1. You are viewing our forum as a guest. For full access please Register. WindowsBBS.com is completely free, paid for by advertisers and donations.

Solved Weird pop sound malware/virus

Discussion in 'Malware and Virus Removal' started by Alatriste, 2020/04/21.

  1. 2020/04/21
    Alatriste

    Alatriste New Member Thread Starter

    Joined:
    2020/04/20
    Messages:
    7
    Likes Received:
    0
    First of all, I wanted to thank the person/s that are going to look into this to help me resolve this issue.
    Please excuse my English as it is not my first language.

    Greetings from Spain... hope everyone is staying safe in the midst of this covid crisis.

    I am experiencing a very weird pop sound (very similiar to the one WhatsApp makes when you send someone a message) coming out of my laptop's speakers at random times, right after Windows has booted. The intervals between these sounds are also random. The volume at which these come out is very soft, barely noticeable (but enough to be heard and a nuissance).

    I'm sure it's none of the system sounds (i have checked them one by one), plus it happens like I said at random times, when I am working with the laptop but also at idle.

    I figure this might be a virus because, as far as I know, there is nothing running in the background or foreground that should be making these noises, so that's why I am turning to you to help me identify and eventually kill it...

    I run MBAM (have the Premium version) yesterday and it found nothing...
    My antivirus is Windows Defender.

    Thanks very much in advance, again!
    Marc

    Apparently I will have to post both FRST and Addition in several parts since they are rather long...
    Sorry about that.


    FRST.txt log (1/2):

    Resultado del análisis realizado por Farbar Recovery Scan Tool (FRST) (x64) Versión: 20-04-2020
    Ejecutado por Marc (administrador) sobre MARC (Micro-Star International Co., Ltd. GT72VR 6RE) (21-04-2020 16:36:19)
    Ejecutado desde C:\Users\marcs\Desktop
    Perfiles cargados: Marc (Perfiles disponibles: Marc)
    Platform: Windows 10 Pro Versión 1909 18363.778 (X64) Idioma: Español (España, internacional)
    Navegador predeterminado: Chrome
    Modo de Inicio: Normal
    Tutorial para Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials

    ==================== Procesos (Lista blanca) =================

    (Si una entrada es incluida en el fixlist, el proceso será cerrado. El archivo no será movido.)

    (Adobe Systems, Incorporated -> Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
    (Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat.exe
    (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
    (Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    (Apple Inc. -> Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
    (Apple Inc. -> Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
    (Backblaze, Inc -> ) C:\Program Files (x86)\Backblaze\bzbui.exe
    (Backblaze, Inc -> ) C:\Program Files (x86)\Backblaze\bzserv.exe
    (GOG Sp. z o.o. -> GOG.com) C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe
    (GOG Sp. z o.o. -> GOG.com) D:\Program Files (x86)\GOG Galaxy\GalaxyClient Helper.exe <3>
    (GOG Sp. z o.o. -> GOG.com) D:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe
    (GOG Sp. z o.o. -> GOG.com) D:\Program Files (x86)\GOG Galaxy\GOG Galaxy Notifications Renderer.exe
    (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <41>
    (Logitech -> Logitech, Inc.) C:\Program Files\Logitech\SolarApp\L4301_Solar.exe
    (Logitech Inc -> Logitech) C:\ProgramData\LogiShrd\LogiOptions\Software\Current\LogiOverlay.exe
    (Logitech Inc -> Logitech, Inc.) C:\Program Files\Logitech\LogiOptions\LogiOptions.exe
    (Logitech Inc -> Logitech, Inc.) C:\ProgramData\LogiShrd\LogiOptions\Software\Current\LogiOptionsMgr.exe
    (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
    (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
    (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
    (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe
    (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
    (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\EXCEL.EXE
    (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\OUTLOOK.EXE
    (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\WINWORD.EXE
    (Microsoft Corporation -> Microsoft Corporation) C:\Users\marcs\AppData\Local\Microsoft\OneDrive\19.232.1124.0012\FileCoAuth.exe
    (Microsoft Corporation -> Microsoft Corporation) C:\Users\marcs\AppData\Local\Microsoft\OneDrive\OneDrive.exe
    (Microsoft Corporation -> Microsoft Corporation) C:\Users\marcs\AppData\Local\Microsoft\Teams\current\Teams.exe <5>
    (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1910.0.0_x64__8wekyb3d8bbwe\Calculator.exe
    (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12004.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
    (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
    (Microsoft Windows -> Microsoft Corporation) C:\Windows\splwow64.exe
    (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
    (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\mstsc.exe
    (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
    (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
    (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe
    (Micro-Star International CO., LTD. -> Micro-Star International Co., Ltd.) [Archivo no firmado] C:\Program Files (x86)\MSI\Dragon Center\Dragon Center.exe
    (Micro-Star International Co., Ltd.) [Archivo no firmado] C:\Windows\SysWOW64\MSIService.exe
    (NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
    (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
    (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <2>
    (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
    (Rivet Networks LLC -> Rivet Networks LLC) C:\Windows\System32\drivers\RivetNetworks\Killer\KAPS.exe
    (Rivet Networks LLC -> Rivet Networks LLC) C:\Windows\System32\drivers\RivetNetworks\Killer\xTendUtility.exe
    (Rivet Networks LLC -> Rivet Networks) C:\Windows\System32\drivers\RivetNetworks\Killer\KillerNetworkService.exe
    (Rivet Networks LLC -> Rivet Networks, LLC.) C:\Windows\System32\drivers\RivetNetworks\Killer\KAPSService.exe
    (Rivet Networks LLC -> Rivet Networks, LLC.) C:\Windows\System32\drivers\RivetNetworks\Killer\xTendUtilityService.exe
    (Rivet Networks LLC) C:\Program Files\WindowsApps\RivetNetworks.KillerControlCenter_2.1.2930.0_x64__rh07ty8m5nkag\KillerControlCenter_v1\KillerControlCenter.exe
    (SteelSeries ApS -> SteelSeries ApS) C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesEngine3.exe
    (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
    (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
    (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe

    ==================== Registro (Lista blanca) ===================

    (Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.)

    HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9229280 2017-06-02] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
    HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
    HKLM\...\Run: [LogiOptions] => C:\Program Files\Logitech\LogiOptions\LogiOptions.exe [2109064 2019-11-27] (Logitech Inc -> Logitech, Inc.)
    HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [302392 2020-03-28] (Apple Inc. -> Apple Inc.)
    HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [Archivo no firmado]
    HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
    HKLM-x32\...\Run: [] => [X]
    HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [36760 2011-09-05] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
    HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [2904984 2011-09-05] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
    HKU\S-1-5-21-666844237-2131220937-1035686966-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\marcs\AppData\Local\Microsoft\Teams\Update.exe [2339472 2020-04-11] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
    HKU\S-1-5-21-666844237-2131220937-1035686966-1001\...\Run: [GalaxyClient] => [X]
    HKU\S-1-5-21-666844237-2131220937-1035686966-1001\...\Run: [launchOnStartup] => D:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe [8030280 2020-02-25] (GOG Sp. z o.o. -> GOG.com)
    HKU\S-1-5-21-666844237-2131220937-1035686966-1001\...\Run: [AdobeBridge] => [X]
    HKU\S-1-5-21-666844237-2131220937-1035686966-1001\...\Run: [Backblaze] => C:\Program Files (x86)\Backblaze\bzbui.exe [1126752 2020-02-17] (Backblaze, Inc -> )
    HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\80.0.3987.163\Installer\chrmstp.exe [2020-04-07] (Google LLC -> Google LLC)
    HKLM\Software\Microsoft\Active Setup\Installed Components: [{9459C573-B17A-45AE-9F64-1857B5D58CEE}] -> C:\Program Files (x86)\Microsoft\Edge\Application\81.0.416.58\Installer\setup.exe [2020-04-18] (Microsoft Corporation -> Microsoft Corporation)
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk [2020-01-27]
    ShortcutTarget: Adobe Gamma.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.) [Archivo no firmado]
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SteelSeries Engine 3.lnk [2020-03-13]
    ShortcutTarget: SteelSeries Engine 3.lnk -> C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesEngine3.exe (SteelSeries ApS -> SteelSeries ApS)

    ==================== Tareas programadas (Lista blanca) ============

    (Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

    Task: {0358CA5E-D748-4379-93B3-940E8E281A9D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-01-24] (Google LLC -> Google LLC)
    Task: {084C8561-4DDC-44CE-9D14-491D12AC8524} - System32\Tasks\MicrosoftEdgeUpdateTaskMachineUA => C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [223112 2020-01-28] (Microsoft Corporation -> Microsoft Corporation)
    Task: {0E183458-9FC0-4898-864B-F5FFEBD20A2B} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3302880 2019-12-09] (NVIDIA Corporation -> NVIDIA Corporation)
    Task: {0EF89DB4-30BF-4DDF-BB80-E45EC5D2D4A3} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24702832 2020-04-10] (Microsoft Corporation -> Microsoft Corporation)
    Task: {10349214-7518-44C5-9461-099F43725462} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1240656 2019-09-11] (Adobe Inc. -> Adobe Systems)
    Task: {1250B92B-2AFD-4EDE-B0F3-09A3CB88359B} - System32\Tasks\MicrosoftEdgeUpdateTaskMachineCore => C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [223112 2020-01-28] (Microsoft Corporation -> Microsoft Corporation)
    Task: {1AAECAB1-6EAB-4E8A-983E-A60690900B6F} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24702832 2020-04-10] (Microsoft Corporation -> Microsoft Corporation)
    Task: {2D495B73-24CC-4ABE-B312-6E565F96C4A7} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-12-05] (NVIDIA Corporation -> NVIDIA Corporation)
    Task: {312DAB29-D823-4FFC-8886-E410FFE550B7} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [914456 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
    Task: {31BCA032-ED6D-46C3-9E36-8FA44E0442EE} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [914456 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
    Task: {45D8594D-35F9-463B-B99C-26C3F380B656} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-01-24] (Google LLC -> Google LLC)
    Task: {5BA4A2A1-349D-4E17-9295-4A24A9191FFC} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [158568 2020-04-17] (Microsoft Corporation -> Microsoft Corporation)
    Task: {5FE43DEB-3966-46E0-9360-84DC0CB01991} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1134104 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
    Task: {64152FA3-7099-4781-B128-14E8252F0A00} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1134104 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
    Task: {7FEB286C-CE9E-403E-8B80-475C023DFB9B} - System32\Tasks\MSI_Dragon Center => C:\Program Files (x86)\MSI\Dragon Center\Dragon Center.exe [5607192 2018-04-12] (Micro-Star International CO., LTD. -> Micro-Star International Co., Ltd.) [Archivo no firmado]
    Task: {8B79C4E2-2C7D-43A3-AF71-002C6D2AC0D5} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2045312 2020-04-17] (Microsoft Corporation -> Microsoft Corporation)
    Task: {902AE263-6E52-4542-B6C3-953B8EFA5EA4} - System32\Tasks\Dragon_Center_updater => C:\ProgramData\MSI\Dragon [Argument = Center\DragonCenter_Updater.exe DragonCenter]
    Task: {91189C37-0C2C-43D2-8C9D-2A51A2683378} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1134104 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
    Task: {9660C392-C0AC-4EB8-B57B-FE8D4F4661A8} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [616832 2019-09-04] (Apple Inc. -> Apple Inc.)
    Task: {968F5918-E121-4285-A7F5-FC0499B19189} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [158568 2020-04-17] (Microsoft Corporation -> Microsoft Corporation)
    Task: {BE24608C-765A-4655-8454-5C8E8AFB8646} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [653848 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
    Task: {C64832A2-6635-4590-9D66-9E9E521DC025} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1134104 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
    Task: {C99172B8-87C8-4AE2-9B6D-BF99EC9CFC65} - System32\Tasks\MSI_Help_Desk_Agent => C:\Program Files (x86)\MSI\Help Desk\MSI Update Agent.exe
    Task: {CEA9BA28-4808-4745-AA88-4AE226714A45} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-12-05] (NVIDIA Corporation -> NVIDIA Corporation)

    (Si una entrada es incluida en el fixlist, el archivo de tarea (.job) será movido. El archivo que está siendo ejecutado por la tarea no será movido.)


    ==================== Internet (Lista blanca) ====================

    (Si un elemento es incluido en el fixlist, y éste pertenece al registro, será eliminado o restaurado a su valor predeterminado.)

    Winsock: Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc. -> Apple Inc.)
    Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll [133392 2015-08-12] (Apple Inc. -> Apple Inc.)
    Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
    Tcpip\..\Interfaces\{24a1c970-eb47-4867-bf70-286e261b74a5}: [DhcpNameServer] 192.168.0.1
    Tcpip\..\Interfaces\{eeb2883e-5b3b-4473-a198-f0dd3cf17289}: [DhcpNameServer] 80.58.61.250 80.58.61.254

    Internet Explorer:
    ==================
    HKU\S-1-5-21-666844237-2131220937-1035686966-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.es/
    BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-09-05] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
    BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2020-01-24] (Microsoft Corporation -> Microsoft Corporation)
    BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2011-09-05] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
    BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2011-09-05] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
    Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2011-09-05] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
    Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-04-09] (Microsoft Corporation -> Microsoft Corporation)
    Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-04-09] (Microsoft Corporation -> Microsoft Corporation)
    Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-04-09] (Microsoft Corporation -> Microsoft Corporation)
    Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-04-09] (Microsoft Corporation -> Microsoft Corporation)
    Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-04-09] (Microsoft Corporation -> Microsoft Corporation)
    Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-04-09] (Microsoft Corporation -> Microsoft Corporation)
    Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-04-09] (Microsoft Corporation -> Microsoft Corporation)
    Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-04-09] (Microsoft Corporation -> Microsoft Corporation)

    Edge:
    ======
    Edge DefaultProfile: Default
    Edge Profile: C:\Users\marcs\AppData\Local\Microsoft\Edge\User Data\Default [2020-04-17]
    Edge DownloadDir: D:\Downloads
    Edge Notifications: Default -> hxxps://web.wallapop.com; hxxps://web.whatsapp.com
    Edge StartupUrls: Default -> "hxxps://www.bing.com/?cc=es#"
    Edge Profile: C:\Users\marcs\AppData\Local\Microsoft\Edge\User Data\Profile 1 [2020-01-29]

    FireFox:
    ========
    FF DefaultProfile: sz78ievp.default
    FF ProfilePath: C:\Users\marcs\AppData\Roaming\Mozilla\Firefox\Profiles\sz78ievp.default [2020-01-27]
    FF ProfilePath: C:\Users\marcs\AppData\Roaming\Mozilla\Firefox\Profiles\wdojnpzj.default-release [2020-03-12]
    FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
    FF Extension: (Adobe Acrobat - Create PDF) - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2020-01-28] [Heredado] [no firmado]
    FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-01-24] (Microsoft Corporation -> Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2020-01-24] (Microsoft Corporation -> Microsoft Corporation)
    FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
    FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll [2011-09-05] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
    FF Plugin HKU\S-1-5-21-666844237-2131220937-1035686966-1001: @zoom.us/ZoomVideoPlugin -> C:\Users\marcs\AppData\Roaming\Zoom\bin_00\npzoomplugin.dll [2020-04-14] (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)

    Chrome:
    =======
    CHR DefaultProfile: Default
    CHR Profile: C:\Users\marcs\AppData\Local\Google\Chrome\User Data\Default [2020-04-21]
    CHR DownloadDir: D:\Downloads
    CHR Notifications: Default -> hxxps://web.whatsapp.com; hxxps://www.reddit.com
    CHR StartupUrls: Default -> "hxxps://www.google.es/"
    CHR DefaultSearchURL: Default -> hxxps://www.bing.com/search?q={searchTerms}&PC=U316&FORM=CHROMN
    CHR DefaultSearchKeyword: Default -> bing.com
    CHR DefaultNewTabURL: Default -> hxxps://www.bing.com/chrome/newtab
    CHR DefaultSuggestURL: Default -> hxxps://www.bing.com/osjson.aspx?query={searchTerms}&language={language}&PC=U316
    CHR Extension: (Presentaciones) - C:\Users\marcs\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-01-24]
    CHR Extension: (Documentos) - C:\Users\marcs\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-01-24]
    CHR Extension: (Google Drive) - C:\Users\marcs\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-01-24]
    CHR Extension: (DuckDuckGo) - C:\Users\marcs\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkdgflcldnnnapblkhphbgpggdiikppg [2020-04-08]
    CHR Extension: (YouTube) - C:\Users\marcs\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-01-24]
    CHR Extension: (uBlock Origin) - C:\Users\marcs\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2020-04-21]
    CHR Extension: (Hojas de cálculo) - C:\Users\marcs\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-01-24]
    CHR Extension: (Documentos de Google sin conexión) - C:\Users\marcs\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-04-21]
    CHR Extension: (El Camelizer) - C:\Users\marcs\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghnomdcacenbmilgjigehppbamfndblo [2020-01-27]
    CHR Extension: (AdBlock: el mejor bloqueador de anuncios) - C:\Users\marcs\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2020-04-15]
    CHR Extension: (Windscribe - Free Proxy and Ad Blocker) - C:\Users\marcs\AppData\Local\Google\Chrome\User Data\Default\Extensions\hnmpcagpplmpfojmgmnngilcnanddlhb [2020-04-14]
    CHR Extension: (1-click-timer) - C:\Users\marcs\AppData\Local\Google\Chrome\User Data\Default\Extensions\igloknlllonknnbkfgggfkigmeegmakf [2020-01-24]
    CHR Extension: (Disconnect) - C:\Users\marcs\AppData\Local\Google\Chrome\User Data\Default\Extensions\jeoacafpbcihiomhlakheieifhpjdfeo [2020-03-06]
    CHR Extension: (Ghostery – Bloqueador de anuncios para privacidad) - C:\Users\marcs\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2020-04-01]
    CHR Extension: (Alarm Ninja) - C:\Users\marcs\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlcpjkdhdmfamjccnhginlmfjhigipdf [2020-01-24]
    CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\marcs\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-01-24]
    CHR Extension: (Click&Clean App) - C:\Users\marcs\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdabfienifkbhoihedcgeogidfmibmhp [2020-01-24]
    CHR Extension: (Gmail) - C:\Users\marcs\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-01-24]
    CHR Extension: (Chrome Media Router) - C:\Users\marcs\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-04-03]
    CHR Profile: C:\Users\marcs\AppData\Local\Google\Chrome\User Data\Profile 1 [2020-04-21]
    CHR Notifications: Profile 1 -> hxxps://web.whatsapp.com
    CHR DefaultSearchURL: Profile 1 -> hxxps://duckduckgo.com/?q={searchTerms}
    CHR DefaultSearchKeyword: Profile 1 -> duckduckgo.com
    CHR DefaultNewTabURL: Profile 1 -> hxxps://duckduckgo.com/chrome_newtab
    CHR DefaultSuggestURL: Profile 1 -> hxxps://duckduckgo.com/ac/?q={searchTerms}&type=list
    CHR Session Restore: Profile 1 -> está habilitado.
    CHR Extension: (Presentaciones) - C:\Users\marcs\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-01-24]
    CHR Extension: (Google Drive) - C:\Users\marcs\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aghbiahbpaijignceidepookljebhfak [2020-03-16]
    CHR Extension: (Documentos) - C:\Users\marcs\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2020-01-24]
    CHR Extension: (Google Drive) - C:\Users\marcs\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-01-24]
    CHR Extension: (YouTube) - C:\Users\marcs\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-01-24]
    CHR Extension: (uBlock Origin) - C:\Users\marcs\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2020-04-21]
    CHR Extension: (Hojas de cálculo) - C:\Users\marcs\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-01-24]
    CHR Extension: (Documentos de Google sin conexión) - C:\Users\marcs\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-04-21]
    CHR Extension: (AdBlock: el mejor bloqueador de anuncios) - C:\Users\marcs\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2020-04-15]
    CHR Extension: (Disconnect) - C:\Users\marcs\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\jeoacafpbcihiomhlakheieifhpjdfeo [2020-03-06]
    CHR Extension: (Ghostery – Bloqueador de anuncios para privacidad) - C:\Users\marcs\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2020-04-01]
    CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\marcs\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-01-24]
    CHR Extension: (Gmail) - C:\Users\marcs\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-01-24]
    CHR Extension: (Chrome Media Router) - C:\Users\marcs\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-04-03]
    CHR Profile: C:\Users\marcs\AppData\Local\Google\Chrome\User Data\System Profile [2020-03-18]

    ==================== Servicios (Lista blanca) ===================

    (Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

    S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2020-01-27] (Adobe Systems) [Archivo no firmado]
    R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [96056 2020-03-27] (Apple Inc. -> Apple Inc.)
    R2 AtherosSvc; C:\Windows\System32\drivers\AdminService.exe [420256 2019-04-25] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
    R2 bzserv; C:\Program Files (x86)\Backblaze\bzserv.exe [588128 2020-02-17] (Backblaze, Inc -> )
    R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [10626648 2020-04-10] (Microsoft Corporation -> Microsoft Corporation)
    S2 edgeupdate; C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [223112 2020-01-28] (Microsoft Corporation -> Microsoft Corporation)
    S3 edgeupdatem; C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [223112 2020-01-28] (Microsoft Corporation -> Microsoft Corporation)
    S3 GalaxyClientService; D:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [1242696 2020-02-25] (GOG Sp. z o.o. -> GOG.com)
    S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6821960 2020-02-25] (GOG Sp. z o.o. -> GOG.com)
    R2 Killer Network Service; C:\Windows\System32\drivers\RivetNetworks\Killer\KillerNetworkService.exe [2616936 2019-07-16] (Rivet Networks LLC -> Rivet Networks)
    R3 KillerSmartConnectService; C:\Windows\System32\drivers\RivetNetworks\Killer\KAPSService.exe [72792 2019-07-16] (Rivet Networks LLC -> Rivet Networks, LLC.)
    R2 L4301_Solar; C:\Program Files\Logitech\SolarApp\L4301_Solar.exe [405744 2013-01-30] (Logitech -> Logitech, Inc.)
    R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [6933272 2020-03-19] (Malwarebytes Inc -> Malwarebytes)
    R2 Micro Star SCM; C:\Windows\SysWOW64\MSIService.exe [160768 2009-07-09] (Micro-Star International Co., Ltd.) [Archivo no firmado]
    S3 MicrosoftEdgeElevationService; C:\Program Files (x86)\Microsoft\Edge\Application\81.0.416.58\elevation_service.exe [1125256 2020-04-17] (Microsoft Corporation -> Microsoft Corporation)
    R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-12-05] (NVIDIA Corporation -> NVIDIA Corporation)
    S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-12-05] (NVIDIA Corporation -> NVIDIA Corporation)
    S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5930136 2020-04-15] (Microsoft Windows Publisher -> Microsoft Corporation)
    S3 SteelSeriesUpdateService; C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesUpdateService.exe [32648 2020-03-11] (SteelSeries ApS -> )
    S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [Archivo no firmado]
    R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [279096 2017-12-06] (Synaptics Incorporated -> Synaptics Incorporated)
    R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [13206544 2020-02-14] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
    S3 wampapache64; c:\wamp64\bin\apache\apache2.4.41\bin\httpd.exe [29696 2019-08-09] (Apache Software Foundation) [Archivo no firmado]
    S3 wampmariadb64; c:\wamp64\bin\mariadb\mariadb10.4.10\bin\mysqld.exe [15837608 2019-11-07] (MariaDB Corporation Ab -> )
    S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2003.8-0\NisSrv.exe [3294680 2020-04-15] (Microsoft Windows Publisher -> Microsoft Corporation)
    S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2003.8-0\MsMpEng.exe [103168 2020-04-15] (Microsoft Windows Publisher -> Microsoft Corporation)
    S2 xTendSoftAPService; C:\Windows\System32\drivers\RivetNetworks\Killer\xTendSoftAPService.exe [73048 2019-07-16] (Rivet Networks LLC -> Rivet Networks, LLC.)
    R2 xTendUtilityService; C:\Windows\System32\drivers\RivetNetworks\Killer\xTendUtilityService.exe [72816 2019-07-16] (Rivet Networks LLC -> Rivet Networks, LLC.)
    R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000

    ===================== Controladores (Lista blanca) ===================

    (Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

    R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [153312 2020-04-20] (Malwarebytes Corporation -> Malwarebytes)
    R3 KfeCoSvc; C:\Windows\System32\drivers\RivetNetworks\Killer\KfeCo10X64.sys [162432 2019-07-16] (Rivet Networks LLC -> Rivet Networks, LLC.)
    R3 KillerEth; C:\Windows\System32\drivers\e2xw10x64.sys [145920 2019-03-19] (Microsoft Windows -> Qualcomm Atheros, Inc.)
    R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [214496 2020-04-20] (Malwarebytes Inc -> Malwarebytes)
    S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [20936 2020-03-19] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
    R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [195432 2020-04-20] (Malwarebytes Inc -> Malwarebytes)
    R3 MBAMProtection; C:\Windows\system32\DRIVERS\mbam.sys [73584 2020-04-20] (Malwarebytes Corporation -> Malwarebytes)
    R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [248968 2020-04-20] (Malwarebytes Inc -> Malwarebytes)
    R3 MBAMWebProtection; C:\Windows\system32\DRIVERS\mwac.sys [124560 2020-04-20] (Malwarebytes Inc -> Malwarebytes)
    R3 nvlddmkm; C:\Windows\System32\DriverStore\FileRepository\nvmii.inf_amd64_7354985a084275ae\nvlddmkm.sys [23439080 2020-03-19] (NVIDIA Corporation -> NVIDIA Corporation)
    R0 nvpciflt; C:\Windows\System32\DriverStore\FileRepository\nvmii.inf_amd64_7354985a084275ae\nvpciflt.sys [49616 2020-03-19] (NVIDIA Corporation -> NVIDIA Corporation)
    S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30336 2019-12-07] (NVIDIA Corporation -> NVIDIA Corporation)
    R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [69840 2019-04-17] (NVIDIA Corporation -> NVIDIA Corporation)
    R3 nvvhci; C:\Windows\System32\drivers\nvvhci.sys [75600 2019-08-22] (NVIDIA Corporation -> NVIDIA Corporation)
    R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [787976 2016-11-01] (Realtek Semiconductor Corp. -> Realsil Semiconductor Corporation)
    R3 ssdevfactory; C:\Windows\System32\drivers\ssdevfactory.sys [46776 2019-12-23] (SteelSeries ApS -> )
    R3 sshid; C:\Windows\System32\drivers\sshid.sys [47824 2019-12-23] (SteelSeries ApS -> SteelSeries ApS)
    R3 ssps2; C:\Windows\System32\drivers\ssps2.sys [41104 2019-12-23] (SteelSeries ApS -> )
    S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2019-10-07] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
    S3 WdBoot; C:\Windows\system32\drivers\wd\WdBoot.sys [45960 2020-04-15] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
    S3 WdFilter; C:\Windows\system32\drivers\wd\WdFilter.sys [391392 2020-04-15] (Microsoft Windows -> Microsoft Corporation)
    S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [59104 2020-04-15] (Microsoft Windows -> Microsoft Corporation)
    R3 WINIO; C:\Program Files (x86)\MSI\Dragon Center\winio64.sys [15160 2015-06-11] (Micro-Star Int'l Co. Ltd. -> )

    ==================== NetSvcs (Lista blanca) ===================

    (Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)


    ==================== Un mes (creado) ===================

    (Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)

    2020-04-21 16:36 - 2020-04-21 16:36 - 000036128 _____ C:\Users\marcs\Desktop\FRST.txt
    2020-04-21 16:16 - 2020-04-21 16:16 - 002281984 _____ (Farbar) C:\Users\marcs\Desktop\FRST64.exe
    2020-04-21 12:33 - 2020-04-21 12:34 - 000276301 _____ C:\Users\marcs\Desktop\Documento 4300099999_P_0020200057.PDF
    2020-04-20 23:00 - 2020-04-20 23:00 - 000001014 _____ C:\Users\marcs\Desktop\farmacias sant feliu 20 abril.txt
    2020-04-20 20:51 - 2020-04-20 20:51 - 000001823 _____ C:\Users\Public\Desktop\iTunes.lnk
    2020-04-20 20:51 - 2020-04-20 20:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
    2020-04-20 20:51 - 2020-04-20 20:51 - 000000000 ____D C:\Program Files\iTunes
    2020-04-20 20:51 - 2020-04-20 20:51 - 000000000 ____D C:\Program Files\iPod
    2020-04-20 17:15 - 2020-04-21 16:36 - 000000000 ____D C:\FRST
    2020-04-20 15:10 - 2020-04-20 15:10 - 000195432 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
    2020-04-20 15:10 - 2020-04-20 15:10 - 000124560 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
    2020-04-20 15:10 - 2020-04-20 15:10 - 000073584 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
    2020-04-19 11:25 - 2020-04-19 11:25 - 000000000 ___HD C:\OneDriveTemp
    2020-04-17 14:50 - 2020-04-20 15:10 - 000248968 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
    2020-04-15 09:48 - 2020-04-15 09:48 - 000000569 _____ C:\Users\marcs\Desktop\compras farmacias 15 abril 2020.txt
    2020-04-15 08:28 - 2020-04-15 08:28 - 001870408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmp4srcsnk.dll
    2020-04-15 08:28 - 2020-04-15 08:28 - 001610240 _____ (Microsoft Corporation) C:\Windows\system32\HologramCompositor.dll
    2020-04-15 08:28 - 2020-04-15 08:28 - 001013000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmpeg2srcsnk.dll
    2020-04-15 08:28 - 2020-04-15 08:28 - 000983040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmkvsrcsnk.dll
    2020-04-15 08:28 - 2020-04-15 08:28 - 000380416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSFlacDecoder.dll
    2020-04-15 08:28 - 2020-04-15 08:28 - 000321536 _____ (Microsoft Corporation) C:\Windows\system32\wbadmin.exe
    2020-04-15 08:28 - 2020-04-15 08:28 - 000179200 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.XamlHost.dll
    2020-04-15 08:28 - 2020-04-15 08:28 - 000135168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.XamlHost.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 025444352 _____ (Microsoft Corporation) C:\Windows\system32\Hydrogen.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 022636544 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 019850240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgehtml.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 019812864 _____ (Microsoft Corporation) C:\Windows\system32\HologramWorld.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 018027520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 017790464 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 014818816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 009930552 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
    2020-04-15 08:27 - 2020-04-15 08:27 - 008013824 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 007849216 _____ (Microsoft Corporation) C:\Windows\system32\OneCoreUAPCommonProxyStub.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 007756800 _____ (Microsoft Corporation) C:\Windows\system32\Chakra.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 007604584 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Protection.PlayReady.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 007017472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 006523048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Protection.PlayReady.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 006168064 _____ (Microsoft Corporation) C:\Windows\system32\twinui.pcshell.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 005910016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakra.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 005040640 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 004611584 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 004563200 _____ (Microsoft Corporation) C:\Windows\system32\sppsvc.exe
    2020-04-15 08:27 - 2020-04-15 08:27 - 004538880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 004129624 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 003980800 _____ (Microsoft Corporation) C:\Windows\system32\tellib.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 003802624 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 003753472 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_nt.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 003742544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\OneCoreUAPCommonProxyStub.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 003729408 _____ (Microsoft Corporation) C:\Windows\system32\win32kfull.sys
    2020-04-15 08:27 - 2020-04-15 08:27 - 003708928 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 003587384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
    2020-04-15 08:27 - 2020-04-15 08:27 - 003547648 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 003512320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 003109376 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 002986808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
    2020-04-15 08:27 - 2020-04-15 08:27 - 002951832 _____ (Microsoft Corporation) C:\Windows\system32\mfmp4srcsnk.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 002871608 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
    2020-04-15 08:27 - 2020-04-15 08:27 - 002800640 _____ (Microsoft Corporation) C:\Windows\system32\WinSAT.exe
    2020-04-15 08:27 - 2020-04-15 08:27 - 002800128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32kfull.sys
    2020-04-15 08:27 - 2020-04-15 08:27 - 002767928 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 002717184 _____ (Microsoft Corporation) C:\Windows\system32\win32kbase.sys
    2020-04-15 08:27 - 2020-04-15 08:27 - 002494744 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 002453504 _____ (Microsoft Corporation) C:\Windows\system32\InstallService.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 002369576 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.AppAgent.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 002188600 _____ (Microsoft Corporation) C:\Windows\system32\AppVEntSubsystems64.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 002180408 _____ (Microsoft Corporation) C:\Windows\system32\workfolderssvc.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 002131456 _____ (Microsoft Corporation) C:\Windows\system32\WpcDesktopMonSvc.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 002126144 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 002114560 _____ (Microsoft Corporation) C:\Windows\system32\Windows.CloudStore.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 002086656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 001999960 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 001960448 _____ (Microsoft Corporation) C:\Windows\system32\aadtb.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 001945600 _____ (Microsoft Corporation) C:\Windows\system32\dcomp.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 001942528 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 001918976 _____ (Microsoft Corporation) C:\Windows\system32\wevtsvc.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 001835008 _____ (Microsoft Corporation) C:\Windows\system32\enterprisecsps.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 001783296 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Input.Inking.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 001764336 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 001762816 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 001757096 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
    2020-04-15 08:27 - 2020-04-15 08:27 - 001729024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InstallService.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 001726264 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 001719808 _____ (Microsoft Corporation) C:\Windows\system32\Wpc.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 001697792 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 001665216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 001664896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 001659408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Microsoft.Uev.AppAgent.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 001656904 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 001646048 _____ (Microsoft Corporation) C:\Windows\system32\gdi32full.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 001612800 _____ (Microsoft Corporation) C:\Windows\system32\wpncore.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 001603584 _____ (Microsoft Corporation) C:\Windows\system32\dosvc.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 001587712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aadtb.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 001545216 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
    2020-04-15 08:27 - 2020-04-15 08:27 - 001512832 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
    2020-04-15 08:27 - 2020-04-15 08:27 - 001497600 _____ (Microsoft Corporation) C:\Windows\system32\TokenBroker.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 001495864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppVEntSubsystems32.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 001484384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 001480192 _____ (Microsoft Corporation) C:\Windows\system32\usocoreworker.exe
    2020-04-15 08:27 - 2020-04-15 08:27 - 001477112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dcomp.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 001458688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 001427456 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.Vpn.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 001413840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32full.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 001413704 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 001397576 _____ (Microsoft Corporation) C:\Windows\system32\hvix64.exe
    2020-04-15 08:27 - 2020-04-15 08:27 - 001386296 _____ (Microsoft Corporation) C:\Windows\system32\AppVEntSubsystemController.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 001378528 _____ (Microsoft Corporation) C:\Windows\system32\webservices.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 001368576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wpc.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 001368576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Input.Inking.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 001318912 _____ (Microsoft Corporation) C:\Windows\system32\wpnapps.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 001310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjet40.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 001300280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
    2020-04-15 08:27 - 2020-04-15 08:27 - 001264640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
    2020-04-15 08:27 - 2020-04-15 08:27 - 001263856 _____ (Microsoft Corporation) C:\Windows\system32\WpcMon.exe
    2020-04-15 08:27 - 2020-04-15 08:27 - 001261808 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 001257472 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 001245184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TokenBroker.dll
     
    Alatriste,
    #1
  2. 2020/04/21
    Alatriste

    Alatriste New Member Thread Starter

    Joined:
    2020/04/20
    Messages:
    7
    Likes Received:
    0
    FRST.txt log (2/2)

    2020-04-15 08:27 - 2020-04-15 08:27 - 001243648 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 001180672 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Security.Authentication.Web.Core.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 001153024 _____ (Microsoft Corporation) C:\Windows\system32\windowsperformancerecordercontrol.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 001151816 _____ (Microsoft Corporation) C:\Windows\system32\mfmpeg2srcsnk.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 001136128 _____ (Microsoft Corporation) C:\Windows\system32\MbaeApiPublic.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 001127424 _____ (Microsoft Corporation) C:\Windows\system32\WpcRefreshTask.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 001083904 _____ (Microsoft Corporation) C:\Windows\system32\MusUpdateHandlers.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 001081856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.Vpn.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 001077064 _____ (Microsoft Corporation) C:\Windows\system32\hvax64.exe
    2020-04-15 08:27 - 2020-04-15 08:27 - 001071616 _____ (Microsoft Corporation) C:\Windows\system32\BTAGService.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 001055376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 001011200 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 001009152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpnapps.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 001008128 _____ (Microsoft Corporation) C:\Windows\system32\StorSvc.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 000993280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 000982840 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 000980832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webservices.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 000974336 _____ (Microsoft Corporation) C:\Windows\system32\uDWM.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 000924672 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 000923136 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Management.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 000915192 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentClient.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 000912896 _____ (Microsoft Corporation) C:\Windows\system32\rasmans.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 000893952 _____ (Microsoft Corporation) C:\Windows\system32\FlightSettings.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 000892416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MbaeApiPublic.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 000879616 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Management.Service.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 000874296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms2.sys
    2020-04-15 08:27 - 2020-04-15 08:27 - 000868864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\windowsperformancerecordercontrol.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 000865280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Security.Authentication.Web.Core.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 000865280 _____ (Microsoft Corporation) C:\Windows\system32\netlogon.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 000840704 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_Language.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 000836608 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 000835584 _____ (Microsoft Corporation) C:\Windows\system32\WorkfoldersControl.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 000822208 _____ (Microsoft Corporation) C:\Windows\system32\fontdrvhost.exe
    2020-04-15 08:27 - 2020-04-15 08:27 - 000811320 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 000785920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 000783480 _____ (Microsoft Corporation) C:\Windows\system32\tcblaunch.exe
    2020-04-15 08:27 - 2020-04-15 08:27 - 000775696 _____ (Microsoft Corporation) C:\Windows\system32\securekernel.exe
    2020-04-15 08:27 - 2020-04-15 08:27 - 000772096 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
    2020-04-15 08:27 - 2020-04-15 08:27 - 000768528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 000759272 _____ (Microsoft Corporation) C:\Windows\system32\taskschd.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 000747320 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 000744960 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.Office2013CustomActions.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 000735744 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 000729600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FlightSettings.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 000722072 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 000701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Mirage.Internal.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 000701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BTAGService.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 000689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CPFilters.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 000686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 000684560 _____ (Microsoft Corporation) C:\Windows\system32\SHCore.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 000673704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppXDeploymentClient.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 000673464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontdrvhost.exe
    2020-04-15 08:27 - 2020-04-15 08:27 - 000668672 _____ (Microsoft Corporation) C:\Windows\system32\wsecedit.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 000665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netlogon.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 000654912 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 000647680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Internal.Management.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 000638480 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 000637240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
    2020-04-15 08:27 - 2020-04-15 08:27 - 000632832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WpcWebFilter.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 000629760 _____ (Microsoft Corporation) C:\Windows\system32\ipnathlp.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 000628616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 000618296 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 000605184 _____ (Microsoft Corporation) C:\Windows\system32\MusNotification.exe
    2020-04-15 08:27 - 2020-04-15 08:27 - 000604984 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 000595968 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 000589384 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
    2020-04-15 08:27 - 2020-04-15 08:27 - 000561464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
    2020-04-15 08:27 - 2020-04-15 08:27 - 000555008 _____ (Microsoft Corporation) C:\Windows\system32\appwiz.cpl
    2020-04-15 08:27 - 2020-04-15 08:27 - 000550400 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
    2020-04-15 08:27 - 2020-04-15 08:27 - 000538160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SHCore.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 000532480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 000530432 _____ (Microsoft Corporation) C:\Windows\system32\sppcext.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 000529408 _____ (Microsoft Corporation) C:\Windows\system32\nltest.exe
    2020-04-15 08:27 - 2020-04-15 08:27 - 000525312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsecedit.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 000524264 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Enumeration.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 000516096 _____ (Microsoft Corporation) C:\Windows\system32\MusNotificationUx.exe
    2020-04-15 08:27 - 2020-04-15 08:27 - 000515600 _____ (Microsoft Corporation) C:\Windows\system32\dcntel.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 000514560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Microsoft.Uev.Office2013CustomActions.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 000513576 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 000510792 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 000507152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\taskschd.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 000498688 _____ (Microsoft Corporation) C:\Windows\system32\ntshrui.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 000497152 _____ (Microsoft Corporation) C:\Windows\system32\wuuhext.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 000491008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sppcext.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 000487784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 000477496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
    2020-04-15 08:27 - 2020-04-15 08:27 - 000469504 _____ (Microsoft Corporation) C:\Windows\system32\cloudAP.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 000465208 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 000459688 _____ (Microsoft Corporation) C:\Windows\system32\MusNotifyIcon.exe
    2020-04-15 08:27 - 2020-04-15 08:27 - 000456504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdbss.sys
    2020-04-15 08:27 - 2020-04-15 08:27 - 000456192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appwiz.cpl
    2020-04-15 08:27 - 2020-04-15 08:27 - 000452096 _____ (Microsoft Corporation) C:\Windows\system32\rdpclip.exe
    2020-04-15 08:27 - 2020-04-15 08:27 - 000444416 _____ (Microsoft Corporation) C:\Windows\system32\MSFlacDecoder.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 000441144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
    2020-04-15 08:27 - 2020-04-15 08:27 - 000437560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pci.sys
    2020-04-15 08:27 - 2020-04-15 08:27 - 000420152 _____ (Microsoft Corporation) C:\Windows\system32\MSAudDecMFT.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 000416016 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 000415760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aepic.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 000410112 _____ (Microsoft Corporation) C:\Windows\system32\rascustom.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 000408064 _____ (Microsoft Corporation) C:\Windows\system32\domgmt.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 000406480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Enumeration.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 000401408 _____ (Microsoft Corporation) C:\Windows\system32\es.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 000381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntshrui.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 000374784 _____ (Microsoft Corporation) C:\Windows\system32\ncbservice.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 000355840 _____ (Microsoft Corporation) C:\Windows\system32\WaaSMedicSvc.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 000355328 _____ (Microsoft Corporation) C:\Windows\system32\WpcApi.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 000353792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrd3x40.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 000343552 _____ (Microsoft Corporation) C:\Windows\system32\wpr.exe
    2020-04-15 08:27 - 2020-04-15 08:27 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msexcl40.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 000339304 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Storage.ApplicationData.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 000336384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\es.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 000330240 _____ (Microsoft Corporation) C:\Windows\system32\omadmclient.exe
    2020-04-15 08:27 - 2020-04-15 08:27 - 000324408 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 000324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32k.sys
    2020-04-15 08:27 - 2020-04-15 08:27 - 000323584 _____ (Microsoft Corporation) C:\Windows\system32\sppcommdlg.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 000297272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys
    2020-04-15 08:27 - 2020-04-15 08:27 - 000285184 _____ (Microsoft Corporation) C:\Windows\system32\WaaSMedicCapsule.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 000278016 _____ (Microsoft Corporation) C:\Windows\system32\WpcTok.exe
    2020-04-15 08:27 - 2020-04-15 08:27 - 000277864 _____ (Microsoft Corporation) C:\Windows\system32\LsaIso.exe
    2020-04-15 08:27 - 2020-04-15 08:27 - 000277504 _____ (Microsoft Corporation) C:\Windows\system32\scecli.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 000268288 _____ (Microsoft Corporation) C:\Windows\system32\dot3svc.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 000268008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Storage.ApplicationData.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 000265216 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 000259776 _____ (Microsoft Corporation) C:\Windows\system32\logoncli.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 000259072 _____ (Microsoft Corporation) C:\Windows\system32\VPNv2CSP.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 000256000 _____ (Microsoft Corporation) C:\Windows\system32\UpdateDeploymentProvider.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 000251704 _____ (Microsoft Corporation) C:\Windows\system32\offlinesam.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 000251392 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\winnat.sys
    2020-04-15 08:27 - 2020-04-15 08:27 - 000241152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msltus40.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 000241152 _____ (Microsoft Corporation) C:\Windows\system32\policymanagerprecheck.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 000234496 _____ (Microsoft Corporation) C:\Windows\system32\iasrad.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 000231936 _____ (Microsoft Corporation) C:\Windows\system32\InstallServiceTasks.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 000231912 _____ (Microsoft Corporation) C:\Windows\system32\deviceaccess.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 000227840 _____ (Microsoft Corporation) C:\Windows\system32\IndexedDbLegacy.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 000225792 _____ (Microsoft Corporation) C:\Windows\system32\WorkFoldersShell.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 000214528 _____ (Microsoft Corporation) C:\Windows\system32\srumsvc.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 000214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scecli.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 000211256 _____ (Microsoft Corporation) C:\Windows\system32\tcbloader.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 000203264 _____ (Microsoft Corporation) C:\Windows\system32\LanguageComponentsInstaller.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 000200192 _____ (Microsoft Corporation) C:\Windows\system32\updatepolicy.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 000197632 _____ (Microsoft Corporation) C:\Windows\system32\Win32CompatibilityAppraiserCSP.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 000193848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dumpsd.sys
    2020-04-15 08:27 - 2020-04-15 08:27 - 000190048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\logoncli.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 000187392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iasrad.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 000185952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\deviceaccess.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 000179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InstallServiceTasks.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 000179712 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 000178192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\partmgr.sys
    2020-04-15 08:27 - 2020-04-15 08:27 - 000178176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srumsvc.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 000175616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IndexedDbLegacy.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 000169472 _____ (Microsoft Corporation) C:\Windows\system32\SpatialAudioLicenseSrv.exe
    2020-04-15 08:27 - 2020-04-15 08:27 - 000164368 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
    2020-04-15 08:27 - 2020-04-15 08:27 - 000163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\updatepolicy.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 000158720 _____ (Microsoft Corporation) C:\Windows\system32\umpo.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 000155136 _____ (Microsoft Corporation) C:\Windows\system32\Chakradiag.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 000152408 _____ (Microsoft Corporation) C:\Windows\system32\KerbClientShared.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 000151352 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\scmbus.sys
    2020-04-15 08:27 - 2020-04-15 08:27 - 000147696 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
    2020-04-15 08:27 - 2020-04-15 08:27 - 000142544 _____ (Microsoft Corporation) C:\Windows\system32\LicensingUI.exe
    2020-04-15 08:27 - 2020-04-15 08:27 - 000140800 _____ (Microsoft Corporation) C:\Windows\system32\slc.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 000139776 _____ (Microsoft Corporation) C:\Windows\system32\Chakrathunk.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 000138752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\t2embed.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 000136192 _____ (Microsoft Corporation) C:\Windows\system32\sppc.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 000130560 _____ (Microsoft Corporation) C:\Windows\system32\StorageUsage.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 000129024 _____ (Microsoft Corporation) C:\Windows\system32\UtcDecoderHost.exe
    2020-04-15 08:27 - 2020-04-15 08:27 - 000127280 _____ (Microsoft Corporation) C:\Windows\system32\win32u.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 000125952 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 000123952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KerbClientShared.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 000122368 _____ (Microsoft Corporation) C:\Windows\system32\samlib.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 000118272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\slc.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 000117248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakradiag.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 000115120 _____ (Microsoft Corporation) C:\Windows\system32\phoneactivate.exe
    2020-04-15 08:27 - 2020-04-15 08:27 - 000108032 _____ (Microsoft Corporation) C:\Windows\system32\wwanprotdim.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 000105984 _____ (Microsoft Corporation) C:\Windows\system32\utcutil.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 000105472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakrathunk.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 000105472 _____ (Microsoft Corporation) C:\Windows\system32\WorkFolders.exe
    2020-04-15 08:27 - 2020-04-15 08:27 - 000103936 _____ (Microsoft Corporation) C:\Windows\system32\dot3msm.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 000102216 _____ (Microsoft Corporation) C:\Windows\system32\changepk.exe
    2020-04-15 08:27 - 2020-04-15 08:27 - 000101888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sppc.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 000099328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 000096768 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Custom.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 000093712 _____ (Microsoft Corporation) C:\Windows\system32\hvloader.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\dot3api.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 000090624 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 000089912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volmgr.sys
    2020-04-15 08:27 - 2020-04-15 08:27 - 000089336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32u.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 000089088 _____ (Microsoft Corporation) C:\Windows\system32\WaaSMedicAgent.exe
    2020-04-15 08:27 - 2020-04-15 08:27 - 000088352 _____ (Microsoft Corporation) C:\Windows\system32\remoteaudioendpoint.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 000087552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dot3api.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 000087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dot3msm.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 000087040 _____ (Microsoft Corporation) C:\Windows\system32\iasacct.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 000084280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hvservice.sys
    2020-04-15 08:27 - 2020-04-15 08:27 - 000076288 _____ (Microsoft Corporation) C:\Windows\system32\autopilot.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 000071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Custom.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 000071480 _____ (Microsoft Corporation) C:\Windows\system32\win32appinventorycsp.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 000070656 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Management.EnrollmentStatusTracking.ConfigProvider.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 000070656 _____ (Microsoft Corporation) C:\Windows\system32\keepaliveprovider.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 000070144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 000066624 _____ (Microsoft Corporation) C:\Windows\system32\iumcrypt.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 000066048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iasacct.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 000064000 _____ (Microsoft Corporation) C:\Windows\system32\tbauth.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 000063488 _____ (Microsoft Corporation) C:\Windows\system32\srumapi.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\mf3216.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\CloudNotifications.exe
    2020-04-15 08:27 - 2020-04-15 08:27 - 000059192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storufs.sys
    2020-04-15 08:27 - 2020-04-15 08:27 - 000058880 _____ C:\Windows\system32\runexehelper.exe
    2020-04-15 08:27 - 2020-04-15 08:27 - 000057856 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 000057344 _____ (Microsoft Corporation) C:\Windows\system32\audioresourceregistrar.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 000051200 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe
    2020-04-15 08:27 - 2020-04-15 08:27 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srumapi.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 000050544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CloudNotifications.exe
    2020-04-15 08:27 - 2020-04-15 08:27 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\iaspolcy.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 000049152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tbauth.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 000047000 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
    2020-04-15 08:27 - 2020-04-15 08:27 - 000046080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf3216.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 000045568 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.Office2010CustomActions.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 000045568 _____ (Microsoft Corporation) C:\Windows\system32\cmintegrator.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.Resources.Common.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 000043008 _____ (Microsoft Corporation) C:\Windows\system32\WiredNetworkCSP.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 000043008 _____ (Microsoft Corporation) C:\Windows\system32\UpgradeResultsUI.exe
    2020-04-15 08:27 - 2020-04-15 08:27 - 000040448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iaspolcy.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 000039424 _____ (Microsoft Corporation) C:\Windows\system32\WpcProxyStubs.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 000036864 _____ (Microsoft Corporation) C:\Windows\system32\TokenBrokerCookies.exe
    2020-04-15 08:27 - 2020-04-15 08:27 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Microsoft.Uev.Office2010CustomActions.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 000036152 _____ (Microsoft Corporation) C:\Windows\system32\DeviceCensus.exe
    2020-04-15 08:27 - 2020-04-15 08:27 - 000033792 _____ (Microsoft Corporation) C:\Windows\system32\sxssrv.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 000033080 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hwpolicy.sys
    2020-04-15 08:27 - 2020-04-15 08:27 - 000031744 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 000031744 _____ (Microsoft Corporation) C:\Windows\system32\ias.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\KNetPwrDepBroker.sys
    2020-04-15 08:27 - 2020-04-15 08:27 - 000029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cmintegrator.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 000029184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TokenBrokerCookies.exe
    2020-04-15 08:27 - 2020-04-15 08:27 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\WaaSMedicPS.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\flpydisk.sys
    2020-04-15 08:27 - 2020-04-15 08:27 - 000026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 000023552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ias.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 000023552 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Custom.ps.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 000022528 _____ (Microsoft Corporation) C:\Windows\system32\slcext.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 000022528 _____ (Microsoft Corporation) C:\Windows\system32\sbservicetrigger.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 000021520 _____ (Microsoft Corporation) C:\Windows\system32\kdhvcom.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 000019968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\slcext.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 000018944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sfloppy.sys
    2020-04-15 08:27 - 2020-04-15 08:27 - 000017920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\icsunattend.exe
    2020-04-15 08:27 - 2020-04-15 08:27 - 000015872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Custom.ps.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 000014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 000012800 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 000012288 _____ (Microsoft Corporation) C:\Windows\system32\pacjsworker.exe
    2020-04-15 08:27 - 2020-04-15 08:27 - 000011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 000010752 _____ (Microsoft Corporation) C:\Windows\system32\DMAlertListener.ProxyStub.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 000008192 _____ (Microsoft Corporation) C:\Windows\system32\msimg32.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DMAlertListener.ProxyStub.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimg32.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 000003072 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 000002560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
    2020-04-15 08:27 - 2020-04-15 08:27 - 000000315 _____ C:\Windows\system32\DrtmAuth9.bin
    2020-04-15 08:27 - 2020-04-15 08:27 - 000000315 _____ C:\Windows\system32\DrtmAuth8.bin
    2020-04-15 08:27 - 2020-04-15 08:27 - 000000315 _____ C:\Windows\system32\DrtmAuth7.bin
    2020-04-15 08:27 - 2020-04-15 08:27 - 000000315 _____ C:\Windows\system32\DrtmAuth6.bin
    2020-04-15 08:27 - 2020-04-15 08:27 - 000000315 _____ C:\Windows\system32\DrtmAuth5.bin
    2020-04-15 08:27 - 2020-04-15 08:27 - 000000315 _____ C:\Windows\system32\DrtmAuth4.bin
    2020-04-15 08:27 - 2020-04-15 08:27 - 000000315 _____ C:\Windows\system32\DrtmAuth3.bin
    2020-04-15 08:27 - 2020-04-15 08:27 - 000000315 _____ C:\Windows\system32\DrtmAuth2.bin
    2020-04-15 08:27 - 2020-04-15 08:27 - 000000315 _____ C:\Windows\system32\DrtmAuth12.bin
    2020-04-15 08:27 - 2020-04-15 08:27 - 000000315 _____ C:\Windows\system32\DrtmAuth11.bin
    2020-04-15 08:27 - 2020-04-15 08:27 - 000000315 _____ C:\Windows\system32\DrtmAuth10.bin
    2020-04-15 08:27 - 2020-04-15 08:27 - 000000315 _____ C:\Windows\system32\DrtmAuth1.bin
    2020-04-15 08:21 - 2020-03-17 05:57 - 000390656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
    2020-04-15 08:21 - 2020-03-17 05:56 - 000492544 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
    2020-04-14 19:06 - 2020-04-14 19:06 - 000000000 ____D C:\Users\marcs\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom
    2020-04-09 20:42 - 2020-04-09 20:42 - 000000000 ____D C:\Users\marcs\Desktop\Set Alabanza en casa 2
    2020-04-06 14:26 - 2020-04-06 14:26 - 000539576 _____ C:\Users\marcs\Desktop\EN149-2001+A1-2009, CE R2016-425.pdf
    2020-04-06 14:20 - 2020-04-06 14:20 - 000918682 _____ C:\Users\marcs\Desktop\EN149-2001+A1-2009.pdf
    2020-04-06 09:06 - 2020-04-06 09:14 - 000000000 ____D C:\Users\marcs\Desktop\Mascarillas Home Impex
    2020-04-02 12:29 - 2020-04-03 12:19 - 000000132 _____ C:\Users\marcs\AppData\Roaming\Prefs. de formato PNG de Adobe CS6
    2020-04-01 13:24 - 2020-04-07 10:27 - 000001456 _____ C:\Users\marcs\AppData\Local\Adobe Guardar para Web 13.0 Prefs
    2020-03-31 17:45 - 2020-04-09 16:13 - 000000000 ____D C:\Users\marcs\AppData\Roaming\vlc
    2020-03-31 17:45 - 2020-03-31 17:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
    2020-03-31 17:44 - 2020-03-31 17:44 - 000000000 ____D C:\Program Files (x86)\VideoLAN
    2020-03-30 15:07 - 2020-04-09 20:42 - 000000000 ____D C:\Users\marcs\Desktop\Set alabanza casa (Marc)
    2020-03-30 10:17 - 2020-03-30 10:17 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
    2020-03-27 23:50 - 2020-03-27 23:50 - 000000241 _____ C:\Users\marcs\Desktop\fotos faltantes.txt
    2020-03-27 13:25 - 2020-03-27 13:25 - 000018993 _____ C:\Users\marcs\Desktop\2005721.pdf
    2020-03-26 11:06 - 2020-04-14 19:06 - 000000000 ____D C:\Users\marcs\AppData\Roaming\Zoom
    2020-03-25 17:14 - 2020-03-25 11:13 - 000455576 _____ C:\Users\marcs\Desktop\Grabación Alabanza para Vinya Online.pdf
    2020-03-25 11:00 - 2020-03-25 11:00 - 001163264 _____ C:\Users\marcs\Desktop\Berlinger Haus is finally now up on YouTube.msg
    2020-03-23 18:03 - 2020-03-19 07:11 - 001729232 _____ C:\Windows\system32\vulkaninfo-1-999-0-0-0.exe
    2020-03-23 18:03 - 2020-03-19 07:11 - 001729232 _____ C:\Windows\system32\vulkaninfo.exe
    2020-03-23 18:03 - 2020-03-19 07:11 - 001329360 _____ C:\Windows\SysWOW64\vulkaninfo-1-999-0-0-0.exe
    2020-03-23 18:03 - 2020-03-19 07:11 - 001329360 _____ C:\Windows\SysWOW64\vulkaninfo.exe
    2020-03-23 18:03 - 2020-03-19 07:11 - 001078992 _____ C:\Windows\system32\vulkan-1-999-0-0-0.dll
    2020-03-23 18:03 - 2020-03-19 07:11 - 001078992 _____ C:\Windows\system32\vulkan-1.dll
    2020-03-23 18:03 - 2020-03-19 07:11 - 000937680 _____ C:\Windows\SysWOW64\vulkan-1-999-0-0-0.dll
    2020-03-23 18:03 - 2020-03-19 07:11 - 000937680 _____ C:\Windows\SysWOW64\vulkan-1.dll
    2020-03-23 18:03 - 2020-03-19 07:11 - 000450464 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
    2020-03-23 18:03 - 2020-03-19 07:11 - 000348048 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
    2020-03-23 18:03 - 2020-03-19 07:10 - 011945072 _____ (NVIDIA Corporation) C:\Windows\system32\nvptxJitCompiler.dll
    2020-03-23 18:03 - 2020-03-19 07:10 - 010285680 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvptxJitCompiler.dll
    2020-03-23 18:03 - 2020-03-19 07:10 - 000817056 _____ (NVIDIA Corporation) C:\Windows\system32\nvmcumd.dll
    2020-03-23 18:03 - 2020-03-19 07:10 - 000676448 _____ C:\Windows\system32\nvofapi64.dll
    2020-03-23 18:03 - 2020-03-19 07:10 - 000544352 _____ C:\Windows\SysWOW64\nvofapi.dll
    2020-03-23 18:03 - 2020-03-19 07:09 - 017600912 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
    2020-03-23 18:03 - 2020-03-19 07:09 - 015157664 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
    2020-03-23 18:03 - 2020-03-19 07:09 - 005856656 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
    2020-03-23 18:03 - 2020-03-19 07:09 - 005158304 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
    2020-03-23 18:03 - 2020-03-19 07:09 - 002072992 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
    2020-03-23 18:03 - 2020-03-19 07:09 - 001723280 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6444575.dll
    2020-03-23 18:03 - 2020-03-19 07:09 - 001564904 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
    2020-03-23 18:03 - 2020-03-19 07:09 - 001483168 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6444575.dll
    2020-03-23 18:03 - 2020-03-19 07:09 - 001480936 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
    2020-03-23 18:03 - 2020-03-19 07:09 - 001351568 _____ (NVIDIA Corporation) C:\Windows\system32\nvfatbinaryLoader.dll
    2020-03-23 18:03 - 2020-03-19 07:09 - 001142176 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
    2020-03-23 18:03 - 2020-03-19 07:09 - 001049488 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvfatbinaryLoader.dll
    2020-03-23 18:03 - 2020-03-19 07:09 - 000811424 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
    2020-03-23 18:03 - 2020-03-19 07:09 - 000679840 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
    2020-03-23 18:03 - 2020-03-19 07:09 - 000655264 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
    2020-03-23 18:03 - 2020-03-19 07:09 - 000546720 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
    2020-03-23 18:03 - 2020-03-19 04:05 - 004196160 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
    2020-03-23 18:03 - 2020-03-18 09:51 - 000039824 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll

    ==================== Un mes (modificado) ==================

    (Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)

    2020-04-21 16:30 - 2019-03-19 06:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
    2020-04-21 15:08 - 2020-01-24 11:59 - 000000000 ____D C:\Users\marcs\AppData\Local\Packages
    2020-04-21 15:01 - 2020-01-24 11:51 - 000000000 ____D C:\Windows\system32\SleepStudy
    2020-04-21 12:25 - 2020-01-24 11:58 - 000000000 ____D C:\ProgramData\NVIDIA
    2020-04-21 12:24 - 2019-03-19 06:52 - 000000000 ____D C:\Windows\system32\FxsTmp
    2020-04-20 17:29 - 2020-01-27 16:26 - 000000000 ____D C:\Users\marcs\AppData\Local\CrashDumps
    2020-04-20 15:10 - 2020-03-19 18:27 - 000214496 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
    2020-04-20 15:09 - 2020-01-27 11:23 - 000153312 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
    2020-04-19 11:25 - 2020-01-24 12:02 - 000000000 ___RD C:\Users\marcs\OneDrive
    2020-04-18 20:24 - 2020-01-28 12:52 - 000000000 ____D C:\Users\marcs\AppData\Roaming\ImageGlass
    2020-04-18 20:15 - 2020-01-24 12:01 - 000000000 ____D C:\ProgramData\LogiShrd
    2020-04-18 13:41 - 2019-03-19 06:52 - 000000000 ___HD C:\Program Files\WindowsApps
    2020-04-18 13:41 - 2019-03-19 06:52 - 000000000 ____D C:\Windows\AppReadiness
    2020-04-18 09:46 - 2020-01-28 12:34 - 000002430 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
    2020-04-17 18:15 - 2020-01-24 14:44 - 000000000 ____D C:\Program Files\Microsoft Office
    2020-04-17 18:15 - 2019-03-19 06:52 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
    2020-04-17 14:57 - 2020-01-24 11:58 - 001684180 _____ C:\Windows\system32\PerfStringBackup.INI
    2020-04-17 14:57 - 2019-03-19 13:59 - 000753744 _____ C:\Windows\system32\perfh00A.dat
    2020-04-17 14:57 - 2019-03-19 13:59 - 000148288 _____ C:\Windows\system32\perfc00A.dat
    2020-04-17 14:57 - 2019-03-19 06:50 - 000000000 ____D C:\Windows\INF
    2020-04-17 14:49 - 2020-03-09 13:40 - 000000000 ____D C:\Program Files (x86)\TeamViewer
    2020-04-17 14:49 - 2020-01-27 16:34 - 000000000 ____D C:\Users\marcs\AppData\Roaming\steelseries-engine-3-client
    2020-04-17 14:49 - 2020-01-24 11:51 - 000000006 ____H C:\Windows\Tasks\SA.DAT
    2020-04-17 14:49 - 2019-03-19 06:37 - 000786432 _____ C:\Windows\system32\config\BBI
    2020-04-15 20:48 - 2020-01-24 12:02 - 000003354 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-666844237-2131220937-1035686966-1001
    2020-04-15 20:48 - 2020-01-24 11:56 - 000002439 _____ C:\Users\marcs\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
    2020-04-15 10:00 - 2020-01-24 11:51 - 000000000 ____D C:\Windows\system32\Drivers\wd
    2020-04-15 09:59 - 2020-01-24 11:51 - 005209088 _____ C:\Windows\system32\FNTCACHE.DAT
    2020-04-15 09:58 - 2019-03-19 14:01 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
    2020-04-15 09:58 - 2019-03-19 06:52 - 000000000 ____D C:\Windows\SystemResources
    2020-04-15 09:58 - 2019-03-19 06:52 - 000000000 ____D C:\Windows\system32\PerceptionSimulation
    2020-04-15 09:58 - 2019-03-19 06:52 - 000000000 ____D C:\Windows\system32\migwiz
    2020-04-15 09:58 - 2019-03-19 06:52 - 000000000 ____D C:\Windows\ShellExperiences
    2020-04-15 09:58 - 2019-03-19 06:52 - 000000000 ____D C:\Windows\Provisioning
    2020-04-15 09:58 - 2019-03-19 06:52 - 000000000 ____D C:\Windows\PolicyDefinitions
    2020-04-15 09:58 - 2019-03-19 06:52 - 000000000 ____D C:\Windows\bcastdvr
    2020-04-15 08:30 - 2019-03-19 06:37 - 000000000 ____D C:\Windows\CbsTemp
    2020-04-13 20:48 - 2020-01-28 12:33 - 000003652 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
    2020-04-13 20:48 - 2020-01-28 12:33 - 000003528 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
    2020-04-11 12:58 - 2020-01-27 11:38 - 000002406 _____ C:\Users\marcs\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Teams.lnk
    2020-04-09 13:49 - 2020-01-24 11:56 - 000000000 ____D C:\Users\marcs
    2020-04-07 00:30 - 2020-01-24 14:08 - 000002306 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
    2020-04-03 16:00 - 2020-02-26 15:58 - 000000000 ____D C:\Users\marcs\AppData\Roaming\FileZilla
    2020-04-03 12:04 - 2020-02-26 15:58 - 000000000 ____D C:\Users\marcs\AppData\Local\FileZilla
    2020-04-03 12:03 - 2020-02-26 15:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
    2020-04-03 12:03 - 2020-02-26 15:58 - 000000000 ____D C:\Program Files\FileZilla FTP Client
    2020-04-01 13:24 - 2020-01-24 11:59 - 000000000 ____D C:\Users\marcs\AppData\Roaming\Adobe
    2020-03-31 17:37 - 2020-01-24 12:02 - 000000000 ____D C:\Users\marcs\AppData\Local\PlaceholderTileLogoFolder
    2020-03-31 11:52 - 2020-01-24 12:43 - 000000000 ____D C:\Users\marcs\AppData\Local\NVIDIA
    2020-03-30 10:12 - 2020-01-28 13:00 - 000000000 ____D C:\Users\marcs\AppData\Roaming\Apple Computer
    2020-03-23 18:05 - 2019-03-19 06:52 - 000000000 ____D C:\Windows\Help

    ==================== Archivos en la raíz de algunos directorios ========

    2020-04-02 12:29 - 2020-04-03 12:19 - 000000132 _____ () C:\Users\marcs\AppData\Roaming\Prefs. de formato PNG de Adobe CS6
    2020-04-01 13:24 - 2020-04-07 10:27 - 000001456 _____ () C:\Users\marcs\AppData\Local\Adobe Guardar para Web 13.0 Prefs

    ==================== SigCheck ============================

    (No existe una corrección automática para los archivos que no pasan la verificación.)

    ==================== Final de FRST.txt ========================
     
    Alatriste,
    #2


  3. to hide this advert.

  4. 2020/04/21
    Alatriste

    Alatriste New Member Thread Starter

    Joined:
    2020/04/20
    Messages:
    7
    Likes Received:
    0
    Addition.txt log:

    Resultados del Análisis Adicional de Farbar Recovery Scan Tool (x64) Versión: 20-04-2020
    Ejecutado por Marc (21-04-2020 16:37:14)
    Ejecutado desde C:\Users\marcs\Desktop
    Windows 10 Pro Versión 1909 18363.778 (X64) (2020-01-24 09:53:29)
    Modo de Inicio: Normal
    ==========================================================


    ==================== Cuentas: =============================

    Administrador (S-1-5-21-666844237-2131220937-1035686966-500 - Administrator - Disabled)
    DefaultAccount (S-1-5-21-666844237-2131220937-1035686966-503 - Limited - Disabled)
    Invitado (S-1-5-21-666844237-2131220937-1035686966-501 - Limited - Disabled)
    Marc (S-1-5-21-666844237-2131220937-1035686966-1001 - Administrator - Enabled) => C:\Users\marcs
    WDAGUtilityAccount (S-1-5-21-666844237-2131220937-1035686966-504 - Limited - Disabled)

    ==================== Centro de Seguridad ========================

    (Si una entrada es incluida en el fixlist, será eliminada.)

    AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}

    ==================== Programas instalados ======================

    (Solo los programas de adware con indicador "Oculto", pueden ser añadidos al fixlist para hacerlos visibles. Los programas adware deben ser desinstalados manualmente.)

    Actualización de NVIDIA 38.0.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 38.0.4.0 - NVIDIA Corporation) Hidden
    Adobe Acrobat X Pro - Italiano, Español, Nederlands, Português (HKLM-x32\...\{AC76BA86-1040-7D70-7760-000000000005}) (Version: 10.1.1 - Adobe Systems)
    Adobe Creative Suite 2 (HKLM-x32\...\{0134A1A1-C283-4A47-91A1-92F19F960372}) (Version: - )
    Adobe Creative Suite 6 Master Collection (HKLM-x32\...\{E8AD3069-9EB7-4BA8-8BFE-83F4E69355C0}) (Version: 6 - Adobe Systems Incorporated)
    Apple Application Support (32 bits) (HKLM-x32\...\{6CF0CAEE-54B6-4D84-A055-3AF110F189D3}) (Version: 8.4 - Apple Inc.)
    Apple Application Support (64 bits) (HKLM\...\{8B127943-89E7-4691-A7A4-D05807920A84}) (Version: 8.4 - Apple Inc.)
    Apple Mobile Device Support (HKLM\...\{0A394C41-FBA7-4930-85FC-3A973B34E6C6}) (Version: 13.5.0.26 - Apple Inc.)
    Apple Software Update (HKLM-x32\...\{A3985C05-7386-411F-A4BF-32A73F37EB44}) (Version: 2.6.3.1 - Apple Inc.)
    Backblaze (HKLM-x32\...\Backblaze) (Version: - Backblaze, Inc)
    Battery Calibration (HKLM-x32\...\{634AC01E-49DB-4AD2-B87C-90D4DCC6AFA1}) (Version: 1.0.1609.1901 - Micro-Star International Co., Ltd.) Hidden
    Battery Calibration (HKLM-x32\...\InstallShield_{634AC01E-49DB-4AD2-B87C-90D4DCC6AFA1}) (Version: 1.0.1609.1901 - Micro-Star International Co., Ltd.)
    BIAS FX 2 Plugins Pack (64bit) (HKLM\...\{71425D8B-865C-407F-B0E2-B43D89D88D4F}) (Version: 2.1.7.4820 - PositiveGrid)
    Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
    Dragon Center (HKLM-x32\...\{C65B26BC-5A6F-4135-9678-55A877655471}) (Version: 1.2.1804.1201 - Micro-Star International Co., Ltd.) Hidden
    Dragon Center (HKLM-x32\...\InstallShield_{C65B26BC-5A6F-4135-9678-55A877655471}) (Version: 1.2.1804.1201 - Micro-Star International Co., Ltd.)
    FileZilla Client 3.47.2.1 (HKLM-x32\...\FileZilla Client) (Version: 3.47.2.1 - Tim Kosse)
    GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: - GOG.com)
    Google Chrome (HKLM-x32\...\Google Chrome) (Version: 80.0.3987.163 - Google LLC)
    Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
    Help Desk (HKLM-x32\...\{7E8181AF-9679-49B3-B133-C265709B6927}) (Version: 1.0.1802.0501 - Micro-Star International Co., Ltd.) Hidden
    Help Desk (HKLM-x32\...\InstallShield_{7E8181AF-9679-49B3-B133-C265709B6927}) (Version: 1.0.1802.0501 - Micro-Star International Co., Ltd.)
    ImageGlass (HKLM\...\{BFE30AC3-1CB0-48E0-8E69-B950212D8645}) (Version: 7.5.1.1 - Duong Dieu Phap)
    iTunes (HKLM\...\{FBC5EC17-2F93-4210-B642-B2A56AA80D7C}) (Version: 12.10.6.2 - Apple Inc.)
    Linkios ERP versión 3.7 (HKLM-x32\...\{9D3A965B-16C9-4E05-8B3C-2DC8F01F4072}_is1) (Version: 3.7 - Aunion Software SL)
    Logitech Options (HKLM\...\LogiOptions) (Version: 8.10.84 - Logitech)
    Logitech Solar App 1.10 (HKLM\...\SolarApp) (Version: 1.10.3 - Logitech)
    Malwarebytes version 4.1.0.56 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.1.0.56 - Malwarebytes)
    Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 81.0.416.58 - Microsoft Corporation)
    Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.125.27 - )
    Microsoft Office 365 - es-es (HKLM\...\O365HomePremRetail - es-es) (Version: 16.0.12624.20466 - Microsoft Corporation)
    Microsoft OneDrive (HKU\S-1-5-21-666844237-2131220937-1035686966-1001\...\OneDriveSetup.exe) (Version: 19.232.1124.0012 - Microsoft Corporation)
    Microsoft Teams (HKU\S-1-5-21-666844237-2131220937-1035686966-1001\...\Teams) (Version: 1.3.00.8663 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
    Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
    Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
    Microsoft Visual C++ 2017 Redistributable (x64) - 14.13.26020 (HKLM-x32\...\{7474cd6e-76cc-4257-837e-5b9261e526af}) (Version: 14.13.26020.0 - Microsoft Corporation)
    Microsoft Visual C++ 2017 Redistributable (x86) - 14.13.26020 (HKLM-x32\...\{5c045b7f-e561-4794-91f8-c6cda0893107}) (Version: 14.13.26020.0 - Microsoft Corporation)
    Mozilla Firefox 72.0.2 (x64 ca) (HKLM\...\Mozilla Firefox 72.0.2 (x64 ca)) (Version: 72.0.2 - Mozilla)
    Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 72.0.2 - Mozilla)
    MSI Remind Manager (HKLM-x32\...\{3E23F267-3E35-40F9-B6BF-BC034D214717}) (Version: 1.0.1607.0401 - Micro-Star International Co., Ltd.) Hidden
    MSI Remind Manager (HKLM-x32\...\InstallShield_{3E23F267-3E35-40F9-B6BF-BC034D214717}) (Version: 1.0.1607.0401 - Micro-Star International Co., Ltd.)
    NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.19 - NVIDIA Corporation) Hidden
    NVIDIA Controlador de audio HD 1.3.38.26 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.26 - NVIDIA Corporation)
    NVIDIA Controlador de gráficos 445.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 445.75 - NVIDIA Corporation)
    NVIDIA GeForce Experience 3.20.2.34 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.2.34 - NVIDIA Corporation)
    NVIDIA Software del sistema PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
    OBS Studio (HKLM-x32\...\OBS Studio) (Version: 24.0.3 - OBS Project)
    Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.12624.20442 - Microsoft Corporation) Hidden
    Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.12624.20466 - Microsoft Corporation) Hidden
    Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0C0A-1000-0000000FF1CE}) (Version: 16.0.12624.20442 - Microsoft Corporation) Hidden
    Panel de control de NVIDIA 445.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 445.75 - NVIDIA Corporation) Hidden
    PDF Settings CS6 (HKLM-x32\...\{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}) (Version: 11.0 - Adobe Systems Incorporated) Hidden
    Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.14393.21292 - Realtek Semiconductor Corp.)
    Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8172 - Realtek Semiconductor Corp.)
    ScummVM 2.1.1a (HKLM\...\ScummVM_is1) (Version: 2.1.1a - The ScummVM Team)
    SteelSeries Engine 3.17.6 (HKLM\...\SteelSeries Engine 3) (Version: 3.17.6 - SteelSeries ApS)
    Suite Specific (HKLM-x32\...\{C49DAA9C-5BA8-459A-8244-E57B69DF0F04}) (Version: 2.0.0 - Adobe Systems, Incorporated) Hidden
    Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.3.4.193 - Synaptics Incorporated)
    TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.3.2682 - TeamViewer)
    The Witcher 3: Wild Hunt - Game of the Year Edition (HKLM-x32\...\1495134320_is1) (Version: 1.32 - GOG.com)
    VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.8 - VideoLAN)
    Wampserver64 3.2.0 (HKLM\...\{wampserver64}_is1) (Version: 3.2.0 - Dominique Ottello aka Otomatic)
    WinRAR 5.80 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.80.0 - win.rar GmbH)
    Zoom (HKU\S-1-5-21-666844237-2131220937-1035686966-1001\...\ZoomUMX) (Version: 4.6 - Zoom Video Communications, Inc.)

    Packages:
    =========
    Extensiones de vídeo HEVC -> C:\Program Files\WindowsApps\Microsoft.HEVCVideoExtensions_1.0.30443.0_x64__8wekyb3d8bbwe [2020-03-31] (Microsoft Corporation)
    HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_110.1.728.0_x64__v10z8vjag6ke6 [2020-04-15] (HP Inc.)
    Killer Control Center -> C:\Program Files\WindowsApps\RivetNetworks.KillerControlCenter_2.1.2930.0_x64__rh07ty8m5nkag [2020-01-24] (Rivet Networks LLC) [Startup Task]
    Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2020-01-29] (Microsoft Corporation) [MS Ad]
    Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2020-01-29] (Microsoft Corporation) [MS Ad]
    Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.6.4030.0_x64__8wekyb3d8bbwe [2020-04-18] (Microsoft Studios) [MS Ad]
    MSN El Tiempo -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-25] (Microsoft Corporation) [MS Ad]

    ==================== Personalizado CLSID (Lista blanca): ==============

    (Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

    CustomCLSID: HKU\S-1-5-21-666844237-2131220937-1035686966-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\marcs\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20031.2\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
    CustomCLSID: HKU\S-1-5-21-666844237-2131220937-1035686966-1001_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> C:\Users\marcs\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20031.2\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
    ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {D25B2CAB-8A9A-4517-A9B2-CB5F68A5A802} => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\..\Acrobat Elements\ContextMenu64.dll [2011-09-05] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
    ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal)
    ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal)
    ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-01-27] (Malwarebytes Corporation -> Malwarebytes)
    ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2020-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
    ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {D25B2CAB-8A9A-4517-A9B2-CB5F68A5A802} => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\..\Acrobat Elements\ContextMenu64.dll [2011-09-05] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
    ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-01-27] (Malwarebytes Corporation -> Malwarebytes)
    ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal)
    ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal)

    ==================== Codecs (Lista blanca) ====================

    ==================== Accesos directos & WMI ========================

    (Las entradas pueden ser listadas para ser restauradas o eliminadas.)

    ShortcutWithArgument: C:\Users\marcs\AppData\Local\Microsoft\Edge\User Data\Default\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation) -> --profile-directory=Default
    ShortcutWithArgument: C:\Users\marcs\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\Google Drive.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 1" --app-id=aghbiahbpaijignceidepookljebhfak
    ShortcutWithArgument: C:\Users\marcs\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Drive.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 1" --app-id=aghbiahbpaijignceidepookljebhfak
    ShortcutWithArgument: C:\Users\marcs\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Promintra - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 1"
    ShortcutWithArgument: C:\Users\marcs\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\d249d9ddd424b688\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default

    ==================== Módulos cargados (Lista blanca) =============

    2011-09-05 19:06 - 2011-09-05 19:06 - 000019968 _____ () [Archivo no firmado] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Locale\es_ES\acrotray.esp
    2011-09-05 19:06 - 2011-09-05 19:06 - 000105472 _____ () [Archivo no firmado] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Locale\es_es\PDFMaker\PDFMOfficeAddin.ESP
    2020-01-28 12:09 - 2020-01-28 12:09 - 000100352 _____ () [Archivo no firmado] C:\Users\marcs\AppData\Local\Adobe\Acrobat\10.0\Cache\AcLang_EScript.ESP
    2020-01-28 11:58 - 2020-01-28 11:58 - 010459136 _____ () [Archivo no firmado] C:\Users\marcs\AppData\Local\Adobe\Acrobat\10.0\Cache\AcLang_exlang32.esp
    2020-01-29 11:28 - 2020-01-29 11:28 - 000025088 _____ () [Archivo no firmado] C:\Users\marcs\AppData\Local\Adobe\Acrobat\10.0\Cache\AcLang_SaveAsRTF.ESP
    2020-01-28 12:09 - 2020-01-28 12:09 - 000014336 _____ () [Archivo no firmado] C:\Users\marcs\AppData\Local\Adobe\Acrobat\10.0\Cache\AcLang_Updater.ESP
    2020-01-28 12:10 - 2020-01-28 12:10 - 000044032 _____ () [Archivo no firmado] C:\Users\marcs\AppData\Local\Adobe\Acrobat\10.0\Cache\AcLang_weblink.ESP
    2011-09-05 19:06 - 2011-09-05 19:06 - 000336384 _____ (Adobe Systems Inc.) [Archivo no firmado] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Locale\es_ES\Acrobat Elements\ContextMenu64.esp
    2010-11-15 22:02 - 2012-04-24 20:34 - 001793672 _____ (Adobe Systems Incorporated -> Adobe Systems, Incorporated) [Archivo no firmado] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\amtlib.dll
    2011-09-05 19:05 - 2011-09-05 19:05 - 001769059 _____ (Adobe Systems Incorporated) [Archivo no firmado] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\plug_ins\EScript.api
    2011-09-05 19:05 - 2011-09-05 19:05 - 000407139 _____ (Adobe Systems Incorporated) [Archivo no firmado] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\plug_ins\SaveAsRTF.api
    2011-09-05 19:05 - 2011-09-05 19:05 - 000169571 _____ (Adobe Systems Incorporated) [Archivo no firmado] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\plug_ins\Updater.api
    2011-09-05 19:05 - 2011-09-05 19:05 - 000305251 _____ (Adobe Systems Incorporated) [Archivo no firmado] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\plug_ins\weblink.api
    2020-01-09 23:50 - 2020-01-09 23:50 - 002146304 _____ (Holtek Semiconductor Inc.) [Archivo no firmado] C:\Program Files\SteelSeries\SteelSeries Engine 3\HIDDLL.dll
    2020-01-09 23:50 - 2020-01-09 23:50 - 002284032 _____ (Holtek) [Archivo no firmado] C:\Program Files\SteelSeries\SteelSeries Engine 3\ISPDLL.dll
    2020-04-17 18:14 - 2020-04-17 18:14 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\AppVIsvSubsystems64.dll
    2020-04-17 18:14 - 2020-04-17 18:14 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\c2r64.dll
    2015-06-11 20:35 - 2015-06-11 20:35 - 000047816 _____ (MICRO-STAR INTERNATIONAL CO., LTD -> www.internals.com) [Archivo no firmado] C:\Program Files (x86)\MSI\Dragon Center\WinIo64.dll

    ==================== Alternate Data Streams (Lista blanca) ========

    ==================== Modo Seguro (Lista blanca) ==================

    (Si una entrada es incluida en el fixlist, será eliminada del registro. El "AlternateShell" será restaurado.)

    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

    ==================== Asociación (Lista blanca) =================

    ==================== Internet Explorer sitios de confianza/restringidos ==========

    ==================== Hosts contenido: =========================

    (Si es necesario, la directiva Hosts: puede ser incluida en el fixlist para restablecer Hosts.)

    2019-03-19 06:49 - 2020-03-16 13:14 - 000000039 _____ C:\Windows\system32\drivers\etc\hosts
    127.0.0.1 localhost

    ==================== Otras Áreas ===========================

    (Actualmente no existe una corrección automática para esta sección.)

    HKU\S-1-5-21-666844237-2131220937-1035686966-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\marcs\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
    DNS Servers: 192.168.0.1
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
    Firewall de Windows está habilitado.

    ==================== MSCONFIG/TASK MANAGER elementos deshabilitados ==

    ==================== Reglas de firewall (Lista blanca) ================

    (Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

    FirewallRules: [{1A8FF71E-0F37-42F0-B3F5-8C9999A25B23}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
    FirewallRules: [{F025CD3C-14D6-4E8B-84BD-B2BD4E961A5B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
    FirewallRules: [{50C56432-F529-4918-AFAB-6D788870C419}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
    FirewallRules: [{F0047376-2B24-4012-8D85-D56286A5230F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
    FirewallRules: [{15737626-0DB2-4700-ABE3-DFF7D997A946}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
    FirewallRules: [{3195324A-0494-4BB5-AC85-391694855187}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
    FirewallRules: [{240E476B-5BF6-44E8-A6C6-1739D1F5D086}] => (Allow) D:\Downloads\linkiosremote.exe Ningún archivo
    FirewallRules: [{2CA81833-2FC4-4E0A-ABF4-93AC8B2B0D0E}] => (Allow) D:\Downloads\linkiosremote.exe Ningún archivo
    FirewallRules: [{7FE29E7C-2A83-4168-A0AB-241F8D9490DB}] => (Allow) D:\Downloads\linkiosremote.exe Ningún archivo
    FirewallRules: [{71016DC5-968F-4BBF-8FEC-8ED04B8F2A56}] => (Allow) D:\Downloads\linkiosremote.exe Ningún archivo
    FirewallRules: [{52E407AF-5A07-4C53-9647-57E4CA5DCD21}] => (Allow) D:\Downloads\linkiosremote.exe Ningún archivo
    FirewallRules: [{0EBA6ED2-927B-497B-A84B-31361F5C97B8}] => (Allow) D:\Downloads\linkiosremote.exe Ningún archivo
    FirewallRules: [{B4512BA3-4129-41B1-9EB3-C02E74A86FC8}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
    FirewallRules: [{A754B005-9719-4125-ADC0-7226E89C7E77}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
    FirewallRules: [{E858D347-6B74-402A-BE74-9AE3EDD445DE}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
    FirewallRules: [{EEF83FB5-1C4B-4381-B143-62A2F1578E20}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
    FirewallRules: [{E1C4D752-C2D4-4619-AAAA-B3633EAA49ED}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
    FirewallRules: [{951C40E5-3B91-4FEA-A4E3-68F18BF17BDF}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
    FirewallRules: [{C177B09A-1131-4E93-9FB9-881F7F33B225}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
    FirewallRules: [TCP Query User{A5A7CB57-C235-4DBD-9571-03D2625A4575}C:\users\marcs\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\marcs\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
    FirewallRules: [UDP Query User{13034823-A2B6-41F2-8A61-6DB26BB8E984}C:\users\marcs\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\marcs\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
    FirewallRules: [{57F2BC80-F26E-4817-A604-D5F4C0519499}] => (Allow) C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOptionsMgr.EXE (Logitech Inc -> Logitech, Inc.)
    FirewallRules: [{5CBD92E6-E344-44F2-8F0C-83058E336B48}] => (Allow) C:\Program Files (x86)\Linkios ERP\LinkiosRemote36.exe (philandro Software GmbH -> )
    FirewallRules: [{67AA2423-BA53-4FA3-9B92-E5556BA3709D}] => (Allow) C:\Program Files (x86)\Linkios ERP\LinkiosRemote36.exe (philandro Software GmbH -> )
    FirewallRules: [{89B82FB4-B036-4CC8-BAB5-9B9F12730C00}] => (Allow) C:\Program Files (x86)\Linkios ERP\LinkiosRemote36.exe (philandro Software GmbH -> )
    FirewallRules: [{564B925B-7635-47D5-B368-C16F162ECD5B}] => (Allow) C:\Program Files (x86)\Linkios ERP\LinkiosRemote36.exe (philandro Software GmbH -> )
    FirewallRules: [{5F3CB22D-88E7-4707-8B21-09A2D574703E}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
    FirewallRules: [{88134583-4913-465D-A6AC-9BF912BBB320}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
    FirewallRules: [{8F5B86F7-D8BE-4B79-8E5F-AD93E8E1D47A}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
    FirewallRules: [{C791BF4C-6BC3-4310-ACAB-FBCA557B79B5}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
    FirewallRules: [TCP Query User{693C3DBA-4803-446C-ACE3-A786AD46C58F}C:\wamp64\bin\apache\apache2.4.41\bin\httpd.exe] => (Allow) C:\wamp64\bin\apache\apache2.4.41\bin\httpd.exe (Apache Software Foundation) [Archivo no firmado]
    FirewallRules: [UDP Query User{45C8FDD7-4651-4B08-94CE-174BDB3F83CB}C:\wamp64\bin\apache\apache2.4.41\bin\httpd.exe] => (Allow) C:\wamp64\bin\apache\apache2.4.41\bin\httpd.exe (Apache Software Foundation) [Archivo no firmado]
    FirewallRules: [{E37FD179-5EB4-4B91-A1AF-DBCE5D76ACBD}] => (Allow) C:\Users\marcs\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
    FirewallRules: [{898D7332-395E-42AC-AE9F-484751AE8558}] => (Allow) C:\Users\marcs\AppData\Roaming\Zoom\bin\airhost.exe Ningún archivo
    FirewallRules: [{60682F7F-3364-4DDC-84F1-EAECBAA035DD}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
    FirewallRules: [{2A5DDAEF-3727-436C-A872-1A187D8385E2}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
    FirewallRules: [{20770598-EE3E-4C62-80BF-DE9EEF34D72D}] => (Allow) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation -> Microsoft Corporation)
    FirewallRules: [{4BDA0FBF-5D09-4904-AC5B-8A5FF83A7819}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)

    ==================== Puntos de Restauración =========================

    11-04-2020 22:00:01 Punto de control programado
    15-04-2020 08:20:51 Windows Update

    ==================== Dispositivos defectuosos en el Administrador de dispositivos ============


    ==================== Errores del registro de eventos: ========================

    Errores de aplicación:
    ==================
    Error: (04/21/2020 09:00:44 AM) (Source: Microsoft-Windows-Perflib) (EventID: 1020) (User: NT AUTHORITY)
    Description: El tamaño del búfer necesario es mayor que el tamaño del búfer que se llevó a la función Collect del archivo DLL del contador extensible "C:\Windows\System32\perfts.dll" del servicio "LSM". El tamaño del búfer indicado era 26520 y el tamaño necesario es 41688.

    Error: (04/20/2020 05:29:38 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Nombre de la aplicación con errores: mbam.exe, versión: 4.0.0.620, marca de tiempo: 0x5e8e029e
    Nombre del módulo con errores: Qt5Core.dll, versión: 5.14.1.0, marca de tiempo: 0x5e8272e4
    Código de excepción: 0xc0000005
    Desplazamiento de errores: 0x0000000000232860
    Identificador del proceso con errores: 0x41b0
    Hora de inicio de la aplicación con errores: 0x01d6172875f2b430
    Ruta de acceso de la aplicación con errores: C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
    Ruta de acceso del módulo con errores: C:\Program Files\Malwarebytes\Anti-Malware\Qt5Core.dll
    Identificador del informe: 59c221c9-f8e5-4a1f-ba94-e7259bc28664
    Nombre completo del paquete con errores:
    Identificador de aplicación relativa del paquete con errores:

    Error: (04/20/2020 05:29:33 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Nombre de la aplicación con errores: mbam.exe, versión: 4.0.0.620, marca de tiempo: 0x5e8e029e
    Nombre del módulo con errores: mbam.exe, versión: 4.0.0.620, marca de tiempo: 0x5e8e029e
    Código de excepción: 0xc0000005
    Desplazamiento de errores: 0x000000000006fd19
    Identificador del proceso con errores: 0x41b0
    Hora de inicio de la aplicación con errores: 0x01d6172875f2b430
    Ruta de acceso de la aplicación con errores: C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
    Ruta de acceso del módulo con errores: C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
    Identificador del informe: 9213eaf6-b9f9-42e5-996b-8ddd26e57de6
    Nombre completo del paquete con errores:
    Identificador de aplicación relativa del paquete con errores:

    Error: (04/18/2020 12:13:48 PM) (Source: Microsoft-Windows-Perflib) (EventID: 1020) (User: NT AUTHORITY)
    Description: El tamaño del búfer necesario es mayor que el tamaño del búfer que se llevó a la función Collect del archivo DLL del contador extensible "C:\Windows\System32\perfts.dll" del servicio "LSM". El tamaño del búfer indicado era 26600 y el tamaño necesario es 38744.

    Error: (04/17/2020 02:49:39 PM) (Source: VSS) (EventID: 8193) (User: )
    Description: Error del Servicio de instantáneas de volumen: error inesperado al llamar a la rutina CoCreateInstance. HR = 0x8007045b, Se está cerrando el sistema.
    .

    Error: (04/17/2020 02:49:39 PM) (Source: VSS) (EventID: 13) (User: )
    Description: Información del Servicio de instantáneas de volumen: el servidor COM con CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} y el nombre CEventSystem no puede iniciarse. [0x8007045b, Se está cerrando el sistema.
    ]

    Error: (04/17/2020 02:47:32 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: m->NextScheduledSPRetry 16022422

    Error: (04/17/2020 02:47:32 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: m->NextScheduledEvent 16022422


    Errores del sistema:
    =============
    Error: (04/21/2020 04:13:28 PM) (Source: disk) (EventID: 7) (User: )
    Description: El dispositivo, \Device\Harddisk1\DR1, tiene un bloque defectuoso.

    Error: (04/21/2020 04:13:25 PM) (Source: disk) (EventID: 7) (User: )
    Description: El dispositivo, \Device\Harddisk1\DR1, tiene un bloque defectuoso.

    Error: (04/21/2020 04:13:22 PM) (Source: disk) (EventID: 7) (User: )
    Description: El dispositivo, \Device\Harddisk1\DR1, tiene un bloque defectuoso.

    Error: (04/21/2020 04:13:20 PM) (Source: disk) (EventID: 7) (User: )
    Description: El dispositivo, \Device\Harddisk1\DR1, tiene un bloque defectuoso.

    Error: (04/21/2020 04:13:17 PM) (Source: disk) (EventID: 7) (User: )
    Description: El dispositivo, \Device\Harddisk1\DR1, tiene un bloque defectuoso.

    Error: (04/21/2020 04:13:14 PM) (Source: disk) (EventID: 7) (User: )
    Description: El dispositivo, \Device\Harddisk1\DR1, tiene un bloque defectuoso.

    Error: (04/21/2020 03:11:20 PM) (Source: disk) (EventID: 7) (User: )
    Description: El dispositivo, \Device\Harddisk1\DR1, tiene un bloque defectuoso.

    Error: (04/21/2020 03:11:17 PM) (Source: disk) (EventID: 7) (User: )
    Description: El dispositivo, \Device\Harddisk1\DR1, tiene un bloque defectuoso.


    Windows Defender:
    ===================================
    Date: 2020-02-12 12:25:45.420
    Description:
    El examen de Antivirus de Windows Defender se detuvo antes de completarse.
    Id. de examen: {627EF938-5F47-4B29-81FB-9821092FBFC0}
    Tipo de examen: Antimalware
    Parámetros de examen: Examen rápido
    Usuario: NT AUTHORITY\SYSTEM

    Date: 2020-02-12 12:19:49.231
    Description:
    El examen de Antivirus de Windows Defender se detuvo antes de completarse.
    Id. de examen: {B74D386D-E2C4-448A-96B0-93D65A750246}
    Tipo de examen: Antimalware
    Parámetros de examen: Examen rápido
    Usuario: NT AUTHORITY\SYSTEM

    Date: 2020-02-11 11:16:02.260
    Description:
    El examen de Antivirus de Windows Defender se detuvo antes de completarse.
    Id. de examen: {3573078D-AE41-461F-AB85-FB009CFA6F8A}
    Tipo de examen: Antimalware
    Parámetros de examen: Examen rápido
    Usuario: NT AUTHORITY\SYSTEM

    Date: 2020-01-29 09:36:48.851
    Description:
    El examen de Antivirus de Windows Defender se detuvo antes de completarse.
    Id. de examen: {ED9E4D12-6696-44EC-BD7B-90CD16896C40}
    Tipo de examen: Antimalware
    Parámetros de examen: Examen rápido
    Usuario: NT AUTHORITY\SYSTEM

    Date: 2020-01-29 09:18:16.361
    Description:
    El examen de Antivirus de Windows Defender se detuvo antes de completarse.
    Id. de examen: {6C25AF33-C777-4A80-A00C-B1414706338A}
    Tipo de examen: Antimalware
    Parámetros de examen: Examen rápido
    Usuario: NT AUTHORITY\SYSTEM

    Date: 2020-04-15 09:58:24.769
    Description:
    Antivirus de Windows Defender detectó un error al intentar actualizar la inteligencia de seguridad.
    Nueva versión de inteligencia de seguridad:
    Versión anterior de inteligencia de seguridad: 1.311.1739.0
    Origen de actualización: Servidor de Microsoft Update
    Tipo de inteligencia de seguridad: AntiVirus
    Tipo de actualización: Completa
    Usuario: NT AUTHORITY\SYSTEM
    Versión actual del motor:
    Versión anterior del motor: 1.1.16800.2
    Código de error: 0x8007045b
    Descripción del error: Se está cerrando el sistema.

    Date: 2020-04-07 08:37:03.257
    Description:
    Antivirus de Windows Defender detectó un error al intentar actualizar la inteligencia de seguridad.
    Nueva versión de inteligencia de seguridad:
    Versión anterior de inteligencia de seguridad: 1.311.1739.0
    Origen de actualización: Centro de protección contra malware de Microsoft
    Tipo de inteligencia de seguridad: AntiVirus
    Tipo de actualización: Completa
    Usuario: NT AUTHORITY\Servicio de red
    Versión actual del motor:
    Versión anterior del motor: 1.1.16800.2
    Código de error: 0x80072ee7
    Descripción del error: No se pudo resolver el nombre de servidor o su dirección

    Date: 2020-04-07 08:37:03.256
    Description:
    Antivirus de Windows Defender detectó un error al intentar actualizar la inteligencia de seguridad.
    Nueva versión de inteligencia de seguridad:
    Versión anterior de inteligencia de seguridad: 1.311.1739.0
    Origen de actualización: Centro de protección contra malware de Microsoft
    Tipo de inteligencia de seguridad: AntiSpyware
    Tipo de actualización: Completa
    Usuario: NT AUTHORITY\Servicio de red
    Versión actual del motor:
    Versión anterior del motor: 1.1.16800.2
    Código de error: 0x80072ee7
    Descripción del error: No se pudo resolver el nombre de servidor o su dirección

    Date: 2020-04-07 08:37:03.256
    Description:
    Antivirus de Windows Defender detectó un error al intentar actualizar la inteligencia de seguridad.
    Nueva versión de inteligencia de seguridad:
    Versión anterior de inteligencia de seguridad: 1.311.1739.0
    Origen de actualización: Centro de protección contra malware de Microsoft
    Tipo de inteligencia de seguridad: AntiVirus
    Tipo de actualización: Completa
    Usuario: NT AUTHORITY\Servicio de red
    Versión actual del motor:
    Versión anterior del motor: 1.1.16800.2
    Código de error: 0x80072ee7
    Descripción del error: No se pudo resolver el nombre de servidor o su dirección

    Date: 2020-04-07 08:37:03.242
    Description:
    Antivirus de Windows Defender detectó un error al intentar actualizar la inteligencia de seguridad.
    Nueva versión de inteligencia de seguridad:
    Versión anterior de inteligencia de seguridad: 1.311.1739.0
    Origen de actualización: Centro de protección contra malware de Microsoft
    Tipo de inteligencia de seguridad: AntiVirus
    Tipo de actualización: Completa
    Usuario: NT AUTHORITY\Servicio de red
    Versión actual del motor:
    Versión anterior del motor: 1.1.16800.2
    Código de error: 0x80072ee7
    Descripción del error: No se pudo resolver el nombre de servidor o su dirección

    CodeIntegrity:
    ===================================

    Date: 2020-04-21 16:35:23.188
    Description:
    Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

    Date: 2020-04-21 16:35:23.186
    Description:
    Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

    Date: 2020-04-21 16:16:44.782
    Description:
    Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

    Date: 2020-04-21 16:16:44.781
    Description:
    Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

    Date: 2020-04-21 16:16:44.663
    Description:
    Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

    Date: 2020-04-21 16:16:44.661
    Description:
    Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

    Date: 2020-04-21 16:16:19.886
    Description:
    Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

    Date: 2020-04-21 16:16:19.885
    Description:
    Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

    ==================== Información de la memoria ===========================

    BIOS: American Megatrends Inc. E1785IMS.119 01/17/2018
    Placa base: Micro-Star International Co., Ltd. MS-1785
    Procesador: Intel(R) Core(TM) i7-6700HQ CPU @ 2.60GHz
    Porcentaje de memoria en uso: 54%
    RAM física total: 16339.96 MB
    RAM física disponible: 7461.55 MB
    Virtual total: 20307.96 MB
    Virtual disponible: 4272.35 MB

    ==================== Unidades ================================

    Drive c: (Windows) (Fixed) (Total:237.29 GB) (Free:147.71 GB) NTFS
    Drive d: (Datos) (Fixed) (Total:921.51 GB) (Free:324.55 GB) NTFS
    Drive f: (Recovery) (Fixed) (Total:10 GB) (Free:6.01 GB) NTFS

    \\?\Volume{cf1a43bb-fcf2-4465-b20d-7f6c194fc715}\ (Recuperación) (Fixed) (Total:0.52 GB) (Free:0.07 GB) NTFS
    \\?\Volume{e3b95ed8-0b3c-4823-a8bd-165576dc3ebb}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

    ==================== MBR & Tabla de particiones ====================

    ==========================================================
    Disk: 0 (Protective MBR) (Size: 238.5 GB) (Disk ID: 00000000)

    Partition: GPT.

    ==========================================================
    Disk: 1 (MBR Code: Windows XP) (Size: 931.5 GB) (Disk ID: 88B57BAC)
    Partition 1: (Not Active) - (Size=921.5 GB) - (Type=07 NTFS)
    Partition 2: (Not Active) - (Size=10 GB) - (Type=07 NTFS)

    ==================== Final de Addition.txt =======================
     
    Alatriste,
    #3
  5. 2020/04/21
    broni

    broni Moderator Malware Analyst

    Joined:
    2002/08/01
    Messages:
    21,701
    Likes Received:
    116
    Please, observe following rules:
    • Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
    • If you're stuck, or you're not sure about certain step, always ask before doing anything else.
    • Please refrain from running any tools, fixes or applying any changes to your computer other than those I suggest.
    • Never run more than one scan at a time.
    • Keep updating me regarding your computer behavior, good, or bad.
    • The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
    • If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
    • I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.

    =================================

    I don't see much so far...

    [​IMG] Download RogueKiller from one of the following links and save it to your Desktop:

    Link 1
    Link 2
    • Close all the running programs
    • Double click on downloaded setup.exe file to install the program.
    • Click on Start Scan button.
    • Click on another Start Scan button.
    • Wait until the Status box shows Scan Finished
    • Click on Remove Selected.
    • Wait until the Status box shows Deleting Finished.
    • Click on Report and copy/paste the content of the Notepad into your next reply.
    • RKreport.txt could also be found on your desktop.
    • If more than one log is produced post all logs.
    [​IMG] Please download Malwarebytes to your desktop.
    • Double-click mb3-setup-consumer-{version}.exe and follow the prompts to install the program.
    • Then click Finish.
    • Once the program has fully updated, select Scan Now on the Dashboard. Or select the Threat Scan from the Scan menu.
    • If another update of the definitions is available, it will be implemented before the rest of the scanning procedure.
    • When the scan is complete, make sure that all Threats are selected, and click Remove Selected.
    • Restart your computer when prompted to do so.
    • The Scan log is available throughout History ->Application logs. Please post it contents in your next reply.
    [​IMG] Please download AdwCleaner by Xplode and save to your Desktop.
    • Double click on AdwCleaner.exe to run the tool.
      Vista/Windows 7/8/10 users right-click and select Run As Administrator
    • The tool will start to update the database if one is required.
    • Click on the Scan button.
    • AdwCleaner will begin...be patient as the scan may take some time to complete.
    • After the scan has finished, click on the Logfile button.
    • A window will open which lists the logs of your scans.
    • Click on the Scan tab.
    • Double-click the most recent scan which will be at the top of the list....the log will appear.
    • Review the results...see note below
    • After reviewing the log, click on the Clean button.
    • Press OK when asked to close all programs and follow the onscreen prompts.
    • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
    • After rebooting, a logfile report (AdwCleaner[CX].txt) will open automatically (where the largest value of X represents the most recent report).
    • To open a Cleaning log, launch AdwareClearer, click on the Logfile button, click on the Cleaning tab and double-click the log at the top of the list.
    • Copy and paste the contents of AdwCleaner[CX].txt in your next reply.
    • A copy of all logfiles are saved to C:\AdwCleaner.
    -- Note: The contents of the AdwCleaner log file may be confusing. Unless you see a program name or entry that you recognize and know should not be removed, don't worry about it. If you see an entry you want to keep, return to AdwCleaner before cleaning...all detected items will be listed (and checked) in each tab. Click on and uncheck any items you want to keep.
     
    broni,
    #4
  6. 2020/04/21
    Alatriste

    Alatriste New Member Thread Starter

    Joined:
    2020/04/20
    Messages:
    7
    Likes Received:
    0
    Thanks Broni.

    I will do this later tonight and post back the results.

    Cheers!
     
    Alatriste,
    #5
  7. 2020/04/21
    broni

    broni Moderator Malware Analyst

    Joined:
    2002/08/01
    Messages:
    21,701
    Likes Received:
    116
    No problem :)
     
    broni,
    #6
  8. 2020/04/21
    Alatriste

    Alatriste New Member Thread Starter

    Joined:
    2020/04/20
    Messages:
    7
    Likes Received:
    0
    I do have one question though before proceeding , Broni.

    I already have Malwarebytes. It is the Premium version (it reads "Malwarebytes Premium 4.1.0" up on top).

    So my question is in regard to step 2.
    Do I still have to download the software you point to since I already have it?
    In case I don't, then a "simple" threat Scan (the fast one) will do? Or do I have to run the "Completed/personalised" one?

    Thanks for your reply.
     
    Alatriste,
    #7
  9. 2020/04/22
    broni

    broni Moderator Malware Analyst

    Joined:
    2002/08/01
    Messages:
    21,701
    Likes Received:
    116
    Simple scan will be fine.
     
    broni,
    #8
  10. 2020/04/22
    Alatriste

    Alatriste New Member Thread Starter

    Joined:
    2020/04/20
    Messages:
    7
    Likes Received:
    0
    Here are the requested logs:

    RogueKiller Anti-Malware V14.4.0.0 (x64) [Apr 1 2020] (Premium) por Adlice Software
    correo : https://adlice.com/contact/
    Página Web : https://adlice.com/download/roguekiller/
    Sistema Operativo : Windows 10 (10.0.18363) 64 bits
    Iniciado en : Modo Normal
    Usuario : Marc [Administrador]
    Iniciado desde : C:\Program Files\RogueKiller\RogueKiller64.exe
    Firmas : 20200421_093730, Conductor : Cargado
    Modo : Análisis estandar, Borrar -- Fecha : 2020/04/22 23:06:53 (Duración : 00:06:37)
    Conmutadores : -minimize

    ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Borrar ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
    [PUP.Gen1 (Potencialmente Malicioso)] HKEY_USERS\S-1-5-21-666844237-2131220937-1035686966-1001\Software\csastats -- -> Borrado


    Malwarebytes
    www.malwarebytes.com

    -Detalles del registro-
    Fecha del análisis: 22/4/20
    Hora del análisis: 23:09
    Archivo de registro: 867898d8-84dd-11ea-a457-4ccc6a80a5a7.json

    -Información del software-
    Versión: 4.1.0.56
    Versión de los componentes: 1.0.875
    Versión del paquete de actualización: 1.0.22788
    Licencia: Premium

    -Información del sistema-
    SO: Windows 10 (Build 18362.778)
    CPU: x64
    Sistema de archivos: NTFS
    Usuario: MARC\Marc

    -Resumen del análisis-
    Tipo de análisis: Análisis de amenazas
    Análisis iniciado por:: Manual
    Resultado: Completado
    Objetos analizados: 323728
    Amenazas detectadas: 0
    Amenazas en cuarentena: 0
    Tiempo transcurrido: 0 min, 45 seg

    -Opciones de análisis-
    Memoria: Activado
    Inicio: Activado
    Sistema de archivos: Activado
    Archivo: Activado
    Rootkits: Desactivado
    Heurística: Activado
    PUP: Detectar
    PUM: Detectar

    -Detalles del análisis-
    Proceso: 0
    (No hay elementos maliciosos detectados)

    Módulo: 0
    (No hay elementos maliciosos detectados)

    Clave del registro: 0
    (No hay elementos maliciosos detectados)

    Valor del registro: 0
    (No hay elementos maliciosos detectados)

    Datos del registro: 0
    (No hay elementos maliciosos detectados)

    Secuencia de datos: 0
    (No hay elementos maliciosos detectados)

    Carpeta: 0
    (No hay elementos maliciosos detectados)

    Archivo: 0
    (No hay elementos maliciosos detectados)

    Sector físico: 0
    (No hay elementos maliciosos detectados)

    WMI: 0
    (No hay elementos maliciosos detectados)


    (end)



    # -------------------------------
    # Malwarebytes AdwCleaner 8.0.4.0
    # -------------------------------
    # Build: 04-03-2020
    # Database: 2020-04-08.2 (Cloud)
    # Support: https://www.malwarebytes.com/support
    #
    # -------------------------------
    # Mode: Clean
    # -------------------------------
    # Start: 04-22-2020
    # Duration: 00:00:01
    # OS: Windows 10 Pro
    # Cleaned: 1
    # Failed: 0


    ***** [ Services ] *****

    No malicious services cleaned.

    ***** [ Folders ] *****

    No malicious folders cleaned.

    ***** [ Files ] *****

    No malicious files cleaned.

    ***** [ DLL ] *****

    No malicious DLLs cleaned.

    ***** [ WMI ] *****

    No malicious WMI cleaned.

    ***** [ Shortcuts ] *****

    No malicious shortcuts cleaned.

    ***** [ Tasks ] *****

    No malicious tasks cleaned.

    ***** [ Registry ] *****

    No malicious registry entries cleaned.

    ***** [ Chromium (and derivatives) ] *****

    No malicious Chromium entries cleaned.

    ***** [ Chromium URLs ] *****

    Deleted banggood.com

    ***** [ Firefox (and derivatives) ] *****

    No malicious Firefox entries cleaned.

    ***** [ Firefox URLs ] *****

    No malicious Firefox URLs cleaned.

    ***** [ Hosts File Entries ] *****

    No malicious hosts file entries cleaned.

    ***** [ Preinstalled Software ] *****

    No Preinstalled Software cleaned.


    *************************

    [+] Delete Tracing Keys
    [+] Reset Winsock

    *************************

    AdwCleaner[S00].txt - [1416 octets] - [22/04/2020 23:15:31]

    ########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########


    Thanks,
    Marc
     
    Alatriste,
    #9
  11. 2020/04/23
    broni

    broni Moderator Malware Analyst

    Joined:
    2002/08/01
    Messages:
    21,701
    Likes Received:
    116
    Nothing malicious there.
    I suggest new topic in Windows forum.
    Good luck :)
     
    broni,
    #10
  12. 2020/04/23
    Alatriste

    Alatriste New Member Thread Starter

    Joined:
    2020/04/20
    Messages:
    7
    Likes Received:
    0
    Ok,

    Appreciate your time in looking into this anyway.
    Take care,
     
    Alatriste,
    #11
  13. 2020/04/23
    broni

    broni Moderator Malware Analyst

    Joined:
    2002/08/01
    Messages:
    21,701
    Likes Received:
    116
    You too :)
     
    broni,
    #12

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...