19] (Advanced Micro Devices INC. -> Advanced Micro Devices)
R0 amdpsp; C:\WINDOWS\System32\drivers\amdpsp.sys [138544 2019-07-19] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc. )
R0 amd_sata; C:\WINDOWS\System32\drivers\amd_sata.sys [93240 2017-04-01] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
R0 amd_xata; C:\WINDOWS\System32\drivers\amd_xata.sys [33336 2017-04-01] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
S3 ampa; C:\Windows\system32\ampa.sys [17008 2013-11-29] (ChengDu AoMei Tech Co., Ltd -> ) [File not signed]
R0 cm_km; C:\WINDOWS\System32\DRIVERS\cm_km.sys [243400 2018-01-27] (Kaspersky Lab -> AO Kaspersky Lab)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2019-01-19] (Disc Soft Ltd -> Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2019-01-19] (Disc Soft Ltd -> Disc Soft Ltd)
R0 klbackupdisk; C:\WINDOWS\System32\DRIVERS\klbackupdisk.sys [75600 2019-04-18] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klbackupflt; C:\WINDOWS\System32\DRIVERS\klbackupflt.sys [125568 2019-04-18] (Kaspersky Lab -> AO Kaspersky Lab)
R1 kldisk; C:\WINDOWS\system32\DRIVERS\kldisk.sys [91472 2019-04-18] (Kaspersky Lab -> AO Kaspersky Lab)
S0 klelam; C:\WINDOWS\System32\DRIVERS\klelam.sys [29208 2017-03-30] (Microsoft Windows Early Launch Anti-malware Publisher -> AO Kaspersky Lab)
R3 klflt; C:\WINDOWS\system32\DRIVERS\klflt.sys [236672 2019-06-07] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klhk; C:\WINDOWS\System32\drivers\klhk.sys [1093248 2019-06-07] (Kaspersky Lab -> AO Kaspersky Lab)
S3 klids; C:\ProgramData\Kaspersky Lab\AVP19.0.0\Bases\klids.sys [197760 2019-07-18] (Kaspersky Lab -> AO Kaspersky Lab)
R1 KLIF; C:\WINDOWS\System32\DRIVERS\klif.sys [1168000 2019-06-07] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klim6; C:\WINDOWS\system32\DRIVERS\klim6.sys [58704 2019-04-18] (Kaspersky Lab -> AO Kaspersky Lab)
R3 klkbdflt; C:\WINDOWS\system32\DRIVERS\klkbdflt.sys [60536 2019-04-18] (Kaspersky Lab -> AO Kaspersky Lab)
R3 klmouflt; C:\WINDOWS\system32\DRIVERS\klmouflt.sys [60784 2019-04-18] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klpd; C:\WINDOWS\System32\DRIVERS\klpd.sys [50304 2019-04-18] (Kaspersky Lab -> AO Kaspersky Lab)
S3 klpnpflt; C:\WINDOWS\system32\DRIVERS\klpnpflt.sys [46416 2019-04-18] (Kaspersky Lab -> AO Kaspersky Lab)
R3 kltap; C:\WINDOWS\System32\drivers\kltap.sys [48080 2018-02-12] (AnchorFree Inc -> The OpenVPN Project)
R0 klupd_klif_arkmon; C:\WINDOWS\System32\Drivers\klupd_klif_arkmon.sys [245272 2019-04-29] (Kaspersky Lab -> AO Kaspersky Lab)
R3 klupd_klif_kimul; C:\WINDOWS\System32\Drivers\klupd_klif_kimul.sys [99152 2019-04-01] (Kaspersky Lab -> AO Kaspersky Lab)
R3 klupd_klif_klark; C:\WINDOWS\System32\Drivers\klupd_klif_klark.sys [302368 2019-04-29] (Kaspersky Lab -> AO Kaspersky Lab)
R0 klupd_klif_klbg; C:\WINDOWS\System32\Drivers\klupd_klif_klbg.sys [116104 2019-04-29] (Kaspersky Lab -> AO Kaspersky Lab)
R3 klupd_klif_mark; C:\WINDOWS\System32\Drivers\klupd_klif_mark.sys [198768 2019-04-30] (Kaspersky Lab -> AO Kaspersky Lab)
S4 klwfp; C:\WINDOWS\system32\DRIVERS\klwfp.sys [104576 2019-04-18] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klwtp; C:\WINDOWS\system32\DRIVERS\klwtp.sys [184960 2019-04-18] (Kaspersky Lab -> AO Kaspersky Lab)
R1 kneps; C:\WINDOWS\system32\DRIVERS\kneps.sys [218240 2019-04-18] (Kaspersky Lab -> AO Kaspersky Lab)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [199768 2019-07-26] (Malwarebytes Corporation -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [20936 2019-06-26] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [275232 2019-07-29] (Malwarebytes Corporation -> Malwarebytes)
S3 MDA_NTDRV; C:\Windows\system32\MDA_NTDRV.sys [21208 2019-02-01] (北京铠信神州科技有限责任公司 -> )
R3 NPF; C:\WINDOWS\System32\drivers\NPF.sys [35344 2011-02-11] (CACE Technologies, Inc. -> CACE Technologies, Inc.)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_4b310b124a4f2d9f\nvlddmkm.sys [21854352 2019-07-19] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30336 2019-03-28] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [69840 2019-03-19] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [66792 2018-10-03] (NVIDIA Corporation -> NVIDIA Corporation)
R3 ptun0901; C:\WINDOWS\System32\drivers\ptun0901.sys [27136 2014-08-08] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [1154336 2019-07-19] (Realtek Semiconductor Corp. -> Realtek )
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [47496 2019-07-27] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [344288 2019-07-27] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [54496 2019-07-27] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

continuación

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-07-29 18:37 - 2019-07-29 18:38 - 000027177 _____ C:\Users\Ricardo\Downloads\FRST.txt
2019-07-29 18:36 - 2019-07-29 18:36 - 002096128 _____ (Farbar) C:\Users\Ricardo\Downloads\FRST64.exe
2019-07-29 18:35 - 2019-07-29 18:37 - 000000000 ____D C:\FRST
2019-07-29 18:20 - 2019-07-29 18:20 - 165035414 _____ C:\Users\Ricardo\Downloads\7x09 Los ojos de la emperatriz [AnimeCastLigero.blogspot.com].mkv
2019-07-29 16:45 - 2019-07-29 16:45 - 000275232 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2019-07-29 13:27 - 2019-07-29 13:27 - 000000046 _____ C:\Users\Ricardo\Downloads\contraseña.txt
2019-07-28 21:39 - 2019-07-28 21:39 - 000003660 _____ C:\WINDOWS\System32\Tasks\CreateExplorerShellUnelevatedTask
2019-07-28 21:38 - 2019-07-28 21:39 - 000000718 _____ C:\DelFix.txt
2019-07-28 21:38 - 2019-07-28 21:38 - 000000000 ____D C:\WINDOWS\ERUNT
2019-07-28 12:00 - 2019-07-29 17:23 - 000000000 ____D C:\Users\Ricardo\Downloads\cambo cinema
2019-07-27 11:25 - 2019-07-27 11:25 - 020638704 _____ (Piriform Software Ltd) C:\Users\Ricardo\Downloads\ccsetup558.exe
2019-07-27 11:25 - 2019-07-27 11:25 - 000003936 _____ C:\WINDOWS\System32\Tasks\CCleaner Update
2019-07-27 11:25 - 2019-07-27 11:25 - 000002892 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2019-07-27 11:25 - 2019-07-27 11:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2019-07-27 11:25 - 2019-07-27 11:25 - 000000000 ____D C:\Program Files\CCleaner
2019-07-26 16:09 - 2019-07-26 16:09 - 000199768 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2019-07-26 16:09 - 2019-07-26 16:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-07-26 16:09 - 2019-07-26 16:09 - 000000000 ____D C:\ProgramData\Malwarebytes
2019-07-26 16:09 - 2019-06-26 13:00 - 000020936 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2019-07-26 16:09 - 2019-01-08 16:32 - 000153328 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2019-07-23 15:07 - 2019-07-23 15:07 - 000000000 ____D C:\Users\Ricardo\AppData\Local\gtk-2.0
2019-07-19 23:24 - 2019-07-19 23:24 - 000000000 ____D C:\Users\Ricardo\AppData\Local\mbamtray
2019-07-19 23:24 - 2019-07-19 23:24 - 000000000 ____D C:\Users\Ricardo\AppData\Local\mbam
2019-07-19 23:23 - 2019-07-19 23:23 - 064680504 _____ (Malwarebytes ) C:\Users\Ricardo\Downloads\mb3-setup-consumer-3.8.3.2965-1.0.613-1.0.11628.exe
2019-07-19 21:47 - 2019-07-19 22:55 - 000000000 ___HD C:\81j5nK9stWptlwlB
2019-07-19 20:27 - 2019-07-19 23:18 - 000000000 ____D C:\Program Files (x86)\SpyHunter Malware Security Suite
2019-07-19 20:26 - 2019-07-19 20:26 - 000000000 ____D C:\Users\Ricardo\Downloads\SH42564782
2019-07-19 20:01 - 2019-07-19 20:10 - 029700067 _____ C:\WINDOWS\system32\Drivers\RTAIODAT.DAT
2019-07-19 19:59 - 2019-07-19 19:59 - 000046848 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhdap64.dll
2019-07-19 19:58 - 2019-07-19 20:10 - 000000000 ____D C:\WINDOWS\LastGood.Tmp
2019-07-19 19:56 - 2019-07-19 19:56 - 001006792 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2019-07-19 19:56 - 2019-07-19 19:56 - 001006792 _____ C:\WINDOWS\system32\vulkan-1.dll
2019-07-19 19:56 - 2019-07-19 19:56 - 000870088 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2019-07-19 19:56 - 2019-07-19 19:56 - 000870088 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2019-07-19 19:56 - 2019-07-19 19:56 - 000286408 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2019-07-19 19:56 - 2019-07-19 19:56 - 000286408 _____ C:\WINDOWS\system32\vulkaninfo.exe
2019-07-19 19:56 - 2019-07-19 19:56 - 000260296 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2019-07-19 19:56 - 2019-07-19 19:56 - 000260296 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2019-07-19 19:30 - 2019-07-19 19:32 - 011059128 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2019-07-19 19:28 - 2019-07-19 19:30 - 009492224 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2019-07-19 19:04 - 2019-07-19 19:05 - 000675224 _____ C:\WINDOWS\system32\nvofapi64.dll
2019-07-19 19:04 - 2019-07-19 19:04 - 000821176 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmcumd.dll
2019-07-19 19:04 - 2019-07-19 19:04 - 000542296 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2019-07-19 18:59 - 2019-07-19 18:59 - 001162168 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2019-07-19 18:58 - 2019-07-19 18:59 - 000912072 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2019-07-19 18:58 - 2019-07-19 18:58 - 001467832 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6443136.dll
2019-07-19 18:57 - 2019-07-19 18:58 - 001722056 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6443136.dll
2019-07-19 18:44 - 2019-07-19 18:45 - 005422464 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2019-07-19 18:44 - 2019-07-19 18:44 - 004759240 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2019-07-19 18:42 - 2019-07-19 18:44 - 020190592 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2019-07-19 18:40 - 2019-07-19 18:42 - 017467592 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2019-07-19 18:34 - 2019-07-19 18:40 - 040412360 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2019-07-19 18:28 - 2019-07-19 18:34 - 035270016 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2019-07-19 18:26 - 2019-07-19 18:27 - 004340664 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2019-07-19 18:26 - 2019-07-19 18:26 - 000808832 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2019-07-19 18:26 - 2019-07-19 18:26 - 000654720 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2019-07-19 18:25 - 2019-07-19 18:25 - 000552136 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2019-07-19 18:24 - 2019-07-19 18:25 - 000456448 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2019-07-19 18:23 - 2019-07-19 18:23 - 001470904 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2019-07-19 18:23 - 2019-07-19 18:23 - 001134464 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2019-07-19 18:23 - 2019-07-19 18:23 - 000631712 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2019-07-19 18:23 - 2019-07-19 18:23 - 000521872 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2019-07-19 18:22 - 2019-07-19 18:23 - 002040192 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2019-07-19 18:22 - 2019-07-19 18:22 - 001542016 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2019-07-19 17:49 - 2019-07-19 17:49 - 000482608 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\tbaseregistry64.dll
2019-07-19 17:49 - 2019-07-19 17:49 - 000437552 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\t-base_client_api.dll
2019-07-19 17:49 - 2019-07-19 17:49 - 000384304 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\tbaseregistry32.dll
2019-07-19 17:49 - 2019-07-19 17:49 - 000348976 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\t-base_client_api.dll
2019-07-19 17:48 - 2019-07-19 17:48 - 000138544 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\Drivers\amdpsp.sys
2019-07-19 17:43 - 2019-07-19 20:24 - 000000442 _____ C:\WINDOWS\Tasks\Driver Easy Scheduled Scan.job
2019-07-19 17:43 - 2019-07-19 17:43 - 000003920 _____ C:\WINDOWS\System32\Tasks\Driver Easy Scheduled Scan
2019-07-19 17:43 - 2019-07-19 17:43 - 000001501 _____ C:\Users\Ricardo\Downloads\Crack DriverEasy.rar
2019-07-19 17:43 - 2019-07-19 17:43 - 000001012 _____ C:\Users\Public\Desktop\Driver Easy.lnk
2019-07-19 17:43 - 2019-07-19 17:43 - 000000000 ____D C:\Users\Ricardo\Downloads\Crack DriverEasy
2019-07-19 17:43 - 2019-07-19 17:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Easy
2019-07-19 17:42 - 2019-07-19 17:42 - 005074168 _____ (Easeware ) C:\Users\Ricardo\Downloads\DriverEasy_Setup.exe
2019-07-19 17:35 - 2019-07-19 17:35 - 004011191 _____ C:\Users\Ricardo\Downloads\DriverEasy 5.6.2 By SRPC.zip
2019-07-19 17:35 - 2019-07-19 17:35 - 000000000 ____D C:\Users\Ricardo\Downloads\DriverEasy 5.6.2 By SRPC
2019-07-19 17:27 - 2019-07-19 17:27 - 000000000 ____D C:\Users\Ricardo\AppData\Roaming\Obsidium
2019-07-19 17:10 - 2019-07-19 17:10 - 000003294 _____ C:\WINDOWS\System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe
2019-07-19 17:10 - 2019-07-19 17:10 - 000003242 _____ C:\WINDOWS\System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe
2019-07-19 17:10 - 2019-07-19 17:10 - 000003238 _____ C:\WINDOWS\System32\Tasks\Microsoft_Hardware_Launch_itype_exe
2019-07-19 17:09 - 2019-07-19 17:09 - 000003132 _____ C:\WINDOWS\System32\Tasks\Microsoft_Hardware_Launch_rundll32_exe
2019-07-19 17:08 - 2019-07-19 17:08 - 047537840 _____ (Microsoft Corporation) C:\Users\Ricardo\Downloads\MouseKeyboardCenter_64bit_ESP_11.1.exe
2019-07-18 11:45 - 2019-07-18 11:48 - 000000000 ____D C:\Program Files (x86)\Naturalsoft
2019-07-18 11:44 - 2019-07-18 11:44 - 000000000 ____D C:\Users\Ricardo\Downloads\NaturalReader 14 Professional
2019-07-16 13:14 - 2019-07-16 13:14 - 000001357 _____ C:\Users\Public\Desktop\Freemake Video Converter.lnk
2019-07-16 13:14 - 2019-07-16 13:14 - 000000000 ____D C:\Users\Ricardo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Freemake
2019-07-16 13:14 - 2019-07-16 13:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Freemake
2019-07-14 16:16 - 2019-07-14 16:21 - 3195231889 _____ C:\Users\Ricardo\Downloads\725296-TOWAME.part5.rar
2019-07-14 16:10 - 2019-07-14 16:15 - 3221225472 _____ C:\Users\Ricardo\Downloads\725296-TOWAME.part4.rar
2019-07-14 16:01 - 2019-07-14 16:05 - 3221225472 _____ C:\Users\Ricardo\Downloads\725296-TOWAME.part3.rar
2019-07-14 15:49 - 2019-07-14 15:53 - 3221225472 _____ C:\Users\Ricardo\Downloads\725296-TOWAME.part2.rar
2019-07-14 15:41 - 2019-07-14 15:46 - 3221225472 _____ C:\Users\Ricardo\Downloads\725296-TOWAME.part1.rar
2019-07-14 15:41 - 2019-07-14 15:41 - 000000510 _____ C:\Users\Ricardo\Downloads\TWW-GOO-PiviGames.blog.txt
2019-07-13 13:53 - 2019-07-13 13:53 - 000000047 _____ C:\Users\Ricardo\Downloads\correos y contraseñas.txt
2019-07-11 23:11 - 2019-07-11 23:11 - 000000000 ____D C:\Users\Ricardo\AppData\Roaming\Google
2019-07-10 22:27 - 2019-07-10 22:46 - 000000000 ____D C:\Users\Ricardo\AppData\Roaming\Notepad++
2019-07-10 22:27 - 2019-07-10 22:27 - 000000877 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++.lnk
2019-07-10 22:26 - 2019-07-10 22:26 - 003929368 _____ (Don HO [email protected]) C:\Users\Ricardo\Downloads\npp.7.7.1.Installer.x64.exe
2019-07-10 11:23 - 2019-07-10 11:23 - 001340408 _____ (Microsoft Corporation) C:\Users\Ricardo\Downloads\vs_professional__1018712694.1562750584.exe
2019-07-10 00:09 - 2019-07-10 22:36 - 000000000 ____D C:\Users\Ricardo\Downloads\Age of Wonders III Español EspAion v00.13
2019-07-10 00:00 - 2019-07-10 00:00 - 000000000 ____D C:\Users\Ricardo\AppData\Roaming\Steam
2019-07-09 23:54 - 2019-07-12 18:56 - 000000820 _____ C:\Users\Ricardo\Desktop\Age of Wonders III Eternal Lords.lnk
2019-07-09 23:54 - 2019-07-09 23:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Age of Wonders III Eternal Lords
2019-07-09 23:46 - 2019-07-09 23:46 - 000000000 ____D C:\Users\Ricardo\Downloads\Agwdr3elrds-reup
2019-07-09 23:00 - 2019-07-09 23:00 - 026808320 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-07-09 23:00 - 2019-07-09 23:00 - 023454208 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-07-09 23:00 - 2019-07-09 23:00 - 022115472 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2019-07-09 23:00 - 2019-07-09 23:00 - 020816384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2019-07-09 23:00 - 2019-07-09 23:00 - 019012096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-07-09 23:00 - 2019-07-09 23:00 - 017484800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2019-07-09 23:00 - 2019-07-09 23:00 - 015221248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2019-07-09 23:00 - 2019-07-09 23:00 - 012938752 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2019-07-09 23:00 - 2019-07-09 23:00 - 012243968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2019-07-09 23:00 - 2019-07-09 23:00 - 009683472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-07-09 23:00 - 2019-07-09 23:00 - 008900608 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2019-07-09 23:00 - 2019-07-09 23:00 - 007921664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2019-07-09 23:00 - 2019-07-09 23:00 - 007884288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2019-07-09 23:00 - 2019-07-09 23:00 - 007876096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-07-09 23:00 - 2019-07-09 23:00 - 007687784 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2019-07-09 23:00 - 2019-07-09 23:00 - 007645600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-07-09 23:00 - 2019-07-09 23:00 - 006925312 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2019-07-09 23:00 - 2019-07-09 23:00 - 006545304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-07-09 23:00 - 2019-07-09 23:00 - 006441472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2019-07-09 23:00 - 2019-07-09 23:00 - 006308232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2019-07-09 23:00 - 2019-07-09 23:00 - 006068224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-07-09 23:00 - 2019-07-09 23:00 - 005764608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2019-07-09 23:00 - 2019-07-09 23:00 - 005587976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2019-07-09 23:00 - 2019-07-09 23:00 - 005566464 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2019-07-09 23:00 - 2019-07-09 23:00 - 005561312 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2019-07-09 23:00 - 2019-07-09 23:00 - 005528064 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2019-07-09 23:00 - 2019-07-09 23:00 - 005297664 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2019-07-09 23:00 - 2019-07-09 23:00 - 004880896 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2019-07-09 23:00 - 2019-07-09 23:00 - 004588752 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2019-07-09 23:00 - 2019-07-09 23:00 - 004351448 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2019-07-09 23:00 - 2019-07-09 23:00 - 004303872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2019-07-09 23:00 - 2019-07-09 23:00 - 004056576 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2019-07-09 23:00 - 2019-07-09 23:00 - 003818416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2019-07-09 23:00 - 2019-07-09 23:00 - 003738624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2019-07-09 23:00 - 2019-07-09 23:00 - 003656192 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2019-07-09 23:00 - 2019-07-09 23:00 - 003636224 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2019-07-09 23:00 - 2019-07-09 23:00 - 003630592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Service.dll
2019-07-09 23:00 - 2019-07-09 23:00 - 003427328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2019-07-09 23:00 - 2019-07-09 23:00 - 003385856 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-07-09 23:00 - 2019-07-09 23:00 - 003363640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2019-07-09 23:00 - 2019-07-09 23:00 - 003335216 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2019-07-09 23:00 - 2019-07-09 23:00 - 003081728 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2019-07-09 23:00 - 2019-07-09 23:00 - 002982400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2019-07-09 23:00 - 2019-07-09 23:00 - 002942464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2019-07-09 23:00 - 2019-07-09 23:00 - 002871816 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2019-07-09 23:00 - 2019-07-09 23:00 - 002778760 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2019-07-09 23:00 - 2019-07-09 23:00 - 002766136 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2019-07-09 23:00 - 2019-07-09 23:00 - 002714624 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll
2019-07-09 23:00 - 2019-07-09 23:00 - 002706432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2019-07-09 23:00 - 2019-07-09 23:00 - 002701000 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2019-07-09 23:00 - 2019-07-09 23:00 - 002693120 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2019-07-09 23:00 - 2019-07-09 23:00 - 002645504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2019-07-09 23:00 - 2019-07-09 23:00 - 002633216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2019-07-09 23:00 - 2019-07-09 23:00 - 002626872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2019-07-09 23:00 - 2019-07-09 23:00 - 002593336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2019-07-09 23:00 - 2019-07-09 23:00 - 002421760 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2019-07-09 23:00 - 2019-07-09 23:00 - 002393088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcGenral.dll
2019-07-09 23:00 - 2019-07-09 23:00 - 002278784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2019-07-09 23:00 - 2019-07-09 23:00 - 002189312 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-07-09 23:00 - 2019-07-09 23:00 - 002096128 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2019-07-09 23:00 - 2019-07-09 23:00 - 002085376 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2019-07-09 23:00 - 2019-07-09 23:00 - 002073472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2019-07-09 23:00 - 2019-07-09 23:00 - 002050048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
2019-07-09 23:00 - 2019-07-09 23:00 - 002017280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2019-07-09 23:00 - 2019-07-09 23:00 - 002013696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi.dll
2019-07-09 23:00 - 2019-07-09 23:00 - 001994760 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2019-07-09 23:00 - 2019-07-09 23:00 - 001966904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refs.sys
2019-07-09 23:00 - 2019-07-09 23:00 - 001929728 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2019-07-09 23:00 - 2019-07-09 23:00 - 001903616 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2019-07-09 23:00 - 2019-07-09 23:00 - 001893376 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2019-07-09 23:00 - 2019-07-09 23:00 - 001863168 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2019-07-09 23:00 - 2019-07-09 23:00 - 001837136 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2019-07-09 23:00 - 2019-07-09 23:00 - 001794048 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdprt.dll
2019-07-09 23:00 - 2019-07-09 23:00 - 001763328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2019-07-09 23:00 - 2019-07-09 23:00 - 001751040 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2019-07-09 23:00 - 2019-07-09 23:00 - 001721352 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2019-07-09 23:00 - 2019-07-09 23:00 - 001702088 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-07-09 23:00 - 2019-07-09 23:00 - 001701888 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2019-07-09 23:00 - 2019-07-09 23:00 - 001676288 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2019-07-09 23:00 - 2019-07-09 23:00 - 001674752 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2019-07-09 23:00 - 2019-07-09 23:00 - 001668752 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2019-07-09 23:00 - 2019-07-09 23:00 - 001662480 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2019-07-09 23:00 - 2019-07-09 23:00 - 001622016 _____ (Microsoft Corporation) C:\WINDOWS\system32\vssapi.dll
2019-07-09 23:00 - 2019-07-09 23:00 - 001605632 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-07-09 23:00 - 2019-07-09 23:00 - 001516544 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSSVC.exe
2019-07-09 23:00 - 2019-07-09 23:00 - 001484800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2019-07-09 23:00 - 2019-07-09 23:00 - 001477648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll
2019-07-09 23:00 - 2019-07-09 23:00 - 001472808 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-07-09 23:00 - 2019-07-09 23:00 - 001466368 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2019-07-09 23:00 - 2019-07-09 23:00 - 001465464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2019-07-09 23:00 - 2019-07-09 23:00 - 001427592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll
2019-07-09 23:00 - 2019-07-09 23:00 - 001345168 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2019-07-09 23:00 - 2019-07-09 23:00 - 001321784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll
2019-07-09 23:00 - 2019-07-09 23:00 - 001316352 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2019-07-09 23:00 - 2019-07-09 23:00 - 001309696 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2019-07-09 23:00 - 2019-07-09 23:00 - 001308672 _____ (Microsoft Corporation) C:\WINDOWS\system32\TaskFlowDataEngine.dll
2019-07-09 23:00 - 2019-07-09 23:00 - 001266192 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2019-07-09 23:00 - 2019-07-09 23:00 - 001259520 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2019-07-09 23:00 - 2019-07-09 23:00 - 001257472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2019-07-09 23:00 - 2019-07-09 23:00 - 001253688 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-07-09 23:00 - 2019-07-09 23:00 - 001225216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2019-07-09 23:00 - 2019-07-09 23:00 - 001223168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdprt.dll
2019-07-09 23:00 - 2019-07-09 23:00 - 001208320 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2019-07-09 23:00 - 2019-07-09 23:00 - 001199616 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2019-07-09 23:00 - 2019-07-09 23:00 - 001182448 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2019-07-09 23:00 - 2019-07-09 23:00 - 001162320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2019-07-09 23:00 - 2019-07-09 23:00 - 001160704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2019-07-09 23:00 - 2019-07-09 23:00 - 001159168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vssapi.dll
2019-07-09 23:00 - 2019-07-09 23:00 - 001145856 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2019-07-09 23:00 - 2019-07-09 23:00 - 001132032 _____ (Microsoft Corporation) C:\WINDOWS\system32\nettrace.dll
2019-07-09 23:00 - 2019-07-09 23:00 - 001125416 _____ (Microsoft Corporation) C:\WINDOWS\system32\efscore.dll
2019-07-09 23:00 - 2019-07-09 23:00 - 001075712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2019-07-09 23:00 - 2019-07-09 23:00 - 001054928 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-07-09 23:00 - 2019-07-09 23:00 - 001052984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ClipSp.sys
2019-07-09 23:00 - 2019-07-09 23:00 - 001052672 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2019-07-09 23:00 - 2019-07-09 23:00 - 001048592 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-07-09 23:00 - 2019-07-09 23:00 - 001038336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2019-07-09 23:00 - 2019-07-09 23:00 - 001010688 _____ (Microsoft Corporation) C:\WINDOWS\system32\refsutil.exe
2019-07-09 23:00 - 2019-07-09 23:00 - 001007616 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2019-07-09 23:00 - 2019-07-09 23:00 - 000998928 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2019-07-09 23:00 - 2019-07-09 23:00 - 000988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2019-07-09 23:00 - 2019-07-09 23:00 - 000987736 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2019-07-09 23:00 - 2019-07-09 23:00 - 000971776 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2019-07-09 23:00 - 2019-07-09 23:00 - 000964608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2019-07-09 23:00 - 2019-07-09 23:00 - 000956416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2019-07-09 23:00 - 2019-07-09 23:00 - 000949248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2019-07-09 23:00 - 2019-07-09 23:00 - 000912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2019-07-09 23:00 - 2019-07-09 23:00 - 000898048 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2019-07-09 23:00 - 2019-07-09 23:00 - 000895552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2019-07-09 23:00 - 2019-07-09 23:00 - 000871784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2019-07-09 23:00 - 2019-07-09 23:00 - 000865272 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2019-07-09 23:00 - 2019-07-09 23:00 - 000863544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2019-07-09 23:00 - 2019-07-09 23:00 - 000850992 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2019-07-09 23:00 - 2019-07-09 23:00 - 000833536 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2019-07-09 23:00 - 2019-07-09 23:00 - 000833024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2019-07-09 23:00 - 2019-07-09 23:00 - 000833024 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2019-07-09 23:00 - 2019-07-09 23:00 - 000828728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2019-07-09 23:00 - 2019-07-09 23:00 - 000816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\PEAuth.sys
2019-07-09 23:00 - 2019-07-09 23:00 - 000810504 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2019-07-09 23:00 - 2019-07-09 23:00 - 000807480 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2019-07-09 23:00 - 2019-07-09 23:00 - 000804744 _____ (Microsoft Corporation) C:\WINDOWS\system32\BioIso.exe
2019-07-09 23:00 - 2019-07-09 23:00 - 000800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\uReFS.dll
2019-07-09 23:00 - 2019-07-09 23:00 - 000799776 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2019-07-09 23:00 - 2019-07-09 23:00 - 000798736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2019-07-09 23:00 - 2019-07-09 23:00 - 000791040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2019-07-09 23:00 - 2019-07-09 23:00 - 000774144 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2019-07-09 23:00 - 2019-07-09 23:00 - 000773120 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2019-07-09 23:00 - 2019-07-09 23:00 - 000773120 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2019-07-09 23:00 - 2019-07-09 23:00 - 000771584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2019-07-09 23:00 - 2019-07-09 23:00 - 000770096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2019-07-09 23:00 - 2019-07-09 23:00 - 000768224 _____ (Microsoft Corporation) C:\WINDOWS\system32\pkeyhelper.dll
2019-07-09 23:00 - 2019-07-09 23:00 - 000758896 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2019-07-09 23:00 - 2019-07-09 23:00 - 000756224 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2019-07-09 23:00 - 2019-07-09 23:00 - 000749568 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2019-07-09 23:00 - 2019-07-09 23:00 - 000742912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpaceControl.dll
2019-07-09 23:00 - 2019-07-09 23:00 - 000740664 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2019-07-09 23:00 - 2019-07-09 23:00 - 000731104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2019-07-09 23:00 - 2019-07-09 23:00 - 000730936 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingWinRT.dll
2019-07-09 23:00 - 2019-07-09 23:00 - 000703488 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2019-07-09 23:00 - 2019-07-09 23:00 - 000682496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uReFS.dll
2019-07-09 23:00 - 2019-07-09 23:00 - 000680176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2019-07-09 23:00 - 2019-07-09 23:00 - 000667136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapi.dll
2019-07-09 23:00 - 2019-07-09 23:00 - 000664064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2019-07-09 23:00 - 2019-07-09 23:00 - 000663040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2019-07-09 23:00 - 2019-07-09 23:00 - 000660032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2019-07-09 23:00 - 2019-07-09 23:00 - 000652528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2019-07-09 23:00 - 2019-07-09 23:00 - 000652296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2019-07-09 23:00 - 2019-07-09 23:00 - 000651792 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2019-07-09 23:00 - 2019-07-09 23:00 - 000645120 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpsvc.dll
2019-07-09 23:00 - 2019-07-09 23:00 - 000642048 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedRealitySvc.dll
2019-07-09 23:00 - 2019-07-09 23:00 - 000637968 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2019-07-09 23:00 - 2019-07-09 23:00 - 000626176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll
2019-07-09 23:00 - 2019-07-09 23:00 - 000617784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicensingWinRT.dll
2019-07-09 23:00 - 2019-07-09 23:00 - 000616960 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2019-07-09 23:00 - 2019-07-09 23:00 - 000607744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2019-07-09 23:00 - 2019-07-09 23:00 - 000594944 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2019-07-09 23:00 - 2019-07-09 23:00 - 000580024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2019-07-09 23:00 - 2019-07-09 23:00 - 000579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofmsvc.dll
2019-07-09 23:00 - 2019-07-09 23:00 - 000553992 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2019-07-09 23:00 - 2019-07-09 23:00 - 000553472 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2019-07-09 23:00 - 2019-07-09 23:00 - 000547840 _____ (Microsoft Corporation) C:\WINDOWS\system32\QuietHours.dll
2019-07-09 23:00 - 2019-07-09 23:00 - 000541184 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2019-07-09 23:00 - 2019-07-09 23:00 - 000532992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2019-07-09 23:00 - 2019-07-09 23:00 - 000527872 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2019-07-09 23:00 - 2019-07-09 23:00 - 000525824 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe
2019-07-09 23:00 - 2019-07-09 23:00 - 000521728 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2019-07-09 23:00 - 2019-07-09 23:00 - 000519168 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2019-07-09 23:00 - 2019-07-09 23:00 - 000514136 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2019-07-09 23:00 - 2019-07-09 23:00 - 000514048 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpusersvc.dll
2019-07-09 23:00 - 2019-07-09 23:00 - 000513544 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2019-07-09 23:00 - 2019-07-09 23:00 - 000513536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Notifications.dll
2019-07-09 23:00 - 2019-07-09 23:00 - 000511504 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2019-07-09 23:00 - 2019-07-09 23:00 - 000487936 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputSwitch.dll
2019-07-09 23:00 - 2019-07-09 23:00 - 000485376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppcext.dll
2019-07-09 23:00 - 2019-07-09 23:00 - 000482104 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2019-07-09 23:00 - 2019-07-09 23:00 - 000470528 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2019-07-09 23:00 - 2019-07-09 23:00 - 000467984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2019-07-09 23:00 - 2019-07-09 23:00 - 000465920 _____ (Microsoft Corporation) C:\WINDOWS\system32\slui.exe
2019-07-09 23:00 - 2019-07-09 23:00 - 000464912 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2019-07-09 23:00 - 2019-07-09 23:00 - 000463872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2019-07-09 23:00 - 2019-07-09 23:00 - 000461824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmenrollengine.dll
2019-07-09 23:00 - 2019-07-09 23:00 - 000449024 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2019-07-09 23:00 - 2019-07-09 23:00 - 000447488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys
2019-07-09 23:00 - 2019-07-09 23:00 - 000439096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2019-07-09 23:00 - 2019-07-09 23:00 - 000436024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fltMgr.sys
2019-07-09 23:00 - 2019-07-09 23:00 - 000431416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Classpnp.sys
2019-07-09 23:00 - 2019-07-09 23:00 - 000430080 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpclip.exe
2019-07-09 23:00 - 2019-07-09 23:00 - 000425984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2019-07-09 23:00 - 2019-07-09 23:00 - 000425472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2019-07-09 23:00 - 2019-07-09 23:00 - 000423480 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2019-07-09 23:00 - 2019-07-09 23:00 - 000415752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2019-07-09 23:00 - 2019-07-09 23:00 - 000414720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2019-07-09 23:00 - 2019-07-09 23:00 - 000414208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputSwitch.dll
2019-07-09 23:00 - 2019-07-09 23:00 - 000408064 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2019-07-09 23:00 - 2019-07-09 23:00 - 000397688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2019-07-09 23:00 - 2019-07-09 23:00 - 000388096 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2019-07-09 23:00 - 2019-07-09 23:00 - 000370688 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2019-07-09 23:00 - 2019-07-09 23:00 - 000365056 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationControllerPS.dll
2019-07-09 23:00 - 2019-07-09 23:00 - 000362496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2019-07-09 23:00 - 2019-07-09 23:00 - 000359936 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2019-07-09 23:00 - 2019-07-09 23:00 - 000351432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2019-07-09 23:00 - 2019-07-09 23:00 - 000349696 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcGenral.dll
2019-07-09 23:00 - 2019-07-09 23:00 - 000349184 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2019-07-09 23:00 - 2019-07-09 23:00 - 000347136 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2019-07-09 23:00 - 2019-07-09 23:00 - 000346624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptprov.dll
2019-07-09 23:00 - 2019-07-09 23:00 - 000333128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanapi.dll
2019-07-09 23:00 - 2019-07-09 23:00 - 000330752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2019-07-09 23:00 - 2019-07-09 23:00 - 000327168 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.internal.shellcommon.shareexperience.dll
2019-07-09 23:00 - 2019-07-09 23:00 - 000324624 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2019-07-09 23:00 - 2019-07-09 23:00 - 000323072 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcommdlg.dll
2019-07-09 23:00 - 2019-07-09 23:00 - 000311808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapibase.dll
2019-07-09 23:00 - 2019-07-09 23:00 - 000310288 _____ (Microsoft Corporation) C:\WINDOWS\system32\computestorage.dll
2019-07-09 23:00 - 2019-07-09 23:00 - 000309760 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2019-07-09 23:00 - 2019-07-09 23:00 - 000305664 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll
2019-07-09 23:00 - 2019-07-09 23:00 - 000298296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2019-07-09 23:00 - 2019-07-09 23:00 - 000294912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2019-07-09 23:00 - 2019-07-09 23:00 - 000294000 _____ (Microsoft Corporation) C:\WINDOWS\system32\skci.dll
2019-07-09 23:00 - 2019-07-09 23:00 - 000293888 _____ (Microsoft Corporation) C:\WINDOWS\system32\TDLMigration.dll
2019-07-09 23:00 - 2019-07-09 23:00 - 000292152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2019-07-09 23:00 - 2019-07-09 23:00 - 000291840 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManager.dll
2019-07-09 23:00 - 2019-07-09 23:00 - 000291328 _____ (Microsoft Corporation) C:\WINDOWS\system32\CXHProvisioningServer.dll
2019-07-09 23:00 - 2019-07-09 23:00 - 000290816 _____ (Microsoft Corporation) C:\WINDOWS\system32\wkssvc.dll
2019-07-09 23:00 - 2019-07-09 23:00 - 000290304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\MbbCx.sys
2019-07-09 23:00 - 2019-07-09 23:00 - 000281600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptprov.dll
2019-07-09 23:00 - 2019-07-09 23:00 - 000279920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2019-07-09 23:00 - 2019-07-09 23:00 - 000278528 _____ (Microsoft Corporation) C:\WINDOWS\system32\cmd.exe
2019-07-09 23:00 - 2019-07-09 23:00 - 000274432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2019-07-09 23:00 - 2019-07-09 23:00 - 000263680 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiCloudStore.dll
2019-07-09 23:00 - 2019-07-09 23:00 - 000262656 _____ (Microsoft Corporation) C:\WINDOWS\system32\DesktopSwitcherDataModel.dll
2019-07-09 23:00 - 2019-07-09 23:00 - 000260096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2019-07-09 23:00 - 2019-07-09 23:00 - 000241944 _____ (Microsoft Corporation) C:\WINDOWS\system32\IPHLPAPI.DLL
2019-07-09 23:00 - 2019-07-09 23:00 - 000240128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winnat.sys
2019-07-09 23:00 - 2019-07-09 23:00 - 000239616 _____ (Microsoft Corporation) C:\WINDOWS\system32\vdsbas.dll
2019-07-09 23:00 - 2019-07-09 23:00 - 000236032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cmd.exe
2019-07-09 23:00 - 2019-07-09 23:00 - 000220672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Radios.dll
2019-07-09 23:00 - 2019-07-09 23:00 - 000219448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditionUpgradeManagerObj.dll
2019-07-09 23:00 - 2019-07-09 23:00 - 000216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
2019-07-09 23:00 - 2019-07-09 23:00 - 000212792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2019-07-09 23:00 - 2019-07-09 23:00 - 000203272 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcbloader.dll
2019-07-09 23:00 - 2019-07-09 23:00 - 000201528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys
2019-07-09 23:00 - 2019-07-09 23:00 - 000198456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spacedump.sys
2019-07-09 23:00 - 2019-07-09 23:00 - 000197832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IPHLPAPI.DLL
2019-07-09 23:00 - 2019-07-09 23:00 - 000192824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2019-07-09 23:00 - 2019-07-09 23:00 - 000188416 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMPushRouterCore.dll
2019-07-09 23:00 - 2019-07-09 23:00 - 000183808 _____ (Microsoft Corporation) C:\WINDOWS\system32\fsutil.exe
2019-07-09 23:00 - 2019-07-09 23:00 - 000179200 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2019-07-09 23:00 - 2019-07-09 23:00 - 000177152 _____ (Microsoft Corporation) C:\WINDOWS\system32\spacebridge.dll
2019-07-09 23:00 - 2019-07-09 23:00 - 000176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmvdsitf.dll
2019-07-09 23:00 - 2019-07-09 23:00 - 000175104 _____ (Microsoft Corporation) C:\WINDOWS\system32\NcaSvc.dll
2019-07-09 23:00 - 2019-07-09 23:00 - 000165376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spacebridge.dll
2019-07-09 23:00 - 2019-07-09 23:00 - 000164368 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2019-07-09 23:00 - 2019-07-09 23:00 - 000163840 _____ (Microsoft Corporation) C:\WINDOWS\system32\profext.dll
2019-07-09 23:00 - 2019-07-09 23:00 - 000157696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2019-07-09 23:00 - 2019-07-09 23:00 - 000157024 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2019-07-09 23:00 - 2019-07-09 23:00 - 000156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Radios.dll
2019-07-09 23:00 - 2019-07-09 23:00 - 000155648 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2019-07-09 23:00 - 2019-07-09 23:00 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2019-07-09 23:00 - 2019-07-09 23:00 - 000151040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmvdsitf.dll
2019-07-09 23:00 - 2019-07-09 23:00 - 000149232 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingUI.exe
2019-07-09 23:00 - 2019-07-09 23:00 - 000148480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fsutil.exe
2019-07-09 23:00 - 2019-07-09 23:00 - 000141216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll
2019-07-09 23:00 - 2019-07-09 23:00 - 000140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2019-07-09 23:00 - 2019-07-09 23:00 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2019-07-09 23:00 - 2019-07-09 23:00 - 000138240 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppc.dll
2019-07-09 23:00 - 2019-07-09 23:00 - 000137864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2019-07-09 23:00 - 2019-07-09 23:00 - 000137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpaceAgent.exe
2019-07-09 23:00 - 2019-07-09 23:00 - 000133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\profext.dll
2019-07-09 23:00 - 2019-07-09 23:00 - 000132608 _____ (Microsoft Corporation) C:\WINDOWS\splwow64.exe
2019-07-09 23:00 - 2019-07-09 23:00 - 000127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2019-07-09 23:00 - 2019-07-09 23:00 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2019-07-09 23:00 - 2019-07-09 23:00 - 000121896 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdnet.dll
2019-07-09 23:00 - 2019-07-09 23:00 - 000119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\RjvMDMConfig.dll
2019-07-09 23:00 - 2019-07-09 23:00 - 000117720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wldp.dll
2019-07-09 23:00 - 2019-07-09 23:00 - 000115120 _____ (Microsoft Corporation) C:\WINDOWS\system32\phoneactivate.exe
2019-07-09 23:00 - 2019-07-09 23:00 - 000111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2019-07-09 23:00 - 2019-07-09 23:00 - 000098816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2019-07-09 23:00 - 2019-07-09 23:00 - 000095544 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2019-07-09 23:00 - 2019-07-09 23:00 - 000093184 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSReset.exe
2019-07-09 23:00 - 2019-07-09 23:00 - 000092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BTHUSB.SYS
2019-07-09 23:00 - 2019-07-09 23:00 - 000092592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpfve.sys
2019-07-09 23:00 - 2019-07-09 23:00 - 000091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Microsoft.Bluetooth.Legacy.LEEnumerator.sys
2019-07-09 23:00 - 2019-07-09 23:00 - 000091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompMgmtLauncher.exe
2019-07-09 23:00 - 2019-07-09 23:00 - 000078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\offreg.dll
2019-07-09 23:00 - 2019-07-09 23:00 - 000071696 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll
2019-07-09 23:00 - 2019-07-09 23:00 - 000071680 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerUI.dll
2019-07-09 23:00 - 2019-07-09 23:00 - 000060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
2019-07-09 23:00 - 2019-07-09 23:00 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2019-07-09 23:00 - 2019-07-09 23:00 - 000058880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offreg.dll
2019-07-09 23:00 - 2019-07-09 23:00 - 000054272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerUI.dll
2019-07-09 23:00 - 2019-07-09 23:00 - 000050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcimage.dll
2019-07-09 23:00 - 2019-07-09 23:00 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf3216.dll
2019-07-09 23:00 - 2019-07-09 23:00 - 000043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpgradeResultsUI.exe
2019-07-09 23:00 - 2019-07-09 23:00 - 000036360 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2019-07-09 23:00 - 2019-07-09 23:00 - 000036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\spaceman.exe
2019-07-09 23:00 - 2019-07-09 23:00 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2019-07-09 23:00 - 2019-07-09 23:00 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2019-07-09 23:00 - 2019-07-09 23:00 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2019-07-09 23:00 - 2019-07-09 23:00 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2019-07-09 23:00 - 2019-07-09 23:00 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2019-07-09 23:00 - 2019-07-09 23:00 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2019-07-09 23:00 - 2019-07-09 23:00 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2019-07-09 23:00 - 2019-07-09 23:00 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2019-07-07 21:43 - 2019-07-07 21:43 - 000000894 _____ C:\Users\Ricardo\AppData\Local\recently-used.xbel
2019-07-07 21:37 - 2019-07-07 21:46 - 000000000 ____D C:\Users\Ricardo\Downloads\ninjaripper171
2019-07-07 17:41 - 2019-07-07 17:43 - 000000000 ____D C:\Users\Ricardo\AppData\Local\Free Download Manager
2019-07-07 17:40 - 2019-07-07 17:41 - 051189192 _____ (FreeDownloadManager.ORG ) C:\Users\Ricardo\Downloads\fdm5_x64_setup.exe
2019-07-07 17:17 - 2019-07-07 17:17 - 000000000 ____D C:\Users\Ricardo\AppData\Roaming\Macromedia
2019-07-07 17:00 - 2019-07-07 17:00 - 000319783 _____ C:\Users\Ricardo\Downloads\29_GSCUtil111.zip
2019-07-07 17:00 - 2019-07-07 17:00 - 000000000 ____D C:\Users\Ricardo\Downloads\29_GSCUtil111
2019-07-07 16:32 - 2019-07-07 16:32 - 000000454 _____ C:\Users\Ricardo\Downloads\hereos of anihilated empires.txt
2019-07-07 16:19 - 2019-07-07 16:21 - 012134023 _____ C:\Users\Ricardo\Downloads\XPack.rar
2019-07-07 14:16 - 2019-07-20 15:51 - 000000000 ____D C:\Program Files (x86)\backburner 2
2019-07-07 14:16 - 2019-07-20 15:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\discreet
2019-07-07 14:14 - 2019-07-20 15:51 - 000000000 ____D C:\ProgramData\Autodesk
2019-07-07 14:08 - 2019-07-07 14:08 - 096880640 _____ C:\Users\Ricardo\Downloads\3ds Max 7.iso
2019-07-07 13:47 - 2019-07-07 13:47 - 000280247 _____ C:\Users\Ricardo\Downloads\(2)Heros of Annihilated Empires.w3x
2019-07-07 00:37 - 2019-07-07 00:37 - 009417652 _____ C:\Users\Ricardo\Downloads\Four Empires 01.rar
2019-07-07 00:30 - 2019-07-07 00:30 - 004323238 _____ C:\Users\Ricardo\Downloads\WH_Mod.rar
2019-07-06 15:31 - 2019-07-06 15:31 - 000000337 _____ C:\Users\Ricardo\Downloads\juego de romanos.txt
2019-07-03 00:26 - 2019-07-03 00:26 - 000077447 _____ C:\Users\Ricardo\Downloads\Imp.zip
2019-07-02 11:43 - 2019-07-02 11:51 - 000000000 ____D C:\Users\Ricardo\Downloads\catedrales
2019-06-30 16:55 - 2019-06-30 16:55 - 007085998 _____ C:\Users\Ricardo\Downloads\UGC_SPANISH MOD [76561197992399560].taf

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-07-29 18:36 - 2019-01-24 15:24 - 000000000 ____D C:\ProgramData\Kaspersky Lab
2019-07-29 18:36 - 2019-01-18 23:28 - 000000000 ____D C:\Users\Ricardo\AppData\Local\Battle.net
2019-07-29 18:32 - 2018-09-15 09:33 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-07-29 18:31 - 2019-02-26 00:38 - 000000000 ____D C:\Users\Ricardo\AppData\Roaming\vlc
2019-07-29 17:29 - 2019-01-18 23:28 - 000000000 ____D C:\Program Files (x86)\StarCraft II
2019-07-29 17:08 - 2019-02-01 21:25 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-07-29 16:47 - 2019-01-17 23:36 - 000000000 ____D C:\ProgramData\NVIDIA
2019-07-29 16:45 - 2019-02-01 21:31 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-07-29 16:40 - 2018-09-15 08:09 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2019-07-29 11:40 - 2019-02-01 21:35 - 001773362 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-07-29 11:40 - 2018-09-15 18:36 - 000788392 _____ C:\WINDOWS\system32\perfh00A.dat
2019-07-29 11:40 - 2018-09-15 18:36 - 000155682 _____ C:\WINDOWS\system32\perfc00A.dat
2019-07-29 11:40 - 2018-09-15 09:31 - 000000000 ____D C:\WINDOWS\INF
2019-07-29 11:37 - 2019-01-18 23:28 - 000000000 ____D C:\Users\Ricardo\Documents\StarCraft II
2019-07-27 15:20 - 2019-01-17 23:02 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2019-07-27 11:36 - 2019-01-19 11:24 - 000000000 ____D C:\Users\Ricardo\Desktop\programas
2019-07-27 11:26 - 2019-05-20 20:04 - 000000000 ____D C:\Users\Ricardo\AppData\Roaming\MPC-HC
2019-07-27 10:49 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2019-07-27 10:06 - 2018-09-15 09:33 - 000000000 ___HD C:\Program Files\WindowsApps
2019-07-27 10:06 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-07-26 22:10 - 2018-09-15 08:09 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2019-07-26 16:09 - 2019-01-23 21:05 - 000000000 ____D C:\Program Files\Malwarebytes
2019-07-26 16:09 - 2018-09-15 09:33 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2019-07-24 13:19 - 2019-01-29 21:27 - 000000000 ____D C:\Users\Ricardo\Downloads\documentos de juegos
2019-07-23 16:11 - 2019-02-24 18:24 - 000000000 ____D C:\Users\Ricardo\AppData\Local\babl-0.1
2019-07-22 16:48 - 2019-03-17 12:16 - 000000000 ____D C:\Users\Ricardo\Downloads\mapas
2019-07-20 16:45 - 2019-01-18 11:57 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-07-20 16:44 - 2019-01-18 11:57 - 136618864 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-07-20 16:07 - 2019-02-01 21:28 - 000000000 ____D C:\Users\Ricardo
2019-07-20 16:05 - 2019-02-01 17:43 - 000000000 ____D C:\Users\Ricardo\Desktop\juegos
2019-07-20 16:00 - 2019-01-26 23:47 - 000000000 ____D C:\Users\Ricardo\AppData\LocalLow\BulwarkStudios
2019-07-20 15:59 - 2019-01-19 20:14 - 000000000 ____D C:\Games
2019-07-20 15:39 - 2019-04-06 19:25 - 000000896 _____ C:\Users\Public\Desktop\StarCraft II.lnk
2019-07-19 21:47 - 2019-02-01 20:29 - 000000000 ____D C:\WINDOWS\AutoKMS
2019-07-19 20:24 - 2019-02-01 21:25 - 000570720 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-07-19 20:10 - 2019-01-17 23:43 - 001154336 _____ (Realtek ) C:\WINDOWS\system32\Drivers\rt640x64.sys
2019-07-19 20:01 - 2019-01-18 23:07 - 006781216 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RTKVHD64.sys
2019-07-19 19:59 - 2019-01-18 21:08 - 000228608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2019-07-19 19:58 - 2019-01-18 21:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2019-07-19 19:58 - 2019-01-17 23:36 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2019-07-19 19:56 - 2019-01-19 17:11 - 000000000 ____D C:\Users\Ricardo\AppData\Roaming\DAEMON Tools Lite
2019-07-19 18:59 - 2019-01-18 21:08 - 000052446 _____ C:\WINDOWS\system32\nvinfo.pb
2019-07-19 18:28 - 2019-01-18 21:08 - 005085096 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2019-07-19 17:48 - 2018-10-03 02:00 - 000032544 _____ (Advanced Micro Devices) C:\WINDOWS\system32\Drivers\AMDPCIDev.sys
2019-07-19 17:48 - 2018-10-02 22:06 - 000024528 _____ (Advanced Micro Devices, Inc) C:\WINDOWS\system32\Drivers\amdgpio3.sys
2019-07-19 17:43 - 2019-01-17 23:38 - 000000000 ____D C:\Users\Ricardo\AppData\Roaming\Easeware
2019-07-19 17:43 - 2019-01-17 23:38 - 000000000 ____D C:\Program Files\Easeware
2019-07-19 17:04 - 2019-01-18 11:49 - 000741432 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2019-07-18 11:44 - 2019-01-19 20:07 - 000000000 ____D C:\Users\Ricardo\AppData\Local\Downloaded Installations
2019-07-16 13:50 - 2019-03-10 13:26 - 000000000 ____D C:\ProgramData\Freemake
2019-07-16 13:14 - 2019-03-10 13:26 - 000000000 ____D C:\Program Files (x86)\Freemake
2019-07-16 11:18 - 2019-01-24 15:52 - 000002259 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-07-10 22:27 - 2019-01-25 22:49 - 000000000 ____D C:\Program Files\Notepad++
2019-07-10 09:14 - 2019-01-17 23:11 - 000000000 __RHD C:\Users\Public\AccountPictures
2019-07-10 09:14 - 2019-01-17 23:11 - 000000000 ___RD C:\Users\Ricardo\3D Objects
2019-07-10 00:45 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2019-07-10 00:45 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2019-07-10 00:45 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\system32\oobe
2019-07-10 00:45 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\system32\appraiser
2019-07-10 00:45 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\ShellExperiences
2019-07-10 00:45 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\ShellComponents
2019-07-10 00:45 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\Provisioning
2019-07-10 00:45 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-07-10 00:45 - 2018-09-15 08:09 - 000000000 ____D C:\WINDOWS\system32\Dism
2019-07-10 00:00 - 2019-01-19 20:47 - 000000000 ____D C:\Users\Ricardo\Documents\My Games
2019-07-09 23:02 - 2018-09-15 09:23 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-07-07 14:16 - 2018-09-15 09:33 - 000000000 ___SD C:\WINDOWS\Downloaded Program Files
2019-07-04 13:12 - 2019-02-01 21:31 - 000003384 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1621665563-1515332978-2589713378-1001
2019-07-04 13:12 - 2019-02-01 21:28 - 000002407 _____ C:\Users\Ricardo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-07-04 13:12 - 2019-01-17 23:13 - 000000000 ___RD C:\Users\Ricardo\OneDrive
2019-07-04 12:05 - 2019-01-19 23:37 - 000000000 ____D C:\Users\Ricardo\AppData\Local\CrashDumps
2019-07-03 11:10 - 2019-01-18 21:10 - 005435376 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2019-07-03 11:10 - 2019-01-18 21:10 - 002637168 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2019-07-03 11:10 - 2019-01-18 21:10 - 001767464 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2019-07-03 11:10 - 2019-01-18 21:10 - 000651248 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2019-07-03 11:10 - 2019-01-18 21:10 - 000450416 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2019-07-03 11:10 - 2019-01-18 21:10 - 000124784 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2019-07-03 11:10 - 2019-01-18 21:10 - 000082984 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2019-07-03 11:09 - 2019-01-18 21:10 - 008628422 _____ C:\WINDOWS\system32\nvcoproc.bin
2019-07-02 23:17 - 2019-04-20 16:44 - 000000000 ____D C:\Users\Ricardo\AppData\Roaming\Might & Magic Heroes VI

==================== Files in the root of some directories ================

2019-01-23 20:02 - 2019-01-23 20:02 - 006860752 _____ (NeoSoft Tools                                               ) C:\Users\Ricardo\AppData\Roaming\cbargat.exe
2019-01-23 20:02 - 2019-01-23 20:02 - 006860752 _____ () C:\Users\Ricardo\AppData\Roaming\cbargat.exe.E
2019-01-23 20:02 - 2019-01-23 20:02 - 000182272 _____ () C:\Users\Ricardo\AppData\Roaming\lakric.exe.E
2019-07-07 21:43 - 2019-07-07 21:43 - 000000894 _____ () C:\Users\Ricardo\AppData\Local\recently-used.xbel

==================== SigCheck ===============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ============================

ADDITION.txt

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 29-07-2019
Ran by Ricardo (29-07-2019 18:38:31)
Running from C:\Users\Ricardo\Downloads
Windows 10 Home N Version 1809 17763.615 (X64) (2019-02-01 19:31:27)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrador (S-1-5-21-1621665563-1515332978-2589713378-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1621665563-1515332978-2589713378-503 - Limited - Disabled)
Invitado (S-1-5-21-1621665563-1515332978-2589713378-501 - Limited - Disabled)
Ricardo (S-1-5-21-1621665563-1515332978-2589713378-1001 - Administrator - Enabled) => C:\Users\Ricardo
WDAGUtilityAccount (S-1-5-21-1621665563-1515332978-2589713378-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Kaspersky Free (Disabled - Up to date) {0AB30972-4BAC-7BEE-CBCA-B8F9E68797D8}
AS: Kaspersky Free (Disabled - Up to date) {B1D2E896-6D96-7460-F17A-838B9D00DD65}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Actualización de NVIDIA 36.0.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 36.0.0.0 - NVIDIA Corporation) Hidden
Age of Wonders III Eternal Lords (HKLM-x32\...\Age of Wonders III Eternal Lords_is1) (Version:  - )
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 17.7 - Advanced Micro Devices, Inc.)
AOMEI Partition Assistant Pro Edition 5.5 (HKLM-x32\...\{02F850ED-FD0E-4ED1-BE0B-5498165BF300}_is1) (Version:  - AOMEI Technology Co., Ltd.)
Balanced (HKLM-x32\...\{EFD0705E-598B-46D4-8D5B-4539431764B8}) (Version: 2.02.0000 - Nombre de su organización) Hidden
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
CCleaner (HKLM\...\CCleaner) (Version: 5.58 - Piriform)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.9.0.0677 - Disc Soft Ltd)
Disciples III Renaissance - Steam Special Edition (HKLM-x32\...\Disciples III Renaissance - Steam Special Edition_is1) (Version:  - )
Disciples III: Resurrection (HKLM-x32\...\{AED2C31B-91E5-481f-9E77-D3D6F68B3206}_is1) (Version:  - .DAT)
DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 417.71 - NVIDIA Corporation) Hidden
Driver Easy 5.6.12 (HKLM\...\DriverEasy_is1) (Version: 5.6.12 - Easeware)
Freemake Video Converter versión 4.1.10 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.10 - Mixbyte Inc.)
GIMP 2.10.8 (HKLM\...\GIMP-2_is1) (Version: 2.10.8 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 75.0.3770.142 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden
Heroes of Annihilated Empires (HKLM-x32\...\Heroes of Annihilated Empires_is1) (Version:  - GOG.com)
Kaspersky Free (HKLM-x32\...\{718613F4-492D-4272-ACC3-D04A8EF0F883}) (Version: 19.0.0.1088 - Kaspersky Lab) Hidden
Kaspersky Free (HKLM-x32\...\InstallWIX_{718613F4-492D-4272-ACC3-D04A8EF0F883}) (Version: 19.0.0.1088 - Kaspersky Lab)
Kaspersky Secure Connection (HKLM-x32\...\{F10AA188-7166-430E-8810-FEAB2AD73DE3}) (Version: 19.0.0.1088 - Kaspersky Lab) Hidden
Kaspersky Secure Connection (HKLM-x32\...\InstallWIX_{F10AA188-7166-430E-8810-FEAB2AD73DE3}) (Version: 19.0.0.1088 - Kaspersky Lab)
Malwarebytes versión 3.8.3.2965 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.8.3.2965 - Malwarebytes)
Microsoft Office Professional Edition 2003 (HKLM-x32\...\{90110C0A-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.5614.0 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1621665563-1515332978-2589713378-1001\...\OneDriveSetup.exe) (Version: 19.103.0527.0003 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{90ffcee5-8608-4e94-8c18-a4feb4f83fb8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.15.26706 (HKLM-x32\...\{95ac1cfa-f4fb-4d1b-8912-7f9d5fbb140d}) (Version: 14.15.26706.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.15.26706 (HKLM-x32\...\{7e9fae12-5bbf-47fb-b944-09c49e75c061}) (Version: 14.15.26706.0 - Microsoft Corporation)
Movavi Video Editor 15 Plus (HKU\S-1-5-21-1621665563-1515332978-2589713378-1001\...\Movavi Video Editor 15 Plus) (Version: 15.0.0 - Movavi)
MPC-HC 1.7.13 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.7.13 - MPC-HC Team)
Notepad++ (64-bit x64) (HKLM\...\Notepad++) (Version: 7.7.1 - Notepad++ Team)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.15 - NVIDIA Corporation) Hidden
NVIDIA Controlador de audio HD 1.3.38.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.4 - NVIDIA Corporation)
NVIDIA Controlador de la controladora 3D Vision 390.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 390.41 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.18.0.102 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.18.0.102 - NVIDIA Corporation)
NVIDIA Software del sistema PhysX 9.18.0907 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.18.0907 - NVIDIA Corporation)
OEM Application Profile (HKLM-x32\...\{12C2AEB0-ED60-4CCF-DD83-C65BC7CCFB50}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Panel de control de NVIDIA 431.36 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 431.36 - NVIDIA Corporation) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.31.828.2018 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8612 - Realtek Semiconductor Corp.)
StarCraft II (HKLM-x32\...\StarCraft II) (Version:  - Blizzard Entertainment)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{F814D094-197F-43C8-87FA-3210BB780486}) (Version: 2.53.0.0 - Microsoft Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.6 - VideoLAN)
Warhammer 40000 Sanctus Reach MULTi4 - ElAmigos versión 1.2.2 (HKLM-x32\...\{97F321AA-D70C-4E89-8A47-097301C61338}_is1) (Version: 1.2.2 - Slitherine Ltd.)
WinRAR 5.61 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.61.0 - win.rar GmbH)
XCOM 2 Digital Deluxe Edition MULTi11 - ElAmigos versión 1.0 u11 (HKLM-x32\...\{5B33B979-8F2B-4A3A-AAF6-76C0C216321D}_is1) (Version: 1.0 u11 - 2K)

Packages:
=========
Correo y Calendario -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe [2019-07-10] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-18] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-18] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.4.6132.0_x64__8wekyb3d8bbwe [2019-06-16] (Microsoft Studios) [MS Ad]
MSN El Tiempo -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.31.11905.0_x64__8wekyb3d8bbwe [2019-07-20] (Microsoft Corporation) [MS Ad]

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files\Notepad++\NppShell_06.dll [2019-06-17] (Notepad++ -> )
ContextMenuHandlers1: [Kaspersky Anti-Virus 19.0.0] -> {755D388B-420B-4692-A974-84AAF0E577D3} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\x64\ShellEx.dll [2019-04-18] (Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [Kaspersky Anti-Virus 19.0.0] -> {755D388B-420B-4692-A974-84AAF0E577D3} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\x64\ShellEx.dll [2019-04-18] (Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [Kaspersky Anti-Virus 19.0.0] -> {755D388B-420B-4692-A974-84AAF0E577D3} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\x64\ShellEx.dll [2019-04-18] (Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2019-07-03] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [Kaspersky Anti-Virus 19.0.0] -> {755D388B-420B-4692-A974-84AAF0E577D3} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\x64\ShellEx.dll [2019-04-18] (Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2019-06-28 11:48 - 2019-06-28 11:48 - 085602816 _____ () [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11266\libcef.dll
2019-06-28 11:48 - 2019-06-28 11:48 - 000089600 _____ () [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11266\libEGL.dll
2019-06-28 11:48 - 2019-06-28 11:48 - 003841536 _____ () [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11266\libGLESv2.dll
2019-07-07 14:16 - 2019-07-07 14:16 - 000068608 _____ () [File not signed] C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskScSrv.exe
2019-06-28 11:48 - 2019-06-28 11:48 - 001463808 _____ (Firelight Technologies) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11266\fmod.dll
2019-02-09 22:52 - 2016-12-07 20:44 - 000373248 _____ (IntelleSoft) [File not signed] C:\Users\Ricardo\Downloads\XMouseButtonControl 2.18.2 Portable\64bit (x64)\BugTrapU-x64.dll
2019-06-28 11:48 - 2019-06-28 11:48 - 000596992 _____ (The Chromium Authors) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11266\chrome_elf.dll
2019-06-28 11:48 - 2019-06-28 11:48 - 000047104 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11266\audio\qtaudio_windows.dll
2019-06-28 11:48 - 2019-06-28 11:48 - 000026112 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11266\imageformats\qgif.dll
2019-06-28 11:48 - 2019-06-28 11:48 - 000027136 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11266\imageformats\qico.dll
2019-06-28 11:48 - 2019-06-28 11:48 - 000243712 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11266\imageformats\qjpeg.dll
2019-06-28 11:48 - 2019-06-28 11:48 - 000223744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11266\imageformats\qmng.dll
2019-06-28 11:48 - 2019-06-28 11:48 - 000020992 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11266\imageformats\qsvg.dll
2019-06-28 11:48 - 2019-06-28 11:48 - 000332288 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11266\imageformats\qtiff.dll
2019-06-28 11:48 - 2019-06-28 11:48 - 001140224 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11266\platforms\qwindows.dll
2019-06-28 11:48 - 2019-06-28 11:48 - 000041984 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11266\qml\QtGraphicalEffects\private\qtgraphicaleffectsprivate.dll
2019-06-28 11:48 - 2019-06-28 11:48 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11266\qml\QtGraphicalEffects\qtgraphicaleffectsplugin.dll
2019-06-28 11:48 - 2019-06-28 11:48 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11266\qml\QtQml\Models.2\modelsplugin.dll
2019-06-28 11:48 - 2019-06-28 11:48 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11266\qml\QtQuick.2\qtquick2plugin.dll
2019-06-28 11:48 - 2019-06-28 11:48 - 000084480 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11266\qml\QtQuick\Controls.2\qtquickcontrols2plugin.dll
2019-06-28 11:48 - 2019-06-28 11:48 - 000267776 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11266\qml\QtQuick\Controls\qtquickcontrolsplugin.dll
2019-06-28 11:48 - 2019-06-28 11:48 - 000071680 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11266\qml\QtQuick\Layouts\qquicklayoutsplugin.dll
2019-06-28 11:48 - 2019-06-28 11:48 - 000211456 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11266\qml\QtQuick\Templates.2\qtquicktemplates2plugin.dll
2019-06-28 11:48 - 2019-06-28 11:48 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11266\qml\QtQuick\Window.2\windowplugin.dll
2019-06-28 11:48 - 2019-06-28 11:48 - 004943360 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11266\Qt5Core.dll
2019-06-28 11:48 - 2019-06-28 11:48 - 005022208 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11266\Qt5Gui.dll
2019-06-28 11:48 - 2019-06-28 11:48 - 000626176 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11266\Qt5Multimedia.dll
2019-06-28 11:48 - 2019-06-28 11:48 - 000877056 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11266\Qt5Network.dll
2019-06-28 11:48 - 2019-06-28 11:48 - 002908672 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11266\Qt5Qml.dll
2019-06-28 11:48 - 2019-06-28 11:48 - 003078656 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11266\Qt5Quick.dll
2019-06-28 11:48 - 2019-06-28 11:48 - 000096256 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11266\Qt5QuickControls2.dll
2019-06-28 11:48 - 2019-06-28 11:48 - 000681472 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11266\Qt5QuickTemplates2.dll
2019-06-28 11:48 - 2019-06-28 11:48 - 000259072 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11266\Qt5Svg.dll
2019-06-28 11:48 - 2019-06-28 11:48 - 004718080 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11266\Qt5Widgets.dll
2019-06-28 11:48 - 2019-06-28 11:48 - 000439296 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11266\Qt5WinExtras.dll
2019-06-28 11:48 - 2019-06-28 11:48 - 000159232 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11266\Qt5Xml.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\.DEFAULT\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-1621665563-1515332978-2589713378-1001\...\localhost -> localhost

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2018-04-12 01:38 - 2019-07-19 17:27 - 002097556 ____R C:\WINDOWS\system32\drivers\etc\hosts

127.0.0.1 space1.adminpressure.space
127.0.0.1 trackpressure.website
127.0.0.1 htagzdownload.pw
127.0.0.1 texttotalk.org
127.0.0.1 360devtraking.website
127.0.0.1 room1.360dev.info
127.0.0.1 djapp.info
127.0.0.1 technologievimy.com
127.0.0.1         app.drivereasy.com
127.0.0.1         cdn.drivereasy.com
149.202.196.40         dow0.drivereasy.com
149.202.196.40         dow1.drivereasy.com

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1621665563-1515332978-2589713378-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Ricardo\Downloads\rey hielo.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is disabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{16BA5E5E-EC54-4521-A4B1-BF86C1B9AE63}] => (Allow) LPort=1688
FirewallRules: [UDP Query User{412273ED-85CC-4D17-B7AD-C46E91C65D8D}C:\games\xcom 2\binaries\win64\xcom2.exe] => (Allow) C:\games\xcom 2\binaries\win64\xcom2.exe (Firaxis Games) [File not signed]
FirewallRules: [TCP Query User{584469AD-5DCE-4F71-A66A-5B64F4DB83B2}C:\games\xcom 2\binaries\win64\xcom2.exe] => (Allow) C:\games\xcom 2\binaries\win64\xcom2.exe (Firaxis Games) [File not signed]
FirewallRules: [{F56384FA-D89C-4A1F-A9CD-62ADF3236A56}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd)
FirewallRules: [{AAC5352E-77E5-42A0-A47F-7561F86AA114}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{C127AAD8-0EAB-4018-BE8B-EC9F579F14AD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{868A54DF-CF86-4BA7-B690-93E19C730CBD}C:\games\xcom 2\xcom2-warofthechosen\binaries\win64\xcom2.exe] => (Allow) C:\games\xcom 2\xcom2-warofthechosen\binaries\win64\xcom2.exe (Firaxis Games) [File not signed]
FirewallRules: [UDP Query User{171E0803-254E-4E4A-85B9-0B75807375F0}C:\games\xcom 2\xcom2-warofthechosen\binaries\win64\xcom2.exe] => (Allow) C:\games\xcom 2\xcom2-warofthechosen\binaries\win64\xcom2.exe (Firaxis Games) [File not signed]
FirewallRules: [{2B5DCCCA-DBF1-4CA4-AC7A-63AFF8E3E4D2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{22E051D9-1755-4B1E-BD48-3BD4AACEFE82}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{F3FBA9AC-1CC3-4887-9F4D-1DA8D6A5AE11}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{3AB8472C-B5A6-43B0-B71E-8DFED5A9FBD7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{5D28F50B-C2FA-4F8E-B907-02ABD0F3EE0B}] => (Allow) H:\3dsmax7\3dsmax.exe No File
FirewallRules: [{C110C34B-2ADD-4CFE-9107-03655A752D76}] => (Allow) H:\3dsmax7\3dsmax.exe No File
FirewallRules: [TCP Query User{FF2EB3EA-1D38-42BE-9239-1F0EE60A0F5C}H:\games\age of wonders iii eternal lords\aow3.exe] => (Allow) H:\games\age of wonders iii eternal lords\aow3.exe No File
FirewallRules: [UDP Query User{B8ED7E9C-8C84-4B4E-9C33-631B9A8919C0}H:\games\age of wonders iii eternal lords\aow3.exe] => (Allow) H:\games\age of wonders iii eternal lords\aow3.exe No File
FirewallRules: [TCP Query User{68C08FE5-924A-4B40-87F3-FD7C529865AD}C:\program files (x86)\starcraft ii\versions\base75025\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base75025\sc2_x64.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment, Inc.)
FirewallRules: [UDP Query User{5F8906AC-F649-43B7-B349-6BFEFA0A7BBE}C:\program files (x86)\starcraft ii\versions\base75025\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base75025\sc2_x64.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment, Inc.)
FirewallRules: [TCP Query User{04621066-C6D8-4DDC-8A14-8771487125D1}C:\program files (x86)\starcraft ii\versions\base75025\sc2.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base75025\sc2.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment, Inc.)
FirewallRules: [UDP Query User{5D783F13-E8CC-4D6E-9E4A-5C6BCAB05FC6}C:\program files (x86)\starcraft ii\versions\base75025\sc2.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base75025\sc2.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment, Inc.)
FirewallRules: [{79F6E598-99AE-4C93-BB50-A059547760CB}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

28-07-2019 21:38:51 End of disinfection

==================== Faulty Device Manager Devices =============

Name: Dispositivo USB desconocido (Error de solicitud de descriptor de dispositivo)
Description: Dispositivo USB desconocido (Error de solicitud de descriptor de dispositivo)
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Controladora de host USB estándar)
Service: 
Problem: : Windows has stopped this device because it has reported problems. (Code 43)
Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation. 


==================== Event log errors: =========================

Application errors:
==================
Error: (07/29/2019 04:56:07 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Error de la activación de licencia (slui.exe) con el siguiente código:
hr=0xC004F074
Argumentos de línea de comandos:
RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=7b9e1751-a8da-4f75-9560-5fadfe3d8e38;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (07/29/2019 04:46:08 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Error de la activación de licencia (slui.exe) con el siguiente código:
hr=0xC004F074
Argumentos de línea de comandos:
RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=7b9e1751-a8da-4f75-9560-5fadfe3d8e38;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (07/29/2019 04:45:47 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Error de la activación de licencia (slui.exe) con el siguiente código:
hr=0xC004F074
Argumentos de línea de comandos:
RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=7b9e1751-a8da-4f75-9560-5fadfe3d8e38;NotificationInterval=1440;Trigger=UserLogon;SessionId=1

Error: (07/29/2019 03:26:28 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Error de la activación de licencia (slui.exe) con el siguiente código:
hr=0xC004F074
Argumentos de línea de comandos:
RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=7b9e1751-a8da-4f75-9560-5fadfe3d8e38;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (07/29/2019 03:26:04 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Error de la activación de licencia (slui.exe) con el siguiente código:
hr=0xC004F074
Argumentos de línea de comandos:
RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=7b9e1751-a8da-4f75-9560-5fadfe3d8e38;NotificationInterval=1440;Trigger=UserLogon;SessionId=1

Error: (07/29/2019 01:56:46 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Error de la activación de licencia (slui.exe) con el siguiente código:
hr=0xC004F074
Argumentos de línea de comandos:
RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=7b9e1751-a8da-4f75-9560-5fadfe3d8e38;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (07/29/2019 01:56:21 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Error de la activación de licencia (slui.exe) con el siguiente código:
hr=0xC004F074
Argumentos de línea de comandos:
RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=7b9e1751-a8da-4f75-9560-5fadfe3d8e38;NotificationInterval=1440;Trigger=UserLogon;SessionId=1

Error: (07/29/2019 11:35:52 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Error de la activación de licencia (slui.exe) con el siguiente código:
hr=0xC004F074
Argumentos de línea de comandos:
RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=7b9e1751-a8da-4f75-9560-5fadfe3d8e38;NotificationInterval=1440;Trigger=NetworkAvailable


System errors:
=============
Error: (07/29/2019 04:45:40 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: La configuración de permisos específico de la aplicación no concede el permiso Iniciar Local para la aplicación de servidor COM con CLSID 
Windows.SecurityCenter.WscBrokerManager
 y APPID 
No disponible
 al usuario NT AUTHORITY\SYSTEM con SID (S-1-5-18) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.

Error: (07/29/2019 04:45:40 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: La configuración de permisos específico de la aplicación no concede el permiso Iniciar Local para la aplicación de servidor COM con CLSID 
Windows.SecurityCenter.SecurityAppBroker
 y APPID 
No disponible
 al usuario NT AUTHORITY\SYSTEM con SID (S-1-5-18) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.

Error: (07/29/2019 04:40:02 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: Error de DCOM "1115" al intentar iniciar el servicio SecurityHealthService con argumentos "No disponible" para ejecutar el servidor:
{2D15188C-D298-4E10-83B2-64666CCBEBBD}

Error: (07/29/2019 04:40:02 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: Error de DCOM "1115" al intentar iniciar el servicio SecurityHealthService con argumentos "No disponible" para ejecutar el servidor:
{2D15188C-D298-4E10-83B2-64666CCBEBBD}

Error: (07/29/2019 04:40:02 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: Error de DCOM "1115" al intentar iniciar el servicio SecurityHealthService con argumentos "No disponible" para ejecutar el servidor:
{2D15188C-D298-4E10-83B2-64666CCBEBBD}

Error: (07/29/2019 04:40:02 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: Error de DCOM "1115" al intentar iniciar el servicio SecurityHealthService con argumentos "No disponible" para ejecutar el servidor:
{2D15188C-D298-4E10-83B2-64666CCBEBBD}

Error: (07/29/2019 04:40:02 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: Error de DCOM "1115" al intentar iniciar el servicio SecurityHealthService con argumentos "No disponible" para ejecutar el servidor:
{2D15188C-D298-4E10-83B2-64666CCBEBBD}

Error: (07/29/2019 04:40:02 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: Error de DCOM "1115" al intentar iniciar el servicio SecurityHealthService con argumentos "No disponible" para ejecutar el servidor:
{2D15188C-D298-4E10-83B2-64666CCBEBBD}


Windows Defender:
===================================
Date: 2019-07-19 17:01:35.078
Description: 
Antivirus de Windows Defender encontró un error al intentar actualizar las firmas.
Nueva versión de firma: 
Versión de firma anterior: 1.295.697.0
Origen de actualización: Centro de protección contra malware de Microsoft
Tipo de firma: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\Servicio de red
Versión de motor actual: 
Versión de motor anterior: 1.1.16000.6
Código de error: 0x800706d9
Descripción del error: No hay más extremos disponibles desde el asignador de extremos. 

Date: 2019-07-19 17:01:35.078
Description: 
Antivirus de Windows Defender encontró un error al intentar actualizar las firmas.
Nueva versión de firma: 
Versión de firma anterior: 1.295.697.0
Origen de actualización: Centro de protección contra malware de Microsoft
Tipo de firma: AntiSpyware
Tipo de actualización: Completa
Usuario: NT AUTHORITY\Servicio de red
Versión de motor actual: 
Versión de motor anterior: 1.1.16000.6
Código de error: 0x800706d9
Descripción del error: No hay más extremos disponibles desde el asignador de extremos. 

Date: 2019-07-19 17:01:35.077
Description: 
Antivirus de Windows Defender encontró un error al intentar actualizar las firmas.
Nueva versión de firma: 
Versión de firma anterior: 1.295.697.0
Origen de actualización: Centro de protección contra malware de Microsoft
Tipo de firma: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\Servicio de red
Versión de motor actual: 
Versión de motor anterior: 1.1.16000.6
Código de error: 0x800706d9
Descripción del error: No hay más extremos disponibles desde el asignador de extremos. 

Date: 2019-07-19 17:01:35.070
Description: 
Antivirus de Windows Defender encontró un error al intentar actualizar las firmas.
Nueva versión de firma: 
Versión de firma anterior: 1.295.697.0
Origen de actualización: Centro de protección contra malware de Microsoft
Tipo de firma: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\Servicio de red
Versión de motor actual: 
Versión de motor anterior: 1.1.16000.6
Código de error: 0x800706d9
Descripción del error: No hay más extremos disponibles desde el asignador de extremos. 

Date: 2019-07-19 17:01:35.070
Description: 
Antivirus de Windows Defender encontró un error al intentar actualizar las firmas.
Nueva versión de firma: 
Versión de firma anterior: 1.295.697.0
Origen de actualización: Centro de protección contra malware de Microsoft
Tipo de firma: AntiSpyware
Tipo de actualización: Completa
Usuario: NT AUTHORITY\Servicio de red
Versión de motor actual: 
Versión de motor anterior: 1.1.16000.6
Código de error: 0x800706d9
Descripción del error: No hay más extremos disponibles desde el asignador de extremos. 

CodeIntegrity:
===================================

Date: 2019-07-28 21:39:09.840
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\avp.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Microsoft Office\OFFICE11\MCPS.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-07-27 21:33:38.278
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-07-27 21:33:38.272
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-07-27 21:33:38.250
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-07-27 21:33:38.244
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-07-27 11:16:10.655
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\avp.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Microsoft Office\OFFICE11\MCPS.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-07-26 17:41:11.616
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\avp.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Microsoft Office\OFFICE11\MCPS.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-07-26 17:41:11.086
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\avp.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Microsoft Office\OFFICE11\MCPS.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

==================== Memory info =========================== 

BIOS: American Megatrends Inc. P3.00 07/18/2017
Motherboard: ASRock A320M-DGS
Processor: AMD Ryzen 3 1300X Quad-Core Processor 
Percentage of memory in use: 54%
Total physical RAM: 8125.1 MB
Available physical RAM: 3725.96 MB
Total Virtual: 9405.1 MB
Available Virtual: 3745.36 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:445.71 GB) (Free:256.84 GB) NTFS
Drive d: (Age of Wonders III Eternal Lords) (CDROM) (Total:3.79 GB) (Free:0 GB) UDF
Drive i: (Elements) (Fixed) (Total:1397.23 GB) (Free:277.94 GB) NTFS

\\?\Volume{afb0463e-f92e-4117-8b12-1f9e35149c1e}\ (Recuperación) (Fixed) (Total:0.49 GB) (Free:0.12 GB) NTFS
\\?\Volume{95b8805e-6fe7-456e-a099-8a1cb485ce5c}\ () (Fixed) (Total:0.82 GB) (Free:0.34 GB) NTFS
\\?\Volume{677bc9ea-927e-454b-91c6-c24813a6ca89}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Protective MBR) (Size: 447.1 GB) (Disk ID: 00000000)

Partition: GPT.

========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 1397.2 GB) (Disk ID: 375F8366)
Partition 1: (Not Active) - (Size=1397.2 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

Hola espero que te sea leve, agradezco mucho la ayuda que m estas prestando, esto es mucho trabajo

ehh lo siento se me olvidó ponerlo en quote pero no se como editarlo

Hola

Descarga, instala y ejecuta Revo Uninstaller

  • Desinstala SpyHunter. Elige el modo avanzado de desinstalación.

No descargaste ni ejecutaste FRST desde el escritorio como te indiqué, muevelo allí si no no funcionará el siguiente paso.

:arrow_forward: MUY Importante :arrow_backward: Realiza una copia de seguridad del registro :

  • Para hacerlo descarga :arrow_forward: DelFix.exe( en tu escritorio).

  • Doble clic para ejecutarlo.(Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona -Ejecutar como Administrador-).

  • Atención, ahora marca/selecciona únicamente la casilla "Create registry backup", las demás NO.

  • Pulsar en Run.

Se abrirá el informe (DelFix.txt), guárdalo por si fuera necesario y cierra la herramienta.

A continuación inicia tu equipo desde el Modo Seguro de Windows sin función de red

:warning: Con los demás programas cerrados ve a :arrow_forward: Inicio :arrow_forward: Ejecutar :arrow_forward: y escribe Notepad.exe.

  • Ahora debes copiar y pegar los códigos/líneas que están en el interior del recuadro de más abajo, dentro del Notepad.
START
CREATERESTOREPOINT:
CLOSEPROCESSES:
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-1621665563-1515332978-2589713378-1001\...\MountPoints2: {f104d951-1c0f-11e9-b904-7085c25aa4df} - "D:\setup.exe" 
BootExecute: autocheck autochk * sh4native Sh4Removal
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
HKU\S-1-5-21-1621665563-1515332978-2589713378-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://es.search.yahoo.com/yhs/web?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__hp_WCYID10454__190309__yaie
CHR Extension: (Chrome Media Router) - C:\Users\Ricardo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-06-21]
2019-07-19 21:47 - 2019-07-19 22:55 - 000000000 ___HD C:\81j5nK9stWptlwlB
2019-07-19 20:27 - 2019-07-19 23:18 - 000000000 ____D C:\Program Files (x86)\SpyHunter Malware Security Suite
2019-07-19 20:26 - 2019-07-19 20:26 - 000000000 ____D C:\Users\Ricardo\Downloads\SH42564782
FirewallRules: [UDP Query User{412273ED-85CC-4D17-B7AD-C46E91C65D8D}C:\games\xcom 2\binaries\win64\xcom2.exe] => (Allow) C:\games\xcom 2\binaries\win64\xcom2.exe (Firaxis Games) [File not signed]
FirewallRules: [TCP Query User{584469AD-5DCE-4F71-A66A-5B64F4DB83B2}C:\games\xcom 2\binaries\win64\xcom2.exe] => (Allow) C:\games\xcom 2\binaries\win64\xcom2.exe (Firaxis Games) [File not signed]
FirewallRules: [TCP Query User{868A54DF-CF86-4BA7-B690-93E19C730CBD}C:\games\xcom 2\xcom2-warofthechosen\binaries\win64\xcom2.exe] => (Allow) C:\games\xcom 2\xcom2-warofthechosen\binaries\win64\xcom2.exe (Firaxis Games) [File not signed]
FirewallRules: [UDP Query User{171E0803-254E-4E4A-85B9-0B75807375F0}C:\games\xcom 2\xcom2-warofthechosen\binaries\win64\xcom2.exe] => (Allow) C:\games\xcom 2\xcom2-warofthechosen\binaries\win64\xcom2.exe (Firaxis Games) [File not signed]
FirewallRules: [{5D28F50B-C2FA-4F8E-B907-02ABD0F3EE0B}] => (Allow) H:\3dsmax7\3dsmax.exe No File
FirewallRules: [{C110C34B-2ADD-4CFE-9107-03655A752D76}] => (Allow) H:\3dsmax7\3dsmax.exe No File
FirewallRules: [TCP Query User{FF2EB3EA-1D38-42BE-9239-1F0EE60A0F5C}H:\games\age of wonders iii eternal lords\aow3.exe] => (Allow) H:\games\age of wonders iii eternal lords\aow3.exe No File
FirewallRules: [UDP Query User{B8ED7E9C-8C84-4B4E-9C33-631B9A8919C0}H:\games\age of wonders iii eternal lords\aow3.exe] => (Allow) H:\games\age of wonders iii eternal lords\aow3.exe No File

HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
END

Guárdalo bajo el nombre de FIXLIST.TXT en el escritorio :arrow_backward: Esto es muy importante.

:o: Nota :o: Es importante que la herramienta FRST.exe (Farbar Recovery Scanner Tool) y FIXLIST.TXT se encuentren en la misma ubicación (escritorio) o si no, no trabajara.


  • Ejecuta FRST.exe.(Si usas Windows Vista/7/8 o 10, presiona clic derecho y seleccionas -Ejecutar como Administrador-).
  • Presionar el botón FIX y aguardar a que termine.
  • La Herramienta guardara el reporte de reparación en el escritorio (FIXLOG.TXT).

Pega el contenido de este fichero en tu próxima respuesta.

Reiniciar el equipo y comprobar su funcionamiento en relación al problema planteado y comentarlo.

Un saludo

Hola tengo problemas con el primer punto, con el revo uninstaller no encuentro el spyhunter, intenté ir a a la ubicación del archivo y no encuentro el desinstalador, tampoco desde el paner de control->programas y características Edito: Estaba buscando maneras y programas para desinstalarlo por internet pero creo que lo mejor es esperar a que me respondas, un saludo

Hola

No te preocupes si no aparece nada, también incluí lo que vi en el reporte de FRST al Fix para eliminarlo.

Un saludo

Te lo comentaba porque hay videos de como eliminarlo manualmente pero no quería hacerlo sin tu consejo ya que yo ne se mucho de informática y no quiero hacer nada que pueda estropear mas mi ordenador. La verdad es que no se que me quieres decir con la respuesta, acaso quieres decir que pase al siguiente paso?

EDIT: dado que no he podido eliminar el spyhunter y pasaba al siguiente punto me surge la duda de a que te refieres con la copia de seguridad del registro

Exacto, pasa al paso siguiente :+1:

Sigue las indicaciones que te doy para hacer la copia de seguridad con Delfix, ahí está explicado como tienes que hacerlo.

Un saludo

Perdona pero no veo por ningún sitio la copia de seguridad. O acaso te refieres al informe DelFix.txt?

En las indicaciones que te di está bien explicado.

Captura%20de%20pantalla%20(129)

Ejecuta Delfix como administrador, marca solo la que te indico con la flecha y haces clic en Run, esperas a que termine, guarda el informe pero no lo tienes que poner aquí.

si si, eso lo hice, solo me aparece el informe y lo guardé,

Pase al segundo paso, el de modo seguro pues no aparece la opción iniciar “modo seguro de windows sin función de red” solo las opciones modo seguro y modo seguro con función de red, le di a modo seguro y por si acaso desenchufe el router. Y bueno copie el texto en donde dices

Hola,

Aqui esta lo que me pediste, espero que te sirva, EDITO: NO ME SALE PONERLO CON EL CODE, no se como hacerlo, lo he intentado pero no debe de salir bien, aqui lo puse con la opción del bocadillo, tambier con la opción de los corchetes " pero no me sale, lo siento

Fix result of Farbar Recovery Scan Tool (x64) Version: 29-07-2019
Ran by Ricardo (30-07-2019 19:21:05) Run:1
Running from C:\Users\Ricardo\Desktop
Loaded Profiles: Ricardo (Available Profiles: Ricardo)
Boot Mode: Normal
==============================================

fixlist content:
*****************
START
CREATERESTOREPOINT:
CLOSEPROCESSES:
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-1621665563-1515332978-2589713378-1001\...\MountPoints2: {f104d951-1c0f-11e9-b904-7085c25aa4df} - "D:\setup.exe" 
BootExecute: autocheck autochk * sh4native Sh4Removal
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
HKU\S-1-5-21-1621665563-1515332978-2589713378-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://es.search.yahoo.com/yhs/web?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__hp_WCYID10454__190309__yaie
CHR Extension: (Chrome Media Router) - C:\Users\Ricardo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-06-21]
2019-07-19 21:47 - 2019-07-19 22:55 - 000000000 ___HD C:\81j5nK9stWptlwlB
2019-07-19 20:27 - 2019-07-19 23:18 - 000000000 ____D C:\Program Files (x86)\SpyHunter Malware Security Suite
2019-07-19 20:26 - 2019-07-19 20:26 - 000000000 ____D C:\Users\Ricardo\Downloads\SH42564782
FirewallRules: [UDP Query User{412273ED-85CC-4D17-B7AD-C46E91C65D8D}C:\games\xcom 2\binaries\win64\xcom2.exe] => (Allow) C:\games\xcom 2\binaries\win64\xcom2.exe (Firaxis Games) [File not signed]
FirewallRules: [TCP Query User{584469AD-5DCE-4F71-A66A-5B64F4DB83B2}C:\games\xcom 2\binaries\win64\xcom2.exe] => (Allow) C:\games\xcom 2\binaries\win64\xcom2.exe (Firaxis Games) [File not signed]
FirewallRules: [TCP Query User{868A54DF-CF86-4BA7-B690-93E19C730CBD}C:\games\xcom 2\xcom2-warofthechosen\binaries\win64\xcom2.exe] => (Allow) C:\games\xcom 2\xcom2-warofthechosen\binaries\win64\xcom2.exe (Firaxis Games) [File not signed]
FirewallRules: [UDP Query User{171E0803-254E-4E4A-85B9-0B75807375F0}C:\games\xcom 2\xcom2-warofthechosen\binaries\win64\xcom2.exe] => (Allow) C:\games\xcom 2\xcom2-warofthechosen\binaries\win64\xcom2.exe (Firaxis Games) [File not signed]
FirewallRules: [{5D28F50B-C2FA-4F8E-B907-02ABD0F3EE0B}] => (Allow) H:\3dsmax7\3dsmax.exe No File
FirewallRules: [{C110C34B-2ADD-4CFE-9107-03655A752D76}] => (Allow) H:\3dsmax7\3dsmax.exe No File
FirewallRules: [TCP Query User{FF2EB3EA-1D38-42BE-9239-1F0EE60A0F5C}H:\games\age of wonders iii eternal lords\aow3.exe] => (Allow) H:\games\age of wonders iii eternal lords\aow3.exe No File
FirewallRules: [UDP Query User{B8ED7E9C-8C84-4B4E-9C33-631B9A8919C0}H:\games\age of wonders iii eternal lords\aow3.exe] => (Allow) H:\games\age of wonders iii eternal lords\aow3.exe No File

HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
END

*****************

Restore point was successfully created.
Processes closed successfully.
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => removed successfully
HKU\S-1-5-21-1621665563-1515332978-2589713378-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f104d951-1c0f-11e9-b904-7085c25aa4df} => removed successfully

Ahí no está el reporte completo, falta parte de él.

Ponlo de nuevo y no olvides comentar como sigue el problema.

A ver ahora que tal, los quotes estos se me dan fatal por cierto

Fix result of Farbar Recovery Scan Tool (x64) Version: 29-07-2019
Ran by Ricardo (30-07-2019 19:21:05) Run:1
Running from C:\Users\Ricardo\Desktop
Loaded Profiles: Ricardo (Available Profiles: Ricardo)
Boot Mode: Normal
==============================================

fixlist content:
*****************
START
CREATERESTOREPOINT:
CLOSEPROCESSES:
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-1621665563-1515332978-2589713378-1001\...\MountPoints2: {f104d951-1c0f-11e9-b904-7085c25aa4df} - "D:\setup.exe" 
BootExecute: autocheck autochk * sh4native Sh4Removal
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
HKU\S-1-5-21-1621665563-1515332978-2589713378-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://es.search.yahoo.com/yhs/web?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__hp_WCYID10454__190309__yaie
CHR Extension: (Chrome Media Router) - C:\Users\Ricardo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-06-21]
2019-07-19 21:47 - 2019-07-19 22:55 - 000000000 ___HD C:\81j5nK9stWptlwlB
2019-07-19 20:27 - 2019-07-19 23:18 - 000000000 ____D C:\Program Files (x86)\SpyHunter Malware Security Suite
2019-07-19 20:26 - 2019-07-19 20:26 - 000000000 ____D C:\Users\Ricardo\Downloads\SH42564782
FirewallRules: [UDP Query User{412273ED-85CC-4D17-B7AD-C46E91C65D8D}C:\games\xcom 2\binaries\win64\xcom2.exe] => (Allow) C:\games\xcom 2\binaries\win64\xcom2.exe (Firaxis Games) [File not signed]
FirewallRules: [TCP Query User{584469AD-5DCE-4F71-A66A-5B64F4DB83B2}C:\games\xcom 2\binaries\win64\xcom2.exe] => (Allow) C:\games\xcom 2\binaries\win64\xcom2.exe (Firaxis Games) [File not signed]
FirewallRules: [TCP Query User{868A54DF-CF86-4BA7-B690-93E19C730CBD}C:\games\xcom 2\xcom2-warofthechosen\binaries\win64\xcom2.exe] => (Allow) C:\games\xcom 2\xcom2-warofthechosen\binaries\win64\xcom2.exe (Firaxis Games) [File not signed]
FirewallRules: [UDP Query User{171E0803-254E-4E4A-85B9-0B75807375F0}C:\games\xcom 2\xcom2-warofthechosen\binaries\win64\xcom2.exe] => (Allow) C:\games\xcom 2\xcom2-warofthechosen\binaries\win64\xcom2.exe (Firaxis Games) [File not signed]
FirewallRules: [{5D28F50B-C2FA-4F8E-B907-02ABD0F3EE0B}] => (Allow) H:\3dsmax7\3dsmax.exe No File
FirewallRules: [{C110C34B-2ADD-4CFE-9107-03655A752D76}] => (Allow) H:\3dsmax7\3dsmax.exe No File
FirewallRules: [TCP Query User{FF2EB3EA-1D38-42BE-9239-1F0EE60A0F5C}H:\games\age of wonders iii eternal lords\aow3.exe] => (Allow) H:\games\age of wonders iii eternal lords\aow3.exe No File
FirewallRules: [UDP Query User{B8ED7E9C-8C84-4B4E-9C33-631B9A8919C0}H:\games\age of wonders iii eternal lords\aow3.exe] => (Allow) H:\games\age of wonders iii eternal lords\aow3.exe No File

HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
END

*****************

Restore point was successfully created.
Processes closed successfully.
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => removed successfully
HKU\S-1-5-21-1621665563-1515332978-2589713378-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f104d951-1c0f-11e9-b904-7085c25aa4df} => removed successfully

*Se me olvidó comentarte como me dijiste que te informara acerca del problema, bueno el problema persiste, mm acaso debería haberse solucionado¿? pues la verdad que no, ;(

Hola

Has puesto el mismo reporte,faltan muchos más datos, son los que necesito revisar, pon lo de nuevo.

Realiza un análisis con EsetOnline >> https://forospyware.com/t/manual-de-eset-online-scanner/971

Pega el reporte y comenta como sigue el problema.

Un saludo

Eh hola pero he puesto todo lo que está en el documento fixlog.txt

Por cierto el ordenador me va raro, por ejemplo no me guarda las cosas, por ejemplo los documentos de word, etc y con otros programas lo mismo, los iconos de la barra de herramientas no me aparecen aunque figuran como anclados cuando los pongo, etc Por ejemplo con word me dice compruebe que el disco no esté lleno, protegido contra escritura o dañado, obviamente el disco tengo espacio de sobra El disco lo acabo de comprar hace nada espero que no lo haya roto con estos programas que me mandaste

me parece a mi que voy a tener que formatear el equipo como siga así la cosa