Alerta Riskware (Akamai.La y Notepad)

MrJay · 2 Noviembre, 2019 13:28

Buenas tardes, resulta que recientemente el servicio de informatica de mi facultad se ha puesto en contacto conmigo para avisarme de que han detectado actividades de mineria de datos en mi portatil y hoy he instalado Malwarebytes para ver de qué se trataba además de Adwcleaner.

Tras realizar un analisis con ambos programas el resultado que muestran es que todo está en orden pero desde que instalé Malwarebytes me sale una notificación cada poco tiempo diciendo que está bloqueando un sitio web al que el ordenador no hace más que intentar conectarse de nuevo sin yo mediar en ello.

Agradecería muchísimo si alguien pudiera a ayudarme a eliminar este problema ya que me urgen mucho que lo arregle desde el servicio de la facultad para volver a tener acceso a la red de la universidad.

JavierHF · 2 Noviembre, 2019 13:58

Hola @MrJay y Bienvenido al Foro.!!!

Que programa/s tienes abierto cuando te aparece ese mensaje de bloqueo de malwarebytes…??

Que navegadores usas habitualmente y que version de windows tienes…??

Saludos.

MrJay · 2 Noviembre, 2019 16:20

Hola, el mensaje me aparece sin estar haciendo nada en el ordenador, simplemente lo enciendo y no para de salir el aviso hasta que lo vuelvo a apagar. Estoy usando Firefox en su última versión y Windows 10

JavierHF · 2 Noviembre, 2019 16:41

Bien… pues ahora realiza estos pasos :

Desactiva temporalmente el Antivirus Cómo deshabilitar temporalmente su Antivirus, mientras estemos realizando TODOS los pasos.

Descargar en TU ESCRITORIO(y NO en otro lugar )

Farbar Recovery Scan Tool. seleccionando la versión adecuada para la arquitectura(32 o 64bits) de tu equipo. Como saber si Mi Windows es de 32 o 64 Bits ?.

Farbar Recovery Scan Tool.-

Ejecuta FRST.exe.
En el mensaje de la ventana del Disclaimer, pulsamos Yes
En la ventana principal pulsamos en el botón Scan y esperamos a que concluya el proceso.
Se abrirán dos(2) archivos(Logs), Frst.txt y Addition.txt, estos quedaran grabados en el escritorio.

Poner los dos informes en tu próxima respuesta.

Debes copiarlos y pegarlos con todo su contenido y usaras varios mensajes si recibes un mensaje de error indicando que es muy largo(mas de 50.000 caracteres aprox.).

Saludos.

MrJay · 4 Noviembre, 2019 12:09

Hola, perdón por la tardanza pero aquí están los logs:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 01-11-2019
Ran by Jaime (administrator) on DESKTOP-PNQ37HS (HP HP Pavilion Notebook) (04-11-2019 12:58:30)
Running from D:\Downloads
Loaded Profiles: Jaime (Available Profiles: Jaime)
Platform: Windows 10 Pro Version 1903 18362.418 (X64) Language: Español (España, internacional)
Default browser: FF
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(Hewlett-Packard Company -> HP) C:\Windows\System32\HPSIsvc.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(HP Inc. -> HP) C:\Program Files (x86)\HP\HP Wireless Button Driver\HPRadioMgr64.exe
(HP) [File not signed] C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
(IDSA Production signing key -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe
(IDSA Production signing key -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe
(IDSA Production signing key -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAUpdateService.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\dptf_helper.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(Intel Corporation -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel Corporation -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\jhi_service.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki130350.inf_amd64_696b7c6764071b63\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki130350.inf_amd64_696b7c6764071b63\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki130350.inf_amd64_696b7c6764071b63\IntelCpHDCPSvc.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki130350.inf_amd64_696b7c6764071b63\IntelCpHeciSvc.exe
(Intel(R) Software Development Products -> ) C:\Program Files\Intel\SUR\QUEENCREEK\SurSvc.exe
(Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.12026.20218.0_x64__8wekyb3d8bbwe\HxOutlook.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.12026.20218.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11910.1001.5.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeSH.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SecurityHealthHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SecurityHealthHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SecurityHealthHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUI.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\systeminfo.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1910.4-0\MsMpEng.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPEnhService.exe
(Unified Intents AB -> Unified Intents AB) D:\Program Files (x86)\Unified Remote 3\RemoteServerWin.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9270216 2018-05-10] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM-x32\...\Run: [HPRadioMgr] => C:\Program Files (x86)\HP\HP Wireless Button Driver\HPRadioMgr64.exe [324600 2017-04-25] (HP Inc. -> HP)
HKLM-x32\...\Run: [HPUsageTrackingLEDM] => "C:\Program Files (x86)\HP\HP UT LEDM\bin\hppusg.exe" "C:\Program Files (x86)\HP\HP UT LEDM\"
HKLM-x32\...\Run: [TeamsMachineInstaller] => C:\Program Files (x86)\Teams Installer\Teams.exe [94792424 2019-07-11] (Microsoft Corporation -> Microsoft Corporation)
HKLM-x32\...\Run: [Intel Driver & Support Assistant] => C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe [138088 2019-10-16] (IDSA Production signing key -> Intel)
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-3535584231-1191769911-767922632-1001\...\Run: [c8fb284e] => C:\ProgramData\c8fb284e\c8fb284e.exe C:\ProgramData\c8fb284e\c8fb284e.au3
HKU\S-1-5-21-3535584231-1191769911-767922632-1001\...\Run: [Unified Remote V3] => D:\Program Files (x86)\Unified Remote 3\RemoteServerWin.exe [3187384 2017-12-13] (Unified Intents AB -> Unified Intents AB)
HKU\S-1-5-21-3535584231-1191769911-767922632-1001\...\RunOnce: [c8fb284e] => C:\ProgramData\c8fb284e\c8fb284e.exe C:\ProgramData\c8fb284e\c8fb284e.au3
HKU\S-1-5-21-3535584231-1191769911-767922632-1001\...\RunOnce: [c8fb284e2] => C:\ProgramData\iyJLxR\c8fb284e.exe [937776 2019-11-04] (AutoIt Consulting Ltd -> AutoIt Team)
HKU\S-1-5-21-3535584231-1191769911-767922632-1001\...\MountPoints2: {e7590023-ac57-11e9-a89c-ace2d36a6b97} - "E:\OnePlus_setup.exe" /s
GroupPolicy: Restriction ? <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {00734BCD-DC28-409D-99EC-443A3184F7CA} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [653864 2019-09-05] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {04F1F8DB-7621-4CA5-B3F0-B6F723E62BCC} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1133608 2019-09-05] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {07F399C1-45EA-4365-9F44-3629A429D396} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1910.4-0\MpCmdRun.exe [469928 2019-10-29] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {07F59D60-9587-4D3F-A804-B84B615899BF} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [913448 2019-09-05] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {07F77EED-1EB2-48C4-B291-C1277AEF13FB} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [860016 2019-08-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {136B9290-534C-4CA5-9F89-CF8ADC711CB8} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3310688 2019-09-05] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {13CD210C-9C8B-455D-B3C2-15F953D74CDA} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1094008 2019-10-10] (HP Inc. -> HP Inc.)
Task: {145D892D-48B6-4242-9F3E-2B1BFC5DC01D} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1133608 2019-09-05] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {18F44850-F5F3-4D5A-B347-3B81BEB1E1DF} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1910.4-0\MpCmdRun.exe [469928 2019-10-29] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {192980BC-FE04-43F9-9565-6643D90D313E} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [913448 2019-09-05] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {19E1A875-4426-418F-8F33-D7C12BFF0215} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
Task: {21D1896A-7954-48D4-888A-7144CE6C7282} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1133608 2019-09-05] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {2627DF68-F099-43A0-A24A-6965028CE136} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [655736 2019-07-31] (HP Inc. -> HP Inc.)
Task: {287B3190-70DF-4D6A-B6E0-E7D1C73B9753} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [156432 2019-10-26] (Microsoft Corporation -> Microsoft Corporation)
Task: {3B97A570-0254-46DA-B5DB-59B892A65673} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2349384 2019-10-26] (Microsoft Corporation -> Microsoft Corporation)
Task: {4E058A56-1F96-453F-9998-607C74E8A00E} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2170264 2019-10-26] (Microsoft Corporation -> Microsoft Corporation)
Task: {4E2B9B5A-0500-4362-A9EF-7D6D842314FB} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [6304872 2019-10-26] (Microsoft Corporation -> Microsoft Corporation)
Task: {580D9589-B965-4579-941E-004A45BA6A06} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [250232 2019-10-08] (HP Inc. -> HP Inc.)
Task: {66C37999-271A-4897-A968-65DC3D509298} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [27289376 2019-10-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {755ABA52-A377-4034-86C5-4DF251ACD3B0} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2170264 2019-10-26] (Microsoft Corporation -> Microsoft Corporation)
Task: {9A18BCAC-F8BC-49D4-A881-70B28475D416} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1506680 2019-06-14] (HP Inc. -> HP Inc.)
Task: {A3D456CB-6E24-472F-BC77-62EFEB53BFFB} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [198696 2016-11-07] (HP Inc. -> HP Inc.)
Task: {B0A3A7C2-4965-46FA-A6AF-09DB9023FB00} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [18168 2017-07-13] (Intel(R) Software Asset Manager -> Intel Corporation)
Task: {B853818A-B0AF-40E5-960C-4E73793B6F80} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1094008 2019-10-10] (HP Inc. -> HP Inc.)
Task: {C4D9A731-8A33-4B98-82C3-0617686EDB0A} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [144248 2019-10-10] (HP Inc. -> HP Inc.)
Task: {C7F9A63C-1D7B-443A-8A79-284CAECBC36A} - System32\Tasks\USER_ESRV_SVC_QUEENCREEK => "C:\Windows\System32\Wscript.exe" //B //NoLogo "C:\Program Files\Intel\SUR\QUEENCREEK\x64\task.vbs"
Task: {D4262E81-1CAA-4C1B-BD86-9C750475A3C1} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [27289376 2019-10-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {D44DFFC7-F523-4862-96DA-36E8B766DD8F} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [860016 2019-08-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D5E56C07-898E-4157-B4D5-F4A4F3F86B4A} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [156432 2019-10-26] (Microsoft Corporation -> Microsoft Corporation)
Task: {D6E8717E-549B-45CC-B32F-73877087AA19} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1910.4-0\MpCmdRun.exe [469928 2019-10-29] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {D9F45914-28B9-4C77-8B86-7245E223CDAE} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [18168 2017-07-13] (Intel(R) Software Asset Manager -> Intel Corporation)
Task: {DA7A6075-846F-4D00-A8A2-7C65E8AB2E95} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [655736 2019-07-31] (HP Inc. -> HP Inc.)
Task: {E33F059F-72F6-4DC5-A156-619003CE6D45} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1133608 2019-09-05] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {E3A06116-9B8B-4193-9666-C49854300C26} - System32\Tasks\HPCeeScheduleForJaime => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [97656 2018-09-11] (HP Inc. -> HP Inc.)
Task: {E684E498-903E-46B4-AC82-48ABDD791283} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1910.4-0\MpCmdRun.exe [469928 2019-10-29] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {E7E2C148-E5BD-4AEC-9D39-677A49DEBB69} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1506680 2019-06-14] (HP Inc. -> HP Inc.)
Task: {F3D72900-7C31-4903-9CE0-315FA936B532} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [6304872 2019-10-26] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\HPCeeScheduleForJaime.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{87fca4d3-75ce-4ef1-9f2d-628113a9e96d}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{a4033c40-3e13-46e7-861b-05f3f0349780}: [DhcpNameServer] 62.81.16.213 62.81.29.254

Internet Explorer:
==================
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2019-06-26] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2019-04-04] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-10-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-10-02] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-10-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-10-02] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-10-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-10-02] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-10-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-10-02] (Microsoft Corporation -> Microsoft Corporation)

FireFox:
========
FF DefaultProfile: ryowm884.default
FF ProfilePath: C:\Users\Jaime\AppData\Roaming\Mozilla\Firefox\Profiles\ryowm884.default [2019-11-04]
FF Extension: (Integración con GNOME Shell) - C:\Users\Jaime\AppData\Roaming\Mozilla\Firefox\Profiles\ryowm884.default\Extensions\[email protected] [2018-07-11]
FF Extension: (I don't care about cookies) - C:\Users\Jaime\AppData\Roaming\Mozilla\Firefox\Profiles\ryowm884.default\Extensions\[email protected] [2019-10-11]
FF Extension: (uBlock Origin) - C:\Users\Jaime\AppData\Roaming\Mozilla\Firefox\Profiles\ryowm884.default\Extensions\[email protected] [2019-10-25]
FF Extension: (Netflix 1080p) - C:\Users\Jaime\AppData\Roaming\Mozilla\Firefox\Profiles\ryowm884.default\Extensions\{89d04aec-e93f-4f56-b77c-f2295051c13e}.xpi [2019-06-10]
FF Extension: (Video DownloadHelper) - C:\Users\Jaime\AppData\Roaming\Mozilla\Firefox\Profiles\ryowm884.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2019-07-08]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension
FF Extension: (SmartPrintButton) - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension [2011-01-26] [Legacy] [not signed]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2019-06-26] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.3 -> D:\Program Files\VideoLAN\VLC\npvlc.dll [2019-06-11] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.6 -> D:\Program Files\VideoLAN\VLC\npvlc.dll [2019-06-11] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.7.1 -> D:\Program Files\VideoLAN\VLC\npvlc.dll [2019-06-11] (VideoLAN -> VideoLAN)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2019-04-04] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2019-04-04] (Microsoft Corporation -> Microsoft Corporation)

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8395968 2019-11-01] (BattlEye Innovations e.K. -> )
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11636808 2019-10-18] (Microsoft Corporation -> Microsoft Corporation)
R2 DSAService; C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe [34664 2019-10-16] (IDSA Production signing key -> Intel)
R3 DSAUpdateService; C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAUpdateService.exe [105320 2019-10-16] (IDSA Production signing key -> Intel)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [803440 2019-05-26] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
R2 esifsvc; C:\WINDOWS\System32\Intel\DPTF\esif_uf.exe [1705592 2017-11-28] (Intel Corporation -> Intel Corporation)
S3 ESRV_SVC_QUEENCREEK; C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe [937208 2018-12-19] (Intel(R) Software Development Products -> )
R2 HP LaserJet Service; C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [136704 2009-06-24] (HP) [File not signed]
S3 hpqcaslwmiex; C:\Program Files (x86)\HP\Shared\hpqwmiex.exe [1031704 2016-06-03] (Hewlett-Packard Company -> HP)
R2 HPSIService; C:\Windows\system32\HPSIsvc.exe [126880 2012-09-27] (Hewlett-Packard Company -> HP)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [360312 2019-10-14] (HP Inc. -> HP Inc.)
R2 ibtsiva; C:\WINDOWS\System32\ibtsiva.exe [529912 2018-12-21] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
S3 Intel(R) SUR QC SAM; C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [18168 2017-07-13] (Intel(R) Software Asset Manager -> Intel Corporation)
R2 jhi_service; C:\WINDOWS\System32\jhi_service.exe [648184 2019-02-19] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation)
S2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6744288 2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [860016 2019-08-27] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [860016 2019-08-27] (NVIDIA Corporation -> NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2403120 2019-10-22] (Electronic Arts, Inc. -> Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3282736 2019-10-22] (Electronic Arts, Inc. -> Electronic Arts)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [265664 2018-05-10] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5796168 2019-09-14] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 SynTPEnhService; C:\WINDOWS\System32\SynTPEnhService.exe [406368 2019-07-25] (Synaptics Incorporated -> Synaptics Incorporated)
R2 SystemUsageReportSvc_QUEENCREEK; C:\Program Files\Intel\SUR\QUEENCREEK\SurSvc.exe [195832 2018-12-19] (Intel(R) Software Development Products -> )
S3 USER_ESRV_SVC_QUEENCREEK; C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe [937208 2018-12-19] (Intel(R) Software Development Products -> )
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1910.4-0\NisSrv.exe [3201616 2019-10-29] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1910.4-0\MsMpEng.exe [103168 2019-10-29] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [4059744 2018-10-26] (Intel Corporation -> Intel® Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000 

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 Accelerometer; C:\WINDOWS\System32\drivers\Accelerometer.sys [53904 2019-07-22] (HP Inc. -> HP)
S3 BEDaisy; C:\Program Files (x86)\Common Files\BattlEye\BEDaisy.sys [2839408 2019-11-01] (BattlEye Innovations e.K. -> )
R3 dptf_cpu; C:\WINDOWS\System32\drivers\dptf_cpu.sys [70088 2017-11-28] (Intel Corporation -> Intel Corporation)
R3 esif_lf; C:\WINDOWS\System32\drivers\esif_lf.sys [383432 2017-11-28] (Intel Corporation -> Intel Corporation)
R0 hpdskflt; C:\WINDOWS\System32\drivers\hpdskflt.sys [41104 2019-07-22] (HP Inc. -> HP)
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [257528 2019-07-10] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [20936 2019-06-26] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 Netwtw04; C:\WINDOWS\System32\drivers\Netwtw04.sys [8725496 2019-07-02] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvhmi.inf_amd64_a789ce567b843668\nvlddmkm.sys [22738296 2019-10-23] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30336 2019-07-23] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [69840 2019-03-19] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [75600 2019-07-18] (NVIDIA Corporation -> NVIDIA Corporation)
S3 qcusbnet; C:\WINDOWS\System32\drivers\qcusbnet.sys [428600 2017-03-15] (Microsoft Windows Hardware Compatibility Publisher -> QUALCOMM Incorporated)
S3 qcusbser; C:\WINDOWS\system32\DRIVERS\qcusbser.sys [254520 2017-03-15] (Microsoft Windows Hardware Compatibility Publisher -> QUALCOMM Incorporated)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [984032 2017-07-26] (Realtek Semiconductor Corp. -> Realtek )
R3 RTSPER; C:\WINDOWS\System32\drivers\RtsPer.sys [878528 2018-05-13] (Realtek Semiconductor Corp. -> Realsil Semiconductor Corporation)
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [49208 2019-07-25] (Synaptics Incorporated -> Synaptics Incorporated)
R3 uvhid; C:\WINDOWS\System32\drivers\uvhid.sys [28128 2017-12-13] (Unified Intents AB -> Windows (R) Win 7 DDK provider)
S3 VBoxNetAdp; C:\WINDOWS\system32\DRIVERS\VBoxNetAdp6.sys [213216 2018-10-15] (Oracle Corporation -> Oracle Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [46472 2019-10-29] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [351968 2019-10-29] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [53984 2019-10-29] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [35392 2019-08-06] (HP Inc. -> HP)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

MrJay · 4 Noviembre, 2019 12:15

==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

Error(1) reading file: "C:\ProgramData\zNMgHO"
2019-11-04 12:57 - 2019-11-04 12:58 - 000000000 ____D C:\FRST
2019-11-02 18:17 - 2019-11-02 18:17 - 000000000 ____D C:\ProgramData\QRWqneZ
2019-11-02 14:05 - 2019-11-02 14:05 - 000000000 ____D C:\Users\Jaime\AppData\Local\mbam
2019-11-02 14:04 - 2019-11-02 17:23 - 000153312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2019-11-02 14:04 - 2019-11-02 14:04 - 000000000 ____D C:\Users\Jaime\AppData\Local\mbamtray
2019-11-02 14:04 - 2019-11-02 14:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-11-02 14:04 - 2019-11-02 14:04 - 000000000 ____D C:\ProgramData\Malwarebytes
2019-11-02 14:04 - 2019-11-02 14:04 - 000000000 ____D C:\Program Files\Malwarebytes
2019-11-02 14:04 - 2019-06-26 13:00 - 000020936 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2019-11-02 13:56 - 2019-11-02 13:56 - 000000000 ____D C:\ProgramData\zOVdiE
2019-11-02 13:56 - 2019-11-02 13:56 - 000000000 ____D C:\ProgramData\zJRqPr
2019-11-02 13:56 - 2019-11-02 13:56 - 000000000 ____D C:\ProgramData\zFLsUQI
2019-11-02 13:56 - 2019-11-02 13:56 - 000000000 ____D C:\ProgramData\YXWZMmh
2019-11-02 13:56 - 2019-11-02 13:56 - 000000000 ____D C:\ProgramData\yWpQPLyj
2019-11-02 13:56 - 2019-11-02 13:56 - 000000000 ____D C:\ProgramData\ywllHHcv
2019-11-02 13:56 - 2019-11-02 13:56 - 000000000 ____D C:\ProgramData\YVMdyJA
2019-11-02 13:56 - 2019-11-02 13:56 - 000000000 ____D C:\ProgramData\yOBYjwAa
2019-11-02 13:56 - 2019-11-02 13:56 - 000000000 ____D C:\ProgramData\WvziDhOws
2019-11-02 13:56 - 2019-11-02 13:56 - 000000000 ____D C:\ProgramData\werczxMbL
2019-11-02 13:56 - 2019-11-02 13:56 - 000000000 ____D C:\ProgramData\VOQoaqh
2019-11-02 13:56 - 2019-11-02 13:56 - 000000000 ____D C:\ProgramData\ufjlfIcr
2019-11-02 13:56 - 2019-11-02 13:56 - 000000000 ____D C:\ProgramData\tybfLMOgR
2019-11-02 13:56 - 2019-11-02 13:56 - 000000000 ____D C:\ProgramData\toFWsfUIk
2019-11-02 13:56 - 2019-11-02 13:56 - 000000000 ____D C:\ProgramData\STcRML
2019-11-02 13:56 - 2019-11-02 13:56 - 000000000 ____D C:\ProgramData\SsQnvzq
2019-11-02 13:56 - 2019-11-02 13:56 - 000000000 ____D C:\ProgramData\sjqhFz
2019-11-02 13:56 - 2019-11-02 13:56 - 000000000 ____D C:\ProgramData\rZygGsvWv
2019-11-02 13:56 - 2019-11-02 13:56 - 000000000 ____D C:\ProgramData\QWBfyEfq
2019-11-02 13:56 - 2019-11-02 13:56 - 000000000 ____D C:\ProgramData\QObYlu
2019-11-02 13:56 - 2019-11-02 13:56 - 000000000 ____D C:\ProgramData\PYXrcwwwL
2019-11-02 13:56 - 2019-11-02 13:56 - 000000000 ____D C:\ProgramData\pmwClWBT
2019-11-02 13:56 - 2019-11-02 13:56 - 000000000 ____D C:\ProgramData\PEjGCWCg
2019-11-02 13:56 - 2019-11-02 13:56 - 000000000 ____D C:\ProgramData\OYfVBRlVk
2019-11-02 13:56 - 2019-11-02 13:56 - 000000000 ____D C:\ProgramData\OQdUjsR
2019-11-02 13:56 - 2019-11-02 13:56 - 000000000 ____D C:\ProgramData\OMzQTHJ
2019-11-02 13:56 - 2019-11-02 13:56 - 000000000 ____D C:\ProgramData\nPjNsRY
2019-11-02 13:56 - 2019-11-02 13:56 - 000000000 ____D C:\ProgramData\mTngjCE
2019-11-02 13:56 - 2019-11-02 13:56 - 000000000 ____D C:\ProgramData\lQezIhgtH
2019-11-02 13:56 - 2019-11-02 13:56 - 000000000 ____D C:\ProgramData\kSaCTRj
2019-11-02 13:56 - 2019-11-02 13:56 - 000000000 ____D C:\ProgramData\ITGeajCqJ
2019-11-02 13:56 - 2019-11-02 13:56 - 000000000 ____D C:\ProgramData\IGJldWO
2019-11-02 13:56 - 2019-11-02 13:56 - 000000000 ____D C:\ProgramData\HRzfrBhn
2019-11-02 13:56 - 2019-11-02 13:56 - 000000000 ____D C:\ProgramData\hiUMja
2019-11-02 13:56 - 2019-11-02 13:56 - 000000000 ____D C:\ProgramData\GtdMmx
2019-11-02 13:56 - 2019-11-02 13:56 - 000000000 ____D C:\ProgramData\FuXRmBPxE
2019-11-02 13:56 - 2019-11-02 13:56 - 000000000 ____D C:\ProgramData\ffzgwUpl
2019-11-02 13:56 - 2019-11-02 13:56 - 000000000 ____D C:\ProgramData\fBsygZ
2019-11-02 13:56 - 2019-11-02 13:56 - 000000000 ____D C:\ProgramData\EjraDqP
2019-11-02 13:56 - 2019-11-02 13:56 - 000000000 ____D C:\ProgramData\cNCGLQ
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\ZzzxXxj
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\zZxPkMTxk
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\zZWdtvy
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\zzqLvSKgQ
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\zZNWcv
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\zYqsanJZb
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\zYQATY
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\zyKHvo
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\zYCegDgrh
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\zyBIYY
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\ZXYyqKpyv
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\ZxTWGxFE
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\zxrKsOoX
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\ZxNZzqcAm
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\ZxJZVmGUr
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\ZxhliO
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\zWANAOoZB
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\ZVzSpQ
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\zvFwzkvU
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\ZVeKszgv
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\zuWuOrI
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\ZUVXbx
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\ZuRUZm
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\ZURiut
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\ZUnJvtE
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\zULkGbjZt
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\ZUBcxIyK
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\zTzHwGrx
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\ZtZeCUX
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\ztXzCIgo
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\ZTSRMf
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\zTIvYV
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\ZSYsoHBF
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\zSUiuSn
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\ZsUIlaC
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\ZsppCm
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\zScORtAg
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\ZRRNZpSF
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\zreyBO
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\ZRbzYS
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\zqNwzNZc
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\ZQmpSCdBI
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\ZqEpyuO
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\ZQBCpyhnt
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\zQAKRw
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\ZpZWnq
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\zpZHYXf
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\ZPzGulkXJ
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\zpyPaQTF
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\ZpUzWml
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\ZpmhnGBpV
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\zpkcOy
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\zoobiDSK
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\zoMaxQ
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\ZoLwXdll
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\zOAEBJWD
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\ZnzNquzI
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\ZnMnFWm
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\zNFxUSiC
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\ZnCuNVhp
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\ZncdiFtI
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\zMsXbjvzb
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\zmNrYichv
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\ZMmxEuxx
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\zmigJqh
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\zMcWDyUtz
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\zmcQwoq
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\ZlZtKeN
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\zltBiKuV
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\zlqQyMA
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\ZKsyLdWTS
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\zKSRJr
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\ZKrAxk
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\ZKPGPozFZ
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\zknhjCiDd
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\ZKLmrwXlE
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\ZkgfxVm
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\ZkcFcy
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\ZjicnrQY
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\zjgxcTAwV
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\zJgKGmPsY
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\ZJCQxzVxo
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\ZIqxwcI
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\ZIPMJdObk
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\zIKCsKX
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\zikAWNem
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\ZiECWa
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\ZIBsVSrB
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\ZHYHpo
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\zHwRQwCwF
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\zHUPaHJVb
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\Zhpqpgu
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\zHCGoe
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\zhATrcDXD
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\ZgXwTtzW
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\zGVRyodTO
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\ZGSzjbrh
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\ZGqKdms
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\zgMzoQh
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\zGcLfEIa
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\zFsoIZ
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\zFRrTMS
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\ZfOPEZ
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\ZFMhqm
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\ZFhzHSZ
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\ZFfDumT
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\zeXtxm
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\zEOqgqcuV
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\ZdWjBmkvW
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\ZDshVsLn
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\zDpSNI
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\ZdnKIbTDY
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\ZDdLMM
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\zdAKkxgFP
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\zcYMypJ
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\zcwXuzXVo
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\ZcnjkWx
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\zcMeTIlBB
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\ZCHeBe
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\zBqlVI
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\ZBIohELua
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\zBbtyLAz
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\zaRTYD
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\zAHIVXbhy
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\ZAAqWBd
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\yYwvHp
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\yYUSOXzSF
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\YYmWWVAv
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\yyLnQD
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\yYhYqGRC
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\yxuJZVCs
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\YXqxsBQ
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\YxLTlQ
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\yXKXpq
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\yXjZmyXu
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\YXDWrFy
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\yWZKxxHLP
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\ywWwwWBH
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\YwwvEvUmZ
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\yWOLPm
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\ywMmhNcH
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\yvWBahdB
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\yvVCGYNE
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\YvTaIjf
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\YvMJbBea
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\YvgaCr
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\YvAnmYk
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\YuxKsNiuu
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\yuULnGIg
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\yuuiyb
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\yutGEJAiw
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\YUsVMwu
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\yUOUgFc
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\YuLoviZP
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\yUhiBgf
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\YuepvX
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\YTuYZH
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\YTQsObh
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\ytoqqxp
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\YTnhCSa
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\ytlSXon
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\ythvZGN
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\ytDffyUKb
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\YTBVnTFOa
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\ysYssDOEi
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\YsVLUWuJ
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\ysTgselt
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\yrqKXVnHP
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\YQZCrLyZ
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\yqxbBBbP
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\YQsThURIs
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\yQmFqWx
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\yQEkMo
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\yqbhDE
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\ypTqhkVo
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\yPnZVs
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\YpnOkDsd
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\YPNAgIOM
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\yPGogWx
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\YolbuyS
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\YOKPDdOz
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\ynxPkrtFr
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\ynxbwQM
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\YnGcIBjWb
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\ynemXw
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\ymVCPbkbH
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\YMntzNLz
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\YmiPfCil
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\yMGHupMF
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\yMbyIkf
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\ymbgOjlxD
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\YlPuAq
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\ylOtOaR
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\YlMlOg
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\yLJOzTIvK
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\YlFJwO
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\yLEYSN
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\YLDeVR
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\YKUOzbtHw
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\YkQRIEmd
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\YkqKGQzbK
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\ykkEJHwXt
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\yKJQGqCB
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\yKgdbgJo
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\YjwBTKd
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\yJVkbp
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\yjpWRZ
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\yJouZa
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\yJKJdfipw
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\yjILyoaLj
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\yIsnjnhzz
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\YiMQeDMdq
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\yiLRszA
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\YikiJg
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\YhZZkbAvB
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\yhyHCp
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\YHVkSSfy
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\yhJcKn
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\YHBdoak
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\YgWfEyuDi
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\YgsVsR
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\YgsggJf
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\YgPtlopc
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\ygJvkMGn
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\YGDiigT
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\YfxntdmAF
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\YfwPeDnZ
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\yfuIyV
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\YfQmKfo
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\yfJeok
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\YFBXarDN
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\yfbOpD
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\Yfbncoeme
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\yeZvie
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\yexlmnxOx
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\YeVgSp
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\yeurmocQc
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\yEtorFVr
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\YElPbso
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\yEChDmBf
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\YDxqEnDc
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\ydWaVdw
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\YdOnkiPRp
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\ycYLPwIPF
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\yCPkhQrT
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\ycMGxc
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\YCGQTdV
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\yceOpA
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\ycaJFQkKE
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\YbVSpFqHT
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\yBuyLkW
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\YBSWAfjDE
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\YbQjiGlBh
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\YbHnMIEF
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\YAypMvp
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\YaXfIf
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\YAsHYjO
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\YAJRAJfz
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\xZuLrKw
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\XzSCIpsa
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\xZHGZsKf
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\XZfoqLd
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\XZDYxEiT
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\XZDjALjm
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\Xyipwk
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\XyfIyrEMt
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\xyFBGugTl
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\xycMwEVi
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\XxzOZpsZ
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\XXMRtYUAQ
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\xxLUkeOht
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\xXkcRjt
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\xxHEfbK
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\xxGeGjtu
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\xxdoFqgsl
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\xxDHjNPuI
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\XWtwTQ
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\xwnoukb
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\XwFOrdqkN
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\XwEbRQgqL
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\xWDwjudC
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\xWbVbUJA
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\XVXNPVq
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\xVwxnt
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\xvvGiH
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\XvORBF
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\xuYtBG
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\XUYLTM
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\xUvooR
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\xUtbpKq
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\xupnQqaa
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\XukSiUFjs
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\XueyoOc
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\XuByxpi
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\xtsYwtGW
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\XTNBcvnZe
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\xtdAcuVj
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\xSxxoLl
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\xsveXrXL
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\XSMDYL
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\XsJaLy
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\xshsGR
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\XsHDtasmn
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\xSAmJGaQG
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\XRYByJv
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\xRvhmoyB
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\xRqKoTnbX
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\XRonzy
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\XRodekh
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\XRGNTrvye
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\XraaTLSm
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\xQrOSNF
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\XqmIEAfII
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\XQhioH
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\xqfFijk
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\XQfahiHy
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\xpwCfUrVX
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\XPdFszHUw
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\XpaKwU
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\xOyWrzWX
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\XoXLXg
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\XOTPyU
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\xorxQM
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\xOnGXLrI
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\XoDgbtGOO
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\XNtzTXLQJ
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\xnkWfxCA
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\XnjHCWGJ
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\xnDdPyy
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\xMyCUmLjV
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\xmXWjeK
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\xmPXlfK
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\XMOQuAU
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\xmLxKFYk
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\xmHSgzS
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\xLSawTlIN
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\XLQCYU
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\xLnaEzKA
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\xlbOBt
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\xKxsoU
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\xKXLmNv
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\xkXfOKskf
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\xKpkYIr
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\XkNjln
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\xKKmwe
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\xkCJdmMCy
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\XJtEVQ
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\XjqreD
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\xJPhiQopg
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\XjKuDXt
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\xiXaRrJdk
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\XIupDba
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\XIUNdHWbT
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\xhTCiZ
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\xHdQtQOk
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\XHcctD
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\XGxUKZGL
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\xGfruy
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\XGasku
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\xFwRqYE
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\XfUmAposp
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\XFqijH
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\XFMKbM
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\XfhnGiiD
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\xEzKXEO
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\XEzgEb
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\xEYEIWdDD
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\XERVEQTaT
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\xDPHQyRl
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\XdMcYWa
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\xdHuJAXLL
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\XdchZG
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\xdbOavt
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\XDaywzwM
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\xcipQnrh
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\XcIplefjq
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\XCCdUS
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\XBvYOfLaE
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\xBOznzZTP
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\XBNiQa
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\XBmZyYIC
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\xbKafY
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\xbjPAo
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\XBIcXjSRP
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\XbagrokF
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\xAxnBCtn
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\XaTicjfi
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\XaSFJgFq
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\xaRcvK
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\xaQScwWLM
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\xAqOZyk
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\XaoPxpwEy
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\XAliQxa
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\WzYyxYfd
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\wzylAl
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\wZSzdvYD
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\wzsnwdZO
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\wzpJivIDU
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\wzLDXZLGq
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\WzJHNa
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\wZcjdOtRI
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\wzbIsb
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\wyUGQpf
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\WYtDbnc
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\WYollo
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\wyOfsYlf
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\wYNozybi
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\WYlZLcB
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\wyKPuVGpE
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\WYJtJjTK
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\WyhXYcX
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\WyegduZB
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\WYEcEdJS
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\wydqQIA
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\WXxEjehX
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\WxtbkpHB
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\WxQYaoQ
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\wXjhnijoc
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\WxAuUcb
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\WwyTQNGf
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\WwVtzlkNo
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\wwvHHoBCQ
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\WwpzkjmZ
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\WwmyhwBI
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\wwLBLRC
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\WWbgHSWWh
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\wvTqlCkso
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\wVlksz
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\wvFzTHOLD
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\wvAIuH
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\WuXxnvtnD
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\WUXVROx
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\wUtIlVuMZ
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\wuSNBoUI
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\WurGCmP
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\wUkmEjV
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\WTzenNRv
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\WttuEWL
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\wTehVN
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\wTdHpR
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\WTbqeDDP
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\wTaitOPdJ
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\wsWhyHg
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\WsVjjtMp
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\wsNqMcKg
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\wsjGBTvV
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\wsgHmbq
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\wsfonpdVl
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\WrpwvDB
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\wRGLOxYqo
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\WrGEPRqJG
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\WqGMLHFMh
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\wqfcnnl
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\WQdoqLS
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\wpZidCqbo
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\wPtRorM
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\WpqyeC
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\wpDygFY
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\wpdEVYcWV
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\WPcJYByJy
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\wpaAdlQl
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\wOZlOf
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\woVugllNn
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\WompEOCzX
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\WOMoSnF
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\wnWiLGW
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\wnqUzKDVT
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\wNOJHH
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\WNaBCWPxv
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\wMzVHDLE
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\wMxnUSrm
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\wMpnup
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\wmLyKzK
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\WMLRTwyxw
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\WMGBLsV
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\wmevEUiMQ
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\wlYOmo
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\wlXyQs
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\wlxUPz
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\wlVKZaqn
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\WLnGCgd
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\WLkFviQPu
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\wLjozoQAb
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\WLgOlq
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\WldbFEPOI
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\wKYZlJJY
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\wkYqtd
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\wKxAUqc
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\WKwgqnf
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\WkszmfnE
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\wkqgbQR
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\wkpLeXNad
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\wKohTD
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\wKkurCxaj
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\WkIagKFYD
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\WKhpxbYwR
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\WkFvKL
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\WJYsmw
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\wjYqXMO
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\WjWYHC
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\wJtxXBqxp
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\WJspQo
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\wJPXNt
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\wjLMLgK
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\WIzTdHqA
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\WiwOONv
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\WIkwYfxbT
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\wIjhdy
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\wiAZottXt
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\whVveXuq
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\whMuNEqW
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\whIgjhVZ
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\whHGJo
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\wHfkgq
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\WHECOmXaX
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\WHbrUK
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\wgzhms
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\WGzBvDY
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\wguLeHK
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\WGTmnFYuw
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\WGofju
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\WGHXdrHO
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\WgHhDw
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\wGDyynv
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\wgCsGzJqL
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\wfzZQrXtk
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\WFyMgzjlc
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\WFqIvlIFC
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\WfNDvO
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\WfNccLnJ
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\wfJktTZr
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\wfEOCx
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\wFcJCGrJ
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\wEyzqazq
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\wEWKyAoco
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\wevyVs
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\wEnmCl
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\weMNIHxt
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\WeEWdnvI
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\WEBDguKw
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\Wdxdyh
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\wdQaKsy
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\wdIiiHS
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\WdiCCwr
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\wDCjgRVUn
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\WCNiRPTu
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\WcmLTkhBs
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\wcLZZmrw
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\wCGcFx
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\wBtSoL
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\wbQJPgBXA
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\wboitlt
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\WbDCYKD
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\WBcXPhTog
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\wBbqPD
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\WbBNDGw
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\WAZzWu
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\WawFeX
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\WAohJL
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\wAIkLhrQ
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\VzYDRMmty
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\vZvsVkhW
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\VZtyWCE
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\VzBVKki
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\vZbFeXss
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\vyqdnm
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\vYPuQfv
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\vYPqPKoF
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\vyJnzsVO
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\vYgfMyxh
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\vYAKFfRI
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\vxtIAqUL
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\vxStVrsP
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\VXGqVAbrs
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\VXcEPitE
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\VwybRA
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\VwvXKrB
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\VWoFNaJd
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\VwMevHWbX
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\vWDbTVKC
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\VwASiK
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\VvxAHVk
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\vvSeDF
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\vVqCjz
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\vvoaIZK
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\vvERjJAhY
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\vvdLjqxhg
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\vVCZINQx
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\VuzBsB
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\vUxrJkFx
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\vuwtmye
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\vUvMCoUP
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\vuORLqRd
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\VuLoEdcC
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\VUHmjx
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\vUgWxQoI
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\vUcvCPh
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\VUafav
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\vTpnEKbV
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\VtENjYGlI
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\VTcZPEgL
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\VsrXjDopd
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\VSmpIUUcn
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\VsLgdap
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\VsEgyodNl
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\vSeEMQQ
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\VSeccak
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\vrZaFcHnX
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\VrTiqFUUZ
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\VRSoAcqpj
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\VrPBoP
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\vRLuhyu
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\vrlLlKZu
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\vqyHKwsHB
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\VqXxXu
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\vQtalWg
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\vQQxixAHE
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\VQPouxtR
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\VqeneN
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\vQAhLqDnh
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\VptNUwAaF
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\VPnWWB
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\vPnwtXfUC
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\VpLBpF
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\VPhSBsGec
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\vpGqiz
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\vpAOIYI
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\VoYovjIW
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\vOwQZC
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\vOTFlbj
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\voRBsBxh
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\VOeBbQR
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\VnZOBHEh
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\VnVRKArK
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\VnVbYOTb
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\VNUVYR
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\vnrfSZt
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\VNOLkPaAP
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\VNMsJPRad
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\vnJuFjMFJ
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\VnaaWcF
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\VmWOeHJN
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\VmUJxKrR
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\vmLoxvKnd
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\VMixtv
2019-11-02 13:52 - 2019-11-02 13:52 - 000000000 ____D C:\ProgramData\vmgIaxoU

MrJay · 4 Noviembre, 2019 12:27

Con este se acaba el primer log, subiré en segundo log cuando me permita el foro pues he llegado al numero maximo de respuestas por día, si lo necesitas ponte en contacto conmigo y te lo mando por privado.

2019-10-08 23:26 - 2019-10-08 23:26 - 001563648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2019-10-08 23:26 - 2019-10-08 23:26 - 001562424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpserverbase.dll
2019-10-08 23:26 - 2019-10-08 23:26 - 001510752 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2019-10-08 23:26 - 2019-10-08 23:26 - 001505320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll
2019-10-08 23:26 - 2019-10-08 23:26 - 001501712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppVEntSubsystems32.dll
2019-10-08 23:26 - 2019-10-08 23:26 - 001473488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll
2019-10-08 23:26 - 2019-10-08 23:26 - 001394488 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-10-08 23:26 - 2019-10-08 23:26 - 001386000 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystemController.dll
2019-10-08 23:26 - 2019-10-08 23:26 - 001334064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ttdrecordcpu.dll
2019-10-08 23:26 - 2019-10-08 23:26 - 001319936 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2019-10-08 23:26 - 2019-10-08 23:26 - 001297936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll
2019-10-08 23:26 - 2019-10-08 23:26 - 001283072 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2019-10-08 23:26 - 2019-10-08 23:26 - 001273392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2019-10-08 23:26 - 2019-10-08 23:26 - 001263616 _____ (Microsoft Corporation) C:\WINDOWS\system32\opengl32.dll
2019-10-08 23:26 - 2019-10-08 23:26 - 001244944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2019-10-08 23:26 - 2019-10-08 23:26 - 001217904 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2019-10-08 23:26 - 2019-10-08 23:26 - 001214976 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2019-10-08 23:26 - 2019-10-08 23:26 - 001178816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2019-10-08 23:26 - 2019-10-08 23:26 - 001152016 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2019-10-08 23:26 - 2019-10-08 23:26 - 001098712 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2019-10-08 23:26 - 2019-10-08 23:26 - 001080320 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2019-10-08 23:26 - 2019-10-08 23:26 - 001072952 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-10-08 23:26 - 2019-10-08 23:26 - 001047968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2019-10-08 23:26 - 2019-10-08 23:26 - 001043984 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPolicy.dll
2019-10-08 23:26 - 2019-10-08 23:26 - 001012792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2019-10-08 23:26 - 2019-10-08 23:26 - 000960512 _____ (Microsoft Corporation) C:\WINDOWS\system32\assignedaccessmanagersvc.dll
2019-10-08 23:26 - 2019-10-08 23:26 - 000957240 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVManifest.dll
2019-10-08 23:26 - 2019-10-08 23:26 - 000952416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DolbyDecMFT.dll
2019-10-08 23:26 - 2019-10-08 23:26 - 000939008 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2019-10-08 23:26 - 2019-10-08 23:26 - 000923136 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2019-10-08 23:26 - 2019-10-08 23:26 - 000904704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\opengl32.dll
2019-10-08 23:26 - 2019-10-08 23:26 - 000904208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2019-10-08 23:26 - 2019-10-08 23:26 - 000893952 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2019-10-08 23:26 - 2019-10-08 23:26 - 000882688 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2019-10-08 23:26 - 2019-10-08 23:26 - 000875008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2019-10-08 23:26 - 2019-10-08 23:26 - 000843776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2019-10-08 23:26 - 2019-10-08 23:26 - 000842752 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2019-10-08 23:26 - 2019-10-08 23:26 - 000829536 _____ (Microsoft Corporation) C:\WINDOWS\system32\BioIso.exe
2019-10-08 23:26 - 2019-10-08 23:26 - 000827408 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVOrchestration.dll
2019-10-08 23:26 - 2019-10-08 23:26 - 000816648 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntStreamingManager.dll
2019-10-08 23:26 - 2019-10-08 23:26 - 000802816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2019-10-08 23:26 - 2019-10-08 23:26 - 000792296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputHost.dll
2019-10-08 23:26 - 2019-10-08 23:26 - 000784384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2019-10-08 23:26 - 2019-10-08 23:26 - 000783480 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2019-10-08 23:26 - 2019-10-08 23:26 - 000775768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2019-10-08 23:26 - 2019-10-08 23:26 - 000774672 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2019-10-08 23:26 - 2019-10-08 23:26 - 000772656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2019-10-08 23:26 - 2019-10-08 23:26 - 000742912 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2019-10-08 23:26 - 2019-10-08 23:26 - 000741392 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVReporting.dll
2019-10-08 23:26 - 2019-10-08 23:26 - 000722944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapi.dll
2019-10-08 23:26 - 2019-10-08 23:26 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2019-10-08 23:26 - 2019-10-08 23:26 - 000691712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2019-10-08 23:26 - 2019-10-08 23:26 - 000690176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2019-10-08 23:26 - 2019-10-08 23:26 - 000689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2019-10-08 23:26 - 2019-10-08 23:26 - 000679880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2019-10-08 23:26 - 2019-10-08 23:26 - 000669496 _____ (Microsoft Corporation) C:\WINDOWS\system32\computecore.dll
2019-10-08 23:26 - 2019-10-08 23:26 - 000667136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2019-10-08 23:26 - 2019-10-08 23:26 - 000666128 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVCatalog.dll
2019-10-08 23:26 - 2019-10-08 23:26 - 000659456 _____ (Microsoft Corporation) C:\WINDOWS\system32\AssignedAccessManager.dll
2019-10-08 23:26 - 2019-10-08 23:26 - 000652800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2019-10-08 23:26 - 2019-10-08 23:26 - 000649016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPublishing.dll
2019-10-08 23:26 - 2019-10-08 23:26 - 000647168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2019-10-08 23:26 - 2019-10-08 23:26 - 000629248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.Search.dll
2019-10-08 23:26 - 2019-10-08 23:26 - 000623104 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2019-10-08 23:26 - 2019-10-08 23:26 - 000599552 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmsRouterSvc.dll
2019-10-08 23:26 - 2019-10-08 23:26 - 000599040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2019-10-08 23:26 - 2019-10-08 23:26 - 000598024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wimgapi.dll
2019-10-08 23:26 - 2019-10-08 23:26 - 000576512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\csc.sys
2019-10-08 23:26 - 2019-10-08 23:26 - 000568336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comctl32.dll
2019-10-08 23:26 - 2019-10-08 23:26 - 000546816 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxdiagn.dll
2019-10-08 23:26 - 2019-10-08 23:26 - 000541696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResourceMapper.dll
2019-10-08 23:26 - 2019-10-08 23:26 - 000539648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9on12.dll
2019-10-08 23:26 - 2019-10-08 23:26 - 000537600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2019-10-08 23:26 - 2019-10-08 23:26 - 000531968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2019-10-08 23:26 - 2019-10-08 23:26 - 000524800 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2019-10-08 23:26 - 2019-10-08 23:26 - 000516544 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2019-10-08 23:26 - 2019-10-08 23:26 - 000510464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmenrollengine.dll
2019-10-08 23:26 - 2019-10-08 23:26 - 000502784 _____ C:\WINDOWS\system32\AssignedAccessCsp.dll
2019-10-08 23:26 - 2019-10-08 23:26 - 000501232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp_win.dll
2019-10-08 23:26 - 2019-10-08 23:26 - 000500736 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2019-10-08 23:26 - 2019-10-08 23:26 - 000499200 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpshell.exe
2019-10-08 23:26 - 2019-10-08 23:26 - 000496640 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2019-10-08 23:26 - 2019-10-08 23:26 - 000495120 _____ (Microsoft Corporation) C:\WINDOWS\system32\TransportDSA.dll
2019-10-08 23:26 - 2019-10-08 23:26 - 000487576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase_enclave.dll
2019-10-08 23:26 - 2019-10-08 23:26 - 000487424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.FileExplorer.dll
2019-10-08 23:26 - 2019-10-08 23:26 - 000483328 _____ (Microsoft Corporation) C:\WINDOWS\system32\SessEnv.dll
2019-10-08 23:26 - 2019-10-08 23:26 - 000476672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll
2019-10-08 23:26 - 2019-10-08 23:26 - 000469504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webio.dll
2019-10-08 23:26 - 2019-10-08 23:26 - 000463272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2019-10-08 23:26 - 2019-10-08 23:26 - 000462848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2019-10-08 23:26 - 2019-10-08 23:26 - 000452408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2019-10-08 23:26 - 2019-10-08 23:26 - 000450560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxdiagn.dll
2019-10-08 23:26 - 2019-10-08 23:26 - 000450360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11on12.dll
2019-10-08 23:26 - 2019-10-08 23:26 - 000429568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2019-10-08 23:26 - 2019-10-08 23:26 - 000422008 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave_secure.dll
2019-10-08 23:26 - 2019-10-08 23:26 - 000421376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2019-10-08 23:26 - 2019-10-08 23:26 - 000417280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SessEnv.dll
2019-10-08 23:26 - 2019-10-08 23:26 - 000404392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2019-10-08 23:26 - 2019-10-08 23:26 - 000401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2019-10-08 23:26 - 2019-10-08 23:26 - 000394256 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVScripting.dll
2019-10-08 23:26 - 2019-10-08 23:26 - 000387832 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
2019-10-08 23:26 - 2019-10-08 23:26 - 000380216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2019-10-08 23:26 - 2019-10-08 23:26 - 000376832 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpinit.exe
2019-10-08 23:26 - 2019-10-08 23:26 - 000369664 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxdiag.exe
2019-10-08 23:26 - 2019-10-08 23:26 - 000353792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2019-10-08 23:26 - 2019-10-08 23:26 - 000334336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapibase.dll
2019-10-08 23:26 - 2019-10-08 23:26 - 000327168 _____ (Microsoft Corporation) C:\WINDOWS\system32\VAN.dll
2019-10-08 23:26 - 2019-10-08 23:26 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2019-10-08 23:26 - 2019-10-08 23:26 - 000315392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxdiag.exe
2019-10-08 23:26 - 2019-10-08 23:26 - 000300184 _____ (Microsoft Corporation) C:\WINDOWS\system32\skci.dll
2019-10-08 23:26 - 2019-10-08 23:26 - 000285256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2019-10-08 23:26 - 2019-10-08 23:26 - 000283688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ttdwriter.dll
2019-10-08 23:26 - 2019-10-08 23:26 - 000279040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2019-10-08 23:26 - 2019-10-08 23:26 - 000258064 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVFileSystemMetadata.dll
2019-10-08 23:26 - 2019-10-08 23:26 - 000245248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\glu32.dll
2019-10-08 23:26 - 2019-10-08 23:26 - 000241152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msltus40.dll
2019-10-08 23:26 - 2019-10-08 23:26 - 000239104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2019-10-08 23:26 - 2019-10-08 23:26 - 000236520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cfgmgr32.dll
2019-10-08 23:26 - 2019-10-08 23:26 - 000231440 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVShNotify.exe
2019-10-08 23:26 - 2019-10-08 23:26 - 000228880 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVStreamMap.dll
2019-10-08 23:26 - 2019-10-08 23:26 - 000227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\IndexedDbLegacy.dll
2019-10-08 23:26 - 2019-10-08 23:26 - 000224768 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
2019-10-08 23:26 - 2019-10-08 23:26 - 000210744 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcbloader.dll
2019-10-08 23:26 - 2019-10-08 23:26 - 000202768 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVStreamingUX.dll
2019-10-08 23:26 - 2019-10-08 23:26 - 000199480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2019-10-08 23:26 - 2019-10-08 23:26 - 000195584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\container.dll
2019-10-08 23:26 - 2019-10-08 23:26 - 000193592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\weretw.dll
2019-10-08 23:26 - 2019-10-08 23:26 - 000186880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE
2019-10-08 23:26 - 2019-10-08 23:26 - 000181776 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVDllSurrogate.exe
2019-10-08 23:26 - 2019-10-08 23:26 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallServiceTasks.dll
2019-10-08 23:26 - 2019-10-08 23:26 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IndexedDbLegacy.dll
2019-10-08 23:26 - 2019-10-08 23:26 - 000174080 _____ (Microsoft Corporation) C:\WINDOWS\system32\sud.dll
2019-10-08 23:26 - 2019-10-08 23:26 - 000173072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVNice.exe
2019-10-08 23:26 - 2019-10-08 23:26 - 000163328 _____ (Microsoft Corporation) C:\WINDOWS\system32\glu32.dll
2019-10-08 23:26 - 2019-10-08 23:26 - 000158208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2019-10-08 23:26 - 2019-10-08 23:26 - 000157184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ComposableShellProxyStub.dll
2019-10-08 23:26 - 2019-10-08 23:26 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2019-10-08 23:26 - 2019-10-08 23:26 - 000150328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe
2019-10-08 23:26 - 2019-10-08 23:26 - 000145208 _____ (Microsoft Corporation) C:\WINDOWS\system32\CscMig.dll
2019-10-08 23:26 - 2019-10-08 23:26 - 000143808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imm32.dll
2019-10-08 23:26 - 2019-10-08 23:26 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sud.dll
2019-10-08 23:26 - 2019-10-08 23:26 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
2019-10-08 23:26 - 2019-10-08 23:26 - 000139264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\prntvpt.dll
2019-10-08 23:26 - 2019-10-08 23:26 - 000137864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\devobj.dll
2019-10-08 23:26 - 2019-10-08 23:26 - 000133632 _____ (Microsoft Corporation) C:\WINDOWS\system32\appvetwclientres.dll
2019-10-08 23:26 - 2019-10-08 23:26 - 000125232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KerbClientShared.dll
2019-10-08 23:26 - 2019-10-08 23:26 - 000122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
2019-10-08 23:26 - 2019-10-08 23:26 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2019-10-08 23:26 - 2019-10-08 23:26 - 000116904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\userenv.dll
2019-10-08 23:26 - 2019-10-08 23:26 - 000110080 _____ C:\WINDOWS\system32\ResBParser.dll
2019-10-08 23:26 - 2019-10-08 23:26 - 000105832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpenWith.exe
2019-10-08 23:26 - 2019-10-08 23:26 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll
2019-10-08 23:26 - 2019-10-08 23:26 - 000100664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbkmcl.sys
2019-10-08 23:26 - 2019-10-08 23:26 - 000093712 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2019-10-08 23:26 - 2019-10-08 23:26 - 000092160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EaseOfAccessDialog.exe
2019-10-08 23:26 - 2019-10-08 23:26 - 000090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
2019-10-08 23:26 - 2019-10-08 23:26 - 000089544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2019-10-08 23:26 - 2019-10-08 23:26 - 000084496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2019-10-08 23:26 - 2019-10-08 23:26 - 000083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdbusenum.dll
2019-10-08 23:26 - 2019-10-08 23:26 - 000082432 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdvvmtransport.dll
2019-10-08 23:26 - 2019-10-08 23:26 - 000080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mcbuilder.exe
2019-10-08 23:26 - 2019-10-08 23:26 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sethc.exe
2019-10-08 23:26 - 2019-10-08 23:26 - 000070144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll
2019-10-08 23:26 - 2019-10-08 23:26 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdvvmtransport.dll
2019-10-08 23:26 - 2019-10-08 23:26 - 000065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2019-10-08 23:26 - 2019-10-08 23:26 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iemigplugin.dll
2019-10-08 23:26 - 2019-10-08 23:26 - 000056832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\devrtl.dll
2019-10-08 23:26 - 2019-10-08 23:26 - 000053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\BdeUISrv.exe
2019-10-08 23:26 - 2019-10-08 23:26 - 000051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnrollCtrl.exe
2019-10-08 23:26 - 2019-10-08 23:26 - 000047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AssignedAccessRuntime.dll
2019-10-08 23:26 - 2019-10-08 23:26 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2019-10-08 23:26 - 2019-10-08 23:26 - 000038912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werdiagcontroller.dll
2019-10-08 23:26 - 2019-10-08 23:26 - 000037904 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncAppvPublishingServer.exe
2019-10-08 23:26 - 2019-10-08 23:26 - 000036352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\enrollmentapi.dll
2019-10-08 23:26 - 2019-10-08 23:26 - 000033048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NtlmShared.dll
2019-10-08 23:26 - 2019-10-08 23:26 - 000032256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2019-10-08 23:26 - 2019-10-08 23:26 - 000021816 _____ (Microsoft Corporation) C:\WINDOWS\system32\ScriptRunner.exe
2019-10-08 23:26 - 2019-10-08 23:26 - 000021544 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdhvcom.dll
2019-10-08 23:26 - 2019-10-08 23:26 - 000013824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDJPN.DLL
2019-10-08 23:26 - 2019-10-08 23:26 - 000013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\appvetwstreamingux.dll
2019-10-08 23:26 - 2019-10-08 23:26 - 000012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d8thk.dll
2019-10-08 23:26 - 2019-10-08 23:26 - 000012288 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSErrRedir.dll
2019-10-08 23:26 - 2019-10-08 23:26 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kbd106.dll
2019-10-08 23:26 - 2019-10-08 23:26 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6r.dll
2019-10-08 23:26 - 2019-10-08 23:26 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth9.bin
2019-10-08 23:26 - 2019-10-08 23:26 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2019-10-08 23:26 - 2019-10-08 23:26 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2019-10-08 23:26 - 2019-10-08 23:26 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2019-10-08 23:26 - 2019-10-08 23:26 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2019-10-08 23:26 - 2019-10-08 23:26 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2019-10-08 23:26 - 2019-10-08 23:26 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2019-10-08 23:26 - 2019-10-08 23:26 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2019-10-08 23:26 - 2019-10-08 23:26 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth12.bin
2019-10-08 23:26 - 2019-10-08 23:26 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth11.bin
2019-10-08 23:26 - 2019-10-08 23:26 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth10.bin
2019-10-08 23:26 - 2019-10-08 23:26 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2019-10-08 23:25 - 2019-10-08 23:25 - 017787392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2019-10-08 23:25 - 2019-10-08 23:25 - 009928504 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-10-08 23:25 - 2019-10-08 23:25 - 007905000 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2019-10-08 23:25 - 2019-10-08 23:25 - 007848192 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2019-10-08 23:25 - 2019-10-08 23:25 - 007600664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-10-08 23:25 - 2019-10-08 23:25 - 007263992 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2019-10-08 23:25 - 2019-10-08 23:25 - 006425600 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2019-10-08 23:25 - 2019-10-08 23:25 - 006227624 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2019-10-08 23:25 - 2019-10-08 23:25 - 006164480 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2019-10-08 23:25 - 2019-10-08 23:25 - 005865272 _____ (Microsoft Corporation) C:\WINDOWS\system32\spwizimg.dll
2019-10-08 23:25 - 2019-10-08 23:25 - 005105152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2019-10-08 23:25 - 2019-10-08 23:25 - 005041664 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2019-10-08 23:25 - 2019-10-08 23:25 - 004612520 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2019-10-08 23:25 - 2019-10-08 23:25 - 004562688 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2019-10-08 23:25 - 2019-10-08 23:25 - 004046336 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2019-10-08 23:25 - 2019-10-08 23:25 - 004012544 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2019-10-08 23:25 - 2019-10-08 23:25 - 003964056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2019-10-08 23:25 - 2019-10-08 23:25 - 003771392 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2019-10-08 23:25 - 2019-10-08 23:25 - 003727360 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2019-10-08 23:25 - 2019-10-08 23:25 - 003701760 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-10-08 23:25 - 2019-10-08 23:25 - 003590968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2019-10-08 23:25 - 2019-10-08 23:25 - 003553280 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2019-10-08 23:25 - 2019-10-08 23:25 - 003386880 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2019-10-08 23:25 - 2019-10-08 23:25 - 003184128 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2019-10-08 23:25 - 2019-10-08 23:25 - 003105280 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2019-10-08 23:25 - 2019-10-08 23:25 - 002861568 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsservices.dll
2019-10-08 23:25 - 2019-10-08 23:25 - 002772032 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2019-10-08 23:25 - 2019-10-08 23:25 - 002762504 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2019-10-08 23:25 - 2019-10-08 23:25 - 002723328 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2019-10-08 23:25 - 2019-10-08 23:25 - 002703360 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2019-10-08 23:25 - 2019-10-08 23:25 - 002590208 _____ C:\WINDOWS\system32\dwmscene.dll
2019-10-08 23:25 - 2019-10-08 23:25 - 002552120 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2019-10-08 23:25 - 2019-10-08 23:25 - 002466304 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2019-10-08 23:25 - 2019-10-08 23:25 - 002456064 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll
2019-10-08 23:25 - 2019-10-08 23:25 - 002448712 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2019-10-08 23:25 - 2019-10-08 23:25 - 002284032 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-10-08 23:25 - 2019-10-08 23:25 - 002160640 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2019-10-08 23:25 - 2019-10-08 23:25 - 002120704 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcDesktopMonSvc.dll
2019-10-08 23:25 - 2019-10-08 23:25 - 002114048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
2019-10-08 23:25 - 2019-10-08 23:25 - 002095104 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2019-10-08 23:25 - 2019-10-08 23:25 - 002081976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2019-10-08 23:25 - 2019-10-08 23:25 - 002069504 _____ (Microsoft Corporation) C:\WINDOWS\system32\ISM.dll
2019-10-08 23:25 - 2019-10-08 23:25 - 002000168 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2019-10-08 23:25 - 2019-10-08 23:25 - 001940952 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2019-10-08 23:25 - 2019-10-08 23:25 - 001913296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2019-10-08 23:25 - 2019-10-08 23:25 - 001857024 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2019-10-08 23:25 - 2019-10-08 23:25 - 001845408 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2019-10-08 23:25 - 2019-10-08 23:25 - 001835008 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2019-10-08 23:25 - 2019-10-08 23:25 - 001830200 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpserverbase.dll
2019-10-08 23:25 - 2019-10-08 23:25 - 001819136 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreShell.dll
2019-10-08 23:25 - 2019-10-08 23:25 - 001757096 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-10-08 23:25 - 2019-10-08 23:25 - 001748480 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-10-08 23:25 - 2019-10-08 23:25 - 001743672 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2019-10-08 23:25 - 2019-10-08 23:25 - 001721144 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2019-10-08 23:25 - 2019-10-08 23:25 - 001687040 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsPrint.dll
2019-10-08 23:25 - 2019-10-08 23:25 - 001664376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2019-10-08 23:25 - 2019-10-08 23:25 - 001657856 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2019-10-08 23:25 - 2019-10-08 23:25 - 001656392 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2019-10-08 23:25 - 2019-10-08 23:25 - 001616608 _____ (Microsoft Corporation) C:\WINDOWS\system32\ttdrecordcpu.dll
2019-10-08 23:25 - 2019-10-08 23:25 - 001607680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2019-10-08 23:25 - 2019-10-08 23:25 - 001543168 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowManagement.dll
2019-10-08 23:25 - 2019-10-08 23:25 - 001512320 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-10-08 23:25 - 2019-10-08 23:25 - 001482040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2019-10-08 23:25 - 2019-10-08 23:25 - 001439744 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocoreworker.exe
2019-10-08 23:25 - 2019-10-08 23:25 - 001412096 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2019-10-08 23:25 - 2019-10-08 23:25 - 001383856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2019-10-08 23:25 - 2019-10-08 23:25 - 001372160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2019-10-08 23:25 - 2019-10-08 23:25 - 001366128 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2019-10-08 23:25 - 2019-10-08 23:25 - 001261800 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2019-10-08 23:25 - 2019-10-08 23:25 - 001182240 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2019-10-08 23:25 - 2019-10-08 23:25 - 001154656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2019-10-08 23:25 - 2019-10-08 23:25 - 001150240 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputHost.dll
2019-10-08 23:25 - 2019-10-08 23:25 - 001149712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-10-08 23:25 - 2019-10-08 23:25 - 001091584 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCoreProvisioning.dll
2019-10-08 23:25 - 2019-10-08 23:25 - 001084432 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2019-10-08 23:25 - 2019-10-08 23:25 - 001066496 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2019-10-08 23:25 - 2019-10-08 23:25 - 001062912 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2019-10-08 23:25 - 2019-10-08 23:25 - 001054872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2019-10-08 23:25 - 2019-10-08 23:25 - 001036800 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2019-10-08 23:25 - 2019-10-08 23:25 - 001029432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ClipSp.sys
2019-10-08 23:25 - 2019-10-08 23:25 - 001023128 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2019-10-08 23:25 - 2019-10-08 23:25 - 001009152 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2019-10-08 23:25 - 2019-10-08 23:25 - 000984376 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2019-10-08 23:25 - 2019-10-08 23:25 - 000975872 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2019-10-08 23:25 - 2019-10-08 23:25 - 000950784 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2019-10-08 23:25 - 2019-10-08 23:25 - 000944664 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2019-10-08 23:25 - 2019-10-08 23:25 - 000931840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2019-10-08 23:25 - 2019-10-08 23:25 - 000923136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2019-10-08 23:25 - 2019-10-08 23:25 - 000890472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2019-10-08 23:25 - 2019-10-08 23:25 - 000880088 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2019-10-08 23:25 - 2019-10-08 23:25 - 000874296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2019-10-08 23:25 - 2019-10-08 23:25 - 000858112 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2019-10-08 23:25 - 2019-10-08 23:25 - 000856576 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2019-10-08 23:25 - 2019-10-08 23:25 - 000844800 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2019-10-08 23:25 - 2019-10-08 23:25 - 000841216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2019-10-08 23:25 - 2019-10-08 23:25 - 000839680 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9on12.dll
2019-10-08 23:25 - 2019-10-08 23:25 - 000836608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCoreProvisioning.dll
2019-10-08 23:25 - 2019-10-08 23:25 - 000833312 _____ (Microsoft Corporation) C:\WINDOWS\system32\pkeyhelper.dll
2019-10-08 23:25 - 2019-10-08 23:25 - 000818688 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2019-10-08 23:25 - 2019-10-08 23:25 - 000814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2019-10-08 23:25 - 2019-10-08 23:25 - 000765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2019-10-08 23:25 - 2019-10-08 23:25 - 000759488 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskschd.dll
2019-10-08 23:25 - 2019-10-08 23:25 - 000758584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll
2019-10-08 23:25 - 2019-10-08 23:25 - 000750080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.Search.dll
2019-10-08 23:25 - 2019-10-08 23:25 - 000749568 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2019-10-08 23:25 - 2019-10-08 23:25 - 000735232 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2019-10-08 23:25 - 2019-10-08 23:25 - 000732176 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_StorageSense.dll
2019-10-08 23:25 - 2019-10-08 23:25 - 000717312 _____ (Microsoft Corporation) C:\WINDOWS\system32\mousocoreworker.exe
2019-10-08 23:25 - 2019-10-08 23:25 - 000702464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2019-10-08 23:25 - 2019-10-08 23:25 - 000701952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.FileExplorer.dll
2019-10-08 23:25 - 2019-10-08 23:25 - 000674072 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2019-10-08 23:25 - 2019-10-08 23:25 - 000673080 _____ (Microsoft Corporation) C:\WINDOWS\system32\comctl32.dll
2019-10-08 23:25 - 2019-10-08 23:25 - 000656960 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11on12.dll
2019-10-08 23:25 - 2019-10-08 23:25 - 000639400 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp_win.dll
2019-10-08 23:25 - 2019-10-08 23:25 - 000617784 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2019-10-08 23:25 - 2019-10-08 23:25 - 000612864 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2019-10-08 23:25 - 2019-10-08 23:25 - 000606208 _____ (Microsoft Corporation) C:\WINDOWS\system32\uxtheme.dll
2019-10-08 23:25 - 2019-10-08 23:25 - 000598016 _____ (Microsoft Corporation) C:\WINDOWS\system32\webio.dll
2019-10-08 23:25 - 2019-10-08 23:25 - 000596992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2019-10-08 23:25 - 2019-10-08 23:25 - 000595456 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2019-10-08 23:25 - 2019-10-08 23:25 - 000589384 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2019-10-08 23:25 - 2019-10-08 23:25 - 000587776 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_PCDisplay.dll
2019-10-08 23:25 - 2019-10-08 23:25 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SppExtComObj.Exe
2019-10-08 23:25 - 2019-10-08 23:25 - 000563200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnprv.dll
2019-10-08 23:25 - 2019-10-08 23:25 - 000558592 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Notifications.dll
2019-10-08 23:25 - 2019-10-08 23:25 - 000551936 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll
2019-10-08 23:25 - 2019-10-08 23:25 - 000551424 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2019-10-08 23:25 - 2019-10-08 23:25 - 000550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2019-10-08 23:25 - 2019-10-08 23:25 - 000541480 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2019-10-08 23:25 - 2019-10-08 23:25 - 000533504 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2019-10-08 23:25 - 2019-10-08 23:25 - 000530432 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2019-10-08 23:25 - 2019-10-08 23:25 - 000520192 _____ (Microsoft Corporation) C:\WINDOWS\system32\usosvc.dll
2019-10-08 23:25 - 2019-10-08 23:25 - 000518656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2019-10-08 23:25 - 2019-10-08 23:25 - 000516408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe
2019-10-08 23:25 - 2019-10-08 23:25 - 000515896 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2019-10-08 23:25 - 2019-10-08 23:25 - 000513536 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2019-10-08 23:25 - 2019-10-08 23:25 - 000507704 _____ (Microsoft Corporation) C:\WINDOWS\system32\spwizeng.dll
2019-10-08 23:25 - 2019-10-08 23:25 - 000507152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskschd.dll
2019-10-08 23:25 - 2019-10-08 23:25 - 000476672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uxtheme.dll
2019-10-08 23:25 - 2019-10-08 23:25 - 000466416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2019-10-08 23:25 - 2019-10-08 23:25 - 000462136 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2019-10-08 23:25 - 2019-10-08 23:25 - 000457216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cldflt.sys
2019-10-08 23:25 - 2019-10-08 23:25 - 000456504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2019-10-08 23:25 - 2019-10-08 23:25 - 000449888 _____ (Microsoft Corporation) C:\WINDOWS\system32\MMDevAPI.dll
2019-10-08 23:25 - 2019-10-08 23:25 - 000448000 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll
2019-10-08 23:25 - 2019-10-08 23:25 - 000442704 _____ (Microsoft Corporation) C:\WINDOWS\system32\ws2_32.dll
2019-10-08 23:25 - 2019-10-08 23:25 - 000441144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2019-10-08 23:25 - 2019-10-08 23:25 - 000415808 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2019-10-08 23:25 - 2019-10-08 23:25 - 000412152 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2019-10-08 23:25 - 2019-10-08 23:25 - 000398728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininit.exe
2019-10-08 23:25 - 2019-10-08 23:25 - 000392704 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationControllerPS.dll
2019-10-08 23:25 - 2019-10-08 23:25 - 000383984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MMDevAPI.dll
2019-10-08 23:25 - 2019-10-08 23:25 - 000382976 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll
2019-10-08 23:25 - 2019-10-08 23:25 - 000379840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ws2_32.dll
2019-10-08 23:25 - 2019-10-08 23:25 - 000375720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2019-10-08 23:25 - 2019-10-08 23:25 - 000363624 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2019-10-08 23:25 - 2019-10-08 23:25 - 000355840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicSvc.dll
2019-10-08 23:25 - 2019-10-08 23:25 - 000346624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\secproc.dll
2019-10-08 23:25 - 2019-10-08 23:25 - 000342896 _____ (Microsoft Corporation) C:\WINDOWS\system32\ttdwriter.dll
2019-10-08 23:25 - 2019-10-08 23:25 - 000338432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2019-10-08 23:25 - 2019-10-08 23:25 - 000334936 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll
2019-10-08 23:25 - 2019-10-08 23:25 - 000327168 _____ (Microsoft Corporation) C:\WINDOWS\system32\ComposableShellProxyStub.dll
2019-10-08 23:25 - 2019-10-08 23:25 - 000324408 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2019-10-08 23:25 - 2019-10-08 23:25 - 000315904 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenterprisediagnostics.dll
2019-10-08 23:25 - 2019-10-08 23:25 - 000293344 _____ (Microsoft Corporation) C:\WINDOWS\system32\cfgmgr32.dll
2019-10-08 23:25 - 2019-10-08 23:25 - 000288256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2019-10-08 23:25 - 2019-10-08 23:25 - 000285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\directxdatabaseupdater.exe
2019-10-08 23:25 - 2019-10-08 23:25 - 000284160 _____ (Microsoft Corporation) C:\WINDOWS\system32\container.dll
2019-10-08 23:25 - 2019-10-08 23:25 - 000282112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.AppDefaults.dll
2019-10-08 23:25 - 2019-10-08 23:25 - 000278080 _____ (Microsoft Corporation) C:\WINDOWS\system32\LsaIso.exe
2019-10-08 23:25 - 2019-10-08 23:25 - 000275968 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2019-10-08 23:25 - 2019-10-08 23:25 - 000275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_CapabilityAccess.dll
2019-10-08 23:25 - 2019-10-08 23:25 - 000268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2019-10-08 23:25 - 2019-10-08 23:25 - 000268288 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3svc.dll
2019-10-08 23:25 - 2019-10-08 23:25 - 000265216 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2019-10-08 23:25 - 2019-10-08 23:25 - 000261632 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicCapsule.dll
2019-10-08 23:25 - 2019-10-08 23:25 - 000256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateDeploymentProvider.dll
2019-10-08 23:25 - 2019-10-08 23:25 - 000252416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnservice.dll
2019-10-08 23:25 - 2019-10-08 23:25 - 000250880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winnat.sys
2019-10-08 23:25 - 2019-10-08 23:25 - 000247856 _____ (Microsoft Corporation) C:\WINDOWS\system32\weretw.dll
2019-10-08 23:25 - 2019-10-08 23:25 - 000244736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndproxy.sys
2019-10-08 23:25 - 2019-10-08 23:25 - 000243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Gpu.dll
2019-10-08 23:25 - 2019-10-08 23:25 - 000241152 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanagerprecheck.dll
2019-10-08 23:25 - 2019-10-08 23:25 - 000236544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2019-10-08 23:25 - 2019-10-08 23:25 - 000235008 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwpolicyiomgr.dll
2019-10-08 23:25 - 2019-10-08 23:25 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallServiceTasks.dll
2019-10-08 23:25 - 2019-10-08 23:25 - 000225080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wof.sys
2019-10-08 23:25 - 2019-10-08 23:25 - 000224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
2019-10-08 23:25 - 2019-10-08 23:25 - 000221696 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgiadaptercache.exe
2019-10-08 23:25 - 2019-10-08 23:25 - 000220472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2019-10-08 23:25 - 2019-10-08 23:25 - 000208384 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2019-10-08 23:25 - 2019-10-08 23:25 - 000206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll
2019-10-08 23:25 - 2019-10-08 23:25 - 000202040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys
2019-10-08 23:25 - 2019-10-08 23:25 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2019-10-08 23:25 - 2019-10-08 23:25 - 000197632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Win32CompatibilityAppraiserCSP.dll
2019-10-08 23:25 - 2019-10-08 23:25 - 000179512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2019-10-08 23:25 - 2019-10-08 23:25 - 000178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\prntvpt.dll
2019-10-08 23:25 - 2019-10-08 23:25 - 000176440 _____ (Microsoft Corporation) C:\WINDOWS\system32\uxlib.dll
2019-10-08 23:25 - 2019-10-08 23:25 - 000176152 _____ (Microsoft Corporation) C:\WINDOWS\system32\imm32.dll
2019-10-08 23:25 - 2019-10-08 23:25 - 000173568 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvinst.exe
2019-10-08 23:25 - 2019-10-08 23:25 - 000165832 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
2019-10-08 23:25 - 2019-10-08 23:25 - 000162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwbase.dll
2019-10-08 23:25 - 2019-10-08 23:25 - 000159112 _____ (Microsoft Corporation) C:\WINDOWS\system32\devobj.dll
2019-10-08 23:25 - 2019-10-08 23:25 - 000155648 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_AppExecutionAlias.dll
2019-10-08 23:25 - 2019-10-08 23:25 - 000152408 _____ (Microsoft Corporation) C:\WINDOWS\system32\KerbClientShared.dll
2019-10-08 23:25 - 2019-10-08 23:25 - 000151552 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_BackgroundApps.dll
2019-10-08 23:25 - 2019-10-08 23:25 - 000143872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SpatialAudioLicenseSrv.exe
2019-10-08 23:25 - 2019-10-08 23:25 - 000140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2019-10-08 23:25 - 2019-10-08 23:25 - 000140496 _____ (Microsoft Corporation) C:\WINDOWS\system32\userenv.dll
2019-10-08 23:25 - 2019-10-08 23:25 - 000137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmredir.dll
2019-10-08 23:25 - 2019-10-08 23:25 - 000132608 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_ForceSync.dll
2019-10-08 23:25 - 2019-10-08 23:25 - 000132408 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinelsa.dll
2019-10-08 23:25 - 2019-10-08 23:25 - 000132096 _____ (Microsoft Corporation) C:\WINDOWS\splwow64.exe
2019-10-08 23:25 - 2019-10-08 23:25 - 000130048 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudDomainJoinAUG.dll
2019-10-08 23:25 - 2019-10-08 23:25 - 000127064 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2019-10-08 23:25 - 2019-10-08 23:25 - 000121856 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatecsp.dll
2019-10-08 23:25 - 2019-10-08 23:25 - 000119840 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpenWith.exe
2019-10-08 23:25 - 2019-10-08 23:25 - 000117048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bindflt.sys
2019-10-08 23:25 - 2019-10-08 23:25 - 000116224 _____ (Microsoft Corporation) C:\WINDOWS\system32\EaseOfAccessDialog.exe
2019-10-08 23:25 - 2019-10-08 23:25 - 000108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2019-10-08 23:25 - 2019-10-08 23:25 - 000107008 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreShellExtFramework.dll
2019-10-08 23:25 - 2019-10-08 23:25 - 000105272 _____ (Microsoft Corporation) C:\WINDOWS\system32\icfupgd.dll
2019-10-08 23:25 - 2019-10-08 23:25 - 000103936 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3msm.dll
2019-10-08 23:25 - 2019-10-08 23:25 - 000098816 _____ (Microsoft Corporation) C:\WINDOWS\system32\sethc.exe
2019-10-08 23:25 - 2019-10-08 23:25 - 000094208 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcbuilder.exe
2019-10-08 23:25 - 2019-10-08 23:25 - 000093184 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlaapi.dll
2019-10-08 23:25 - 2019-10-08 23:25 - 000092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wanarp.sys
2019-10-08 23:25 - 2019-10-08 23:25 - 000092624 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskhostw.exe
2019-10-08 23:25 - 2019-10-08 23:25 - 000092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe
2019-10-08 23:25 - 2019-10-08 23:25 - 000092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3api.dll
2019-10-08 23:25 - 2019-10-08 23:25 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicAgent.exe
2019-10-08 23:25 - 2019-10-08 23:25 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\CustomInstallExec.exe
2019-10-08 23:25 - 2019-10-08 23:25 - 000073024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll
2019-10-08 23:25 - 2019-10-08 23:25 - 000071680 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwm.exe
2019-10-08 23:25 - 2019-10-08 23:25 - 000070144 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2019-10-08 23:25 - 2019-10-08 23:25 - 000066832 _____ (Microsoft Corporation) C:\WINDOWS\system32\iumcrypt.dll
2019-10-08 23:25 - 2019-10-08 23:25 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnrollCtrl.exe
2019-10-08 23:25 - 2019-10-08 23:25 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AssignedAccessRuntime.dll
2019-10-08 23:25 - 2019-10-08 23:25 - 000059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\devrtl.dll
2019-10-08 23:25 - 2019-10-08 23:25 - 000057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2019-10-08 23:25 - 2019-10-08 23:25 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\audioresourceregistrar.dll
2019-10-08 23:25 - 2019-10-08 23:25 - 000056832 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnppolicy.dll
2019-10-08 23:25 - 2019-10-08 23:25 - 000053248 _____ C:\WINDOWS\system32\Drivers\UsbPmApi.sys
2019-10-08 23:25 - 2019-10-08 23:25 - 000052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2019-10-08 23:25 - 2019-10-08 23:25 - 000049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2019-10-08 23:25 - 2019-10-08 23:25 - 000047616 _____ C:\WINDOWS\system32\UsbPmApi.dll
2019-10-08 23:25 - 2019-10-08 23:25 - 000047000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2019-10-08 23:25 - 2019-10-08 23:25 - 000045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\cellulardatacapabilityhandler.dll
2019-10-08 23:25 - 2019-10-08 23:25 - 000044544 _____ (Microsoft Corporation) C:\WINDOWS\system32\werdiagcontroller.dll
2019-10-08 23:25 - 2019-10-08 23:25 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2019-10-08 23:25 - 2019-10-08 23:25 - 000043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiredNetworkCSP.dll
2019-10-08 23:25 - 2019-10-08 23:25 - 000039304 _____ (Microsoft Corporation) C:\WINDOWS\system32\NtlmShared.dll
2019-10-08 23:25 - 2019-10-08 23:25 - 000037176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wimmount.sys
2019-10-08 23:25 - 2019-10-08 23:25 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2019-10-08 23:25 - 2019-10-08 23:25 - 000028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicPS.dll
2019-10-08 23:25 - 2019-10-08 23:25 - 000028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndistapi.sys
2019-10-08 23:25 - 2019-10-08 23:25 - 000027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Win32_DeviceGuard.dll
2019-10-08 23:25 - 2019-10-08 23:25 - 000024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfapigp.dll
2019-10-08 23:25 - 2019-10-08 23:25 - 000024064 _____ (Microsoft Corporation) C:\WINDOWS\system32\CSystemEventsBrokerClient.dll
2019-10-08 23:25 - 2019-10-08 23:25 - 000020944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64cpu.dll
2019-10-08 23:25 - 2019-10-08 23:25 - 000019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmsgapi.dll
2019-10-08 23:25 - 2019-10-08 23:25 - 000017920 _____ (Microsoft Corporation) C:\WINDOWS\system32\bindflt.dll
2019-10-08 23:25 - 2019-10-08 23:25 - 000016696 _____ (Microsoft Corporation) C:\WINDOWS\system32\spwizres.dll
2019-10-08 23:25 - 2019-10-08 23:25 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d8thk.dll
2019-10-08 23:25 - 2019-10-08 23:25 - 000012288 _____ (Microsoft Corporation) C:\WINDOWS\system32\pacjsworker.exe
2019-10-08 23:25 - 2019-10-08 23:25 - 000011576 _____ (Microsoft Corporation) C:\WINDOWS\system32\uxlibres.dll
2019-10-08 23:25 - 2019-10-08 23:25 - 000003584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCertResources.dll
2019-10-08 23:25 - 2019-10-08 23:25 - 000003584 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCertResources.dll
2019-10-08 23:25 - 2019-10-08 23:25 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tier2punctuations.dll
2019-10-08 23:25 - 2019-10-08 23:25 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6r.dll
2019-10-08 23:24 - 2019-10-08 23:25 - 001942528 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2019-10-08 23:24 - 2019-10-08 23:24 - 003947008 _____ (Microsoft Corporation) C:\WINDOWS\system32\tellib.dll
2019-10-08 23:24 - 2019-10-08 23:24 - 002120272 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2019-10-08 23:24 - 2019-10-08 23:24 - 001413704 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2019-10-08 23:24 - 2019-10-08 23:24 - 000551952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Vid.sys
2019-10-08 23:24 - 2019-10-08 23:24 - 000436536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2019-10-08 23:24 - 2019-10-08 23:24 - 000359424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\MbbCx.sys
2019-10-08 23:24 - 2019-10-08 23:24 - 000355000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys
2019-10-08 23:24 - 2019-10-08 23:24 - 000248832 _____ (Microsoft Corporation) C:\WINDOWS\system32\ManageCI.dll
2019-10-08 23:24 - 2019-10-08 23:24 - 000236032 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
2019-10-08 23:24 - 2019-10-08 23:24 - 000223032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelppm.sys
2019-10-08 23:24 - 2019-10-08 23:24 - 000208184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\processr.sys
2019-10-08 23:24 - 2019-10-08 23:24 - 000201016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\amdppm.sys
2019-10-08 23:24 - 2019-10-08 23:24 - 000199480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\amdk8.sys
2019-10-08 23:24 - 2019-10-08 23:24 - 000169472 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpatialAudioLicenseSrv.exe
2019-10-08 23:24 - 2019-10-08 23:24 - 000158720 _____ (Microsoft Corporation) C:\WINDOWS\system32\umpo.dll
2019-10-08 23:24 - 2019-10-08 23:24 - 000151568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbus.sys
2019-10-08 23:24 - 2019-10-08 23:24 - 000123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplicationControlCSP.dll
2019-10-08 23:24 - 2019-10-08 23:24 - 000088352 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll
2019-10-08 23:24 - 2019-10-08 23:24 - 000079376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\uaspstor.sys
2019-10-08 23:24 - 2019-10-08 23:24 - 000075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringclient.dll
2019-10-08 23:24 - 2019-10-08 23:24 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidspi.sys
2019-10-08 23:24 - 2019-10-08 23:24 - 000052752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmstorfl.sys
2019-10-08 23:24 - 2019-10-08 23:24 - 000052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringconfigsp.dll
2019-10-08 23:24 - 2019-10-08 23:24 - 000043536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storvsc.sys
2019-10-08 23:24 - 2019-10-08 23:24 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\IcsEntitlementHost.exe
2019-10-08 23:24 - 2019-10-08 23:24 - 000028936 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmbuspipe.dll
2019-10-08 23:05 - 2019-10-08 23:05 - 000000218 _____ C:\Users\Jaime\AppData\Local\recently-used.xbel
2019-10-08 22:58 - 2019-10-08 22:58 - 000492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2019-10-08 22:58 - 2019-10-08 22:58 - 000390656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-11-04 12:57 - 2019-03-19 05:50 - 000000000 ____D C:\WINDOWS\INF
2019-11-04 12:54 - 2018-07-11 17:46 - 000000000 ____D C:\Users\Jaime\AppData\LocalLow\Mozilla
2019-11-04 12:45 - 2019-03-19 05:52 - 000000000 ___HD C:\Program Files\WindowsApps
2019-11-04 12:45 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-11-04 12:45 - 2018-07-11 17:53 - 000000000 ____D C:\ProgramData\Packages
2019-11-04 12:44 - 2018-07-11 17:19 - 000000000 ____D C:\ProgramData\NVIDIA
2019-11-04 12:43 - 2019-06-25 18:43 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-11-03 19:23 - 2019-04-12 21:50 - 000000000 ____D C:\Users\Jaime\AppData\Roaming\2d57c12164b0fefc2f546597cfa41db0
2019-11-03 19:22 - 2018-08-23 14:15 - 000000000 ____D C:\ProgramData\Unified Remote
2019-11-03 19:22 - 2018-07-11 17:37 - 000000000 __SHD C:\Users\Jaime\IntelGraphicsProfiles
2019-11-02 18:17 - 2019-03-19 05:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-11-02 17:31 - 2019-06-25 18:48 - 001775242 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-11-02 17:31 - 2019-03-19 12:59 - 000791138 _____ C:\WINDOWS\system32\perfh00A.dat
2019-11-02 17:31 - 2019-03-19 12:59 - 000156376 _____ C:\WINDOWS\system32\perfc00A.dat
2019-11-02 17:20 - 2019-06-25 18:49 - 000003378 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3535584231-1191769911-767922632-1001
2019-11-02 17:20 - 2019-06-25 18:22 - 000002397 _____ C:\Users\Jaime\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-11-02 17:20 - 2018-07-11 17:39 - 000000000 ___RD C:\Users\Jaime\OneDrive
2019-11-02 14:04 - 2019-03-19 05:52 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2019-11-02 13:54 - 2019-02-05 14:56 - 000000000 ____D C:\Program Files (x86)\Origin
2019-11-02 13:35 - 2018-07-11 17:46 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2019-11-02 13:35 - 2018-07-11 17:46 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-11-02 13:31 - 2019-06-25 18:49 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-11-02 13:31 - 2019-03-19 05:37 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2019-11-02 13:31 - 2018-07-11 23:36 - 000000364 _____ C:\WINDOWS\Tasks\HPCeeScheduleForJaime.job
2019-11-02 13:31 - 2018-07-11 17:19 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2019-11-01 12:59 - 2019-06-25 18:49 - 000003256 _____ C:\WINDOWS\system32\Tasks\HPCeeScheduleForJaime
2019-10-29 17:49 - 2018-07-11 17:08 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2019-10-27 19:24 - 2018-07-11 22:09 - 000000000 ____D C:\Users\Jaime\AppData\Local\Battle.net
2019-10-27 15:19 - 2018-07-11 17:54 - 000000000 ____D C:\Users\Jaime\AppData\Local\D3DSCache
2019-10-27 15:05 - 2018-07-18 14:41 - 000000000 ____D C:\Users\Jaime\AppData\Local\CrashDumps
2019-10-26 19:15 - 2018-07-11 17:19 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2019-10-26 19:14 - 2018-07-11 17:19 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2019-10-26 19:03 - 2019-03-19 05:52 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2019-10-26 19:01 - 2018-07-13 22:43 - 000000000 ____D C:\Program Files\Microsoft Office
2019-10-24 11:35 - 2018-07-11 17:37 - 000000000 ____D C:\Users\Jaime\AppData\Local\Packages
2019-10-23 15:09 - 2019-07-24 09:21 - 022738296 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2019-10-23 15:07 - 2019-07-24 09:21 - 004936384 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2019-10-23 15:07 - 2019-07-24 09:21 - 004206064 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2019-10-22 20:56 - 2019-07-24 09:21 - 000056015 _____ C:\WINDOWS\system32\nvinfo.pb
2019-10-22 19:10 - 2019-07-24 09:28 - 005530608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2019-10-22 19:10 - 2019-07-24 09:28 - 002637152 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2019-10-22 19:10 - 2019-07-24 09:28 - 001768456 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2019-10-22 19:10 - 2019-07-24 09:28 - 000655808 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2019-10-22 19:10 - 2019-07-24 09:28 - 000451608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2019-10-22 19:10 - 2019-07-24 09:28 - 000124784 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2019-10-22 19:10 - 2019-07-24 09:28 - 000083392 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2019-10-22 18:37 - 2019-07-24 09:28 - 008764732 _____ C:\WINDOWS\system32\nvcoproc.bin
2019-10-20 18:16 - 2018-07-11 17:54 - 000000000 ____D C:\ProgramData\Package Cache
2019-10-20 18:16 - 2018-07-11 17:22 - 000000000 ____D C:\Program Files (x86)\Intel
2019-10-19 00:34 - 2018-07-11 17:53 - 000000000 ____D C:\Users\Jaime\AppData\Local\UnrealEngine
2019-10-18 16:23 - 2018-07-11 21:30 - 000000000 ____D C:\Users\Jaime\AppData\Local\Spotify
2019-10-18 16:23 - 2018-07-11 21:29 - 000000000 ____D C:\Users\Jaime\AppData\Roaming\Spotify
2019-10-09 16:27 - 2018-07-11 17:37 - 000000000 __RHD C:\Users\Public\AccountPictures
2019-10-09 16:27 - 2018-07-11 17:37 - 000000000 ___RD C:\Users\Jaime\3D Objects
2019-10-09 16:24 - 2019-06-25 18:43 - 000442624 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-10-09 00:41 - 2019-03-19 13:01 - 000000000 ___SD C:\WINDOWS\system32\AppV
2019-10-09 00:41 - 2019-03-19 05:52 - 000000000 ___RD C:\WINDOWS\PrintDialog
2019-10-09 00:41 - 2019-03-19 05:52 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2019-10-09 00:41 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2019-10-09 00:41 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2019-10-09 00:41 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SystemResources
2019-10-09 00:41 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2019-10-09 00:41 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2019-10-09 00:41 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\oobe
2019-10-09 00:41 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\migwiz
2019-10-09 00:41 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\Dism
2019-10-09 00:41 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2019-10-09 00:41 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-10-09 00:40 - 2019-07-04 10:55 - 000000000 ____D C:\Users\Jaime\AppData\Roaming\vlc
2019-10-08 23:48 - 2019-03-19 05:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-10-08 23:47 - 2018-07-11 17:43 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-10-08 23:32 - 2018-07-11 17:43 - 127230528 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe

==================== Files in the root of some directories ========

2019-10-08 23:05 - 2019-10-08 23:05 - 000000218 _____ () C:\Users\Jaime\AppData\Local\recently-used.xbel
2019-05-15 16:39 - 2019-05-15 16:39 - 000007606 _____ () C:\Users\Jaime\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

JavierHF · 4 Noviembre, 2019 14:35

Hola @MrJay.

Ya he reordenado los últimos mensajes que tu has puesto y es posible que YA te deje añadir el resto de informes.

De todas maneras para que NO tengas ese tipo de problemas lo que debes hacer es visitar temas de ayuda del Foro o mensajes de otros temas y darle “me gusta” a los que TU creas adecuado “Me gusta” un comentario

Saludos.

MrJay · 5 Noviembre, 2019 12:14

Aquí está el resto, siento la demora pero no me dejó hasta ahora publicar mensajes nuevos en el foro.

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01-11-2019
Ran by Jaime (04-11-2019 12:59:43)
Running from D:\Downloads
Windows 10 Pro Version 1903 18362.418 (X64) (2019-06-25 17:49:39)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrador (S-1-5-21-3535584231-1191769911-767922632-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3535584231-1191769911-767922632-503 - Limited - Disabled)
Invitado (S-1-5-21-3535584231-1191769911-767922632-501 - Limited - Disabled)
Jaime (S-1-5-21-3535584231-1191769911-767922632-1001 - Administrator - Enabled) => C:\Users\Jaime
WDAGUtilityAccount (S-1-5-21-3535584231-1191769911-767922632-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 18.05 (x64) (HKLM\...\7-Zip) (Version: 18.05 - Igor Pavlov)
Actualización de NVIDIA 38.0.1.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 38.0.1.0 - NVIDIA Corporation) Hidden
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Borderlands: The Pre-Sequel (HKLM-x32\...\Borderlands: The Pre-Sequel_is1) (Version:  - )
Call of Duty Modern Warfare (HKLM-x32\...\Call of Duty Modern Warfare) (Version:  - Blizzard Entertainment)
Capture One 12.0 (HKLM\...\CaptureOne12_is1) (Version: 12.0.1.57 - Phase One A/S)
Deluge 1.3.15 (HKLM-x32\...\Deluge) (Version:  - )
DEMO DE FIFA 20 (HKLM-x32\...\{5022F4F2-6DA1-4470-B21A-9ADA81B5A0E8}) (Version: 1.0.62.7209 - Electronic Arts)
Discord (HKU\S-1-5-21-3535584231-1191769911-767922632-1001\...\Discord) (Version: 0.0.305 - Discord Inc.)
Epic Games Launcher (HKLM-x32\...\{79F5479A-BF71-4F4C-9C49-9D616AF923DE}) (Version: 1.1.151.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
FIFA 19 (HKLM-x32\...\FIFA 19_is1) (Version:  - )
Guacamelee! 2 (HKLM-x32\...\Guacamelee! 2_is1) (Version:  - )
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
HP LaserJet Professional P1100-P1560-P1600 Series (HKLM\...\HP LaserJet Professional P1100-P1560-P1600 Series) (Version:  - )
HP Support Assistant (HKLM-x32\...\{F322B446-B157-4257-B44F-4F22D41F8EDB}) (Version: 8.8.24.33 - HP Inc.)
HP Support Solutions Framework (HKLM-x32\...\{31CBAB2C-ED4B-403C-8933-192833FEB2C6}) (Version: 12.13.42.1 - HP Inc.)
HP Wireless Button Driver (HKLM-x32\...\{F5852AA8-30EA-495B-84B4-C2403C935D6F}) (Version: 1.1.19.1 - HP)
hppLaserJetService (HKLM-x32\...\{D371F551-0DB9-4CEC-844B-4C90CE91EA0B}) (Version: 001.001.0.0 - Hewlett-Packard) Hidden
hppP1100P1560P1600SeriesLaserJetService (HKLM-x32\...\{0E448256-D515-4C3E-A5BE-0A7B76CED5D4}) (Version: 001.001.0.0 - Hewlett-Packard) Hidden
hppusgP1100P1560P1600Series (HKLM-x32\...\{853F464A-B2B8-404E-BA3E-B98FF6862C41}) (Version: 1.0.0.1 - Hewlett-Packard) Hidden
HPSSupply (HKLM-x32\...\{7902E313-FF0F-4493-ACB1-A8147B78DCD0}) (Version: 2.1.1.0000 - Hewlett Packard Development Company L.P.)
Intel Driver && Support Assistant (HKLM-x32\...\{6B913517-E442-4045-A3A6-4C9EC4C4F0CC}) (Version: 19.10.42.4 - Intel) Hidden
Intel(R) Computing Improvement Program (HKLM\...\{D40D4164-EEDB-4F0F-85C6-2058A9E34CC7}) (Version: 2.4.04370 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 24.20.100.6344 - Intel Corporation)
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{00000030-0210-1034-84C8-B8D95FA3C8C3}) (Version: 21.30.0.5 - Intel Corporation)
Intel® Driver & Support Assistant (HKLM-x32\...\{d42c99b5-286f-435f-8ba8-367bd9cffb1b}) (Version: 19.10.42.4 - Intel)
Kodi (HKU\S-1-5-21-3535584231-1191769911-767922632-1001\...\Kodi) (Version:  - XBMC-Foundation)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Malwarebytes versión 3.8.3.2965 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.8.3.2965 - Malwarebytes)
MarketResearch (HKLM-x32\...\{175F0111-2968-4935-8F70-33108C6A4DE3}) (Version: 130.0.374.000 - Hewlett-Packard) Hidden
Microsoft Office 365 ProPlus - es-es (HKLM\...\O365ProPlusRetail - es-es) (Version: 16.0.12026.20344 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3535584231-1191769911-767922632-1001\...\OneDriveSetup.exe) (Version: 19.174.0902.0013 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-3535584231-1191769911-767922632-1001\...\Teams) (Version: 1.2.00.19260 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.22.27821 (HKLM-x32\...\{5bfc1380-fd35-4b85-9715-7351535d077e}) (Version: 14.22.27821.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.15.26706 (HKLM-x32\...\{95ac1cfa-f4fb-4d1b-8912-7f9d5fbb140d}) (Version: 14.15.26706.0 - Microsoft Corporation)
Mozilla Firefox 70.0.1 (x64 es-ES) (HKLM\...\Mozilla Firefox 70.0.1 (x64 es-ES)) (Version: 70.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 61.0.1 - Mozilla)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.19 - NVIDIA Corporation) Hidden
NVIDIA Controlador de audio HD 1.3.38.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.21 - NVIDIA Corporation)
NVIDIA Controlador de gráficos 441.08 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 441.08 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.20.0.118 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.0.118 - NVIDIA Corporation)
NVIDIA Software del sistema PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.12026.20344 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.12026.20344 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0C0A-1000-0000000FF1CE}) (Version: 16.0.12026.20344 - Microsoft Corporation) Hidden
Origin (HKLM-x32\...\Origin) (Version: 10.5.52.32372 - Electronic Arts, Inc.)
Overwatch (HKLM-x32\...\Overwatch) (Version:  - Blizzard Entertainment)
Panel de control de NVIDIA 441.08 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 441.08 - NVIDIA Corporation) Hidden
Paquete de controladores de Windows - Leaf Imaging Ltd. Image  (12/03/2014 1.2.0.0) (HKLM\...\B758007C752D28F7C3542875CEEBDADCAE5941AE) (Version: 12/03/2014 1.2.0.0 - Leaf Imaging Ltd.)
Paquete de controladores de Windows - Phase One / Mamiya V-Grip USB Driver (12/03/2014 1.2.0.0) (HKLM\...\3F504CC0B024052107934E093CC26DA720256A7A) (Version: 12/03/2014 1.2.0.0 - Phase One / Mamiya)
Paquete de controladores de Windows - Phase One A/S (WinUSB) USBDevice  (09/18/2017 1.14.0.0) (HKLM\...\5D536C8BAC29754ACD7E2AFB52D1C2B1EA169BE6) (Version: 09/18/2017 1.14.0.0 - Phase One A/S)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.17134.21306 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.19.627.2017 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8412 - Realtek Semiconductor Corp.)
Revo Uninstaller 2.1.0 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.1.0 - VS Revo Group, Ltd.)
Sekiro: Shadows Die Twice (HKLM-x32\...\Sekiro: Shadows Die Twice_is1) (Version:  - )
Software Intel® PROSet/Wireless (HKLM-x32\...\{3b62443b-0508-4b68-b01a-52a802851410}) (Version: 20.100.0 - Intel Corporation)
Software para dispositivos de chipset Intel® (HKLM-x32\...\{17408817-d415-4768-a160-ae6d46d6bdb0}) (Version: 10.1.1.44 - Intel(R) Corporation) Hidden
Spotify (HKU\S-1-5-21-3535584231-1191769911-767922632-1001\...\Spotify) (Version: 1.1.9.383.g9f48828e - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Teams Machine-Wide Installer (HKLM-x32\...\{731F6BAA-A986-45A4-8936-7C3AAAAA760B}) (Version: 1.2.0.19260 - Microsoft Corporation)
Unified Remote (HKLM-x32\...\{415B4714-4F8C-49C6-B310-881EAF892CFB}_is1) (Version: 3.6.1 - Unified Intents AB)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{F14FB68A-9188-4036-AD0D-D054BC9C9291}) (Version: 2.59.0.0 - Microsoft Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.7.1 - VideoLAN)
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden

Packages:
=========
Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.0.2.0_x64__tf1gferkr813w [2019-05-27] (Autodesk Inc.)
Complemento de Fotos -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2017.39121.36610.0_x64__8wekyb3d8bbwe [2019-02-25] (Microsoft Corporation)
Correo y Calendario -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.12026.20218.0_x64__8wekyb3d8bbwe [2019-10-07] (Microsoft Corporation) [MS Ad]
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.0.3587.0_x64__rz1tebttyb220 [2019-10-21] (Dolby Laboratories)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_105.1.618.0_x64__v10z8vjag6ke6 [2019-10-21] (HP Inc.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-02-12] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-02-12] (Microsoft Corporation) [MS Ad]
Microsoft News: Noticias destacadas en español -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.32.12463.0_x64__8wekyb3d8bbwe [2019-09-18] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.4.10022.0_x64__8wekyb3d8bbwe [2019-10-18] (Microsoft Studios) [MS Ad]
MSN El Tiempo -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.32.12463.0_x64__8wekyb3d8bbwe [2019-09-18] (Microsoft Corporation) [MS Ad]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3535584231-1191769911-767922632-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\Jaime\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.19163.4\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3535584231-1191769911-767922632-1001_Classes\CLSID\{233525e0-5434-46ef-b464-fd7e45e2e145}\localserver32 -> C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe (IDSA Production signing key -> Intel)
CustomCLSID: HKU\S-1-5-21-3535584231-1191769911-767922632-1001_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> C:\Users\Jaime\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.19163.4\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => D:\Program Files\7-Zip\7-zip.dll [2018-04-30] (Igor Pavlov) [File not signed]
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => D:\Program Files\7-Zip\7-zip.dll [2018-04-30] (Igor Pavlov) [File not signed]
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\ki130350.inf_amd64_696b7c6764071b63\igfxDTCM.dll [2018-12-07] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2019-10-22] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => D:\Program Files\7-Zip\7-zip.dll [2018-04-30] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2009-06-24 09:57 - 2009-06-24 09:57 - 000029696 _____ (HP) [File not signed] C:\Program Files (x86)\HP\HPLaserJetService\DebugLogger.dll
2009-06-24 09:57 - 2009-06-24 09:57 - 000032768 _____ (HP) [File not signed] C:\Program Files (x86)\HP\HPLaserJetService\HPHTTPProxy.dll
2009-06-24 09:57 - 2009-06-24 09:57 - 000031744 _____ (HP) [File not signed] C:\Program Files (x86)\HP\HPLaserJetService\HPServiceCommunicator.dll
2018-07-11 21:39 - 2018-04-30 13:00 - 000075776 _____ (Igor Pavlov) [File not signed] D:\Program Files\7-Zip\7-zip.dll
2018-08-23 14:15 - 2016-10-10 04:27 - 000556544 _____ (Soft Service Company) [File not signed] D:\Program Files (x86)\Unified Remote 3\wcl.dll
2019-02-05 14:57 - 2019-06-11 07:21 - 001277440 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\LIBEAY32.dll
2019-11-02 13:54 - 2019-06-11 07:22 - 000279040 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\ssleay32.dll
2018-08-23 14:15 - 2016-09-23 13:08 - 001283584 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] D:\Program Files (x86)\Unified Remote 3\LIBEAY32MD.dll
2018-08-23 14:15 - 2016-09-23 13:08 - 000255488 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] D:\Program Files (x86)\Unified Remote 3\SSLEAY32MD.dll
2019-02-05 14:57 - 2019-07-12 08:23 - 001611264 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\platforms\qwindows.dll
2019-11-02 13:54 - 2019-07-12 08:23 - 005487104 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Core.dll
2019-11-02 13:54 - 2019-07-12 08:23 - 005841920 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Gui.dll
2019-11-02 13:54 - 2019-07-12 08:23 - 001179136 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Network.dll
2019-11-02 13:54 - 2019-07-12 08:23 - 005089792 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Widgets.dll
2019-11-02 13:54 - 2019-07-12 08:23 - 000184832 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Xml.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [478]

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer trusted/restricted ==========

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2018-04-12 00:38 - 2018-08-23 15:24 - 000001130 _____ C:\WINDOWS\system32\drivers\etc\hosts
0.0.0.0 spclient.wg.spotify.com
0.0.0.0 pubads.g.doubleclick.net
0.0.0.0 securepubads.g.doubleclick.net
0.0.0.0 www.googletagservices.com
0.0.0.0 gads.pubmatic.com
0.0.0.0 ads.pubmatic.com
0.0.0.0 tpc.googlesyndication.com
0.0.0.0 pagead2.googlesyndication.com
0.0.0.0 googleads.g.doubleclick.net

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3535584231-1191769911-767922632-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: Media is not connected to internet.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKU\S-1-5-21-3535584231-1191769911-767922632-1001\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-3535584231-1191769911-767922632-1001\...\StartupApproved\Run: => "EpicGamesLauncher"
HKU\S-1-5-21-3535584231-1191769911-767922632-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-3535584231-1191769911-767922632-1001\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-3535584231-1191769911-767922632-1001\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-3535584231-1191769911-767922632-1001\...\StartupApproved\Run: => "Steam"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{0FE4B4AC-256B-4D96-8006-2E368F2390A1}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Black Squad\binaries\win64\BlackSquadGame.exe No File
FirewallRules: [{9A9B7FB9-2525-443B-9369-A1BF10D7A4CD}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Black Squad\binaries\win64\BlackSquadGame.exe No File
FirewallRules: [{935E8F95-E152-44EB-9E8C-F9F0A0EDE79A}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{4707ABCD-7428-4856-889C-67EB561F5664}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{6727DEED-B73E-4874-AB14-80BB8E7311D5}D:\games\borderlands - the pre-sequel\binaries\win32\borderlandspresequel.exe] => (Block) D:\games\borderlands - the pre-sequel\binaries\win32\borderlandspresequel.exe (Take-Two Interactive Software, Inc.) [File not signed]
FirewallRules: [TCP Query User{9B8E73FE-E855-4919-B1A2-D69A19894075}D:\games\borderlands - the pre-sequel\binaries\win32\borderlandspresequel.exe] => (Block) D:\games\borderlands - the pre-sequel\binaries\win32\borderlandspresequel.exe (Take-Two Interactive Software, Inc.) [File not signed]
FirewallRules: [{AAEEF0BE-7A68-4117-9D4D-CC658DC9E067}] => (Allow) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel(R) Software Development Products -> )
FirewallRules: [{D127564B-D3BC-4CC7-97BF-1ACDBE13929C}] => (Allow) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel(R) Software Development Products -> )
FirewallRules: [{4A47B3F3-E9B5-4C5D-B74A-EC222C5FD7AB}] => (Block) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel(R) Software Development Products -> )
FirewallRules: [{346439D5-57EE-4678-AB44-0168B93E0510}] => (Block) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel(R) Software Development Products -> )
FirewallRules: [UDP Query User{34A519B3-8FFC-42EC-BE71-C9F487674262}D:\program files\epic games\spellbreak\g3\binaries\win64\spellbreak.exe] => (Allow) D:\program files\epic games\spellbreak\g3\binaries\win64\spellbreak.exe No File
FirewallRules: [TCP Query User{6E9194CE-53DD-40CA-8F5D-762FCDAF69F2}D:\program files\epic games\spellbreak\g3\binaries\win64\spellbreak.exe] => (Allow) D:\program files\epic games\spellbreak\g3\binaries\win64\spellbreak.exe No File
FirewallRules: [{088B0C5F-F0B2-41ED-8F20-27558D5DE622}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\FINAL FANTASY IX\FF9_Launcher.exe () [File not signed]
FirewallRules: [{EBC08B59-F26E-4CEF-B630-7F094864899A}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\FINAL FANTASY IX\FF9_Launcher.exe () [File not signed]
FirewallRules: [UDP Query User{88334161-F0DD-4869-8F5B-28859E6D8268}D:\program files (x86)\overwatch test\overwatch.exe] => (Allow) D:\program files (x86)\overwatch test\overwatch.exe No File
FirewallRules: [TCP Query User{6C8F0112-5E7A-4C48-95A2-85730DB914F1}D:\program files (x86)\overwatch test\overwatch.exe] => (Allow) D:\program files (x86)\overwatch test\overwatch.exe No File
FirewallRules: [{C36D0FC2-4A2F-40A7-92B9-436DA792380B}] => (Allow) D:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{C2C0EB6A-8796-4CAD-B278-0D468ACEBEE7}] => (Allow) D:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [UDP Query User{80B0E4F9-0B92-42DB-9D97-A401778A1AE7}D:\program files (x86)\overwatch\overwatch.exe] => (Allow) D:\program files (x86)\overwatch\overwatch.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [TCP Query User{9862E25E-3A65-4BF7-8F31-0C5A47DCE2A5}D:\program files (x86)\overwatch\overwatch.exe] => (Allow) D:\program files (x86)\overwatch\overwatch.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [{0D3C5CAF-0B9F-46B2-880E-A9B1486BFD10}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{BFAB5FE5-9B7A-4318-87DF-1C91FA54B5B6}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{A39083F7-0138-4D27-B453-CDBE57A9545C}] => (Allow) D:\Program Files (x86)\Unified Remote 3\RemoteServerWin.exe (Unified Intents AB -> Unified Intents AB)
FirewallRules: [{FC7F301D-C509-4800-B036-740C3AD523C6}] => (Allow) D:\Program Files (x86)\Unified Remote 3\RemoteServerWin.exe (Unified Intents AB -> Unified Intents AB)
FirewallRules: [UDP Query User{E0B3D827-5ACF-4D9C-84DE-A6709C1BACEA}D:\program files (x86)\call of duty black ops 4\blackops4.exe] => (Allow) D:\program files (x86)\call of duty black ops 4\blackops4.exe No File
FirewallRules: [TCP Query User{9D4B8F21-382C-411A-9804-DE5777BC9DD9}D:\program files (x86)\call of duty black ops 4\blackops4.exe] => (Allow) D:\program files (x86)\call of duty black ops 4\blackops4.exe No File
FirewallRules: [UDP Query User{17BFC879-25CB-46E3-815B-E0FE3019F365}D:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) D:\program files (x86)\hearthstone\hearthstone.exe (Blizzard Entertainment, Inc. -> )
FirewallRules: [TCP Query User{E2F51C0E-DEB1-49F0-B607-5531D0F4B8C8}D:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) D:\program files (x86)\hearthstone\hearthstone.exe (Blizzard Entertainment, Inc. -> )
FirewallRules: [{EBD712FC-1C37-492E-AB79-4CF1769AA83F}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe (Gearbox Software LLC -> Take-Two Interactive Software, Inc.)
FirewallRules: [{B51597BA-ABFB-4631-B805-23F58FED9600}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe (Gearbox Software LLC -> Take-Two Interactive Software, Inc.)
FirewallRules: [{A7644F8B-854A-4B0D-A170-F6BF1AD17C08}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Launcher.exe (Gearbox Software LLC -> Gearbox Software)
FirewallRules: [{EEEBD589-E05A-4A3E-85A0-B324FDC54990}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Launcher.exe (Gearbox Software LLC -> Gearbox Software)
FirewallRules: [{842E8FB2-8120-494D-926D-DC19EEA98397}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{E707222C-7B0B-4A69-811D-1588502880CC}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{A58591F6-A301-4EBC-9F95-246BF3281E3C}D:\games\dishonored - goty edition\binaries\win32\dishonored.exe] => (Allow) D:\games\dishonored - goty edition\binaries\win32\dishonored.exe No File
FirewallRules: [TCP Query User{87582A62-27C5-4602-8790-457B95B097D7}D:\games\dishonored - goty edition\binaries\win32\dishonored.exe] => (Allow) D:\games\dishonored - goty edition\binaries\win32\dishonored.exe No File
FirewallRules: [UDP Query User{BCC9716C-3041-41AF-9C89-A20B9FC55119}D:\program files (x86)\deluge\deluge.exe] => (Allow) D:\program files (x86)\deluge\deluge.exe (Deluge Team) [File not signed]
FirewallRules: [TCP Query User{0575D043-D707-491F-90E9-A8575A569E81}D:\program files (x86)\deluge\deluge.exe] => (Allow) D:\program files (x86)\deluge\deluge.exe (Deluge Team) [File not signed]
FirewallRules: [{BB8C0AF8-5078-457E-A91A-5588D1FCB2D1}] => (Allow) D:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{FEF1768A-81EE-49DD-86E7-143BDF940EA2}] => (Allow) D:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{84AE166A-1B65-43B8-BF1C-9F6606EE6FB3}] => (Allow) D:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{2E7F611E-12C4-422B-AC52-A555E25E9049}] => (Allow) D:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [UDP Query User{B71134AE-3853-48B1-AA05-2BFBB621B52A}C:\users\jaime\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\jaime\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{A81A127A-2E4A-46C3-A3D3-16ED0810AA80}C:\users\jaime\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\jaime\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{2D4DCF30-C897-4361-974E-C8A988016FDA}D:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) D:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{27D2E9FA-247C-482D-A3FE-D2363DCCB2B9}D:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) D:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{0B224875-48CB-480E-8589-98D5E8BF73F7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{80A232AB-92F4-4C97-B96B-7DCB0BD9F4B4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [UDP Query User{F211FBE7-0E75-4A96-8497-399E9E70C95B}D:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) D:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{381CAC4C-0974-4E70-AB38-D3E66B6BA503}D:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) D:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{DF44BC4A-24F7-4178-88E6-3C16F684E54F}D:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) D:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{D85010B6-AE38-4DFD-8288-DC83C99E4B21}D:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) D:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{F597023A-EE89-4D9E-9801-E10EE1256011}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{4F3095D8-F621-4FED-B02F-5875D85F4D7A}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{C5756B06-8B01-4A4A-9CF3-C53D85CE461C}] => (Allow) D:\Program Files (x86)\Origin Games\FIFA 20 DEMO\FIFASetup\fifaconfig.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{68FDC9DE-1358-4BA8-9243-9725D0D425B1}] => (Allow) D:\Program Files (x86)\Origin Games\FIFA 20 DEMO\FIFASetup\fifaconfig.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{EB779D60-F1DA-4BDD-9269-0C293059ADBB}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{49A36A50-6AE2-447D-B12E-11F91E785828}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{5867BE2A-6234-44F5-816E-2A5A64A54353}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{2948B144-C4F3-4E4A-941E-04C0F175067F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{AD62941C-2619-4158-8A38-596297A53617}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{39E11315-792D-4C76-A839-FF3F4062C6FA}D:\program files (x86)\origin games\fifa 20 demo\fifa20_demo.exe] => (Allow) D:\program files (x86)\origin games\fifa 20 demo\fifa20_demo.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [UDP Query User{24B11A3A-A719-4C34-9183-1F50509454CC}D:\program files (x86)\origin games\fifa 20 demo\fifa20_demo.exe] => (Allow) D:\program files (x86)\origin games\fifa 20 demo\fifa20_demo.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [TCP Query User{C3EEE654-A441-405B-8FE1-BE4D4610FCB2}D:\program files (x86)\call of duty modern warfare beta\modernwarfare.exe] => (Allow) D:\program files (x86)\call of duty modern warfare beta\modernwarfare.exe (Activision Publishing Inc -> Activision)
FirewallRules: [UDP Query User{F4003EFA-AA38-4F8C-9E19-AB9BA9C0156D}D:\program files (x86)\call of duty modern warfare beta\modernwarfare.exe] => (Allow) D:\program files (x86)\call of duty modern warfare beta\modernwarfare.exe (Activision Publishing Inc -> Activision)
FirewallRules: [TCP Query User{40E6E184-F9F1-480A-A6DB-BF5981339173}D:\program files (x86)\call of duty modern warfare\modernwarfare.exe] => (Allow) D:\program files (x86)\call of duty modern warfare\modernwarfare.exe (Activision Publishing Inc -> Activision)
FirewallRules: [UDP Query User{DF0A5D82-5A3F-46FF-B32D-1AE8F7A9F81D}D:\program files (x86)\call of duty modern warfare\modernwarfare.exe] => (Allow) D:\program files (x86)\call of duty modern warfare\modernwarfare.exe (Activision Publishing Inc -> Activision)

==================== Restore Points =========================

ATTENTION: System Restore is disabled (Total:118.04 GB) (Free:68.17 GB) (58%)

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (11/04/2019 12:57:52 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (26744,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) al abrir un archivo de registro C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (11/04/2019 12:44:58 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Error de la activación de licencia (slui.exe) con el siguiente código:
hr=0xC004F074
Argumentos de línea de comandos:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (11/03/2019 07:24:09 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Error de la activación de licencia (slui.exe) con el siguiente código:
hr=0xC004F074
Argumentos de línea de comandos:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (11/03/2019 07:23:51 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Error de la activación de licencia (slui.exe) con el siguiente código:
hr=0xC004F074
Argumentos de línea de comandos:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=TimerEvent

Error: (11/03/2019 07:23:41 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Error de la activación de licencia (slui.exe) con el siguiente código:
hr=0xC004F074
Argumentos de línea de comandos:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=UserLogon;SessionId=2

Error: (11/02/2019 05:50:10 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (28164,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) al abrir un archivo de registro C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (11/02/2019 05:22:54 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (21868,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) al abrir un archivo de registro C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (11/02/2019 05:18:29 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Error de la activación de licencia (slui.exe) con el siguiente código:
hr=0xC004F074
Argumentos de línea de comandos:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=NetworkAvailable


System errors:
=============
Error: (11/02/2019 01:30:50 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: El servidor {F87B28F1-DA9A-4F35-8EC0-800EFCF26B83} no se registró con DCOM dentro del tiempo de espera requerido.

Error: (11/02/2019 01:30:48 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-PNQ37HS)
Description: Error de DCOM "1053" al intentar iniciar el servicio BcastDVRUserService_4991774 con argumentos "No disponible" para ejecutar el servidor:
Windows.Media.Capture.Internal.AppCaptureShell

Error: (11/02/2019 01:30:48 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio Servicio de usuario de difusión y GameDVR_4991774 no pudo iniciarse debido al siguiente error: 
El servicio no respondió a tiempo a la solicitud de inicio o de control.

Error: (11/02/2019 01:30:48 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Se agotó el tiempo de espera (30000 ms) para la conexión con el servicio Servicio de usuario de difusión y GameDVR_4991774.

Error: (11/01/2019 01:54:52 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: El servicio NVIDIA LocalSystem Container terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 6000 milisegundos: Reiniciar el servicio.

Error: (11/01/2019 01:54:52 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: El servicio NVIDIA LocalSystem Container se cerró con el siguiente error: 
Un ejecutable de comandos genéricos devolvió un resultado que indica un error.

Error: (10/28/2019 12:32:47 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-PNQ37HS)
Description: El servidor {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} no se registró con DCOM dentro del tiempo de espera requerido.

Error: (10/28/2019 12:32:47 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-PNQ37HS)
Description: El servidor {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} no se registró con DCOM dentro del tiempo de espera requerido.


Windows Defender:
===================================
Date: 2019-09-17 23:00:44.318
Description: 
Antivirus de Windows Defender detectó malware u otro software potencialmente no deseado.
Para más información, consulta lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win64/AutoKMS&threatid=2147723334&enterprise=0
Nombre: HackTool:Win64/AutoKMS
Id.: 2147723334
Gravedad: Alta
Categoría: Herramienta
Ruta de acceso: file:_C:\Windows\AutoKMS\AutoKMS.exe; file:_C:\WINDOWS\System32\Tasks\AutoKMS->(UTF-16LE); regkey:_HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{80D3B1BB-72A7-41C8-8613-C78AD1A0F476}; regkey:_HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AutoKMS; taskscheduler:_C:\WINDOWS\System32\Tasks\AutoKMS
Origen de detección: Equipo local
Tipo de detección: FastPath
Origen de detección: Protección en tiempo real
Usuario: NT AUTHORITY\SYSTEM
Nombre de proceso: C:\Windows\System32\conhost.exe
Versión de inteligencia de seguridad: AV: 1.301.1538.0, AS: 1.301.1538.0, NIS: 1.301.1538.0
Versión de motor: AM: 1.1.16300.1, NIS: 1.1.16300.1

Date: 2019-09-17 23:00:18.261
Description: 
Antivirus de Windows Defender detectó malware u otro software potencialmente no deseado.
Para más información, consulta lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win64/AutoKMS&threatid=2147723334&enterprise=0
Nombre: HackTool:Win64/AutoKMS
Id.: 2147723334
Gravedad: Alta
Categoría: Herramienta
Ruta de acceso: file:_C:\Windows\AutoKMS\AutoKMS.exe
Origen de detección: Equipo local
Tipo de detección: FastPath
Origen de detección: Protección en tiempo real
Usuario: NT AUTHORITY\SYSTEM
Nombre de proceso: C:\Windows\System32\conhost.exe
Versión de inteligencia de seguridad: AV: 1.301.1538.0, AS: 1.301.1538.0, NIS: 1.301.1538.0
Versión de motor: AM: 1.1.16300.1, NIS: 1.1.16300.1

Date: 2019-09-17 19:50:06.409
Description: 
Antivirus de Windows Defender detectó malware u otro software potencialmente no deseado.
Para más información, consulta lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win32/AutoKMS.D&threatid=2147731321&enterprise=0
Nombre: HackTool:Win32/AutoKMS.D
Id.: 2147731321
Gravedad: Alta
Categoría: Herramienta
Ruta de acceso: amsi:_C:\Windows\AutoKMS\AutoKMS.exe
Origen de detección: Desconocido
Tipo de detección: Concreto
Origen de detección: AMSI
Usuario: NT AUTHORITY\SYSTEM
Nombre de proceso: C:\Windows\AutoKMS\AutoKMS.exe
Versión de inteligencia de seguridad: AV: 1.301.1459.0, AS: 1.301.1459.0, NIS: 1.301.1459.0
Versión de motor: AM: 1.1.16300.1, NIS: 1.1.16300.1

Date: 2019-09-16 22:28:10.898
Description: 
Antivirus de Windows Defender detectó malware u otro software potencialmente no deseado.
Para más información, consulta lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win32/AutoKMS.D&threatid=2147731321&enterprise=0
Nombre: HackTool:Win32/AutoKMS.D
Id.: 2147731321
Gravedad: Alta
Categoría: Herramienta
Ruta de acceso: amsi:_C:\Windows\AutoKMS\AutoKMS.exe
Origen de detección: Desconocido
Tipo de detección: Concreto
Origen de detección: AMSI
Usuario: NT AUTHORITY\SYSTEM
Nombre de proceso: C:\Windows\AutoKMS\AutoKMS.exe
Versión de inteligencia de seguridad: AV: 1.301.1459.0, AS: 1.301.1459.0, NIS: 1.301.1459.0
Versión de motor: AM: 1.1.16300.1, NIS: 1.1.16300.1

Date: 2019-09-16 18:50:23.893
Description: 
Antivirus de Windows Defender detectó malware u otro software potencialmente no deseado.
Para más información, consulta lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win32/AutoKMS.D&threatid=2147731321&enterprise=0
Nombre: HackTool:Win32/AutoKMS.D
Id.: 2147731321
Gravedad: Alta
Categoría: Herramienta
Ruta de acceso: amsi:_C:\Windows\AutoKMS\AutoKMS.exe
Origen de detección: Desconocido
Tipo de detección: Concreto
Origen de detección: AMSI
Usuario: NT AUTHORITY\SYSTEM
Nombre de proceso: C:\Windows\AutoKMS\AutoKMS.exe
Versión de inteligencia de seguridad: AV: 1.301.1455.0, AS: 1.301.1455.0, NIS: 1.301.1455.0
Versión de motor: AM: 1.1.16300.1, NIS: 1.1.16300.1

Date: 2019-09-16 18:36:15.521
Description: 
Antivirus de Windows Defender detectó un error al intentar actualizar la inteligencia de seguridad.
Nueva versión de inteligencia de seguridad: 
Versión anterior de inteligencia de seguridad: 1.301.1455.0
Origen de actualización: Servidor de Microsoft Update
Tipo de inteligencia de seguridad: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\SYSTEM
Versión actual del motor: 
Versión anterior del motor: 1.1.16300.1
Código de error: 0x80240016
Descripción del error: Se produjo un problema inesperado mientras se buscaban actualizaciones. Para obtener más información sobre cómo instalar o solucionar problemas en las actualizaciones, consulte Ayuda y soporte técnico. 

Date: 2019-09-16 15:32:28.349
Description: 
Antivirus de Windows Defender detectó un error al intentar actualizar la inteligencia de seguridad.
Nueva versión de inteligencia de seguridad: 
Versión anterior de inteligencia de seguridad: 1.301.1294.0
Origen de actualización: Servidor de Microsoft Update
Tipo de inteligencia de seguridad: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\SYSTEM
Versión actual del motor: 
Versión anterior del motor: 1.1.16300.1
Código de error: 0x80240016
Descripción del error: Se produjo un problema inesperado mientras se buscaban actualizaciones. Para obtener más información sobre cómo instalar o solucionar problemas en las actualizaciones, consulte Ayuda y soporte técnico. 

Date: 2019-09-10 12:07:58.882
Description: 
Antivirus de Windows Defender detectó un error al intentar actualizar la inteligencia de seguridad.
Nueva versión de inteligencia de seguridad: 
Versión anterior de inteligencia de seguridad: 1.299.736.0
Origen de actualización: Centro de protección contra malware de Microsoft
Tipo de inteligencia de seguridad: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\Servicio de red
Versión actual del motor: 
Versión anterior del motor: 1.1.16200.1
Código de error: 0x80072ee7
Descripción del error: No se pudo resolver el nombre de servidor o su dirección 

Date: 2019-09-10 12:07:58.882
Description: 
Antivirus de Windows Defender detectó un error al intentar actualizar la inteligencia de seguridad.
Nueva versión de inteligencia de seguridad: 
Versión anterior de inteligencia de seguridad: 1.299.736.0
Origen de actualización: Centro de protección contra malware de Microsoft
Tipo de inteligencia de seguridad: AntiSpyware
Tipo de actualización: Completa
Usuario: NT AUTHORITY\Servicio de red
Versión actual del motor: 
Versión anterior del motor: 1.1.16200.1
Código de error: 0x80072ee7
Descripción del error: No se pudo resolver el nombre de servidor o su dirección 

Date: 2019-09-10 12:07:58.881
Description: 
Antivirus de Windows Defender detectó un error al intentar actualizar la inteligencia de seguridad.
Nueva versión de inteligencia de seguridad: 
Versión anterior de inteligencia de seguridad: 1.299.736.0
Origen de actualización: Centro de protección contra malware de Microsoft
Tipo de inteligencia de seguridad: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\Servicio de red
Versión actual del motor: 
Versión anterior del motor: 1.1.16200.1
Código de error: 0x80072ee7
Descripción del error: No se pudo resolver el nombre de servidor o su dirección 

CodeIntegrity:
===================================

Date: 2019-11-04 12:49:13.901
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\System32\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume6\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

==================== Memory info =========================== 

BIOS: Insyde F.61 03/29/2018
Motherboard: HP 8421
Processor: Intel(R) Core(TM) i5-7200U CPU @ 2.50GHz
Percentage of memory in use: 42%
Total physical RAM: 8078.14 MB
Available physical RAM: 4608.93 MB
Total Virtual: 11022.14 MB
Available Virtual: 7036.82 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:118.04 GB) (Free:68.17 GB) NTFS
Drive d: (Almacen) (Fixed) (Total:931.39 GB) (Free:373.09 GB) NTFS
Drive e: (White) (Removable) (Total:7.23 GB) (Free:7.2 GB) NTFS

\\?\Volume{88e54007-9208-413d-a70f-1bcebecaabfb}\ (Recuperación) (Fixed) (Total:0.49 GB) (Free:0.47 GB) NTFS
\\?\Volume{99e4052a-4aa8-49a3-9675-5589bbf6464a}\ () (Fixed) (Total:0.6 GB) (Free:0.08 GB) NTFS
\\?\Volume{d6c52835-23c5-4bcb-a6b9-55472458d6be}\ () (Fixed) (Total:0.09 GB) (Free:0.05 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)

Partition: GPT.

==========================================================
Disk: 1 (Size: 119.2 GB) (Disk ID: CE8B3105)

Partition: GPT.

==========================================================
Disk: 2 (Size: 7.2 GB) (Disk ID: 001478E6)
Partition 1: (Active) - (Size=7.2 GB) - (Type=07 NTFS)

==================== End of Addition.txt =======================

JavierHF · 5 Noviembre, 2019 16:47

Bien… y ahora sigue estos pasos, MUY Importante Realiza una copia de seguridad del registro :

Para hacerlo descarga DelFix.exe(en tu escritorio).
Doble clic para ejecutarlo.(Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona -Ejecutar como Administrador-).
Atención, ahora marca/selecciona únicamente la casilla Create registry backup, las demás casillas NO.
Pulsar en Run.

Se abrirá el informe (DelFix.txt), guárdalo por si fuera necesario y cierra la herramienta.

Con los demás programas cerrados ve a Inicio Ejecutar y escribe Notepad.exe.

Ahora debes copiar y pegar los códigos/líneas que están en el interior del recuadro de más abajo, dentro del Notepad.

START
CREATERESTOREPOINT:
CLOSEPROCESSES:
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [478]
HKU\S-1-5-21-3535584231-1191769911-767922632-1001\...\Run: [c8fb284e] => C:\ProgramData\c8fb284e\c8fb284e.exe C:\ProgramData\c8fb284e\c8fb284e.au3
HKU\S-1-5-21-3535584231-1191769911-767922632-1001\...\RunOnce: [c8fb284e] => C:\ProgramData\c8fb284e\c8fb284e.exe C:\ProgramData\c8fb284e\c8fb284e.au3
HKU\S-1-5-21-3535584231-1191769911-767922632-1001\...\RunOnce: [c8fb284e2] => C:\ProgramData\iyJLxR\c8fb284e.exe [937776 2019-11-04] (AutoIt Consulting Ltd -> AutoIt Team)
HKU\S-1-5-21-3535584231-1191769911-767922632-1001\...\MountPoints2: {e7590023-ac57-11e9-a89c-ace2d36a6b97} - "E:\OnePlus_setup.exe" /s
GroupPolicy: Restriction ? <==== ATTENTION
FF Plugin: @videolan.org/vlc,version=3.0.3 -> D:\Program Files\VideoLAN\VLC\npvlc.dll [2019-06-11] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.6 -> D:\Program Files\VideoLAN\VLC\npvlc.dll [2019-06-11] (VideoLAN -> VideoLAN)
HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
END

Guárdalo bajo el nombre de FIXLIST.TXT en el escritorio Esto es muy importante.

Nota Es importante que la herramienta FRST.exe(Farbar Recovery Scanner Tool) y FIXLIST.TXT se encuentren en la misma ubicación (escritorio) o si no, no trabajara.

Y ahora usa el 2º MÉTODO: de esta Faq de Windows 8(aplicable a Windows 10) ¿Cómo iniciar Windows 8/8.1 en Modo Seguro?, para trabajar desde ese modo de windows.

Ejecuta FRST.exe.(Si usas Windows Vista/7/8 o 10, presiona clic derecho y seleccionas -Ejecutar como Administrador-).
Presionar el botón FIX y aguardar a que termine.
La Herramienta guardara el reporte de reparación en el escritorio (FIXLOG.TXT).

Pegar el contenido de este fichero en tu próxima respuesta.

Reiniciar el equipo y comprobar su funcionamiento en relación al problema planteado y comentarlo.

Saludos.

MrJay · 6 Noviembre, 2019 11:15

Aquí está el log, de momento tras hacer todo el proceso y reiniciar no me sale el aviso de Malware bytes sin parar de que está bloqueando un sitio malicioso, muchas gracias!

Cómo puedo asegurarme de que estoy 100% limpio esta vez? También me gustaría preguntar si puedo seguir este procedimiento con mi PC de sobremesa para ver si está infectado también?


Fix result of Farbar Recovery Scan Tool (x64) Version: 01-11-2019
Ran by Jaime (06-11-2019 12:08:49) Run:1
Running from D:\Downloads
Loaded Profiles: Jaime (Available Profiles: Jaime)
Boot Mode: Safe Mode (with Networking)
==============================================

fixlist content:
*****************
START
CREATERESTOREPOINT:
CLOSEPROCESSES:
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [478]
HKU\S-1-5-21-3535584231-1191769911-767922632-1001\...\Run: [c8fb284e] => C:\ProgramData\c8fb284e\c8fb284e.exe C:\ProgramData\c8fb284e\c8fb284e.au3
HKU\S-1-5-21-3535584231-1191769911-767922632-1001\...\RunOnce: [c8fb284e] => C:\ProgramData\c8fb284e\c8fb284e.exe C:\ProgramData\c8fb284e\c8fb284e.au3
HKU\S-1-5-21-3535584231-1191769911-767922632-1001\...\RunOnce: [c8fb284e2] => C:\ProgramData\iyJLxR\c8fb284e.exe [937776 2019-11-04] (AutoIt Consulting Ltd -> AutoIt Team)
HKU\S-1-5-21-3535584231-1191769911-767922632-1001\...\MountPoints2: {e7590023-ac57-11e9-a89c-ace2d36a6b97} - "E:\OnePlus_setup.exe" /s
GroupPolicy: Restriction ? <==== ATTENTION
FF Plugin: @videolan.org/vlc,version=3.0.3 -> D:\Program Files\VideoLAN\VLC\npvlc.dll [2019-06-11] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.6 -> D:\Program Files\VideoLAN\VLC\npvlc.dll [2019-06-11] (VideoLAN -> VideoLAN)
HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
END
*****************

Error: Restore point can only be created in normal mode.
Processes closed successfully.
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
C:\Users\Public\Shared Files => ":VersionCache" ADS removed successfully
"HKU\S-1-5-21-3535584231-1191769911-767922632-1001\Software\Microsoft\Windows\CurrentVersion\Run\\c8fb284e" => removed successfully
"HKU\S-1-5-21-3535584231-1191769911-767922632-1001\Software\Microsoft\Windows\CurrentVersion\RunOnce\\c8fb284e" => not found
"HKU\S-1-5-21-3535584231-1191769911-767922632-1001\Software\Microsoft\Windows\CurrentVersion\RunOnce\\c8fb284e2" => not found
HKU\S-1-5-21-3535584231-1191769911-767922632-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e7590023-ac57-11e9-a89c-ace2d36a6b97} => removed successfully
C:\WINDOWS\system32\GroupPolicy\Machine => moved successfully
C:\WINDOWS\system32\GroupPolicy\GPT.ini => moved successfully
C:\WINDOWS\SysWOW64\GroupPolicy\GPT.ini => moved successfully
"HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=3.0.3 -> D:\Program Files\VideoLAN\VLC\npvlc.dll [2019-06-11] (VideoLAN" => not found
D:\Program Files\VideoLAN\VLC\npvlc.dll => moved successfully
"HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=3.0.6 -> D:\Program Files\VideoLAN\VLC\npvlc.dll [2019-06-11] (VideoLAN" => not found
"D:\Program Files\VideoLAN\VLC\npvlc.dll" => not found
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

========= RemoveProxy: =========

"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully
"HKU\S-1-5-21-3535584231-1191769911-767922632-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\S-1-5-21-3535584231-1191769911-767922632-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully


========= End of RemoveProxy: =========


========= netsh winsock reset =========


El cat logo Winsock se restableci¢ correctamente.
Debe reiniciar el equipo para completar el restablecimiento.


========= End of CMD: =========


========= ipconfig /renew =========


Configuraci¢n IP de Windows

No se puede realizar ninguna operaci¢n en Ethernet mientras los medios
est‚n desconectados.

========= End of CMD: =========


========= ipconfig /flushdns =========


Configuraci¢n IP de Windows

Se vaci¢ correctamente la cach‚ de resoluci¢n de DNS.

========= End of CMD: =========


========= bitsadmin /reset /allusers =========


BITSADMIN version 3.0
BITS administration utility.
(C) Copyright Microsoft Corp.

Unable to connect to BITS - 0x8007043c
El servicio no puede iniciarse en modo a prueba de errores



========= End of CMD: =========


========= netsh advfirewall reset =========

Aceptar


========= End of CMD: =========


========= netsh advfirewall set allprofiles state ON =========

Aceptar


========= End of CMD: =========


========= netsh int ipv4 reset =========

Reenv¡o de compartimiento se restableci¢ correctamente.
Compartimiento se restableci¢ correctamente.
Protocolo de control se restableci¢ correctamente.
Solicitud de secuencia eco se restableci¢ correctamente.
Global se restableci¢ correctamente.
Interfaz se restableci¢ correctamente.
Direcci¢n de difusi¢n por proximidad (a se restableci¢ correctamente.
Direcciones de multidifusi¢n se restableci¢ correctamente.
Direcci¢n de unidifusi¢n se restableci¢ correctamente.
Vecino se restableci¢ correctamente.
Ruta de acceso se restableci¢ correctamente.
Posible se restableci¢ correctamente.
Directiva de prefijo se restableci¢ correctamente.
Vecino de proxy se restableci¢ correctamente.
Ruta se restableci¢ correctamente.
Prefijo de sitio se restableci¢ correctamente.
Subinterfaz se restableci¢ correctamente.
Patr¢n de reactivaci¢n se restableci¢ correctamente.
Resolver vecino se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
Error al restablecer .
Acceso denegado.

 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.


========= End of CMD: =========


========= netsh int ipv6 reset =========

Reenv¡o de compartimiento se restableci¢ correctamente.
Compartimiento se restableci¢ correctamente.
Protocolo de control se restableci¢ correctamente.
Solicitud de secuencia eco se restableci¢ correctamente.
Global se restableci¢ correctamente.
Interfaz se restableci¢ correctamente.
Direcci¢n de difusi¢n por proximidad (a se restableci¢ correctamente.
Direcciones de multidifusi¢n se restableci¢ correctamente.
Direcci¢n de unidifusi¢n se restableci¢ correctamente.
Vecino se restableci¢ correctamente.
Ruta de acceso se restableci¢ correctamente.
Posible se restableci¢ correctamente.
Directiva de prefijo se restableci¢ correctamente.
Vecino de proxy se restableci¢ correctamente.
Ruta se restableci¢ correctamente.
Prefijo de sitio se restableci¢ correctamente.
Subinterfaz se restableci¢ correctamente.
Patr¢n de reactivaci¢n se restableci¢ correctamente.
Resolver vecino se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
Error al restablecer .
Acceso denegado.

 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.


========= End of CMD: =========


=========== EmptyTemp: ==========

BITS transfer queue => 10510336 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 63423153 B
Java, Flash, Steam htmlcache => 179694924 B
Windows/system/drivers => 7232641 B
Edge => 1456363 B
Chrome => 0 B
Firefox => 1092712119 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 142568 B
Jaime => 5330298460 B

RecycleBin => 246071 B
EmptyTemp: => 6.2 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 12:09:38 ====

JavierHF · 6 Noviembre, 2019 15:59

Hola.

Excelente.

Las infecciones que provocan ese problema eran exactamente estas :

HKU\S-1-5-21-3535584231-1191769911-767922632-1001\...\Run: [c8fb284e] => C:\ProgramData\c8fb284e\c8fb284e.exe C:\ProgramData\c8fb284e\c8fb284e.au3
HKU\S-1-5-21-3535584231-1191769911-767922632-1001\...\RunOnce: [c8fb284e] => C:\ProgramData\c8fb284e\c8fb284e.exe C:\ProgramData\c8fb284e\c8fb284e.au3
HKU\S-1-5-21-3535584231-1191769911-767922632-1001\...\RunOnce: [c8fb284e2] => C:\ProgramData\iyJLxR\c8fb284e.exe [937776 2019-11-04] (AutoIt Consulting Ltd -> AutoIt Team)

Y estas YA han sido eliminados.

Si quieres podemos hacer otros procesos de desinfección por asegurarnos que NO te quede NADA mas o algun resto de otras infecciones distintas a esta.

Nos comentas.

Saludos.

MrJay · 6 Noviembre, 2019 16:33

Muchas gracias por la ayuda, ha sido muy profesional y muy clara!

JavierHF · 6 Noviembre, 2019 16:43

Perfecto @MrJay excelente, nos alegra ver que ya está el problema inicial completamente arreglado, ahora solo queda eliminar las herramientas usadas.

Para hacerlo descarga DelFix.exe en tu escritorio.

Doble clic para ejecutarlo. (Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona - Ejecutar como Administrador -).
Marca todas las casillas, y pulsas en Run

Se abrirá el informe (DelFix.txt), puedes cerrarlo.

Para cualquier otro problema, no dudes en volver a postear., ya sabes dónde estamos.

Tema Solucionado.

Saludos, Javier.