Chequeo por prevención

Hola, hace unos días mi DD murió y como estoy usando el notebook de mi hermano le estoy haciendo mantenimiento por prevención y porque además el equipo está super lento. Me gustaría que revisaran el log a ver si existe algo que deba corregirse. Gracias

Es una HP Pavilion g4, con windows 10 x64. Acá dejo el log:

Logfile of HiJackThis Fork by Alex Dragokas v.2.9.0.18

Platform:  x64 Windows 10 (Home), 10.0.18362.836 (ReleaseId: 1903), Service Pack: 0
Time:      24.05.2020 - 14:16 (UTC-04:00)
Language:  OS: Spanish (0xC0A). Display: Spanish (0xC0A). Non-Unicode: Spanish (0x200A)
Elevated:  Yes
Ran by:    EDGAR	(group: Administrator) on EDGAR-HP, FirstRun: yes

Chrome:  83.0.4103.61
Firefox: 76.0.1.7432
Edge:    11.0.18362.815
Internet Explorer: 11.0.18362.1
Default: "C:\WINDOWS\system32\LaunchWinApp.exe" "%1" (Microsoft Edge)

Boot mode: Normal

Running processes:
Number | Path
   1  C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
   1  C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
   1  C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
   1  C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\Win64\UnrealCEFSubProcess.exe
   1  C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe
   1  C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
   1  C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
   1  C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
   1  C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
   1  C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
   1  C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
   1  C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
   1  C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
   1  C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
   1  C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe
   1  C:\Program Files (x86)\Movistar\Escritorio Movistar Latam\ImpWiFiSvc.exe
   1  C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
   1  C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin64\rpsystray.exe
   1  C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe
   1  C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
   1  C:\Program Files\AVG\Antivirus\AVGSvc.exe
   1  C:\Program Files\AVG\Antivirus\aswEngSrv.exe
   3  C:\Program Files\AVG\Antivirus\setup\instup.exe
   1  C:\Program Files\AVG\Antivirus\wsc_proxy.exe
   1  C:\Program Files\Bonjour\mDNSResponder.exe
   1  C:\Program Files\CCleaner\CCleaner64.exe
   1  C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
   1  C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
   1  C:\Program Files\Intel\iCLS Client\HeciServer.exe
   1  C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
   1  C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
   1  C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
   1  C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.56.102.0_x64__kzf8qxf38zg5c\SkypeApp.exe
   1  C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.56.102.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
   1  C:\Program Files\WindowsApps\Microsoft.YourPhone_1.20041.91.0_x64__8wekyb3d8bbwe\YourPhone.exe
   1  C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.20022.11011.0_x64__8wekyb3d8bbwe\Video.UI.exe
   1  C:\Program Files\iPod\bin\iPodService.exe
   1  C:\Program Files\iTunes\iTunesHelper.exe
   1  C:\Users\EDGAR\AppData\Local\KH\Update\KhipuUpdate.exe
   1  C:\Users\EDGAR\AppData\Local\Microsoft\OneDrive\OneDrive.exe
   1  C:\Users\EDGAR\Downloads\HiJackThis.exe
   1  C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
   1  C:\Windows\System32\ApplicationFrameHost.exe
   1  C:\Windows\System32\BtwRSupportService.exe
   1  C:\Windows\System32\CompPkgSrv.exe
   1  C:\Windows\System32\CompatTelRunner.exe
   1  C:\Windows\System32\DbxSvc.exe
   1  C:\Windows\System32\MicrosoftEdgeCP.exe
   1  C:\Windows\System32\MicrosoftEdgeSH.exe
   8  C:\Windows\System32\RuntimeBroker.exe
   1  C:\Windows\System32\SearchIndexer.exe
   1  C:\Windows\System32\SecurityHealthService.exe
   1  C:\Windows\System32\SecurityHealthSystray.exe
   1  C:\Windows\System32\SgrmBroker.exe
   1  C:\Windows\System32\audiodg.exe
   1  C:\Windows\System32\browser_broker.exe
   2  C:\Windows\System32\conhost.exe
   2  C:\Windows\System32\csrss.exe
   1  C:\Windows\System32\ctfmon.exe
   1  C:\Windows\System32\dasHost.exe
   2  C:\Windows\System32\dllhost.exe
   1  C:\Windows\System32\dwm.exe
   2  C:\Windows\System32\fontdrvhost.exe
   1  C:\Windows\System32\hkcmd.exe
   1  C:\Windows\System32\hpservice.exe
   1  C:\Windows\System32\igfxpers.exe
   1  C:\Windows\System32\igfxtray.exe
   1  C:\Windows\System32\lsass.exe
   1  C:\Windows\System32\mqsvc.exe
   1  C:\Windows\System32\services.exe
   1  C:\Windows\System32\sihost.exe
   1  C:\Windows\System32\smartscreen.exe
   1  C:\Windows\System32\smss.exe
   1  C:\Windows\System32\spoolsv.exe
  82  C:\Windows\System32\svchost.exe
   2  C:\Windows\System32\taskhostw.exe
   2  C:\Windows\System32\wbem\WmiPrvSE.exe
   1  C:\Windows\System32\wininit.exe
   1  C:\Windows\System32\winlogon.exe
   1  C:\Windows\System32\wlanext.exe
   1  C:\Windows\SystemApps\InputApp_cw5n1h2txyewy\WindowsInternal.ComposableShell.Experiences.TextInput.InputApp.exe
   1  C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
   1  C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
   1  C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe
   1  C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
   1  C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.18362.772_none_5f13f94c58ff41d3\TiWorker.exe
   1  C:\Windows\explorer.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main: [Default_Page_URL] = http://g.jp.msn.com/HPALL/42
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: [ProxyOverride] = *.local
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}: [URL] = http://eu.ask.com/web?q={searchterms}&l=dis&o=HPNTDF - Ask.com
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6586d803-df30-46d3-a89a-4136c8571d45}: [URL] = https://www.google.com/search?q={searchTerms} - Google
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: [URL] = http://ve.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF - Yahoo
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}: [URL] = http://es.wikipedia.org/wiki/Special:Search?search={searchTerms} - Wikipedia
R4 - SearchScopes: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{099602A0-FEA9-42E5-85E3-9BD710C5FBE2}: [URL,TopResultURLFallback] = http://www.palikan.com/results.php?f=4&a=plk_coinisre_16_03&cd=2XzuyEtN2Y1L1Qzu0CtDtCzzzzyD0F0DyDtD0FtDyCtC0ByBtN0D0Tzu0StCyEzztAtN1L2XzutAtFtCyBtFyEtFtDtN1L1Czu1BtAtN1L1G1B1V1N2Y1L1Qzu2SyCyCtBtB0E0B0DtAtGtB0EzztBtGzyyBtD0DtGtCyByDtBtGtByCzy0DyByDyByEtAzytCyD2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0CyBzyzz0BzytDyBtG0EzyzyyDtGyEzztAtBtGzzyBzy0CtGtD0FyCtD0E0C0E0A0CyBtA0D2QtN0A0LzuyE&cr=564727562&ir=&q={searchTerms} - Palikan
R4 - SearchScopes: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}: [URL] = http://eu.ask.com/web?q={searchterms}&l=dis&o=HPNTDF - Ask.com
R4 - SearchScopes: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{6586d803-df30-46d3-a89a-4136c8571d45}: [URL,TopResultURLFallback] = http://www.palikan.com/results.php?f=4&a=plk_coinisre_16_03&cd=2XzuyEtN2Y1L1Qzu0CtDtCzzzzyD0F0DyDtD0FtDyCtC0ByBtN0D0Tzu0StCyEzztAtN1L2XzutAtFtCyBtFyEtFtDtN1L1Czu1BtAtN1L1G1B1V1N2Y1L1Qzu2SyCyCtBtB0E0B0DtAtGtB0EzztBtGzyyBtD0DtGtCyByDtBtGtByCzy0DyByDyByEtAzytCyD2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0CyBzyzz0BzytDyBtG0EzyzyyDtGyEzztAtBtGzzyBzy0CtGtD0FyCtD0E0C0E0A0CyBtA0D2QtN0A0LzuyE&cr=564727562&ir=&q={searchTerms} - Palikan
R4 - SearchScopes: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: [URL] = http://ve.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF - Yahoo
R4 - SearchScopes: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}: [URL] = http://es.wikipedia.org/wiki/Special:Search?search={searchTerms} - Wikipedia
O2 - HKLM\..\BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll
O2 - HKLM\..\BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin64.dll
O2-32 - HKLM\..\BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
O2-32 - HKLM\..\BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll
O4 - Global User Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\RealPlayer Cloud Service UI.lnk    ->    C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin64\rpsystray.exe
O4 - HKCU\..\Run: [CCleaner Smart Cleaning] = C:\Program Files\CCleaner\CCleaner64.exe /MONITOR
O4 - HKCU\..\Run: [OneDrive] = C:\Users\EDGAR\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background (Microsoft)
O4 - HKCU\..\StartupApproved\Run: [EpicGamesLauncher] = C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe -silent (2020/05/24)
O4 - HKCU\..\StartupApproved\Run: [GoogleChromeAutoLaunch_C5AFDDB057D0F01A726A9152C485F15B] = C:\Users\EDGAR\AppData\Local\Chromium\Application\chrome.exe --auto-launch-at-startup --profile-directory="Default" --restore-last-session (2020/05/24)
O4 - HKCU\..\StartupApproved\Run: [KH Update] = C:\Users\EDGAR\AppData\Local\KH\Update\KhipuUpdate.exe /c (2020/05/24)
O4 - HKLM\..\Run: [HotKeysCmds] = C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [IgfxTray] = C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [Persistence] = C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [SecurityHealth] = C:\WINDOWS\system32\SecurityHealthSystray.exe
O4 - HKLM\..\Run: [SynTPEnh] = C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\StartupApproved\Run: [Windows Mobile Device Center] = C:\WINDOWS\WindowsMobile\wmdc.exe (2020/05/24)
O4 - HKLM\..\StartupApproved\Run: [iTunesHelper] = C:\Program Files\iTunes\iTunesHelper.exe (2020/05/24)
O4-32 - HKLM\..\Run: [Dropbox] = C:\Program Files (x86)\Dropbox\Client\Dropbox.exe /systemstartup
O4-32 - HKLM\..\Run: [HP CoolSense] = C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe -byrunkey
O4-32 - HKLM\..\Run: [HP Quick Launch] = C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
O4-32 - HKLM\..\Run: [LogMeIn Hamachi Ui] = C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe --auto-start
O4-32 - HKLM\..\Run: [TkBellExe] = C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe -osboot
O8 - Context menu item: HKCU\..\Internet Explorer\MenuExt\Enviar imagen al dispositivo &Bluetooth...: (default) = C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm (file missing)
O8 - Context menu item: HKCU\..\Internet Explorer\MenuExt\Enviar página al dispositivo &Bluetooth...: (default) = C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm (file missing)
O9 - Button: HKLM\..\{25510184-5A38-4A99-B273-DCA8EEF6CD08}: Ejecuta Comprobación de red de HP, que le ayuda a resolver problemas de conexión - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Tools menu item: HKLM\..\{25510184-5A38-4A99-B273-DCA8EEF6CD08}: Comprobación de red de HP - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9-32 - Button: HKLM\..\{219C3416-8CB2-491a-A3C7-D9FCDDC9D600}: Agregar entrada - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9-32 - Button: HKLM\..\{25510184-5A38-4A99-B273-DCA8EEF6CD08}: Ejecuta Comprobación de red de HP, que le ayuda a resolver problemas de conexión - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9-32 - Button: HKLM\..\{2EAF5BB1-070F-11D3-9307-00C04FAE2D4F}: Crear favorito móvil - C:\WINDOWS\WindowsMobile\INetRepl.dll
O9-32 - Button: HKLM\..\{2EAF5BB2-070F-11D3-9307-00C04FAE2D4F}: (no name) - C:\WINDOWS\WindowsMobile\INetRepl.dll
O9-32 - Button: HKLM\..\{A95fe080-8f5d-11d2-a20b-00aa003c157a}: Añadir a Evernote 4 - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll
O9-32 - Tools menu item: HKLM\..\{219C3416-8CB2-491a-A3C7-D9FCDDC9D600}: &Agregar entrada en Windows Live Writer - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9-32 - Tools menu item: HKLM\..\{25510184-5A38-4A99-B273-DCA8EEF6CD08}: Comprobación de red de HP - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9-32 - Tools menu item: HKLM\..\{2EAF5BB2-070F-11D3-9307-00C04FAE2D4F}: Crear favorito móvil... - C:\WINDOWS\WindowsMobile\INetRepl.dll
O9-32 - Tools menu item: HKLM\..\{A95fe080-8f5d-11d2-a20b-00aa003c157a}: Añadir a Evernote 4 - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll
O17 - DHCP DNS 1: 192.168.8.1
O18 - HKLM\Software\Classes\Protocols\Handler\wlpg: [CLSID] = {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\   DropboxExt01: DropboxExt1 Class - {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\   DropboxExt02: DropboxExt7 Class - {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\   DropboxExt03: DropboxExt9 Class - {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\   DropboxExt04: DropboxExt3 Class - {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\   DropboxExt05: DropboxExt2 Class - {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\   DropboxExt06: DropboxExt4 Class - {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\   DropboxExt07: DropboxExt5 Class - {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\   DropboxExt08: DropboxExt8 Class - {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\   DropboxExt09: DropboxExt10 Class - {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\   DropboxExt10: DropboxExt6 Class - {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\00avast: (no name) - {472083B0-C522-11CF-8763-00608CC02F24} - (no file)
O21 - HKLM\..\ShellIconOverlayIdentifiers\00avg: (no name) - {472083B0-C522-11CF-8763-00608CC02F24} - (no file)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\   DropboxExt01: DropboxExt1 Class - {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt.37.0.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\   DropboxExt02: DropboxExt7 Class - {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt.37.0.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\   DropboxExt03: DropboxExt9 Class - {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt.37.0.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\   DropboxExt04: DropboxExt3 Class - {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt.37.0.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\   DropboxExt05: DropboxExt2 Class - {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt.37.0.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\   DropboxExt06: DropboxExt4 Class - {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt.37.0.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\   DropboxExt07: DropboxExt5 Class - {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt.37.0.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\   DropboxExt08: DropboxExt8 Class - {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt.37.0.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\   DropboxExt09: DropboxExt10 Class - {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt.37.0.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\   DropboxExt10: DropboxExt6 Class - {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt.37.0.dll
O22 - Task (.job): (Not scheduled) G2MUpdateTask-S-1-5-21-1498714615-88780390-2559584424-1000.job - C:\Users\EDGAR\AppData\Local\GoToMeeting\17359\g2mupdate.exe
O22 - Task (.job): (Not scheduled) G2MUploadTask-S-1-5-21-1498714615-88780390-2559584424-1000.job - C:\Users\EDGAR\AppData\Local\GoToMeeting\17359\g2mupload.exe
O22 - Task (.job): (Not scheduled) HPCeeScheduleForEDGAR.job - C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe HPCeeScheduleForEDGAR (null)
O22 - Task (.job): (Not scheduled) KHUpdateTaskUserS-1-5-21-1498714615-88780390-2559584424-1000Core.job - C:\Users\EDGAR\AppData\Local\KH\Update\KhipuUpdate.exe /c
O22 - Task (.job): (Not scheduled) KHUpdateTaskUserS-1-5-21-1498714615-88780390-2559584424-1000UA.job - C:\Users\EDGAR\AppData\Local\KH\Update\KhipuUpdate.exe /ua /installsource scheduler
O22 - Task (.job): (disabled) (Not scheduled) DropboxUpdateTaskMachineCore.job - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /c
O22 - Task (.job): (disabled) (Not scheduled) DropboxUpdateTaskMachineUA.job - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /ua /installsource scheduler
O23 - Service R2: AVG Antivirus - C:\Program Files\AVG\Antivirus\AVGSvc.exe /runassvc
O23 - Service R2: Adobe Acrobat Update Service - (AdobeARMservice) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service R2: Apple Mobile Device Service - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service R2: AvgWscReporter - C:\Program Files\AVG\Antivirus\wsc_proxy.exe /runassvc /rpcserver
O23 - Service R2: Bluetooth Driver Management Service - (BcmBtRSupport) - C:\WINDOWS\system32\BtwRSupportService.exe
O23 - Service R2: DbxSvc - C:\WINDOWS\system32\DbxSvc.exe
O23 - Service R2: HP Client Services - (HPClientSvc) - C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
O23 - Service R2: HP Service - (hpsrv) - C:\WINDOWS\system32\Hpservice.exe
O23 - Service R2: HP Support Solutions Framework Service - (HPSupportSolutionsFrameworkService) - C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
O23 - Service R2: HPWMISVC - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
O23 - Service R2: Intel(R) Capability Licensing Service Interface - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service R2: Intel(R) Dynamic Application Loader Host Interface Service - (jhi_service) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service R2: Intel(R) ME Service - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service R2: Intel(R) Management and Security Application Local Management Service - (LMS) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service R2: Intel(R) Management and Security Application User Notification Service - (UNS) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service R2: LMIGuardianSvc - C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe
O23 - Service R2: RealNetworks Downloader Resolver Service - C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
O23 - Service R2: RealPlayer Cloud Service - C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe
O23 - Service R2: Servicio Bonjour - (Bonjour Service) - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service R2: SynTPEnh Caller Service - (SynTPEnhService) - C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
O23 - Service R2: TGCM_ImportWiFiSvc - C:\Program Files (x86)\Movistar\Escritorio Movistar Latam\ImpWiFiSvc.exe
O23 - Service R3: HP Software Framework Service - (hpqwmiex) - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service R3: Servicio del iPod - (iPod Service) - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service S2: Google Update Servicio (gupdate) - (gupdate) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /svc
O23 - Service S2: HP Touchpoint Analytics - (HPTouchpointAnalyticsService) - C:\Program Files\HP\HP Touchpoint Analytics Client\TouchpointAnalyticsClientService.exe
O23 - Service S2: LogMeIn Hamachi Tunneling Engine - (Hamachi2Svc) - C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe -s
O23 - Service S2: RealPlayer Update Service - (RealPlayerUpdateSvc) - C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe
O23 - Service S2: Servicio Actualización de Dropbox (dbupdate) - (dbupdate) - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /svc
O23 - Service S3: Adobe Flash Player Update Service - (AdobeFlashPlayerUpdateSvc) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service S3: GamesAppService - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service S3: Google Chrome Elevation Service - (GoogleChromeElevationService) - C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.61\elevation_service.exe
O23 - Service S3: Google Update Servicio (gupdatem) - (gupdatem) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /medsvc
O23 - Service S3: Intel(R) Content Protection HECI Service - (cphs) - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service S3: Mozilla Maintenance Service - (MozillaMaintenance) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service S3: Office 64 Source Engine - (ose64) - C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
O23 - Service S3: Servicio Actualización de Dropbox (dbupdatem) - (dbupdatem) - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /medsvc
O23 - Service S3: avgbIDSAgent - C:\Program Files\AVG\Antivirus\aswidsagent.exe


--
End of file - Time spent: 96,6 sec. - 47598 bytes, CRC32: FFFFFFFF. Sign: ꅡ㈚

El programas que usaste ya no es valido a dia de hoy,se ha quedado obsoleto

Realiza los siguientes pasos, , sin cambiar el orden

1) Descarga, instala y ejecuta Malwarebytes’ Anti-Malware.

  • Presiona clic en “Use Malewarebytes Free” (Usar Malewarebyte gratis).

  • Pulsa en el botón “Open Malewarebytes Free”.

imagen

  • Presiona el botón “Scan” (Escaneo).

imagen

Una vez finalizado el escaneo aparecerá la siguiente pantalla:

imagen

  • Pulsa en “View report” (Ver informe).

  • Luego presionar el botón “Export” (Exportar). Elijes “Text file” (fichero de texto). Elijes un nombre y guardas ese archivo en el escritorio…

2) Descarga Adwcleaner en el escritorio.

  • Desactiva tu antivirus :arrow_forward:Como deshabilitar temporalmente un antivirus y cualquier programa de seguridad.

  • Ejecuta Adwcleaner.exe (Si usas Windows Vista/7 u 8 presiona clic derecho y selecciona "Ejecutar como Administrador.")

  • Pulsar en el botón Analizar Ahora, y espera a que se realice el proceso, inmediatamente pulsa sobre el botón Iniciar Reparacion.

  • Espera a que se complete y sigue las instrucciones, si te pidiera Reiniciar el sistema Aceptas.

  • Si no encuentra nada, pulsamos “Omitir Reparación

  • El log lo encontramos en la pestaña “Informes”, volviendo a abrir el programa, si es necesario o en"C:\AdwCleaner\Logs\AdwCleaner[C0].txt"

Puedes mirar su manual >> Manual de Adwcleaner

3) Descarga Ccleaner

Instalalo y ejecútalo. En la pestaña limpiador dejas como esta configurada predeterminadamente, haces clic en analizar esperas que termine > clic en ejecutar limpiador. Clic en la pestaña Registro > clic en buscar problemas esperas que termine > clic en Reparar Seleccionadas y haces una copia de seguridad.

Pega los reportes de Malwarebytes, AdwCleaner y comentas como va el problema.


Hola Miguel, acá dejo los registros de acuerdo a tu explicación, y aprovecho para comentarte que el programa que usé al inicio de mi post, lo descargué de acá, por lo que si está obsoleto recomiendo que lo saquen :slight_smile:

Malwarebytes

-Detalles del registro-
Fecha del análisis: 24/5/20
Hora del análisis: 21:28
Archivo de registro: 0fa7022c-9e27-11ea-95a3-a0b3cc6e3114.json

-Información del software-
Versión: 4.1.0.56
Versión de los componentes: 1.0.920
Versión del paquete de actualización: 1.0.24392
Licencia: Prueba

-Información del sistema-
SO: Windows 10 (Build 18362.836)
CPU: x64
Sistema de archivos: NTFS
Usuario: EDGAR-HP\EDGAR

-Resumen del análisis-
Tipo de análisis: Análisis de amenazas
Análisis iniciado por:: Manual
Resultado: Completado
Objetos analizados: 366069
Amenazas detectadas: 121
Amenazas en cuarentena: 0
Tiempo transcurrido: 13 min, 52 seg

-Opciones de análisis-
Memoria: Activado
Inicio: Activado
Sistema de archivos: Activado
Archivo: Activado
Rootkits: Desactivado
Heurística: Activado
PUP: Detectar
PUM: Detectar

-Detalles del análisis-
Proceso: 0
(No hay elementos maliciosos detectados)

Módulo: 0
(No hay elementos maliciosos detectados)

Clave del registro: 16
PUP.Optional.ASK, HKU\S-1-5-21-1498714615-88780390-2559584424-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{2FA28606-DE77-4029-AF96-B231E3B8F827}, Sin acciones por parte del usuario, 281, 184157, , , , 
PUP.Optional.ASK, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{2FA28606-DE77-4029-AF96-B231E3B8F827}, Sin acciones por parte del usuario, 281, 184157, , , , 
PUP.Optional.ASK, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{2fa28606-de77-4029-af96-b231e3b8f827}, Sin acciones por parte del usuario, 281, 184157, 1.0.24392, , ame, 
PUP.Optional.Palikan, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Palikan redo, Sin acciones por parte del usuario, 373, 341905, , , , 
PUP.Optional.Palikan, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{5803CABB-D4BA-4793-B92C-A74731B20222}, Sin acciones por parte del usuario, 373, 341905, , , , 
PUP.Optional.Palikan, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\PLAIN\{5803CABB-D4BA-4793-B92C-A74731B20222}, Sin acciones por parte del usuario, 373, 341905, , , , 
PUP.Optional.Pakilan, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\LJIBKIGJCCBEGNBEOJKOAFEJPOIACHEJ, Sin acciones por parte del usuario, 2519, 186516, , , , 
PUP.Optional.Pakilan, HKU\S-1-5-21-1498714615-88780390-2559584424-1000\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\LJIBKIGJCCBEGNBEOJKOAFEJPOIACHEJ, Sin acciones por parte del usuario, 2519, 186516, , , , 
PUP.Optional.Pakilan, HKLM\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\ljibkigjccbegnbeojkoafejpoiachej, Sin acciones por parte del usuario, 2519, 186516, 1.0.24392, , ame, 
PUP.Optional.Palikan, HKU\S-1-5-21-1498714615-88780390-2559584424-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{099602A0-FEA9-42E5-85E3-9BD710C5FBE2}, Sin acciones por parte del usuario, 373, 241491, , , , 
PUP.Optional.Palikan, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{099602A0-FEA9-42E5-85E3-9BD710C5FBE2}, Sin acciones por parte del usuario, 373, 241491, 1.0.24392, , ame, 
Adware.Yontoo, HKLM\SOFTWARE\POLICIES\GOOGLE\CHROME, Sin acciones por parte del usuario, 198, -1, 0.0.0, , action, 
Adware.Yontoo, HKLM\SOFTWARE\WOW6432NODE\POLICIES\GOOGLE\CHROME, Sin acciones por parte del usuario, 198, -1, 0.0.0, , action, 
PUP.Optional.Palikan, HKU\S-1-5-21-1498714615-88780390-2559584424-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{6586D803-DF30-46D3-A89A-4136C8571D45}, Sin acciones por parte del usuario, 373, 241491, , , , 
PUP.Optional.Palikan, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{6586d803-df30-46d3-a89a-4136c8571d45}, Sin acciones por parte del usuario, 373, 241491, 1.0.24392, , ame, 
PUP.Optional.Palikan, HKU\S-1-5-21-1498714615-88780390-2559584424-1000\SOFTWARE\palikan, Sin acciones por parte del usuario, 373, 241487, 1.0.24392, , ame, 

Valor del registro: 14
PUP.Optional.ASK, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{2fa28606-de77-4029-af96-b231e3b8f827}|URL, Sin acciones por parte del usuario, 281, 184157, 1.0.24392, , ame, 
PUP.Optional.Palikan, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{099602A0-FEA9-42E5-85E3-9BD710C5FBE2}|URL, Sin acciones por parte del usuario, 373, 241491, 1.0.24392, , ame, 
PUP.Optional.Palikan, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{099602A0-FEA9-42E5-85E3-9BD710C5FBE2}|TOPRESULTURLFALLBACK, Sin acciones por parte del usuario, 373, 241491, 1.0.24392, , ame, 
PUP.Optional.Palikan, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{099602A0-FEA9-42E5-85E3-9BD710C5FBE2}|FAVICONPATH, Sin acciones por parte del usuario, 373, 241491, 1.0.24392, , ame, 
PUP.Optional.Palikan, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{099602A0-FEA9-42E5-85E3-9BD710C5FBE2}|, Sin acciones por parte del usuario, 373, 241491, 1.0.24392, , ame, 
PUP.Optional.Palikan, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{099602A0-FEA9-42E5-85E3-9BD710C5FBE2}|DISPLAYNAME, Sin acciones por parte del usuario, 373, 241491, 1.0.24392, , ame, 
PUP.Optional.Palikan, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{6586d803-df30-46d3-a89a-4136c8571d45}|URL, Sin acciones por parte del usuario, 373, 241491, 1.0.24392, , ame, 
PUP.Optional.Palikan, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{6586d803-df30-46d3-a89a-4136c8571d45}|TOPRESULTURLFALLBACK, Sin acciones por parte del usuario, 373, 241491, 1.0.24392, , ame, 
PUP.Optional.Palikan, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{6586d803-df30-46d3-a89a-4136c8571d45}|FAVICONPATH, Sin acciones por parte del usuario, 373, 241491, 1.0.24392, , ame, 
PUP.Optional.Palikan, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{6586d803-df30-46d3-a89a-4136c8571d45}|, Sin acciones por parte del usuario, 373, 241491, 1.0.24392, , ame, 
PUP.Optional.Palikan, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{6586d803-df30-46d3-a89a-4136c8571d45}|DISPLAYNAME, Sin acciones por parte del usuario, 373, 241491, 1.0.24392, , ame, 
PUP.Optional.ASK, HKU\S-1-5-21-1498714615-88780390-2559584424-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{2fa28606-de77-4029-af96-b231e3b8f827}|URL, Sin acciones por parte del usuario, 281, 184156, 1.0.24392, , ame, 
PUP.Optional.ASK, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{2fa28606-de77-4029-af96-b231e3b8f827}|URL, Sin acciones por parte del usuario, 281, 184157, 1.0.24392, , ame, 
PUP.Optional.Palikan, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{5803CABB-D4BA-4793-B92C-A74731B20222}|PATH, Sin acciones por parte del usuario, 373, 341898, 1.0.24392, , ame, 

Datos del registro: 0
(No hay elementos maliciosos detectados)

Secuencia de datos: 0
(No hay elementos maliciosos detectados)

Carpeta: 19
PUP.Optional.WinYahoo.TskLnk, C:\USERS\EDGAR\APPDATA\LOCAL\{8908BF54-ADA0-D3EC-C038-F604E4500A9C}, Sin acciones por parte del usuario, 885, 484244, 1.0.24392, , ame, 
PUP.Optional.WinYahoo.TskLnk, C:\Users\EDGAR\AppData\Local\{D563E33F-F1CB-8F87-9C53-AA6FB83B56F7}\HowToRemove, Sin acciones por parte del usuario, 885, 484244, , , , 
PUP.Optional.WinYahoo.TskLnk, C:\USERS\EDGAR\APPDATA\LOCAL\{D563E33F-F1CB-8F87-9C53-AA6FB83B56F7}, Sin acciones por parte del usuario, 885, 484244, 1.0.24392, , ame, 
Adware.Yontoo, C:\Program Files (x86)\Primary Result\bin\TEMP, Sin acciones por parte del usuario, 198, 717835, , , , 
Adware.Yontoo, C:\Program Files (x86)\Primary Result\bin, Sin acciones por parte del usuario, 198, 717835, , , , 
Adware.Yontoo, C:\PROGRAM FILES (X86)\Primary Result, Sin acciones por parte del usuario, 198, 717835, 1.0.24392, , ame, 
PUP.Optional.Pakilan, C:\Users\EDGAR\AppData\Local\Chromium\User Data\Default\Extensions\ljibkigjccbegnbeojkoafejpoiachej\0.1.2_0\_metadata, Sin acciones por parte del usuario, 2519, 301950, , , , 
PUP.Optional.Pakilan, C:\Users\EDGAR\AppData\Local\Chromium\User Data\Default\Extensions\ljibkigjccbegnbeojkoafejpoiachej\0.1.2_0, Sin acciones por parte del usuario, 2519, 301950, , , , 
PUP.Optional.Pakilan, C:\USERS\EDGAR\APPDATA\LOCAL\CHROMIUM\USER DATA\DEFAULT\EXTENSIONS\LJIBKIGJCCBEGNBEOJKOAFEJPOIACHEJ, Sin acciones por parte del usuario, 2519, 301950, 1.0.24392, , ame, 
PUP.Optional.Babylon, C:\USERS\EDGAR\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Data\LevelDB, Sin acciones por parte del usuario, 392, 455059, , , , 
PUP.Optional.ASK, C:\USERS\EDGAR\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Data\LevelDB, Sin acciones por parte del usuario, 281, 454823, , , , 
PUP.Optional.Babylon, C:\USERS\EDGAR\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Data\LevelDB, Sin acciones por parte del usuario, 392, 455059, , , , 
PUP.Optional.WinYahoo, C:\USERS\EDGAR\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Data\LevelDB, Sin acciones por parte del usuario, 240, 454803, , , , 
PUP.Optional.Palikan, C:\USERS\EDGAR\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Data\LevelDB, Sin acciones por parte del usuario, 373, 455278, , , , 
PUP.Optional.Palikan, C:\USERS\EDGAR\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Data\LevelDB, Sin acciones por parte del usuario, 373, 455278, , , , 
PUP.Optional.Palikan, C:\USERS\EDGAR\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Data\LevelDB, Sin acciones por parte del usuario, 373, 455278, , , , 
PUP.Optional.Babylon, C:\USERS\EDGAR\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Data\LevelDB, Sin acciones por parte del usuario, 392, 455059, , , , 
PUP.Optional.Babylon, C:\USERS\EDGAR\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Data\LevelDB, Sin acciones por parte del usuario, 392, 455059, , , , 
PUP.Optional.Palikan, C:\USERS\EDGAR\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Data\LevelDB, Sin acciones por parte del usuario, 373, 455278, , , , 

Archivo: 72
PUP.Optional.Palikan, C:\USERS\EDGAR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BE89P35S.DEFAULT\SEARCHPLUGINS\Palikan.xml, Sin acciones por parte del usuario, 373, 241483, 1.0.24392, , ame, 
PUP.Optional.Palikan, C:\WINDOWS\SYSTEM32\TASKS\Palikan redo, Sin acciones por parte del usuario, 373, 341905, 1.0.24392, , ame, 
PUP.Optional.WinYahoo, C:\PROGRAMDATA\MICROSOFT\WINDOWS\START MENU\PROGRAMS\HOWTOREMOVE.HTML.LNK, Sin acciones por parte del usuario, 240, 254335, 1.0.24392, , ame, 
PUP.Optional.Palikan, C:\USERS\EDGAR\APPDATA\LOCALLOW\MICROSOFT\INTERNET EXPLORER\SERVICES\PALIKAN.ICO, Sin acciones por parte del usuario, 373, 255721, 1.0.24392, , ame, 
PUP.Optional.WinYahoo.TskLnk, C:\USERS\EDGAR\APPDATA\LOCAL\{8908BF54-ADA0-D3EC-C038-F604E4500A9C}\nito, Sin acciones por parte del usuario, 885, 484244, 1.0.24392, , ame, 
PUP.Optional.WinYahoo.TskLnk, C:\USERS\EDGAR\APPDATA\LOCAL\{D563E33F-F1CB-8F87-9C53-AA6FB83B56F7}\tica, Sin acciones por parte del usuario, 885, 484244, 1.0.24392, , ame, 
PUP.Optional.WinYahoo.TskLnk, C:\Users\EDGAR\AppData\Local\{D563E33F-F1CB-8F87-9C53-AA6FB83B56F7}\HowToRemove\chromium-min.jpg, Sin acciones por parte del usuario, 885, 484244, , , , 
PUP.Optional.WinYahoo.TskLnk, C:\Users\EDGAR\AppData\Local\{D563E33F-F1CB-8F87-9C53-AA6FB83B56F7}\HowToRemove\control panel-min-min.JPG, Sin acciones por parte del usuario, 885, 484244, , , , 
PUP.Optional.WinYahoo.TskLnk, C:\Users\EDGAR\AppData\Local\{D563E33F-F1CB-8F87-9C53-AA6FB83B56F7}\HowToRemove\down.png, Sin acciones por parte del usuario, 885, 484244, , , , 
PUP.Optional.WinYahoo.TskLnk, C:\Users\EDGAR\AppData\Local\{D563E33F-F1CB-8F87-9C53-AA6FB83B56F7}\HowToRemove\ff menu.JPG, Sin acciones por parte del usuario, 885, 484244, , , , 
PUP.Optional.WinYahoo.TskLnk, C:\Users\EDGAR\AppData\Local\{D563E33F-F1CB-8F87-9C53-AA6FB83B56F7}\HowToRemove\ff search engine-min.png, Sin acciones por parte del usuario, 885, 484244, , , , 
PUP.Optional.WinYahoo.TskLnk, C:\Users\EDGAR\AppData\Local\{D563E33F-F1CB-8F87-9C53-AA6FB83B56F7}\HowToRemove\HowToRemove.html, Sin acciones por parte del usuario, 885, 484244, , , , 
PUP.Optional.WinYahoo.TskLnk, C:\Users\EDGAR\AppData\Local\{D563E33F-F1CB-8F87-9C53-AA6FB83B56F7}\HowToRemove\hp-min ff.png, Sin acciones por parte del usuario, 885, 484244, , , , 
PUP.Optional.WinYahoo.TskLnk, C:\Users\EDGAR\AppData\Local\{D563E33F-F1CB-8F87-9C53-AA6FB83B56F7}\HowToRemove\hp-min ie.png, Sin acciones por parte del usuario, 885, 484244, , , , 
PUP.Optional.WinYahoo.TskLnk, C:\Users\EDGAR\AppData\Local\{D563E33F-F1CB-8F87-9C53-AA6FB83B56F7}\HowToRemove\search engine.gif, Sin acciones por parte del usuario, 885, 484244, , , , 
PUP.Optional.WinYahoo.TskLnk, C:\Users\EDGAR\AppData\Local\{D563E33F-F1CB-8F87-9C53-AA6FB83B56F7}\HowToRemove\setup pages.gif, Sin acciones por parte del usuario, 885, 484244, , , , 
PUP.Optional.WinYahoo.TskLnk, C:\Users\EDGAR\AppData\Local\{D563E33F-F1CB-8F87-9C53-AA6FB83B56F7}\HowToRemove\sp-min.png, Sin acciones por parte del usuario, 885, 484244, , , , 
PUP.Optional.WinYahoo.TskLnk, C:\Users\EDGAR\AppData\Local\{D563E33F-F1CB-8F87-9C53-AA6FB83B56F7}\HowToRemove\start-min.jpg, Sin acciones por parte del usuario, 885, 484244, , , , 
PUP.Optional.WinYahoo.TskLnk, C:\Users\EDGAR\AppData\Local\{D563E33F-F1CB-8F87-9C53-AA6FB83B56F7}\HowToRemove\up.png, Sin acciones por parte del usuario, 885, 484244, , , , 
Adware.Yontoo, C:\PROGRAM FILES (X86)\Primary Result\BIN\BrowserAdapter.7z, Sin acciones por parte del usuario, 198, 717835, 1.0.24392, , ame, 
Adware.Yontoo, C:\Program Files (x86)\Primary Result\bin\1601c372fdd44d0781cb.dll, Sin acciones por parte del usuario, 198, 717835, , , , 
Adware.Yontoo, C:\Program Files (x86)\Primary Result\bin\1601c372fdd44d0781cb64.dll, Sin acciones por parte del usuario, 198, 717835, , , , 
Adware.Yontoo, C:\Program Files (x86)\Primary Result\bin\1601c372fdd44d0781cb8d80cd533a89.dll, Sin acciones por parte del usuario, 198, 717835, , , , 
Adware.Yontoo, C:\Program Files (x86)\Primary Result\bin\1601c372fdd44d0781cb8d80cd533a8964.dll, Sin acciones por parte del usuario, 198, 717835, , , , 
Adware.Yontoo, C:\Program Files (x86)\Primary Result\bin\7za.exe, Sin acciones por parte del usuario, 198, 717835, , , , 
Adware.Yontoo, C:\Program Files (x86)\Primary Result\bin\eula.txt, Sin acciones por parte del usuario, 198, 717835, , , , 
Adware.Yontoo, C:\Program Files (x86)\Primary Result\bin\PrimaryResult.BrowserAdapter.exe, Sin acciones por parte del usuario, 198, 717835, , , , 
Adware.Yontoo, C:\Program Files (x86)\Primary Result\bin\PrimaryResult.BrowserAdapter64.exe, Sin acciones por parte del usuario, 198, 717835, , , , 
Adware.Yontoo, C:\Program Files (x86)\Primary Result\bin\PrimaryResult.PurBrowseG.zip, Sin acciones por parte del usuario, 198, 717835, , , , 
Adware.Yontoo, C:\Program Files (x86)\Primary Result\bin\tmp7839.tmp, Sin acciones por parte del usuario, 198, 717835, , , , 
Adware.Yontoo, C:\Program Files (x86)\Primary Result\bin\utilPrimaryResult.InstallState, Sin acciones por parte del usuario, 198, 717835, , , , 
Adware.Yontoo, C:\Program Files (x86)\Primary Result\nldaiffkmnllbliaehmbhigdfegejial.crx, Sin acciones por parte del usuario, 198, 717835, , , , 
Adware.Yontoo, C:\DOCUMENTS AND SETTINGS\ALL USERS\NTUSER.POL, Sin acciones por parte del usuario, 198, -1, 0.0.0, , action, 
Adware.Yontoo, C:\PROGRAMDATA\NTUSER.POL, Sin acciones por parte del usuario, 198, -1, 0.0.0, , action, 
Adware.Yontoo, C:\WINDOWS\SYSTEM32\GROUPPOLICY\MACHINE\REGISTRY.POL, Sin acciones por parte del usuario, 198, -1, 0.0.0, , action, 
PUP.Optional.Palikan, C:\USERS\EDGAR\APPDATA\LOCAL\CHROMIUM\USER DATA\DEFAULT\SECURE PREFERENCES, Sin acciones por parte del usuario, 373, 303034, 1.0.24392, , ame, 
PUP.Optional.Pakilan, C:\USERS\EDGAR\APPDATA\LOCAL\CHROMIUM\USER DATA\DEFAULT\EXTENSIONS\LJIBKIGJCCBEGNBEOJKOAFEJPOIACHEJ\0.1.2_0\MANIFEST.JSON, Sin acciones por parte del usuario, 2519, 301950, 1.0.24392, , ame, 
PUP.Optional.Pakilan, C:\Users\EDGAR\AppData\Local\Chromium\User Data\Default\Extensions\ljibkigjccbegnbeojkoafejpoiachej\0.1.2_0\_metadata\verified_contents.json, Sin acciones por parte del usuario, 2519, 301950, , , , 
PUP.Optional.Pakilan, C:\Users\EDGAR\AppData\Local\Chromium\User Data\Default\Extensions\ljibkigjccbegnbeojkoafejpoiachej\0.1.2_0\48X48.png, Sin acciones por parte del usuario, 2519, 301950, , , , 
PUP.Optional.Pakilan, C:\Users\EDGAR\AppData\Local\Chromium\User Data\Default\Extensions\ljibkigjccbegnbeojkoafejpoiachej\0.1.2_0\content_script.js, Sin acciones por parte del usuario, 2519, 301950, , , , 
PUP.Optional.Pakilan, C:\Users\EDGAR\AppData\Local\Chromium\User Data\Default\Extensions\ljibkigjccbegnbeojkoafejpoiachej\0.1.2_0\icon.ico, Sin acciones por parte del usuario, 2519, 301950, , , , 
PUP.Optional.Pakilan, C:\Users\EDGAR\AppData\Local\Chromium\User Data\Default\Extensions\ljibkigjccbegnbeojkoafejpoiachej\0.1.2_0\newtab.html, Sin acciones por parte del usuario, 2519, 301950, , , , 
PUP.Optional.Pakilan, C:\Users\EDGAR\AppData\Local\Chromium\User Data\Default\Extensions\ljibkigjccbegnbeojkoafejpoiachej\0.1.2_0\newtab.js, Sin acciones por parte del usuario, 2519, 301950, , , , 
PUP.Optional.Pakilan, C:\Users\EDGAR\AppData\Local\Chromium\User Data\Default\Extensions\ljibkigjccbegnbeojkoafejpoiachej\0.1.2_0\statistics.js, Sin acciones por parte del usuario, 2519, 301950, , , , 
PUP.Optional.WinYahoo, C:\USERS\EDGAR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BE89P35S.DEFAULT\SEARCHPLUGINS\SEARCH PROVIDED BY YAHOO.XML, Sin acciones por parte del usuario, 240, 342417, 1.0.24392, , ame, 
Malware.Generic.3748817761, C:\USERS\EDGAR\DOWNLOADS\200774014019.ZIP, Sin acciones por parte del usuario, 1000000, 0, 1.0.24392, 6855E0E6DBF7C0E8DF726B61, dds, 00734430
PUP.Optional.OpenCandy, C:\USERS\EDGAR\DOWNLOADS\DTLITE4454-0316.EXE, Sin acciones por parte del usuario, 1243, 297667, 1.0.24392, , ame, 
PUP.Optional.BestFreeDownloads, C:\USERS\EDGAR\DOWNLOADS\FLVPLAYERSETUP.EXE, Sin acciones por parte del usuario, 14944, 273324, 1.0.24392, , ame, 
Generic.Malware/Suspicious, C:\USERS\EDGAR\DOWNLOADS\WINDOWS.7.CODEC.PACK.V4.0.7.SETUP.EXE, Sin acciones por parte del usuario, 0, 392686, 1.0.24392, , shuriken, 
PUP.Optional.Softonic, C:\USERS\EDGAR\DOWNLOADS\SOFTONICDOWNLOADER_PARA_SAMSUNG-KIES.EXE, Sin acciones por parte del usuario, 1947, 598989, 1.0.24392, 000000000000000000000003, dds, 00734430
PUP.Optional.APNToolBar, C:\USERS\EDGAR\DOWNLOADS\OFFERCASTINSTALLER.EXE, Sin acciones por parte del usuario, 656, 76243, 1.0.24392, , ame, 
PUP.Optional.Softonic, C:\USERS\EDGAR\DOWNLOADS\SOFTONICDOWNLOADER_PARA_ARES.EXE, Sin acciones por parte del usuario, 1947, 598989, 1.0.24392, 000000000000000000000003, dds, 00734430
PUP.Optional.Softonic, C:\USERS\EDGAR\DOWNLOADS\SOFTONICDOWNLOADER_PARA_GAMERANGER.EXE, Sin acciones por parte del usuario, 1947, 598989, 1.0.24392, 000000000000000000000003, dds, 00734430
PUP.Optional.Babylon, C:\Users\EDGAR\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000005.ldb, Sin acciones por parte del usuario, 392, 455059, , , , 
PUP.Optional.Babylon, C:\Users\EDGAR\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000050.ldb, Sin acciones por parte del usuario, 392, 455059, , , , 
PUP.Optional.Babylon, C:\Users\EDGAR\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000051.log, Sin acciones por parte del usuario, 392, 455059, , , , 
PUP.Optional.Babylon, C:\Users\EDGAR\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000052.ldb, Sin acciones por parte del usuario, 392, 455059, , , , 
PUP.Optional.Babylon, C:\Users\EDGAR\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\CURRENT, Sin acciones por parte del usuario, 392, 455059, , , , 
PUP.Optional.Babylon, C:\Users\EDGAR\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOCK, Sin acciones por parte del usuario, 392, 455059, , , , 
PUP.Optional.Babylon, C:\Users\EDGAR\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG, Sin acciones por parte del usuario, 392, 455059, , , , 
PUP.Optional.Babylon, C:\Users\EDGAR\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG.old, Sin acciones por parte del usuario, 392, 455059, , , , 
PUP.Optional.Babylon, C:\Users\EDGAR\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\MANIFEST-000001, Sin acciones por parte del usuario, 392, 455059, , , , 
PUP.Optional.Babylon, C:\USERS\EDGAR\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Sin acciones por parte del usuario, 392, 455059, 1.0.24392, , ame, 
PUP.Optional.ASK, C:\USERS\EDGAR\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Sin acciones por parte del usuario, 281, 454823, 1.0.24392, , ame, 
PUP.Optional.Babylon, C:\USERS\EDGAR\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Sin acciones por parte del usuario, 392, 455059, 1.0.24392, , ame, 
PUP.Optional.WinYahoo, C:\USERS\EDGAR\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Sin acciones por parte del usuario, 240, 454803, 1.0.24392, , ame, 
PUP.Optional.Palikan, C:\USERS\EDGAR\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Sin acciones por parte del usuario, 373, 455278, 1.0.24392, , ame, 
PUP.Optional.Palikan, C:\USERS\EDGAR\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Sin acciones por parte del usuario, 373, 455278, 1.0.24392, , ame, 
PUP.Optional.Palikan, C:\USERS\EDGAR\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Sin acciones por parte del usuario, 373, 455278, 1.0.24392, , ame, 
PUP.Optional.Babylon, C:\USERS\EDGAR\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Sin acciones por parte del usuario, 392, 455059, 1.0.24392, , ame, 
PUP.Optional.Babylon, C:\USERS\EDGAR\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Sin acciones por parte del usuario, 392, 455059, 1.0.24392, , ame, 
PUP.Optional.Palikan, C:\USERS\EDGAR\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Sin acciones por parte del usuario, 373, 455278, 1.0.24392, , ame, 

Sector físico: 0
(No hay elementos maliciosos detectados)

WMI: 0
(No hay elementos maliciosos detectados)

(end)

AdwCleaner

# -------------------------------
# Malwarebytes AdwCleaner 8.0.4.0
# -------------------------------
# Build:    04-03-2020
# Database: 2020-05-19.1 (Cloud)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start:    05-24-2020
# Duration: 00:00:09
# OS:       Windows 10 Home
# Cleaned:  24
# Failed:   0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted       C:\Program Files (x86)\Primary Result
Deleted       C:\Users\EDGAR\Documents\Mobogenie

***** [ Files ] *****

Deleted       C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HowToRemove.html.lnk
Deleted       C:\Users\EDGAR\AppData\LocalLow\MICROSOFT\INTERNET EXPLORER\SERVICES\PALIKAN.ICO
Deleted       C:\Users\EDGAR\AppData\Roaming\Mozilla\Firefox\Profiles\be89p35s.default\searchplugins\Search Provided by Yahoo.xml
Deleted       C:\Users\EDGAR\AppData\Roaming\Mozilla\Firefox\Profiles\be89p35s.default\searchplugins\palikan.xml
Deleted       C:\Users\EDGAR\daemonprocess.txt

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted       HKCU\Software\APN PIP
Deleted       HKCU\Software\CoinisRevShare
Deleted       HKCU\Software\PRODUCTSETUP
Deleted       HKCU\Software\Palikan
Deleted       HKCU\Software\yahooprovidedsearch
Deleted       HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{099602A0-FEA9-42E5-85E3-9BD710C5FBE2}
Deleted       HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{6586d803-df30-46d3-a89a-4136c8571d45}

***** [ Chromium (and derivatives) ] *****

Deleted       Home Tab - kofkpgiaknijknhajbhnghkodiccblkg

***** [ Chromium URLs ] *****

Deleted       Google
Deleted       Google
Deleted       Palikan
Deleted       Search the web (Babylon)
Deleted       Search the web (Babylon)
Deleted       http://www.palikan.com/?f=7&a=plk_coinisre_16_03&cd=2XzuyEtN2Y1L1Qzu0CtDtCzzzzyD0F0DyDtD0FtDyCtC0ByBtN0D0Tzu0StCyEzztAtN1L2XzutAtFtCyBtFyEtFtDtN1L1Czu1BtAtN1L1G1B1V1N2Y1L1Qzu2SyCyCtBtB0E0B0DtAtGtB0EzztBtGzyyBtD0DtGtCyByDtBtGtByCzy0DyByDyByEtAzytCyD2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0CyBzyzz0BzytDyBtG0EzyzyyDtGyEzztAtBtGzzyBzy0CtGtD0FyCtD0E0C0E0A0CyBtA0D2QtN0A0LzuyE&cr=564727562&ir=
Deleted       isearch.babylon.com
Deleted       isearch.babylon.com
Deleted       isearch.babylon.com

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [10062 octets] - [24/05/2020 21:45:20]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

También quedó hecho el analisis con CCleaner.

Muchas gracias!! :smiley:

En Malwarebytesd pone que “sin acciones por el usuario”…revisa en historial - cuarentena, si esta todo ahi

Si no repites y envia todo a cuarentena

Luego.

  • Desactiva Temporalmente tu antivirus y cualquier programa de seguridad.

  • Descarga a Tu Escritorio >> Esto es muy importante<<.,Fabar Recovery Scan Tool, considerando la versión adecuada para tu equipo. (32 o 64 bits) :arrow_forward: ¿Cómo saber si mi Windows es de 32 o 64 bits?

  • Doble clic para ejecutar Frst.exe. En la ventana del Disclaimer, presiona Si.

  • En la nueva ventana que se abre, presiona el botón Analizar y espera a que concluya el análisis.

  • Se abrirán dos (2) archivos (Logs), Frst.txt y Addition.txt, que estarán grabados en Tu escritorio.

En Tu próxima respuesta, copias y pegas los dos reportes Frst.txt y Addition.txt de FRST

Nota: Si el/los reportes solicitados no entraran en una sola respuesta porque superan la cantidad de caracteres permitidos, puedes utilizar dos o mas respuestas para pegarlos completamente.

Hola, acá dejo los 3 logs que me indicaste en tu ultimo mensaje.

Aprovecho para comentarte dos cosas que he detectado en el notebook estos tres ultimos días: 1) El lector de discos hace al menos una vez al día un sonido de pitido y seguido de otro mecanico como si tratara de abrirse, y hoy de la nada se abrió solo; 2) El cooler de momentos trabaja con mucha velocidad, esto lo hace al menos unas 6 veces al día y donde vivo la temperatura del ambiente es de 12 grados.

Gracias nuevamente.

FSRT

Resultado del análisis realizado por Farbar Recovery Scan Tool (FRST) (x64) Versión: 24-05-2020 01
Ejecutado por EDGAR (administrador) sobre EDGAR-HP (Hewlett-Packard HP Pavilion g4 Notebook PC) (26-05-2020 01:07:19)
Ejecutado desde C:\Users\EDGAR\Downloads
Perfiles cargados: EDGAR
Platform: Windows 10 Home Versión 1903 18362.836 (X64) Idioma: Español (España, internacional)
Navegador predeterminado: Edge
Modo de Inicio: Normal
Tutorial para Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Procesos (Lista blanca) =================

(Si una entrada es incluida en el fixlist, el proceso será cerrado. El archivo no será movido.)

(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\aswEngSrv.exe
(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\AVGSvc.exe
(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\AVGUI.exe <2>
(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\wsc_proxy.exe
(Broadcom Corporation -> Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Google Inc (TEST) -> khipu) [Archivo no firmado] C:\Users\EDGAR\AppData\Local\KH\Update\KhipuUpdate.exe
(Hewlett-Packard Company -> Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Hewlett-Packard Company -> Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
(Hewlett-Packard Company -> Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
(Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
(Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(INDRA SISTEMAS, S.A. -> Telefónica) C:\Program Files (x86)\Movistar\Escritorio Movistar Latam\ImpWiFiSvc.exe
(Intel Corporation -> ) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel® Upgrade Service -> Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(LogMeIn, Inc. -> LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(LogMeIn, Inc. -> LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe
(LogMeIn, Inc. -> LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\EDGAR\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeSH.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(RealNetworks, Inc. -> ) C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
(RealNetworks, Inc. -> RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe
(RealNetworks, Inc. -> RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin64\rpsystray.exe
(RealNetworks, Inc. -> RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

==================== Registro (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.)

HKLM\...\Run: [Windows Mobile Device Center] => C:\WINDOWS\WindowsMobile\wmdc.exe [660360 2007-05-31] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3954352 2016-04-27] (Synaptics Incorporated -> Synaptics Incorporated)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [302392 2020-03-28] (Apple Inc. -> Apple Inc.)
HKLM\...\Run: [AVGUI.exe] => C:\Program Files\AVG\Antivirus\AvLaunch.exe [156776 2020-05-24] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [TkBellExe] => C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe [296520 2014-08-17] (RealNetworks, Inc. -> RealNetworks, Inc.)
HKLM-x32\...\Run: [HP CoolSense] => C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [1343904 2012-11-05] (Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [HP Quick Launch] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [581024 2012-09-07] (Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [6867968 2020-05-12] (Dropbox, Inc -> Dropbox, Inc.)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5890504 2019-04-02] (LogMeIn, Inc. -> LogMeIn Inc.)
HKU\S-1-5-21-1498714615-88780390-2559584424-1000\...\Run: [GoogleChromeAutoLaunch_C5AFDDB057D0F01A726A9152C485F15B] => "C:\Users\EDGAR\AppData\Local\Chromium\Application\chrome.exe" --auto-launch-at-startup --profile-directory="Default" --restore-last-session
HKU\S-1-5-21-1498714615-88780390-2559584424-1000\...\Run: [KH Update] => C:\Users\EDGAR\AppData\Local\KH\Update\KhipuUpdate.exe [129264 2017-01-25] (Google Inc (TEST) -> khipu) [Archivo no firmado]
HKU\S-1-5-21-1498714615-88780390-2559584424-1000\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [31867792 2020-05-21] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-1498714615-88780390-2559584424-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [27775672 2020-05-01] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-1498714615-88780390-2559584424-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05242020222230334\...\Run: [GoogleChromeAutoLaunch_C5AFDDB057D0F01A726A9152C485F15B] => "C:\Users\EDGAR\AppData\Local\Chromium\Application\chrome.exe" --auto-launch-at-startup --profile-directory="Default" --restore-last-session
HKU\S-1-5-21-1498714615-88780390-2559584424-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05242020222230334\...\Run: [KH Update] => C:\Users\EDGAR\AppData\Local\KH\Update\KhipuUpdate.exe [129264 2017-01-25] (Google Inc (TEST) -> khipu) [Archivo no firmado]
HKU\S-1-5-21-1498714615-88780390-2559584424-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05242020222230334\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [31867792 2020-05-21] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-1498714615-88780390-2559584424-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05242020222230334\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [27775672 2020-05-01] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05242020222233585\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.61\Installer\chrmstp.exe [2020-05-21] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] -> 
HKLM\Software\...\Authentication\Credential Providers: [{50968FF7-10C1-4fb3-98B0-CD654D6CB97E}] -> C:\Program Files\WIDCOMM\Bluetooth Software\\BtwCP.dll [2011-12-05] (Broadcom Corporation -> Broadcom Corporation.)
HKLM\Software\...\Authentication\Credential Providers: [{D28973E5-8630-41af-8831-50A15FEB396B}] -> 
Lsa: [Notification Packages] scecli C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\RealPlayer Cloud Service UI.lnk [2014-08-17]
ShortcutTarget: RealPlayer Cloud Service UI.lnk -> C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin64\rpsystray.exe (RealNetworks, Inc. -> RealNetworks, Inc.)
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restricción <==== ATENCIÓN
CHR HKLM\SOFTWARE\Policies\Google: Restricción <==== ATENCIÓN

==================== Tareas programadas (Lista blanca) ============

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

Task: {02144205-E87E-424D-B537-1F3F7BDEF227} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => c:\Program Files\Microsoft Security Client\MpCmdRun.exe
Task: {0B31AE48-29A7-4F26-AA3B-5737CFD7F3A0} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [616832 2019-09-04] (Apple Inc. -> Apple Inc.)
Task: {145CAFE5-9A5A-41CD-AE40-BF7DD22F6473} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [25128 2017-11-18] (HP Inc. -> )
Task: {18067828-03E3-4249-8B5A-6940453409EA} - \Microsoft\Windows\UNP\RunCampaignManager -> Ningún archivo <==== ATENCIÓN
Task: {2304CBF6-AA14-40A7-8C69-BCCE97548729} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Ningún archivo <==== ATENCIÓN
Task: {2624EBA7-9A4C-4D1D-BEDF-C74C9D20735D} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe [1692296 2020-05-24] (AVG Technologies USA, LLC -> AVG Technologies)
Task: {26D9FADE-BED7-4269-AD63-C34D782CD857} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {287732D6-A7FA-4D5B-852F-090DE7F7741D} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {2C9CD174-C11D-4315-BBAB-028CF81ABF03} - System32\Tasks\HPCeeScheduleForEDGAR => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [96568 2015-06-16] (Hewlett-Packard Company -> Hewlett-Packard)
Task: {350FDEED-226F-4572-B9BD-068287E21840} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [998104 2015-07-07] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {4110549C-8254-400E-B932-F59906BA56D5} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {41BE5A2B-DC0C-4E1E-B01E-2B5D53597D63} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Ningún archivo <==== ATENCIÓN
Task: {441F38EC-75D8-4EB8-9014-D6C65C91FC61} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Ningún archivo <==== ATENCIÓN
Task: {486D715E-6AA2-44CF-BC48-B6990CBB53C6} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControlsMigration => {343D770D-7788-47C2-B62A-B7C4CED925CB}
Task: {4CC0233B-DB6C-4354-A4C4-89C6F496BFCF} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-10-01] (Google Inc -> Google Inc.)
Task: {4FFD6D5A-437D-4F73-B727-330BDF083595} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_371_Plugin.exe [1458232 2020-05-18] (Adobe Inc. -> Adobe)
Task: {5528F22C-2470-4715-ACAE-E274EF6898C7} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43DA-BFD7-FBEEA2180A1E}
Task: {5B42DD9C-5A26-4F27-BB95-34603F0997E5} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControls => {DFA14C43-F385-4170-99CC-1B7765FA0E4A}
Task: {70404FB8-2AA3-4569-9E27-3B80E5CD8258} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe [127176 2020-05-19] (Mozilla Corporation -> Mozilla Foundation)
Task: {72781F6C-1BDA-49FC-8538-FA4525530B47} - System32\Tasks\G2MUploadTask-S-1-5-21-1498714615-88780390-2559584424-1000 => C:\Users\EDGAR\AppData\Local\GoToMeeting\17359\g2mupload.exe [32256 2020-05-01] (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {77A342BE-AE1D-46D4-A0F7-1D755D8CCB66} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Ningún archivo <==== ATENCIÓN
Task: {792B5FB6-3714-4EEF-A4DF-FFEB7983CF31} - System32\Tasks\KHUpdateTaskUserS-1-5-21-1498714615-88780390-2559584424-1000UA => C:\Users\EDGAR\AppData\Local\KH\Update\KhipuUpdate.exe [129264 2017-01-25] (Google Inc (TEST) -> khipu) [Archivo no firmado]
Task: {7DD962C6-11B5-4EDA-94DA-BFE20D4876D8} - System32\Tasks\G2MUpdateTask-S-1-5-21-1498714615-88780390-2559584424-1000 => C:\Users\EDGAR\AppData\Local\GoToMeeting\17359\g2mupdate.exe [32256 2020-05-01] (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {7E4F0991-9BF9-4C08-A391-4F3AA2FC58C0} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-10-17] (Dropbox, Inc -> Dropbox, Inc.)
Task: {82A2E45F-37CC-469C-BA6B-3903B7F013F5} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [320856 2020-04-23] (HP Inc. -> HP Inc.)
Task: {8439BE4F-2587-4878-BA41-29A9AEE18555} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [23571128 2020-05-01] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {8AFCA6BF-7113-4AC2-A3E8-767B6E0A603E} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Ningún archivo <==== ATENCIÓN
Task: {954C108E-6004-45C7-AB19-E99ED30E4705} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Ningún archivo <==== ATENCIÓN
Task: {95CF6B91-F86B-4871-AB8F-A7DC59154A90} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Ningún archivo <==== ATENCIÓN
Task: {9EFD2E4A-56D2-459E-8E0D-BD946E748098} - System32\Tasks\KHUpdateTaskUserS-1-5-21-1498714615-88780390-2559584424-1000Core => C:\Users\EDGAR\AppData\Local\KH\Update\KhipuUpdate.exe [129264 2017-01-25] (Google Inc (TEST) -> khipu) [Archivo no firmado]
Task: {A24E17E2-8F0E-4C2C-BD93-A16D21D465A8} - System32\Tasks\Antivirus Emergency Update => C:\Program Files\AVG\Antivirus\AvEmUpdate.exe [3387520 2020-05-24] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
Task: {A58ABA7D-4274-404B-9BF4-3F590E85B043} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Ningún archivo <==== ATENCIÓN
Task: {A7867BCE-1D6F-4B20-BE8A-4449099C45BC} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-1498714615-88780390-2559584424-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe [147016 2014-07-24] (RealNetworks, Inc. -> RealNetworks, Inc.)
Task: {ADD70207-0272-4578-B8DD-B34C62E26073} - System32\Tasks\Nero\Nero Info => C:\Program Files (x86)\Common Files\Nero\Nero Info\NeroInfo.exe [6501872 2015-10-10] (Nero AG -> Nero AG)
Task: {B0CBAB43-44FC-469B-A4CE-87426761FDCE} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {B3859741-B23D-4F37-95D8-C1E6B7CC3EBA} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Ningún archivo <==== ATENCIÓN
Task: {BA8A8E9E-1F4D-4787-9133-B400A8218A1A} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Ningún archivo <==== ATENCIÓN
Task: {BD6D3F6B-4B5B-4489-ABD7-2A0EDC3C98A7} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-10-01] (Google Inc -> Google Inc.)
Task: {C1A6DFB9-8C6B-4697-99EF-3D69D11D0FA5} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [655736 2019-07-31] (HP Inc. -> HP Inc.)
Task: {C358F6A9-652E-45E3-8680-640F89517053} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [1626328 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {CDBDBB84-C87E-435C-B02B-7BB89264E729} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [136488 2011-11-28] (CyberLink -> CyberLink)
Task: {CEF40FBF-2AFA-455D-B352-161AA77C3ECB} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-05-18] (Adobe Inc. -> Adobe)
Task: {D50D23FF-C423-4240-A0A1-DDDB4B6D6CEB} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1506680 2019-06-14] (HP Inc. -> HP Inc.)
Task: {D8BFE8AC-94B8-4F92-B74D-53802D8777B9} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Ningún archivo <==== ATENCIÓN
Task: {DC8312BA-9213-4D7E-B1A6-55005E753C21} - \AutoKMS -> Ningún archivo <==== ATENCIÓN
Task: {DEA59212-BCF7-46E7-AFF8-697073D81C69} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1117048 2020-03-26] (HP Inc. -> HP Inc.)
Task: {DF219C37-3F8D-4DE7-B985-344EB7C71659} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1506680 2019-06-14] (HP Inc. -> HP Inc.)
Task: {DF5D380C-2116-4D5E-9E2E-32D6A72D1037} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [134008 2020-03-25] (HP Inc. -> HP Inc.)
Task: {E54A0058-A614-407E-AFB6-B14113068A31} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2020-05-01] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {E92A4452-A449-43D2-AA3D-F48B1441CAED} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-10-17] (Dropbox, Inc -> Dropbox, Inc.)
Task: {EE34CEF5-8599-424B-B2CE-060BF35CDD84} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_ERROR_HB => C:\WINDOWS\system32\MRT.exe [120636720 2020-05-19] (Microsoft Windows -> Microsoft Corporation)
Task: {F796AE27-83D8-4CB8-91DF-ACBB36F043C5} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-1498714615-88780390-2559584424-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe [147016 2014-07-24] (RealNetworks, Inc. -> RealNetworks, Inc.)
Task: {FE3710A1-5BEC-4E04-A3B5-7C43C7965B70} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> Ningún archivo <==== ATENCIÓN

(Si una entrada es incluida en el fixlist, el archivo de tarea (.job) será movido. El archivo que está siendo ejecutado por la tarea no será movido.)

Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-1498714615-88780390-2559584424-1000.job => C:\Users\EDGAR\AppData\Local\GoToMeeting\17359\g2mupdate.exe
Task: C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-1498714615-88780390-2559584424-1000.job => C:\Users\EDGAR\AppData\Local\GoToMeeting\17359\g2mupload.exe
Task: C:\WINDOWS\Tasks\HPCeeScheduleForEDGAR.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\WINDOWS\Tasks\KHUpdateTaskUserS-1-5-21-1498714615-88780390-2559584424-1000Core.job => C:\Users\EDGAR\AppData\Local\KH\Update\KhipuUpdate.exe
Task: C:\WINDOWS\Tasks\KHUpdateTaskUserS-1-5-21-1498714615-88780390-2559584424-1000UA.job => C:\Users\EDGAR\AppData\Local\KH\Update\KhipuUpdate.exe

==================== Internet (Lista blanca) ====================

(Si un elemento es incluido en el fixlist, y éste pertenece al registro, será eliminado o restaurado a su valor predeterminado.)

Tcpip\Parameters: [DhcpNameServer] 192.168.8.1 192.168.8.1
Tcpip\..\Interfaces\{3dca1a8e-7c4f-4ef5-a578-510f118b5299}: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{447be96f-e677-4892-99e5-3c366c863099}: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{57d13867-92c1-4075-abd4-011110f40ddc}: [DhcpNameServer] 192.168.8.1 192.168.8.1
Tcpip\..\Interfaces\{b4cf361f-247a-4cf3-a692-4c8ddf922e96}: [DhcpNameServer] 192.168.8.1 192.168.8.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131156291682935182&GUID=502DF4FF-90BB-4409-A7A0-2D795F5E7AF0
HKU\S-1-5-21-1498714615-88780390-2559584424-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131156291682945579&GUID=502DF4FF-90BB-4409-A7A0-2D795F5E7AF0
HKU\S-1-5-21-1498714615-88780390-2559584424-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.jp.msn.com/HPALL/42
HKU\S-1-5-21-1498714615-88780390-2559584424-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05242020222230334\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131156291682945579&GUID=502DF4FF-90BB-4409-A7A0-2D795F5E7AF0
HKU\S-1-5-21-1498714615-88780390-2559584424-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05242020222230334\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.jp.msn.com/HPALL/42
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
SearchScopes: HKLM -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://ve.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
SearchScopes: HKLM -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = hxxp://es.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://ve.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
SearchScopes: HKLM-x32 -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = hxxp://es.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKU\S-1-5-21-1498714615-88780390-2559584424-1000 -> DefaultScope {099602A0-FEA9-42E5-85E3-9BD710C5FBE2} URL = 
SearchScopes: HKU\S-1-5-21-1498714615-88780390-2559584424-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-1498714615-88780390-2559584424-1000 -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://ve.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
SearchScopes: HKU\S-1-5-21-1498714615-88780390-2559584424-1000 -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = hxxp://es.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKU\S-1-5-21-1498714615-88780390-2559584424-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05242020222230334 -> DefaultScope {099602A0-FEA9-42E5-85E3-9BD710C5FBE2} URL = 
SearchScopes: HKU\S-1-5-21-1498714615-88780390-2559584424-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05242020222230334 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-1498714615-88780390-2559584424-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05242020222230334 -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://ve.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
SearchScopes: HKU\S-1-5-21-1498714615-88780390-2559584424-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05242020222230334 -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = hxxp://es.wikipedia.org/wiki/Special:Search?search={searchTerms}
BHO: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin64.dll [2014-07-24] (RealNetworks, Inc. -> RealDownloader)
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2020-04-15] (Microsoft Corporation -> Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2018-05-15] (Microsoft Corporation -> Microsoft Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2017-10-27] (HP Inc. -> HP Inc.)
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll [2014-07-24] (RealNetworks, Inc. -> RealDownloader)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2020-04-15] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2018-05-15] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2017-10-27] (HP Inc. -> HP Inc.)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2017-08-15] (Microsoft Corporation -> Microsoft Corporation)

FireFox:
========
FF DefaultProfile: be89p35s.default
FF ProfilePath: C:\Users\EDGAR\AppData\Roaming\Mozilla\Firefox\Profiles\be89p35s.default [2020-05-26]
FF NewTab: Mozilla\Firefox\Profiles\be89p35s.default -> about:newtab
FF Extension: (Hoxx VPN Proxy) - C:\Users\EDGAR\AppData\Roaming\Mozilla\Firefox\Profiles\be89p35s.default\Extensions\@hoxx-vpn.xpi [2020-05-23]
FF Extension: (Hola Free VPN Proxy Unblocker) - C:\Users\EDGAR\AppData\Roaming\Mozilla\Firefox\Profiles\be89p35s.default\Extensions\[email protected] [2020-05-21]
FF HKLM-x32\...\Firefox\Extensions: [{7C9C2591-51ED-44FA-8D03-450B92643F95}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: (RealDownloader) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2014-08-17] [Heredado] [no firmado]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_371.dll [2020-05-18] (Adobe Inc. -> )
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_371.dll [2020-05-18] (Adobe Inc. -> )
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll [2011-11-07] (Adobe Systems, Inc.) [Archivo no firmado]
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.52 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2011-12-01] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2011-12-01] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-07-19] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=17.0.12.0 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll [2014-08-17] (RealNetworks, Inc. -> RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=17.0.12 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll [2014-07-24] (RealNetworks, Inc. -> RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=17.0.12.0 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll [2014-08-17] (RealNetworks, Inc. -> RealPlayer Cloud)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2010-12-07] (WildTangent Inc -> )
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-09-24] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1498714615-88780390-2559584424-1000: @citrixonline.com/appdetectorplugin -> C:\Users\EDGAR\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2016-09-21] (Citrix Online -> Citrix Online)
FF Plugin HKU\S-1-5-21-1498714615-88780390-2559584424-1000: @khipu.com/KH Update;version=1 -> C:\Users\EDGAR\AppData\Local\KH\Update\1.3.23.0\npKhipuUpdate1.dll [2017-01-25] (Google Inc (TEST) -> khipu) [Archivo no firmado]
FF Plugin HKU\S-1-5-21-1498714615-88780390-2559584424-1000: @zoom.us/ZoomVideoPlugin -> C:\Users\EDGAR\AppData\Roaming\Zoom\bin\npzoomplugin.dll [2020-05-19] (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FF Plugin HKU\S-1-5-21-1498714615-88780390-2559584424-1000: Khipu/KHPlugin -> C:\Users\EDGAR\AppData\Local\khipu\Desktop\npKHPlugin.dll [2016-07-15] (Khipu SpA -> Khipu) [Archivo no firmado]
FF Plugin HKU\S-1-5-21-1498714615-88780390-2559584424-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05242020222230334: @citrixonline.com/appdetectorplugin -> C:\Users\EDGAR\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2016-09-21] (Citrix Online -> Citrix Online)
FF Plugin HKU\S-1-5-21-1498714615-88780390-2559584424-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05242020222230334: @khipu.com/KH Update;version=1 -> C:\Users\EDGAR\AppData\Local\KH\Update\1.3.23.0\npKhipuUpdate1.dll [2017-01-25] (Google Inc (TEST) -> khipu) [Archivo no firmado]
FF Plugin HKU\S-1-5-21-1498714615-88780390-2559584424-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05242020222230334: @zoom.us/ZoomVideoPlugin -> C:\Users\EDGAR\AppData\Roaming\Zoom\bin\npzoomplugin.dll [2020-05-19] (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FF Plugin HKU\S-1-5-21-1498714615-88780390-2559584424-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05242020222230334: Khipu/KHPlugin -> C:\Users\EDGAR\AppData\Local\khipu\Desktop\npKHPlugin.dll [2016-07-15] (Khipu SpA -> Khipu) [Archivo no firmado]

Chrome: 
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\EDGAR\AppData\Local\Google\Chrome\User Data\Default [2020-05-24]
CHR StartupUrls: Default -> "hxxps://www.google.cl/","hxxps://www.google.com/"
CHR Extension: (Presentaciones) - C:\Users\EDGAR\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-29]
CHR Extension: (Documentos) - C:\Users\EDGAR\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-29]
CHR Extension: (Google Drive) - C:\Users\EDGAR\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-29]
CHR Extension: (YouTube) - C:\Users\EDGAR\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-18]
CHR Extension: (Búsqueda de Google) - C:\Users\EDGAR\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-29]
CHR Extension: (Hojas de cálculo) - C:\Users\EDGAR\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-29]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\EDGAR\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-05-02]
CHR Extension: (Plus500) - C:\Users\EDGAR\AppData\Local\Google\Chrome\User Data\Default\Extensions\gjnbjoifncpjlidnhbmoimcgdgjfhoog [2019-05-11]
CHR Extension: (khipu) - C:\Users\EDGAR\AppData\Local\Google\Chrome\User Data\Default\Extensions\kmmojbkhfhninkelnlcnliacgncnnikf [2017-01-25]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\EDGAR\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-04]
CHR Extension: (Gmail) - C:\Users\EDGAR\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-05-16]
CHR Extension: (Chrome Media Router) - C:\Users\EDGAR\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-05-02]
CHR HKLM\...\Chrome\Extension: [kofkpgiaknijknhajbhnghkodiccblkg]
CHR HKU\S-1-5-21-1498714615-88780390-2559584424-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [kofkpgiaknijknhajbhnghkodiccblkg]
CHR HKU\S-1-5-21-1498714615-88780390-2559584424-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05242020222230334\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [kofkpgiaknijknhajbhnghkodiccblkg]
CHR HKLM-x32\...\Chrome\Extension: [kofkpgiaknijknhajbhnghkodiccblkg]

==================== Servicios (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [96056 2020-03-27] (Apple Inc. -> Apple Inc.)
R2 AVG Antivirus; C:\Program Files\AVG\Antivirus\AVGSvc.exe [349552 2020-05-24] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
S3 avgbIDSAgent; C:\Program Files\AVG\Antivirus\aswidsagent.exe [6397888 2020-05-24] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R2 AvgWscReporter; C:\Program Files\AVG\Antivirus\wsc_proxy.exe [110608 2020-05-24] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-10-17] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-10-17] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [44552 2020-05-12] (Dropbox, Inc -> Dropbox, Inc.)
R2 Hamachi2Svc; C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe [3361736 2019-04-02] (LogMeIn, Inc. -> LogMeIn Inc.)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [378744 2020-03-31] (HP Inc. -> HP Inc.)
S2 HPTouchpointAnalyticsService; C:\Program Files\HP\HP Touchpoint Analytics Client\TouchpointAnalyticsClientService.exe [332216 2017-11-21] (HP Inc. -> HP Inc.)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128280 2011-12-16] (Intel Corporation -> )
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2011-12-16] (Intel Corporation -> Intel Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe [419248 2016-05-27] (LogMeIn, Inc. -> LogMeIn, Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [6933272 2020-05-24] (Malwarebytes Inc -> Malwarebytes)
S3 MixedRealityOpenXRSvc; C:\WINDOWS\System32\MixedRealityRuntime.dll [139952 2020-05-19] (Microsoft Windows -> Microsoft Corporation)
S3 MixedRealityOpenXRSvc; C:\WINDOWS\SysWOW64\MixedRealityRuntime.dll [105840 2020-05-19] (Microsoft Windows -> Microsoft Corporation)
R2 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [39568 2014-07-24] (RealNetworks, Inc. -> )
R2 RealPlayer Cloud Service; C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe [1141848 2014-08-17] (RealNetworks, Inc. -> RealNetworks, Inc.)
S2 RealPlayerUpdateSvc; C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe [23552 2014-07-24] () [Archivo no firmado]
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [253960 2016-04-27] (Synaptics Incorporated -> Synaptics Incorporated)
R2 TGCM_ImportWiFiSvc; C:\Program Files (x86)\Movistar\Escritorio Movistar Latam\ImpWiFiSvc.exe [201080 2011-06-14] (INDRA SISTEMAS, S.A. -> Telefónica)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2004.6-0\NisSrv.exe [3304992 2020-05-01] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2004.6-0\MsMpEng.exe [103376 2020-05-01] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Controladores (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

R3 Accelerometer; C:\WINDOWS\system32\DRIVERS\Accelerometer.sys [43840 2012-09-24] (Hewlett-Packard Company -> Hewlett-Packard Company)
S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20640 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
R0 avgArDisk; C:\WINDOWS\System32\drivers\avgArDisk.sys [37208 2020-05-24] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgArPot; C:\WINDOWS\System32\drivers\avgArPot.sys [205952 2020-05-24] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgbidsdriver; C:\WINDOWS\System32\drivers\avgbidsdriver.sys [234632 2020-05-24] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgbidsh; C:\WINDOWS\System32\drivers\avgbidsh.sys [178832 2020-05-24] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgbuniv; C:\WINDOWS\System32\drivers\avgbuniv.sys [61072 2020-05-24] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgElam; C:\WINDOWS\System32\drivers\avgElam.sys [16520 2020-05-24] (Microsoft Windows Early Launch Anti-malware Publisher -> AVG Technologies CZ, s.r.o.)
R1 avgKbd; C:\WINDOWS\System32\drivers\avgKbd.sys [42856 2020-05-24] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R2 avgMonFlt; C:\WINDOWS\System32\drivers\avgMonFlt.sys [175776 2020-05-24] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgRdr; C:\WINDOWS\System32\drivers\avgRdr2.sys [109336 2020-05-24] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgRvrt; C:\WINDOWS\System32\drivers\avgRvrt.sys [84928 2020-05-24] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgSnx; C:\WINDOWS\System32\drivers\avgSnx.sys [851664 2020-05-24] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgSP; C:\WINDOWS\System32\drivers\avgSP.sys [461064 2020-05-24] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
S2 avgStm; C:\WINDOWS\System32\drivers\avgStm.sys [235552 2020-05-24] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgVmm; C:\WINDOWS\System32\drivers\avgVmm.sys [319184 2020-05-24] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [231936 2019-11-07] (Microsoft Corporation) [Archivo no firmado]
R3 clwvd; C:\WINDOWS\System32\drivers\clwvd.sys [31088 2010-07-28] (CyberLink -> CyberLink Corporation)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [153312 2020-05-24] (Malwarebytes Corporation -> Malwarebytes)
S3 Hamachi; C:\WINDOWS\System32\drivers\Hamdrv.sys [45680 2017-02-02] (Microsoft Windows Hardware Compatibility Publisher -> LogMeIn Inc.)
R0 hpdskflt; C:\WINDOWS\System32\DRIVERS\hpdskflt.sys [31040 2012-09-24] (Hewlett-Packard Company -> Hewlett-Packard Company)
S3 massfilter; C:\WINDOWS\System32\drivers\massfilter.sys [11776 2010-11-26] (Microsoft Windows Hardware Compatibility Publisher -> MBB Incorporated)
S3 massfilter_hs; C:\WINDOWS\System32\drivers\massfilter_hs.sys [12800 2010-10-15] (Microsoft Windows Hardware Compatibility Publisher -> ZTE Incorporated)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [214496 2020-05-24] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [20936 2020-05-24] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [195432 2020-05-24] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [73368 2020-05-24] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248968 2020-05-24] (Malwarebytes Inc -> Malwarebytes)
S3 Netaapl; C:\WINDOWS\System32\drivers\netaapl64.sys [23040 2014-08-15] (Microsoft Windows Hardware Compatibility Publisher -> Apple Inc.)
S3 RSP2STOR; C:\WINDOWS\system32\DRIVERS\RtsP2Stor.sys [310528 2015-06-29] (Realtek Semiconductor Corp -> Realtek Semiconductor Corp.)
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [52904 2016-04-27] (Synaptics Incorporated -> Synaptics Incorporated)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [45960 2020-05-01] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [394680 2020-05-01] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [64944 2020-05-01] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [34944 2018-05-11] (HP Inc. -> HP)
U3 idsvc; no ImagePath

==================== NetSvcs (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

Continua…

    ==================== Un mes (creado) ===================

    (Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)

    2020-05-26 01:07 - 2020-05-26 01:11 - 000046571 _____ C:\Users\EDGAR\Downloads\FRST.txt
    2020-05-26 01:05 - 2020-05-26 01:10 - 000000000 ____D C:\FRST
    2020-05-26 01:01 - 2020-05-26 01:01 - 000004152 _____ C:\Users\EDGAR\Desktop\ESETreg.txt
    2020-05-25 20:26 - 2020-05-25 20:26 - 000000749 _____ C:\Users\EDGAR\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk
    2020-05-25 20:26 - 2020-05-25 20:26 - 000000650 _____ C:\Users\EDGAR\Desktop\ESET Online Scanner.lnk
    2020-05-25 20:26 - 2020-05-25 20:26 - 000000000 ____D C:\Users\EDGAR\AppData\Local\ESET
    2020-05-25 17:31 - 2020-05-25 17:31 - 000070226 _____ C:\Users\EDGAR\Downloads\ACHS Qué hacer frente a un caso positivo de COVID-19 en mi empresa.pdf
    2020-05-25 17:07 - 2020-05-25 18:41 - 000000000 ____D C:\Users\EDGAR\Documents\Grabaciones de sonido
    2020-05-25 16:48 - 2020-05-26 00:59 - 000000000 ____D C:\WINDOWS\system32\Tasks\AVAST Software
    2020-05-25 14:51 - 2020-05-25 14:51 - 002286592 _____ (Farbar) C:\Users\EDGAR\Downloads\FRST64.exe
    2020-05-25 13:58 - 2020-05-25 13:59 - 069300040 _____ (Safer-Networking Ltd. ) C:\Users\EDGAR\Downloads\spybotsd-2.8.68.0.exe
    2020-05-25 13:57 - 2020-05-25 13:58 - 014665312 _____ (ESET spol. s r.o.) C:\Users\EDGAR\Downloads\esetonlinescanner.exe
    2020-05-25 12:29 - 2020-05-25 12:29 - 008855955 _____ C:\Users\EDGAR\Downloads\WhatsApp Video 2020-05-25 at 11.02.53.mp4
    2020-05-24 23:57 - 2020-05-24 23:57 - 000000000 ____D C:\ProgramData\Mozilla
    2020-05-24 22:26 - 2020-05-24 22:26 - 000003131 _____ C:\Users\EDGAR\Desktop\AdwCleaner[C00].txt
    2020-05-24 22:23 - 2020-05-24 22:23 - 000073368 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
    2020-05-24 22:22 - 2020-05-24 22:22 - 000195432 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
    2020-05-24 22:18 - 2020-05-24 22:24 - 000000282 __RSH C:\ProgramData\ntuser.pol
    2020-05-24 21:33 - 2020-05-24 22:17 - 000000000 ____D C:\AdwCleaner
    2020-05-24 18:53 - 2020-05-24 18:53 - 000248968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
    2020-05-24 18:53 - 2020-05-24 18:53 - 000214496 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
    2020-05-24 18:53 - 2020-05-24 18:53 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
    2020-05-24 18:53 - 2020-05-24 18:53 - 000002021 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
    2020-05-24 18:53 - 2020-05-24 18:53 - 000000000 ____D C:\Users\EDGAR\AppData\Local\mbamtray
    2020-05-24 18:53 - 2020-05-24 18:53 - 000000000 ____D C:\Users\EDGAR\AppData\Local\mbam
    2020-05-24 18:52 - 2020-05-24 18:52 - 000153312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
    2020-05-24 18:52 - 2020-05-24 18:52 - 000020936 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
    2020-05-24 18:52 - 2020-05-24 18:52 - 000000000 ____D C:\ProgramData\Malwarebytes
    2020-05-24 18:46 - 2020-05-24 18:46 - 001456236 _____ C:\Users\EDGAR\Downloads\The journey toward greater customer centricity.pdf
    2020-05-24 18:36 - 2020-05-24 18:36 - 000000000 ____D C:\Program Files\Malwarebytes
    2020-05-24 18:35 - 2020-05-24 18:37 - 008196784 _____ (Malwarebytes) C:\Users\EDGAR\Downloads\adwcleaner_8.0.4.exe
    2020-05-24 18:35 - 2020-05-24 18:35 - 001980016 _____ (Malwarebytes) C:\Users\EDGAR\Downloads\MBSetup.exe
    2020-05-24 14:35 - 2020-05-24 14:35 - 000001999 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG AntiVirus FREE.lnk
    2020-05-24 14:35 - 2020-05-24 14:35 - 000001987 _____ C:\Users\Public\Desktop\AVG AntiVirus FREE.lnk
    2020-05-24 14:35 - 2020-05-24 14:35 - 000000000 ____D C:\Users\EDGAR\AppData\Roaming\AVG
    2020-05-24 14:35 - 2020-05-24 14:35 - 000000000 ____D C:\Users\EDGAR\AppData\Local\Avg
    2020-05-24 14:15 - 2020-05-24 14:15 - 000000000 ____D C:\WINDOWS\system32\Tasks\AVG
    2020-05-24 14:14 - 2020-05-26 00:59 - 000003044 _____ C:\WINDOWS\system32\Tasks\Antivirus Emergency Update
    2020-05-24 14:14 - 2020-05-24 14:14 - 000851664 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgSnx.sys
    2020-05-24 14:14 - 2020-05-24 14:14 - 000461064 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgSP.sys
    2020-05-24 14:14 - 2020-05-24 14:14 - 000338104 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\avgBoot.exe
    2020-05-24 14:14 - 2020-05-24 14:14 - 000319184 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgVmm.sys
    2020-05-24 14:14 - 2020-05-24 14:14 - 000235552 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgStm.sys
    2020-05-24 14:14 - 2020-05-24 14:14 - 000205952 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgArPot.sys
    2020-05-24 14:14 - 2020-05-24 14:14 - 000175776 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgMonFlt.sys
    2020-05-24 14:14 - 2020-05-24 14:14 - 000109336 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgRdr2.sys
    2020-05-24 14:14 - 2020-05-24 14:14 - 000084928 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgRvrt.sys
    2020-05-24 14:14 - 2020-05-24 14:14 - 000042856 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgKbd.sys
    2020-05-24 14:14 - 2020-05-24 14:14 - 000037208 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgArDisk.sys
    2020-05-24 14:14 - 2020-05-24 14:14 - 000016520 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgElam.sys
    2020-05-24 14:14 - 2020-05-24 14:14 - 000000000 ____D C:\Program Files\Common Files\AVG
    2020-05-24 14:14 - 2020-05-24 14:13 - 000234632 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbidsdriver.sys
    2020-05-24 14:14 - 2020-05-24 14:13 - 000178832 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbidsh.sys
    2020-05-24 14:14 - 2020-05-24 14:13 - 000061072 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbuniv.sys
    2020-05-24 14:10 - 2020-05-24 14:10 - 000478484 _____ C:\Users\EDGAR\Documents\cc_20200524_141015.reg
    2020-05-24 14:04 - 2020-05-24 14:04 - 000000000 ____D C:\Program Files\AVG
    2020-05-24 14:02 - 2020-05-24 22:30 - 000000000 ____D C:\ProgramData\AVG
    2020-05-24 14:00 - 2020-05-26 00:59 - 000002988 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
    2020-05-24 14:00 - 2020-05-26 00:59 - 000002234 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC
    2020-05-24 14:00 - 2020-05-24 14:00 - 000000863 _____ C:\Users\Public\Desktop\CCleaner.lnk
    2020-05-24 14:00 - 2020-05-24 14:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
    2020-05-24 14:00 - 2020-05-24 14:00 - 000000000 ____D C:\Program Files\CCleaner
    2020-05-24 13:42 - 2020-05-24 13:46 - 025306104 _____ (Piriform Software Ltd) C:\Users\EDGAR\Downloads\ccsetup566.exe
    2020-05-24 13:34 - 2020-05-24 13:35 - 007241296 _____ (Stanislav Polshyn & Trend Micro Inc.) C:\Users\EDGAR\Downloads\HiJackThis.exe
    2020-05-22 21:24 - 2020-05-22 21:24 - 000108742 _____ C:\Users\EDGAR\Downloads\santiago_members.csv
    2020-05-22 17:27 - 2020-05-22 17:27 - 002357956 _____ C:\Users\EDGAR\Downloads\WebinarMayo_Bloggers.pdf
    2020-05-22 17:24 - 2020-05-22 17:24 - 005721176 _____ C:\Users\EDGAR\Downloads\WhatsApp Video 2020-05-22 at 16.54.26.mp4
    2020-05-22 14:42 - 2020-05-22 14:42 - 000113192 _____ C:\Users\EDGAR\Downloads\WhatsApp Image 2020-05-22 at 10.54.11.jpeg
    2020-05-22 14:22 - 2020-05-22 14:22 - 000000174 _____ C:\Users\EDGAR\Downloads\data_points__2019-11-22__2020-05-22.zip
    2020-05-21 22:21 - 2020-05-21 22:22 - 000000000 ____D C:\Program Files\Epic Games
    2020-05-21 22:18 - 2020-05-21 22:18 - 000000000 ____D C:\Users\EDGAR\AppData\Local\CEF
    2020-05-21 22:16 - 2010-06-02 04:55 - 000527192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_7.dll
    2020-05-21 22:16 - 2010-06-02 04:55 - 000518488 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_7.dll
    2020-05-21 22:16 - 2010-06-02 04:55 - 000077656 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_5.dll
    2020-05-21 22:16 - 2010-06-02 04:55 - 000074072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_5.dll
    2020-05-21 22:16 - 2010-05-26 11:41 - 002526056 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_43.dll
    2020-05-21 22:16 - 2010-05-26 11:41 - 002401112 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_43.dll
    2020-05-21 22:16 - 2010-05-26 11:41 - 001998168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_43.dll
    2020-05-21 22:16 - 2010-05-26 11:41 - 001907552 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dcsx_43.dll
    2020-05-21 22:16 - 2010-05-26 11:41 - 000511328 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_43.dll
    2020-05-21 22:16 - 2010-05-26 11:41 - 000276832 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx11_43.dll
    2020-05-21 22:16 - 2010-02-04 10:01 - 000024920 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_7.dll
    2020-05-21 22:16 - 2010-02-04 10:01 - 000022360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_7.dll
    2020-05-21 22:16 - 2007-04-04 18:54 - 000107368 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_3.dll
    2020-05-21 21:57 - 2020-05-21 21:57 - 000000000 ____D C:\Users\EDGAR\AppData\Local\UnrealEngineLauncher
    2020-05-21 21:55 - 2020-05-21 21:56 - 000000000 ____D C:\Users\EDGAR\AppData\Local\EpicGamesLauncher
    2020-05-21 21:55 - 2020-05-21 21:55 - 000000000 ____D C:\Users\EDGAR\AppData\Local\UnrealEngine
    2020-05-21 21:50 - 2010-05-26 11:41 - 002106216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_43.dll
    2020-05-21 21:50 - 2010-05-26 11:41 - 001868128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dcsx_43.dll
    2020-05-21 21:50 - 2010-05-26 11:41 - 000470880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_43.dll
    2020-05-21 21:50 - 2010-05-26 11:41 - 000248672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx11_43.dll
    2020-05-21 21:50 - 2007-04-04 18:53 - 000081768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_3.dll
    2020-05-21 21:44 - 2020-05-21 21:44 - 000001292 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk
    2020-05-21 21:44 - 2020-05-21 21:44 - 000001280 _____ C:\Users\Public\Desktop\Epic Games Launcher.lnk
    2020-05-21 21:43 - 2020-05-21 22:19 - 000000000 ____D C:\ProgramData\Epic
    2020-05-21 21:43 - 2020-05-21 21:43 - 000000000 ____D C:\Program Files (x86)\Epic Games
    2020-05-21 21:34 - 2020-05-21 21:36 - 044081152 _____ C:\Users\EDGAR\Downloads\EpicInstaller-10.15.2-9d666d4c10a847d5b2021049fc7498b3.msi
    2020-05-21 01:27 - 2020-05-21 01:27 - 000011228 _____ C:\Users\EDGAR\Downloads\000000257642765.pdf
    2020-05-20 23:33 - 2020-05-20 23:34 - 083073713 _____ C:\Users\EDGAR\Downloads\drive-download-20200521T033256Z-001.zip
    2020-05-20 16:38 - 2020-05-20 16:38 - 000037736 _____ C:\Users\EDGAR\Downloads\ComprobanteTercero.pdf
    2020-05-20 14:57 - 2020-05-20 14:57 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
    2020-05-19 15:22 - 2020-05-19 15:22 - 000000000 ____D C:\Users\EDGAR\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom
    2020-05-19 15:19 - 2020-05-19 15:25 - 000000000 ____D C:\Users\EDGAR\AppData\Roaming\Zoom
    2020-05-19 14:37 - 2020-05-24 12:38 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
    2020-05-19 02:59 - 2020-05-19 02:59 - 000000000 ____D C:\WINDOWS\SysWOW64\rufus_files
    2020-05-19 02:45 - 2020-05-19 02:45 - 001539072 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbengine.exe
    2020-05-19 02:45 - 2020-05-19 02:45 - 000736768 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
    2020-05-19 02:45 - 2020-05-19 02:45 - 000519680 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModel.dll
    2020-05-19 02:45 - 2020-05-19 02:45 - 000466944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Picker.dll
    2020-05-19 02:45 - 2020-05-19 02:45 - 000431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BioFeedback.dll
    2020-05-19 02:45 - 2020-05-19 02:45 - 000353792 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConsoleLogon.dll
    2020-05-19 02:45 - 2020-05-19 02:45 - 000338432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Picker.dll
    2020-05-19 02:45 - 2020-05-19 02:45 - 000321536 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbadmin.exe
    2020-05-19 02:45 - 2020-05-19 02:45 - 000256000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ConsoleLogon.dll
    2020-05-19 02:45 - 2020-05-19 02:45 - 000204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisRtl.dll
    2020-05-19 02:45 - 2020-05-19 02:45 - 000077312 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSSessionUX.dll
    2020-05-19 02:45 - 2020-05-19 02:45 - 000053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ahadmin.dll
    2020-05-19 02:45 - 2020-05-19 02:45 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\cngkeyhelper.dll
    2020-05-19 02:44 - 2020-05-19 02:45 - 000000000 ____D C:\Program Files\CrystalDiskMark7
    2020-05-19 02:44 - 2020-05-19 02:44 - 025444864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
    2020-05-19 02:44 - 2020-05-19 02:44 - 019851264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
    2020-05-19 02:44 - 2020-05-19 02:44 - 019812352 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramWorld.dll
    2020-05-19 02:44 - 2020-05-19 02:44 - 018029056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
    2020-05-19 02:44 - 2020-05-19 02:44 - 007822888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
    2020-05-19 02:44 - 2020-05-19 02:44 - 007011840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
    2020-05-19 02:44 - 2020-05-19 02:44 - 006291456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
    2020-05-19 02:44 - 2020-05-19 02:44 - 005911040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
    2020-05-19 02:44 - 2020-05-19 02:44 - 005098352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
    2020-05-19 02:44 - 2020-05-19 02:44 - 004129416 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
    2020-05-19 02:44 - 2020-05-19 02:44 - 003822080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
    2020-05-19 02:44 - 2020-05-19 02:44 - 003513856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
    2020-05-19 02:44 - 2020-05-19 02:44 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
    2020-05-19 02:44 - 2020-05-19 02:44 - 002073176 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
    2020-05-19 02:44 - 2020-05-19 02:44 - 001835128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
    2020-05-19 02:44 - 2020-05-19 02:44 - 001637376 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSPhotography.dll
    2020-05-19 02:44 - 2020-05-19 02:44 - 001610240 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
    2020-05-19 02:44 - 2020-05-19 02:44 - 001559040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pla.dll
    2020-05-19 02:44 - 2020-05-19 02:44 - 001556200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
    2020-05-19 02:44 - 2020-05-19 02:44 - 001417760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
    2020-05-19 02:44 - 2020-05-19 02:44 - 001382400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Editing.dll
    2020-05-19 02:44 - 2020-05-19 02:44 - 001344000 _____ (Microsoft Corporation) C:\WINDOWS\system32\HoloSI.PCShell.dll
    2020-05-19 02:44 - 2020-05-19 02:44 - 001343488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll
    2020-05-19 02:44 - 2020-05-19 02:44 - 001336320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSPhotography.dll
    2020-05-19 02:44 - 2020-05-19 02:44 - 001311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
    2020-05-19 02:44 - 2020-05-19 02:44 - 001306112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
    2020-05-19 02:44 - 2020-05-19 02:44 - 001151824 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
    2020-05-19 02:44 - 2020-05-19 02:44 - 001107456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
    2020-05-19 02:44 - 2020-05-19 02:44 - 001099600 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
    2020-05-19 02:44 - 2020-05-19 02:44 - 001071616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
    2020-05-19 02:44 - 2020-05-19 02:44 - 001034752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Editing.dll
    2020-05-19 02:44 - 2020-05-19 02:44 - 000852992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
    2020-05-19 02:44 - 2020-05-19 02:44 - 000843776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
    2020-05-19 02:44 - 2020-05-19 02:44 - 000747832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
    2020-05-19 02:44 - 2020-05-19 02:44 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
    2020-05-19 02:44 - 2020-05-19 02:44 - 000689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
    2020-05-19 02:44 - 2020-05-19 02:44 - 000686080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
    2020-05-19 02:44 - 2020-05-19 02:44 - 000668672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
    2020-05-19 02:44 - 2020-05-19 02:44 - 000562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
    2020-05-19 02:44 - 2020-05-19 02:44 - 000540200 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMRServer.dll
    2020-05-19 02:44 - 2020-05-19 02:44 - 000484352 _____ (Microsoft Corporation) C:\WINDOWS\system32\MixedReality.Broker.dll
    2020-05-19 02:44 - 2020-05-19 02:44 - 000431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\AccountsRt.dll
    2020-05-19 02:44 - 2020-05-19 02:44 - 000430080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
    2020-05-19 02:44 - 2020-05-19 02:44 - 000372224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
    2020-05-19 02:44 - 2020-05-19 02:44 - 000350720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AccountsRt.dll
    2020-05-19 02:44 - 2020-05-19 02:44 - 000345016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsmf.dll
    2020-05-19 02:44 - 2020-05-19 02:44 - 000262848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpendp.dll
    2020-05-19 02:44 - 2020-05-19 02:44 - 000231424 _____ (Microsoft Corporation) C:\WINDOWS\system32\HoloShellRuntime.dll
    2020-05-19 02:44 - 2020-05-19 02:44 - 000193536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tapi32.dll
    2020-05-19 02:44 - 2020-05-19 02:44 - 000186880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE
    2020-05-19 02:44 - 2020-05-19 02:44 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IndexedDbLegacy.dll
    2020-05-19 02:44 - 2020-05-19 02:44 - 000172032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\HoloShellRuntime.dll
    2020-05-19 02:44 - 2020-05-19 02:44 - 000166912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Scanners.dll
    2020-05-19 02:44 - 2020-05-19 02:44 - 000142848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\easwrt.dll
    2020-05-19 02:44 - 2020-05-19 02:44 - 000139952 _____ (Microsoft Corporation) C:\WINDOWS\system32\MixedRealityRuntime.dll
    2020-05-19 02:44 - 2020-05-19 02:44 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
    2020-05-19 02:44 - 2020-05-19 02:44 - 000105840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MixedRealityRuntime.dll
    2020-05-19 02:44 - 2020-05-19 02:44 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll
    2020-05-19 02:44 - 2020-05-19 02:44 - 000098304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wkspbrokerAx.dll
    2020-05-19 02:44 - 2020-05-19 02:44 - 000088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
    2020-05-19 02:44 - 2020-05-19 02:44 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iemigplugin.dll
    2020-05-19 02:44 - 2020-05-19 02:44 - 000050688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll
    2020-05-19 02:44 - 2020-05-19 02:44 - 000039936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RdpSa.exe
    2020-05-19 02:44 - 2020-05-19 02:44 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msimsg.dll
    2020-05-19 02:44 - 2020-05-19 02:44 - 000025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RdpSaProxy.exe
    2020-05-19 02:44 - 2020-05-19 02:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskMark7
    2020-05-19 02:43 - 2020-05-19 02:43 - 025902080 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
    2020-05-19 02:43 - 2020-05-19 02:43 - 022638592 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
    2020-05-19 02:43 - 2020-05-19 02:43 - 008013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
    2020-05-19 02:43 - 2020-05-19 02:43 - 007756800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
    2020-05-19 02:43 - 2020-05-19 02:43 - 007267840 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
    2020-05-19 02:43 - 2020-05-19 02:43 - 004858368 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
    2020-05-19 02:43 - 2020-05-19 02:43 - 004612608 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
    2020-05-19 02:43 - 2020-05-19 02:43 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
    2020-05-19 02:43 - 2020-05-19 02:43 - 001525760 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
    2020-05-19 02:43 - 2020-05-19 02:43 - 001507328 _____ (Microsoft Corporation) C:\WINDOWS\system32\pla.dll
    2020-05-19 02:43 - 2020-05-19 02:43 - 001319936 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
    2020-05-19 02:43 - 2020-05-19 02:43 - 001260032 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
    2020-05-19 02:43 - 2020-05-19 02:43 - 001060352 _____ (Microsoft Corporation) C:\WINDOWS\system32\termsrv.dll
    2020-05-19 02:43 - 2020-05-19 02:43 - 000994304 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
    2020-05-19 02:43 - 2020-05-19 02:43 - 000858112 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
    2020-05-19 02:43 - 2020-05-19 02:43 - 000836608 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
    2020-05-19 02:43 - 2020-05-19 02:43 - 000705536 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
    2020-05-19 02:43 - 2020-05-19 02:43 - 000506368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.PredictionUnit.dll
    2020-05-19 02:43 - 2020-05-19 02:43 - 000442880 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhsettingsprovider.dll
    2020-05-19 02:43 - 2020-05-19 02:43 - 000437248 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpclip.exe
    2020-05-19 02:43 - 2020-05-19 02:43 - 000410624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
    2020-05-19 02:43 - 2020-05-19 02:43 - 000406480 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsmf.dll
    2020-05-19 02:43 - 2020-05-19 02:43 - 000395776 _____ (Microsoft Corporation) C:\WINDOWS\system32\umrdp.dll
    2020-05-19 02:43 - 2020-05-19 02:43 - 000301064 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpendp.dll
    2020-05-19 02:43 - 2020-05-19 02:43 - 000299064 _____ (Microsoft Corporation) C:\WINDOWS\system32\SIHClient.exe
    2020-05-19 02:43 - 2020-05-19 02:43 - 000292864 _____ (Microsoft Corporation) C:\WINDOWS\system32\CXHProvisioningServer.dll
    2020-05-19 02:43 - 2020-05-19 02:43 - 000273744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wkspbroker.exe
    2020-05-19 02:43 - 2020-05-19 02:43 - 000233472 _____ (Microsoft Corporation) C:\WINDOWS\system32\tapi32.dll
    2020-05-19 02:43 - 2020-05-19 02:43 - 000229888 _____ (Microsoft Corporation) C:\WINDOWS\system32\RdpRelayTransport.dll
    2020-05-19 02:43 - 2020-05-19 02:43 - 000227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\IndexedDbLegacy.dll
    2020-05-19 02:43 - 2020-05-19 02:43 - 000224768 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
    2020-05-19 02:43 - 2020-05-19 02:43 - 000220672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Scanners.dll
    2020-05-19 02:43 - 2020-05-19 02:43 - 000215040 _____ (Microsoft Corporation) C:\WINDOWS\system32\DiagSvc.dll
    2020-05-19 02:43 - 2020-05-19 02:43 - 000188416 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdsdwmdr.dll
    2020-05-19 02:43 - 2020-05-19 02:43 - 000181760 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpinput.exe
    2020-05-19 02:43 - 2020-05-19 02:43 - 000179200 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Clipboard.dll
    2020-05-19 02:43 - 2020-05-19 02:43 - 000172032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dialclient.dll
    2020-05-19 02:43 - 2020-05-19 02:43 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
    2020-05-19 02:43 - 2020-05-19 02:43 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
    2020-05-19 02:43 - 2020-05-19 02:43 - 000126976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdWSD.dll
    2020-05-19 02:43 - 2020-05-19 02:43 - 000126976 _____ (Microsoft Corporation) C:\WINDOWS\system32\wkspbrokerAx.dll
    2020-05-19 02:43 - 2020-05-19 02:43 - 000115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
    2020-05-19 02:43 - 2020-05-19 02:43 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWbPrxy.exe
    2020-05-19 02:43 - 2020-05-19 02:43 - 000065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
    2020-05-19 02:43 - 2020-05-19 02:43 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
    2020-05-19 02:43 - 2020-05-19 02:43 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\RdpSa.exe
    2020-05-19 02:43 - 2020-05-19 02:43 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\RdpSaProxy.exe
    2020-05-19 02:43 - 2020-05-19 02:43 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimsg.dll
    2020-05-19 02:43 - 2020-05-19 02:43 - 000010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\plasrv.exe
    2020-05-19 02:42 - 2020-05-19 02:42 - 005757872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
    2020-05-19 02:42 - 2020-05-19 02:42 - 002259664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
    2020-05-19 02:42 - 2020-05-19 02:42 - 001686016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
    2020-05-19 02:42 - 2020-05-19 02:42 - 001458688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
    2020-05-19 02:42 - 2020-05-19 02:42 - 001414144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
    2020-05-19 02:42 - 2020-05-19 02:42 - 001397560 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
    2020-05-19 02:42 - 2020-05-19 02:42 - 001393664 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
    2020-05-19 02:42 - 2020-05-19 02:42 - 001284096 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
    2020-05-19 02:42 - 2020-05-19 02:42 - 001195008 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdengin2.dll
    2020-05-19 02:42 - 2020-05-19 02:42 - 001125376 _____ (Microsoft Corporation) C:\WINDOWS\system32\CBDHSvc.dll
    2020-05-19 02:42 - 2020-05-19 02:42 - 001077048 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
    2020-05-19 02:42 - 2020-05-19 02:42 - 000943640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll
    2020-05-19 02:42 - 2020-05-19 02:42 - 000896000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
    2020-05-19 02:42 - 2020-05-19 02:42 - 000814080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
    2020-05-19 02:42 - 2020-05-19 02:42 - 000783480 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
    2020-05-19 02:42 - 2020-05-19 02:42 - 000691712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
    2020-05-19 02:42 - 2020-05-19 02:42 - 000673456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
    2020-05-19 02:42 - 2020-05-19 02:42 - 000663040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmIndexer.dll
    2020-05-19 02:42 - 2020-05-19 02:42 - 000649728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
    2020-05-19 02:42 - 2020-05-19 02:42 - 000614400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efswrt.dll
    2020-05-19 02:42 - 2020-05-19 02:42 - 000584704 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
    2020-05-19 02:42 - 2020-05-19 02:42 - 000568136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comctl32.dll
    2020-05-19 02:42 - 2020-05-19 02:42 - 000533504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
    2020-05-19 02:42 - 2020-05-19 02:42 - 000530944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ddraw.dll
    2020-05-19 02:42 - 2020-05-19 02:42 - 000497152 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
    2020-05-19 02:42 - 2020-05-19 02:42 - 000494592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasdlg.dll
    2020-05-19 02:42 - 2020-05-19 02:42 - 000466344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
    2020-05-19 02:42 - 2020-05-19 02:42 - 000453632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
    2020-05-19 02:42 - 2020-05-19 02:42 - 000386560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
    2020-05-19 02:42 - 2020-05-19 02:42 - 000384000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scesrv.dll
    2020-05-19 02:42 - 2020-05-19 02:42 - 000384000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
    2020-05-19 02:42 - 2020-05-19 02:42 - 000327680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
    2020-05-19 02:42 - 2020-05-19 02:42 - 000326656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.Workflow.dll
    2020-05-19 02:42 - 2020-05-19 02:42 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
    2020-05-19 02:42 - 2020-05-19 02:42 - 000246584 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataExchangeHost.exe
    2020-05-19 02:42 - 2020-05-19 02:42 - 000241152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.CredDialogController.dll
    2020-05-19 02:42 - 2020-05-19 02:42 - 000240128 _____ (Microsoft Corporation) C:\WINDOWS\system32\dialclient.dll
    2020-05-19 02:42 - 2020-05-19 02:42 - 000211256 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcbloader.dll
    2020-05-19 02:42 - 2020-05-19 02:42 - 000184832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrrun.dll
    2020-05-19 02:42 - 2020-05-19 02:42 - 000182784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netprofm.dll
    2020-05-19 02:42 - 2020-05-19 02:42 - 000178688 _____ (Microsoft Corporation) C:\WINDOWS\system32\easwrt.dll
    2020-05-19 02:42 - 2020-05-19 02:42 - 000177664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConsentUxClient.dll
    2020-05-19 02:42 - 2020-05-19 02:42 - 000172032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiapi.dll
    2020-05-19 02:42 - 2020-05-19 02:42 - 000152064 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdWSD.dll
    2020-05-19 02:42 - 2020-05-19 02:42 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
    2020-05-19 02:42 - 2020-05-19 02:42 - 000125440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
    2020-05-19 02:42 - 2020-05-19 02:42 - 000118784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSpkg.dll
    2020-05-19 02:42 - 2020-05-19 02:42 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
    2020-05-19 02:42 - 2020-05-19 02:42 - 000099104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Display.BrightnessOverride.dll
    2020-05-19 02:42 - 2020-05-19 02:42 - 000097280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\compstui.dll
    2020-05-19 02:42 - 2020-05-19 02:42 - 000088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DafPrintProvider.dll
    2020-05-19 02:42 - 2020-05-19 02:42 - 000062464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\printui.exe
    2020-05-19 02:42 - 2020-05-19 02:42 - 000053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\findnetprinters.dll
    2020-05-19 02:42 - 2020-05-19 02:42 - 000048128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ConfigureExpandedStorage.dll
    2020-05-19 02:42 - 2020-05-19 02:42 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf3216.dll
    2020-05-19 02:42 - 2020-05-19 02:42 - 000041472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ddrawex.dll
    2020-05-19 02:42 - 2020-05-19 02:42 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\npmproxy.dll
    2020-05-19 02:42 - 2020-05-19 02:42 - 000019456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credssp.dll
    2020-05-19 02:42 - 2020-05-19 02:42 - 000018432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nlmproxy.dll
    2020-05-19 02:42 - 2020-05-19 02:42 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nlmsprep.dll
    2020-05-19 02:42 - 2020-05-19 02:42 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DMAlertListener.ProxyStub.dll
    2020-05-19 02:42 - 2020-05-19 02:42 - 000007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msimg32.dll
    2020-05-19 02:42 - 2020-05-19 02:42 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\lpk.dll
    2020-05-19 02:42 - 2020-05-19 02:42 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth9.bin
    2020-05-19 02:42 - 2020-05-19 02:42 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
    2020-05-19 02:42 - 2020-05-19 02:42 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
    2020-05-19 02:42 - 2020-05-19 02:42 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
    2020-05-19 02:42 - 2020-05-19 02:42 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
    2020-05-19 02:42 - 2020-05-19 02:42 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
    2020-05-19 02:42 - 2020-05-19 02:42 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
    2020-05-19 02:42 - 2020-05-19 02:42 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
    2020-05-19 02:42 - 2020-05-19 02:42 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth12.bin
    2020-05-19 02:42 - 2020-05-19 02:42 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth11.bin
    2020-05-19 02:42 - 2020-05-19 02:42 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth10.bin
    2020-05-19 02:42 - 2020-05-19 02:42 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
    2020-05-19 02:41 - 2020-05-19 02:41 - 014819328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
    2020-05-19 02:41 - 2020-05-19 02:41 - 006710272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
    2020-05-19 02:41 - 2020-05-19 02:41 - 006525936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
    2020-05-19 02:41 - 2020-05-19 02:41 - 006082808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
    2020-05-19 02:41 - 2020-05-19 02:41 - 005945856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
    2020-05-19 02:41 - 2020-05-19 02:41 - 005340568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
    2020-05-19 02:41 - 2020-05-19 02:41 - 005111296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
    2020-05-19 02:41 - 2020-05-19 02:41 - 003974376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
    2020-05-19 02:41 - 2020-05-19 02:41 - 003747328 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
    2020-05-19 02:41 - 2020-05-19 02:41 - 002798592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
    2020-05-19 02:41 - 2020-05-19 02:41 - 002584008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
    2020-05-19 02:41 - 2020-05-19 02:41 - 002576896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
    2020-05-19 02:41 - 2020-05-19 02:41 - 001990576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
    2020-05-19 02:41 - 2020-05-19 02:41 - 001975808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapGeocoder.dll
    2020-05-19 02:41 - 2020-05-19 02:41 - 001952872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
    2020-05-19 02:41 - 2020-05-19 02:41 - 001934824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
    2020-05-19 02:41 - 2020-05-19 02:41 - 001737216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll
    2020-05-19 02:41 - 2020-05-19 02:41 - 001665720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
    2020-05-19 02:41 - 2020-05-19 02:41 - 001664896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
    2020-05-19 02:41 - 2020-05-19 02:41 - 001654952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
    2020-05-19 02:41 - 2020-05-19 02:41 - 001581056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Perception.dll
    2020-05-19 02:41 - 2020-05-19 02:41 - 001549824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.3D.dll
    2020-05-19 02:41 - 2020-05-19 02:41 - 001510912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdprt.dll
    2020-05-19 02:41 - 2020-05-19 02:41 - 001492480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
    2020-05-19 02:41 - 2020-05-19 02:41 - 001477112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll
    2020-05-19 02:41 - 2020-05-19 02:41 - 001461760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.PointOfService.dll
    2020-05-19 02:41 - 2020-05-19 02:41 - 001406464 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
    2020-05-19 02:41 - 2020-05-19 02:41 - 001375232 _____ (Microsoft Corporation) C:\WINDOWS\system32\APMon.dll
    2020-05-19 02:41 - 2020-05-19 02:41 - 001370112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll
    2020-05-19 02:41 - 2020-05-19 02:41 - 001357312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
    2020-05-19 02:41 - 2020-05-19 02:41 - 001306424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContentDeliveryManager.Utilities.dll
    2020-05-19 02:41 - 2020-05-19 02:41 - 001264640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
    2020-05-19 02:41 - 2020-05-19 02:41 - 001250816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpsharercom.dll
    2020-05-19 02:41 - 2020-05-19 02:41 - 001245696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
    2020-05-19 02:41 - 2020-05-19 02:41 - 001222656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.FaceAnalysis.dll
    2020-05-19 02:41 - 2020-05-19 02:41 - 001214264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpbase.dll
    2020-05-19 02:41 - 2020-05-19 02:41 - 001213440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Maps.dll
    2020-05-19 02:41 - 2020-05-19 02:41 - 001184256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Http.dll
    2020-05-19 02:41 - 2020-05-19 02:41 - 001178608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
    2020-05-19 02:41 - 2020-05-19 02:41 - 001154656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
    2020-05-19 02:41 - 2020-05-19 02:41 - 001081856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Vpn.dll
    2020-05-19 02:41 - 2020-05-19 02:41 - 001068032 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
    2020-05-19 02:41 - 2020-05-19 02:41 - 001048480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
    2020-05-19 02:41 - 2020-05-19 02:41 - 001011712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
    2020-05-19 02:41 - 2020-05-19 02:41 - 000975360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSWorkspace.dll
    2020-05-19 02:41 - 2020-05-19 02:41 - 000911872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MiracastReceiver.dll
    2020-05-19 02:41 - 2020-05-19 02:41 - 000901120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactApis.dll
    2020-05-19 02:41 - 2020-05-19 02:41 - 000895080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
    2020-05-19 02:41 - 2020-05-19 02:41 - 000894016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
    2020-05-19 02:41 - 2020-05-19 02:41 - 000891392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApiPublic.dll
    2020-05-19 02:41 - 2020-05-19 02:41 - 000881664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
    2020-05-19 02:41 - 2020-05-19 02:41 - 000866304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
    2020-05-19 02:41 - 2020-05-19 02:41 - 000863232 _____ (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll
    2020-05-19 02:41 - 2020-05-19 02:41 - 000861696 _____ (Microsoft Corporation) C:\WINDOWS\system32\usbmon.dll
    2020-05-19 02:41 - 2020-05-19 02:41 - 000847872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll
    2020-05-19 02:41 - 2020-05-19 02:41 - 000843576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll
    2020-05-19 02:41 - 2020-05-19 02:41 - 000813568 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
    2020-05-19 02:41 - 2020-05-19 02:41 - 000807936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EmailApis.dll
    2020-05-19 02:41 - 2020-05-19 02:41 - 000801832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll
    2020-05-19 02:41 - 2020-05-19 02:41 - 000792808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputHost.dll
    2020-05-19 02:41 - 2020-05-19 02:41 - 000782336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
    2020-05-19 02:41 - 2020-05-19 02:41 - 000778552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Services.TargetedContent.dll
    2020-05-19 02:41 - 2020-05-19 02:41 - 000777840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppContracts.dll
    2020-05-19 02:41 - 2020-05-19 02:41 - 000776792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
    2020-05-19 02:41 - 2020-05-19 02:41 - 000748544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.OnlineId.dll
    2020-05-19 02:41 - 2020-05-19 02:41 - 000729600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FlightSettings.dll
    2020-05-19 02:41 - 2020-05-19 02:41 - 000716800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AccountsControl.dll
    2020-05-19 02:41 - 2020-05-19 02:41 - 000701952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BTAGService.dll
    2020-05-19 02:41 - 2020-05-19 02:41 - 000696320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dsreg.dll
    2020-05-19 02:41 - 2020-05-19 02:41 - 000693672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.dll
    2020-05-19 02:41 - 2020-05-19 02:41 - 000687104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Ocr.dll
    2020-05-19 02:41 - 2020-05-19 02:41 - 000683848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PCPKsp.dll
    2020-05-19 02:41 - 2020-05-19 02:41 - 000683288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
    2020-05-19 02:41 - 2020-05-19 02:41 - 000673296 _____ (Microsoft Corporation) C:\WINDOWS\system32\comctl32.dll
    2020-05-19 02:41 - 2020-05-19 02:41 - 000672944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
    2020-05-19 02:41 - 2020-05-19 02:41 - 000666624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
    2020-05-19 02:41 - 2020-05-19 02:41 - 000655360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentApis.dll
    2020-05-19 02:41 - 2020-05-19 02:41 - 000652800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
    2020-05-19 02:41 - 2020-05-19 02:41 - 000628024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicensingWinRT.dll
    2020-05-19 02:41 - 2020-05-19 02:41 - 000613888 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofmsvc.dll
    2020-05-19 02:41 - 2020-05-19 02:41 - 000602224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mscms.dll
    2020-05-19 02:41 - 2020-05-19 02:41 - 000600064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
    2020-05-19 02:41 - 2020-05-19 02:41 - 000596992 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
    2020-05-19 02:41 - 2020-05-19 02:41 - 000594472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Perception.Stub.dll
    2020-05-19 02:41 - 2020-05-19 02:41 - 000592944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
    2020-05-19 02:41 - 2020-05-19 02:41 - 000592896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
    2020-05-19 02:41 - 2020-05-19 02:41 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll
    2020-05-19 02:41 - 2020-05-19 02:41 - 000581544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.applicationmodel.datatransfer.dll
    2020-05-19 02:41 - 2020-05-19 02:41 - 000579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasdlg.dll
    2020-05-19 02:41 - 2020-05-19 02:41 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Connectivity.dll
    2020-05-19 02:41 - 2020-05-19 02:41 - 000573952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.dll
    2020-05-19 02:41 - 2020-05-19 02:41 - 000572200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryPS.dll
    2020-05-19 02:41 - 2020-05-19 02:41 - 000565248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.Input.dll
    2020-05-19 02:41 - 2020-05-19 02:41 - 000564480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StateRepository.Core.dll
    2020-05-19 02:41 - 2020-05-19 02:41 - 000557056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ChatApis.dll
    2020-05-19 02:41 - 2020-05-19 02:41 - 000553664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
    2020-05-19 02:41 - 2020-05-19 02:41 - 000540160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.SmartCards.dll
    2020-05-19 02:41 - 2020-05-19 02:41 - 000539184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
    2020-05-19 02:41 - 2020-05-19 02:41 - 000535552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
    2020-05-19 02:41 - 2020-05-19 02:41 - 000526848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidprov.dll
    2020-05-19 02:41 - 2020-05-19 02:41 - 000523264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.Launcher.dll
    2020-05-19 02:41 - 2020-05-19 02:41 - 000513024 _____ (Microsoft Corporation) C:\WINDOWS\system32\scesrv.dll
    2020-05-19 02:41 - 2020-05-19 02:41 - 000512512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.dll
    2020-05-19 02:41 - 2020-05-19 02:41 - 000509952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.Desktop.dll
    2020-05-19 02:41 - 2020-05-19 02:41 - 000501248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
    2020-05-19 02:41 - 2020-05-19 02:41 - 000501200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp_win.dll
    2020-05-19 02:41 - 2020-05-19 02:41 - 000487424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppcext.dll
    2020-05-19 02:41 - 2020-05-19 02:41 - 000486912 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
    2020-05-19 02:41 - 2020-05-19 02:41 - 000471552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mbsmsapi.dll
    2020-05-19 02:41 - 2020-05-19 02:41 - 000470016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
    2020-05-19 02:41 - 2020-05-19 02:41 - 000465920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.Workflow.dll
    2020-05-19 02:41 - 2020-05-19 02:41 - 000453944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
    2020-05-19 02:41 - 2020-05-19 02:41 - 000451584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TileDataRepository.dll
    2020-05-19 02:41 - 2020-05-19 02:41 - 000441856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.AllJoyn.dll
    2020-05-19 02:41 - 2020-05-19 02:41 - 000441584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MediaControl.dll
    2020-05-19 02:41 - 2020-05-19 02:41 - 000435712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WwaApi.dll
    2020-05-19 02:41 - 2020-05-19 02:41 - 000418816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.dll
    2020-05-19 02:41 - 2020-05-19 02:41 - 000408576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.SmartCards.Phone.dll
    2020-05-19 02:41 - 2020-05-19 02:41 - 000405424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
    2020-05-19 02:41 - 2020-05-19 02:41 - 000404992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Wallet.dll
    2020-05-19 02:41 - 2020-05-19 02:41 - 000402944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Payments.dll
    2020-05-19 02:41 - 2020-05-19 02:41 - 000386560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.LowLevel.dll
    2020-05-19 02:41 - 2020-05-19 02:41 - 000375520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
    2020-05-19 02:41 - 2020-05-19 02:41 - 000370688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Geolocation.dll
    2020-05-19 02:41 - 2020-05-19 02:41 - 000362496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.OneCore.dll
    2020-05-19 02:41 - 2020-05-19 02:41 - 000359424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BcastDVRClient.dll
    2020-05-19 02:41 - 2020-05-19 02:41 - 000358912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.WiFiDirect.dll
    2020-05-19 02:41 - 2020-05-19 02:41 - 000354816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RTMediaFrame.dll
    2020-05-19 02:41 - 2020-05-19 02:41 - 000344576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhoneOm.dll
    2020-05-19 02:41 - 2020-05-19 02:41 - 000335360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MicrosoftAccountWAMExtension.dll
    2020-05-19 02:41 - 2020-05-19 02:41 - 000331264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll
    2020-05-19 02:41 - 2020-05-19 02:41 - 000325432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswsock.dll
    2020-05-19 02:41 - 2020-05-19 02:41 - 000324608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll
    2020-05-19 02:41 - 2020-05-19 02:41 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
    2020-05-19 02:41 - 2020-05-19 02:41 - 000317440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Midi.dll
    2020-05-19 02:41 - 2020-05-19 02:41 - 000310928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Devices.dll
    2020-05-19 02:41 - 2020-05-19 02:41 - 000307712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
    2020-05-19 02:41 - 2020-05-19 02:41 - 000297472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TaskApis.dll
    2020-05-19 02:41 - 2020-05-19 02:41 - 000292864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.Diagnostics.dll
    2020-05-19 02:41 - 2020-05-19 02:41 - 000292864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.XboxLive.Storage.dll
    2020-05-19 02:41 - 2020-05-19 02:41 - 000292864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RADCUI.dll
    2020-05-19 02:41 - 2020-05-19 02:41 - 000287232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.Preview.dll
    2020-05-19 02:41 - 2020-05-19 02:41 - 000283136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.NetworkOperators.ESim.dll
    2020-05-19 02:41 - 2020-05-19 02:41 - 000280576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Usb.dll
    2020-05-19 02:41 - 2020-05-19 02:41 - 000278080 _____ (Microsoft Corporation) C:\WINDOWS\system32\LsaIso.exe
    2020-05-19 02:41 - 2020-05-19 02:41 - 000275456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Lights.dll
    2020-05-19 02:41 - 2020-05-19 02:41 - 000270848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PickerPlatform.dll
    2020-05-19 02:41 - 2020-05-19 02:41 - 000268008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
    2020-05-19 02:41 - 2020-05-19 02:41 - 000266552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SystemSettings.DataModel.dll
    2020-05-19 02:41 - 2020-05-19 02:41 - 000260328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winsta.dll
    2020-05-19 02:41 - 2020-05-19 02:41 - 000256000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll
    2020-05-19 02:41 - 2020-05-19 02:41 - 000245336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExecModelClient.dll
    2020-05-19 02:41 - 2020-05-19 02:41 - 000236032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\icm32.dll
    2020-05-19 02:41 - 2020-05-19 02:41 - 000235520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDeviceRegistration.Ngc.dll
    2020-05-19 02:41 - 2020-05-19 02:41 - 000232960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
    2020-05-19 02:41 - 2020-05-19 02:41 - 000232448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.SystemManagement.dll
    2020-05-19 02:41 - 2020-05-19 02:41 - 000227840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncSettings.dll
    2020-05-19 02:41 - 2020-05-19 02:41 - 000227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofm.dll
    2020-05-19 02:41 - 2020-05-19 02:41 - 000224256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vaultcli.dll
    2020-05-19 02:41 - 2020-05-19 02:41 - 000222720 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcpmon.dll
    2020-05-19 02:41 - 2020-05-19 02:41 - 000221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrrun.dll
    2020-05-19 02:41 - 2020-05-19 02:41 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiapi.dll
    2020-05-19 02:41 - 2020-05-19 02:41 - 000199992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
    2020-05-19 02:41 - 2020-05-19 02:41 - 000197632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.WiFi.dll
    2020-05-19 02:41 - 2020-05-19 02:41 - 000197432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostUser.dll
    2020-05-19 02:41 - 2020-05-19 02:41 - 000193592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\weretw.dll
    2020-05-19 02:41 - 2020-05-19 02:41 - 000193024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msutb.dll
    2020-05-19 02:41 - 2020-05-19 02:41 - 000188928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Identity.Provider.dll
    2020-05-19 02:41 - 2020-05-19 02:41 - 000188416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.HumanInterfaceDevice.dll
    2020-05-19 02:41 - 2020-05-19 02:41 - 000185952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceaccess.dll
    2020-05-19 02:41 - 2020-05-19 02:41 - 000183296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DataExchange.dll
    2020-05-19 02:41 - 2020-05-19 02:41 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallServiceTasks.dll
    2020-05-19 02:41 - 2020-05-19 02:41 - 000179200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhoneCallHistoryApis.dll
    2020-05-19 02:41 - 2020-05-19 02:41 - 000176440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Management.Workplace.dll
    2020-05-19 02:41 - 2020-05-19 02:41 - 000170496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryUpgrade.dll
    2020-05-19 02:41 - 2020-05-19 02:41 - 000165176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll
    2020-05-19 02:41 - 2020-05-19 02:41 - 000162304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ErrorDetails.dll
    2020-05-19 02:41 - 2020-05-19 02:41 - 000162304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AuthBroker.dll
    2020-05-19 02:41 - 2020-05-19 02:41 - 000161792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDeviceRegistration.dll
    2020-05-19 02:41 - 2020-05-19 02:41 - 000160768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CapabilityAccessManagerClient.dll
    2020-05-19 02:41 - 2020-05-19 02:41 - 000160256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Devices.Sensors.dll
    2020-05-19 02:41 - 2020-05-19 02:41 - 000159744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Core.dll
    2020-05-19 02:41 - 2020-05-19 02:41 - 000156160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Radios.dll
    2020-05-19 02:41 - 2020-05-19 02:41 - 000152064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\useractivitybroker.dll
    2020-05-19 02:41 - 2020-05-19 02:41 - 000147968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Family.Client.dll
    2020-05-19 02:41 - 2020-05-19 02:41 - 000144896 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSpkg.dll
    2020-05-19 02:41 - 2020-05-19 02:41 - 000143872 _____ (Microsoft Corporation)
2020-05-19 02:41 - 2020-05-19 02:41 - 000143872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SpatialAudioLicenseSrv.exe
2020-05-19 02:41 - 2020-05-19 02:41 - 000140800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Energy.dll
2020-05-19 02:41 - 2020-05-19 02:41 - 000135680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.Compression.dll
2020-05-19 02:41 - 2020-05-19 02:41 - 000135680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Haptics.dll
2020-05-19 02:41 - 2020-05-19 02:41 - 000133120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppExtension.dll
2020-05-19 02:41 - 2020-05-19 02:41 - 000132608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Graphics.Display.DisplayEnhancementManagement.dll
2020-05-19 02:41 - 2020-05-19 02:41 - 000124504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KerbClientShared.dll
2020-05-19 02:41 - 2020-05-19 02:41 - 000123392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gamingtcui.dll
2020-05-19 02:41 - 2020-05-19 02:41 - 000119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\DafPrintProvider.dll
2020-05-19 02:41 - 2020-05-19 02:41 - 000119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\compstui.dll
2020-05-19 02:41 - 2020-05-19 02:41 - 000118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\slc.dll
2020-05-19 02:41 - 2020-05-19 02:41 - 000117048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadWamExtension.dll
2020-05-19 02:41 - 2020-05-19 02:41 - 000112640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VoipRT.dll
2020-05-19 02:41 - 2020-05-19 02:41 - 000108032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\socialapis.dll
2020-05-19 02:41 - 2020-05-19 02:41 - 000107008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.SerialCommunication.dll
2020-05-19 02:41 - 2020-05-19 02:41 - 000101888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppc.dll
2020-05-19 02:41 - 2020-05-19 02:41 - 000100864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Family.Authentication.dll
2020-05-19 02:41 - 2020-05-19 02:41 - 000099840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.Profile.RetailInfo.dll
2020-05-19 02:41 - 2020-05-19 02:41 - 000094208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CameraCaptureUI.dll
2020-05-19 02:41 - 2020-05-19 02:41 - 000091136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Credentials.UI.UserConsentVerifier.dll
2020-05-19 02:41 - 2020-05-19 02:41 - 000090936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryBroker.dll
2020-05-19 02:41 - 2020-05-19 02:41 - 000089600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Background.SystemEventsBroker.dll
2020-05-19 02:41 - 2020-05-19 02:41 - 000089328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2020-05-19 02:41 - 2020-05-19 02:41 - 000088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AI.MachineLearning.Preview.dll
2020-05-19 02:41 - 2020-05-19 02:41 - 000087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PeopleAPIs.dll
2020-05-19 02:41 - 2020-05-19 02:41 - 000082432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.ServiceDiscovery.Dnssd.dll
2020-05-19 02:41 - 2020-05-19 02:41 - 000081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dtdump.exe
2020-05-19 02:41 - 2020-05-19 02:41 - 000080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BcastDVRBroker.dll
2020-05-19 02:41 - 2020-05-19 02:41 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usoapi.dll
2020-05-19 02:41 - 2020-05-19 02:41 - 000075776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DiagnosticInvoker.dll
2020-05-19 02:41 - 2020-05-19 02:41 - 000073024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll
2020-05-19 02:41 - 2020-05-19 02:41 - 000070144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc.dll
2020-05-19 02:41 - 2020-05-19 02:41 - 000068608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mbussdapi.dll
2020-05-19 02:41 - 2020-05-19 02:41 - 000068408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceReactivation.dll
2020-05-19 02:41 - 2020-05-19 02:41 - 000067072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Printers.dll
2020-05-19 02:41 - 2020-05-19 02:41 - 000066832 _____ (Microsoft Corporation) C:\WINDOWS\system32\iumcrypt.dll
2020-05-19 02:41 - 2020-05-19 02:41 - 000066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\findnetprinters.dll
2020-05-19 02:41 - 2020-05-19 02:41 - 000065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Graphics.Display.DisplayColorManagement.dll
2020-05-19 02:41 - 2020-05-19 02:41 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\coloradapterclient.dll
2020-05-19 02:41 - 2020-05-19 02:41 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\printui.exe
2020-05-19 02:41 - 2020-05-19 02:41 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConfigureExpandedStorage.dll
2020-05-19 02:41 - 2020-05-19 02:41 - 000058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc6.dll
2020-05-19 02:41 - 2020-05-19 02:41 - 000050688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ffbroker.dll
2020-05-19 02:41 - 2020-05-19 02:41 - 000050560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudNotifications.exe
2020-05-19 02:41 - 2020-05-19 02:41 - 000049152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tbauth.dll
2020-05-19 02:41 - 2020-05-19 02:41 - 000047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AssignedAccessRuntime.dll
2020-05-19 02:41 - 2020-05-19 02:41 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\npmproxy.dll
2020-05-19 02:41 - 2020-05-19 02:41 - 000038912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werdiagcontroller.dll
2020-05-19 02:41 - 2020-05-19 02:41 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2020-05-19 02:41 - 2020-05-19 02:41 - 000032256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2020-05-19 02:41 - 2020-05-19 02:41 - 000032256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryCore.dll
2020-05-19 02:41 - 2020-05-19 02:41 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlmproxy.dll
2020-05-19 02:41 - 2020-05-19 02:41 - 000029184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerCookies.exe
2020-05-19 02:41 - 2020-05-19 02:41 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\credssp.dll
2020-05-19 02:41 - 2020-05-19 02:41 - 000019968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\slcext.dll
2020-05-19 02:41 - 2020-05-19 02:41 - 000018944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dsregtask.dll
2020-05-19 02:41 - 2020-05-19 02:41 - 000018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\localui.dll
2020-05-19 02:41 - 2020-05-19 02:41 - 000017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlmsprep.dll
2020-05-19 02:41 - 2020-05-19 02:41 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dciman32.dll
2020-05-19 02:41 - 2020-05-19 02:41 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2020-05-19 02:40 - 2020-05-19 02:40 - 009929528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2020-05-19 02:40 - 2020-05-19 02:40 - 007902912 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2020-05-19 02:40 - 2020-05-19 02:40 - 007604584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2020-05-19 02:40 - 2020-05-19 02:40 - 007257816 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2020-05-19 02:40 - 2020-05-19 02:40 - 006435328 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2020-05-19 02:40 - 2020-05-19 02:40 - 006168576 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2020-05-19 02:40 - 2020-05-19 02:40 - 005280192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2020-05-19 02:40 - 2020-05-19 02:40 - 004565456 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2020-05-19 02:40 - 2020-05-19 02:40 - 004012032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Service.dll
2020-05-19 02:40 - 2020-05-19 02:40 - 003807232 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2020-05-19 02:40 - 2020-05-19 02:40 - 003727360 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2020-05-19 02:40 - 2020-05-19 02:40 - 003655680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2020-05-19 02:40 - 2020-05-19 02:40 - 003371416 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2020-05-19 02:40 - 2020-05-19 02:40 - 002986808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2020-05-19 02:40 - 2020-05-19 02:40 - 002854400 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapGeocoder.dll
2020-05-19 02:40 - 2020-05-19 02:40 - 002774088 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2020-05-19 02:40 - 2020-05-19 02:40 - 002769000 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2020-05-19 02:40 - 2020-05-19 02:40 - 002736640 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2020-05-19 02:40 - 2020-05-19 02:40 - 002465792 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll
2020-05-19 02:40 - 2020-05-19 02:40 - 002354688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Perception.dll
2020-05-19 02:40 - 2020-05-19 02:40 - 002235008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2020-05-19 02:40 - 2020-05-19 02:40 - 002157056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.PointOfService.dll
2020-05-19 02:40 - 2020-05-19 02:40 - 002147328 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2020-05-19 02:40 - 2020-05-19 02:40 - 002087168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2020-05-19 02:40 - 2020-05-19 02:40 - 002072576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ISM.dll
2020-05-19 02:40 - 2020-05-19 02:40 - 001999968 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2020-05-19 02:40 - 2020-05-19 02:40 - 001945600 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2020-05-19 02:40 - 2020-05-19 02:40 - 001856000 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2020-05-19 02:40 - 2020-05-19 02:40 - 001835008 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2020-05-19 02:40 - 2020-05-19 02:40 - 001825280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2020-05-19 02:40 - 2020-05-19 02:40 - 001819648 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreShell.dll
2020-05-19 02:40 - 2020-05-19 02:40 - 001697792 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2020-05-19 02:40 - 2020-05-19 02:40 - 001656904 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2020-05-19 02:40 - 2020-05-19 02:40 - 001646552 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2020-05-19 02:40 - 2020-05-19 02:40 - 001540096 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowManagement.dll
2020-05-19 02:40 - 2020-05-19 02:40 - 001536512 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2020-05-19 02:40 - 2020-05-19 02:40 - 001505592 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpbase.dll
2020-05-19 02:40 - 2020-05-19 02:40 - 001486336 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocoreworker.exe
2020-05-19 02:40 - 2020-05-19 02:40 - 001466368 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpsharercom.dll
2020-05-19 02:40 - 2020-05-19 02:40 - 001428480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Vpn.dll
2020-05-19 02:40 - 2020-05-19 02:40 - 001393960 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2020-05-19 02:40 - 2020-05-19 02:40 - 001373184 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2020-05-19 02:40 - 2020-05-19 02:40 - 001336832 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2020-05-19 02:40 - 2020-05-19 02:40 - 001288648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll
2020-05-19 02:40 - 2020-05-19 02:40 - 001282560 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2020-05-19 02:40 - 2020-05-19 02:40 - 001274128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryPS.dll
2020-05-19 02:40 - 2020-05-19 02:40 - 001218560 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2020-05-19 02:40 - 2020-05-19 02:40 - 001158144 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll
2020-05-19 02:40 - 2020-05-19 02:40 - 001150784 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputHost.dll
2020-05-19 02:40 - 2020-05-19 02:40 - 001132544 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll
2020-05-19 02:40 - 2020-05-19 02:40 - 001121280 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2020-05-19 02:40 - 2020-05-19 02:40 - 001098752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2020-05-19 02:40 - 2020-05-19 02:40 - 001092096 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2020-05-19 02:40 - 2020-05-19 02:40 - 001085752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Services.TargetedContent.dll
2020-05-19 02:40 - 2020-05-19 02:40 - 001023128 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2020-05-19 02:40 - 2020-05-19 02:40 - 001007104 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2020-05-19 02:40 - 2020-05-19 02:40 - 001005056 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll
2020-05-19 02:40 - 2020-05-19 02:40 - 000979264 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2020-05-19 02:40 - 2020-05-19 02:40 - 000925184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2020-05-19 02:40 - 2020-05-19 02:40 - 000915192 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2020-05-19 02:40 - 2020-05-19 02:40 - 000891544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2020-05-19 02:40 - 2020-05-19 02:40 - 000888352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2020-05-19 02:40 - 2020-05-19 02:40 - 000879064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2020-05-19 02:40 - 2020-05-19 02:40 - 000859944 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2020-05-19 02:40 - 2020-05-19 02:40 - 000858112 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2020-05-19 02:40 - 2020-05-19 02:40 - 000854528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmIndexer.dll
2020-05-19 02:40 - 2020-05-19 02:40 - 000847168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Wdf01000.sys
2020-05-19 02:40 - 2020-05-19 02:40 - 000822272 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2020-05-19 02:40 - 2020-05-19 02:40 - 000822208 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2020-05-19 02:40 - 2020-05-19 02:40 - 000819200 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2020-05-19 02:40 - 2020-05-19 02:40 - 000796904 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2020-05-19 02:40 - 2020-05-19 02:40 - 000781312 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChatApis.dll
2020-05-19 02:40 - 2020-05-19 02:40 - 000777216 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentApis.dll
2020-05-19 02:40 - 2020-05-19 02:40 - 000752584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2020-05-19 02:40 - 2020-05-19 02:40 - 000742200 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingWinRT.dll
2020-05-19 02:40 - 2020-05-19 02:40 - 000732160 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.immersiveshell.serviceprovider.dll
2020-05-19 02:40 - 2020-05-19 02:40 - 000716312 _____ (Microsoft Corporation) C:\WINDOWS\system32\StateRepository.Core.dll
2020-05-19 02:40 - 2020-05-19 02:40 - 000685368 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2020-05-19 02:40 - 2020-05-19 02:40 - 000679424 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2020-05-19 02:40 - 2020-05-19 02:40 - 000676072 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFx02000.dll
2020-05-19 02:40 - 2020-05-19 02:40 - 000666624 _____ (Microsoft Corporation) C:\WINDOWS\system32\mbsmsapi.dll
2020-05-19 02:40 - 2020-05-19 02:40 - 000661816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2020-05-19 02:40 - 2020-05-19 02:40 - 000650240 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicesFlowBroker.dll
2020-05-19 02:40 - 2020-05-19 02:40 - 000639400 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp_win.dll
2020-05-19 02:40 - 2020-05-19 02:40 - 000638464 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.dll
2020-05-19 02:40 - 2020-05-19 02:40 - 000622592 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll
2020-05-19 02:40 - 2020-05-19 02:40 - 000621568 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2020-05-19 02:40 - 2020-05-19 02:40 - 000618496 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2020-05-19 02:40 - 2020-05-19 02:40 - 000599552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Payments.dll
2020-05-19 02:40 - 2020-05-19 02:40 - 000580608 _____ (Microsoft Corporation) C:\WINDOWS\system32\ddraw.dll
2020-05-19 02:40 - 2020-05-19 02:40 - 000569856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnprv.dll
2020-05-19 02:40 - 2020-05-19 02:40 - 000566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Wallet.dll
2020-05-19 02:40 - 2020-05-19 02:40 - 000550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2020-05-19 02:40 - 2020-05-19 02:40 - 000547992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MediaControl.dll
2020-05-19 02:40 - 2020-05-19 02:40 - 000544256 _____ (Microsoft Corporation) C:\WINDOWS\system32\usosvc.dll
2020-05-19 02:40 - 2020-05-19 02:40 - 000543824 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2020-05-19 02:40 - 2020-05-19 02:40 - 000530432 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2020-05-19 02:40 - 2020-05-19 02:40 - 000525824 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2020-05-19 02:40 - 2020-05-19 02:40 - 000524208 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2020-05-19 02:40 - 2020-05-19 02:40 - 000518456 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2020-05-19 02:40 - 2020-05-19 02:40 - 000513024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Activities.dll
2020-05-19 02:40 - 2020-05-19 02:40 - 000500736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.UserAccountsHandlers.dll
2020-05-19 02:40 - 2020-05-19 02:40 - 000500224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2020-05-19 02:40 - 2020-05-19 02:40 - 000477696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
2020-05-19 02:40 - 2020-05-19 02:40 - 000477496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2020-05-19 02:40 - 2020-05-19 02:40 - 000476160 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudDomainJoinDataModelServer.dll
2020-05-19 02:40 - 2020-05-19 02:40 - 000474112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Geolocation.dll
2020-05-19 02:40 - 2020-05-19 02:40 - 000467952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2020-05-19 02:40 - 2020-05-19 02:40 - 000460200 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2020-05-19 02:40 - 2020-05-19 02:40 - 000457216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cldflt.sys
2020-05-19 02:40 - 2020-05-19 02:40 - 000452608 _____ (Microsoft Corporation) C:\WINDOWS\system32\slui.exe
2020-05-19 02:40 - 2020-05-19 02:40 - 000448512 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataAccountApis.dll
2020-05-19 02:40 - 2020-05-19 02:40 - 000443904 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2020-05-19 02:40 - 2020-05-19 02:40 - 000442880 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneOm.dll
2020-05-19 02:40 - 2020-05-19 02:40 - 000439296 _____ (Microsoft Corporation) C:\WINDOWS\system32\wksprt.exe
2020-05-19 02:40 - 2020-05-19 02:40 - 000435200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll
2020-05-19 02:40 - 2020-05-19 02:40 - 000418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.NetworkOperators.ESim.dll
2020-05-19 02:40 - 2020-05-19 02:40 - 000408576 _____ (Microsoft Corporation) C:\WINDOWS\system32\TaskApis.dll
2020-05-19 02:40 - 2020-05-19 02:40 - 000408064 _____ (Microsoft Corporation) C:\WINDOWS\system32\mswsock.dll
2020-05-19 02:40 - 2020-05-19 02:40 - 000400696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2020-05-19 02:40 - 2020-05-19 02:40 - 000396800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Lights.dll
2020-05-19 02:40 - 2020-05-19 02:40 - 000392704 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
2020-05-19 02:40 - 2020-05-19 02:40 - 000390968 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2020-05-19 02:40 - 2020-05-19 02:40 - 000386320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2020-05-19 02:40 - 2020-05-19 02:40 - 000371712 _____ (Microsoft Corporation) C:\WINDOWS\system32\PickerPlatform.dll
2020-05-19 02:40 - 2020-05-19 02:40 - 000353280 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2020-05-19 02:40 - 2020-05-19 02:40 - 000343552 _____ (Microsoft Corporation) C:\WINDOWS\system32\RADCUI.dll
2020-05-19 02:40 - 2020-05-19 02:40 - 000334336 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Cortana.dll
2020-05-19 02:40 - 2020-05-19 02:40 - 000333128 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsta.dll
2020-05-19 02:40 - 2020-05-19 02:40 - 000330240 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
2020-05-19 02:40 - 2020-05-19 02:40 - 000312832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2020-05-19 02:40 - 2020-05-19 02:40 - 000312320 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcommdlg.dll
2020-05-19 02:40 - 2020-05-19 02:40 - 000311096 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostBroker.dll
2020-05-19 02:40 - 2020-05-19 02:40 - 000308736 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2020-05-19 02:40 - 2020-05-19 02:40 - 000306688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.CredDialogController.dll
2020-05-19 02:40 - 2020-05-19 02:40 - 000293376 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll
2020-05-19 02:40 - 2020-05-19 02:40 - 000283648 _____ (Microsoft Corporation) C:\WINDOWS\system32\ComposerFramework.dll
2020-05-19 02:40 - 2020-05-19 02:40 - 000273408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Identity.Provider.dll
2020-05-19 02:40 - 2020-05-19 02:40 - 000270336 _____ (Microsoft Corporation) C:\WINDOWS\system32\DesktopSwitcherDataModel.dll
2020-05-19 02:40 - 2020-05-19 02:40 - 000250880 _____ (Microsoft Corporation) C:\WINDOWS\system32\msutb.dll
2020-05-19 02:40 - 2020-05-19 02:40 - 000248832 _____ (Microsoft Corporation) C:\WINDOWS\system32\PasswordEnrollmentManager.dll
2020-05-19 02:40 - 2020-05-19 02:40 - 000247856 _____ (Microsoft Corporation) C:\WINDOWS\system32\weretw.dll
2020-05-19 02:40 - 2020-05-19 02:40 - 000244736 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneCallHistoryApis.dll
2020-05-19 02:40 - 2020-05-19 02:40 - 000237056 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2020-05-19 02:40 - 2020-05-19 02:40 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallServiceTasks.dll
2020-05-19 02:40 - 2020-05-19 02:40 - 000228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
2020-05-19 02:40 - 2020-05-19 02:40 - 000225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\TabSvc.dll
2020-05-19 02:40 - 2020-05-19 02:40 - 000223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\bthserv.dll
2020-05-19 02:40 - 2020-05-19 02:40 - 000221496 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2020-05-19 02:40 - 2020-05-19 02:40 - 000220672 _____ (Microsoft Corporation) C:\WINDOWS\system32\MtcModel.dll
2020-05-19 02:40 - 2020-05-19 02:40 - 000209208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2020-05-19 02:40 - 2020-05-19 02:40 - 000208384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryUpgrade.dll
2020-05-19 02:40 - 2020-05-19 02:40 - 000204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\SwitcherDataModel.dll
2020-05-19 02:40 - 2020-05-19 02:40 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2020-05-19 02:40 - 2020-05-19 02:40 - 000170496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.CapturePicker.dll
2020-05-19 02:40 - 2020-05-19 02:40 - 000152416 _____ (Microsoft Corporation) C:\WINDOWS\system32\KerbClientShared.dll
2020-05-19 02:40 - 2020-05-19 02:40 - 000142760 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingUI.exe
2020-05-19 02:40 - 2020-05-19 02:40 - 000141824 _____ (Microsoft Corporation) C:\WINDOWS\system32\socialapis.dll
2020-05-19 02:40 - 2020-05-19 02:40 - 000140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\slc.dll
2020-05-19 02:40 - 2020-05-19 02:40 - 000136704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Profile.RetailInfo.dll
2020-05-19 02:40 - 2020-05-19 02:40 - 000136192 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppc.dll
2020-05-19 02:40 - 2020-05-19 02:40 - 000135168 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2020-05-19 02:40 - 2020-05-19 02:40 - 000132712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Display.BrightnessOverride.dll
2020-05-19 02:40 - 2020-05-19 02:40 - 000130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairingExperienceMEM.dll
2020-05-19 02:40 - 2020-05-19 02:40 - 000129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredDialogBroker.dll
2020-05-19 02:40 - 2020-05-19 02:40 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\usoapi.dll
2020-05-19 02:40 - 2020-05-19 02:40 - 000128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\CaptureService.dll
2020-05-19 02:40 - 2020-05-19 02:40 - 000127064 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2020-05-19 02:40 - 2020-05-19 02:40 - 000125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2020-05-19 02:40 - 2020-05-19 02:40 - 000117760 _____ (Microsoft Corporation) C:\WINDOWS\system32\PeopleAPIs.dll
2020-05-19 02:40 - 2020-05-19 02:40 - 000114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSAssessment.dll
2020-05-19 02:40 - 2020-05-19 02:40 - 000107616 _____ (Microsoft Corporation) C:\WINDOWS\system32\phoneactivate.exe
2020-05-19 02:40 - 2020-05-19 02:40 - 000105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\utcutil.dll
2020-05-19 02:40 - 2020-05-19 02:40 - 000104248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
2020-05-19 02:40 - 2020-05-19 02:40 - 000102216 _____ (Microsoft Corporation) C:\WINDOWS\system32\changepk.exe
2020-05-19 02:40 - 2020-05-19 02:40 - 000096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrvext.dll
2020-05-19 02:40 - 2020-05-19 02:40 - 000092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc.dll
2020-05-19 02:40 - 2020-05-19 02:40 - 000089912 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceReactivation.dll
2020-05-19 02:40 - 2020-05-19 02:40 - 000086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\mbussdapi.dll
2020-05-19 02:40 - 2020-05-19 02:40 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc6.dll
2020-05-19 02:40 - 2020-05-19 02:40 - 000060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
2020-05-19 02:40 - 2020-05-19 02:40 - 000058880 _____ C:\WINDOWS\system32\runexehelper.exe
2020-05-19 02:40 - 2020-05-19 02:40 - 000058696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdfLdr.sys
2020-05-19 02:40 - 2020-05-19 02:40 - 000057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcimage.dll
2020-05-19 02:40 - 2020-05-19 02:40 - 000048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\ddrawex.dll
2020-05-19 02:40 - 2020-05-19 02:40 - 000045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryCore.dll
2020-05-19 02:40 - 2020-05-19 02:40 - 000044544 _____ (Microsoft Corporation) C:\WINDOWS\system32\werdiagcontroller.dll
2020-05-19 02:40 - 2020-05-19 02:40 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2020-05-19 02:40 - 2020-05-19 02:40 - 000043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpgradeResultsUI.exe
2020-05-19 02:40 - 2020-05-19 02:40 - 000022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\slcext.dll
2020-05-19 02:40 - 2020-05-19 02:40 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\dciman32.dll
2020-05-19 02:40 - 2020-05-19 02:40 - 000010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMAlertListener.ProxyStub.dll
2020-05-19 02:40 - 2020-05-19 02:40 - 000008192 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimg32.dll
2020-05-19 02:40 - 2020-05-19 02:40 - 000003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpk.dll
2020-05-19 02:40 - 2020-05-19 02:40 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2020-05-19 02:39 - 2020-05-19 02:39 - 017791488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2020-05-19 02:39 - 2020-05-19 02:39 - 009339392 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2020-05-19 02:39 - 2020-05-19 02:39 - 007297536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2020-05-19 02:39 - 2020-05-19 02:39 - 006232568 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2020-05-19 02:39 - 2020-05-19 02:39 - 004624880 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2020-05-19 02:39 - 2020-05-19 02:39 - 004005376 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2020-05-19 02:39 - 2020-05-19 02:39 - 003711488 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2020-05-19 02:39 - 2020-05-19 02:39 - 003581752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2020-05-19 02:39 - 2020-05-19 02:39 - 003109376 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2020-05-19 02:39 - 2020-05-19 02:39 - 003084800 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2020-05-19 02:39 - 2020-05-19 02:39 - 002760704 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe
2020-05-19 02:39 - 2020-05-19 02:39 - 002717184 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2020-05-19 02:39 - 2020-05-19 02:39 - 002504440 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2020-05-19 02:39 - 2020-05-19 02:39 - 002448712 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2020-05-19 02:39 - 2020-05-19 02:39 - 002289152 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2020-05-19 02:39 - 2020-05-19 02:39 - 002284032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.3D.dll
2020-05-19 02:39 - 2020-05-19 02:39 - 002256384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2020-05-19 02:39 - 2020-05-19 02:39 - 002150232 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2020-05-19 02:39 - 2020-05-19 02:39 - 002060800 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdprt.dll
2020-05-19 02:39 - 2020-05-19 02:39 - 001943040 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2020-05-19 02:39 - 2020-05-19 02:39 - 001885184 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2020-05-19 02:39 - 2020-05-19 02:39 - 001786880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2020-05-19 02:39 - 2020-05-19 02:39 - 001766400 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2020-05-19 02:39 - 2020-05-19 02:39 - 001751040 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2020-05-19 02:39 - 2020-05-19 02:39 - 001745208 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2020-05-19 02:39 - 2020-05-19 02:39 - 001722880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
2020-05-19 02:39 - 2020-05-19 02:39 - 001637888 _____ (Microsoft Corporation) C:\WINDOWS\system32\TaskFlowDataEngine.dll
2020-05-19 02:39 - 2020-05-19 02:39 - 001500672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll
2020-05-19 02:39 - 2020-05-19 02:39 - 001498624 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2020-05-19 02:39 - 2020-05-19 02:39 - 001413712 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2020-05-19 02:39 - 2020-05-19 02:39 - 001391104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.FaceAnalysis.dll
2020-05-19 02:39 - 2020-05-19 02:39 - 001385176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2020-05-19 02:39 - 2020-05-19 02:39 - 001346048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Maps.dll
2020-05-19 02:39 - 2020-05-19 02:39 - 001333248 _____ (Microsoft Corporation) C:\WINDOWS\system32\MiracastReceiver.dll
2020-05-19 02:39 - 2020-05-19 02:39 - 001270784 _____ (Microsoft Corporation) C:\WINDOWS\system32\SEMgrSvc.dll
2020-05-19 02:39 - 2020-05-19 02:39 - 001263616 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblGameSave.dll
2020-05-19 02:39 - 2020-05-19 02:39 - 001182208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2020-05-19 02:39 - 2020-05-19 02:39 - 001180672 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2020-05-19 02:39 - 2020-05-19 02:39 - 001149712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2020-05-19 02:39 - 2020-05-19 02:39 - 001098240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Signals.dll
2020-05-19 02:39 - 2020-05-19 02:39 - 001080320 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2020-05-19 02:39 - 2020-05-19 02:39 - 001072128 _____ (Microsoft Corporation) C:\WINDOWS\system32\BTAGService.dll
2020-05-19 02:39 - 2020-05-19 02:39 - 001059328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
2020-05-19 02:39 - 2020-05-19 02:39 - 001053696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AccountsControl.dll
2020-05-19 02:39 - 2020-05-19 02:39 - 001027816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Perception.Stub.dll
2020-05-19 02:39 - 2020-05-19 02:39 - 001007928 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2020-05-19 02:39 - 2020-05-19 02:39 - 000999616 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCPKsp.dll
2020-05-19 02:39 - 2020-05-19 02:39 - 000957056 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppContracts.dll
2020-05-19 02:39 - 2020-05-19 02:39 - 000949760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Ocr.dll
2020-05-19 02:39 - 2020-05-19 02:39 - 000945192 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2020-05-19 02:39 - 2020-05-19 02:39 - 000943616 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneService.dll
2020-05-19 02:39 - 2020-05-19 02:39 - 000938496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2020-05-19 02:39 - 2020-05-19 02:39 - 000921600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Service.dll
2020-05-19 02:39 - 2020-05-19 02:39 - 000916768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.dll
2020-05-19 02:39 - 2020-05-19 02:39 - 000915456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2020-05-19 02:39 - 2020-05-19 02:39 - 000902656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SmartCards.dll
2020-05-19 02:39 - 2020-05-19 02:39 - 000893952 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll
2020-05-19 02:39 - 2020-05-19 02:39 - 000874296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2020-05-19 02:39 - 2020-05-19 02:39 - 000841216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2020-05-19 02:39 - 2020-05-19 02:39 - 000826880 _____ (Microsoft Corporation) C:\WINDOWS\system32\printfilterpipelinesvc.exe
2020-05-19 02:39 - 2020-05-19 02:39 - 000824832 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsreg.dll
2020-05-19 02:39 - 2020-05-19 02:39 - 000819696 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.applicationmodel.datatransfer.dll
2020-05-19 02:39 - 2020-05-19 02:39 - 000809984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.Input.dll
2020-05-19 02:39 - 2020-05-19 02:39 - 000793088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.dll
2020-05-19 02:39 - 2020-05-19 02:39 - 000768000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
2020-05-19 02:39 - 2020-05-19 02:39 - 000759808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2020-05-19 02:39 - 2020-05-19 02:39 - 000750080 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2020-05-19 02:39 - 2020-05-19 02:39 - 000738304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Launcher.dll
2020-05-19 02:39 - 2020-05-19 02:39 - 000735744 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2020-05-19 02:39 - 2020-05-19 02:39 - 000732160 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2020-05-19 02:39 - 2020-05-19 02:39 - 000710656 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2020-05-19 02:39 - 2020-05-19 02:39 - 000706544 _____ (Microsoft Corporation) C:\WINDOWS\system32\mscms.dll
2020-05-19 02:39 - 2020-05-19 02:39 - 000649728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidprov.dll
2020-05-19 02:39 - 2020-05-19 02:39 - 000647168 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpsvc.dll
2020-05-19 02:39 - 2020-05-19 02:39 - 000637480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2020-05-19 02:39 - 2020-05-19 02:39 - 000636416 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2020-05-19 02:39 - 2020-05-19 02:39 - 000634680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2020-05-19 02:39 - 2020-05-19 02:39 - 000629760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.AllJoyn.dll
2020-05-19 02:39 - 2020-05-19 02:39 - 000614400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.LowLevel.dll
2020-05-19 02:39 - 2020-05-19 02:39 - 000604160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SmartCards.Phone.dll
2020-05-19 02:39 - 2020-05-19 02:39 - 000589384 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2020-05-19 02:39 - 2020-05-19 02:39 - 000559616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WwaApi.dll
2020-05-19 02:39 - 2020-05-19 02:39 - 000534528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.UserService.dll
2020-05-19 02:39 - 2020-05-19 02:39 - 000526336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.dll
2020-05-19 02:39 - 2020-05-19 02:39 - 000502272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFiDirect.dll
2020-05-19 02:39 - 2020-05-19 02:39 - 000495616 _____ (Microsoft Corporation) C:\WINDOWS\system32\RTMediaFrame.dll
2020-05-19 02:39 - 2020-05-19 02:39 - 000479744 _____ (Microsoft Corporation) C:\WINDOWS\system32\BcastDVRClient.dll
2020-05-19 02:39 - 2020-05-19 02:39 - 000475648 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountWAMExtension.dll
2020-05-19 02:39 - 2020-05-19 02:39 - 000457216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.ConversationalAgent.dll
2020-05-19 02:39 - 2020-05-19 02:39 - 000456192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.XboxLive.Storage.dll
2020-05-19 02:39 - 2020-05-19 02:39 - 000441144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2020-05-19 02:39 - 2020-05-19 02:39 - 000434176 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountExtension.dll
2020-05-19 02:39 - 2020-05-19 02:39 - 000430592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Midi.dll
2020-05-19 02:39 - 2020-05-19 02:39 - 000416256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Usb.dll
2020-05-19 02:39 - 2020-05-19 02:39 - 000415808 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2020-05-19 02:39 - 2020-05-19 02:39 - 000410608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Devices.dll
2020-05-19 02:39 - 2020-05-19 02:39 - 000399672 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.DataModel.dll
2020-05-19 02:39 - 2020-05-19 02:39 - 000394240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.Preview.dll
2020-05-19 02:39 - 2020-05-19 02:39 - 000380632 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredentialEnrollmentManager.exe
2020-05-19 02:39 - 2020-05-19 02:39 - 000374272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Diagnostics.dll
2020-05-19 02:39 - 2020-05-19 02:39 - 000368640 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManager.dll
2020-05-19 02:39 - 2020-05-19 02:39 - 000361472 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultsvc.dll
2020-05-19 02:39 - 2020-05-19 02:39 - 000339824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2020-05-19 02:39 - 2020-05-19 02:39 - 000333312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.SystemManagement.dll
2020-05-19 02:39 - 2020-05-19 02:39 - 000318680 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExecModelClient.dll
2020-05-19 02:39 - 2020-05-19 02:39 - 000316416 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncSettings.dll
2020-05-19 02:39 - 2020-05-19 02:39 - 000306496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbvideo.sys
2020-05-19 02:39 - 2020-05-19 02:39 - 000293888 _____ (Microsoft Corporation) C:\WINDOWS\system32\vdsbas.dll
2020-05-19 02:39 - 2020-05-19 02:39 - 000293888 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.Ngc.dll
2020-05-19 02:39 - 2020-05-19 02:39 - 000290304 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultcli.dll
2020-05-19 02:39 - 2020-05-19 02:39 - 000289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFi.dll
2020-05-19 02:39 - 2020-05-19 02:39 - 000281088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.HumanInterfaceDevice.dll
2020-05-19 02:39 - 2020-05-19 02:39 - 000273208 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostUser.dll
2020-05-19 02:39 - 2020-05-19 02:39 - 000265216 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2020-05-19 02:39 - 2020-05-19 02:39 - 000256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateDeploymentProvider.dll
2020-05-19 02:39 - 2020-05-19 02:39 - 000253952 _____ (Microsoft Corporation) C:\WINDOWS\system32\icm32.dll
2020-05-19 02:39 - 2020-05-19 02:39 - 000251392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winnat.sys
2020-05-19 02:39 - 2020-05-19 02:39 - 000250696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
2020-05-19 02:39 - 2020-05-19 02:39 - 000242688 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManagerClient.dll
2020-05-19 02:39 - 2020-05-19 02:39 - 000238904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Workplace.dll
2020-05-19 02:39 - 2020-05-19 02:39 - 000235008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Devices.Sensors.dll
2020-05-19 02:39 - 2020-05-19 02:39 - 000231912 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll
2020-05-19 02:39 - 2020-05-19 02:39 - 000222208 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataExchange.dll
2020-05-19 02:39 - 2020-05-19 02:39 - 000220160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Radios.dll
2020-05-19 02:39 - 2020-05-19 02:39 - 000216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Core.dll
2020-05-19 02:39 - 2020-05-19 02:39 - 000215040 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.dll
2020-05-19 02:39 - 2020-05-19 02:39 - 000210432 _____ (Microsoft Corporation) C:\WINDOWS\system32\ErrorDetails.dll
2020-05-19 02:39 - 2020-05-19 02:39 - 000208384 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthBroker.dll
2020-05-19 02:39 - 2020-05-19 02:39 - 000206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\useractivitybroker.dll
2020-05-19 02:39 - 2020-05-19 02:39 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2020-05-19 02:39 - 2020-05-19 02:39 - 000200192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Internal.Input.ExpressiveInput.dll
2020-05-19 02:39 - 2020-05-19 02:39 - 000187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Haptics.dll
2020-05-19 02:39 - 2020-05-19 02:39 - 000183808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Energy.dll
2020-05-19 02:39 - 2020-05-19 02:39 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.Compression.dll
2020-05-19 02:39 - 2020-05-19 02:39 - 000178688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Graphics.Display.DisplayEnhancementManagement.dll
2020-05-19 02:39 - 2020-05-19 02:39 - 000178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppExtension.dll
2020-05-19 02:39 - 2020-05-19 02:39 - 000169472 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpatialAudioLicenseSrv.exe
2020-05-19 02:39 - 2020-05-19 02:39 - 000164352 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingtcui.dll
2020-05-19 02:39 - 2020-05-19 02:39 - 000151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\VoipRT.dll
2020-05-19 02:39 - 2020-05-19 02:39 - 000150528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SerialCommunication.dll
2020-05-19 02:39 - 2020-05-19 02:39 - 000147776 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadWamExtension.dll
2020-05-19 02:39 - 2020-05-19 02:39 - 000138240 _____ (Microsoft Corporation) C:\WINDOWS\system32\TelephonyInteractiveUser.dll
2020-05-19 02:39 - 2020-05-19 02:39 - 000132096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Storage.dll
2020-05-19 02:39 - 2020-05-19 02:39 - 000129024 _____ (Microsoft Corporation) C:\WINDOWS\system32\UtcDecoderHost.exe
2020-05-19 02:39 - 2020-05-19 02:39 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\CameraCaptureUI.dll
2020-05-19 02:39 - 2020-05-19 02:39 - 000125440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Credentials.UI.UserConsentVerifier.dll
2020-05-19 02:39 - 2020-05-19 02:39 - 000121344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidbth.sys
2020-05-19 02:39 - 2020-05-19 02:39 - 000118784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Background.SystemEventsBroker.dll
2020-05-19 02:39 - 2020-05-19 02:39 - 000116224 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2020-05-19 02:39 - 2020-05-19 02:39 - 000114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.ServiceDiscovery.Dnssd.dll
2020-05-19 02:39 - 2020-05-19 02:39 - 000108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanprotdim.dll
2020-05-19 02:39 - 2020-05-19 02:39 - 000107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AI.MachineLearning.Preview.dll
2020-05-19 02:39 - 2020-05-19 02:39 - 000107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\BcastDVRBroker.dll
2020-05-19 02:39 - 2020-05-19 02:39 - 000100352 _____ (Microsoft Corporation) C:\WINDOWS\system32\DiagnosticInvoker.dll
2020-05-19 02:39 - 2020-05-19 02:39 - 000091648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Graphics.Display.DisplayColorManagement.dll
2020-05-19 02:39 - 2020-05-19 02:39 - 000090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Printers.dll
2020-05-19 02:39 - 2020-05-19 02:39 - 000088352 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll
2020-05-19 02:39 - 2020-05-19 02:39 - 000088280 _____ (Microsoft Corporation) C:\WINDOWS\system32\coloradapterclient.dll
2020-05-19 02:39 - 2020-05-19 02:39 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\CustomInstallExec.exe
2020-05-19 02:39 - 2020-05-19 02:39 - 000076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\autopilot.dll
2020-05-19 02:39 - 2020-05-19 02:39 - 000071168 _____ (Microsoft Corporation) C:\WINDOWS\system32\ffbroker.dll
2020-05-19 02:39 - 2020-05-19 02:39 - 000070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.EnrollmentStatusTracking.ConfigProvider.dll
2020-05-19 02:39 - 2020-05-19 02:39 - 000070144 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2020-05-19 02:39 - 2020-05-19 02:39 - 000069704 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsManagementServiceWinRt.ProxyStub.dll
2020-05-19 02:39 - 2020-05-19 02:39 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\tbauth.dll
2020-05-19 02:39 - 2020-05-19 02:39 - 000060432 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudNotifications.exe
2020-05-19 02:39 - 2020-05-19 02:39 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AssignedAccessRuntime.dll
2020-05-19 02:39 - 2020-05-19 02:39 - 000059192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storufs.sys
2020-05-19 02:39 - 2020-05-19 02:39 - 000057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2020-05-19 02:39 - 2020-05-19 02:39 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\audioresourceregistrar.dll
2020-05-19 02:39 - 2020-05-19 02:39 - 000047000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2020-05-19 02:39 - 2020-05-19 02:39 - 000046592 _____ (Microsoft Corporation) C:\WINDOWS\system32\printfilterpipelineprxy.dll
2020-05-19 02:39 - 2020-05-19 02:39 - 000044032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.Common.dll
2020-05-19 02:39 - 2020-05-19 02:39 - 000040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsUsbGDCoInstaller.dll
2020-05-19 02:39 - 2020-05-19 02:39 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerCookies.exe
2020-05-19 02:39 - 2020-05-19 02:39 - 000035328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\TsUsbGD.sys
2020-05-19 02:39 - 2020-05-19 02:39 - 000032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblGameSaveTask.exe
2020-05-19 02:39 - 2020-05-19 02:39 - 000031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\FaxPrinterInstaller.dll
2020-05-19 02:39 - 2020-05-19 02:39 - 000030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\KNetPwrDepBroker.sys
2020-05-19 02:39 - 2020-05-19 02:39 - 000023040 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsregtask.dll
2020-05-19 00:44 - 2020-05-19 00:45 - 006120568 _____ (Crystal Dew World ) C:\Users\EDGAR\Downloads\CrystalDiskMark7_0_0h.exe
2020-05-19 00:44 - 2020-05-19 00:44 - 000016238 _____ C:\Users\EDGAR\Downloads\Sin confirmar 12931.crdownload
2020-05-19 00:34 - 2020-05-19 00:34 - 000000017 _____ C:\Users\EDGAR\AppData\Local\resmon.resmoncfg
2020-05-18 23:23 - 2015-10-16 09:12 - 174960640 _____ C:\Users\EDGAR\Desktop\disco recuperacion Win7 64bits.iso
2020-05-18 23:09 - 2020-05-18 23:17 - 165943515 _____ C:\Users\EDGAR\Downloads\disco recuperacion Win7 64bits.rar
2020-05-18 22:28 - 2020-05-19 00:01 - 2036826112 _____ C:\Users\EDGAR\Downloads\linuxmint-19.3-cinnamon-64bit.iso
2020-05-18 21:54 - 2020-05-25 15:46 - 000002712 _____ C:\Users\EDGAR\Desktop\Herramienta de descarga USB DVD de Windows 7.lnk
2020-05-18 21:54 - 2020-05-18 22:01 - 000000000 ____D C:\Users\EDGAR\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Herramienta de descarga USB DVD de Windows 7
2020-05-18 21:54 - 2020-05-18 22:01 - 000000000 ____D C:\Users\EDGAR\AppData\Local\Apps\Herramienta de descarga USB DVD de Windows 7
2020-05-18 21:53 - 2020-05-18 21:53 - 001135160 _____ (Akeo Consulting) C:\Users\EDGAR\Downloads\Sin confirmar 794959.crdownload
2020-05-18 21:53 - 2020-05-18 21:53 - 001135160 _____ (Akeo Consulting) C:\Users\EDGAR\Downloads\rufus-3.10.exe
2020-05-18 21:48 - 2020-05-18 21:48 - 002951056 _____ (Microsoft Corporation) C:\Users\EDGAR\Downloads\Windows7-USB-DVD-Download-Tool-Installer-es-ES.exe
2020-05-18 21:38 - 2020-05-18 21:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2020-05-13 20:02 - 2020-05-13 20:02 - 000052264 _____ C:\Users\EDGAR\Downloads\Sin confirmar 509988.crdownload
2020-05-12 20:53 - 2020-05-12 20:53 - 000093460 _____ C:\Users\EDGAR\Downloads\Prueba_Reco.xlsm
2020-05-12 20:52 - 2020-05-12 20:52 - 000017506 _____ C:\Users\EDGAR\Downloads\Prueba_Zarpe.xlsm
2020-05-12 20:43 - 2020-05-12 20:43 - 000001816 _____ C:\Users\Public\Desktop\iTunes.lnk
2020-05-12 20:43 - 2020-05-12 20:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2020-05-12 20:42 - 2020-05-12 20:42 - 000000000 ____D C:\Program Files\iPod
2020-05-12 20:41 - 2020-05-12 20:42 - 000000000 ____D C:\Program Files\iTunes
2020-05-12 20:38 - 2020-05-12 20:38 - 000007877 _____ C:\Users\EDGAR\Downloads\Macros RedVan - copia.zip
2020-05-12 20:29 - 2020-05-13 21:16 - 000132036 _____ C:\Users\EDGAR\Downloads\READY_ATO_REDVAN_IPC_12_05_2020.xlsx
2020-05-12 20:28 - 2020-05-12 20:28 - 000022558 _____ C:\Users\EDGAR\Downloads\REC_ATO_REDVAN_IPC_12_05_2020.xlsx
2020-05-12 20:26 - 2020-05-12 20:26 - 000022024 _____ C:\Users\EDGAR\Downloads\REC_ATO_REDVAN_IPC_13_05_2020.xlsx
2020-05-12 08:18 - 2020-05-12 08:18 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2020-05-12 08:18 - 2020-05-12 08:18 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2020-05-12 08:18 - 2020-05-12 08:18 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2020-05-12 08:18 - 2020-05-12 08:18 - 000044552 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2020-05-12 00:04 - 2020-05-12 00:04 - 000000000 ____D C:\Users\EDGAR\AppData\Local\HP
2020-04-29 19:21 - 2020-04-29 19:21 - 000007452 _____ C:\Users\EDGAR\Downloads\CreditoConsumo_ConsultaCuota_29-04-2020_19.21.30.pdf
2020-04-29 18:15 - 2020-05-26 00:59 - 000002784 _____ C:\WINDOWS\system32\Tasks\HPCeeScheduleForEDGAR
2020-04-29 18:15 - 2020-05-26 00:59 - 000000350 _____ C:\WINDOWS\Tasks\HPCeeScheduleForEDGAR.job

==================== Un mes (modificado) ==================

(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)

2020-05-26 01:06 - 2017-05-04 18:03 - 000000000 ____D C:\Users\EDGAR\AppData\LocalLow\Mozilla
2020-05-26 00:59 - 2019-11-08 00:47 - 000003778 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player NPAPI Notifier
2020-05-26 00:59 - 2019-11-08 00:47 - 000003672 _____ C:\WINDOWS\system32\Tasks\KHUpdateTaskUserS-1-5-21-1498714615-88780390-2559584424-1000UA
2020-05-26 00:59 - 2019-11-08 00:47 - 000003550 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2020-05-26 00:59 - 2019-11-08 00:47 - 000003522 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachineUA
2020-05-26 00:59 - 2019-11-08 00:47 - 000003404 _____ C:\WINDOWS\system32\Tasks\KHUpdateTaskUserS-1-5-21-1498714615-88780390-2559584424-1000Core
2020-05-26 00:59 - 2019-11-08 00:47 - 000003344 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{AE7C631B-0434-48E2-85E5-9A2207E87B13}
2020-05-26 00:59 - 2019-11-08 00:47 - 000003330 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player Updater
2020-05-26 00:59 - 2019-11-08 00:47 - 000003326 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2020-05-26 00:59 - 2019-11-08 00:47 - 000003298 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachineCore
2020-05-26 00:59 - 2019-11-08 00:47 - 000003242 _____ C:\WINDOWS\system32\Tasks\G2MUploadTask-S-1-5-21-1498714615-88780390-2559584424-1000
2020-05-26 00:59 - 2019-11-08 00:47 - 000003146 _____ C:\WINDOWS\system32\Tasks\G2MUpdateTask-S-1-5-21-1498714615-88780390-2559584424-1000
2020-05-26 00:59 - 2019-11-08 00:47 - 000002854 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1498714615-88780390-2559584424-1000
2020-05-26 00:59 - 2019-11-08 00:47 - 000002560 _____ C:\WINDOWS\system32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-1498714615-88780390-2559584424-1000
2020-05-26 00:59 - 2019-11-08 00:47 - 000002444 _____ C:\WINDOWS\system32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-1498714615-88780390-2559584424-1000
2020-05-26 00:59 - 2017-01-25 18:23 - 000001112 _____ C:\WINDOWS\Tasks\KHUpdateTaskUserS-1-5-21-1498714615-88780390-2559584424-1000UA.job
2020-05-26 00:59 - 2017-01-25 18:23 - 000001060 _____ C:\WINDOWS\Tasks\KHUpdateTaskUserS-1-5-21-1498714615-88780390-2559584424-1000Core.job
2020-05-26 00:59 - 2016-10-17 14:08 - 000001008 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2020-05-26 00:59 - 2016-10-17 14:08 - 000001004 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2020-05-26 00:59 - 2016-09-21 20:16 - 000000652 _____ C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-1498714615-88780390-2559584424-1000.job
2020-05-26 00:59 - 2016-09-21 20:16 - 000000556 _____ C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-1498714615-88780390-2559584424-1000.job
2020-05-26 00:57 - 2019-11-08 00:10 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-05-26 00:53 - 2019-03-19 00:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-05-25 23:05 - 2018-04-14 15:26 - 000000000 ____D C:\Users\EDGAR\AppData\Local\LogMeIn Hamachi
2020-05-25 17:13 - 2019-03-19 00:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-05-24 22:20 - 2019-11-08 00:47 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-05-24 22:19 - 2019-03-19 00:37 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2020-05-24 22:18 - 2019-03-19 00:50 - 000000000 ____D C:\WINDOWS\INF
2020-05-24 22:17 - 2019-11-08 00:23 - 000000000 ____D C:\Users\EDGAR
2020-05-24 18:53 - 2019-03-19 00:52 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2020-05-24 14:12 - 2019-11-08 00:47 - 000003038 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2020-05-24 14:08 - 2019-10-11 23:49 - 000000000 ___DC C:\WINDOWS\Panther
2020-05-24 14:08 - 2019-03-19 00:52 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2020-05-24 14:08 - 2014-08-05 20:29 - 000000000 ____D C:\Users\EDGAR\AppData\Local\CrashDumps
2020-05-24 14:00 - 2019-11-08 00:23 - 000000000 ____D C:\Users\DefaultAppPool
2020-05-24 13:43 - 2014-08-05 11:43 - 000000000 ____D C:\WINDOWS\pss
2020-05-24 12:38 - 2014-08-15 08:34 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2020-05-22 20:42 - 2018-01-17 11:25 - 000000000 ____D C:\Users\EDGAR\AppData\Local\Packages
2020-05-22 00:30 - 2019-03-19 00:52 - 000000000 ___HD C:\Program Files\WindowsApps
2020-05-21 22:19 - 2019-03-11 14:06 - 000000000 ____D C:\Users\EDGAR\AppData\Local\D3DSCache
2020-05-21 22:13 - 2016-01-17 21:54 - 000000000 ____D C:\ProgramData\Package Cache
2020-05-21 17:41 - 2014-08-05 21:09 - 000002299 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-05-21 14:20 - 2016-04-07 18:21 - 000829780 _____ C:\Users\EDGAR\Downloads\Test_Competencias.pdf
2020-05-20 14:57 - 2015-11-29 15:02 - 000001228 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2020-05-20 14:13 - 2019-11-08 00:36 - 002016130 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-05-20 14:13 - 2019-03-19 07:59 - 000865336 _____ C:\WINDOWS\system32\perfh00A.dat
2020-05-20 14:13 - 2019-03-19 07:59 - 000186482 _____ C:\WINDOWS\system32\perfc00A.dat
2020-05-20 14:11 - 2018-01-17 11:50 - 000000000 ___RD C:\Users\EDGAR\3D Objects
2020-05-20 14:11 - 2015-08-05 23:38 - 000000000 __RHD C:\Users\Public\AccountPictures
2020-05-20 14:06 - 2019-11-08 00:10 - 000448552 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-05-20 02:47 - 2019-03-19 00:52 - 000000000 ____D C:\WINDOWS\TextInput
2020-05-20 02:47 - 2019-03-19 00:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2020-05-20 02:46 - 2019-03-19 00:52 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2020-05-20 02:46 - 2019-03-19 00:52 - 000000000 ____D C:\WINDOWS\SystemResources
2020-05-20 02:46 - 2019-03-19 00:52 - 000000000 ____D C:\WINDOWS\system32\oobe
2020-05-20 02:46 - 2019-03-19 00:52 - 000000000 ____D C:\WINDOWS\system32\inetsrv
2020-05-20 02:46 - 2019-03-19 00:52 - 000000000 ____D C:\WINDOWS\system32\Dism
2020-05-20 02:46 - 2019-03-19 00:52 - 000000000 ____D C:\WINDOWS\ShellExperiences
2020-05-20 02:46 - 2019-03-19 00:52 - 000000000 ____D C:\WINDOWS\Provisioning
2020-05-20 02:46 - 2019-03-19 00:52 - 000000000 ____D C:\WINDOWS\bcastdvr
2020-05-20 02:46 - 2019-03-19 00:52 - 000000000 ____D C:\PerfLogs
2020-05-19 13:09 - 2019-03-19 00:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-05-19 13:04 - 2014-08-05 11:54 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2020-05-19 12:57 - 2015-10-30 13:29 - 000000000 ____D C:\WINDOWS\system32\MRT
2020-05-19 02:59 - 2015-10-30 13:29 - 120636720 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2020-05-19 02:39 - 2019-11-08 00:16 - 002874880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2020-05-18 21:39 - 2016-10-17 14:08 - 000000000 ____D C:\Program Files (x86)\Dropbox
2020-05-18 21:34 - 2017-07-28 19:28 - 000000000 ____D C:\Users\EDGAR\AppData\Local\GoToMeeting
2020-05-18 21:32 - 2019-03-19 00:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2020-05-18 21:32 - 2019-03-19 00:52 - 000000000 ____D C:\WINDOWS\system32\Macromed
2020-05-07 14:16 - 2020-02-27 09:06 - 000002397 _____ C:\Users\EDGAR\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-05-07 14:16 - 2015-08-05 23:42 - 000000000 ___RD C:\Users\EDGAR\OneDrive
2020-05-01 20:00 - 2018-02-14 01:26 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd

==================== Archivos en la raíz de algunos directorios ========

2015-03-30 16:17 - 2015-03-30 16:17 - 000000040 _____ () C:\Users\EDGAR\AppData\Roaming\cdr.ini
2016-01-23 17:47 - 2016-07-27 00:17 - 000000290 _____ () C:\Users\EDGAR\AppData\Roaming\WB.CFG
2020-05-19 00:34 - 2020-05-19 00:34 - 000000017 _____ () C:\Users\EDGAR\AppData\Local\resmon.resmoncfg

==================== SigCheck ============================

(No existe una corrección automática para los archivos que no pasan la verificación.)

==================== Final de FRST.txt ========================

Addition

Resultados del Análisis Adicional de Farbar Recovery Scan Tool (x64) Versión: 24-05-2020 01
Ejecutado por EDGAR (26-05-2020 01:23:45)
Ejecutado desde C:\Users\EDGAR\Downloads
Windows 10 Home Versión 1903 18362.836 (X64) (2019-11-08 04:49:20)
Modo de Inicio: Normal
==========================================================


==================== Cuentas: =============================

Administrador (S-1-5-21-1498714615-88780390-2559584424-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1498714615-88780390-2559584424-503 - Limited - Disabled)
EDGAR (S-1-5-21-1498714615-88780390-2559584424-1000 - Administrator - Enabled) => C:\Users\EDGAR
Invitado (S-1-5-21-1498714615-88780390-2559584424-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-1498714615-88780390-2559584424-504 - Limited - Disabled)

==================== Centro de Seguridad ========================

(Si una entrada es incluida en el fixlist, será eliminada.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: AVG Antivirus (Disabled - Up to date) {18A975F9-A60C-37D8-E30B-4BEF31AD3411}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Programas instalados ======================

(Solo los programas de adware con indicador "Oculto", pueden ser añadidos al fixlist para hacerlos visibles. Los programas adware deben ser desinstalados manualmente.)

Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.371 - Adobe)
Adobe Reader X (10.1.16) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.16 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.6 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.6.3.633 - Adobe Systems, Inc.)
Apple Application Support (32 bits) (HKLM-x32\...\{6CF0CAEE-54B6-4D84-A055-3AF110F189D3}) (Version: 8.4 - Apple Inc.)
Apple Application Support (64 bits) (HKLM\...\{8B127943-89E7-4691-A7A4-D05807920A84}) (Version: 8.4 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{0A394C41-FBA7-4930-85FC-3A973B34E6C6}) (Version: 13.5.0.26 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A3985C05-7386-411F-A4BF-32A73F37EB44}) (Version: 2.6.3.1 - Apple Inc.)
Ares 2.2.4 (HKLM-x32\...\Ares) (Version: 2.2.4-Build#3048 - Ares Development Group)
Asistente para actualización a Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22899 - Microsoft Corporation)
AVG AntiVirus FREE (HKLM-x32\...\AVG Antivirus) (Version: 20.3.3120 - AVG Technologies)
Bejeweled 3 (HKLM-x32\...\WTA-94c173d0-6f4c-4f0a-a28c-9ab29fbc993d) (Version: 2.2.0.97 - WildTangent) Hidden
Blackhawk Striker 2 (HKLM-x32\...\WTA-f16b8f53-ee39-4add-a2f0-1817b05618e4) (Version: 2.2.0.95 - WildTangent) Hidden
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Broadcom 802.11 Wireless LAN Adapter (HKLM\...\Broadcom 802.11 Wireless LAN Adapter) (Version: 5.100.82.140 - Broadcom Corporation)
Broadcom Bluetooth Software (HKLM\...\{6E7F4CA3-B2DE-413C-A7A1-43AA5BE19EA1}) (Version: 6.5.0.3300 - Broadcom Corporation)
Call of Duty (HKLM-x32\...\Call of Duty) (Version:  - )
CCleaner (HKLM\...\CCleaner) (Version: 5.66 - Piriform)
Centro de dispositivos de Windows Mobile (HKLM\...\{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}) (Version: 6.1.6965.0 - Microsoft Corporation)
Cheating-Death 4.33.4 (HKLM-x32\...\Cheating-Death) (Version:  - )
Chuzzle Deluxe (HKLM-x32\...\WTA-429b1bc5-8fc1-476e-a4b1-4336281bc49a) (Version: 2.2.0.95 - WildTangent) Hidden
Compresor WinRAR (HKLM-x32\...\WinRAR archiver) (Version:  - )
Control ActiveX de Windows Live Mesh para conexiones remotas (HKLM-x32\...\{04668DF2-D32F-4555-9C7E-35523DCD6544}) (Version: 15.4.5722.2 - Microsoft Corporation)
Counter-Strike 1.6 (HKLM-x32\...\Counter-Strike 1.6_is1) (Version: Counter-Strike 1.6 No Steam - KingSOFT DVD)
Cradle of Rome 2 (HKLM-x32\...\WTA-569bd764-281f-4fb6-8333-aa711ed9253c) (Version: 2.2.0.98 - WildTangent) Hidden
CrystalDiskMark 7.0.0h (HKLM\...\CrystalDiskMark7_is1) (Version: 7.0.0h - Crystal Dew World)
CyberLink PowerDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.4.3516 - CyberLink Corp.)
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.5.2.4725 - CyberLink Corp.)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Dora's World Adventure (HKLM-x32\...\WTA-6e9bfadc-40a3-45f4-81f3-10325bcc5db1) (Version: 2.2.0.95 - WildTangent) Hidden
Dropbox (HKLM-x32\...\Dropbox) (Version: 97.4.467 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.295.1 - Dropbox, Inc.) Hidden
Eines de correcció del Microsoft Office 2013: català (HKLM\...\{90150000-001F-0403-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Epic Games Launcher (HKLM-x32\...\{3A595C95-121D-4EB0-8D57-C7A309BA6C09}) (Version: 1.1.267.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Escritorio Movistar Latam (HKLM-x32\...\MovistarLATAM) (Version: 8.7.6.765 - Escritorio Movistar Latam)
ESU for Microsoft Windows 7 SP1 (HKLM-x32\...\{768A6276-5822-489C-8A2B-67190F745655}) (Version: 4.1.2 - Hewlett-Packard)
Evernote v. 4.5.2 (HKLM-x32\...\{8CE152BA-1D16-11E1-867D-984BE15F174E}) (Version: 4.5.2.5904 - Evernote Corp.)
Farm Frenzy (HKLM-x32\...\WTA-69ed9d7e-b452-4bfa-b2e0-a898045b3c6b) (Version: 2.2.0.98 - WildTangent) Hidden
Farmscapes (HKLM-x32\...\WTA-f34bfcac-df2e-48ed-9c87-9da2930e3876) (Version: 2.2.0.98 - WildTangent) Hidden
FATE (HKLM-x32\...\WTA-1e2151aa-6615-4802-8c91-0a54c2b5ebd5) (Version: 2.2.0.97 - WildTangent) Hidden
Ferramentas de verificación de Microsoft Office 2013 - Galego (HKLM\...\{90150000-001F-0456-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Final Drive Fury (HKLM-x32\...\WTA-0d7aca96-d38b-451f-b9d9-a180726c1827) (Version: 2.2.0.95 - WildTangent) Hidden
Firestorm Launcher versión 1.1 (HKLM-x32\...\{008D5963-9A73-4472-8C16-A5BF04491B9D}_is1) (Version: 1.1 - Firestorm)
Free CD to MP3 Converter (HKLM-x32\...\Free CD to MP3 Converter) (Version:  - )
Galería fotográfica de Windows Live (HKLM-x32\...\{E85A4EFC-82F2-4CEE-8A8E-62FDAD353A66}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
GameRanger (HKU\S-1-5-21-1498714615-88780390-2559584424-1000\...\GameRanger) (Version:  - GameRanger Technologies)
GameRanger (HKU\S-1-5-21-1498714615-88780390-2559584424-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05242020222230334\...\GameRanger) (Version:  - GameRanger Technologies)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 83.0.4103.61 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
GoToMeeting 10.9.1.17359 (HKU\S-1-5-21-1498714615-88780390-2559584424-1000\...\GoToMeeting) (Version: 10.9.1.17359 - LogMeIn, Inc.)
GoToMeeting 10.9.1.17359 (HKU\S-1-5-21-1498714615-88780390-2559584424-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05242020222230334\...\GoToMeeting) (Version: 10.9.1.17359 - LogMeIn, Inc.)
Herramienta de descarga USB/DVD de Windows 7 (HKLM-x32\...\{266F443F-A296-406F-9EE8-DF4A1061C6CE}) (Version: 1.0.30 - Microsoft Corporation)
Hewlett-Packard ACLM.NET v1.2.2.3 (HKLM-x32\...\{6F340107-F9AA-47C6-B54C-C3A19F11553F}) (Version: 1.00.0000 - Hewlett-Packard Company) Hidden
Hoyle Card Games (HKLM-x32\...\WTA-c218d297-1ae1-4fcb-81df-df65ce6f6c3e) (Version: 2.2.0.95 - WildTangent) Hidden
HP 3D DriveGuard (HKLM\...\{E5D02167-DD50-4E8C-B9F9-992182E08D6B}) (Version: 4.2.9.1 - Hewlett-Packard Company)
HP CoolSense (HKLM-x32\...\{11AF9A96-6D83-4C3B-8DCB-16EA2A358E3F}) (Version: 2.10.51 - Hewlett-Packard Company)
HP Documentation (HKLM-x32\...\{E8FB3731-B805-4353-92C2-EAB3F9C7632D}) (Version: 1.1.0.0 - Hewlett-Packard)
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.2.5 - WildTangent)
HP Launch Box (HKLM\...\{5A847522-375C-4D05-BD3D-88C450CC047F}) (Version: 1.1.5 - Hewlett-Packard Company)
HP On Screen Display (HKLM-x32\...\{ED1BD69A-07E3-418C-91F1-D856582581BF}) (Version: 1.3.5 - Hewlett-Packard Company)
HP Quick Launch (HKLM-x32\...\{E5823036-6F09-4D0A-B05C-E2BAA129288A}) (Version: 3.0.6 - Hewlett-Packard Company)
HP Security Assistant (HKLM\...\{ED6CD3AC-616B-4B20-BCF3-6E637B92A5AD}) (Version: 3.0.4 - Hewlett-Packard Company)
HP Setup (HKLM-x32\...\{F5E7D9AF-60F6-4A30-87E3-4EA94D322CE1}) (Version: 9.0.15109.3899 - Hewlett-Packard Company)
HP Setup Manager (HKLM-x32\...\{AE856388-AFAD-4753-81DF-D96B19D0A17C}) (Version: 1.2.14901.3869 - Hewlett-Packard Company)
HP Software Framework (HKLM-x32\...\{5877C85D-8CA5-4153-A366-C232ECFE7A2B}) (Version: 4.6.10.1 - Hewlett-Packard Company)
HP Support Assistant (HKLM-x32\...\{79C54A05-F146-4EA0-8A70-D4EFE6181E52}) (Version: 8.8.24.33 - Hewlett-Packard Company)
HP Support Solutions Framework (HKLM-x32\...\{7B649B69-BE85-4011-AFAE-4767BC9D934A}) (Version: 12.15.14.3 - Hewlett-Packard Company)
HP Touchpoint Analytics Client (HKLM\...\{E5FB98E0-0784-44F0-8CEC-95CD4690C43F}) (Version: 4.0.2.1439 - HP Inc.)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6381.0 - IDT)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.0.1351 - Intel Corporation)
Intel(R) OpenCL CPU Runtime (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version:  - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2618 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.0.199 - Intel Corporation)
Intel® Trusted Connect Service Client (HKLM\...\{6199B534-A1B6-46ED-873B-97B0ECF8F81E}) (Version: 1.23.216.0 - Intel Corporation)
iTunes (HKLM\...\{FBC5EC17-2F93-4210-B642-B2A56AA80D7C}) (Version: 12.10.6.2 - Apple Inc.)
Jewel Match 3 (HKLM-x32\...\WTA-d88a8c95-c99d-4ce4-a9e1-02c1f7320094) (Version: 2.2.0.98 - WildTangent) Hidden
Jewel Quest Mysteries: The Seventh Gate Collector's Edition (HKLM-x32\...\WTA-f8bc6387-942c-45ee-841c-2ee2a8b7f003) (Version: 2.2.0.98 - WildTangent) Hidden
John Deere Drive Green (HKLM-x32\...\WTA-3d355ec2-deb7-437a-b363-3478c4f72634) (Version: 2.2.0.95 - WildTangent) Hidden
Junk Mail filter update (HKLM-x32\...\{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
khipu 1.17.1922.1 (HKU\S-1-5-21-1498714615-88780390-2559584424-1000\...\{4D05E15F-74B2-4779-9599-49B557B3F673}_is1) (Version: khipu 1.17.1922.1 - khipu)
khipu 1.17.1922.1 (HKU\S-1-5-21-1498714615-88780390-2559584424-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05242020222230334\...\{4D05E15F-74B2-4779-9599-49B557B3F673}_is1) (Version: khipu 1.17.1922.1 - khipu)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Letters from Nowhere 2 (HKLM-x32\...\WTA-f06aa5a3-b226-4f00-b6de-e5d27dbdeb07) (Version: 2.2.0.97 - WildTangent) Hidden
LogMeIn Hamachi (HKLM-x32\...\{ECC0FA07-863E-44BC-8B1D-DA22F96E5FB7}) (Version: 2.2.0.633 - LogMeIn, Inc.) Hidden
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.633 - LogMeIn, Inc.)
Luxor HD (HKLM-x32\...\WTA-d732ba4a-fca3-4418-ab45-5c351ccbe168) (Version: 2.2.0.98 - WildTangent) Hidden
Mah Jong Medley (HKLM-x32\...\WTA-5d18f4a4-c32c-46b2-a5c2-9165c2b500c9) (Version: 2.2.0.95 - WildTangent) Hidden
Malwarebytes version 4.1.0.56 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.1.0.56 - Malwarebytes)
Mesh Runtime (HKLM-x32\...\{8C6D6116-B724-4810-8F2D-D047E6B7D68E}) (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft Age of Empires II (HKLM-x32\...\Age of Empires 2.0) (Version:  - )
Microsoft Age of Empires II: The Conquerors Expansion (HKLM-x32\...\Age of Empires II: The Conquerors Expansion 1.0) (Version:  - )
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1498714615-88780390-2559584424-1000\...\OneDriveSetup.exe) (Version: 20.052.0311.0011 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1498714615-88780390-2559584424-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05242020222230334\...\OneDriveSetup.exe) (Version: 20.052.0311.0011 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 76.0.1 (x64 es-ES) (HKLM\...\Mozilla Firefox 76.0.1 (x64 es-ES)) (Version: 76.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 76.0.1.7432 - Mozilla)
Nero Info (HKLM-x32\...\{F030BFE8-8476-4C08-A553-233DE80A2BE1}) (Version: 16.0.2002 - Nero AG)
opensource (HKLM-x32\...\{3677D4D8-E5E0-49FC-B86E-06541CF00BBE}) (Version: 1.0.14960.3876 - Your Company Name) Hidden
Outils de vérification linguistique 2013 de Microsoft Office - Français (HKLM\...\{90150000-001F-040C-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Paquete de idioma de Microsoft Visual Studio 2010 Tools para Office Runtime (x64) - ESN (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - ESN) (Version: 10.0.50903 - Microsoft Corporation)
Penguins! (HKLM-x32\...\WTA-9dacd4bf-85ef-4afc-a8f5-3bffcb0427e7) (Version: 2.2.0.98 - WildTangent) Hidden
Plants vs. Zombies - Game of the Year (HKLM-x32\...\WTA-51ef76ca-47e8-4b11-ab7f-5a0f6158a761) (Version: 2.2.0.98 - WildTangent) Hidden
Poker Superstars III (HKLM-x32\...\WTA-3ca8bffb-1521-4550-8032-40f35916b432) (Version: 2.2.0.95 - WildTangent) Hidden
Polar Bowler (HKLM-x32\...\WTA-bbfd2921-a9be-4d9a-9cf1-da6b625bee79) (Version: 2.2.0.97 - WildTangent) Hidden
Polar Golfer (HKLM-x32\...\WTA-a989db7d-f1d9-41f0-8d3f-29aa10249e9f) (Version: 2.2.0.98 - WildTangent) Hidden
RealDownloader (HKLM-x32\...\{7722483A-5FB8-4A2E-9422-6DA527A9173F}) (Version: 17.0.12 - RealNetworks, Inc.) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (HKLM-x32\...\{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}) (Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (HKLM\...\{21E47F47-C9A7-4454-BA48-388327B0EA00}) (Version: 10.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (HKLM-x32\...\{AAECF7BA-E83B-4A10-87EA-DE0B333F8734}) (Version: 10.0 - RealNetworks, Inc) Hidden
RealPlayer Cloud (HKLM-x32\...\RealPlayer 17.0) (Version: 17.0.12 - RealNetworks)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.48.823.2011 - Realtek)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7601.29004 - Realtek Semiconductor Corp.)
RealUpgrade 1.1 (HKLM-x32\...\{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}) (Version: 1.1.0 - RealNetworks, Inc.) Hidden
Revisores de Texto do Microsoft Office 2013 – Português do Brasil (HKLM\...\{90150000-001F-0416-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
RollerCoaster Tycoon 3: Platinum (HKLM-x32\...\WTA-018314fc-6b59-4d10-be00-e3d0416a3e64) (Version: 2.2.0.98 - WildTangent) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version:  - Microsoft)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.12.98 - Synaptics Incorporated)
The Treasures of Mystery Island: The Ghost Ship (HKLM-x32\...\WTA-c1320fb3-b781-48a4-92ca-0498292edb99) (Version: 2.2.0.98 - WildTangent) Hidden
Torchlight (HKLM-x32\...\WTA-9e5ad475-053c-468b-b44f-b247d7055868) (Version: 2.2.0.98 - WildTangent) Hidden
Update for Skype for Business 2015 (KB4484289) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{1C76EBD9-0A70-4094-A543-00CAA3B62113}) (Version:  - Microsoft)
Update for Skype for Business 2015 (KB4484289) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{1C76EBD9-0A70-4094-A543-00CAA3B62113}) (Version:  - Microsoft)
Update for Skype for Business 2015 (KB4484289) 64-Bit Edition (HKLM\...\{90150000-012B-0C0A-1000-0000000FF1CE}_Office15.PROPLUS_{1C76EBD9-0A70-4094-A543-00CAA3B62113}) (Version:  - Microsoft)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden
Update Installer for WildTangent Games App (HKLM-x32\...\{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App) (Version:  - WildTangent) Hidden
UpdateAssistant (HKLM\...\{F339C545-24DC-4870-AA32-6EB6B0500B95}) (Version: 1.24.0.0 - Microsoft Corporation) Hidden
UpdateService (HKLM-x32\...\{E3AE96D6-E196-45B4-AF62-2B41998B9E37}) (Version: 1.0.0 - RealNetworks, Inc.) Hidden
Virtual Villagers 4 - The Tree of Life (HKLM-x32\...\WTA-dd2bd00b-f745-4780-aba9-c441e0858b1f) (Version: 2.2.0.98 - WildTangent) Hidden
Warcraft III (HKLM-x32\...\Warcraft III) (Version:  - )
Warcraft III: All Products (HKU\S-1-5-21-1498714615-88780390-2559584424-1000\...\Warcraft III) (Version:  - )
Warcraft III: All Products (HKU\S-1-5-21-1498714615-88780390-2559584424-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05242020222230334\...\Warcraft III) (Version:  - )
WildTangent Games App (HP Games) (HKLM-x32\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-hp) (Version: 4.0.5.32 - WildTangent) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Yu-Gi-Oh! Power of Chaos JOEY THE PASSION (HKLM-x32\...\Yu-Gi-Oh! Power of Chaos JOEY THE PASSION_is1) (Version:  - Konami)
Zoom (HKU\S-1-5-21-1498714615-88780390-2559584424-1000\...\ZoomUMX) (Version: 5.0 - Zoom Video Communications, Inc.)
Zoom (HKU\S-1-5-21-1498714615-88780390-2559584424-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05242020222230334\...\ZoomUMX) (Version: 5.0 - Zoom Video Communications, Inc.)
ZTE USB Driver (HKLM\...\ZTE USB Driver) (Version: 1.0.1.31_TME - ZTE Corporation)
Zuma's Revenge (HKLM-x32\...\WTA-53d5f198-ee92-4fc0-a52c-286f7325cc9e) (Version: 2.2.0.98 - WildTangent) Hidden

Packages:
=========
Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.1.0.0_x64__tf1gferkr813w [2019-11-08] (Autodesk Inc.)
Candy Crush Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSaga_1.1760.2.0_x86__kgqvnymyfvs32 [2020-05-07] (king.com)
Complemento de motor del medio de Fotos -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-11-23] (Microsoft Corporation)
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.2.169.0_x64__rz1tebttyb220 [2020-05-01] (Dolby Laboratories)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-02-13] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-02-13] (Microsoft Corporation) [MS Ad]
Microsoft News: Noticias destacadas en español -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.38.21323.0_x64__8wekyb3d8bbwe [2020-05-18] (Microsoft Corporation)
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.7.5012.0_x64__8wekyb3d8bbwe [2020-05-07] (Microsoft Studios) [MS Ad]
MSN Deportes -> C:\Program Files\WindowsApps\Microsoft.BingSports_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-30] (Microsoft Corporation) [MS Ad]
MSN Dinero -> C:\Program Files\WindowsApps\Microsoft.BingFinance_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-30] (Microsoft Corporation) [MS Ad]
MSN El Tiempo -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-30] (Microsoft Corporation) [MS Ad]
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.Twitter_6.1.4.1000_neutral__wgeqdkkx372wm [2018-09-13] (Twitter Inc.)

==================== Personalizado CLSID (Lista blanca): ==============

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

CustomCLSID: HKU\S-1-5-21-1498714615-88780390-2559584424-1000_Classes\CLSID\{D9AC5E73-BB10-467b-B884-AA1E475C51F5}\Shell\Open\Command -> C:\Program Files\Synaptics\SynTP\SynTPCpl.dll (Synaptics Incorporated -> Synaptics Incorporated)
CustomCLSID: HKU\S-1-5-21-1498714615-88780390-2559584424-1000_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A} -> [Dropbox] => C:\Users\EDGAR\Dropbox [2016-10-17 14:38]
ShellIconOverlayIdentifiers: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> Ningún archivo
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> Ningún archivo
ShellIconOverlayIdentifiers-x32: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} =>  -> Ningún archivo
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} =>  -> Ningún archivo
ContextMenuHandlers1: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2020-05-24] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> Ningún archivo
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2008-06-20] () [Archivo no firmado]
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2008-09-16] () [Archivo no firmado]
ContextMenuHandlers3: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> Ningún archivo
ContextMenuHandlers3: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> Ningún archivo
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-05-24] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin64\rpcloudview.dll [2014-08-17] (RealNetworks, Inc. -> RealNetworks, Inc.)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} =>  -> Ningún archivo
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} =>  -> Ningún archivo
ContextMenuHandlers4: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2008-06-20] () [Archivo no firmado]
ContextMenuHandlers4-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2008-09-16] () [Archivo no firmado]
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} =>  -> Ningún archivo
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\WINDOWS\system32\igfxpph.dll [2017-03-09] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2020-05-24] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> Ningún archivo
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-05-24] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} =>  -> Ningún archivo
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2008-06-20] () [Archivo no firmado]
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2008-09-16] () [Archivo no firmado]

==================== Codecs (Lista blanca) ====================

==================== Accesos directos & WMI ========================

(Las entradas pueden ser listadas para ser restauradas o eliminadas.)

WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]
ShortcutWithArgument: C:\Users\EDGAR\Desktop\Plus500.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory=Default --app-id=gjnbjoifncpjlidnhbmoimcgdgjfhoog
ShortcutWithArgument: C:\Users\EDGAR\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\Plus500.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory=Default --app-id=gjnbjoifncpjlidnhbmoimcgdgjfhoog

==================== Módulos cargados (Lista blanca) =============

2014-08-05 11:49 - 2008-06-20 01:11 - 000062464 _____ () [Archivo no firmado] C:\Program Files (x86)\WinRAR\rarext64.dll
2020-05-01 19:41 - 2020-05-01 19:48 - 000165376 _____ () [Archivo no firmado] C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.2.169.0_x64__rz1tebttyb220\DAXRPCClient.dll
2020-05-01 19:41 - 2020-05-01 19:48 - 037219328 _____ () [Archivo no firmado] C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.2.169.0_x64__rz1tebttyb220\DolbyAccess.dll
2020-04-16 22:39 - 2020-04-16 22:39 - 001165824 _____ () [Archivo no firmado] C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.2.169.0_x64__rz1tebttyb220\e_sqlite3.dll
2017-01-25 18:23 - 2017-01-25 18:23 - 000803568 ____T (Google Inc (TEST) -> khipu) [Archivo no firmado] C:\Users\EDGAR\AppData\Local\KH\Update\1.3.23.0\khipdate.dll

==================== Alternate Data Streams (Lista blanca) ========

==================== Modo Seguro (Lista blanca) ==================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El "AlternateShell" será restaurado.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Asociación (Lista blanca) =================

==================== Internet Explorer sitios de confianza/restringidos ==========

==================== Hosts contenido: =========================

(Si es necesario, la directiva Hosts: puede ser incluida en el fixlist para restablecer Hosts.)

2009-07-13 22:34 - 2009-06-10 17:00 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Otras Áreas ===========================

(Actualmente no existe una corrección automática para esta sección.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files\Broadcom\Broadcom 802.11\Driver;;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\WIDCOMM\Bluetooth Software\;C:\Program Files\WIDCOMM\Bluetooth Software\syswow64;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05242020222228819\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05242020222229459\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-21-1498714615-88780390-2559584424-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\EDGAR\AppData\Local\Microsoft\Windows\Themes\2006-Audi-R-Zero-Concept-Black-SA-1920x1440.jpg
HKU\S-1-5-21-1498714615-88780390-2559584424-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05242020222230334\Control Panel\Desktop\\Wallpaper -> C:\Users\EDGAR\AppData\Local\Microsoft\Windows\Themes\2006-Audi-R-Zero-Concept-Black-SA-1920x1440.jpg
HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05242020222233585\Control Panel\Desktop\\Wallpaper -> 
DNS Servers: 192.168.8.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (Ningún archivo)
Firewall de Windows está habilitado.

==================== MSCONFIG/TASK MANAGER elementos deshabilitados ==

(Si una entrada es incluida en el fixlist, será eliminada.)

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk => C:\Windows\pss\Bluetooth.lnk.CommonStartup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: HotKeysCmds => C:\Windows\system32\hkcmd.exe
MSCONFIG\startupreg: HP CoolSense => C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe -byrunkey
MSCONFIG\startupreg: HP Quick Launch => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
MSCONFIG\startupreg: HPOSD => C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
MSCONFIG\startupreg: IgfxTray => C:\Windows\system32\igfxtray.exe
MSCONFIG\startupreg: Persistence => C:\Windows\system32\igfxpers.exe
MSCONFIG\startupreg: RemoteControl10 => "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
MSCONFIG\startupreg: SetDefault => C:\Program Files\Hewlett-Packard\HP LaunchBox\SetDefault.exe
MSCONFIG\startupreg: SynTPEnh => %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
MSCONFIG\startupreg: SysTrayApp => C:\Program Files\IDT\WDM\sttray64.exe
MSCONFIG\startupreg: USB3MON => "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
HKLM\...\StartupApproved\Run: => "Windows Mobile Device Center"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKU\S-1-5-21-1498714615-88780390-2559584424-1000\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_C5AFDDB057D0F01A726A9152C485F15B"
HKU\S-1-5-21-1498714615-88780390-2559584424-1000\...\StartupApproved\Run: => "EpicGamesLauncher"
HKU\S-1-5-21-1498714615-88780390-2559584424-1000\...\StartupApproved\Run: => "KH Update"
HKU\S-1-5-21-1498714615-88780390-2559584424-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05242020222230334\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_C5AFDDB057D0F01A726A9152C485F15B"
HKU\S-1-5-21-1498714615-88780390-2559584424-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05242020222230334\...\StartupApproved\Run: => "EpicGamesLauncher"
HKU\S-1-5-21-1498714615-88780390-2559584424-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05242020222230334\...\StartupApproved\Run: => "KH Update"

==================== Reglas de firewall (Lista blanca) ================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

FirewallRules: [{3AEA5014-8104-4140-A855-DE13EC8C8259}] => (Allow) C:\Users\EDGAR\AppData\Local\Chromium\Application\chrome.exe (The Chromium Authors) [Archivo no firmado]
FirewallRules: [{032BE4DD-DF5F-44F8-847C-CFC27BD8A55B}] => (Allow) LPort=26675
FirewallRules: [{0A123940-B5D0-4735-A0CF-F11740280AE5}] => (Allow) C:\WINDOWS\WindowsMobile\wmdHost.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{D138575B-46AF-4751-85A7-21F966F4CF50}] => (Allow) C:\WINDOWS\WindowsMobile\wmdHost.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{E28F3E93-9636-43AF-AA02-66BD068442CC}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{EFA6AB04-2D4B-4BD2-88BF-C330E3787AE0}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{17CAD49B-48E9-41E3-9E0D-0A57E38E1439}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{81D48727-9364-44A5-B36B-E249CCB1628A}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [UDP Query User{C405E976-FBF6-4CC3-A351-311C8B0A2BF3}C:\program files (x86)\ares\ares.exe] => (Allow) C:\program files (x86)\ares\ares.exe (Ares Development Group) [Archivo no firmado]
FirewallRules: [TCP Query User{93C35DF1-7B29-4EE3-85E8-74683900CAC0}C:\program files (x86)\ares\ares.exe] => (Allow) C:\program files (x86)\ares\ares.exe (Ares Development Group) [Archivo no firmado]
FirewallRules: [UDP Query User{E07F27BD-FF7B-4E16-A36A-DBBA11F4BF5E}C:\program files (x86)\ares\ares.exe] => (Allow) C:\program files (x86)\ares\ares.exe (Ares Development Group) [Archivo no firmado]
FirewallRules: [TCP Query User{C5DCF11F-368E-4C72-B1C0-E8F50F362F20}C:\program files (x86)\ares\ares.exe] => (Allow) C:\program files (x86)\ares\ares.exe (Ares Development Group) [Archivo no firmado]
FirewallRules: [{83D92D04-877C-4994-8D27-F58A33FD7835}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{A5ABE1C9-1807-4396-9E8E-AD31D22AEDE5}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{2F5178A4-CC4D-4B57-AABA-4EBA0EB7A5F7}C:\users\edgar\appdata\roaming\gameranger\gameranger\gameranger.exe] => (Allow) C:\users\edgar\appdata\roaming\gameranger\gameranger\gameranger.exe (GameRanger Technologies -> GameRanger Technologies)
FirewallRules: [TCP Query User{A0CEDD87-3F09-4B99-B718-73B668A16C25}C:\users\edgar\appdata\roaming\gameranger\gameranger\gameranger.exe] => (Allow) C:\users\edgar\appdata\roaming\gameranger\gameranger\gameranger.exe (GameRanger Technologies -> GameRanger Technologies)
FirewallRules: [UDP Query User{D796A449-EF6D-472C-822E-3C91AD4FFEE6}C:\windows\syswow64\dpnsvr.exe] => (Allow) C:\windows\syswow64\dpnsvr.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [TCP Query User{EA44562E-58D2-41BC-8391-6D73BE2950C8}C:\windows\syswow64\dpnsvr.exe] => (Allow) C:\windows\syswow64\dpnsvr.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [UDP Query User{7A6D9ACA-FEB0-4C50-9669-67D0ECEF3663}C:\program files (x86)\konami\yu-gi-oh! power of chaos\joey the passion\joey the passion\joey_pc.exe] => (Allow) C:\program files (x86)\konami\yu-gi-oh! power of chaos\joey the passion\joey the passion\joey_pc.exe () [Archivo no firmado]
FirewallRules: [TCP Query User{02CC45F7-320C-4EBD-AFBC-77AB0160F095}C:\program files (x86)\konami\yu-gi-oh! power of chaos\joey the passion\joey the passion\joey_pc.exe] => (Allow) C:\program files (x86)\konami\yu-gi-oh! power of chaos\joey the passion\joey the passion\joey_pc.exe () [Archivo no firmado]
FirewallRules: [UDP Query User{3A3D4911-9934-468F-B54F-E8E6E1AE366B}C:\program files (x86)\konami\yu-gi-oh! power of chaos\joey the passion\joey_pc.exe] => (Allow) C:\program files (x86)\konami\yu-gi-oh! power of chaos\joey the passion\joey_pc.exe () [Archivo no firmado]
FirewallRules: [TCP Query User{BFECFBCD-4177-4FFD-BAC7-2A6EBC7D4BC3}C:\program files (x86)\konami\yu-gi-oh! power of chaos\joey the passion\joey_pc.exe] => (Allow) C:\program files (x86)\konami\yu-gi-oh! power of chaos\joey the passion\joey_pc.exe () [Archivo no firmado]
FirewallRules: [UDP Query User{0073F3CD-811A-4DBA-8408-364CB1453CF0}C:\users\edgar\appdata\roaming\gameranger\gameranger\gameranger.exe] => (Allow) C:\users\edgar\appdata\roaming\gameranger\gameranger\gameranger.exe (GameRanger Technologies -> GameRanger Technologies)
FirewallRules: [TCP Query User{54F8F517-D8E8-445F-879E-C7DAF84C2D38}C:\users\edgar\appdata\roaming\gameranger\gameranger\gameranger.exe] => (Allow) C:\users\edgar\appdata\roaming\gameranger\gameranger\gameranger.exe (GameRanger Technologies -> GameRanger Technologies)
FirewallRules: [{5D44D3C2-6024-4AE7-ABE7-38FD57850EA1}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{90DA6DEC-1C1C-44D1-A98D-10BD59BD8452}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{064943B4-9E59-43B6-9DCF-9B4A00874A05}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{41F2205B-802E-450C-93CB-CF7C42903CAD}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{C4F8B721-378A-4FBB-85C4-9452E2BE8E8B}] => (Allow) C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe (RealNetworks, Inc. -> RealNetworks, Inc.)
FirewallRules: [{0225165D-5B32-4507-AAB4-92400D3D99E4}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{AF5E8B7D-90AD-4077-B24E-7A9DDD37477E}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{7804ED01-2749-4718-A964-AFE60D173F4A}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{1E58B472-2838-48F9-BF81-74C6BA3BB92E}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{7F43A9FC-C7A4-4951-AAF9-DFD0EFE3D875}E:\easysetupassistant\wr741n\easysetupassistant.exe] => (Allow) E:\easysetupassistant\wr741n\easysetupassistant.exe => Ningún archivo
FirewallRules: [TCP Query User{2D17E90E-9AEF-4811-AF20-427B2C02D560}E:\easysetupassistant\wr741n\easysetupassistant.exe] => (Allow) E:\easysetupassistant\wr741n\easysetupassistant.exe => Ningún archivo
FirewallRules: [UDP Query User{2744A7BE-416F-433D-80A1-2321DAE4273D}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{DB960B73-B4A7-4FF8-A611-AA17CE3433A2}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{660A0339-6AEE-4362-97EC-66862C16D071}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{354BC8BB-AFA9-4ED3-83B5-8F3CEADEB79F}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{E499C4B8-4A53-45B5-9626-0A1403175809}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{05EF76DC-32D4-475E-9555-044E874CECCC}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{B125F0D2-A8E1-469A-9AE4-8F47CB0E18E2}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE (CyberLink -> CyberLink Corp.)
FirewallRules: [{425620B1-3720-453F-B554-7D6CBC582A19}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe (CyberLink -> CyberLink Corp.)
FirewallRules: [{F42FB106-0138-4DAB-930C-EBB2A34B0A48}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{38212E34-130B-4438-BA64-E60D4512C0A5}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{E9C87D64-82B2-4C6D-A953-F747D3D8025A}] => (Allow) LPort=1900
FirewallRules: [{5E7A245D-A3DD-41E6-AE5B-42112B35FBC7}] => (Allow) LPort=2869
FirewallRules: [{4CE66E1C-43F2-4ACE-843C-717F39A64AE0}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{1D14CE70-511A-4FE5-AFF0-9D48C308E514}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{0072C3F5-1F0E-4D1B-8D86-79455FE52C78}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{8D55E813-3665-454A-A188-B27AFE405FDF}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{75D49DED-059B-4AFF-B3E9-4F00599FEB5C}C:\program files (x86)\microsoft games\age of empires ii\age2_x1\age2_x1.exe] => (Allow) C:\program files (x86)\microsoft games\age of empires ii\age2_x1\age2_x1.exe (Microsoft Corporation) [Archivo no firmado]
FirewallRules: [UDP Query User{FD7CD410-42A2-485B-B257-FD67B799CABD}C:\program files (x86)\microsoft games\age of empires ii\age2_x1\age2_x1.exe] => (Allow) C:\program files (x86)\microsoft games\age of empires ii\age2_x1\age2_x1.exe (Microsoft Corporation) [Archivo no firmado]
FirewallRules: [TCP Query User{1BA946E6-C9CF-42FE-BCCF-1B63A3851FB2}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [UDP Query User{76D318CD-7C97-4A08-935D-B7287A673AB3}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [TCP Query User{5CB07089-E4C6-41F0-8A95-034644241763}C:\program files (x86)\microsoft games\age of empires ii\empires2.exe] => (Allow) C:\program files (x86)\microsoft games\age of empires ii\empires2.exe (Microsoft Corporation) [Archivo no firmado]
FirewallRules: [UDP Query User{86950DAB-A72F-4539-87ED-23F563A9A5CE}C:\program files (x86)\microsoft games\age of empires ii\empires2.exe] => (Allow) C:\program files (x86)\microsoft games\age of empires ii\empires2.exe (Microsoft Corporation) [Archivo no firmado]
FirewallRules: [TCP Query User{5E2C0005-4C27-4F52-9827-CC267CF12B34}C:\program files (x86)\konami\yu-gi-oh! power of chaos\joey the passion\joey_pc.exe] => (Allow) C:\program files (x86)\konami\yu-gi-oh! power of chaos\joey the passion\joey_pc.exe () [Archivo no firmado]
FirewallRules: [UDP Query User{7915D042-81C0-46A1-943C-9EFEE15805F5}C:\program files (x86)\konami\yu-gi-oh! power of chaos\joey the passion\joey_pc.exe] => (Allow) C:\program files (x86)\konami\yu-gi-oh! power of chaos\joey the passion\joey_pc.exe () [Archivo no firmado]
FirewallRules: [TCP Query User{4558C367-6140-4829-A5CA-DFAD6D31A980}C:\windows\syswow64\dpnsvr.exe] => (Allow) C:\windows\syswow64\dpnsvr.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [UDP Query User{45AD2BBD-966E-4BEB-8517-19DEC30ACA26}C:\windows\syswow64\dpnsvr.exe] => (Allow) C:\windows\syswow64\dpnsvr.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [TCP Query User{6CCB8B2B-A319-482B-A83E-1E2F247B6136}C:\program files (x86)\counter-strike 1.6\hl.exe] => (Block) C:\program files (x86)\counter-strike 1.6\hl.exe (Valve) [Archivo no firmado]
FirewallRules: [UDP Query User{6CFBF717-65CE-4ACD-A6E1-6963562EA838}C:\program files (x86)\counter-strike 1.6\hl.exe] => (Block) C:\program files (x86)\counter-strike 1.6\hl.exe (Valve) [Archivo no firmado]
FirewallRules: [TCP Query User{DED99B4D-FCE4-492C-8F87-AB5ED1F35341}C:\program files (x86)\warcraft iii\war3.exe] => (Allow) C:\program files (x86)\warcraft iii\war3.exe (Blizzard Entertainment) [Archivo no firmado]
FirewallRules: [UDP Query User{2BC38D64-D0C1-4F72-A58C-9E3249FDDC83}C:\program files (x86)\warcraft iii\war3.exe] => (Allow) C:\program files (x86)\warcraft iii\war3.exe (Blizzard Entertainment) [Archivo no firmado]
FirewallRules: [TCP Query User{2C4F89B5-7976-472D-920A-7D71ECE67648}H:\ee\empire earth\empire earth.exe] => (Allow) H:\ee\empire earth\empire earth.exe => Ningún archivo
FirewallRules: [UDP Query User{A1B61668-95DC-487F-AE1D-8341F6CA454F}H:\ee\empire earth\empire earth.exe] => (Allow) H:\ee\empire earth\empire earth.exe => Ningún archivo
FirewallRules: [TCP Query User{167E42B9-FBA6-47E9-BF3F-E6278740F089}C:\users\edgar\documents\juegos\ee\empire earth\empire earth.exe] => (Allow) C:\users\edgar\documents\juegos\ee\empire earth\empire earth.exe () [Archivo no firmado]
FirewallRules: [UDP Query User{EEA40D70-EE39-4800-99EF-518F41F529FF}C:\users\edgar\documents\juegos\ee\empire earth\empire earth.exe] => (Allow) C:\users\edgar\documents\juegos\ee\empire earth\empire earth.exe () [Archivo no firmado]
FirewallRules: [{EE4CA41C-A801-44DF-86FA-772BBE86A99B}] => (Block) C:\users\edgar\documents\juegos\ee\empire earth\empire earth.exe () [Archivo no firmado]
FirewallRules: [{2922A9E9-D297-4A46-8B59-23514DF515F3}] => (Block) C:\users\edgar\documents\juegos\ee\empire earth\empire earth.exe () [Archivo no firmado]
FirewallRules: [TCP Query User{95D648EF-9E55-4DC6-820C-F1CAA2EBE543}C:\program files (x86)\call of duty\codmp.exe] => (Allow) C:\program files (x86)\call of duty\codmp.exe () [Archivo no firmado]
FirewallRules: [UDP Query User{91C6987C-B681-4644-A807-813A95F97D7E}C:\program files (x86)\call of duty\codmp.exe] => (Allow) C:\program files (x86)\call of duty\codmp.exe () [Archivo no firmado]
FirewallRules: [{0B58EB63-6E2D-446B-8BB2-B6CCFE53A2F4}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{30F75465-2DF0-46CD-81F4-EB98FA1C5EAB}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{8D1262C5-8F47-4318-9E65-13BBF313C466}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [{970F4657-58C0-4DD1-9B64-0799D505229A}] => (Allow) C:\Users\EDGAR\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{A17B5F1D-3D62-40EF-A9D6-B3FF20170747}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Puntos de Restauración =========================


==================== Dispositivos defectuosos en el Administrador de dispositivos ============

Name: LogMeIn Hamachi Virtual Ethernet Adapter
Description: LogMeIn Hamachi Virtual Ethernet Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: LogMeIn Inc.
Service: Hamachi
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Errores del registro de eventos: ========================

Errores de aplicación:
==================
Error: (05/25/2020 08:26:24 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (5700,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) al abrir un archivo de registro C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (05/25/2020 08:19:41 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (7628,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) al abrir un archivo de registro C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (05/25/2020 07:34:19 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (8136,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) al abrir un archivo de registro C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (05/25/2020 07:23:22 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (7268,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) al abrir un archivo de registro C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (05/25/2020 06:47:01 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (11896,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) al abrir un archivo de registro C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (05/25/2020 06:38:54 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (10860,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) al abrir un archivo de registro C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (05/25/2020 06:31:45 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (10700,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) al abrir un archivo de registro C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (05/25/2020 06:13:20 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (10700,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) al abrir un archivo de registro C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.


Errores del sistema:
=============
Error: (05/25/2020 08:36:15 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio eapihdrv no pudo iniciarse debido al siguiente error: 
Se ha bloqueado la descarga de este controlador

Error: (05/25/2020 08:36:15 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\EDGAR\AppData\Local\Temp\ehdrv.sys

Error: (05/25/2020 08:36:14 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio eapihdrv no pudo iniciarse debido al siguiente error: 
Se ha bloqueado la descarga de este controlador

Error: (05/25/2020 08:36:14 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\EDGAR\AppData\Local\Temp\ehdrv.sys

Error: (05/25/2020 08:36:14 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio eapihdrv no pudo iniciarse debido al siguiente error: 
Se ha bloqueado la descarga de este controlador

Error: (05/25/2020 08:36:14 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\EDGAR\AppData\Local\Temp\ehdrv.sys

Error: (05/25/2020 08:36:14 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio eapihdrv no pudo iniciarse debido al siguiente error: 
Se ha bloqueado la descarga de este controlador

Error: (05/25/2020 08:36:14 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\EDGAR\AppData\Local\Temp\ehdrv.sys


Windows Defender:
===================================
Date: 2020-05-20 14:57:34.201
Description: 
El examen de Antivirus de Windows Defender se detuvo antes de completarse.
Id. de examen: {86869B51-D714-4823-B387-B28279E70C05}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM

Date: 2020-05-20 14:45:06.596
Description: 
El examen de Antivirus de Windows Defender se detuvo antes de completarse.
Id. de examen: {D644C0A4-B441-4B4B-994F-8FC064357C1D}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM

Date: 2020-05-19 13:14:55.247
Description: 
El examen de Antivirus de Windows Defender se detuvo antes de completarse.
Id. de examen: {6316D944-B51F-49EB-8096-6400921024A3}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM

Date: 2020-05-19 02:24:14.683
Description: 
El examen de Antivirus de Windows Defender se detuvo antes de completarse.
Id. de examen: {12F38FE5-3E4A-434A-8881-8337A18FD86A}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM

Date: 2020-05-19 01:32:12.376
Description: 
El examen de Antivirus de Windows Defender se detuvo antes de completarse.
Id. de examen: {2B331AE7-3E88-45E8-A902-ADE5F8AF9F19}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM

Date: 2020-05-18 22:54:48.729
Description: 
Antivirus de Windows Defender encontró un error al intentar restaurar un elemento de la cuarentena.
Para más información, consulta lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win32/Keygen&threatid=2147593794&enterprise=0
Nombre: HackTool:Win32/Keygen
Id.: 2147593794
Gravedad: Alta
Categoría: Herramienta
Usuario: EDGAR-HP\EDGAR
Código de error: 0x80508014
Descripción del error: No se puede restaurar el elemento en cuarentena. 
Versión de inteligencia de seguridad: AV: 1.315.953.0, AS: 1.315.953.0
Versión de motor: 1.1.17000.7

Date: 2020-05-02 20:18:46.970
Description: 
Antivirus de Windows Defender detectó un error al intentar actualizar la inteligencia de seguridad.
Nueva versión de inteligencia de seguridad: 
Versión anterior de inteligencia de seguridad: 1.313.2734.0
Origen de actualización: Servidor de Microsoft Update
Tipo de inteligencia de seguridad: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\SYSTEM
Versión actual del motor: 
Versión anterior del motor: 1.1.16900.4
Código de error: 0x80070102
Descripción del error: Tiempo de espera de la operación de espera agotado. 

Date: 2020-05-02 20:18:46.969
Description: 
Antivirus de Windows Defender detectó un error al intentar actualizar la inteligencia de seguridad.
Nueva versión de inteligencia de seguridad: 
Versión anterior de inteligencia de seguridad: 1.313.2734.0
Origen de actualización: Servidor de Microsoft Update
Tipo de inteligencia de seguridad: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\SYSTEM
Versión actual del motor: 
Versión anterior del motor: 1.1.16900.4
Código de error: 0x80070102
Descripción del error: Tiempo de espera de la operación de espera agotado. 

Date: 2020-05-01 19:58:48.558
Description: 
Antivirus de Windows Defender detectó un error al intentar actualizar la inteligencia de seguridad.
Nueva versión de inteligencia de seguridad: 
Versión anterior de inteligencia de seguridad: 1.313.2592.0
Origen de actualización: Centro de protección contra malware de Microsoft
Tipo de inteligencia de seguridad: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\Servicio de red
Versión actual del motor: 
Versión anterior del motor: 1.1.16900.4
Código de error: 0x80072ee2
Descripción del error: Se superó el tiempo de espera para la operación
Date: 2020-05-01 19:58:48.557
Description: 
Antivirus de Windows Defender detectó un error al intentar actualizar la inteligencia de seguridad.
Nueva versión de inteligencia de seguridad: 
Versión anterior de inteligencia de seguridad: 1.313.2592.0
Origen de actualización: Centro de protección contra malware de Microsoft
Tipo de inteligencia de seguridad: AntiSpyware
Tipo de actualización: Completa
Usuario: NT AUTHORITY\Servicio de red
Versión actual del motor: 
Versión anterior del motor: 1.1.16900.4
Código de error: 0x80072ee2
Descripción del error: Se superó el tiempo de espera para la operación 

CodeIntegrity:
===================================

Date: 2020-05-26 01:03:17.413
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVG\Antivirus\aswAMSI.dll that did not meet the Windows signing level requirements.

Date: 2020-05-25 20:22:26.072
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVG\Antivirus\aswAMSI.dll that did not meet the Windows signing level requirements.

Date: 2020-05-25 20:22:26.045
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVG\Antivirus\aswAMSI.dll that did not meet the Windows signing level requirements.

Date: 2020-05-25 20:22:25.999
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVG\Antivirus\aswAMSI.dll that did not meet the Windows signing level requirements.

Date: 2020-05-25 16:21:11.076
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVG\Antivirus\aswAMSI.dll that did not meet the Windows signing level requirements.

Date: 2020-05-25 16:21:11.050
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVG\Antivirus\aswAMSI.dll that did not meet the Windows signing level requirements.

Date: 2020-05-25 16:21:11.019
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVG\Antivirus\aswAMSI.dll that did not meet the Windows signing level requirements.

Date: 2020-05-25 16:21:10.993
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVG\Antivirus\aswAMSI.dll that did not meet the Windows signing level requirements.

==================== Información de la memoria =========================== 

BIOS: Insyde F.25 05/29/2013
Placa base: Hewlett-Packard 183D
Procesador: Intel(R) Core(TM) i3-2350M CPU @ 2.30GHz
Porcentaje de memoria en uso: 59%
RAM física total: 8088.36 MB
RAM física disponible: 3264.18 MB
Virtual total: 16280.36 MB
Virtual disponible: 11392.07 MB

==================== Unidades ================================

Drive c: () (Fixed) (Total:576.66 GB) (Free:284.25 GB) NTFS ==>[sistema con componentes de arranque (obtenido de unidad)]
Drive d: (Recovery) (Fixed) (Total:19.21 GB) (Free:2.06 GB) NTFS ==>[sistema con componentes de arranque (obtenido de unidad)]
Drive f: (HP_TOOLS) (Fixed) (Total:0.1 GB) (Free:0.08 GB) FAT32

\\?\Volume{977e2d77-1c7d-11e4-8431-806e6f6e6963}\ (SYSTEM) (Fixed) (Total:0.19 GB) (Free:0.15 GB) NTFS

==================== MBR & Tabla de particiones ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 596.2 GB) (Disk ID: 9DAA4FE0)
Partition 1: (Active) - (Size=199 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=576.7 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=19.2 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=103 MB) - (Type=0C)

==================== Final de Addition.txt =======================

Eset

26/05/2020 1:00:40
Archivos analizados: 466365
Archivos detectados: 9
Archivos desinfectados: 9
Tiempo total de análisis 03:59:33
Estado del análisis: Finalizado
C:\AdwCleaner\Quarantine\v1\20200524.221752\13\Primary Result\bin\1601c372fdd44d0781cb.dll#7F1C72B1F1EBC2DA	una variante de Win32/Adware.BrowseFox.N aplicación	no se ha podido desinfectar - archivo eliminado

C:\AdwCleaner\Quarantine\v1\20200524.221752\13\Primary Result\bin\1601c372fdd44d0781cb64.dll#3B20B44B8C52AF9F	una variante de Win64/Adware.BrowseFox.CI aplicación	no se ha podido desinfectar - archivo eliminado

C:\AdwCleaner\Quarantine\v1\20200524.221752\13\Primary Result\bin\1601c372fdd44d0781cb8d80cd533a89.dll#B3A80A871B8048AD	una variante de Win32/Adware.BrowseFox.M aplicación	no se ha podido desinfectar - archivo eliminado

C:\AdwCleaner\Quarantine\v1\20200524.221752\13\Primary Result\bin\1601c372fdd44d0781cb8d80cd533a8964.dll#9E9DF7C0CF30A22D	una variante de Win64/Adware.BrowseFox.CK aplicación	no se ha podido desinfectar - archivo eliminado

C:\AdwCleaner\Quarantine\v1\20200524.221752\13\Primary Result\bin\PrimaryResult.BrowserAdapter.exe#C2CE560980B47ADE	una variante de Win32/Adware.BrowseFox.AC aplicación	no se ha podido desinfectar - archivo eliminado

C:\AdwCleaner\Quarantine\v1\20200524.221752\13\Primary Result\bin\PrimaryResult.BrowserAdapter64.exe#2F6978B62C187C6F	Win64/Adware.BrowseFox.CO aplicación	no se ha podido desinfectar - archivo eliminado

C:\AdwCleaner\Quarantine\v1\20200524.221752\13\Primary Result\bin\tmp7839.tmp#8C45ABC2C581E045	una variante de MSIL/Adware.BrowseFox.G aplicación	no se ha podido desinfectar - archivo eliminado

C:\Users\EDGAR\AppData\Local\Google\Chrome\User Data\Default\Extensions\kofkpgiaknijknhajbhnghkodiccblkg\1.0.22_0\ctn.js	JS/Adware.Chromex.Agent.M aplicación	no se ha podido desinfectar - archivo eliminado

C:\Users\EDGAR\AppData\Roaming\Nero\NeroInstaller\Nero8\Files\Nero-8.3.2.1b_all_update.exe	Win32/Toolbar.AskSBar aplicación potencialmente indeseable	no se ha podido desinfectar - archivo eliminado

El uso de activadores ilegales, sule afectar al pc negativamente

Lo primero, Corta y pega, Frst.exe en el Escritorio, pues se indicaba muy remarcadamente ejecutarlo desde esa ubicacion


Bien… y ahora sigue estos pasos, MUY Importante ~ Realiza una copia de seguridad del registro :

  • Para hacerlo descarga Delfix en tu escritorio.

  • Doble clic para ejecutarlo.(Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona "Ejecutar como Administrador.")

  • Atención, ahora marca/selecciona únicamente las casillas Registry Backup, las demás NO

  • Pulsar en Run.

Se abrirá el informe (Delfix.txt), guárdalo por si fuera necesario y cierra la herramienta.


En el equipo con los demas programas cerrados:

Inicio >>> Ejecutar >>>Escribes notepad.exe.

Ahora copia y pega estos archivos dentro del Notepad:


Start
CreateRestorePoint:
CloseProcesses:

FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restricción <==== ATENCIÓN
CHR HKLM\SOFTWARE\Policies\Google: Restricción <==== ATENCIÓN
Task: {41BE5A2B-DC0C-4E1E-B01E-2B5D53597D63} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Ningún archivo <==== ATENCIÓN
Task: {441F38EC-75D8-4EB8-9014-D6C65C91FC61} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Ningún archivo <==== ATENCIÓN
Task: {18067828-03E3-4249-8B5A-6940453409EA} - \Microsoft\Windows\UNP\RunCampaignManager -> Ningún archivo <==== ATENCIÓN
Task: {2304CBF6-AA14-40A7-8C69-BCCE97548729} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Ningún archivo <==== ATENCIÓN
Task: {77A342BE-AE1D-46D4-A0F7-1D755D8CCB66} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Ningún archivo <==== ATENCIÓN
Task: {8AFCA6BF-7113-4AC2-A3E8-767B6E0A603E} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Ningún archivo <==== ATENCIÓN
Task: {954C108E-6004-45C7-AB19-E99ED30E4705} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Ningún archivo <==== ATENCIÓN
Task: {95CF6B91-F86B-4871-AB8F-A7DC59154A90} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Ningún archivo <==== ATENCIÓN
Task: {A58ABA7D-4274-404B-9BF4-3F590E85B043} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Ningún archivo <==== ATENCIÓN
Task: {B3859741-B23D-4F37-95D8-C1E6B7CC3EBA} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Ningún archivo <==== ATENCIÓN
Task: {BA8A8E9E-1F4D-4787-9133-B400A8218A1A} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Ningún archivo <==== ATENCIÓN
Task: {D8BFE8AC-94B8-4F92-B74D-53802D8777B9} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Ningún archivo <==== ATENCIÓN
Task: {DC8312BA-9213-4D7E-B1A6-55005E753C21} - \AutoKMS -> Ningún archivo <==== ATENCIÓN
Task: {FE3710A1-5BEC-4E04-A3B5-7C43C7965B70} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> Ningún archivo <==== ATENCIÓN
SearchScopes: HKU\S-1-5-21-1498714615-88780390-2559584424-1000 -> DefaultScope {099602A0-FEA9-42E5-85E3-9BD710C5FBE2} URL = 
SearchScopes: HKU\S-1-5-21-1498714615-88780390-2559584424-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05242020222230334 -> DefaultScope {099602A0-FEA9-42E5-85E3-9BD710C5FBE2} URL = 
U3 idsvc; no ImagePath
ContextMenuHandlers3: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> Ningún archivo
ContextMenuHandlers3: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> Ningún archivo
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} =>  -> Ningún archivo
WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]
ShortcutWithArgument: C:\Users\EDGAR\Desktop\Plus500.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory=Default --app-id=gjnbjoifncpjlidnhbmoimcgdgjfhoog
ShortcutWithArgument: C:\Users\EDGAR\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\Plus500.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory=Default --app-id=gjnbjoifncpjlidnhbmoimcgdgjfhoog


HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
END

Lo guardas bajo el nombre de fixlist.txt en el escritorio <<< Esto es muy importante.<<

Nota: Es importante que la Hta Frst.exe y fixlist.txt se encuentren en la misma ubicación (escritorio) o si no no trabajara.

  • Ejecutas Frst.exe.

  • Presionas el botón Corregir y aguardas a que termine.

  • La Herramienta guardara el reporte en tu escritorio (Fixlog.txt).

Lo pegas en tu próxima respuesta, comentado como va el problema


Ademas entra en configuracion - windows update y dale a buscar e instala todo,deberia salir actualziacion der caracteristicas 1909

Instalas todo y comentas como va el pc

Hola, acá dejo el log, en unos días más comento cómo va todo:

Resultados de la corrección de Farbar Recovery Scan Tool (x64) Versión: 24-05-2020 01
Ejecutado por EDGAR (26-05-2020 12:18:11) Run:1
Ejecutado desde C:\Users\EDGAR\Desktop
Perfiles cargados: EDGAR
Modo de Inicio: Normal
==============================================

fixlist contenido:
*****************
Start

CreateRestorePoint:

CloseProcesses:



FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restricción <==== ATENCIÓN

CHR HKLM\SOFTWARE\Policies\Google: Restricción <==== ATENCIÓN

Task: {41BE5A2B-DC0C-4E1E-B01E-2B5D53597D63} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Ningún archivo <==== ATENCIÓN

Task: {441F38EC-75D8-4EB8-9014-D6C65C91FC61} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Ningún archivo <==== ATENCIÓN

Task: {18067828-03E3-4249-8B5A-6940453409EA} - \Microsoft\Windows\UNP\RunCampaignManager -> Ningún archivo <==== ATENCIÓN

Task: {2304CBF6-AA14-40A7-8C69-BCCE97548729} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Ningún archivo <==== ATENCIÓN

Task: {77A342BE-AE1D-46D4-A0F7-1D755D8CCB66} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Ningún archivo <==== ATENCIÓN

Task: {8AFCA6BF-7113-4AC2-A3E8-767B6E0A603E} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Ningún archivo <==== ATENCIÓN

Task: {954C108E-6004-45C7-AB19-E99ED30E4705} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Ningún archivo <==== ATENCIÓN

Task: {95CF6B91-F86B-4871-AB8F-A7DC59154A90} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Ningún archivo <==== ATENCIÓN

Task: {A58ABA7D-4274-404B-9BF4-3F590E85B043} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Ningún archivo <==== ATENCIÓN

Task: {B3859741-B23D-4F37-95D8-C1E6B7CC3EBA} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Ningún archivo <==== ATENCIÓN

Task: {BA8A8E9E-1F4D-4787-9133-B400A8218A1A} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Ningún archivo <==== ATENCIÓN

Task: {D8BFE8AC-94B8-4F92-B74D-53802D8777B9} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Ningún archivo <==== ATENCIÓN

Task: {DC8312BA-9213-4D7E-B1A6-55005E753C21} - \AutoKMS -> Ningún archivo <==== ATENCIÓN

Task: {FE3710A1-5BEC-4E04-A3B5-7C43C7965B70} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> Ningún archivo <==== ATENCIÓN

SearchScopes: HKU\S-1-5-21-1498714615-88780390-2559584424-1000 -> DefaultScope {099602A0-FEA9-42E5-85E3-9BD710C5FBE2} URL = 

SearchScopes: HKU\S-1-5-21-1498714615-88780390-2559584424-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05242020222230334 -> DefaultScope {099602A0-FEA9-42E5-85E3-9BD710C5FBE2} URL = 

U3 idsvc; no ImagePath

ContextMenuHandlers3: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> Ningún archivo

ContextMenuHandlers3: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> Ningún archivo

ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} =>  -> Ningún archivo

WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::

WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]

WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]

ShortcutWithArgument: C:\Users\EDGAR\Desktop\Plus500.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory=Default --app-id=gjnbjoifncpjlidnhbmoimcgdgjfhoog

ShortcutWithArgument: C:\Users\EDGAR\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\Plus500.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory=Default --app-id=gjnbjoifncpjlidnhbmoimcgdgjfhoog





HOSTS:

REMOVEPROXY:

EMPTYTEMP:

CMD: netsh winsock reset

CMD: ipconfig /renew

CMD: ipconfig /flushdns

CMD: bitsadmin /reset /allusers

CMD: netsh advfirewall reset

CMD: netsh advfirewall set allprofiles state ON

CMD: netsh int ipv4 reset

CMD: netsh int ipv6 reset

END
*****************

El punto de restauración fue creado correctamente.
Procesos cerrados correctamente.
HKLM\SOFTWARE\Policies\Mozilla => eliminado correctamente
HKLM\SOFTWARE\Policies\Google => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{41BE5A2B-DC0C-4E1E-B01E-2B5D53597D63}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{41BE5A2B-DC0C-4E1E-B01E-2B5D53597D63}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{441F38EC-75D8-4EB8-9014-D6C65C91FC61}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{441F38EC-75D8-4EB8-9014-D6C65C91FC61}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{18067828-03E3-4249-8B5A-6940453409EA}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{18067828-03E3-4249-8B5A-6940453409EA}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager" => no encontrado
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2304CBF6-AA14-40A7-8C69-BCCE97548729}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2304CBF6-AA14-40A7-8C69-BCCE97548729}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{77A342BE-AE1D-46D4-A0F7-1D755D8CCB66}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{77A342BE-AE1D-46D4-A0F7-1D755D8CCB66}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8AFCA6BF-7113-4AC2-A3E8-767B6E0A603E}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8AFCA6BF-7113-4AC2-A3E8-767B6E0A603E}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{954C108E-6004-45C7-AB19-E99ED30E4705}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{954C108E-6004-45C7-AB19-E99ED30E4705}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{95CF6B91-F86B-4871-AB8F-A7DC59154A90}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{95CF6B91-F86B-4871-AB8F-A7DC59154A90}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{A58ABA7D-4274-404B-9BF4-3F590E85B043}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A58ABA7D-4274-404B-9BF4-3F590E85B043}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{B3859741-B23D-4F37-95D8-C1E6B7CC3EBA}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B3859741-B23D-4F37-95D8-C1E6B7CC3EBA}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BA8A8E9E-1F4D-4787-9133-B400A8218A1A}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BA8A8E9E-1F4D-4787-9133-B400A8218A1A}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D8BFE8AC-94B8-4F92-B74D-53802D8777B9}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D8BFE8AC-94B8-4F92-B74D-53802D8777B9}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{DC8312BA-9213-4D7E-B1A6-55005E753C21}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DC8312BA-9213-4D7E-B1A6-55005E753C21}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AutoKMS" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FE3710A1-5BEC-4E04-A3B5-7C43C7965B70}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FE3710A1-5BEC-4E04-A3B5-7C43C7965B70}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\OfficeSoftwareProtectionPlatform\SvcRestartTask" => eliminado correctamente
"HKU\S-1-5-21-1498714615-88780390-2559584424-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => eliminado correctamente
SearchScopes: HKU\S-1-5-21-1498714615-88780390-2559584424-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05242020222230334 -> DefaultScope {099602A0-FEA9-42E5-85E3-9BD710C5FBE2} URL = => Error ({ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}): Ninguna corrección automática encontrada para esta entrada.
HKLM\System\CurrentControlSet\Services\idsvc => eliminado correctamente
idsvc => servicio eliminado correctamente
HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\00avast => eliminado correctamente
HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\00avg => eliminado correctamente
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\7-Zip => eliminado correctamente
"CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"" => eliminado correctamente
"BVTFilter" => eliminado correctamente
"BVTConsumer" => eliminado correctamente
C:\Users\EDGAR\Desktop\Plus500.lnk => Acceso directo argumento eliminado correctamente
C:\Users\EDGAR\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\Plus500.lnk => Acceso directo argumento eliminado correctamente
C:\Windows\System32\Drivers\etc\hosts => movido correctamente
Hosts restaurado correctamente.

========= RemoveProxy: =========

"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => eliminado correctamente
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => eliminado correctamente
"HKU\S-1-5-21-1498714615-88780390-2559584424-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => eliminado correctamente
"HKU\S-1-5-21-1498714615-88780390-2559584424-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => eliminado correctamente


========= Final de RemoveProxy: =========


========= netsh winsock reset =========


El cat logo Winsock se restableci¢ correctamente.
Debe reiniciar el equipo para completar el restablecimiento.


========= Final de CMD: =========


========= ipconfig /renew =========


Configuraci¢n IP de Windows

No se puede realizar ninguna operaci¢n en Conexi¢n de  rea local mientras los medios
est‚n desconectados.
No se puede realizar ninguna operaci¢n en Conexi¢n de red Bluetooth mientras los medios
est‚n desconectados.

Adaptador de Ethernet Conexi¢n de  rea local:

   Estado de los medios. . . . . . . . . . . : medios desconectados
   Sufijo DNS espec¡fico para la conexi¢n. . : 

Adaptador de LAN inal mbrica Conexi¢n de red inal mbrica:

   Sufijo DNS espec¡fico para la conexi¢n. . : 
   V¡nculo: direcci¢n IPv6 local. . . : fe80::8176:ea95:d666:fa19%19
   Direcci¢n IPv4. . . . . . . . . . . . . . : 192.168.8.105
   M scara de subred . . . . . . . . . . . . : 255.255.255.0
   Puerta de enlace predeterminada . . . . . : fe80::d661:2eff:feed:afa1%19
                                       192.168.8.1

Adaptador de Ethernet Conexi¢n de red Bluetooth:

   Estado de los medios. . . . . . . . . . . : medios desconectados
   Sufijo DNS espec¡fico para la conexi¢n. . : 

========= Final de CMD: =========


========= ipconfig /flushdns =========


Configuraci¢n IP de Windows

Se vaci¢ correctamente la cach‚ de resoluci¢n de DNS.

========= Final de CMD: =========


========= bitsadmin /reset /allusers =========


BITSADMIN version 3.0
BITS administration utility.
(C) Copyright Microsoft Corp.

{9B198032-FEA9-4E60-A576-B4B84669C454} canceled.
1 out of 1 jobs canceled.

========= Final de CMD: =========


========= netsh advfirewall reset =========

Aceptar


========= Final de CMD: =========


========= netsh advfirewall set allprofiles state ON =========

Aceptar


========= Final de CMD: =========


========= netsh int ipv4 reset =========

Reenv¡o de compartimiento se restableci¢ correctamente.
Compartimiento se restableci¢ correctamente.
Protocolo de control se restableci¢ correctamente.
Solicitud de secuencia eco se restableci¢ correctamente.
Global se restableci¢ correctamente.
Interfaz se restableci¢ correctamente.
Direcci¢n de difusi¢n por proximidad (a se restableci¢ correctamente.
Direcciones de multidifusi¢n se restableci¢ correctamente.
Direcci¢n de unidifusi¢n se restableci¢ correctamente.
Vecino se restableci¢ correctamente.
Ruta de acceso se restableci¢ correctamente.
Posible se restableci¢ correctamente.
Directiva de prefijo se restableci¢ correctamente.
Vecino de proxy se restableci¢ correctamente.
Ruta se restableci¢ correctamente.
Prefijo de sitio se restableci¢ correctamente.
Subinterfaz se restableci¢ correctamente.
Patr¢n de reactivaci¢n se restableci¢ correctamente.
Resolver vecino se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
Error al restablecer .
Acceso denegado.

 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.


========= Final de CMD: =========


========= netsh int ipv6 reset =========

Reenv¡o de compartimiento se restableci¢ correctamente.
Compartimiento se restableci¢ correctamente.
Protocolo de control se restableci¢ correctamente.
Solicitud de secuencia eco se restableci¢ correctamente.
Global se restableci¢ correctamente.
Interfaz se restableci¢ correctamente.
Direcci¢n de difusi¢n por proximidad (a se restableci¢ correctamente.
Direcciones de multidifusi¢n se restableci¢ correctamente.
Direcci¢n de unidifusi¢n se restableci¢ correctamente.
Vecino se restableci¢ correctamente.
Ruta de acceso se restableci¢ correctamente.
Posible se restableci¢ correctamente.
Directiva de prefijo se restableci¢ correctamente.
Vecino de proxy se restableci¢ correctamente.
Ruta se restableci¢ correctamente.
Prefijo de sitio se restableci¢ correctamente.
Subinterfaz se restableci¢ correctamente.
Patr¢n de reactivaci¢n se restableci¢ correctamente.
Resolver vecino se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
Error al restablecer .
Acceso denegado.

 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.


========= Final de CMD: =========


=========== EmptyTemp: ==========

BITS transfer queue => 10772480 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 50495087 B
Java, Flash, Steam htmlcache => 506 B
Windows/system/drivers => 672555 B
Edge => 126642 B
Chrome => 2741098 B
Firefox => 1076072645 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 13628 B
NetworkService => 27415586 B
EDGAR => 50324886 B
DefaultAppPool => 50324886 B

RecycleBin => 136354457 B
EmptyTemp: => 1.3 GB datos temporales eliminados.

================================


El sistema necesita reiniciarse.

==== Final de Fixlog 12:21:41 ====

Por cierto, hoy ha llegado mi nuevo DD y quisiera saber qué apps me recomiendas instalar desde ahora para cuidar bien de el. Voy a instalar windows 8 x64.

Gracias