• Registrarse
  • Iniciar sesión


  • Página 1 de 2 12 ÚltimoÚltimo
    Resultados 1 al 10 de 17

    Malwarebytes no inicia correctamente (error 0xc0000279) (Solucionado)

    Hola a todos: Tomo como referencia el tema "Malwarebytes no abre (error 0xc0000279)" de 12/05/16 solucionado por @Miguelgrado indicando que no puedo seguir lo indicado en él, por que mi problema es que cuando intento ...

    1. #1
      Usuario Avatar de Nori777
      Registrado
      nov 2008
      Ubicación
      Madrid
      Mensajes
      16

      Triste Malwarebytes no inicia correctamente (error 0xc0000279) (Solucionado)

      Hola a todos:

      Tomo como referencia el tema "Malwarebytes no abre (error 0xc0000279)" de 12/05/16 solucionado por @Miguelgrado indicando que no puedo seguir lo indicado en él, por que mi problema es que cuando intento desinstalar mbam con su propio uninstall o con el desinstalador de w10 tambien me sale la ventana de error. Tampoco he podido borrarlo con ningun programa pués no son capces de hacerlo (CCleaner, Avast, HJack...). Espero vuestros comentarios.

      Gracias por la ayuda.

    2. #2
      Warrior Avatar de @Miguelgrado
      Registrado
      dic 2005
      Ubicación
      Asturias-España
      Mensajes
      18.142

      re: Malwarebytes no inicia correctamente (error 0xc0000279) (Solucionado)

      Ejecuta el desinstalador de Malwarebytes en modo seguro >> Herramientas de desinstalación de Antivirus, AntiSpyware y Firewall.



      Comentas el resultado y luego vemos los siguientes pasos
      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    3. #3
      Usuario Avatar de Nori777
      Registrado
      nov 2008
      Ubicación
      Madrid
      Mensajes
      16

      re: Malwarebytes no inicia correctamente (error 0xc0000279) (Solucionado)

      Ahora sí que se ha borrado!. A qué se debía el no poder borrarle? virus, problema técnico técnico....
      Espero los siguientes pasos.
      Gracias.

    4. #4
      Warrior Avatar de @Miguelgrado
      Registrado
      dic 2005
      Ubicación
      Asturias-España
      Mensajes
      18.142

      re: Malwarebytes no inicia correctamente (error 0xc0000279) (Solucionado)

      Lo mas posible es que sea alguna infeccion importante, ahora veremos.

      Realizas en orden y me pegas logs en orden:


      Descarga y ejecutas Rkill 2.6 | InfoSpyware en el escritorio

      • Rkill se disfraza bajo el nombre iExplore, cuando lo ejecute tendrá que esperar y aceptar un mensaje.
      • Rkill no se instala.
      • Después de ejecutar este, no reinicie el PC hasta que un programa se lo solicite.
      • Luego peganos el log que se encuentra en C: rkill.log


      Paso 1.-: Descarga Malwarebytes Anti-Rootkit Beta >>Malwarebytes Anti-Rootkit | InfoSpyware y descomprima el contenido en su escritorio
      Paso 2.- : Desactiva tu antivirus >> Cómo deshabilitar temporalmente su Antivirus

      Abra la carpeta Mbar. Doble clic en el archivo Mbar.exe
      • En la interfaz del programa haga clic en Next.
      • Haga clic en el botón Update. Terminando clic en Next
      • Para iniciar el análisis clic en el botón Scan
      • Terminando, si hay infección clic en CleanUp, si no hay, clic en Exit.


      Al finalizar abra la carpeta Mbar, los archivos mbar-log.txt , copie y pegue todo su contenido en la siguiente respuesta y comentando los resultados.


      Descarga >> https://www.infospyware.com/antispyware/adwcleaner y colócalo en el escritorio:


      - Ejecútalo con todos los programas cerrados y con el antivirus deshabilitado >>Cómo deshabilitar temporalmente su Antivirus.
      - Si usas Windows Vista/ W 7/W 8, ejecútalo como administrador. (Botón derecho >> Ejecutar como Administrador) , aceptas la licencia (j’acepte) ..


      Presionas y das en Escanear y esperas a que el programa haga lo suyo.
      Ejecutamos Limpiar para realizar la limpieza y si nos pide reiniciar el pc lo hacemos.

      - Al terminar se abrirá un reporte en un archivo de texto, cuyo contenido deberás copiar y pegar en tu próxima respuesta.


      El reporte se encuentra también en C:\AdwCleaner- AdwCleaner[CX].txt



      1-Descarga Farbar Recovery Scan Tool By Farbar (Descarga el archivo dependiendo de la arquitectura de tu sistema).>> Como saber si mi sistema es de 32 o de 64 Bits

      • La guardas en el escritorio >> Esto es muy importante..
      • Con todos los programas /ventanas cerrados, doble clic para ejecutar Frst.exe.
      • En la ventana del Disclaimer, presiona Yes.
      • En la nueva ventana que se abre, presiona el botón Scan y espera paciente a que concluya el análisis.

      • Se abrirán dos (2) archivos (Logs), Frst.txt y Addition.txt, estos estarán grabados en tu escritorio.

      • Para terminar abres los archivos Frst.txt y Addition.Txt copia y pega todo su contenido en tu próxima respuesta. Utiliza dos mensajes si te dice que es muy largo.
      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    5. #5
      Usuario Avatar de Nori777
      Registrado
      nov 2008
      Ubicación
      Madrid
      Mensajes
      16

      re: Malwarebytes no inicia correctamente (error 0xc0000279) (Solucionado)

      Buenos días a todos!

      Te adjunto el resultado de os diferentes pasos ue he realizado:

      1-- RKill

      Rkill 2.9.1 by Lawrence Abrams (Grinler)
      http://www.bleepingcomputer.com/
      Copyright 2008-2017 BleepingComputer.com
      More Information about Rkill can be found at this link:
      http://www.bleepingcomputer.com/forums/topic308364.html

      Program started at: 08/21/2017 12:22:26 AM in x64 mode.
      Windows Version: Windows 10 Home

      Checking for Windows services to stop:

      * No malware services found to stop.

      Checking for processes to terminate:

      * No malware processes found to kill.

      Checking Registry for malware related settings:

      * No issues found in the Registry.

      Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

      Performing miscellaneous checks:

      * Windows Defender Disabled

      [HKLM\SOFTWARE\Microsoft\Windows Defender]
      "DisableAntiSpyware" = dword:00000001

      Searching for Missing Digital Signatures:

      * No issues found.

      Checking HOSTS File:

      * HOSTS file entries found:

      127.0.0.1 activate.adobe.com
      127.0.0.1 practivate.adobe.com
      127.0.0.1 209.34.83.73:443
      127.0.0.1 209.34.83.73:43
      127.0.0.1 209.34.83.67:443
      127.0.0.1 209.34.83.67:43
      127.0.0.1 ood.opsource.net
      127.0.0.1 199.7.52.190:80
      127.0.0.1 OCSP.SPO1.VERISIGN.COM
      127.0.0.1 199.7.54.72:80
      127.0.0.1 192.150.14.69
      127.0.0.1 192.150.18.101
      127.0.0.1 192.150.18.108
      127.0.0.1 192.150.22.40
      127.0.0.1 192.150.8.100
      127.0.0.1 192.150.8.118
      127.0.0.1 209-34-83-73.ood.opsource.net
      127.0.0.1 3dns-1.adobe.com
      127.0.0.1 3dns-2.adobe.com
      127.0.0.1 3dns-3.adobe.com

      20 out of 61 HOSTS entries shown.
      Please review HOSTS file for further entries.

      Program finished at: 08/21/2017 12:23:26 AM
      Execution time: 0 hours(s), 0 minute(s), and 59 seconds(s)

      2.- Mbar

      Malwarebytes Anti-Rootkit BETA 1.9.3.1001
      www.malwarebytes.org

      Database version:
      main: v2017.08.20.04
      rootkit: v2017.08.02.01

      Windows 10 x64 NTFS
      Internet Explorer 11.540.15063.0
      Nori7 :: DESKTOP-LVB98V2 [administrator]

      21/08/2017 0:29:36
      mbar-log-2017-08-21 (00-29-36).txt

      Scan type: Quick scan
      Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
      Scan options disabled:
      Objects scanned: 288022
      Time elapsed: 8 minute(s), 41 second(s)

      Memory Processes Detected: 0
      (No malicious items detected)

      Memory Modules Detected: 0
      (No malicious items detected)

      Registry Keys Detected: 0
      (No malicious items detected)

      Registry Values Detected: 0
      (No malicious items detected)

      Registry Data Items Detected: 0
      (No malicious items detected)

      Folders Detected: 0
      (No malicious items detected)

      Files Detected: 0
      (No malicious items detected)

      Physical Sectors Detected: 0
      (No malicious items detected)

      (end)

      3.- Adwcleaner

      # AdwCleaner 7.0.1.0 - Logfile created on Sun Aug 20 22:43:08 2017
      # Updated on 2017/05/08 by Malwarebytes
      # Database: 08-17-2017.2
      # Running on Windows 10 Home (X64)
      # Mode: scan
      # Support: https://www.malwarebytes.com/support

      ***** [ Services ] *****

      No malicious services found.

      ***** [ Folders ] *****

      PUP.Optional.Legacy, C:\Program Files (x86)\Common Files\freemake shared
      PUP.Optional.RegCurePro, C:\ProgramData\PARETOLOGIC
      PUP.Optional.RegCurePro, C:\Users\All Users\PARETOLOGIC
      PUP.Optional.RegCurePro, C:\Users\Nori7\AppData\Roaming\PARETOLOGIC


      ***** [ Files ] *****

      No malicious files found.

      ***** [ DLL ] *****

      No malicious DLLs found.

      ***** [ WMI ] *****

      No malicious WMI found.

      ***** [ Shortcuts ] *****

      No malicious shortcuts found.

      ***** [ Tasks ] *****

      No malicious tasks found.

      ***** [ Registry ] *****

      PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\ParetoLogic
      PUP.Optional.Legacy, [Key] - HKU\S-1-5-21-2795087808-4149754552-4267205273-1001\Software\ParetoLogic
      PUP.Optional.Legacy, [Key] - HKCU\Software\ParetoLogic


      ***** [ Firefox (and derivatives) ] *****

      No malicious Firefox entries.

      ***** [ Chromium (and derivatives) ] *****

      No malicious Chromium entries.

      *************************

      sigue en 2

    6. #6
      Usuario Avatar de Nori777
      Registrado
      nov 2008
      Ubicación
      Madrid
      Mensajes
      16

      re: Malwarebytes no inicia correctamente (error 0xc0000279) (Solucionado)

      2 parte.

      4.- Farbar

      4.1- First

      Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 20-08-2017
      Ran by Nori7 (administrator) on DESKTOP-LVB98V2 (21-08-2017 00:53:53)
      Running from C:\Users\Nori7\Desktop
      Loaded Profiles: Nori7 (Available Profiles: Nori7)
      Platform: Windows 10 Home Version 1703 (X64) Language: Español (España, internacional)
      Internet Explorer Version 11 (Default browser: FF)
      Boot Mode: Normal
      Tutorial for Farbar Recovery Scan Tool: ***********************************************************************************************************

      ==================== Processes (Whitelisted) =================

      (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

      (Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\120228.inf_amd64_c772f4f0caf23c5b\igfxCUIService.exe
      (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
      (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
      (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
      (Microsoft Corporation) C:\Windows\System32\wlanext.exe
      (AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
      (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
      (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
      () C:\Program Files (x86)\Realtek\REALTEK Bluetooth\BTDevMgr.exe
      (HP) C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
      (HP Inc.) C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe
      (HP Inc.) C:\Program Files\HP\HP Orbit Service\HPOrbitService.exe
      (AVAST Software s.r.o.) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
      (Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
      (HP Inc.) C:\Program Files\HPCommRecovery\HPCommRecovery.exe
      (HP Inc.) C:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartBridge.exe
      (HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
      (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
      (CyberLink) C:\Program Files\CyberLink\Shared files\RichVideo64.exe
      () C:\Program Files (x86)\Hardcopy\hcdll2_ex_Win32.exe
      () C:\Program Files (x86)\Hardcopy\hcdll2_ex_x64.exe
      (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
      (Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\120228.inf_amd64_c772f4f0caf23c5b\igfxEM.exe
      (Microsoft Corporation) C:\Windows\System32\smartscreen.exe
      (Realtek Semiconductor Corporation) C:\Program Files (x86)\Realtek\REALTEK Bluetooth\BTServer.exe
      (Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
      (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
      (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
      (HP Inc.) C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe
      (sw4you) C:\Program Files (x86)\Hardcopy\hardcopy.exe
      (Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
      (Microsoft Corporation) C:\Program Files\Microsoft Office\Office15\MSOSYNC.EXE
      (HP Inc.) C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe
      (Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.15063.410_none_9e914f9d2d85dacb\TiWorker.exe

      ==================== Registry (Whitelisted) ====================

      (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

      HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
      HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8843784 2016-08-15] (Realtek Semiconductor)
      HKLM\...\Run: [BtServer] => C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe [229592 2015-07-09] (Realtek Semiconductor Corporation)
      HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [303928 2017-07-14] (Apple Inc.)
      HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [213832 2017-08-18] (AVAST Software)
      HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe [705784 2016-06-20] (HP Inc.)
      HKLM-x32\...\Run: [DelaypluginInstall] => C:\ProgramData\Wondershare\Video Converter Ultimate\DelayPluginI.exe [1960336 2015-01-15] ()
      HKLM-x32\...\Run: [] => [X]
      HKLM-x32\...\Run: [StatusAlerts] => C:\Program Files (x86)\HP\StatusAlerts\bin\HPStatusAlerts.exe [330040 2014-02-12] (Hewlett-Packard Company)
      HKLM-x32\...\Run: [ProductUpdater] => C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe
      HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
      HKU\S-1-5-21-2795087808-4149754552-4267205273-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9832152 2017-08-03] (Piriform Ltd)
      HKU\S-1-5-21-2795087808-4149754552-4267205273-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\PhotoScreensaver.scr [570880 2017-07-11] (Microsoft Corporation)
      Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Hardcopy.LNK [2017-08-09]
      ShortcutTarget: Hardcopy.LNK -> C:\Program Files (x86)\Hardcopy\hardcopy.exe (sw4you)
      Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP JumpStart Launch.lnk [2017-02-04]
      ShortcutTarget: HP JumpStart Launch.lnk -> c:\Windows\Installer\{B90CB0DE-2E60-41C4-9857-466EB98192BF}\HPlogo_blue.ico ()

      ==================== Internet (Whitelisted) ====================

      (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

      Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
      Tcpip\Parameters: [DhcpNameServer] 80.58.61.250 80.58.61.254
      Tcpip\..\Interfaces\{0cdb8ace-1281-4c11-b24f-bbb4f2e562cb}: [DhcpNameServer] 80.58.61.250 80.58.61.254
      Tcpip\..\Interfaces\{c3696cce-af46-4e7f-8eb8-8d517134dba7}: [DhcpNameServer] 80.58.61.250 80.58.61.254

      Internet Explorer:
      ==================
      HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
      HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
      HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp17win10.msn.com/?pc=HCTE
      HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
      HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp17win10.msn.com/?pc=HCTE
      HKU\S-1-5-21-2795087808-4149754552-4267205273-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
      HKU\S-1-5-21-2795087808-4149754552-4267205273-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp17win10.msn.com/?pc=HCTE
      BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation)
      BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
      BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2016-08-05] (HP Inc.)
      BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation)
      BHO-x32: Wondershare Video Converter Ultimate 7.1.0 -> {451C804F-C205-4F03-B48E-537EC94937BF} -> C:\ProgramData\Wondershare\Video Converter Ultimate\WSBrowserAppMgr.dll [2015-01-15] (Wondershare)
      BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
      BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2016-08-05] (HP Inc.)
      Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2012-10-01] (Microsoft Corporation)
      Handler: WSWSVCUchrome - {1CA93FF0-A218-44F1 - No File

      FireFox:
      ========
      FF DefaultProfile: 0lnmcf3l.default
      FF ProfilePath: C:\Users\Nori7\AppData\Roaming\Mozilla\Firefox\Profiles\0lnmcf3l.default [2017-08-21]
      FF Homepage: Mozilla\Firefox\Profiles\0lnmcf3l.default -> hxxp://www.google.es
      FF Extension: (FindGoFind) - C:\Users\Nori7\AppData\Roaming\Mozilla\Firefox\Profiles\0lnmcf3l.default\Extensions\[email protected] [2017-08-16]
      FF Extension: (Avast SafePrice) - C:\Users\Nori7\AppData\Roaming\Mozilla\Firefox\Profiles\0lnmcf3l.default\Extensions\[email protected] [2017-08-18]
      FF Extension: (Avast Online Security) - C:\Users\Nori7\AppData\Roaming\Mozilla\Firefox\Profiles\0lnmcf3l.default\Extensions\[email protected] [2017-08-19]
      FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\ProgramData\Wondershare\Video Converter Ultimate\[email protected]
      FF Extension: (Wondershare Video Converter Ultimate) - C:\ProgramData\Wondershare\Video Converter Ultimate\[email protected] [2017-07-31] [not signed]
      FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
      FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=5.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2016-03-16] (Intel Corporation)
      FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2012-10-01] (Microsoft Corporation)
      FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
      FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-08-18] (Google Inc.)
      FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-08-18] (Google Inc.)
      FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
      FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2012-10-01] (Microsoft Corporation)
      FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\itms.js [2017-07-05]

      Chrome:
      =======
      CHR HomePage: Default -> hxxp://www.google.com
      CHR Profile: C:\Users\Nori7\AppData\Local\Google\Chrome\User Data\Default [2017-08-21]
      CHR Extension: (No Name) - C:\Users\Nori7\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-08-18]
      CHR Extension: (Docs) - C:\Users\Nori7\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-08-18]
      CHR Extension: (Google Drive) - C:\Users\Nori7\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-08-18]
      CHR Extension: (YouTube) - C:\Users\Nori7\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-08-18]
      CHR Extension: (Documentos de Google sin conexión) - C:\Users\Nori7\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-08-18]
      CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Nori7\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-18]
      CHR Extension: (Gmail) - C:\Users\Nori7\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-08-18]
      CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
      CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx

      ==================== Services (Whitelisted) ====================

      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

      R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2017-04-03] (Apple Inc.)
      R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7430992 2017-08-18] (AVAST Software s.r.o.)
      R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [263312 2017-08-18] (AVAST Software)
      R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [311592 2017-08-18] (AVAST Software)
      R2 BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [127192 2015-11-19] ()
      S3 cphs; C:\WINDOWS\System32\DriverStore\FileRepository\120228.inf_amd64_c772f4f0caf23c5b\IntelCpHeciSvc.exe [302552 2017-01-10] (Intel Corporation)
      S3 cplspcon; C:\WINDOWS\System32\DriverStore\FileRepository\120228.inf_amd64_c772f4f0caf23c5b\IntelCpHDCPSvc.exe [480216 2017-01-10] (Intel Corporation)
      S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-07-31] (Dropbox, Inc.)
      S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-07-31] (Dropbox, Inc.)
      R2 HP Comm Recover; C:\Program Files\HPCommRecovery\HPCommRecovery.exe [894976 2016-08-04] (HP Inc.) [File not signed]
      R2 HP LaserJet Service; C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [176128 2014-06-24] (HP) [File not signed]
      R2 HP Orbit Service; C:\Program Files\HP\HP Orbit Service\HPOrbitService.exe [3421616 2017-06-20] (HP Inc.)
      R2 HPJumpStartBridge; C:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartBridge.exe [471040 2017-05-23] (HP Inc.)
      S3 hpqcaslwmiex; C:\Program Files (x86)\HP\Shared\hpqwmiex.exe [1031704 2016-06-03] (HP)
      R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [321896 2017-07-06] (HP Inc.)
      R2 HPWMISVC; c:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe [631800 2016-06-20] (HP Inc.)
      R2 igfxCUIService2.0.0.0; C:\WINDOWS\System32\DriverStore\FileRepository\120228.inf_amd64_c772f4f0caf23c5b\igfxCUIService.exe [341976 2017-01-10] (Intel Corporation)
      S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [974632 2016-02-19] (Intel(R) Corporation)
      R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [209184 2016-03-16] (Intel Corporation)
      R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [614664 2016-03-23] (CyberLink)
      R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [314624 2016-08-15] (Realtek Semiconductor)
      S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation)
      S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-07-11] (Microsoft Corporation)

      ===================== Drivers (Whitelisted) ======================

      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

      R1 aswbidsdriver; C:\WINDOWS\system32\drivers\aswbidsdrivera.sys [320008 2017-08-18] (AVAST Software s.r.o.)
      R0 aswbidsh; C:\WINDOWS\system32\drivers\aswbidsha.sys [198976 2017-08-18] (AVAST Software s.r.o.)
      R0 aswblog; C:\WINDOWS\system32\drivers\aswbloga.sys [343288 2017-08-18] (AVAST Software s.r.o.)
      R0 aswbuniv; C:\WINDOWS\system32\drivers\aswbuniva.sys [57728 2017-08-18] (AVAST Software s.r.o.)
      S3 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [46984 2017-08-18] (AVAST Software)
      R1 aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [41800 2017-08-18] (AVAST Software)
      R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [146704 2017-08-18] (AVAST Software)
      R1 aswNetSec; C:\WINDOWS\system32\drivers\aswNetSec.sys [554528 2017-08-18] (AVAST Software)
      R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [110352 2017-08-18] (AVAST Software)
      R0 aswRvrt; C:\WINDOWS\system32\drivers\aswRvrt.sys [84392 2017-08-18] (AVAST Software)
      R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [1015880 2017-08-18] (AVAST Software)
      R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [585608 2017-08-18] (AVAST Software)
      R2 aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [198768 2017-08-18] (AVAST Software)
      R0 aswVmm; C:\WINDOWS\system32\drivers\aswVmm.sys [361336 2017-08-18] (AVAST Software)
      R3 igfx; C:\WINDOWS\System32\DriverStore\FileRepository\120228.inf_amd64_c772f4f0caf23c5b\igdkmd64.sys [11058136 2017-01-10] (Intel Corporation)
      R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [943112 2016-07-19] (Realtek )
      R3 RtkBtFilter; C:\WINDOWS\system32\DRIVERS\RtkBtfilter.sys [723920 2017-07-20] (Realtek Semiconductor Corporation)
      R3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [416472 2016-07-15] (Realsil Semiconductor Corporation)
      R3 RTWlanE; C:\WINDOWS\System32\drivers\rtwlane.sys [6804480 2017-05-03] (Realtek Semiconductor Corporation )
      S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
      U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] ()
      S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation)
      S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation)
      S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation)

      ==================== NetSvcs (Whitelisted) ===================

      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


      ==================== One Month Created files and folders ========

      (If an entry is included in the fixlist, the file/folder will be moved.)

      2017-08-21 00:53 - 2017-08-21 00:54 - 000017953 _____ C:\Users\Nori7\Desktop\FRST.txt
      2017-08-21 00:53 - 2017-08-21 00:53 - 000000000 ____D C:\ProgramData\SWCUTemp
      2017-08-21 00:53 - 2017-08-21 00:53 - 000000000 ____D C:\FRST
      2017-08-21 00:52 - 2017-08-21 00:52 - 002395648 _____ (Farbar) C:\Users\Nori7\Desktop\FRST64.exe
      2017-08-21 00:45 - 2017-08-21 00:45 - 000000000 ___HD C:\ProgramData\temp
      2017-08-21 00:40 - 2017-08-21 00:40 - 008185288 _____ (Malwarebytes) C:\Users\Nori7\Desktop\adwcleaner_7.0.1.0.exe
      2017-08-21 00:29 - 2017-08-21 00:38 - 000000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
      2017-08-21 00:29 - 2017-08-21 00:29 - 000192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
      2017-08-21 00:27 - 2017-08-21 00:38 - 000000000 ____D C:\Users\Nori7\Desktop\mbar
      2017-08-21 00:27 - 2017-08-21 00:27 - 000109272 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
      2017-08-20 23:12 - 2017-08-20 23:12 - 001792640 _____ (Bleeping Computer, LLC) C:\Users\Nori7\Downloads\iExplore.exe
      2017-08-20 23:11 - 2017-08-20 23:12 - 001792640 _____ (Bleeping Computer, LLC) C:\Users\Nori7\Downloads\rkill.exe
      2017-08-20 23:08 - 2017-08-21 00:52 - 000000000 ____D C:\Users\Nori7\Downloads\Infospyware
      2017-08-20 20:23 - 2017-08-20 20:23 - 000000000 ____D C:\Users\Nori7\Downloads\The Defenders - Temporada 1 [HDTV][Cap.101][Español Castellano]
      2017-08-20 20:19 - 2017-08-20 20:35 - 000000000 ____D C:\Users\Nori7\Downloads\Somewhere Between - Temporada 1 [HDTV 720p][Cap.105][V.O. Subt. Castellano]
      2017-08-20 20:19 - 2017-08-20 20:20 - 000000000 ____D C:\Users\Nori7\Downloads\The Defenders - Temporada 1 [HDTV][Cap.103_108][Español Castellano]
      2017-08-20 20:19 - 2017-08-20 20:19 - 000000000 ____D C:\Users\Nori7\Downloads\The Defenders - Temporada 1 [HDTV][Cap.102][Español Castellano]
      2017-08-20 20:19 - 2017-08-20 20:19 - 000000000 ____D C:\Users\Nori7\Downloads\Secrets And Lies (Secretos Y Mentiras) - Temporada 2 [HDTV][Cap.204_206][Español Castellano]
      2017-08-20 20:19 - 2017-08-20 20:19 - 000000000 ____D C:\Users\Nori7\Downloads\Riviera - Temporada 1 [HDTV][Cap.110][Español Castellano]
      2017-08-20 20:18 - 2017-08-20 20:18 - 000000000 ____D C:\Users\Nori7\AppData\LocalLow\uTorrent
      2017-08-20 14:51 - 2017-08-20 15:01 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
      2017-08-20 14:49 - 2017-08-20 14:49 - 000000000 ____D C:\WINDOWS\pss
      2017-08-20 12:10 - 2017-08-20 12:10 - 000011122 _____ C:\Users\Nori7\Downloads\97724_the-defenders-temporada-1-hdtv-cap-101-espaa-a-ol-castellano(1).torrent
      2017-08-20 12:09 - 2017-08-20 12:09 - 000015133 _____ C:\Users\Nori7\Downloads\97750_secrets-and-lies-secretos-y-mentiras-temporada-2-hdtv-cap-204-206-espaa-a-ol-castellano.torrent
      2017-08-20 12:07 - 2017-08-20 12:07 - 000016631 _____ C:\Users\Nori7\Downloads\1503203312_somewhere-between---temporada-1--hdtv-720p-ac3-51.torrent
      2017-08-20 11:35 - 2017-08-20 11:35 - 000000209 _____ C:\Users\Nori7\Desktop\Foro de InfoSpyware, Virus, Malwares.URL
      2017-08-20 00:43 - 2017-08-20 00:43 - 000080352 _____ C:\Users\Nori7\Documents\cc_20170820_004339.reg
      2017-08-20 00:40 - 2017-08-20 00:41 - 000000870 _____ C:\Users\Public\Desktop\CCleaner.lnk
      2017-08-20 00:40 - 2017-08-20 00:40 - 000002870 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
      2017-08-20 00:40 - 2017-08-20 00:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
      2017-08-20 00:40 - 2017-08-20 00:40 - 000000000 ____D C:\Program Files\CCleaner
      2017-08-19 20:53 - 2017-08-19 20:54 - 000477000 _____ C:\WINDOWS\system32\FNTCACHE.DAT
      2017-08-19 20:48 - 2017-08-21 00:44 - 000000000 ____D C:\AdwCleaner
      2017-08-19 20:48 - 2017-08-19 20:48 - 000001095 _____ C:\Users\Public\Desktop\FileASSASSIN.lnk
      2017-08-19 20:48 - 2017-08-19 20:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileASSASSIN
      2017-08-19 20:48 - 2017-08-19 20:48 - 000000000 ____D C:\Program Files (x86)\FileASSASSIN
      2017-08-19 18:03 - 2017-08-19 18:03 - 000000000 ____D C:\Users\Nori7\AppData\Local\ESET
      2017-08-19 14:52 - 2017-08-19 14:53 - 000011122 _____ C:\Users\Nori7\Downloads\97724_the-defenders-temporada-1-hdtv-cap-101-espaa-a-ol-castellano.torrent
      2017-08-19 14:52 - 2017-08-19 14:52 - 000020743 _____ C:\Users\Nori7\Downloads\97725_the-defenders-temporada-1-hdtv-cap-102-espaa-a-ol-castellano.torrent
      2017-08-19 14:52 - 2017-08-19 14:52 - 000016429 _____ C:\Users\Nori7\Downloads\97726_the-defenders-temporada-1-hdtv-cap-103-108-espaa-a-ol-castellano.torrent
      2017-08-19 14:49 - 2017-08-19 14:49 - 000010892 _____ C:\Users\Nori7\Downloads\97732_riviera-temporada-1-hdtv-cap-110-espaa-a-ol-castellano.torrent
      2017-08-18 14:53 - 2017-08-18 15:12 - 000004030 _____ C:\WINDOWS\System32\Tasks\SafeZone scheduled Autoupdate 1503060816
      2017-08-18 14:53 - 2017-08-18 15:12 - 000001095 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk
      2017-08-18 14:53 - 2017-08-18 14:53 - 000001095 _____ C:\Users\Public\Desktop\Avast SafeZone Browser.lnk
      2017-08-18 14:52 - 2017-08-18 14:51 - 000041800 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
      2017-08-18 14:51 - 2017-08-18 14:43 - 000400464 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
      2017-08-18 14:46 - 2017-08-18 14:52 - 000001986 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Premier.lnk
      2017-08-18 14:46 - 2017-08-18 14:52 - 000001974 _____ C:\Users\Public\Desktop\Avast Premier.lnk
      2017-08-18 14:46 - 2017-08-18 14:46 - 000061304 _____ () C:\WINDOWS\system32\Drivers\lpsport.sys.150306040301502.150306072775002
      2017-08-18 14:45 - 2017-08-18 14:45 - 000000000 ____D C:\Users\Nori7\AppData\Roaming\AVAST Software
      2017-08-18 14:44 - 2017-08-18 14:52 - 001015880 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsnx.sys
      2017-08-18 14:44 - 2017-08-18 14:52 - 000146704 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswmonflt.sys
      2017-08-18 14:44 - 2017-08-18 14:52 - 000146696 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswmonflt.sys.150306072946807
      2017-08-18 14:44 - 2017-08-18 14:52 - 000061304 _____ () C:\WINDOWS\system32\Drivers\lpsport.sys
      2017-08-18 14:44 - 2017-08-18 14:52 - 000003994 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
      2017-08-18 14:44 - 2017-08-18 14:51 - 001015848 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsnx.sys.150306072946807
      2017-08-18 14:44 - 2017-08-18 14:51 - 000146664 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswmonflt.sys.150306072793703
      2017-08-18 14:44 - 2017-08-18 14:49 - 000003618 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
      2017-08-18 14:44 - 2017-08-18 14:49 - 000003494 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
      2017-08-18 14:44 - 2017-08-18 14:45 - 000000000 ____D C:\Users\Nori7\AppData\Local\Google
      2017-08-18 14:44 - 2017-08-18 14:44 - 000002313 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
      2017-08-18 14:44 - 2017-08-18 14:44 - 000002301 _____ C:\Users\Public\Desktop\Google Chrome.lnk
      2017-08-18 14:44 - 2017-08-18 14:44 - 000000000 ____D C:\Program Files (x86)\Google
      2017-08-18 14:44 - 2017-08-18 14:43 - 000585608 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
      2017-08-18 14:44 - 2017-08-18 14:43 - 000554528 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetSec.sys
      2017-08-18 14:44 - 2017-08-18 14:43 - 000361336 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
      2017-08-18 14:44 - 2017-08-18 14:43 - 000343288 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbloga.sys
      2017-08-18 14:44 - 2017-08-18 14:43 - 000320008 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbidsdrivera.sys
      2017-08-18 14:44 - 2017-08-18 14:43 - 000198976 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbidsha.sys
      2017-08-18 14:44 - 2017-08-18 14:43 - 000198768 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
      2017-08-18 14:44 - 2017-08-18 14:43 - 000110352 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
      2017-08-18 14:44 - 2017-08-18 14:43 - 000084392 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
      2017-08-18 14:44 - 2017-08-18 14:43 - 000057728 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbuniva.sys
      2017-08-18 14:44 - 2017-08-18 14:43 - 000046984 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
      2017-08-18 14:43 - 2017-08-18 14:51 - 000000000 ____D C:\Program Files\AVAST Software
      2017-08-18 14:42 - 2017-08-18 20:02 - 000000000 ____D C:\ProgramData\AVAST Software
      2017-08-18 14:09 - 2017-08-18 14:09 - 000002964 _____ C:\WINDOWS\System32\Tasks\McAfee Cleanup
      2017-08-18 14:09 - 2017-08-18 14:09 - 000000778 _____ C:\WINDOWS\Tasks\McAfee Cleanup.job
      2017-08-18 14:06 - 2017-08-18 14:05 - 000544424 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
      2017-08-18 13:47 - 2017-08-18 13:47 - 000000000 ____D C:\Users\Nori7\Downloads\Shots Fired - Temporada 1 [HDTV][Cap.110][Español Castellano]
      2017-08-17 11:39 - 2017-08-17 11:55 - 000000000 ____D C:\Users\Nori7\Downloads\OK
      2017-08-11 00:47 - 2017-08-11 00:47 - 000001108 _____ C:\Users\Public\Desktop\Collage Maker 3.80.lnk
      2017-08-11 00:47 - 2017-08-11 00:47 - 000000000 ____D C:\Users\Nori7\Documents\Collage Maker Projects
      2017-08-11 00:47 - 2017-08-11 00:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Collage Maker 3.80
      2017-08-11 00:47 - 2017-08-11 00:47 - 000000000 ____D C:\Program Files (x86)\Collage Maker 3.80
      2017-08-09 22:50 - 2017-08-09 22:50 - 000000000 ____D C:\Users\Public\ABBYY
      2017-08-09 22:50 - 2017-08-09 22:50 - 000000000 ____D C:\Users\Nori7\AppData\Roaming\ABBYY
      2017-08-09 22:50 - 2017-08-09 22:50 - 000000000 ____D C:\Users\Nori7\AppData\Local\ABBYY
      2017-08-09 22:50 - 2017-08-09 22:50 - 000000000 ____D C:\ProgramData\ABBYY
      2017-08-09 22:49 - 2017-08-09 22:49 - 000164526 _____ C:\Users\Nori7\Documents\Scan.pdf
      2017-08-09 19:35 - 2017-08-09 19:35 - 000001489 _____ C:\Users\Nori7\Desktop\HP Send Fax.lnk
      2017-08-09 19:32 - 2017-08-09 19:32 - 000001289 _____ C:\Users\Public\Desktop\HP LJ M127128 Scan.lnk
      2017-08-09 19:32 - 2017-08-09 19:32 - 000000000 ____D C:\Users\Public\Desktop\HP
      2017-08-09 19:32 - 2017-08-09 19:32 - 000000000 ____D C:\Users\Nori7\Desktop\HP LaserJet Pro MFP M127-M128
      2017-08-09 18:34 - 2017-08-09 18:34 - 000001474 _____ C:\Users\Nori7\Desktop\hardcopy.lnk
      2017-08-09 18:32 - 2017-08-09 18:32 - 000003238 _____ C:\WINDOWS\System32\Tasks\hcdll2_ex_Win32
      2017-08-09 18:32 - 2017-08-09 18:32 - 000003230 _____ C:\WINDOWS\System32\Tasks\hcdll2_ex_x64
      2017-08-09 18:32 - 2017-08-09 18:32 - 000000000 ____D C:\Program Files (x86)\Hardcopy
      2017-08-09 18:30 - 2016-01-28 07:19 - 001720088 _____ (sw4you - Freeware für Windows 98, 2000, 2003, XP und Windows Vista (32 + 64 Bit). Siegfried Weckmann) C:\WINDOWS\SwSetupu.exe
      2017-08-09 00:24 - 2017-08-09 18:35 - 000000134 _____ C:\Users\Nori7\Desktop\Series DivxTotaL.URL
      2017-08-08 23:23 - 2017-08-01 04:39 - 008319392 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
      2017-08-08 23:23 - 2017-08-01 04:38 - 000406544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
      2017-08-08 23:23 - 2017-08-01 04:38 - 000382368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
      2017-08-08 23:23 - 2017-08-01 04:36 - 002165752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
      2017-08-08 23:23 - 2017-08-01 04:36 - 000750496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
      2017-08-08 23:23 - 2017-08-01 04:36 - 000119712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys
      2017-08-08 23:23 - 2017-08-01 04:35 - 000280472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
      2017-08-08 23:23 - 2017-08-01 04:35 - 000133904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe
      2017-08-08 23:23 - 2017-08-01 04:34 - 000610584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
      2017-08-08 23:23 - 2017-08-01 04:34 - 000359552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
      2017-08-08 23:23 - 2017-08-01 04:34 - 000349600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
      2017-08-08 23:23 - 2017-08-01 04:34 - 000168864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
      2017-08-08 23:23 - 2017-08-01 04:32 - 000820128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
      2017-08-08 23:23 - 2017-08-01 04:31 - 000176024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\basecsp.dll
      2017-08-08 23:23 - 2017-08-01 04:20 - 002956288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
      2017-08-08 23:23 - 2017-08-01 04:20 - 000404480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
      2017-08-08 23:23 - 2017-08-01 04:20 - 000154624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE
      2017-08-08 23:23 - 2017-08-01 04:18 - 013841408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
      2017-08-08 23:23 - 2017-08-01 04:18 - 002199552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
      2017-08-08 23:23 - 2017-08-01 04:17 - 000034816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tokenbinding.dll
      2017-08-08 23:23 - 2017-08-01 04:16 - 000080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
      2017-08-08 23:23 - 2017-08-01 04:14 - 000035840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sscore.dll
      2017-08-08 23:23 - 2017-08-01 04:13 - 020504064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
      2017-08-08 23:23 - 2017-08-01 04:13 - 000364032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
      2017-08-08 23:23 - 2017-08-01 04:13 - 000127488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdeploy.dll
      2017-08-08 23:23 - 2017-08-01 04:12 - 019336192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
      2017-08-08 23:23 - 2017-08-01 04:12 - 000229888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scksp.dll
      2017-08-08 23:23 - 2017-08-01 04:10 - 000358400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
      2017-08-08 23:23 - 2017-08-01 04:09 - 000394240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
      2017-08-08 23:23 - 2017-08-01 04:08 - 000267264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptprov.dll
      2017-08-08 23:23 - 2017-08-01 04:07 - 011870208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
      2017-08-08 23:23 - 2017-08-01 04:07 - 005961728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
      2017-08-08 23:23 - 2017-08-01 04:07 - 002671616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
      2017-08-08 23:23 - 2017-08-01 04:06 - 000798208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
      2017-08-08 23:23 - 2017-08-01 04:04 - 006269440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
      2017-08-08 23:23 - 2017-08-01 04:04 - 003656192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
      2017-08-08 23:23 - 2017-08-01 04:03 - 001627136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
      2017-08-08 23:23 - 2017-08-01 03:57 - 023677952 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
      2017-08-08 23:23 - 2017-08-01 03:41 - 000110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
      2017-08-08 23:23 - 2017-08-01 03:36 - 023681536 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
      2017-08-08 23:23 - 2017-08-01 03:35 - 000692736 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
      2017-08-08 23:23 - 2017-08-01 03:34 - 000805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
      2017-08-08 23:23 - 2017-08-01 03:31 - 012786176 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
      2017-08-08 23:23 - 2017-08-01 03:30 - 008209920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
      2017-08-08 23:23 - 2017-08-01 03:30 - 003377664 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
      2017-08-08 23:23 - 2017-08-01 03:28 - 004730368 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
      2017-08-08 23:23 - 2017-08-01 03:28 - 002516480 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
      2017-08-08 23:23 - 2017-08-01 00:45 - 001311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
      2017-08-08 23:23 - 2017-08-01 00:45 - 000866816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswdat10.dll
      2017-08-08 23:23 - 2017-08-01 00:45 - 000641536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswstr10.dll
      2017-08-08 23:23 - 2017-08-01 00:45 - 000616448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrepl40.dll
      2017-08-08 23:23 - 2017-08-01 00:45 - 000518144 _____ C:\WINDOWS\SysWOW64\msjetoledb40.dll
      2017-08-08 23:23 - 2017-08-01 00:45 - 000475648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxbde40.dll
      2017-08-08 23:23 - 2017-08-01 00:45 - 000375808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspbde40.dll
      2017-08-08 23:23 - 2017-08-01 00:45 - 000343552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
      2017-08-08 23:23 - 2017-08-01 00:45 - 000339968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
      2017-08-08 23:23 - 2017-08-01 00:45 - 000310272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd2x40.dll
      2017-08-08 23:23 - 2017-08-01 00:45 - 000290816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjtes40.dll
      2017-08-08 23:23 - 2017-08-01 00:45 - 000272896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstext40.dll
      2017-08-08 23:23 - 2017-08-01 00:45 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msltus40.dll
      2017-08-08 23:23 - 2017-08-01 00:45 - 000144896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjint40.dll
      2017-08-08 23:23 - 2017-08-01 00:45 - 000083968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjter40.dll
      2017-08-08 23:23 - 2017-07-28 07:25 - 002399728 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
      2017-08-08 23:23 - 2017-07-28 07:24 - 002327456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
      2017-08-08 23:23 - 2017-07-28 07:23 - 002969888 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll
      2017-08-08 23:23 - 2017-07-28 07:23 - 000723360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys
      2017-08-08 23:23 - 2017-07-28 07:20 - 000279968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
      2017-08-08 23:23 - 2017-07-28 07:16 - 007326128 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
      2017-08-08 23:23 - 2017-07-28 07:15 - 000554400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
      2017-08-08 23:23 - 2017-07-28 07:13 - 006557520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
      2017-08-08 23:23 - 2017-07-28 07:13 - 002604248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
      2017-08-08 23:23 - 2017-07-28 07:12 - 001325968 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
      2017-08-08 23:23 - 2017-07-28 07:10 - 002679200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
      2017-08-08 23:23 - 2017-07-28 07:09 - 000529992 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
      2017-08-08 23:23 - 2017-07-28 07:09 - 000387928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
      2017-08-08 23:23 - 2017-07-28 07:07 - 000805816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
      2017-08-08 23:23 - 2017-07-28 06:48 - 001839872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
      2017-08-08 23:23 - 2017-07-28 06:48 - 000096648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmcmnutils.dll
      2017-08-08 23:23 - 2017-07-28 06:47 - 002259768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreUIComponents.dll
      2017-08-08 23:23 - 2017-07-28 06:40 - 005820984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
      2017-08-08 23:23 - 2017-07-28 06:40 - 000551200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
      2017-08-08 23:23 - 2017-07-28 06:38 - 004213656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
      2017-08-08 23:23 - 2017-07-28 06:37 - 000519680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
      2017-08-08 23:23 - 2017-07-28 06:36 - 020373408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
      2017-08-08 23:23 - 2017-07-28 06:36 - 006761568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
      2017-08-08 23:23 - 2017-07-28 06:36 - 005808640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
      2017-08-08 23:23 - 2017-07-28 06:36 - 002424024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
      2017-08-08 23:23 - 2017-07-28 06:36 - 001195760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
      2017-08-08 23:23 - 2017-07-28 06:36 - 000866808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DolbyDecMFT.dll
      2017-08-08 23:23 - 2017-07-28 06:36 - 000864248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
      2017-08-08 23:23 - 2017-07-28 06:36 - 000173104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsensorgroup.dll
      2017-08-08 23:23 - 2017-07-28 06:36 - 000090464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msacm32.dll
      2017-08-08 23:23 - 2017-07-28 06:35 - 000988168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
      2017-08-08 23:23 - 2017-07-28 06:35 - 000277432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shlwapi.dll
      2017-08-08 23:23 - 2017-07-28 06:33 - 000967584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
      2017-08-08 23:23 - 2017-07-28 06:33 - 000583160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
      2017-08-08 23:23 - 2017-07-28 06:33 - 000414296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
      2017-08-08 23:23 - 2017-07-28 06:27 - 000051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmUcsi.sys
      2017-08-08 23:23 - 2017-07-28 06:26 - 000094720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
      2017-08-08 23:23 - 2017-07-28 06:26 - 000044032 _____ (Microsoft Corporation) C:\WINDOWS\system32\cmintegrator.dll
      2017-08-08 23:23 - 2017-07-28 06:25 - 000115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bridge.sys
      2017-08-08 23:23 - 2017-07-28 06:24 - 000184832 _____ (Microsoft Corporation) C:\WINDOWS\system32\VCardParser.dll
      2017-08-08 23:23 - 2017-07-28 06:22 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
      2017-08-08 23:23 - 2017-07-28 06:21 - 008333312 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
      2017-08-08 23:23 - 2017-07-28 06:21 - 000165888 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
      2017-08-08 23:23 - 2017-07-28 06:21 - 000029184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cmintegrator.dll
      2017-08-08 23:23 - 2017-07-28 06:20 - 000079872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
      2017-08-08 23:23 - 2017-07-28 06:20 - 000018432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IpNatHlpClient.dll
      2017-08-08 23:23 - 2017-07-28 06:19 - 000942592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll
      2017-08-08 23:23 - 2017-07-28 06:19 - 000847360 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
      2017-08-08 23:23 - 2017-07-28 06:19 - 000417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
      2017-08-08 23:23 - 2017-07-28 06:19 - 000412160 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
      2017-08-08 23:23 - 2017-07-28 06:19 - 000370688 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastlsext.dll
      2017-08-08 23:23 - 2017-07-28 06:19 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VCardParser.dll
      2017-08-08 23:23 - 2017-07-28 06:19 - 000117760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryUpgrade.dll
      2017-08-08 23:23 - 2017-07-28 06:18 - 000586240 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
      2017-08-08 23:23 - 2017-07-28 06:18 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BluetoothApis.dll
      2017-08-08 23:23 - 2017-07-28 06:17 - 006728192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
      2017-08-08 23:23 - 2017-07-28 06:16 - 001291776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
      2017-08-08 23:23 - 2017-07-28 06:16 - 000470016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCoreProvisioning.dll
      2017-08-08 23:23 - 2017-07-28 06:16 - 000383488 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
      2017-08-08 23:23 - 2017-07-28 06:16 - 000135680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qasf.dll
      2017-08-08 23:23 - 2017-07-28 06:15 - 005721600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
      2017-08-08 23:23 - 2017-07-28 06:15 - 000586752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
      2017-08-08 23:23 - 2017-07-28 06:14 - 004396032 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
      2017-08-08 23:23 - 2017-07-28 06:14 - 000368128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
      2017-08-08 23:23 - 2017-07-28 06:14 - 000357888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
      2017-08-08 23:23 - 2017-07-28 06:14 - 000331264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastlsext.dll
      2017-08-08 23:23 - 2017-07-28 06:13 - 004535296 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
      2017-08-08 23:23 - 2017-07-28 06:13 - 000932352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GamePanel.exe
      2017-08-08 23:23 - 2017-07-28 06:13 - 000665600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
      2017-08-08 23:23 - 2017-07-28 06:13 - 000636416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
      2017-08-08 23:23 - 2017-07-28 06:12 - 005557760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
      2017-08-08 23:23 - 2017-07-28 06:12 - 002939392 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
      2017-08-08 23:23 - 2017-07-28 06:12 - 000952832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
      2017-08-08 23:23 - 2017-07-28 06:12 - 000587776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PCPKsp.dll
      2017-08-08 23:23 - 2017-07-28 06:12 - 000446464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
      2017-08-08 23:23 - 2017-07-28 06:12 - 000337920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
      2017-08-08 23:23 - 2017-07-28 06:11 - 003667456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
      2017-08-08 23:23 - 2017-07-28 06:11 - 001248768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
      2017-08-08 23:23 - 2017-07-28 06:10 - 001019904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
      2017-08-08 23:23 - 2017-07-28 06:10 - 000787456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
      2017-08-08 23:23 - 2017-07-28 06:10 - 000564224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shsvcs.dll
      2017-08-08 23:23 - 2017-07-28 06:09 - 005225984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
      2017-08-08 23:23 - 2017-07-28 06:08 - 004559360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
      2017-08-08 23:23 - 2017-07-28 06:08 - 004417024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
      2017-08-08 23:23 - 2017-07-28 06:08 - 004056064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
      2017-08-08 23:23 - 2017-07-28 06:08 - 000760832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
      2017-08-08 23:23 - 2017-07-28 06:08 - 000097792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthhfenum.sys
      2017-08-08 23:23 - 2017-07-28 06:07 - 002211840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
      2017-08-08 23:23 - 2017-07-28 06:05 - 001536512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
      2017-08-08 23:23 - 2017-07-28 06:05 - 000892928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autochk.exe
      2017-08-08 23:23 - 2017-07-28 06:05 - 000538112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\untfs.dll
      2017-08-08 23:23 - 2017-07-28 06:02 - 000877056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autoconv.exe
      2017-08-08 23:23 - 2017-07-28 06:02 - 000853504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autofmt.exe
      2017-08-08 23:23 - 2017-07-28 06:02 - 000077312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spbcd.dll
      2017-08-08 23:22 - 2017-08-01 04:33 - 000473240 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
      2017-08-08 23:22 - 2017-08-01 04:32 - 002444704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
      2017-08-08 23:22 - 2017-08-01 04:32 - 000712600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
      2017-08-08 23:22 - 2017-08-01 04:31 - 005477088 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
      2017-08-08 23:22 - 2017-08-01 04:31 - 002645680 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
      2017-08-08 23:22 - 2017-08-01 04:31 - 000212384 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
      2017-08-08 23:22 - 2017-08-01 04:30 - 000723680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
      2017-08-08 23:22 - 2017-08-01 04:30 - 000411040 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
      2017-08-08 23:22 - 2017-08-01 04:30 - 000410160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
      2017-08-08 23:22 - 2017-08-01 04:30 - 000315288 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
      2017-08-08 23:22 - 2017-08-01 04:30 - 000182688 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
      2017-08-08 23:22 - 2017-08-01 04:30 - 000143736 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
      2017-08-08 23:22 - 2017-08-01 04:30 - 000082336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbkmcl.sys
      2017-08-08 23:22 - 2017-08-01 04:26 - 000204192 _____ (Microsoft Corporation) C:\WINDOWS\system32\basecsp.dll
      2017-08-08 23:22 - 2017-08-01 03:45 - 003670016 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
      2017-08-08 23:22 - 2017-08-01 03:45 - 001275392 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
      2017-08-08 23:22 - 2017-08-01 03:45 - 000462848 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
      2017-08-08 23:22 - 2017-08-01 03:45 - 000092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
      2017-08-08 23:22 - 2017-08-01 03:44 - 000184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
      2017-08-08 23:22 - 2017-08-01 03:44 - 000083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbkmclr.sys
      2017-08-08 23:22 - 2017-08-01 03:44 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe
      2017-08-08 23:22 - 2017-08-01 03:42 - 002199552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
      2017-08-08 23:22 - 2017-08-01 03:41 - 000180736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rfcomm.sys
      2017-08-08 23:22 - 2017-08-01 03:41 - 000130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanagerprecheck.dll
      2017-08-08 23:22 - 2017-08-01 03:41 - 000042496 _____ (Microsoft Corporation) C:\WINDOWS\system32\tokenbinding.dll
      2017-08-08 23:22 - 2017-08-01 03:40 - 017366528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
      2017-08-08 23:22 - 2017-08-01 03:40 - 000290816 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenterprisediagnostics.dll
      2017-08-08 23:22 - 2017-08-01 03:39 - 000046592 _____ (Microsoft Corporation) C:\WINDOWS\system32\sscore.dll
      2017-08-08 23:22 - 2017-08-01 03:38 - 000153088 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdeploy.dll

      sigue en 3

    7. #7
      Usuario Avatar de Nori777
      Registrado
      nov 2008
      Ubicación
      Madrid
      Mensajes
      16

      re: Malwarebytes no inicia correctamente (error 0xc0000279) (Solucionado)

      2 parte.

      4.- Farbar

      4.1- First

      Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 20-08-2017
      Ran by Nori7 (administrator) on DESKTOP-LVB98V2 (21-08-2017 00:53:53)
      Running from C:\Users\Nori7\Desktop
      Loaded Profiles: Nori7 (Available Profiles: Nori7)
      Platform: Windows 10 Home Version 1703 (X64) Language: Español (España, internacional)
      Internet Explorer Version 11 (Default browser: FF)
      Boot Mode: Normal
      Tutorial for Farbar Recovery Scan Tool: ***********************************************************************************************************

      ==================== Processes (Whitelisted) =================

      (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

      (Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\120228.inf_amd64_c772f4f0caf23c5b\igfxCUIService.exe
      (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
      (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
      (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
      (Microsoft Corporation) C:\Windows\System32\wlanext.exe
      (AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
      (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
      (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
      () C:\Program Files (x86)\Realtek\REALTEK Bluetooth\BTDevMgr.exe
      (HP) C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
      (HP Inc.) C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe
      (HP Inc.) C:\Program Files\HP\HP Orbit Service\HPOrbitService.exe
      (AVAST Software s.r.o.) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
      (Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
      (HP Inc.) C:\Program Files\HPCommRecovery\HPCommRecovery.exe
      (HP Inc.) C:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartBridge.exe
      (HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
      (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
      (CyberLink) C:\Program Files\CyberLink\Shared files\RichVideo64.exe
      () C:\Program Files (x86)\Hardcopy\hcdll2_ex_Win32.exe
      () C:\Program Files (x86)\Hardcopy\hcdll2_ex_x64.exe
      (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
      (Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\120228.inf_amd64_c772f4f0caf23c5b\igfxEM.exe
      (Microsoft Corporation) C:\Windows\System32\smartscreen.exe
      (Realtek Semiconductor Corporation) C:\Program Files (x86)\Realtek\REALTEK Bluetooth\BTServer.exe
      (Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
      (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
      (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
      (HP Inc.) C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe
      (sw4you) C:\Program Files (x86)\Hardcopy\hardcopy.exe
      (Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
      (Microsoft Corporation) C:\Program Files\Microsoft Office\Office15\MSOSYNC.EXE
      (HP Inc.) C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe
      (Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.15063.410_none_9e914f9d2d85dacb\TiWorker.exe

      ==================== Registry (Whitelisted) ====================

      (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

      HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
      HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8843784 2016-08-15] (Realtek Semiconductor)
      HKLM\...\Run: [BtServer] => C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe [229592 2015-07-09] (Realtek Semiconductor Corporation)
      HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [303928 2017-07-14] (Apple Inc.)
      HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [213832 2017-08-18] (AVAST Software)
      HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe [705784 2016-06-20] (HP Inc.)
      HKLM-x32\...\Run: [DelaypluginInstall] => C:\ProgramData\Wondershare\Video Converter Ultimate\DelayPluginI.exe [1960336 2015-01-15] ()
      HKLM-x32\...\Run: [] => [X]
      HKLM-x32\...\Run: [StatusAlerts] => C:\Program Files (x86)\HP\StatusAlerts\bin\HPStatusAlerts.exe [330040 2014-02-12] (Hewlett-Packard Company)
      HKLM-x32\...\Run: [ProductUpdater] => C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe
      HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
      HKU\S-1-5-21-2795087808-4149754552-4267205273-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9832152 2017-08-03] (Piriform Ltd)
      HKU\S-1-5-21-2795087808-4149754552-4267205273-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\PhotoScreensaver.scr [570880 2017-07-11] (Microsoft Corporation)
      Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Hardcopy.LNK [2017-08-09]
      ShortcutTarget: Hardcopy.LNK -> C:\Program Files (x86)\Hardcopy\hardcopy.exe (sw4you)
      Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP JumpStart Launch.lnk [2017-02-04]
      ShortcutTarget: HP JumpStart Launch.lnk -> c:\Windows\Installer\{B90CB0DE-2E60-41C4-9857-466EB98192BF}\HPlogo_blue.ico ()

      ==================== Internet (Whitelisted) ====================

      (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

      Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
      Tcpip\Parameters: [DhcpNameServer] 80.58.61.250 80.58.61.254
      Tcpip\..\Interfaces\{0cdb8ace-1281-4c11-b24f-bbb4f2e562cb}: [DhcpNameServer] 80.58.61.250 80.58.61.254
      Tcpip\..\Interfaces\{c3696cce-af46-4e7f-8eb8-8d517134dba7}: [DhcpNameServer] 80.58.61.250 80.58.61.254

      Internet Explorer:
      ==================
      HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
      HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
      HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp17win10.msn.com/?pc=HCTE
      HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
      HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp17win10.msn.com/?pc=HCTE
      HKU\S-1-5-21-2795087808-4149754552-4267205273-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
      HKU\S-1-5-21-2795087808-4149754552-4267205273-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp17win10.msn.com/?pc=HCTE
      BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation)
      BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
      BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2016-08-05] (HP Inc.)
      BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation)
      BHO-x32: Wondershare Video Converter Ultimate 7.1.0 -> {451C804F-C205-4F03-B48E-537EC94937BF} -> C:\ProgramData\Wondershare\Video Converter Ultimate\WSBrowserAppMgr.dll [2015-01-15] (Wondershare)
      BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
      BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2016-08-05] (HP Inc.)
      Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2012-10-01] (Microsoft Corporation)
      Handler: WSWSVCUchrome - {1CA93FF0-A218-44F1 - No File

      FireFox:
      ========
      FF DefaultProfile: 0lnmcf3l.default
      FF ProfilePath: C:\Users\Nori7\AppData\Roaming\Mozilla\Firefox\Profiles\0lnmcf3l.default [2017-08-21]
      FF Homepage: Mozilla\Firefox\Profiles\0lnmcf3l.default -> hxxp://www.google.es
      FF Extension: (FindGoFind) - C:\Users\Nori7\AppData\Roaming\Mozilla\Firefox\Profiles\0lnmcf3l.default\Extensions\[email protected] [2017-08-16]
      FF Extension: (Avast SafePrice) - C:\Users\Nori7\AppData\Roaming\Mozilla\Firefox\Profiles\0lnmcf3l.default\Extensions\[email protected] [2017-08-18]
      FF Extension: (Avast Online Security) - C:\Users\Nori7\AppData\Roaming\Mozilla\Firefox\Profiles\0lnmcf3l.default\Extensions\[email protected] [2017-08-19]
      FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\ProgramData\Wondershare\Video Converter Ultimate\[email protected]
      FF Extension: (Wondershare Video Converter Ultimate) - C:\ProgramData\Wondershare\Video Converter Ultimate\[email protected] [2017-07-31] [not signed]
      FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
      FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=5.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2016-03-16] (Intel Corporation)
      FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2012-10-01] (Microsoft Corporation)
      FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
      FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-08-18] (Google Inc.)
      FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-08-18] (Google Inc.)
      FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
      FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2012-10-01] (Microsoft Corporation)
      FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\itms.js [2017-07-05]

      Chrome:
      =======
      CHR HomePage: Default -> hxxp://www.google.com
      CHR Profile: C:\Users\Nori7\AppData\Local\Google\Chrome\User Data\Default [2017-08-21]
      CHR Extension: (No Name) - C:\Users\Nori7\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-08-18]
      CHR Extension: (Docs) - C:\Users\Nori7\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-08-18]
      CHR Extension: (Google Drive) - C:\Users\Nori7\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-08-18]
      CHR Extension: (YouTube) - C:\Users\Nori7\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-08-18]
      CHR Extension: (Documentos de Google sin conexión) - C:\Users\Nori7\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-08-18]
      CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Nori7\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-18]
      CHR Extension: (Gmail) - C:\Users\Nori7\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-08-18]
      CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
      CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx

      ==================== Services (Whitelisted) ====================

      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

      R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2017-04-03] (Apple Inc.)
      R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7430992 2017-08-18] (AVAST Software s.r.o.)
      R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [263312 2017-08-18] (AVAST Software)
      R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [311592 2017-08-18] (AVAST Software)
      R2 BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [127192 2015-11-19] ()
      S3 cphs; C:\WINDOWS\System32\DriverStore\FileRepository\120228.inf_amd64_c772f4f0caf23c5b\IntelCpHeciSvc.exe [302552 2017-01-10] (Intel Corporation)
      S3 cplspcon; C:\WINDOWS\System32\DriverStore\FileRepository\120228.inf_amd64_c772f4f0caf23c5b\IntelCpHDCPSvc.exe [480216 2017-01-10] (Intel Corporation)
      S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-07-31] (Dropbox, Inc.)
      S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-07-31] (Dropbox, Inc.)
      R2 HP Comm Recover; C:\Program Files\HPCommRecovery\HPCommRecovery.exe [894976 2016-08-04] (HP Inc.) [File not signed]
      R2 HP LaserJet Service; C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [176128 2014-06-24] (HP) [File not signed]
      R2 HP Orbit Service; C:\Program Files\HP\HP Orbit Service\HPOrbitService.exe [3421616 2017-06-20] (HP Inc.)
      R2 HPJumpStartBridge; C:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartBridge.exe [471040 2017-05-23] (HP Inc.)
      S3 hpqcaslwmiex; C:\Program Files (x86)\HP\Shared\hpqwmiex.exe [1031704 2016-06-03] (HP)
      R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [321896 2017-07-06] (HP Inc.)
      R2 HPWMISVC; c:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe [631800 2016-06-20] (HP Inc.)
      R2 igfxCUIService2.0.0.0; C:\WINDOWS\System32\DriverStore\FileRepository\120228.inf_amd64_c772f4f0caf23c5b\igfxCUIService.exe [341976 2017-01-10] (Intel Corporation)
      S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [974632 2016-02-19] (Intel(R) Corporation)
      R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [209184 2016-03-16] (Intel Corporation)
      R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [614664 2016-03-23] (CyberLink)
      R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [314624 2016-08-15] (Realtek Semiconductor)
      S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation)
      S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-07-11] (Microsoft Corporation)

      ===================== Drivers (Whitelisted) ======================

      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

      R1 aswbidsdriver; C:\WINDOWS\system32\drivers\aswbidsdrivera.sys [320008 2017-08-18] (AVAST Software s.r.o.)
      R0 aswbidsh; C:\WINDOWS\system32\drivers\aswbidsha.sys [198976 2017-08-18] (AVAST Software s.r.o.)
      R0 aswblog; C:\WINDOWS\system32\drivers\aswbloga.sys [343288 2017-08-18] (AVAST Software s.r.o.)
      R0 aswbuniv; C:\WINDOWS\system32\drivers\aswbuniva.sys [57728 2017-08-18] (AVAST Software s.r.o.)
      S3 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [46984 2017-08-18] (AVAST Software)
      R1 aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [41800 2017-08-18] (AVAST Software)
      R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [146704 2017-08-18] (AVAST Software)
      R1 aswNetSec; C:\WINDOWS\system32\drivers\aswNetSec.sys [554528 2017-08-18] (AVAST Software)
      R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [110352 2017-08-18] (AVAST Software)
      R0 aswRvrt; C:\WINDOWS\system32\drivers\aswRvrt.sys [84392 2017-08-18] (AVAST Software)
      R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [1015880 2017-08-18] (AVAST Software)
      R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [585608 2017-08-18] (AVAST Software)
      R2 aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [198768 2017-08-18] (AVAST Software)
      R0 aswVmm; C:\WINDOWS\system32\drivers\aswVmm.sys [361336 2017-08-18] (AVAST Software)
      R3 igfx; C:\WINDOWS\System32\DriverStore\FileRepository\120228.inf_amd64_c772f4f0caf23c5b\igdkmd64.sys [11058136 2017-01-10] (Intel Corporation)
      R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [943112 2016-07-19] (Realtek )
      R3 RtkBtFilter; C:\WINDOWS\system32\DRIVERS\RtkBtfilter.sys [723920 2017-07-20] (Realtek Semiconductor Corporation)
      R3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [416472 2016-07-15] (Realsil Semiconductor Corporation)
      R3 RTWlanE; C:\WINDOWS\System32\drivers\rtwlane.sys [6804480 2017-05-03] (Realtek Semiconductor Corporation )
      S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
      U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] ()
      S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation)
      S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation)
      S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation)

      ==================== NetSvcs (Whitelisted) ===================

      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


      ==================== One Month Created files and folders ========

      (If an entry is included in the fixlist, the file/folder will be moved.)

      2017-08-21 00:53 - 2017-08-21 00:54 - 000017953 _____ C:\Users\Nori7\Desktop\FRST.txt
      2017-08-21 00:53 - 2017-08-21 00:53 - 000000000 ____D C:\ProgramData\SWCUTemp
      2017-08-21 00:53 - 2017-08-21 00:53 - 000000000 ____D C:\FRST
      2017-08-21 00:52 - 2017-08-21 00:52 - 002395648 _____ (Farbar) C:\Users\Nori7\Desktop\FRST64.exe
      2017-08-21 00:45 - 2017-08-21 00:45 - 000000000 ___HD C:\ProgramData\temp
      2017-08-21 00:40 - 2017-08-21 00:40 - 008185288 _____ (Malwarebytes) C:\Users\Nori7\Desktop\adwcleaner_7.0.1.0.exe
      2017-08-21 00:29 - 2017-08-21 00:38 - 000000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
      2017-08-21 00:29 - 2017-08-21 00:29 - 000192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
      2017-08-21 00:27 - 2017-08-21 00:38 - 000000000 ____D C:\Users\Nori7\Desktop\mbar
      2017-08-21 00:27 - 2017-08-21 00:27 - 000109272 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
      2017-08-20 23:12 - 2017-08-20 23:12 - 001792640 _____ (Bleeping Computer, LLC) C:\Users\Nori7\Downloads\iExplore.exe
      2017-08-20 23:11 - 2017-08-20 23:12 - 001792640 _____ (Bleeping Computer, LLC) C:\Users\Nori7\Downloads\rkill.exe
      2017-08-20 23:08 - 2017-08-21 00:52 - 000000000 ____D C:\Users\Nori7\Downloads\Infospyware
      2017-08-20 20:23 - 2017-08-20 20:23 - 000000000 ____D C:\Users\Nori7\Downloads\The Defenders - Temporada 1 [HDTV][Cap.101][Español Castellano]
      2017-08-20 20:19 - 2017-08-20 20:35 - 000000000 ____D C:\Users\Nori7\Downloads\Somewhere Between - Temporada 1 [HDTV 720p][Cap.105][V.O. Subt. Castellano]
      2017-08-20 20:19 - 2017-08-20 20:20 - 000000000 ____D C:\Users\Nori7\Downloads\The Defenders - Temporada 1 [HDTV][Cap.103_108][Español Castellano]
      2017-08-20 20:19 - 2017-08-20 20:19 - 000000000 ____D C:\Users\Nori7\Downloads\The Defenders - Temporada 1 [HDTV][Cap.102][Español Castellano]
      2017-08-20 20:19 - 2017-08-20 20:19 - 000000000 ____D C:\Users\Nori7\Downloads\Secrets And Lies (Secretos Y Mentiras) - Temporada 2 [HDTV][Cap.204_206][Español Castellano]
      2017-08-20 20:19 - 2017-08-20 20:19 - 000000000 ____D C:\Users\Nori7\Downloads\Riviera - Temporada 1 [HDTV][Cap.110][Español Castellano]
      2017-08-20 20:18 - 2017-08-20 20:18 - 000000000 ____D C:\Users\Nori7\AppData\LocalLow\uTorrent
      2017-08-20 14:51 - 2017-08-20 15:01 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
      2017-08-20 14:49 - 2017-08-20 14:49 - 000000000 ____D C:\WINDOWS\pss
      2017-08-20 12:10 - 2017-08-20 12:10 - 000011122 _____ C:\Users\Nori7\Downloads\97724_the-defenders-temporada-1-hdtv-cap-101-espaa-a-ol-castellano(1).torrent
      2017-08-20 12:09 - 2017-08-20 12:09 - 000015133 _____ C:\Users\Nori7\Downloads\97750_secrets-and-lies-secretos-y-mentiras-temporada-2-hdtv-cap-204-206-espaa-a-ol-castellano.torrent
      2017-08-20 12:07 - 2017-08-20 12:07 - 000016631 _____ C:\Users\Nori7\Downloads\1503203312_somewhere-between---temporada-1--hdtv-720p-ac3-51.torrent
      2017-08-20 11:35 - 2017-08-20 11:35 - 000000209 _____ C:\Users\Nori7\Desktop\Foro de InfoSpyware, Virus, Malwares.URL
      2017-08-20 00:43 - 2017-08-20 00:43 - 000080352 _____ C:\Users\Nori7\Documents\cc_20170820_004339.reg
      2017-08-20 00:40 - 2017-08-20 00:41 - 000000870 _____ C:\Users\Public\Desktop\CCleaner.lnk
      2017-08-20 00:40 - 2017-08-20 00:40 - 000002870 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
      2017-08-20 00:40 - 2017-08-20 00:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
      2017-08-20 00:40 - 2017-08-20 00:40 - 000000000 ____D C:\Program Files\CCleaner
      2017-08-19 20:53 - 2017-08-19 20:54 - 000477000 _____ C:\WINDOWS\system32\FNTCACHE.DAT
      2017-08-19 20:48 - 2017-08-21 00:44 - 000000000 ____D C:\AdwCleaner
      2017-08-19 20:48 - 2017-08-19 20:48 - 000001095 _____ C:\Users\Public\Desktop\FileASSASSIN.lnk
      2017-08-19 20:48 - 2017-08-19 20:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileASSASSIN
      2017-08-19 20:48 - 2017-08-19 20:48 - 000000000 ____D C:\Program Files (x86)\FileASSASSIN
      2017-08-19 18:03 - 2017-08-19 18:03 - 000000000 ____D C:\Users\Nori7\AppData\Local\ESET
      2017-08-19 14:52 - 2017-08-19 14:53 - 000011122 _____ C:\Users\Nori7\Downloads\97724_the-defenders-temporada-1-hdtv-cap-101-espaa-a-ol-castellano.torrent
      2017-08-19 14:52 - 2017-08-19 14:52 - 000020743 _____ C:\Users\Nori7\Downloads\97725_the-defenders-temporada-1-hdtv-cap-102-espaa-a-ol-castellano.torrent
      2017-08-19 14:52 - 2017-08-19 14:52 - 000016429 _____ C:\Users\Nori7\Downloads\97726_the-defenders-temporada-1-hdtv-cap-103-108-espaa-a-ol-castellano.torrent
      2017-08-19 14:49 - 2017-08-19 14:49 - 000010892 _____ C:\Users\Nori7\Downloads\97732_riviera-temporada-1-hdtv-cap-110-espaa-a-ol-castellano.torrent
      2017-08-18 14:53 - 2017-08-18 15:12 - 000004030 _____ C:\WINDOWS\System32\Tasks\SafeZone scheduled Autoupdate 1503060816
      2017-08-18 14:53 - 2017-08-18 15:12 - 000001095 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk
      2017-08-18 14:53 - 2017-08-18 14:53 - 000001095 _____ C:\Users\Public\Desktop\Avast SafeZone Browser.lnk
      2017-08-18 14:52 - 2017-08-18 14:51 - 000041800 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
      2017-08-18 14:51 - 2017-08-18 14:43 - 000400464 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
      2017-08-18 14:46 - 2017-08-18 14:52 - 000001986 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Premier.lnk
      2017-08-18 14:46 - 2017-08-18 14:52 - 000001974 _____ C:\Users\Public\Desktop\Avast Premier.lnk
      2017-08-18 14:46 - 2017-08-18 14:46 - 000061304 _____ () C:\WINDOWS\system32\Drivers\lpsport.sys.150306040301502.150306072775002
      2017-08-18 14:45 - 2017-08-18 14:45 - 000000000 ____D C:\Users\Nori7\AppData\Roaming\AVAST Software
      2017-08-18 14:44 - 2017-08-18 14:52 - 001015880 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsnx.sys
      2017-08-18 14:44 - 2017-08-18 14:52 - 000146704 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswmonflt.sys
      2017-08-18 14:44 - 2017-08-18 14:52 - 000146696 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswmonflt.sys.150306072946807
      2017-08-18 14:44 - 2017-08-18 14:52 - 000061304 _____ () C:\WINDOWS\system32\Drivers\lpsport.sys
      2017-08-18 14:44 - 2017-08-18 14:52 - 000003994 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
      2017-08-18 14:44 - 2017-08-18 14:51 - 001015848 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsnx.sys.150306072946807
      2017-08-18 14:44 - 2017-08-18 14:51 - 000146664 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswmonflt.sys.150306072793703
      2017-08-18 14:44 - 2017-08-18 14:49 - 000003618 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
      2017-08-18 14:44 - 2017-08-18 14:49 - 000003494 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
      2017-08-18 14:44 - 2017-08-18 14:45 - 000000000 ____D C:\Users\Nori7\AppData\Local\Google
      2017-08-18 14:44 - 2017-08-18 14:44 - 000002313 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
      2017-08-18 14:44 - 2017-08-18 14:44 - 000002301 _____ C:\Users\Public\Desktop\Google Chrome.lnk
      2017-08-18 14:44 - 2017-08-18 14:44 - 000000000 ____D C:\Program Files (x86)\Google
      2017-08-18 14:44 - 2017-08-18 14:43 - 000585608 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
      2017-08-18 14:44 - 2017-08-18 14:43 - 000554528 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetSec.sys
      2017-08-18 14:44 - 2017-08-18 14:43 - 000361336 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
      2017-08-18 14:44 - 2017-08-18 14:43 - 000343288 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbloga.sys
      2017-08-18 14:44 - 2017-08-18 14:43 - 000320008 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbidsdrivera.sys
      2017-08-18 14:44 - 2017-08-18 14:43 - 000198976 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbidsha.sys
      2017-08-18 14:44 - 2017-08-18 14:43 - 000198768 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
      2017-08-18 14:44 - 2017-08-18 14:43 - 000110352 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
      2017-08-18 14:44 - 2017-08-18 14:43 - 000084392 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
      2017-08-18 14:44 - 2017-08-18 14:43 - 000057728 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbuniva.sys
      2017-08-18 14:44 - 2017-08-18 14:43 - 000046984 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
      2017-08-18 14:43 - 2017-08-18 14:51 - 000000000 ____D C:\Program Files\AVAST Software
      2017-08-18 14:42 - 2017-08-18 20:02 - 000000000 ____D C:\ProgramData\AVAST Software
      2017-08-18 14:09 - 2017-08-18 14:09 - 000002964 _____ C:\WINDOWS\System32\Tasks\McAfee Cleanup
      2017-08-18 14:09 - 2017-08-18 14:09 - 000000778 _____ C:\WINDOWS\Tasks\McAfee Cleanup.job
      2017-08-18 14:06 - 2017-08-18 14:05 - 000544424 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
      2017-08-18 13:47 - 2017-08-18 13:47 - 000000000 ____D C:\Users\Nori7\Downloads\Shots Fired - Temporada 1 [HDTV][Cap.110][Español Castellano]
      2017-08-17 11:39 - 2017-08-17 11:55 - 000000000 ____D C:\Users\Nori7\Downloads\OK
      2017-08-11 00:47 - 2017-08-11 00:47 - 000001108 _____ C:\Users\Public\Desktop\Collage Maker 3.80.lnk
      2017-08-11 00:47 - 2017-08-11 00:47 - 000000000 ____D C:\Users\Nori7\Documents\Collage Maker Projects
      2017-08-11 00:47 - 2017-08-11 00:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Collage Maker 3.80
      2017-08-11 00:47 - 2017-08-11 00:47 - 000000000 ____D C:\Program Files (x86)\Collage Maker 3.80
      2017-08-09 22:50 - 2017-08-09 22:50 - 000000000 ____D C:\Users\Public\ABBYY
      2017-08-09 22:50 - 2017-08-09 22:50 - 000000000 ____D C:\Users\Nori7\AppData\Roaming\ABBYY
      2017-08-09 22:50 - 2017-08-09 22:50 - 000000000 ____D C:\Users\Nori7\AppData\Local\ABBYY
      2017-08-09 22:50 - 2017-08-09 22:50 - 000000000 ____D C:\ProgramData\ABBYY
      2017-08-09 22:49 - 2017-08-09 22:49 - 000164526 _____ C:\Users\Nori7\Documents\Scan.pdf
      2017-08-09 19:35 - 2017-08-09 19:35 - 000001489 _____ C:\Users\Nori7\Desktop\HP Send Fax.lnk
      2017-08-09 19:32 - 2017-08-09 19:32 - 000001289 _____ C:\Users\Public\Desktop\HP LJ M127128 Scan.lnk
      2017-08-09 19:32 - 2017-08-09 19:32 - 000000000 ____D C:\Users\Public\Desktop\HP
      2017-08-09 19:32 - 2017-08-09 19:32 - 000000000 ____D C:\Users\Nori7\Desktop\HP LaserJet Pro MFP M127-M128
      2017-08-09 18:34 - 2017-08-09 18:34 - 000001474 _____ C:\Users\Nori7\Desktop\hardcopy.lnk
      2017-08-09 18:32 - 2017-08-09 18:32 - 000003238 _____ C:\WINDOWS\System32\Tasks\hcdll2_ex_Win32
      2017-08-09 18:32 - 2017-08-09 18:32 - 000003230 _____ C:\WINDOWS\System32\Tasks\hcdll2_ex_x64
      2017-08-09 18:32 - 2017-08-09 18:32 - 000000000 ____D C:\Program Files (x86)\Hardcopy
      2017-08-09 18:30 - 2016-01-28 07:19 - 001720088 _____ (sw4you - Freeware für Windows 98, 2000, 2003, XP und Windows Vista (32 + 64 Bit). Siegfried Weckmann) C:\WINDOWS\SwSetupu.exe
      2017-08-09 00:24 - 2017-08-09 18:35 - 000000134 _____ C:\Users\Nori7\Desktop\Series DivxTotaL.URL
      2017-08-08 23:23 - 2017-08-01 04:39 - 008319392 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
      2017-08-08 23:23 - 2017-08-01 04:38 - 000406544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
      2017-08-08 23:23 - 2017-08-01 04:38 - 000382368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
      2017-08-08 23:23 - 2017-08-01 04:36 - 002165752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
      2017-08-08 23:23 - 2017-08-01 04:36 - 000750496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
      2017-08-08 23:23 - 2017-08-01 04:36 - 000119712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys
      2017-08-08 23:23 - 2017-08-01 04:35 - 000280472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
      2017-08-08 23:23 - 2017-08-01 04:35 - 000133904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe
      2017-08-08 23:23 - 2017-08-01 04:34 - 000610584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
      2017-08-08 23:23 - 2017-08-01 04:34 - 000359552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
      2017-08-08 23:23 - 2017-08-01 04:34 - 000349600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
      2017-08-08 23:23 - 2017-08-01 04:34 - 000168864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
      2017-08-08 23:23 - 2017-08-01 04:32 - 000820128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
      2017-08-08 23:23 - 2017-08-01 04:31 - 000176024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\basecsp.dll
      2017-08-08 23:23 - 2017-08-01 04:20 - 002956288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
      2017-08-08 23:23 - 2017-08-01 04:20 - 000404480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
      2017-08-08 23:23 - 2017-08-01 04:20 - 000154624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE
      2017-08-08 23:23 - 2017-08-01 04:18 - 013841408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
      2017-08-08 23:23 - 2017-08-01 04:18 - 002199552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
      2017-08-08 23:23 - 2017-08-01 04:17 - 000034816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tokenbinding.dll
      2017-08-08 23:23 - 2017-08-01 04:16 - 000080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
      2017-08-08 23:23 - 2017-08-01 04:14 - 000035840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sscore.dll
      2017-08-08 23:23 - 2017-08-01 04:13 - 020504064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
      2017-08-08 23:23 - 2017-08-01 04:13 - 000364032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
      2017-08-08 23:23 - 2017-08-01 04:13 - 000127488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdeploy.dll
      2017-08-08 23:23 - 2017-08-01 04:12 - 019336192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
      2017-08-08 23:23 - 2017-08-01 04:12 - 000229888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scksp.dll
      2017-08-08 23:23 - 2017-08-01 04:10 - 000358400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
      2017-08-08 23:23 - 2017-08-01 04:09 - 000394240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
      2017-08-08 23:23 - 2017-08-01 04:08 - 000267264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptprov.dll
      2017-08-08 23:23 - 2017-08-01 04:07 - 011870208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
      2017-08-08 23:23 - 2017-08-01 04:07 - 005961728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
      2017-08-08 23:23 - 2017-08-01 04:07 - 002671616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
      2017-08-08 23:23 - 2017-08-01 04:06 - 000798208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
      2017-08-08 23:23 - 2017-08-01 04:04 - 006269440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
      2017-08-08 23:23 - 2017-08-01 04:04 - 003656192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
      2017-08-08 23:23 - 2017-08-01 04:03 - 001627136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
      2017-08-08 23:23 - 2017-08-01 03:57 - 023677952 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
      2017-08-08 23:23 - 2017-08-01 03:41 - 000110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
      2017-08-08 23:23 - 2017-08-01 03:36 - 023681536 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
      2017-08-08 23:23 - 2017-08-01 03:35 - 000692736 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
      2017-08-08 23:23 - 2017-08-01 03:34 - 000805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
      2017-08-08 23:23 - 2017-08-01 03:31 - 012786176 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
      2017-08-08 23:23 - 2017-08-01 03:30 - 008209920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
      2017-08-08 23:23 - 2017-08-01 03:30 - 003377664 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
      2017-08-08 23:23 - 2017-08-01 03:28 - 004730368 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
      2017-08-08 23:23 - 2017-08-01 03:28 - 002516480 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
      2017-08-08 23:23 - 2017-08-01 00:45 - 001311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
      2017-08-08 23:23 - 2017-08-01 00:45 - 000866816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswdat10.dll
      2017-08-08 23:23 - 2017-08-01 00:45 - 000641536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswstr10.dll
      2017-08-08 23:23 - 2017-08-01 00:45 - 000616448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrepl40.dll
      2017-08-08 23:23 - 2017-08-01 00:45 - 000518144 _____ C:\WINDOWS\SysWOW64\msjetoledb40.dll
      2017-08-08 23:23 - 2017-08-01 00:45 - 000475648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxbde40.dll
      2017-08-08 23:23 - 2017-08-01 00:45 - 000375808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspbde40.dll
      2017-08-08 23:23 - 2017-08-01 00:45 - 000343552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
      2017-08-08 23:23 - 2017-08-01 00:45 - 000339968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
      2017-08-08 23:23 - 2017-08-01 00:45 - 000310272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd2x40.dll
      2017-08-08 23:23 - 2017-08-01 00:45 - 000290816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjtes40.dll
      2017-08-08 23:23 - 2017-08-01 00:45 - 000272896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstext40.dll
      2017-08-08 23:23 - 2017-08-01 00:45 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msltus40.dll
      2017-08-08 23:23 - 2017-08-01 00:45 - 000144896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjint40.dll
      2017-08-08 23:23 - 2017-08-01 00:45 - 000083968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjter40.dll
      2017-08-08 23:23 - 2017-07-28 07:25 - 002399728 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
      2017-08-08 23:23 - 2017-07-28 07:24 - 002327456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
      2017-08-08 23:23 - 2017-07-28 07:23 - 002969888 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll
      2017-08-08 23:23 - 2017-07-28 07:23 - 000723360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys
      2017-08-08 23:23 - 2017-07-28 07:20 - 000279968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
      2017-08-08 23:23 - 2017-07-28 07:16 - 007326128 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
      2017-08-08 23:23 - 2017-07-28 07:15 - 000554400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
      2017-08-08 23:23 - 2017-07-28 07:13 - 006557520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
      2017-08-08 23:23 - 2017-07-28 07:13 - 002604248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
      2017-08-08 23:23 - 2017-07-28 07:12 - 001325968 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
      2017-08-08 23:23 - 2017-07-28 07:10 - 002679200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
      2017-08-08 23:23 - 2017-07-28 07:09 - 000529992 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
      2017-08-08 23:23 - 2017-07-28 07:09 - 000387928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
      2017-08-08 23:23 - 2017-07-28 07:07 - 000805816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
      2017-08-08 23:23 - 2017-07-28 06:48 - 001839872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
      2017-08-08 23:23 - 2017-07-28 06:48 - 000096648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmcmnutils.dll
      2017-08-08 23:23 - 2017-07-28 06:47 - 002259768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreUIComponents.dll
      2017-08-08 23:23 - 2017-07-28 06:40 - 005820984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
      2017-08-08 23:23 - 2017-07-28 06:40 - 000551200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
      2017-08-08 23:23 - 2017-07-28 06:38 - 004213656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
      2017-08-08 23:23 - 2017-07-28 06:37 - 000519680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
      2017-08-08 23:23 - 2017-07-28 06:36 - 020373408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
      2017-08-08 23:23 - 2017-07-28 06:36 - 006761568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
      2017-08-08 23:23 - 2017-07-28 06:36 - 005808640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
      2017-08-08 23:23 - 2017-07-28 06:36 - 002424024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
      2017-08-08 23:23 - 2017-07-28 06:36 - 001195760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
      2017-08-08 23:23 - 2017-07-28 06:36 - 000866808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DolbyDecMFT.dll
      2017-08-08 23:23 - 2017-07-28 06:36 - 000864248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
      2017-08-08 23:23 - 2017-07-28 06:36 - 000173104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsensorgroup.dll
      2017-08-08 23:23 - 2017-07-28 06:36 - 000090464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msacm32.dll
      2017-08-08 23:23 - 2017-07-28 06:35 - 000988168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
      2017-08-08 23:23 - 2017-07-28 06:35 - 000277432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shlwapi.dll
      2017-08-08 23:23 - 2017-07-28 06:33 - 000967584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
      2017-08-08 23:23 - 2017-07-28 06:33 - 000583160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
      2017-08-08 23:23 - 2017-07-28 06:33 - 000414296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
      2017-08-08 23:23 - 2017-07-28 06:27 - 000051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmUcsi.sys
      2017-08-08 23:23 - 2017-07-28 06:26 - 000094720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
      2017-08-08 23:23 - 2017-07-28 06:26 - 000044032 _____ (Microsoft Corporation) C:\WINDOWS\system32\cmintegrator.dll
      2017-08-08 23:23 - 2017-07-28 06:25 - 000115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bridge.sys
      2017-08-08 23:23 - 2017-07-28 06:24 - 000184832 _____ (Microsoft Corporation) C:\WINDOWS\system32\VCardParser.dll
      2017-08-08 23:23 - 2017-07-28 06:22 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
      2017-08-08 23:23 - 2017-07-28 06:21 - 008333312 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
      2017-08-08 23:23 - 2017-07-28 06:21 - 000165888 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
      2017-08-08 23:23 - 2017-07-28 06:21 - 000029184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cmintegrator.dll
      2017-08-08 23:23 - 2017-07-28 06:20 - 000079872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
      2017-08-08 23:23 - 2017-07-28 06:20 - 000018432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IpNatHlpClient.dll
      2017-08-08 23:23 - 2017-07-28 06:19 - 000942592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll
      2017-08-08 23:23 - 2017-07-28 06:19 - 000847360 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
      2017-08-08 23:23 - 2017-07-28 06:19 - 000417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
      2017-08-08 23:23 - 2017-07-28 06:19 - 000412160 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
      2017-08-08 23:23 - 2017-07-28 06:19 - 000370688 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastlsext.dll
      2017-08-08 23:23 - 2017-07-28 06:19 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VCardParser.dll
      2017-08-08 23:23 - 2017-07-28 06:19 - 000117760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryUpgrade.dll
      2017-08-08 23:23 - 2017-07-28 06:18 - 000586240 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
      2017-08-08 23:23 - 2017-07-28 06:18 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BluetoothApis.dll
      2017-08-08 23:23 - 2017-07-28 06:17 - 006728192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
      2017-08-08 23:23 - 2017-07-28 06:16 - 001291776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
      2017-08-08 23:23 - 2017-07-28 06:16 - 000470016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCoreProvisioning.dll
      2017-08-08 23:23 - 2017-07-28 06:16 - 000383488 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
      2017-08-08 23:23 - 2017-07-28 06:16 - 000135680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qasf.dll
      2017-08-08 23:23 - 2017-07-28 06:15 - 005721600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
      2017-08-08 23:23 - 2017-07-28 06:15 - 000586752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
      2017-08-08 23:23 - 2017-07-28 06:14 - 004396032 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
      2017-08-08 23:23 - 2017-07-28 06:14 - 000368128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
      2017-08-08 23:23 - 2017-07-28 06:14 - 000357888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
      2017-08-08 23:23 - 2017-07-28 06:14 - 000331264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastlsext.dll
      2017-08-08 23:23 - 2017-07-28 06:13 - 004535296 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
      2017-08-08 23:23 - 2017-07-28 06:13 - 000932352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GamePanel.exe
      2017-08-08 23:23 - 2017-07-28 06:13 - 000665600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
      2017-08-08 23:23 - 2017-07-28 06:13 - 000636416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
      2017-08-08 23:23 - 2017-07-28 06:12 - 005557760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
      2017-08-08 23:23 - 2017-07-28 06:12 - 002939392 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
      2017-08-08 23:23 - 2017-07-28 06:12 - 000952832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
      2017-08-08 23:23 - 2017-07-28 06:12 - 000587776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PCPKsp.dll
      2017-08-08 23:23 - 2017-07-28 06:12 - 000446464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
      2017-08-08 23:23 - 2017-07-28 06:12 - 000337920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
      2017-08-08 23:23 - 2017-07-28 06:11 - 003667456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
      2017-08-08 23:23 - 2017-07-28 06:11 - 001248768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
      2017-08-08 23:23 - 2017-07-28 06:10 - 001019904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
      2017-08-08 23:23 - 2017-07-28 06:10 - 000787456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
      2017-08-08 23:23 - 2017-07-28 06:10 - 000564224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shsvcs.dll
      2017-08-08 23:23 - 2017-07-28 06:09 - 005225984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
      2017-08-08 23:23 - 2017-07-28 06:08 - 004559360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
      2017-08-08 23:23 - 2017-07-28 06:08 - 004417024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
      2017-08-08 23:23 - 2017-07-28 06:08 - 004056064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
      2017-08-08 23:23 - 2017-07-28 06:08 - 000760832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
      2017-08-08 23:23 - 2017-07-28 06:08 - 000097792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthhfenum.sys
      2017-08-08 23:23 - 2017-07-28 06:07 - 002211840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
      2017-08-08 23:23 - 2017-07-28 06:05 - 001536512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
      2017-08-08 23:23 - 2017-07-28 06:05 - 000892928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autochk.exe
      2017-08-08 23:23 - 2017-07-28 06:05 - 000538112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\untfs.dll
      2017-08-08 23:23 - 2017-07-28 06:02 - 000877056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autoconv.exe
      2017-08-08 23:23 - 2017-07-28 06:02 - 000853504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autofmt.exe
      2017-08-08 23:23 - 2017-07-28 06:02 - 000077312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spbcd.dll
      2017-08-08 23:22 - 2017-08-01 04:33 - 000473240 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
      2017-08-08 23:22 - 2017-08-01 04:32 - 002444704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
      2017-08-08 23:22 - 2017-08-01 04:32 - 000712600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
      2017-08-08 23:22 - 2017-08-01 04:31 - 005477088 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
      2017-08-08 23:22 - 2017-08-01 04:31 - 002645680 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
      2017-08-08 23:22 - 2017-08-01 04:31 - 000212384 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
      2017-08-08 23:22 - 2017-08-01 04:30 - 000723680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
      2017-08-08 23:22 - 2017-08-01 04:30 - 000411040 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
      2017-08-08 23:22 - 2017-08-01 04:30 - 000410160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
      2017-08-08 23:22 - 2017-08-01 04:30 - 000315288 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
      2017-08-08 23:22 - 2017-08-01 04:30 - 000182688 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
      2017-08-08 23:22 - 2017-08-01 04:30 - 000143736 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
      2017-08-08 23:22 - 2017-08-01 04:30 - 000082336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbkmcl.sys
      2017-08-08 23:22 - 2017-08-01 04:26 - 000204192 _____ (Microsoft Corporation) C:\WINDOWS\system32\basecsp.dll
      2017-08-08 23:22 - 2017-08-01 03:45 - 003670016 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
      2017-08-08 23:22 - 2017-08-01 03:45 - 001275392 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
      2017-08-08 23:22 - 2017-08-01 03:45 - 000462848 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
      2017-08-08 23:22 - 2017-08-01 03:45 - 000092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
      2017-08-08 23:22 - 2017-08-01 03:44 - 000184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
      2017-08-08 23:22 - 2017-08-01 03:44 - 000083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbkmclr.sys
      2017-08-08 23:22 - 2017-08-01 03:44 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe
      2017-08-08 23:22 - 2017-08-01 03:42 - 002199552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
      2017-08-08 23:22 - 2017-08-01 03:41 - 000180736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rfcomm.sys
      2017-08-08 23:22 - 2017-08-01 03:41 - 000130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanagerprecheck.dll
      2017-08-08 23:22 - 2017-08-01 03:41 - 000042496 _____ (Microsoft Corporation) C:\WINDOWS\system32\tokenbinding.dll
      2017-08-08 23:22 - 2017-08-01 03:40 - 017366528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
      2017-08-08 23:22 - 2017-08-01 03:40 - 000290816 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenterprisediagnostics.dll
      2017-08-08 23:22 - 2017-08-01 03:39 - 000046592 _____ (Microsoft Corporation) C:\WINDOWS\system32\sscore.dll
      2017-08-08 23:22 - 2017-08-01 03:38 - 000153088 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdeploy.dll

      sigue en 3

    8. #8
      Usuario Avatar de Nori777
      Registrado
      nov 2008
      Ubicación
      Madrid
      Mensajes
      16

      re: Malwarebytes no inicia correctamente (error 0xc0000279) (Solucionado)

      2017-08-08 23:22 - 2017-08-01 03:38 - 000143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvcext.dll
      2017-08-08 23:22 - 2017-08-01 03:37 - 000582656 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmsRouterSvc.dll
      2017-08-08 23:22 - 2017-08-01 03:37 - 000433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
      2017-08-08 23:22 - 2017-08-01 03:37 - 000255488 _____ (Microsoft Corporation) C:\WINDOWS\system32\scksp.dll
      2017-08-08 23:22 - 2017-08-01 03:33 - 001269760 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
      2017-08-08 23:22 - 2017-08-01 03:33 - 000315904 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptprov.dll
      2017-08-08 23:22 - 2017-08-01 03:32 - 007336960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
      2017-08-08 23:22 - 2017-08-01 03:32 - 000176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
      2017-08-08 23:22 - 2017-08-01 03:31 - 004445696 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
      2017-08-08 23:22 - 2017-08-01 03:31 - 001396736 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
      2017-08-08 23:22 - 2017-08-01 03:30 - 002055168 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
      2017-08-08 23:22 - 2017-08-01 03:30 - 001052160 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
      2017-08-08 23:22 - 2017-08-01 03:30 - 000303104 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvsvc.dll
      2017-08-08 23:22 - 2017-08-01 03:27 - 001802752 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
      2017-08-08 23:22 - 2017-08-01 03:27 - 000574464 _____ (Microsoft Corporation) C:\WINDOWS\system32\configmanager2.dll
      2017-08-08 23:22 - 2017-08-01 03:27 - 000482816 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
      2017-08-08 23:22 - 2017-08-01 03:26 - 000323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
      2017-08-08 23:22 - 2017-08-01 03:25 - 000249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\coredpus.dll
      2017-08-08 23:22 - 2017-08-01 03:25 - 000194048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
      2017-08-08 23:22 - 2017-08-01 03:25 - 000140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcsps.dll
      2017-08-08 23:22 - 2017-07-28 07:30 - 001068720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
      2017-08-08 23:22 - 2017-07-28 07:24 - 000455584 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
      2017-08-08 23:22 - 2017-07-28 07:24 - 000119904 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcmnutils.dll
      2017-08-08 23:22 - 2017-07-28 07:24 - 000116280 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcd.dll
      2017-08-08 23:22 - 2017-07-28 07:22 - 000923048 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
      2017-08-08 23:22 - 2017-07-28 07:17 - 000660680 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
      2017-08-08 23:22 - 2017-07-28 07:16 - 000961952 _____ (Microsoft Corporation) C:\WINDOWS\system32\efscore.dll
      2017-08-08 23:22 - 2017-07-28 07:15 - 005302968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
      2017-08-08 23:22 - 2017-07-28 07:15 - 000872472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
      2017-08-08 23:22 - 2017-07-28 07:15 - 000715168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
      2017-08-08 23:22 - 2017-07-28 07:14 - 000654976 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
      2017-08-08 23:22 - 2017-07-28 07:14 - 000318232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininit.exe
      2017-08-08 23:22 - 2017-07-28 07:13 - 007907344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
      2017-08-08 23:22 - 2017-07-28 07:13 - 001054280 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
      2017-08-08 23:22 - 2017-07-28 07:13 - 001033544 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
      2017-08-08 23:22 - 2017-07-28 07:13 - 000192264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsensorgroup.dll
      2017-08-08 23:22 - 2017-07-28 07:13 - 000104432 _____ (Microsoft Corporation) C:\WINDOWS\system32\msacm32.dll
      2017-08-08 23:22 - 2017-07-28 07:12 - 021353208 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
      2017-08-08 23:22 - 2017-07-28 07:12 - 001337856 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
      2017-08-08 23:22 - 2017-07-28 07:12 - 000323936 _____ (Microsoft Corporation) C:\WINDOWS\system32\shlwapi.dll
      2017-08-08 23:22 - 2017-07-28 07:10 - 001114528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
      2017-08-08 23:22 - 2017-07-28 07:09 - 000527976 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
      2017-08-08 23:22 - 2017-07-28 06:48 - 000100232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcd.dll
      2017-08-08 23:22 - 2017-07-28 06:31 - 003995136 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbon.dll
      2017-08-08 23:22 - 2017-07-28 06:30 - 001722880 _____ (Microsoft Corporation) C:\WINDOWS\system32\dui70.dll
      2017-08-08 23:22 - 2017-07-28 06:29 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
      2017-08-08 23:22 - 2017-07-28 06:29 - 000142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmredir.dll
      2017-08-08 23:22 - 2017-07-28 06:26 - 000102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\officecsp.dll
      2017-08-08 23:22 - 2017-07-28 06:26 - 000090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\ofdeploy.exe
      2017-08-08 23:22 - 2017-07-28 06:26 - 000022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\IpNatHlpClient.dll
      2017-08-08 23:22 - 2017-07-28 06:25 - 003464704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbon.dll
      2017-08-08 23:22 - 2017-07-28 06:25 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyMATEnc.dll
      2017-08-08 23:22 - 2017-07-28 06:25 - 000112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
      2017-08-08 23:22 - 2017-07-28 06:25 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthenum.sys
      2017-08-08 23:22 - 2017-07-28 06:25 - 000097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Microsoft.Bluetooth.Legacy.LEEnumerator.sys
      2017-08-08 23:22 - 2017-07-28 06:24 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
      2017-08-08 23:22 - 2017-07-28 06:24 - 000136192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryUpgrade.dll
      2017-08-08 23:22 - 2017-07-28 06:24 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
      2017-08-08 23:22 - 2017-07-28 06:24 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
      2017-08-08 23:22 - 2017-07-28 06:23 - 007931392 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
      2017-08-08 23:22 - 2017-07-28 06:23 - 000778240 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyHrtfEnc.dll
      2017-08-08 23:22 - 2017-07-28 06:23 - 000189440 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothApis.dll
      2017-08-08 23:22 - 2017-07-28 06:22 - 000778240 _____ C:\WINDOWS\system32\MBR2GPT.EXE
      2017-08-08 23:22 - 2017-07-28 06:22 - 000555008 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCoreProvisioning.dll
      2017-08-08 23:22 - 2017-07-28 06:22 - 000500224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.BlueLightReduction.dll
      2017-08-08 23:22 - 2017-07-28 06:22 - 000491520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Display.dll
      2017-08-08 23:22 - 2017-07-28 06:22 - 000450048 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
      2017-08-08 23:22 - 2017-07-28 06:22 - 000259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Flights.dll
      2017-08-08 23:22 - 2017-07-28 06:22 - 000197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdboot.exe
      2017-08-08 23:22 - 2017-07-28 06:21 - 000699904 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll
      2017-08-08 23:22 - 2017-07-28 06:21 - 000527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
      2017-08-08 23:22 - 2017-07-28 06:21 - 000365056 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Notifications.dll
      2017-08-08 23:22 - 2017-07-28 06:21 - 000150528 _____ (Microsoft Corporation) C:\WINDOWS\system32\qasf.dll
      2017-08-08 23:22 - 2017-07-28 06:20 - 001015296 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll
      2017-08-08 23:22 - 2017-07-28 06:20 - 000982016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
      2017-08-08 23:22 - 2017-07-28 06:20 - 000524800 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll
      2017-08-08 23:22 - 2017-07-28 06:19 - 001878016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
      2017-08-08 23:22 - 2017-07-28 06:19 - 000817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
      2017-08-08 23:22 - 2017-07-28 06:19 - 000687616 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
      2017-08-08 23:22 - 2017-07-28 06:19 - 000566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.UX.EapRequestHandler.dll
      2017-08-08 23:22 - 2017-07-28 06:19 - 000229376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SIHClient.exe
      2017-08-08 23:22 - 2017-07-28 06:18 - 001468416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
      2017-08-08 23:22 - 2017-07-28 06:18 - 001298432 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpasvc.dll
      2017-08-08 23:22 - 2017-07-28 06:18 - 001260544 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
      2017-08-08 23:22 - 2017-07-28 06:18 - 000925696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
      2017-08-08 23:22 - 2017-07-28 06:18 - 000777216 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
      2017-08-08 23:22 - 2017-07-28 06:18 - 000536064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
      2017-08-08 23:22 - 2017-07-28 06:17 - 002805248 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
      2017-08-08 23:22 - 2017-07-28 06:17 - 001886208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
      2017-08-08 23:22 - 2017-07-28 06:17 - 000770048 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCPKsp.dll
      2017-08-08 23:22 - 2017-07-28 06:17 - 000497152 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
      2017-08-08 23:22 - 2017-07-28 06:17 - 000420864 _____ (Microsoft Corporation) C:\WINDOWS\system32\facecredentialprovider.dll
      2017-08-08 23:22 - 2017-07-28 06:16 - 001046016 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
      2017-08-08 23:22 - 2017-07-28 06:15 - 003204608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Profiles.Gatt.dll
      2017-08-08 23:22 - 2017-07-28 06:15 - 000986112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
      2017-08-08 23:22 - 2017-07-28 06:15 - 000612864 _____ (Microsoft Corporation) C:\WINDOWS\system32\shsvcs.dll
      2017-08-08 23:22 - 2017-07-28 06:14 - 001305088 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
      2017-08-08 23:22 - 2017-07-28 06:13 - 001293824 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
      2017-08-08 23:22 - 2017-07-28 06:13 - 000972288 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
      2017-08-08 23:22 - 2017-07-28 06:13 - 000809984 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
      2017-08-08 23:22 - 2017-07-28 06:12 - 004707840 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
      2017-08-08 23:22 - 2017-07-28 06:12 - 002444288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
      2017-08-08 23:22 - 2017-07-28 06:12 - 000406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
      2017-08-08 23:22 - 2017-07-28 06:11 - 001357312 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
      2017-08-08 23:22 - 2017-07-28 06:10 - 001706496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
      2017-08-08 23:22 - 2017-07-28 06:10 - 000625152 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
      2017-08-08 23:22 - 2017-07-28 06:09 - 000971264 _____ (Microsoft Corporation) C:\WINDOWS\system32\autochk.exe
      2017-08-08 23:22 - 2017-07-28 06:09 - 000579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\untfs.dll
      2017-08-08 23:22 - 2017-07-28 06:08 - 000600576 _____ (Microsoft Corporation) C:\WINDOWS\system32\FrameServer.dll
      2017-08-08 23:22 - 2017-07-28 06:07 - 000112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
      2017-08-08 23:22 - 2017-07-28 06:07 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\system32\RjvMDMConfig.dll
      2017-08-08 23:22 - 2017-07-28 06:07 - 000074240 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll
      2017-08-08 23:22 - 2017-07-28 06:07 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\DmApiSetExtImplDesktop.dll
      2017-08-08 23:22 - 2017-07-28 06:06 - 001833984 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
      2017-08-08 23:22 - 2017-07-28 06:06 - 000593408 _____ (Microsoft Corporation) C:\WINDOWS\system32\BootMenuUX.dll
      2017-08-08 23:22 - 2017-07-28 06:06 - 000093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\spbcd.dll
      2017-08-08 23:22 - 2017-07-28 06:05 - 001525760 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
      2017-08-08 23:22 - 2017-07-28 06:05 - 001087488 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
      2017-08-08 23:22 - 2017-07-28 06:05 - 000954368 _____ (Microsoft Corporation) C:\WINDOWS\system32\autoconv.exe
      2017-08-08 23:22 - 2017-07-28 06:05 - 000926208 _____ (Microsoft Corporation) C:\WINDOWS\system32\autofmt.exe
      2017-08-08 23:22 - 2017-07-28 06:05 - 000078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\setbcdlocale.dll
      2017-08-08 21:28 - 2017-08-21 00:45 - 000000364 _____ C:\WINDOWS\Tasks\HPCeeScheduleForNori7.job
      2017-08-08 21:28 - 2017-08-20 21:28 - 000003256 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleForNori7
      2017-08-08 21:28 - 2017-08-08 21:28 - 000000000 ____D C:\Users\Nori7\AppData\Local\HP_Development_Company,_L
      2017-08-08 21:28 - 2017-08-08 21:28 - 000000000 ____D C:\Users\Default\AppData\Roaming\Adobe
      2017-08-08 21:28 - 2017-08-08 21:28 - 000000000 ____D C:\Users\Default User\AppData\Roaming\Adobe
      2017-08-07 21:06 - 2017-08-07 21:10 - 000000252 _____ C:\Users\Nori7\Desktop\Bet365.URL
      2017-08-07 10:25 - 2017-08-03 19:04 - 000002351 _____ C:\Users\Nori7\Desktop\Series.lnk
      2017-08-06 01:03 - 2017-08-06 01:03 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
      2017-08-05 16:44 - 2017-08-05 16:44 - 000001881 _____ C:\Users\Public\Desktop\QuickTime Player.lnk
      2017-08-05 16:44 - 2017-08-05 16:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
      2017-08-05 16:43 - 2017-08-05 16:44 - 000000000 ____D C:\Program Files (x86)\QuickTime
      2017-08-05 16:40 - 2017-08-05 16:40 - 000000000 ____D C:\Users\Nori7\AppData\LocalLow\Apple Computer
      2017-08-05 16:20 - 2017-08-05 16:20 - 000000000 ____D C:\Users\Nori7\Documents\Adobe
      2017-08-05 12:53 - 2017-08-05 12:54 - 000000000 ____D C:\Users\Nori7\Documents\Freemake
      2017-08-05 12:53 - 2017-08-05 12:53 - 000001364 _____ C:\Users\Public\Desktop\Freemake Video Converter.lnk
      2017-08-05 12:53 - 2017-08-05 12:53 - 000000000 ____D C:\Users\Nori7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Freemake
      2017-08-05 12:53 - 2017-08-05 12:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Freemake
      2017-08-05 12:53 - 2017-08-05 12:53 - 000000000 ____D C:\ProgramData\Freemake
      2017-08-05 12:53 - 2017-08-05 12:53 - 000000000 ____D C:\Program Files (x86)\Freemake
      2017-08-05 12:43 - 2017-08-05 12:43 - 000000000 ____D C:\Users\Nori7\Documents\Wondershare Video Converter Ultimate
      2017-08-05 12:43 - 2017-08-05 12:43 - 000000000 ____D C:\Users\Nori7\AppData\Roaming\Wondershare Video Converter Ultimate
      2017-08-05 12:43 - 2017-08-05 12:43 - 000000000 ____D C:\Users\Nori7\AppData\Roaming\vlc
      2017-08-05 12:43 - 2017-08-05 12:43 - 000000000 ____D C:\Users\Nori7\AppData\Roaming\{950EB46C-6AC7-4ACC-AB36-9A6A77C08B6A}
      2017-08-04 18:19 - 2017-08-07 10:08 - 000001397 _____ C:\Users\Nori7\Desktop\Gastos 2017_07.lnk
      2017-08-04 18:11 - 2017-08-06 23:04 - 000014196 _____ C:\Users\Nori7\Documents\starburn.txt
      2017-08-04 18:11 - 2017-08-04 18:11 - 000001187 _____ C:\Users\Public\Desktop\Wondershare Filmora.lnk
      2017-08-04 18:10 - 2017-08-04 18:10 - 000000000 ____D C:\ProgramData\Wondershare Video Editor
      2017-08-04 13:48 - 2017-08-04 17:44 - 000000000 ____D C:\Users\Nori7\Documents\Wondershare Filmora
      2017-08-04 13:48 - 2017-08-04 13:48 - 000000000 ____D C:\Program Files\Wondershare
      2017-08-04 13:36 - 2017-08-04 13:36 - 000000000 ____D C:\Users\Nori7\AppData\Local\CEF
      2017-08-04 00:57 - 2017-08-20 23:19 - 000005320 _____ C:\WINDOWS\System32\Tasks\Microsoft Office 15 Sync Maintenance for DESKTOP-LVB98V2-Nori7 DESKTOP-LVB98V2
      2017-08-02 23:38 - 2017-08-02 23:38 - 000000000 ____D C:\Users\Nori7\Documents\Camtasia Studio
      2017-08-02 23:38 - 2017-08-02 23:38 - 000000000 ____D C:\ProgramData\TechSmith
      2017-08-02 22:55 - 2017-08-02 22:59 - 000000000 ____D C:\Users\Nori7\AppData\Local\Adobe
      2017-08-02 22:53 - 2017-08-02 22:53 - 000002135 _____ C:\Users\Public\Desktop\Lightroom 5.6 64-bit.lnk
      2017-08-02 22:53 - 2017-08-02 22:53 - 000000000 ____D C:\ProgramData\Adobe
      2017-08-02 22:53 - 2017-08-02 22:53 - 000000000 ____D C:\Program Files\Common Files\Adobe
      2017-08-02 22:53 - 2017-08-02 22:53 - 000000000 ____D C:\Program Files\Adobe
      2017-08-02 22:27 - 2017-08-02 22:27 - 000002698 _____ C:\Users\Nori7\Desktop\Word 2013.lnk
      2017-08-02 22:27 - 2017-08-02 22:27 - 000002660 _____ C:\Users\Nori7\Desktop\Excel 2013.lnk
      2017-08-02 22:19 - 2017-08-19 18:51 - 000000000 ____D C:\WINDOWS\AutoKMS
      2017-08-02 22:18 - 2017-08-02 22:18 - 000000000 ____D C:\ProgramData\Microsoft Toolkit
      2017-08-02 22:16 - 2017-08-02 22:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
      2017-08-02 22:16 - 2017-08-02 22:16 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
      2017-08-02 22:16 - 2017-08-02 22:16 - 000000000 ____D C:\Program Files (x86)\Microsoft SQL Server
      2017-08-02 22:15 - 2017-08-02 22:16 - 000000000 ____D C:\Program Files\Microsoft SQL Server
      2017-08-02 22:15 - 2017-08-02 22:15 - 000000000 ____D C:\WINDOWS\PCHEALTH
      2017-08-02 22:15 - 2017-08-02 22:15 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
      2017-08-02 22:13 - 2017-08-02 22:16 - 000000000 ____D C:\WINDOWS\SHELLNEW
      2017-08-02 22:13 - 2017-08-02 22:13 - 000000000 ____D C:\Program Files\Microsoft Analysis Services
      2017-08-02 22:13 - 2017-08-02 22:13 - 000000000 ____D C:\Program Files (x86)\Microsoft Analysis Services
      2017-08-02 22:12 - 2017-08-07 13:24 - 000000000 ____D C:\Users\Nori7\AppData\Local\Microsoft Help
      2017-08-02 22:12 - 2017-08-02 22:12 - 000000000 __RHD C:\MSOCache
      2017-08-02 13:18 - 2017-08-19 23:38 - 000000884 _____ C:\Users\Nori7\Desktop\MG.lnk
      2017-08-02 09:55 - 2017-08-02 09:55 - 000000000 ____D C:\Users\Nori7\AppData\Roaming\WildTangent
      2017-08-02 09:52 - 2017-08-02 22:28 - 000000137 _____ C:\Users\Nori7\Desktop\Traducir Tradukka [Español].URL
      2017-08-02 09:49 - 2017-08-02 09:49 - 000000000 ____D C:\Users\Nori7\HP
      2017-08-02 09:46 - 2017-08-02 13:26 - 000000144 _____ C:\Users\Nori7\Desktop\Lokotorrent.URL
      2017-08-02 09:45 - 2017-08-02 13:26 - 000000134 _____ C:\Users\Nori7\Desktop\SensaCine.com.URL
      2017-08-02 09:43 - 2017-08-02 13:25 - 000000142 _____ C:\Users\Nori7\Desktop\Bricocine.URL
      2017-08-02 09:43 - 2017-08-02 13:25 - 000000124 _____ C:\Users\Nori7\Desktop\Divxatope1.URL
      2017-08-02 09:42 - 2017-08-02 13:23 - 000000121 _____ C:\Users\Nori7\Desktop\Newpct1.URL
      2017-08-02 09:42 - 2017-08-02 13:22 - 000000172 _____ C:\Users\Nori7\Desktop\MejorTorrent.URL
      2017-08-02 09:36 - 2017-08-02 13:22 - 000000157 _____ C:\Users\Nori7\Desktop\Torrentlocura.URL
      2017-08-02 01:24 - 2017-08-02 11:01 - 000000000 ____D C:\MG
      2017-08-01 23:37 - 2017-08-01 23:40 - 000000000 ____D C:\Program Files (x86)\RFFlow
      2017-08-01 23:37 - 2017-08-01 23:37 - 000001075 _____ C:\Users\Nori7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RFFlow.lnk
      2017-08-01 23:37 - 2017-08-01 23:37 - 000001057 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RFFlow.lnk
      2017-08-01 23:37 - 2017-08-01 23:37 - 000001045 _____ C:\Users\Public\Desktop\RFFlow.lnk
      2017-08-01 23:17 - 2017-08-02 22:15 - 000000000 ____D C:\Program Files\Microsoft Office
      2017-08-01 22:56 - 2017-08-01 22:56 - 000001308 _____ C:\Users\Public\Desktop\Wondershare Data Recovery.lnk
      2017-08-01 22:36 - 2017-08-09 22:57 - 000000000 ____D C:\Users\Nori7\Documents\Wondershare PDF Converter Pro
      2017-08-01 22:34 - 2015-06-12 10:40 - 000096328 _____ (Wondershare Software) C:\WINDOWS\system32\WSMonitorX64.dll
      2017-08-01 22:33 - 2017-08-01 22:33 - 000001341 _____ C:\Users\Public\Desktop\Wondershare PDF Converter Pro.lnk
      2017-08-01 22:33 - 2017-08-01 22:33 - 000000000 ____D C:\Users\Nori7\AppData\Roaming\Wondershare
      2017-08-01 16:39 - 2017-08-01 16:39 - 000000207 _____ C:\Users\Nori7\Desktop\DiskStation*-*Synology*DiskStation.URL
      2017-08-01 14:14 - 2017-08-01 14:14 - 000000000 ____D C:\Users\Nori7\Documents\Plantillas personalizadas de Office
      2017-08-01 01:10 - 2017-08-01 14:15 - 000000000 ____D C:\Users\Nori7\Documents\Wondershare PDF to Word
      2017-08-01 00:57 - 2017-08-01 00:57 - 000000903 _____ C:\Users\Nori7\Desktop\µTorrent.lnk
      2017-08-01 00:56 - 2017-08-21 00:44 - 000000000 ____D C:\Users\Nori7\AppData\Roaming\uTorrent
      2017-08-01 00:24 - 2017-08-01 00:24 - 000000000 ____D C:\Users\Nori7\AppData\Local\DBG
      2017-08-01 00:22 - 2017-08-21 00:29 - 000000000 ____D C:\ProgramData\Malwarebytes
      2017-08-01 00:10 - 2017-08-09 19:32 - 000000195 _____ C:\WINDOWS\system32\AddPort.ini
      2017-08-01 00:10 - 2017-08-08 00:58 - 000000000 ____D C:\Users\Nori7\AppData\Roaming\HpUpdate
      2017-08-01 00:10 - 2017-08-01 00:10 - 000000000 ____D C:\Users\Nori7\AppData\Roaming\Hewlett-Packard Company
      2017-08-01 00:10 - 2017-08-01 00:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
      2017-08-01 00:05 - 2017-08-09 19:28 - 000000000 ____D C:\HP_LaserJet_Pro_MFP_M127-M128
      2017-08-01 00:05 - 2015-04-30 01:52 - 001022984 _____ (Hewlett-Packard) C:\WINDOWS\system32\hpptsplj127128_x64.dll
      2017-08-01 00:05 - 2015-04-30 01:52 - 000828936 _____ (Hewlett-Packard) C:\WINDOWS\SysWOW64\hpptsplj127128.dll
      2017-08-01 00:05 - 2015-04-30 01:52 - 000584712 _____ (HP Inc., LP) C:\WINDOWS\system32\hpwia2_lj127128.dll
      2017-08-01 00:05 - 2015-04-30 01:46 - 000217656 _____ (Hewlett Packard) C:\WINDOWS\system32\hppscancoins64.dll
      2017-08-01 00:05 - 2014-06-19 01:34 - 000555296 _____ (Hewlett-Packard) C:\WINDOWS\system32\hpzjcd01scan.dll
      2017-07-31 23:57 - 2017-08-21 00:53 - 000000000 ____D C:\Users\Nori7\AppData\LocalLow\Mozilla
      2017-07-31 23:57 - 2017-08-01 00:01 - 000000000 ____D C:\Users\Nori7\AppData\Local\Mozilla
      2017-07-31 23:57 - 2017-07-31 23:57 - 000000000 ____D C:\Users\Nori7\AppData\Roaming\Mozilla
      2017-07-31 23:45 - 2017-08-08 23:27 - 000000000 ____D C:\WINDOWS\system32\MRT
      2017-07-31 23:45 - 2017-08-08 23:25 - 140394280 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
      2017-07-31 23:42 - 2017-07-31 23:42 - 000001630 _____ C:\Users\Nori7\Desktop\PrintFolder.exe - Acceso directo.lnk
      2017-07-31 23:41 - 2017-07-31 23:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PrintFolder Pro
      2017-07-31 23:41 - 2017-07-31 23:41 - 000000000 ____D C:\Program Files (x86)\PrintFolder Pro
      2017-07-31 23:33 - 2017-08-05 18:11 - 000000000 ____D C:\ProgramData\Wondershare Video Converter Ultimate
      2017-07-31 23:33 - 2017-08-05 12:44 - 000000000 ____D C:\Users\Nori7\Documents\Wondershare MediaServer
      2017-07-31 23:33 - 2017-08-01 22:56 - 000000000 ____D C:\ProgramData\Wondershare
      2017-07-31 23:33 - 2017-07-31 23:33 - 000001544 _____ C:\Users\Public\Desktop\Wondershare Video Converter Ultimate.lnk
      2017-07-31 23:33 - 2017-07-31 23:33 - 000000000 ____D C:\Users\Nori7\AppData\Local\Wondershare
      2017-07-31 23:33 - 2014-10-24 14:16 - 000721263 _____ () C:\WINDOWS\SysWOW64\WSCM64.dll
      2017-07-31 23:33 - 2014-10-24 14:16 - 000214528 _____ () C:\WINDOWS\SysWOW64\WSCM32.dll
      2017-07-31 23:29 - 2017-07-31 23:29 - 000000000 ____D C:\Users\Nori7\AppData\Roaming\WinRAR
      2017-07-31 23:28 - 2017-07-31 23:28 - 000001150 _____ C:\Users\Public\Desktop\VLC media player.lnk
      2017-07-31 23:28 - 2017-07-31 23:28 - 000000000 ____D C:\Program Files (x86)\VideoLAN
      2017-07-31 23:26 - 2017-07-31 23:26 - 000001045 _____ C:\Users\Nori7\Desktop\Unlocker.exe - Acceso directo.lnk
      2017-07-31 23:25 - 2017-07-31 23:25 - 000000000 ____D C:\Users\Nori7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker
      2017-07-31 23:25 - 2017-07-31 23:25 - 000000000 ____D C:\Program Files\Unlocker
      2017-07-31 23:22 - 2017-08-19 16:11 - 000000000 ____D C:\Users\Nori7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
      2017-07-31 23:22 - 2017-08-19 16:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
      2017-07-31 23:22 - 2017-08-19 16:11 - 000000000 ____D C:\Program Files\WinRAR
      2017-07-31 23:20 - 2017-08-04 18:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare
      2017-07-31 23:20 - 2017-08-04 18:10 - 000000000 ____D C:\Program Files (x86)\Wondershare
      2017-07-31 23:20 - 2017-07-31 23:20 - 000000000 ____D C:\Users\Nori7\AppData\Local\MicrosoftEdge
      2017-07-31 23:18 - 2017-08-10 18:36 - 000000000 ____D C:\Users\Nori7\AppData\Local\File Renamer Basic
      2017-07-31 23:18 - 2017-07-31 23:18 - 000121739 _____ C:\WINDOWS\File Renamer - Basic Uninstaller.exe
      2017-07-31 23:18 - 2017-07-31 23:18 - 000001130 _____ C:\Users\Nori7\Desktop\FileRenamer.lnk
      2017-07-31 23:18 - 2017-07-31 23:18 - 000000000 ____D C:\Program Files (x86)\File Renamer
      2017-07-31 22:57 - 2017-08-03 19:01 - 000000000 ____D C:\Users\Nori7\AppData\Roaming\Apple Computer
      2017-07-31 22:57 - 2017-07-31 22:57 - 000001829 _____ C:\Users\Public\Desktop\iTunes.lnk
      2017-07-31 22:57 - 2017-07-31 22:57 - 000000000 ____D C:\Users\Nori7\AppData\Local\Apple Computer
      2017-07-31 22:57 - 2017-07-31 22:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
      2017-07-31 22:56 - 2017-07-31 22:57 - 000000000 ____D C:\Program Files\iTunes
      2017-07-31 22:56 - 2017-07-31 22:56 - 000000000 ____D C:\ProgramData\Apple Computer
      2017-07-31 22:56 - 2017-07-31 22:56 - 000000000 ____D C:\Program Files\iPod
      2017-07-31 22:55 - 2017-07-31 22:55 - 000002535 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
      2017-07-31 22:55 - 2017-07-31 22:55 - 000000000 ____D C:\Users\Nori7\AppData\Local\Apple
      2017-07-31 22:55 - 2017-07-31 22:55 - 000000000 ____D C:\Program Files\Bonjour
      2017-07-31 22:55 - 2017-07-31 22:55 - 000000000 ____D C:\Program Files (x86)\Bonjour
      2017-07-31 22:55 - 2017-07-31 22:55 - 000000000 ____D C:\Program Files (x86)\Apple Software Update
      2017-07-31 22:54 - 2017-07-31 22:55 - 000000000 ____D C:\Program Files\Common Files\Apple
      2017-07-31 22:39 - 2017-08-19 16:04 - 000000000 ____D C:\Program Files\Mozilla Firefox
      2017-07-31 22:39 - 2017-07-31 22:39 - 000001000 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
      2017-07-31 22:39 - 2017-07-31 22:39 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
      2017-07-31 21:53 - 2017-08-09 19:37 - 000000000 ____D C:\Users\Nori7\AppData\Local\HP
      2017-07-31 21:48 - 2017-07-31 21:48 - 000000000 ____D C:\Users\Nori7\AppData\Roaming\hpqLog
      2017-07-31 21:48 - 2017-07-31 21:48 - 000000000 ____D C:\Users\Nori7\AppData\Local\Hewlett-Packard
      2017-07-31 21:46 - 2017-07-31 21:46 - 000000000 ____D C:\Users\Nori7\AppData\Local\NetworkTiles
      2017-07-31 21:46 - 2017-07-31 21:46 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
      2017-07-31 21:44 - 2017-07-31 21:44 - 000000020 ___SH C:\Users\Nori7\ntuser.ini
      2017-07-31 21:27 - 2017-07-31 21:27 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
      2017-07-31 21:27 - 2017-07-31 20:46 - 000000000 ____D C:\WINDOWS\ServiceProfiles
      2017-07-31 21:25 - 2017-07-31 21:25 - 000000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
      2017-07-31 21:25 - 2017-07-31 21:25 - 000000000 ____D C:\Program Files\Reference Assemblies
      2017-07-31 21:25 - 2017-07-31 21:25 - 000000000 ____D C:\Program Files\MSBuild
      2017-07-31 21:25 - 2017-07-31 21:25 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
      2017-07-31 21:25 - 2017-07-31 21:25 - 000000000 ____D C:\Program Files (x86)\MSBuild
      2017-07-31 21:25 - 2017-07-31 21:25 - 000000000 ____D C:\inetpub
      2017-07-31 21:25 - 2017-02-10 12:26 - 001166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
      2017-07-31 21:25 - 2017-02-10 12:26 - 000124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
      2017-07-31 21:25 - 2017-02-10 12:26 - 000035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
      2017-07-31 21:25 - 2017-02-10 12:21 - 000778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
      2017-07-31 21:25 - 2017-02-10 12:21 - 000103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
      2017-07-31 21:25 - 2017-02-10 12:21 - 000035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
      2017-07-31 21:05 - 2017-07-31 21:05 - 000000000 ____D C:\ProgramData\USOShared
      2017-07-31 21:02 - 2017-07-31 21:02 - 000007623 _____ C:\WINDOWS\diagwrn.xml
      2017-07-31 21:02 - 2017-07-31 21:02 - 000007623 _____ C:\WINDOWS\diagerr.xml
      2017-07-31 21:01 - 2017-08-21 00:45 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
      2017-07-31 21:01 - 2017-08-18 14:07 - 000000000 ____D C:\WINDOWS\System32\Tasks\McAfee
      2017-07-31 21:01 - 2017-07-31 21:49 - 000003378 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2795087808-4149754552-4267205273-1001
      2017-07-31 21:01 - 2017-07-31 21:01 - 000023076 _____ C:\WINDOWS\system32\emptyregdb.dat
      2017-07-31 21:01 - 2017-07-31 21:01 - 000003546 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineUA
      2017-07-31 21:01 - 2017-07-31 21:01 - 000003322 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineCore
      2017-07-31 21:01 - 2017-07-31 21:01 - 000003118 _____ C:\WINDOWS\System32\Tasks\Intel PTT EK Recertification
      2017-07-31 21:01 - 2017-07-31 21:01 - 000002502 _____ C:\WINDOWS\System32\Tasks\HPEA3JOBS
      2017-07-31 21:01 - 2017-07-31 21:01 - 000002488 _____ C:\WINDOWS\System32\Tasks\HPAudioSwitch
      2017-07-31 21:01 - 2017-07-31 21:01 - 000002262 _____ C:\WINDOWS\System32\Tasks\DropboxOEM
      2017-07-31 21:01 - 2017-07-31 21:01 - 000002252 _____ C:\WINDOWS\System32\Tasks\HPJumpStartProvider
      2017-07-31 21:01 - 2017-07-31 21:01 - 000000000 ____D C:\WINDOWS\System32\Tasks\Hewlett-Packard
      2017-07-31 20:53 - 2017-07-31 20:53 - 000001519 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
      2017-07-31 20:51 - 2017-07-31 20:54 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate
      2017-07-31 20:50 - 2017-08-02 17:14 - 000000000 ____D C:\Users\Nori7
      2017-07-31 20:50 - 2017-07-31 20:50 - 000000000 _SHDL C:\Users\Nori7\Reciente
      2017-07-31 20:50 - 2017-07-31 20:50 - 000000000 _SHDL C:\Users\Nori7\Plantillas
      2017-07-31 20:50 - 2017-07-31 20:50 - 000000000 _SHDL C:\Users\Nori7\Mis documentos
      2017-07-31 20:50 - 2017-07-31 20:50 - 000000000 _SHDL C:\Users\Nori7\Menú Inicio
      2017-07-31 20:50 - 2017-07-31 20:50 - 000000000 _SHDL C:\Users\Nori7\Impresoras
      2017-07-31 20:50 - 2017-07-31 20:50 - 000000000 _SHDL C:\Users\Nori7\Entorno de red
      2017-07-31 20:50 - 2017-07-31 20:50 - 000000000 _SHDL C:\Users\Nori7\Documents\Mis vídeos
      2017-07-31 20:50 - 2017-07-31 20:50 - 000000000 _SHDL C:\Users\Nori7\Documents\Mis imágenes
      2017-07-31 20:50 - 2017-07-31 20:50 - 000000000 _SHDL C:\Users\Nori7\Documents\Mi música
      2017-07-31 20:50 - 2017-07-31 20:50 - 000000000 _SHDL C:\Users\Nori7\Datos de programa
      2017-07-31 20:50 - 2017-07-31 20:50 - 000000000 _SHDL C:\Users\Nori7\Configuración local
      2017-07-31 20:50 - 2017-07-31 20:50 - 000000000 _SHDL C:\Users\Nori7\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
      2017-07-31 20:50 - 2017-07-31 20:50 - 000000000 _SHDL C:\Users\Nori7\AppData\Local\Historial
      2017-07-31 20:50 - 2017-07-31 20:50 - 000000000 _SHDL C:\Users\Nori7\AppData\Local\Datos de programa
      2017-07-31 20:50 - 2017-07-31 20:50 - 000000000 _SHDL C:\Users\Nori7\AppData\Local\Archivos temporales de Internet
      2017-07-31 20:49 - 2017-08-21 00:50 - 002574792 _____ C:\WINDOWS\system32\PerfStringBackup.INI
      2017-07-31 20:49 - 2017-07-31 20:51 - 000000000 ____D C:\Program Files\Intel
      2017-07-31 20:49 - 2017-07-31 20:51 - 000000000 ____D C:\Program Files (x86)\Intel
      2017-07-31 20:49 - 2017-07-31 20:49 - 001981868 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI
      2017-07-31 20:49 - 2017-07-31 20:49 - 000000000 ____D C:\Program Files (x86)\VulkanRT
      2017-07-31 20:49 - 2017-07-31 20:49 - 000000000 _____ C:\WINDOWS\system32\GfxValDisplayLog.bin
      2017-07-31 20:49 - 2017-01-10 00:38 - 000122368 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL
      2017-07-31 20:49 - 2017-01-10 00:38 - 000104448 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.DLL
      2017-07-31 20:49 - 2016-11-23 02:23 - 000271648 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
      2017-07-31 20:49 - 2016-11-23 02:23 - 000110880 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
      2017-07-31 20:49 - 2016-11-23 02:22 - 000265504 _____ C:\WINDOWS\system32\vulkan-1.dll
      2017-07-31 20:49 - 2016-11-23 02:22 - 000125216 _____ C:\WINDOWS\system32\vulkaninfo.exe
      2017-07-31 20:48 - 2017-07-31 20:48 - 000016839 _____ C:\WINDOWS\system32\Drivers\rtkhdasetting.zip
      2017-07-31 20:48 - 2017-07-31 20:48 - 000001851 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DTS Audio Control.lnk
      2017-07-31 20:48 - 2017-07-31 20:48 - 000000000 ____D C:\WINDOWS\SysWOW64\sda
      2017-07-31 20:48 - 2017-07-31 20:48 - 000000000 ____D C:\WINDOWS\SysWOW64\RTCOM
      2017-07-31 20:48 - 2017-07-31 20:48 - 000000000 ____D C:\WINDOWS\system32\SRSLabs
      2017-07-31 20:48 - 2017-07-31 20:48 - 000000000 ____D C:\ProgramData\SRS Labs
      2017-07-31 20:48 - 2017-07-31 20:48 - 000000000 ____D C:\Program Files\Realtek
      2017-07-31 20:48 - 2017-03-18 22:56 - 002233344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
      2017-07-31 20:46 - 2017-08-21 00:49 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
      2017-07-31 19:59 - 2017-08-05 23:09 - 000000000 ___DC C:\WINDOWS\Panther
      2017-07-31 19:55 - 2017-07-31 19:59 - 000000036 _____ C:\WINDOWS\progress.ini
      2017-07-31 19:38 - 2017-07-31 19:55 - 000000000 ___HD C:\$GetCurrent
      2017-07-31 19:38 - 2017-07-31 19:38 - 000000000 ____D C:\Users\Nori7\AppData\Roaming\Hewlett-Packard
      2017-07-31 19:37 - 2017-07-31 21:49 - 000002406 _____ C:\Users\Nori7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
      2017-07-31 19:37 - 2017-07-31 21:49 - 000000000 ___RD C:\Users\Nori7\OneDrive
      2017-07-31 19:37 - 2017-07-31 19:37 - 000000000 ____D C:\Users\Nori7\AppData\Roaming\Skype
      2017-07-31 19:36 - 2017-07-31 19:36 - 000000000 ____D C:\Users\Nori7\AppData\Roaming\Macromedia
      2017-07-31 19:35 - 2017-07-31 20:16 - 000000000 ____D C:\Windows10Upgrade
      2017-07-31 19:35 - 2017-07-31 19:35 - 000000824 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Asistente para actualización a Windows 10.lnk
      2017-07-31 19:34 - 2017-08-01 14:18 - 000000000 ____D C:\Users\Nori7\AppData\Local\Comms
      2017-07-31 19:34 - 2017-07-31 19:57 - 000000000 ____D C:\Users\Nori7\AppData\Roaming\HP
      2017-07-31 19:34 - 2017-07-31 19:51 - 000000000 ____D C:\Users\Nori7\AppData\Local\PackageStaging
      2017-07-31 19:34 - 2017-07-31 19:34 - 000000000 ____D C:\Users\Nori7\Documents\My Bluetooth
      2017-07-31 19:34 - 2017-07-31 19:34 - 000000000 ____D C:\Users\Nori7\AppData\Roaming\DropboxOEM
      2017-07-31 19:34 - 2017-07-31 19:34 - 000000000 ____D C:\Users\Nori7\AppData\Local\Publishers
      2017-07-31 19:34 - 2017-07-31 19:34 - 000000000 ____D C:\Users\Nori7\AppData\Local\DropboxOEM
      2017-07-31 19:33 - 2017-08-21 00:50 - 000000000 __SHD C:\Users\Nori7\IntelGraphicsProfiles
      2017-07-31 19:33 - 2017-08-19 16:15 - 000000000 ____D C:\Users\Nori7\AppData\Local\VirtualStore
      2017-07-31 19:33 - 2017-08-05 17:02 - 000000000 ____D C:\Users\Nori7\AppData\Local\Packages
      2017-07-31 19:33 - 2017-08-05 16:21 - 000000000 ____D C:\Users\Nori7\AppData\Roaming\Adobe
      2017-07-31 19:33 - 2017-07-31 21:45 - 000000000 ____D C:\Users\Nori7\AppData\Local\ConnectedDevicesPlatform
      2017-07-31 19:33 - 2017-07-31 19:33 - 000000000 ____D C:\Users\Nori7\AppData\Local\TileDataLayer
      2017-07-31 19:31 - 2017-02-04 07:35 - 000000000 ___HD C:\Users\Nori7\Documents\hp.system.package.metadata
      2017-07-31 19:31 - 2017-02-04 07:35 - 000000000 ___HD C:\Users\Nori7\Documents\hp.applications.package.appdata
      2017-07-31 19:26 - 2017-07-31 19:26 - 000000000 ___SD C:\WINDOWS\UpdateAssistantV2
      2017-07-31 17:03 - 2017-07-31 17:03 - 000000000 _SHDL C:\Users\Public\Documents\Mis vídeos
      2017-07-31 17:03 - 2017-07-31 17:03 - 000000000 _SHDL C:\Users\Public\Documents\Mis imágenes
      2017-07-31 17:03 - 2017-07-31 17:03 - 000000000 _SHDL C:\Users\Public\Documents\Mi música
      2017-07-31 17:03 - 2017-07-31 17:03 - 000000000 _SHDL C:\Users\Default\Reciente
      2017-07-31 17:03 - 2017-07-31 17:03 - 000000000 _SHDL C:\Users\Default\Plantillas
      2017-07-31 17:03 - 2017-07-31 17:03 - 000000000 _SHDL C:\Users\Default\Mis documentos
      2017-07-31 17:03 - 2017-07-31 17:03 - 000000000 _SHDL C:\Users\Default\Menú Inicio
      2017-07-31 17:03 - 2017-07-31 17:03 - 000000000 _SHDL C:\Users\Default\Impresoras
      2017-07-31 17:03 - 2017-07-31 17:03 - 000000000 _SHDL C:\Users\Default\Entorno de red
      2017-07-31 17:03 - 2017-07-31 17:03 - 000000000 _SHDL C:\Users\Default\Documents\Mis vídeos
      2017-07-31 17:03 - 2017-07-31 17:03 - 000000000 _SHDL C:\Users\Default\Documents\Mis imágenes
      2017-07-31 17:03 - 2017-07-31 17:03 - 000000000 _SHDL C:\Users\Default\Documents\Mi música
      2017-07-31 17:03 - 2017-07-31 17:03 - 000000000 _SHDL C:\Users\Default\Datos de programa
      2017-07-31 17:03 - 2017-07-31 17:03 - 000000000 _SHDL C:\Users\Default\Configuración local
      2017-07-31 17:03 - 2017-07-31 17:03 - 000000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
      2017-07-31 17:03 - 2017-07-31 17:03 - 000000000 _SHDL C:\Users\Default\AppData\Local\Historial
      2017-07-31 17:03 - 2017-07-31 17:03 - 000000000 _SHDL C:\Users\Default\AppData\Local\Datos de programa
      2017-07-31 17:03 - 2017-07-31 17:03 - 000000000 _SHDL C:\Users\Default\AppData\Local\Archivos temporales de Internet
      2017-07-31 17:03 - 2017-07-31 17:03 - 000000000 _SHDL C:\Users\Default User\Documents\Mis vídeos
      2017-07-31 17:03 - 2017-07-31 17:03 - 000000000 _SHDL C:\Users\Default User\Documents\Mis imágenes
      2017-07-31 17:03 - 2017-07-31 17:03 - 000000000 _SHDL C:\Users\Default User\Documents\Mi música
      2017-07-31 17:03 - 2017-07-31 17:03 - 000000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
      2017-07-31 17:03 - 2017-07-31 17:03 - 000000000 _SHDL C:\Users\Default User\AppData\Local\Historial
      2017-07-31 17:03 - 2017-07-31 17:03 - 000000000 _SHDL C:\Users\Default User\AppData\Local\Datos de programa
      2017-07-31 17:03 - 2017-07-31 17:03 - 000000000 _SHDL C:\Users\Default User\AppData\Local\Archivos temporales de Internet
      2017-07-31 17:03 - 2017-07-31 17:03 - 000000000 _SHDL C:\ProgramData\Plantillas
      2017-07-31 17:03 - 2017-07-31 17:03 - 000000000 _SHDL C:\ProgramData\Microsoft\Windows\Start Menu\Programas
      2017-07-31 17:03 - 2017-07-31 17:03 - 000000000 _SHDL C:\ProgramData\Menú Inicio
      2017-07-31 17:03 - 2017-07-31 17:03 - 000000000 _SHDL C:\ProgramData\Escritorio
      2017-07-31 17:03 - 2017-07-31 17:03 - 000000000 _SHDL C:\ProgramData\Documentos
      2017-07-31 17:03 - 2017-07-31 17:03 - 000000000 _SHDL C:\ProgramData\Datos de programa
      2017-07-31 17:03 - 2017-07-31 17:03 - 000000000 _SHDL C:\Program Files\Archivos comunes
      2017-07-31 17:03 - 2017-07-31 17:03 - 000000000 _SHDL C:\Documents and Settings
      2017-07-31 17:03 - 2017-07-31 17:03 - 000000000 _SHDL C:\Archivos de programa

      ==================== One Month Modified files and folders ========

      (If an entry is included in the fixlist, the file/folder will be moved.)

      2017-08-21 00:50 - 2017-03-20 07:11 - 001170004 _____ C:\WINDOWS\system32\perfh00A.dat
      2017-08-21 00:50 - 2017-03-20 07:11 - 000280014 _____ C:\WINDOWS\system32\perfc00A.dat
      2017-08-21 00:45 - 2017-03-18 13:40 - 001572864 _____ C:\WINDOWS\system32\config\BBI
      2017-08-20 10:49 - 2017-03-18 23:03 - 000000000 ___HD C:\Program Files\WindowsApps
      2017-08-20 10:49 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\AppReadiness
      2017-08-19 23:08 - 2017-03-18 22:51 - 000000000 ____D C:\WINDOWS\CbsTemp
      2017-08-19 19:17 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\LiveKernelReports
      2017-08-19 16:12 - 2017-03-18 23:01 - 000000000 ____D C:\WINDOWS\INF
      2017-08-18 14:34 - 2017-02-04 09:34 - 000000000 ____D C:\ProgramData\mcafee
      2017-08-18 14:07 - 2017-03-18 23:03 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
      2017-08-18 14:07 - 2017-03-18 13:40 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
      2017-08-18 14:04 - 2017-02-04 09:30 - 000000000 ____D C:\Users\Administrador
      2017-08-11 23:39 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\rescache
      2017-08-09 19:36 - 2017-02-04 07:38 - 000000000 ____D C:\ProgramData\HP
      2017-08-09 19:32 - 2017-02-04 07:35 - 000000000 ____D C:\Program Files\HP
      2017-08-09 19:32 - 2017-02-04 07:35 - 000000000 ____D C:\Program Files (x86)\HP
      2017-08-09 19:27 - 2016-07-29 14:33 - 000000000 __RHD C:\Users\Public\AccountPictures
      2017-08-09 19:19 - 2017-03-18 23:03 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
      2017-08-09 19:19 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
      2017-08-09 19:19 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
      2017-08-09 19:19 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
      2017-08-09 19:19 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\system32\oobe
      2017-08-09 19:19 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\ShellExperiences
      2017-08-09 19:19 - 2017-03-18 23:03 - 000000000 ____D C:\Program Files\Windows Photo Viewer
      2017-08-09 19:19 - 2017-03-18 23:03 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
      2017-08-09 19:16 - 2017-03-20 07:11 - 000000000 ____D C:\WINDOWS\DigitalLocker
      2017-08-08 21:28 - 2017-02-04 07:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Orbit
      2017-08-08 21:28 - 2017-02-04 07:36 - 000000000 ____D C:\ProgramData\Package Cache
      2017-08-08 21:27 - 2016-08-23 21:10 - 000000000 ____D C:\SWSETUP
      2017-08-05 23:08 - 2017-03-20 07:11 - 000000000 ____D C:\WINDOWS\SysWOW64\winrm
      2017-08-05 23:08 - 2017-03-20 07:11 - 000000000 ____D C:\WINDOWS\SysWOW64\WCN
      2017-08-05 23:08 - 2017-03-20 07:11 - 000000000 ____D C:\WINDOWS\SysWOW64\slmgr
      2017-08-05 23:08 - 2017-03-20 07:11 - 000000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts
      2017-08-05 23:08 - 2017-03-20 07:11 - 000000000 ____D C:\WINDOWS\system32\winrm
      2017-08-05 23:08 - 2017-03-20 07:11 - 000000000 ____D C:\WINDOWS\system32\WCN
      2017-08-05 23:08 - 2017-03-20 07:11 - 000000000 ____D C:\WINDOWS\system32\slmgr
      2017-08-05 23:08 - 2017-03-20 07:11 - 000000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts
      2017-08-05 23:08 - 2017-03-18 23:03 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
      2017-08-05 23:08 - 2017-03-18 23:03 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
      2017-08-05 23:08 - 2017-03-18 23:03 - 000000000 ___SD C:\WINDOWS\system32\F12
      2017-08-05 23:08 - 2017-03-18 23:03 - 000000000 ___SD C:\WINDOWS\system32\dsc
      2017-08-05 23:08 - 2017-03-18 23:03 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
      2017-08-05 23:08 - 2017-03-18 23:03 - 000000000 ___RD C:\Program Files\Windows Defender
      2017-08-05 23:08 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
      2017-08-05 23:08 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\SysWOW64\en-GB
      2017-08-05 23:08 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
      2017-08-05 23:08 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\system32\migwiz
      2017-08-05 23:08 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\system32\en-GB
      2017-08-05 23:08 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
      2017-08-05 23:08 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\IME
      2017-08-05 23:08 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\Help
      2017-08-05 23:08 - 2017-03-18 23:03 - 000000000 ____D C:\Program Files\Common Files\System
      2017-08-05 23:08 - 2017-03-18 23:03 - 000000000 ____D C:\Program Files (x86)\Windows Defender
      2017-08-05 23:08 - 2017-03-18 13:40 - 000000000 ____D C:\WINDOWS\servicing
      2017-08-05 16:57 - 2017-03-18 23:03 - 000000000 ___RD C:\WINDOWS\PrintDialog
      2017-08-02 22:16 - 2017-03-18 23:03 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
      2017-08-02 22:16 - 2017-03-18 23:03 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
      2017-08-02 22:13 - 2016-07-16 13:47 - 000000199 _____ C:\WINDOWS\win.ini
      2017-08-02 22:12 - 2017-02-04 07:39 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
      2017-08-02 09:56 - 2017-02-04 09:29 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
      2017-08-02 09:56 - 2017-02-04 09:09 - 000000000 ____D C:\ProgramData\WildTangent
      2017-08-02 09:56 - 2017-02-04 09:09 - 000000000 ____D C:\Program Files (x86)\WildTangent Games
      2017-08-01 19:28 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\system32\NDF
      2017-08-01 14:40 - 2017-02-04 09:34 - 000000000 ____D C:\Program Files\Common Files\AV
      2017-08-01 08:14 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\appcompat
      2017-08-01 00:10 - 2017-02-04 08:57 - 000000000 ____D C:\ProgramData\Hewlett-Packard
      2017-07-31 22:55 - 2017-02-04 07:37 - 000000000 ____D C:\ProgramData\Apple
      2017-07-31 21:45 - 2017-03-18 23:03 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
      2017-07-31 21:43 - 2017-03-18 23:06 - 000000000 ____D C:\WINDOWS\Setup
      2017-07-31 21:25 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\SysWOW64\MUI
      2017-07-31 21:25 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\system32\MUI
      2017-07-31 21:25 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\system32\inetsrv
      2017-07-31 21:25 - 2017-03-18 22:59 - 000204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisRtl.dll
      2017-07-31 21:25 - 2017-03-18 22:59 - 000172544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisRtl.dll
      2017-07-31 21:25 - 2017-03-18 22:59 - 000054272 _____ (Microsoft Corporation) C:\WINDOWS\system32\admwprox.dll
      2017-07-31 21:25 - 2017-03-18 22:59 - 000053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ahadmin.dll
      2017-07-31 21:25 - 2017-03-18 22:59 - 000049664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\admwprox.dll
      2017-07-31 21:25 - 2017-03-18 22:59 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ahadmin.dll
      2017-07-31 21:25 - 2017-03-18 22:59 - 000019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisreset.exe
      2017-07-31 21:25 - 2017-03-18 22:59 - 000016896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisreset.exe
      2017-07-31 21:25 - 2017-03-18 22:59 - 000015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wamregps.dll
      2017-07-31 21:25 - 2017-03-18 22:59 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\cngkeyhelper.dll
      2017-07-31 21:25 - 2017-03-18 22:59 - 000013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisrstap.dll
      2017-07-31 21:25 - 2017-03-18 22:59 - 000011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wamregps.dll
      2017-07-31 21:25 - 2017-03-18 22:59 - 000011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cngkeyhelper.dll
      2017-07-31 21:25 - 2017-03-18 22:59 - 000010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisrstap.dll
      2017-07-31 21:05 - 2017-03-18 23:03 - 000000000 ____D C:\ProgramData\USOPrivate
      2017-07-31 21:03 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
      2017-07-31 21:03 - 2017-03-18 23:03 - 000000000 ____D C:\Program Files\Windows NT
      2017-07-31 21:02 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\Registration
      2017-07-31 21:01 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
      2017-07-31 20:58 - 2017-03-20 07:13 - 000000000 ____D C:\WINDOWS\HoloShell
      2017-07-31 20:57 - 2017-03-18 23:03 - 000000000 __RHD C:\Users\Public\Libraries
      2017-07-31 20:54 - 2017-02-04 07:35 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support
      2017-07-31 20:52 - 2017-03-20 07:12 - 000000000 ____D C:\WINDOWS\OCR
      2017-07-31 20:52 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\system32\spool
      2017-07-31 20:51 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\SysWOW64\inetsrv
      2017-07-31 20:49 - 2017-03-18 13:40 - 000000000 ____D C:\WINDOWS\system32\Sysprep
      2017-07-31 19:34 - 2016-08-23 21:10 - 000000000 ___HD C:\SYSTEM.SAV
      2017-07-31 19:33 - 2017-02-04 09:01 - 000000000 ____D C:\Intel
      2017-07-31 19:30 - 2017-02-04 07:38 - 000002143 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox 25 GB.lnk
      2017-07-31 19:30 - 2017-02-04 07:38 - 000000000 ____D C:\Program Files (x86)\Dropbox
      2017-07-31 19:27 - 2017-02-04 07:38 - 000001032 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
      2017-07-31 19:27 - 2017-02-04 07:38 - 000001028 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
      2017-07-31 17:15 - 2017-03-18 23:06 - 000835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
      2017-07-31 17:15 - 2017-03-18 23:06 - 000177648 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl

      ==================== Files in the root of some directories =======

      sigu en 4

    9. #9
      Usuario Avatar de Nori777
      Registrado
      nov 2008
      Ubicación
      Madrid
      Mensajes
      16

      re: Malwarebytes no inicia correctamente (error 0xc0000279) (Solucionado)

      4.2-Addition
      Additional scan result of Farbar Recovery Scan Tool (x64) Version: 20-08-2017
      Ran by Nori7 (21-08-2017 00:54:48)
      Running from C:\Users\Nori7\Desktop
      Windows 10 Home Version 1703 (X64) (2017-07-31 19:43:51)
      Boot Mode: Normal
      ==========================================================


      ==================== Accounts: =============================

      Administrador (S-1-5-21-2795087808-4149754552-4267205273-500 - Administrator - Disabled)
      DefaultAccount (S-1-5-21-2795087808-4149754552-4267205273-503 - Limited - Disabled)
      Invitado (S-1-5-21-2795087808-4149754552-4267205273-501 - Limited - Disabled)
      Nori7 (S-1-5-21-2795087808-4149754552-4267205273-1001 - Administrator - Enabled) => C:\Users\Nori7

      ==================== Security Center ========================

      (If an entry is included in the fixlist, it will be removed.)

      AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
      AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
      AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
      AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
      FW: Avast Antivirus (Enabled) {B693136B-F6EE-DD1C-A0EF-229B8B0B29C4}

      ==================== Installed Programs ======================

      (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

      µTorrent (HKU\S-1-5-21-2795087808-4149754552-4267205273-1001\...\uTorrent) (Version: 3.5.0.43916 - BitTorrent Inc.)
      Adobe Photoshop Lightroom 5.6 64-bit (HKLM\...\{D19E99C2-6D9D-4075-B446-B4387EAF70A5}) (Version: 5.6.0 - Adobe Systems Incorporated)
      Apple Application Support (32 bits) (HKLM-x32\...\{D2FE6376-E549-4F63-A2C5-CA24DA035DE4}) (Version: 5.6 - Apple Inc.)
      Apple Application Support (64 bits) (HKLM\...\{BB109E24-EE90-485B-A28B-ADDEFB40540B}) (Version: 5.6 - Apple Inc.)
      Apple Mobile Device Support (HKLM\...\{0A596141-97D5-45FA-9281-98DFAF48D579}) (Version: 10.3.2.3 - Apple Inc.)
      Apple Software Update (HKLM-x32\...\{52D87F32-70E4-4348-8148-C0B9F35B1314}) (Version: 2.3.0.177 - Apple Inc.)
      Asistente para actualización a Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22175 - Microsoft Corporation)
      Avast Premier (HKLM-x32\...\Avast Antivirus) (Version: 17.5.2303 - AVAST Software)
      Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
      CCleaner (HKLM\...\CCleaner) (Version: 5.33 - Piriform)
      Collage Maker (HKLM-x32\...\{05F2884D-89AC-4DE4-A63D-7DB3FE3398DC}) (Version: 3.80 - Galleria Software)
      CyberLink Power Media Player 14 (HKLM-x32\...\{32C8E300-BDB4-4398-92C2-E9B7D8A233DB}) (Version: 14.0.5.6909 - CyberLink Corp.)
      CyberLink PowerDirector 14 (HKLM-x32\...\{6BADCD73-E925-46F7-A295-FF2448632728}) (Version: 14.0.2.3309 - CyberLink Corp.)
      Dropbox 25 GB (HKLM-x32\...\{0867A88D-764F-366E-9E21-130DA8B472C3}) (Version: 3.1.18.0 - Dropbox, Inc.)
      Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.59.1 - Dropbox, Inc.) Hidden
      Eines de correcció del Microsoft Office 2013: català (HKLM\...\{90150000-001F-0403-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
      Energy Star (HKLM\...\{5CB22648-35F8-41BC-9C35-1E41FE6E12A5}) (Version: 1.1.1 - HP Inc.)
      Ferramentas de verificación de Microsoft Office 2013 - Galego (HKLM\...\{90150000-001F-0456-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
      File Renamer - Basic (HKLM-x32\...\File Renamer - Basic) (Version: 6.3 - Sherrod Computers)
      FileASSASSIN (HKLM-x32\...\FileASSASSIN) (Version: 1.06 - Malwarebytes)
      Freemake Video Converter versión 4.1.9 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.9 - Ellora Assets Corporation)
      Google Chrome (HKLM-x32\...\Google Chrome) (Version: 60.0.3112.101 - Google Inc.)
      Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
      Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.123 - Google Inc.) Hidden
      Hardcopy (HKLM-x32\...\Hardcopy) (Version: 2017.02.01 - Hardcopy für Windows - Ein Tastendruck und Ihr Bildschirm oder Fenster wird ausgedruckt oder abgespeichert.)
      HP Audio Switch (HKLM-x32\...\{439BB4C2-432F-474A-9EAE-D933E4772FDC}) (Version: 1.0.137.0 - HP Inc.)
      HP Documentation (HKLM\...\HP_Documentation) (Version: 1.0.0.2 - HP Inc.)
      HP ePrint SW (HKLM-x32\...\{b0ebf7ff-6b1a-4a92-9c85-6915be1962b9}) (Version: 5.1.19895 - HP Inc.)
      HP JumpStart Bridge (HKLM-x32\...\{EB0912FF-C311-4E0F-A6B1-420FDD3C295E}) (Version: 1.3.0.407 - HP Inc.)
      HP JumpStart Launch (HKLM-x32\...\{B90CB0DE-2E60-41C4-9857-466EB98192BF}) (Version: 1.1.158.0 - HP Inc.)
      HP LaserJet Pro MFP M127-M128 (HKLM-x32\...\{3b050369-8d19-413d-9dec-84ff278472eb}) (Version: 15.0.15309.1258 - Hewlett-Packard)
      HP Orbit (HKLM-x32\...\{82b971c1-85fa-4c53-ada1-4ec6be0c0c8a}) (Version: 3.5.171.271 - HP Inc.)
      HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.8357.5639 - HP Inc.)
      HP Support Assistant (HKLM-x32\...\{6FA09B91-5D97-45A9-95E9-50F635C98043}) (Version: 8.4.19.3 - HP Inc.)
      HP Support Solutions Framework (HKLM-x32\...\{85B05AF8-EA5F-447E-9F05-A7C62013EF45}) (Version: 12.7.27.15 - HP Inc.)
      HP Sure Connect (HKLM-x32\...\{6468C4A5-E47E-405F-B675-A70A70983EA6}) (Version: 1.0.0.27 - HP Inc.)
      HP System Event Utility (HKLM-x32\...\{29E20347-C62F-4657-938E-876A182B67F1}) (Version: 1.4.14 - HP Inc.)
      HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
      hppLaserJetService (HKLM-x32\...\{0C4C3664-157A-4D69-B474-31EBF2EE1AE3}) (Version: 009.033.00926 - Hewlett-Packard) Hidden
      hppM125LaserJetService (HKLM-x32\...\{18D5B189-DBDD-4E57-A84B-58C7700E9BB0}) (Version: 001.032.00682 - Hewlett-Packard) Hidden
      hpStatusAlerts (HKLM-x32\...\{7504A7B0-003E-4875-A454-B627E127E9D9}) (Version: 100.040.00218 - Hewlett Packard) Hidden
      hpStatusAlertsM127-M128 (HKLM-x32\...\{10D7EBAF-A550-48CD-8511-7D947184EE44}) (Version: 080.046.00112 - Hewlett-Packard) Hidden
      Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.4.1186 - Intel Corporation)
      Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 21.20.16.4574 - Intel Corporation)
      Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.8.7.1051 - Intel Corporation)
      iTunes (HKLM\...\{02F95875-9527-49CC-B32F-970ADAEBD1EF}) (Version: 12.6.2.20 - Apple Inc.)
      Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4420.1017 - Microsoft Corporation)
      Microsoft OneDrive (HKU\S-1-5-21-2795087808-4149754552-4267205273-1001\...\OneDriveSetup.exe) (Version: 17.3.6943.0625 - Microsoft Corporation)
      Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
      Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
      Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
      Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
      Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
      Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
      Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
      Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
      Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
      Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23506 (HKLM-x32\...\{3ee5e5bb-b7cc-4556-8861-a00a82977d6c}) (Version: 14.0.23506.0 - Microsoft Corporation)
      Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23506 (HKLM-x32\...\{23daf363-3020-4059-b3ae-dc4ad39fed19}) (Version: 14.0.23506.0 - Microsoft Corporation)
      Mozilla Firefox 55.0.2 (x64 es-ES) (HKLM\...\Mozilla Firefox 55.0.2 (x64 es-ES)) (Version: 55.0.2 - Mozilla)
      Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 54.0.1 - Mozilla)
      Outils de vérification linguistique 2013 de Microsoft Office*- Français (HKLM\...\{90150000-001F-040C-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
      PrintFolder Pro (Trial Version) (HKLM-x32\...\PrintFolder Pro 3.3_is1) (Version: - )
      QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
      REALTEK Bluetooth Driver (HKLM-x32\...\{9D3D8C60-A5EF-4123-B2B9-172095903AB}) (Version: 1.0.0.53 - REALTEK Semiconductor Corp.)
      Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10586.31225 - Realtek Semiconductor Corp.)
      Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.10.714.2016 - Realtek)
      Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7904 - Realtek Semiconductor Corp.)
      REALTEK Wireless LAN Driver (HKLM-x32\...\{A5107464-AA9B-4177-8129-5FF2F42DD322}) (Version: 1.0.0.75 - REALTEK Semiconductor Corp.)
      Revisores de Texto do Microsoft Office 2013 – Português do Brasil (HKLM\...\{90150000-001F-0416-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
      RFFlow (HKLM-x32\...\RFFlow) (Version: - )
      SafeZone Stable 4.58.2552.909 (HKLM-x32\...\SafeZone 4.58.2552.909) (Version: 4.58.2552.909 - Avast Software) Hidden
      Software para dispositivos de chipset Intel® (HKLM-x32\...\{d9719db8-d532-496c-9f2b-eeb1f69f7d89}) (Version: 10.1.1.34 - Intel(R) Corporation) Hidden
      Unlocker 1.9.1-x64 (HKLM\...\Unlocker) (Version: 1.9.1 - Cedrick Collomb)
      VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.6 - VideoLAN)
      Vulkan Run Time Libraries 1.0.33.0 (HKLM\...\VulkanRT1.0.33.0) (Version: 1.0.33.0 - LunarG, Inc.)
      WinRAR 5.40 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
      Wondershare Data Recovery(Build 5.0.8.5) (HKLM-x32\...\{FEA3976F-D621-45F3-AFBD-E812A1F2F00D}_is1) (Version: 5.0.8.5 - Wondershare Software Co.,Ltd.)
      Wondershare Filmora(Build 7.8.0) (HKLM-x32\...\Wondershare Filmora_is1) (Version: - Wondershare Software)
      Wondershare Helper Compact 2.5.2 (HKLM-x32\...\{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.5.2 - Wondershare)
      Wondershare PDF Converter Pro (Build 4.1.0) (HKLM-x32\...\{67CC8351-9D8B-4EDF-AAEE-B8CB17E5F3AC}_is1) (Version: 4.1.0 - Wondershare Software)
      Wondershare Video Converter Ultimate(Build 8.0.5.1) (HKLM-x32\...\Wondershare Video Converter Ultimate_is1) (Version: 8.0.5.1 - Wondershare Software)

      ==================== Custom CLSID (Whitelisted): ==========================

      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

      ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-08-18] (AVAST Software)
      ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-08-18] (AVAST Software)
      ContextMenuHandlers1: [WondershareVideoConverterFileOpreation] -> {FEB746CA-95C2-485F-B386-C30D4E56D22E} => C:\WINDOWS\SysWOW64\WSCM64.dll [2014-10-24] ()
      ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-08-18] (AVAST Software)
      ContextMenuHandlers3-x32: [FAExt] -> {05672D66-9736-42F5-8BEB-FA1DD3CA51C4} => C:\Program Files (x86)\FileASSASSIN\FileASSASSINExt.dll [2007-03-31] (Malwarebytes)
      ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
      ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\120228.inf_amd64_c772f4f0caf23c5b\igfxDTCM.dll [2017-01-10] (Intel Corporation)
      ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-08-18] (AVAST Software)

      ==================== Scheduled Tasks (Whitelisted) =============

      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

      Task: {0161C374-3060-4207-B1AA-092F1C5AD419} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2012-10-01] (Microsoft Corporation)
      Task: {08CB1E13-CB4F-482A-9075-601555A7EAE2} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2017-08-18] (AVAST Software)
      Task: {0B923DFF-09EF-4DB8-BF7F-BBD13E8DAD96} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2016-11-07] (HP Inc.)
      Task: {24D3A5BB-A9B1-4875-84C9-5AA77C20EB95} - System32\Tasks\HPEA3JOBS => C:\Program [Argument = Files\HP\HP ePrint\hpeprint.exe /CheckJobs]
      Task: {2E22254D-3EB7-4293-9A41-34BA4BDEBF0A} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2017-07-31] (Dropbox, Inc.)
      Task: {4C543054-D1AD-4044-BE8B-14319976093E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-08-18] (Google Inc.)
      Task: {834CEA09-EDF3-4DEF-A282-1DDDA4AFD0FC} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2017-06-22] (HP Inc.)
      Task: {852D26FF-646E-465C-8273-5492E4E845B5} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [2017-06-28] (HP Inc.)
      Task: {8F57405F-C64E-48E6-B5A1-49A4D55362E5} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [2016-02-19] (Intel(R) Corporation)
      Task: {941B1C30-620D-4F3D-A98D-DB46DF477324} - System32\Tasks\SafeZone scheduled Autoupdate 1503060816 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2017-08-04] (Avast Software)
      Task: {9655218E-4762-4F4B-91A2-1DBE1AB0208F} - System32\Tasks\DropboxOEM => C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe [2016-09-21] ()
      Task: {9AF4BA5C-8AF5-4A6E-8A62-749691C9E66B} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
      Task: {A3FA5C9C-0E6F-450C-9C4C-873B04BD4164} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-08-18] (Google Inc.)
      Task: {A72DF555-AC0C-4E88-9EB4-2B30D513B144} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
      Task: {AAE96E43-EBAC-4B65-829F-870153BB445E} - System32\Tasks\hcdll2_ex_Win32 => C:\Program Files (x86)\Hardcopy\hcdll2_ex_Win32.exe [2016-02-03] ()
      Task: {B327489F-F591-4413-B9B1-4C30512BBADA} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2017-07-31] (Dropbox, Inc.)
      Task: {C3C12EC0-2577-4617-9166-9B2D542FFF6E} - System32\Tasks\McAfee Cleanup => C:\Users\Nori7\AppData\Local\Temp\MCPR.tmp\mccleanup.exe <==== ATTENTION
      Task: {D05741DD-A14C-4076-97D8-D7BA6403B997} - System32\Tasks\hcdll2_ex_x64 => C:\Program Files (x86)\Hardcopy\hcdll2_ex_x64.exe [2016-02-03] ()
      Task: {D61B8ED5-4FC0-40AA-B88D-F1B6E197C3CE} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2017-04-07] (HP Inc.)
      Task: {D74DB929-C5CC-4533-A359-8EFADC82E56E} - System32\Tasks\HPAudioSwitch => C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe [2016-08-24] (HP Inc.)
      Task: {D91E91AD-5AB4-44C9-93C7-9931929DE758} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-08-03] (Piriform Ltd)
      Task: {D9B184C1-D814-499D-8DC7-458ACA3B12D1} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-12-07] (HP Inc.)
      Task: {DE91725B-FAD3-4393-8BF3-E51FC877E746} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2017-04-07] (HP Inc.)
      Task: {E7327EAC-3298-4669-86A0-23CAD90B03B1} - System32\Tasks\HPJumpStartProvider => C:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartProvider.exe
      Task: {F5F57DD5-4812-4787-979D-FC34DA6F5522} - System32\Tasks\HPCeeScheduleForNori7 => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2016-05-12] (HP Development Company, L.P.)
      Task: {F743E5DE-676F-4E67-84BC-508160EF06D2} - System32\Tasks\Microsoft Office 15 Sync Maintenance for DESKTOP-LVB98V2-Nori7 DESKTOP-LVB98V2 => C:\Program Files\Microsoft Office\Office15\MsoSync.exe [2012-10-01] (Microsoft Corporation)

      (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

      Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
      Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
      Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
      Task: C:\WINDOWS\Tasks\HPCeeScheduleForNori7.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
      Task: C:\WINDOWS\Tasks\McAfee Cleanup.job => C:\Users\Nori7\AppData\Local\Temp\MCPR.tmp\mccleanup.exeć-p mpfpcu,mpfp,mps,shred,mpscu,mskcu,msk,emproxy,mas,fwdriver,hw,mbk,mcproxy,mhn,mqccu,mqc,shrd,nmc,redir,mna,mwl,msad,vs,msc,mcpr -log C:\Users\Nori7\AppData\Local\Temp -w C:\Users\Nori7\AppData\Local\Temp\MCPR.tmp <==== ATTENTION

      ==================== Shortcuts & WMI ========================

      (The entries could be listed to be restored or removed.)


      ==================== Loaded Modules (Whitelisted) ==============

      2017-07-13 20:50 - 2017-07-13 20:50 - 000092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
      2017-07-13 20:50 - 2017-07-13 20:50 - 001354040 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
      2017-02-04 09:02 - 2015-11-19 16:44 - 000127192 _____ () C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe
      2017-08-09 18:30 - 2016-11-20 11:10 - 000163000 _____ () C:\Program Files (x86)\Hardcopy\HcDLL2_49_x64.dll
      2017-08-09 18:30 - 2016-02-03 10:12 - 000062232 _____ () C:\Program Files (x86)\Hardcopy\hcdll2_ex_Win32.exe
      2017-08-09 18:30 - 2016-02-03 10:12 - 000077592 _____ () C:\Program Files (x86)\Hardcopy\hcdll2_ex_x64.exe
      2017-03-18 22:58 - 2017-03-18 22:58 - 000138000 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
      2017-03-18 22:59 - 2017-03-20 07:13 - 001731072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
      2017-08-03 10:41 - 2017-08-03 10:41 - 000077824 _____ () C:\Program Files\CCleaner\lang\lang-1034.dll
      2017-08-09 21:06 - 2017-08-09 21:06 - 000156672 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\BRIDGECommon\ec1bf00101186d73e34a0f73a8f293c8\BRIDGECommon.ni.dll
      2017-08-09 21:08 - 2017-08-09 21:08 - 000331776 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\CleanStartController\6a27b96e1c01a8c9757282a1295a4882\CleanStartController.ni.dll
      2017-08-09 21:08 - 2017-08-09 21:08 - 000116736 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\BridgeExtension\7c1a71c0f1add0c99d5ee3047396283e\BridgeExtension.ni.dll
      2017-08-09 21:08 - 2017-08-09 21:08 - 000070656 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\NativeInterop\997973ea88a1717dd17208bc2982029c\NativeInterop.ni.dll
      2017-08-09 18:30 - 2016-02-03 08:58 - 000072984 _____ () C:\Program Files (x86)\Hardcopy\hardcopy_06.dll
      2017-08-09 18:30 - 2016-11-20 11:10 - 000148664 _____ () C:\Program Files (x86)\Hardcopy\HcDLL2_49_Win32.dll
      2017-08-18 14:43 - 2017-08-18 14:43 - 000170224 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
      2017-08-18 14:43 - 2017-08-18 14:43 - 001065936 _____ () C:\Program Files\AVAST Software\Avast\AvChrome.dll
      2017-08-18 14:43 - 2017-08-18 14:43 - 067109376 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
      2017-08-18 14:43 - 2017-08-18 14:43 - 000192664 _____ () C:\Program Files\AVAST Software\Avast\event_routing_rpc.dll
      2017-08-18 14:43 - 2017-08-18 14:43 - 000224256 _____ () C:\Program Files\AVAST Software\Avast\tasks_core.dll
      2017-08-18 14:43 - 2017-08-18 14:43 - 000292920 _____ () C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll
      2017-08-18 14:43 - 2017-08-18 14:43 - 000689272 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
      2017-08-09 18:30 - 2017-02-01 05:47 - 003662008 _____ () C:\Program Files (x86)\Hardcopy\HcDllS.dll

      ==================== Alternate Data Streams (Whitelisted) =========

      (If an entry is included in the fixlist, only the ADS will be removed.)


      ==================== Safe Mode (Whitelisted) ===================

      (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


      ==================== Association (Whitelisted) ===============

      (If an entry is included in the fixlist, the registry item will be restored to default or removed.)


      ==================== Internet Explorer trusted/restricted ===============

      (If an entry is included in the fixlist, it will be removed from the registry.)


      ==================== Hosts content: ==========================

      (If needed Hosts: directive could be included in the fixlist to reset Hosts.)

      2016-07-16 13:47 - 2017-08-04 18:13 - 000003764 _____ C:\WINDOWS\system32\Drivers\etc\hosts

      127.0.0.1 activate.adobe.com
      127.0.0.1 practivate.adobe.com
      127.0.0.1 209.34.83.73:443
      127.0.0.1 209.34.83.73:43
      127.0.0.1 209.34.83.67:443
      127.0.0.1 209.34.83.67:43
      127.0.0.1 ood.opsource.net
      127.0.0.1 199.7.52.190:80
      127.0.0.1 OCSP.SPO1.VERISIGN.COM
      127.0.0.1 199.7.54.72:80
      127.0.0.1 192.150.14.69
      127.0.0.1 192.150.18.101
      127.0.0.1 192.150.18.108
      127.0.0.1 192.150.22.40
      127.0.0.1 192.150.8.100
      127.0.0.1 192.150.8.118
      127.0.0.1 209-34-83-73.ood.opsource.net
      127.0.0.1 3dns-1.adobe.com
      127.0.0.1 3dns-2.adobe.com
      127.0.0.1 3dns-3.adobe.com
      127.0.0.1 3dns-4.adobe.com
      127.0.0.1 3dns.adobe.com
      127.0.0.1 activate-sea.adobe.com
      127.0.0.1 activate-sjc0.adobe.com
      127.0.0.1 activate.wip.adobe.com
      127.0.0.1 activate.wip1.adobe.com
      127.0.0.1 activate.wip2.adobe.com
      127.0.0.1 activate.wip3.adobe.com
      127.0.0.1 activate.wip4.adobe.com
      127.0.0.1 adobe-dns-1.adobe.com

      ==================== Other Areas ============================

      (Currently there is no automatic fix for this section.)

      HKU\S-1-5-21-2795087808-4149754552-4267205273-1001\Control Panel\Desktop\\Wallpaper -> C:\MG\Imagenes\Fondo\Fondo para HP.jpg
      DNS Servers: 80.58.61.250 - 80.58.61.254
      HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
      HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
      Windows Firewall is enabled.

      ==================== MSCONFIG/TASK MANAGER disabled items ==

      HKLM\...\StartupApproved\Run: => "iTunesHelper"
      HKLM\...\StartupApproved\Run32: => "DelaypluginInstall"
      HKLM\...\StartupApproved\Run32: => "ProductUpdater"
      HKLM\...\StartupApproved\Run32: => "StatusAlerts"
      HKU\S-1-5-21-2795087808-4149754552-4267205273-1001\...\StartupApproved\Run: => "OneDrive"

      ==================== FirewallRules (Whitelisted) ===============

      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

      FirewallRules: [{AF4421E4-3A2F-471B-8DBA-60F676D0F889}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\Movie\PowerDVD Cinema\PowerDVDCinema.exe
      FirewallRules: [{9B6DFA50-650D-4E21-ADEE-CD1120B6D9BD}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\Movie\PowerDVDMovie.exe
      FirewallRules: [{BE5A12F9-FDC9-4795-ABB3-3B80027B6B39}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\Kernel\DMS\CLMSServerPDVD14.exe
      FirewallRules: [{27FDE2CB-0B96-4E87-B64C-665749BAE139}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD.exe
      FirewallRules: [{0A6BB744-CFF0-4E86-8DFE-FB51230F70D0}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
      FirewallRules: [{D46BFDF0-F9D6-4ADC-844D-0E49FC62E03B}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
      FirewallRules: [{74BE3AA8-744D-474E-88A7-1AB66155D174}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
      FirewallRules: [{6503EAC7-6CBD-4179-9E75-09497ED44216}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
      FirewallRules: [{E33B3C25-9EC1-4287-A63D-F19B6194A11F}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
      FirewallRules: [{40E9362B-0558-43A3-915E-7F9BB8D666FD}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
      FirewallRules: [{4674FB5D-48B0-4837-8D8D-AE91F7DED430}] => (Allow) C:\Program Files\iTunes\iTunes.exe
      FirewallRules: [{D5283AAC-FC69-415C-BF6C-17396283E4A5}] => (Allow) C:\Users\Nori7\AppData\Roaming\uTorrent\uTorrent.exe
      FirewallRules: [{5E57FFB8-9AA7-4231-863F-5F8623FB878A}] => (Allow) C:\Users\Nori7\AppData\Roaming\uTorrent\uTorrent.exe
      FirewallRules: [{A8E7B7B9-F91F-477D-81C2-4EC8F270427B}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
      FirewallRules: [{648B9A52-C687-4DCB-904D-7EC042485287}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
      FirewallRules: [{00546BF0-A50A-4D33-A7D5-ADB1F8149B07}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
      FirewallRules: [{6E0CBF59-132A-455E-BB46-ACB5C4044E82}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
      FirewallRules: [{A33CC214-862B-4172-AE18-1D6F027FAE76}] => (Allow) C:\Program Files\HP\HP Orbit Service\HPOrbitService.exe
      FirewallRules: [{AEE76DA6-EC11-4DFB-B837-8346B43DDDB1}] => (Allow) LPort=13148
      FirewallRules: [{B8B6903C-1A26-4BA1-B30F-587021575295}] => (Allow) C:\Program Files\HP\HP LaserJet Pro MFP M127-M128\bin\SendAFax.exe
      FirewallRules: [{6C3274D0-A4B0-4CA0-A6A0-52D38E948CFF}] => (Allow) C:\Program Files\HP\HP LaserJet Pro MFP M127-M128\Bin\HPNetworkCommunicatorCom.exe
      FirewallRules: [{D332C966-9A82-43E8-A2AE-0EC199B5345C}] => (Allow) C:\Program Files\HP\HP LaserJet Pro MFP M127-M128\bin\FaxPrinterUtility.exe
      FirewallRules: [{81133CB7-CC88-4802-8301-5FD8D9E1869B}] => (Allow) C:\Program Files (x86)\HP\HP LaserJet Pro MFP M127-M128\bin\FaxApplications.exe
      FirewallRules: [{E50BADA7-2E8B-481F-B75A-AFAE1A1CC6BC}] => (Allow) C:\Program Files (x86)\HP\HP LaserJet Pro MFP M127-M128\Bin\HPNetworkCommunicatorCom.exe
      FirewallRules: [{2FC1022C-C648-40C9-9F28-DD1C28899728}] => (Allow) C:\Program Files (x86)\HP\HP LaserJet Pro MFP M127-M128\bin\EWSProxy.exe
      FirewallRules: [{0B7F159B-DE26-48A1-A87D-EB946F7E86CE}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      FirewallRules: [{A956C2BC-46E1-486B-8AB0-2F84EB432D3C}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\3.55.2393.609\SZBrowser.exe
      FirewallRules: [{786F14CB-B80B-49DA-BAE9-2880FFC9CDCB}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\4.58.2552.909\SZBrowser.exe

      ==================== Restore Points =========================

      11-08-2017 00:46:49 Installed Collage Maker
      18-08-2017 21:17:07 Punto de control programado

      ==================== Faulty Device Manager Devices =============


      ==================== Event log errors: =========================

      Application errors:
      ==================
      Error: (08/21/2017 12:54:48 AM) (Source: Perflib) (EventID: 1008) (User: )
      Description: Error del procedimiento de apertura para el servicio "BITS" en el archivo DLL "C:\Windows\System32\bitsperf.dll". Los datos de rendimiento para este servicio no estarán disponibles. Los primeros cuatro bytes (DWORD) de la sección de datos contienen el código de error.

      Error: (08/20/2017 11:04:26 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: DESKTOP-LVB98V2)
      Description: Se detuvo el paquete Microsoft.Windows.ShellExperienceHost_10.0.15063.332_neutral_neutral_cw5n1h2txyewy+App porque se tardó demasiado en suspender.

      Error: (08/19/2017 0303 PM) (Source: Perflib) (EventID: 1008) (User: )
      Description: Error del procedimiento de apertura para el servicio "BITS" en el archivo DLL "C:\Windows\System32\bitsperf.dll". Los datos de rendimiento para este servicio no estarán disponibles. Los primeros cuatro bytes (DWORD) de la sección de datos contienen el código de error.

      Error: (08/18/2017 02:42:07 PM) (Source: Perflib) (EventID: 1008) (User: )
      Description: Error del procedimiento de apertura para el servicio "BITS" en el archivo DLL "C:\Windows\System32\bitsperf.dll". Los datos de rendimiento para este servicio no estarán disponibles. Los primeros cuatro bytes (DWORD) de la sección de datos contienen el código de error.

      Error: (08/18/2017 01:09:24 PM) (Source: Perflib) (EventID: 1008) (User: )
      Description: Error del procedimiento de apertura para el servicio "WmiApRpl" en el archivo DLL "C:\WINDOWS\system32\wbem\wmiaprpl.dll". Los datos de rendimiento para este servicio no estarán disponibles. Los primeros cuatro bytes (DWORD) de la sección de datos contienen el código de error.

      Error: (08/18/2017 01:09:24 PM) (Source: PerfNet) (EventID: 2004) (User: )
      Description: No se puede abrir el objeto de rendimiento del servicio del servidor. Los primeros cuatro bytes (DWORD) de la sección de datos contienen el código de estado.

      Error: (08/18/2017 01:09:23 PM) (Source: Perflib) (EventID: 1008) (User: )
      Description: Error del procedimiento de apertura para el servicio "MSDTC" en el archivo DLL "C:\WINDOWS\system32\msdtcuiu.DLL". Los datos de rendimiento para este servicio no estarán disponibles. Los primeros cuatro bytes (DWORD) de la sección de datos contienen el código de error.

      Error: (08/18/2017 01:09:22 PM) (Source: Perflib) (EventID: 1008) (User: )
      Description: Error del procedimiento de apertura para el servicio "Lsa" en el archivo DLL "C:\Windows\System32\Secur32.dll". Los datos de rendimiento para este servicio no estarán disponibles. Los primeros cuatro bytes (DWORD) de la sección de datos contienen el código de error.

      Error: (08/18/2017 01:09:22 PM) (Source: Perflib) (EventID: 1008) (User: )
      Description: Error del procedimiento de apertura para el servicio "ESENT" en el archivo DLL "C:\WINDOWS\system32\esentprf.dll". Los datos de rendimiento para este servicio no estarán disponibles. Los primeros cuatro bytes (DWORD) de la sección de datos contienen el código de error.

      Error: (08/18/2017 01:09:22 PM) (Source: Perflib) (EventID: 1008) (User: )
      Description: Error del procedimiento de apertura para el servicio "BITS" en el archivo DLL "C:\Windows\System32\bitsperf.dll". Los datos de rendimiento para este servicio no estarán disponibles. Los primeros cuatro bytes (DWORD) de la sección de datos contienen el código de error.


      System errors:
      =============
      Error: (08/21/2017 12:50:35 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
      Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID
      {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
      y APPID
      {4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
      al usuario NT AUTHORITY\SERVICIO LOCAL con SID (S-1-5-19) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.

      Error: (08/21/2017 12:50:35 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
      Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID
      {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
      y APPID
      {4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
      al usuario NT AUTHORITY\SERVICIO LOCAL con SID (S-1-5-19) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.

      Error: (08/21/2017 12:45:48 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
      Description: El servicio CldFlt no pudo iniciarse debido al siguiente error:
      Solicitud no compatible.

      Error: (08/21/2017 12:45:06 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
      Description: El módulo de extensibilidad de WLAN se detuvo inesperadamente.

      Ruta de acceso del módulo: C:\WINDOWS\system32\Rtlihvs.dll

      Error: (08/21/2017 12:45:06 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
      Description: El módulo de extensibilidad de WLAN se detuvo inesperadamente.

      Ruta de acceso del módulo: C:\WINDOWS\system32\Rtlihvs.dll

      Error: (08/21/2017 12:45:02 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
      Description: El módulo de extensibilidad de WLAN se detuvo inesperadamente.

      Ruta de acceso del módulo: C:\WINDOWS\system32\Rtlihvs.dll

      Error: (08/21/2017 12:44:46 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
      Description: El servicio Windows Presentation Foundation Font Cache 3.0.0.0 terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 0 milisegundos: Reiniciar el servicio.

      Error: (08/21/2017 12:44:46 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
      Description: El servicio Apple Mobile Device Service terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 60000 milisegundos: Reiniciar el servicio.

      Error: (08/21/2017 12:44:45 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
      Description: El servicio HP JumpStart Bridge terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 60000 milisegundos: Reiniciar el servicio.

      Error: (08/21/2017 12:44:45 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
      Description: El servicio HP Orbit Service se terminó de manera inesperada. Esto ha sucedido 1 veces.


      CodeIntegrity:
      ===================================
      Date: 2017-08-18 15:02:31.874
      Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

      Date: 2017-08-18 15:02:31.871
      Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

      Date: 2017-08-18 14:44:58.100
      Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

      Date: 2017-08-18 14:44:58.097
      Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

      Date: 2017-08-18 14:30:01.653
      Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

      Date: 2017-08-18 14:06:33.203
      Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

      Date: 2017-08-18 14:06:33.195
      Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.


      ==================== Memory info ===========================

      Processor: Intel(R) Core(TM) i5-6200U CPU @ 2.30GHz
      Percentage of memory in use: 26%
      Total physical RAM: 8085.41 MB
      Available physical RAM: 5947.68 MB
      Total Virtual: 9365.41 MB
      Available Virtual: 7257.3 MB

      ==================== Drives ================================

      Drive c: (Windows) (Fixed) (Total:919.16 GB) (Free:786.57 GB) NTFS
      Drive d: (RECOVERY) (Fixed) (Total:11.12 GB) (Free:1.32 GB) NTFS ==>[system with boot components (obtained from drive)]
      Drive g: (TOSHIBA EXT) (Fixed) (Total:465.76 GB) (Free:173.14 GB) NTFS

      ==================== MBR & Partition Table ==================

      ========================================================
      Disk: 0 (Size: 931.5 GB) (Disk ID: 5319834D)

      Partition: GPT.

      ========================================================
      Disk: 1 (MBR Code: Windows 7 or Vista) (Size: 465.8 GB) (Disk ID: 669F4BE5)
      Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)

      ==================== End of Addition.txt ============================
      sigue en 5

    10. #10
      Usuario Avatar de Nori777
      Registrado
      nov 2008
      Ubicación
      Madrid
      Mensajes
      16

      re: Malwarebytes no inicia correctamente (error 0xc0000279) (Solucionado)

      Por último, te agradecería me indicases , si es de este foro, los programas de proteccion que deberíamos tener instalados para intentar, en lo posible, infecciones como ésta.

      Gracias de nuevo y un saludo

    Página 1 de 2 12 ÚltimoÚltimo