Archivos que no se pueden eliminar en Win10

Saludos comunidad.

Haber si alguien me puede ayudar; estaba yo descargando pdfs con el navegador Opera, de una pagina segura, y como iba a repetir descargando el mismo archivo, detengo la descarga y la cancelo. Yo las estaba descargando en el escritorio, porque a mi se me hace mas fácil encontrarlos y ordenarlos después. Sucede que cuando me fijo en el escritorio, el archivo pdf que yo había cancelo había creado un icono. Quise borrarlo, pero me salia que no se podía porque el archivo ya no se encontraba en el escritorio, pero ahí sigue. No se que hacer.

Adjunto un link para que vean como esta el problema :arrow_right: https://subefotos.com/ver/?e2ef12c10c753f1bde8f44cfae44eed7o.png

Hola @yanku_f.r bienvenido al nuevo foro

Realiza los siguientes pasos, aunque hayas hecho alguno, sin cambiar el orden:

1) Descarga, actualiza y ejecuta Malwarebytes’ Anti-Malware, revisa en detalle el manual, para que sepas usarlo y configurarlo.

  • Realiza un Análisis de amenazas, actualizando si te lo pide.
  • Pulsar en “Cuarentena seleccionado” para enviarlo a la cuarentena y Reinicias el sistema.
  • En el apartado del manual Informes >> Informe de análisis encontrarás el reporte de MBAM, clic en Exportar >> Copiar al portapapeles.

2) Descarga AdwCleaner | InfoSpyware en el escritorio.

  • Desactiva temporalmente el Antivirus >> Cómo deshabilitar temporalmente su Antivirus.
  • Cierra también todos los programas que tengas abiertos.
  • Ejecuta Adwcleaner.exe (Si usas Windows Vista/7 u 8 presiona clic derecho y selecciona "Ejecutar como Administrador".)
  • Pulsar en el botón Escanear, y espera a que se realice el proceso, inmediatamente pulsa sobre el botón Limpiar.
  • Espera a que se complete y sigue las instrucciones, si te pidiera Reiniciar el sistema Aceptas.
  • Guardas el reporte que te aparecerá, para copiarlo y pegarlo en tu próxima respuesta.
  • El informe también se puede encontrar en C:\AdwCleaner\AdwCleaner[C1].txt

3) Descarga CCleaner

  • Instala Ccleaner
  • Abres Ccleaner en la pestaña limpiador dejas como esta configurada predeterminadamente, haces clic en analizar esperas que termine >> clic en ejecutar limpiador
  • Clic en la pestaña Registro >> clic en buscar problemas esperas que termine >> clic en Reparar Seleccionadas y haces una copia de seguridad
  • Vuelves a darle clic en buscar problemas hasta que no encuentre ninguno.

Pega los reportes de Malwarebytes y AdwCleaner y comentas como va el problema.

¿Cómo pegar reportes en el foro?

Un saludo

Hola. He seguido todo lo que me haz puesto. Este es el informe del Malwarebytes’ Anti-Malware:

Malwarebytes
www.malwarebytes.com

-Detalles del registro-
Fecha del análisis: 16/2/19
Hora del análisis: 20:33
Archivo de registro: 174f7206-3254-11e9-b06d-68f728b6ad60.json

-Información del software-
Versión: 3.7.1.2839
Versión de los componentes: 1.0.538
Versión del paquete de actualización: 1.0.9300
Licencia: Prueba

-Información del sistema-
SO: Windows 10 (Build 17134.590)
CPU: x64
Sistema de archivos: NTFS
Usuario: Lenovo-PC\Dhayan Franco Rojas

-Resumen del análisis-
Tipo de análisis: Análisis de amenazas
Análisis iniciado por:: Manual
Resultado: Completado
Objetos analizados: 390220
Amenazas detectadas: 48
Amenazas en cuarentena: 47
Tiempo transcurrido: 16 min, 42 seg

-Opciones de análisis-
Memoria: Activado
Inicio: Activado
Sistema de archivos: Activado
Archivo: Activado
Rootkits: Desactivado
Heurística: Activado
PUP: Detectar
PUM: Detectar

-Detalles del análisis-
Proceso: 0
(No hay elementos maliciosos detectados)

Módulo: 0
(No hay elementos maliciosos detectados)

Clave del registro: 16
PUP.Optional.Palikan, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Palikan masi, En cuarentena, [330], [341905],1.0.9300
PUP.Optional.Palikan, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{EF85E21E-936C-4F46-A205-4E02350473B5}, En cuarentena, [330], [341905],1.0.9300
PUP.Optional.Palikan, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\PLAIN\{EF85E21E-936C-4F46-A205-4E02350473B5}, En cuarentena, [330], [341905],1.0.9300
PUP.Optional.Pakilan, HKLM\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\ljibkigjccbegnbeojkoafejpoiachej, En cuarentena, [2452], [408158],1.0.9300
PUP.Optional.Pakilan, HKU\S-1-5-21-730528100-2434808331-2332212028-1001\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\ljibkigjccbegnbeojkoafejpoiachej, En cuarentena, [2452], [408158],1.0.9300
PUP.Optional.Distromatic, HKU\S-1-5-21-730528100-2434808331-2332212028-1001\SOFTWARE\Distromatic, En cuarentena, [6727], [359638],1.0.9300
PUP.Optional.Palikan, HKU\S-1-5-21-730528100-2434808331-2332212028-1001\SOFTWARE\palikan, En cuarentena, [330], [241487],1.0.9300
PUP.Optional.Reimage, HKU\S-1-5-21-730528100-2434808331-2332212028-1001\SOFTWARE\Reimage, En cuarentena, [335], [357494],1.0.9300
PUP.Optional.Reimage, HKU\S-1-5-21-730528100-2434808331-2332212028-1001\SOFTWARE\REIMAGE\PC REPAIR, En cuarentena, [335], [327204],1.0.9300
PUP.Optional.Reimage, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\REI_AxControl.DLL, En cuarentena, [335], [327193],1.0.9300
PUP.Optional.Palikan, HKU\S-1-5-21-730528100-2434808331-2332212028-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{D944B357-75E2-4419-BE1E-290B22C87BAE}, En cuarentena, [330], [241491],1.0.9300
PUP.Optional.Palikan, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{D944B357-75E2-4419-BE1E-290B22C87BAE}, En cuarentena, [330], [241491],1.0.9300
PUP.Optional.Palikan, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{D944B357-75E2-4419-BE1E-290B22C87BAE}, En cuarentena, [330], [241491],1.0.9300
PUP.Optional.Reimage, HKLM\SOFTWARE\CLASSES\WOW6432NODE\APPID\REI_AxControl.DLL, En cuarentena, [335], [327193],1.0.9300
PUP.Optional.Reimage, HKLM\SOFTWARE\CLASSES\APPID\REI_AxControl.DLL, En cuarentena, [335], [327193],1.0.9300
PUP.Optional.Reimage, HKU\S-1-5-21-730528100-2434808331-2332212028-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{10ECCE17-29B5-4880-A8F5-EAD298611484}, En cuarentena, [335], [327205],1.0.9300

Valor del registro: 8
PUP.Optional.Pakilan, HKU\S-1-5-21-730528100-2434808331-2332212028-1001\SOFTWARE\GOOGLE\CHROME\PREFERENCEMACS\Default\extensions.settings|ljibkigjccbegnbeojkoafejpoiachej, En cuarentena, [2452], [408158],1.0.9300
PUP.Optional.Reimage, HKU\S-1-5-21-730528100-2434808331-2332212028-1001\SOFTWARE\REIMAGE\PC REPAIR|QUITMESSAGE, En cuarentena, [335], [327204],1.0.9300
PUP.Optional.Palikan, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{D944B357-75E2-4419-BE1E-290B22C87BAE}|URL, En cuarentena, [330], [241491],1.0.9300
PUP.Optional.Palikan, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{D944B357-75E2-4419-BE1E-290B22C87BAE}|TOPRESULTURLFALLBACK, En cuarentena, [330], [241491],1.0.9300
PUP.Optional.Palikan, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{D944B357-75E2-4419-BE1E-290B22C87BAE}|FAVICONPATH, En cuarentena, [330], [241491],1.0.9300
PUP.Optional.Palikan, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{D944B357-75E2-4419-BE1E-290B22C87BAE}|, En cuarentena, [330], [241491],1.0.9300
PUP.Optional.Palikan, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{D944B357-75E2-4419-BE1E-290B22C87BAE}|DISPLAYNAME, En cuarentena, [330], [241491],1.0.9300
PUP.Optional.Palikan, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{EF85E21E-936C-4F46-A205-4E02350473B5}|PATH, En cuarentena, [330], [341898],1.0.9300

Datos del registro: 0
(No hay elementos maliciosos detectados)

Secuencia de datos: 0
(No hay elementos maliciosos detectados)

Carpeta: 4
PUP.Optional.Pakilan, C:\Users\Dhayan Franco Rojas\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljibkigjccbegnbeojkoafejpoiachej\0.1.2_0\_metadata, En cuarentena, [2452], [408158],1.0.9300
PUP.Optional.Pakilan, C:\Users\Dhayan Franco Rojas\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljibkigjccbegnbeojkoafejpoiachej\0.1.2_0, En cuarentena, [2452], [408158],1.0.9300
PUP.Optional.Pakilan, C:\USERS\DHAYAN FRANCO ROJAS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\EXTENSIONS\LJIBKIGJCCBEGNBEOJKOAFEJPOIACHEJ, En cuarentena, [2452], [408158],1.0.9300
PUP.Optional.WinYahoo.TskLnk, C:\USERS\DHAYAN FRANCO ROJAS\APPDATA\LOCAL\{D69CE0C0-F234-8C78-9FAC-A990BBC45508}, En cuarentena, [758], [484244],1.0.9300

Archivo: 20
PUP.Optional.Palikan, C:\WINDOWS\SYSTEM32\TASKS\Palikan masi, En cuarentena, [330], [341905],1.0.9300
PUP.Optional.Palikan, C:\USERS\DHAYAN FRANCO ROJAS\APPDATA\LOCALLOW\MICROSOFT\INTERNET EXPLORER\SERVICES\PALIKAN.ICO, En cuarentena, [330], [255721],1.0.9300
PUP.Optional.Pakilan, C:\Users\Dhayan Franco Rojas\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljibkigjccbegnbeojkoafejpoiachej\0.1.2_0\_metadata\verified_contents.json, En cuarentena, [2452], [408158],1.0.9300
PUP.Optional.Pakilan, C:\Users\Dhayan Franco Rojas\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljibkigjccbegnbeojkoafejpoiachej\0.1.2_0\48X48.png, En cuarentena, [2452], [408158],1.0.9300
PUP.Optional.Pakilan, C:\Users\Dhayan Franco Rojas\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljibkigjccbegnbeojkoafejpoiachej\0.1.2_0\content_script.js, En cuarentena, [2452], [408158],1.0.9300
PUP.Optional.Pakilan, C:\Users\Dhayan Franco Rojas\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljibkigjccbegnbeojkoafejpoiachej\0.1.2_0\icon.ico, En cuarentena, [2452], [408158],1.0.9300
PUP.Optional.Pakilan, C:\Users\Dhayan Franco Rojas\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljibkigjccbegnbeojkoafejpoiachej\0.1.2_0\manifest.json, En cuarentena, [2452], [408158],1.0.9300
PUP.Optional.Pakilan, C:\Users\Dhayan Franco Rojas\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljibkigjccbegnbeojkoafejpoiachej\0.1.2_0\newtab.html, En cuarentena, [2452], [408158],1.0.9300
PUP.Optional.Pakilan, C:\Users\Dhayan Franco Rojas\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljibkigjccbegnbeojkoafejpoiachej\0.1.2_0\newtab.js, En cuarentena, [2452], [408158],1.0.9300
PUP.Optional.Pakilan, C:\Users\Dhayan Franco Rojas\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljibkigjccbegnbeojkoafejpoiachej\0.1.2_0\statistics.js, En cuarentena, [2452], [408158],1.0.9300
PUP.Optional.Pakilan, C:\USERS\DHAYAN FRANCO ROJAS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Error durante la eliminación, [2452], [408158],1.0.9300
PUP.Optional.Pakilan, C:\USERS\DHAYAN FRANCO ROJAS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Preferences, Sustituido, [2452], [408158],1.0.9300
PUP.Optional.WinYahoo.TskLnk, C:\USERS\DHAYAN FRANCO ROJAS\APPDATA\LOCAL\{D69CE0C0-F234-8C78-9FAC-A990BBC45508}\loci, En cuarentena, [758], [484244],1.0.9300
PUP.Optional.WinYahoo.TskLnk, C:\Users\Dhayan Franco Rojas\AppData\Local\{D69CE0C0-F234-8C78-9FAC-A990BBC45508}\config.dat, En cuarentena, [758], [484244],1.0.9300
PUP.Optional.WinYahoo.TskLnk, C:\Users\Dhayan Franco Rojas\AppData\Local\{D69CE0C0-F234-8C78-9FAC-A990BBC45508}\info.dat, En cuarentena, [758], [484244],1.0.9300
PUP.Optional.WinYahoo.TskLnk, C:\Users\Dhayan Franco Rojas\AppData\Local\{D69CE0C0-F234-8C78-9FAC-A990BBC45508}\install.log, En cuarentena, [758], [484244],1.0.9300
PUP.Optional.WinYahoo.TskLnk, C:\Users\Dhayan Franco Rojas\AppData\Local\{D69CE0C0-F234-8C78-9FAC-A990BBC45508}\Sqlite3.dll, En cuarentena, [758], [484244],1.0.9300
PUP.Optional.WinYahoo.TskLnk, C:\Users\Dhayan Franco Rojas\AppData\Local\{D69CE0C0-F234-8C78-9FAC-A990BBC45508}\uninst.dat, En cuarentena, [758], [484244],1.0.9300
PUP.Optional.Reimage, C:\WINDOWS\REIMAGE.INI, En cuarentena, [335], [412667],1.0.9300
PUP.Optional.AdvancedSystemCare, C:\PROGRAMDATA\IOBIT\IOBIT UNINSTALLER\DOWNLOADER\UN7\ADVANCED SYSTEMCARE_IU.EXE, En cuarentena, [3811], [396386],1.0.9300

Sector físico: 0
(No hay elementos maliciosos detectados)

WMI: 0
(No hay elementos maliciosos detectados)


(end)

El informe de AdwCleaner | InfoSpyware:


# -------------------------------
# Malwarebytes AdwCleaner 7.2.7.0
# -------------------------------
# Build:    01-30-2019
# Database: 2019-02-15.6 (Cloud)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start:    02-16-2019
# Duration: 00:00:19
# OS:       Windows 10 Home Single Language
# Cleaned:  25
# Failed:   1


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted       C:\ProgramData\IObit\Advanced SystemCare
Deleted       C:\Program Files (x86)\IObit\Advanced SystemCare
Deleted       C:\Program Files (x86)\Common Files\IObit\Advanced SystemCare
Deleted       C:\Users\Dhayan Franco Rojas\AppData\Local\YSearchUtil
Deleted       C:\Users\Dhayan Franco Rojas\AppData\Roaming\SecurityXploded
Deleted       C:\Users\Dhayan Franco Rojas\AppData\Roaming\Enigma Software Group

***** [ Files ] *****

Sin embargo aun no puedo borrar ese pdf mal descargado.

Hola

El reporte de AdwCleaner está incompleto, pon lo de nuevo.

Descarga Farbar Recovery Scan Tool.en el escritorio, seleccionando la versión adecuada para la arquitectura(32 o 64bits) de tu equipo. :arrow_forward: ¿Cómo saber si mi Windows es de 32 o 64 bits.?

  • Ejecuta FRST.exe.
  • En el mensaje de la ventana del Disclaimer, pulsamos Yes
  • En la ventana principal pulsamos en el botón Scan y esperamos a que concluya el proceso.
  • Se abrirán dos(2) archivos(Logs), Frst.txt y Addition.txt, estos quedaran grabados en el escritorio.

Pon los dos reportes generados.

Debes copiarlos y pegarlos con todo su contenido y usaras varios mensajes si recibes un mensaje de error indicando que es muy largo(mas de 50.000 caracteres aprox.).

Un saludo

Estoy resubiendo todos los tests

Malwarebytes
www.malwarebytes.com

-Detalles del registro-
Fecha del análisis: 24/2/19
Hora del análisis: 21:30
Archivo de registro: 622347c4-38a5-11e9-a9d9-68f728b6ad60.json

-Información del software-
Versión: 3.7.1.2839
Versión de los componentes: 1.0.538
Versión del paquete de actualización: 1.0.9422
Licencia: Prueba

-Información del sistema-
SO: Windows 10 (Build 17763.316)
CPU: x64
Sistema de archivos: NTFS
Usuario: Lenovo-PC\Dhayan Franco Rojas

-Resumen del análisis-
Tipo de análisis: Análisis de amenazas
Análisis iniciado por:: Manual
Resultado: Completado
Objetos analizados: 389006
Amenazas detectadas: 0
Amenazas en cuarentena: 0
Tiempo transcurrido: 17 min, 0 seg

-Opciones de análisis-
Memoria: Activado
Inicio: Activado
Sistema de archivos: Activado
Archivo: Activado
Rootkits: Desactivado
Heurística: Activado
PUP: Detectar
PUM: Detectar

-Detalles del análisis-
Proceso: 0
(No hay elementos maliciosos detectados)

Módulo: 0
(No hay elementos maliciosos detectados)

Clave del registro: 0
(No hay elementos maliciosos detectados)

Valor del registro: 0
(No hay elementos maliciosos detectados)

Datos del registro: 0
(No hay elementos maliciosos detectados)

Secuencia de datos: 0
(No hay elementos maliciosos detectados)

Carpeta: 0
(No hay elementos maliciosos detectados)

Archivo: 0
(No hay elementos maliciosos detectados)

Sector físico: 0
(No hay elementos maliciosos detectados)

WMI: 0
(No hay elementos maliciosos detectados)


(end)
# -------------------------------
# Malwarebytes AdwCleaner 7.2.7.0
# -------------------------------
# Build:    01-30-2019
# Database: 2019-02-21.1 (Cloud)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start:    02-24-2019
# Duration: 00:00:23
# OS:       Windows 10 Home Single Language
# Cleaned:  0
# Failed:   1


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

Not Deleted   Palikan New Tab

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [3701 octets] - [16/02/2019 22:20:28]
AdwCleaner[S01].txt - [3762 octets] - [16/02/2019 22:24:05]
AdwCleaner[C01].txt - [3468 octets] - [16/02/2019 22:24:38]
AdwCleaner[S02].txt - [1460 octets] - [16/02/2019 22:32:06]
AdwCleaner[C02].txt - [1626 octets] - [16/02/2019 22:32:23]
AdwCleaner[S03].txt - [1582 octets] - [16/02/2019 22:36:42]
AdwCleaner[S04].txt - [1643 octets] - [21/02/2019 13:28:50]
AdwCleaner[C04].txt - [1809 octets] - [21/02/2019 13:30:59]
AdwCleaner[S05].txt - [1765 octets] - [24/02/2019 21:58:40]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C05].txt ##########
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 24.02.2019 02
Ran by Dhayan Franco Rojas (administrator) on LENOVO-PC (24-02-2019 22:59:38)
Running from C:\Users\Dhayan Franco Rojas\Desktop
Loaded Profiles: Dhayan Franco Rojas (Available Profiles: Dhayan Franco Rojas)
Platform: Windows 10 Home Single Language Version 1809 17763.316 (X64) Language: Español (España, internacional)
Default browser: FF
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Conexant Systems, Inc. -> Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Intel Corporation-Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(New Horizon DataSys Inc. -> Lenovo) C:\Program Files\Lenovo\OneKey Optimizer\bin\FBService.exe
(Canon Inc. -> ) C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Lenovo -> Lenovo Group Ltd.) C:\Program Files\Lenovo\iMController\Service\Lenovo.Modern.ImController.exe
(LENOVO -> Lenovo(beijing) Limited) C:\Program Files\Lenovo\OneKey Optimizer\bin\OKOUpdataService.exe
(LENOVO -> LENOVO INCORPORATED.) C:\Program Files\Lenovo\iMController\SystemAgentService.exe
(Lenovo (Beijing) Limited -> Lenovo Group Limited) C:\Program Files\Lenovo\SettingsDependency\SettingsService.exe
(Lenovo (Beijing) Limited -> Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Lenovo Settings\x86\LenovoSetSvr.exe
(Lenovo (Beijing) Limited -> Lenovo(beijing) Limited) C:\Windows\System32\LenovoWiFiHotspotSvr.exe
(Lenovo -> ) C:\Program Files\Lenovo PhoneCompanion\LPAWDService.exe
(McAfee, Inc. -> McAfee, Inc.) C:\Program Files\Common Files\McAfee\systemcore\mfemms.exe
(McAfee, Inc. -> McAfee, Inc.) C:\Program Files\McAfee\WebAdvisor\servicehost.exe
(McAfee, Inc. -> McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(LENOVO -> Lenovo(beijing) Limited) C:\Program Files\Lenovo\OneKey Optimizer\bin\OKOControlSvc.exe
(Lenovo (Beijing) Limited -> Lenovo) C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe
(CyberLink -> ) C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(Conexant Systems, Inc. -> Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(SurfEasy Inc -> ) C:\Program Files (x86)\SurfEasy VPN\client\SurfEasyService.exe
(McAfee, Inc. -> McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(McAfee, Inc. -> McAfee, Inc.) C:\Program Files\Common Files\McAfee\systemcore\mfefire.exe
(McAfee, Inc. -> McAfee, Inc.) C:\Program Files\McAfee\WebAdvisor\uihost.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel(R) pGFX -> ) C:\Windows\System32\igfxTray.exe
(LENOVO -> ) C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe
(CyberLink Corp. -> CyberLink Corp.) C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe
(LENOVO -> ) C:\Program Files (x86)\Lenovo\GDCAgentSetupRed\GDCAgent.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
(Intel Corporation - Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(LENOVO -> ) C:\Program Files (x86)\Lenovo\CCSDK\WinGather.exe
(Fortemedia Inc -> ) C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
(Conexant Systems, Inc. -> Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\InputApp_cw5n1h2txyewy\WindowsInternal.ComposableShell.Experiences.TextInput.InputApp.exe
(Lenovo -> Lenovo Group Ltd.) C:\Program Files\Lenovo\iMController\PluginHost\Lenovo.Modern.ImController.PluginHost.SettingsApp.exe
(Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\iMController\PluginHost\Lenovo.Modern.ImController.PluginHost.Device.exe
(Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\iMController\PluginHost\Lenovo.Modern.ImController.PluginHost.Device.exe
(Lenovo -> ) C:\Program Files (x86)\Lenovo\System Update\SUService.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(Lenovo (Beijing) Limited -> Lenovo Group Limited) C:\Users\Dhayan Franco Rojas\AppData\Local\Programs\Lenovo\Lenovo Service Bridge\LSB.exe
(Microsoft Corporation -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1902.2-0\MsMpEng.exe
(CyberLink Corp. -> CyberLink Corp.) C:\Program Files (x86)\Lenovo\Lenovo Photo Master\PhotoMasterWorker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\\...\Run: [SignnetServices] => "C:\Program Files\SIGNNET_SERVICES\Java\bin\javaw.exe" -jar  "C:\Program Files\SIGNNET_SERVICES\SignnetServicio.jar"
HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] (Fortemedia Inc -> )
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [919768 2014-11-20] (Conexant Systems, Inc. -> Conexant Systems, Inc.)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1830616 2014-04-10] (Conexant Systems, Inc. -> Conexant Systems, Inc.)
HKLM-x32\...\Run: [iSkysoft Helper Compact.exe] => C:\Program Files (x86)\Common Files\iSkysoft\iSkysoft Helper Compact\ISHelper.exe [2138272 2016-10-08] (Shenzhen Yi Xing Investment Co., Ltd. -> iSkySoft)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601936 2018-12-15] (Oracle America, Inc. -> Oracle Corporation)
HKLM\...\Policies\Explorer: [Max Cached Icons] 2000
HKU\S-1-5-21-730528100-2434808331-2332212028-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9773272 2017-05-19] (Piriform Ltd -> Piriform Ltd)
HKU\S-1-5-21-730528100-2434808331-2332212028-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKLM\...\Drivers32: [msacm.vorbis] => C:\WINDOWS\system32\vorbis.acm [1470976 2015-03-11] (HMS hxxp://hp.vector.co.jp/authors/VA012897/) [File not signed]
HKLM\...\Drivers32: [msacm.vorbis] => C:\WINDOWS\SysWOW64\vorbis.acm [1554944 2015-03-11] (HMS hxxp://hp.vector.co.jp/authors/VA012897/) [File not signed]
Startup: C:\Users\Dhayan Franco Rojas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Enviar a OneNote.lnk [2018-11-30]
ShortcutTarget: Enviar a OneNote.lnk -> C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
GroupPolicy: Restriction ? <==== ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 190.113.220.18 190.113.220.51 190.113.220.54
Tcpip\..\Interfaces\{93e43528-ebfe-4c71-a63e-1d8ae48e2b57}: [NameServer] 8.8.8.8,8.8.4.4,
Tcpip\..\Interfaces\{adabc75b-f5ef-4c73-8460-0840217daa90}: [NameServer] 8.8.8.8,8.8.4.4,
Tcpip\..\Interfaces\{adabc75b-f5ef-4c73-8460-0840217daa90}: [DhcpNameServer] 190.113.220.18 190.113.220.51 190.113.220.54
Tcpip\..\Interfaces\{d8e02358-e96b-494e-8a0a-ee1ef0558d3d}: [DhcpNameServer] 190.113.220.18 190.113.220.51 190.113.220.54

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = 
HKU\S-1-5-21-730528100-2434808331-2332212028-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
HKU\S-1-5-21-730528100-2434808331-2332212028-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/?trackid=sp-006
HKU\S-1-5-21-730528100-2434808331-2332212028-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com
SearchScopes: HKLM -> DefaultScope {D944B357-75E2-4419-BE1E-290B22C87BAE} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKLM-x32 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\S-1-5-21-730528100-2434808331-2332212028-1001 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\S-1-5-21-730528100-2434808331-2332212028-1001 -> {09C552BC-44AC-4937-B9C2-1314AE97C9DA} URL = hxxps://pe.search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default
SearchScopes: HKU\S-1-5-21-730528100-2434808331-2332212028-1001 -> {6586d803-df30-46d3-a89a-4136c8571d45} URL = 
SearchScopes: HKU\S-1-5-21-730528100-2434808331-2332212028-1001 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2018-11-14] (Microsoft Corporation -> Microsoft Corporation)
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (Canon Inc. -> CANON INC.)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_202\bin\ssv.dll [2019-02-11] (Oracle America, Inc. -> Oracle Corporation)
BHO: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\x64\IEPlugin.dll [2019-02-21] (McAfee, Inc. -> McAfee, Inc.)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2018-07-20] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_202\bin\jp2ssv.dll [2019-02-11] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (Canon Inc. -> CANON INC.)
BHO-x32: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll [2019-02-21] (McAfee, Inc. -> McAfee, Inc.)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (Canon Inc. -> CANON INC.)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (Canon Inc. -> CANON INC.)
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} -  No File
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2018-04-10] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2017-07-18] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2018-04-10] (Microsoft Corporation -> Microsoft Corporation)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} -  No File
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} -  No File

Edge: 
======
Edge Session Restore: HKU\S-1-5-21-730528100-2434808331-2332212028-1001 -> is enabled.

FireFox:
========
FF DefaultProfile: 21up1geu.default
FF DefaultProfile: cwawoun2.default-1496618921057-1550538939614
FF ProfilePath: C:\Users\Dhayan Franco Rojas\AppData\Roaming\Zotero\Zotero\Profiles\21up1geu.default [2018-07-01]
FF Extension: (Zotero LibreOffice Integration) - C:\Program Files (x86)\Zotero\extensions\[email protected] [2018-06-21] [Legacy] [not signed]
FF Extension: (Zotero Word for Windows Integration) - C:\Program Files (x86)\Zotero\extensions\[email protected] [2018-06-21] [Legacy] [not signed]
FF ProfilePath: C:\Users\Dhayan Franco Rojas\AppData\Roaming\Mozilla\Firefox\Profiles\cwawoun2.default-1496618921057-1550538939614 [2019-02-24]
FF Session Restore: Mozilla\Firefox\Profiles\cwawoun2.default-1496618921057-1550538939614 -> is enabled.
FF Extension: (Simple Translate) - C:\Users\Dhayan Franco Rojas\AppData\Roaming\Mozilla\Firefox\Profiles\cwawoun2.default-1496618921057-1550538939614\Extensions\[email protected] [2019-02-23]
FF Extension: (LastPass: Free Password Manager) - C:\Users\Dhayan Franco Rojas\AppData\Roaming\Mozilla\Firefox\Profiles\cwawoun2.default-1496618921057-1550538939614\Extensions\[email protected] [2019-02-18]
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi
FF Extension: (McAfee® WebAdvisor) - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi [2019-02-21]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi
FF HKLM-x32\...\Thunderbird\Extensions: [[email protected]] - C:\Program Files\McAfee\MSK => not found
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_142.dll [2019-02-12] (Adobe Systems Incorporated -> )
FF Plugin: @java.com/DTPlugin,version=11.202.2 -> C:\Program Files\Java\jre1.8.0_202\bin\dtplugin\npDeployJava1.dll [2019-02-11] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.202.2 -> C:\Program Files\Java\jre1.8.0_202\bin\plugin2\npjp2.dll [2019-02-11] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @mcafee.com/MSC,version=10 -> C:\Program Files\McAfee\MSC\NPMCSN~1.DLL [No File]
FF Plugin: @microsoft.com/VirtualEarth3D,version=4.0 -> C:\Program Files (x86)\Virtual Earth 3D\ [No File]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_142.dll [2019-02-12] (Adobe Systems Incorporated -> )
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2011-11-30] (CANON INC.) [File not signed]
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-09-03] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-09-03] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> C:\Program Files (x86)\McAfee\msc\NPMCSN~1.DLL [No File]
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-07-20] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [No File]
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [No File]
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-01-31] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-730528100-2434808331-2332212028-1001: @zoom.us/ZoomVideoPlugin -> C:\Users\Dhayan Franco Rojas\AppData\Roaming\Zoom\bin\npzoomplugin.dll [2019-01-25] (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)

Chrome: 
=======
CHR Profile: C:\Users\Dhayan Franco Rojas\AppData\Local\Google\Chrome\User Data\Default [2019-02-16]
CHR Extension: (Presentaciones) - C:\Users\Dhayan Franco Rojas\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-07-16]
CHR Extension: (Documentos) - C:\Users\Dhayan Franco Rojas\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-07-16]
CHR Extension: (Google Drive) - C:\Users\Dhayan Franco Rojas\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-07-16]
CHR Extension: (YouTube) - C:\Users\Dhayan Franco Rojas\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-07-16]
CHR Extension: (Adobe Acrobat) - C:\Users\Dhayan Franco Rojas\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2018-07-16]
CHR Extension: (Hojas de cálculo) - C:\Users\Dhayan Franco Rojas\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-07-16]
CHR Extension: (McAfee® WebAdvisor) - C:\Users\Dhayan Franco Rojas\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2018-07-16]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\Dhayan Franco Rojas\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-07-16]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Dhayan Franco Rojas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-07-16]
CHR Extension: (Gmail) - C:\Users\Dhayan Franco Rojas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-07-16]
CHR Extension: (Chrome Media Router) - C:\Users\Dhayan Franco Rojas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-07-16]
CHR HKLM\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx <not found>
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx

Opera: 
=======
OPR Session Restore: -> is enabled.
OPR Extension: (Traductor de Google) - C:\Users\Dhayan Franco Rojas\AppData\Roaming\Opera Software\Opera Stable\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2018-01-31]
OPR Extension: (Evernote Web Clipper) - C:\Users\Dhayan Franco Rojas\AppData\Roaming\Opera Software\Opera Stable\Extensions\afgbccjghcnbcdjgogpckamibfkceahd [2019-02-13]
OPR Extension: (Mendeley Importer) - C:\Users\Dhayan Franco Rojas\AppData\Roaming\Opera Software\Opera Stable\Extensions\dagcmkpagjlhakfdhnbomgmjdpkdklff [2018-07-31]
OPR Extension: (Avira Navegación segura) - C:\Users\Dhayan Franco Rojas\AppData\Roaming\Opera Software\Opera Stable\Extensions\dalelnnofafalcmkmnhdbigbjjkloabo [2019-01-24]
OPR Extension: (Zotero Connector) - C:\Users\Dhayan Franco Rojas\AppData\Roaming\Opera Software\Opera Stable\Extensions\ekhagklcjbdpajgpjgmbionohlpdbjgc [2019-01-18]
OPR Extension: (Download Ninja) - C:\Users\Dhayan Franco Rojas\AppData\Roaming\Opera Software\Opera Stable\Extensions\fdknghpepmbcddjgcadpjijlchgojipm [2019-01-24]
OPR Extension: (Pocket (formerly Read It Later)) - C:\Users\Dhayan Franco Rojas\AppData\Roaming\Opera Software\Opera Stable\Extensions\hedlhkdmdlcjhiblbmfggdiaeekblnoi [2018-06-16]
OPR Extension: (LastPass: Free Password Manager) - C:\Users\Dhayan Franco Rojas\AppData\Roaming\Opera Software\Opera Stable\Extensions\hnjalnkldgigidggphhmacmimbdlafdo [2019-02-18]
OPR Extension: (Instalar Extensiones de Chrome) - C:\Users\Dhayan Franco Rojas\AppData\Roaming\Opera Software\Opera Stable\Extensions\kipjbhgniklcnglfaldilecjomjaddfi [2018-08-21]
OPR Extension: (Boomerang for Gmail) - C:\Users\Dhayan Franco Rojas\AppData\Roaming\Opera Software\Opera Stable\Extensions\mbgokcbnfmmadbglaopglmoagkhgappp [2018-04-22]
OPR Extension: (Flash Video Downloader (FVD)) - C:\Users\Dhayan Franco Rojas\AppData\Roaming\Opera Software\Opera Stable\Extensions\neacgcjokggofibnbfapeaejhclmpple [2019-01-24]
OPR Extension: (Adblock Plus - bloqueador de anuncios gratis) - C:\Users\Dhayan Franco Rojas\AppData\Roaming\Opera Software\Opera Stable\Extensions\oidhhegpmlfpoeialbgcdocjalghfpkp [2019-01-23]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AVControlCenter; C:\Program Files\Lenovo\Communications Utility\AVControlCenter32.exe [599024 2014-08-05] (LENOVO -> Lenovo Corporation)
R2 CCSDK; C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe [654776 2015-06-01] (LENOVO -> )
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [3058392 2017-12-12] (Microsoft Corporation -> Microsoft Corporation)
S3 DFServ; C:\Program Files (x86)\Faronics\Deep Freeze\Install C-0\DFServ.exe [2112394 2017-10-01] (Faronics Corporation) [File not signed]
R2 FastbootService; C:\Program Files\Lenovo\OneKey Optimizer\bin\FbService.exe [193640 2015-10-22] (New Horizon DataSys Inc. -> Lenovo)
R2 GDCAgent; C:\Program Files (x86)\Lenovo\GDCAgentSetupRed\GDCAgent.exe [1122744 2015-06-01] (LENOVO -> )
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [19184 2015-01-27] (Intel Corporation - Rapid Storage Technology -> Intel Corporation)
R2 ibtsiva; C:\WINDOWS\system32\ibtsiva.exe [184064 2017-01-13] (Intel Corporation-Wireless Connectivity Solutions -> Intel Corporation)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [373680 2017-12-01] (Intel(R) pGFX -> Intel Corporation)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [84616 2013-06-28] (Canon Inc. -> )
R2 ImControllerService; C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [71336 2019-01-07] (Lenovo -> Lenovo Group Ltd.)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887256 2014-05-13] (Intel® Trusted Connect Service -> Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2014-09-03] (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation)
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [177376 2016-08-12] (Intel(R) Update Manager -> Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [154584 2014-09-03] (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation)
S3 Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\LENOVO\easyplussdk\bin\EPHotspot64.exe [625648 2015-06-08] (LENOVO -> Lenovo)
R2 Lenovo OKO Service; C:\Program Files\Lenovo\OneKey Optimizer\bin\OKOUpdataService.exe [2730280 2016-01-07] (LENOVO -> Lenovo(beijing) Limited)
R2 Lenovo Settings Service; C:\Program Files\Lenovo\SettingsDependency\SettingsService.exe [2005320 2014-10-13] (Lenovo (Beijing) Limited -> Lenovo Group Limited)
R2 Lenovo System Agent Service; C:\Program Files\Lenovo\iMController\SystemAgentService.exe [584664 2015-12-14] (LENOVO -> LENOVO INCORPORATED.)
S3 LENOVO.TVTVCAM; C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe [727536 2014-08-05] (LENOVO -> Lenovo Corporation)
R2 LenovoPAWDService; C:\Program Files\Lenovo PhoneCompanion\LPAWDService.exe [133440 2015-04-30] (Lenovo -> )
R2 LenovoSetSvr; C:\Program Files (x86)\Lenovo\Lenovo Settings\x86\LenovoSetSvr.exe [258544 2014-06-19] (Lenovo (Beijing) Limited -> Lenovo(beijing) Limited)
R2 LenovoWiFiHotspotSvr; C:\Windows\System32\LenovoWiFiHotspotSvr.exe [218952 2014-08-25] (Lenovo (Beijing) Limited -> Lenovo(beijing) Limited)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6562472 2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [899640 2019-02-21] (McAfee, Inc. -> McAfee, Inc.)
S3 McAWFwk; C:\Program Files\Common Files\McAfee\ActWiz\McAWFwk.exe [332528 2014-03-12] (McAfee, Inc. -> McAfee, Inc.)
S2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\1.5.495.0\McCSPServiceHost.exe [207344 2015-06-04] (McAfee, Inc. -> McAfee, Inc.)
S3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [232656 2015-06-29] (McAfee, Inc. -> McAfee, Inc.)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe [373704 2015-07-06] (McAfee, Inc. -> McAfee, Inc.)
R2 mfevtp; C:\WINDOWS\system32\mfevtps.exe [254792 2015-06-29] (McAfee, Inc. -> McAfee, Inc.)
R2 OKOControlSvc; C:\Program Files\Lenovo\OneKey Optimizer\bin\OKOControlSvc.exe [369960 2016-01-07] (LENOVO -> Lenovo(beijing) Limited)
R2 PhoneCompanionPusher; C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe [321520 2015-04-30] (Lenovo (Beijing) Limited -> Lenovo)
S3 PhoneCompanionVap; C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionVap.exe [338416 2015-04-30] (Lenovo (Beijing) Limited -> Lenovo)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [390632 2012-04-24] (CyberLink -> )
S3 ShareItSvc; C:\Program Files (x86)\SHAREit\SHAREit\Shareit.Service.exe [31176 2016-01-14] (LENOVO -> SHAREit Technologies Co.Ltd)
R2 SurfEasyVPN; C:\Program Files (x86)\SurfEasy VPN\client\SurfEasyService.exe [2781576 2018-10-03] (SurfEasy Inc -> )
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [255608 2016-06-01] (Synaptics Incorporated -> Synaptics Incorporated)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1902.2-0\NisSrv.exe [4098064 2019-02-24] (Microsoft Corporation -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1902.2-0\MsMpEng.exe [113992 2019-02-24] (Microsoft Corporation -> Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 amdkmpfd; C:\WINDOWS\System32\drivers\amdkmpfd.sys [79120 2016-03-03] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
S3 cfwids; C:\WINDOWS\system32\drivers\cfwids.sys [77536 2015-07-02] (McAfee, Inc. -> McAfee, Inc.)
R0 DeepFrz; C:\Windows\System32\Drivers\DeepFrz.sys [221800 2017-03-16] (Faronics Corporation -> Faronics Corporation)
R0 DfDiskLo; C:\Windows\System32\Drivers\DfDiskLo.sys [39144 2017-03-16] (Faronics Corporation -> Faronics Corporation)
R1 DFFilter; C:\Windows\System32\Drivers\DFFilter.sys [43240 2017-03-16] (Faronics Corporation -> Faronics Corporation)
R0 FarDisk; C:\Windows\System32\Drivers\FarDisk.sys [31464 2017-03-16] (Faronics Corporation -> Faronics Corporation)
R0 FarSpace; C:\Windows\System32\Drivers\FarSpace.sys [118120 2017-03-16] (Faronics Corporation -> Faronics Corporation)
R0 Fastboot; C:\WINDOWS\System32\DRIVERS\Fastboot.sys [72808 2015-10-22] (New Horizon DataSys Inc. -> Windows (R) Win 7 DDK provider)
S3 HipShieldK; C:\WINDOWS\System32\drivers\HipShieldK.sys [198448 2015-04-27] (McAfee, Inc. -> McAfee, Inc.)
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [231168 2017-01-13] (Intel Corporation-Wireless Connectivity Solutions -> Intel Corporation)
R3 KMDFVirtualKbd; C:\WINDOWS\System32\drivers\KMDFVirtualKbd.sys [22264 2014-08-04] (Lenovo (Beijing) Limited -> )
R3 KMDFVirtualMouse; C:\WINDOWS\System32\drivers\KMDFVirtualMouse.sys [21240 2014-08-04] (Lenovo (Beijing) Limited -> )
S3 massfilter_hs; C:\WINDOWS\system32\drivers\massfilter_hs.sys [20232 2012-06-20] (ZTE CORPORATION -> HandSet Incorporated)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [198512 2019-02-16] (Malwarebytes Corporation -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [20936 2019-02-01] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [274416 2019-02-24] (Malwarebytes Corporation -> Malwarebytes)
R3 mfeaack; C:\WINDOWS\System32\drivers\mfeaack.sys [412440 2015-07-02] (McAfee, Inc. -> McAfee, Inc.)
R3 mfeavfk; C:\WINDOWS\System32\drivers\mfeavfk.sys [347800 2015-07-02] (McAfee, Inc. -> McAfee, Inc.)
S0 mfeelamk; C:\WINDOWS\System32\drivers\mfeelamk.sys [80920 2015-07-02] (Microsoft Windows Early Launch Anti-malware Publisher -> McAfee, Inc.)
R3 mfefirek; C:\WINDOWS\system32\drivers\mfefirek.sys [496888 2015-07-02] (McAfee, Inc. -> McAfee, Inc.)
R0 mfehidk; C:\WINDOWS\System32\drivers\mfehidk.sys [875928 2015-07-02] (McAfee, Inc. -> McAfee, Inc.)
R3 mfencbdc; C:\WINDOWS\System32\DRIVERS\mfencbdc.sys [483240 2015-03-26] (McAfee, Inc. -> McAfee, Inc.)
S3 mfencrk; C:\WINDOWS\system32\DRIVERS\mfencrk.sys [100720 2015-03-26] (McAfee, Inc. -> McAfee, Inc.)
R0 mfewfpk; C:\WINDOWS\System32\drivers\mfewfpk.sys [344704 2015-07-02] (McAfee, Inc. -> McAfee, Inc.)
R3 NETwNb64; C:\WINDOWS\system32\DRIVERS\Netwbw02.sys [3525896 2016-11-09] (Intel Corporation-Wireless Connectivity Solutions -> Intel Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [886528 2015-07-22] (Realtek Semiconductor Corp -> Realtek )
R3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [410880 2015-07-03] (Realtek Semiconductor Corp -> Realsil Semiconductor Corporation)
S3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [42696 2015-06-03] (Synaptics Incorporated -> Synaptics Incorporated)
R3 SNP2UVC; C:\WINDOWS\system32\DRIVERS\snp2uvc.sys [3481696 2015-06-30] (Sonix Technology CO., LTD -> Sonix Co. Ltd.)
R3 SymTAP; C:\WINDOWS\System32\drivers\SymTAP.sys [52512 2018-10-03] (Symantec Corporation -> The OpenVPN Project)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [46472 2019-02-24] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [333792 2019-02-24] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [62432 2019-02-24] (Microsoft Windows -> Microsoft Corporation)
S3 wsvd; C:\WINDOWS\system32\DRIVERS\wsvd.sys [102376 2012-06-13] (CyberLink -> "CyberLink)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

Error(1) reading file: "C:\Users\Dhayan Franco Rojas\Desktop\américa latina y el caribe, una mirada al futuro desde los objetivos de desarrollo del milenio informe regional de monitoreo de los objetivos de desarrollo del milenio (odm) en américa latina y el caribe, 2015.pdf.opdownload"
2019-02-24 22:59 - 2019-02-24 23:01 - 000033912 _____ C:\Users\Dhayan Franco Rojas\Desktop\FRST.txt
2019-02-24 22:55 - 2019-02-24 22:55 - 002433536 _____ (Farbar) C:\Users\Dhayan Franco Rojas\Desktop\FRST64.exe
2019-02-24 22:11 - 2019-02-24 22:59 - 000000000 ____D C:\FRST
2019-02-24 22:03 - 2019-02-24 22:03 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2019-02-24 22:01 - 2019-02-24 22:01 - 000274416 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2019-02-24 04:31 - 2019-02-24 04:31 - 009969203 _____ C:\Users\Dhayan Franco Rojas\Downloads\tq1096.pdf
2019-02-23 19:19 - 2019-02-23 19:19 - 000000000 _____ C:\Users\Dhayan Franco Rojas\Downloads\EN-Pierre-de-Coubertin.pdf
2019-02-22 13:15 - 2019-02-22 13:15 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2019-02-22 12:17 - 2019-02-22 12:17 - 000163872 _____ C:\Users\Dhayan Franco Rojas\Downloads\935835685_2452011105144.pdf
2019-02-22 09:07 - 2019-02-22 09:07 - 000003966 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1438036071
2019-02-22 09:07 - 2019-02-22 09:07 - 000001160 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Navegador Opera.lnk
2019-02-22 08:53 - 2019-02-22 08:53 - 000000182 _____ C:\Users\Dhayan Franco Rojas\Desktop\GOALS.txt
2019-02-21 20:35 - 2019-02-21 20:35 - 000042127 _____ C:\Users\Dhayan Franco Rojas\Downloads\pacr42.pdf
2019-02-21 20:29 - 2019-02-21 20:29 - 000275539 _____ C:\Users\Dhayan Franco Rojas\Downloads\13483-53693-1-PB.pdf
2019-02-21 20:28 - 2019-02-21 20:28 - 000761928 _____ C:\Users\Dhayan Franco Rojas\Downloads\Historia de la administración.pdf
2019-02-20 22:46 - 2019-02-20 23:00 - 000000050 _____ C:\Users\Dhayan Franco Rojas\Desktop\practicing with fabi.txt
2019-02-20 20:29 - 2014-12-09 20:11 - 000423128 _____ (Conexant Systems, Inc.) C:\WINDOWS\SysWOW64\SASrv.exe
2019-02-20 20:28 - 2014-10-20 14:54 - 000207576 _____ (Conexant Systems Inc.) C:\WINDOWS\system32\CxAudMsg64.exe
2019-02-20 20:27 - 2019-02-20 20:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dolby
2019-02-20 20:27 - 2019-02-20 20:27 - 000000000 ____D C:\Program Files\Dolby Digital Plus
2019-02-20 20:27 - 2014-04-25 10:22 - 000002440 _____ C:\WINDOWS\system32\Drivers\SamSfPa.dat
2019-02-20 20:26 - 2019-02-20 20:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Conexant
2019-02-20 20:19 - 2019-02-20 20:19 - 000000282 __RSH C:\ProgramData\ntuser.pol
2019-02-20 18:56 - 2019-02-01 17:31 - 000835480 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2019-02-20 18:56 - 2019-02-01 17:31 - 000179600 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2019-02-20 18:27 - 2019-02-20 18:27 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2019-02-20 18:16 - 2019-02-20 18:16 - 000000020 ___SH C:\Users\Dhayan Franco Rojas\ntuser.ini
2019-02-20 18:13 - 2019-02-24 22:01 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-02-20 18:13 - 2019-02-24 17:47 - 000004234 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{5837363F-9A21-4880-9AFF-BC1901190A36}
2019-02-20 18:13 - 2019-02-20 18:14 - 000003788 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2019-02-20 18:13 - 2019-02-20 18:14 - 000003780 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player NPAPI Notifier
2019-02-20 18:13 - 2019-02-20 18:14 - 000003484 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2019-02-20 18:13 - 2019-02-20 18:14 - 000003454 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2019-02-20 18:13 - 2019-02-20 18:14 - 000002810 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-730528100-2434808331-2332212028-1001
2019-02-20 18:13 - 2019-02-20 18:14 - 000002742 _____ C:\WINDOWS\System32\Tasks\AdobeGCInvoker-1.0-Lenovo-PC-Dhayan Franco Rojas
2019-02-20 18:13 - 2019-02-20 18:14 - 000002726 _____ C:\WINDOWS\System32\Tasks\Maxthon5 Update
2019-02-20 18:13 - 2019-02-20 18:14 - 000002286 _____ C:\WINDOWS\System32\Tasks\Uninstaller_SkipUac_Dhayan_Franco_Rojas
2019-02-20 18:13 - 2019-02-20 18:14 - 000002280 _____ C:\WINDOWS\System32\Tasks\{A9721BFA-2F9C-45F8-86A4-A38D58448208}
2019-02-20 18:13 - 2019-02-20 18:14 - 000002088 _____ C:\WINDOWS\System32\Tasks\{C3298083-BE4E-407E-AFEC-E92C8D44901D}
2019-02-20 18:13 - 2019-02-20 18:13 - 000003482 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2019-02-20 18:13 - 2019-02-20 18:13 - 000003260 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2019-02-20 18:13 - 2019-02-20 18:13 - 000003042 _____ C:\WINDOWS\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473
2019-02-20 18:13 - 2019-02-20 18:13 - 000002856 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-730528100-2434808331-2332212028-1001
2019-02-20 18:13 - 2019-02-20 18:13 - 000002680 _____ C:\WINDOWS\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon
2019-02-20 18:13 - 2019-02-20 18:13 - 000002318 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-730528100-2434808331-2332212028-500
2019-02-20 18:13 - 2019-02-20 18:13 - 000002246 _____ C:\WINDOWS\System32\Tasks\{43A02C38-DC24-440C-BF32-5875A8430AAC}
2019-02-20 18:13 - 2019-02-20 18:13 - 000002218 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2019-02-20 18:13 - 2019-02-20 18:13 - 000002060 _____ C:\WINDOWS\System32\Tasks\PDVDServ Task
2019-02-20 18:13 - 2019-02-20 18:13 - 000001970 _____ C:\WINDOWS\System32\Tasks\{A636331C-9D41-4858-8B08-DA5CDD95F9F4}
2019-02-20 18:13 - 2019-02-20 18:13 - 000001970 _____ C:\WINDOWS\System32\Tasks\{3802A363-28ED-42D9-BB42-CAD22A337022}
2019-02-20 18:13 - 2019-02-20 18:13 - 000000000 ____D C:\WINDOWS\System32\Tasks\WPD
2019-02-20 18:13 - 2019-02-20 18:13 - 000000000 ____D C:\WINDOWS\System32\Tasks\TVT
2019-02-20 18:13 - 2019-02-20 18:13 - 000000000 ____D C:\WINDOWS\System32\Tasks\S-1-5-21-730528100-2434808331-2332212028-1001
2019-02-20 18:13 - 2019-02-20 18:13 - 000000000 ____D C:\WINDOWS\System32\Tasks\NCH Software
2019-02-20 18:13 - 2019-02-20 18:13 - 000000000 ____D C:\WINDOWS\System32\Tasks\McAfee
2019-02-20 18:13 - 2019-02-20 18:13 - 000000000 ____D C:\WINDOWS\System32\Tasks\Lenovo
2019-02-20 18:13 - 2019-02-20 18:13 - 000000000 ____D C:\WINDOWS\System32\Tasks\Ivanti
2019-02-20 18:13 - 2019-02-20 18:13 - 000000000 ____D C:\WINDOWS\System32\Tasks\CyberLink
2019-02-20 18:13 - 2019-02-20 18:13 - 000000000 ____D C:\WINDOWS\System32\Tasks\Avira
2019-02-20 18:13 - 2019-02-20 18:13 - 000000000 ____D C:\WINDOWS\System32\Tasks\AVAST Software
2019-02-20 18:13 - 2014-12-09 21:09 - 000003594 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2943985629-2717472603-367765836-500
2019-02-20 18:09 - 2019-02-20 18:12 - 000007623 _____ C:\WINDOWS\diagwrn.xml
2019-02-20 18:09 - 2019-02-20 18:12 - 000007623 _____ C:\WINDOWS\diagerr.xml
2019-02-20 17:56 - 2019-02-21 08:18 - 001775178 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-02-20 17:46 - 2019-02-20 17:46 - 000001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2019-02-20 17:41 - 2019-02-20 18:16 - 000000000 ____D C:\Users\Dhayan Franco Rojas
2019-02-20 17:41 - 2019-02-20 17:41 - 000000000 _SHDL C:\Users\Dhayan Franco Rojas\Reciente
2019-02-20 17:41 - 2019-02-20 17:41 - 000000000 _SHDL C:\Users\Dhayan Franco Rojas\Plantillas
2019-02-20 17:41 - 2019-02-20 17:41 - 000000000 _SHDL C:\Users\Dhayan Franco Rojas\Mis documentos
2019-02-20 17:41 - 2019-02-20 17:41 - 000000000 _SHDL C:\Users\Dhayan Franco Rojas\Menú Inicio
2019-02-20 17:41 - 2019-02-20 17:41 - 000000000 _SHDL C:\Users\Dhayan Franco Rojas\Impresoras
2019-02-20 17:41 - 2019-02-20 17:41 - 000000000 _SHDL C:\Users\Dhayan Franco Rojas\Entorno de red
2019-02-20 17:41 - 2019-02-20 17:41 - 000000000 _SHDL C:\Users\Dhayan Franco Rojas\Documents\Mis vídeos
2019-02-20 17:41 - 2019-02-20 17:41 - 000000000 _SHDL C:\Users\Dhayan Franco Rojas\Documents\Mis imágenes
2019-02-20 17:41 - 2019-02-20 17:41 - 000000000 _SHDL C:\Users\Dhayan Franco Rojas\Documents\Mi música
2019-02-20 17:41 - 2019-02-20 17:41 - 000000000 _SHDL C:\Users\Dhayan Franco Rojas\Datos de programa
2019-02-20 17:41 - 2019-02-20 17:41 - 000000000 _SHDL C:\Users\Dhayan Franco Rojas\Configuración local
2019-02-20 17:41 - 2019-02-20 17:41 - 000000000 _SHDL C:\Users\Dhayan Franco Rojas\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
2019-02-20 17:41 - 2019-02-20 17:41 - 000000000 _SHDL C:\Users\Dhayan Franco Rojas\AppData\Local\Historial
2019-02-20 17:41 - 2019-02-20 17:41 - 000000000 _SHDL C:\Users\Dhayan Franco Rojas\AppData\Local\Datos de programa
2019-02-20 17:41 - 2019-02-20 17:41 - 000000000 _SHDL C:\Users\Dhayan Franco Rojas\AppData\Local\Archivos temporales de Internet
2019-02-20 17:41 - 2018-09-15 02:29 - 000001105 _____ C:\Users\Dhayan Franco Rojas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-02-20 17:39 - 2019-02-20 17:39 - 000000000 ____D C:\ProgramData\USOShared
2019-02-20 17:38 - 2019-02-20 17:38 - 000000200 _____ C:\WINDOWS\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat
2019-02-20 17:38 - 2018-09-15 02:28 - 002864640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2019-02-20 17:38 - 2017-12-01 00:13 - 000103880 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.DLL
2019-02-20 17:38 - 2017-12-01 00:13 - 000099784 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL
2019-02-20 17:34 - 2019-02-24 20:45 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-02-20 17:34 - 2019-02-20 17:50 - 000538248 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-02-20 16:19 - 2019-02-20 16:19 - 000364952 _____ C:\Users\Dhayan Franco Rojas\Downloads\REGLAMENTO DE USO DEL AULA VIRTUAL.pdf
2019-02-20 15:50 - 2019-02-20 11:32 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate
2019-02-20 15:41 - 2019-02-20 15:49 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2019-02-20 15:08 - 2019-02-20 15:08 - 011724288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2019-02-20 15:08 - 2019-02-20 15:08 - 009941504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2019-02-20 15:08 - 2019-02-20 15:08 - 007724992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2019-02-20 15:08 - 2019-02-20 15:08 - 005440008 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2019-02-20 15:08 - 2019-02-20 15:08 - 005112792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2019-02-20 15:08 - 2019-02-20 15:08 - 004918784 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2019-02-20 15:08 - 2019-02-20 15:08 - 004488192 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2019-02-20 15:08 - 2019-02-20 15:08 - 003566080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2019-02-20 15:08 - 2019-02-20 15:08 - 003550384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2019-02-20 15:08 - 2019-02-20 15:08 - 003442176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2019-02-20 15:08 - 2019-02-20 15:08 - 002469648 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2019-02-20 15:08 - 2019-02-20 15:08 - 002429752 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVCORE.DLL
2019-02-20 15:08 - 2019-02-20 15:08 - 002323696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2019-02-20 15:08 - 2019-02-20 15:08 - 002278448 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2019-02-20 15:08 - 2019-02-20 15:08 - 002160160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVCORE.DLL
2019-02-20 15:08 - 2019-02-20 15:08 - 001294864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2019-02-20 15:08 - 2019-02-20 15:08 - 001289192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2019-02-20 15:08 - 2019-02-20 15:08 - 001282640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfreadwrite.dll
2019-02-20 15:08 - 2019-02-20 15:08 - 001259024 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2019-02-20 15:08 - 2019-02-20 15:08 - 001200920 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2019-02-20 15:08 - 2019-02-20 15:08 - 001073448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2019-02-20 15:08 - 2019-02-20 15:08 - 001057976 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2adec.dll
2019-02-20 15:08 - 2019-02-20 15:08 - 001024920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2019-02-20 15:08 - 2019-02-20 15:08 - 000854784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2adec.dll
2019-02-20 15:08 - 2019-02-20 15:08 - 000762272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfreadwrite.dll
2019-02-20 15:08 - 2019-02-20 15:08 - 000454144 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2019-02-20 15:08 - 2019-02-20 15:08 - 000427520 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSFlacDecoder.dll
2019-02-20 15:08 - 2019-02-20 15:08 - 000421904 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAudDecMFT.dll
2019-02-20 15:08 - 2019-02-20 15:08 - 000371712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSFlacDecoder.dll
2019-02-20 15:08 - 2019-02-20 15:08 - 000301096 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpeffects.dll
2019-02-20 15:08 - 2019-02-20 15:08 - 000263360 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2019-02-20 15:08 - 2019-02-20 15:08 - 000241680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpeffects.dll
2019-02-20 15:08 - 2019-02-20 15:08 - 000218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpdxm.dll
2019-02-20 15:08 - 2019-02-20 15:08 - 000167424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpdxm.dll
2019-02-20 15:08 - 2019-02-20 15:08 - 000125440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpshell.dll
2019-02-20 15:08 - 2019-02-20 15:08 - 000096768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpshell.dll
2019-02-20 15:07 - 2019-02-20 15:07 - 024617472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2019-02-20 15:07 - 2019-02-20 15:07 - 020812288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2019-02-20 15:07 - 2019-02-20 15:07 - 019284480 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramWorld.dll
2019-02-20 15:07 - 2019-02-20 15:07 - 019023872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-02-20 15:07 - 2019-02-20 15:07 - 012151808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2019-02-20 15:07 - 2019-02-20 15:07 - 008875520 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2019-02-20 15:07 - 2019-02-20 15:07 - 007897088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2019-02-20 15:07 - 2019-02-20 15:07 - 006070272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-02-20 15:07 - 2019-02-20 15:07 - 003952952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.dll
2019-02-20 15:07 - 2019-02-20 15:07 - 003922944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2019-02-20 15:07 - 2019-02-20 15:07 - 003743744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2019-02-20 15:07 - 2019-02-20 15:07 - 002986352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.dll
2019-02-20 15:07 - 2019-02-20 15:07 - 002942464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2019-02-20 15:07 - 2019-02-20 15:07 - 002392576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcGenral.dll
2019-02-20 15:07 - 2019-02-20 15:07 - 001749504 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2019-02-20 15:07 - 2019-02-20 15:07 - 001311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2019-02-20 15:07 - 2019-02-20 15:07 - 001309184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll
2019-02-20 15:07 - 2019-02-20 15:07 - 001182720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl
2019-02-20 15:07 - 2019-02-20 15:07 - 001166336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl
2019-02-20 15:07 - 2019-02-20 15:07 - 001064448 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll
2019-02-20 15:07 - 2019-02-20 15:07 - 001022464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MixedRealityCapture.dll
2019-02-20 15:07 - 2019-02-20 15:07 - 001018880 _____ (Microsoft Corporation) C:\WINDOWS\system32\termsrv.dll
2019-02-20 15:07 - 2019-02-20 15:07 - 000949760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.Internal.dll
2019-02-20 15:07 - 2019-02-20 15:07 - 000883200 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2019-02-20 15:07 - 2019-02-20 15:07 - 000870400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MixedRealityCapture.dll
2019-02-20 15:07 - 2019-02-20 15:07 - 000833536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2019-02-20 15:07 - 2019-02-20 15:07 - 000829440 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2019-02-20 15:07 - 2019-02-20 15:07 - 000794112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2019-02-20 15:07 - 2019-02-20 15:07 - 000742912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpaceControl.dll
2019-02-20 15:07 - 2019-02-20 15:07 - 000690688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2019-02-20 15:07 - 2019-02-20 15:07 - 000684032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2019-02-20 15:07 - 2019-02-20 15:07 - 000663040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2019-02-20 15:07 - 2019-02-20 15:07 - 000662528 ____R (Microsoft Corporation) C:\WINDOWS\system32\MixedRealityCapture.Pipeline.dll
2019-02-20 15:07 - 2019-02-20 15:07 - 000654848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2019-02-20 15:07 - 2019-02-20 15:07 - 000577024 _____ (Microsoft Corporation) C:\WINDOWS\system32\HolographicExtensions.dll
2019-02-20 15:07 - 2019-02-20 15:07 - 000481792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll
2019-02-20 15:07 - 2019-02-20 15:07 - 000429056 _____ (Microsoft Corporation) C:\WINDOWS\system32\MixedReality.Broker.dll
2019-02-20 15:07 - 2019-02-20 15:07 - 000352768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2019-02-20 15:07 - 2019-02-20 15:07 - 000349184 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcGenral.dll
2019-02-20 15:07 - 2019-02-20 15:07 - 000329216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\regedit.exe
2019-02-20 15:07 - 2019-02-20 15:07 - 000314368 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcLayers.dll
2019-02-20 15:07 - 2019-02-20 15:07 - 000313344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd2x40.dll
2019-02-20 15:07 - 2019-02-20 15:07 - 000218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscinterop.dll
2019-02-20 15:07 - 2019-02-20 15:07 - 000166400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscinterop.dll
2019-02-20 15:07 - 2019-02-20 15:07 - 000137216 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpaceAgent.exe
2019-02-20 15:07 - 2019-02-20 15:07 - 000134144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CastingShellExt.dll
2019-02-20 15:07 - 2019-02-20 15:07 - 000098816 ____R (Microsoft Corporation) C:\WINDOWS\system32\MixedRealityCapture.Broker.dll
2019-02-20 15:07 - 2019-02-20 15:07 - 000093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlahc.dll
2019-02-20 15:07 - 2019-02-20 15:07 - 000078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvSysprep.dll
2019-02-20 15:07 - 2019-02-20 15:07 - 000058880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offreg.dll
2019-02-20 15:07 - 2019-02-20 15:07 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\perfts.dll
2019-02-20 15:07 - 2019-02-20 15:07 - 000030208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\perfts.dll
2019-02-20 15:07 - 2019-02-20 15:07 - 000024064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msisip.dll
2019-02-20 15:06 - 2019-02-20 15:06 - 026807296 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-02-20 15:06 - 2019-02-20 15:06 - 023439360 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-02-20 15:06 - 2019-02-20 15:06 - 012858368 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2019-02-20 15:06 - 2019-02-20 15:06 - 007883776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-02-20 15:06 - 2019-02-20 15:06 - 005584864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2019-02-20 15:06 - 2019-02-20 15:06 - 004885504 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2019-02-20 15:06 - 2019-02-20 15:06 - 004688896 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2019-02-20 15:06 - 2019-02-20 15:06 - 004526080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupapi.dll
2019-02-20 15:06 - 2019-02-20 15:06 - 003656192 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2019-02-20 15:06 - 2019-02-20 15:06 - 002298880 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2019-02-20 15:06 - 2019-02-20 15:06 - 002086400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsservices.dll
2019-02-20 15:06 - 2019-02-20 15:06 - 001783296 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
2019-02-20 15:06 - 2019-02-20 15:06 - 001387520 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2019-02-20 15:06 - 2019-02-20 15:06 - 001309696 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2019-02-20 15:06 - 2019-02-20 15:06 - 001224704 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2019-02-20 15:06 - 2019-02-20 15:06 - 001221528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2019-02-20 15:06 - 2019-02-20 15:06 - 001110528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsPrint.dll
2019-02-20 15:06 - 2019-02-20 15:06 - 001047552 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2019-02-20 15:06 - 2019-02-20 15:06 - 000972288 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2019-02-20 15:06 - 2019-02-20 15:06 - 000913920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Graphics.Display.DisplayEnhancementService.dll
2019-02-20 15:06 - 2019-02-20 15:06 - 000912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2019-02-20 15:06 - 2019-02-20 15:06 - 000875008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2019-02-20 15:06 - 2019-02-20 15:06 - 000840192 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2019-02-20 15:06 - 2019-02-20 15:06 - 000762368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mprddm.dll
2019-02-20 15:06 - 2019-02-20 15:06 - 000703488 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2019-02-20 15:06 - 2019-02-20 15:06 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\system32\FrameServer.dll
2019-02-20 15:06 - 2019-02-20 15:06 - 000622592 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2019-02-20 15:06 - 2019-02-20 15:06 - 000522312 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2019-02-20 15:06 - 2019-02-20 15:06 - 000492032 _____ (Microsoft Corporation) C:\WINDOWS\system32\defragsvc.dll
2019-02-20 15:06 - 2019-02-20 15:06 - 000398848 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2019-02-20 15:06 - 2019-02-20 15:06 - 000359424 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmsvc.dll
2019-02-20 15:06 - 2019-02-20 15:06 - 000358400 _____ (Microsoft Corporation) C:\WINDOWS\regedit.exe
2019-02-20 15:06 - 2019-02-20 15:06 - 000340480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\udfs.sys
2019-02-20 15:06 - 2019-02-20 15:06 - 000316416 _____ (Microsoft Corporation) C:\WINDOWS\system32\FSClient.dll
2019-02-20 15:06 - 2019-02-20 15:06 - 000312832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.Workflow.dll
2019-02-20 15:06 - 2019-02-20 15:06 - 000289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\discan.dll
2019-02-20 15:06 - 2019-02-20 15:06 - 000284160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasppp.dll
2019-02-20 15:06 - 2019-02-20 15:06 - 000241152 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngOnline.dll
2019-02-20 15:06 - 2019-02-20 15:06 - 000222720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\prnntfy.dll
2019-02-20 15:06 - 2019-02-20 15:06 - 000176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\spacebridge.dll
2019-02-20 15:06 - 2019-02-20 15:06 - 000165376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrrun.dll
2019-02-20 15:06 - 2019-02-20 15:06 - 000156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasman.dll
2019-02-20 15:06 - 2019-02-20 15:06 - 000148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\CastingShellExt.dll
2019-02-20 15:06 - 2019-02-20 15:06 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintWorkflowService.dll
2019-02-20 15:06 - 2019-02-20 15:06 - 000104960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupcln.dll
2019-02-20 15:06 - 2019-02-20 15:06 - 000100352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cdfs.sys
2019-02-20 15:06 - 2019-02-20 15:06 - 000092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\PktMon.exe
2019-02-20 15:06 - 2019-02-20 15:06 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\offreg.dll
2019-02-20 15:06 - 2019-02-20 15:06 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\iscsiwmi.dll
2019-02-20 15:06 - 2019-02-20 15:06 - 000075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\SMSRouter.dll
2019-02-20 15:06 - 2019-02-20 15:06 - 000030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\msisip.dll
2019-02-20 15:05 - 2019-02-20 15:05 - 006540424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-02-20 15:05 - 2019-02-20 15:05 - 005205464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2019-02-20 15:05 - 2019-02-20 15:05 - 004627456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2019-02-20 15:05 - 2019-02-20 15:05 - 003108864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2019-02-20 15:05 - 2019-02-20 15:05 - 002275888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2019-02-20 15:05 - 2019-02-20 15:05 - 001762816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2019-02-20 15:05 - 2019-02-20 15:05 - 001675712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2019-02-20 15:05 - 2019-02-20 15:05 - 001590288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpserverbase.dll
2019-02-20 15:05 - 2019-02-20 15:05 - 001506304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2019-02-20 15:05 - 2019-02-20 15:05 - 001484800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2019-02-20 15:05 - 2019-02-20 15:05 - 001467560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2019-02-20 15:05 - 2019-02-20 15:05 - 001294848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2019-02-20 15:05 - 2019-02-20 15:05 - 001279024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Taskmgr.exe
2019-02-20 15:05 - 2019-02-20 15:05 - 001026992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2019-02-20 15:05 - 2019-02-20 15:05 - 000681984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uReFS.dll
2019-02-20 15:05 - 2019-02-20 15:05 - 000663552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2019-02-20 15:05 - 2019-02-20 15:05 - 000652320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2019-02-20 15:05 - 2019-02-20 15:05 - 000624640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apphelp.dll
2019-02-20 15:05 - 2019-02-20 15:05 - 000532480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2019-02-20 15:05 - 2019-02-20 15:05 - 000451072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2019-02-20 15:05 - 2019-02-20 15:05 - 000424960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2019-02-20 15:05 - 2019-02-20 15:05 - 000374784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\zipfldr.dll
2019-02-20 15:05 - 2019-02-20 15:05 - 000330752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2019-02-20 15:05 - 2019-02-20 15:05 - 000329728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AboveLockAppHost.dll
2019-02-20 15:05 - 2019-02-20 15:05 - 000312832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
2019-02-20 15:05 - 2019-02-20 15:05 - 000162304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryUpgrade.dll
2019-02-20 15:05 - 2019-02-20 15:05 - 000159744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincredui.dll
2019-02-20 15:05 - 2019-02-20 15:05 - 000151040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\container.dll
2019-02-20 15:05 - 2019-02-20 15:05 - 000114344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rmclient.dll
2019-02-20 15:05 - 2019-02-20 15:05 - 000095744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2019-02-20 15:05 - 2019-02-20 15:05 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nslookup.exe
2019-02-20 15:05 - 2019-02-20 15:05 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdBth.dll
2019-02-20 15:05 - 2019-02-20 15:05 - 000044032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf3216.dll
2019-02-20 15:04 - 2019-02-20 15:04 - 015224832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2019-02-20 15:04 - 2019-02-20 15:04 - 006306152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2019-02-20 15:04 - 2019-02-20 15:04 - 005764608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2019-02-20 15:04 - 2019-02-20 15:04 - 005086208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2019-02-20 15:04 - 2019-02-20 15:04 - 003730352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2019-02-20 15:04 - 2019-02-20 15:04 - 003427328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2019-02-20 15:04 - 2019-02-20 15:04 - 002927120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2019-02-20 15:04 - 2019-02-20 15:04 - 002832896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themeui.dll
2019-02-20 15:04 - 2019-02-20 15:04 - 002776920 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2019-02-20 15:04 - 2019-02-20 15:04 - 002765312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2019-02-20 15:04 - 2019-02-20 15:04 - 002702528 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2019-02-20 15:04 - 2019-02-20 15:04 - 002689024 _____ (Microsoft Corporation) 
C:\WINDOWS\system32\WebRuntimeManager.dll
2019-02-20 15:04 - 2019-02-20 15:04 - 002626592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2019-02-20 15:04 - 2019-02-20 15:04 - 002346496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2019-02-20 15:04 - 2019-02-20 15:04 - 001994768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2019-02-20 15:04 - 2019-02-20 15:04 - 001899160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2019-02-20 15:04 - 2019-02-20 15:04 - 001863168 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2019-02-20 15:04 - 2019-02-20 15:04 - 001720936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2019-02-20 15:04 - 2019-02-20 15:04 - 001711104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2019-02-20 15:04 - 2019-02-20 15:04 - 001700864 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2019-02-20 15:04 - 2019-02-20 15:04 - 001688576 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2019-02-20 15:04 - 2019-02-20 15:04 - 001674480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2019-02-20 15:04 - 2019-02-20 15:04 - 001671864 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2019-02-20 15:04 - 2019-02-20 15:04 - 001476096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2019-02-20 15:04 - 2019-02-20 15:04 - 001456736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3D12.dll
2019-02-20 15:04 - 2019-02-20 15:04 - 001360696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2019-02-20 15:04 - 2019-02-20 15:04 - 001271608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContentDeliveryManager.Utilities.dll
2019-02-20 15:04 - 2019-02-20 15:04 - 001254912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2019-02-20 15:04 - 2019-02-20 15:04 - 001180760 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2019-02-20 15:04 - 2019-02-20 15:04 - 001168384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2019-02-20 15:04 - 2019-02-20 15:04 - 001162280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2019-02-20 15:04 - 2019-02-20 15:04 - 001098136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2019-02-20 15:04 - 2019-02-20 15:04 - 000964976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2019-02-20 15:04 - 2019-02-20 15:04 - 000953856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSWorkspace.dll
2019-02-20 15:04 - 2019-02-20 15:04 - 000949248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2019-02-20 15:04 - 2019-02-20 15:04 - 000882688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2019-02-20 15:04 - 2019-02-20 15:04 - 000803328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.OnlineId.dll
2019-02-20 15:04 - 2019-02-20 15:04 - 000787456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2019-02-20 15:04 - 2019-02-20 15:04 - 000782968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2019-02-20 15:04 - 2019-02-20 15:04 - 000769536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2019-02-20 15:04 - 2019-02-20 15:04 - 000729088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2019-02-20 15:04 - 2019-02-20 15:04 - 000649272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2019-02-20 15:04 - 2019-02-20 15:04 - 000615936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2019-02-20 15:04 - 2019-02-20 15:04 - 000604248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.applicationmodel.datatransfer.dll
2019-02-20 15:04 - 2019-02-20 15:04 - 000588304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2019-02-20 15:04 - 2019-02-20 15:04 - 000585728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2019-02-20 15:04 - 2019-02-20 15:04 - 000570368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll
2019-02-20 15:04 - 2019-02-20 15:04 - 000535048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2019-02-20 15:04 - 2019-02-20 15:04 - 000514112 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2019-02-20 15:04 - 2019-02-20 15:04 - 000475152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2019-02-20 15:04 - 2019-02-20 15:04 - 000454160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2019-02-20 15:04 - 2019-02-20 15:04 - 000449024 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2019-02-20 15:04 - 2019-02-20 15:04 - 000434176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TileDataRepository.dll
2019-02-20 15:04 - 2019-02-20 15:04 - 000430904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Classpnp.sys
2019-02-20 15:04 - 2019-02-20 15:04 - 000403968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoMetadataHandler.dll
2019-02-20 15:04 - 2019-02-20 15:04 - 000383288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msrpc.sys
2019-02-20 15:04 - 2019-02-20 15:04 - 000373768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\coml2.dll
2019-02-20 15:04 - 2019-02-20 15:04 - 000349184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2019-02-20 15:04 - 2019-02-20 15:04 - 000297984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.Diagnostics.dll
2019-02-20 15:04 - 2019-02-20 15:04 - 000293376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2019-02-20 15:04 - 2019-02-20 15:04 - 000284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2019-02-20 15:04 - 2019-02-20 15:04 - 000277536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2019-02-20 15:04 - 2019-02-20 15:04 - 000262672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2019-02-20 15:04 - 2019-02-20 15:04 - 000252536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscapi.dll
2019-02-20 15:04 - 2019-02-20 15:04 - 000226816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wisp.dll
2019-02-20 15:04 - 2019-02-20 15:04 - 000201216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincredui.dll
2019-02-20 15:04 - 2019-02-20 15:04 - 000176440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2019-02-20 15:04 - 2019-02-20 15:04 - 000146888 _____ (Microsoft Corporation) C:\WINDOWS\system32\smss.exe
2019-02-20 15:04 - 2019-02-20 15:04 - 000144384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2019-02-20 15:04 - 2019-02-20 15:04 - 000129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spopk.dll
2019-02-20 15:04 - 2019-02-20 15:04 - 000122368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll
2019-02-20 15:04 - 2019-02-20 15:04 - 000121872 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdnet.dll
2019-02-20 15:04 - 2019-02-20 15:04 - 000104960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.NetworkOperators.HotspotAuthentication.dll
2019-02-20 15:04 - 2019-02-20 15:04 - 000091424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CompPkgSup.dll
2019-02-20 15:04 - 2019-02-20 15:04 - 000086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\nslookup.exe
2019-02-20 15:04 - 2019-02-20 15:04 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
2019-02-20 15:03 - 2019-02-20 15:03 - 006925824 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2019-02-20 15:03 - 2019-02-20 15:03 - 003504640 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2019-02-20 15:03 - 2019-02-20 15:03 - 002893312 _____ (Microsoft Corporation) C:\WINDOWS\system32\themeui.dll
2019-02-20 15:03 - 2019-02-20 15:03 - 002072728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2019-02-20 15:03 - 2019-02-20 15:03 - 001969680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refs.sys
2019-02-20 15:03 - 2019-02-20 15:03 - 001696936 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-02-20 15:03 - 2019-02-20 15:03 - 001467384 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-02-20 15:03 - 2019-02-20 15:03 - 001446400 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfc42u.dll
2019-02-20 15:03 - 2019-02-20 15:03 - 001415680 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfc42.dll
2019-02-20 15:03 - 2019-02-20 15:03 - 001341584 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2019-02-20 15:03 - 2019-02-20 15:03 - 001192448 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2019-02-20 15:03 - 2019-02-20 15:03 - 001178344 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2019-02-20 15:03 - 2019-02-20 15:03 - 001010176 _____ (Microsoft Corporation) C:\WINDOWS\system32\refsutil.exe
2019-02-20 15:03 - 2019-02-20 15:03 - 000982032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refsv1.sys
2019-02-20 15:03 - 2019-02-20 15:03 - 000947200 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2019-02-20 15:03 - 2019-02-20 15:03 - 000901632 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2019-02-20 15:03 - 2019-02-20 15:03 - 000800256 _____ (Microsoft Corporation) C:\WINDOWS\system32\uReFS.dll
2019-02-20 15:03 - 2019-02-20 15:03 - 000726208 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2019-02-20 15:03 - 2019-02-20 15:03 - 000429568 _____ (Microsoft Corporation) C:\WINDOWS\system32\zipfldr.dll
2019-02-20 15:03 - 2019-02-20 15:03 - 000286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wisp.dll
2019-02-20 15:03 - 2019-02-20 15:03 - 000275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2019-02-20 15:03 - 2019-02-20 15:03 - 000173568 _____ (Microsoft Corporation) C:\WINDOWS\system32\WPTaskScheduler.dll
2019-02-20 15:03 - 2019-02-20 15:03 - 000160256 _____ (Microsoft Corporation) C:\WINDOWS\system32\spopk.dll
2019-02-20 15:03 - 2019-02-20 15:03 - 000109568 _____ (Microsoft Corporation) C:\WINDOWS\system32\dab.dll
2019-02-20 15:03 - 2019-02-20 15:03 - 000094224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fileinfo.sys
2019-02-20 15:03 - 2019-02-20 15:03 - 000071168 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdBth.dll
2019-02-20 15:02 - 2019-02-20 15:02 - 022111856 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2019-02-20 15:02 - 2019-02-20 15:02 - 005565952 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2019-02-20 15:02 - 2019-02-20 15:02 - 004702704 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupapi.dll
2019-02-20 15:02 - 2019-02-20 15:02 - 004588544 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2019-02-20 15:02 - 2019-02-20 15:02 - 004298752 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2019-02-20 15:02 - 2019-02-20 15:02 - 004019200 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2019-02-20 15:02 - 2019-02-20 15:02 - 002879488 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsservices.dll
2019-02-20 15:02 - 2019-02-20 15:02 - 001819136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2019-02-20 15:02 - 2019-02-20 15:02 - 001671680 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsPrint.dll
2019-02-20 15:02 - 2019-02-20 15:02 - 001641400 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2019-02-20 15:02 - 2019-02-20 15:02 - 001395248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2019-02-20 15:02 - 2019-02-20 15:02 - 001391096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Taskmgr.exe
2019-02-20 15:02 - 2019-02-20 15:02 - 001314304 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2019-02-20 15:02 - 2019-02-20 15:02 - 001267712 _____ (Microsoft Corporation) C:\WINDOWS\system32\APMon.dll
2019-02-20 15:02 - 2019-02-20 15:02 - 001249792 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2019-02-20 15:02 - 2019-02-20 15:02 - 001056256 _____ (Microsoft Corporation) C:\WINDOWS\system32\pidgenx.dll
2019-02-20 15:02 - 2019-02-20 15:02 - 000954368 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2019-02-20 15:02 - 2019-02-20 15:02 - 000925184 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2019-02-20 15:02 - 2019-02-20 15:02 - 000889344 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneService.dll
2019-02-20 15:02 - 2019-02-20 15:02 - 000887808 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprddm.dll
2019-02-20 15:02 - 2019-02-20 15:02 - 000700416 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Language.dll
2019-02-20 15:02 - 2019-02-20 15:02 - 000684544 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2019-02-20 15:02 - 2019-02-20 15:02 - 000669184 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplicationFrame.dll
2019-02-20 15:02 - 2019-02-20 15:02 - 000593920 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2019-02-20 15:02 - 2019-02-20 15:02 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SppExtComObj.Exe
2019-02-20 15:02 - 2019-02-20 15:02 - 000577536 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofmsvc.dll
2019-02-20 15:02 - 2019-02-20 15:02 - 000553984 _____ (Microsoft Corporation) C:\WINDOWS\system32\apphelp.dll
2019-02-20 15:02 - 2019-02-20 15:02 - 000516608 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2019-02-20 15:02 - 2019-02-20 15:02 - 000515584 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2019-02-20 15:02 - 2019-02-20 15:02 - 000500224 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_PCDisplay.dll
2019-02-20 15:02 - 2019-02-20 15:02 - 000496872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2019-02-20 15:02 - 2019-02-20 15:02 - 000494080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Activities.dll
2019-02-20 15:02 - 2019-02-20 15:02 - 000448000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.Workflow.dll
2019-02-20 15:02 - 2019-02-20 15:02 - 000420864 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll
2019-02-20 15:02 - 2019-02-20 15:02 - 000407552 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2019-02-20 15:02 - 2019-02-20 15:02 - 000365056 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationControllerPS.dll
2019-02-20 15:02 - 2019-02-20 15:02 - 000326144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.OneCore.dll
2019-02-20 15:02 - 2019-02-20 15:02 - 000305664 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasppp.dll
2019-02-20 15:02 - 2019-02-20 15:02 - 000256512 _____ (Microsoft Corporation) C:\WINDOWS\system32\prnntfy.dll
2019-02-20 15:02 - 2019-02-20 15:02 - 000195072 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrrun.dll
2019-02-20 15:02 - 2019-02-20 15:02 - 000184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasman.dll
2019-02-20 15:02 - 2019-02-20 15:02 - 000119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupcln.dll
2019-02-20 15:02 - 2019-02-20 15:02 - 000092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlaapi.dll
2019-02-20 15:02 - 2019-02-20 15:02 - 000092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wanarp.sys
2019-02-20 15:02 - 2019-02-20 15:02 - 000039936 _____ (Microsoft Corporation) C:\WINDOWS\system32\npmproxy.dll
2019-02-20 15:01 - 2019-02-20 15:01 - 009683984 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-02-20 15:01 - 2019-02-20 15:01 - 001884672 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2019-02-20 15:01 - 2019-02-20 15:01 - 001664904 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2019-02-20 15:01 - 2019-02-20 15:01 - 000609792 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2019-02-20 15:01 - 2019-02-20 15:01 - 000566584 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2019-02-20 15:01 - 2019-02-20 15:01 - 000556544 _____ (Microsoft Corporation) C:\WINDOWS\system32\BTAGService.dll
2019-02-20 15:01 - 2019-02-20 15:01 - 000400384 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll
2019-02-20 15:01 - 2019-02-20 15:01 - 000398848 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2019-02-20 15:01 - 2019-02-20 15:01 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\system32\HttpsDataSource.dll
2019-02-20 15:01 - 2019-02-20 15:01 - 000041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpkinstall.exe
2019-02-20 15:00 - 2019-02-20 15:00 - 017520640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2019-02-20 15:00 - 2019-02-20 15:00 - 007645600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-02-20 15:00 - 2019-02-20 15:00 - 005561856 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2019-02-20 15:00 - 2019-02-20 15:00 - 005527552 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2019-02-20 15:00 - 2019-02-20 15:00 - 005312512 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2019-02-20 15:00 - 2019-02-20 15:00 - 004245280 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2019-02-20 15:00 - 2019-02-20 15:00 - 003982848 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2019-02-20 15:00 - 2019-02-20 15:00 - 003662336 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2019-02-20 15:00 - 2019-02-20 15:00 - 003386368 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-02-20 15:00 - 2019-02-20 15:00 - 003379000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2019-02-20 15:00 - 2019-02-20 15:00 - 003334144 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2019-02-20 15:00 - 2019-02-20 15:00 - 003092480 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2019-02-20 15:00 - 2019-02-20 15:00 - 002843136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2019-02-20 15:00 - 2019-02-20 15:00 - 002618880 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2019-02-20 15:00 - 2019-02-20 15:00 - 002488320 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2019-02-20 15:00 - 2019-02-20 15:00 - 002437552 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2019-02-20 15:00 - 2019-02-20 15:00 - 002187264 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-02-20 15:00 - 2019-02-20 15:00 - 002185728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2019-02-20 15:00 - 2019-02-20 15:00 - 001903616 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2019-02-20 15:00 - 2019-02-20 15:00 - 001842600 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3D12.dll
2019-02-20 15:00 - 2019-02-20 15:00 - 001830912 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpserverbase.dll
2019-02-20 15:00 - 2019-02-20 15:00 - 001824768 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2019-02-20 15:00 - 2019-02-20 15:00 - 001797128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2019-02-20 15:00 - 2019-02-20 15:00 - 001715712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ISM.dll
2019-02-20 15:00 - 2019-02-20 15:00 - 001604096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-02-20 15:00 - 2019-02-20 15:00 - 001533440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2019-02-20 15:00 - 2019-02-20 15:00 - 001462272 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2019-02-20 15:00 - 2019-02-20 15:00 - 001287776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2019-02-20 15:00 - 2019-02-20 15:00 - 001057792 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2019-02-20 15:00 - 2019-02-20 15:00 - 001054200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-02-20 15:00 - 2019-02-20 15:00 - 001050624 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2019-02-20 15:00 - 2019-02-20 15:00 - 001032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2019-02-20 15:00 - 2019-02-20 15:00 - 000890368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2019-02-20 15:00 - 2019-02-20 15:00 - 000864056 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
2019-02-20 15:00 - 2019-02-20 15:00 - 000863752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2019-02-20 15:00 - 2019-02-20 15:00 - 000836096 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2019-02-20 15:00 - 2019-02-20 15:00 - 000820736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2019-02-20 15:00 - 2019-02-20 15:00 - 000818832 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.applicationmodel.datatransfer.dll
2019-02-20 15:00 - 2019-02-20 15:00 - 000801792 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2019-02-20 15:00 - 2019-02-20 15:00 - 000735232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2019-02-20 15:00 - 2019-02-20 15:00 - 000681984 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2019-02-20 15:00 - 2019-02-20 15:00 - 000663552 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2019-02-20 15:00 - 2019-02-20 15:00 - 000547840 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll
2019-02-20 15:00 - 2019-02-20 15:00 - 000543744 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2019-02-20 15:00 - 2019-02-20 15:00 - 000518656 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2019-02-20 15:00 - 2019-02-20 15:00 - 000514048 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpusersvc.dll
2019-02-20 15:00 - 2019-02-20 15:00 - 000494080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.dll
2019-02-20 15:00 - 2019-02-20 15:00 - 000487424 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoMetadataHandler.dll
2019-02-20 15:00 - 2019-02-20 15:00 - 000468992 _____ (Microsoft Corporation) C:\WINDOWS\system32\coml2.dll
2019-02-20 15:00 - 2019-02-20 15:00 - 000439296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2019-02-20 15:00 - 2019-02-20 15:00 - 000433152 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
2019-02-20 15:00 - 2019-02-20 15:00 - 000415744 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2019-02-20 15:00 - 2019-02-20 15:00 - 000394240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2019-02-20 15:00 - 2019-02-20 15:00 - 000371200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Diagnostics.dll
2019-02-20 15:00 - 2019-02-20 15:00 - 000346624 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2019-02-20 15:00 - 2019-02-20 15:00 - 000273408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2019-02-20 15:00 - 2019-02-20 15:00 - 000246784 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
2019-02-20 15:00 - 2019-02-20 15:00 - 000241664 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2019-02-20 15:00 - 2019-02-20 15:00 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2019-02-20 15:00 - 2019-02-20 15:00 - 000200192 _____ (Microsoft Corporation) C:\WINDOWS\system32\ACPBackgroundManagerPolicy.dll
2019-02-20 15:00 - 2019-02-20 15:00 - 000197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\bthserv.dll
2019-02-20 15:00 - 2019-02-20 15:00 - 000182784 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2019-02-20 15:00 - 2019-02-20 15:00 - 000178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\appsruprov.dll
2019-02-20 15:00 - 2019-02-20 15:00 - 000175096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msgpioclx.sys
2019-02-20 15:00 - 2019-02-20 15:00 - 000171520 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
2019-02-20 15:00 - 2019-02-20 15:00 - 000155648 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2019-02-20 15:00 - 2019-02-20 15:00 - 000151872 _____ (Microsoft Corporation) C:\WINDOWS\system32\rmclient.dll
2019-02-20 15:00 - 2019-02-20 15:00 - 000148480 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2019-02-20 15:00 - 2019-02-20 15:00 - 000146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2019-02-20 15:00 - 2019-02-20 15:00 - 000120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2019-02-20 15:00 - 2019-02-20 15:00 - 000097592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys
2019-02-20 15:00 - 2019-02-20 15:00 - 000075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSManMigrationPlugin.dll
2019-02-20 15:00 - 2019-02-20 15:00 - 000074424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WindowsTrustedRT.sys
2019-02-20 15:00 - 2019-02-20 15:00 - 000056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\msscntrs.dll
2019-02-20 15:00 - 2019-02-20 15:00 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnsruprov.dll
2019-02-20 15:00 - 2019-02-20 15:00 - 000032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSManHTTPConfig.exe
2019-02-20 14:59 - 2019-02-20 14:59 - 002630656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2019-02-20 14:59 - 2019-02-20 14:59 - 001315840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll
2019-02-20 14:59 - 2019-02-20 14:59 - 001199104 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2019-02-20 14:59 - 2019-02-20 14:59 - 000378368 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2019-02-20 14:59 - 2019-02-20 14:59 - 000294072 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscapi.dll
2019-02-20 14:59 - 2019-02-20 14:59 - 000289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2019-02-20 14:59 - 2019-02-20 14:59 - 000266240 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2019-02-20 14:59 - 2019-02-20 14:59 - 000228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2019-02-20 14:59 - 2019-02-20 14:59 - 000140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.NetworkOperators.HotspotAuthentication.dll
2019-02-20 14:59 - 2019-02-20 14:59 - 000094208 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdatastore.dll
2019-02-20 14:59 - 2019-02-20 14:59 - 000083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe
2019-02-20 14:58 - 2019-02-20 14:59 - 000157192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2019-02-20 14:58 - 2019-02-20 14:58 - 006132736 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2019-02-20 14:58 - 2019-02-20 14:58 - 005130752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2019-02-20 14:58 - 2019-02-20 14:58 - 003556352 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2019-02-20 14:58 - 2019-02-20 14:58 - 003270144 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2019-02-20 14:58 - 2019-02-20 14:58 - 002992640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2019-02-20 14:58 - 2019-02-20 14:58 - 002766136 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2019-02-20 14:58 - 2019-02-20 14:58 - 002594872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2019-02-20 14:58 - 2019-02-20 14:58 - 002085376 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2019-02-20 14:58 - 2019-02-20 14:58 - 001975296 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2019-02-20 14:58 - 2019-02-20 14:58 - 001700880 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2019-02-20 14:58 - 2019-02-20 14:58 - 001616384 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2019-02-20 14:58 - 2019-02-20 14:58 - 001331744 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2019-02-20 14:58 - 2019-02-20 14:58 - 001258512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2019-02-20 14:58 - 2019-02-20 14:58 - 001209360 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvstore.dll
2019-02-20 14:58 - 2019-02-20 14:58 - 001005568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2019-02-20 14:58 - 2019-02-20 14:58 - 000998912 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2019-02-20 14:58 - 2019-02-20 14:58 - 000970256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\drvstore.dll
2019-02-20 14:58 - 2019-02-20 14:58 - 000956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2019-02-20 14:58 - 2019-02-20 14:58 - 000955392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll
2019-02-20 14:58 - 2019-02-20 14:58 - 000897848 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2019-02-20 14:58 - 2019-02-20 14:58 - 000765960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2019-02-20 14:58 - 2019-02-20 14:58 - 000756640 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2019-02-20 14:58 - 2019-02-20 14:58 - 000744960 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2019-02-20 14:58 - 2019-02-20 14:58 - 000741888 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2019-02-20 14:58 - 2019-02-20 14:58 - 000680184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2019-02-20 14:58 - 2019-02-20 14:58 - 000651304 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2019-02-20 14:58 - 2019-02-20 14:58 - 000648192 _____ (Microsoft Corporation) C:\WINDOWS\system32\w32time.dll
2019-02-20 14:58 - 2019-02-20 14:58 - 000612368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2019-02-20 14:58 - 2019-02-20 14:58 - 000604552 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2019-02-20 14:58 - 2019-02-20 14:58 - 000580024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2019-02-20 14:58 - 2019-02-20 14:58 - 000531976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2019-02-20 14:58 - 2019-02-20 14:58 - 000527872 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2019-02-20 14:58 - 2019-02-20 14:58 - 000506408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2019-02-20 14:58 - 2019-02-20 14:58 - 000478208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2019-02-20 14:58 - 2019-02-20 14:58 - 000419128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2019-02-20 14:58 - 2019-02-20 14:58 - 000417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\eeprov.dll
2019-02-20 14:58 - 2019-02-20 14:58 - 000402944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\exfat.sys
2019-02-20 14:58 - 2019-02-20 14:58 - 000402576 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave.dll
2019-02-20 14:58 - 2019-02-20 14:58 - 000398416 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave_secure.dll
2019-02-20 14:58 - 2019-02-20 14:58 - 000388096 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2019-02-20 14:58 - 2019-02-20 14:58 - 000375544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2019-02-20 14:58 - 2019-02-20 14:58 - 000324408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswsock.dll
2019-02-20 14:58 - 2019-02-20 14:58 - 000290816 _____ (Microsoft Corporation) C:\WINDOWS\system32\wkssvc.dll
2019-02-20 14:58 - 2019-02-20 14:58 - 000276488 _____ (Microsoft Corporation) C:\WINDOWS\system32\MTF.dll
2019-02-20 14:58 - 2019-02-20 14:58 - 000275768 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2019-02-20 14:58 - 2019-02-20 14:58 - 000203280 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcbloader.dll
2019-02-20 14:58 - 2019-02-20 14:58 - 000202552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MTF.dll
2019-02-20 14:58 - 2019-02-20 14:58 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2019-02-20 14:58 - 2019-02-20 14:58 - 000178696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2019-02-20 14:58 - 2019-02-20 14:58 - 000175104 _____ (Microsoft Corporation) C:\WINDOWS\system32\energyprov.dll
2019-02-20 14:58 - 2019-02-20 14:58 - 000165376 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompPkgSrv.exe
2019-02-20 14:58 - 2019-02-20 14:58 - 000164288 _____ (Microsoft Corporation) C:\WINDOWS\system32\vertdll.dll
2019-02-20 14:58 - 2019-02-20 14:58 - 000143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2019-02-20 14:58 - 2019-02-20 14:58 - 000140808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tm.sys
2019-02-20 14:58 - 2019-02-20 14:58 - 000114856 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompPkgSup.dll
2019-02-20 14:58 - 2019-02-20 14:58 - 000062464 _____ (Microsoft Corporation) C:\WINDOWS\system32\umpo-overrides.dll
2019-02-20 14:58 - 2019-02-20 14:58 - 000047136 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser_broker.exe
2019-02-20 14:58 - 2019-02-20 14:58 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2019-02-20 14:58 - 2019-02-20 14:58 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2019-02-20 14:58 - 2019-02-20 14:58 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2019-02-20 14:58 - 2019-02-20 14:58 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2019-02-20 14:58 - 2019-02-20 14:58 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2019-02-20 14:58 - 2019-02-20 14:58 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2019-02-20 14:58 - 2019-02-20 14:58 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2019-02-20 14:58 - 2019-02-20 14:58 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2019-02-20 14:58 - 2019-02-20 14:58 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2019-02-20 14:57 - 2019-02-20 14:57 - 003338328 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2019-02-20 14:57 - 2019-02-20 14:57 - 001387496 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2019-02-20 14:57 - 2019-02-20 14:57 - 001212416 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2019-02-20 14:57 - 2019-02-20 14:57 - 000982576 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2019-02-20 14:57 - 2019-02-20 14:57 - 000850968 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2019-02-20 14:57 - 2019-02-20 14:57 - 000822448 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2019-02-20 14:57 - 2019-02-20 14:57 - 000806560 _____ C:\WINDOWS\SysWOW64\locale.nls
2019-02-20 14:57 - 2019-02-20 14:57 - 000806560 _____ C:\WINDOWS\system32\locale.nls
2019-02-20 14:57 - 2019-02-20 14:57 - 000799568 _____ (Microsoft Corporation) 
C:\WINDOWS\system32\dnsapi.dll
2019-02-20 14:57 - 2019-02-20 14:57 - 000629576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2019-02-20 14:57 - 2019-02-20 14:57 - 000473616 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2019-02-20 14:57 - 2019-02-20 14:57 - 000469504 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2019-02-20 14:57 - 2019-02-20 14:57 - 000463672 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2019-02-20 14:57 - 2019-02-20 14:57 - 000408800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mswsock.dll
2019-02-20 14:57 - 2019-02-20 14:57 - 000349184 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2019-02-20 14:57 - 2019-02-20 14:57 - 000303616 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll
2019-02-20 14:57 - 2019-02-20 14:57 - 000217600 _____ (Microsoft Corporation) C:\WINDOWS\system32\container.dll
2019-02-20 14:57 - 2019-02-20 14:57 - 000198144 _____ (Microsoft Corporation) C:\WINDOWS\system32\netiohlp.dll
2019-02-20 14:57 - 2019-02-20 14:57 - 000102392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bindflt.sys
2019-02-20 14:57 - 2019-02-20 14:57 - 000087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcnfs.sys
2019-02-20 14:57 - 2019-02-20 14:57 - 000039304 _____ (Microsoft Corporation) C:\WINDOWS\system32\NtlmShared.dll
2019-02-20 14:57 - 2019-02-20 14:57 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2019-02-20 14:56 - 2019-02-20 14:56 - 007685016 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2019-02-20 14:56 - 2019-02-20 14:56 - 004991096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2019-02-20 14:56 - 2019-02-20 14:56 - 002929152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2019-02-20 14:56 - 2019-02-20 14:56 - 002721280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2019-02-20 14:56 - 2019-02-20 14:56 - 002654208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2019-02-20 14:56 - 2019-02-20 14:56 - 002466304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2019-02-20 14:56 - 2019-02-20 14:56 - 002149368 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2019-02-20 14:56 - 2019-02-20 14:56 - 002021584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2019-02-20 14:56 - 2019-02-20 14:56 - 001520208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2019-02-20 14:56 - 2019-02-20 14:56 - 001496064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2019-02-20 14:56 - 2019-02-20 14:56 - 001255736 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-02-20 14:56 - 2019-02-20 14:56 - 001051960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ClipSp.sys
2019-02-20 14:56 - 2019-02-20 14:56 - 001050936 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-02-20 14:56 - 2019-02-20 14:56 - 000918304 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2019-02-20 14:56 - 2019-02-20 14:56 - 000865784 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2019-02-20 14:56 - 2019-02-20 14:56 - 000854016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2019-02-20 14:56 - 2019-02-20 14:56 - 000773120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2019-02-20 14:56 - 2019-02-20 14:56 - 000660496 _____ (Microsoft Corporation) C:\WINDOWS\system32\computecore.dll
2019-02-20 14:56 - 2019-02-20 14:56 - 000582240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2019-02-20 14:56 - 2019-02-20 14:56 - 000461824 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2019-02-20 14:56 - 2019-02-20 14:56 - 000407040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.dll
2019-02-20 14:56 - 2019-02-20 14:56 - 000394752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcLayers.dll
2019-02-20 14:56 - 2019-02-20 14:56 - 000387384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2019-02-20 14:56 - 2019-02-20 14:56 - 000353488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2019-02-20 14:56 - 2019-02-20 14:56 - 000310784 _____ (Microsoft Corporation) C:\WINDOWS\system32\icsvcext.dll
2019-02-20 14:56 - 2019-02-20 14:56 - 000306704 _____ (Microsoft Corporation) C:\WINDOWS\system32\computestorage.dll
2019-02-20 14:56 - 2019-02-20 14:56 - 000300024 _____ (Microsoft Corporation) C:\WINDOWS\system32\icsvc.dll
2019-02-20 14:56 - 2019-02-20 14:56 - 000273920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2019-02-20 14:56 - 2019-02-20 14:56 - 000195072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryUpgrade.dll
2019-02-20 14:56 - 2019-02-20 14:56 - 000165376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spacebridge.dll
2019-02-20 14:56 - 2019-02-20 14:56 - 000155648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netiohlp.dll
2019-02-20 14:56 - 2019-02-20 14:56 - 000095544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storqosflt.sys
2019-02-20 14:56 - 2019-02-20 14:56 - 000090424 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2019-02-20 14:56 - 2019-02-20 14:56 - 000083472 _____ (Microsoft Corporation) C:\WINDOWS\system32\vid.dll
2019-02-20 14:56 - 2019-02-20 14:56 - 000070144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nlaapi.dll
2019-02-20 14:56 - 2019-02-20 14:56 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iscsiwmi.dll
2019-02-20 14:56 - 2019-02-20 14:56 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSManMigrationPlugin.dll
2019-02-20 14:56 - 2019-02-20 14:56 - 000055608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\iorate.sys
2019-02-20 14:56 - 2019-02-20 14:56 - 000051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mmcss.sys
2019-02-20 14:56 - 2019-02-20 14:56 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSManHTTPConfig.exe
2019-02-20 14:56 - 2019-02-20 14:56 - 000033056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NtlmShared.dll
2019-02-20 14:56 - 2019-02-20 14:56 - 000021504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\npmproxy.dll
2019-02-20 14:56 - 2019-02-20 14:56 - 000000072 _____ C:\WINDOWS\system32\edgehtmlpluginpolicy.bin
2019-02-20 14:55 - 2019-02-20 14:55 - 001221120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2019-02-20 14:55 - 2019-02-20 14:55 - 000752136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2019-02-20 14:55 - 2019-02-20 14:55 - 000651792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2019-02-20 14:55 - 2019-02-20 14:55 - 000519992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Vid.sys
2019-02-20 14:55 - 2019-02-20 14:55 - 000421376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2019-02-20 14:55 - 2019-02-20 14:55 - 000298296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2019-02-20 14:55 - 2019-02-20 14:55 - 000195896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spacedump.sys
2019-02-20 14:55 - 2019-02-20 14:55 - 000193032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2019-02-20 14:55 - 2019-02-20 14:55 - 000164344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storahci.sys
2019-02-20 14:55 - 2019-02-20 14:55 - 000132104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2019-02-20 14:55 - 2019-02-20 14:55 - 000120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthhfenum.sys
2019-02-20 14:55 - 2019-02-20 14:55 - 000111104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthenum.sys
2019-02-20 14:55 - 2019-02-20 14:55 - 000090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volmgr.sys
2019-02-20 14:55 - 2019-02-20 14:55 - 000080400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vpci.sys
2019-02-20 14:55 - 2019-02-20 14:55 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidparse.sys
2019-02-20 14:06 - 2019-02-20 14:06 - 000000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2019-02-20 14:06 - 2019-02-20 14:06 - 000000000 ____D C:\Program Files\Reference Assemblies
2019-02-20 14:06 - 2019-02-20 14:06 - 000000000 ____D C:\Program Files\MSBuild
2019-02-20 14:06 - 2019-02-20 14:06 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
2019-02-20 14:06 - 2019-02-20 14:06 - 000000000 ____D C:\Program Files (x86)\MSBuild
2019-02-20 14:02 - 2019-02-20 14:02 - 001167960 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2019-02-20 14:02 - 2019-02-20 14:02 - 000780376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2019-02-20 14:02 - 2019-02-20 14:02 - 000126064 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2019-02-20 14:02 - 2019-02-20 14:02 - 000104560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2019-02-20 14:02 - 2019-02-20 14:02 - 000036896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2019-02-20 14:02 - 2019-02-20 14:02 - 000035440 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2019-02-20 13:44 - 2019-02-20 13:44 - 000922112 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsFilt.dll
2019-02-20 13:44 - 2019-02-20 13:44 - 000595968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsFilt.dll
2019-02-20 13:44 - 2019-02-20 13:44 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\XPSSHHDR.dll
2019-02-20 13:44 - 2019-02-20 13:44 - 000081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XPSSHHDR.dll
2019-02-20 13:44 - 2019-02-20 13:44 - 000076060 _____ C:\WINDOWS\SysWOW64\xpsrchvw.xml
2019-02-20 13:44 - 2019-02-20 13:44 - 000076060 _____ C:\WINDOWS\system32\xpsrchvw.xml
2019-02-20 13:18 - 2019-02-20 13:18 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2019-02-20 11:32 - 2019-02-20 18:15 - 000000000 ____D C:\Windows.old
2019-02-20 00:33 - 2019-02-20 18:21 - 000000000 ___DC C:\WINDOWS\Panther
2019-02-18 19:10 - 2019-02-18 19:10 - 000001024 _____ C:\Users\Dhayan Franco Rojas\Desktop\masmas.txt
2019-02-17 14:19 - 2019-02-17 14:19 - 000330334 _____ C:\Users\Dhayan Franco Rojas\Downloads\MANUAL DE EXAMENES - LAMOLINA VIRTUAL.pdf
2019-02-17 14:17 - 2019-02-17 14:17 - 000743092 _____ C:\Users\Dhayan Franco Rojas\Downloads\MANUAL DE USUARIO - LAMOLINA VIRTUAL.pdf
2019-02-16 22:18 - 2019-02-16 22:24 - 000000000 ____D C:\AdwCleaner
2019-02-16 21:17 - 2019-02-16 21:18 - 007316688 _____ (Malwarebytes) C:\Users\Dhayan Franco Rojas\Desktop\adwcleaner_7.2.7.0.exe
2019-02-16 20:32 - 2019-02-16 20:32 - 000000000 ____D C:\Users\Dhayan Franco Rojas\AppData\Local\mbam
2019-02-16 20:30 - 2019-02-16 20:30 - 000198512 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2019-02-16 20:30 - 2019-02-16 20:30 - 000000000 ____D C:\Users\Dhayan Franco Rojas\AppData\Local\mbamtray
2019-02-16 20:29 - 2019-02-20 11:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-02-16 20:29 - 2019-02-16 20:29 - 000000000 ____D C:\ProgramData\Malwarebytes
2019-02-16 20:29 - 2019-02-16 20:29 - 000000000 ____D C:\Program Files\Malwarebytes
2019-02-16 20:29 - 2019-02-01 11:20 - 000020936 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2019-02-16 20:29 - 2019-01-08 15:32 - 000153328 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2019-02-15 19:32 - 2019-02-20 11:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SIGNNET_SERVICES
2019-02-15 19:32 - 2019-02-15 19:32 - 000000000 ____D C:\Program Files\SIGNNET_SERVICES
2019-02-15 19:27 - 2019-02-11 13:03 - 000110968 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2019-02-11 18:29 - 2019-02-11 18:29 - 001347075 _____ C:\Users\Dhayan Franco Rojas\Documents\bookmarks_11_2_19.html
2019-02-11 18:23 - 2019-02-11 18:23 - 000648461 _____ C:\Users\Dhayan Franco Rojas\Downloads\tubinv_01protocoloinvestigacion.pdf
2019-02-11 15:26 - 2019-02-11 15:26 - 013130185 _____ C:\Users\Dhayan Franco Rojas\Downloads\DOMINIO DE LOS PARADIGMASLA CURVA DE LOS PARADIGMAS.mp4
2019-02-11 15:11 - 2019-02-11 15:12 - 001830003 _____ C:\Users\Dhayan Franco Rojas\Downloads\NUEVO NEGOCIO DE LOS PARADIGMASEL - EDICION CLASICA 26 EDICION SIGLO 21 - 18.mp4
2019-02-11 15:07 - 2019-02-11 15:07 - 006053558 _____ C:\Users\Dhayan Franco Rojas\Downloads\DOMINIO DE LOS PARADIGMASEL EFECTO DE LOS PARADIGMAS (1).mp4
2019-02-11 15:04 - 2019-02-11 15:05 - 006053558 _____ C:\Users\Dhayan Franco Rojas\Downloads\DOMINIO DE LOS PARADIGMASEL EFECTO DE LOS PARADIGMAS.mp4
2019-02-11 13:05 - 2019-02-11 13:05 - 000000000 ____D C:\Users\Default\AppData\Roaming\Sun
2019-02-11 13:05 - 2019-02-11 13:05 - 000000000 ____D C:\Users\Default User\AppData\Roaming\Sun
2019-02-11 12:58 - 2019-02-20 11:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\R
2019-02-11 12:56 - 2019-02-11 12:56 - 000000000 ____D C:\Program Files\R
2019-02-11 12:51 - 2019-02-11 12:51 - 000000000 ____D C:\Users\Dhayan Franco Rojas\AppData\Local\AviraSpeedup
2019-02-11 12:51 - 2019-02-11 12:51 - 000000000 ____D C:\Users\Dhayan Franco Rojas\AppData\Local\Avira
2019-02-11 12:35 - 2019-02-11 12:35 - 000000000 ____D C:\Users\Public\PrivacyPal Sessions
2019-02-10 21:30 - 2019-02-10 21:30 - 000089985 _____ C:\WINDOWS\dxdiag.txt
2019-02-10 19:56 - 2019-02-10 19:56 - 000000324 _____ C:\Users\Dhayan Franco Rojas\AppData\Local\config.ini
2019-02-10 19:37 - 2019-02-20 11:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\USB2.0 Card Reader Software
2019-02-10 19:36 - 2009-11-06 04:25 - 000050176 ____R (Realtek Semiconductor Corp.) C:\WINDOWS\SysWOW64\Drivers\RtsUCcid.sys
2019-02-10 19:36 - 2009-11-06 04:25 - 000019968 ____R (Realtek Semiconductor Corp.) C:\WINDOWS\SysWOW64\Drivers\RtsUIr.sys
2019-02-10 19:25 - 2019-02-15 19:25 - 000000000 ____D C:\Program Files\Java
2019-02-08 19:38 - 2019-02-10 19:57 - 000000226 _____ C:\Users\Dhayan Franco Rojas\Desktop\por hacer.txt
2019-02-05 10:23 - 2019-02-05 10:23 - 011888037 _____ C:\Users\Dhayan Franco Rojas\Downloads\TheNoviceScientist-3ed.pdf
2019-02-04 09:50 - 2019-02-04 09:50 - 000905140 _____ C:\Users\Dhayan Franco Rojas\Downloads\gestion peruanos migran a compra de formatos grandes en cuidado personal y del hogar 2019-02_#12.pdf
2019-02-03 20:43 - 2019-02-03 20:44 - 000000000 ____D C:\Users\Dhayan Franco Rojas\AppData\Local\com.surfeasy.se0214
2019-02-03 20:41 - 2019-02-20 17:44 - 000000000 ____D C:\Users\Dhayan Franco Rojas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SurfEasy VPN
2019-02-03 20:40 - 2019-02-03 20:41 - 000000000 ____D C:\Program Files (x86)\SurfEasy VPN
2019-02-03 20:33 - 2019-02-03 20:33 - 000000000 ____D C:\ProgramData\Coronet_SecureConnect
2019-02-02 19:49 - 2019-02-02 19:50 - 040940938 _____ C:\Users\Dhayan Franco Rojas\Downloads\Introduccion a la investigacion de operaciones, Frederick Hiller, Gerald Lieberman, 9na edicion.pdf
2019-02-02 19:49 - 2019-02-02 19:49 - 002258796 _____ C:\Users\Dhayan Franco Rojas\Downloads\Manual Logistica y Distribucion.pdf
2019-01-26 09:50 - 2019-01-07 18:38 - 000425128 _____ (Lenovo Group Limited) C:\WINDOWS\system32\iMDriverHelper.dll
2019-01-26 09:50 - 2019-01-07 18:38 - 000205992 _____ (Lenovo Group Ltd.) C:\WINDOWS\system32\Lenovo.Modern.CoreTypes.dll
2019-01-26 09:50 - 2019-01-07 18:38 - 000130216 _____ (Lenovo Group Ltd.) C:\WINDOWS\system32\Lenovo.Modern.Utilities.dll
2019-01-26 09:50 - 2019-01-07 18:38 - 000104616 _____ (Lenovo Group Ltd.) C:\WINDOWS\system32\WudfUpdate_02000.dll
2019-01-26 09:50 - 2019-01-07 18:38 - 000097448 _____ (Lenovo Group Ltd.) C:\WINDOWS\system32\Lenovo.Modern.ImController.ImClient.dll
2019-01-26 09:50 - 2019-01-07 18:38 - 000053416 _____ (Lenovo Group Ltd.) C:\WINDOWS\system32\ImController.InfInstaller.exe
2019-01-26 09:50 - 2019-01-07 18:38 - 000043688 _____ (Lenovo Group Ltd.) C:\WINDOWS\system32\Lenovo.ImController.EventLogging.dll
2019-01-25 17:32 - 2019-02-20 17:44 - 000000000 ____D C:\Users\Dhayan Franco Rojas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-02-24 22:57 - 2017-01-30 18:25 - 000000000 ____D C:\Users\Dhayan Franco Rojas\AppData\LocalLow\Mozilla
2019-02-24 22:15 - 2018-07-15 00:08 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2019-02-24 22:12 - 2018-09-15 02:33 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-02-24 22:03 - 2015-07-21 01:20 - 000000000 __SHD C:\Users\Dhayan Franco Rojas\IntelGraphicsProfiles
2019-02-24 22:00 - 2018-09-15 01:09 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2019-02-24 14:07 - 2018-09-15 02:33 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2019-02-23 12:49 - 2018-09-15 02:33 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-02-23 12:48 - 2018-09-15 02:33 - 000000000 ___HD C:\Program Files\WindowsApps
2019-02-22 11:43 - 2017-12-06 01:05 - 000000000 ____D C:\Users\Dhayan Franco Rojas\AppData\Local\Packages
2019-02-22 10:13 - 2018-09-15 02:31 - 000000000 ____D C:\WINDOWS\INF
2019-02-22 09:07 - 2015-07-27 17:26 - 000000000 ____D C:\Program Files (x86)\Opera
2019-02-21 08:18 - 2018-09-15 11:36 - 000789634 _____ C:\WINDOWS\system32\perfh00A.dat
2019-02-21 08:18 - 2018-09-15 11:36 - 000155888 _____ C:\WINDOWS\system32\perfc00A.dat
2019-02-20 20:28 - 2017-05-31 09:08 - 000000000 ____D C:\Program Files\CONEXANT
2019-02-20 19:08 - 2017-05-31 09:09 - 001701376 _____ (TODO: <Company name>) C:\WINDOWS\SysWOW64\RebootPrompt.exe
2019-02-20 19:01 - 2018-07-15 11:47 - 000000000 ____D C:\ProgramData\Packages
2019-02-20 18:58 - 2018-09-15 02:23 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-02-20 18:18 - 2016-05-09 04:14 - 000000000 ___RD C:\Users\Dhayan Franco Rojas\3D Objects
2019-02-20 18:18 - 2016-02-13 08:08 - 000000000 __RHD C:\Users\Public\AccountPictures
2019-02-20 18:16 - 2016-09-13 07:36 - 000000000 ____D C:\Users\Dhayan Franco Rojas\AppData\Local\ConnectedDevicesPlatform
2019-02-20 18:14 - 2018-09-15 01:09 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2019-02-20 18:13 - 2018-09-15 02:33 - 000000000 ___RD C:\Program Files\Windows Defender
2019-02-20 18:13 - 2018-09-15 02:33 - 000000000 ____D C:\Program Files\windows nt
2019-02-20 18:08 - 2018-09-15 02:33 - 000000000 ____D C:\WINDOWS\Registration
2019-02-20 18:02 - 2018-09-15 02:33 - 000000000 ___RD C:\WINDOWS\PrintDialog
2019-02-20 18:01 - 2018-09-15 02:33 - 000000000 __RSD C:\WINDOWS\media
2019-02-20 18:01 - 2016-05-09 01:15 - 000023172 _____ C:\WINDOWS\system32\emptyregdb.dat
2019-02-20 17:48 - 2017-07-22 21:40 - 000000000 ____D C:\Users\Dhayan Franco Rojas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MECANOGRAFIA10
2019-02-20 17:48 - 2016-02-25 11:49 - 000000000 ____D C:\Users\Dhayan Franco Rojas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Thomson Heinle
2019-02-20 17:48 - 2015-07-25 22:08 - 000000000 ____D C:\Users\Dhayan Franco Rojas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2019-02-20 17:44 - 2018-08-05 20:57 - 000000000 ____D C:\Users\Dhayan Franco Rojas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo
2019-02-20 17:44 - 2018-01-20 23:58 - 000000000 ____D C:\Users\Dhayan Franco Rojas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Amazon
2019-02-20 17:44 - 2017-03-23 21:50 - 000000000 ____D C:\Users\Dhayan Franco Rojas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GitHub, Inc
2019-02-20 17:44 - 2016-02-20 00:09 - 000000000 ____D C:\Users\Dhayan Franco Rojas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Cambridge
2019-02-20 17:40 - 2016-01-26 12:45 - 000000000 ____D C:\Intel
2019-02-20 17:39 - 2018-09-15 02:33 - 000000000 ____D C:\ProgramData\USOPrivate
2019-02-20 17:38 - 2018-09-15 02:33 - 000000000 ____D C:\WINDOWS\ServiceState
2019-02-20 17:20 - 2018-09-15 02:36 - 000000000 ____D C:\WINDOWS\Setup
2019-02-20 16:20 - 2018-04-11 18:38 - 000000000 ____D C:\WINDOWS\InfusedApps
2019-02-20 16:18 - 2018-09-15 02:33 - 000000000 __RHD C:\Users\Public\Libraries
2019-02-20 15:56 - 2018-09-15 02:33 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2019-02-20 15:56 - 2018-09-15 02:33 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2019-02-20 15:56 - 2018-09-15 02:33 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2019-02-20 15:54 - 2018-10-09 22:20 - 000000000 ____D C:\WINDOWS\system32\Drivers\Lenovo
2019-02-20 15:54 - 2018-09-15 02:33 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2019-02-20 15:54 - 2018-09-15 02:33 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2019-02-20 15:54 - 2018-09-15 02:33 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2019-02-20 15:54 - 2018-09-15 02:33 - 000000000 ____D C:\WINDOWS\system32\et-EE
2019-02-20 15:52 - 2018-09-15 02:33 - 000000000 ____D C:\WINDOWS\Resources
2019-02-20 15:51 - 2018-09-15 02:33 - 000000000 ____D C:\WINDOWS\Help
2019-02-20 15:50 - 2017-05-31 09:08 - 000000000 ____D C:\Program Files\Synaptics
2019-02-20 15:50 - 2017-02-03 19:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities
2019-02-20 15:50 - 2016-07-02 08:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDC
2019-02-20 15:50 - 2016-02-20 00:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cambridge
2019-02-20 15:50 - 2016-02-14 19:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OUP
2019-02-20 15:20 - 2018-09-15 02:33 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2019-02-20 15:20 - 2018-09-15 02:33 - 000000000 ____D C:\WINDOWS\TextInput
2019-02-20 15:20 - 2018-09-15 02:33 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2019-02-20 15:20 - 2018-09-15 02:33 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2019-02-20 15:20 - 2018-09-15 02:33 - 000000000 ____D C:\WINDOWS\system32\migwiz
2019-02-20 15:20 - 2018-09-15 02:33 - 000000000 ____D C:\WINDOWS\system32\appraiser
2019-02-20 15:20 - 2018-09-15 01:09 - 000000000 ____D C:\WINDOWS\system32\Dism
2019-02-20 15:19 - 2018-09-15 11:38 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2019-02-20 15:19 - 2018-09-15 11:38 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2019-02-20 15:19 - 2018-09-15 02:33 - 000000000 ____D C:\WINDOWS\ShellExperiences
2019-02-20 15:19 - 2018-09-15 02:33 - 000000000 ____D C:\WINDOWS\ShellComponents
2019-02-20 15:19 - 2018-09-15 02:33 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-02-20 14:08 - 2018-09-15 02:33 - 000000000 ____D C:\WINDOWS\system32\es-MX
2019-02-20 14:06 - 2018-09-15 02:33 - 000000000 ____D C:\WINDOWS\SysWOW64\MUI
2019-02-20 14:06 - 2018-09-15 02:33 - 000000000 ____D C:\WINDOWS\system32\MUI
2019-02-20 13:44 - 2018-09-15 02:33 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX
2019-02-20 13:43 - 2018-09-15 11:37 - 000000000 ____D C:\WINDOWS\OCR
2019-02-20 11:33 - 2018-09-15 02:33 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2019-02-20 11:33 - 2018-09-15 02:33 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2019-02-20 11:33 - 2018-09-15 02:33 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2019-02-20 11:33 - 2018-09-15 02:31 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2019-02-20 11:33 - 2018-06-11 20:35 - 000000000 ____D C:\WINDOWS\SysWOW64\Packages
2019-02-20 11:33 - 2018-04-11 18:38 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2019-02-20 11:33 - 2017-05-31 09:10 - 000000000 ____D C:\WINDOWS\SysWOW64\sda
2019-02-20 11:33 - 2016-05-01 13:44 - 000000000 ____D C:\WINDOWS\SysWOW64\QuickTime
2019-02-20 11:33 - 2015-04-30 03:59 - 000000000 ____D C:\WINDOWS\SysWOW64\Lenovo
2019-02-20 11:32 - 2018-09-25 06:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mendeley Desktop
2019-02-20 11:32 - 2018-09-15 02:33 - 000000000 ____D C:\WINDOWS\system32\spool
2019-02-20 11:32 - 2018-09-15 02:33 - 000000000 ____D C:\WINDOWS\system32\oobe
2019-02-20 11:32 - 2018-09-15 02:33 - 000000000 ____D C:\WINDOWS\system32\NDF
2019-02-20 11:32 - 2018-09-15 02:33 - 000000000 ____D C:\WINDOWS\system32\Macromed
2019-02-20 11:32 - 2018-09-15 02:33 - 000000000 ____D C:\WINDOWS\system32\InputMethod
2019-02-20 11:32 - 2018-09-15 02:33 - 000000000 ____D C:\WINDOWS\InputMethod
2019-02-20 11:32 - 2018-09-15 02:33 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2019-02-20 11:32 - 2018-09-07 22:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lightworks
2019-02-20 11:32 - 2018-08-07 22:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo Migration Assistant
2019-02-20 11:32 - 2018-08-01 13:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\newfolder1
2019-02-20 11:32 - 2018-02-21 21:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2019-02-20 11:32 - 2018-01-18 00:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RStudio
2019-02-20 11:32 - 2017-12-12 22:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MX5
2019-02-20 11:32 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\system32\catroot2.bak
2019-02-20 11:32 - 2017-07-10 14:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IllustratorCs6
2019-02-20 11:32 - 2017-07-09 21:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TypingMaster
2019-02-20 11:32 - 2017-06-24 23:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TechSmith
2019-02-20 11:32 - 2017-06-24 23:08 - 000000000 ____D C:\ProgramData\regid.1995-08.com.techsmith
2019-02-20 11:32 - 2017-06-03 17:27 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Herramientas de Microsoft Office 2016
2019-02-20 11:32 - 2017-05-31 09:07 - 000000000 ____D C:\Program Files\Intel
2019-02-20 11:32 - 2017-05-24 13:49 - 000000000 ____D C:\Program Files\UNP
2019-02-20 11:32 - 2017-03-03 16:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS6
2019-02-20 11:32 - 2017-02-03 19:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon E400 series Manual
2019-02-20 11:32 - 2016-11-24 13:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Encarta
2019-02-20 11:32 - 2016-10-13 22:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2019-02-20 11:32 - 2016-09-13 04:08 - 000000000 ____D C:\Program Files (x86)\Lenovo
2019-02-20 11:32 - 2016-06-24 06:59 - 000000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2019-02-20 11:32 - 2016-05-01 13:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2019-02-20 11:32 - 2016-03-09 09:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SHAREit
2019-02-20 11:32 - 2016-01-26 12:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Recuva
2019-02-20 11:32 - 2015-08-14 13:06 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-02-20 11:32 - 2015-07-25 22:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2019-02-20 11:32 - 2015-07-20 23:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2019-02-20 11:32 - 2015-04-30 04:22 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink Power2Go 8
2019-02-20 11:32 - 2015-04-30 04:21 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDirector 10
2019-02-20 11:32 - 2015-04-30 04:15 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo
2019-02-20 11:32 - 2015-04-30 03:59 - 000000000 ____D C:\WINDOWS\system32\Lenovo
2019-02-20 11:32 - 2015-04-30 03:54 - 000000000 ___HD C:\WINDOWS\system32\WLANProfiles
2019-02-20 11:32 - 2015-04-30 03:34 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2019-02-20 11:32 - 2013-08-22 10:36 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy
2019-02-20 11:32 - 2013-08-22 10:36 - 000000000 ____D C:\WINDOWS\system32\WindowsInternal.Inbox.Shared
2019-02-20 11:32 - 2013-08-22 10:36 - 000000000 ____D C:\WINDOWS\system32\WindowsInternal.Inbox.Media.Shared
2019-02-20 00:03 - 2018-01-24 08:47 - 000000000 ____D C:\Users\Dhayan Franco Rojas\Documents\archivador personal
2019-02-18 19:13 - 2017-12-06 23:39 - 000000000 ___HD C:\Users\Dhayan Franco Rojas\MicrosoftEdgeBackups
2019-02-16 22:24 - 2017-07-10 14:32 - 000000000 ____D C:\ProgramData\IObit
2019-02-16 22:24 - 2017-07-10 14:32 - 000000000 ____D C:\Program Files (x86)\IObit
2019-02-16 20:02 - 2018-08-11 22:41 - 000000000 ____D C:\Users\Dhayan Franco Rojas\AppData\Local\D3DSCache
2019-02-15 09:29 - 2018-07-05 19:56 - 000000000 ____D C:\Program Files\rempl
2019-02-13 22:45 - 2017-07-07 21:02 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2019-02-13 22:45 - 2015-07-27 17:37 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-02-13 14:55 - 2015-07-27 17:37 - 000001182 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2019-02-12 14:56 - 2015-08-14 13:06 - 129330784 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-02-11 22:08 - 2015-04-30 03:31 - 000000000 ____D C:\ProgramData\Package Cache
2019-02-11 13:01 - 2018-12-19 16:44 - 000000000 ___HD C:\Users\Dhayan Franco Rojas\Documen
2019-02-11 12:17 - 2015-04-30 03:59 - 000000000 ____D C:\ProgramData\Lenovo
2019-02-11 10:18 - 2015-07-24 23:26 - 000000000 ____D C:\Users\Dhayan Franco Rojas\AppData\Local\ElevatedDiagnostics
2019-02-10 19:37 - 2015-04-30 03:40 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2019-02-10 19:37 - 2015-04-30 03:40 - 000000000 ____D C:\Program Files (x86)\Realtek
2019-02-10 10:21 - 2015-11-24 19:24 - 000000000 __RDO C:\Users\Dhayan Franco Rojas\OneDrive
2019-02-08 12:55 - 2018-04-05 18:09 - 000000000 ____D C:\Users\Dhayan Franco Rojas\Downloads\falta clasificar
2019-02-03 20:55 - 2015-07-27 17:37 - 000000000 ____D C:\ProgramData\Mozilla
2019-01-31 21:46 - 2018-01-18 00:26 - 000000000 ____D C:\Users\Dhayan Franco Rojas\AppData\Roaming\RStudio
2019-01-31 21:46 - 2018-01-18 00:25 - 000000000 ____D C:\Users\Dhayan Franco Rojas\AppData\Local\RStudio-Desktop
2019-01-31 21:21 - 2018-01-18 00:25 - 001235968 _____ C:\Users\Dhayan Franco Rojas\AppData\Local\WebpageIcons.db
2019-01-30 13:49 - 2016-01-01 22:32 - 000000000 ____D C:\Users\Dhayan Franco Rojas\AppData\Roaming\vlc
2019-01-25 17:32 - 2018-06-07 12:42 - 000000000 ____D C:\Users\Dhayan Franco Rojas\AppData\Roaming\Zoom

==================== Files in the root of some directories =======

2019-02-10 19:56 - 2019-02-10 19:56 - 000000324 _____ () C:\Users\Dhayan Franco Rojas\AppData\Local\config.ini
2016-02-25 18:51 - 2018-03-25 23:25 - 000023040 _____ () C:\Users\Dhayan Franco Rojas\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2018-01-17 22:07 - 2018-01-17 22:07 - 000000036 _____ () C:\Users\Dhayan Franco Rojas\AppData\Local\housecall.guid.cache
2018-09-27 23:54 - 2018-09-27 23:54 - 000000000 _____ () C:\Users\Dhayan Franco Rojas\AppData\Local\oobelibMkey.log
2017-07-21 16:25 - 2017-07-21 16:25 - 000002237 _____ () C:\Users\Dhayan Franco Rojas\AppData\Local\recently-used.xbel
2016-12-08 06:41 - 2016-12-08 06:41 - 000007597 _____ () C:\Users\Dhayan Franco Rojas\AppData\Local\Resmon.ResmonCfg
2019-02-10 19:38 - 2019-02-10 19:55 - 000000000 _____ () C:\Users\Dhayan Franco Rojas\AppData\Local\simedit.log
2018-01-18 00:25 - 2019-01-31 21:21 - 001235968 _____ () C:\Users\Dhayan Franco Rojas\AppData\Local\WebpageIcons.db

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\dllhost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\dllhost.exe => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 24.02.2019 02
Ran by Dhayan Franco Rojas (24-02-2019 23:02:34)
Running from C:\Users\Dhayan Franco Rojas\Desktop
Windows 10 Home Single Language Version 1809 17763.316 (X64) (2019-02-20 23:15:58)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrador (S-1-5-21-730528100-2434808331-2332212028-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-730528100-2434808331-2332212028-503 - Limited - Disabled)
Dhayan Franco Rojas (S-1-5-21-730528100-2434808331-2332212028-1001 - Administrator - Enabled) => C:\Users\Dhayan Franco Rojas
Invitado (S-1-5-21-730528100-2434808331-2332212028-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-730528100-2434808331-2332212028-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Disabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC - Español (HKLM-x32\...\{AC76BA86-7AD7-1034-7B44-AC0F074E4100}) (Version: 19.010.20098 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.142 - Adobe Systems Incorporated)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.142 - Adobe Systems Incorporated)
Adobe Photoshop CS6 versión 13.0.1 (HKLM-x32\...\{A724DC44-6241-42D3-BA57-778B178ABC17}_is1) (Version: 13.0.1 - Adobe Systems, Inc.)
Amazon Kindle (HKU\S-1-5-21-730528100-2434808331-2332212028-1001\...\Amazon Kindle) (Version: 1.21.0.48017 - Amazon)
Atom (HKU\S-1-5-21-730528100-2434808331-2332212028-1001\...\atom) (Version: 1.28.1 - GitHub Inc.)
Barra de búsqueda de Encarta (64 bits) (HKLM\...\{08144040-959A-4B0D-8825-2C533F0DDB19}) (Version: 1.0.0 - Microsoft)
Cambridge Advanced Learner's Dictionary - 3rd Edition (HKLM-x32\...\NSIS_cald3) (Version:  - )
Camtasia Studio 8 (HKLM-x32\...\{BFA04EE0-8240-4667-8D53-45496A901C33}) (Version: 8.1.2.1327 - TechSmith Corporation)
Canon E400 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_E400_series) (Version: 1.00 - Canon Inc.)
Canon E400 series On-screen Manual (HKLM-x32\...\Canon E400 series On-screen Manual) (Version: 7.6.1 - Canon Inc.)
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.7.0.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: 1.1.5.14 - Canon Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 4.2.0 - Canon Inc.)
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 2.1.0 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.2.0 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.3.0 - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.30 - Piriform)
Conexant Audio Filter Agent (HKLM\...\cAudioFilterAgent) (Version: 1.7.83.0 - Conexant Systems)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.66.27.55 - Conexant)
Corel Graphics - Windows Shell Extension (HKLM\...\_{340C451C-F2FD-4309-B259-580FD5E44025}) (Version: 18.1.0.661 - Corel Corporation)
Corel Graphics - Windows Shell Extension (HKLM\...\{340C451C-F2FD-4309-B259-580FD5E44025}) (Version: 18.1.661 - Corel Corporation) Hidden
Corel Graphics - Windows Shell Extension 32 Bit Keys (HKLM\...\{B86D7255-2418-45F1-A36F-7E1FF617550C}) (Version: 18.1.661 - Corel Corporation) Hidden
CxAudMsg (HKLM\...\CxAudMsg) (Version:  - )
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.0.4505 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM\...\{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.2810 - CyberLink Corp.) Hidden
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.2810 - CyberLink Corp.)
Dependency Package Update (HKLM\...\{0788641D-D31A-478D-BB34-C41564AE9F93}) (Version: 1.6.38.00 - Lenovo Inc.) Hidden
Dependency Package Update (HKLM\...\{5252431C-288E-409D-ADCF-24407E0E6F70}) (Version: 1.6.29.00 - Lenovo Inc.) Hidden
Dependency Package Update (HKLM\...\{FFED38DF-94DC-4FF9-96C1-A6990EDA6B03}) (Version: 1.6.29.00 - Lenovo Inc.) Hidden
Dependency Package Update (HKLM-x32\...\{1D2682EA-75DD-44B6-BF2D-CD3C49EAD012}) (Version: 1.6.38.01 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{3117B53D-A409-4D99-A0DE-11A1A40696FA}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{4430150F-61B3-4142-BE04-EAC68C8DDA18}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{4AF6C9BC-D8DB-4286-94D9-474CE54ADAA2}) (Version: 1.6.38.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{503B47A9-E34A-4841-ADD7-417191D5DB5E}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{546FF45D-2467-4950-AAFB-0A06ACBB6B2C}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{5B2190E9-199D-450A-94B3-4D6826C770C2}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{5BEFE1E1-F597-4B79-913B-15FFDB25B744}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{63DE35C9-B080-4D03-B110-99E14FD35BCE}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{65316098-0220-4D5C-B37A-6136083A0897}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{E966DBE4-5075-465E-BA81-BC9A3A3204B3}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dolby Digital Plus Advanced Audio (HKLM\...\{B0BFC63F-EA07-419E-960B-3FB2ED5DD0B2}) (Version: 7.6.5.1 - Dolby Laboratories Inc)
DolbyGUI (HKLM\...\DolbyGUI) (Version:  - Conexant Systems)
Eines de correcció del Microsoft Office 2016: català (HKLM-x32\...\{90160000-001F-0403-0000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Epi Info 7 (HKLM-x32\...\{B201E443-9BCD-4DAD-9FD7-11860A242199}) (Version: 7.2.0.1 - CDC)
Ferramentas de verificación de Microsoft Office 2016 - Galego (HKLM-x32\...\{90160000-001F-0456-0000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Forte Config (HKLM\...\ForteConfig) (Version: 1.0.0.0 - Conexant Systems)
Ghostscript GPL 8.64 (Msi Setup) (HKLM-x32\...\_{06CD45E6-FF5E-4D8E-BC01-B276A90DADF2}) (Version: 8.64 - Corel Corporation)
Ghostscript GPL 8.64 (Msi Setup) (HKLM-x32\...\{06CD45E6-FF5E-4D8E-BC01-B276A90DADF2}) (Version: 8.64 - Corel Corporation) Hidden
GIMP 2.10.6 (HKLM\...\GIMP-2_is1) (Version: 2.10.6 - The GIMP Team)
Google Earth Pro (HKLM\...\{F914BC59-918A-498F-B2E3-B274C9CB48A8}) (Version: 7.3.2.5491 - Google)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
Herramientas de corrección de Microsoft Office 2016: español (HKLM-x32\...\{90160000-001F-0C0A-0000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
IllustratorCs6 versión 16.0 (HKLM-x32\...\{B558D09D-AF45-4008-B73B-409706BC7FF8}_is1) (Version: 16.0 - Nws)
Intel(R) C++ Redistributables for Windows* on Intel(R) 64 (HKLM-x32\...\{D2437C5C-2D8C-40D2-8059-689AD7239FA3}) (Version: 11.1.048 - Intel Corporation)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1008 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.6.0.1025 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4531 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 13.6.2.1001 - Intel Corporation)
Intel(R) Update Manager (HKLM-x32\...\{7224B7CE-196C-4E2A-A1AE-1D7BF259FD36}) (Version: 3.4.1942 - Intel Corporation)
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{667DD389-1751-45C8-B864-1E5F83D6C588}) (Version: 17.1.1433.02 - Intel Corporation)
Java 8 Update 201 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180201F0}) (Version: 8.0.2010.9 - Oracle Corporation)
Java 8 Update 202 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180202F0}) (Version: 8.0.2020.8 - Oracle Corporation)
Lenovo Diagnostics Tool Lite (HKLM\...\{7B3D3612-92C8-483A-9E2C-C2A50EE8343C}) (Version: 4.22.0 - Lenovo)
Lenovo EasyCamera (HKLM-x32\...\{399C37FB-08AF-493B-BFED-20FBD85EDF7F}) (Version: 6.0.1324.7_WHQL - Sonix)
Lenovo FusionEngine  (HKLM-x32\...\Lenovo FusionEngine) (Version: 1.0.13.0 - Lenovo, Inc.)
Lenovo Migration Assistant (HKLM\...\Lenovo Migration Assistant_is1) (Version: 1.0.2.6 - Lenovo)
Lenovo Mobile Phone Wireless Import (HKLM-x32\...\{DFB2E0D6-8DDE-49A4-B8F7-03C14DACCBA6}) (Version: 1.1.1.9 - Lenovo) Hidden
Lenovo Mobile Phone Wireless Import (HKLM-x32\...\InstallShield_{DFB2E0D6-8DDE-49A4-B8F7-03C14DACCBA6}) (Version: 1.1.1.9 - Lenovo)
Lenovo OneKey Recovery (HKLM\...\{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.5708 - CyberLink Corp.) Hidden
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.5708 - CyberLink Corp.)
Lenovo Patch Utility (HKLM-x32\...\{E8F27ADF-B1ED-41AF-A7EF-D5E71778480C}) (Version: 1.3.2.6 - Lenovo Group Limited) Hidden
Lenovo Patch Utility 64 bit (HKLM\...\{49A09C2C-FFF4-478E-B397-5E0979F67F5D}) (Version: 1.3.2.6 - Lenovo Group Limited) Hidden
Lenovo PhoneCompanion (HKLM-x32\...\{0F82EA83-B0C5-4AB9-9695-DFE92C5FD57B}) (Version: 2.0.0.19 - Lenovo) Hidden
Lenovo PhoneCompanion (HKLM-x32\...\InstallShield_{0F82EA83-B0C5-4AB9-9695-DFE92C5FD57B}) (Version: 2.0.0.19 - Lenovo)
Lenovo Photo Master (HKLM-x32\...\{BC94C56A-3649-420C-8756-2ADEBE399D33}) (Version: 2.5.5720.01 - CyberLink Corp.)
Lenovo PowerDVD10 (HKLM-x32\...\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.6806.52 - CyberLink Corp.) Hidden
Lenovo PowerDVD10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.6806.52 - CyberLink Corp.)
Lenovo Service Bridge (HKU\S-1-5-21-730528100-2434808331-2332212028-1001\...\{2C74547D-EF88-47F4-85F5-BE46A31E26B7}_is1) (Version: 4.0.6.6 - Lenovo)
Lenovo System Update (HKLM-x32\...\TVSU_is1) (Version: 5.07.0074 - Lenovo)
Lightworks (HKLM-x32\...\{E94DD4E4-7746-472c-AA7B-1242FED0CFC8}) (Version: 14.5.0.0 - EditShare)
Malwarebytes versión 3.7.1.2839 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.7.1.2839 - Malwarebytes)
Manuales de usuario (HKLM-x32\...\{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 3.0.0.3 - Lenovo) Hidden
McAfee WebAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.1.0.23 - McAfee, Inc.)
Mecanografía 10 v2.6 (HKLM-x32\...\Mecanografía 10) (Version: v2.6 - Zikitrake Soft)
Mendeley Desktop 1.19.2 (HKLM-x32\...\Mendeley Desktop) (Version: 1.19.2 - Mendeley Ltd.)
Metric Collection SDK 35 (HKLM-x32\...\{C2B5B5B0-2545-4E94-B4BA-548D4BF0B196}) (Version: 1.2.0006.00 - Lenovo Group Limited) Hidden
Microsoft Encarta 2009 Biblioteca Premium (HKLM-x32\...\{09140081-2C94-4A67-8E55-8483C019C7D2}) (Version: 2009 - Microsoft Corporation)
Microsoft Office Hogar y Estudiantes 2013 - es-es (HKLM\...\HomeStudentRetail - es-es) (Version: 15.0.5101.1002 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-730528100-2434808331-2332212028-1001\...\OneDriveSetup.exe) (Version: 19.002.0107.0008 - Microsoft Corporation)
Microsoft Visio Professional 2016 (HKLM-x32\...\Office16.VISPRO) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23918 (HKLM-x32\...\{dab68466-3a7d-41a8-a5cf-415e3ff8ef71}) (Version: 14.0.23918.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2015 (HKLM-x32\...\{dd8b09df-3ef8-49f1-bd1a-65278435860b}) (Version: 14.0.23217 - Microsoft Corporation)
Mozilla Firefox 65.0.1 (x64 es-ES) (HKLM\...\Mozilla Firefox 65.0.1 (x64 es-ES)) (Version: 65.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 65.0.1.6981 - Mozilla)
Office 15 Click-to-Run Extensibility Component (HKLM-x32\...\{90150000-008C-0000-0000-0000000FF1CE}) (Version: 15.0.5101.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (HKLM\...\{90150000-008F-0000-1000-0000000FF1CE}) (Version: 15.0.5101.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (HKLM-x32\...\{90150000-008C-0C0A-0000-0000000FF1CE}) (Version: 15.0.5101.1002 - Microsoft Corporation) Hidden
OneKey Optimizer (HKLM-x32\...\{D5D573DC-D989-4769-9B56-D6A7EA503D7F}) (Version: 1.3.0.10 - Lenovo) Hidden
OneKey Optimizer (HKLM-x32\...\InstallShield_{D5D573DC-D989-4769-9B56-D6A7EA503D7F}) (Version: 1.3.0.10 - Lenovo)
Opera Stable 57.0.3098.102 (HKLM-x32\...\Opera 57.0.3098.102) (Version: 57.0.3098.102 - Opera Software)
Opera Stable 58.0.3135.68 (HKLM-x32\...\Opera 58.0.3135.68) (Version: 58.0.3135.68 - Opera Software)
Oxford Pocket Genie (HKLM-x32\...\dop) (Version:  - )
Paquete de controladores de Windows - Lenovo (ACPIVPC) System  (09/24/2013 19.29.2.34) (HKLM\...\EE9B1F2037C580F36D92FA431CC02BFF04C31F15) (Version: 09/24/2013 19.29.2.34 - Lenovo)
Paquete de controladores de Windows - Lenovo (WUDFRd) LenovoVhid  (07/25/2013 10.30.0.288) (HKLM\...\6BCA401E9CBEED970D75F55FA5320F60D11984E9) (Version: 07/25/2013 10.30.0.288 - Lenovo)
Paquete de idioma de Microsoft Visual Studio 2010 Tools para Office Runtime (x64) - ESN (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - ESN) (Version: 10.0.50903 - Microsoft Corporation)
Programa de Declaración Telemática (HKLM-x32\...\{A6E23415-7BA4-4CA3-99DA-B7F9D33E1F5B}) (Version:  - )
PSeInt (HKLM-x32\...\PSeInt) (Version:  - )
QuickTime (HKLM-x32\...\QuickTime) (Version:  - )
R for Windows 3.5.2 (HKLM\...\R for Windows 3.5.2_is1) (Version: 3.5.2 - R Core Team)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.39059 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.33.529.2014 - Realtek)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.00042 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
Revisores de Texto do Microsoft Office 2016 – Português (Brasil) (HKLM-x32\...\{90160000-001F-0416-0000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
RStudio (HKLM-x32\...\RStudio) (Version: 1.1.414 - RStudio)
Scratch Desktop 1.2.0 (HKU\S-1-5-21-730528100-2434808331-2332212028-1001\...\bad79d23-e888-5a7b-9e99-60ee89b6c8bf) (Version: 1.2.0 - Massachusetts Institute of Technology)
SIGNNET_SERVICES versión 1.0 (HKLM\...\{CE880623-08A9-4B47-8C2F-B971DA24ABDC}_is1) (Version: 1.0 - SOFT & NET)
Software Intel® PROSet/Wireless (HKLM-x32\...\{aa2c2346-d0c0-4d3e-9ab1-11a48b4cb9f3}) (Version: 19.20.3 - Intel Corporation)
Software para dispositivos de chipset Intel® (HKLM-x32\...\{60c073df-e736-4210-9c3a-5fc2b651cef3}) (Version: 10.1.1.7 - Intel(R) Corporation) Hidden
SurfEasy VPN 3.12.581 (HKLM-x32\...\SurfEasy VPN) (Version: 3.12.581 - SurfEasy Inc)
TypingMaster Pro (HKLM-x32\...\{98B6FB8A-8638-4037-AD44-CF7D0EEAB875}_is1) (Version: 7.10 - TypingMaster Inc)
Update for Skype for Business 2016 (KB4462114) 32-Bit Edition (HKLM-x32\...\{90160000-002A-0000-1000-0000000FF1CE}_Office16.VISPRO_{C8F90D92-DE58-4C46-B39E-B21F758EA66E}) (Version:  - Microsoft)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{C99F4AFA-B32C-4063-865C-D7B5CC0A78FB}) (Version: 2.54.0.0 - Microsoft Corporation)
User Manuals (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 3.0.0.3 - Lenovo)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
WinRAR 5.31 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH)
Zoom (HKU\S-1-5-21-730528100-2434808331-2332212028-1001\...\ZoomUMX) (Version: 4.3 - Zoom Video Communications, Inc.)
Zotero (HKLM-x32\...\Zotero 5.0.47 (x86 en-US)) (Version: 5.0.47 - Corporation for Digital Scholarship)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-730528100-2434808331-2332212028-1001_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6}\InprocServer32 -> C:\WINDOWS\system32\shell32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-730528100-2434808331-2332212028-1001_Classes\CLSID\{0B7AD8D3-094A-44DE-A348-83C6C3FA347C}\InprocServer32 -> C:\Users\Dhayan Franco Rojas\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Clipboarder.gadget\Release\Clipboarder64.dll (Helmut Buhler) [File not signed]
CustomCLSID: HKU\S-1-5-21-730528100-2434808331-2332212028-1001_Classes\CLSID\{0E7BE950-4ACC-47CB-834B-41A8B96BBFF9}\InprocServer32 -> C:\Users\Dhayan Franco Rojas\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Sidebar7.gadget\Release\Sidebar7.64.dll (Helmut Buhler) [File not signed]
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ContextMenuHandlers1: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2014-09-28] (CyberLink Corp. -> Cyberlink)
ContextMenuHandlers1: [McCtxMenuFrmWrk] -> {CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} =>  -> No File
ContextMenuHandlers1: [SHAREit.FileContextMenuExt] -> {430BD134-576D-4E75-87CD-0F5C6221A82B} => C:\Program Files (x86)\Lenovo\SHAREit\ShellEx\ShellExt64.dll [2015-06-09] (LENOVO -> Lenovo)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-02-04] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-02-04] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2014-09-28] (CyberLink Corp. -> Cyberlink)
ContextMenuHandlers3: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers4: [SHAREit.FileContextMenuExt] -> {430BD134-576D-4E75-87CD-0F5C6221A82B} => C:\Program Files (x86)\Lenovo\SHAREit\ShellEx\ShellExt64.dll [2015-06-09] (LENOVO -> Lenovo)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2017-12-01] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [McCtxMenuFrmWrk] -> {CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} =>  -> No File
ContextMenuHandlers6: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-02-04] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-02-04] (win.rar GmbH -> Alexander Roshal)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {01611563-6730-4EDA-8203-762480EA6604} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe
Task: {02DBB415-707F-4486-A95B-4D911BC03791} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {0321F5C2-3CDD-4919-A25A-501651635781} - System32\Tasks\{A636331C-9D41-4858-8B08-DA5CDD95F9F4} => C:\WINDOWS\system32\pcalua.exe -a E:\Setup.exe -d E:\
Task: {0389C988-A594-4710-9A15-822A00E9029F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {03F53B68-899B-4A3F-9013-AF915D6AB6C5} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe (Piriform Ltd -> Piriform Ltd)
Task: {0DD60C50-EDD2-41B7-8476-6B0E9BC1551F} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {0DE8D591-100A-442D-96EB-DB43675AE79C} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {110B1B06-2C1F-4F84-8498-DFD7825BD3B2} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {12AE9A2F-46FF-435B-9C59-7C9E3ECF0175} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {19BE55CB-1224-4F86-9285-A990DFBCD4AE} - System32\Tasks\{3802A363-28ED-42D9-BB42-CAD22A337022} => C:\WINDOWS\system32\pcalua.exe -a E:\Setup.exe -d E:\
Task: {1CF10479-2195-42ED-9641-90909B804223} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1902.2-0\MpCmdRun.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {22A17725-308A-4224-A8C6-3F47D512798F} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\c393d7e8-a27b-4e32-ae3a-07e3a34b0da5 => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe (Lenovo -> Lenovo Group Ltd.)
Task: {230FC6E5-F56B-4E8E-9D6A-D1E7D442D37E} - System32\Tasks\Microsoft\Windows\PLA\LSC Memory => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\pla.dll,PlaHost "LSC Memory" "$(Arg0)"
Task: {238FFE9F-0DB3-4BC2-99FF-BF2814D537CF} - \Microsoft\Windows\Setup\gwx\rundetector -> No File <==== ATTENTION
Task: {2502F33F-98AD-4995-8F37-11452797C87A} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {2919EC29-969D-47BE-89C8-290649EB8F50} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {298EE63E-9CEE-41F4-9F83-9E94469E1EAD} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => C:\Program Files\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe
Task: {2AFE6628-D974-4E9D-965B-880CB8CD013C} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {31CA4B3E-39F4-40C2-9EB4-E3455D05F682} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1902.2-0\MpCmdRun.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {32B7D2D3-A434-4D5E-ADE0-756B7441AEE8} - System32\Tasks\{43A02C38-DC24-440C-BF32-5875A8430AAC} => C:\WINDOWS\system32\pcalua.exe -a "C:\Program Files (x86)\Canon\IJPLM\SETUP.EXE" -c -C
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {46D616F6-0362-413A-B81B-622CF5E6F0DA} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe (Intel(R) Update Manager -> Intel Corporation)
Task: {472479BD-43F9-4967-85F0-002E47D977D9} - System32\Tasks\TVT\TVSUUpdateTask_UserLogOn => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe (Lenovo -> )
Task: {48952BCC-6466-4008-9174-EFDC4C963610} - System32\Tasks\Lenovo\Lenovo Service Bridge\S-1-5-21-730528100-2434808331-2332212028-1001 => C:\Users\Dhayan Franco Rojas\AppData\Local\Programs\Lenovo\Lenovo Service Bridge\LSBUpdater.exe (Lenovo (Beijing) Limited -> Lenovo Group Limited)
Task: {48B90791-BE60-4CAE-A8E4-D2EECDECCC7F} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => "%windir%\system32\sc.exe" START ImControllerService
Task: {4B1458F8-1FBC-426F-B956-05BED088B34D} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe (Lenovo -> )
Task: {6404C21C-8C7E-4AE9-BC22-FCCB451B2ACD} - System32\Tasks\CyberLink\Photo Master Gadget startup => C:\Program Files (x86)\Lenovo\Lenovo Photo Master\PhotoMasterWorker.exe (CyberLink Corp. -> CyberLink Corp.)
Task: {6C3AC43D-AB3D-4E22-BC56-62056E974E5F} - System32\Tasks\{A9721BFA-2F9C-45F8-86A4-A38D58448208} => C:\WINDOWS\system32\pcalua.exe -a "C:\Program Files (x86)\QSocial\QSocial_Installer.exe" -c  /uninstall
Task: {730E331F-2A9E-47BA-B994-4D3CE3D6FFF2} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => %windir%\System32\reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler  /v start /t reg_dword /d 1 /f /reg:32
Task: {76FE23CE-5AF2-405D-A2CE-DFBA0F0C7263} - System32\Tasks\S-1-5-21-730528100-2434808331-2332212028-1001\DataSenseLiveTileTask => C:\WINDOWS\System32\DataUsageLiveTileTask.exe (Microsoft Windows -> Microsoft Corporation)
Task: {780D57F8-4141-4723-A125-6579D41EC0CE} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_142_pepper.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {80C25392-9FF3-4D23-ADFB-5DBD999D24B9} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {86F3F7A2-6416-41F6-B93A-62D11E508641} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {872DB164-EE24-4F3B-89BB-935BA2C9DCA9} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => C:\Program Files (x86)\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe (LENOVO -> Lenovo)
Task: {87F6A213-B08B-4C79-A8C5-DBF2CBAFBFC2} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_142_Plugin.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {89D66E60-8099-42B9-89D4-FD459BE9DC5F} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION
Task: {8B2415A4-B486-41E3-98E1-90A73883E30D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1902.2-0\MpCmdRun.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {8EB77847-9D68-4F57-91B6-815BC779F98A} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\643af9e7-e386-46a4-a4e3-9278f81b15ab => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe (Lenovo -> Lenovo Group Ltd.)
Task: {918702BF-691E-4246-808B-CE57C9D43926} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1902.2-0\MpCmdRun.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {91DA0E81-9900-4A58-B308-EFDB0CD42418} - System32\Tasks\McAfee\McAfee Auto Maintenance Task Agent
Task: {92C239A0-D2D8-4768-BAD2-94C34F332345} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {92CDC801-0081-4B3D-BF8D-7430D7EEC882} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe (LENOVO -> Lenovo)
Task: {96649064-3315-452B-B352-FA4F399D4C2B} - System32\Tasks\Lenovo\Dependency Package Auto Update => C:\Program Files\Lenovo\iMController\AutoUpdate.exe (LENOVO -> )
Task: {9915A635-6483-4A9C-8FD4-8ECBCFEFDE15} - System32\Tasks\Uninstaller_SkipUac_Dhayan_Franco_Rojas => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe
Task: {993C9A35-112B-4D92-BD79-77EA238E2218} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {A36B62EC-8DA5-42CF-8D2C-F4627EC2FC4A} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {A7B2CDF9-15A1-488F-A9E1-8E282364AC26} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {AD7534CC-4182-47E7-8E28-8495D904565E} - System32\Tasks\Opera scheduled Autoupdate 1438036071 => C:\Program Files (x86)\Opera\launcher.exe (Opera Software AS -> Opera Software)
Task: {B396E92B-109C-4CD8-8631-F9E59967004C} - \WPD\SqmUpload_S-1-5-21-730528100-2434808331-2332212028-1001 -> No File <==== ATTENTION
Task: {B98031C1-4FDF-4754-BC45-02FA3947DCEB} - System32\Tasks\Maxthon5 Update => C:\Program Files (x86)\Maxthon5\Bin\Maxthon.exe
Task: {BD0778C5-8ABB-4564-B1AC-D5F9EB839612} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe (Intel(R) Update Manager -> Intel Corporation)
Task: {C71772AB-2918-4842-9660-4DEE654F2DD3} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Monitor => C:\WINDOWS\system32\ImController.InfInstaller.exe (Lenovo -> Lenovo Group Ltd.)
Task: {CF2DF8ED-3375-4756-A620-7EFD61F3E359} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {D1146774-FD92-4367-AFE8-FCC170C37B8D} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {D2AA9A82-4D5F-46C9-B22F-5C89EB166FA4} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\d8f5af19-5c83-4022-9b89-17672d2b515a => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe (Lenovo -> Lenovo Group Ltd.)
Task: {D4BD002A-7040-462E-BFCF-ED357DC5138D} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {D51DB83E-2DBC-49FC-9A15-226CB7615D0B} - System32\Tasks\PDVDServ Task => C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.EXE (CyberLink Corp. -> CyberLink Corp.)
Task: {E45B635F-C1D7-4508-AFB1-EDFCAC17C443} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {E4CCA408-2EE1-49A3-A0D5-5D59E0392137} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {EA30451E-53E7-4289-B493-0302FDCDE4F4} - System32\Tasks\{C3298083-BE4E-407E-AFEC-E92C8D44901D} => C:\WINDOWS\system32\pcalua.exe -a E:\Autorun.exe -d E:\ -c HKEY_LOCAL_MACHINE\SOFTWARE\OUP\DOP\Execute Setup.exe
Task: {EDF407D6-0BBA-4DD1-BCD0-16C027923397} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {F2F903FF-6E04-4528-AE13-FDB33AD1D06C} - System32\Tasks\AdobeGCInvoker-1.0-Lenovo-PC-Dhayan Franco Rojas => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
Task: {FE6668FD-8089-40AF-838C-FEA2C6DCE5B4} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\5174b1c1-c99b-4728-9c55-97c43d348d6f => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe (Lenovo -> Lenovo Group Ltd.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Uninstaller_SkipUac_Dhayan_Franco_Rojas.job => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2019-02-16 20:29 - 2019-02-01 09:56 - 000438272 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5WinExtras.dll
2019-02-16 20:29 - 2019-02-01 09:56 - 003084800 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Quick.dll
2019-02-16 20:29 - 2019-02-01 09:56 - 005139968 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Gui.dll
2019-02-16 20:29 - 2019-02-01 09:56 - 002950144 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Qml.dll
2019-02-16 20:29 - 2019-02-01 09:55 - 005010944 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Core.dll
2019-02-16 20:29 - 2019-02-01 09:56 - 004571648 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Widgets.dll
2019-02-16 20:29 - 2019-02-01 09:56 - 002234880 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Network.dll
2019-02-16 20:29 - 2019-02-01 09:56 - 001181184 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\platforms\qwindows.dll
2019-02-16 20:29 - 2019-02-01 09:56 - 000124928 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\styles\qwindowsvistastyle.dll
2019-02-16 20:29 - 2019-02-01 09:56 - 000026112 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\imageformats\qico.dll
2019-02-16 20:29 - 2019-02-01 09:56 - 000020992 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\imageformats\qsvg.dll
2019-02-16 20:29 - 2019-02-01 09:56 - 000259584 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Svg.dll
2019-02-16 20:29 - 2019-02-01 09:56 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick.2\qtquick2plugin.dll
2019-02-16 20:29 - 2019-02-01 09:56 - 000729088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls\qtquickcontrolsplugin.dll
2019-02-16 20:29 - 2019-02-01 09:56 - 000073216 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Layouts\qquicklayoutsplugin.dll
2019-02-16 20:29 - 2019-02-01 09:56 - 000179712 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Dialogs\dialogplugin.dll
2019-02-16 20:29 - 2019-02-01 09:56 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Window.2\windowplugin.dll
2019-02-16 20:29 - 2019-02-01 09:56 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQml\Models.2\modelsplugin.dll
2019-02-16 20:29 - 2019-02-01 09:56 - 000101888 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\PrivateWidgets\widgetsplugin.dll
2019-02-16 20:29 - 2019-02-01 09:56 - 000035328 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\iconengines\qsvgicon.dll
2015-04-30 04:23 - 2015-04-30 04:23 - 000348160 _____ (Microsoft Corporation) [File not signed] C:\Program Files (x86)\Lenovo\PowerDVD10\MSVCR71.dll
2015-01-27 12:33 - 2015-01-27 12:33 - 000285696 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\PsiData.dll
2015-01-27 12:33 - 2015-01-27 12:33 - 000541696 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\ISDI2.dll
2018-11-07 19:34 - 2018-08-12 21:29 - 001255424 _____ (Robert Simpson, et al.) [File not signed] C:\ProgramData\Lenovo\iMController\Plugins\GenericMessagingPlugin\x86\x86\SQLite.Interop.dll
2018-08-05 21:14 - 2016-09-22 01:11 - 002113536 _____ (Python Software Foundation) [File not signed] C:\Program Files (x86)\Lenovo\Lenovo Photo Master\koan\python25.dll
2019-02-20 17:47 - 2019-02-20 17:47 - 001093120 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f\MFC80U.DLL
2018-08-05 21:14 - 2016-09-22 01:06 - 001732608 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Lenovo\Lenovo Photo Master\subsys\PyImage\ijl20.dll
2018-08-05 21:12 - 2016-09-22 01:11 - 000081920 _____ () [File not signed] C:\Program Files (x86)\Lenovo\Lenovo Photo Master\koan\_ctypes.pyd

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\Temp:1FCE3F44 [121]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

HKU\S-1-5-21-730528100-2434808331-2332212028-1001\Software\Classes\regfile: regedit.exe "%1" <==== ATTENTION

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 08:25 - 2019-02-16 22:17 - 000000826 _____ C:\WINDOWS\system32\drivers\etc\hosts


2017-06-04 15:30 - 2017-09-18 18:44 - 000000520 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path: C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\Java\javapath;%C_EM64T_REDIST11%bin\Intel64;C:\Program Files (x86)\Lenovo\FusionEngine;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin;C:\Program Files\Oberthur Technologies\AuthentIC Webpack\Dlls;C:\Program Files (x86)\Oberthur Technologies\AuthentIC Webpack\Dlls;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-730528100-2434808331-2332212028-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Dhayan Franco Rojas\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 190.113.220.18 - 190.113.220.51
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

HKLM\...\StartupApproved\Run: => "PhoneCompanion"
HKLM\...\StartupApproved\Run: => "SignnetServices"
HKLM\...\StartupApproved\Run: => "AuthentIC Manager"
HKLM\...\StartupApproved\Run32: => "CLMLServer_For_P2G8"
HKLM\...\StartupApproved\Run32: => "CLVirtualDrive"
HKLM\...\StartupApproved\Run32: => "snp2uvc"
HKLM\...\StartupApproved\Run32: => "Wondershare Helper Compact.exe"
HKLM\...\StartupApproved\Run32: => "avgnt"
HKLM\...\StartupApproved\Run32: => "Qsocial"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKLM\...\StartupApproved\Run32: => "CanonQuickMenu"
HKU\S-1-5-21-730528100-2434808331-2332212028-1001\...\StartupApproved\StartupFolder: => "Enviar a OneNote.lnk"
HKU\S-1-5-21-730528100-2434808331-2332212028-1001\...\StartupApproved\StartupFolder: => "Sidebar601.lnk"
HKU\S-1-5-21-730528100-2434808331-2332212028-1001\...\StartupApproved\Run: => "FastBC"
HKU\S-1-5-21-730528100-2434808331-2332212028-1001\...\StartupApproved\Run: => "FastVD"
HKU\S-1-5-21-730528100-2434808331-2332212028-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-730528100-2434808331-2332212028-1001\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-730528100-2434808331-2332212028-1001\...\StartupApproved\Run: => "uTorrent"
HKU\S-1-5-21-730528100-2434808331-2332212028-1001\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-730528100-2434808331-2332212028-1001\...\StartupApproved\Run: => "Qsocial"
HKU\S-1-5-21-730528100-2434808331-2332212028-1001\...\StartupApproved\Run: => "E09EXLRD_1269134937"
HKU\S-1-5-21-730528100-2434808331-2332212028-1001\...\StartupApproved\Run: => "E09EXLRD_17594968"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{5045F0AF-8D05-4DB9-AC11-ABCB967A23A3}] => (Allow) C:\Program Files (x86)\Opera\58.0.3135.65\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [UDP Query User{51930909-D58A-40EF-A2CD-3A7F6635AA32}C:\program files\signnet_services\java\bin\javaw.exe] => (Allow) C:\program files\signnet_services\java\bin\javaw.exe
FirewallRules: [TCP Query User{6B6D6934-2FFE-40BD-A918-ED55008DD2DA}C:\program files\signnet_services\java\bin\javaw.exe] => (Allow) C:\program files\signnet_services\java\bin\javaw.exe
FirewallRules: [UDP Query User{132BED21-E603-4410-8A6C-BD560ECD3CBB}C:\program files (x86)\surfeasy vpn\client\surfeasyvpn.exe] => (Allow) C:\program files (x86)\surfeasy vpn\client\surfeasyvpn.exe (SurfEasy Inc -> )
FirewallRules: [TCP Query User{B6C677B5-7620-419E-B69E-03CA3A3B78B6}C:\program files (x86)\surfeasy vpn\client\surfeasyvpn.exe] => (Allow) C:\program files (x86)\surfeasy vpn\client\surfeasyvpn.exe (SurfEasy Inc -> )
FirewallRules: [{1B429CAD-972B-4FD0-B03B-5B37FB1C8798}] => (Allow) C:\Users\Dhayan Franco Rojas\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{7640C600-AF1F-4FE0-9278-3AD3A192921C}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe (Lenovo -> )
FirewallRules: [{D9B11BB9-1275-4051-A44F-87FC6994E0D6}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe (Lenovo -> )
FirewallRules: [{C075C533-12BB-4199-8F6C-C6EE54AA5440}] => (Allow) C:\Program Files\Lightworks\ntcardvt.exe (EditShare EMEA (X-Edit Limited) -> Editshare EMEA)
FirewallRules: [{4615A533-CFBC-42E5-A491-416A57C13CC1}] => (Allow) C:\Program Files\Lightworks\ntcardvt.exe (EditShare EMEA (X-Edit Limited) -> Editshare EMEA)
FirewallRules: [{5AEA0C67-3783-472A-A61C-AE2B296C9699}] => (Allow) C:\Program Files\Lightworks\lightworks.exe (EditShare EMEA (X-Edit Limited) -> )
FirewallRules: [{BBEDAC71-B6F3-4CD3-93D3-C8F2052F3D32}] => (Allow) C:\Program Files\Lightworks\lightworks.exe (EditShare EMEA (X-Edit Limited) -> )
FirewallRules: [{BF80DE9F-CDB8-4902-9FF5-37DBB2FD7CC8}] => (Allow) C:\Program Files\Lenovo\Lenovo Migration Assistant\maService.exe (Lenovo -> )
FirewallRules: [{9479624F-7F16-49FA-9325-61EDD189E093}] => (Allow) C:\Program Files\Lenovo\Lenovo Migration Assistant\maService.exe (Lenovo -> )
FirewallRules: [{85E63AE0-6CB9-4CE1-B879-6F05B88F3C55}] => (Allow) C:\Program Files\Lenovo\Lenovo Migration Assistant\MigrationAssistant.exe (Lenovo -> )
FirewallRules: [{780D9342-F45D-4910-B1AB-7A3CD34DE898}] => (Allow) C:\Program Files\Lenovo\Lenovo Migration Assistant\MigrationAssistant.exe (Lenovo -> )
FirewallRules: [{ED73DCFC-E94A-49D7-909D-5C009D480F7F}] => (Allow) C:\Program Files (x86)\Faronics\Deep Freeze\Install C-0\DFServ.exe (Faronics Corporation) [File not signed]
FirewallRules: [{15C7C7A4-153F-4311-A7C7-8B8EACA74DB9}] => (Allow) C:\Program Files (x86)\Faronics\Deep Freeze\Install C-0\DFServ.exe (Faronics Corporation) [File not signed]
FirewallRules: [{28790C52-1E89-46CD-8901-0E570858A507}] => (Allow) C:\Program Files (x86)\Faronics\Deep Freeze\Install C-0\DFServ.exe (Faronics Corporation) [File not signed]
FirewallRules: [{149A1363-2888-445B-95A5-9B23FC5B8700}] => (Allow) C:\Program Files (x86)\Faronics\Deep Freeze\Install C-0\DFServ.exe (Faronics Corporation) [File not signed]
FirewallRules: [{57F4FFE7-71C1-4136-96F6-9B40D599A0C2}] => (Allow) %systemroot%\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{CBA459ED-EE5C-4408-99F5-8B1715428BA4}] => (Allow) %systemroot%\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{E89E3F6D-F595-4816-B049-59AB44C1BA4B}] => (Allow) %systemroot%\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{00ED1255-54BA-406C-8C9E-CEFE22CAF352}] => (Allow) %systemroot%\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{C5DFB131-86B7-4224-B06B-6D0951B2A434}] => (Allow) %systemroot%\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{683EAA91-942D-4549-860D-189509D29DBD}] => (Allow) %systemroot%\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{AADA71D7-8AF3-4A39-9A3F-8B9D5D493812}] => (Allow) %systemroot%\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{90737359-9D22-4A9B-8F92-600B2200D116}] => (Allow) %systemroot%\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{B2FEBB62-B22B-4DB5-8535-6D047B9DD187}] => (Allow) %systemroot%\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{F088219F-7275-4D5D-87BB-43684352DFC9}] => (Allow) %systemroot%\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{829B8528-363D-413D-8E78-EB40B43B7C4A}] => (Allow) C:\Program Files\CyberLink\PowerDirector10\PDR10.EXE (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{9D73AE0E-2DDC-4A03-B430-9E1851BDE080}] => (Allow) C:\Program Files (x86)\Lenovo\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{00492F92-E8FF-41AB-876E-C9B06140DC2F}] => (Allow) C:\Program Files (x86)\Lenovo\PowerDVD10\PowerDVD10.EXE (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{6CFF8589-A060-4ECE-A991-9696B38D3154}] => (Allow) C:\Program Files\Lenovo PhoneCompanion\LPAWDService.exe (Lenovo -> )
FirewallRules: [{D4649B42-8485-4778-9983-4CC562C5F171}] => (Allow) C:\Program Files\Lenovo PhoneCompanion\LPAWDService.exe (Lenovo -> )
FirewallRules: [{FDC9CA87-A021-44DF-B785-BE32142C0822}] => (Allow) LPort=55100
FirewallRules: [{C51038A3-2B69-478E-952D-597A4A7B1896}] => (Allow) C:\Program Files\Lenovo PhotoMasterImport\PhotoMasterImport.exe (Lenovo (Beijing) Limited -> Lenovo)
FirewallRules: [{97FB055D-36A5-4070-9AD0-CEBCCBA87F02}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{6F450769-9A40-4E62-AA8A-0597BC1FB096}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{9224042D-8D5E-460A-9403-3A09C79CFEAF}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe (LENOVO -> Lenovo)
FirewallRules: [{E9501BCC-738C-421D-95B5-DB59D1E35C29}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe (LENOVO -> Lenovo)
FirewallRules: [{4B1CC3B3-A077-416F-8BC8-EB85CB3148F4}] => (Allow) C:\Program Files (x86)\SHAREit\SHAREit\SHAREit.exe (LENOVO -> SHAREit Technologies Co.Ltd)
FirewallRules: [{E326F69C-FF63-4F9F-9A19-F074FBE3D842}] => (Allow) C:\Program Files (x86)\SHAREit\SHAREit\SHAREit.exe (LENOVO -> SHAREit Technologies Co.Ltd)
FirewallRules: [TCP Query User{B19E10DE-580E-4390-AF8E-BB1109E3A00F}C:\cmaptoolslogs\cmaptools\jre\bin\javaw.exe] => (Allow) C:\cmaptoolslogs\cmaptools\jre\bin\javaw.exe
FirewallRules: [UDP Query User{EC08FAE7-A20F-43B1-95F1-556251ADFE20}C:\cmaptoolslogs\cmaptools\jre\bin\javaw.exe] => (Allow) C:\cmaptoolslogs\cmaptools\jre\bin\javaw.exe
FirewallRules: [TCP Query User{8526EF37-E790-46C6-8A0F-A0884EBB8392}C:\cmaptoolslogs\cmaptools\jre\bin\javaw.exe] => (Allow) C:\cmaptoolslogs\cmaptools\jre\bin\javaw.exe
FirewallRules: [UDP Query User{C5105679-4FA4-45FE-827C-86E6A6483A6B}C:\cmaptoolslogs\cmaptools\jre\bin\javaw.exe] => (Allow) C:\cmaptoolslogs\cmaptools\jre\bin\javaw.exe
FirewallRules: [{E7D010FC-B21A-44E8-85D0-D6002E1CCF33}] => (Allow) C:\Users\Dhayan Franco Rojas\AppData\Roaming\uTorrent\uTorrent.exe No File
FirewallRules: [{3A871BD7-C5EF-4DE5-9344-C1E7A1A9A3DC}] => (Allow) C:\Users\Dhayan Franco Rojas\AppData\Roaming\uTorrent\uTorrent.exe No File
FirewallRules: [TCP Query User{A7863DF5-86CC-4FF6-B603-4AE0B650BCAE}C:\program files\rstudio\bin\x64\rsession.exe] => (Allow) C:\program files\rstudio\bin\x64\rsession.exe (RStudio, Inc.) [File not signed]
FirewallRules: [UDP Query User{965CF23A-E061-4E28-A26A-89FAFB179BDF}C:\program files\rstudio\bin\x64\rsession.exe] => (Allow) C:\program files\rstudio\bin\x64\rsession.exe (RStudio, Inc.) [File not signed]
FirewallRules: [TCP Query User{335EB22E-2F3E-48E0-A975-248A20D22AFC}C:\program files\rstudio\bin\x64\rsession.exe] => (Allow) C:\program files\rstudio\bin\x64\rsession.exe (RStudio, Inc.) [File not signed]
FirewallRules: [UDP Query User{FC8C0306-F9CE-4793-97C2-82CFCA51D635}C:\program files\rstudio\bin\x64\rsession.exe] => (Allow) C:\program files\rstudio\bin\x64\rsession.exe (RStudio, Inc.) [File not signed]
FirewallRules: [{081905EE-B515-4A76-8EED-7DE590BDBAE0}] => (Allow) C:\Program Files (x86)\Opera\58.0.3135.68\opera.exe (Opera Software AS -> Opera Software)

==================== Restore Points =========================

20-02-2019 18:22:13 Windows Update

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (02/24/2019 10:09:42 PM) (Source: Microsoft-Windows-Perflib) (EventID: 1023) (User: Lenovo-PC)
Description: Windows no puede cargar el archivo DLL del contador extensible "C:\WINDOWS\system32\sysmain.dll" (código de error de Win32 126).

Error: (02/24/2019 10:09:40 PM) (Source: PerfNet) (EventID: 2004) (User: )
Description: No se puede abrir el objeto de rendimiento del servicio del servidor. Los primeros cuatro bytes (DWORD) de la sección de datos contienen el código de estado.

Error: (02/24/2019 11:58:10 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: GDCAgent.exe, versión: 1.0.1.2, marca de tiempo: 0x5563cd67
Nombre del módulo con errores: GDCAgent.exe, versión: 1.0.1.2, marca de tiempo: 0x5563cd67
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x0001fc59
Identificador del proceso con errores: 0x1c7c
Hora de inicio de la aplicación con errores: 0x01d4cc1e80517237
Ruta de acceso de la aplicación con errores: C:\Program Files (x86)\Lenovo\GDCAgentSetupRed\GDCAgent.exe
Ruta de acceso del módulo con errores: C:\Program Files (x86)\Lenovo\GDCAgentSetupRed\GDCAgent.exe
Identificador del informe: dd8297e9-cae5-4fe7-bad0-23a78cd18ae2
Nombre completo del paquete con errores: 
Identificador de aplicación relativa del paquete con errores:

Error: (02/24/2019 04:01:16 AM) (Source: Microsoft-Windows-Perflib) (EventID: 1023) (User: Lenovo-PC)
Description: Windows no puede cargar el archivo DLL del contador extensible "C:\WINDOWS\system32\sysmain.dll" (código de error de Win32 126).

Error: (02/24/2019 04:01:15 AM) (Source: PerfNet) (EventID: 2004) (User: )
Description: No se puede abrir el objeto de rendimiento del servicio del servidor. Los primeros cuatro bytes (DWORD) de la sección de datos contienen el código de estado.

Error: (02/23/2019 07:50:43 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: GDCAgent.exe, versión: 1.0.1.2, marca de tiempo: 0x5563cd67
Nombre del módulo con errores: GDCAgent.exe, versión: 1.0.1.2, marca de tiempo: 0x5563cd67
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x0001fc59
Identificador del proceso con errores: 0x2344
Hora de inicio de la aplicación con errores: 0x01d4cb9daa98e0ab
Ruta de acceso de la aplicación con errores: C:\Program Files (x86)\Lenovo\GDCAgentSetupRed\GDCAgent.exe
Ruta de acceso del módulo con errores: C:\Program Files (x86)\Lenovo\GDCAgentSetupRed\GDCAgent.exe
Identificador del informe: 0f71117b-e5a7-4a6b-9f8d-dccba0f29cdb
Nombre completo del paquete con errores: 
Identificador de aplicación relativa del paquete con errores:

Error: (02/23/2019 12:38:42 PM) (Source: Microsoft-Windows-Perflib) (EventID: 1023) (User: Lenovo-PC)
Description: Windows no puede cargar el archivo DLL del contador extensible "C:\WINDOWS\system32\sysmain.dll" (código de error de Win32 126).

Error: (02/23/2019 12:38:40 PM) (Source: PerfNet) (EventID: 2004) (User: )
Description: No se puede abrir el objeto de rendimiento del servicio del servidor. Los primeros cuatro bytes (DWORD) de la sección de datos contienen el código de estado.


System errors:
=============
Error: (02/24/2019 10:17:29 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Error de instalación: error de Windows al instalar la siguiente actualización, error 0x80070643: Actualización de la plataforma antimalware de Windows Defender Antivirus - KB4052623 (versión 4.18.1902.2).

Error: (02/24/2019 10:15:46 PM) (Source: DCOM) (EventID: 10016) (User: Lenovo-PC)
Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID 
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
 y APPID 
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
 al usuario Lenovo-PC\Dhayan Franco Rojas con SID (S-1-5-21-730528100-2434808331-2332212028-1001) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.

Error: (02/24/2019 10:11:01 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: La configuración de permisos específico de la aplicación no concede el permiso Iniciar Local para la aplicación de servidor COM con CLSID 
Windows.SecurityCenter.WscBrokerManager
 y APPID 
No disponible
 al usuario NT AUTHORITY\SYSTEM con SID (S-1-5-18) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.

Error: (02/24/2019 10:11:01 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: La configuración de permisos específico de la aplicación no concede el permiso Iniciar Local para la aplicación de servidor COM con CLSID 
Windows.SecurityCenter.SecurityAppBroker
 y APPID 
No disponible
 al usuario NT AUTHORITY\SYSTEM con SID (S-1-5-18) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.

Error: (02/24/2019 10:10:12 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: El servicio Update Orchestrator Service no respondió después de iniciar.

Error: (02/24/2019 10:08:05 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: El servicio Agente de supervisión en tiempo de ejecución de Protección del sistema no respondió después de iniciar.

Error: (02/24/2019 10:05:59 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio McAfee CSP Service no pudo iniciarse debido al siguiente error: 
El servicio no respondió a tiempo a la solicitud de inicio o de control.

Error: (02/24/2019 10:05:59 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Se agotó el tiempo de espera (30000 ms) para la conexión con el servicio McAfee CSP Service.


Windows Defender:
===================================
Date: 2019-02-22 18:44:44.262
Description: 
El examen de Antivirus de Windows Defender se detuvo antes de completarse.
Id. de examen: {8B73A7CA-C099-4D5A-9FD2-473F80987997}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM

Date: 2019-02-22 17:51:35.677
Description: 
El examen de Antivirus de Windows Defender se detuvo antes de completarse.
Id. de examen: {73649DB9-2454-4ACF-AF21-0305A8E48FDC}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM

Date: 2019-02-22 16:07:32.312
Description: 
El examen de Antivirus de Windows Defender se detuvo antes de completarse.
Id. de examen: {E9C3BBE0-8E5A-4E98-A0EA-2C386C20312E}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM

Date: 2019-02-22 11:09:25.858
Description: 
Antivirus de Windows Defender detectó malware u otro software potencialmente no deseado.
Para obtener más información consulte lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Tilken.A!cl&threatid=2147722739&enterprise=0
Nombre: Trojan:Win32/Tilken.A!cl
Id.: 2147722739
Gravedad: Grave
Categoría: Caballo de Troya
Ruta de acceso: file:_G:\.android_secure.exe; file:_G:\Android.exe; file:_G:\DCIM.exe
Origen de detección: Equipo local
Tipo de detección: FastPath
Fuente de detección: Protección en tiempo real
Usuario: Lenovo-PC\Dhayan Franco Rojas
Nombre de proceso: C:\Windows\explorer.exe
Versión de firma: AV: 1.287.533.0, AS: 1.287.533.0, NIS: 1.287.533.0
Versión de motor: AM: 1.1.15700.8, NIS: 1.1.15700.8

Date: 2019-02-22 11:07:17.985
Description: 
Antivirus de Windows Defender detectó malware u otro software potencialmente no deseado.
Para obtener más información consulte lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Tilken.A!cl&threatid=2147722739&enterprise=0
Nombre: Trojan:Win32/Tilken.A!cl
Id.: 2147722739
Gravedad: Grave
Categoría: Caballo de Troya
Ruta de acceso: file:_G:\.android_secure.exe; file:_G:\Android.exe; file:_G:\DCIM.exe
Origen de detección: Equipo local
Tipo de detección: FastPath
Fuente de detección: Protección en tiempo real
Usuario: Lenovo-PC\Dhayan Franco Rojas
Nombre de proceso: C:\Windows\explorer.exe
Versión de firma: AV: 1.287.533.0, AS: 1.287.533.0, NIS: 1.287.533.0
Versión de motor: AM: 1.1.15700.8, NIS: 1.1.15700.8

Date: 2019-02-22 08:24:20.034
Description: 
Antivirus de Windows Defender encontró un error al intentar actualizar las firmas.
Nueva versión de firma: 
Versión de firma anterior: 1.287.533.0
Origen de actualización: Servidor de Microsoft Update
Tipo de firma: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\SYSTEM
Versión de motor actual: 
Versión de motor anterior: 1.1.15700.8
Código de error: 0x80240016
Descripción del error: Se produjo un problema inesperado mientras se buscaban actualizaciones. Para obtener más información sobre cómo instalar o solucionar problemas en las actualizaciones, consulte Ayuda y soporte técnico. 

==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i3-4005U CPU @ 1.70GHz
Percentage of memory in use: 61%
Total physical RAM: 4017.08 MB
Available physical RAM: 1565.71 MB
Total Virtual: 6961.08 MB
Available Virtual: 4028.6 MB

==================== Drives ================================

Drive c: (Windows8_OS) (Fixed) (Total:891.55 GB) (Free:507.58 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:23.22 GB) NTFS
Drive f: (ThawSpace0) (Fixed) (Total:2 GB) (Free:1.98 GB) NTFS

\\?\Volume{2cf442cf-3cb2-427e-acb7-75795dcbaf37}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.68 GB) NTFS
\\?\Volume{5f4606ef-744c-4856-822c-0fd4b3f422c0}\ (PBR_DRV) (Fixed) (Total:12.63 GB) (Free:2.48 GB) NTFS
\\?\Volume{fbe757b1-cf60-472a-be45-a7cf49c629fe}\ (SYSTEM_DRV) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 199C80AA)

Partition: GPT.

==================== End of Addition.txt ============================

Hola @yanku_f.r

:arrow_forward: MUY Importante :arrow_backward: Realiza una copia de seguridad del registro :

  • Para hacerlo descarga :arrow_forward: DelFix.exe( en tu escritorio).

  • Doble clic para ejecutarlo.(Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona -Ejecutar como Administrador-).

  • Atención, ahora marca/selecciona únicamente la casilla "Create registry backup", las demás NO.

  • Pulsar en Run.

Se abrirá el informe (DelFix.txt), guárdalo por si fuera necesario y cierra la herramienta.

:warning: Con los demás programas cerrados ve a :arrow_forward: Inicio :arrow_forward: Ejecutar :arrow_forward: y escribe Notepad.exe.

  • Ahora debes copiar y pegar los códigos/líneas que están en el interior del recuadro de más abajo, dentro del Notepad.
START
CREATERESTOREPOINT:
CLOSEPROCESSES:
HKLM\\...\Run: [SignnetServices] => "C:\Program Files\SIGNNET_SERVICES\Java\bin\javaw.exe" -jar  "C:\Program Files\SIGNNET_SERVICES\SignnetServicio.jar"
HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] (Fortemedia Inc -> )
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [919768 2014-11-20] (Conexant Systems, Inc. -> Conexant Systems, Inc.)
HKLM-x32\...\Run: [iSkysoft Helper Compact.exe] => C:\Program Files (x86)\Common Files\iSkysoft\iSkysoft Helper Compact\ISHelper.exe [2138272 2016-10-08] (Shenzhen Yi Xing Investment Co., Ltd. -> iSkySoft)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601936 2018-12-15] (Oracle America, Inc. -> Oracle Corporation)
HKLM\...\Policies\Explorer: [Max Cached Icons] 2000
HKU\S-1-5-21-730528100-2434808331-2332212028-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9773272 2017-05-19] (Piriform Ltd -> Piriform Ltd)
HKLM\...\Drivers32: [msacm.vorbis] => C:\WINDOWS\system32\vorbis.acm [1470976 2015-03-11] (HMS hxxp://hp.vector.co.jp/authors/VA012897/) [File not signed]
HKLM\...\Drivers32: [msacm.vorbis] => C:\WINDOWS\SysWOW64\vorbis.acm [1554944 2015-03-11] (HMS hxxp://hp.vector.co.jp/authors/VA012897/) [File not signed]
GroupPolicy: Restriction ? <==== ATTENTION
HKU\S-1-5-21-730528100-2434808331-2332212028-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/?trackid=sp-006
SearchScopes: HKLM-x32 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKLM-x32 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\S-1-5-21-730528100-2434808331-2332212028-1001 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\S-1-5-21-730528100-2434808331-2332212028-1001 -> {09C552BC-44AC-4937-B9C2-1314AE97C9DA} URL = hxxps://pe.search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default
SearchScopes: HKU\S-1-5-21-730528100-2434808331-2332212028-1001 -> {6586d803-df30-46d3-a89a-4136c8571d45} URL = 
SearchScopes: HKU\S-1-5-21-730528100-2434808331-2332212028-1001 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} -  No File
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} -  No File
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} -  No File
FF Extension: (Zotero LibreOffice Integration) - C:\Program Files (x86)\Zotero\extensions\[email protected] [2018-06-21] [Legacy] [not signed]
FF Extension: (Zotero Word for Windows Integration) - C:\Program Files (x86)\Zotero\extensions\[email protected] [2018-06-21] [Legacy] [not signed]
FF HKLM-x32\...\Thunderbird\Extensions: [[email protected]] - C:\Program Files\McAfee\MSK => not found
FF Plugin: @mcafee.com/MSC,version=10 -> C:\Program Files\McAfee\MSC\NPMCSN~1.DLL [No File]
FF Plugin: @microsoft.com/VirtualEarth3D,version=4.0 -> C:\Program Files (x86)\Virtual Earth 3D\ [No File]
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2011-11-30] (CANON INC.) [File not signed]
FF Plugin-x32: @mcafee.com/MSC,version=10 -> C:\Program Files (x86)\McAfee\msc\NPMCSN~1.DLL [No File]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [No File]
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [No File]
CHR Extension: (Chrome Media Router) - C:\Users\Dhayan Franco Rojas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-07-16]
CHR HKLM\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx <not found>
2019-02-24 22:03 - 2019-02-24 22:03 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2019-02-20 18:13 - 2019-02-20 18:14 - 000002280 _____ C:\WINDOWS\System32\Tasks\{A9721BFA-2F9C-45F8-86A4-A38D58448208}
2019-02-20 18:13 - 2019-02-20 18:14 - 000002088 _____ C:\WINDOWS\System32\Tasks\{C3298083-BE4E-407E-AFEC-E92C8D44901D}
2019-02-20 18:13 - 2019-02-20 18:13 - 000003042 _____ C:\WINDOWS\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473
2019-02-20 18:13 - 2019-02-20 18:13 - 000002680 _____ C:\WINDOWS\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon
2019-02-20 18:13 - 2019-02-20 18:13 - 000002246 _____ C:\WINDOWS\System32\Tasks\{43A02C38-DC24-440C-BF32-5875A8430AAC}
2019-02-20 18:13 - 2019-02-20 18:13 - 000001970 _____ C:\WINDOWS\System32\Tasks\{A636331C-9D41-4858-8B08-DA5CDD95F9F4}
2019-02-20 18:13 - 2019-02-20 18:13 - 000001970 _____ C:\WINDOWS\System32\Tasks\{3802A363-28ED-42D9-BB42-CAD22A337022}
2019-02-20 18:13 - 2019-02-20 18:13 - 000000000 ____D C:\WINDOWS\System32\Tasks\Avira
2019-02-20 18:13 - 2019-02-20 18:13 - 000000000 ____D C:\WINDOWS\System32\Tasks\AVAST Software
2019-02-20 17:38 - 2019-02-20 17:38 - 000000200 _____ C:\WINDOWS\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat
2019-02-16 22:24 - 2017-07-10 14:32 - 000000000 ____D C:\ProgramData\IObit
2019-02-16 22:24 - 2017-07-10 14:32 - 000000000 ____D C:\Program Files (x86)\IObit
CustomCLSID: HKU\S-1-5-21-730528100-2434808331-2332212028-1001_Classes\CLSID\{0B7AD8D3-094A-44DE-A348-83C6C3FA347C}\InprocServer32 -> C:\Users\Dhayan Franco Rojas\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Clipboarder.gadget\Release\Clipboarder64.dll (Helmut Buhler) [File not signed]
CustomCLSID: HKU\S-1-5-21-730528100-2434808331-2332212028-1001_Classes\CLSID\{0E7BE950-4ACC-47CB-834B-41A8B96BBFF9}\InprocServer32 -> C:\Users\Dhayan Franco Rojas\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Sidebar7.gadget\Release\Sidebar7.64.dll (Helmut Buhler) [File not signed]
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ContextMenuHandlers1: [McCtxMenuFrmWrk] -> {CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} =>  -> No File
ContextMenuHandlers3: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
ContextMenuHandlers6: [McCtxMenuFrmWrk] -> {CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} =>  -> No File
Task: {0DD60C50-EDD2-41B7-8476-6B0E9BC1551F} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {110B1B06-2C1F-4F84-8498-DFD7825BD3B2} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {12AE9A2F-46FF-435B-9C59-7C9E3ECF0175} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {238FFE9F-0DB3-4BC2-99FF-BF2814D537CF} - \Microsoft\Windows\Setup\gwx\rundetector -> No File <==== ATTENTION
Task: {2919EC29-969D-47BE-89C8-290649EB8F50} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {2AFE6628-D974-4E9D-965B-880CB8CD013C} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {80C25392-9FF3-4D23-ADFB-5DBD999D24B9} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {86F3F7A2-6416-41F6-B93A-62D11E508641} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {89D66E60-8099-42B9-89D4-FD459BE9DC5F} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION
Task: {9915A635-6483-4A9C-8FD4-8ECBCFEFDE15} - System32\Tasks\Uninstaller_SkipUac_Dhayan_Franco_Rojas => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe
Task: {993C9A35-112B-4D92-BD79-77EA238E2218} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {A36B62EC-8DA5-42CF-8D2C-F4627EC2FC4A} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {B396E92B-109C-4CD8-8631-F9E59967004C} - \WPD\SqmUpload_S-1-5-21-730528100-2434808331-2332212028-1001 -> No File <==== ATTENTION
Task: {CF2DF8ED-3375-4756-A620-7EFD61F3E359} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {E45B635F-C1D7-4508-AFB1-EDFCAC17C443} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {E4CCA408-2EE1-49A3-A0D5-5D59E0392137} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {EDF407D6-0BBA-4DD1-BCD0-16C027923397} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: C:\WINDOWS\Tasks\Uninstaller_SkipUac_Dhayan_Franco_Rojas.job => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe
AlternateDataStreams: C:\ProgramData\Temp:1FCE3F44 [121]
HKU\S-1-5-21-730528100-2434808331-2332212028-1001\Software\Classes\regfile: regedit.exe "%1" <==== ATTENTION
FirewallRules: [{E7D010FC-B21A-44E8-85D0-D6002E1CCF33}] => (Allow) C:\Users\Dhayan Franco Rojas\AppData\Roaming\uTorrent\uTorrent.exe No File
FirewallRules: [{3A871BD7-C5EF-4DE5-9344-C1E7A1A9A3DC}] => (Allow) C:\Users\Dhayan Franco Rojas\AppData\Roaming\uTorrent\uTorrent.exe No File
FirewallRules: [TCP Query User{A7863DF5-86CC-4FF6-B603-4AE0B650BCAE}C:\program files\rstudio\bin\x64\rsession.exe] => (Allow) C:\program files\rstudio\bin\x64\rsession.exe (RStudio, Inc.) [File not signed]
FirewallRules: [UDP Query User{965CF23A-E061-4E28-A26A-89FAFB179BDF}C:\program files\rstudio\bin\x64\rsession.exe] => (Allow) C:\program files\rstudio\bin\x64\rsession.exe (RStudio, Inc.) [File not signed]
FirewallRules: [TCP Query User{335EB22E-2F3E-48E0-A975-248A20D22AFC}C:\program files\rstudio\bin\x64\rsession.exe] => (Allow) C:\program files\rstudio\bin\x64\rsession.exe (RStudio, Inc.) [File not signed]
FirewallRules: [UDP Query User{FC8C0306-F9CE-4793-97C2-82CFCA51D635}C:\program files\rstudio\bin\x64\rsession.exe] => (Allow) C:\program files\rstudio\bin\x64\rsession.exe (RStudio, Inc.) [File not signed]
C:\Users\Dhayan Franco Rojas\Desktop\américa latina y el caribe, una mirada al futuro desde los objetivos de desarrollo del milenio informe regional de monitoreo de los objetivos de desarrollo del milenio (odm) en américa latina y el caribe, 2015.pdf.opdownload

HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
END

Guárdalo bajo el nombre de FIXLIST.TXT en el escritorio :arrow_backward: Esto es muy importante.

:o: Nota :o: Es importante que la herramienta FRST.exe (Farbar Recovery Scanner Tool) y FIXLIST.TXT se encuentren en la misma ubicación (escritorio) o si no, no trabajara.


  • Ejecuta FRST.exe.(Si usas Windows Vista/7/8 o 10, presiona clic derecho y seleccionas -Ejecutar como Administrador-).
  • Presionar el botón FIX y aguardar a que termine.
  • La Herramienta guardara el reporte de reparación en el escritorio (FIXLOG.TXT).

Pega el contenido de este fichero en tu próxima respuesta.

Reiniciar el equipo y comprobar su funcionamiento en relación al problema planteado y comentarlo.

Un saludo

Hola. Aun no se puede borrar ese archivo.

Así salió el informe de Fixlog.txt

Fix result of Farbar Recovery Scan Tool (x64) Version: 03.03.2019 01
Ran by Dhayan Franco Rojas (16-03-2019 12:23:08) Run:1
Running from C:\Users\Dhayan Franco Rojas\Desktop
Loaded Profiles: Dhayan Franco Rojas (Available Profiles: Dhayan Franco Rojas)
Boot Mode: Normal
==============================================

fixlist content:
*****************
START

CREATERESTOREPOINT:

CLOSEPROCESSES:

HKLM\\...\Run: [SignnetServices] => "C:\Program Files\SIGNNET_SERVICES\Java\bin\javaw.exe" -jar  "C:\Program Files\SIGNNET_SERVICES\SignnetServicio.jar"

HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] (Fortemedia Inc -> )

HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [919768 2014-11-20] (Conexant Systems, Inc. -> Conexant Systems, Inc.)

HKLM-x32\...\Run: [iSkysoft Helper Compact.exe] => C:\Program Files (x86)\Common Files\iSkysoft\iSkysoft Helper Compact\ISHelper.exe [2138272 2016-10-08] (Shenzhen Yi Xing Investment Co., Ltd. -> iSkySoft)

HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601936 2018-12-15] (Oracle America, Inc. -> Oracle Corporation)

HKLM\...\Policies\Explorer: [Max Cached Icons] 2000

HKU\S-1-5-21-730528100-2434808331-2332212028-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9773272 2017-05-19] (Piriform Ltd -> Piriform Ltd)

HKLM\...\Drivers32: [msacm.vorbis] => C:\WINDOWS\system32\vorbis.acm [1470976 2015-03-11] (HMS hxxp://hp.vector.co.jp/authors/VA012897/) [File not signed]

HKLM\...\Drivers32: [msacm.vorbis] => C:\WINDOWS\SysWOW64\vorbis.acm [1554944 2015-03-11] (HMS hxxp://hp.vector.co.jp/authors/VA012897/) [File not signed]

GroupPolicy: Restriction ? <==== ATTENTION

HKU\S-1-5-21-730528100-2434808331-2332212028-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/?trackid=sp-006

SearchScopes: HKLM-x32 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}

SearchScopes: HKLM-x32 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}

SearchScopes: HKU\S-1-5-21-730528100-2434808331-2332212028-1001 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}

SearchScopes: HKU\S-1-5-21-730528100-2434808331-2332212028-1001 -> {09C552BC-44AC-4937-B9C2-1314AE97C9DA} URL = hxxps://pe.search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default

SearchScopes: HKU\S-1-5-21-730528100-2434808331-2332212028-1001 -> {6586d803-df30-46d3-a89a-4136c8571d45} URL = 

SearchScopes: HKU\S-1-5-21-730528100-2434808331-2332212028-1001 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}

Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} -  No File

Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} -  No File

Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} -  No File

FF Extension: (Zotero LibreOffice Integration) - C:\Program Files (x86)\Zotero\extensions\[email protected] [2018-06-21] [Legacy] [not signed]

FF Extension: (Zotero Word for Windows Integration) - C:\Program Files (x86)\Zotero\extensions\[email protected] [2018-06-21] [Legacy] [not signed]

FF HKLM-x32\...\Thunderbird\Extensions: [[email protected]] - C:\Program Files\McAfee\MSK => not found

FF Plugin: @mcafee.com/MSC,version=10 -> C:\Program Files\McAfee\MSC\NPMCSN~1.DLL [No File]

FF Plugin: @microsoft.com/VirtualEarth3D,version=4.0 -> C:\Program Files (x86)\Virtual Earth 3D\ [No File]

FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2011-11-30] (CANON INC.) [File not signed]

FF Plugin-x32: @mcafee.com/MSC,version=10 -> C:\Program Files (x86)\McAfee\msc\NPMCSN~1.DLL [No File]

FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [No File]

FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [No File]

CHR Extension: (Chrome Media Router) - C:\Users\Dhayan Franco Rojas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-07-16]

CHR HKLM\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll] - hxxps://clients2.google.com/service/update2/crx

CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx <not found>

2019-02-24 22:03 - 2019-02-24 22:03 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat

2019-02-20 18:13 - 2019-02-20 18:14 - 000002280 _____ C:\WINDOWS\System32\Tasks\{A9721BFA-2F9C-45F8-86A4-A38D58448208}

2019-02-20 18:13 - 2019-02-20 18:14 - 000002088 _____ C:\WINDOWS\System32\Tasks\{C3298083-BE4E-407E-AFEC-E92C8D44901D}

2019-02-20 18:13 - 2019-02-20 18:13 - 000003042 _____ C:\WINDOWS\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473

2019-02-20 18:13 - 2019-02-20 18:13 - 000002680 _____ C:\WINDOWS\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon

2019-02-20 18:13 - 2019-02-20 18:13 - 000002246 _____ C:\WINDOWS\System32\Tasks\{43A02C38-DC24-440C-BF32-5875A8430AAC}

2019-02-20 18:13 - 2019-02-20 18:13 - 000001970 _____ C:\WINDOWS\System32\Tasks\{A636331C-9D41-4858-8B08-DA5CDD95F9F4}

2019-02-20 18:13 - 2019-02-20 18:13 - 000001970 _____ C:\WINDOWS\System32\Tasks\{3802A363-28ED-42D9-BB42-CAD22A337022}

2019-02-20 18:13 - 2019-02-20 18:13 - 000000000 ____D C:\WINDOWS\System32\Tasks\Avira

2019-02-20 18:13 - 2019-02-20 18:13 - 000000000 ____D C:\WINDOWS\System32\Tasks\AVAST Software

2019-02-20 17:38 - 2019-02-20 17:38 - 000000200 _____ C:\WINDOWS\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat

2019-02-16 22:24 - 2017-07-10 14:32 - 000000000 ____D C:\ProgramData\IObit

2019-02-16 22:24 - 2017-07-10 14:32 - 000000000 ____D C:\Program Files (x86)\IObit

CustomCLSID: HKU\S-1-5-21-730528100-2434808331-2332212028-1001_Classes\CLSID\{0B7AD8D3-094A-44DE-A348-83C6C3FA347C}\InprocServer32 -> C:\Users\Dhayan Franco Rojas\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Clipboarder.gadget\Release\Clipboarder64.dll (Helmut Buhler) [File not signed]

CustomCLSID: HKU\S-1-5-21-730528100-2434808331-2332212028-1001_Classes\CLSID\{0E7BE950-4ACC-47CB-834B-41A8B96BBFF9}\InprocServer32 -> C:\Users\Dhayan Franco Rojas\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Sidebar7.gadget\Release\Sidebar7.64.dll (Helmut Buhler) [File not signed]

ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File

ContextMenuHandlers1: [McCtxMenuFrmWrk] -> {CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} =>  -> No File

ContextMenuHandlers3: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File

ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File

ContextMenuHandlers6: [McCtxMenuFrmWrk] -> {CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} =>  -> No File

Task: {0DD60C50-EDD2-41B7-8476-6B0E9BC1551F} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION

Task: {110B1B06-2C1F-4F84-8498-DFD7825BD3B2} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION

Task: {12AE9A2F-46FF-435B-9C59-7C9E3ECF0175} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION

Task: {238FFE9F-0DB3-4BC2-99FF-BF2814D537CF} - \Microsoft\Windows\Setup\gwx\rundetector -> No File <==== ATTENTION

Task: {2919EC29-969D-47BE-89C8-290649EB8F50} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION

Task: {2AFE6628-D974-4E9D-965B-880CB8CD013C} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION

Task: {80C25392-9FF3-4D23-ADFB-5DBD999D24B9} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION

Task: {86F3F7A2-6416-41F6-B93A-62D11E508641} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION

Task: {89D66E60-8099-42B9-89D4-FD459BE9DC5F} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION

Task: {9915A635-6483-4A9C-8FD4-8ECBCFEFDE15} - System32\Tasks\Uninstaller_SkipUac_Dhayan_Franco_Rojas => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe

Task: {993C9A35-112B-4D92-BD79-77EA238E2218} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION

Task: {A36B62EC-8DA5-42CF-8D2C-F4627EC2FC4A} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION

Task: {B396E92B-109C-4CD8-8631-F9E59967004C} - \WPD\SqmUpload_S-1-5-21-730528100-2434808331-2332212028-1001 -> No File <==== ATTENTION

Task: {CF2DF8ED-3375-4756-A620-7EFD61F3E359} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION

Task: {E45B635F-C1D7-4508-AFB1-EDFCAC17C443} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION

Task: {E4CCA408-2EE1-49A3-A0D5-5D59E0392137} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION

Task: {EDF407D6-0BBA-4DD1-BCD0-16C027923397} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION

Task: C:\WINDOWS\Tasks\Uninstaller_SkipUac_Dhayan_Franco_Rojas.job => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe

AlternateDataStreams: C:\ProgramData\Temp:1FCE3F44 [121]

HKU\S-1-5-21-730528100-2434808331-2332212028-1001\Software\Classes\regfile: regedit.exe "%1" <==== ATTENTION

FirewallRules: [{E7D010FC-B21A-44E8-85D0-D6002E1CCF33}] => (Allow) C:\Users\Dhayan Franco Rojas\AppData\Roaming\uTorrent\uTorrent.exe No File

FirewallRules: [{3A871BD7-C5EF-4DE5-9344-C1E7A1A9A3DC}] => (Allow) C:\Users\Dhayan Franco Rojas\AppData\Roaming\uTorrent\uTorrent.exe No File

FirewallRules: [TCP Query User{A7863DF5-86CC-4FF6-B603-4AE0B650BCAE}C:\program files\rstudio\bin\x64\rsession.exe] => (Allow) C:\program files\rstudio\bin\x64\rsession.exe (RStudio, Inc.) [File not signed]

FirewallRules: [UDP Query User{965CF23A-E061-4E28-A26A-89FAFB179BDF}C:\program files\rstudio\bin\x64\rsession.exe] => (Allow) C:\program files\rstudio\bin\x64\rsession.exe (RStudio, Inc.) [File not signed]

FirewallRules: [TCP Query User{335EB22E-2F3E-48E0-A975-248A20D22AFC}C:\program files\rstudio\bin\x64\rsession.exe] => (Allow) C:\program files\rstudio\bin\x64\rsession.exe (RStudio, Inc.) [File not signed]

FirewallRules: [UDP Query User{FC8C0306-F9CE-4793-97C2-82CFCA51D635}C:\program files\rstudio\bin\x64\rsession.exe] => (Allow) C:\program files\rstudio\bin\x64\rsession.exe (RStudio, Inc.) [File not signed]

C:\Users\Dhayan Franco Rojas\Desktop\am�rica latina y el caribe, una mirada al futuro desde los objetivos de desarrollo del milenio informe regional de monitoreo de los objetivos de desarrollo del milenio (odm) en am�rica latina y el caribe, 2015.pdf.opdownload



HOSTS:

REMOVEPROXY:

EMPTYTEMP:

CMD: netsh winsock reset

CMD: ipconfig /renew

CMD: ipconfig /flushdns

CMD: bitsadmin /reset /allusers

CMD: netsh advfirewall reset

CMD: netsh advfirewall set allprofiles state ON

CMD: netsh int ipv4 reset

CMD: netsh int ipv6 reset

END
*****************

Restore point was successfully created.
Processes closed successfully.
HKLM\\...\Run: [SignnetServices] => "C:\Program Files\SIGNNET_SERVICES\Java\bin\javaw.exe" -jar  "C:\Program Files\SIGNNET_SERVICES\SignnetServicio.jar" => Error: No automatic fix found for this entry.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\ForteConfig" => removed successfully
"HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\cAudioFilterAgent" => removed successfully
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\iSkysoft Helper Compact.exe" => removed successfully
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched" => removed successfully
"HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\Max Cached Icons" => removed successfully
"HKU\S-1-5-21-730528100-2434808331-2332212028-1001\Software\Microsoft\Windows\CurrentVersion\Run\\CCleaner Monitoring" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\\msacm.vorbis" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\\msacm.vorbis" => not found
C:\WINDOWS\system32\GroupPolicy\Machine => moved successfully
C:\WINDOWS\system32\GroupPolicy\GPT.ini => moved successfully
C:\WINDOWS\SysWOW64\GroupPolicy\GPT.ini => moved successfully
HKU\S-1-5-21-730528100-2434808331-2332212028-1001\Software\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{E9410C70-B6AE-41FF-AB71-32F4B279EA5F} => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{E9410C70-B6AE-41FF-AB71-32F4B279EA5F} => not found
"HKU\S-1-5-21-730528100-2434808331-2332212028-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully
HKU\S-1-5-21-730528100-2434808331-2332212028-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{09C552BC-44AC-4937-B9C2-1314AE97C9DA} => removed successfully
HKLM\Software\Classes\CLSID\{09C552BC-44AC-4937-B9C2-1314AE97C9DA} => not found
HKU\S-1-5-21-730528100-2434808331-2332212028-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6586d803-df30-46d3-a89a-4136c8571d45} => removed successfully
HKLM\Software\Classes\CLSID\{6586d803-df30-46d3-a89a-4136c8571d45} => not found
HKU\S-1-5-21-730528100-2434808331-2332212028-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{E9410C70-B6AE-41FF-AB71-32F4B279EA5F} => removed successfully
HKLM\Software\Classes\CLSID\{E9410C70-B6AE-41FF-AB71-32F4B279EA5F} => not found
HKLM\Software\Classes\PROTOCOLS\Handler\dssrequest => removed successfully
HKLM\Software\Classes\CLSID\{5513F07E-936B-4E52-9B00-067394E91CC5} => not found
HKLM\Software\Classes\PROTOCOLS\Handler\sacore => removed successfully
HKLM\Software\Classes\CLSID\{5513F07E-936B-4E52-9B00-067394E91CC5} => not found
HKLM\Software\Classes\PROTOCOLS\Filter\application/x-mfe-ipt => removed successfully
HKLM\Software\Classes\CLSID\{3EF5086B-5478-4598-A054-786C45D75692} => removed successfully
C:\Program Files (x86)\Zotero\extensions\[email protected] => moved successfully
C:\Program Files (x86)\Zotero\extensions\[email protected] => path removed successfully
C:\Program Files (x86)\Zotero\extensions\[email protected] => moved successfully
C:\Program Files (x86)\Zotero\extensions\[email protected] => path removed successfully
"HKLM\Software\Wow6432Node\Mozilla\Thunderbird\Extensions\\[email protected]" => removed successfully
HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10 => removed successfully
HKLM\Software\MozillaPlugins\@microsoft.com/VirtualEarth3D,version=4.0 => removed successfully
HKLM\Software\Wow6432Node\MozillaPlugins\@canon.com/EPPEX => removed successfully
HKLM\Software\Wow6432Node\MozillaPlugins\@mcafee.com/MSC,version=10 => removed successfully
HKLM\Software\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3 => removed successfully
HKLM\Software\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9 => removed successfully
CHR Extension: (Chrome Media Router) - C:\Users\Dhayan Franco Rojas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-07-16] => Error: No automatic fix found for this entry.
HKLM\SOFTWARE\Google\Chrome\Extensions\caljgklbbfbcjjanaijlacgncafpegll => removed successfully
HKLM\SOFTWARE\Google\Chrome\Extensions\fheoggkfdfchfphceeifdbepaooicaho => removed successfully
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat => moved successfully
C:\WINDOWS\System32\Tasks\{A9721BFA-2F9C-45F8-86A4-A38D58448208} => moved successfully
C:\WINDOWS\System32\Tasks\{C3298083-BE4E-407E-AFEC-E92C8D44901D} => moved successfully
C:\WINDOWS\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => moved successfully
C:\WINDOWS\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => moved successfully
C:\WINDOWS\System32\Tasks\{43A02C38-DC24-440C-BF32-5875A8430AAC} => moved successfully
C:\WINDOWS\System32\Tasks\{A636331C-9D41-4858-8B08-DA5CDD95F9F4} => moved successfully
C:\WINDOWS\System32\Tasks\{3802A363-28ED-42D9-BB42-CAD22A337022} => moved successfully
C:\WINDOWS\System32\Tasks\Avira => moved successfully
C:\WINDOWS\System32\Tasks\AVAST Software => moved successfully
C:\WINDOWS\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat => moved successfully
C:\ProgramData\IObit => moved successfully
C:\Program Files (x86)\IObit => moved successfully
HKU\S-1-5-21-730528100-2434808331-2332212028-1001_Classes\CLSID\{0B7AD8D3-094A-44DE-A348-83C6C3FA347C} => removed successfully
HKU\S-1-5-21-730528100-2434808331-2332212028-1001_Classes\CLSID\{0E7BE950-4ACC-47CB-834B-41A8B96BBFF9} => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avast => removed successfully
HKLM\Software\Classes\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => not found
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\McCtxMenuFrmWrk => removed successfully
HKLM\Software\Classes\CLSID\{CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} => removed successfully
HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\00avast => removed successfully
HKLM\Software\Classes\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => not found
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
HKLM\Software\Classes\CLSID\{3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => not found
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\McCtxMenuFrmWrk => removed successfully
HKLM\Software\Classes\CLSID\{CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{0DD60C50-EDD2-41B7-8476-6B0E9BC1551F}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0DD60C50-EDD2-41B7-8476-6B0E9BC1551F}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{110B1B06-2C1F-4F84-8498-DFD7825BD3B2}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{110B1B06-2C1F-4F84-8498-DFD7825BD3B2}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{12AE9A2F-46FF-435B-9C59-7C9E3ECF0175}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{12AE9A2F-46FF-435B-9C59-7C9E3ECF0175}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{238FFE9F-0DB3-4BC2-99FF-BF2814D537CF}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{238FFE9F-0DB3-4BC2-99FF-BF2814D537CF}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\rundetector" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2919EC29-969D-47BE-89C8-290649EB8F50}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2919EC29-969D-47BE-89C8-290649EB8F50}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2AFE6628-D974-4E9D-965B-880CB8CD013C}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2AFE6628-D974-4E9D-965B-880CB8CD013C}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{80C25392-9FF3-4D23-ADFB-5DBD999D24B9}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{80C25392-9FF3-4D23-ADFB-5DBD999D24B9}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{86F3F7A2-6416-41F6-B93A-62D11E508641}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{86F3F7A2-6416-41F6-B93A-62D11E508641}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{89D66E60-8099-42B9-89D4-FD459BE9DC5F}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{89D66E60-8099-42B9-89D4-FD459BE9DC5F}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9915A635-6483-4A9C-8FD4-8ECBCFEFDE15}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9915A635-6483-4A9C-8FD4-8ECBCFEFDE15}" => removed successfully
C:\WINDOWS\System32\Tasks\Uninstaller_SkipUac_Dhayan_Franco_Rojas => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Uninstaller_SkipUac_Dhayan_Franco_Rojas" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{993C9A35-112B-4D92-BD79-77EA238E2218}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{993C9A35-112B-4D92-BD79-77EA238E2218}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A36B62EC-8DA5-42CF-8D2C-F4627EC2FC4A}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A36B62EC-8DA5-42CF-8D2C-F4627EC2FC4A}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B396E92B-109C-4CD8-8631-F9E59967004C}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B396E92B-109C-4CD8-8631-F9E59967004C}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\WPD\SqmUpload_S-1-5-21-730528100-2434808331-2332212028-1001" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CF2DF8ED-3375-4756-A620-7EFD61F3E359}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CF2DF8ED-3375-4756-A620-7EFD61F3E359}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager" => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E45B635F-C1D7-4508-AFB1-EDFCAC17C443}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E45B635F-C1D7-4508-AFB1-EDFCAC17C443}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{E4CCA408-2EE1-49A3-A0D5-5D59E0392137}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E4CCA408-2EE1-49A3-A0D5-5D59E0392137}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{EDF407D6-0BBA-4DD1-BCD0-16C027923397}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EDF407D6-0BBA-4DD1-BCD0-16C027923397}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig" => removed successfully
C:\WINDOWS\Tasks\Uninstaller_SkipUac_Dhayan_Franco_Rojas.job => moved successfully
C:\ProgramData\Temp => ":1FCE3F44" ADS removed successfully
HKU\S-1-5-21-730528100-2434808331-2332212028-1001\Software\Classes\regfile => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E7D010FC-B21A-44E8-85D0-D6002E1CCF33}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{3A871BD7-C5EF-4DE5-9344-C1E7A1A9A3DC}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{A7863DF5-86CC-4FF6-B603-4AE0B650BCAE}C:\program files\rstudio\bin\x64\rsession.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{965CF23A-E061-4E28-A26A-89FAFB179BDF}C:\program files\rstudio\bin\x64\rsession.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{335EB22E-2F3E-48E0-A975-248A20D22AFC}C:\program files\rstudio\bin\x64\rsession.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{FC8C0306-F9CE-4793-97C2-82CFCA51D635}C:\program files\rstudio\bin\x64\rsession.exe" => removed successfully
"C:\Users\Dhayan Franco Rojas\Desktop\am�rica latina y el caribe, una mirada al futuro desde los objetivos de desarrollo del milenio informe regional de monitoreo de los objetivos de desarrollo del milenio (odm) en am�rica latina y el caribe, 2015.pdf.opdownload" => not found
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

========= RemoveProxy: =========

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer => removed successfully
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully
"HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully
"HKU\S-1-5-21-730528100-2434808331-2332212028-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\S-1-5-21-730528100-2434808331-2332212028-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully


========= End of RemoveProxy: =========


========= netsh winsock reset =========


El cat logo Winsock se restableci¢ correctamente.
Debe reiniciar el equipo para completar el restablecimiento.


========= End of CMD: =========


========= ipconfig /renew =========


Configuraci¢n IP de Windows

No se puede realizar ninguna operaci¢n en Ethernet mientras los medios
est‚n desconectados.
No se puede realizar ninguna operaci¢n en Ethernet 2 mientras los medios
est‚n desconectados.
No se puede realizar ninguna operaci¢n en Conexi¢n de  rea local* 1 mientras los medios
est‚n desconectados.
No se puede realizar ninguna operaci¢n en Conexi¢n de  rea local* 5 mientras los medios
est‚n desconectados.
No se puede realizar ninguna operaci¢n en Conexi¢n de  rea local* 6 mientras los medios
est‚n desconectados.
No se puede realizar ninguna operaci¢n en Wi-Fi mientras los medios
est‚n desconectados.

========= End of CMD: =========


========= ipconfig /flushdns =========


Configuraci¢n IP de Windows

Se vaci¢ correctamente la cach‚ de resoluci¢n de DNS.

========= End of CMD: =========


========= bitsadmin /reset /allusers =========


BITSADMIN version 3.0
BITS administration utility.
(C) Copyright Microsoft Corp.

{BF6FE0E7-54FC-490C-9750-2ED3AE8E0163} canceled.
{D531CAAA-A3DE-4533-B6D9-76B0E5A57003} canceled.
2 out of 2 jobs canceled.

========= End of CMD: =========


========= netsh advfirewall reset =========

Aceptar


========= End of CMD: =========


========= netsh advfirewall set allprofiles state ON =========

Aceptar


========= End of CMD: =========


========= netsh int ipv4 reset =========

Reenv¡o de compartimiento se restableci¢ correctamente.
Compartimiento se restableci¢ correctamente.
Protocolo de control se restableci¢ correctamente.
Solicitud de secuencia eco se restableci¢ correctamente.
Global se restableci¢ correctamente.
Interfaz se restableci¢ correctamente.
Direcci¢n de difusi¢n por proximidad (a se restableci¢ correctamente.
Direcciones de multidifusi¢n se restableci¢ correctamente.
Direcci¢n de unidifusi¢n se restableci¢ correctamente.
Vecino se restableci¢ correctamente.
Ruta de acceso se restableci¢ correctamente.
Posible se restableci¢ correctamente.
Directiva de prefijo se restableci¢ correctamente.
Vecino de proxy se restableci¢ correctamente.
Ruta se restableci¢ correctamente.
Prefijo de sitio se restableci¢ correctamente.
Subinterfaz se restableci¢ correctamente.
Patr¢n de reactivaci¢n se restableci¢ correctamente.
Resolver vecino se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
Error al restablecer .
Acceso denegado.

 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.


========= End of CMD: =========


========= netsh int ipv6 reset =========

Reenv¡o de compartimiento se restableci¢ correctamente.
Compartimiento se restableci¢ correctamente.
Protocolo de control se restableci¢ correctamente.
Solicitud de secuencia eco se restableci¢ correctamente.
Global se restableci¢ correctamente.
Interfaz se restableci¢ correctamente.
Direcci¢n de difusi¢n por proximidad (a se restableci¢ correctamente.
Direcciones de multidifusi¢n se restableci¢ correctamente.
Direcci¢n de unidifusi¢n se restableci¢ correctamente.
Vecino se restableci¢ correctamente.
Ruta de acceso se restableci¢ correctamente.
Posible se restableci¢ correctamente.
Directiva de prefijo se restableci¢ correctamente.
Vecino de proxy se restableci¢ correctamente.
Ruta se restableci¢ correctamente.
Prefijo de sitio se restableci¢ correctamente.
Subinterfaz se restableci¢ correctamente.
Patr¢n de reactivaci¢n se restableci¢ correctamente.
Resolver vecino se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
Error al restablecer .
Acceso denegado.

 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.


========= End of CMD: =========


=========== EmptyTemp: ==========

BITS transfer queue => 10510336 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 152433487 B
Java, Flash, Steam htmlcache => 1186 B
Windows/system/drivers => 25480322 B
Edge => 106914 B
Chrome => 276275 B
Firefox => 1094540255 B
Opera => 207303072 B

Temp, IE cache, history, cookies, recent:
Default => 6656 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 40172 B
LocalService => 0 B
NetworkService => 77682 B
NetworkService => 0 B
Dhayan Franco Rojas => 66610499 B

RecycleBin => 0 B
EmptyTemp: => 1.5 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 12:27:49 ====

Hola

Vas a realizar una comprobación del disco usando CHKDSK, utiliza el “Método 3” de este manual

Después de reiniciar mira a ver si te deja eliminar ese fichero manualmente, sigue esta ruta:

C:\Users\Dhayan Franco Rojas\Desktop\américa latina y el caribe, una mirada al futuro desde los objetivos de desarrollo del milenio informe regional de monitoreo de los objetivos de desarrollo del milenio (odm) en américa latina y el caribe, 2015.pdf.opdownload

Comentas como ha ido.

Un saludo

Hola. Mi laptop lleva más de media hora en el análisis y solo va un 11% . Es normal?

Hola

Si, tranquilo, le llevará un tiempo :+1:

Un saludo

Cómo cuánto va a tomar?. Necesito usarla. :frowning: Tengo tarea

Hola

Si el disco está muy lleno y tiene un índice de fragmentación muy alto puede llegar a tardar bastantes horas, si necesitas usarla mejor que lo dejes hasta que no necesites PC, puedes realizarlo durante la noche.

Un saludo

Hola. Ya termino el proceso, tomo como 4 horas. Puse la ruta y nada. Traté de eliminar desde el explorador de archivos pero aún asi nada.

Hola @yanku_f.r y con permiso de @Daniela

Veamos SI con estos pasos conseguimos eliminar ese “extraño” archivo. :thinking:

Bien… y ahora sigue estos pasos, :arrow_forward: MUY Importante :arrow_backward: Realiza una copia de seguridad del registro :

  • Para hacerlo descarga :arrow_forward: DelFix.exe(en tu escritorio).

  • Doble clic para ejecutarlo.(Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona -Ejecutar como Administrador-).

  • Atención, ahora marca/selecciona únicamente la casilla :white_check_mark: Create registry backup, las demás casillas NO. :face_with_monocle:

  • Pulsar en Run.

Se abrirá el informe (DelFix.txt), guárdalo por si fuera necesario y cierra la herramienta.

:warning: Con los demás programas cerrados ve a :arrow_forward: Inicio :arrow_forward: Ejecutar :arrow_forward: y escribe Notepad.exe.

  • Ahora debes copiar y pegar los códigos/líneas que están en el interior del recuadro de más abajo, dentro del Notepad.
START
CREATERESTOREPOINT:
CLOSEPROCESSES:
Unlock: C:\Users\Dhayan Franco Rojas\Desktop\américa latina y el caribe, una mirada al futuro desde los objetivos de desarrollo del milenio informe regional de monitoreo de los objetivos de desarrollo del milenio (odm) en américa latina y el caribe, 2015.pdf.opdownload
C:\Users\Dhayan Franco Rojas\Desktop\américa latina y el caribe, una mirada al futuro desde los objetivos de desarrollo del milenio informe regional de monitoreo de los objetivos de desarrollo del milenio (odm) en américa latina y el caribe, 2015.pdf.opdownload
HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
END

Guárdalo bajo el nombre de FIXLIST.TXT en el escritorio :arrow_backward: Esto es muy importante.

:o: Nota :o: Es importante que la herramienta FRST.exe(Farbar Recovery Scanner Tool) y FIXLIST.TXT se encuentren en la misma ubicación (escritorio) o si no, no trabajara.

Y ahora usa el 2º MÉTODO: de esta Faq de Windows 8(aplicable a Windows 10) :arrow_forward: ¿Cómo iniciar Windows 8/8.1 en Modo Seguro?, para trabajar desde ese modo de windows.

  • Ejecuta FRST.exe.(Si usas Windows Vista/7/8 o 10, presiona clic derecho y seleccionas -Ejecutar como Administrador-).

  • Presionar el botón FIX y aguardar a que termine.

  • La Herramienta guardara el reporte de reparación en el escritorio (FIXLOG.TXT).

Pegar el contenido de este fichero en tu próxima respuesta. :+1:

Reiniciar el equipo y comprobar su funcionamiento en relación al problema planteado y comentarlo.

Saludos.