De un momento a otro aparecio el disco rigido lleno y no puedo instalar programas

Hola!! Tengo notebook lenovo en la oficina con dissco HD de 1 TB y 8gb de ram y de un dia para otro no pude bajar programas porque aparece el disco como completo cuando no deberia ser asi xq no tengo tantos archivos para que ocurra. Podra ser un virus?

paceSniffer >> http://www.fosshub.com/SpaceSniffer.html

Al iniciarlo, selecciona tu disco duro C: y espera a que acabe de analizarlo. (abajo a la izquierda pondrá Master status: Scanning… mientras está analizándolo y arriba el porcentaje del proceso)

Una vez haya acabado, puedes poner aquí una captura de pantalla de la ventana del programa.

Así podremos ver toda la estructura de tu disco duro, y qué carpetas son las que ocupan más espacio, para averiguar dónde está el problema.

Usas el simbolo de flecha arriba de tu respuesta para subirme la captura

Y a he visto el problema, pero hay que ver que lo ha causado

  • Desactiva Temporalmente tu antivirus y cualquier programa de seguridad.

  • Descarga a Tu Escritorio >> Esto es muy importante<<.,Fabar Recovery Scan Tool, considerando la versión adecuada para tu equipo. (32 o 64 bits) :arrow_forward: ¿Cómo saber si mi Windows es de 32 o 64 bits?

  • Doble clic para ejecutar Frst.exe. En la ventana del Disclaimer, presiona Si.

  • En la nueva ventana que se abre, presiona el botón Analizar y espera a que concluya el análisis.

  • Se abrirán dos (2) archivos (Logs), Frst.txt y Addition.txt, que estarán grabados en Tu escritorio.

En Tu próxima respuesta, copias y pegas los dos reportes Frst.txt y Addition.txt de FRST

Nota: Si el/los reportes solicitados no entraran en una sola respuesta porque superan la cantidad de caracteres permitidos, puedes utilizar dos o mas respuestas para pegarlos completamente.

Hola !!! Pude solucionarlo con el limpiador de archivos temporales de windows 10. Igualmente estoy bajando el programa y luego envio el reporte. Sds

Resultados del Análisis Adicional de Farbar Recovery Scan Tool (x64) Versión: 16-09-2020
Ejecutado por usuario (17-09-2020 15:01:18)
Ejecutado desde C:\Users\usuario\Downloads
Windows 10 Enterprise Versión 1909 18363.1082 (X64) (2019-09-21 22:27:45)
Modo de Inicio: Normal
==========================================================


==================== Cuentas: =============================

$BarTender_Security$ (S-1-5-21-1655116526-72280640-3654168884-1004 - Limited - Enabled)
Administrador (S-1-5-21-1655116526-72280640-3654168884-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1655116526-72280640-3654168884-503 - Limited - Disabled)
Invitado (S-1-5-21-1655116526-72280640-3654168884-501 - Limited - Disabled)
usuario (S-1-5-21-1655116526-72280640-3654168884-1001 - Administrator - Enabled) => C:\Users\usuario
WDAGUtilityAccount (S-1-5-21-1655116526-72280640-3654168884-504 - Limited - Disabled)

==================== Centro de Seguridad ========================

(Si una entrada es incluida en el fixlist, será eliminada.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Total AV (Disabled - Up to date) {1755713B-9494-6E81-A820-9E949B4A199E}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Programas instalados ======================

(Solo los programas de adware con indicador "Oculto", pueden ser añadidos al fixlist para hacerlos visibles. Los programas adware deben ser desinstalados manualmente.)

µTorrent (HKU\S-1-5-21-1655116526-72280640-3654168884-1001\...\uTorrent) (Version: 3.5.3.44494 - BitTorrent Inc.)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 5.2.1.441 - Adobe Systems Incorporated)
Adobe Illustrator 2020 (HKLM-x32\...\ILST_24_3) (Version: 24.3 - Adobe Inc.)
Adobe Illustrator CC 2014 (HKLM-x32\...\{2B4B4082-8043-4646-8334-B0A29E641211}) (Version: 18.1.1 - Adobe Systems Incorporated)
Adobe Photoshop 2020 (HKLM-x32\...\PHSP_21_2_2) (Version: 21.2.2.289 - Adobe Inc.)
Adobe Photoshop CC 2014 (HKLM-x32\...\{D7A4F897-B20A-42D0-862D-CB5F6DB7391D}) (Version: 15.2 - Adobe Systems Incorporated)
AnyDesk (HKLM-x32\...\AnyDesk) (Version: ad 6.0.7 - philandro Software GmbH)
Backup and Sync from Google (HKLM\...\{01D33BEA-673C-439C-A7C7-DE5B236DB842}) (Version: 3.50.3166.0017 - Google, Inc.)
BleachBit 4.0.0.1628 (HKLM-x32\...\BleachBit) (Version: 4.0.0.1628 - BleachBit)
BlueStacks App Player (HKLM\...\BlueStacks) (Version: 4.230.10.1008 - BlueStack Systems, Inc.)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.66.27.55 - Conexant)
Corel Update Manager (HKLM\...\{9E1EE683-0C7B-46E7-83EC-1F5A1D8F2296}) (Version: 2.3.149 - Corel corporation) Hidden
CorelDRAW Graphics Suite 2017 - BR (x64) (HKLM\...\{8ABF5677-0748-4A42-A7DF-81F13027A18F}) (Version: 19.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2017 - Capture (x64) (HKLM\...\{AC9BB7B7-A763-43C5-9830-F3B78FDB051D}) (Version: 19.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2017 - Common (x64) (HKLM\...\{B8C51F00-63AE-4327-A533-375CB7B6BF26}) (Version: 19.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2017 - Common Retail (x64) (HKLM\...\{D3CBB13B-4FE7-451A-9C8F-06FBD9A36F0B}) (Version: 19.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2017 - Connect (x64) (HKLM\...\{BD0F92AD-DFDB-4BC5-BAA5-FB27892F9483}) (Version: 19.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2017 - Custom Data (x64) (HKLM\...\{E7975CC5-05E4-45E3-AFD3-234809F694A0}) (Version: 19.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2017 - DE (x64) (HKLM\...\{DC94E7B7-DE6C-4293-A3EF-DC41FC2FA9BC}) (Version: 19.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2017 - Draw (x64) (HKLM\...\{A16C7EEB-69CB-42A1-AD10-0E19A133D957}) (Version: 19.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2017 - EN (x64) (HKLM\...\{DB9ECE8C-5065-4388-B70D-D137A2C03152}) (Version: 19.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2017 - ES (x64) (HKLM\...\{0EAC29D4-5379-4595-ACE9-FA6A3DC08418}) (Version: 19.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2017 - Filters (x64) (HKLM\...\{EEC42BAD-9517-450D-AF99-FA3C16D0377C}) (Version: 19.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2017 - Font Manager (x64) (HKLM\...\{D276DE88-654E-4738-A736-6E18D12F0C34}) (Version: 19.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2017 - FR (x64) (HKLM\...\{24BE747D-7DBA-4322-9B6D-6F7F2E931E31}) (Version: 19.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2017 - IPM (x64) (HKLM\...\{904B10A6-0D9C-4645-9C61-504FA92B9220}) (Version: 19.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2017 - IPM Content (x64) (HKLM\...\{54F024CB-16AF-4CC0-9BC2-D2507E7C6C01}) (Version: 19.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2017 - IT (x64) (HKLM\...\{546B4AB1-64CF-4713-8750-B21CD86874F9}) (Version: 19.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2017 - NL (x64) (HKLM\...\{6A8F754C-F722-4C4C-AAC2-50B386FD604A}) (Version: 19.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2017 - PHOTO-PAINT (x64) (HKLM\...\{B2D66383-4F98-4108-B6A3-F9CF8715875C}) (Version: 19.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2017 - Redist (x64) (HKLM\...\{47865C60-4ED8-4678-B23F-C2D1C2DDC09C}) (Version: 19.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2017 - Setup Files (x64) (HKLM\...\{07B49D5C-2AB6-4D40-8A9B-BEDA6021A7C7}) (Version: 19.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2017 - VBA (x64) (HKLM\...\{5330DEB9-A612-4679-ACC1-D3D9C6190824}) (Version: 19.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2017 - VideoBrowser (x64) (HKLM\...\{C451F155-26B7-48F2-8A8F-9428B4D479D2}) (Version: 19.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2017 - Workspaces (x64) (HKLM\...\{F3EFAF0E-DF3C-4384-8A0F-90D79FEFD7F5}) (Version: 19.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2017 - Writing Tools (x64) (HKLM\...\{E38357D4-1B80-400F-A6D7-B4D5DD83D979}) (Version: 19.0 -  Corel Corporation) Hidden
CorelDRAW Graphics Suite 2017 (64-Bit) (HKLM\...\_{07B49D5C-2AB6-4D40-8A9B-BEDA6021A7C7}) (Version: 19.0.0.328 - Corel Corporation)
CorelDRAW Graphics Suite 2017 (HKLM\...\{03E21392-CE4A-4FC6-B593-370E7A7E345A}) (Version: 19.0 - Corel Corporation) Hidden
CrossChex Standard (HKLM-x32\...\{E4063CBD-E0FC-44A1-A7AD-5CC70B3C3E3D}) (Version: 1.1.0.0 - Anviz)
Crystal Reports XI Release 2 BIN (HKLM-x32\...\{A1121EE9-5B22-402B-85BB-10B0BEE424B8}) (Version: 1.0.0 - Crystal Reports)
Dolby Digital Plus Advanced Audio (HKLM\...\{B0BFC63F-EA07-419E-960B-3FB2ED5DD0B2}) (Version: 7.6.5.1 - Dolby Laboratories Inc)
Doxillion, convertidor de documentos (HKLM-x32\...\Doxillion) (Version: 4.21 - NCH Software)
Estudio para la mejora del producto HP DeskJet 2130 series (HKLM\...\{A3D2E2FD-921A-4271-9D99-60009A4FE74A}) (Version: 40.11.1124.17107 - HP Inc.)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 9.5.0.20723 - Foxit Software Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 85.0.4183.102 - Google LLC)
Google Earth Pro (HKLM\...\{FB8010D4-05F4-420D-8DFC-2F911A6DD100}) (Version: 7.3.3.7786 - Google)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.24.15 - Google Inc.) Hidden
GoTo Opener (HKLM-x32\...\{D144D2C2-4F96-48B7-BB2A-E9185050B619}) (Version: 1.0.491 - LogMeIn, Inc.)
GoToMeeting 10.13.0.18653 (HKU\S-1-5-21-1655116526-72280640-3654168884-1001\...\GoToMeeting) (Version: 10.13.0.18653 - LogMeIn, Inc.)
HeidiSQL (HKLM\...\HeidiSQL_is1) (Version:  - Ansgar Becker)
HP DeskJet 2130 series Ayuda (HKLM-x32\...\{0ABC47CC-14F8-4D01-B877-4203635C0B06}) (Version: 35.0.0 - Hewlett Packard)
HP DeskJet 2130 series Software básico del dispositivo (HKLM\...\{985B2E7E-994C-4D0C-A881-72317A4C8E56}) (Version: 40.11.1124.17107 - HP Inc.)
HP Dropbox Plugin (HKLM-x32\...\{7BEBB31E-58C4-4FA5-9AD1-ACBE32BF0D12}) (Version: 36.0.41.58587 - HP)
HP Google Drive Plugin (HKLM-x32\...\{63BD9C12-5CE9-4294-B1C3-A09F971FAFB5}) (Version: 36.0.41.58587 - HP)
HP LaserJet Professional P1100-P1560-P1600 Series (HKLM\...\HP LaserJet Professional P1100-P1560-P1600 Series) (Version:  - )
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.9572 - HP)
hppLaserJetService (HKLM-x32\...\{D371F551-0DB9-4CEC-844B-4C90CE91EA0B}) (Version: 001.001.0.0 - Hewlett-Packard) Hidden
hppP1100P1560P1600SeriesLaserJetService (HKLM-x32\...\{0E448256-D515-4C3E-A5BE-0A7B76CED5D4}) (Version: 001.001.0.0 - Hewlett-Packard) Hidden
hppusgP1100P1560P1600Series (HKLM-x32\...\{853F464A-B2B8-404E-BA3E-B98FF6862C41}) (Version: 1.0.0.1 - Hewlett-Packard) Hidden
HPSSupply (HKLM-x32\...\{7902E313-FF0F-4493-ACB1-A8147B78DCD0}) (Version: 2.1.1.0000 - Hewlett Packard Development Company L.P.)
Lenovo Service Bridge (HKU\S-1-5-21-1655116526-72280640-3654168884-1001\...\{2C74547D-EF88-47F4-85F5-BE46A31E26B7}_is1) (Version: 5.0.1.3 - Lenovo)
Lenovo System Update (HKLM-x32\...\TVSU_is1) (Version: 5.07.0072 - Lenovo)
LenovoUtility (HKLM-x32\...\{6ADA7E88-8D16-4D0D-BC90-2B93AC5E56DA}) (Version: 3.0.0.3 - Lenovo) Hidden
LenovoUtility (HKLM-x32\...\InstallShield_{6ADA7E88-8D16-4D0D-BC90-2B93AC5E56DA}) (Version: 3.0.0.3 - Lenovo)
MarketResearch (HKLM-x32\...\{175F0111-2968-4935-8F70-33108C6A4DE3}) (Version: 130.0.374.000 - Hewlett-Packard) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 85.0.564.51 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.135.29 - )
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Profesional 2016 - es-es (HKLM\...\ProfessionalRetail - es-es) (Version: 16.0.13231.20152 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1655116526-72280640-3654168884-1001\...\OneDriveSetup.exe) (Version: 20.169.0823.0003 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 x64 ENU (HKLM\...\{8424B163-D1E0-48B7-88A2-C7A61767B3D7}) (Version: 4.0.8482.1 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.23.27820 (HKLM-x32\...\{852adda4-4c78-4a38-b583-c0b360a329d6}) (Version: 14.23.27820.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.23.27820 (HKLM-x32\...\{45231ab4-69fd-486a-859d-7a59fcd11013}) (Version: 14.23.27820.0 - Microsoft Corporation)
Mozilla Firefox 79.0 (x64 es-AR) (HKLM\...\Mozilla Firefox 79.0 (x64 es-AR)) (Version: 79.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 59.0.2 - Mozilla)
MyODBC (HKLM-x32\...\{29042B1C-0713-4575-B7CA-5C8E7B0899D4}) (Version: 3.51.11 - MySQL)
Nosis Conector Bases Públicas (HKU\S-1-5-21-1655116526-72280640-3654168884-1001\...\SACConector) (Version: 1.3 - Nosis S.A.)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.13231.20126 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.13231.20126 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.13231.20126 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0C0A-0000-0000000FF1CE}) (Version: 16.0.13231.20126 - Microsoft Corporation) Hidden
SAMSUNG CDMA Modem Driver Set (HKLM-x32\...\SAMSUNG CDMA Modem) (Version:  - )
Samsung Mobile phone USB driver Drive Software (HKLM-x32\...\Samsung Mobile phone USB driver Drive) (Version:  - )
SAMSUNG Mobile USB Modem 1.0 Software (HKLM-x32\...\SAMSUNG Mobile USB Modem 1.0) (Version:  - )
SAMSUNG Mobile USB Modem Software (HKLM-x32\...\SAMSUNG Mobile USB Modem) (Version:  - )
Samsung PC Studio (HKLM-x32\...\{20F0F67B-CB0F-4C85-B6F2-133D9CB70614}) (Version: 3.0.0.61111 - Samsung Electronics Co., Ltd.) Hidden
Samsung PC Studio (HKLM-x32\...\{C4A4722E-79F9-417C-BD72-8D359A090C97}) (Version: 3.1.1.61111 - Samsung Electronics Co., Ltd.)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.7.23.0 - Samsung Electronics Co., Ltd.)
Servicio Lenovo Vantage (HKLM-x32\...\VantageSRV_is1) (Version: 3.3.115.0 - Lenovo Group Ltd.)
SkyWin (HKLM-x32\...\{F1961210-F313-4B84-B5C6-B46C98857577}) (Version: 1.3.0 - conwise)
TACTICA (HKLM-x32\...\TACTICA) (Version:  - )
TACTICA Facturacion Electronica (HKLM-x32\...\{75593584-FC51-484F-9D99-EE8D3E5877FC}) (Version: 2.0.11 - TacticaSoft)
TAP-Windows 9.21.0 (HKLM\...\TAP-Windows) (Version: 9.21.0 - )
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.9.4 - TeamViewer)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden
UpdateAssistant (HKLM\...\{B8B01E04-5393-4902-98E6-0E2787F03C80}) (Version: 1.13.0.0 - Microsoft Corporation) Hidden
VideoPad, editor de vídeo (HKLM-x32\...\VideoPad) (Version: 8.51 - NCH Software)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.6 - VideoLAN)
WinRAR 5.71 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.71.0 - win.rar GmbH)
Zoom (HKU\S-1-5-21-1655116526-72280640-3654168884-1001\...\ZoomUMX) (Version: 5.0 - Zoom Video Communications, Inc.)

Packages:
=========
Adobe Notification Client -> C:\Program Files\WindowsApps\AdobeNotificationClient_2.0.1.8_x86__enpm4xejd91yc [2020-07-11] (Adobe Systems Incorporated)
Complemento de motor multimedia para Fotos -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-06-19] (Microsoft Corporation)
Cool File Viewer -> C:\Program Files\WindowsApps\20815shootingapp.AirFileViewer_1.4.9.0_x86__xcg28tkrsnqww [2020-08-14] (Cool File Viewer)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_115.1.152.0_x64__v10z8vjag6ke6 [2020-05-28] (HP Inc.)
Lenovo Vantage -> C:\Program Files\WindowsApps\E046963F.LenovoCompanion_10.2006.41.0_x64__k1h2ywk1493x8 [2020-07-28] (LENOVO INC.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-11] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-11] (Microsoft Corporation) [MS Ad]
Samsung Printer Experience -> C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCO.LTD.SamsungPrinterExperience_1.3.15.0_x64__3c1yjt4zspk6g [2018-04-04] (Samsung Electronics Co. Ltd.)

==================== Personalizado CLSID (Lista blanca): ==============

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

CustomCLSID: HKU\S-1-5-21-1655116526-72280640-3654168884-1001_Classes\CLSID\{7A9A45C8-2829-4F1A-B8AF-EC4529D7BFD6}\InprocServer32 -> C:\Program Files\Easy Duplicate Finder 7\EasyDuplicateFinder.exe => Ningún archivo
CustomCLSID: HKU\S-1-5-21-1655116526-72280640-3654168884-1001_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\usuario\AppData\Local\GoToMeeting\13190\G2MOutlookAddin64.dll => Ningún archivo
CustomCLSID: HKU\S-1-5-21-1655116526-72280640-3654168884-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Inc. -> Adobe Systems)
ShellIconOverlayIdentifiers: [   AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2020-08-20] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [   AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2020-08-20] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [   AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2020-08-20] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync64.dll [2020-06-15] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync64.dll [2020-06-15] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync64.dll [2020-06-15] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> Ningún archivo
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} =>  -> Ningún archivo
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2020-08-20] (Adobe Inc. -> )
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} =>  -> Ningún archivo
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> Ningún archivo
ContextMenuHandlers1: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x64.dll [2019-04-13] (FOXIT SOFTWARE INC. -> Foxit Software Inc.)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2020-06-15] (Google LLC -> Google)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} =>  -> Ningún archivo
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} =>  -> Ningún archivo
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2020-06-15] (Google LLC -> Google)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> Ningún archivo
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2017-12-01] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2020-08-20] (Adobe Inc. -> )
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> Ningún archivo
ContextMenuHandlers6: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x64.dll [2019-04-13] (FOXIT SOFTWARE INC. -> Foxit Software Inc.)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Lista blanca) ====================

(Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.)

HKLM\...\Drivers32: [msacm.l3acm] => C:\Windows\SysWOW64\l3codecp.acm [189440 2019-03-19] (Microsoft Windows -> Fraunhofer Institut Integrierte Schaltungen IIS)

==================== Accesos directos & WMI ========================

(Las entradas pueden ser listadas para ser restauradas o eliminadas.)

ShortcutWithArgument: C:\Users\usuario\Desktop\Google Drive.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory="Profile 1" --app-id=aghbiahbpaijignceidepookljebhfak
ShortcutWithArgument: C:\Users\usuario\Desktop\Roberto - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Default"
ShortcutWithArgument: C:\Users\usuario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\Google Drive.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory="Profile 1" --app-id=aghbiahbpaijignceidepookljebhfak
ShortcutWithArgument: C:\Users\usuario\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Sombrillas - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 1"

==================== Módulos cargados (Lista blanca) =============

2018-03-28 10:55 - 2006-10-22 04:30 - 001519616 _____ () [Archivo no firmado] C:\MySQL\bin\LIBMYSQL.dll
2020-09-04 09:43 - 2020-09-04 09:26 - 099684864 _____ () [Archivo no firmado] C:\ProgramData\BlueStacks\CefData\libcef.dll
2016-06-21 12:29 - 2016-12-28 10:36 - 008616960 _____ (Chilkat Software, Inc.) [Archivo no firmado] [El archivo está en uso] C:\Program Files (x86)\TacticaSoft\TACTICA\BIN\Correo\ChilkatAx-9.5.0-win32.dll
2002-10-01 04:13 - 2002-10-01 04:13 - 000565248 _____ (ComponentOne) [Archivo no firmado] [El archivo está en uso] C:\Program Files (x86)\TacticaSoft\TACTICA\BIN\vsflex8.ocx
2010-09-03 17:04 - 2001-11-05 01:49 - 000139264 _____ (dbi Technologies Inc.) [Archivo no firmado] [El archivo está en uso] C:\Program Files (x86)\TacticaSoft\TACTICA\BIN\ctCombo.ocx
2010-09-03 17:04 - 2002-08-20 16:27 - 000069632 _____ (DBI Technologies Inc.) [Archivo no firmado] [El archivo está en uso] C:\Program Files (x86)\TacticaSoft\TACTICA\BIN\ctDropMenu.ocx
2010-09-03 17:04 - 2001-10-29 11:00 - 000241664 _____ (DBI Technologies Inc.) [Archivo no firmado] [El archivo está en uso] C:\Program Files (x86)\TacticaSoft\TACTICA\BIN\ctList.ocx
2010-09-03 17:04 - 2001-11-07 14:37 - 000151552 _____ (DBI Technologies Inc.) [Archivo no firmado] [El archivo está en uso] C:\Program Files (x86)\TacticaSoft\TACTICA\BIN\ctToolBar.ocx
2010-09-03 17:04 - 2001-10-29 10:58 - 000151552 _____ (DBI Technologies Inc.) [Archivo no firmado] C:\Program Files (x86)\TacticaSoft\TACTICA\BIN\ctLstBar.ocx
2010-09-03 17:04 - 2001-08-21 13:58 - 000090112 _____ (Gamesman Inc. / DBI Technologies Inc.) [Archivo no firmado] [El archivo está en uso] C:\Program Files (x86)\TacticaSoft\TACTICA\BIN\ctButton.ocx
2010-09-03 17:04 - 2001-06-11 13:16 - 000061440 _____ (Gamesman Inc.) [Archivo no firmado] C:\Program Files (x86)\TacticaSoft\TACTICA\BIN\ctFormFX.ocx
2010-09-03 15:24 - 2006-11-22 07:57 - 000868352 _____ (nBit Information Technologies) [Archivo no firmado] C:\Program Files (x86)\TacticaSoft\TACTICA\BIN\rmpHTML.ocx
2020-07-28 16:04 - 2020-05-30 20:04 - 001638912 _____ (Robert Simpson, et al.) [Archivo no firmado] C:\Program Files (x86)\Lenovo\VantageService\3.3.115.0\x64\SQLite.Interop.dll
2020-09-11 07:35 - 2020-05-30 19:58 - 001280000 _____ (Robert Simpson, et al.) [Archivo no firmado] C:\ProgramData\Lenovo\iMController\Plugins\GenericMessagingPlugin\x86\SQLite.Interop.dll
2020-07-28 16:06 - 2020-07-09 02:36 - 000944840 _____ (SQLite Development Team) [Archivo no firmado] C:\ProgramData\Lenovo\iMController\Plugins\LenovoWiFiSecurityPlugin\x86\x86\e_sqlite3.dll
2019-10-29 17:52 - 2019-10-29 17:52 - 017534976 _____ (TacticaSoft) [Archivo no firmado] [El archivo está en uso] C:\Program Files (x86)\TacticaSoft\TACTICA\BIN\TacticaGen.dll
2019-10-29 17:48 - 2019-10-30 16:31 - 018411520 _____ (TacticaSoft) [Archivo no firmado] [El archivo está en uso] C:\Program Files (x86)\TacticaSoft\TACTICA\BIN\TacticaMain.dll
2019-10-29 17:46 - 2019-10-29 17:46 - 001138688 _____ (TacticaSoft) [Archivo no firmado] [El archivo está en uso] C:\Program Files (x86)\TacticaSoft\TACTICA\BIN\TacticaSync.dll
2016-07-15 16:44 - 2016-07-15 16:44 - 000663552 _____ (Tacticasoft) [Archivo no firmado] C:\Program Files (x86)\TacticaSoft\TACTICA\BIN\TacticaComp.ocx
2020-09-04 09:43 - 2020-09-04 09:26 - 000564736 _____ (The Chromium Authors) [Archivo no firmado] C:\ProgramData\BlueStacks\CefData\chrome_elf.dll

==================== Alternate Data Streams (Lista blanca) ========

==================== Modo Seguro (Lista blanca) ==================

==================== Asociación (Lista blanca) =================

==================== Internet Explorer (Lista blanca) ==========

HKU\S-1-5-21-1655116526-72280640-3654168884-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE03&ocid=UE03DHP
SearchScopes: HKU\S-1-5-21-1655116526-72280640-3654168884-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE04
SearchScopes: HKU\S-1-5-21-1655116526-72280640-3654168884-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE04
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2020-09-05] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-09-11] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-09-11] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-09-11] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-09-11] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts contenido: =========================

(Si es necesario, la directiva Hosts: puede ser incluida en el fixlist para restablecer Hosts.)

2018-04-09 15:10 - 2018-04-09 15:10 - 000000876 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 mc.corel.com
127.0.0.1 apps.corel.com

2020-09-13 20:14 - 2020-09-17 13:18 - 000000445 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
192.168.38.113 LenovoRoberto.mshome.net # 2025 9 2 16 16 18 11 657

==================== Otras Áreas ===========================

(Actualmente no existe una corrección automática para esta sección.)

HKU\S-1-5-21-1655116526-72280640-3654168884-1001\Control Panel\Desktop\\Wallpaper -> 
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Firewall de Windows está habilitado.

==================== MSCONFIG/TASK MANAGER elementos deshabilitados ==

(Si una entrada es incluida en el fixlist, será eliminada.)

HKLM\...\StartupApproved\StartupFolder: => "AnyDesk.lnk"
HKLM\...\StartupApproved\StartupFolder: => "SkyWin.lnk"
HKLM\...\StartupApproved\Run: => "cAudioFilterAgent"
HKLM\...\StartupApproved\Run: => "SmartAudio"
HKLM\...\StartupApproved\Run: => "LenovoUtility"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKLM\...\StartupApproved\Run32: => "Adobe CCXProcess"
HKU\S-1-5-21-1655116526-72280640-3654168884-1001\...\StartupApproved\StartupFolder: => "Nosis Conector de Bases Publicas.lnk"
HKU\S-1-5-21-1655116526-72280640-3654168884-1001\...\StartupApproved\Run: => "Skype for Desktop"

==================== Reglas de firewall (Lista blanca) ================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

FirewallRules: [UDP Query User{5E17573D-E44F-4452-97A0-E8CDE2AE7578}C:\users\usuario\downloads\anydesk(2).exe] => (Allow) C:\users\usuario\downloads\anydesk(2).exe => Ningún archivo
FirewallRules: [TCP Query User{DC859E57-D4D4-4872-ADE1-E8F474E828CF}C:\users\usuario\downloads\anydesk(2).exe] => (Allow) C:\users\usuario\downloads\anydesk(2).exe => Ningún archivo
FirewallRules: [{28FE10FF-2354-4FBC-BBFD-8BB51F017974}] => (Allow) C:\Program Files\HP\HP DeskJet 2130 series\Bin\HPNetworkCommunicatorCom.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{94521151-FEA2-4CBD-B3A2-32F48A005AEA}] => (Allow) C:\Program Files\HP\HP DeskJet 2130 series\Bin\USBSetup.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [UDP Query User{70FC4F61-0F54-4179-B2BC-DE3F6880D394}C:\users\usuario\downloads\anydesk (1).exe] => (Allow) C:\users\usuario\downloads\anydesk (1).exe => Ningún archivo
FirewallRules: [TCP Query User{F9593ED3-7785-46E9-ABFE-8FB114817037}C:\users\usuario\downloads\anydesk (1).exe] => (Allow) C:\users\usuario\downloads\anydesk (1).exe => Ningún archivo
FirewallRules: [{AAC633BF-45E8-44B6-A3E1-01FA8A6D72E0}] => (Allow) C:\Users\usuario\AppData\Roaming\uTorrent\uTorrent.exe => Ningún archivo
FirewallRules: [{30BF40D7-2AD5-4E1A-98DE-6DE0D615F2E4}] => (Allow) C:\Users\usuario\AppData\Roaming\uTorrent\uTorrent.exe => Ningún archivo
FirewallRules: [{AC6E9F7F-C659-47E9-9220-1F9B28302273}] => (Allow) LPort=3307
FirewallRules: [{14F9F597-5351-46C5-803A-0062E5DCF472}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{5E3C8EFB-31D5-4275-9F5D-326937AA0EB2}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{DBEA3AA8-498E-4E60-9859-79DC2E64A936}] => (Block) c:\Program Files\Corel\CorelDRAW Graphics Suite 2017\Programs64\CorelDrw.exe (Corel Corporation -> Corel Corporation)
FirewallRules: [{68520212-A460-43DD-806E-38A647793C2E}] => (Block) c:\Program Files\Corel\CorelDRAW Graphics Suite 2017\Programs64\CorelPP.exe (Corel Corporation -> Corel Corporation)
FirewallRules: [{ACCE9C1E-CADA-43A4-AC5B-3F6E2B805BD6}] => (Block) C:\Program Files\Corel\CorelDRAW Graphics Suite 2017\Programs64\CorelDRW.exe (Corel Corporation -> Corel Corporation)
FirewallRules: [TCP Query User{B199C204-A6F4-44CB-9D61-5ADD08D82248}C:\users\usuario\downloads\anydesk (2).exe] => (Block) C:\users\usuario\downloads\anydesk (2).exe => Ningún archivo
FirewallRules: [UDP Query User{8E85B1A9-06F9-4097-B012-D39C17923CBC}C:\users\usuario\downloads\anydesk (2).exe] => (Block) C:\users\usuario\downloads\anydesk (2).exe => Ningún archivo
FirewallRules: [TCP Query User{AB28FE49-BD95-4947-B11C-B4042D1ACCA2}C:\users\usuario\downloads\anydesk (4).exe] => (Allow) C:\users\usuario\downloads\anydesk (4).exe => Ningún archivo
FirewallRules: [UDP Query User{FFD93929-A44A-4E71-A812-BFF6E791D690}C:\users\usuario\downloads\anydesk (4).exe] => (Allow) C:\users\usuario\downloads\anydesk (4).exe => Ningún archivo
FirewallRules: [{DC8B30B1-DD37-4066-BBE5-2EE05BBF4727}] => (Allow) C:\Users\usuario\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{95C1B942-18DC-468F-845B-29B503EFADEC}] => (Allow) C:\Users\usuario\AppData\Roaming\Zoom\bin\airhost.exe => Ningún archivo
FirewallRules: [TCP Query User{8A0065AE-CA04-46E2-AFCE-F613E24E37D4}C:\program files (x86)\smart professional surveillance system\smartpss\smartpss.exe] => (Allow) C:\program files (x86)\smart professional surveillance system\smartpss\smartpss.exe => Ningún archivo
FirewallRules: [UDP Query User{8890F83E-89BA-42FC-B9FA-D3D38B46AC04}C:\program files (x86)\smart professional surveillance system\smartpss\smartpss.exe] => (Allow) C:\program files (x86)\smart professional surveillance system\smartpss\smartpss.exe => Ningún archivo
FirewallRules: [TCP Query User{4C6E3F08-C029-4438-A649-BFC5E399C5EC}C:\program files (x86)\smart professional surveillance system\pc-nvr\challenge.exe] => (Allow) C:\program files (x86)\smart professional surveillance system\pc-nvr\challenge.exe => Ningún archivo
FirewallRules: [UDP Query User{81A8143E-9138-420B-9759-3B162534BDEA}C:\program files (x86)\smart professional surveillance system\pc-nvr\challenge.exe] => (Allow) C:\program files (x86)\smart professional surveillance system\pc-nvr\challenge.exe => Ningún archivo
FirewallRules: [TCP Query User{E9D0027A-2BC3-4C2F-853B-A9821867F73D}C:\program files (x86)\anviz\crosschex standard\crosschex standard.exe] => (Allow) C:\program files (x86)\anviz\crosschex standard\crosschex standard.exe (Anviz Global  Inc. -> Anviz Global Inc.) [Archivo no firmado]
FirewallRules: [UDP Query User{68FF1C99-F05F-413E-B4C3-F040D61D4817}C:\program files (x86)\anviz\crosschex standard\crosschex standard.exe] => (Allow) C:\program files (x86)\anviz\crosschex standard\crosschex standard.exe (Anviz Global  Inc. -> Anviz Global Inc.) [Archivo no firmado]
FirewallRules: [{28028105-7E41-4F9C-8202-C3125611E03E}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{3E3ABBC6-CCB3-4DCD-89EF-31969061360C}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{3958BD5C-945E-41A2-91B8-F695EF15C44A}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{9DD79198-40FA-455D-8640-C20A06CE52F4}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [TCP Query User{F89EBA4E-167B-48AF-B5D8-FB422C8254F5}C:\program files (x86)\anviz\crosschex standard\crosschex standard.exe] => (Allow) C:\program files (x86)\anviz\crosschex standard\crosschex standard.exe (Anviz Global  Inc. -> Anviz Global Inc.) [Archivo no firmado]
FirewallRules: [UDP Query User{F036C6B5-7AEB-49B5-BEBD-92F49E919327}C:\program files (x86)\anviz\crosschex standard\crosschex standard.exe] => (Allow) C:\program files (x86)\anviz\crosschex standard\crosschex standard.exe (Anviz Global  Inc. -> Anviz Global Inc.) [Archivo no firmado]
FirewallRules: [TCP Query User{A22F4CF6-489C-4828-AB28-BEEE9B717AD3}C:\program files (x86)\smart professional surveillance system\smartpss\smartpss.exe] => (Block) C:\program files (x86)\smart professional surveillance system\smartpss\smartpss.exe => Ningún archivo
FirewallRules: [UDP Query User{8C0E4C6A-5AC5-470C-AC53-BDBF4D56D0D0}C:\program files (x86)\smart professional surveillance system\smartpss\smartpss.exe] => (Block) C:\program files (x86)\smart professional surveillance system\smartpss\smartpss.exe => Ningún archivo
FirewallRules: [TCP Query User{826529B7-FA0D-4BC2-8E02-73FBDD9CD41F}C:\program files (x86)\smart professional surveillance system\pc-nvr\challenge.exe] => (Block) C:\program files (x86)\smart professional surveillance system\pc-nvr\challenge.exe => Ningún archivo
FirewallRules: [UDP Query User{40E390E9-C3D5-405F-982C-96ED9956710D}C:\program files (x86)\smart professional surveillance system\pc-nvr\challenge.exe] => (Block) C:\program files (x86)\smart professional surveillance system\pc-nvr\challenge.exe => Ningún archivo
FirewallRules: [{2B8BB7D8-3878-4F7B-B14D-63E89E7B20A7}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe (Lenovo -> )
FirewallRules: [{1B3E95B4-9860-4310-A360-2604BF3D2ED8}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe (Lenovo -> )
FirewallRules: [{0F00EAF1-7DD6-42F5-A9EB-10BDC83FD02B}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe => Ningún archivo
FirewallRules: [{7B7465B4-7BDC-4FAF-8D29-0BB90A60CD1A}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe => Ningún archivo
FirewallRules: [{0C720D3B-09C3-4C64-AC69-BAF9869A251A}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{560707E5-0DA7-4016-8848-E53D8E4E82DB}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{98AD38CA-E251-4978-9C37-D292FB2707FF}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{3656BC9C-E3CD-4DD1-99B5-491F3210F76B}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{C44DDC1F-1B76-4880-B25D-504FDD6031AA}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{A7828047-C8F9-4EED-AB18-278CC8E6A2E7}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{C3A30808-E36B-452A-905C-04B4D8BF6B77}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{65F17C52-E5C7-43CB-A5D7-412A079E8625}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{5362B60A-B6DB-4BC8-A278-2FC3591A2F67}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{DA0360F5-B3D1-4574-A1BD-D58C1E877DE5}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{1E858F7F-14F2-4BCD-98D7-8357D9C00223}] => (Allow) C:\Program Files\BlueStacks\HD-Player.exe (BlueStack Systems, Inc. -> BlueStack Systems, Inc.)
FirewallRules: [{B78EFD28-E29B-46A0-A563-EC979427DACC}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> philandro Software GmbH)
FirewallRules: [{B9628173-568D-45CA-A9FF-4186581BC636}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> philandro Software GmbH)
FirewallRules: [{9797D026-011D-4A41-9B93-1BA39EB496A1}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> philandro Software GmbH)
FirewallRules: [{D7554EFF-4A00-4475-B853-2DCA0A631D2C}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> philandro Software GmbH)
FirewallRules: [{2E871171-0F83-482D-9BCB-D0601EF116F7}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> philandro Software GmbH)
FirewallRules: [{DDC6B793-3115-4F3B-8B3F-3A080B1996ED}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> philandro Software GmbH)

==================== Puntos de Restauración =========================


==================== Dispositivos defectuosos en el Administrador de dispositivos ============


==================== Errores del registro de eventos: ========================

Errores de aplicación:
==================
Error: (09/17/2020 03:03:26 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (6248,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) al abrir un archivo de registro C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (09/17/2020 02:55:15 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (11972,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) al abrir un archivo de registro C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (09/17/2020 02:25:53 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (10344,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) al abrir un archivo de registro C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (09/17/2020 01:29:43 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (11744,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) al abrir un archivo de registro C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (09/17/2020 08:11:59 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (10184,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) al abrir un archivo de registro C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (09/17/2020 07:50:24 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (3512,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) al abrir un archivo de registro C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (09/16/2020 11:24:06 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (5632,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) al abrir un archivo de registro C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (09/16/2020 10:24:09 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (6376,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) al abrir un archivo de registro C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.


Errores del sistema:
=============
Error: (09/17/2020 01:24:22 PM) (Source: HTTP) (EventID: 15005) (User: )
Description: No se puede enlazar con el transporte subyacente para [::]:50130. Es posible que la lista IP de solo escucha contenga una referencia a una interfaz que no existe en este equipo. El campo de datos contiene el número de error.

Error: (09/17/2020 01:24:22 PM) (Source: HTTP) (EventID: 15005) (User: )
Description: No se puede enlazar con el transporte subyacente para [::]:50129. Es posible que la lista IP de solo escucha contenga una referencia a una interfaz que no existe en este equipo. El campo de datos contiene el número de error.

Error: (09/17/2020 01:24:17 PM) (Source: HTTP) (EventID: 15005) (User: )
Description: No se puede enlazar con el transporte subyacente para [::]:50128. Es posible que la lista IP de solo escucha contenga una referencia a una interfaz que no existe en este equipo. El campo de datos contiene el número de error.

Error: (09/17/2020 01:18:49 PM) (Source: DCOM) (EventID: 10010) (User: LENOVOROBERTO)
Description: El servidor Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca no se registró con DCOM dentro del tiempo de espera requerido.

Error: (09/17/2020 07:41:43 AM) (Source: DCOM) (EventID: 10010) (User: LENOVOROBERTO)
Description: El servidor Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca no se registró con DCOM dentro del tiempo de espera requerido.

Error: (09/16/2020 10:14:27 PM) (Source: HTTP) (EventID: 15005) (User: )
Description: No se puede enlazar con el transporte subyacente para [::]:50130. Es posible que la lista IP de solo escucha contenga una referencia a una interfaz que no existe en este equipo. El campo de datos contiene el número de error.

Error: (09/16/2020 10:14:27 PM) (Source: HTTP) (EventID: 15005) (User: )
Description: No se puede enlazar con el transporte subyacente para [::]:50129. Es posible que la lista IP de solo escucha contenga una referencia a una interfaz que no existe en este equipo. El campo de datos contiene el número de error.

Error: (09/16/2020 10:14:27 PM) (Source: HTTP) (EventID: 15005) (User: )
Description: No se puede enlazar con el transporte subyacente para [::]:50128. Es posible que la lista IP de solo escucha contenga una referencia a una interfaz que no existe en este equipo. El campo de datos contiene el número de error.


Windows Defender:
===================================
Date: 2020-09-16 07:04:48.182
Description: 
El examen de Antivirus de Windows Defender se detuvo antes de completarse.
Id. de examen: {22601F1B-634A-4DE9-897E-1F46AB119290}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM

Date: 2020-09-16 00:18:45.880
Description: 
El examen de Antivirus de Windows Defender se detuvo antes de completarse.
Id. de examen: {969E1E0E-B861-4404-9636-A1760B94066A}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM

Date: 2020-09-15 06:04:45.622
Description: 
Antivirus de Windows Defender detectó malware u otro software potencialmente no deseado.
Para más información, consulta lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win32/AutoKMS&threatid=2147685180&enterprise=0
Nombre: HackTool:Win32/AutoKMS
Id.: 2147685180
Gravedad: Alta
Categoría: Herramienta
Ruta de acceso: file:_C:\Users\usuario\AppData\Roaming\ZHP\Quarantine\ZHPCleaner\KMSpico\scripts\UnInstall_Service.cmd
Origen de detección: Equipo local
Tipo de detección: Concreto
Origen de detección: Protección en tiempo real
Usuario: LENOVOROBERTO\usuario
Nombre de proceso: C:\Users\usuario\Downloads\esetonlinescanner (1).exe
Versión de inteligencia de seguridad: AV: 1.323.1194.0, AS: 1.323.1194.0, NIS: 1.323.1194.0
Versión de motor: AM: 1.1.17400.5, NIS: 1.1.17400.5

Date: 2020-09-15 06:04:03.814
Description: 
Antivirus de Windows Defender detectó malware u otro software potencialmente no deseado.
Para más información, consulta lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win32/AutoKMS&threatid=2147685180&enterprise=0
Nombre: HackTool:Win32/AutoKMS
Id.: 2147685180
Gravedad: Alta
Categoría: Herramienta
Ruta de acceso: file:_C:\Users\usuario\AppData\Roaming\ZHP\Quarantine\ZHPCleaner\KMSpico\scripts\UnInstall_Service.cmd
Origen de detección: Equipo local
Tipo de detección: Concreto
Origen de detección: Protección en tiempo real
Usuario: LENOVOROBERTO\usuario
Nombre de proceso: C:\Users\usuario\Downloads\esetonlinescanner (1).exe
Versión de inteligencia de seguridad: AV: 1.323.1194.0, AS: 1.323.1194.0, NIS: 1.323.1194.0
Versión de motor: AM: 1.1.17400.5, NIS: 1.1.17400.5

Date: 2020-09-15 06:03:43.886
Description: 
Antivirus de Windows Defender detectó malware u otro software potencialmente no deseado.
Para más información, consulta lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win32/AutoKMS&threatid=2147685180&enterprise=0
Nombre: HackTool:Win32/AutoKMS
Id.: 2147685180
Gravedad: Alta
Categoría: Herramienta
Ruta de acceso: file:_C:\Users\usuario\AppData\Roaming\ZHP\Quarantine\ZHPCleaner\KMSAuto\bin\driver\x64WDV\FakeClient.exe
Origen de detección: Equipo local
Tipo de detección: Concreto
Origen de detección: Protección en tiempo real
Usuario: LENOVOROBERTO\usuario
Nombre de proceso: C:\Users\usuario\Downloads\esetonlinescanner (1).exe
Versión de inteligencia de seguridad: AV: 1.323.1194.0, AS: 1.323.1194.0, NIS: 1.323.1194.0
Versión de motor: AM: 1.1.17400.5, NIS: 1.1.17400.5

Date: 2020-09-15 21:21:25.919
Description: 
Antivirus de Windows Defender detectó un error al intentar actualizar la inteligencia de seguridad.
Nueva versión de inteligencia de seguridad: 
Versión anterior de inteligencia de seguridad: 1.323.1194.0
Origen de actualización: Servidor de Microsoft Update
Tipo de inteligencia de seguridad: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\SYSTEM
Versión actual del motor: 
Versión anterior del motor: 1.1.17400.5
Código de error: 0x8024402c
Descripción del error: Se produjo un problema inesperado mientras se buscaban actualizaciones. Para obtener más información sobre cómo instalar o solucionar problemas en las actualizaciones, consulte Ayuda y soporte técnico. 

Date: 2020-08-30 21:08:06.199
Description: 
Antivirus de Windows Defender detectó un error al intentar actualizar la inteligencia de seguridad.
Nueva versión de inteligencia de seguridad: 
Versión anterior de inteligencia de seguridad: 1.323.210.0
Origen de actualización: Servidor de Microsoft Update
Tipo de inteligencia de seguridad: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\SYSTEM
Versión actual del motor: 
Versión anterior del motor: 1.1.17400.5
Código de error: 0x80240438
Descripción del error: Se produjo un problema inesperado mientras se buscaban actualizaciones. Para obtener más información sobre cómo instalar o solucionar problemas en las actualizaciones, consulte Ayuda y soporte técnico. 

Date: 2020-08-30 20:50:21.334
Description: 
Antivirus de Windows Defender detectó un error al intentar actualizar la inteligencia de seguridad.
Nueva versión de inteligencia de seguridad: 
Versión anterior de inteligencia de seguridad: 1.323.210.0
Origen de actualización: Servidor de Microsoft Update
Tipo de inteligencia de seguridad: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\SYSTEM
Versión actual del motor: 
Versión anterior del motor: 1.1.17400.5
Código de error: 0x80240438
Descripción del error: Se produjo un problema inesperado mientras se buscaban actualizaciones. Para obtener más información sobre cómo instalar o solucionar problemas en las actualizaciones, consulte Ayuda y soporte técnico. 

Date: 2020-08-30 20:34:22.097
Description: 
Antivirus de Windows Defender detectó un error al intentar actualizar la inteligencia de seguridad.
Nueva versión de inteligencia de seguridad: 
Versión anterior de inteligencia de seguridad: 1.323.210.0
Origen de actualización: Servidor de Microsoft Update
Tipo de inteligencia de seguridad: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\SYSTEM
Versión actual del motor: 
Versión anterior del motor: 1.1.17400.5
Código de error: 0x80240438
Descripción del error: Se produjo un problema inesperado mientras se buscaban actualizaciones. Para obtener más información sobre cómo instalar o solucionar problemas en las actualizaciones, consulte Ayuda y soporte técnico. 

CodeIntegrity:
===================================

Date: 2020-04-01 12:07:32.798
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\360\Total Security\I18N64.dll that did not meet the Store signing level requirements.

Date: 2020-04-01 07:16:09.921
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\360\Total Security\I18N64.dll that did not meet the Store signing level requirements.

Date: 2020-03-31 20:28:12.837
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\360\Total Security\I18N64.dll that did not meet the Store signing level requirements.

Date: 2020-03-31 16:36:24.651
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\360\Total Security\I18N64.dll that did not meet the Store signing level requirements.

Date: 2020-03-30 21:04:08.036
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\360\Total Security\I18N64.dll that did not meet the Store signing level requirements.

Date: 2020-03-30 16:52:54.546
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\360\Total Security\I18N64.dll that did not meet the Store signing level requirements.

Date: 2020-03-29 23:17:05.333
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\360\Total Security\I18N64.dll that did not meet the Store signing level requirements.

Date: 2020-03-28 21:12:00.815
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\360\Total Security\I18N64.dll that did not meet the Store signing level requirements.

==================== Información de la memoria =========================== 

BIOS: LENOVO B0CN75WW 03/26/2015
Placa base: LENOVO Lenovo G50-80
Procesador: Intel(R) Core(TM) i7-5500U CPU @ 2.40GHz
Porcentaje de memoria en uso: 68%
RAM física total: 8107.07 MB
RAM física disponible: 2514.27 MB
Virtual total: 9387.07 MB
Virtual disponible: 2065.44 MB

==================== Unidades ================================

Drive c: () (Fixed) (Total:930.4 GB) (Free:757.21 GB) NTFS

\\?\Volume{923e3a6f-3b0d-4f33-8a9f-b6a570a4a790}\ (Recuperación) (Fixed) (Total:0.44 GB) (Free:0.42 GB) NTFS
\\?\Volume{0a7d3175-24d5-466d-8f68-a0c7f7f6e3b1}\ () (Fixed) (Total:0.55 GB) (Free:0.08 GB) NTFS
\\?\Volume{dabb7544-035d-41fd-bb05-435d3a75c38d}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Tabla de particiones ====================

==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 379945BE)

Partition: GPT.

==================== Final de Addition.txt `Texto preformateado`

Ya…yo eso ya sabia que usando un limpiador resolverías, pues lo que ocupaba todo el disco eran la carpeta temporal,.,…pero No indique limpiarla para pòder averiguar la causa, pues esa cantidad de espacio no debe de ocuparse, salvo error de algun software o algun malware.

Por eso es importante no realizar pasos por tu cuenta.

Pega el otro informe que falta

Resultado del análisis realizado por Farbar Recovery Scan Tool (FRST) (x64) Versión: 16-09-2020
Ejecutado por usuario (administrador) sobre LENOVOROBERTO (LENOVO 80E5) (17-09-2020 15:10:34)
Ejecutado desde C:\Users\usuario\Downloads
Perfiles cargados: usuario & DefaultAppPool
Platform: Windows 10 Enterprise Versión 1909 18363.1082 (X64) Idioma: Español (España, internacional)
Navegador predeterminado: Chrome
Modo de Inicio: Normal
Tutorial para Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Procesos (Lista blanca) =================

(Si una entrada es incluida en el fixlist, el proceso será cerrado. El archivo no será movido.)

() [Archivo no firmado] C:\MySQL\bin\mysqld-nt.exe
(Adobe Inc. -> Adobe Inc) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Arvato Digital Services Canada Inc -> arvato digital services llc) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Bluestack Systems, Inc -> Bluestack System Inc.) C:\Program Files\BlueStacks\BstkSVC.exe
(BlueStack Systems, Inc. -> BlueStack Systems, Inc.) C:\Program Files\BlueStacks\HD-Agent.exe
(BlueStack Systems, Inc. -> BlueStack Systems, Inc.) C:\Program Files\BlueStacks\HD-Player.exe
(BlueStack Systems, Inc. -> BlueStack Systems, Inc.) C:\ProgramData\BlueStacks\Client\Bluestacks.exe <2>
(Conexant Systems, Inc. -> Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(Conexant Systems, Inc. -> Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe
(Fortemedia Inc -> ) C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <11>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler64.exe
(Hewlett-Packard Company -> HP) C:\Windows\System32\HPSIsvc.exe
(Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Lenovo -> ) C:\Program Files (x86)\Lenovo\System Update\SUService.exe
(Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.3.115.0\LenovoVantageService.exe
(Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost86\Lenovo.Modern.ImController.PluginHost.CompanionApp.exe
(Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost86\Lenovo.Modern.ImController.PluginHost.Device.exe
(Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe <2>
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.13110.41006.0_x64__8wekyb3d8bbwe\commsapps.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.13110.41006.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12009.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\inetsrv\w3wp.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SecurityHealthHost.exe <3>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUI.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2008.9-0\MsMpEng.exe
(MySQL AB) [Archivo no firmado] C:\MySQL\bin\winmysqladmin.exe
(Node.js Foundation -> Node.js) C:\Program Files\Adobe\Adobe Creative Cloud Experience\libs\node.exe
(philandro Software GmbH -> philandro Software GmbH) C:\Program Files (x86)\AnyDesk\AnyDesk.exe
(Realtek Semiconductor Corp -> Realtek semiconductor) C:\Windows\RTFTrack.exe
(Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(Samsung Electronics Co., Ltd. -> DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(TacticaSoft) [Archivo no firmado] C:\Program Files (x86)\TacticaSoft\TACTICA\BIN\TacticaProcesos.exe
(TacticaSoft) [Archivo no firmado] C:\Program Files (x86)\TacticaSoft\TACTICA\TACTICA.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Desktop.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe

==================== Registro (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.)

HKLM\...\Run: [RtsFT] => C:\WINDOWS\RTFTrack.exe [5166872 2016-08-04] (Realtek Semiconductor Corp -> Realtek semiconductor)
HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] (Fortemedia Inc -> )
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [919768 2014-11-20] (Conexant Systems, Inc. -> Conexant Systems, Inc.)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1830616 2014-04-10] (Conexant Systems, Inc. -> Conexant Systems, Inc.)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3325520 2020-06-04] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [Seagull Drivers V3] => C:\Program Files\Seagull\Printer Drivers\Common\Seagull_DriverStartup.exe [533776 2018-09-16] (Seagull Scientific, Inc -> Seagull Scientific, Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [LenovoUtility] => C:\Program Files\Lenovo\LenovoUtility\utility.exe [791848 2020-07-28] (LENOVO -> )
HKLM-x32\...\Run: [HPUsageTrackingLEDM] => "C:\Program Files (x86)\HP\HP UT LEDM\bin\hppusg.exe" "C:\Program Files (x86)\HP\HP UT LEDM\"
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2091064 2020-07-17] (Adobe Inc. -> Adobe Inc.)
HKLM-x32\...\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [114824 2020-06-06] (Adobe Inc. -> )
HKU\S-1-5-21-1655116526-72280640-3654168884-1001\...\Run: [CCXProcess] => C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [677512 2020-09-01] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-1655116526-72280640-3654168884-1001\...\Run: [OfficeSyncProcess] => "C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE"
HKU\S-1-5-21-1655116526-72280640-3654168884-1001\...\Run: [NXBTTBMXCNY] => C:\Program Files (x86)\Windows Mail\wabmig.exe [66048 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-1655116526-72280640-3654168884-1001\...\Run: [ELUHKNIXIP] => C:\Program Files (x86)\internet explorer\ieinstal.exe [480768 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-1655116526-72280640-3654168884-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Windows x64\Print Processors\HP1020PrintProc: C:\Windows\System32\spool\prtprocs\x64\pphp1020.dll [65024 2012-09-18] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\...\Windows x64\Print Processors\HP1100PrintProc: C:\Windows\System32\spool\prtprocs\x64\HP1100PP.DLL [74240 2012-08-31] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\...\Print\Monitors\HP be2a Status Monitor: C:\WINDOWS\system32\hpinkstsbe2aLM.dll [468576 2018-06-15] (Hewlett Packard -> HP Inc.)
HKLM\...\Print\Monitors\HP E111 Status Monitor: C:\WINDOWS\system32\hpinkstsE111LM.dll [393352 2017-04-14] (Hewlett Packard -> HP Inc.)
HKLM\...\Print\Monitors\HP1100LM: C:\WINDOWS\system32\HP1100LM.DLL [288768 2012-08-31] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\...\Print\Monitors\HPLJ1020LM: C:\WINDOWS\system32\zlhp1020.dll [192512 2012-09-18] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\...\Print\Monitors\Seagull V3 Network Monitor: C:\WINDOWS\system32\Seagull_V3_NetMonDispatcher.dll [603336 2019-02-20] (Seagull Scientific, Inc -> Seagull Scientific, Inc.)
HKLM\...\Print\Monitors\us008 Langmon: C:\WINDOWS\system32\us008lm.dll [31256 2016-02-15] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\85.0.4183.102\Installer\chrmstp.exe [2020-09-08] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AnyDesk.lnk [2020-04-09]
ShortcutTarget: AnyDesk.lnk -> C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> philandro Software GmbH)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SkyWin.lnk [2019-06-09]
ShortcutTarget: SkyWin.lnk -> C:\Program Files (x86)\SkyWin\SkyWin.exe () [Archivo no firmado]
Startup: C:\Users\usuario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Nosis Conector de Bases Publicas.lnk [2018-10-03]
ShortcutTarget: Nosis Conector de Bases Publicas.lnk -> C:\Users\usuario\AppData\Roaming\Nosis SAC Conector\SACConector.exe () [Archivo no firmado]
Startup: C:\Users\usuario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\WinMySQLadmin.lnk [2018-03-28]
ShortcutTarget: WinMySQLadmin.lnk -> C:\MySQL\bin\winmysqladmin.exe (MySQL AB) [Archivo no firmado]
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restricción <==== ATENCIÓN

==================== Tareas programadas (Lista blanca) ============

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

Task: {063C88AE-2BE4-499A-B13A-6CECDE379AE0} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => "%windir%\system32\sc.exe" START ImControllerService
Task: {07332263-15B3-4273-83BE-D4CA0DBBB477} - System32\Tasks\G2MUploadTask-S-1-5-21-1655116526-72280640-3654168884-1001 => C:\Users\usuario\AppData\Local\GoToMeeting\18653\g2mupload.exe [31320 2020-09-14] (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {0D0A0054-8EE0-4D22-92D8-A0738B740671} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [117608 2020-09-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {190C52B1-87FE-46F2-8E92-F38C6DB36F48} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22855048 2020-09-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {2402A779-2621-405F-AAB8-A9D6BA156BF9} - System32\Tasks\G2MUpdateTask-S-1-5-21-1655116526-72280640-3654168884-1001 => C:\Users\usuario\AppData\Local\GoToMeeting\18653\g2mupdate.exe [31320 2020-09-14] (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {248AC1A3-35B5-45AA-9179-DD907A44CFD5} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\cdceb274-4721-4976-b82c-613b3a561c12 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [81240 2020-07-15] (Lenovo -> Lenovo Group Ltd.)
Task: {2F7D64A2-221E-42DA-A76E-D2D2A2AE7348} - System32\Tasks\Lenovo\Lenovo Service Bridge\S-1-5-21-1655116526-72280640-3654168884-1001 => C:\Users\usuario\AppData\Local\Programs\Lenovo\Lenovo Service Bridge\LSBUpdater.exe [87848 2020-08-06] (Lenovo (Beijing) Limited -> Lenovo Group Limited)
Task: {326AE8BC-2975-48EF-8118-7AD79090A280} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\usuario\Downloads\esetonlinescanner (1).exe
Task: {34D0BC52-3FEA-4D32-A40A-F69842E5510E} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [1660520 2020-02-27] (Avast Software s.r.o. -> Avast Software)
Task: {4051608E-CCCA-4149-A192-E3C5D95861CD} - System32\Tasks\BlueStacksHelper => C:\ProgramData\BlueStacks\Client\Helper\BlueStacksHelper.exe [752136 2020-06-18] (BlueStack Systems, Inc. -> BlueStack Systems, Inc.)
Task: {4953E5C0-C80F-459E-80EF-FC96B2F5EDE5} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [117608 2020-09-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {49C104C6-0AD5-4DF7-9E3B-2F5A2EFA3FBE} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-05-11] (Google Inc -> Google Inc.)
Task: {4DBA73CE-3A78-4E18-AFB1-F6C882095EF4} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => %windir%\System32\reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler  /v start /t reg_dword /d 1 /f /reg:32
Task: {5318B5B1-4C9A-409D-A478-5003BF1747F3} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\846abf0c-7bb3-4c5c-af24-b3eba7e4fbf8 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [81240 2020-07-15] (Lenovo -> Lenovo Group Ltd.)
Task: {5E77CBDF-1EBD-40F1-AB12-80EC98321A4A} - System32\Tasks\NCH Software\VideoPadCacheDeleteAll => C:\Program Files (x86)\NCH Software\VideoPad\videopad.exe [7459400 2020-06-09] (NCH Software, Inc. -> NCH Software)
Task: {600894D7-6C61-4550-BD0B-4E8D9814C5DD} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\2b8415a9-332d-44a9-ab9e-913a464d22ab => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [81240 2020-07-15] (Lenovo -> Lenovo Group Ltd.)
Task: {629743C1-AC76-4A05-9F06-C10C45F9E13B} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22855048 2020-09-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {7050AFC7-AE65-4C4E-9201-8619A72029F1} - System32\Tasks\TVT\TVSUUpdateTask_UserLogOn => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [1758536 2018-03-26] (Lenovo -> )
Task: {70668974-95FD-418B-8885-2A32DC16C23D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2008.9-0\MpCmdRun.exe [525032 2020-09-02] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {96FCD11C-CB87-432E-8A4E-C3D6A4430136} - System32\Tasks\HPCustParticipation HP DeskJet 2130 series => C:\Program Files\HP\HP DeskJet 2130 series\Bin\HPCustPartic.exe [6438536 2017-04-18] (Hewlett Packard -> HP Inc.)
Task: {A9945392-464A-496C-BA25-9E30AA8BEC5C} - System32\Tasks\Lenovo\Vantage\Lenovo.Vantage.ServiceMaintainance => %systemroot%\system32\sc.exe start LenovoVantageService
Task: {B9BDF1C3-07F3-4596-9F9D-91B120E72B58} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\be7aebde-e60b-4fca-8590-8550068c3dfa => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [81240 2020-07-15] (Lenovo -> Lenovo Group Ltd.)
Task: {C1C00B94-4A53-4FE0-BF0F-87B411F7FE12} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2008.9-0\MpCmdRun.exe [525032 2020-09-02] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {C4A51FB0-C5EC-4A50-AB7C-6786EBC4A86A} - System32\Tasks\CorelUpdateHelperTaskCore => c:\Program Files (x86)\Corel\CUH\v2\CUH.exe [1602496 2017-03-03] (Corel Corporation -> Corel Corporation)
Task: {CC5EE795-B908-41A6-8191-46A07824F0E2} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2008.9-0\MpCmdRun.exe [525032 2020-09-02] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {D5D31897-9EB0-4F9C-978A-D50F0C258A83} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\usuario\Downloads\esetonlinescanner (1).exe
Task: {D9480EAB-ED0B-4D3C-BF3C-E043BB583A25} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Monitor => C:\WINDOWS\system32\ImController.InfInstaller.exe [56136 2020-07-15] (Lenovo -> Lenovo Group Ltd.)
Task: {D9F02581-D0C5-40BF-A0C7-E824FF60B6D1} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2008.9-0\MpCmdRun.exe [525032 2020-09-02] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {DBC7D021-926B-4A7B-9780-CD1A89136E22} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3325520 2020-06-04] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {DFD6CAFD-8DB3-4335-B2B7-888528F79CA1} - System32\Tasks\AdobeAAMUpdater-1.0-ROBERTONOTEBOOK-usuario => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {E5849067-F1E8-43DB-BE14-69220716C621} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [123600 2020-08-11] (Mozilla Corporation -> Mozilla Foundation)
Task: {E6C39630-0EEF-4503-9397-F87288E8B99A} - System32\Tasks\Optimize Thumbnail Cache Files
Task: {E9086F9F-4AC4-45F8-B936-B9224B5FB1BA} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [1758536 2018-03-26] (Lenovo -> )
Task: {F6B6B526-4DE4-4695-B8E7-11B1F63AC78F} - System32\Tasks\Lenovo\BatteryGauge\BatteryGaugeMaintenance => C:\ProgramData\Lenovo\ImController\Plugins\LenovoBatteryGaugePackage\x64\BGHelper.exe [144312 2020-07-27] (Lenovo -> Lenovo Group Ltd.)
Task: {F957816B-4588-4CBB-8DEA-C64DD7E96CF6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-05-11] (Google Inc -> Google Inc.)
Task: {F9EA0F2D-4B4D-4315-9697-FD5AD017FD72} - System32\Tasks\{F3B8C10B-4906-4853-830C-48BF1AC210FF} => "c:\program files (x86)\google\chrome\application\chrome.exe" hxxps://ui.skype.com/ui/0/7.41.0.101/es/abandoninstall?page=tsMain

(Si una entrada es incluida en el fixlist, el archivo de tarea (.job) será movido. El archivo que está siendo ejecutado por la tarea no será movido.)

Task: C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-1655116526-72280640-3654168884-1001.job => C:\Users\usuario\AppData\Local\GoToMeeting\18653\g2mupdate.exe
Task: C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-1655116526-72280640-3654168884-1001.job => C:\Users\usuario\AppData\Local\GoToMeeting\18653\g2mupload.exe

==================== Internet (Lista blanca) ====================

(Si un elemento es incluido en el fixlist, y éste pertenece al registro, será eliminado o restaurado a su valor predeterminado.)

HKLM\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings: [ProxySettingsPerUser] 1 <==== ATENCIÓN (Restricción - ProxySettings)
ProxyEnable: [HKLM] => Proxy está habilitado.
ProxyServer: [HKLM] => http=127.0.0.1:8080;https=127.0.0.1:8080
ProxyServer: [S-1-5-21-1655116526-72280640-3654168884-1001] => http=127.0.0.1:8080;https=127.0.0.1:8080
Hosts: Hay más de una entrada en Hosts. Consulte la sección Hosts de Addition.txt
Tcpip\Parameters: [DhcpNameServer] 8.8.8.8 8.8.4.4
Tcpip\..\Interfaces\{2f87777d-93b6-4f89-852b-fd1bc87bb1e2}: [DhcpNameServer] 8.8.8.8 8.8.4.4
Tcpip\..\Interfaces\{7f42881e-92ee-4e2a-b8ba-443c1692944a}: [DhcpNameServer] 8.8.8.8 8.8.4.4
Tcpip\..\Interfaces\{dc55c31a-4c96-4dcb-984d-8f8296ec1ac4}: [DhcpNameServer] 8.8.8.8 8.8.4.4
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restricción <==== ATENCIÓN

Edge: 
======
Edge Profile: C:\Users\usuario\AppData\Local\Microsoft\Edge\User Data\Default [2020-09-17]
Edge DefaultSearchURL: Default -> hxxps://search.tb.ask.com/search/GGmain.jhtml?searchfor={searchTerms}&enableSearch=true&rdrct=no&redirect=CPC
Edge DefaultSearchKeyword: Default -> asksearchweb
Edge DefaultSuggestURL: Default -> hxxps://ss.search.ask.com/ss?li=ff&sstype=prefix&limit=10&hl=en&q={searchTerms}&enableSearch=true&rdrct=no
Edge Extension: (VideoDownloadConverter) - C:\Users\usuario\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\apicngidjjeegmfbfgpobchlpliidibm [2020-06-12]
Edge Extension: (Ask Web Search) - C:\Users\usuario\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\eocnnoackodjagdbaoddhjbkpjabimed [2020-08-17]
Edge Extension: (EasyFileConvert) - C:\Users\usuario\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\fdfbclphcjellccklfdjfeodadjigbhh [2020-06-12]
Edge Extension: (MergeDocsOnline) - C:\Users\usuario\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\kgngbnpbckdlodfhkkakjjfagcmiephi [2020-06-12]

FireFox:
========
FF DefaultProfile: fnvpvzq9.default
FF ProfilePath: C:\Users\usuario\AppData\Roaming\Mozilla\Firefox\Profiles\fnvpvzq9.default [2020-09-13]
FF NetworkProxy: Mozilla\Firefox\Profiles\fnvpvzq9.default -> type", 0
FF Notifications: Mozilla\Firefox\Profiles\fnvpvzq9.default -> hxxps://www.facebook.com; hxxps://web.whatsapp.com
FF Extension: (Avast Online Security) - C:\Users\usuario\AppData\Roaming\Mozilla\Firefox\Profiles\fnvpvzq9.default\Extensions\[email protected] [2020-06-28]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension
FF Extension: (SmartPrintButton) - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension [2011-01-26] [Heredado] [no firmado]
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2020-07-17] (Adobe Inc. -> Adobe Systems)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2019-04-13] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2019-04-13] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2019-04-13] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2019-04-13] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-09-05] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2020-07-17] (Adobe Inc. -> Adobe Systems)
FF Plugin HKU\S-1-5-21-1655116526-72280640-3654168884-1001: @zoom.us/ZoomVideoPlugin -> C:\Users\usuario\AppData\Roaming\Zoom\bin\npzoomplugin.dll [2020-05-18] (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)

Chrome: 
=======
CHR DefaultProfile: Profile 1
CHR Profile: C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default [2020-09-17]
CHR Notifications: Default -> hxxps://meet.google.com; hxxps://tiendamia.com; hxxps://tinder.com; hxxps://www.facebook.com; hxxps://www.youtube.com
CHR Extension: (Documentos) - C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-05-11]
CHR Extension: (Google Drive) - C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-05-11]
CHR Extension: (YouTube) - C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-05-11]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-09-15]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2019-03-22]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-04]
CHR Extension: (Gmail) - C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-06-17]
CHR Extension: (Chrome Media Router) - C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-09-02]
CHR Profile: C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Guest Profile [2020-05-02]
CHR Profile: C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1 [2020-09-17]
CHR Notifications: Profile 1 -> hxxps://ar.askrobin.com; hxxps://ar.garbarinoviajes.com; hxxps://bestdealfor21.life; hxxps://drive.google.com; hxxps://mail.google.com; hxxps://meet.google.com; hxxps://official-kmspico.com; hxxps://results.searchanswers.net; hxxps://robotcaptcha2.info; hxxps://tiendamia.com; hxxps://tradenews.pushcrew.com; hxxps://web.whatsapp.com; hxxps://www.facebook.com; hxxps://www.garbarinoviajes.com.ar; hxxps://www.iberia.com; hxxps://www.instagram.com; hxxps://www.rappi.com.ar; hxxps://www.softonic.com; hxxps://www.turismocity.com.ar; hxxps://www.youtube.com; hxxps://www1.news-back.best
CHR StartupUrls: Profile 1 -> "hxxp://www.google.com.ar/"
CHR NewTab: Profile 1 ->  Not-active:"chrome-extension://apicngidjjeegmfbfgpobchlpliidibm/ntp.html"
CHR DefaultSearchURL: Profile 1 -> hxxps://ssl.gstatic.com/apps-notify/drive_96_1x.png
CHR Extension: (Presentaciones) - C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-09-25]
CHR Extension: (Google Drive) - C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aghbiahbpaijignceidepookljebhfak [2020-09-08]
CHR Extension: (Documentos) - C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2018-09-25]
CHR Extension: (Google Drive) - C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-09-28]
CHR Extension: (VideoDownloadConverter) - C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apicngidjjeegmfbfgpobchlpliidibm [2020-06-12]
CHR Extension: (Duplicate File Finder, Cleaner for Drive) - C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bkefnddmfngncidpmibnleniddiopejg [2020-09-08]
CHR Extension: (YouTube) - C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-09-25]
CHR Extension: (Hojas de cálculo) - C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-09-25]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-09-11]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-04]
CHR Extension: (Gmail) - C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-29]
CHR Extension: (Chrome Media Router) - C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-09-02]
CHR Profile: C:\Users\usuario\AppData\Local\Google\Chrome\User Data\System Profile [2020-05-02]
CHR HKU\S-1-5-21-1655116526-72280640-3654168884-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki]

==================== Servicios (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [844856 2020-06-20] (Adobe Inc. -> Adobe Inc.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3673680 2020-06-04] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3406416 2020-06-04] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AnyDesk; C:\Program Files (x86)\AnyDesk\AnyDesk.exe [3668944 2020-08-08] (philandro Software GmbH -> philandro Software GmbH)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8942984 2020-09-15] (Microsoft Corporation -> Microsoft Corporation)
S2 HP LaserJet Service; C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [136704 2009-06-24] (HP) [Archivo no firmado]
R2 HPSIService; C:\WINDOWS\system32\HPSIsvc.exe [126880 2012-09-26] (Hewlett-Packard Company -> HP)
R2 ImControllerService; C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [81240 2020-07-15] (Lenovo -> Lenovo Group Ltd.)
R2 LenovoVantageService; C:\Program Files (x86)\Lenovo\VantageService\3.3.115.0\LenovoVantageService.exe [18360 2020-07-09] (Lenovo -> Lenovo Group Ltd.)
S3 MDM; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [335872 2006-10-26] (Microsoft Corporation) [Archivo no firmado]
R2 MySql; C:\MySQL\bin\mysqld-nt.exe [4493312 2006-10-22] () [Archivo no firmado]
R2 PSI_SVC_2; c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [277360 2014-04-30] (Arvato Digital Services Canada Inc -> arvato digital services llc)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [6150504 2020-09-12] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 ss_conn_service; C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [752224 2019-12-17] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.)
R2 ss_conn_service2; C:\Program Files\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe [933304 2019-12-17] (Samsung Electronics Co., Ltd. -> DEVGURU Co., LTD.)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [13147152 2020-08-19] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2008.9-0\NisSrv.exe [2343112 2020-09-02] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2008.9-0\MsMpEng.exe [128360 2020-09-02] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Controladores (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

R2 BlueStacksDrv; C:\Program Files\BlueStacks\BstkDrv_bgp.sys [315976 2020-09-04] (Bluestack Systems, Inc -> Bluestack System Inc.)
R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [251632 2015-07-13] (ESET, spol. s r.o. -> ESET)
S3 fiddrv64; no ImagePath
R1 MpKslDrv; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{B676EC6A-6311-4B62-A0FC-D575CF0D21B6}\MpKslDrv.sys [78056 2020-09-16] (Microsoft Windows -> Microsoft Corporation)
S3 mvusbews; C:\WINDOWS\System32\Drivers\mvusbews.sys [20480 2012-09-26] (Microsoft Windows Hardware Compatibility Publisher -> Marvell Semiconductor, Inc.)
S3 ptun0901; C:\WINDOWS\System32\drivers\ptun0901.sys [27136 2014-08-08] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166760 2019-12-17] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S1 StarOpen; C:\Windows\SysWow64\Drivers\StarOpen.sys [5632 2006-07-24] () [Archivo no firmado]
R3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [27136 2014-04-08] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
S3 WacomPen; C:\WINDOWS\System32\drivers\wacompen.sys [31744 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [48520 2020-09-02] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [35584 2018-02-26] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [428256 2020-09-02] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [69856 2020-09-02] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)


==================== Un mes (creado) ===================

(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)

2020-09-17 15:01 - 2020-09-17 15:13 - 000035289 _____ C:\Users\usuario\Downloads\FRST.txt
2020-09-17 15:01 - 2020-09-17 15:08 - 000057260 _____ C:\Users\usuario\Downloads\Addition.txt
2020-09-17 14:54 - 2020-09-17 15:12 - 000000000 ____D C:\FRST
2020-09-17 14:54 - 2020-09-17 14:54 - 002298368 ____N (Farbar) C:\Users\usuario\Downloads\FRST64.exe
2020-09-16 15:15 - 2020-09-16 15:15 - 000000776 _____ C:\Users\usuario\Desktop\Descargas.lnk
2020-09-14 19:48 - 2020-09-14 19:48 - 001658900 _____ C:\Users\usuario\Desktop\spacesniffer_1_3_0_2.zip
2020-09-14 14:49 - 2020-09-15 06:38 - 000000000 ____D C:\Users\usuario\Documents\VENDEDORES DE GOOGLE
2020-09-13 20:14 - 2020-09-17 13:18 - 000000445 _____ C:\WINDOWS\system32\Drivers\etc\hosts.ics
2020-09-13 16:31 - 2020-09-13 16:31 - 000002225 _____ C:\Users\usuario\Desktop\gDMSS Lite.lnk
2020-09-13 16:09 - 2020-09-13 16:09 - 000000000 ____D C:\Users\usuario\.android
2020-09-13 15:41 - 2020-09-13 15:41 - 000000086 _____ C:\Users\usuario\Desktop\activadorenterp.cmd
2020-09-13 11:20 - 2020-09-13 11:20 - 000000020 ___SH C:\Users\.NET v4.5\ntuser.ini
2020-09-13 11:20 - 2020-09-13 11:20 - 000000020 ___SH C:\Users\.NET v4.5 Classic\ntuser.ini
2020-09-13 11:20 - 2020-09-13 11:20 - 000000000 ____D C:\Users\.NET v4.5 Classic
2020-09-13 11:20 - 2020-09-13 11:20 - 000000000 ____D C:\Users\.NET v4.5
2020-09-13 11:20 - 2019-04-21 11:50 - 000000000 ____D C:\Users\.NET v4.5\AppData\Local\Google
2020-09-13 11:20 - 2019-04-21 11:50 - 000000000 ____D C:\Users\.NET v4.5 Classic\AppData\Local\Google
2020-09-13 11:20 - 2019-03-19 01:46 - 000001105 _____ C:\Users\.NET v4.5\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-09-13 11:20 - 2019-03-19 01:46 - 000001105 _____ C:\Users\.NET v4.5 Classic\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-09-13 11:20 - 2018-03-22 08:25 - 000000000 ____D C:\Users\.NET v4.5\AppData\Local\Microsoft Help
2020-09-13 11:20 - 2018-03-22 08:25 - 000000000 ____D C:\Users\.NET v4.5 Classic\AppData\Local\Microsoft Help
2020-09-13 11:06 - 2020-09-13 11:06 - 000000000 ____D C:\WINDOWS\system32\msmq
2020-09-13 11:06 - 2020-09-13 11:06 - 000000000 ____D C:\Users\Public\Documents\Hyper-V
2020-09-13 11:04 - 2020-09-13 11:04 - 000003816 _____ C:\WINDOWS\system32\Tasks\EOSv3 Scheduler onLogOn
2020-09-13 11:04 - 2020-09-13 11:04 - 000003374 _____ C:\WINDOWS\system32\Tasks\EOSv3 Scheduler onTime
2020-09-13 01:19 - 2020-09-13 01:19 - 000000000 ____D C:\Program Files\Hyper-V
2020-09-13 00:40 - 2020-09-13 00:40 - 000000000 ____D C:\Users\usuario\AppData\Local\PeerDistRepub
2020-09-12 23:08 - 2020-09-12 23:37 - 000000000 ____D C:\WINDOWS\CSC
2020-09-12 23:08 - 2020-09-12 23:10 - 000000000 ___SD C:\WINDOWS\system32\AppV
2020-09-12 23:08 - 2020-09-12 23:09 - 000000000 __SHD C:\WINDOWS\BitLockerDiscoveryVolumeContents
2020-09-12 23:08 - 2020-09-12 23:09 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2020-09-12 23:08 - 2020-09-12 23:08 - 000000000 ____D C:\WINDOWS\RemotePackages
2020-09-12 18:27 - 2020-09-12 18:27 - 000000000 ____D C:\Program Files (x86)\Intel Corporation
2020-09-12 17:19 - 2020-09-12 17:19 - 000003950 _____ C:\WINDOWS\system32\Tasks\BlueStacksHelper
2020-09-12 17:13 - 2020-09-12 17:13 - 000002081 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlueStacks Multi-Instance Manager.lnk
2020-09-12 17:13 - 2020-09-12 17:13 - 000001782 _____ C:\Users\Public\Desktop\BlueStacks.lnk
2020-09-12 17:13 - 2020-09-12 17:13 - 000001764 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlueStacks.lnk
2020-09-12 17:11 - 2020-09-12 17:13 - 000000000 ____D C:\ProgramData\BlueStacks
2020-09-12 17:11 - 2020-09-12 17:11 - 000000000 ____D C:\Program Files\BlueStacks
2020-09-12 16:51 - 2020-09-12 17:11 - 000000000 ____D C:\Users\usuario\AppData\Local\BlueStacksSetup
2020-09-12 16:51 - 2020-09-12 17:11 - 000000000 ____D C:\Users\usuario\AppData\Local\Bluestacks
2020-09-12 16:51 - 2020-09-12 17:11 - 000000000 ____D C:\Users\Public\BlueStacks
2020-09-12 16:44 - 2020-09-14 23:09 - 000000672 _____ C:\Users\usuario\Desktop\ESET Online Scanner.lnk
2020-09-11 12:44 - 2020-09-13 02:02 - 000135680 _____ (Microsoft Corporation) C:\WINDOWS\system32\HgsClientWmi.dll
2020-09-11 12:44 - 2020-09-13 02:01 - 015487816 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmms.exe
2020-09-11 12:44 - 2020-09-13 02:00 - 000291848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationVdev.dll
2020-09-11 12:44 - 2020-09-12 23:00 - 001386824 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystemController.dll
2020-09-11 12:44 - 2020-09-12 22:59 - 003985920 _____ (Microsoft Corporation) C:\WINDOWS\system32\tellib.dll
2020-09-11 12:44 - 2020-09-12 22:49 - 002190664 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystems64.dll
2020-09-11 12:44 - 2020-09-12 22:45 - 002369336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.AppAgent.dll
2020-09-11 12:44 - 2020-09-12 22:45 - 000744960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.Office2013CustomActions.dll
2020-09-11 12:44 - 2020-09-12 22:45 - 000045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.Office2010CustomActions.dll
2020-09-11 12:44 - 2020-09-12 22:43 - 001659208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft.Uev.AppAgent.dll
2020-09-11 12:44 - 2020-09-12 22:43 - 000514560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft.Uev.Office2013CustomActions.dll
2020-09-11 12:44 - 2020-09-12 22:43 - 000036352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft.Uev.Office2010CustomActions.dll
2020-09-11 12:44 - 2020-09-11 12:44 - 025444864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2020-09-11 12:44 - 2020-09-11 12:44 - 005503488 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2020-09-11 12:44 - 2020-09-11 12:44 - 004309504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2020-09-11 12:44 - 2020-09-11 12:44 - 003525608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2020-09-11 12:44 - 2020-09-11 12:44 - 002315472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2020-09-11 12:44 - 2020-09-11 12:44 - 002138264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVCORE.DLL
2020-09-11 12:44 - 2020-09-11 12:44 - 001610240 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2020-09-11 12:44 - 2020-09-11 12:44 - 001272160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2020-09-11 12:44 - 2020-09-11 12:44 - 001108384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2020-09-11 12:44 - 2020-09-11 12:44 - 001098720 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2020-09-11 12:44 - 2020-09-11 12:44 - 001039872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMSPDMOE.DLL
2020-09-11 12:44 - 2020-09-11 12:44 - 001012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2020-09-11 12:44 - 2020-09-11 12:44 - 000952416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DolbyDecMFT.dll
2020-09-11 12:44 - 2020-09-11 12:44 - 000941568 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2020-09-11 12:44 - 2020-09-11 12:44 - 000928768 _____ (Microsoft Corporation) C:\WINDOWS\system32\WFS.exe
2020-09-11 12:44 - 2020-09-11 12:44 - 000748384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2020-09-11 12:44 - 2020-09-11 12:44 - 000724480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapi.dll
2020-09-11 12:44 - 2020-09-11 12:44 - 000709632 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2020-09-11 12:44 - 2020-09-11 12:44 - 000682752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMADMOE.DLL
2020-09-11 12:44 - 2020-09-11 12:44 - 000669696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WFSR.dll
2020-09-11 12:44 - 2020-09-11 12:44 - 000666288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMADMOD.DLL
2020-09-11 12:44 - 2020-09-11 12:44 - 000588800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfh264enc.dll
2020-09-11 12:44 - 2020-09-11 12:44 - 000537608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2020-09-11 12:44 - 2020-09-11 12:44 - 000522752 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModel.dll
2020-09-11 12:44 - 2020-09-11 12:44 - 000415232 _____ (Microsoft Corporation) C:\WINDOWS\system32\FXSCOMPOSE.dll
2020-09-11 12:44 - 2020-09-11 12:44 - 000408576 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2020-09-11 12:44 - 2020-09-11 12:44 - 000338944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapibase.dll
2020-09-11 12:44 - 2020-09-11 12:44 - 000234496 _____ (Microsoft Corporation) C:\WINDOWS\system32\FXSCOVER.exe
2020-09-11 12:44 - 2020-09-11 12:44 - 000181248 _____ (Microsoft Corporation) C:\WINDOWS\system32\FXSUTILITY.dll
2020-09-11 12:44 - 2020-09-11 12:44 - 000080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModelOOBE.exe
2020-09-11 12:44 - 2020-09-11 12:44 - 000035328 _____ (Microsoft Corporation) C:\WINDOWS\system32\FXSCOMPOSERES.dll
2020-09-11 12:43 - 2020-09-12 22:07 - 000458032 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmusrv.dll
2020-09-11 12:43 - 2020-09-12 22:07 - 000346936 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmsmb.dll
2020-09-11 12:43 - 2020-09-12 22:06 - 006519608 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmchipset.dll
2020-09-11 12:43 - 2020-09-12 22:06 - 003500856 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmcompute.exe
2020-09-11 12:43 - 2020-09-12 22:06 - 003416064 _____ (Microsoft Corporation) C:\WINDOWS\system32\HostNetSvc.dll
2020-09-11 12:43 - 2020-09-12 22:06 - 002429608 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmwp.exe
2020-09-11 12:43 - 2020-09-12 22:06 - 000418104 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmprox.dll
2020-09-11 12:43 - 2020-09-12 22:06 - 000390968 _____ C:\WINDOWS\system32\vp9fs.dll
2020-09-11 12:43 - 2020-09-12 22:06 - 000286520 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmiccore.dll
2020-09-11 12:43 - 2020-09-11 12:44 - 019812864 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramWorld.dll
2020-09-11 12:43 - 2020-09-11 12:43 - 032928920 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecsRaw.dll
2020-09-11 12:43 - 2020-09-11 12:43 - 031598936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecsRaw.dll
2020-09-11 12:43 - 2020-09-11 12:43 - 022642176 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2020-09-11 12:43 - 2020-09-11 12:43 - 019852288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2020-09-11 12:43 - 2020-09-11 12:43 - 018032128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2020-09-11 12:43 - 2020-09-11 12:43 - 007761408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2020-09-11 12:43 - 2020-09-11 12:43 - 007284736 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2020-09-11 12:43 - 2020-09-11 12:43 - 006304256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2020-09-11 12:43 - 2020-09-11 12:43 - 005907456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2020-09-11 12:43 - 2020-09-11 12:43 - 004859904 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2020-09-11 12:43 - 2020-09-11 12:43 - 004605952 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2020-09-11 12:43 - 2020-09-11 12:43 - 004129416 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2020-09-11 12:43 - 2020-09-11 12:43 - 003822592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2020-09-11 12:43 - 2020-09-11 12:43 - 003501568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2020-09-11 12:43 - 2020-09-11 12:43 - 002494752 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2020-09-11 12:43 - 2020-09-11 12:43 - 002422384 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVCORE.DLL
2020-09-11 12:43 - 2020-09-11 12:43 - 002230240 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2020-09-11 12:43 - 2020-09-11 12:43 - 001491160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2020-09-11 12:43 - 2020-09-11 12:43 - 001313792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2020-09-11 12:43 - 2020-09-11 12:43 - 001247744 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMSPDMOE.DLL
2020-09-11 12:43 - 2020-09-11 12:43 - 001218424 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2020-09-11 12:43 - 2020-09-11 12:43 - 001151808 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2020-09-11 12:43 - 2020-09-11 12:43 - 001138688 _____ (Microsoft Corporation) C:\WINDOWS\system32\nettrace.dll
2020-09-11 12:43 - 2020-09-11 12:43 - 001099600 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2020-09-11 12:43 - 2020-09-11 12:43 - 000882688 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2020-09-11 12:43 - 2020-09-11 12:43 - 000864768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2020-09-11 12:43 - 2020-09-11 12:43 - 000776192 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2020-09-11 12:43 - 2020-09-11 12:43 - 000744240 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMADMOE.DLL
2020-09-11 12:43 - 2020-09-11 12:43 - 000738072 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMADMOD.DLL
2020-09-11 12:43 - 2020-09-11 12:43 - 000706560 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsecedit.dll
2020-09-11 12:43 - 2020-09-11 12:43 - 000705536 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2020-09-11 12:43 - 2020-09-11 12:43 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2020-09-11 12:43 - 2020-09-11 12:43 - 000689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2020-09-11 12:43 - 2020-09-11 12:43 - 000671560 _____ (Microsoft Corporation) C:\WINDOWS\system32\computecore.dll
2020-09-11 12:43 - 2020-09-11 12:43 - 000609280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2020-09-11 12:43 - 2020-09-11 12:43 - 000574976 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfh264enc.dll
2020-09-11 12:43 - 2020-09-11 12:43 - 000562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2020-09-11 12:43 - 2020-09-11 12:43 - 000553472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsecedit.dll
2020-09-11 12:43 - 2020-09-11 12:43 - 000529920 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe
2020-09-11 12:43 - 2020-09-11 12:43 - 000516544 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2020-09-11 12:43 - 2020-09-11 12:43 - 000420168 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAudDecMFT.dll
2020-09-11 12:43 - 2020-09-11 12:43 - 000374784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2020-09-11 12:43 - 2020-09-11 12:43 - 000353280 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnrpsvc.dll
2020-09-11 12:43 - 2020-09-11 12:43 - 000330752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\upnphost.dll
2020-09-11 12:43 - 2020-09-11 12:43 - 000299072 _____ (Microsoft Corporation) C:\WINDOWS\system32\SIHClient.exe
2020-09-11 12:43 - 2020-09-11 12:43 - 000272896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstext40.dll
2020-09-11 12:43 - 2020-09-11 12:43 - 000269824 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAFMCP.dll
2020-09-11 12:43 - 2020-09-11 12:43 - 000249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\FileHistory.exe
2020-09-11 12:43 - 2020-09-11 12:43 - 000219136 _____ (Microsoft Corporation) C:\WINDOWS\system32\P2P.dll
2020-09-11 12:43 - 2020-09-11 12:43 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2020-09-11 12:43 - 2020-09-11 12:43 - 000152064 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdWSD.dll
2020-09-11 12:43 - 2020-09-11 12:43 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
2020-09-11 12:43 - 2020-09-11 12:43 - 000133632 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnscmmc.dll
2020-09-11 12:43 - 2020-09-11 12:43 - 000127488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdWSD.dll
2020-09-11 12:43 - 2020-09-11 12:43 - 000124416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnscmmc.dll
2020-09-11 12:43 - 2020-09-11 12:43 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2020-09-11 12:43 - 2020-09-11 12:43 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll
2020-09-11 12:43 - 2020-09-11 12:43 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdSSDP.dll
2020-09-11 12:43 - 2020-09-11 12:43 - 000078336 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhuxgraphics.dll
2020-09-11 12:43 - 2020-09-11 12:43 - 000065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2020-09-11 12:43 - 2020-09-11 12:43 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iemigplugin.dll
2020-09-11 12:43 - 2020-09-11 12:43 - 000058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\udhisapi.dll
2020-09-11 12:43 - 2020-09-11 12:43 - 000056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndiscap.sys
2020-09-11 12:43 - 2020-09-11 12:43 - 000050688 _____ (Microsoft Corporation) C:\WINDOWS\system32\tar.exe
2020-09-11 12:43 - 2020-09-11 12:43 - 000050688 _____ (Microsoft Corporation) C:\WINDOWS\system32\NAPCRYPT.DLL
2020-09-11 12:43 - 2020-09-11 12:43 - 000044032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NAPCRYPT.DLL
2020-09-11 12:43 - 2020-09-11 12:43 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tar.exe
2020-09-11 12:43 - 2020-09-11 12:43 - 000037888 _____ (Microsoft Corporation) C:\WINDOWS\system32\wslapi.dll
2020-09-11 12:43 - 2020-09-11 12:43 - 000035328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\upnpcont.exe
2020-09-11 12:43 - 2020-09-11 12:43 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msimsg.dll
2020-09-11 12:43 - 2020-09-11 12:43 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimsg.dll
2020-09-11 12:42 - 2020-09-11 12:42 - 006526448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2020-09-11 12:42 - 2020-09-11 12:42 - 006069360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2020-09-11 12:42 - 2020-09-11 12:42 - 005848848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2020-09-11 12:42 - 2020-09-11 12:42 - 005767744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2020-09-11 12:42 - 2020-09-11 12:42 - 005003832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2020-09-11 12:42 - 2020-09-11 12:42 - 004538368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2020-09-11 12:42 - 2020-09-11 12:42 - 003740456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneCoreUAPCommonProxyStub.dll
2020-09-11 12:42 - 2020-09-11 12:42 - 002799104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2020-09-11 12:42 - 2020-09-11 12:42 - 002585032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2020-09-11 12:42 - 2020-09-11 12:42 - 002576896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2020-09-11 12:42 - 2020-09-11 12:42 - 002565120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2020-09-11 12:42 - 2020-09-11 12:42 - 002306048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2020-09-11 12:42 - 2020-09-11 12:42 - 002259680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2020-09-11 12:42 - 2020-09-11 12:42 - 001957552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2020-09-11 12:42 - 2020-09-11 12:42 - 001750016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll
2020-09-11 12:42 - 2020-09-11 12:42 - 001688064 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsPrint.dll
2020-09-11 12:42 - 2020-09-11 12:42 - 001672544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2020-09-11 12:42 - 2020-09-11 12:42 - 001664696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2020-09-11 12:42 - 2020-09-11 12:42 - 001521664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbghelp.dll
2020-09-11 12:42 - 2020-09-11 12:42 - 001512960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdprt.dll
2020-09-11 12:42 - 2020-09-11 12:42 - 001459200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2020-09-11 12:42 - 2020-09-11 12:42 - 001421392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2020-09-11 12:42 - 2020-09-11 12:42 - 001397560 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2020-09-11 12:42 - 2020-09-11 12:42 - 001369088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2020-09-11 12:42 - 2020-09-11 12:42 - 001326592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2020-09-11 12:42 - 2020-09-11 12:42 - 001307464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContentDeliveryManager.Utilities.dll
2020-09-11 12:42 - 2020-09-11 12:42 - 001246208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2020-09-11 12:42 - 2020-09-11 12:42 - 001124864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Vpn.dll
2020-09-11 12:42 - 2020-09-11 12:42 - 001077048 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2020-09-11 12:42 - 2020-09-11 12:42 - 001054160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2020-09-11 12:42 - 2020-09-11 12:42 - 001009200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2020-09-11 12:42 - 2020-09-11 12:42 - 000894032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2020-09-11 12:42 - 2020-09-11 12:42 - 000892728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2020-09-11 12:42 - 2020-09-11 12:42 - 000867328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2020-09-11 12:42 - 2020-09-11 12:42 - 000844088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll
2020-09-11 12:42 - 2020-09-11 12:42 - 000783496 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2020-09-11 12:42 - 2020-09-11 12:42 - 000775768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2020-09-11 12:42 - 2020-09-11 12:42 - 000775480 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2020-09-11 12:42 - 2020-09-11 12:42 - 000768504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2020-09-11 12:42 - 2020-09-11 12:42 - 000675032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2020-09-11 12:42 - 2020-09-11 12:42 - 000670720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2020-09-11 12:42 - 2020-09-11 12:42 - 000667312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PCPKsp.dll
2020-09-11 12:42 - 2020-09-11 12:42 - 000652800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2020-09-11 12:42 - 2020-09-11 12:42 - 000632320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll
2020-09-11 12:42 - 2020-09-11 12:42 - 000628400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2020-09-11 12:42 - 2020-09-11 12:42 - 000600064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2020-09-11 12:42 - 2020-09-11 12:42 - 000593480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2020-09-11 12:42 - 2020-09-11 12:42 - 000572208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryPS.dll
2020-09-11 12:42 - 2020-09-11 12:42 - 000564480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StateRepository.Core.dll
2020-09-11 12:42 - 2020-09-11 12:42 - 000553664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2020-09-11 12:42 - 2020-09-11 12:42 - 000528896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ddraw.dll
2020-09-11 12:42 - 2020-09-11 12:42 - 000499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.FileExplorer.dll
2020-09-11 12:42 - 2020-09-11 12:42 - 000466432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2020-09-11 12:42 - 2020-09-11 12:42 - 000466352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2020-09-11 12:42 - 2020-09-11 12:42 - 000462848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2020-09-11 12:42 - 2020-09-11 12:42 - 000457216 _____ (Microsoft Corporation) C:\WINDOWS\system32\upnphost.dll
2020-09-11 12:42 - 2020-09-11 12:42 - 000424448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputSwitch.dll
2020-09-11 12:42 - 2020-09-11 12:42 - 000422008 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave_secure.dll
2020-09-11 12:42 - 2020-09-11 12:42 - 000410624 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2020-09-11 12:42 - 2020-09-11 12:42 - 000404480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Payments.dll
2020-09-11 12:42 - 2020-09-11 12:42 - 000336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2020-09-11 12:42 - 2020-09-11 12:42 - 000328192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2020-09-11 12:42 - 2020-09-11 12:42 - 000324608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll
2020-09-11 12:42 - 2020-09-11 12:42 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2020-09-11 12:42 - 2020-09-11 12:42 - 000307712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2020-09-11 12:42 - 2020-09-11 12:42 - 000299520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2020-09-11 12:42 - 2020-09-11 12:42 - 000294728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\thumbcache.dll
2020-09-11 12:42 - 2020-09-11 12:42 - 000292864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Lights.dll
2020-09-11 12:42 - 2020-09-11 12:42 - 000285056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2020-09-11 12:42 - 2020-09-11 12:42 - 000283136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2020-09-11 12:42 - 2020-09-11 12:42 - 000277504 _____ (Microsoft Corporation) C:\WINDOWS\system32\scecli.dll
2020-09-11 12:42 - 2020-09-11 12:42 - 000272384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppLockerCSP.dll
2020-09-11 12:42 - 2020-09-11 12:42 - 000268800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovs.dll
2020-09-11 12:42 - 2020-09-11 12:42 - 000256000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll
2020-09-11 12:42 - 2020-09-11 12:42 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2020-09-11 12:42 - 2020-09-11 12:42 - 000245248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pdh.dll
2020-09-11 12:42 - 2020-09-11 12:42 - 000244736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndproxy.sys
2020-09-11 12:42 - 2020-09-11 12:42 - 000240128 _____ (Microsoft Corporation) C:\WINDOWS\system32\ssdpsrv.dll
2020-09-11 12:42 - 2020-09-11 12:42 - 000232960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2020-09-11 12:42 - 2020-09-11 12:42 - 000224064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinesam.dll
2020-09-11 12:42 - 2020-09-11 12:42 - 000214016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scecli.dll
2020-09-11 12:42 - 2020-09-11 12:42 - 000211968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFilterHost.exe
2020-09-11 12:42 - 2020-09-11 12:42 - 000211256 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcbloader.dll
2020-09-11 12:42 - 2020-09-11 12:42 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallServiceTasks.dll
2020-09-11 12:42 - 2020-09-11 12:42 - 000170496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryUpgrade.dll
2020-09-11 12:42 - 2020-09-11 12:42 - 000165184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll
2020-09-11 12:42 - 2020-09-11 12:42 - 000163840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2020-09-11 12:42 - 2020-09-11 12:42 - 000163840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BitLockerCsp.dll
2020-09-11 12:42 - 2020-09-11 12:42 - 000160768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2020-09-11 12:42 - 2020-09-11 12:42 - 000146640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sspicli.dll
2020-09-11 12:42 - 2020-09-11 12:42 - 000136192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srpapi.dll
2020-09-11 12:42 - 2020-09-11 12:42 - 000120832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mapistub.dll
2020-09-11 12:42 - 2020-09-11 12:42 - 000120832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mapi32.dll
2020-09-11 12:42 - 2020-09-11 12:42 - 000113152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssitlb.dll
2020-09-11 12:42 - 2020-09-11 12:42 - 000108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdSSDP.dll
2020-09-11 12:42 - 2020-09-11 12:42 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2020-09-11 12:42 - 2020-09-11 12:42 - 000096768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2020-09-11 12:42 - 2020-09-11 12:42 - 000093496 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2020-09-11 12:42 - 2020-09-11 12:42 - 000092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wanarp.sys
2020-09-11 12:42 - 2020-09-11 12:42 - 000090944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryBroker.dll
2020-09-11 12:42 - 2020-09-11 12:42 - 000090936 _____ (Microsoft Corporation) C:\WINDOWS\system32\vid.dll
2020-09-11 12:42 - 2020-09-11 12:42 - 000089344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2020-09-11 12:42 - 2020-09-11 12:42 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\samlib.dll
2020-09-11 12:42 - 2020-09-11 12:42 - 000084280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2020-09-11 12:42 - 2020-09-11 12:42 - 000081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dtdump.exe
2020-09-11 12:42 - 2020-09-11 12:42 - 000076800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2020-09-11 12:42 - 2020-09-11 12:42 - 000070144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc.dll
2020-09-11 12:42 - 2020-09-11 12:42 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\udhisapi.dll
2020-09-11 12:42 - 2020-09-11 12:42 - 000065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\ssdpapi.dll
2020-09-11 12:42 - 2020-09-11 12:42 - 000065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtutils.dll
2020-09-11 12:42 - 2020-09-11 12:42 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssprxy.dll
2020-09-11 12:42 - 2020-09-11 12:42 - 000058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc6.dll
2020-09-11 12:42 - 2020-09-11 12:42 - 000053760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtutils.dll
2020-09-11 12:42 - 2020-09-11 12:42 - 000049152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tbauth.dll
2020-09-11 12:42 - 2020-09-11 12:42 - 000048640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edpnotify.exe
2020-09-11 12:42 - 2020-09-11 12:42 - 000046592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf3216.dll
2020-09-11 12:42 - 2020-09-11 12:42 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msscntrs.dll
2020-09-11 12:42 - 2020-09-11 12:42 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2020-09-11 12:42 - 2020-09-11 12:42 - 000041472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\perfctrs.dll
2020-09-11 12:42 - 2020-09-11 12:42 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\upnpcont.exe
2020-09-11 12:42 - 2020-09-11 12:42 - 000039424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\perfproc.dll
2020-09-11 12:42 - 2020-09-11 12:42 - 000037888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\perfdisk.dll
2020-09-11 12:42 - 2020-09-11 12:42 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\perfos.dll
2020-09-11 12:42 - 2020-09-11 12:42 - 000032256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryCore.dll
2020-09-11 12:42 - 2020-09-11 12:42 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cmintegrator.dll
2020-09-11 12:42 - 2020-09-11 12:42 - 000029184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerCookies.exe
2020-09-11 12:42 - 2020-09-11 12:42 - 000028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndistapi.sys
2020-09-11 12:42 - 2020-09-11 12:42 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\perfnet.dll
2020-09-11 12:42 - 2020-09-11 12:42 - 000021304 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdhvcom.dll
2020-09-11 12:42 - 2020-09-11 12:42 - 000020992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appidtel.exe
2020-09-11 12:42 - 2020-09-11 12:42 - 000016384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fixmapi.exe
2020-09-11 12:42 - 2020-09-11 12:42 - 000013824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDJPN.DLL
2020-09-11 12:42 - 2020-09-11 12:42 - 000013312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDKOR.DLL
2020-09-11 12:42 - 2020-09-11 12:42 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dciman32.dll
2020-09-11 12:42 - 2020-09-11 12:42 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kbd106n.dll
2020-09-11 12:42 - 2020-09-11 12:42 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kbd106.dll
2020-09-11 12:42 - 2020-09-11 12:42 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kbd101.DLL
2020-09-11 12:42 - 2020-09-11 12:42 - 000007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msimg32.dll
2020-09-11 12:42 - 2020-09-11 12:42 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2020-09-11 12:42 - 2020-09-11 12:42 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6r.dll
2020-09-11 12:42 - 2020-09-11 12:42 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3r.dll
2020-09-11 12:42 - 2020-09-11 12:42 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\lpk.dll
2020-09-11 12:42 - 2020-09-11 12:42 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth9.bin
2020-09-11 12:42 - 2020-09-11 12:42 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2020-09-11 12:42 - 2020-09-11 12:42 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2020-09-11 12:42 - 2020-09-11 12:42 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2020-09-11 12:42 - 2020-09-11 12:42 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2020-09-11 12:42 - 2020-09-11 12:42 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2020-09-11 12:42 - 2020-09-11 12:42 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2020-09-11 12:42 - 2020-09-11 12:42 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2020-09-11 12:42 - 2020-09-11 12:42 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth12.bin
2020-09-11 12:42 - 2020-09-11 12:42 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth11.bin
2020-09-11 12:42 - 2020-09-11 12:42 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth10.bin
2020-09-11 12:42 - 2020-09-11 12:42 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2020-09-11 12:41 - 2020-09-11 12:41 - 009926456 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2020-09-11 12:41 - 2020-09-11 12:41 - 007604584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2020-09-11 12:41 - 2020-09-11 12:41 - 007271232 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2020-09-11 12:41 - 2020-09-11 12:41 - 005041152 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2020-09-11 12:41 - 2020-09-11 12:41 - 004565248 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2020-09-11 12:41 - 2020-09-11 12:41 - 004048384 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2020-09-11 12:41 - 2020-09-11 12:41 - 003805696 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2020-09-11 12:41 - 2020-09-11 12:41 - 003547136 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2020-09-11 12:41 - 2020-09-11 12:41 - 003371176 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2020-09-11 12:41 - 2020-09-11 12:41 - 002986808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2020-09-11 12:41 - 2020-09-11 12:41 - 002774088 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2020-09-11 12:41 - 2020-09-11 12:41 - 002772616 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2020-09-11 12:41 - 2020-09-11 12:41 - 002697536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2020-09-11 12:41 - 2020-09-11 12:41 - 002090280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2020-09-11 12:41 - 2020-09-11 12:41 - 001999968 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2020-09-11 12:41 - 2020-09-11 12:41 - 001930752 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbghelp.dll
2020-09-11 12:41 - 2020-09-11 12:41 - 001743680 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2020-09-11 12:41 - 2020-09-11 12:41 - 001726264 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2020-09-11 12:41 - 2020-09-11 12:41 - 001704960 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2020-09-11 12:41 - 2020-09-11 12:41 - 001698816 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2020-09-11 12:41 - 2020-09-11 12:41 - 001670144 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2020-09-11 12:41 - 2020-09-11 12:41 - 001653792 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2020-09-11 12:41 - 2020-09-11 12:41 - 001480520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2020-09-11 12:41 - 2020-09-11 12:41 - 001399216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2020-09-11 12:41 - 2020-09-11 12:41 - 001393960 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2020-09-11 12:41 - 2020-09-11 12:41 - 001260752 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2020-09-11 12:41 - 2020-09-11 12:41 - 001170960 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2020-09-11 12:41 - 2020-09-11 12:41 - 001141048 _____ (Microsoft Corporation) C:\WINDOWS\system32\efscore.dll
2020-09-11 12:41 - 2020-09-11 12:41 - 000932352 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2020-09-11 12:41 - 2020-09-11 12:41 - 000932256 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
2020-09-11 12:41 - 2020-09-11 12:41 - 000893104 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2020-09-11 12:41 - 2020-09-11 12:41 - 000858928 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2020-09-11 12:41 - 2020-09-11 12:41 - 000842240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Language.dll
2020-09-11 12:41 - 2020-09-11 12:41 - 000823752 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2020-09-11 12:41 - 2020-09-11 12:41 - 000822784 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2020-09-11 12:41 - 2020-09-11 12:41 - 000777216 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2020-09-11 12:41 - 2020-09-11 12:41 - 000661832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2020-09-11 12:41 - 2020-09-11 12:41 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SppExtComObj.Exe
2020-09-11 12:41 - 2020-09-11 12:41 - 000578048 _____ (Microsoft Corporation) C:\WINDOWS\system32\ddraw.dll
2020-09-11 12:41 - 2020-09-11 12:41 - 000561464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2020-09-11 12:41 - 2020-09-11 12:41 - 000544336 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2020-09-11 12:41 - 2020-09-11 12:41 - 000533504 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2020-09-11 12:41 - 2020-09-11 12:41 - 000525824 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2020-09-11 12:41 - 2020-09-11 12:41 - 000516608 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2020-09-11 12:41 - 2020-09-11 12:41 - 000510792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64win.dll
2020-09-11 12:41 - 2020-09-11 12:41 - 000506880 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputSwitch.dll
2020-09-11 12:41 - 2020-09-11 12:41 - 000492032 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2020-09-11 12:41 - 2020-09-11 12:41 - 000477496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2020-09-11 12:41 - 2020-09-11 12:41 - 000457016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2020-09-11 12:41 - 2020-09-11 12:41 - 000444416 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2020-09-11 12:41 - 2020-09-11 12:41 - 000435200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll
2020-09-11 12:41 - 2020-09-11 12:41 - 000400696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2020-09-11 12:41 - 2020-09-11 12:41 - 000392704 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
2020-09-11 12:41 - 2020-09-11 12:41 - 000382464 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppLockerCSP.dll
2020-09-11 12:41 - 2020-09-11 12:41 - 000372536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msrpc.sys
2020-09-11 12:41 - 2020-09-11 12:41 - 000365056 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovs.dll
2020-09-11 12:41 - 2020-09-11 12:41 - 000356160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthAgent.dll
2020-09-11 12:41 - 2020-09-11 12:41 - 000353792 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2020-09-11 12:41 - 2020-09-11 12:41 - 000332800 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
2020-09-11 12:41 - 2020-09-11 12:41 - 000324408 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2020-09-11 12:41 - 2020-09-11 12:41 - 000315904 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenterprisediagnostics.dll
2020-09-11 12:41 - 2020-09-11 12:41 - 000308736 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2020-09-11 12:41 - 2020-09-11 12:41 - 000293376 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll
2020-09-11 12:41 - 2020-09-11 12:41 - 000291840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ahcache.sys
2020-09-11 12:41 - 2020-09-11 12:41 - 000278016 _____ (Microsoft Corporation) C:\WINDOWS\system32\pdh.dll
2020-09-11 12:41 - 2020-09-11 12:41 - 000260408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2020-09-11 12:41 - 2020-09-11 12:41 - 000254776 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinesam.dll
2020-09-11 12:41 - 2020-09-11 12:41 - 000253952 _____ (Microsoft Corporation) C:\WINDOWS\system32\BitLockerCsp.dll
2020-09-11 12:41 - 2020-09-11 12:41 - 000224768 _____ (Microsoft Corporation) C:\WINDOWS\system32\TabSvc.dll
2020-09-11 12:41 - 2020-09-11 12:41 - 000213824 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspicli.dll
2020-09-11 12:41 - 2020-09-11 12:41 - 000205640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys
2020-09-11 12:41 - 2020-09-11 12:41 - 000197632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Win32CompatibilityAppraiserCSP.dll
2020-09-11 12:41 - 2020-09-11 12:41 - 000179512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2020-09-11 12:41 - 2020-09-11 12:41 - 000159232 _____ (Microsoft Corporation) C:\WINDOWS\system32\srpapi.dll
2020-09-11 12:41 - 2020-09-11 12:41 - 000158720 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidpolicyconverter.exe
2020-09-11 12:41 - 2020-09-11 12:41 - 000146248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecdd.sys
2020-09-11 12:41 - 2020-09-11 12:41 - 000132408 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinelsa.dll
2020-09-11 12:41 - 2020-09-11 12:41 - 000131896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mup.sys
2020-09-11 12:41 - 2020-09-11 12:41 - 000125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2020-09-11 12:41 - 2020-09-11 12:41 - 000123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptcatsvc.dll
2020-09-11 12:41 - 2020-09-11 12:41 - 000122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\samlib.dll
2020-09-11 12:41 - 2020-09-11 12:41 - 000108856 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthProxyStub.dll
2020-09-11 12:41 - 2020-09-11 12:41 - 000105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\utcutil.dll
2020-09-11 12:41 - 2020-09-11 12:41 - 000102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidsvc.dll
2020-09-11 12:41 - 2020-09-11 12:41 - 000092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc.dll
2020-09-11 12:41 - 2020-09-11 12:41 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2020-09-11 12:41 - 2020-09-11 12:41 - 000079576 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidapi.dll
2020-09-11 12:41 - 2020-09-11 12:41 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc6.dll
2020-09-11 12:41 - 2020-09-11 12:41 - 000066872 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostBroker.exe
2020-09-11 12:41 - 2020-09-11 12:41 - 000063296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthHost.exe
2020-09-11 12:41 - 2020-09-11 12:41 - 000061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
2020-09-11 12:41 - 2020-09-11 12:41 - 000061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\edpnotify.exe
2020-09-11 12:41 - 2020-09-11 12:41 - 000059392 _____ C:\WINDOWS\system32\runexehelper.exe
2020-09-11 12:41 - 2020-09-11 12:41 - 000057888 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsass.exe
2020-09-11 12:41 - 2020-09-11 12:41 - 000052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2020-09-11 12:41 - 2020-09-11 12:41 - 000047104 _____ (Microsoft Corporation) C:\WINDOWS\system32\perfctrs.dll
2020-09-11 12:41 - 2020-09-11 12:41 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\perfproc.dll
2020-09-11 12:41 - 2020-09-11 12:41 - 000041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\perfdisk.dll
2020-09-11 12:41 - 2020-09-11 12:41 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\perfos.dll
2020-09-11 12:41 - 2020-09-11 12:41 - 000029184 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspisrv.dll
2020-09-11 12:41 - 2020-09-11 12:41 - 000026624 _____ (Microsoft Corporation) C:\WINDOWS\system32\perfnet.dll
2020-09-11 12:41 - 2020-09-11 12:41 - 000025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidtel.exe
2020-09-11 12:41 - 2020-09-11 12:41 - 000019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidcertstorecheck.exe
2020-09-11 12:41 - 2020-09-11 12:41 - 000018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\applockerfltr.sys
2020-09-11 12:41 - 2020-09-11 12:41 - 000015872 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDJPN.DLL
2020-09-11 12:41 - 2020-09-11 12:41 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\dciman32.dll
2020-09-11 12:41 - 2020-09-11 12:41 - 000008704 _____ (Microsoft Corporation) C:\WINDOWS\system32\kbd106.dll
2020-09-11 12:41 - 2020-09-11 12:41 - 000008192 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimg32.dll
2020-09-11 12:41 - 2020-09-11 12:41 - 000008192 _____ (Microsoft Corporation) C:\WINDOWS\system32\kbd106n.dll
2020-09-11 12:41 - 2020-09-11 12:41 - 000008192 _____ (Microsoft Corporation) C:\WINDOWS\system32\kbd101.dll
2020-09-11 12:41 - 2020-09-11 12:41 - 000003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpk.dll
2020-09-11 12:41 - 2020-09-11 12:41 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2020-09-11 12:41 - 2020-09-11 12:41 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tier2punctuations.dll
2020-09-11 12:41 - 2020-09-11 12:41 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3r.dll
2020-09-11 12:40 - 2020-09-11 12:40 - 007910152 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2020-09-11 12:40 - 2020-09-11 12:40 - 007845080 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2020-09-11 12:40 - 2020-09-11 12:40 - 007582768 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2020-09-11 12:40 - 2020-09-11 12:40 - 006233080 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2020-09-11 12:40 - 2020-09-11 12:40 - 006170624 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2020-09-11 12:40 - 2020-09-11 12:40 - 005284328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2020-09-11 12:40 - 2020-09-11 12:40 - 004005888 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2020-09-11 12:40 - 2020-09-11 12:40 - 003727872 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2020-09-11 12:40 - 2020-09-11 12:40 - 003714048 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2020-09-11 12:40 - 2020-09-11 12:40 - 003581240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2020-09-11 12:40 - 2020-09-11 12:40 - 003265024 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2020-09-11 12:40 - 2020-09-11 12:40 - 003136000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2020-09-11 12:40 - 2020-09-11 12:40 - 003084800 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2020-09-11 12:40 - 2020-09-11 12:40 - 002870784 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2020-09-11 12:40 - 2020-09-11 12:40 - 002711552 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2020-09-11 12:40 - 2020-09-11 12:40 - 002483712 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll
2020-09-11 12:40 - 2020-09-11 12:40 - 002454904 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2020-09-11 12:40 - 2020-09-11 12:40 - 002291712 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2020-09-11 12:40 - 2020-09-11 12:40 - 002260824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2020-09-11 12:40 - 2020-09-11 12:40 - 002073600 _____ (Microsoft Corporation) C:\WINDOWS\system32\ISM.dll
2020-09-11 12:40 - 2020-09-11 12:40 - 002060288 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdprt.dll
2020-09-11 12:40 - 2020-09-11 12:40 - 001942016 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2020-09-11 12:40 - 2020-09-11 12:40 - 001918464 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2020-09-11 12:40 - 2020-09-11 12:40 - 001885184 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2020-09-11 12:40 - 2020-09-11 12:40 - 001784832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2020-09-11 12:40 - 2020-09-11 12:40 - 001767424 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2020-09-11 12:40 - 2020-09-11 12:40 - 001751040 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2020-09-11 12:40 - 2020-09-11 12:40 - 001746232 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2020-09-11 12:40 - 2020-09-11 12:40 - 001522176 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowManagement.dll
2020-09-11 12:40 - 2020-09-11 12:40 - 001499136 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2020-09-11 12:40 - 2020-09-11 12:40 - 001486848 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocoreworker.exe
2020-09-11 12:40 - 2020-09-11 12:40 - 001485824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Vpn.dll
2020-09-11 12:40 - 2020-09-11 12:40 - 001274128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryPS.dll
2020-09-11 12:40 - 2020-09-11 12:40 - 001182720 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2020-09-11 12:40 - 2020-09-11 12:40 - 001182208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2020-09-11 12:40 - 2020-09-11 12:40 - 001149712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2020-09-11 12:40 - 2020-09-11 12:40 - 001092096 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2020-09-11 12:40 - 2020-09-11 12:40 - 001008952 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2020-09-11 12:40 - 2020-09-11 12:40 - 000981320 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2020-09-11 12:40 - 2020-09-11 12:40 - 000978232 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCPKsp.dll
2020-09-11 12:40 - 2020-09-11 12:40 - 000944680 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2020-09-11 12:40 - 2020-09-11 12:40 - 000874296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2020-09-11 12:40 - 2020-09-11 12:40 - 000851968 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2020-09-11 12:40 - 2020-09-11 12:40 - 000841216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2020-09-11 12:40 - 2020-09-11 12:40 - 000817152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\PEAuth.sys
2020-09-11 12:40 - 2020-09-11 12:40 - 000750080 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2020-09-11 12:40 - 2020-09-11 12:40 - 000722072 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2020-09-11 12:40 - 2020-09-11 12:40 - 000716304 _____ (Microsoft Corporation) C:\WINDOWS\system32\StateRepository.Core.dll
2020-09-11 12:40 - 2020-09-11 12:40 - 000675840 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2020-09-11 12:40 - 2020-09-11 12:40 - 000648192 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpsvc.dll
2020-09-11 12:40 - 2020-09-11 12:40 - 000621568 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2020-09-11 12:40 - 2020-09-11 12:40 - 000602112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Payments.dll
2020-09-11 12:40 - 2020-09-11 12:40 - 000555320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Vid.sys
2020-09-11 12:40 - 2020-09-11 12:40 - 000550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2020-09-11 12:40 - 2020-09-11 12:40 - 000544256 _____ (Microsoft Corporation) C:\WINDOWS\system32\usosvc.dll
2020-09-11 12:40 - 2020-09-11 12:40 - 000530432 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2020-09-11 12:40 - 2020-09-11 12:40 - 000521728 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpusersvc.dll
2020-09-11 12:40 - 2020-09-11 12:40 - 000460192 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2020-09-11 12:40 - 2020-09-11 12:40 - 000441152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2020-09-11 12:40 - 2020-09-11 12:40 - 000434176 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountExtension.dll
2020-09-11 12:40 - 2020-09-11 12:40 - 000419328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Lights.dll
2020-09-11 12:40 - 2020-09-11 12:40 - 000401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2020-09-11 12:40 - 2020-09-11 12:40 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2020-09-11 12:40 - 2020-09-11 12:40 - 000379904 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2020-09-11 12:40 - 2020-09-11 12:40 - 000375096 _____ (Microsoft Corporation) C:\WINDOWS\system32\thumbcache.dll
2020-09-11 12:40 - 2020-09-11 12:40 - 000368128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2020-09-11 12:40 - 2020-09-11 12:40 - 000363128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2020-09-11 12:40 - 2020-09-11 12:40 - 000312832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2020-09-11 12:40 - 2020-09-11 12:40 - 000294400 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2020-09-11 12:40 - 2020-09-11 12:40 - 000279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2020-09-11 12:40 - 2020-09-11 12:40 - 000279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\smbwmiv2.dll
2020-09-11 12:40 - 2020-09-11 12:40 - 000273208 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostUser.dll
2020-09-11 12:40 - 2020-09-11 12:40 - 000271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2020-09-11 12:40 - 2020-09-11 12:40 - 000265216 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2020-09-11 12:40 - 2020-09-11 12:40 - 000259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\VPNv2CSP.dll
2020-09-11 12:40 - 2020-09-11 12:40 - 000256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateDeploymentProvider.dll
2020-09-11 12:40 - 2020-09-11 12:40 - 000255488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnservice.dll
2020-09-11 12:40 - 2020-09-11 12:40 - 000250680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
2020-09-11 12:40 - 2020-09-11 12:40 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2020-09-11 12:40 - 2020-09-11 12:40 - 000233472 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2020-09-11 12:40 - 2020-09-11 12:40 - 000232960 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2020-09-11 12:40 - 2020-09-11 12:40 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallServiceTasks.dll
2020-09-11 12:40 - 2020-09-11 12:40 - 000224072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelppm.sys
2020-09-11 12:40 - 2020-09-11 12:40 - 000209920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2020-09-11 12:40 - 2020-09-11 12:40 - 000209216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2020-09-11 12:40 - 2020-09-11 12:40 - 000208712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\processr.sys
2020-09-11 12:40 - 2020-09-11 12:40 - 000208384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryUpgrade.dll
2020-09-11 12:40 - 2020-09-11 12:40 - 000204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2020-09-11 12:40 - 2020-09-11 12:40 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2020-09-11 12:40 - 2020-09-11 12:40 - 000201544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\amdppm.sys
2020-09-11 12:40 - 2020-09-11 12:40 - 000200704 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2020-09-11 12:40 - 2020-09-11 12:40 - 000200008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\amdk8.sys
2020-09-11 12:40 - 2020-09-11 12:40 - 000160256 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
2020-09-11 12:40 - 2020-09-11 12:40 - 000150528 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapistub.dll
2020-09-11 12:40 - 2020-09-11 12:40 - 000150528 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapi32.dll
2020-09-11 12:40 - 2020-09-11 12:40 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2020-09-11 12:40 - 2020-09-11 12:40 - 000142152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2020-09-11 12:40 - 2020-09-11 12:40 - 000129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\UtcDecoderHost.exe
2020-09-11 12:40 - 2020-09-11 12:40 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssitlb.dll
2020-09-11 12:40 - 2020-09-11 12:40 - 000127064 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2020-09-11 12:40 - 2020-09-11 12:40 - 000121856 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2020-09-11 12:40 - 2020-09-11 12:40 - 000121856 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatecsp.dll
2020-09-11 12:40 - 2020-09-11 12:40 - 000120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
2020-09-11 12:40 - 2020-09-11 12:40 - 000108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanprotdim.dll
2020-09-11 12:40 - 2020-09-11 12:40 - 000104248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
2020-09-11 12:40 - 2020-09-11 12:40 - 000102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\NFCProvisioningPlugin.dll
2020-09-11 12:40 - 2020-09-11 12:40 - 000097792 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdatastore.dll
2020-09-11 12:40 - 2020-09-11 12:40 - 000091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll
2020-09-11 12:40 - 2020-09-11 12:40 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\BarcodeProvisioningPlugin.dll
2020-09-11 12:40 - 2020-09-11 12:40 - 000084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe
2020-09-11 12:40 - 2020-09-11 12:40 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\CustomInstallExec.exe
2020-09-11 12:40 - 2020-09-11 12:40 - 000066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemovableMediaProvisioningPlugin.dll
2020-09-11 12:40 - 2020-09-11 12:40 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\tbauth.dll
2020-09-11 12:40 - 2020-09-11 12:40 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\msscntrs.dll
2020-09-11 12:40 - 2020-09-11 12:40 - 000059192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storufs.sys
2020-09-11 12:40 - 2020-09-11 12:40 - 000057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2020-09-11 12:40 - 2020-09-11 12:40 - 000047008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2020-09-11 12:40 - 2020-09-11 12:40 - 000045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryCore.dll
2020-09-11 12:40 - 2020-09-11 12:40 - 000045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\cmintegrator.dll
2020-09-11 12:40 - 2020-09-11 12:40 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerCookies.exe
2020-09-11 12:40 - 2020-09-11 12:40 - 000036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BtaMPM.sys
2020-09-11 12:40 - 2020-09-11 12:40 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Provisioning.ProxyStub.dll
2020-09-11 12:40 - 2020-09-11 12:40 - 000031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\FaxPrinterInstaller.dll
2020-09-11 12:40 - 2020-09-11 12:40 - 000030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\KNetPwrDepBroker.sys
2020-09-11 12:40 - 2020-09-11 12:40 - 000021504 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdiagnostics.dll
2020-09-11 12:40 - 2020-09-11 12:40 - 000021504 _____ (Microsoft Corporation) C:\WINDOWS\system32\fixmapi.exe
2020-09-11 12:40 - 2020-09-11 12:40 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6r.dll
2020-09-11 11:58 - 2020-09-11 11:59 - 000492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2020-09-11 11:58 - 2020-09-11 11:59 - 000390656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2020-09-08 22:03 - 2020-09-08 22:03 - 000002729 _____ C:\Users\usuario\Desktop\Google Drive.lnk
2020-09-08 22:03 - 2020-09-08 22:03 - 000000000 ____D C:\Users\usuario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome
2020-09-08 22:01 - 2020-09-08 22:04 - 000000000 ____D C:\Program Files\Easy Duplicate Finder 7
2020-09-08 22:01 - 2020-09-08 22:03 - 000000000 ____D C:\Users\usuario\AppData\Roaming\EasyDuplicateFinder
2020-09-08 22:01 - 2020-09-08 22:01 - 000000000 ____D C:\ProgramData\EasyDuplicateFinder
2020-09-07 09:42 - 2020-09-14 11:44 - 000002114 _____ C:\Users\usuario\Desktop\TACTICA.lnk
2020-09-07 09:42 - 2020-09-07 09:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TACTICA
2020-09-06 06:22 - 2020-09-06 06:22 - 000001364 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk
2020-09-06 06:22 - 2020-09-06 06:22 - 000001352 _____ C:\Users\Public\Desktop\Adobe Creative Cloud.lnk
2020-09-05 22:41 - 2020-09-05 22:41 - 000001088 _____ C:\Users\Public\Desktop\BleachBit.lnk
2020-09-05 22:41 - 2020-09-05 22:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BleachBit
2020-09-05 22:05 - 2020-09-11 14:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
2020-09-05 22:05 - 2020-09-05 22:05 - 000002493 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2020-09-05 22:05 - 2020-09-05 22:05 - 000002492 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2020-09-05 22:05 - 2020-09-05 22:05 - 000002456 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2020-09-05 22:05 - 2020-09-05 22:05 - 000002455 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2020-09-05 22:05 - 2020-09-05 22:05 - 000002449 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2020-09-05 22:05 - 2020-09-05 22:05 - 000002443 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
2020-09-05 22:05 - 2020-09-05 22:05 - 000002435 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote.lnk
2020-09-05 21:46 - 2020-09-05 21:46 - 000000000 ____D C:\Program Files\TAP-Windows
2020-09-05 21:40 - 2020-09-05 21:41 - 000000000 ____D C:\ProgramData\KMSAuto
2020-09-05 21:33 - 2020-09-05 21:33 - 000000000 ____D C:\Users\usuario\Documents\Plantillas personalizadas de Office
2020-09-05 21:20 - 2014-08-08 13:31 - 000027136 _____ (The OpenVPN Project) C:\WINDOWS\system32\Drivers\ptun0901.sys
2020-09-05 21:05 - 2020-09-05 21:05 - 000000000 ____D C:\Users\usuario\AppData\Local\OneDrive
2020-09-04 06:25 - 2020-09-11 11:55 - 000003380 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1655116526-72280640-3654168884-1001
2020-09-04 05:19 - 2020-09-04 05:19 - 000000000 ____D C:\Program Files\Microsoft Office 15
2020-08-28 09:32 - 2020-08-28 09:32 - 000002493 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Illustrator 2020.lnk
2020-08-27 04:58 - 2020-08-27 18:54 - 000000000 ____D C:\Users\usuario\Documents\A INFORME DIARIO PARA FERNANDO
2020-08-24 09:31 - 2020-08-24 09:31 - 000001064 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop 2020.lnk
2020-08-20 05:42 - 2020-08-20 05:42 - 000000000 ____D C:\Users\usuario\Documents\QUINCENAS
2020-08-20 05:24 - 2020-08-20 05:24 - 000000000 ____D C:\Users\usuario\Documents\YOU TUBE
2020-08-19 22:56 - 2020-08-19 22:58 - 000030720 _____ C:\Users\usuario\Desktop\1era agosto2.xls
2020-08-19 22:52 - 2020-08-19 23:45 - 000037376 _____ C:\Users\usuario\Desktop\1era agosto.xls

==================== Un mes (modificado) ==================

(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)

2020-09-17 14:58 - 2018-06-14 12:19 - 000000000 ____D C:\Users\usuario\AppData\Local\D3DSCache
2020-09-17 08:16 - 2019-03-19 01:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-09-17 07:40 - 2019-10-04 21:10 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2020-09-17 07:36 - 2019-09-21 18:57 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-09-16 22:05 - 2019-09-21 19:07 - 000000000 ____D C:\Users\usuario
2020-09-16 21:01 - 2019-03-19 01:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-09-16 20:46 - 2019-09-21 19:26 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-09-16 20:46 - 2018-03-21 17:26 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2020-09-16 19:34 - 2020-06-27 20:19 - 000000000 ____D C:\Users\usuario\Documents\Archivos de Outlook
2020-09-16 16:20 - 2018-03-20 23:52 - 000000000 ____D C:\Users\usuario\Desktop\DISEÑO GRAFICO
2020-09-16 00:22 - 2018-08-29 06:33 - 000000000 ____D C:\Users\usuario\Documents\LEGALES
2020-09-15 21:58 - 2018-03-20 16:15 - 000000000 ____D C:\Users\usuario\AppData\Local\Packages
2020-09-15 21:12 - 2018-03-07 03:55 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2020-09-15 21:08 - 2019-02-01 13:39 - 000000674 _____ C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-1655116526-72280640-3654168884-1001.job
2020-09-15 21:08 - 2019-02-01 13:39 - 000000578 _____ C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-1655116526-72280640-3654168884-1001.job
2020-09-15 21:07 - 2019-03-19 01:37 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2020-09-15 21:04 - 2020-05-26 21:27 - 000000000 ____D C:\ProgramData\boost_interprocess
2020-09-15 16:41 - 2018-04-02 08:17 - 000000000 ____D C:\Users\usuario\Documents\CLIENTES
2020-09-15 07:19 - 2020-07-08 09:05 - 000000000 ____D C:\WINDOWS\system32\Tasks\NCH Software
2020-09-15 03:00 - 2019-03-19 01:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-09-15 01:01 - 2019-03-19 01:52 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2020-09-14 23:09 - 2020-04-09 17:26 - 000000800 _____ C:\Users\usuario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk
2020-09-14 11:59 - 2018-03-28 13:00 - 000000541 _____ C:\WINDOWS\ODBC.INI
2020-09-14 11:29 - 2018-05-06 15:02 - 000000000 ____D C:\Users\usuario\Documents\AA-WASAP
2020-09-14 10:39 - 2020-07-04 04:43 - 000000000 ____D C:\Users\usuario\Documents\AA-Don Web Mail Masivos
2020-09-14 06:52 - 2019-09-21 19:26 - 000003844 _____ C:\WINDOWS\system32\Tasks\G2MUploadTask-S-1-5-21-1655116526-72280640-3654168884-1001
2020-09-14 06:52 - 2019-09-21 19:26 - 000003748 _____ C:\WINDOWS\system32\Tasks\G2MUpdateTask-S-1-5-21-1655116526-72280640-3654168884-1001
2020-09-14 06:52 - 2019-02-01 13:39 - 000000000 ____D C:\Users\usuario\AppData\Local\GoToMeeting
2020-09-14 06:42 - 2019-03-19 01:52 - 000000000 ___HD C:\Program Files\WindowsApps
2020-09-13 20:13 - 2019-03-19 01:50 - 000000000 ____D C:\WINDOWS\INF
2020-09-13 12:17 - 2018-09-25 13:59 - 000002434 _____ C:\Users\usuario\Desktop\Roberto - Chrome.lnk
2020-09-13 11:06 - 2019-03-19 01:52 - 000000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2020-09-13 11:06 - 2019-03-19 01:52 - 000000000 ____D C:\WINDOWS\system32\inetsrv
2020-09-13 11:06 - 2019-03-19 01:52 - 000000000 ____D C:\WINDOWS\schemas
2020-09-13 07:18 - 2018-06-14 12:11 - 000000000 ____D C:\Users\usuario\AppData\Roaming\uTorrent
2020-09-13 02:18 - 2020-04-01 15:44 - 000000000 ____D C:\Users\usuario\.dbus-keyrings
2020-09-13 02:15 - 2020-04-09 10:07 - 000000000 ____D C:\Program Files (x86)\AnyDesk
2020-09-13 02:13 - 2019-03-19 02:00 - 000562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqutil.dll
2020-09-13 02:13 - 2019-03-19 01:57 - 000128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqlogmgr.dll
2020-09-13 02:12 - 2020-06-10 03:35 - 000332800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa.dll
2020-09-13 02:12 - 2020-06-10 03:35 - 000264192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa.dll
2020-09-13 02:12 - 2019-03-19 02:00 - 000605184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqsnap.dll
2020-09-13 02:12 - 2019-03-19 02:00 - 000159232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqrt.dll
2020-09-13 02:12 - 2019-03-19 02:00 - 000096256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa.tlb
2020-09-13 02:12 - 2019-03-19 02:00 - 000090624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa30.tlb
2020-09-13 02:12 - 2019-03-19 02:00 - 000055296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa20.tlb
2020-09-13 02:12 - 2019-03-19 02:00 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa10.tlb
2020-09-13 02:12 - 2019-03-19 02:00 - 000014848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqcertui.dll
2020-09-13 02:12 - 2019-03-19 02:00 - 000009096 _____ C:\WINDOWS\SysWOW64\msmqtrc.mof
2020-09-13 02:12 - 2019-03-19 01:58 - 001401344 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqqm.dll
2020-09-13 02:12 - 2019-03-19 01:58 - 000783872 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqsnap.dll
2020-09-13 02:12 - 2019-03-19 01:58 - 000564224 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqutil.dll
2020-09-13 02:12 - 2019-03-19 01:58 - 000230912 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqrt.dll
2020-09-13 02:12 - 2019-03-19 01:58 - 000185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mqac.sys
2020-09-13 02:12 - 2019-03-19 01:58 - 000096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa.tlb
2020-09-13 02:12 - 2019-03-19 01:58 - 000090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa30.tlb
2020-09-13 02:12 - 2019-03-19 01:58 - 000055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa20.tlb
2020-09-13 02:12 - 2019-03-19 01:58 - 000054784 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqbkup.exe
2020-09-13 02:12 - 2019-03-19 01:58 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa10.tlb
2020-09-13 02:12 - 2019-03-19 01:58 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqsvc.exe
2020-09-13 02:12 - 2019-03-19 01:58 - 000018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqcertui.dll
2020-09-13 02:12 - 2019-03-19 01:58 - 000009096 _____ C:\WINDOWS\system32\msmqtrc.mof
2020-09-13 02:03 - 2019-12-12 15:14 - 000567824 _____ (Microsoft Corporation) C:\WINDOWS\system32\VmEmulatedStorage.dll
2020-09-13 02:03 - 2019-03-19 01:58 - 000028160 _____ (Microsoft Corporation) C:\WINDOWS\system32\RdvgmProxy.dll
2020-09-13 02:03 - 2019-03-19 01:57 - 000088888 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmhgs.dll
2020-09-13 02:03 - 2019-03-19 01:56 - 000179792 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmsp.exe
2020-09-13 02:03 - 2019-03-19 01:56 - 000062264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pcip.sys
2020-09-13 02:02 - 2020-08-13 07:41 - 000593728 _____ (Microsoft Corporation) C:\WINDOWS\system32\vsconfig.dll
2020-09-13 02:02 - 2020-08-13 07:41 - 000523584 _____ (Microsoft Corporation) C:\WINDOWS\system32\VmDataStore.dll
2020-09-13 02:02 - 2020-05-15 00:05 - 004710912 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdvgm.exe
2020-09-13 02:02 - 2019-09-21 23:13 - 000211256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmsvcext.sys
2020-09-13 02:02 - 2019-03-19 02:00 - 000020992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RdvgmProxy.dll
2020-09-13 02:02 - 2019-03-19 01:58 - 000076328 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtpm.dll
2020-09-13 02:02 - 2019-03-19 01:57 - 000150528 _____ (Microsoft Corporation) C:\WINDOWS\system32\hgclientservice.dll
2020-09-13 02:02 - 2019-03-19 01:57 - 000056832 _____ C:\WINDOWS\system32\hgsclientplugin.dll
2020-09-13 02:02 - 2019-03-19 01:57 - 000035640 _____ (Microsoft Corporation) C:\WINDOWS\system32\RdvGpuInfo.dll
2020-09-13 02:02 - 2019-03-19 01:57 - 000035640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\lunparser.sys
2020-09-13 02:02 - 2019-03-19 01:57 - 000016384 _____ C:\WINDOWS\system32\hgclientserviceps.dll
2020-09-13 02:02 - 2019-03-19 01:56 - 000203064 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmtpm.dll
2020-09-13 02:02 - 2019-03-19 01:56 - 000012088 _____ (Microsoft Corporation) C:\WINDOWS\system32\f1db7d81-95be-4911-935a-8ab71629112a_vmsvcext_sys.dll
2020-09-13 02:01 - 2019-09-21 23:13 - 000343712 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmEngUM.dll
2020-09-13 02:01 - 2019-03-19 01:57 - 001577538 _____ C:\WINDOWS\system32\WindowsVirtualization.V2.mof
2020-09-13 02:01 - 2019-03-19 01:57 - 000749568 _____ C:\WINDOWS\system32\hgattest.dll`Texto preformateado`
2020-09-13 02:01 - 2019-03-19 01:57 - 000224264 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmsynthfcvdev.dll
2020-09-13 02:01 - 2019-03-19 01:57 - 000195112 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmicrdv.dll
2020-09-13 02:01 - 2019-03-19 01:57 - 000153400 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmdebug.dll
2020-09-13 02:01 - 2019-03-19 01:57 - 000057656 _____ (Microsoft Corporation) C:\WINDOWS\system32\HyperVSysprepProvider.dll
2020-09-13 02:01 - 2019-03-19 01:57 - 000043440 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmplatformca.exe
2020-09-13 02:01 - 2019-03-19 01:57 - 000038400 _____ (Microsoft Corporation) C:\WINDOWS\system32\AttestationWmiProvider.dll
2020-09-13 02:01 - 2019-03-19 01:57 - 000015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\HostGuardianServiceClientResources.dll
2020-09-13 02:01 - 2019-03-19 01:56 - 001316152 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmemulateddevices.dll
2020-09-13 02:01 - 2019-03-19 01:56 - 000385848 _____ (Microsoft Corporation) C:\WINDOWS\system32\VmEmulatedNic.dll
2020-09-13 02:01 - 2019-03-19 01:56 - 000278840 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmicvdev.dll
2020-09-13 02:01 - 2019-03-19 01:56 - 000107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Synth3dVsp.sys
2020-09-13 02:01 - 2019-03-19 01:56 - 000073528 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmmsprox.dll
2020-09-13 02:00 - 2019-03-19 01:57 - 001151540 _____ C:\WINDOWS\system32\WindowsHyperVCluster.V2.mof
2020-09-13 02:00 - 2019-03-19 01:57 - 000324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmsynth3dvideo.dll
2020-09-13 02:00 - 2019-03-19 01:57 - 000041784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ramparser.sys
2020-09-13 02:00 - 2019-03-19 01:57 - 000019968 _____ (Microsoft Corporation) C:\WINDOWS\system32\synth3dvideoproxy.dll
2020-09-13 02:00 - 2019-03-19 01:56 - 000209936 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpcievdev.dll
2020-09-13 02:00 - 2019-03-19 01:56 - 000173368 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvc.exe
2020-09-13 01:18 - 2019-03-19 01:59 - 000800256 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmconnect.exe
2020-09-13 01:18 - 2019-03-19 01:57 - 000144967 _____ C:\WINDOWS\system32\virtmgmt.msc
2020-09-13 01:17 - 2019-03-19 01:57 - 000241664 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemoteFileBrowse.dll
2020-09-13 01:17 - 2019-03-19 01:56 - 000047104 _____ C:\WINDOWS\system32\vmstaging.dll
2020-09-13 01:16 - 2019-03-19 02:00 - 000034304 _____ C:\WINDOWS\SysWOW64\vmstaging.dll
2020-09-12 23:40 - 2019-09-21 19:16 - 002067530 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-09-12 23:40 - 2019-03-19 08:59 - 000900804 _____ C:\WINDOWS\system32\perfh00A.dat
2020-09-12 23:40 - 2019-03-19 08:59 - 000203896 _____ C:\WINDOWS\system32\perfc00A.dat
2020-09-12 23:11 - 2019-03-19 01:52 - 000000000 ____D C:\WINDOWS\SystemResources
2020-09-12 23:10 - 2019-03-19 08:59 - 000000000 ____D C:\WINDOWS\system32\es
2020-09-12 23:09 - 2019-03-19 01:52 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2020-09-12 23:08 - 2019-03-19 01:52 - 000000000 ____D C:\WINDOWS\SystemApps
2020-09-12 23:08 - 2019-03-19 01:52 - 000000000 ____D C:\WINDOWS\security
2020-09-12 23:04 - 2019-09-21 19:03 - 000023552 _____ (Khronos Group) C:\WINDOWS\SysWOW64\opencl.dll
2020-09-12 23:03 - 2019-03-19 02:00 - 000181760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PeerDist.dll
2020-09-12 23:02 - 2020-07-16 03:03 - 000012288 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemoteFXvGPUDisablement.exe
2020-09-12 23:02 - 2020-05-15 00:05 - 000109056 _____ C:\WINDOWS\system32\RDVGHelper.exe
2020-09-12 23:02 - 2019-03-19 01:59 - 000221696 _____ (Microsoft Corporation) C:\WINDOWS\system32\tscfgwmi.dll
2020-09-12 23:02 - 2019-03-19 01:57 - 000223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuditNativeSnapIn.dll
2020-09-12 23:02 - 2019-03-19 01:57 - 000147439 _____ C:\WINDOWS\system32\gpedit.msc
2020-09-12 23:02 - 2019-03-19 01:57 - 000095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\auditpolmsg.dll
2020-09-12 23:02 - 2019-03-19 01:57 - 000074240 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuditPolicyGPInterop.dll
2020-09-12 23:02 - 2019-03-19 01:57 - 000043566 _____ C:\WINDOWS\system32\rsop.msc
2020-09-12 23:01 - 2020-02-18 14:43 - 000805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscui.dll
2020-09-12 23:01 - 2019-03-19 02:00 - 000219136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AuditNativeSnapIn.dll
2020-09-12 23:01 - 2019-03-19 02:00 - 000095744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\auditpolmsg.dll
2020-09-12 23:01 - 2019-03-19 02:00 - 000056832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AuditPolicyGPInterop.dll
2020-09-12 23:01 - 2019-03-19 01:59 - 000040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SrpUxNativeSnapIn.dll
2020-09-12 23:01 - 2019-03-19 01:58 - 000373760 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdechangepin.exe
2020-09-12 23:01 - 2019-03-19 01:58 - 000162104 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvsigpext.dll
2020-09-12 23:00 - 2020-05-15 00:05 - 001719336 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntVirtualization.dll
2020-09-12 23:00 - 2020-05-15 00:05 - 001616912 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVIntegration.dll
2020-09-12 23:00 - 2020-05-15 00:05 - 001047568 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPolicy.dll
2020-09-12 23:00 - 2020-05-15 00:05 - 000959800 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVManifest.dll
2020-09-12 23:00 - 2020-05-15 00:05 - 000827192 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVOrchestration.dll
2020-09-12 23:00 - 2020-05-15 00:05 - 000816952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntStreamingManager.dll
2020-09-12 23:00 - 2020-05-15 00:05 - 000743224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVReporting.dll
2020-09-12 23:00 - 2020-05-15 00:05 - 000666424 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVCatalog.dll
2020-09-12 23:00 - 2020-05-15 00:05 - 000649016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPublishing.dll
2020-09-12 23:00 - 2020-05-15 00:05 - 000494904 _____ (Microsoft Corporation) C:\WINDOWS\system32\TransportDSA.dll
2020-09-12 23:00 - 2020-05-15 00:05 - 000396088 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVScripting.dll
2020-09-12 23:00 - 2020-05-15 00:05 - 000259384 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVFileSystemMetadata.dll
2020-09-12 23:00 - 2020-05-15 00:05 - 000231224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVShNotify.exe
2020-09-12 23:00 - 2020-05-15 00:05 - 000230416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVStreamMap.dll
2020-09-12 23:00 - 2020-05-15 00:05 - 000202552 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVStreamingUX.dll
2020-09-12 23:00 - 2020-05-15 00:05 - 000181560 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVDllSurrogate.exe
2020-09-12 23:00 - 2020-05-15 00:05 - 000172856 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVNice.exe
2020-09-12 23:00 - 2020-05-15 00:05 - 000133632 _____ (Microsoft Corporation) C:\WINDOWS\system32\appvetwclientres.dll
2020-09-12 23:00 - 2020-05-15 00:05 - 000037688 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncAppvPublishingServer.exe
2020-09-12 23:00 - 2020-05-15 00:05 - 000022032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ScriptRunner.exe
2020-09-12 23:00 - 2020-05-15 00:05 - 000013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\appvetwstreamingux.dll
2020-09-12 23:00 - 2019-03-19 01:57 - 000151040 _____ C:\WINDOWS\system32\uwfcsp.dll
2020-09-12 23:00 - 2019-03-19 01:57 - 000118784 _____ C:\WINDOWS\system32\uwfcfgmgmt.dll
2020-09-12 22:59 - 2019-11-14 14:09 - 000013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\UevTemplateBaselineGenerator.exe
2020-09-12 22:59 - 2019-11-14 14:09 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\system32\UevTemplateConfigItemGenerator.exe
2020-09-12 22:59 - 2019-11-14 14:07 - 002158080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.ModernAppAgent.dll
2020-09-12 22:59 - 2019-11-14 14:07 - 001182720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.CommonBridge.dll
2020-09-12 22:59 - 2019-11-14 14:07 - 001126912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplySettingsTemplateCatalog.exe
2020-09-12 22:59 - 2019-11-14 14:07 - 000762880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.PrinterCustomActions.dll
2020-09-12 22:59 - 2019-11-14 14:07 - 000423936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.CscUnpinTool.exe
2020-09-12 22:59 - 2019-11-14 14:07 - 000287744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.ManagedEventLogging.dll
2020-09-12 22:59 - 2019-11-14 14:07 - 000282112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.ConfigWrapper.dll
2020-09-12 22:59 - 2019-11-14 14:07 - 000214016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.CmUtil.dll
2020-09-12 22:59 - 2019-11-14 14:07 - 000083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.SyncController.exe
2020-09-12 22:59 - 2019-11-14 14:07 - 000070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.Common.dll
2020-09-12 22:59 - 2019-11-14 14:07 - 000058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.ModernAppCore.dll
2020-09-12 22:59 - 2019-11-14 14:07 - 000055808 _____ (Microsoft Corporation) C:\WINDOWS\system32\UevAppMonitor.exe
2020-09-12 22:59 - 2019-11-14 14:07 - 000054272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.CabUtil.dll
2020-09-12 22:59 - 2019-11-14 14:07 - 000047104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.EventLogMessages.dll
2020-09-12 22:59 - 2019-11-14 14:07 - 000041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\UevAgentPolicyGenerator.exe
2020-09-12 22:59 - 2019-11-14 14:07 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.Management.WmiAccess.dll
2020-09-12 22:59 - 2019-11-14 14:07 - 000022016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.Management.dll
2020-09-12 22:59 - 2019-11-14 14:07 - 000020992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.ModernAppData.WinRT.dll
2020-09-12 22:59 - 2019-11-14 14:07 - 000019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.SyncCommon.dll
2020-09-12 22:59 - 2019-11-14 14:07 - 000018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.Common.WinRT.dll
2020-09-12 22:59 - 2019-11-14 14:07 - 000017920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.LocalSyncProvider.dll
2020-09-12 22:59 - 2019-11-14 14:07 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.ModernSync.dll
2020-09-12 22:59 - 2019-11-14 14:07 - 000011264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.SmbSyncProvider.dll
2020-09-12 22:59 - 2019-11-14 14:07 - 000008192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.MonitorSyncProvider.dll
2020-09-12 22:59 - 2019-11-14 14:07 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.SyncConditions.dll
2020-09-12 22:59 - 2019-03-19 02:00 - 000147439 _____ C:\WINDOWS\SysWOW64\gpedit.msc
2020-09-12 22:59 - 2019-03-19 02:00 - 000043566 _____ C:\WINDOWS\SysWOW64\rsop.msc
2020-09-12 22:59 - 2019-03-19 02:00 - 000031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SrpUxNativeSnapIn.dll
2020-09-12 22:59 - 2019-03-19 01:59 - 000028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\qwinsta.exe
2020-09-12 22:59 - 2019-03-19 01:59 - 000028160 _____ (Microsoft Corporation) C:\WINDOWS\system32\qprocess.exe
2020-09-12 22:59 - 2019-03-19 01:59 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msg.exe
2020-09-12 22:59 - 2019-03-19 01:59 - 000025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\quser.exe
2020-09-12 22:59 - 2019-03-19 01:59 - 000025088 _____ (Microsoft Corporation) C:\WINDOWS\system32\chgport.exe
2020-09-12 22:59 - 2019-03-19 01:59 - 000024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\qappsrv.exe
2020-09-12 22:59 - 2019-03-19 01:59 - 000024064 _____ (Microsoft Corporation) C:\WINDOWS\system32\tskill.exe
2020-09-12 22:59 - 2019-03-19 01:59 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsdiscon.exe
2020-09-12 22:59 - 2019-03-19 01:59 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\tscon.exe
2020-09-12 22:59 - 2019-03-19 01:59 - 000023040 _____ (Microsoft Corporation) C:\WINDOWS\system32\rwinsta.exe
2020-09-12 22:59 - 2019-03-19 01:59 - 000023040 _____ (Microsoft Corporation) C:\WINDOWS\system32\logoff.exe
2020-09-12 22:59 - 2019-03-19 01:59 - 000022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\chglogon.exe
2020-09-12 22:59 - 2019-03-19 01:59 - 000022016 _____ (Microsoft Corporation) C:\WINDOWS\system32\chgusr.exe
2020-09-12 22:59 - 2019-03-19 01:59 - 000017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\reset.exe
2020-09-12 22:59 - 2019-03-19 01:59 - 000017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\change.exe
2020-09-12 22:59 - 2019-03-19 01:59 - 000016896 _____ (Microsoft Corporation) C:\WINDOWS\system32\query.exe
2020-09-12 22:58 - 2020-02-18 14:43 - 000187392 _____ (Microsoft Corporation) C:\WINDOWS\system32\tssrvlic.dll
2020-09-12 22:58 - 2020-02-18 14:43 - 000062976 _____ (Microsoft Corporation) C:\WINDOWS\system32\LSCSHostPolicy.dll
2020-09-12 22:58 - 2020-02-18 14:43 - 000027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\lstelemetry.dll
2020-09-12 22:58 - 2019-09-21 14:27 - 000090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\srmlib.dll
2020-09-12 22:58 - 2019-03-19 01:58 - 000112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\baaupdate.exe
2020-09-12 22:57 - 2020-08-13 07:41 - 000072192 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintBrmUi.exe
2020-09-12 22:57 - 2019-03-19 01:59 - 000403456 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppIdPolicyEngineApi.dll
2020-09-12 22:57 - 2019-03-19 01:57 - 000295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\ddputils.dll
2020-09-12 22:57 - 2019-03-19 01:57 - 000135168 _____ (Microsoft Corporation) C:\WINDOWS\system32\ddptrace.dll
2020-09-12 22:57 - 2019-03-19 01:57 - 000066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\ddp_ps.dll
2020-09-12 22:56 - 2020-08-13 07:41 - 000275256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mssecflt.sys
2020-09-12 22:56 - 2020-08-13 07:41 - 000100864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssecuser.dll
2020-09-12 22:56 - 2019-03-19 01:58 - 000171008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\smbdirect.sys
2020-09-12 22:56 - 2019-03-19 01:58 - 000145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.SecureAssessment.dll
2020-09-12 22:56 - 2019-03-19 01:57 - 000534016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AdmTmpl.dll
2020-09-12 22:56 - 2019-03-19 01:57 - 000183808 _____ (Microsoft Corporation) C:\WINDOWS\system32\IoTAssignedAccessLockFramework.dll
2020-09-12 22:56 - 2019-03-19 01:57 - 000136704 _____ C:\WINDOWS\system32\DeviceUpdateCenterCsp.dll
2020-09-12 22:55 - 2020-05-15 00:05 - 000502784 _____ C:\WINDOWS\system32\AssignedAccessCsp.dll
2020-09-12 22:55 - 2019-09-21 14:27 - 000806400 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvewiz.dll
2020-09-12 22:55 - 2019-03-19 02:00 - 000429056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AdmTmpl.dll
2020-09-12 22:55 - 2019-03-19 02:00 - 000285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppIdPolicyEngineApi.dll
2020-09-12 22:55 - 2019-03-19 01:58 - 000797696 _____ (Microsoft Corporation) C:\WINDOWS\system32\pwcreator.exe
2020-09-12 22:55 - 2019-03-19 01:58 - 000325632 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvecpl.dll
2020-09-12 22:55 - 2019-03-19 01:58 - 000102400 _____ (Microsoft Corporation) C:\WINDOWS\system32\BitLockerWizardElev.exe
2020-09-12 22:55 - 2019-03-19 01:58 - 000102400 _____ (Microsoft Corporation) C:\WINDOWS\system32\BitLockerWizard.exe
2020-09-12 22:55 - 2019-03-19 01:57 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\system32\BdeSysprep.dll
2020-09-12 22:53 - 2019-03-19 01:58 - 000220672 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationSettings.exe
2020-09-12 22:53 - 2019-03-19 01:58 - 000089600 _____ (Microsoft Corporation) C:\WINDOWS\system32\PackageInspector.exe
2020-09-12 22:52 - 2020-08-13 07:41 - 001316352 _____ (Microsoft Corporation) C:\WINDOWS\system32\srmclient.dll
2020-09-12 22:52 - 2020-08-13 07:41 - 000639488 _____ (Microsoft Corporation) C:\WINDOWS\system32\srmscan.dll
2020-09-12 22:52 - 2020-07-16 03:03 - 000694784 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpprefcl.dll
2020-09-12 22:52 - 2020-05-15 00:05 - 000944640 _____ (Microsoft Corporation) C:\WINDOWS\system32\assignedaccessmanagersvc.dll
2020-09-12 22:52 - 2020-05-15 00:05 - 000643584 _____ (Microsoft Corporation) C:\WINDOWS\system32\AssignedAccessManager.dll
2020-09-12 22:52 - 2019-11-14 14:09 - 001185792 _____ (Microsoft Corporation) C:\WINDOWS\system32\AgentService.exe
2020-09-12 22:52 - 2019-03-19 01:58 - 000120458 _____ C:\WINDOWS\system32\secpol.msc
2020-09-12 22:52 - 2019-03-19 01:58 - 000006144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.SecureAssessment.Diagnostics.dll
2020-09-12 22:52 - 2019-03-19 01:57 - 000543744 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrptadm.dll
2020-09-12 22:52 - 2019-03-19 01:57 - 000448512 _____ (Microsoft Corporation) C:\WINDOWS\system32\appmgr.dll
2020-09-12 22:52 - 2019-03-19 01:57 - 000280064 _____ (Microsoft Corporation) C:\WINDOWS\system32\srm.dll
2020-09-12 22:52 - 2019-03-19 01:57 - 000275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\srmstormod.dll
2020-09-12 22:52 - 2019-03-19 01:57 - 000224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\appvetwsharedperformance.dll
2020-09-12 22:52 - 2019-03-19 01:57 - 000224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppvClientEventLog.dll
2020-09-12 22:52 - 2019-03-19 01:57 - 000171520 _____ (Microsoft Corporation) C:\WINDOWS\system32\srmshell.dll
2020-09-12 22:52 - 2019-03-19 01:57 - 000136704 _____ (Microsoft Corporation) C:\WINDOWS\system32\adrclient.dll
2020-09-12 22:52 - 2019-03-19 01:57 - 000086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\srmtrace.dll
2020-09-12 22:52 - 2019-03-19 01:57 - 000041272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UevAgentDriver.sys
2020-09-12 22:52 - 2019-03-19 01:57 - 000031744 _____ (Microsoft Corporation) C:\WINDOWS\system32\srm_ps.dll
2020-09-12 22:52 - 2019-03-19 01:57 - 000013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.AgentDriverEvents.dll
2020-09-12 22:51 - 2020-03-13 16:24 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ddpchunk.dll
2020-09-12 22:51 - 2019-03-19 02:00 - 000019968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NcaApi.dll
2020-09-12 22:50 - 2020-07-16 03:03 - 000564736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpprefcl.dll
2020-09-12 22:50 - 2019-03-19 02:00 - 000465920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrptadm.dll
2020-09-12 22:50 - 2019-03-19 02:00 - 000366592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appmgr.dll
2020-09-12 22:50 - 2019-03-19 01:58 - 000728064 _____ (Microsoft Corporation) C:\WINDOWS\system32\PeerDistCacheProvider.dll
2020-09-12 22:50 - 2019-03-19 01:58 - 000418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\PeerDistSh.dll
2020-09-12 22:50 - 2019-03-19 01:57 - 000198656 _____ (Microsoft Corporation) C:\WINDOWS\system32\appmgmts.dll
2020-09-12 22:50 - 2019-03-19 01:57 - 000079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\dggpext.dll
2020-09-12 22:50 - 2019-03-19 01:57 - 000050688 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpscript.dll
2020-09-12 22:50 - 2019-03-19 01:57 - 000045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpscript.exe
2020-09-12 22:49 - 2019-03-19 02:00 - 000345600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PeerDistSh.dll
2020-09-12 22:49 - 2019-03-19 02:00 - 000160768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appmgmts.dll
2020-09-12 22:49 - 2019-03-19 01:58 - 000163840 ____R (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.SecureAssessment.CfgProvider.dll
2020-09-12 22:49 - 2019-03-19 01:58 - 000161280 ____R (Microsoft Corporation) C:\WINDOWS\system32\SecureAssessmentHandlers.dll
2020-09-12 22:49 - 2019-03-19 01:57 - 000184632 _____ (Microsoft Corporation) C:\WINDOWS\system32\mavinject.exe
2020-09-12 22:49 - 2019-03-19 01:57 - 000092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAppVMgmtCSP.dll
2020-09-12 22:49 - 2019-03-19 01:57 - 000078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\AssignedAccessShellProxy.dll
2020-09-12 22:49 - 2019-03-19 01:57 - 000041272 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVClientPS.dll
2020-09-12 22:49 - 2019-03-19 01:57 - 000020280 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVTerminator.dll
2020-09-12 22:49 - 2019-03-19 01:57 - 000015160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVSentinel.dll
2020-09-12 22:48 - 2020-05-15 00:05 - 000473600 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpshell.exe
2020-09-12 22:48 - 2020-05-15 00:05 - 000361472 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpinit.exe
2020-09-12 22:48 - 2020-02-18 14:43 - 000828216 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVClient.exe
2020-09-12 22:48 - 2020-02-18 14:43 - 000174392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\AppvVemgr.sys
2020-09-12 22:48 - 2020-02-18 14:43 - 000153912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\AppvVfs.sys
2020-09-12 22:48 - 2020-02-18 14:43 - 000138040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\AppVStrm.sys
2020-09-12 22:48 - 2019-10-11 21:36 - 000012288 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSErrRedir.dll
2020-09-12 22:48 - 2019-03-19 02:01 - 000090112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srmlib.dll
2020-09-12 22:48 - 2019-03-19 02:00 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpscript.dll
2020-09-12 22:48 - 2019-03-19 02:00 - 000037888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpscript.exe
2020-09-12 22:47 - 2020-06-10 03:35 - 001497400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppVEntSubsystems32.dll
2020-09-12 22:47 - 2019-09-21 14:27 - 000295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscobj.dll
2020-09-12 22:47 - 2019-03-19 02:00 - 000148280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mavinject.exe
2020-09-12 22:47 - 2019-03-19 02:00 - 000026936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppVClientPS.dll
2020-09-12 22:47 - 2019-03-19 02:00 - 000018232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppVTerminator.dll
2020-09-12 22:47 - 2019-03-19 02:00 - 000013624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppVSentinel.dll
2020-09-12 22:47 - 2019-03-19 01:57 - 000163640 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvsievaluator.exe
2020-09-12 22:47 - 2019-03-19 01:57 - 000081720 _____ (Microsoft Corporation) C:\WINDOWS\system32\windowsdefenderapplicationguardcsp.dll
2020-09-12 22:47 - 2019-03-19 01:57 - 000041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\CIWmi.dll
2020-09-12 22:46 - 2020-01-17 11:44 - 000132096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tsusbhub.sys
2020-09-12 22:46 - 2019-03-19 02:00 - 000678400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdvgogl32.dll
2020-09-12 22:46 - 2019-03-19 02:00 - 000183296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdvgocl32.dll
2020-09-12 22:46 - 2019-03-19 02:00 - 000145920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdvgu1132.dll
2020-09-12 22:46 - 2019-03-19 02:00 - 000095744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdvgumd32.dll
2020-09-12 22:46 - 2019-03-19 01:58 - 000801792 _____ (Microsoft Corporation) C:\WINDOWS\system32\pmcsnap.dll
2020-09-12 22:46 - 2019-03-19 01:58 - 000264704 _____ (Microsoft Corporation) C:\WINDOWS\system32\ppcsnap.dll
2020-09-12 22:46 - 2019-03-19 01:58 - 000146389 _____ C:\WINDOWS\system32\printmanagement.msc
2020-09-12 22:46 - 2019-03-19 01:58 - 000133120 _____ (Microsoft Corporation) C:\WINDOWS\system32\BdeHdCfg.exe
2020-09-12 22:46 - 2019-03-19 01:58 - 000103424 _____ (Microsoft Corporation) C:\WINDOWS\system32\BdeHdCfgLib.dll
2020-09-12 22:46 - 2019-03-19 01:57 - 000010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\assignedaccessproviderevents.dll
2020-09-12 22:44 - 2020-08-13 07:41 - 000739840 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscsvc.dll
2020-09-12 22:44 - 2020-05-15 00:05 - 000217088 _____ (Microsoft Corporation) C:\WINDOWS\system32\tspubwmi.dll
2020-09-12 22:44 - 2020-05-15 00:05 - 000087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpsign.exe
2020-09-12 22:44 - 2020-03-13 16:24 - 000576512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\csc.sys
2020-09-12 22:44 - 2020-03-13 16:24 - 000145208 _____ (Microsoft Corporation) C:\WINDOWS\system32\CscMig.dll
2020-09-12 22:44 - 2019-09-21 14:27 - 000202752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cscobj.dll
2020-09-12 22:44 - 2019-03-19 02:00 - 000032256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CIWmi.dll
2020-09-12 22:44 - 2019-03-19 01:59 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\rfxvmt.dll
2020-09-12 22:44 - 2019-03-19 01:58 - 000160256 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveprompt.exe
2020-09-12 22:44 - 2019-03-19 01:57 - 000146944 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppManagementConfiguration.dll
2020-09-12 22:44 - 2019-03-19 01:57 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemoteAppLifetimeManager.exe
2020-09-12 22:44 - 2019-03-19 01:57 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemoteAppLifetimeManagerProxyStub.dll
2020-09-12 22:43 - 2020-08-13 07:41 - 000931328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srmclient.dll
2020-09-12 22:43 - 2020-08-13 07:41 - 000465408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srmscan.dll
2020-09-12 22:43 - 2019-11-14 14:09 - 000030720 _____ C:\WINDOWS\system32\uwfservicingapi.dll
2020-09-12 22:43 - 2019-03-19 02:00 - 000279040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srm.dll
2020-09-12 22:43 - 2019-03-19 02:00 - 000193024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srmstormod.dll
2020-09-12 22:43 - 2019-03-19 02:00 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srmshell.dll
2020-09-12 22:43 - 2019-03-19 02:00 - 000099840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\adrclient.dll
2020-09-12 22:43 - 2019-03-19 02:00 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srmtrace.dll
2020-09-12 22:43 - 2019-03-19 02:00 - 000032256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rfxvmt.dll
2020-09-12 22:43 - 2019-03-19 02:00 - 000016896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srm_ps.dll
2020-09-12 22:43 - 2019-03-19 01:58 - 001965568 _____ (Microsoft Corporation) C:\WINDOWS\system32\PeerDistSvc.dll
2020-09-12 22:43 - 2019-03-19 01:58 - 000400384 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_AssignedAccess.dll
2020-09-12 22:43 - 2019-03-19 01:58 - 000224768 _____ (Microsoft Corporation) C:\WINDOWS\system32\PeerDist.dll
2020-09-12 22:43 - 2019-03-19 01:58 - 000222208 _____ (Microsoft Corporation) C:\WINDOWS\system32\PeerDistCleaner.dll
2020-09-12 22:43 - 2019-03-19 01:58 - 000181248 _____ (Microsoft Corporation) C:\WINDOWS\system32\PeerDistWSDDiscoProv.dll
2020-09-12 22:43 - 2019-03-19 01:58 - 000140088 _____ (Microsoft Corporation) C:\WINDOWS\system32\iotstartup.exe
2020-09-12 22:43 - 2019-03-19 01:58 - 000054784 _____ (Microsoft Corporation) C:\WINDOWS\system32\PeerDistHttpTrans.dll
2020-09-12 22:43 - 2019-03-19 01:58 - 000041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\PeerDistAD.dll
2020-09-12 22:41 - 2019-03-19 02:00 - 000125440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppManagementConfiguration.dll
2020-09-12 22:08 - 2019-03-19 01:57 - 000012088 _____ (Microsoft Corporation) C:\WINDOWS\system32\07409496-a423-4a3e-b620-2cfb01a9318d_HyperV-ComputeNetwork.dll
2020-09-12 22:08 - 2019-03-19 01:56 - 000408080 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmsynthstor.dll
2020-09-12 22:08 - 2019-03-19 01:56 - 000231224 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmflexio.dll
2020-09-12 22:08 - 2019-03-19 01:56 - 000076816 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmvirtio.dll
2020-09-12 22:08 - 2019-03-19 01:56 - 000027664 _____ (Microsoft Corporation) C:\WINDOWS\system32\VrdUmed.dll
2020-09-12 22:07 - 2020-08-13 07:40 - 001409536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vfpext.sys
2020-09-12 22:07 - 2020-08-13 07:40 - 000275968 _____ (Microsoft Corporation) C:\WINDOWS\system32\vfpctrl.exe
2020-09-12 22:07 - 2020-08-13 07:40 - 000037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\vfpapi.dll
2020-09-12 22:07 - 2020-04-16 21:13 - 000216888 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetMgmtIF.dll
2020-09-12 22:07 - 2020-04-16 21:13 - 000140088 _____ C:\WINDOWS\system32\nmscrub.exe
2020-09-12 22:07 - 2020-04-16 21:13 - 000129336 _____ (Microsoft Corporation) C:\WINDOWS\system32\nmbind.exe
2020-09-12 22:07 - 2019-10-11 21:35 - 000111632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbkmclr.sys
2020-09-12 22:07 - 2019-09-21 23:12 - 000677176 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmcompute.dll
2020-09-12 22:07 - 2019-03-19 01:58 - 000041992 _____ (Microsoft Corporation) C:\WINDOWS\system32\NvAgent.dll
2020-09-12 22:07 - 2019-03-19 01:57 - 000038712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\passthruparser.sys
2020-09-12 22:07 - 2019-03-19 01:57 - 000012600 _____ (Microsoft Corporation) C:\WINDOWS\system32\c4d66f00-b6f0-4439-ac9b-c5ea13fe54d7_HyperV-ComputeCore.dll
2020-09-12 22:07 - 2019-03-19 01:56 - 000663568 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmuidevices.dll
2020-09-12 22:06 - 2020-06-10 03:34 - 000299832 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmsif.dll
2020-09-12 22:06 - 2020-06-10 03:34 - 000118600 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmsifcore.dll
2020-09-12 22:06 - 2020-06-10 03:34 - 000028472 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmsifproxystub.dll
2020-09-12 22:06 - 2020-05-15 00:04 - 002399544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmswitch.sys
2020-09-12 22:06 - 2020-05-15 00:04 - 000192840 _____ (Microsoft Corporation) C:\WINDOWS\system32\nvspinfo.exe
2020-09-12 22:06 - 2020-05-15 00:04 - 000048440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\VmsProxy.sys
2020-09-12 22:06 - 2020-05-15 00:04 - 000039736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\VmsProxyHNic.sys
2020-09-12 22:06 - 2020-04-16 21:11 - 000166712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vpcivsp.sys
2020-09-12 22:06 - 2020-03-13 16:23 - 000416568 _____ (Microsoft Corporation) C:\WINDOWS\system32\VmSynthNic.dll
2020-09-12 22:06 - 2020-03-13 16:21 - 000243512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbusr.sys
2020-09-12 22:06 - 2020-03-13 16:21 - 000024888 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmbuspiper.dll
2020-09-12 22:06 - 2020-02-18 14:43 - 000119312 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdp4vs.dll
2020-09-12 22:06 - 2019-03-19 01:58 - 000058384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\l2bridge.sys
2020-09-12 22:06 - 2019-03-19 01:57 - 000114176 _____ (Microsoft Corporation) C:\WINDOWS\system32\hnsdiag.exe
2020-09-12 22:06 - 2019-03-19 01:57 - 000061240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pvhdparser.sys
2020-09-12 22:06 - 2019-03-19 01:57 - 000047120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdparser.sys
2020-09-12 22:06 - 2019-03-19 01:57 - 000014336 _____ C:\WINDOWS\system32\hnsproxy.dll
2020-09-12 22:06 - 2019-03-19 01:57 - 000012600 _____ (Microsoft Corporation) C:\WINDOWS\system32\d4d78066-e6db-44b7-b5cd-2eb82dce620c_HyperV-ComputeLegacy.dll
2020-09-12 22:06 - 2019-03-19 01:57 - 000012088 _____ (Microsoft Corporation) C:\WINDOWS\system32\f989b52d-f928-44a3-9bf1-bf0c1da6a0d6_HyperV-DeviceVirtualization.dll
2020-09-12 22:06 - 2019-03-19 01:56 - 000503304 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmserial.dll
2020-09-12 22:06 - 2019-03-19 01:56 - 000478216 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmpmem.dll
2020-09-12 22:06 - 2019-03-19 01:56 - 000294952 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmdynmem.dll
2020-09-12 22:06 - 2019-03-19 01:56 - 000281104 _____ (Microsoft Corporation) C:\WINDOWS\system32\hcsdiag.exe
2020-09-12 22:06 - 2019-03-19 01:56 - 000270648 _____ (Microsoft Corporation) C:\WINDOWS\system32\VmCrashDump.dll
2020-09-12 22:06 - 2019-03-19 01:56 - 000209208 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpupvdev.dll
2020-09-12 22:06 - 2019-03-19 01:56 - 000205624 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmbusvdev.dll
2020-09-12 22:06 - 2019-03-19 01:56 - 000157728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storvsp.sys
2020-09-12 22:06 - 2019-03-19 01:56 - 000105272 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmwpevents.dll
2020-09-12 22:06 - 2019-03-19 01:56 - 000078856 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmwpctrl.dll
2020-09-12 22:06 - 2019-03-19 01:56 - 000036600 _____ (Microsoft Corporation) C:\WINDOWS\system32\sbresources.dll
2020-09-12 22:06 - 2019-03-19 01:56 - 000036368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvsocketcontrol.sys
2020-09-12 22:06 - 2019-03-19 01:56 - 000031544 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmcomputeeventlog.dll
2020-09-12 22:06 - 2019-03-19 01:56 - 000006658 _____ C:\WINDOWS\system32\VmChipset Third-Party Notices.txt
2020-09-12 21:56 - 2018-12-17 14:43 - 000000000 ___RD C:\Users\usuario\Downloads\Microsoft.SkypeApp_kzf8qxf38zg5c!App
2020-09-12 21:24 - 2020-07-16 22:51 - 000000000 ____D C:\Users\usuario\Desktop\PARA ORDENAR
2020-09-12 09:32 - 2018-04-04 08:49 - 000000000 ____D C:\Users\usuario\AppData\LocalLow\Mozilla
2020-09-12 05:40 - 2018-03-20 16:31 - 000000000 ___RD C:\Users\usuario\3D Objects
2020-09-12 05:40 - 2018-03-07 03:00 - 000000000 __RHD C:\Users\Public\AccountPictures
2020-09-12 05:38 - 2019-09-21 18:57 - 005229648 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-09-11 20:49 - 2019-03-19 01:52 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2020-09-11 20:49 - 2019-03-19 01:52 - 000000000 ___RD C:\WINDOWS\PrintDialog
2020-09-11 20:49 - 2019-03-19 01:52 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2020-09-11 20:49 - 2019-03-19 01:52 - 000000000 ____D C:\WINDOWS\system32\oobe
2020-09-11 20:49 - 2019-03-19 01:52 - 000000000 ____D C:\WINDOWS\system32\migwiz
2020-09-11 20:49 - 2019-03-19 01:52 - 000000000 ____D C:\WINDOWS\ShellExperiences
2020-09-11 20:49 - 2019-03-19 01:52 - 000000000 ____D C:\WINDOWS\Provisioning
2020-09-11 20:49 - 2019-03-19 01:52 - 000000000 ____D C:\WINDOWS\bcastdvr
2020-09-11 13:11 - 2018-03-08 16:44 - 000000000 ____D C:\WINDOWS\system32\MRT
2020-09-11 12:59 - 2018-03-08 16:44 - 129170736 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2020-09-11 12:40 - 2019-09-21 19:03 - 002876416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2020-09-11 12:14 - 2020-07-28 21:18 - 000000000 _____ C:\ProgramData\LauncherAccess.dt
2020-09-11 11:55 - 2019-09-21 19:07 - 000002403 _____ C:\Users\usuario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-09-11 11:55 - 2018-03-07 03:03 - 000000000 ___RD C:\Users\usuario\OneDrive
2020-09-11 07:35 - 2020-05-15 18:35 - 000002423 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2020-09-10 14:11 - 2020-07-27 21:25 - 000000000 ___HD C:\Users\usuario\AppData\Roaming\0-6AQ2T-
2020-09-10 07:15 - 2018-04-01 09:27 - 000000000 ____D C:\Users\usuario\Documents\CLIENTES POTENCIALES
2020-09-09 14:18 - 2020-06-11 15:12 - 000000000 ____D C:\Users\usuario\Documents\MASTERQUIM
2020-09-09 05:37 - 2018-03-20 21:42 - 000000000 ____D C:\Users\usuario\Documents\ARCHIVOS - CARPETAS COLGANTES
2020-09-08 19:23 - 2018-03-07 03:00 - 000000000 ____D C:\Users\usuario\AppData\Roaming\Adobe
2020-09-08 17:01 - 2018-05-11 12:12 - 000002299 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-09-07 16:35 - 2019-02-03 11:47 - 000000000 ____D C:\Users\usuario\Documents\ANA PAULA LICHTENBERG
2020-09-07 16:35 - 2018-03-24 07:34 - 000000000 ____D C:\Users\usuario\Documents\LISTAS DE PRECIOS
2020-09-07 09:43 - 2018-03-21 18:07 - 000000190 _____ C:\WINDOWS\ODBCINST.INI
2020-09-07 09:39 - 2018-03-21 18:06 - 000737280 _____ (Indigo Rose Corporation) C:\WINDOWS\iun6002.exe
2020-09-07 09:38 - 2018-03-28 10:30 - 000000000 ____D C:\ADJTactica
2020-09-07 06:58 - 2020-05-02 08:00 - 000000000 ____D C:\Users\usuario\Documents\AAA- CLIENTES NUEVOS PARA IMPORTAR
2020-09-06 21:39 - 2018-03-20 10:01 - 000000000 ____D C:\Users\usuario\Documents\AGENDA CELULARES
2020-09-06 16:31 - 2020-06-27 20:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico
2020-09-06 16:31 - 2020-06-27 20:09 - 000000000 ____D C:\Program Files\KMSpico
2020-09-06 06:21 - 2019-04-03 07:18 - 000000000 ____D C:\Program Files\Common Files\Adobe
2020-09-06 06:21 - 2018-11-06 12:01 - 000000000 ____D C:\Program Files\Adobe
2020-09-06 06:21 - 2018-11-06 11:39 - 000000000 ____D C:\Program Files (x86)\Adobe
2020-09-05 22:44 - 2018-05-20 19:52 - 000000000 ____D C:\Users\usuario\AppData\Roaming\vlc
2020-09-05 22:41 - 2020-04-01 15:44 - 000000000 ____D C:\Program Files (x86)\BleachBit
2020-09-05 22:01 - 2020-05-12 17:06 - 000000000 ____D C:\Users\usuario\Documents\BarTender
2020-09-05 22:00 - 2020-05-12 16:55 - 000000000 ____D C:\ProgramData\Seagull
2020-09-05 21:48 - 2018-08-29 17:42 - 000000000 ____D C:\Users\usuario\AppData\Local\MSfree Inc
2020-09-05 20:29 - 2018-11-06 12:13 - 000000000 __RHD C:\Users\usuario\Creative Cloud Files
2020-09-05 20:19 - 2019-09-21 14:19 - 000000000 ____D C:\Program Files (x86)\MSBuild
2020-09-05 20:16 - 2019-03-19 01:52 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2020-09-04 22:18 - 2020-06-01 10:03 - 000000000 ____D C:\Users\usuario\Documents\AA_ TAREAS LEO
2020-09-02 07:19 - 2018-03-08 16:46 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2020-08-30 22:50 - 2018-04-02 07:36 - 000000000 ____D C:\Users\usuario\Documents\BANCOS y FINANCIERAS
2020-08-30 21:00 - 2019-03-19 01:52 - 000000000 ____D C:\WINDOWS\system32\NDF
2020-08-30 20:58 - 2018-03-07 05:34 - 000000000 ____D C:\Intel
2020-08-30 05:15 - 2018-05-06 16:48 - 000000000 ____D C:\Users\usuario\Documents\LUIS RUIZ
2020-08-28 08:42 - 2018-03-28 18:50 - 000000000 ____D C:\Users\usuario\Documents\PROVEEDORES
2020-08-23 22:13 - 2018-04-02 14:29 - 000000000 ____D C:\Users\usuario\Documents\ALEDI SUR SRL
2020-08-23 17:04 - 2018-04-11 08:51 - 000000000 ____D C:\Users\usuario\Documents\OPERARIOS
2020-08-23 14:22 - 2018-03-25 07:07 - 000000000 ____D C:\Users\usuario\Documents\MERCADO LIBRE
2020-08-20 05:09 - 2020-05-15 18:23 - 000003580 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2020-08-20 05:09 - 2020-05-15 18:23 - 000003456 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2020-08-18 20:14 - 2018-05-29 19:51 - 000000000 ____D C:\Users\usuario\Documents\MAIL RECHAZADOS

==================== Archivos en la raíz de algunos directorios ========

2018-05-25 17:34 - 2018-05-25 17:34 - 003209600 _____ () C:\Users\usuario\ZHPCleaner.exe
2018-03-07 04:20 - 2018-03-07 04:24 - 006010880 _____ () C:\Program Files (x86)\GUT9474.tmp
2020-06-20 16:09 - 2020-07-28 16:12 - 000000034 _____ () C:\Users\usuario\AppData\Roaming\AdobeWLCMCache.dat
2018-11-06 11:40 - 2018-11-06 11:40 - 000000410 _____ () C:\Users\usuario\AppData\Local\oobelibMkey.log
2018-05-14 10:45 - 2018-05-14 10:45 - 000000017 _____ () C:\Users\usuario\AppData\Local\resmon.resmoncfg
2018-10-25 22:20 - 2018-10-25 22:20 - 000000000 _____ () C:\Users\usuario\AppData\Local\{DECE6C3A-54A4-40F6-9765-CD7DEE728B22}

==================== SigCheck ============================

(No existe una corrección automática para los archivos que no pasan la verificación.)

==================== Final de FRST.txt `Texto preformateado``Texto preformateado``Texto preformateado`

El uso de activadores ilegales puede traer consecuencias…

Ahora corta y pega, Frst.exe en el ESCRITORIO, pues se indicaba muy remarcado que se ejecutara desde esa ubicacion

Bien… y ahora sigue estos pasos, MUY Importante ~ Realiza una copia de seguridad del registro :

  • Para hacerlo descarga Delfix en tu escritorio.

  • Doble clic para ejecutarlo.(Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona "Ejecutar como Administrador.")

  • Atención, ahora marca/selecciona únicamente las casillas Registry Backup, las demás NO

  • Pulsar en Run.

Se abrirá el informe (Delfix.txt), guárdalo por si fuera necesario y cierra la herramienta.


En el equipo con los demas programas cerrados:

Inicio >>> Ejecutar >>>Escribes notepad.exe.

Ahora copia y pega estos archivos dentro del Notepad:


Start
CreateRestorePoint:
CloseProcesses:

AS: Total AV (Disabled - Up to date) {1755713B-9494-6E81-A820-9E949B4A199E}
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> Ningún archivo
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} =>  -> Ningún archivo
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} =>  -> Ningún archivo
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> Ningún archivo
ShortcutWithArgument: C:\Users\usuario\Desktop\Google Drive.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory="Profile 1" --app-id=aghbiahbpaijignceidepookljebhfak
ShortcutWithArgument: C:\Users\usuario\Desktop\Roberto - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Default"
ShortcutWithArgument: C:\Users\usuario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\Google Drive.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory="Profile 1" --app-id=aghbiahbpaijignceidepookljebhfak
ShortcutWithArgument: C:\Users\usuario\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Sombrillas - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 1"
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restricción <==== ATENCIÓN
HKLM\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings: [ProxySettingsPerUser] 1 <==== ATENCIÓN (Restricción - ProxySettings)
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restricción <==== ATENCIÓN
S3 fiddrv64; no ImagePath
2018-10-25 22:20 - 2018-10-25 22:20 - 000000000 _____ () C:\Users\usuario\AppData\Local\{DECE6C3A-54A4-40F6-9765-CD7DEE728B22}
2018-03-07 04:20 - 2018-03-07 04:24 - 006010880 _____ () C:\Program Files (x86)\GUT9474.tmp



HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
END

Lo guardas bajo el nombre de fixlist.txt en el escritorio <<< Esto es muy importante.<<

Nota: Es importante que la Hta Frst.exe y fixlist.txt se encuentren en la misma ubicación (escritorio) o si no no trabajara.

  • Ejecutas Frst.exe.

  • Presionas el botón Corregir y aguardas a que termine.

  • La Herramienta guardara el reporte en tu escritorio (Fixlog.txt).

Lo pegas en tu próxima respuesta con estos otros.

1) Descarga, instala y ejecuta Malwarebytes’ Anti-Malware.

  • Presiona clic en “Use Malewarebytes Free” (Usar Malewarebyte gratis).

  • Pulsa en el botón “Open Malewarebytes Free”.

imagen

  • Presiona el botón “Scan” (Escaneo).

imagen

Una vez finalizado el escaneo aparecerá la siguiente pantalla:

imagen

  • Pulsa en “View report” (Ver informe).

  • Luego presionar el botón “Export” (Exportar). Elijes “Text file” (fichero de texto). Elijes un nombre y guardas ese archivo en el escritorio…

2) Descarga Adwcleaner en el escritorio.

  • Desactiva tu antivirus :arrow_forward:Como deshabilitar temporalmente un antivirus y cualquier programa de seguridad.

  • Ejecuta Adwcleaner.exe (Si usas Windows Vista/7 u 8 presiona clic derecho y selecciona "Ejecutar como Administrador.")

  • Pulsar en el botón Analizar Ahora, y espera a que se realice el proceso, inmediatamente pulsa sobre el botón Iniciar Reparacion.

  • Espera a que se complete y sigue las instrucciones, si te pidiera Reiniciar el sistema Aceptas.

  • Si no encuentra nada, pulsamos “Omitir Reparación

  • El log lo encontramos en la pestaña “Informes”, volviendo a abrir el programa, si es necesario o en"C:\AdwCleaner\Logs\AdwCleaner[C0].txt"

Puedes mirar su manual >> Manual de Adwcleaner

Nota: los elementos detectados como sofware preinstalado que pueda detectar, no hace falta eliminarlos

Imposible entender todo. Intente de todas formas. Estoy intentandolo pero es muy tecnico

Resultados de la corrección de Farbar Recovery Scan Tool (x64) Versión: 16-09-2020
Ejecutado por usuario (17-09-2020 19:42:57) Run:1
Ejecutado desde C:\Users\usuario\Downloads
Perfiles cargados: usuario
Modo de Inicio: Normal
==============================================

fixlist contenido:
*****************
Start
CreateRestorePoint:
CloseProcesses:
 
AS: Total AV (Disabled - Up to date) {1755713B-9494-6E81-A820-9E949B4A199E}
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> Ningún archivo
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} =>  -> Ningún archivo
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} =>  -> Ningún archivo
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> Ningún archivo
ShortcutWithArgument: C:\Users\usuario\Desktop\Google Drive.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory="Profile 1" --app-id=aghbiahbpaijignceidepookljebhfak
ShortcutWithArgument: C:\Users\usuario\Desktop\Roberto - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Default"
ShortcutWithArgument: C:\Users\usuario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\Google Drive.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory="Profile 1" --app-id=aghbiahbpaijignceidepookljebhfak
ShortcutWithArgument: C:\Users\usuario\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Sombrillas - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 1"
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restricción <==== ATENCIÓN
HKLM\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings: [ProxySettingsPerUser] 1 <==== ATENCIÓN (Restricción - ProxySettings)
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restricción <==== ATENCIÓN
S3 fiddrv64; no ImagePath
2018-10-25 22:20 - 2018-10-25 22:20 - 000000000 _____ () C:\Users\usuario\AppData\Local\{DECE6C3A-54A4-40F6-9765-CD7DEE728B22}
2018-03-07 04:20 - 2018-03-07 04:24 - 006010880 _____ () C:\Program Files (x86)\GUT9474.tmp
 
 
 
HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
END
*****************

El punto de restauración fue creado correctamente.
Procesos cerrados correctamente.
"AS: Total AV (Disabled - Up to date) {1755713B-9494-6E81-A820-9E949B4A199E}" => eliminado correctamente
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00asw => eliminado correctamente
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\7-Zip => eliminado correctamente
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\ANotepad++64 => eliminado correctamente
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\BriefcaseMenu => eliminado correctamente
"HKLM\Software\Classes\CLSID\{85BBD920-42A0-1069-A2E4-08002B30309D}" => eliminado correctamente
C:\Users\usuario\Desktop\Google Drive.lnk => Acceso directo argumento eliminado correctamente
C:\Users\usuario\Desktop\Roberto - Chrome.lnk => Acceso directo argumento eliminado correctamente
C:\Users\usuario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\Google Drive.lnk => Acceso directo argumento eliminado correctamente
C:\Users\usuario\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Sombrillas - Chrome.lnk => Acceso directo argumento eliminado correctamente
HKLM\SOFTWARE\Policies\Mozilla => eliminado correctamente
"HKLM\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxySettingsPerUser" => eliminado correctamente
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer => eliminado correctamente
HKLM\System\CurrentControlSet\Services\fiddrv64 => eliminado correctamente
fiddrv64 => servicio eliminado correctamente
C:\Users\usuario\AppData\Local\{DECE6C3A-54A4-40F6-9765-CD7DEE728B22} => movido correctamente
C:\Program Files (x86)\GUT9474.tmp => movido correctamente
C:\Windows\System32\Drivers\etc\hosts => movido correctamente
Hosts restaurado correctamente.

========= RemoveProxy: =========

"HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable" => eliminado correctamente
"HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer" => eliminado correctamente
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => eliminado correctamente
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => eliminado correctamente
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => eliminado correctamente
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => eliminado correctamente
"HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => eliminado correctamente
"HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => eliminado correctamente
"HKU\S-1-5-21-1655116526-72280640-3654168884-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer" => eliminado correctamente
"HKU\S-1-5-21-1655116526-72280640-3654168884-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => eliminado correctamente
"HKU\S-1-5-21-1655116526-72280640-3654168884-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => eliminado correctamente


========= Final de RemoveProxy: =========


========= netsh winsock reset =========


El cat logo Winsock se restableci¢ correctamente.
Debe reiniciar el equipo para completar el restablecimiento.


========= Final de CMD: =========


========= ipconfig /renew =========


Configuraci¢n IP de Windows

No se puede realizar ninguna operaci¢n en Ethernet mientras los medios
est‚n desconectados.
No se puede realizar ninguna operaci¢n en Conexi¢n de  rea local* 9 mientras los medios
est‚n desconectados.
No se puede realizar ninguna operaci¢n en Conexi¢n de  rea local* 11 mientras los medios
est‚n desconectados.
No se puede realizar ninguna operaci¢n en Ethernet 2 mientras los medios
est‚n desconectados.
No se puede realizar ninguna operaci¢n en Conexi¢n de red Bluetooth mientras los medios
est‚n desconectados.

Adaptador de Ethernet Ethernet:

   Estado de los medios. . . . . . . . . . . : medios desconectados
   Sufijo DNS espec¡fico para la conexi¢n. . : TL-WA850RE

Adaptador de LAN inal mbrica Conexi¢n de  rea local* 9:

   Estado de los medios. . . . . . . . . . . : medios desconectados
   Sufijo DNS espec¡fico para la conexi¢n. . : 

Adaptador de LAN inal mbrica Conexi¢n de  rea local* 11:

   Estado de los medios. . . . . . . . . . . : medios desconectados
   Sufijo DNS espec¡fico para la conexi¢n. . : 

Adaptador de Ethernet Ethernet 2:

   Estado de los medios. . . . . . . . . . . : medios desconectados
   Sufijo DNS espec¡fico para la conexi¢n. . : 

Adaptador de LAN inal mbrica Wi-Fi:

   Sufijo DNS espec¡fico para la conexi¢n. . : 
   V¡nculo: direcci¢n IPv6 local. . . : fe80::d168:800e:921e:2eb4%12
   Direcci¢n IPv4. . . . . . . . . . . . . . : 172.17.127.205
   M scara de subred . . . . . . . . . . . . : 255.255.255.0
   Puerta de enlace predeterminada . . . . . : 172.17.127.254

Adaptador de Ethernet Conexi¢n de red Bluetooth:

   Estado de los medios. . . . . . . . . . . : medios desconectados
   Sufijo DNS espec¡fico para la conexi¢n. . : 

Adaptador de Ethernet vEthernet (Default Switch):

   Sufijo DNS espec¡fico para la conexi¢n. . : 
   V¡nculo: direcci¢n IPv6 local. . . : fe80::a158:97d9:8988:94c5%26
   Direcci¢n IPv4. . . . . . . . . . . . . . : 192.168.38.113
   M scara de subred . . . . . . . . . . . . : 255.255.255.240
   Puerta de enlace predeterminada . . . . . : 

========= Final de CMD: =========


========= ipconfig /flushdns =========


Configuraci¢n IP de Windows

Se vaci¢ correctamente la cach‚ de resoluci¢n de DNS.

========= Final de CMD: =========


========= bitsadmin /reset /allusers =========


BITSADMIN version 3.0
BITS administration utility.
(C) Copyright Microsoft Corp.

{7BF0F024-37F9-4591-BF22-4D9A5D3FA9D5} canceled.
1 out of 1 jobs canceled.

========= Final de CMD: =========


========= netsh advfirewall reset =========

Aceptar


========= Final de CMD: =========


========= netsh advfirewall set allprofiles state ON =========

Aceptar


========= Final de CMD: =========


========= netsh int ipv4 reset =========

Reenv¡o de compartimiento se restableci¢ correctamente.
Compartimiento se restableci¢ correctamente.
Protocolo de control se restableci¢ correctamente.
Solicitud de secuencia eco se restableci¢ correctamente.
Global se restableci¢ correctamente.
Interfaz se restableci¢ correctamente.
Direcci¢n de difusi¢n por proximidad (a se restableci¢ correctamente.
Direcciones de multidifusi¢n se restableci¢ correctamente.
Direcci¢n de unidifusi¢n se restableci¢ correctamente.
Vecino se restableci¢ correctamente.
Ruta de acceso se restableci¢ correctamente.
Posible se restableci¢ correctamente.
Directiva de prefijo se restableci¢ correctamente.
Vecino de proxy se restableci¢ correctamente.
Ruta se restableci¢ correctamente.
Prefijo de sitio se restableci¢ correctamente.
Subinterfaz se restableci¢ correctamente.
Patr¢n de reactivaci¢n se restableci¢ correctamente.
Resolver vecino se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
Error al restablecer .
Acceso denegado.

 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.


========= Final de CMD: =========


========= netsh int ipv6 reset =========

Reenv¡o de compartimiento se restableci¢ correctamente.
Compartimiento se restableci¢ correctamente.
Protocolo de control se restableci¢ correctamente.
Solicitud de secuencia eco se restableci¢ correctamente.
Global se restableci¢ correctamente.
Interfaz se restableci¢ correctamente.
Direcci¢n de difusi¢n por proximidad (a se restableci¢ correctamente.
Direcciones de multidifusi¢n se restableci¢ correctamente.
Direcci¢n de unidifusi¢n se restableci¢ correctamente.
Vecino se restableci¢ correctamente.
Ruta de acceso se restableci¢ correctamente.
Posible se restableci¢ correctamente.
Directiva de prefijo se restableci¢ correctamente.
Vecino de proxy se restableci¢ correctamente.
Ruta se restableci¢ correctamente.
Prefijo de sitio se restableci¢ correctamente.
Subinterfaz se restableci¢ correctamente.
Patr¢n de reactivaci¢n se restableci¢ correctamente.
Resolver vecino se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
Error al restablecer .
Acceso denegado.

 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.


========= Final de CMD: =========


=========== EmptyTemp: ==========

BITS transfer queue => 10772480 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 12719918 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 9504491 B
Edge => 2140489 B
Chrome => 810627274 B
Firefox => 28304548 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 19034 B
NetworkService => 647260 B
usuario => 15788046885 B
.NET v4.5 => 15788046885 B
DefaultAppPool => 15788046885 B
.NET v4.5 Classic => 15788046885 B

RecycleBin => 0 B
EmptyTemp: => 59.6 GB datos temporales eliminados.

================================


El sistema necesita reiniciarse.

==== Final de Fixlog 19:47:47 ====
Malwarebytes
www.malwarebytes.com

-Detalles del registro-
Fecha del análisis: 18/9/20
Hora del análisis: 0:17
Archivo de registro: 735aaa9e-f95d-11ea-9ff6-34e6adab8c85.json

-Información del software-
Versión: 4.2.1.89
Versión de los componentes: 1.0.1045
Versión del paquete de actualización: 1.0.30005
Licencia: Prueba

-Información del sistema-
SO: Windows 10 (Build 18362.1082)
CPU: x64
Sistema de archivos: NTFS
Usuario: LENOVOROBERTO\usuario

-Resumen del análisis-
Tipo de análisis: Análisis de amenazas
Análisis iniciado por:: Manual
Resultado: Completado
Objetos analizados: 459010
Amenazas detectadas: 24
Amenazas en cuarentena: 0
Tiempo transcurrido: 26 min, 21 seg

-Opciones de análisis-
Memoria: Activado
Inicio: Activado
Sistema de archivos: Activado
Archivo: Activado
Rootkits: Desactivado
Heurística: Activado
PUP: Detectar
PUM: Detectar

-Detalles del análisis-
Proceso: 0
(No hay elementos maliciosos detectados)

Módulo: 0
(No hay elementos maliciosos detectados)

Clave del registro: 4
Hijack.AutoConfigURL.PrxySvrRST, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\OPTIMIZE THUMBNAIL CACHE FILES, Sin acciones por parte del usuario, 3798, 328817, , , , , , 
Hijack.AutoConfigURL.PrxySvrRST, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{E6C39630-0EEF-4503-9397-F87288E8B99A}, Sin acciones por parte del usuario, 3798, 328817, , , , , , 
Hijack.AutoConfigURL.PrxySvrRST, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\PLAIN\{E6C39630-0EEF-4503-9397-F87288E8B99A}, Sin acciones por parte del usuario, 3798, 328817, , , , , , 
Hijack.AutoConfigURL.PrxySvrRST, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\NLASVC\PARAMETERS\INTERNET\MANUALPROXIES, Sin acciones por parte del usuario, 3798, -1, 0.0.0, , action, , , 

Valor del registro: 7
Hijack.AutoConfigURL.PrxySvrRST, HKU\S-1-5-18\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYENABLE, Sin acciones por parte del usuario, 3798, -1, 0.0.0, , action, , , 
Hijack.AutoConfigURL.PrxySvrRST, HKU\S-1-5-19\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYENABLE, Sin acciones por parte del usuario, 3798, -1, 0.0.0, , action, , , 
Hijack.AutoConfigURL.PrxySvrRST, HKU\S-1-5-21-1655116526-72280640-3654168884-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYENABLE, Sin acciones por parte del usuario, 3798, -1, 0.0.0, , action, , , 
Hijack.AutoConfigURL.PrxySvrRST, HKU\.DEFAULT\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYENABLE, Sin acciones por parte del usuario, 3798, -1, 0.0.0, , action, , , 
Hijack.AutoConfigURL.PrxySvrRST, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYOVERRIDE, Sin acciones por parte del usuario, 3798, -1, 0.0.0, , action, , , 
Hijack.AutoConfigURL.PrxySvrRST, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{E6C39630-0EEF-4503-9397-F87288E8B99A}|PATH, Sin acciones por parte del usuario, 3798, 328818, 1.0.30005, , ame, , , 
PUP.Optional.MindSpark.Generic, HKU\S-1-5-21-1655116526-72280640-3654168884-1001\SOFTWARE\GOOGLE\CHROME\PREFERENCEMACS\Profile 1\extensions.settings|apicngidjjeegmfbfgpobchlpliidibm, Sin acciones por parte del usuario, 1818, 443121, , , , , , 

Datos del registro: 0
(No hay elementos maliciosos detectados)

Secuencia de datos: 0
(No hay elementos maliciosos detectados)

Carpeta: 2
PUP.Optional.MindSpark.Generic, C:\USERS\USUARIO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Profile 1\Local Extension Settings\apicngidjjeegmfbfgpobchlpliidibm, Sin acciones por parte del usuario, 1818, 443121, , , , , , 
PUP.Optional.MindSpark.Generic, C:\USERS\USUARIO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\EXTENSIONS\APICNGIDJJEEGMFBFGPOBCHLPLIIDIBM, Sin acciones por parte del usuario, 1818, 443121, 1.0.30005, , ame, , , 

Archivo: 11
Hijack.AutoConfigURL.PrxySvrRST, C:\WINDOWS\SYSTEM32\TASKS\OPTIMIZE THUMBNAIL CACHE FILES, Sin acciones por parte del usuario, 3798, 328817, 1.0.30005, , ame, , 1B6C1337D3801E92D9B72507526B334A, 9A7CDC7AB7D8C7D889FB396F567E98DCB3D206FA087B0565E703BCB5D8387867
PUP.Optional.MindSpark.Generic, C:\USERS\USUARIO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Profile 1\Secure Preferences, Sin acciones por parte del usuario, 1818, 443121, , , , , D87FED892827F828750E33223192478E, B85C04B97BCF271ACC129846DC1E3F446CD1A0EE4134EA197998DE013A497EBD
PUP.Optional.MindSpark.Generic, C:\USERS\USUARIO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Profile 1\Preferences, Sin acciones por parte del usuario, 1818, 443121, , , , , 4D02E03F1A6A25E15FD81AB7B0CB415D, 117A84AD3113DEC98290383959E806BF183A34352C16BE1273C8B4911CB517F5
PUP.Optional.MindSpark.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Local Extension Settings\apicngidjjeegmfbfgpobchlpliidibm\000003.log, Sin acciones por parte del usuario, 1818, 443121, , , , , DA780BB847D91CC753285140D04B9D3C, F11655B03121A76EAF6DC116921C02970A65515A7CB3B86A3DD18635F5726634
PUP.Optional.MindSpark.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Local Extension Settings\apicngidjjeegmfbfgpobchlpliidibm\CURRENT, Sin acciones por parte del usuario, 1818, 443121, , , , , 46295CAC801E5D4857D09837238A6394, 0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
PUP.Optional.MindSpark.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Local Extension Settings\apicngidjjeegmfbfgpobchlpliidibm\LOCK, Sin acciones por parte del usuario, 1818, 443121, , , , , , 
PUP.Optional.MindSpark.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Local Extension Settings\apicngidjjeegmfbfgpobchlpliidibm\LOG, Sin acciones por parte del usuario, 1818, 443121, , , , , F997A6272347342AD7073202811A9454, 9CA1D3F138BBDB5EB9DE0CBBFCF82F58A2EB716313B884EF463B48C98EAAC59F
PUP.Optional.MindSpark.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Local Extension Settings\apicngidjjeegmfbfgpobchlpliidibm\LOG.old, Sin acciones por parte del usuario, 1818, 443121, , , , , 9DE2F36B233FAB10FABF7D7A0CCAC00E, BDA6D1201B22F5F0A12DF2E505C370797BF8E7A65A486F6F38DCF29C451FF366
PUP.Optional.MindSpark.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Local Extension Settings\apicngidjjeegmfbfgpobchlpliidibm\MANIFEST-000001, Sin acciones por parte del usuario, 1818, 443121, , , , , 5AF87DFD673BA2115E2FCF5CFDB727AB, F9D31B278E215EB0D0E9CD709EDFA037E828F36214AB7906F612160FEAD4B2B4
PUP.Optional.MindSpark.Generic, C:\USERS\USUARIO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\EXTENSIONS\APICNGIDJJEEGMFBFGPOBCHLPLIIDIBM\13.931.18.9221_0\MANIFEST.JSON, Sin acciones por parte del usuario, 1818, 443121, 1.0.30005, , ame, , A169A3CB0A30FE348B9E8235F3409759, 5E68BDEAB6ECEE0E32745C301EA412853C7FB44883EC7B7F52E1826B7780C672
PUP.Optional.MindSpark.Generic, C:\USERS\USUARIO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\EXTENSIONS\APICNGIDJJEEGMFBFGPOBCHLPLIIDIBM\13.931.18.9221_0\CONFIG\CONFIG.JSON, Sin acciones por parte del usuario, 1818, 456842, 1.0.30005, , ame, , 97B25A903872751E1ADB0153E6CAED7A, 362B2011B71FF2F028EEAC41D3011571A6A9F9F315DE5264A19215659266DC19

Sector físico: 0
(No hay elementos maliciosos detectados)

WMI: 0
(No hay elementos maliciosos detectados)


(end)
Malwarebytes
www.malwarebytes.com

-Detalles del registro-
Fecha del análisis: 18/9/20
Hora del análisis: 0:17
Archivo de registro: 735aaa9e-f95d-11ea-9ff6-34e6adab8c85.json

-Información del software-
Versión: 4.2.1.89
Versión de los componentes: 1.0.1045
Versión del paquete de actualización: 1.0.30005
Licencia: Prueba

-Información del sistema-
SO: Windows 10 (Build 18362.1082)
CPU: x64
Sistema de archivos: NTFS
Usuario: LENOVOROBERTO\usuario

-Resumen del análisis-
Tipo de análisis: Análisis de amenazas
Análisis iniciado por:: Manual
Resultado: Completado
Objetos analizados: 459010
Amenazas detectadas: 24
Amenazas en cuarentena: 24
Tiempo transcurrido: 26 min, 21 seg

-Opciones de análisis-
Memoria: Activado
Inicio: Activado
Sistema de archivos: Activado
Archivo: Activado
Rootkits: Desactivado
Heurística: Activado
PUP: Detectar
PUM: Detectar

-Detalles del análisis-
Proceso: 0
(No hay elementos maliciosos detectados)

Módulo: 0
(No hay elementos maliciosos detectados)

Clave del registro: 4
Hijack.AutoConfigURL.PrxySvrRST, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\OPTIMIZE THUMBNAIL CACHE FILES, En cuarentena, 3798, 328817, , , , , , 
Hijack.AutoConfigURL.PrxySvrRST, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{E6C39630-0EEF-4503-9397-F87288E8B99A}, En cuarentena, 3798, 328817, , , , , , 
Hijack.AutoConfigURL.PrxySvrRST, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\PLAIN\{E6C39630-0EEF-4503-9397-F87288E8B99A}, En cuarentena, 3798, 328817, , , , , , 
Hijack.AutoConfigURL.PrxySvrRST, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\NLASVC\PARAMETERS\INTERNET\MANUALPROXIES, En cuarentena, 3798, -1, 0.0.0, , action, , , 

Valor del registro: 7
Hijack.AutoConfigURL.PrxySvrRST, HKU\S-1-5-18\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYENABLE, En cuarentena, 3798, -1, 0.0.0, , action, , , 
Hijack.AutoConfigURL.PrxySvrRST, HKU\S-1-5-19\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYENABLE, En cuarentena, 3798, -1, 0.0.0, , action, , , 
Hijack.AutoConfigURL.PrxySvrRST, HKU\S-1-5-21-1655116526-72280640-3654168884-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYENABLE, En cuarentena, 3798, -1, 0.0.0, , action, , , 
Hijack.AutoConfigURL.PrxySvrRST, HKU\.DEFAULT\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYENABLE, En cuarentena, 3798, -1, 0.0.0, , action, , , 
Hijack.AutoConfigURL.PrxySvrRST, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYOVERRIDE, En cuarentena, 3798, -1, 0.0.0, , action, , , 
Hijack.AutoConfigURL.PrxySvrRST, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{E6C39630-0EEF-4503-9397-F87288E8B99A}|PATH, En cuarentena, 3798, 328818, 1.0.30005, , ame, , , 
PUP.Optional.MindSpark.Generic, HKU\S-1-5-21-1655116526-72280640-3654168884-1001\SOFTWARE\GOOGLE\CHROME\PREFERENCEMACS\Profile 1\extensions.settings|apicngidjjeegmfbfgpobchlpliidibm, En cuarentena, 1818, 443121, , , , , , 

Datos del registro: 0
(No hay elementos maliciosos detectados)

Secuencia de datos: 0
(No hay elementos maliciosos detectados)

Carpeta: 2
PUP.Optional.MindSpark.Generic, C:\USERS\USUARIO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Profile 1\Local Extension Settings\apicngidjjeegmfbfgpobchlpliidibm, En cuarentena, 1818, 443121, , , , , , 
PUP.Optional.MindSpark.Generic, C:\USERS\USUARIO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\EXTENSIONS\APICNGIDJJEEGMFBFGPOBCHLPLIIDIBM, En cuarentena, 1818, 443121, 1.0.30005, , ame, , , 

Archivo: 11
Hijack.AutoConfigURL.PrxySvrRST, C:\WINDOWS\SYSTEM32\TASKS\OPTIMIZE THUMBNAIL CACHE FILES, En cuarentena, 3798, 328817, 1.0.30005, , ame, , 1B6C1337D3801E92D9B72507526B334A, 9A7CDC7AB7D8C7D889FB396F567E98DCB3D206FA087B0565E703BCB5D8387867
PUP.Optional.MindSpark.Generic, C:\USERS\USUARIO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Profile 1\Secure Preferences, Sustituido, 1818, 443121, , , , , D87FED892827F828750E33223192478E, B85C04B97BCF271ACC129846DC1E3F446CD1A0EE4134EA197998DE013A497EBD
PUP.Optional.MindSpark.Generic, C:\USERS\USUARIO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Profile 1\Preferences, Sustituido, 1818, 443121, , , , , 4D02E03F1A6A25E15FD81AB7B0CB415D, 117A84AD3113DEC98290383959E806BF183A34352C16BE1273C8B4911CB517F5
PUP.Optional.MindSpark.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Local Extension Settings\apicngidjjeegmfbfgpobchlpliidibm\000003.log, En cuarentena, 1818, 443121, , , , , DA780BB847D91CC753285140D04B9D3C, F11655B03121A76EAF6DC116921C02970A65515A7CB3B86A3DD18635F5726634
PUP.Optional.MindSpark.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Local Extension Settings\apicngidjjeegmfbfgpobchlpliidibm\CURRENT, En cuarentena, 1818, 443121, , , , , 46295CAC801E5D4857D09837238A6394, 0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
PUP.Optional.MindSpark.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Local Extension Settings\apicngidjjeegmfbfgpobchlpliidibm\LOCK, En cuarentena, 1818, 443121, , , , , , 
PUP.Optional.MindSpark.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Local Extension Settings\apicngidjjeegmfbfgpobchlpliidibm\LOG, En cuarentena, 1818, 443121, , , , , F997A6272347342AD7073202811A9454, 9CA1D3F138BBDB5EB9DE0CBBFCF82F58A2EB716313B884EF463B48C98EAAC59F
PUP.Optional.MindSpark.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Local Extension Settings\apicngidjjeegmfbfgpobchlpliidibm\LOG.old, En cuarentena, 1818, 443121, , , , , 9DE2F36B233FAB10FABF7D7A0CCAC00E, BDA6D1201B22F5F0A12DF2E505C370797BF8E7A65A486F6F38DCF29C451FF366
PUP.Optional.MindSpark.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Local Extension Settings\apicngidjjeegmfbfgpobchlpliidibm\MANIFEST-000001, En cuarentena, 1818, 443121, , , , , 5AF87DFD673BA2115E2FCF5CFDB727AB, F9D31B278E215EB0D0E9CD709EDFA037E828F36214AB7906F612160FEAD4B2B4
PUP.Optional.MindSpark.Generic, C:\USERS\USUARIO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\EXTENSIONS\APICNGIDJJEEGMFBFGPOBCHLPLIIDIBM\13.931.18.9221_0\MANIFEST.JSON, En cuarentena, 1818, 443121, 1.0.30005, , ame, , A169A3CB0A30FE348B9E8235F3409759, 5E68BDEAB6ECEE0E32745C301EA412853C7FB44883EC7B7F52E1826B7780C672
PUP.Optional.MindSpark.Generic, C:\USERS\USUARIO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\EXTENSIONS\APICNGIDJJEEGMFBFGPOBCHLPLIIDIBM\13.931.18.9221_0\CONFIG\CONFIG.JSON, En cuarentena, 1818, 456842, 1.0.30005, , ame, , 97B25A903872751E1ADB0153E6CAED7A, 362B2011B71FF2F028EEAC41D3011571A6A9F9F315DE5264A19215659266DC19

Sector físico: 0
(No hay elementos maliciosos detectados)

WMI: 0
(No hay elementos maliciosos detectados)


(end)
# -------------------------------
# Malwarebytes AdwCleaner 8.0.7.0
# -------------------------------
# Build:    07-22-2020
# Database: 2020-07-20.1 (Local)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start:    09-18-2020
# Duration: 00:00:49
# OS:       Windows 10 Enterprise
# Cleaned:  31
# Failed:   1


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted       C:\Program Files (x86)\ShowMyPCService
Deleted       C:\ProgramData\SecuritySuite
Deleted       C:\Users\usuario\Documents\TotalAV

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

Deleted       C:\Windows\System32\Tasks\OPTIMIZE THUMBNAIL CACHE FILES

***** [ Registry ] *****

Deleted       HKCU\Software\SSProtect
Deleted       HKLM\SOFTWARE\Classes\ctTOOLBAR.ctToolBarCtrl.2
Deleted       HKLM\SOFTWARE\Google\Chrome\NativeMessagingHosts\com.totalav.passwordvaultassistant
Deleted       HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E6C39630-0EEF-4503-9397-F87288E8B99A} 
Deleted       HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E6C39630-0EEF-4503-9397-F87288E8B99A} 
Deleted       HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Optimize Thumbnail Cache Files
Deleted       HKLM\SOFTWARE\Mozilla\NativeMessagingHosts\com.totalav.passwordvaultassistant
Deleted       HKLM\Software\Classes\Interface\{7697BC38-D0FA-454B-AC75-968B4CCABFCE}
Deleted       HKLM\Software\Wow6432Node\\Classes\Interface\{7697BC38-D0FA-454B-AC75-968B4CCABFCE}

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

Deleted       Preinstalled.HPUsageTrackingLEDM   Folder   C:\Program Files (x86)\HP\HP UT LEDM\BIN
Deleted       Preinstalled.HPUsageTrackingLEDM   Registry   HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|HPUsageTrackingLEDM
Deleted       Preinstalled.HPUsageTrackingLEDM   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Run|HPUsageTrackingLEDM
Deleted       Preinstalled.HPUsageTrackingLEDM   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{853F464A-B2B8-404E-BA3E-B98FF6862C41}
Deleted       Preinstalled.LenovoIMController   Folder   C:\ProgramData\LENOVO\IMCONTROLLER
Deleted       Preinstalled.LenovoIMController   Folder   C:\Users\usuario\AppData\Local\LENOVO\IMCONTROLLER
Deleted       Preinstalled.LenovoIMController   Folder   C:\Windows\LENOVO\IMCONTROLLER
Deleted       Preinstalled.LenovoIMController   Folder   C:\Windows\System32\Tasks\LENOVO\IMCONTROLLER
Deleted       Preinstalled.LenovoIMController   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\Lenovo Dependency Package_is1
Deleted       Preinstalled.LenovoServiceBridge   Folder   C:\Users\usuario\AppData\Local\PROGRAMS\LENOVO\LENOVO SERVICE BRIDGE
Deleted       Preinstalled.LenovoServiceBridge   Registry   HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{2C74547D-EF88-47F4-85F5-BE46A31E26B7}_is1
Deleted       Preinstalled.LenovoUpdate   Registry   HKLM\Software\Wow6432Node\\Classes\CLSID\{03C6CC92-68F2-4961-9A73-CAECA350BD08}
Deleted       Preinstalled.LenovoUpdate   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\TVSU_is1
Deleted       Preinstalled.LenovoUtility   Folder   C:\Program Files\LENOVO\LENOVOUTILITY
Deleted       Preinstalled.LenovoUtility   Registry   HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|LenovoUtility
Deleted       Preinstalled.LenovoUtility   Registry   HKLM\Software\Microsoft\Windows\CurrentVersion\Run|LenovoUtility
Deleted       Preinstalled.LenovoUtility   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{6ADA7E88-8D16-4D0D-BC90-2B93AC5E56DA}
Deleted       Preinstalled.LenovoUtility   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{6ADA7E88-8D16-4D0D-BC90-2B93AC5E56DA}
Not Deleted   Preinstalled.LenovoUpdate   Folder   C:\Program Files (x86)\LENOVO\SYSTEM UPDATE


*************************

[+] Delete Prefetch
[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [4831 octets] - [18/09/2020 00:20:30]
AdwCleaner_Debug.log - [13315 octets] - [18/09/2020 00:25:18]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

Esta tdo muy explicado para que sin apenas conocimeintos se pueda hacer

Esto es sencillo…ejecutar algo desde el escritorio…y lo hiciste mal de nuevo…lo ejecutaste desde la carpeta descargas de nuevo.

Esto te lo remarque y asi y todo los eliminaste

Abres adwcleaner - cuarentena- pestaña sofware preinstalado

Marcas todo y das a restaurar

Reinicias el pc y comentas como sigge el pc

Abres el programa spacesniffer y me pones de nuevo una captura

Por ahora parece que está todo correcto.

Prueba el PC dos o tres días y comprueba de nuevo el espacio libre que no haya aumentado de manera inadecuada.

Me comentas cómo sigue todo

Ahora se apago y no enciende. No inicia