Ayuda Virus Norton aviso de renovación de licencia

Buenas tardes!! hace unos días que tengo problemas con ventanas emergentes de Norton a un costado del escritorio que no puedo eliminar. No tengo el Norton instalado por lo que no me aparece la opción en el panel de control para desintalarlo. Hay una publicación sobre este tema (se titula “necesito-ayuda-con-virus-ww2ouotoday-norton-security”) de la cual seguí los pasos pero no consigo deshacerme de los anuncios.

Detallo ahora los pasos: pasé estos programas en el orden indicado

Malwarebytes Anti-Malware AdwCleaner ZHPCleaner CCleaner

La primera vez que lo hice el virus dejó de molestarme y pensé que había conseguido sacarlo pero volvió a aparecer. Repetí el proceso y además pase el FRST64 y el SUPERAntiSpiryre pero no ha sucedido nada.

fotos del virus en los sig links:

Desde ya muchas gracias

Pd. Tengo window 10 de 64 bits

Hola @Luci_Cian Bienvenida al foro!!!

Pon los reportes de los programas que hayas utilizado para revisarlos.

Un saludo

Muchas gracias! estos son los reportes:

Malwarebytes Anti-Malware

1/5/20

Malwarebytes

www.malwarebytes.com

-Detalles del registro-

Fecha del análisis: 1/5/20

Hora del análisis: 14:07

Archivo de registro: 3a4343bc-8bce-11ea-9ae8-6cc2175d6980.json

-Información del software-

Versión: 4.1.0.56

Versión de los componentes: 1.0.889

Versión del paquete de actualización: 1.0.23276

Licencia: Prueba

-Información del sistema-

SO: Windows 10 (Build 18362.778)

CPU: x64

Sistema de archivos: NTFS

Usuario: DESKTOP-40MJQH1\Totoro

-Resumen del análisis-

Tipo de análisis: Análisis de amenazas

Análisis iniciado por:: Manual

Resultado: Completado

Objetos analizados: 288642

Amenazas detectadas: 29

Amenazas en cuarentena: 28

Tiempo transcurrido: 6 min, 24 seg

-Opciones de análisis-

Memoria: Activado

Inicio: Activado

Sistema de archivos: Activado

Archivo: Activado

Rootkits: Activado

Heurística: Activado

PUP: Detectar

PUM: Detectar

-Detalles del análisis-

Proceso: 0

(No hay elementos maliciosos detectados)

Módulo: 0

(No hay elementos maliciosos detectados)

Clave del registro: 3

PUP.Optional.SearchYa, HKU\S-1-5-21-2155867228-463568385-2336883251-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{993F5746-4C15-42BC-99C1-064A1764271B}, En cuarentena, 416, 242794, 1.0.23276, , ame,

PUP.Optional.WinYahoo, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}, En cuarentena, 240, 182758, , , ,

PUP.Optional.WinYahoo, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}, En cuarentena, 240, 182758, 1.0.23276, , ame,

Valor del registro: 3

PUP.Optional.SearchYa, HKU\S-1-5-21-2155867228-463568385-2336883251-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{993F5746-4C15-42BC-99C1-064A1764271B}|DISPLAYNAME, En cuarentena, 416, 242794, 1.0.23276, , ame,

PUP.Optional.WinYahoo, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|URL, En cuarentena, 240, 182758, 1.0.23276, , ame,

PUP.Optional.WinYahoo, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|URL, En cuarentena, 240, 182758, 1.0.23276, , ame,

Datos del registro: 1

PUP.Optional.WinYahoo, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|START PAGE, Sustituido, 240, 293461, 1.0.23276, , ame,

Secuencia de datos: 0

(No hay elementos maliciosos detectados)

Carpeta: 2

PUP.Optional.WinYahoo.TskLnk, C:\Users\Totoro\AppData\Local\{A9239F7F-8D8B-F3C7-E013-D62FC47B2AB7}\HowToRemove, En cuarentena, 880, 542290, , , ,

PUP.Optional.WinYahoo.TskLnk, C:\USERS\TOTORO\APPDATA\LOCAL\{A9239F7F-8D8B-F3C7-E013-D62FC47B2AB7}, En cuarentena, 880, 542290, 1.0.23276, , ame,

Archivo: 20

PUP.Optional.WinYahoo.TskLnk, C:\USERS\TOTORO\APPDATA\LOCAL\{A9239F7F-8D8B-F3C7-E013-D62FC47B2AB7}\HOWTOREMOVE\HOWTOREMOVE.HTML, En cuarentena, 880, 542290, 1.0.23276, , ame,

PUP.Optional.WinYahoo.TskLnk, C:\Users\Totoro\AppData\Local\{A9239F7F-8D8B-F3C7-E013-D62FC47B2AB7}\HowToRemove\chromium-min.jpg, En cuarentena, 880, 542290, , , ,

PUP.Optional.WinYahoo.TskLnk, C:\Users\Totoro\AppData\Local\{A9239F7F-8D8B-F3C7-E013-D62FC47B2AB7}\HowToRemove\control panel-min-min.JPG, En cuarentena, 880, 542290, , , ,

PUP.Optional.WinYahoo.TskLnk, C:\Users\Totoro\AppData\Local\{A9239F7F-8D8B-F3C7-E013-D62FC47B2AB7}\HowToRemove\down.png, En cuarentena, 880, 542290, , , ,

PUP.Optional.WinYahoo.TskLnk, C:\Users\Totoro\AppData\Local\{A9239F7F-8D8B-F3C7-E013-D62FC47B2AB7}\HowToRemove\ff menu.JPG, En cuarentena, 880, 542290, , , ,

PUP.Optional.WinYahoo.TskLnk, C:\Users\Totoro\AppData\Local\{A9239F7F-8D8B-F3C7-E013-D62FC47B2AB7}\HowToRemove\ff search engine-min.png, En cuarentena, 880, 542290, , , ,

PUP.Optional.WinYahoo.TskLnk, C:\Users\Totoro\AppData\Local\{A9239F7F-8D8B-F3C7-E013-D62FC47B2AB7}\HowToRemove\hp-min ff.png, En cuarentena, 880, 542290, , , ,

PUP.Optional.WinYahoo.TskLnk, C:\Users\Totoro\AppData\Local\{A9239F7F-8D8B-F3C7-E013-D62FC47B2AB7}\HowToRemove\hp-min ie.png, En cuarentena, 880, 542290, , , ,

PUP.Optional.WinYahoo.TskLnk, C:\Users\Totoro\AppData\Local\{A9239F7F-8D8B-F3C7-E013-D62FC47B2AB7}\HowToRemove\search engine.gif, En cuarentena, 880, 542290, , , ,

PUP.Optional.WinYahoo.TskLnk, C:\Users\Totoro\AppData\Local\{A9239F7F-8D8B-F3C7-E013-D62FC47B2AB7}\HowToRemove\setup pages.gif, En cuarentena, 880, 542290, , , ,

PUP.Optional.WinYahoo.TskLnk, C:\Users\Totoro\AppData\Local\{A9239F7F-8D8B-F3C7-E013-D62FC47B2AB7}\HowToRemove\sp-min.png, En cuarentena, 880, 542290, , , ,

PUP.Optional.WinYahoo.TskLnk, C:\Users\Totoro\AppData\Local\{A9239F7F-8D8B-F3C7-E013-D62FC47B2AB7}\HowToRemove\start-min.jpg, En cuarentena, 880, 542290, , , ,

PUP.Optional.WinYahoo.TskLnk, C:\Users\Totoro\AppData\Local\{A9239F7F-8D8B-F3C7-E013-D62FC47B2AB7}\HowToRemove\up.png, En cuarentena, 880, 542290, , , ,

PUP.Optional.WinYahoo.TskLnk, C:\Users\Totoro\AppData\Local\{A9239F7F-8D8B-F3C7-E013-D62FC47B2AB7}\cederedo, En cuarentena, 880, 542290, , , ,

PUP.Optional.WinYahoo.TskLnk, C:\Users\Totoro\AppData\Local\{A9239F7F-8D8B-F3C7-E013-D62FC47B2AB7}\roladadet, En cuarentena, 880, 542290, , , ,

PUP.Optional.WinYahoo.TskLnk, C:\Users\Totoro\AppData\Local\{A9239F7F-8D8B-F3C7-E013-D62FC47B2AB7}\uninst.exe, En cuarentena, 880, 542290, , , ,

PUP.Optional.WinYahoo.TskLnk, C:\Users\Totoro\AppData\Local\{A9239F7F-8D8B-F3C7-E013-D62FC47B2AB7}\uninstp.dat, En cuarentena, 880, 542290, , , ,

HackTool.Agent.KMS, C:\USERS\TOTORO\APPDATA\ROAMING\ZHP\QUARANTINE\ZHPCLEANER\KMSPICO\KMSELDI.EXE, En cuarentena, 7580, 700614, 1.0.23276, FE127395B1E1F2D763AB8611, dds, 00700800

HackTool.KMS, C:\USERS\TOTORO\APPDATA\ROAMING\ZHP\QUARANTINE\ZHPCLEANER\KMSPICO\AUTOPICO.EXE, En cuarentena, 1282, 769804, 1.0.23276, , ame,

HackTool.FilePatch, C:\PROGRAM FILES\DAEMON TOOLS PRO\2.EXE, Sin acciones por parte del usuario, 7528, 281135, 1.0.23276, 31FCE1AC93A108AAF20C3501, dds, 00700800

Sector físico: 0

(No hay elementos maliciosos detectados)

WMI: 0

(No hay elementos maliciosos detectados)

(end)

02/05/20

Malwarebytes

www.malwarebytes.com

-Detalles del registro-

Fecha del análisis: 2/5/20

Hora del análisis: 15:19

Archivo de registro: 6d1ef2c6-8ca1-11ea-a197-6cc2175d6980.json

-Información del software-

Versión: 4.1.0.56

Versión de los componentes: 1.0.889

Versión del paquete de actualización: 1.0.23326

Licencia: Prueba

-Información del sistema-

SO: Windows 10 (Build 18362.778)

CPU: x64

Sistema de archivos: NTFS

Usuario: System

-Resumen del análisis-

Tipo de análisis: Análisis de amenazas

Análisis iniciado por:: Programador de tareas

Resultado: Completado

Objetos analizados: 285280

Amenazas detectadas: 1

Amenazas en cuarentena: 1

Tiempo transcurrido: 9 min, 28 seg

-Opciones de análisis-

Memoria: Activado

Inicio: Activado

Sistema de archivos: Activado

Archivo: Activado

Rootkits: Desactivado

Heurística: Activado

PUP: Detectar

PUM: Detectar

-Detalles del análisis-

Proceso: 0

(No hay elementos maliciosos detectados)

Módulo: 0

(No hay elementos maliciosos detectados)

Clave del registro: 0

(No hay elementos maliciosos detectados)

Valor del registro: 0

(No hay elementos maliciosos detectados)

Datos del registro: 0

(No hay elementos maliciosos detectados)

Secuencia de datos: 0

(No hay elementos maliciosos detectados)

Carpeta: 0

(No hay elementos maliciosos detectados)

Archivo: 1

HackTool.FilePatch, C:\PROGRAM FILES\DAEMON TOOLS PRO\2.EXE, En cuarentena, 7528, 281135, 1.0.23326, 31FCE1AC93A108AAF20C3501, dds, 00702300

Sector físico: 0

(No hay elementos maliciosos detectados)

WMI: 0

(No hay elementos maliciosos detectados)

(end)

06/05/20

Malwarebytes

www.malwarebytes.com

-Detalles del registro-

Fecha del análisis: 6/5/20

Hora del análisis: 10:42

Archivo de registro: 7365fa02-8f9f-11ea-92dd-6cc2175d6980.json

-Información del software-

Versión: 4.1.0.56

Versión de los componentes: 1.0.889

Versión del paquete de actualización: 1.0.23516

Licencia: Prueba

-Información del sistema-

SO: Windows 10 (Build 18362.778)

CPU: x64

Sistema de archivos: NTFS

Usuario: DESKTOP-40MJQH1\Totoro

-Resumen del análisis-

Tipo de análisis: Análisis de amenazas

Análisis iniciado por:: Manual

Resultado: Completado

Objetos analizados: 287997

Amenazas detectadas: 0

Amenazas en cuarentena: 0

Tiempo transcurrido: 4 min, 34 seg

-Opciones de análisis-

Memoria: Activado

Inicio: Activado

Sistema de archivos: Activado

Archivo: Activado

Rootkits: Activado

Heurística: Activado

PUP: Detectar

PUM: Detectar

-Detalles del análisis-

Proceso: 0

(No hay elementos maliciosos detectados)

Módulo: 0

(No hay elementos maliciosos detectados)

Clave del registro: 0

(No hay elementos maliciosos detectados)

Valor del registro: 0

(No hay elementos maliciosos detectados)

Datos del registro: 0

(No hay elementos maliciosos detectados)

Secuencia de datos: 0

(No hay elementos maliciosos detectados)

Carpeta: 0

(No hay elementos maliciosos detectados)

Archivo: 0

(No hay elementos maliciosos detectados)

Sector físico: 0

(No hay elementos maliciosos detectados)

WMI: 0

(No hay elementos maliciosos detectados)

(end)

AdwCleaner

02/05/20

````
# -------------------------------
# Malwarebytes AdwCleaner 8.0.4.0
# -------------------------------
# Build:    04-03-2020
# Database: 2020-04-08.2 (Cloud)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start:    05-02-2020
# Duration: 00:00:42
# OS:       Windows 10 Home
# Scanned:  31802
# Detected: 17


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

PUP.Optional.Legacy             C:\Program Files (x86)\mipony
PUP.Optional.Legacy             C:\Users\Totoro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\mipony
PUP.Optional.Legacy             C:\Users\Totoro\AppData\Roaming\mipony

***** [ Files ] *****

PUP.Optional.Legacy             C:\Users\Totoro\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\MiPony.lnk

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

PUP.Optional.Legacy             C:\Windows\System32\Tasks\DRIVER BOOSTER SCHEDULER

***** [ Registry ] *****

PUP.Optional.Legacy             HKCU\Software\Microsoft\Internet Explorer\Main|Start Page
PUP.Optional.Legacy             HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|Web Companion
PUP.Optional.Legacy             HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8C267FB0-B41E-4A0A-B32E-1E7DD7318639} 
PUP.Optional.Legacy             HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Driver Booster Scheduler
PUP.Optional.Legacy             HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MiPony.exe
PUP.Optional.Legacy             HKLM\Software\Classes\mipony
PUP.Optional.Legacy             HKLM\Software\Classes\mpybrowser
PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\App Paths\MiPony.exe
PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\MiPony
PUP.Optional.WebCompanion       HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
PUP.Optional.WebCompanion       HKU\.DEFAULT\Software\Mozilla\NativeMessagingHosts\com.webcompanion.native
PUP.Optional.WebCompanion       HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Hosts File Entries ] *****

No malicious hosts file entries found.

***** [ Preinstalled Software ] *****

No Preinstalled Software found.



########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########

06/05/20

# -------------------------------
# Malwarebytes AdwCleaner 8.0.4.0
# -------------------------------
# Build:    04-03-2020
# Database: 2020-04-08.2 (Cloud)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start:    05-06-2020
# Duration: 00:00:54
# OS:       Windows 10 Home
# Scanned:  31802
# Detected: 0


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Hosts File Entries ] *****

No malicious hosts file entries found.

***** [ Preinstalled Software ] *****

No Preinstalled Software found.


AdwCleaner[S00].txt - [3065 octets] - [02/05/2020 16:31:15]
AdwCleaner[C00].txt - [2941 octets] - [02/05/2020 16:32:50]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S01].txt ##########

ZHPCleaner

 ZHPCleaner v2020.4.27.194 by Nicolas Coolman (2020/04/27)

~ Run by Totoro (Administrator) (01/05/2020 16:50:03)

~ Web: https://www.nicolascoolman.com

~ Blog: https://nicolascoolman.eu/

~ Facebook : https://www.facebook.com/nicolascoolman1

~ State version : Version OK

~ Certificate ZHPCleaner: Legal

~ Type : Reparar

~ Report : C:\Users\Totoro\Desktop\ZHPCleaner (R).txt

~ Quarantine : C:\Users\Totoro\AppData\Roaming\ZHP\ZHPCleaner_Reg.txt

~ UAC : Activate

~ Boot Mode : Normal (Normal boot)

Windows 10 Home, 64-bit (Build 18362)

---\ Alternate Data Stream (ADS). (0)

~ No malintencionados o innecesarios artículos encontrados. (ADS)

---\ Servicios (0)

~ No malintencionados o innecesarios artículos encontrados. (Servicio)

---\ Navegadores de Internet (1)

BORRADOS dados: HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\webcompanion.com\\http [Bad : Sensitive Websites] =>PUP.Optional.LavasoftWebCompanion

---\ Hosts carpeta (1)

~ El archivo hosts es legítimo (21)

---\ Tareas automáticas programadas. (0)

~ No malintencionados o innecesarios artículos encontrados. (Tarea)

---\ Explorador ( Archivos, Carpetas ) (9)

MOVIDO carpeta: C:\Users\Totoro\AppData\Roaming\Mozilla\Firefox\Profiles\typ5trjm.default\invalidprefs.js =>PUP.Optional.Legacy

MOVIDO carpeta: C:\Users\Totoro\Desktop\µTorrent.lnk [Bad : C:\Users\Totoro\AppData\Roaming\uTorrent\uTorrent.exe](.BitTorrent Inc..) =>BitTorrent (P2P)

MOVIDO carpeta: C:\Users\Totoro\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk [Bad : C:\Users\Totoro\AppData\Roaming\uTorrent\uTorrent.exe](.BitTorrent Inc..) =>BitTorrent (P2P)

MOVIDO carpeta: C:\Users\Totoro\AppData\Roaming\Mozilla\Firefox\Profiles\typ5trjm.default\searchplugins\yahoo.xml =>PUP.Optional.BDYahoo

MOVIDO carpeta*: C:\Program Files (x86)\Lavasoft\web companion =>PUP.Optional.LavasoftWebCompanion

MOVIDO archivo: C:\Program Files (x86)\lavasoft\web companion =>PUP.Optional.LavasoftWebCompanion

MOVIDO archivo: C:\Program Files (x86)\QuickTime =>Riskware.QuickTime

MOVIDO archivo: C:\ProgramData\Application Data\lavasoft\web companion =>PUP.Optional.LavasoftWebCompanion

MOVIDO archivo: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime =>Riskware.QuickTime

---\ Registro ( Claves, Valores, Datos) (10)

BORRADOS clave*: HKU\S-1-5-21-2155867228-463568385-2336883251-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com [AdditionalScan 50] =>PUP.Optional.LavasoftWebCompanion

BORRADOS clave*: HKCU\Software\Lavasoft\Web Companion [AdditionalScan 80] =>PUP.Optional.LavasoftWebCompanion

BORRADOS clave**: HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com [AdditionalScan 262] =>PUP.Optional.LavasoftWebCompanion

BORRADOS clave*: HKLM\SOFTWARE\Wow6432Node\IObit\Driver Booster [AdditionalScan 289] =>.SUP.DriverBoost

BORRADOS clave*: HKLM\SOFTWARE\Wow6432Node\Lavasoft\Web Companion [AdditionalScan 303] =>PUP.Optional.LavasoftWebCompanion

BORRADOS clave*: HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Driver Booster_is1 [AdditionalScan 367] =>.SUP.DriverBoost

BORRADOS clave**: HKLM\SOFTWARE\Lavasoft\Web Companion [AdditionalScan 423] =>PUP.Optional.LavasoftWebCompanion

BORRADOS clave*: HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\uTorrent [BitTorrent Inc.] =>BitTorrent (P2P)

BORRADOS clave*: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{8B29D47F-92E2-4C20-9EE0-F710991F5D7C}_is1 [KMSpico] =>HackTool.KMSpico

BORRADOS valor: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\Web Companion [C:\Program Files (x86)\Lavasoft\Web Companion\Appl] =>PUP.Optional.LavasoftWebCompanion

---\ Resumen de elementos en su estación de trabajo (7)

https://nicolascoolman.eu/2017/03/12/superfluous-lavasoftwebcompanion/ =>PUP.Optional.LavasoftWebCompanion

https://nicolascoolman.eu/forum/Topic/legacy-logiciel-potentiellement-indesirable-pup-lpi/ =>PUP.Optional.Legacy

https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/ =>BitTorrent (P2P)

https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/ =>PUP.Optional.BDYahoo

https://nicolascoolman.eu/2017/01/15/riskware-quicktime/ =>Riskware.QuickTime

https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.SUP.DriverBoost

https://nicolascoolman.eu/2017/02/16/hacktool-kmspico/ =>HackTool.KMSpico

---\ Limpieza adicional. (20)

~ Clave de registro Tracing borrados (18)

~ Quitar los antiguos informes de ZHPCleaner. (2)

---\ Resultado de la reparación.

~ Reparación llevada a cabo con éxito

~ Google Chrome OK

~ Mozilla Firefox OK

~ Internet Explorer OK

---\ STATISTIQUES

~ Items escaneado : 1541

~ Items encontrado : 0

~ artículos cancelados : 0

~ Ahorro de espacio (bytes) : 0

~ Items opciones : 8/15

---\ OPCIONES NO ACTIVAS

~ Análisis temporal de archivos

~ Análisis temporal de carpetas

~ Análisis de CLSID de carpetas vacías

~ Vaciar otro análisis de carpetas

~ Análisis de carpetas locales vacías

~ Análisis de archivos de instalación obsoleto

~ End of clean in 00h01mn04s

---\ Reporte (2)

ZHPCleaner-[S]-01052020-15_55_16.txt

ZHPCleaner-[R]-01052020-16_51_07.txt````

SUPERAntiSpiryre

05/05/20

https://www.superantispyware.com

Generated 05/05/2020 at 05:28 PM

Application Version : 8.0.1052
Database Version : 16097

Scan type       : Complete Scan
Total Scan Time : 00:40:51

Operating System Information
Windows 10 Home 64-bit (Build 10.00.18362)
UAC On - Administrator

Memory items scanned      : 1130
Memory items detected   : 0
Registry items scanned    : 68726
Registry items detected : 0
File items scanned        : 45288
File items detected     : 345

Adware.Tracking Cookie
	.1rx.io\_rxuuid [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.33across.com\33x_ps [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.360yield.com\tuuid [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.360yield.com\tuuid_lu [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.3lift.com\sync [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.3lift.com\tluid [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.aaxads.com\aax-vsid [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.acuityplatform.com\auid [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.acuityplatform.com\aum [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.adaptv.advertising.com\adaptv_unique_user_cookie [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.addthis.com\na_id [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.addthis.com\na_tc [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.addthis.com\ouid [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.addthis.com\uid [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.adentifi.com\adtheorent-legacy[cuid] [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.adentifi.com\adtheorent[cuid] [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.adfarm1.adition.com\UserID1 [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.adform.net\uid [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.adgrx.com\ADGRX_CM_RUBICON_BRIDGED [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.adgrx.com\ADGRX_UID [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.adhaven.com\uid [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.adhigh.net\gi_u [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.adhigh.net\pubmatic_sync [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.admanmedia.com\admtr [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.admanmedia.com\tbl_id [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.admanmedia.com\ttd_id [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.adnxs.com\anj [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.adnxs.com\icu [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.adnxs.com\uuid2 [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.adobe.demdex.net\adobe [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.adotmob.com\partners [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.adotmob.com\uid [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.adotmob.com\uuid [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.ads.linkedin.com\lang [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.adsby.bidtheatre.com\__kuid [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.adsrvr.org\TDCPM [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.adsrvr.org\TDID [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.adsymptotic.com\U [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.advangelists.com\avnguid [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.advertising.com\APID [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.advertising.com\IDSYNC [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.agkn.com\ab [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.agkn.com\u [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.amazon-adsystem.com\ad-id [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.amazon-adsystem.com\ad-privacy [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.atdmt.com\ATN [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.betweendigital.com\dc [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.betweendigital.com\ss [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.betweendigital.com\tuuid [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.betweendigital.com\ut [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.bfmio.com\__103_cid [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.bfmio.com\__103_exp [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.bfmio.com\__106_cid [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.bfmio.com\__bfio_sync [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.bfmio.com\__io_cid [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.bidr.io\bito [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.bidr.io\bitoIsSecure [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.bidswitch.net\c [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.bidswitch.net\tuuid [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.bidswitch.net\tuuid_lu [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.blismedia.com\b [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.bluekai.com\bkdc [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.bluekai.com\bku [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.brand-display.com\SameSite [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.brand-display.com\_knxq_ [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.c.appier.net\_auid [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.casalemedia.com\CMDD [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.casalemedia.com\CMID [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.casalemedia.com\CMPRO [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.casalemedia.com\CMPS [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.casalemedia.com\CMRUM3 [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.casalemedia.com\CMST [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.casalemedia.com\CMSUM [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.connexity.net\COu [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.contextweb.com\V [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.contextweb.com\pb_rtb_ev [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.criteo.com\uid [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.crwdcntrl.net\_cc_aud [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.crwdcntrl.net\_cc_cc [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.crwdcntrl.net\_cc_dc [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.crwdcntrl.net\_cc_id [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.cxense.com\gckp [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.deepintent.com\113 [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.deepintent.com\CDIUSER [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.demdex.net\demdex [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.dlx.addthis.com\na_rn [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.dlx.addthis.com\na_sc_e [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.dlx.addthis.com\na_sr [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.dlx.addthis.com\na_srp [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.dotomi.com\DotomiTest [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.doubleclick.net\DSID [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.doubleclick.net\IDE [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.dpm.demdex.net\dpm [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.dyntrk.com\dyn_u [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.emerse.com\euid [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.eqads.com\EQUser [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.everesttech.net\everest_g_v2 [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.exelator.com\EE [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.exelator.com\ud [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.exelator.com\udo [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.extend.tv\extendtv_user_id [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.eyeota.net\mako_uid [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.eyereturn.com\er_guid [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.flashtalking.com\_D9J [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.flashtalking.com\flashtalkingad1 [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.fwmrm.net\_uid [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.geistm.com\gdpid [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.go.sonobi.com\__uis [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.googleadservices.com\AID [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.gumgum.com\vst [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.hybrid.ai\vid [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.id5-sync.com\3pi [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.id5-sync.com\callback [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.id5-sync.com\car [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.id5-sync.com\cf [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.id5-sync.com\cip [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.id5-sync.com\cnac [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.id5-sync.com\gdpr [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.id5-sync.com\id5 [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.infolinks.com\33AUSERCOOKIE [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.infolinks.com\ANUSERCOOKIE [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.infolinks.com\IXUSERCOOKIE [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.infolinks.com\KADUSERCOOKIE [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.infolinks.com\OTUSERCOOKIE [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.infolinks.com\OUTHUSERCOOKIE [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.infolinks.com\PUBMUSERCOOKIE [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.infolinks.com\R1USERCOOKIE [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.infolinks.com\RBCUSERCOOKIE [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.infolinks.com\SONOBIUSERCOOKIE [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.infolinks.com\SOVRNUSERCOOKIE [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.infolinks.com\ZMNUSERCOOKIE [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.infolinks.com\cuid [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.infolinks.com\tv [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.innovid.com\uuid [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.iperceptions.com\incap_ses_1233_1876103 [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.iperceptions.com\visid_incap_1876103 [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.ipredictive.com\cu [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.iqoption.com\AffTrackGroup [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.iqoption.com\afftrack [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.iqoption.com\retrack [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.krxd.net\_kuid_ [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.liadm.com\lidid [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.lijit.com\ljt_reader [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.lijit.com\ljtrtb [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.lkqd.net\lkqdid [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.lkqd.net\lkqdidts [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.lkqd.net\p_0 [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.lkqd.net\sr12 [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.lkqd.net\sr22 [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.lkqd.net\sr23 [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.lkqd.net\sr25 [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.lkqd.net\sr37 [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.lkqd.net\sr39 [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.lkqd.net\sr45 [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.lkqd.net\sr52 [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.lkqd.net\sr53 [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.lkqd.net\sr55 [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.lkqd.net\sr59 [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.lkqd.net\sr6 [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.lkqd.net\sr60 [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.lkqd.net\sr7 [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.lkqd.net\sr76 [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.lkqd.net\sr77 [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.lkqd.net\sr80 [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.lkqd.net\sr81 [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.lkqd.net\sr85 [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.lkqd.net\sr86 [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.lkqd.net\sr90 [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.mathtag.com\mt_mop [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.mathtag.com\uuid [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.mfadsrvr.com\bsw_uid [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.mfadsrvr.com\c [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.mfadsrvr.com\tuuid [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.mfadsrvr.com\tuuid_lu [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.ml314.com\pi [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.mookie1.com\id [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.mookie1.com\mdata [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.mookie1.com\ov [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.mookie1.com\syncdata_ADF [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.mookie1.com\syncdata_AN [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.mookie1.com\syncdata_DBC [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.mookie1.com\syncdata_IOW [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.mookie1.com\syncdata_TAP [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.mookie1.com\syncdata_TTD [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.mxptint.net\mxpim [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.navdmp.com\nid [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.nr-data.net\JSESSIONID [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.omnitagjs.com\ayl_visitor [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.onaudience.com\cookie [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.onaudience.com\done_redirects162 [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.openx.net\i [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.openx.net\pd [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.openx.net\univ_id [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.outbrain.com\actvagnt [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.outbrain.com\apnxs [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.outbrain.com\bdswch [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.outbrain.com\criteo [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.outbrain.com\mdfrc [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.outbrain.com\obuid [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.outbrain.com\recs_61ace76f1d0dd6dfd1bdb8b7cae147a7 [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.outbrain.com\rtbhs [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.outbrain.com\ttd [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.owneriq.net\p2 [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.owneriq.net\pmc [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.owneriq.net\si [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.pippio.com\did [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.pippio.com\didts [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.pippio.com\nnls [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.pippio.com\pxrc [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.pswec.com\c [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.pswec.com\tuuid [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.pswec.com\tuuid_lu [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.pubmatic.com\DPSync3 [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.pubmatic.com\KADUSERCOOKIE [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.pubmatic.com\KRTBCOOKIE_1003 [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.pubmatic.com\KRTBCOOKIE_1051 [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.pubmatic.com\KRTBCOOKIE_107 [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.pubmatic.com\KRTBCOOKIE_1074 [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.pubmatic.com\KRTBCOOKIE_1205 [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.pubmatic.com\KRTBCOOKIE_148 [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.pubmatic.com\KRTBCOOKIE_153 [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.pubmatic.com\KRTBCOOKIE_188 [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.pubmatic.com\KRTBCOOKIE_218 [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.pubmatic.com\KRTBCOOKIE_22 [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.pubmatic.com\KRTBCOOKIE_27 [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.pubmatic.com\KRTBCOOKIE_279 [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.pubmatic.com\KRTBCOOKIE_286 [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.pubmatic.com\KRTBCOOKIE_32 [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.pubmatic.com\KRTBCOOKIE_330 [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.pubmatic.com\KRTBCOOKIE_377 [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.pubmatic.com\KRTBCOOKIE_391 [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.pubmatic.com\KRTBCOOKIE_466 [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.pubmatic.com\KRTBCOOKIE_52 [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.pubmatic.com\KRTBCOOKIE_57 [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.pubmatic.com\KRTBCOOKIE_594 [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.pubmatic.com\KRTBCOOKIE_653 [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.pubmatic.com\KRTBCOOKIE_699 [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.pubmatic.com\KRTBCOOKIE_734 [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.pubmatic.com\KRTBCOOKIE_80 [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.pubmatic.com\KRTBCOOKIE_904 [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.pubmatic.com\KRTBCOOKIE_945 [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.pubmatic.com\KRTBCOOKIE_964 [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.pubmatic.com\KTPCACOOKIE [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.pubmatic.com\PMDTSHR [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.pubmatic.com\PUBMDCID [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.pubmatic.com\PugT [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.pubmatic.com\SPugT [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.pubmatic.com\SyncRTB3 [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.pubmatic.com\chkChromeAb67Sec [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.pubmatic.com\pp [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.retargetly.com\_rlid [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.rfihub.com\eud [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.rfihub.com\rud [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.rfihub.com\smd [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.rlcdn.com\pxrc [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.rlcdn.com\rlas3 [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.rubiconproject.com\audit [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.rubiconproject.com\khaos [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.rubiconproject.com\ses10 [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.rubiconproject.com\vis10 [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.scorecardresearch.com\UID [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.scorecardresearch.com\UIDR [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.simpli.fi\suid [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.simpli.fi\suid_legacy [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.sitescout.com\_ssum [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.sitescout.com\ssi [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.smadex.com\smxtrack [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.smartadserver.com\TestIfCookieP [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.smartadserver.com\Trk0 [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.smartadserver.com\csfq [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.smartadserver.com\csync [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.smartadserver.com\dyncdn [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.smartadserver.com\lcsrd [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.smartadserver.com\pbw [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.smartadserver.com\pdomid [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.smartadserver.com\pid [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.smartadserver.com\rpools [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.smartadserver.com\sasd [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.smartadserver.com\sasd2 [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.spotxchange.com\audience [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.srv.stackadapt.com\sa-user-id [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.srv.stackadapt.com\sa-user-id-v2 [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.taboola.com\t_gid [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.tapad.com\TapAd_3WAY_SYNCS [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.tapad.com\TapAd_DID [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.tapad.com\TapAd_TS [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.teads.tv\cs [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.teads.tv\tt_viewer [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.technoratimedia.com\tads_uid [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.track.afcpatrk.com\a0a2a3c3-91f9-4cd4-94f1-653be721bd4e-v4 [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.track.afcpatrk.com\cep-v4 [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.tremorhub.com\tv_UIGL [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.tremorhub.com\tv_UISTB [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.tremorhub.com\tvid [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.tremorhub.com\tvrg_61061 [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.tremorhub.com\tvssa [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.tribalfusion.com\ANON_ID [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.tribalfusion.com\ANON_ID_old [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.turn.com\uid [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.w55c.net\matchbluekai [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.w55c.net\matchcasale [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.w55c.net\matchgoogle [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.w55c.net\matchliveramp [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.w55c.net\matchpubmatic [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.w55c.net\wfivefivec [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.zemanta.com\zuid [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.zeotap.com\zc [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.zeotap.com\zc1 [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.zeotap.com\zsc [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	ads.stickyadstv.com\UID [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	ads.stickyadstv.com\uid-bp-159 [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	ads.stickyadstv.com\uid-bp-26913 [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	ads.stickyadstv.com\uid-bp-35873 [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	ads.stickyadstv.com\uid-bp-35889 [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	ads.stickyadstv.com\uid-bp-45 [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	ads.stickyadstv.com\uid-bp-529 [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	ads.stickyadstv.com\uid-bp-617 [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	ads.stickyadstv.com\uid-bp-717 [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	ads.stickyadstv.com\uid-bp-892 [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	ads.stickyadstv.com\uid-bp-951 [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	bttrack.com\GLOBALID [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	e.serverbid.com\azk [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	es-suncopperland.videoplaza.tv\pid [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	es-sunelespanol.videoplaza.tv\pid [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	es-sunicontent.videoplaza.tv\VP-DMP [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	es-sunicontent.videoplaza.tv\pid [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	eus.rubiconproject.com\pux [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	i.liadm.com\_li_ss [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	in.getclicky.com\cluid [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	iqoption.com\connection_track [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	tracker.affiliate.iqoption.com\tsd [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	www.crehana.com\first_click [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	www.crehana.com\last_click [ C:\USERS\TOTORO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
	.googleadservices.com [ C:\USERS\TOTORO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TYP5TRJM.DEFAULT\COOKIES.SQLITE ]
	www.googleadservices.com [ C:\USERS\TOTORO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TYP5TRJM.DEFAULT\COOKIES.SQLITE ]
	.doubleclick.net [ C:\USERS\TOTORO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TYP5TRJM.DEFAULT\COOKIES.SQLITE ]

Hack.Tool/Gen-Patcher
	D:\DESCARGAS\PROGRAMAS\ADBCC19-MLNG-CRCK-ZRCD3\ADOBE.CC.2019.MULTI.INCL.CRACK-ZER0COD3\_PATCH\ADOBE.AFTER.EFFECTS.CC.2019.[X64].PATCH-MPT\ADOBE.AFTER.EFFECTS.CC.2019.[X64]-MPT.EXE
	D:\DESCARGAS\PROGRAMAS\ADBCC19-MLNG-CRCK-ZRCD3\ADOBE.CC.2019.MULTI.INCL.CRACK-ZER0COD3\_PATCH\ADOBE.CHARACTER.ANIMATOR.CC.2019.[X64].PATCH-MPT\ADOBE.CHARACTER.ANIMATOR.CC.2019.[X64]-MPT.EXE
	D:\DESCARGAS\PROGRAMAS\ADBCC19-MLNG-CRCK-ZRCD3\ADOBE.CC.2019.MULTI.INCL.CRACK-ZER0COD3\_PATCH\ADOBE.DREAMWEAVER.CC.2019.[X64].PATCH-MPT\ADOBE.DREAMWEAVER.CC.2019.[X64]-MPT.EXE
	D:\DESCARGAS\PROGRAMAS\ADBCC19-MLNG-CRCK-ZRCD3\ADOBE.CC.2019.MULTI.INCL.CRACK-ZER0COD3\_PATCH\ADOBE.ILLUSTRATOR.CC.2019.[X64].PATCH-MPT\ADOBE.ILLUSTRATOR.CC.2019.[X64]-MPT.EXE
	D:\DESCARGAS\PROGRAMAS\ADBCC19-MLNG-CRCK-ZRCD3\ADOBE.CC.2019.MULTI.INCL.CRACK-ZER0COD3\_PATCH\ADOBE.LIGHTROOM.CC.8.0.[X64].PATCH-MPT\ADOBE.LIGHTROOM.CC.8.0.[X64]-MPT.EXE
	D:\DESCARGAS\PROGRAMAS\ADBCC19-MLNG-CRCK-ZRCD3\ADOBE.CC.2019.MULTI.INCL.CRACK-ZER0COD3\_PATCH\ADOBE.PHOTOSHOP.CC.2019.PATCH-MPT\ADOBE.PHOTOSHOP.CC.2019.[X64]-MPT.EXE
	D:\DESCARGAS\PROGRAMAS\ADBCC19-MLNG-CRCK-ZRCD3\ADOBE.CC.2019.MULTI.INCL.CRACK-ZER0COD3\_PATCH\ADOBE.PREMIERE.PRO.CC.2019.[X64].PATCH-MPT\ADOBE.PREMIERE.PRO.CC.2019.[X64]-MPT.EXE
	D:\DESCARGAS\PROGRAMAS\SONY VEGAS\OTHER FIXS\VEGAS.PRO.13.0.(64-BIT)-PATCH.EXE

Hack.Tool/Gen-KeyGen
	D:\DESCARGAS\PROGRAMAS\SONY VEGAS\KEYGEN - PATCH\KEYGEN.EXE

============
 End of Log 
============

06/05/20

SUPERAntiSpyware System Investigator
miércoles, 6 de mayo de 2020 at 10:34:08

Legend:
[?] = Unknown/unverified items
[T] = Trusted items
[X] = Known bad/unwanted items
[-] = Removed items

===============
Unknown Items 
===============

=== Windows User Startup ===

[?] chrome.exe
    [Totoro] %LocalAppData%\chromium\APPLICATION

[?] CCLEANER64.EXE
    %ProgramFiles%\CCleaner

[?] CCXPROCESS.EXE
    [32-bit] %ProgramFiles%\Adobe\ADOBE CREATIVE CLOUD EXPERIENCE

[?] SUPERANTISPYWARE.EXE
    %ProgramFiles%\SUPERANTISPYWARE

[?] AGCINVOKERUTILITY.EXE
    [32-bit] %CommonProgramFiles%\Adobe\ADOBEGCCLIENT

[?] AvLaunch.exe
    %ProgramFiles%\AVAST SOFTWARE\Avast

=== Internet Browser Plugins ===

[?] Slides
    Google Chrome Browser Extension

[?] Avast SafePrice | Comparison, deals, coupons
    Google Chrome Browser Extension

[?] Sheets
    Google Chrome Browser Extension

[?] Google Docs Offline
    Google Chrome Browser Extension

[?] CHROME MEDIA ROUTER
    Google Chrome Browser Extension

=== Installed Applications ===

[?] DAEMON Tools Pro
    Disc Soft Ltd

[?] MediBang Paint Pro 23.2 (64-bit)
    Medibang

[?] Mozilla Firefox 75.0 (x64 es-AR)
    Mozilla

[?] Microsoft Office Professional Plus 2016
    Microsoft Corporation

[?] Update for Windows 10 for x64-based Systems (KB4023057)
    Microsoft Corporation

[?] Vegas Pro 13.0 (64-bit)
    Sony

[?] MSVCRT Redists
    Sony Creative Software Inc.

[?] Update for Windows 10 for x64-based Systems (KB4480730)
    Microsoft Corporation

[?] Malwarebytes version 4.1.0.56
    Malwarebytes

[?] Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40660
    Microsoft Corporation

[?] Microsoft Office Professional Plus 2016
    Microsoft Corporation

[?] Security Update for Microsoft Office 2016 (KB3115135) 64-Bit Edition
    Microsoft

[?] Update for Microsoft Office 2016 (KB4022133) 64-Bit Edition
    Microsoft

[?] Update for Skype for Business 2016 (KB4032255) 64-Bit Edition
    Microsoft

[?] Update for Microsoft Office 2016 (KB3213650) 64-Bit Edition
    Microsoft

[?] Security Update for Microsoft Excel 2016 (KB4032229) 64-Bit Edition
    Microsoft

[?] Security Update for Microsoft Office 2016 (KB4032233) 64-Bit Edition
    Microsoft

[?] Update for Microsoft Office 2016 (KB4011259) 64-Bit Edition
    Microsoft

[?] Update for Microsoft Office 2016 (KB4011218) 64-Bit Edition
    Microsoft

[?] Definition Update for Microsoft Office 2016 (KB3115407) 64-Bit Edition
    Microsoft

[?] Update for Microsoft Office 2016 (KB4022223) 64-Bit Edition
    Microsoft

[?] Update for Microsoft Office 2016 (KB3115276) 64-Bit Edition
    Microsoft

[?] Update for Microsoft PowerPoint 2016 (KB4018368) 64-Bit Edition
    Microsoft

[?] Update for Microsoft Office 2016 (KB2920684) 64-Bit Edition
    Microsoft

[?] Update for Microsoft Office 2016 (KB4022193) 64-Bit Edition
    Microsoft

[?] Update for Microsoft Office 2016 (KB3141457) 64-Bit Edition
    Microsoft

[?] Update for Microsoft Office 2016 (KB3203479) 64-Bit Edition
    Microsoft

[?] Security Update for Microsoft Office 2016 (KB4011628) 64-Bit Edition
    Microsoft

[?] Security Update for Microsoft Office 2016 (KB3085538) 64-Bit Edition
    Microsoft

[?] Update for Microsoft Office 2016 (KB4018324) 64-Bit Edition
    Microsoft

[?] Update for Microsoft Word 2016 (KB4032258) 64-Bit Edition
    Microsoft

[?] Security Update for Microsoft Access 2016 (KB4018338) 64-Bit Edition
    Microsoft

[?] Update for Microsoft Office 2016 (KB4022158) 64-Bit Edition
    Microsoft

[?] Update for Microsoft Office 2016 (KB3115081) 64-Bit Edition
    Microsoft

[?] Security Update for Microsoft Office 2016 (KB3213551) 64-Bit Edition
    Microsoft

[?] Update for Microsoft Office 2016 (KB4011225) 64-Bit Edition
    Microsoft

[?] Update for Microsoft Office 2016 (KB3118262) 64-Bit Edition
    Microsoft

[?] Update for Microsoft Office 2016 (KB4032234) 64-Bit Edition
    Microsoft

[?] Update for Microsoft Project 2016 (KB4032238) 64-Bit Edition
    Microsoft

[?] Security Update for Microsoft Outlook 2016 (KB4032235) 64-Bit Edition
    Microsoft

[?] Update for Microsoft Office 2016 (KB2920720) 64-Bit Edition
    Microsoft

[?] Update for Microsoft Office 2016 (KB2910954) 64-Bit Edition
    Microsoft

[?] Update for Microsoft Office 2016 (KB4011634) 64-Bit Edition
    Microsoft

[?] Update for Microsoft Office 2016 (KB3114903) 64-Bit Edition
    Microsoft

[?] Update for Microsoft Office 2016 (KB3118263) 64-Bit Edition
    Microsoft

[?] Security Update for Microsoft Office 2016 (KB4022172) 64-Bit Edition
    Microsoft

[?] Update for Microsoft Office 2016 (KB3178662) 64-Bit Edition
    Microsoft

[?] Update for Microsoft Office 2016 (KB4011667) 64-Bit Edition
    Microsoft

[?] Update for Microsoft Office 2016 (KB3191929) 64-Bit Edition
    Microsoft

[?] Update for Microsoft Office 2016 (KB2920712) 64-Bit Edition
    Microsoft

[?] Update for Microsoft Office 2016 (KB2920724) 64-Bit Edition
    Microsoft

[?] Update for Microsoft Office 2016 (KB3118264) 64-Bit Edition
    Microsoft

[?] Update for Microsoft Office 2016 (KB4011630) 64-Bit Edition
    Microsoft

[?] Update for Microsoft OneNote 2016 (KB4022216) 64-Bit Edition
    Microsoft

[?] Update for Microsoft Publisher 2016 (KB3178696) 64-Bit Edition
    Microsoft

[?] Update for Microsoft Office 2016 (KB4011035) 64-Bit Edition
    Microsoft

[?] Update for Microsoft OneDrive for Business (KB4022219) 64-Bit Edition
    Microsoft

[?] Security Update for Microsoft Office 2016 (KB4022176) 64-Bit Edition
    Microsoft

[?] Update for Microsoft Visio 2016 (KB4018325) 64-Bit Edition
    Microsoft

[?] Update for Microsoft Office 2016 (KB2920678) 64-Bit Edition
    Microsoft

[?] Security Update for Microsoft Office 2016 (KB4022177) 64-Bit Edition
    Microsoft

[?] Update for Microsoft Office 2016 (KB3191864) 64-Bit Edition
    Microsoft

[?] Update for Microsoft Office 2016 (KB3178666) 64-Bit Edition
    Microsoft

[?] Security Update for Microsoft Office 2016 (KB4011143) 64-Bit Edition
    Microsoft

[?] Security Update for Microsoft Office 2016 (KB4011574) 64-Bit Edition
    Microsoft

[?] Update for Microsoft Office 2016 (KB4011569) 64-Bit Edition
    Microsoft

[?] Microsoft Access MUI (Spanish) 2016
    Microsoft Corporation

[?] Security Update for Microsoft Access 2016 (KB4018338) 64-Bit Edition
    Microsoft

[?] Microsoft Excel MUI (Spanish) 2016
    Microsoft Corporation

[?] Security Update for Microsoft Excel 2016 (KB4032229) 64-Bit Edition
    Microsoft

[?] Update for Microsoft Office 2016 (KB4011218) 64-Bit Edition
    Microsoft

[?] Microsoft PowerPoint MUI (Spanish) 2016
    Microsoft Corporation

[?] Security Update for Microsoft Excel 2016 (KB4032229) 64-Bit Edition
    Microsoft

[?] Update for Microsoft PowerPoint 2016 (KB4018368) 64-Bit Edition
    Microsoft

[?] Microsoft Publisher MUI (Spanish) 2016
    Microsoft Corporation

[?] Update for Microsoft Publisher 2016 (KB3178696) 64-Bit Edition
    Microsoft

[?] Microsoft Outlook MUI (Spanish) 2016
    Microsoft Corporation

[?] Update for Microsoft Word 2016 (KB4032258) 64-Bit Edition
    Microsoft

[?] Security Update for Microsoft Outlook 2016 (KB4032235) 64-Bit Edition
    Microsoft

[?] Microsoft Word MUI (Spanish) 2016
    Microsoft Corporation

[?] Security Update for Microsoft Excel 2016 (KB4032229) 64-Bit Edition
    Microsoft

[?] Update for Microsoft Word 2016 (KB4032258) 64-Bit Edition
    Microsoft

[?] Eines de correcció del Microsoft Office 2016: català
    Microsoft Corporation

[?] Update for Microsoft Office 2016 (KB3178662) 64-Bit Edition
    Microsoft

[?] Microsoft Office Proofing Tools 2016 - English
    Microsoft Corporation

[?] Update for Microsoft Office 2016 (KB3178662) 64-Bit Edition
    Microsoft

[?] Revisores de Texto do Microsoft Office 2016 – Português (Brasil)
    Microsoft Corporation

[?] Update for Microsoft Office 2016 (KB3178662) 64-Bit Edition
    Microsoft

[?] Microsoft Office zuzenketa-tresnak 2016 - Euskara
    Microsoft Corporation

[?] Ferramentas de verificación de Microsoft Office 2016 - Galego
    Microsoft Corporation

[?] Herramientas de corrección de Microsoft Office 2016: español
    Microsoft Corporation

[?] Update for Microsoft Office 2016 (KB3178662) 64-Bit Edition
    Microsoft

[?] Microsoft Office Proofing (Spanish) 2016
    Microsoft Corporation

[?] Microsoft InfoPath MUI (Spanish) 2016
    Microsoft Corporation

[?] Microsoft Office Shared MUI (Spanish) 2016
    Microsoft Corporation

[?] Security Update for Microsoft Office 2016 (KB4032233) 64-Bit Edition
    Microsoft

[?] Update for Microsoft Office 2016 (KB4022223) 64-Bit Edition
    Microsoft

[?] Security Update for Microsoft Office 2016 (KB3213551) 64-Bit Edition
    Microsoft

[?] Security Update for Microsoft Office 2016 (KB4022176) 64-Bit Edition
    Microsoft

[?] Security Update for Microsoft Office 2016 (KB4011574) 64-Bit Edition
    Microsoft

[?] Microsoft DCF MUI (Spanish) 2016
    Microsoft Corporation

[?] Update for Microsoft Office 2016 (KB2910990) 64-Bit Edition
    Microsoft

[?] Microsoft OneNote MUI (Spanish) 2016
    Microsoft Corporation

[?] Update for Microsoft OneNote 2016 (KB4022216) 64-Bit Edition
    Microsoft

[?] Microsoft Groove MUI (Spanish) 2016
    Microsoft Corporation

[?] Update for Microsoft OneDrive for Business (KB4022219) 64-Bit Edition
    Microsoft

[?] Microsoft Office 32-bit Components 2016
    Microsoft Corporation

[?] Update for Microsoft Office 2016 (KB4022133) 64-Bit Edition
    Microsoft

[?] Update for Skype for Business 2016 (KB4032255) 64-Bit Edition
    Microsoft

[?] Update for Microsoft Office 2016 (KB3213650) 64-Bit Edition
    Microsoft

[?] Security Update for Microsoft Excel 2016 (KB4032229) 64-Bit Edition
    Microsoft

[?] Security Update for Microsoft Office 2016 (KB4032233) 64-Bit Edition
    Microsoft

[?] Update for Microsoft Office 2016 (KB4022223) 64-Bit Edition
    Microsoft

[?] Update for Microsoft PowerPoint 2016 (KB4018368) 64-Bit Edition
    Microsoft

[?] Update for Microsoft Office 2016 (KB3141457) 64-Bit Edition
    Microsoft

[?] Security Update for Microsoft Office 2016 (KB3085538) 64-Bit Edition
    Microsoft

[?] Update for Microsoft Office 2016 (KB4018324) 64-Bit Edition
    Microsoft

[?] Update for Microsoft Word 2016 (KB4032258) 64-Bit Edition
    Microsoft

[?] Security Update for Microsoft Access 2016 (KB4018338) 64-Bit Edition
    Microsoft

[?] Update for Microsoft Office 2016 (KB4022158) 64-Bit Edition
    Microsoft

[?] Update for Microsoft Project 2016 (KB4032238) 64-Bit Edition
    Microsoft

[?] Update for Microsoft Office 2016 (KB4011634) 64-Bit Edition
    Microsoft

[?] Update for Microsoft Office 2016 (KB4011667) 64-Bit Edition
    Microsoft

[?] Update for Microsoft Office 2016 (KB4011630) 64-Bit Edition
    Microsoft

[?] Update for Microsoft OneNote 2016 (KB4022216) 64-Bit Edition
    Microsoft

[?] Update for Microsoft Publisher 2016 (KB3178696) 64-Bit Edition
    Microsoft

[?] Update for Microsoft OneDrive for Business (KB4022219) 64-Bit Edition
    Microsoft

[?] Update for Microsoft Visio 2016 (KB4018325) 64-Bit Edition
    Microsoft

[?] Update for Microsoft Office 2016 (KB2920678) 64-Bit Edition
    Microsoft

[?] Microsoft Office Shared 32-bit MUI (Spanish) 2016
    Microsoft Corporation

[?] Security Update for Microsoft Office 2016 (KB4032233) 64-Bit Edition
    Microsoft

[?] Update for Microsoft OneDrive for Business (KB4022219) 64-Bit Edition
    Microsoft

[?] Microsoft Office OSM MUI (Spanish) 2016
    Microsoft Corporation

[?] Microsoft Office OSM UX MUI (Spanish) 2016
    Microsoft Corporation

[?] Microsoft Skype for Business MUI (Spanish) 2016
    Microsoft Corporation

[?] Update for Skype for Business 2016 (KB4032255) 64-Bit Edition
    Microsoft

[?] Update for Microsoft Word 2016 (KB4032258) 64-Bit Edition
    Microsoft

[?] Microsoft Visual C++ 2017 x64 Minimum Runtime - 14.15.26706
    Microsoft Corporation

[?] Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40660
    Microsoft Corporation

[?] Microsoft Visual C++ 2017 x64 Additional Runtime - 14.15.26706
    Microsoft Corporation

[?] Unnamed Item (ACR_11_0_32)
    Adobe Systems Incorporated

[?] Adobe After Effects CC 2019
    Adobe Systems Incorporated

[?] Adobe Media Encoder 2020
    Adobe Systems Incorporated

[?] Avast Free Antivirus
    Avast Software

[?] Unnamed Item (CCXP_3_3_0_39_32)
    Adobe Systems Incorporated

[?] Unnamed Item (CDEC_1_0_0)
    Adobe Systems Incorporated

[?] Adobe Character Animator CC 2019
    Adobe Systems Incorporated

[?] Unnamed Item (COCM_1_0_32)
    Adobe Systems Incorporated

[?] Unnamed Item (COMP_1_1_32)
    Adobe Systems Incorporated

[?] Unnamed Item (COPS_1_0_32)
    Adobe Systems Incorporated

[?] Unnamed Item (CORE_1_0_32)
    Adobe Systems Incorporated

[?] Unnamed Item (CORG_1_1_32)
    Adobe Systems Incorporated

[?] Adobe Animate CC 2019
    Adobe Systems Incorporated

[?] Adobe InDesign CC 2019
    Adobe Systems Incorporated

[?] Adobe Illustrator CC 2019
    Adobe Systems Incorporated

[?] JDownloader 2
    AppWork GmbH

[?] Unnamed Item (LIBS_3_4_3_32)
    Adobe Systems Incorporated

[?] OBS Studio
    OBS Project

[?] Adobe Photoshop CC 2019
    Adobe Systems Incorporated

[?] Adobe Premiere Pro 2020
    Adobe Systems Incorporated

[?] x264vfw - H.264/MPEG-4 AVC codec (remove only)
    x264vfw - H.264/MPEG-4 AVC codec (remove only)

[?] Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501
    Microsoft Corporation

[?] Microsoft Visual C++ 2017 x86 Additional Runtime - 14.15.26706
    Microsoft Corporation

[?] Microsoft Visual C++ 2017 x86 Minimum Runtime - 14.15.26706
    Microsoft Corporation

[?] Google Update Helper
    Google LLC

[?] Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660
    Microsoft Corporation

[?] Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40660
    Microsoft Corporation

[?] Microsoft Visual C++ 2017 Redistributable (x86) - 14.15.26706
    Microsoft Corporation

[?] Microsoft Visual C++ 2017 Redistributable (x64) - 14.15.26706
    Microsoft Corporation

[?] Adobe Refresh Manager
    Adobe Systems Incorporated

[?] Adobe Acrobat Reader DC - Español
    Adobe Systems Incorporated

[?] Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40660
    Microsoft Corporation

[?] Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660
    Microsoft Corporation

[?] Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501
    Microsoft Corporation

[?] Intel(R) C++ Redistributables on Intel(R) 64
    Intel Corporation

[?] Dragonframe
    DZED Systems LLC

[?] QuickTime 7
    Apple Inc.

=== Services & Drivers ===

[?] armsvc.exe
    [32-bit] %CommonProgramFiles%\Adobe\ARM\1.0

[?] AGMSERVICE.EXE
    [32-bit] %CommonProgramFiles%\Adobe\ADOBEGCCLIENT

[?] AGSSERVICE.EXE
    [32-bit] %CommonProgramFiles%\Adobe\ADOBEGCCLIENT

[?] ASWARDISK.SYS
    %System%\drivers

[?] aswArPot.sys
    %System%\drivers

[?] ASWIDSAGENT.EXE
    %ProgramFiles%\AVAST SOFTWARE\Avast

[?] ASWBIDSDRIVER.SYS
    %System%\drivers

[?] aswbidsh.sys
    %System%\drivers

[?] aswbuniv.sys
    %System%\drivers

[?] aswKbd.sys
    %System%\drivers

[?] ASWMONFLT.SYS
    %System%\drivers

[?] ASWNETHUB.SYS
    %System%\drivers

[?] aswRdr2.sys
    %System%\drivers

[?] aswRvrt.sys
    %System%\drivers

[?] aswSnx.sys
    %System%\drivers

[?] aswSP.sys
    %System%\drivers

[?] aswStm.sys
    %System%\drivers

[?] aswVmm.sys
    %System%\drivers

[?] AvastSvc.exe
    %ProgramFiles%\AVAST SOFTWARE\Avast

[?] WSC_PROXY.EXE
    %ProgramFiles%\AVAST SOFTWARE\Avast

[?] ELEVATION_SERVICE.EXE
    [32-bit] %ProgramFiles%\Google\Chrome\APPLICATION\81.0.4044.129

[?] farflt.sys
    %System%\drivers

[?] mbam.sys
    %System%\drivers

[?] MBAMSERVICE.EXE
    %ProgramFiles%\MALWAREBYTES\ANTI-MALWARE

=== Classes (CLSIDs) ===

[?] SFXPFX2_X64.DLL
    [32-bit] %ProgramFiles%\Sony\SHARED PLUG-INS\AUDIO_X64

[?] SFXPFX1_X64.DLL
    [32-bit] %ProgramFiles%\Sony\SHARED PLUG-INS\AUDIO_X64

[?] SFXPFX3_X64.DLL
    [32-bit] %ProgramFiles%\Sony\SHARED PLUG-INS\AUDIO_X64

[?] XPVINYL_X64.DLL
    [32-bit] %ProgramFiles%\Sony\SHARED PLUG-INS\AUDIO_X64

[?] SFPPACK2_X64.DLL
    [32-bit] %ProgramFiles%\Sony\SHARED PLUG-INS\AUDIO_X64

[?] MBAMSERVICE.EXE
    %ProgramFiles%\MALWAREBYTES\ANTI-MALWARE

[?] ILLUSTRATOR.EXE
    %ProgramFiles%\Adobe\ADOBE ILLUSTRATOR CC 2019\SUPPORT FILES\Contents\Windows

[?] vegas130.exe
    %ProgramFiles%\Sony\VEGAS PRO 13.0

[?] SFTRKFX1_X64.DLL
    [32-bit] %ProgramFiles%\Sony\SHARED PLUG-INS\AUDIO_X64

[?] SRAPO64.dll
    %System%

[?] SFPPACK1_X64.DLL
    [32-bit] %ProgramFiles%\Sony\SHARED PLUG-INS\AUDIO_X64

[?] MCHAMMER_X64.DLL
    [32-bit] %ProgramFiles%\Sony\SHARED PLUG-INS\AUDIO_X64

[?] SFPPACK3_X64.DLL
    [32-bit] %ProgramFiles%\Sony\SHARED PLUG-INS\AUDIO_X64

[?] aswAMSI.dll
    %ProgramFiles%\AVAST SOFTWARE\Avast

[?] SFFRGPNV_X64.DLL
    [32-bit] %ProgramFiles%\Sony\SHARED PLUG-INS\AUDIO_X64

[?] ashShell.dll
    %ProgramFiles%\AVAST SOFTWARE\Avast

[?] MDPTHUMB64.DLL
    %System%

[?] SFRESFILTER_X64.DLL
    [32-bit] %ProgramFiles%\Sony\SHARED PLUG-INS\AUDIO_X64

[?] SEAPO64.dll
    %System%

[?] PSMACHINE_64.DLL
    [32-bit] %ProgramFiles%\Google\Update\1.3.35.452

[?] NOTIFICATION_HELPER.EXE
    [32-bit] %ProgramFiles%\Google\Chrome\APPLICATION\81.0.4044.129

[?] AMDH264ENC64.DLL
    %CommonProgramFiles%\ATI TECHNOLOGIES\MULTIMEDIA

[?] asOutExt.dll
    %ProgramFiles%\AVAST SOFTWARE\Avast

[?] msdbg2.dll
    %System%\F12

[?] ACROPDF64.DLL
    [32-bit] %CommonProgramFiles%\Adobe\Acrobat\ActiveX

[?] ACROPDFIMPL64.DLL
    [32-bit] %CommonProgramFiles%\Adobe\Acrobat\ActiveX

[?] CDDBUI.dll
    [32-bit] %System%

[?] ViewerPS.dll
    [32-bit] %ProgramFiles%\Adobe\ACROBAT READER DC\Reader

[?] ACROBROKER.EXE
    [32-bit] %ProgramFiles%\Adobe\ACROBAT READER DC\Reader

[?] AcroPDF.dll
    [32-bit] %CommonProgramFiles%\Adobe\Acrobat\ActiveX

[?] GOOGLEUPDATEONDEMAND.EXE
    [32-bit] %ProgramFiles%\Google\Update\1.3.35.452

[?] CDDBCONTROL.DLL
    [32-bit] %System%

[?] aswAMSI.dll
    %ProgramFiles%\AVAST SOFTWARE\Avast\x86

[?] ashShell.dll
    %ProgramFiles%\AVAST SOFTWARE\Avast\x86

[?] adoberfp.dll
    [32-bit] %ProgramFiles%\Adobe\ACROBAT READER DC\Reader

[?] GOOGLEUPDATEBROKER.EXE
    [32-bit] %ProgramFiles%\Google\Update\1.3.35.452

[?] ACROPDFIMPL.DLL
    [32-bit] %CommonProgramFiles%\Adobe\Acrobat\ActiveX

[?] PSMACHINE.DLL
    [32-bit] %ProgramFiles%\Google\Update\1.3.35.452

[?] AMDH264ENC32.DLL
    %CommonProgramFiles%\ATI TECHNOLOGIES\MULTIMEDIA

[?] asOutExt.dll
    %ProgramFiles%\AVAST SOFTWARE\Avast\x86

[?] AcroRd32.exe
    [32-bit] %ProgramFiles%\Adobe\ACROBAT READER DC\Reader

[?] ACCESSIBILITY.API
    [32-bit] %ProgramFiles%\Adobe\ACROBAT READER DC\Reader\plug_ins

=== Desktop, Start & Taskbar ===

[?] AvastUI.exe
    %ProgramFiles%\AVAST SOFTWARE\Avast

[?] mbam.exe
    %ProgramFiles%\MALWAREBYTES\ANTI-MALWARE

[?] SUPERANTISPYWARE.EXE
    %ProgramFiles%\SUPERANTISPYWARE

[?] ZHPCLEANER.EXE
    [Totoro] %Desktop%\ANTIVIRUS

[?] ZHPCLEANER.EXE
    [Totoro] %AppData%\ZHP

[?] cpuz.exe
    %ProgramFiles%\CPUID\CPU-Z

[?] obs64.exe
    %ProgramFiles%\OBS-STUDIO\bin\64bit

[?] chrome.exe
    [32-bit] %ProgramFiles%\Google\Chrome\APPLICATION

[?] vlc.exe
    [32-bit] %ProgramFiles%\VideoLAN\VLC

[?] UNINSTALL JDOWNLOADER.EXE
    [Totoro] %LocalAppData%\JDOWNLOADER 2.0

[?] JDOWNLOADER2UPDATE.EXE
    [Totoro] %LocalAppData%\JDOWNLOADER 2.0

[?] JDOWNLOADER2.EXE
    [Totoro] %LocalAppData%\JDOWNLOADER 2.0

=== Application Data Folders ===

[?] udhisapi.dll
    [SERVICIO LOCAL] %AppData%\MICROSOFT\UPNP DEVICE HOST\upnphost

[?] WIDEVINECDM.DLL
    [Totoro] %AppData%\Mozilla\Firefox\Profiles\TYP5TRJM.DEFAULT\GMP-WIDEVINECDM\4.10.1582.2

[?] 7z.dll
    [Totoro] %AppData%\ZHP\QUARANTINE\ZHPCLEANER\DRIVER BOOSTER\6.3.0

[?] LIBCRYPTO-1_1.DLL
    [Totoro] %AppData%\ZHP\QUARANTINE\ZHPCLEANER\DRIVER BOOSTER\6.3.0

[?] LIBSSL-1_1.DLL
    [Totoro] %AppData%\ZHP\QUARANTINE\ZHPCLEANER\DRIVER BOOSTER\6.3.0

[?] DEVCOMPONENTS.DOTNETBAR2.DLL
    [Totoro] %AppData%\ZHP\QUARANTINE\ZHPCLEANER\KMSpico

[?] SERVICE_KMS.EXE
    [Totoro] %AppData%\ZHP\QUARANTINE\ZHPCLEANER\KMSpico

[?] unins000.exe
    [Totoro] %AppData%\ZHP\QUARANTINE\ZHPCLEANER\KMSpico

[?] UninsHs.exe
    [Totoro] %AppData%\ZHP\QUARANTINE\ZHPCLEANER\KMSpico

[?] VESTRIS.RESOURCELIB.DLL
    [Totoro] %AppData%\ZHP\QUARANTINE\ZHPCLEANER\KMSpico

[?] COREVIDEOLOCALIZED.DLL
    [Totoro] %AppData%\ZHP\QUARANTINE\ZHPCLEANER\QUICKTIME\QTSystem\COREVIDEO.RESOURCES\EN.LPROJ

[?] EXPORTCONTROLLERPS.DLL
    [Totoro] %AppData%\ZHP\QUARANTINE\ZHPCLEANER\QUICKTIME\QTSystem

[?] QTCF.dll
    [Totoro] %AppData%\ZHP\QUARANTINE\ZHPCLEANER\QUICKTIME\QTSystem

[?] QTMLCLIENT.DLL
    [Totoro] %AppData%\ZHP\QUARANTINE\ZHPCLEANER\QUICKTIME\QTSystem

[?] QUICKTIMELOCALIZED.DLL
    [Totoro] %AppData%\ZHP\QUARANTINE\ZHPCLEANER\QUICKTIME\QTSystem\QUICKTIME.RESOURCES\EN.LPROJ

[?] QUICKTIME.DLL
    [Totoro] %AppData%\ZHP\QUARANTINE\ZHPCLEANER\QUICKTIME\QTSystem\QUICKTIME.RESOURCES

[?] QUICKTIMEAUDIOSUPPORTLOCALIZED.DLL
    [Totoro] %AppData%\ZHP\QUARANTINE\ZHPCLEANER\QUICKTIME\QTSystem\QUICKTIMEAUDIOSUPPORT.RESOURCES\EN.LPROJ

[?] QUICKTIMEAUTHORINGLOCALIZED.DLL
    [Totoro] %AppData%\ZHP\QUARANTINE\ZHPCLEANER\QUICKTIME\QTSystem\QUICKTIMEAUTHORING.RESOURCES\EN.LPROJ

[?] QUICKTIMESTREAMINGLOCALIZED.DLL
    [Totoro] %AppData%\ZHP\QUARANTINE\ZHPCLEANER\QUICKTIME\QTSystem\QUICKTIMESTREAMING.RESOURCES\EN.LPROJ

[?] QUICKTIMEUPDATEHELPER.EXE
    [Totoro] %AppData%\ZHP\QUARANTINE\ZHPCLEANER\QUICKTIME\QTSystem

[?] QUICKTIMEWEBHELPERLOCALIZED.DLL
    [Totoro] %AppData%\ZHP\QUARANTINE\ZHPCLEANER\QUICKTIME\QTSystem\QUICKTIMEWEBHELPER.RESOURCES\EN.LPROJ

[?] QUICKTIMEWEBHELPER.DLL
    [Totoro] %AppData%\ZHP\QUARANTINE\ZHPCLEANER\QUICKTIME\QTSystem\QUICKTIMEWEBHELPER.RESOURCES

[?] SECOH-QAD.DLL
    [Totoro] %AppData%\ZHP\QUARANTINE\ZHPCLEANER

[?] SECOH-QAD.EXE
    [Totoro] %AppData%\ZHP\QUARANTINE\ZHPCLEANER

[?] ZHPCLEANER.EXE
    [Totoro] %AppData%\ZHP

[?] GCCHECK_SMALL.EXE
    [Totoro] %LocalAppData%\Adobe\B4B5DA42-BF51-4498-A510-88CFD428B19A

[?] gtcheck.exe
    [Totoro] %LocalAppData%\Adobe\B4B5DA42-BF51-4498-A510-88CFD428B19A

[?] setup.exe
    [Totoro] %LocalAppData%\chromium\APPLICATION\63.0.3235.0\INSTALLER

[?] libegl.dll
    [Totoro] %LocalAppData%\chromium\APPLICATION\63.0.3235.0

[?] LIBGLESV2.DLL
    [Totoro] %LocalAppData%\chromium\APPLICATION\63.0.3235.0

[?] nacl64.exe
    [Totoro] %LocalAppData%\chromium\APPLICATION\63.0.3235.0

[?] libegl.dll
    [Totoro] %LocalAppData%\chromium\APPLICATION\63.0.3235.0\SWIFTSHADER

[?] LIBGLESV2.DLL
    [Totoro] %LocalAppData%\chromium\APPLICATION\63.0.3235.0\SWIFTSHADER

[?] PEPFLASHPLAYER.DLL
    [Totoro] %LocalAppData%\Google\Chrome\USER DATA\PEPPERFLASH\32.0.0.363

[?] SOFTWARE_REPORTER_TOOL.EXE
    [Totoro] %LocalAppData%\Google\Chrome\USER DATA\SWREPORTER\81.234.200

[?] i4jdel.exe
    [Totoro] %LocalAppData%\JDOWNLOADER 2.0\.INSTALL4J

[?] i4jinst.dll
    [Totoro] %LocalAppData%\JDOWNLOADER 2.0\.INSTALL4J

[?] JDOWNLOADER2.EXE
    [Totoro] %LocalAppData%\JDOWNLOADER 2.0

[?] JDOWNLOADER2UPDATE.EXE
    [Totoro] %LocalAppData%\JDOWNLOADER 2.0

[?] LIB7-ZIP-JBINDING.DLL
    [Totoro] %LocalAppData%\JDOWNLOADER 2.0\tmp\7zip\SEVENZIPJBINDING-N8Q7X

[?] JNA1284495018686977561.DLL
    [Totoro] %LocalAppData%\JDOWNLOADER 2.0\tmp\jna

[?] ELEVATE64.EXE
    [Totoro] %LocalAppData%\JDOWNLOADER 2.0\tools\Windows\elevate

[?] NATIVEPROCESSX86.DLL
    [Totoro] %LocalAppData%\JDOWNLOADER 2.0\tools\Windows\rtmpdump

[?] rtmpdump.exe
    [Totoro] %LocalAppData%\JDOWNLOADER 2.0\tools\Windows\rtmpdump

[?] SENDSIGNAL.EXE
    [Totoro] %LocalAppData%\JDOWNLOADER 2.0\tools\Windows\rtmpdump

[?] UNINSTALL JDOWNLOADER.EXE
    [Totoro] %LocalAppData%\JDOWNLOADER 2.0

[?] ELEVATE64.EXE
    [Totoro] %LocalAppData%\JDOWNLOADER V2.0\tools\Windows\elevate

[?] NATIVEPROCESSX64.DLL
    [Totoro] %LocalAppData%\JDOWNLOADER V2.0\tools\Windows\rtmpdump

[?] rtmpdump.exe
    [Totoro] %LocalAppData%\JDOWNLOADER V2.0\tools\Windows\rtmpdump

[?] SENDSIGNAL.EXE
    [Totoro] %LocalAppData%\JDOWNLOADER V2.0\tools\Windows\rtmpdump

[?] GRAPHICS-HOOK32.DLL
    %ProgramData%\OBS-STUDIO-HOOK

[?] GRAPHICS-HOOK64.DLL
    %ProgramData%\OBS-STUDIO-HOOK

[?] SONYINSTALL_X64.DLL
    %ProgramData%\Sony\VEGAS PRO\13.0.453

[?] WSCAPTUREHOOK.DLL
    %ProgramData%\WONDERSHARE FILMORA SCRN\WSCAPTUREHOOK

[?] WSCAPTUREHOOK_64.DLL
    %ProgramData%\WONDERSHARE FILMORA SCRN\WSCAPTUREHOOK

=== Temporary Folders ===

[?] PROXY_VOLE6491257120426054682.DLL
    [Totoro] %Temp%

[?] AdobePIM.dll
    [Totoro] %Temp%\{86C67B6D-D83B-4904-8B18-DF98E643C84E}

=== Windows Task Scheduler ===

[?] AdobeARM.exe
    [32-bit] %CommonProgramFiles%\Adobe\ARM\1.0

[?] AGCINVOKERUTILITY.EXE
    [32-bit] %CommonProgramFiles%\Adobe\ADOBEGCCLIENT

[?] CCleaner.exe
    %ProgramFiles%\CCleaner

[?] overseer.exe
    %CommonProgramFiles%\AVAST SOFTWARE\Overseer

=== Running Processes ===

[?] aswAMSI.dll
    %ProgramFiles%\AVAST SOFTWARE\Avast

[?] armsvc.exe
    [32-bit] %CommonProgramFiles%\Adobe\ARM\1.0

[?] AGSSERVICE.EXE
    [32-bit] %CommonProgramFiles%\Adobe\ADOBEGCCLIENT

[?] AGMSERVICE.EXE
    [32-bit] %CommonProgramFiles%\Adobe\ADOBEGCCLIENT

[?] ASWENGSRV.EXE
    %ProgramFiles%\AVAST SOFTWARE\Avast

[?] ASWENGLDR.DLL
    %ProgramFiles%\AVAST SOFTWARE\Avast

[?] aswCmnIS.dll
    %ProgramFiles%\AVAST SOFTWARE\Avast

[?] aswCmnOS.dll
    %ProgramFiles%\AVAST SOFTWARE\Avast

[?] aswCmnBS.dll
    %ProgramFiles%\AVAST SOFTWARE\Avast

[?] aswEngin.dll
    %ProgramFiles%\AVAST SOFTWARE\Avast\defs\20050500

[?] ASWCMNIS64.DLL
    %ProgramFiles%\AVAST SOFTWARE\Avast\defs\20050500

[?] aswCmnOS.dll
    %ProgramFiles%\AVAST SOFTWARE\Avast\defs\20050500

[?] aswCmnBS.dll
    %ProgramFiles%\AVAST SOFTWARE\Avast\defs\20050500

[?] aswRep.dll
    %ProgramFiles%\AVAST SOFTWARE\Avast\defs\20050500

[?] aswFiDb.dll
    %ProgramFiles%\AVAST SOFTWARE\Avast\defs\20050500

[?] aswArray.dll
    %ProgramFiles%\AVAST SOFTWARE\Avast\defs\20050500

[?] ASWCLEANERDLL.DLL
    %ProgramFiles%\AVAST SOFTWARE\Avast\defs\20050500

[?] algo64.dll
    %ProgramFiles%\AVAST SOFTWARE\Avast\defs\20050500

[?] aswhook.dll
    %ProgramFiles%\AVAST SOFTWARE\Avast

[?] aticfx64.dll
    %System%

[?] atiuxp64.dll
    %System%

[?] atidxx64.dll
    %System%

[?] mbamtray.exe
    %ProgramFiles%\MALWAREBYTES\ANTI-MALWARE

[?] Qt5Quick.dll
    %ProgramFiles%\MALWAREBYTES\ANTI-MALWARE

[?] QT5WIDGETS.DLL
    %ProgramFiles%\MALWAREBYTES\ANTI-MALWARE

[?] QT5WINEXTRAS.DLL
    %ProgramFiles%\MALWAREBYTES\ANTI-MALWARE

[?] Qt5Gui.dll
    %ProgramFiles%\MALWAREBYTES\ANTI-MALWARE

[?] Qt5Qml.dll
    %ProgramFiles%\MALWAREBYTES\ANTI-MALWARE

[?] QT5NETWORK.DLL
    %ProgramFiles%\MALWAREBYTES\ANTI-MALWARE

[?] Qt5Core.dll
    %ProgramFiles%\MALWAREBYTES\ANTI-MALWARE

[?] mbcut.dll
    %ProgramFiles%\MALWAREBYTES\ANTI-MALWARE

[?] QT5QMLMODELS.DLL
    %ProgramFiles%\MALWAREBYTES\ANTI-MALWARE

[?] QtANGLE.dll
    %ProgramFiles%\MALWAREBYTES\ANTI-MALWARE

[?] qwindows.dll
    %ProgramFiles%\MALWAREBYTES\ANTI-MALWARE\PLATFORMS

[?] QWINDOWSVISTASTYLE.DLL
    %ProgramFiles%\MALWAREBYTES\ANTI-MALWARE\styles

[?] qico.dll
    %ProgramFiles%\MALWAREBYTES\ANTI-MALWARE\IMAGEFORMATS

[?] qjpeg.dll
    %ProgramFiles%\MALWAREBYTES\ANTI-MALWARE\IMAGEFORMATS

[?] qsvg.dll
    %ProgramFiles%\MALWAREBYTES\ANTI-MALWARE\IMAGEFORMATS

[?] Qt5Svg.dll
    %ProgramFiles%\MALWAREBYTES\ANTI-MALWARE

[?] TRAYPLUGIN.DLL
    %ProgramFiles%\MALWAREBYTES\ANTI-MALWARE

[?] QTQUICK2PLUGIN.DLL
    %ProgramFiles%\MALWAREBYTES\ANTI-MALWARE\QtQuick.2

[?] QT5QMLWORKERSCRIPT.DLL
    %ProgramFiles%\MALWAREBYTES\ANTI-MALWARE

[?] QTQUICKCONTROLSPLUGIN.DLL
    %ProgramFiles%\MALWAREBYTES\ANTI-MALWARE\QtQuick\Controls

[?] QQUICKLAYOUTSPLUGIN.DLL
    %ProgramFiles%\MALWAREBYTES\ANTI-MALWARE\QtQuick\Layouts

[?] DIALOGPLUGIN.DLL
    %ProgramFiles%\MALWAREBYTES\ANTI-MALWARE\QtQuick\Dialogs

[?] WINDOWPLUGIN.DLL
    %ProgramFiles%\MALWAREBYTES\ANTI-MALWARE\QtQuick\Window.2

[?] MODELSPLUGIN.DLL
    %ProgramFiles%\MALWAREBYTES\ANTI-MALWARE\QtQml\Models.2

[?] QTQUICKTEMPLATES2PLUGIN.DLL
    %ProgramFiles%\MALWAREBYTES\ANTI-MALWARE\QtQuick\TEMPLATES.2

[?] QT5QUICKTEMPLATES2.DLL
    %ProgramFiles%\MALWAREBYTES\ANTI-MALWARE

[?] QTQUICKCONTROLS2PLUGIN.DLL
    %ProgramFiles%\MALWAREBYTES\ANTI-MALWARE\QtQuick\Controls.2

[?] QT5QUICKCONTROLS2.DLL
    %ProgramFiles%\MALWAREBYTES\ANTI-MALWARE

[?] ashShell.dll
    %ProgramFiles%\AVAST SOFTWARE\Avast

[?] SKYPEBACKGROUNDHOST.EXE
    %ProgramFiles%\WINDOWSAPPS\MICROSOFT.SKYPEAPP_14.56.102.0_X64__KZF8QXF38ZG5C

[?] MSVCP140_APP.DLL
    %ProgramFiles%\WINDOWSAPPS\MICROSOFT.VCLIBS.140.00_14.0.27810.0_X64__8WEKYB3D8BBWE

[?] VCRUNTIME140_APP.DLL
    %ProgramFiles%\WINDOWSAPPS\MICROSOFT.VCLIBS.140.00_14.0.27810.0_X64__8WEKYB3D8BBWE

[?] CONCRT140_APP.DLL
    %ProgramFiles%\WINDOWSAPPS\MICROSOFT.VCLIBS.140.00_14.0.27810.0_X64__8WEKYB3D8BBWE

[?] YOURPHONE.EXE
    %ProgramFiles%\WINDOWSAPPS\MICROSOFT.YOURPHONE_1.20041.85.0_X64__8WEKYB3D8BBWE

[?] VCCORLIB140_APP.DLL
    %ProgramFiles%\WINDOWSAPPS\MICROSOFT.VCLIBS.140.00_14.0.27810.0_X64__8WEKYB3D8BBWE

[?] VCRUNTIME140_1_APP.DLL
    %ProgramFiles%\WINDOWSAPPS\MICROSOFT.VCLIBS.140.00_14.0.27810.0_X64__8WEKYB3D8BBWE

[?] YOURPHONE.APPCORE.WINRT.DLL
    %ProgramFiles%\WINDOWSAPPS\MICROSOFT.YOURPHONE_1.20041.85.0_X64__8WEKYB3D8BBWE

[?] RUNTIMECONFIGURATION.DLL
    %ProgramFiles%\WINDOWSAPPS\MICROSOFT.YOURPHONE_1.20041.85.0_X64__8WEKYB3D8BBWE

[?] SCREENMIRRORING.DLL
    %ProgramFiles%\WINDOWSAPPS\MICROSOFT.YOURPHONE_1.20041.85.0_X64__8WEKYB3D8BBWE

[?] PHONECOMMUNICATIONAPPSERVICE.DLL
    %ProgramFiles%\WINDOWSAPPS\MICROSOFT.YOURPHONE_1.20041.85.0_X64__8WEKYB3D8BBWE

[?] YOURPHONECONTROLS.DLL
    %ProgramFiles%\WINDOWSAPPS\MICROSOFT.YOURPHONE_1.20041.85.0_X64__8WEKYB3D8BBWE

[?] SkypeApp.exe
    %ProgramFiles%\WINDOWSAPPS\MICROSOFT.SKYPEAPP_14.56.102.0_X64__KZF8QXF38ZG5C

[?] SkypeApp.dll
    %ProgramFiles%\WINDOWSAPPS\MICROSOFT.SKYPEAPP_14.56.102.0_X64__KZF8QXF38ZG5C

[?] yoga.dll
    %ProgramFiles%\WINDOWSAPPS\MICROSOFT.SKYPEAPP_14.56.102.0_X64__KZF8QXF38ZG5C

[?] IMAGEPIPELINENATIVE.DLL
    %ProgramFiles%\WINDOWSAPPS\MICROSOFT.SKYPEAPP_14.56.102.0_X64__KZF8QXF38ZG5C

[?] CHAKRABRIDGE.DLL
    %ProgramFiles%\WINDOWSAPPS\MICROSOFT.SKYPEAPP_14.56.102.0_X64__KZF8QXF38ZG5C

[?] AvastUI.exe
    %ProgramFiles%\AVAST SOFTWARE\Avast

[?] AavmRpch.dll
    %ProgramFiles%\AVAST SOFTWARE\Avast

[?] ashTask.dll
    %ProgramFiles%\AVAST SOFTWARE\Avast

[?] aswAux.dll
    %ProgramFiles%\AVAST SOFTWARE\Avast

[?] ashBase.dll
    %ProgramFiles%\AVAST SOFTWARE\Avast

[?] CommonUI.dll
    %ProgramFiles%\AVAST SOFTWARE\Avast

[?] aswIP.dll
    %ProgramFiles%\AVAST SOFTWARE\Avast

[?] VAARCLIENT.DLL
    %ProgramFiles%\AVAST SOFTWARE\Avast

[?] LIBCRYPTO-1_1-X64.DLL
    %ProgramFiles%\AVAST SOFTWARE\Avast

[?] protobuf.dll
    %ProgramFiles%\AVAST SOFTWARE\Avast

[?] LIBSSL-1_1-X64.DLL
    %ProgramFiles%\AVAST SOFTWARE\Avast

[?] COMMCHANNEL.DLL
    %ProgramFiles%\AVAST SOFTWARE\Avast

[?] MODULE_LIFETIME.DLL
    %ProgramFiles%\AVAST SOFTWARE\Avast

[?] DLL_LOADER.DLL
    %ProgramFiles%\AVAST SOFTWARE\Avast

[?] log.dll
    %ProgramFiles%\AVAST SOFTWARE\Avast

[?] ASWPROPERTY.DLL
    %ProgramFiles%\AVAST SOFTWARE\Avast

[?] ASWPROPERTYAV.DLL
    %ProgramFiles%\AVAST SOFTWARE\Avast

[?] TASKS_CORE.DLL
    %ProgramFiles%\AVAST SOFTWARE\Avast

[?] EVENT_ROUTING.DLL
    %ProgramFiles%\AVAST SOFTWARE\Avast

[?] SERIALIZATION.DLL
    %ProgramFiles%\AVAST SOFTWARE\Avast

[?] CEF_RENDERER.DLL
    %ProgramFiles%\AVAST SOFTWARE\Avast

[?] aswData.dll
    %ProgramFiles%\AVAST SOFTWARE\Avast

[?] ASHTASKEX.DLL
    %ProgramFiles%\AVAST SOFTWARE\Avast

[?] Aavm4h.dll
    %ProgramFiles%\AVAST SOFTWARE\Avast

[?] aswLog.dll
    %ProgramFiles%\AVAST SOFTWARE\Avast

[?] STREAMBACK.DLL
    %ProgramFiles%\AVAST SOFTWARE\Avast

[?] aswSqLt.dll
    %ProgramFiles%\AVAST SOFTWARE\Avast

[?] EVENT_MANAGER.DLL
    %ProgramFiles%\AVAST SOFTWARE\Avast

[?] EVENT_MANAGER_ER.DLL
    %ProgramFiles%\AVAST SOFTWARE\Avast

[?] BURGER_CLIENT.DLL
    %ProgramFiles%\AVAST SOFTWARE\Avast

[?] EVENT_ROUTING_RPC.DLL
    %ProgramFiles%\AVAST SOFTWARE\Avast

[?] GAMING_PROBE.DLL
    %ProgramFiles%\AVAST SOFTWARE\Avast

[?] opm.dll
    %ProgramFiles%\AVAST SOFTWARE\Avast

[?] UILANGRES.DLL
    %ProgramFiles%\AVAST SOFTWARE\Avast\3082

[?] COMMONRES.DLL
    %ProgramFiles%\AVAST SOFTWARE\Avast

[?] HTMLAYOUT.DLL
    %ProgramFiles%\AVAST SOFTWARE\Avast

[?] pam.dll
    %ProgramFiles%\AVAST SOFTWARE\Avast

[?] PROCESS_MONITOR.DLL
    %ProgramFiles%\AVAST SOFTWARE\Avast

[?] aswidpm.dll
    %ProgramFiles%\AVAST SOFTWARE\Avast

[?] aswsys.dll
    %ProgramFiles%\AVAST SOFTWARE\Avast

[?] aswcml.dll
    %ProgramFiles%\AVAST SOFTWARE\Avast

[?] aswcomm.dll
    %ProgramFiles%\AVAST SOFTWARE\Avast

[?] ASWDATASCAN.DLL
    %ProgramFiles%\AVAST SOFTWARE\Avast

[?] BROWSER_PASS.DLL
    %ProgramFiles%\AVAST SOFTWARE\Avast

[?] GAMING_MODE_UI.DLL
    %ProgramFiles%\AVAST SOFTWARE\Avast

[?] uiext.dll
    %ProgramFiles%\AVAST SOFTWARE\Avast\defs\20050500

[?] Engine.dll
    %ProgramFiles%\DAEMON TOOLS PRO

[?] CCXPROCESS.EXE
    [32-bit] %ProgramFiles%\Adobe\ADOBE CREATIVE CLOUD EXPERIENCE

[?] CCLEANER64.EXE
    %ProgramFiles%\CCleaner

[?] node.exe
    [32-bit] %ProgramFiles%\Adobe\ADOBE CREATIVE CLOUD EXPERIENCE\libs

[?] ADOBEIPCBROKER.EXE
    [32-bit] %CommonProgramFiles%\Adobe\ADOBE DESKTOP COMMON\IPCBox

[?] VIDEO.UI.EXE
    %ProgramFiles%\WINDOWSAPPS\MICROSOFT.ZUNEVIDEO_10.20022.11011.0_X64__8WEKYB3D8BBWE

[?] SharedUI.dll
    %ProgramFiles%\WINDOWSAPPS\MICROSOFT.ZUNEVIDEO_10.20022.11011.0_X64__8WEKYB3D8BBWE

[?] MICROSOFT.MEMBERSHIP.MECONTROL.UI.XAML.DLL
    %ProgramFiles%\WINDOWSAPPS\MICROSOFT.ZUNEVIDEO_10.20022.11011.0_X64__8WEKYB3D8BBWE

[?] ENTCOMMON.DLL
    %ProgramFiles%\WINDOWSAPPS\MICROSOFT.ZUNEVIDEO_10.20022.11011.0_X64__8WEKYB3D8BBWE

[?] EntPlat.dll
    %ProgramFiles%\WINDOWSAPPS\MICROSOFT.ZUNEVIDEO_10.20022.11011.0_X64__8WEKYB3D8BBWE

[?] MICROSOFT.PHOTOS.EXE
    %ProgramFiles%\WINDOWSAPPS\MICROSOFT.WINDOWS.PHOTOS_2020.19111.24110.0_X64__8WEKYB3D8BBWE

[?] UNITYENGINEDELEGATES.DLL
    %ProgramFiles%\WINDOWSAPPS\MICROSOFT.WINDOWS.PHOTOS_2020.19111.24110.0_X64__8WEKYB3D8BBWE

[?] MEDIAENGINECSWRAPPER.DLL
    %ProgramFiles%\WINDOWSAPPS\MICROSOFT.WINDOWS.PHOTOS_2020.19111.24110.0_X64__8WEKYB3D8BBWE

[?] RENDERINGPLUGIN.DLL
    %ProgramFiles%\WINDOWSAPPS\MICROSOFT.WINDOWS.PHOTOS_2020.19111.24110.0_X64__8WEKYB3D8BBWE

[?] PHOTOSAPP.WINDOWS.DLL
    %ProgramFiles%\WINDOWSAPPS\MICROSOFT.WINDOWS.PHOTOS_2020.19111.24110.0_X64__8WEKYB3D8BBWE

[?] APPCORE.WINDOWS.DLL
    %ProgramFiles%\WINDOWSAPPS\MICROSOFT.WINDOWS.PHOTOS_2020.19111.24110.0_X64__8WEKYB3D8BBWE

[?] RUNTIMECONFIGURATION.DLL
    %ProgramFiles%\WINDOWSAPPS\MICROSOFT.WINDOWS.PHOTOS_2020.19111.24110.0_X64__8WEKYB3D8BBWE

[?] APPSETTINGSCPPCX.DLL
    %ProgramFiles%\WINDOWSAPPS\MICROSOFT.WINDOWS.PHOTOS_2020.19111.24110.0_X64__8WEKYB3D8BBWE

[?] MICROSOFT.RICHMEDIA.INK.CONTROLS.DLL
    %ProgramFiles%\WINDOWSAPPS\MICROSOFT.WINDOWS.PHOTOS_2020.19111.24110.0_X64__8WEKYB3D8BBWE

[?] ONLINEMEDIACOMPONENT.DLL
    %ProgramFiles%\WINDOWSAPPS\MICROSOFT.WINDOWS.PHOTOS_2020.19111.24110.0_X64__8WEKYB3D8BBWE

[?] SKU.dll
    %ProgramFiles%\WINDOWSAPPS\MICROSOFT.WINDOWS.PHOTOS_2020.19111.24110.0_X64__8WEKYB3D8BBWE

[?] CCLIBRARY.EXE
    [32-bit] %CommonProgramFiles%\Adobe\CREATIVE CLOUD LIBRARIES

[?] node.exe
    [32-bit] %CommonProgramFiles%\Adobe\CREATIVE CLOUD LIBRARIES\libs

[?] SUPERANTISPYWARE.EXE
    %ProgramFiles%\SUPERANTISPYWARE

=== Document Folders ===

[?] AdobePIM.dll
    [Totoro] %Documents%\Adobe\ADOBE MEDIA ENCODER\MECC2K19.13.1.3.45.AP.ZENTINELS\1.INSTALAR\RESOURCES

[?] Set-up.exe
    [Totoro] %Documents%\Adobe\ADOBE MEDIA ENCODER\MECC2K19.13.1.3.45.AP.ZENTINELS\1.INSTALAR

=== Download Folders ===

[?] ADWCLEANER_8.0.4.EXE
    [Totoro] %Profile%\DOWNLOADS

[?] AdobePIM.dll
    [Totoro] %Profile%\DOWNLOADS\AFTER AFFECTS 2020 RENITECH____\RESOURCES

[?] Set-up.exe
    [Totoro] %Profile%\DOWNLOADS\AFTER AFFECTS 2020 RENITECH____

[?] MBSETUP-0009996.0009996-CONSUMER.EXE
    [Totoro] %Profile%\DOWNLOADS

[?] SUPERANTISPYWARE.EXE
    [Totoro] %Profile%\DOWNLOADS

[?] ZHPCLEANER.EXE
    [Totoro] %Profile%\DOWNLOADS

===============
End of Report 
===============

FRST64

06/05/20

Resultado del análisis realizado por Farbar Recovery Scan Tool (FRST) (x64) Versión: 03-05-2020
Ejecutado por Totoro (administrador) sobre DESKTOP-40MJQH1 (Hewlett-Packard HP Pavilion 17 Notebook PC) (06-05-2020 11:42:59)
Ejecutado desde C:\Users\Totoro\Desktop
Perfiles cargados: Totoro (Perfiles disponibles: Totoro)
Platform: Windows 10 Home Versión 1903 18362.778 (X64) Idioma: Español (España, internacional)
Navegador predeterminado: Edge
Modo de Inicio: Normal
Tutorial para Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Procesos (Lista blanca) =================

(Si una entrada es incluida en el fixlist, el proceso será cerrado. El archivo no será movido.)

(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe <2>
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
(Disc Soft Ltd -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Pro\DiscSoftBusServicePro.exe
(Disc Soft Ltd -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Pro\DTAgent.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\Totoro\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeSH.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe
(Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(SUPERAntiSpyware.com -> SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

==================== Registro (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9269352 2019-04-02] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3022416 2020-03-04] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [108216 2020-04-21] (Avast Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-2155867228-463568385-2336883251-1001\...\Run: [DAEMON Tools Pro Agent] => C:\Program Files\DAEMON Tools Pro\DTAgent.exe [4506304 2017-05-17] (Disc Soft Ltd -> Disc Soft Ltd)
HKU\S-1-5-21-2155867228-463568385-2336883251-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [22488952 2019-03-11] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-2155867228-463568385-2336883251-1001\...\Run: [uTorrent] => C:\Users\Totoro\AppData\Roaming\uTorrent\uTorrent.exe [2072816 2020-04-07] (BitTorrent Inc -> BitTorrent Inc.)
HKU\S-1-5-21-2155867228-463568385-2336883251-1001\...\Run: [CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [144008 2019-10-22] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-2155867228-463568385-2336883251-1001\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [9230256 2020-03-13] (Support.com Inc -> SUPERAntiSpyware)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.129\Installer\chrmstp.exe [2020-04-29] (Google LLC -> Google LLC)
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restricción <==== ATENCIÓN
CHR HKLM\SOFTWARE\Policies\Google: Restricción <==== ATENCIÓN

==================== Tareas programadas (Lista blanca) ============

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

Task: {1BFEBD1E-209D-4585-9581-4718E5FB2BA2} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [316632 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {25200AFE-4961-4121-8CF1-1A506FD2C284} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [1660520 2020-02-27] (Avast Software s.r.o. -> Avast Software)
Task: {2B685EF1-295A-4F0B-A442-93F3755A1862} - System32\Tasks\AutoPico Daily Restart => C:\Program Files\KMSpico\AutoPico.exe
Task: {616C7A22-E23F-4299-84B3-91E0797392F6} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {75758BBC-FF9E-4924-9D18-C22BF04F3C5F} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [3325032 2020-04-21] (Avast Software s.r.o. -> AVAST Software)
Task: {A0CF247C-D332-465C-B458-DBE625FAD9F7} - System32\Tasks\SUPERAntiSpyware Scheduled Task 776dca61-53e6-46ce-bc39-2617c2de7863 => C:\Program Files\SUPERAntiSpyware\SASTask.exe [49944 2013-11-07] (SUPERAntiSpyware.com -> SUPERAdBlocker.com)
Task: {A671D2C2-94FE-43FF-B6AF-6DABDEA926C4} - System32\Tasks\SUPERAntiSpyware Scheduled Task f7a10302-a3ab-419a-b532-676f854bc5b3 => C:\Program Files\SUPERAntiSpyware\SASTask.exe [49944 2013-11-07] (SUPERAntiSpyware.com -> SUPERAdBlocker.com)
Task: {BC17AE20-B70B-4EEE-B607-A65B26FCD1CB} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {CC31D46A-5639-4FA8-8619-B2E010014463} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3022416 2020-03-04] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {CD438D4A-433F-4B27-BF05-9CD92A68D39E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2019-03-30] (Google Inc -> Google Inc.)
Task: {D145BE79-84B3-451A-9FF8-3F8FD11905C2} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-03-11] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {DBC330D6-E009-416F-9767-35ECBE0A0AEA} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [16494464 2019-03-11] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {DCEE12C1-593F-4436-90D5-2B2F48204F76} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2019-03-30] (Google Inc -> Google Inc.)
Task: {F036CD2F-C6A0-4298-B0C8-9CBEBA99F975} - System32\Tasks\Driver Booster SkipUAC (Totoro) => C:\Program Files (x86)\IObit\Driver Booster\6.3.0\DriverBooster.exe
Task: {F6414DE9-4A06-4C72-9F28-9E157127CD59} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1242704 2020-02-25] (Adobe Inc. -> Adobe Systems)
Task: {FE2A545D-4F16-433A-A047-446A6C1A3DF0} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [126152 2020-04-11] (Mozilla Corporation -> Mozilla Foundation)

(Si una entrada es incluida en el fixlist, el archivo de tarea (.job) será movido. El archivo que está siendo ejecutado por la tarea no será movido.)

Task: C:\WINDOWS\Tasks\SUPERAntiSpyware Scheduled Task 776dca61-53e6-46ce-bc39-2617c2de7863.job => C:\Program Files\SUPERAntiSpyware\SASTask.exe C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
Task: C:\WINDOWS\Tasks\SUPERAntiSpyware Scheduled Task f7a10302-a3ab-419a-b532-676f854bc5b3.job => C:\Program Files\SUPERAntiSpyware\SASTask.exe C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

==================== Internet (Lista blanca) ====================

(Si un elemento es incluido en el fixlist, y éste pertenece al registro, será eliminado o restaurado a su valor predeterminado.)

Tcpip\Parameters: [DhcpNameServer] 192.168.100.1
Tcpip\..\Interfaces\{2400aa9c-ee11-48eb-9677-8dedbd55def1}: [DhcpNameServer] 192.168.100.1
Tcpip\..\Interfaces\{59a324c1-d786-4b61-9961-2386f61edb7b}: [DhcpNameServer] 192.168.100.1
Tcpip\..\Interfaces\{5de44327-100c-4442-841d-dae94f4075ee}: [DhcpNameServer] 192.168.42.129

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKU\S-1-5-21-2155867228-463568385-2336883251-1001\Software\Microsoft\Internet Explorer\Main,Start Page = 
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-2155867228-463568385-2336883251-1001 -> DefaultScope {2f23ab71-4ac6-41f2-a955-ea576e553146} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE15
SearchScopes: HKU\S-1-5-21-2155867228-463568385-2336883251-1001 -> {2f23ab71-4ac6-41f2-a955-ea576e553146} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE15
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office16\OCHelper.dll [2018-07-20] (Microsoft Corporation -> Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2018-07-20] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll [2018-07-20] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2018-07-22] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2018-06-12] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2018-06-12] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2018-06-12] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2018-06-12] (Microsoft Corporation -> Microsoft Corporation)

FireFox:
========
FF DefaultProfile: typ5trjm.default
FF ProfilePath: C:\Users\Totoro\AppData\Roaming\Mozilla\Firefox\Profiles\typ5trjm.default [2020-05-06]
FF NewTab: Mozilla\Firefox\Profiles\typ5trjm.default -> hxxp://securedsearch.lavasoft.com/?pr=vmn&id=webcompa&ent=hp_WCYID10440__191227
FF Extension: (Avast SafePrice | Comparaciones, ofertas y cupones) - C:\Users\Totoro\AppData\Roaming\Mozilla\Firefox\Profiles\typ5trjm.default\Extensions\[email protected] [2020-05-05]
FF Extension: (Avast Online Security) - C:\Users\Totoro\AppData\Roaming\Mozilla\Firefox\Profiles\typ5trjm.default\Extensions\[email protected] [2020-05-05]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [Ningún archivo]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2018-07-20] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=3.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-03-05] (Adobe Inc. -> Adobe Systems Inc.)

Chrome: 
=======
CHR DefaultProfile: Profile 1
CHR Profile: C:\Users\Totoro\AppData\Local\Google\Chrome\User Data\Default [2020-05-02]
CHR DownloadDir: D:\Descargas\Navegadores
CHR StartupUrls: Default -> "hxxps://www.google.com/"
CHR Extension: (Presentaciones) - C:\Users\Totoro\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-03-30]
CHR Extension: (Documentos) - C:\Users\Totoro\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-03-30]
CHR Extension: (Google Drive) - C:\Users\Totoro\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-03-30]
CHR Extension: (YouTube) - C:\Users\Totoro\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-03-30]
CHR Extension: (Avast SafePrice | Comparaciones, ofertas y cupones) - C:\Users\Totoro\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2020-03-21]
CHR Extension: (Hojas de cálculo) - C:\Users\Totoro\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-03-30]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\Totoro\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-04-21]
CHR Extension: (Avast Online Security) - C:\Users\Totoro\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2020-03-01]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Totoro\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-09]
CHR Extension: (Gmail) - C:\Users\Totoro\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-03-30]
CHR Extension: (Chrome Media Router) - C:\Users\Totoro\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-04-29]
CHR Profile: C:\Users\Totoro\AppData\Local\Google\Chrome\User Data\Guest Profile [2020-05-06]
CHR Profile: C:\Users\Totoro\AppData\Local\Google\Chrome\User Data\Profile 1 [2020-05-06]
CHR Notifications: Profile 1 -> hxxps://www1a.moshemartin.pro; hxxps://www2a.samcunningham.pro
CHR Extension: (Presentaciones) - C:\Users\Totoro\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-03-28]
CHR Extension: (Documentos) - C:\Users\Totoro\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2020-03-28]
CHR Extension: (Google Drive) - C:\Users\Totoro\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-03-28]
CHR Extension: (YouTube) - C:\Users\Totoro\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-03-28]
CHR Extension: (Avast SafePrice | Comparaciones, ofertas y cupones) - C:\Users\Totoro\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2020-03-28]
CHR Extension: (Hojas de cálculo) - C:\Users\Totoro\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-03-28]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\Totoro\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-04-23]
CHR Extension: (Avast Online Security) - C:\Users\Totoro\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gomekmidlodglbbmalcneegieacbdmki [2020-03-28]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Totoro\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-03-28]
CHR Extension: (Gmail) - C:\Users\Totoro\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-03-28]
CHR Extension: (Chrome Media Router) - C:\Users\Totoro\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-04-23]
CHR Profile: C:\Users\Totoro\AppData\Local\Google\Chrome\User Data\System Profile [2020-05-06]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki]

==================== Servicios (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [173472 2017-01-30] (SUPERAntiSpyware.com -> SUPERAntiSpyware.com)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3374160 2020-03-04] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3103824 2020-03-04] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AMD External Events Utility; C:\WINDOWS\system32\atiesrxx.exe [246784 2019-04-02] (Microsoft Windows Hardware Compatibility Publisher -> AMD)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [5504928 2020-04-21] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [345384 2020-04-21] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [58048 2020-04-21] (Avast Software s.r.o. -> AVAST Software)
R3 Disc Soft Pro Bus Service; C:\Program Files\DAEMON Tools Pro\DiscSoftBusServicePro.exe [1841344 2017-05-17] (Disc Soft Ltd -> Disc Soft Ltd)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [6933272 2020-05-01] (Malwarebytes Inc -> Malwarebytes)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [268368 2019-04-02] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
R2 RtkBtManServ; C:\WINDOWS\RtkBtManServ.exe [726600 2019-06-25] (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [278616 2017-08-17] (Synaptics Incorporated -> Synaptics Incorporated)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1907.4-0\NisSrv.exe [2552416 2019-08-27] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1907.4-0\MsMpEng.exe [108832 2019-08-27] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Controladores (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

R3 Accelerometer; C:\WINDOWS\System32\drivers\Accelerometer.sys [53904 2019-07-22] (HP Inc. -> HP)
R0 amdide64; C:\WINDOWS\System32\drivers\amdide64.sys [13848 2019-04-02] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices Inc.)
R3 amdkmdag; C:\WINDOWS\system32\DRIVERS\atikmdag.sys [21634560 2019-04-02] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\WINDOWS\system32\DRIVERS\atikmpag.sys [665600 2019-04-02] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R0 amd_sata; C:\WINDOWS\System32\drivers\amd_sata.sys [93240 2019-04-02] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
R0 amd_xata; C:\WINDOWS\System32\drivers\amd_xata.sys [33336 2019-04-02] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [37856 2020-04-21] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [206120 2020-04-21] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [234776 2020-04-21] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [178968 2020-04-21] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [60696 2020-04-21] (Avast Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [16304 2020-03-06] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42984 2020-04-21] (Avast Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [175920 2020-04-21] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [500960 2020-04-21] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [109480 2020-04-21] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [85056 2020-04-21] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [851808 2020-04-21] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [459408 2020-04-21] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [235696 2020-04-21] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [317280 2020-04-21] (Avast Software s.r.o. -> AVAST Software)
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [107400 2019-04-02] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [231936 2019-09-12] (Microsoft Corporation) [Archivo no firmado]
R3 dtproscsibus; C:\WINDOWS\System32\drivers\dtproscsibus.sys [30264 2019-04-03] (Disc Soft Ltd -> Disc Soft Ltd)
R0 hpdskflt; C:\WINDOWS\System32\drivers\hpdskflt.sys [41104 2019-07-22] (HP Inc. -> HP)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2019-04-02] (Martin Malik - REALiX -> REALiX(tm))
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [214496 2020-05-01] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [20936 2020-05-01] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 RSP2STOR; C:\WINDOWS\System32\drivers\RtsP2Stor.sys [347576 2019-04-02] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [1137928 2019-04-02] (Realtek Semiconductor Corp. -> Realtek )
R3 RtkBtFilter; C:\WINDOWS\System32\drivers\RtkBtfilter.sys [796560 2019-06-25] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corporation)
S3 RTWlanE02; C:\WINDOWS\System32\drivers\rtwlane02.sys [9607464 2019-03-29] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corporation )
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (Support.com, Inc. -> SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (Support.com, Inc. -> SUPERAdBlocker.com and SUPERAntiSpyware.com)
R3 SmbDrv; C:\WINDOWS\System32\drivers\Smb_driver_AMDASF.sys [53848 2017-08-17] (Synaptics Incorporated -> Synaptics Incorporated)
S3 usbrndis6; C:\WINDOWS\System32\drivers\usb80236.sys [24576 2019-09-12] (Microsoft Windows -> Microsoft Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [47496 2019-08-27] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [344288 2019-08-27] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [54496 2019-08-27] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [34944 2018-05-11] (HP Inc. -> HP)

==================== NetSvcs (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)


==================== Tres meses (creado) ===================

(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)

2020-05-06 11:37 - 2020-05-06 11:37 - 000046751 ____C C:\Users\Totoro\Desktop\Shortcut.txt
2020-05-06 11:36 - 2020-05-06 11:37 - 000028506 ____C C:\Users\Totoro\Desktop\Addition.txt
2020-05-06 11:30 - 2020-05-06 11:43 - 000026883 ____C C:\Users\Totoro\Desktop\FRST.txt
2020-05-06 11:30 - 2020-05-06 11:43 - 000000000 ____D C:\FRST
2020-05-06 10:37 - 2020-05-06 10:37 - 002283520 ____C (Farbar) C:\Users\Totoro\Desktop\FRST64.exe
2020-05-05 21:31 - 2020-05-05 22:34 - 000000000 ___DC C:\Users\Totoro\Downloads\t-2rFTcIhZyX
2020-05-05 17:33 - 2020-05-06 10:59 - 000000000 ____D C:\SUPERDelete
2020-05-05 16:36 - 2020-05-06 11:28 - 000008164 ____C C:\Users\Totoro\Desktop\ZHPCleaner (S).html
2020-05-05 16:36 - 2020-05-06 11:28 - 000002082 ____C C:\Users\Totoro\Desktop\ZHPCleaner (S).txt
2020-05-05 16:00 - 2020-05-05 16:03 - 000000000 ___DC C:\Users\Totoro\Downloads\After affects 2020 Renitech____
2020-05-02 16:29 - 2020-05-02 16:32 - 000000000 ____D C:\AdwCleaner
2020-05-02 16:19 - 2020-05-02 16:19 - 008196784 ____C (Malwarebytes) C:\Users\Totoro\Downloads\adwcleaner_8.0.4.exe
2020-05-01 19:25 - 2020-05-01 19:25 - 000312367 ____C C:\Users\Totoro\Downloads\BebasNeue.zip
2020-05-01 17:22 - 2020-05-01 17:22 - 000001142 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Media Encoder 2020.lnk
2020-05-01 17:10 - 2020-05-06 11:02 - 000000000 ___DC C:\Users\Totoro\Desktop\antivirus
2020-05-01 14:05 - 2020-05-01 14:05 - 000000000 ____D C:\Users\Totoro\AppData\Local\mbam
2020-05-01 14:03 - 2020-05-01 14:03 - 000214496 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2020-05-01 14:03 - 2020-05-01 14:03 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2020-05-01 14:03 - 2020-05-01 14:03 - 000000000 ____D C:\Users\Totoro\AppData\Local\mbamtray
2020-05-01 14:02 - 2020-05-01 14:01 - 000153312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2020-05-01 14:02 - 2020-05-01 14:01 - 000020936 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2020-05-01 14:01 - 2020-05-01 14:01 - 000000000 ____D C:\ProgramData\Malwarebytes
2020-05-01 14:00 - 2020-05-01 14:00 - 001928352 ____C (Malwarebytes) C:\Users\Totoro\Downloads\MBSetup-0009996.0009996-consumer.exe
2020-05-01 14:00 - 2020-05-01 14:00 - 000000000 ____D C:\Program Files\Malwarebytes
2020-05-01 13:55 - 2020-05-01 13:55 - 003300224 ____C (Nicolas Coolman) C:\Users\Totoro\Downloads\ZHPCleaner.exe
2020-05-01 13:10 - 2020-05-06 11:00 - 000000544 _____ C:\WINDOWS\Tasks\SUPERAntiSpyware Scheduled Task f7a10302-a3ab-419a-b532-676f854bc5b3.job
2020-05-01 13:10 - 2020-05-06 11:00 - 000000544 _____ C:\WINDOWS\Tasks\SUPERAntiSpyware Scheduled Task 776dca61-53e6-46ce-bc39-2617c2de7863.job
2020-05-01 13:10 - 2020-05-05 13:18 - 000003476 _____ C:\WINDOWS\system32\Tasks\SUPERAntiSpyware Scheduled Task 776dca61-53e6-46ce-bc39-2617c2de7863
2020-05-01 13:10 - 2020-05-05 13:18 - 000003218 _____ C:\WINDOWS\system32\Tasks\SUPERAntiSpyware Scheduled Task f7a10302-a3ab-419a-b532-676f854bc5b3
2020-05-01 13:09 - 2020-05-01 13:09 - 000000000 ____D C:\Users\Totoro\AppData\Roaming\SUPERAntiSpyware.com
2020-05-01 12:49 - 2020-05-01 13:09 - 000000000 ____D C:\Program Files\SUPERAntiSpyware
2020-05-01 12:49 - 2020-05-01 12:49 - 000000000 ____D C:\ProgramData\SUPERAntiSpyware.com
2020-05-01 12:49 - 2020-05-01 12:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2020-05-01 12:47 - 2020-05-01 12:48 - 045296832 ____C (SUPERAntiSpyware) C:\Users\Totoro\Downloads\SUPERAntiSpyware.exe
2020-04-30 20:55 - 2020-04-30 20:55 - 000001130 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Premiere Pro 2020.lnk
2020-04-30 20:17 - 2020-05-06 10:16 - 000000000 ___DC C:\Users\Totoro\Downloads\07ADOVM-SFT
2020-04-30 20:14 - 2020-04-30 20:15 - 000000000 ___DC C:\Users\Totoro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JDownloader
2020-04-30 20:12 - 2020-05-06 10:17 - 000000000 ____D C:\Users\Totoro\AppData\Local\JDownloader 2.0
2020-04-30 20:12 - 2020-04-30 20:12 - 000000000 ____D C:\ProgramData\Oracle
2020-04-30 20:04 - 2020-04-30 20:06 - 045366232 ____C (AppWork GmbH) C:\Users\Totoro\Downloads\JDownloaderSetup.exe
2020-04-30 11:35 - 2020-04-21 11:30 - 000337048 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2020-04-22 16:12 - 2020-04-22 16:15 - 000000000 ___DC C:\Users\Totoro\Documents\Grabaciones de sonido
2020-04-21 11:30 - 2020-04-21 11:31 - 000500960 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetHub.sys
2020-04-21 11:30 - 2020-04-21 11:30 - 000235696 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2020-04-21 11:30 - 2020-04-21 11:30 - 000175920 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2020-04-21 00:53 - 2020-04-21 00:59 - 639074696 ____C C:\Users\Totoro\Downloads\wetransfer-513086.zip
2020-04-16 01:13 - 2020-04-16 01:13 - 000321536 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbadmin.exe
2020-04-16 01:13 - 2020-04-16 01:13 - 000179200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.XamlHost.dll
2020-04-16 01:13 - 2020-04-16 01:13 - 000135168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.XamlHost.dll
2020-04-16 01:12 - 2020-04-16 01:12 - 025444352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2020-04-16 01:12 - 2020-04-16 01:12 - 022636544 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2020-04-16 01:12 - 2020-04-16 01:12 - 019850240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2020-04-16 01:12 - 2020-04-16 01:12 - 019812864 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramWorld.dll
2020-04-16 01:12 - 2020-04-16 01:12 - 018027520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2020-04-16 01:12 - 2020-04-16 01:12 - 008013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2020-04-16 01:12 - 2020-04-16 01:12 - 007756800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2020-04-16 01:12 - 2020-04-16 01:12 - 007017472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2020-04-16 01:12 - 2020-04-16 01:12 - 006523048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2020-04-16 01:12 - 2020-04-16 01:12 - 005910016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2020-04-16 01:12 - 2020-04-16 01:12 - 004611584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2020-04-16 01:12 - 2020-04-16 01:12 - 004538880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2020-04-16 01:12 - 2020-04-16 01:12 - 004129624 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2020-04-16 01:12 - 2020-04-16 01:12 - 003742544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneCoreUAPCommonProxyStub.dll
2020-04-16 01:12 - 2020-04-16 01:12 - 003512320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2020-04-16 01:12 - 2020-04-16 01:12 - 002951832 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2020-04-16 01:12 - 2020-04-16 01:12 - 002800640 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSAT.exe
2020-04-16 01:12 - 2020-04-16 01:12 - 002800128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2020-04-16 01:12 - 2020-04-16 01:12 - 002494744 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2020-04-16 01:12 - 2020-04-16 01:12 - 002180408 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2020-04-16 01:12 - 2020-04-16 01:12 - 001870408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2020-04-16 01:12 - 2020-04-16 01:12 - 001729024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll
2020-04-16 01:12 - 2020-04-16 01:12 - 001665216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2020-04-16 01:12 - 2020-04-16 01:12 - 001610240 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2020-04-16 01:12 - 2020-04-16 01:12 - 001587712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2020-04-16 01:12 - 2020-04-16 01:12 - 001545216 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe
2020-04-16 01:12 - 2020-04-16 01:12 - 001484384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2020-04-16 01:12 - 2020-04-16 01:12 - 001477112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll
2020-04-16 01:12 - 2020-04-16 01:12 - 001458688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2020-04-16 01:12 - 2020-04-16 01:12 - 001413840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2020-04-16 01:12 - 2020-04-16 01:12 - 001397576 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2020-04-16 01:12 - 2020-04-16 01:12 - 001368576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2020-04-16 01:12 - 2020-04-16 01:12 - 001310720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2020-04-16 01:12 - 2020-04-16 01:12 - 001264640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe
2020-04-16 01:12 - 2020-04-16 01:12 - 001151816 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2020-04-16 01:12 - 2020-04-16 01:12 - 001081856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Vpn.dll
2020-04-16 01:12 - 2020-04-16 01:12 - 001077064 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2020-04-16 01:12 - 2020-04-16 01:12 - 001013000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2020-04-16 01:12 - 2020-04-16 01:12 - 001009152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2020-04-16 01:12 - 2020-04-16 01:12 - 001008128 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2020-04-16 01:12 - 2020-04-16 01:12 - 000983040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll
2020-04-16 01:12 - 2020-04-16 01:12 - 000980832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webservices.dll
2020-04-16 01:12 - 2020-04-16 01:12 - 000892416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApiPublic.dll
2020-04-16 01:12 - 2020-04-16 01:12 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windowsperformancerecordercontrol.dll
2020-04-16 01:12 - 2020-04-16 01:12 - 000836608 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2020-04-16 01:12 - 2020-04-16 01:12 - 000835584 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll
2020-04-16 01:12 - 2020-04-16 01:12 - 000785920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2020-04-16 01:12 - 2020-04-16 01:12 - 000783480 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2020-04-16 01:12 - 2020-04-16 01:12 - 000775696 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2020-04-16 01:12 - 2020-04-16 01:12 - 000768528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2020-04-16 01:12 - 2020-04-16 01:12 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2020-04-16 01:12 - 2020-04-16 01:12 - 000689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2020-04-16 01:12 - 2020-04-16 01:12 - 000686080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2020-04-16 01:12 - 2020-04-16 01:12 - 000673704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2020-04-16 01:12 - 2020-04-16 01:12 - 000673464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2020-04-16 01:12 - 2020-04-16 01:12 - 000668672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsecedit.dll
2020-04-16 01:12 - 2020-04-16 01:12 - 000665088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2020-04-16 01:12 - 2020-04-16 01:12 - 000647680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2020-04-16 01:12 - 2020-04-16 01:12 - 000555008 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2020-04-16 01:12 - 2020-04-16 01:12 - 000538160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2020-04-16 01:12 - 2020-04-16 01:12 - 000532480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2020-04-16 01:12 - 2020-04-16 01:12 - 000529408 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe
2020-04-16 01:12 - 2020-04-16 01:12 - 000525312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsecedit.dll
2020-04-16 01:12 - 2020-04-16 01:12 - 000456192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appwiz.cpl
2020-04-16 01:12 - 2020-04-16 01:12 - 000452096 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpclip.exe
2020-04-16 01:12 - 2020-04-16 01:12 - 000444416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSFlacDecoder.dll
2020-04-16 01:12 - 2020-04-16 01:12 - 000420152 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAudDecMFT.dll
2020-04-16 01:12 - 2020-04-16 01:12 - 000415760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2020-04-16 01:12 - 2020-04-16 01:12 - 000406480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Enumeration.dll
2020-04-16 01:12 - 2020-04-16 01:12 - 000381440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntshrui.dll
2020-04-16 01:12 - 2020-04-16 01:12 - 000380416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSFlacDecoder.dll
2020-04-16 01:12 - 2020-04-16 01:12 - 000353792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2020-04-16 01:12 - 2020-04-16 01:12 - 000341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2020-04-16 01:12 - 2020-04-16 01:12 - 000336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\es.dll
2020-04-16 01:12 - 2020-04-16 01:12 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2020-04-16 01:12 - 2020-04-16 01:12 - 000268008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2020-04-16 01:12 - 2020-04-16 01:12 - 000241152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msltus40.dll
2020-04-16 01:12 - 2020-04-16 01:12 - 000234496 _____ (Microsoft Corporation) C:\WINDOWS\system32\iasrad.dll
2020-04-16 01:12 - 2020-04-16 01:12 - 000227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\IndexedDbLegacy.dll
2020-04-16 01:12 - 2020-04-16 01:12 - 000225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersShell.dll
2020-04-16 01:12 - 2020-04-16 01:12 - 000214528 _____ (Microsoft Corporation) C:\WINDOWS\system32\srumsvc.dll
2020-04-16 01:12 - 2020-04-16 01:12 - 000214016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scecli.dll
2020-04-16 01:12 - 2020-04-16 01:12 - 000211256 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcbloader.dll
2020-04-16 01:12 - 2020-04-16 01:12 - 000190048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\logoncli.dll
2020-04-16 01:12 - 2020-04-16 01:12 - 000187392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iasrad.dll
2020-04-16 01:12 - 2020-04-16 01:12 - 000185952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceaccess.dll
2020-04-16 01:12 - 2020-04-16 01:12 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallServiceTasks.dll
2020-04-16 01:12 - 2020-04-16 01:12 - 000178176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srumsvc.dll
2020-04-16 01:12 - 2020-04-16 01:12 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IndexedDbLegacy.dll
2020-04-16 01:12 - 2020-04-16 01:12 - 000163840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2020-04-16 01:12 - 2020-04-16 01:12 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2020-04-16 01:12 - 2020-04-16 01:12 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
2020-04-16 01:12 - 2020-04-16 01:12 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2020-04-16 01:12 - 2020-04-16 01:12 - 000130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorageUsage.dll
2020-04-16 01:12 - 2020-04-16 01:12 - 000123952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KerbClientShared.dll
2020-04-16 01:12 - 2020-04-16 01:12 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2020-04-16 01:12 - 2020-04-16 01:12 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll
2020-04-16 01:12 - 2020-04-16 01:12 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFolders.exe
2020-04-16 01:12 - 2020-04-16 01:12 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2020-04-16 01:12 - 2020-04-16 01:12 - 000093712 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2020-04-16 01:12 - 2020-04-16 01:12 - 000090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
2020-04-16 01:12 - 2020-04-16 01:12 - 000089336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2020-04-16 01:12 - 2020-04-16 01:12 - 000087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\iasacct.dll
2020-04-16 01:12 - 2020-04-16 01:12 - 000084280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2020-04-16 01:12 - 2020-04-16 01:12 - 000071680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Custom.dll
2020-04-16 01:12 - 2020-04-16 01:12 - 000070144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll
2020-04-16 01:12 - 2020-04-16 01:12 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iasacct.dll
2020-04-16 01:12 - 2020-04-16 01:12 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\srumapi.dll
2020-04-16 01:12 - 2020-04-16 01:12 - 000050688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srumapi.dll
2020-04-16 01:12 - 2020-04-16 01:12 - 000050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\iaspolcy.dll
2020-04-16 01:12 - 2020-04-16 01:12 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf3216.dll
2020-04-16 01:12 - 2020-04-16 01:12 - 000040448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iaspolcy.dll
2020-04-16 01:12 - 2020-04-16 01:12 - 000031744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ias.dll
2020-04-16 01:12 - 2020-04-16 01:12 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cmintegrator.dll
2020-04-16 01:12 - 2020-04-16 01:12 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msimsg.dll
2020-04-16 01:12 - 2020-04-16 01:12 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimsg.dll
2020-04-16 01:12 - 2020-04-16 01:12 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ias.dll
2020-04-16 01:12 - 2020-04-16 01:12 - 000021520 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdhvcom.dll
2020-04-16 01:12 - 2020-04-16 01:12 - 000015872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Custom.ps.dll
2020-04-16 01:12 - 2020-04-16 01:12 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dciman32.dll
2020-04-16 01:12 - 2020-04-16 01:12 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DMAlertListener.ProxyStub.dll
2020-04-16 01:12 - 2020-04-16 01:12 - 000007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msimg32.dll
2020-04-16 01:12 - 2020-04-16 01:12 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\lpk.dll
2020-04-16 01:12 - 2020-04-16 01:12 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth9.bin
2020-04-16 01:12 - 2020-04-16 01:12 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2020-04-16 01:12 - 2020-04-16 01:12 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2020-04-16 01:12 - 2020-04-16 01:12 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2020-04-16 01:12 - 2020-04-16 01:12 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2020-04-16 01:12 - 2020-04-16 01:12 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2020-04-16 01:12 - 2020-04-16 01:12 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2020-04-16 01:12 - 2020-04-16 01:12 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2020-04-16 01:12 - 2020-04-16 01:12 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth12.bin
2020-04-16 01:12 - 2020-04-16 01:12 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth11.bin
2020-04-16 01:12 - 2020-04-16 01:12 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth10.bin
2020-04-16 01:12 - 2020-04-16 01:12 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2020-04-16 01:11 - 2020-04-16 01:12 - 014818816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2020-04-16 01:11 - 2020-04-16 01:11 - 009930552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2020-04-16 01:11 - 2020-04-16 01:11 - 007604584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2020-04-16 01:11 - 2020-04-16 01:11 - 006168064 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2020-04-16 01:11 - 2020-04-16 01:11 - 005040640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2020-04-16 01:11 - 2020-04-16 01:11 - 004563200 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2020-04-16 01:11 - 2020-04-16 01:11 - 003802624 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2020-04-16 01:11 - 2020-04-16 01:11 - 003753472 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2020-04-16 01:11 - 2020-04-16 01:11 - 003729408 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2020-04-16 01:11 - 2020-04-16 01:11 - 003547648 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2020-04-16 01:11 - 2020-04-16 01:11 - 003109376 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2020-04-16 01:11 - 2020-04-16 01:11 - 002986808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2020-04-16 01:11 - 2020-04-16 01:11 - 002871608 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2020-04-16 01:11 - 2020-04-16 01:11 - 002767928 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2020-04-16 01:11 - 2020-04-16 01:11 - 002717184 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2020-04-16 01:11 - 2020-04-16 01:11 - 002453504 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll
2020-04-16 01:11 - 2020-04-16 01:11 - 002086656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2020-04-16 01:11 - 2020-04-16 01:11 - 001999960 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2020-04-16 01:11 - 2020-04-16 01:11 - 001945600 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2020-04-16 01:11 - 2020-04-16 01:11 - 001918976 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2020-04-16 01:11 - 2020-04-16 01:11 - 001835008 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2020-04-16 01:11 - 2020-04-16 01:11 - 001764336 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2020-04-16 01:11 - 2020-04-16 01:11 - 001757096 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2020-04-16 01:11 - 2020-04-16 01:11 - 001726264 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2020-04-16 01:11 - 2020-04-16 01:11 - 001697792 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2020-04-16 01:11 - 2020-04-16 01:11 - 001664896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2020-04-16 01:11 - 2020-04-16 01:11 - 001656904 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2020-04-16 01:11 - 2020-04-16 01:11 - 001646048 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2020-04-16 01:11 - 2020-04-16 01:11 - 001612800 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2020-04-16 01:11 - 2020-04-16 01:11 - 001603584 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2020-04-16 01:11 - 2020-04-16 01:11 - 001512832 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2020-04-16 01:11 - 2020-04-16 01:11 - 001480192 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocoreworker.exe
2020-04-16 01:11 - 2020-04-16 01:11 - 001427456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Vpn.dll
2020-04-16 01:11 - 2020-04-16 01:11 - 001378528 _____ (Microsoft Corporation) C:\WINDOWS\system32\webservices.dll
2020-04-16 01:11 - 2020-04-16 01:11 - 001368576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll
2020-04-16 01:11 - 2020-04-16 01:11 - 001318912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2020-04-16 01:11 - 2020-04-16 01:11 - 001300280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2020-04-16 01:11 - 2020-04-16 01:11 - 001261808 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2020-04-16 01:11 - 2020-04-16 01:11 - 001257472 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2020-04-16 01:11 - 2020-04-16 01:11 - 001245184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2020-04-16 01:11 - 2020-04-16 01:11 - 001243648 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2020-04-16 01:11 - 2020-04-16 01:11 - 001153024 _____ (Microsoft Corporation) C:\WINDOWS\system32\windowsperformancerecordercontrol.dll
2020-04-16 01:11 - 2020-04-16 01:11 - 001136128 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll
2020-04-16 01:11 - 2020-04-16 01:11 - 001083904 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2020-04-16 01:11 - 2020-04-16 01:11 - 001055376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2020-04-16 01:11 - 2020-04-16 01:11 - 001011200 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2020-04-16 01:11 - 2020-04-16 01:11 - 000993280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSWorkspace.dll
2020-04-16 01:11 - 2020-04-16 01:11 - 000982840 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2020-04-16 01:11 - 2020-04-16 01:11 - 000974336 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2020-04-16 01:11 - 2020-04-16 01:11 - 000924672 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2020-04-16 01:11 - 2020-04-16 01:11 - 000923136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2020-04-16 01:11 - 2020-04-16 01:11 - 000915192 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2020-04-16 01:11 - 2020-04-16 01:11 - 000912896 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2020-04-16 01:11 - 2020-04-16 01:11 - 000874296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2020-04-16 01:11 - 2020-04-16 01:11 - 000865280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2020-04-16 01:11 - 2020-04-16 01:11 - 000865280 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2020-04-16 01:11 - 2020-04-16 01:11 - 000840704 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Language.dll
2020-04-16 01:11 - 2020-04-16 01:11 - 000822208 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2020-04-16 01:11 - 2020-04-16 01:11 - 000811320 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2020-04-16 01:11 - 2020-04-16 01:11 - 000772096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2020-04-16 01:11 - 2020-04-16 01:11 - 000759272 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskschd.dll
2020-04-16 01:11 - 2020-04-16 01:11 - 000747320 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2020-04-16 01:11 - 2020-04-16 01:11 - 000729600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FlightSettings.dll
2020-04-16 01:11 - 2020-04-16 01:11 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BTAGService.dll
2020-04-16 01:11 - 2020-04-16 01:11 - 000684560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2020-04-16 01:11 - 2020-04-16 01:11 - 000638480 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2020-04-16 01:11 - 2020-04-16 01:11 - 000632832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2020-04-16 01:11 - 2020-04-16 01:11 - 000629760 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll
2020-04-16 01:11 - 2020-04-16 01:11 - 000628616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2020-04-16 01:11 - 2020-04-16 01:11 - 000618296 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2020-04-16 01:11 - 2020-04-16 01:11 - 000605184 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2020-04-16 01:11 - 2020-04-16 01:11 - 000604984 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2020-04-16 01:11 - 2020-04-16 01:11 - 000595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2020-04-16 01:11 - 2020-04-16 01:11 - 000561464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2020-04-16 01:11 - 2020-04-16 01:11 - 000550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2020-04-16 01:11 - 2020-04-16 01:11 - 000530432 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2020-04-16 01:11 - 2020-04-16 01:11 - 000516096 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2020-04-16 01:11 - 2020-04-16 01:11 - 000515600 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2020-04-16 01:11 - 2020-04-16 01:11 - 000513576 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2020-04-16 01:11 - 2020-04-16 01:11 - 000510792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64win.dll
2020-04-16 01:11 - 2020-04-16 01:11 - 000507152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskschd.dll
2020-04-16 01:11 - 2020-04-16 01:11 - 000498688 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll
2020-04-16 01:11 - 2020-04-16 01:11 - 000497152 _____ (Microsoft Corporation) 

continuación

C:\WINDOWS\system32\wuuhext.dll
2020-04-16 01:11 - 2020-04-16 01:11 - 000491008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppcext.dll
2020-04-16 01:11 - 2020-04-16 01:11 - 000487784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\advapi32.dll
2020-04-16 01:11 - 2020-04-16 01:11 - 000477496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2020-04-16 01:11 - 2020-04-16 01:11 - 000465208 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2020-04-16 01:11 - 2020-04-16 01:11 - 000459688 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2020-04-16 01:11 - 2020-04-16 01:11 - 000456504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2020-04-16 01:11 - 2020-04-16 01:11 - 000441144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2020-04-16 01:11 - 2020-04-16 01:11 - 000410112 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2020-04-16 01:11 - 2020-04-16 01:11 - 000408064 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2020-04-16 01:11 - 2020-04-16 01:11 - 000401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\es.dll
2020-04-16 01:11 - 2020-04-16 01:11 - 000374784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncbservice.dll
2020-04-16 01:11 - 2020-04-16 01:11 - 000355840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicSvc.dll
2020-04-16 01:11 - 2020-04-16 01:11 - 000343552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpr.exe
2020-04-16 01:11 - 2020-04-16 01:11 - 000330240 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
2020-04-16 01:11 - 2020-04-16 01:11 - 000324408 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2020-04-16 01:11 - 2020-04-16 01:11 - 000323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcommdlg.dll
2020-04-16 01:11 - 2020-04-16 01:11 - 000285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicCapsule.dll
2020-04-16 01:11 - 2020-04-16 01:11 - 000277864 _____ (Microsoft Corporation) C:\WINDOWS\system32\LsaIso.exe
2020-04-16 01:11 - 2020-04-16 01:11 - 000277504 _____ (Microsoft Corporation) C:\WINDOWS\system32\scecli.dll
2020-04-16 01:11 - 2020-04-16 01:11 - 000259776 _____ (Microsoft Corporation) C:\WINDOWS\system32\logoncli.dll
2020-04-16 01:11 - 2020-04-16 01:11 - 000259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\VPNv2CSP.dll
2020-04-16 01:11 - 2020-04-16 01:11 - 000256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateDeploymentProvider.dll
2020-04-16 01:11 - 2020-04-16 01:11 - 000251704 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinesam.dll
2020-04-16 01:11 - 2020-04-16 01:11 - 000241152 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanagerprecheck.dll
2020-04-16 01:11 - 2020-04-16 01:11 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallServiceTasks.dll
2020-04-16 01:11 - 2020-04-16 01:11 - 000203264 _____ (Microsoft Corporation) C:\WINDOWS\system32\LanguageComponentsInstaller.dll
2020-04-16 01:11 - 2020-04-16 01:11 - 000200192 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2020-04-16 01:11 - 2020-04-16 01:11 - 000197632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Win32CompatibilityAppraiserCSP.dll
2020-04-16 01:11 - 2020-04-16 01:11 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2020-04-16 01:11 - 2020-04-16 01:11 - 000178192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2020-04-16 01:11 - 2020-04-16 01:11 - 000164368 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2020-04-16 01:11 - 2020-04-16 01:11 - 000152408 _____ (Microsoft Corporation) C:\WINDOWS\system32\KerbClientShared.dll
2020-04-16 01:11 - 2020-04-16 01:11 - 000147696 _____ (Microsoft Corporation) C:\WINDOWS\system32\smss.exe
2020-04-16 01:11 - 2020-04-16 01:11 - 000142544 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingUI.exe
2020-04-16 01:11 - 2020-04-16 01:11 - 000140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\slc.dll
2020-04-16 01:11 - 2020-04-16 01:11 - 000136192 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppc.dll
2020-04-16 01:11 - 2020-04-16 01:11 - 000127280 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2020-04-16 01:11 - 2020-04-16 01:11 - 000125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2020-04-16 01:11 - 2020-04-16 01:11 - 000122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\samlib.dll
2020-04-16 01:11 - 2020-04-16 01:11 - 000118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\slc.dll
2020-04-16 01:11 - 2020-04-16 01:11 - 000115120 _____ (Microsoft Corporation) C:\WINDOWS\system32\phoneactivate.exe
2020-04-16 01:11 - 2020-04-16 01:11 - 000105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\utcutil.dll
2020-04-16 01:11 - 2020-04-16 01:11 - 000102216 _____ (Microsoft Corporation) C:\WINDOWS\system32\changepk.exe
2020-04-16 01:11 - 2020-04-16 01:11 - 000101888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppc.dll
2020-04-16 01:11 - 2020-04-16 01:11 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicAgent.exe
2020-04-16 01:11 - 2020-04-16 01:11 - 000087552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dot3api.dll
2020-04-16 01:11 - 2020-04-16 01:11 - 000087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dot3msm.dll
2020-04-16 01:11 - 2020-04-16 01:11 - 000071480 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll
2020-04-16 01:11 - 2020-04-16 01:11 - 000070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\keepaliveprovider.dll
2020-04-16 01:11 - 2020-04-16 01:11 - 000066624 _____ (Microsoft Corporation) C:\WINDOWS\system32\iumcrypt.dll
2020-04-16 01:11 - 2020-04-16 01:11 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcadm.dll
2020-04-16 01:11 - 2020-04-16 01:11 - 000060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
2020-04-16 01:11 - 2020-04-16 01:11 - 000058880 _____ C:\WINDOWS\system32\runexehelper.exe
2020-04-16 01:11 - 2020-04-16 01:11 - 000057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2020-04-16 01:11 - 2020-04-16 01:11 - 000051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcalua.exe
2020-04-16 01:11 - 2020-04-16 01:11 - 000050544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudNotifications.exe
2020-04-16 01:11 - 2020-04-16 01:11 - 000049152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tbauth.dll
2020-04-16 01:11 - 2020-04-16 01:11 - 000047000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2020-04-16 01:11 - 2020-04-16 01:11 - 000045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\cmintegrator.dll
2020-04-16 01:11 - 2020-04-16 01:11 - 000043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpgradeResultsUI.exe
2020-04-16 01:11 - 2020-04-16 01:11 - 000036152 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2020-04-16 01:11 - 2020-04-16 01:11 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\sxssrv.dll
2020-04-16 01:11 - 2020-04-16 01:11 - 000033080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hwpolicy.sys
2020-04-16 01:11 - 2020-04-16 01:11 - 000031744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wksprtPS.dll
2020-04-16 01:11 - 2020-04-16 01:11 - 000029184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerCookies.exe
2020-04-16 01:11 - 2020-04-16 01:11 - 000028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicPS.dll
2020-04-16 01:11 - 2020-04-16 01:11 - 000022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\slcext.dll
2020-04-16 01:11 - 2020-04-16 01:11 - 000022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\sbservicetrigger.dll
2020-04-16 01:11 - 2020-04-16 01:11 - 000019968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\slcext.dll
2020-04-16 01:11 - 2020-04-16 01:11 - 000017920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wksprtPS.dll
2020-04-16 01:11 - 2020-04-16 01:11 - 000017920 _____ (Microsoft Corporation) C:\WINDOWS\system32\icsunattend.exe
2020-04-16 01:11 - 2020-04-16 01:11 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\dciman32.dll
2020-04-16 01:11 - 2020-04-16 01:11 - 000012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcaevts.dll
2020-04-16 01:11 - 2020-04-16 01:11 - 000012288 _____ (Microsoft Corporation) C:\WINDOWS\system32\pacjsworker.exe
2020-04-16 01:11 - 2020-04-16 01:11 - 000010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMAlertListener.ProxyStub.dll
2020-04-16 01:11 - 2020-04-16 01:11 - 000008192 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimg32.dll
2020-04-16 01:11 - 2020-04-16 01:11 - 000003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpk.dll
2020-04-16 01:10 - 2020-04-16 01:10 - 017790464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2020-04-16 01:10 - 2020-04-16 01:10 - 007849216 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2020-04-16 01:10 - 2020-04-16 01:10 - 003708928 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2020-04-16 01:10 - 2020-04-16 01:10 - 003587384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2020-04-16 01:10 - 2020-04-16 01:10 - 002131456 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcDesktopMonSvc.dll
2020-04-16 01:10 - 2020-04-16 01:10 - 002126144 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2020-04-16 01:10 - 2020-04-16 01:10 - 002114560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
2020-04-16 01:10 - 2020-04-16 01:10 - 001960448 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2020-04-16 01:10 - 2020-04-16 01:10 - 001942528 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2020-04-16 01:10 - 2020-04-16 01:10 - 001783296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2020-04-16 01:10 - 2020-04-16 01:10 - 001762816 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2020-04-16 01:10 - 2020-04-16 01:10 - 001719808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
2020-04-16 01:10 - 2020-04-16 01:10 - 001497600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2020-04-16 01:10 - 2020-04-16 01:10 - 001413704 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2020-04-16 01:10 - 2020-04-16 01:10 - 001263856 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2020-04-16 01:10 - 2020-04-16 01:10 - 001180672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2020-04-16 01:10 - 2020-04-16 01:10 - 001127424 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcRefreshTask.dll
2020-04-16 01:10 - 2020-04-16 01:10 - 001071616 _____ (Microsoft Corporation) C:\WINDOWS\system32\BTAGService.dll
2020-04-16 01:10 - 2020-04-16 01:10 - 000893952 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll
2020-04-16 01:10 - 2020-04-16 01:10 - 000879616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Service.dll
2020-04-16 01:10 - 2020-04-16 01:10 - 000735744 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2020-04-16 01:10 - 2020-04-16 01:10 - 000722072 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2020-04-16 01:10 - 2020-04-16 01:10 - 000654912 _____ (Microsoft Corporation) C:\WINDOWS\system32\advapi32.dll
2020-04-16 01:10 - 2020-04-16 01:10 - 000637240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2020-04-16 01:10 - 2020-04-16 01:10 - 000589384 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2020-04-16 01:10 - 2020-04-16 01:10 - 000524264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Enumeration.dll
2020-04-16 01:10 - 2020-04-16 01:10 - 000469504 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2020-04-16 01:10 - 2020-04-16 01:10 - 000437560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2020-04-16 01:10 - 2020-04-16 01:10 - 000416016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2020-04-16 01:10 - 2020-04-16 01:10 - 000355328 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcApi.dll
2020-04-16 01:10 - 2020-04-16 01:10 - 000339304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2020-04-16 01:10 - 2020-04-16 01:10 - 000297272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2020-04-16 01:10 - 2020-04-16 01:10 - 000278016 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcTok.exe
2020-04-16 01:10 - 2020-04-16 01:10 - 000268288 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3svc.dll
2020-04-16 01:10 - 2020-04-16 01:10 - 000265216 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2020-04-16 01:10 - 2020-04-16 01:10 - 000251392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winnat.sys
2020-04-16 01:10 - 2020-04-16 01:10 - 000231912 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll
2020-04-16 01:10 - 2020-04-16 01:10 - 000193848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2020-04-16 01:10 - 2020-04-16 01:10 - 000169472 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpatialAudioLicenseSrv.exe
2020-04-16 01:10 - 2020-04-16 01:10 - 000158720 _____ (Microsoft Corporation) C:\WINDOWS\system32\umpo.dll
2020-04-16 01:10 - 2020-04-16 01:10 - 000151352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\scmbus.sys
2020-04-16 01:10 - 2020-04-16 01:10 - 000129024 _____ (Microsoft Corporation) C:\WINDOWS\system32\UtcDecoderHost.exe
2020-04-16 01:10 - 2020-04-16 01:10 - 000108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanprotdim.dll
2020-04-16 01:10 - 2020-04-16 01:10 - 000103936 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3msm.dll
2020-04-16 01:10 - 2020-04-16 01:10 - 000096768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Custom.dll
2020-04-16 01:10 - 2020-04-16 01:10 - 000092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3api.dll
2020-04-16 01:10 - 2020-04-16 01:10 - 000089912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volmgr.sys
2020-04-16 01:10 - 2020-04-16 01:10 - 000088352 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll
2020-04-16 01:10 - 2020-04-16 01:10 - 000076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\autopilot.dll
2020-04-16 01:10 - 2020-04-16 01:10 - 000070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.EnrollmentStatusTracking.ConfigProvider.dll
2020-04-16 01:10 - 2020-04-16 01:10 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\tbauth.dll
2020-04-16 01:10 - 2020-04-16 01:10 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudNotifications.exe
2020-04-16 01:10 - 2020-04-16 01:10 - 000059192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storufs.sys
2020-04-16 01:10 - 2020-04-16 01:10 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\audioresourceregistrar.dll
2020-04-16 01:10 - 2020-04-16 01:10 - 000044032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.Common.dll
2020-04-16 01:10 - 2020-04-16 01:10 - 000043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiredNetworkCSP.dll
2020-04-16 01:10 - 2020-04-16 01:10 - 000039424 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcProxyStubs.dll
2020-04-16 01:10 - 2020-04-16 01:10 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerCookies.exe
2020-04-16 01:10 - 2020-04-16 01:10 - 000030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\KNetPwrDepBroker.sys
2020-04-16 01:10 - 2020-04-16 01:10 - 000028160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\flpydisk.sys
2020-04-16 01:10 - 2020-04-16 01:10 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Custom.ps.dll
2020-04-16 01:10 - 2020-04-16 01:10 - 000018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sfloppy.sys
2020-04-16 00:56 - 2020-04-16 00:56 - 000492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2020-04-16 00:56 - 2020-04-16 00:56 - 000390656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2020-04-13 19:03 - 2020-04-13 19:03 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2020-04-11 14:03 - 2020-04-16 20:18 - 000000000 ____D C:\Program Files\Mozilla Firefox
2020-04-06 19:27 - 2020-04-19 21:18 - 000000000 ____D C:\Users\Totoro\AppData\Roaming\obs-studio
2020-04-06 19:27 - 2020-04-06 19:27 - 000001052 _____ C:\Users\Public\Desktop\OBS Studio.lnk
2020-04-06 19:27 - 2020-04-06 19:27 - 000000000 ____D C:\ProgramData\obs-studio-hook
2020-04-06 19:27 - 2020-04-06 19:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OBS Studio
2020-04-06 19:26 - 2020-04-06 19:27 - 000000000 ____D C:\Program Files\obs-studio
2020-04-06 19:07 - 2020-04-06 19:07 - 000000000 ____D C:\ProgramData\Wondershare
2020-04-06 19:06 - 2020-04-07 19:57 - 000000000 ____D C:\ProgramData\Wondershare Filmora Scrn
2020-04-06 19:06 - 2020-04-07 19:57 - 000000000 ____D C:\Program Files\Wondershare
2020-04-06 19:06 - 2020-04-06 19:06 - 000000000 ____D C:\Users\Totoro\AppData\Local\Wondershare
2020-04-06 19:05 - 2020-04-06 19:06 - 000000000 ____D C:\Users\Public\Documents\Wondershare
2020-04-06 00:01 - 2020-04-06 00:03 - 000000000 ____D C:\Users\Totoro\AppData\Roaming\DuAEF
2020-04-05 23:36 - 2020-04-05 23:36 - 000000000 ____D C:\Users\Totoro\AppData\Local\ElevatedDiagnostics
2020-03-31 20:49 - 2020-03-31 20:56 - 000000000 ____D C:\Users\Totoro\AppData\Roaming\MAXON
2020-03-30 18:29 - 2020-03-30 18:29 - 000000000 ____C C:\Users\Totoro\Documents\ae_force_english.txt.txt
2020-03-29 18:16 - 2020-03-29 18:16 - 000000000 ____D C:\Users\Totoro\AppData\Local\Imagineer
Systems Ltd
2020-03-28 00:17 - 2020-03-28 00:20 - 000000000 ____D C:\Users\Totoro\AppData\Roaming\AnyDesk
2020-03-15 19:04 - 2020-05-02 18:18 - 000000000 ___DC C:\Users\Totoro\AppData\LocalLow\uTorrent
2020-03-12 19:07 - 2020-03-12 19:07 - 011607552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2020-03-12 19:07 - 2020-03-12 19:07 - 009711616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2020-03-12 19:06 - 2020-03-12 19:06 - 025900544 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2020-03-12 19:06 - 2020-03-12 19:06 - 007259648 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2020-03-12 19:06 - 2020-03-12 19:06 - 006285312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2020-03-12 19:06 - 2020-03-12 19:06 - 006084344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2020-03-12 19:06 - 2020-03-12 19:06 - 005764664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2020-03-12 19:06 - 2020-03-12 19:06 - 004855808 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2020-03-12 19:06 - 2020-03-12 19:06 - 004348408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.dll
2020-03-12 19:06 - 2020-03-12 19:06 - 003860832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmpltfm.dll
2020-03-12 19:06 - 2020-03-12 19:06 - 003819520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2020-03-12 19:06 - 2020-03-12 19:06 - 003243296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.dll
2020-03-12 19:06 - 2020-03-12 19:06 - 002875904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2020-03-12 19:06 - 2020-03-12 19:06 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2020-03-12 19:06 - 2020-03-12 19:06 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2020-03-12 19:06 - 2020-03-12 19:06 - 002740736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\directml.dll
2020-03-12 19:06 - 2020-03-12 19:06 - 002584008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2020-03-12 19:06 - 2020-03-12 19:06 - 002561536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2020-03-12 19:06 - 2020-03-12 19:06 - 002315680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2020-03-12 19:06 - 2020-03-12 19:06 - 002307584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2020-03-12 19:06 - 2020-03-12 19:06 - 002305536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2020-03-12 19:06 - 2020-03-12 19:06 - 002259872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2020-03-12 19:06 - 2020-03-12 19:06 - 002224952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2020-03-12 19:06 - 2020-03-12 19:06 - 002072664 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2020-03-12 19:06 - 2020-03-12 19:06 - 002031104 _____ C:\WINDOWS\system32\rdpnano.dll
2020-03-12 19:06 - 2020-03-12 19:06 - 002021888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2020-03-12 19:06 - 2020-03-12 19:06 - 001985104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2020-03-12 19:06 - 2020-03-12 19:06 - 001835128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2020-03-12 19:06 - 2020-03-12 19:06 - 001770552 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2020-03-12 19:06 - 2020-03-12 19:06 - 001684992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2020-03-12 19:06 - 2020-03-12 19:06 - 001555904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2020-03-12 19:06 - 2020-03-12 19:06 - 001540096 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2020-03-12 19:06 - 2020-03-12 19:06 - 001490640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2020-03-12 19:06 - 2020-03-12 19:06 - 001417976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2020-03-12 19:06 - 2020-03-12 19:06 - 001319936 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2020-03-12 19:06 - 2020-03-12 19:06 - 001284096 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2020-03-12 19:06 - 2020-03-12 19:06 - 001283600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2020-03-12 19:06 - 2020-03-12 19:06 - 001282944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfreadwrite.dll
2020-03-12 19:06 - 2020-03-12 19:06 - 001273856 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2020-03-12 19:06 - 2020-03-12 19:06 - 001264128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2020-03-12 19:06 - 2020-03-12 19:06 - 001260544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpsharercom.dll
2020-03-12 19:06 - 2020-03-12 19:06 - 001218632 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2020-03-12 19:06 - 2020-03-12 19:06 - 001214976 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2020-03-12 19:06 - 2020-03-12 19:06 - 001190912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Graphics.Display.DisplayEnhancementService.dll
2020-03-12 19:06 - 2020-03-12 19:06 - 001108040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2020-03-12 19:06 - 2020-03-12 19:06 - 001098720 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2020-03-12 19:06 - 2020-03-12 19:06 - 001088000 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2020-03-12 19:06 - 2020-03-12 19:06 - 001080832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2020-03-12 19:06 - 2020-03-12 19:06 - 001031680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsPrint.dll
2020-03-12 19:06 - 2020-03-12 19:06 - 001007672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2020-03-12 19:06 - 2020-03-12 19:06 - 001000960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.Internal.dll
2020-03-12 19:06 - 2020-03-12 19:06 - 000980320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmpal.dll
2020-03-12 19:06 - 2020-03-12 19:06 - 000952416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DolbyDecMFT.dll
2020-03-12 19:06 - 2020-03-12 19:06 - 000935040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Taskmgr.exe
2020-03-12 19:06 - 2020-03-12 19:06 - 000923136 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2020-03-12 19:06 - 2020-03-12 19:06 - 000915296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmcodecs.dll
2020-03-12 19:06 - 2020-03-12 19:06 - 000895488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2020-03-12 19:06 - 2020-03-12 19:06 - 000892696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2020-03-12 19:06 - 2020-03-12 19:06 - 000883712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2020-03-12 19:06 - 2020-03-12 19:06 - 000843776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2020-03-12 19:06 - 2020-03-12 19:06 - 000776488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2020-03-12 19:06 - 2020-03-12 19:06 - 000757632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfreadwrite.dll
2020-03-12 19:06 - 2020-03-12 19:06 - 000748032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.OnlineId.dll
2020-03-12 19:06 - 2020-03-12 19:06 - 000732000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ortcengine.dll
2020-03-12 19:06 - 2020-03-12 19:06 - 000710144 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbc32.dll
2020-03-12 19:06 - 2020-03-12 19:06 - 000705536 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2020-03-12 19:06 - 2020-03-12 19:06 - 000691712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2020-03-12 19:06 - 2020-03-12 19:06 - 000680184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2020-03-12 19:06 - 2020-03-12 19:06 - 000670720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2020-03-12 19:06 - 2020-03-12 19:06 - 000669496 _____ (Microsoft Corporation) C:\WINDOWS\system32\computecore.dll
2020-03-12 19:06 - 2020-03-12 19:06 - 000667136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2020-03-12 19:06 - 2020-03-12 19:06 - 000654336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uReFS.dll
2020-03-12 19:06 - 2020-03-12 19:06 - 000604160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbc32.dll
2020-03-12 19:06 - 2020-03-12 19:06 - 000599552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2020-03-12 19:06 - 2020-03-12 19:06 - 000592896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2020-03-12 19:06 - 2020-03-12 19:06 - 000562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2020-03-12 19:06 - 2020-03-12 19:06 - 000526848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidprov.dll
2020-03-12 19:06 - 2020-03-12 19:06 - 000516096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iprtrmgr.dll
2020-03-12 19:06 - 2020-03-12 19:06 - 000510768 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2020-03-12 19:06 - 2020-03-12 19:06 - 000469504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2020-03-12 19:06 - 2020-03-12 19:06 - 000455168 _____ (Microsoft Corporation) C:\WINDOWS\system32\upnphost.dll
2020-03-12 19:06 - 2020-03-12 19:06 - 000403456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mprdim.dll
2020-03-12 19:06 - 2020-03-12 19:06 - 000358912 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmsvc.dll
2020-03-12 19:06 - 2020-03-12 19:06 - 000336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2020-03-12 19:06 - 2020-03-12 19:06 - 000328192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\upnphost.dll
2020-03-12 19:06 - 2020-03-12 19:06 - 000327680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2020-03-12 19:06 - 2020-03-12 19:06 - 000307712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2020-03-12 19:06 - 2020-03-12 19:06 - 000299520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2020-03-12 19:06 - 2020-03-12 19:06 - 000287744 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSFlacEncoder.dll
2020-03-12 19:06 - 2020-03-12 19:06 - 000283136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2020-03-12 19:06 - 2020-03-12 19:06 - 000279040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2020-03-12 19:06 - 2020-03-12 19:06 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2020-03-12 19:06 - 2020-03-12 19:06 - 000251392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsDocumentTargetPrint.dll
2020-03-12 19:06 - 2020-03-12 19:06 - 000239616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSFlacEncoder.dll
2020-03-12 19:06 - 2020-03-12 19:06 - 000235520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmWmiPl.dll
2020-03-12 19:06 - 2020-03-12 19:06 - 000211968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFilterHost.exe
2020-03-12 19:06 - 2020-03-12 19:06 - 000199480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2020-03-12 19:06 - 2020-03-12 19:06 - 000193592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\weretw.dll
2020-03-12 19:06 - 2020-03-12 19:06 - 000183808 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngOnline.dll
2020-03-12 19:06 - 2020-03-12 19:06 - 000166400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MicrosoftAccountTokenProvider.dll
2020-03-12 19:06 - 2020-03-12 19:06 - 000161792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtm.dll
2020-03-12 19:06 - 2020-03-12 19:06 - 000160768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2020-03-12 19:06 - 2020-03-12 19:06 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\notepad.exe
2020-03-12 19:06 - 2020-03-12 19:06 - 000148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2020-03-12 19:06 - 2020-03-12 19:06 - 000136328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\omadmapi.dll
2020-03-12 19:06 - 2020-03-12 19:06 - 000130112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmcmnutils.dll
2020-03-12 19:06 - 2020-03-12 19:06 - 000123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
2020-03-12 19:06 - 2020-03-12 19:06 - 000120560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\profext.dll
2020-03-12 19:06 - 2020-03-12 19:06 - 000113152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssitlb.dll
2020-03-12 19:06 - 2020-03-12 19:06 - 000107520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GraphicsCapture.dll
2020-03-12 19:06 - 2020-03-12 19:06 - 000105832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpenWith.exe
2020-03-12 19:06 - 2020-03-12 19:06 - 000097080 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2020-03-12 19:06 - 2020-03-12 19:06 - 000092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll
2020-03-12 19:06 - 2020-03-12 19:06 - 000078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvSysprep.dll
2020-03-12 19:06 - 2020-03-12 19:06 - 000074752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\asycfilt.dll
2020-03-12 19:06 - 2020-03-12 19:06 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\udhisapi.dll
2020-03-12 19:06 - 2020-03-12 19:06 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSManMigrationPlugin.dll
2020-03-12 19:06 - 2020-03-12 19:06 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\enterpriseresourcemanager.dll
2020-03-12 19:06 - 2020-03-12 19:06 - 000065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2020-03-12 19:06 - 2020-03-12 19:06 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iemigplugin.dll
2020-03-12 19:06 - 2020-03-12 19:06 - 000061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmRes.dll
2020-03-12 19:06 - 2020-03-12 19:06 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssprxy.dll
2020-03-12 19:06 - 2020-03-12 19:06 - 000058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\udhisapi.dll
2020-03-12 19:06 - 2020-03-12 19:06 - 000055376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmmvrortc.dll
2020-03-12 19:06 - 2020-03-12 19:06 - 000048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmapi.dll
2020-03-12 19:06 - 2020-03-12 19:06 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msscntrs.dll
2020-03-12 19:06 - 2020-03-12 19:06 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2020-03-12 19:06 - 2020-03-12 19:06 - 000042296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SysResetErr.exe
2020-03-12 19:06 - 2020-03-12 19:06 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\upnpcont.exe
2020-03-12 19:06 - 2020-03-12 19:06 - 000038912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werdiagcontroller.dll
2020-03-12 19:06 - 2020-03-12 19:06 - 000037888 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmtask.exe
2020-03-12 19:06 - 2020-03-12 19:06 - 000037376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsmprovhost.exe
2020-03-12 19:06 - 2020-03-12 19:06 - 000036352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSManHTTPConfig.exe
2020-03-12 19:06 - 2020-03-12 19:06 - 000035328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\upnpcont.exe
2020-03-12 19:06 - 2020-03-12 19:06 - 000032056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpvideominiport.sys
2020-03-12 19:06 - 2020-03-12 19:06 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Drivers\afunix.sys
2020-03-12 19:06 - 2020-03-12 19:06 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmAgent.dll
2020-03-12 19:06 - 2020-03-12 19:06 - 000019768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.exe
2020-03-12 19:06 - 2020-03-12 19:06 - 000018944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msauserext.dll
2020-03-12 19:06 - 2020-03-12 19:06 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsmplpxy.dll
2020-03-12 19:06 - 2020-03-12 19:06 - 000010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchTM.exe
2020-03-12 19:06 - 2020-03-12 19:06 - 000009216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iprtprio.dll
2020-03-12 19:05 - 2020-03-12 19:05 - 007905784 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2020-03-12 19:05 - 2020-03-12 19:05 - 007263992 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2020-03-12 19:05 - 2020-03-12 19:05 - 006436352 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2020-03-12 19:05 - 2020-03-12 19:05 - 005112832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2020-03-12 19:05 - 2020-03-12 19:05 - 004898144 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmpltfm.dll
2020-03-12 19:05 - 2020-03-12 19:05 - 004622280 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2020-03-12 19:05 - 2020-03-12 19:05 - 004471296 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2020-03-12 19:05 - 2020-03-12 19:05 - 004140544 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2020-03-12 19:05 - 2020-03-12 19:05 - 004048896 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2020-03-12 19:05 - 2020-03-12 19:05 - 003971808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2020-03-12 19:05 - 2020-03-12 19:05 - 003371720 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2020-03-12 19:05 - 2020-03-12 19:05 - 003263488 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2020-03-12 19:05 - 2020-03-12 19:05 - 003260928 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2020-03-12 19:05 - 2020-03-12 19:05 - 003143168 _____ (Microsoft Corporation) C:\WINDOWS\system32\directml.dll
2020-03-12 19:05 - 2020-03-12 19:05 - 002870272 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2020-03-12 19:05 - 2020-03-12 19:05 - 002808832 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2020-03-12 19:05 - 2020-03-12 19:05 - 002773568 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2020-03-12 19:05 - 2020-03-12 19:05 - 002698040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2020-03-12 19:05 - 2020-03-12 19:05 - 002522112 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2020-03-12 19:05 - 2020-03-12 19:05 - 002474496 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2020-03-12 19:05 - 2020-03-12 19:05 - 002289152 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2020-03-12 19:05 - 2020-03-12 19:05 - 002157056 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2020-03-12 19:05 - 2020-03-12 19:05 - 001972536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refs.sys
2020-03-12 19:05 - 2020-03-12 19:05 - 001885184 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2020-03-12 19:05 - 2020-03-12 19:05 - 001854976 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2020-03-12 19:05 - 2020-03-12 19:05 - 001823232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2020-03-12 19:05 - 2020-03-12 19:05 - 001751040 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2020-03-12 19:05 - 2020-03-12 19:05 - 001743888 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2020-03-12 19:05 - 2020-03-12 19:05 - 001688064 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsPrint.dll
2020-03-12 19:05 - 2020-03-12 19:05 - 001581056 _____ (Microsoft Corporation) C:\WINDOWS\system32\qmgr.dll
2020-03-12 19:05 - 2020-03-12 19:05 - 001482040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2020-03-12 19:05 - 2020-03-12 19:05 - 001481216 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpsharercom.dll
2020-03-12 19:05 - 2020-03-12 19:05 - 001412096 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2020-03-12 19:05 - 2020-03-12 19:05 - 001396152 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2020-03-12 19:05 - 2020-03-12 19:05 - 001394168 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2020-03-12 19:05 - 2020-03-12 19:05 - 001366128 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2020-03-12 19:05 - 2020-03-12 19:05 - 001354080 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmpal.dll
2020-03-12 19:05 - 2020-03-12 19:05 - 001182448 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2020-03-12 19:05 - 2020-03-12 19:05 - 001180160 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2020-03-12 19:05 - 2020-03-12 19:05 - 001149712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2020-03-12 19:05 - 2020-03-12 19:05 - 001097728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2020-03-12 19:05 - 2020-03-12 19:05 - 001092096 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCoreProvisioning.dll
2020-03-12 19:05 - 2020-03-12 19:05 - 001091936 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmcodecs.dll
2020-03-12 19:05 - 2020-03-12 19:05 - 001071184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Taskmgr.exe
2020-03-12 19:05 - 2020-03-12 19:05 - 001057792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2020-03-12 19:05 - 2020-03-12 19:05 - 001032544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ortcengine.dll
2020-03-12 19:05 - 2020-03-12 19:05 - 001027000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2020-03-12 19:05 - 2020-03-12 19:05 - 000988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\refsutil.exe
2020-03-12 19:05 - 2020-03-12 19:05 - 000945384 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2020-03-12 19:05 - 2020-03-12 19:05 - 000929144 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
2020-03-12 19:05 - 2020-03-12 19:05 - 000916480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2020-03-12 19:05 - 2020-03-12 19:05 - 000914944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2020-03-12 19:05 - 2020-03-12 19:05 - 000898048 _____ (Microsoft Corporation) C:\WINDOWS\system32\MdmDiagnostics.dll
2020-03-12 19:05 - 2020-03-12 19:05 - 000877232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2020-03-12 19:05 - 2020-03-12 19:05 - 000863232 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2020-03-12 19:05 - 2020-03-12 19:05 - 000851968 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2020-03-12 19:05 - 2020-03-12 19:05 - 000845312 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2020-03-12 19:05 - 2020-03-12 19:05 - 000836608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCoreProvisioning.dll
2020-03-12 19:05 - 2020-03-12 19:05 - 000833616 _____ (Microsoft Corporation) C:\WINDOWS\system32\pkeyhelper.dll
2020-03-12 19:05 - 2020-03-12 19:05 - 000814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2020-03-12 19:05 - 2020-03-12 19:05 - 000802304 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2020-03-12 19:05 - 2020-03-12 19:05 - 000796904 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2020-03-12 19:05 - 2020-03-12 19:05 - 000782848 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2020-03-12 19:05 - 2020-03-12 19:05 - 000765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\uReFS.dll
2020-03-12 19:05 - 2020-03-12 19:05 - 000749568 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2020-03-12 19:05 - 2020-03-12 19:05 - 000741392 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingWinRT.dll
2020-03-12 19:05 - 2020-03-12 19:05 - 000734720 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpksetup.exe
2020-03-12 19:05 - 2020-03-12 19:05 - 000680448 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2020-03-12 19:05 - 2020-03-12 19:05 - 000678912 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2020-03-12 19:05 - 2020-03-12 19:05 - 000661816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2020-03-12 19:05 - 2020-03-12 19:05 - 000649728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidprov.dll
2020-03-12 19:05 - 2020-03-12 19:05 - 000642216 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2020-03-12 19:05 - 2020-03-12 19:05 - 000638464 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
2020-03-12 19:05 - 2020-03-12 19:05 - 000636848 _____ (Microsoft Corporation) C:\WINDOWS\system32\sxs.dll
2020-03-12 19:05 - 2020-03-12 19:05 - 000627216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicensingWinRT.dll
2020-03-12 19:05 - 2020-03-12 19:05 - 000613888 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofmsvc.dll
2020-03-12 19:05 - 2020-03-12 19:05 - 000605896 _____ (Microsoft Corporation) C:\WINDOWS\system32\sechost.dll
2020-03-12 19:05 - 2020-03-12 19:05 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SppExtComObj.Exe
2020-03-12 19:05 - 2020-03-12 19:05 - 000568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnprv.dll
2020-03-12 19:05 - 2020-03-12 19:05 - 000568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.UXRes.dll
2020-03-12 19:05 - 2020-03-12 19:05 - 000562688 _____ (Microsoft Corporation) C:\WINDOWS\system32\iprtrmgr.dll
2020-03-12 19:05 - 2020-03-12 19:05 - 000551824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sxs.dll
2020-03-12 19:05 - 2020-03-12 19:05 - 000540672 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2020-03-12 19:05 - 2020-03-12 19:05 - 000535552 _____ (Microsoft Corporation) C:\WINDOWS\system32\usosvc.dll
2020-03-12 19:05 - 2020-03-12 19:05 - 000522384 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2020-03-12 19:05 - 2020-03-12 19:05 - 000518656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2020-03-12 19:05 - 2020-03-12 19:05 - 000500224 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprdim.dll
2020-03-12 19:05 - 2020-03-12 19:05 - 000489984 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2020-03-12 19:05 - 2020-03-12 19:05 - 000478792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sechost.dll
2020-03-12 19:05 - 2020-03-12 19:05 - 000460800 _____ (Microsoft Corporation) C:\WINDOWS\system32\slui.exe
2020-03-12 19:05 - 2020-03-12 19:05 - 000457216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cldflt.sys
2020-03-12 19:05 - 2020-03-12 19:05 - 000448000 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll
2020-03-12 19:05 - 2020-03-12 19:05 - 000443904 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2020-03-12 19:05 - 2020-03-12 19:05 - 000435200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll
2020-03-12 19:05 - 2020-03-12 19:05 - 000433152 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountExtension.dll
2020-03-12 19:05 - 2020-03-12 19:05 - 000429880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys
2020-03-12 19:05 - 2020-03-12 19:05 - 000415744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2020-03-12 19:05 - 2020-03-12 19:05 - 000401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2020-03-12 19:05 - 2020-03-12 19:05 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2020-03-12 19:05 - 2020-03-12 19:05 - 000382976 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll
2020-03-12 19:05 - 2020-03-12 19:05 - 000379904 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2020-03-12 19:05 - 2020-03-12 19:05 - 000368128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2020-03-12 19:05 - 2020-03-12 19:05 - 000355840 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsDocumentTargetPrint.dll
2020-03-12 19:05 - 2020-03-12 19:05 - 000353960 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2020-03-12 19:05 - 2020-03-12 19:05 - 000338432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2020-03-12 19:05 - 2020-03-12 19:05 - 000337920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Acx01000.sys
2020-03-12 19:05 - 2020-03-12 19:05 - 000329216 _____ (Microsoft Corporation) C:\WINDOWS\system32\DiagnosticLogCSP.dll
2020-03-12 19:05 - 2020-03-12 19:05 - 000320312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthAgent.dll
2020-03-12 19:05 - 2020-03-12 19:05 - 000309248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2020-03-12 19:05 - 2020-03-12 19:05 - 000308736 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2020-03-12 19:05 - 2020-03-12 19:05 - 000307712 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcomapi.dll
2020-03-12 19:05 - 2020-03-12 19:05 - 000294400 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2020-03-12 19:05 - 2020-03-12 19:05 - 000291840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ahcache.sys
2020-03-12 19:05 - 2020-03-12 19:05 - 000291328 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceDirectoryClient.dll
2020-03-12 19:05 - 2020-03-12 19:05 - 000287232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppcomapi.dll
2020-03-12 19:05 - 2020-03-12 19:05 - 000285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmWmiPl.dll
2020-03-12 19:05 - 2020-03-12 19:05 - 000282112 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcpopkeysrv.dll
2020-03-12 19:05 - 2020-03-12 19:05 - 000273408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountCloudAP.dll
2020-03-12 19:05 - 2020-03-12 19:05 - 000271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2020-03-12 19:05 - 2020-03-12 19:05 - 000263168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnservice.dll
2020-03-12 19:05 - 2020-03-12 19:05 - 000262656 _____ (Microsoft Corporation) C:\WINDOWS\system32\netman.dll
2020-03-12 19:05 - 2020-03-12 19:05 - 000260920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2020-03-12 19:05 - 2020-03-12 19:05 - 000259584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2020-03-12 19:05 - 2020-03-12 19:05 - 000248064 _____ (Microsoft Corporation) C:\WINDOWS\system32\weretw.dll
2020-03-12 19:05 - 2020-03-12 19:05 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2020-03-12 19:05 - 2020-03-12 19:05 - 000239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\vdsbas.dll
2020-03-12 19:05 - 2020-03-12 19:05 - 000234984 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeManagerObj.dll
2020-03-12 19:05 - 2020-03-12 19:05 - 000233472 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2020-03-12 19:05 - 2020-03-12 19:05 - 000232960 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2020-03-12 19:05 - 2020-03-12 19:05 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\TetheringMgr.dll
2020-03-12 19:05 - 2020-03-12 19:05 - 000228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountTokenProvider.dll
2020-03-12 19:05 - 2020-03-12 19:05 - 000226816 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofm.dll
2020-03-12 19:05 - 2020-03-12 19:05 - 000221200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2020-03-12 19:05 - 2020-03-12 19:05 - 000213984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditionUpgradeManagerObj.dll
2020-03-12 19:05 - 2020-03-12 19:05 - 000206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndiswan.sys
2020-03-12 19:05 - 2020-03-12 19:05 - 000204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2020-03-12 19:05 - 2020-03-12 19:05 - 000201744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys
2020-03-12 19:05 - 2020-03-12 19:05 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2020-03-12 19:05 - 2020-03-12 19:05 - 000182272 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
2020-03-12 19:05 - 2020-03-12 19:05 - 000181248 _____ (Microsoft Corporation) C:\WINDOWS\system32\notepad.exe
2020-03-12 19:05 - 2020-03-12 19:05 - 000181248 _____ (Microsoft Corporation) C:\WINDOWS\notepad.exe
2020-03-12 19:05 - 2020-03-12 19:05 - 000180232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2020-03-12 19:05 - 2020-03-12 19:05 - 000179200 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtm.dll

Falta la última parte del reporte pero supera la cantidad de carácteres y ya no puedo ponerlo en un nuevo post hasta dentro de un día porque me sale que supere el maximo de respuestas

Hola

Mira a ver si te deja subir los reportes como archivo adjunto.

Un saludo

Gracias!! este es el reporte completo de FRST64

reporte.txt (160,4 KB)

Volví a usar el frst y busqué la palabra Norton tanto en la búsqueda de archivo como de registro. En la primbera no me sale nada pero en la segunda sí y me indica dos ubicaciones

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\DirectDraw\Compatibility\NortonSystemInfo] [HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\DirectDraw\Compatibility\NortonSystemInfo]

En los dos casos dentro de la carpeta compatibility (además de Norton system info) también hay otras raras como Bug!, DemolitionDerby2, Diablo, etc

Hola

Falta el reporte de Addition, lo necesito para revisar.

Un saludo

Buenas!! Aquí lo mando. Te envío de nuevo los dos porque no encontré el addition de la fecha del último informe que te envié. Lo que te mando son los informes de ayer, que pasé de nuevo el FRST.

FRST.txt (160,4 KB)

Addition.txt (27,0 KB)

Hola

FRST tiene que estar en el escritorio pero que no esté dentro de ninguna carpeta si no fallará el paso siguiente.

MUY Importante Realiza una copia de seguridad del registro :

• Para hacerlo descarga DelFix.exe( en tu escritorio).

• Doble clic para ejecutarlo.(Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona -Ejecutar como Administrador-).

• Atención, ahora marca/selecciona únicamente la casilla "Create registry backup", las demás NO.

• Pulsar en Run.

Se abrirá el informe (DelFix.txt), guárdalo por si fuera necesario y cierra la herramienta.

A continuación con los demás programas cerrados ve a Inicio Ejecutar y escribe Notepad.exe.

• Ahora debes copiar y pegar los códigos/líneas que están en el interior del recuadro de más abajo, dentro del Notepad.

START
CREATERESTOREPOINT:
CLOSEPROCESSES:
HKU\S-1-5-21-2155867228-463568385-2336883251-1001\...\Run: [uTorrent] => C:\Users\Totoro\AppData\Roaming\uTorrent\uTorrent.exe [2072816 2020-04-07] (BitTorrent Inc -> BitTorrent Inc.)
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restricción <==== ATENCIÓN
CHR HKLM\SOFTWARE\Policies\Google: Restricción <==== ATENCIÓN
Task: {F036CD2F-C6A0-4298-B0C8-9CBEBA99F975} - System32\Tasks\Driver Booster SkipUAC (Totoro) => C:\Program Files (x86)\IObit\Driver Booster\6.3.0\DriverBooster.exe
SearchScopes: HKU\S-1-5-21-2155867228-463568385-2336883251-1001 -> DefaultScope {2f23ab71-4ac6-41f2-a955-ea576e553146} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE15
SearchScopes: HKU\S-1-5-21-2155867228-463568385-2336883251-1001 -> {2f23ab71-4ac6-41f2-a955-ea576e553146} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE15
FF NewTab: Mozilla\Firefox\Profiles\typ5trjm.default -> hxxp://securedsearch.lavasoft.com/?pr=vmn&id=webcompa&ent=hp_WCYID10440__191227
FF Extension: (Avast SafePrice | Comparaciones, ofertas y cupones) - C:\Users\Totoro\AppData\Roaming\Mozilla\Firefox\Profiles\typ5trjm.default\Extensions\[email protected] [2020-05-05]
FF Extension: (Avast Online Security) - C:\Users\Totoro\AppData\Roaming\Mozilla\Firefox\Profiles\typ5trjm.default\Extensions\[email protected] [2020-05-05]
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [Ningún archivo]
CHR Extension: (Avast SafePrice | Comparaciones, ofertas y cupones) - C:\Users\Totoro\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2020-03-21]
CHR Extension: (Avast Online Security) - C:\Users\Totoro\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2020-03-01]
CHR Extension: (Chrome Media Router) - C:\Users\Totoro\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-04-29]
CHR Extension: (Avast SafePrice | Comparaciones, ofertas y cupones) - C:\Users\Totoro\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2020-03-28]
CHR Extension: (Avast Online Security) - C:\Users\Totoro\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gomekmidlodglbbmalcneegieacbdmki [2020-03-28]
CHR Extension: (Chrome Media Router) - C:\Users\Totoro\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-04-23]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki]
2019-04-04 05:58 - 2019-04-04 05:58 - 000000000 ____C () C:\Users\Totoro\AppData\Local\oobelibMkey.log


HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
END

Guárdalo bajo el nombre de FIXLIST.TXT en el escritorio Esto es muy importante.

Nota Es importante que la herramienta FRST.exe (Farbar Recovery Scanner Tool) y FIXLIST.TXT se encuentren en la misma ubicación (escritorio) o si no, no trabajara.

Y ahora usa el 2º MÉTODO: de esta Faq de Windows 8(aplicable a Windows 10) ¿Cómo iniciar Windows 8/8.1 en Modo Seguro?, para trabajar desde ese modo de windows.

• Ejecuta FRST.exe.(Si usas Windows Vista/7/8 o 10, presiona clic derecho y seleccionas -Ejecutar como Administrador-).
• Presionar el botón FIX/Corregir y aguardar a que termine.
• La Herramienta guardara el reporte de reparación en el escritorio (FIXLOG.TXT).

Pega el contenido de este fichero en tu próxima respuesta.

Reiniciar el equipo y comprobar su funcionamiento en relación al problema planteado y comentarlo.

Un saludo

Buenas! Muchas gracias por la ayuda. Todavía no he podido efectuarla porque leí como iniciar en modo seguro y dice que en un momento te piden una contraseña. No recuerdo haber puesto nunca una, por lo que, podría bloquearse mi computadora? Perdón, la ignorancia, nunca usé el modo seguro. Podría hacer los pasos sin acceder a este?

Hola

Puedes realizar los pasos en modo normal.

Un saludo

Buenas, ya seguí todos los pasos! No tengo el reporte del frst porque cuando desinstalé los antivirus parece que se borró también. Pero el virus no ha vuelto a aparecer, muchísimas gracias!

Hola @Luci_Cian

Sigue estos pasos, para eliminar las herramientas utilizadas:

Para hacerlo utiliza de nuevo/descarga >> DelFix.exe en tu escritorio.

• Doble clic para ejecutarlo. (Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona - Ejecutar como Administrador)

• Marca todas las casillas, y pulsas en Run

Se abrirá el informe (DelFix.txt), puedes cerrarlo.

Gracias a ti por confiar en ForoSpyware. Ha sido un placer ayudarte

Nos alegramos que se te haya resuelto Damos el tema por solucionado.

Un saludo