Tengo instalado Windows 10 en mi computadora y recientemente me apareció el error IRQL NOT LESS OR EQUAL,en una pantalla azul con letras blancas. no se porque sea ese problema si me pueden apoyar.
desde ya muchas gracias.
Hola Arcanine
Las causas de ese error son muchísimas. Hay que empezar a descartar cosas:
Primero, si los recursos de Tu PC son suficientes para tener instalado Winows 10. Otros factores importantes son los programas que tengas instalados y la posibilidad de que se halla instalado algún malware. Por último, también hay que verificar la integridad física de los componentes del PC (Hardware) y la correcta instalación de los drivers de los mismos.
Vamos por partes …
Realiza los siguientes pasos, sin cambiar el orden:
1.- Desactiva temporalmente tu antivirus y cualquier programa de seguridad.
2.- Descargá a Tu escritorio las siguientes herramientas:
3.- Seguí paso a paso las acciones …
Malwarebytes
Instalalo y actualizalo. Realiza un Análisis Completo. Pulsa en “Eliminar Seleccionados” para enviarlo a la cuarentena. Reinicias el sistema. En el apartado del manual “Historial” >> Registros de Aplicación >> Scan Log/Registro de Análisis encontrarás el informe del MBAM, que debes copiar y pegar en tu próxima respuesta.
AdwCleaner
Ejecutalo. (Clic derecho y selecciona Ejecutar como Administrador). Pulsa en el botón Escanear y espera a que se realice el proceso. Luego pulsa sobre el botón Limpiar. Espera a que se complete. Si te pidiera reiniciar el sistema Aceptas. Guardas el reporte que te aparecerá para copiarlo y pegarlo en tu próxima respuesta. El informe también se puede encontrar en “C:\AdwCleaner\AdwCleaner.txt”
ZHPCleaner
Siguiendo Su manual, lo instalas y ejecutas. Cuando termine, eliminas todo lo que encuentre.
CCleaner
Instalalo y ejecutalo. En la pestaña limpiador dejas como esta configurada predeterminadamente, haces clic en analizar esperas que termine > clic en ejecutar limpiador. Clic en la pestaña Registro > clic en buscar problemas esperas que termine > clic en Reparar Seleccionadas y haces una copia de seguridad.
NOTA IMPORTANTE:
En Tu próxima respuesta debes pegar los reportes de Malwarebytes, AdwCleaner y ZHPCleaner.
Envuelve cada uno de los informes con una etiqueta escrita 
al inicio del informe y otra como este 
al final del mismo.
Nos comentas como sigue el problema original por el que abriste el tema.
Saludos
Saludos
Disculpa la tardanza; aquí traigo los informes de los programas:
Malwarebytes
www.malwarebytes.com
-Detalles del registro-
Fecha del análisis: 19/11/18
Hora del análisis: 13:21
Archivo de registro: 61bcd53c-ec30-11e8-af37-e0d55e8bc5ca.json
-Información del software-
Versión: 3.6.1.2711
Versión de los componentes: 1.0.482
Versión del paquete de actualización: 1.0.7923
Licencia: Prueba
-Información del sistema-
SO: Windows 10 (Build 14393.0)
CPU: x64
Sistema de archivos: NTFS
Usuario: DESKTOP-N8C7JI0\Admin
-Resumen del análisis-
Tipo de análisis: Análisis personalizado
Análisis iniciado por:: Manual
Resultado: Completado
Objetos analizados: 269886
Amenazas detectadas: 15
Amenazas en cuarentena: 14
Tiempo transcurrido: 2 hr, 47 min, 0 seg
-Opciones de análisis-
Memoria: Activado
Inicio: Activado
Sistema de archivos: Activado
Archivo: Activado
Rootkits: Activado
Heurística: Activado
PUP: Detectar
PUM: Detectar
-Detalles del análisis-
Proceso: 0
(No hay elementos maliciosos detectados)
Módulo: 0
(No hay elementos maliciosos detectados)
Clave del registro: 0
(No hay elementos maliciosos detectados)
Valor del registro: 0
(No hay elementos maliciosos detectados)
Datos del registro: 0
(No hay elementos maliciosos detectados)
Secuencia de datos: 0
(No hay elementos maliciosos detectados)
Carpeta: 0
(No hay elementos maliciosos detectados)
Archivo: 15
HackTool.Patcher, C:\USERS\ADMIN\DESKTOP\INTERNET.DOWNLOAD.MANAGER.V6.31.BUILD.3.RETAIL.FINAL.INCL.CRACK-ADDHALOKA+PORTABLE\INTERNET.DOWNLOAD.MANAGER.V6.31.BUILD.3.RETAIL.FINAL.INCL.CRACK-ADDHALOKA\_APRIL 2018\IDM 6.XX PATCH V10 BY THE HIDDEN 2000 - AORE.RAR, En cuarentena, [7855], [524716],1.0.7923
HackTool.Agent.IDM, C:\USERS\ADMIN\DESKTOP\INTERNET.DOWNLOAD.MANAGER.V6.31.BUILD.3.RETAIL.FINAL.INCL.CRACK-ADDHALOKA+PORTABLE\INTERNET.DOWNLOAD.MANAGER.V6.31.BUILD.3.RETAIL.FINAL.INCL.CRACK-ADDHALOKA\_MAY 2018\INTERNET DOWNLOAD MANAGER 6.30 BUILD 8. PATCH ADDHALOKA. ONLY.7Z, En cuarentena, [10680], [455807],1.0.7923
HackTool.FilePatch, C:\USERS\ADMIN\DESKTOP\INTERNET.DOWNLOAD.MANAGER.V6.31.BUILD.3.RETAIL.FINAL.INCL.CRACK-ADDHALOKA+PORTABLE\INTERNET.DOWNLOAD.MANAGER.V6.31.BUILD.3.RETAIL.FINAL.INCL.CRACK-ADDHALOKA\_MAY 2018\INTERNET.DOWNLOAD.MANAGER.6.30.BUILD.8.PATCH-URET.ZIP, En cuarentena, [7842], [281135],1.0.7923
HackTool.FilePatch, C:\USERS\ADMIN\DESKTOP\INTERNET.DOWNLOAD.MANAGER.V6.31.BUILD.3.RETAIL.FINAL.INCL.CRACK-ADDHALOKA+PORTABLE\INTERNET.DOWNLOAD.MANAGER.V6.31.BUILD.3.RETAIL.FINAL.INCL.CRACK-ADDHALOKA\_MAY 2018\INTERNET.DOWNLOAD.MANAGER.V6.X.RELEASE.1.PATCH-GHOST0507.ZIP, En cuarentena, [7842], [281135],1.0.7923
HackTool.Agent.IDM, C:\USERS\ADMIN\DESKTOP\INTERNET.DOWNLOAD.MANAGER.V6.31.BUILD.3.RETAIL.FINAL.INCL.CRACK-ADDHALOKA+PORTABLE\INTERNET.DOWNLOAD.MANAGER.V6.31.BUILD.3.RETAIL.FINAL.INCL.CRACK-ADDHALOKA\IDM.6.30.8+-PATCH.EXE, En cuarentena, [10680], [455807],1.0.7923
RiskWare.Patcher, C:\USERS\ADMIN\DESKTOP\INTERNET.DOWNLOAD.MANAGER.V6.31.BUILD.3.RETAIL.FINAL.INCL.CRACK-ADDHALOKA+PORTABLE\INTERNET.DOWNLOAD.MANAGER.V6.31.BUILD.3.RETAIL.FINAL.INCL.CRACK-ADDHALOKA\IDM.6.30.8+PATCH.EXE, En cuarentena, [7912], [573887],1.0.7923
Generic.Malware/Suspicious, C:\USERS\ADMIN\DESKTOP\INTERNET.DOWNLOAD.MANAGER.V6.31.BUILD.3.RETAIL.FINAL.INCL.CRACK-ADDHALOKA+PORTABLE\INTERNET.DOWNLOAD.MANAGER.V6.31.BUILD.3.RETAIL.FINAL.INCL.CRACK-ADDHALOKA\_APRIL 2018\IDM_6.30.8_PATCHER_B.O.C TEAM.RAR, En cuarentena, [0], [392686],1.0.7923
Generic.Malware/Suspicious, C:\USERS\ADMIN\DESKTOP\INTERNET.DOWNLOAD.MANAGER.V6.31.BUILD.3.RETAIL.FINAL.INCL.CRACK-ADDHALOKA+PORTABLE\INTERNET.DOWNLOAD.MANAGER.V6.31.BUILD.3.RETAIL.FINAL.INCL.CRACK-ADDHALOKA\STOPUPDATE_IDM_OLD.EXE, En cuarentena, [0], [392686],1.0.7923
RiskWare.Tool.HCK, C:\USERS\ADMIN\DESKTOP\AUTODESK.AUTOCAD.V2016.WIN64-ISO\CRACK\XF-ADSK2016_X64.7Z, En cuarentena, [7756], [65468],1.0.7923
RiskWare.Tool.HCK, C:\USERS\ADMIN\DESKTOP\AUTODESK.AUTOCAD.V2016.WIN64-ISO\CRACK\XF-ADSK2016_X86.7Z, En cuarentena, [7756], [65468],1.0.7923
HackTool.FilePatch, C:\USERS\ADMIN\DESKTOP\DAEMON.TOOLS.PRO.V8.2.0.708.MULTILINGUAL.INCL.PATCH\CRACK\2.EXE, En cuarentena, [7842], [281135],1.0.7923
HackTool.FilePatch, C:\USERS\ADMIN\DESKTOP\DAEMON.TOOLS.PRO.V8.2.0.708.MULTILINGUAL.INCL.PATCH\2 DAEMON.TOOLS.PRO.V8.2.0.BUILD.0708.AFTER.REGGEN.PATCH.ZIP, En cuarentena, [7842], [281135],1.0.7923
CrackTool.Agent, C:\USERS\ADMIN\DESKTOP\NUEVA CARPETA\ADOBE.PREMIERE.PRO.CC.2015.V9.0.0.342.MULTILINGUAL.INCL.KEYGEN-XFORCE\CRACK\KEYGEN\ADOBE CC 2014-X-FORCE\CRACK-WINDOWS\XF-ADOBECC2014.EXE, En cuarentena, [6156], [146743],1.0.7923
RiskWare.Tool.HCK, C:\USERS\ADMIN\DESKTOP\NUEVA CARPETA\ADOBE.PREMIERE.PRO.CC.2015.V9.0.0.342.MULTILINGUAL.INCL.KEYGEN-XFORCE\CRACK\PATCH PAINTER 1.4\ADOBE.SNR.PATCH-PAINTER.EXE, Error durante la eliminación, [7756], [69152],1.0.7923
PUP.Optional.FusionCore, C:\USERS\ADMIN\DOWNLOADS\PROGRAMS\FILEZILLA_3.38.1_WIN64-SETUP_BUNDLED.EXE, En cuarentena, [7819], [599917],1.0.7923
Sector físico: 0
(No hay elementos maliciosos detectados)
WMI: 0
(No hay elementos maliciosos detectados)
(end)El Informe de Adwcleaner:
# -------------------------------
# Malwarebytes AdwCleaner 7.2.4.0
# -------------------------------
# Build: 09-25-2018
# Database: 2018-11-19.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 11-19-2018
# Duration: 00:00:13
# OS: Windows 10 Pro
# Scanned: 32104
# Detected: 0
***** [ Services ] *****
No malicious services found.
***** [ Folders ] *****
No malicious folders found.
***** [ Files ] *****
No malicious files found.
***** [ DLL ] *****
No malicious DLLs found.
***** [ WMI ] *****
No malicious WMI found.
***** [ Shortcuts ] *****
No malicious shortcuts found.
***** [ Tasks ] *****
No malicious tasks found.
***** [ Registry ] *****
No malicious registry entries found.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries found.
***** [ Chromium URLs ] *****
No malicious Chromium URLs found.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries found.
***** [ Firefox URLs ] *****
No malicious Firefox URLs found.
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########
EL Informe de ZHPCleaner:
~ ZHPCleaner v2018.11.19.196 by Nicolas Coolman (2018/11/19)
~ Run by Admin (Administrator) (19/11/2018 16:43:24)
~ Web: https://www.nicolascoolman.com
~ Blog: https://nicolascoolman.eu/
~ Facebook : https://www.facebook.com/nicolascoolman1
~ State version : Version OK
~ Certificate ZHPCleaner: Legal
~ Type : Reparar
~ Report : C:\Users\Admin\Desktop\ZHPCleaner.txt
~ Quarantine : C:\Users\Admin\AppData\Roaming\ZHP\ZHPCleaner_Reg.txt
~ UAC : Activate
~ Boot Mode : Normal (Normal boot)
Windows 10 Pro, 64-bit (Build 14393)
---\\ Alternate Data Stream (ADS). (0)
~ No malintencionados o innecesarios artículos encontrados.
---\\ Servicios (0)
~ No malintencionados o innecesarios artículos encontrados.
---\\ Navegadores de Internet (0)
~ No malintencionados o innecesarios artículos encontrados.
---\\ Hosts carpeta (1)
~ El archivo hosts es legítimo (554)
---\\ Tareas automáticas programadas. (0)
~ No malintencionados o innecesarios artículos encontrados.
---\\ Explorador ( Archivos, Carpetas ) (17)
MOVIDO carpeta: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\e9d8nqvf.default\storage.bak\default\https+++www.softonic.com\.metadata =>.SUP.Softonic
MOVIDO carpeta: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\e9d8nqvf.default\storage.bak\default\https+++www.softonic.com\.metadata-v2 =>.SUP.Softonic
MOVIDO carpeta: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\e9d8nqvf.default\storage.bak\default\https+++www.softonic.com\idb\993782502OBNDE__KSDISG_NLA.sqlite =>.SUP.Softonic
MOVIDO carpeta: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\e9d8nqvf.default\storage.bak\default\http+++pxlgnpgecom-a.akamaihd.net\.metadata =>.SUP.AkamaiHD
MOVIDO carpeta: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\e9d8nqvf.default\storage.bak\default\http+++pxlgnpgecom-a.akamaihd.net\.metadata-v2 =>.SUP.AkamaiHD
MOVIDO carpeta: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\e9d8nqvf.default\storage.bak\default\http+++pxlgnpgecom-a.akamaihd.net\idb\2532886276bta_fcpe_.sqlite =>.SUP.AkamaiHD
MOVIDO carpeta: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\e9d8nqvf.default\storage\default\http+++pxlgnpgecom-a.akamaihd.net\.metadata =>.SUP.AkamaiHD
MOVIDO carpeta: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\e9d8nqvf.default\storage\default\http+++pxlgnpgecom-a.akamaihd.net\.metadata-v2 =>.SUP.AkamaiHD
MOVIDO carpeta: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\e9d8nqvf.default\storage\default\http+++pxlgnpgecom-a.akamaihd.net\idb\2532886276bta_fcpe_.sqlite =>.SUP.AkamaiHD
MOVIDO carpeta: C:\ProgramData\KMSAutoS\KMSAuto Net.exe [MSFree Inc. - KMSAuto Net] =>HackTool.WinActivator
MOVIDO carpeta: C:\ProgramData\KMSAutoS\bin\KMSSS.exe [MDL Forum, mod by Ratiborus - KMS Server Emulator Service (XP)] =>HackTool.AutoKMS
MOVIDO carpeta: C:\Windows\AutoKMS\AutoKMS.exe [CODYQX4 - AutoKMS] =>HackTool.AutoKMS
MOVIDO carpeta: C:\Windows\AutoKMS\AutoKMS.log =>HackTool.AutoKMS
MOVIDO archivo: C:\ProgramData\KMSAutoS =>HackTool.WinActivator
MOVIDO archivo: C:\ProgramData\Microsoft Toolkit =>HackTool.AutoKMS
MOVIDO archivo: C:\Windows\AutoKMS =>HackTool.AutoKMS
MOVIDO archivo: C:\Users\Admin\AppData\Local\MSfree Inc =>HackTool.WinActivator
---\\ Registro ( Claves, Valores, Datos) (0)
~ No malintencionados o innecesarios artículos encontrados.
---\\ Resumen de elementos en su estación de trabajo (4)
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.SUP.Softonic
https://nicolascoolman.eu/2017/12/26/sup-akamaihd/ =>.SUP.AkamaiHD
https://nicolascoolman.eu/2017/01/13/hacktool-winactivator/ =>HackTool.WinActivator
https://nicolascoolman.eu/2017/02/02/hacktool-autokms/ =>HackTool.AutoKMS
---\\ Limpieza adicional. (7)
~ Clave de registro Tracing borrados (7)
~ Quitar los antiguos informes de ZHPCleaner. (0)
---\\ Resultado de la reparación.
~ Reparación llevada a cabo con éxito
~ falta este navegador! (Opera Software)
---\\ STATISTIQUES
~ Items escaneado : 1886
~ Items encontrado : 0
~ artículos cancelados : 0
~ Items opciones : 0/7
~ Ahorro de espacio (bytes) : 0
~ End of clean in 00h00mn05s
---\\ Reporte (2)
ZHPCleaner-[S]-19112018-16_40_49.txt
ZHPCleaner-[R]-19112018-16_43_29.txt
Hola
Desactiva temporalmente tu antivirus y cualquier programa de seguridad que tengas en funciones.
Descarga Farbar Recovery Scan Tool en el escritorio de Tu PC. Selecciona la versión adecuada para la arquitectura (32 o 64bits) de tu equipo.
Como saber si Mi Windows es de 32 0 64 Bits`
- Ejecuta FRST.exe
- En el mensaje de la ventana del Disclaimer, pulsamos Yes
- En la ventana principal pulsamos en el botón Scan y esperamos a que concluya el proceso.
- Se abrirán dos(2) archivos(Logs), Frst.txt y Addition.txt, estos quedaran grabados en el escritorio.
Guía: Como Ejecutar FRST
En Tu próxima respuesta, debes pegar los dos reportes generados.
Debes copiarlos y pegarlos con todo su contenido y usaras varios mensajes si recibes un mensaje de error indicando que es muy largo(mas de 50.000 caracteres aprox.).
Envuelve cada uno de los informes con una etiqueta escrita al inicio del informe y otra como este al final del mismo.
Saludos
Informe de Farbar FRST:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15.11.2018
Ran by Admin (administrator) on DESKTOP-N8C7JI0 (19-11-2018 17:30:14)
Running from C:\Users\Admin\Desktop
Loaded Profiles: Admin (Available Profiles: defaultuser0 & Admin & DefaultAppPool)
Platform: Windows 10 Pro Version 1607 (X64) Language: Español (España, internacional)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\DriverStore\FileRepository\c0334122.inf_amd64_2e9fcce50cc19bdc\B333740\atiesrxx.exe
(AMD) C:\Windows\System32\DriverStore\FileRepository\c0334122.inf_amd64_2e9fcce50cc19bdc\B333740\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\inetsrv\inetinfo.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\System32\mqtgsvc.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 3.0\ksde.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amddvr.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 3.0\ksdeui.exe
(Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IDMan.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amdow.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Pro\DTShellHlp.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Pro\DiscSoftBusServicePro.exe
(MPC-HC Team) C:\Program Files\Combined Community Codec Pack 64bit\MPC\mpc-hc64.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.4.86.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
(Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
() C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1605.1582.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [MsmqIntCert] => "C:\Windows\System32\regsvr32.exe" /s "C:\Windows\System32\mqrt.dll"
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500936 2015-04-28] (Adobe Systems Incorporated)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-1755836162-1755776415-1301256422-1001\...\Run: [IDMan] => C:\Program Files (x86)\Internet Download Manager\IDMan.exe [3973176 2018-10-17] (Tonec Inc.)
HKU\S-1-5-21-1755836162-1755776415-1301256422-1001\...\Run: [DAEMON Tools Pro Agent] => C:\Program Files\DAEMON Tools Pro\DTAgent.exe [4506304 2017-05-17] (Disc Soft Ltd)
HKU\S-1-5-21-1755836162-1755776415-1301256422-1001\...\MountPoints2: {60ea5ee5-e053-11e8-bbcd-e0d55e8bc5ca} - "F:\setup.exe"
HKU\S-1-5-21-1755836162-1755776415-1301256422-1001\...\MountPoints2: {60ea605e-e053-11e8-bbcd-e0d55e8bc5ca} - "H:\setup.exe"
GroupPolicy: Restriction ? <==== ATTENTION
GroupPolicy\User: Restriction ? <==== ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{ada121d7-d94f-4568-a803-316df8aa0ea2}: [NameServer] 208.67.222.222,208.67.220.220
Tcpip\..\Interfaces\{ada121d7-d94f-4568-a803-316df8aa0ea2}: [DhcpNameServer] 192.168.1.254
Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
HKU\S-1-5-21-1755836162-1755776415-1301256422-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/es-mx/?ocid=iehp
BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll [2018-06-19] (Internet Download Manager, Tonec Inc.)
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office16\OCHelper.dll [2015-07-31] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2015-07-31] (Microsoft Corporation)
BHO-x32: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll [2018-06-19] (Internet Download Manager, Tonec Inc.)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll [2015-07-31] (Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2015-07-31] (Microsoft Corporation)
Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation)
FireFox:
========
FF DefaultProfile: e9d8nqvf.default
FF ProfilePath: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\e9d8nqvf.default [2018-11-19]
FF Homepage: Mozilla\Firefox\Profiles\e9d8nqvf.default -> www.google.com.mx
FF Extension: (Facebook Container) - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\e9d8nqvf.default\Extensions\@contain-facebook.xpi [2018-11-17]
FF Extension: (youtube-flash-html) - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\e9d8nqvf.default\Extensions\[email protected] [2018-11-07]
FF Extension: (Tab Session Manager) - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\e9d8nqvf.default\Extensions\[email protected] [2018-11-18]
FF Extension: (Malwarebytes Browser Extension) - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\e9d8nqvf.default\Extensions\{242af0bb-db11-4734-b7a0-61cb8a9b20fb}.xpi [2018-11-09]
FF Extension: (Video DownloadHelper) - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\e9d8nqvf.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2018-10-31]
FF Extension: (Firefox Monitor) - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\e9d8nqvf.default\features\{e5e37dea-2ee5-4386-9abb-7f8c45c7693e}\[email protected] [2018-11-16]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\FFExt\light_plugin_firefox\addon.xpi
FF Extension: (Kaspersky Protection) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\FFExt\light_plugin_firefox\addon.xpi [2018-10-30]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\FFExt\light_plugin_firefox\addon.xpi
FF HKU\S-1-5-21-1755836162-1755776415-1301256422-1001\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Internet Download Manager\idmmzcc3.xpi
FF Extension: (IDM Integration Module) - C:\Program Files (x86)\Internet Download Manager\idmmzcc3.xpi [2018-10-17]
FF HKU\S-1-5-21-1755836162-1755776415-1301256422-1001\...\SeaMonkey\Extensions: [[email protected]] - C:\Users\Admin\AppData\Roaming\IDM\idmmzcc5
FF Extension: (IDM CC) - C:\Users\Admin\AppData\Roaming\IDM\idmmzcc5 [2018-10-30] [Legacy] [not signed]
FF HKU\S-1-5-21-1755836162-1755776415-1301256422-1001\...\SeaMonkey\Extensions: [[email protected]] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi
FF Extension: (IDM integration) - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi [2017-12-20] [Legacy]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-08-10] (VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-03-09] (Adobe Systems)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-07-31] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-11-01] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-11-01] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-09-20] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-03-09] (Adobe Systems)
Chrome:
=======
CHR Profile: C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default [2018-11-19]
CHR Extension: (Presentaciones) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-11-01]
CHR Extension: (Kaspersky Protection) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\amkpcclbbgegoafihnpgomddadjhcadd [2018-11-17]
CHR Extension: (Documentos) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-11-01]
CHR Extension: (Google Drive) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-11-01]
CHR Extension: (YouTube) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-11-01]
CHR Extension: (Hojas de cálculo) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-11-01]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-11-01]
CHR Extension: (IDM Integration Module) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2018-11-01]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-11-01]
CHR Extension: (Gmail) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-11-01]
CHR Extension: (Chrome Media Router) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-11-01]
CHR HKLM\...\Chrome\Extension: [amkpcclbbgegoafihnpgomddadjhcadd] - hxxps://chrome.google.com/webstore/detail/amkpcclbbgegoafihnpgomddadjhcadd
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2018-10-18]
CHR HKLM-x32\...\Chrome\Extension: [amkpcclbbgegoafihnpgomddadjhcadd] - hxxps://chrome.google.com/webstore/detail/amkpcclbbgegoafihnpgomddadjhcadd
CHR HKLM-x32\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2018-10-18]
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AMD External Events Utility; C:\Windows\System32\DriverStore\FileRepository\c0334122.inf_amd64_2e9fcce50cc19bdc\B333740\atiesrxx.exe [504592 2018-10-04] (AMD)
S2 AVP19.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\avp.exe [619640 2018-02-28] (AO Kaspersky Lab)
R3 Disc Soft Pro Bus Service; C:\Program Files\DAEMON Tools Pro\DiscSoftBusServicePro.exe [1841344 2017-05-17] (Disc Soft Ltd)
R2 IISADMIN; C:\Windows\system32\inetsrv\inetinfo.exe [17408 2018-10-30] (Microsoft Corporation)
R2 Intel(R) PROSet Monitoring Service; C:\Windows\system32\IProsetMonitor.exe [505856 2018-05-02] (Intel Corporation) [File not signed]
S3 klvssbridge64_19.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\x64\vssbridge64.exe [416560 2018-10-30] (AO Kaspersky Lab)
R2 KSDE3.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 3.0\ksde.exe [617016 2018-02-28] (AO Kaspersky Lab)
S2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6347056 2018-09-19] (Malwarebytes)
R2 MSMQTriggers; C:\Windows\system32\mqtgsvc.exe [163840 2018-10-30] (Microsoft Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2018-11-04] ()
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2889896 2016-07-16] (Microsoft Corporation)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [11644656 2018-09-10] (TeamViewer GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 amdkmdag; C:\Windows\System32\DriverStore\FileRepository\c0334122.inf_amd64_2e9fcce50cc19bdc\B333740\atikmdag.sys [47111440 2018-10-04] (Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\Windows\System32\DriverStore\FileRepository\c0334122.inf_amd64_2e9fcce50cc19bdc\B333740\atikmpag.sys [587032 2018-10-04] (Advanced Micro Devices, Inc.)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWT6.sys [107400 2018-10-03] (Advanced Micro Devices)
R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [243400 2018-01-27] (AO Kaspersky Lab)
R3 dtproscsibus; C:\Windows\System32\drivers\dtproscsibus.sys [30264 2018-11-04] (Disc Soft Ltd)
R2 GLCKIO2; C:\Program Files (x86)\GIGABYTE\RGBFusion\GLCKIO2.sys [19392 2018-03-08] ()
R3 iaLPSS2_GPIO2; C:\Windows\System32\drivers\iaLPSS2_GPIO2.sys [123520 2018-05-02] (Intel Corporation)
R0 klbackupdisk; C:\Windows\System32\DRIVERS\klbackupdisk.sys [73416 2018-10-22] (AO Kaspersky Lab)
R1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [123152 2018-10-22] (AO Kaspersky Lab)
R1 kldisk; C:\Windows\system32\DRIVERS\kldisk.sys [89168 2018-10-22] (AO Kaspersky Lab)
S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [29208 2017-03-30] (AO Kaspersky Lab)
R3 klflt; C:\Windows\system32\DRIVERS\klflt.sys [220472 2018-10-30] (AO Kaspersky Lab)
R1 KLHK; C:\Windows\System32\drivers\klhk.sys [1214752 2018-10-30] (AO Kaspersky Lab)
S3 klids; C:\ProgramData\Kaspersky Lab\AVP19.0.0\Bases\klids.sys [185576 2018-10-30] (AO Kaspersky Lab)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [1113912 2018-10-30] (AO Kaspersky Lab)
R1 klim6; C:\Windows\system32\DRIVERS\klim6.sys [57032 2018-02-12] (AO Kaspersky Lab)
R3 klkbdflt; C:\Windows\system32\DRIVERS\klkbdflt.sys [58048 2018-01-15] (AO Kaspersky Lab)
R3 klmouflt; C:\Windows\system32\DRIVERS\klmouflt.sys [83496 2017-12-11] (AO Kaspersky Lab)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [50648 2017-05-30] (AO Kaspersky Lab)
S3 klpnpflt; C:\Windows\system32\DRIVERS\klpnpflt.sys [45768 2018-10-22] (AO Kaspersky Lab)
R3 kltap; C:\Windows\System32\drivers\kltap.sys [48080 2018-02-12] (The OpenVPN Project)
R0 klupd_klif_arkmon; C:\Windows\System32\Drivers\klupd_klif_arkmon.sys [238528 2018-11-01] (AO Kaspersky Lab)
R3 klupd_klif_kimul; C:\Windows\System32\Drivers\klupd_klif_kimul.sys [100136 2018-11-15] (AO Kaspersky Lab)
S3 klupd_klif_klark; C:\Windows\System32\Drivers\klupd_klif_klark.sys [289856 2018-11-01] (AO Kaspersky Lab)
R0 klupd_klif_klbg; C:\Windows\System32\Drivers\klupd_klif_klbg.sys [110640 2018-11-01] (AO Kaspersky Lab)
R3 klupd_klif_mark; C:\Windows\System32\Drivers\klupd_klif_mark.sys [193168 2018-11-01] (AO Kaspersky Lab)
R1 klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [100552 2018-02-17] (AO Kaspersky Lab)
R1 klwtp; C:\Windows\system32\DRIVERS\klwtp.sys [161080 2018-10-22] (AO Kaspersky Lab)
R1 kneps; C:\Windows\system32\DRIVERS\kneps.sys [203968 2018-02-24] (AO Kaspersky Lab)
S3 NetAdapterCx; C:\Windows\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 VBoxNetAdp; C:\Windows\system32\DRIVERS\VBoxNetAdp6.sys [213216 2018-10-15] (Oracle Corporation)
R1 VBoxNetLwf; C:\Windows\system32\DRIVERS\VBoxNetLwf.sys [223000 2018-10-15] (Oracle Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
S4 RAMDiskVE; \SystemRoot\System32\Drivers\RAMDiskVE.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-11-19 17:30 - 2018-11-19 17:30 - 000019403 _____ C:\Users\Admin\Desktop\FRST.txt
2018-11-19 17:30 - 2018-11-19 17:30 - 000000000 ____D C:\FRST
2018-11-19 17:29 - 2018-11-19 17:29 - 002416128 _____ (Farbar) C:\Users\Admin\Desktop\FRST64.exe
2018-11-19 17:28 - 2018-11-19 17:28 - 000000570 _____ C:\DelFix.txt
2018-11-19 16:48 - 2018-11-19 16:48 - 000017788 _____ C:\Users\Admin\Documents\cc_20181119_164813.reg
2018-11-19 16:48 - 2018-11-19 16:48 - 000001028 _____ C:\Users\Admin\Documents\cc_20181119_164828.reg
2018-11-19 16:36 - 2018-11-19 16:43 - 000000000 ____D C:\Users\Admin\AppData\Roaming\ZHP
2018-11-19 16:36 - 2018-11-19 16:36 - 000000000 ____D C:\Users\Admin\AppData\Local\ZHP
2018-11-19 12:02 - 2018-11-19 12:02 - 000003160 _____ C:\Windows\System32\Tasks\StartCN
2018-11-19 12:02 - 2018-11-19 12:02 - 000003074 _____ C:\Windows\System32\Tasks\StartDVR
2018-11-19 12:02 - 2018-11-19 12:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Settings
2018-11-19 12:02 - 2018-11-19 12:02 - 000000000 ____D C:\Program Files (x86)\AMD
2018-11-19 12:01 - 2018-11-19 12:01 - 000000000 ____D C:\Windows\LastGood.Tmp
2018-11-19 11:58 - 2018-11-19 11:58 - 025520000 _____ (AMD Inc.) C:\Users\Admin\Downloads\radeon-software-adrenalin-18.9.3-minimalsetup-181005_64bit.exe
2018-11-19 11:58 - 2018-11-19 11:58 - 000000060 _____ C:\ProgramData\SoftwareUpdateTemp.xml
2018-11-19 11:58 - 2018-11-19 11:58 - 000000000 ____D C:\Users\Admin\AppData\Roaming\ATI
2018-11-19 11:58 - 2018-11-19 11:58 - 000000000 ____D C:\Users\Admin\AppData\Local\ATI
2018-11-19 11:58 - 2018-11-19 11:58 - 000000000 ____D C:\ProgramData\ATI
2018-11-18 22:51 - 2018-11-18 22:52 - 000000000 ____D C:\Users\Admin\Desktop\Nueva carpeta (2)
2018-11-18 19:16 - 2018-11-18 19:16 - 000690524 _____ C:\Users\Admin\Downloads\De visita a la casa de Mi Tia, por una semana la penetre rico - XVIDEOS.COM.TS
2018-11-18 19:14 - 2018-11-18 19:15 - 017674444 _____ C:\Users\Admin\Downloads\College Student hulicam ng Classmate - www.kanortube.com - XVIDEOS.COM.TS
2018-11-18 19:07 - 2018-11-18 19:07 - 018782704 _____ C:\Users\Admin\Downloads\Colegiala Amateur Casero - XVIDEOS.COM.TS
2018-11-18 19:05 - 2018-11-18 19:05 - 095381612 _____ C:\Users\Admin\Downloads\Woman has sex with dogs and snakes - XVIDEOS.COM.TS
2018-11-18 19:04 - 2018-11-18 19:05 - 108257732 _____ C:\Users\Admin\Downloads\www.girls4cock.com --- PetVideo — Young Chick plays with - XVIDEOS.COM.TS
2018-11-18 19:03 - 2018-11-18 19:04 - 141295724 _____ C:\Users\Admin\Downloads\Monroe - XVIDEOS.COM.TS
2018-11-18 16:11 - 2018-11-18 16:11 - 000000000 ____D C:\Users\Admin\Desktop\Tor Browser
2018-11-18 00:55 - 2018-11-18 00:55 - 027250788 _____ C:\Users\Admin\Downloads\Niña gritando de placer - XVIDEOS.COM.TS
2018-11-17 22:28 - 2018-11-17 23:01 - 000000000 ____D C:\Users\Admin\dwhelper
2018-11-16 21:39 - 2018-11-16 21:39 - 000000016 _____ C:\ProgramData\mntemp
2018-11-16 21:19 - 2018-11-16 21:37 - 000000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2018-11-16 21:19 - 2018-11-16 21:19 - 000255928 _____ (Malwarebytes) C:\Windows\system32\Drivers\76245599.sys
2018-11-16 20:58 - 2018-11-16 20:58 - 000028272 _____ C:\Windows\system32\Drivers\truesight.sys
2018-11-16 20:55 - 2018-11-16 20:57 - 000000000 ____D C:\ProgramData\RogueKiller
2018-11-16 20:15 - 2018-11-16 20:15 - 000111152 _____ (Malwarebytes) C:\Windows\system32\Drivers\SET32F2.tmp
2018-11-16 19:42 - 2018-11-16 19:42 - 000000000 ____D C:\Users\Admin\AppData\Local\mbam
2018-11-16 19:41 - 2018-11-16 21:19 - 000000000 ____D C:\ProgramData\Malwarebytes
2018-11-16 19:41 - 2018-11-16 20:48 - 000152688 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2018-11-16 19:41 - 2018-11-16 19:41 - 000001912 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2018-11-16 19:41 - 2018-11-16 19:41 - 000000000 ____D C:\Users\Admin\AppData\Local\mbamtray
2018-11-16 19:41 - 2018-11-16 19:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2018-11-16 19:41 - 2018-11-16 19:41 - 000000000 ____D C:\Program Files\Malwarebytes
2018-11-16 18:29 - 2018-11-16 18:29 - 000022734 _____ C:\Windows\system32\results.xml
2018-11-16 09:24 - 2018-11-16 18:29 - 000000000 __SHD C:\Users\Admin\IntelGraphicsProfiles
2018-11-16 09:24 - 2018-11-16 09:25 - 000000000 ____D C:\Users\Admin\AppData\Local\Intel
2018-11-16 09:24 - 2018-11-16 09:24 - 000000000 _____ C:\Windows\system32\GfxValDisplayLog.bin
2018-11-16 09:22 - 2018-02-17 23:51 - 000277952 _____ C:\Windows\system32\igfxCPL.cpl
2018-11-16 09:22 - 2018-02-17 23:51 - 000144824 _____ (Khronos Group) C:\Windows\system32\Intel_OpenCL_ICD64.dll
2018-11-16 09:22 - 2018-02-17 23:51 - 000119744 _____ (Khronos Group) C:\Windows\SysWOW64\Intel_OpenCL_ICD32.dll
2018-11-16 09:21 - 2018-02-17 23:51 - 000820168 _____ (Intel(R) Corporation) C:\Windows\system32\Drivers\IntcDAud.sys
2018-11-16 09:19 - 2018-11-16 20:15 - 000000000 ____D C:\Intel
2018-11-14 19:28 - 2018-11-14 19:28 - 000001273 _____ C:\Users\Admin\Desktop\CrystalDiskInfo.lnk
2018-11-14 19:28 - 2018-11-14 19:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskInfo
2018-11-14 19:28 - 2018-11-14 19:28 - 000000000 ____D C:\Program Files (x86)\CrystalDiskInfo
2018-11-13 20:24 - 2018-11-13 20:24 - 000000000 ____D C:\Users\Admin\AppData\LocalLow\Adobe
2018-11-13 10:05 - 2018-11-13 10:05 - 000000000 ____D C:\Users\Admin\AppData\Roaming\vlc
2018-11-13 10:04 - 2018-11-13 10:04 - 000000916 _____ C:\Users\Public\Desktop\VLC media player.lnk
2018-11-13 10:04 - 2018-11-13 10:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2018-11-13 10:04 - 2018-11-13 10:04 - 000000000 ____D C:\Program Files\VideoLAN
2018-11-12 15:20 - 2018-11-13 08:31 - 000004562 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2018-11-12 15:19 - 2018-11-13 08:30 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2018-11-12 15:19 - 2018-11-12 15:19 - 000002124 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk
2018-11-12 15:19 - 2018-11-12 15:19 - 000000000 ____D C:\Program Files (x86)\Adobe
2018-11-10 10:14 - 2018-11-10 10:14 - 000277248 _____ C:\Users\Admin\Desktop\Desk Projection.rar
2018-11-10 10:14 - 2018-11-10 10:10 - 000000000 ____D C:\Users\Admin\Desktop\Desk Projection
2018-11-10 09:00 - 2018-11-10 09:05 - 000000000 ____D C:\Users\Admin\Documents\tps
2018-11-09 22:22 - 2018-11-09 22:22 - 000000026 _____ C:\Users\Admin\Desktop\telefonos hermilo tamez.txt
2018-11-09 22:15 - 2018-11-09 23:38 - 000000000 ____D C:\Users\Admin\Documents\Camtasia
2018-11-09 22:12 - 2018-10-05 17:17 - 000000000 ____D C:\Users\Admin\Desktop\TechSmith.Camtasia.Studio.v2018.0.4.3822.Incl.Patch-DavicoRm
2018-11-09 15:10 - 2018-11-09 15:10 - 000314858 _____ C:\Users\Admin\Desktop\Eventos de hoy_20181109150556.xls
2018-11-09 14:11 - 2018-11-19 16:37 - 000003800 _____ C:\Windows\System32\Tasks\AutoKMS
2018-11-09 13:53 - 2018-11-09 13:53 - 000002729 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook 2016.lnk
2018-11-09 13:53 - 2018-11-09 13:53 - 000002662 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive para la Empresa.lnk
2018-11-09 13:53 - 2018-11-09 13:53 - 000002656 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word 2016.lnk
2018-11-09 13:53 - 2018-11-09 13:53 - 000002656 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype Empresarial 2016.lnk
2018-11-09 13:53 - 2018-11-09 13:53 - 000002656 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access 2016.lnk
2018-11-09 13:53 - 2018-11-09 13:53 - 000002648 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2018-11-09 13:53 - 2018-11-09 13:53 - 000002648 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel 2016.lnk
2018-11-09 13:53 - 2018-11-09 13:53 - 000002642 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint 2016.lnk
2018-11-09 13:53 - 2018-11-09 13:53 - 000002628 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher 2016.lnk
2018-11-09 13:53 - 2018-11-09 13:53 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Herramientas de Microsoft Office 2016
2018-11-09 13:51 - 2018-11-09 13:51 - 000000000 ____D C:\Windows\PCHEALTH
2018-11-09 13:51 - 2018-11-09 13:51 - 000000000 ____D C:\Program Files\Microsoft SQL Server
2018-11-09 13:51 - 2018-11-09 13:51 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2018-11-09 13:51 - 2018-11-09 13:51 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2018-11-09 13:51 - 2018-11-09 13:51 - 000000000 ____D C:\Program Files (x86)\Microsoft SQL Server
2018-11-09 13:50 - 2018-11-09 13:52 - 000000000 ____D C:\Windows\SHELLNEW
2018-11-09 13:50 - 2018-11-09 13:51 - 000000000 ____D C:\Program Files\Microsoft Office
2018-11-09 13:50 - 2018-11-09 13:50 - 000000000 ____D C:\Users\Admin\AppData\Local\Microsoft Help
2018-11-09 13:50 - 2018-11-09 13:50 - 000000000 ____D C:\Program Files\Microsoft Analysis Services
2018-11-09 13:50 - 2018-11-09 13:50 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2018-11-09 13:50 - 2018-11-09 13:50 - 000000000 ____D C:\Program Files (x86)\Microsoft Analysis Services
2018-11-09 13:49 - 2018-11-09 13:49 - 000000000 __RHD C:\MSOCache
2018-11-08 08:38 - 2018-11-15 21:09 - 000100136 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klupd_klif_kimul.sys
2018-11-07 09:51 - 2018-11-12 07:10 - 000002834 _____ C:\Windows\System32\Tasks\AdobeAAMUpdater-1.0-DESKTOP-N8C7JI0-Admin
2018-11-07 09:42 - 2018-11-07 09:42 - 000000000 ____D C:\Users\Admin\Documents\Adobe
2018-11-07 09:41 - 2018-11-07 09:51 - 000000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2018-11-07 09:40 - 2018-11-07 09:40 - 000001151 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Premiere Pro CC 2015.lnk
2018-11-07 09:38 - 2018-11-07 09:38 - 000000000 ____D C:\Program Files\Adobe
2018-11-07 09:37 - 2018-11-07 09:40 - 000000000 ____D C:\Program Files\Common Files\Adobe
2018-11-07 09:37 - 2018-11-07 09:37 - 000001619 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Application Manager.lnk
2018-11-07 09:33 - 2018-11-13 08:28 - 000000000 ____D C:\ProgramData\Adobe
2018-11-07 09:32 - 2018-11-19 10:21 - 000000000 ____D C:\Users\Admin\AppData\Local\Adobe
2018-11-07 09:28 - 2018-11-16 08:51 - 000000000 ____D C:\Users\Admin\Desktop\Nueva carpeta
2018-11-06 22:32 - 2018-11-06 22:35 - 000000000 ____D C:\Users\Admin\.openshot_qt
2018-11-06 08:19 - 2016-02-01 08:21 - 000000000 ____D C:\Users\Admin\Desktop\cicad1516
2018-11-06 07:56 - 2018-11-06 08:03 - 2348263338 _____ C:\Users\Admin\Desktop\AUTODESK.AUTOCAD.V2016.WIN64-ISO.rar
2018-11-06 07:53 - 2015-03-14 08:44 - 000000000 ____D C:\Users\Admin\Desktop\AUTODESK.AUTOCAD.V2016.WIN64-ISO
2018-11-04 23:41 - 2018-11-04 23:42 - 4290903984 ____C C:\RAMDisk.img
2018-11-04 23:38 - 2018-11-04 23:38 - 000001995 _____ C:\Users\Public\Desktop\Radeon RAMDisk Configuration Utility.lnk
2018-11-04 23:38 - 2018-11-04 23:38 - 000000000 ____D C:\Users\Admin\AppData\Local\Dataram_Corporation
2018-11-04 23:38 - 2018-11-04 23:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Radeon RAMDisk
2018-11-04 23:38 - 2018-11-04 23:38 - 000000000 ____D C:\Program Files (x86)\Radeon RAMDisk
2018-11-04 15:05 - 2018-11-04 15:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2018-11-04 15:01 - 2018-11-19 16:47 - 000000000 ____D C:\Users\Admin\AppData\Local\CrashDumps
2018-11-04 15:01 - 2018-11-04 15:06 - 000000000 ____D C:\ProgramData\Ubisoft
2018-11-04 15:01 - 2018-11-04 15:01 - 000000000 ____D C:\Users\Admin\AppData\Local\Ubisoft Game Launcher
2018-11-04 15:00 - 2018-11-04 15:00 - 000189248 _____ C:\Windows\SysWOW64\PnkBstrB.exe
2018-11-04 15:00 - 2018-11-04 15:00 - 000075136 _____ C:\Windows\SysWOW64\PnkBstrA.exe
2018-11-04 14:59 - 2018-11-04 14:59 - 000000000 ____D C:\Users\Admin\AppData\Roaming\PunkBuster
2018-11-04 14:58 - 2008-10-15 06:22 - 005631312 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_40.dll
2018-11-04 14:58 - 2008-10-15 06:22 - 004379984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_40.dll
2018-11-04 14:58 - 2008-10-15 06:22 - 002605920 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll
2018-11-04 14:58 - 2008-10-15 06:22 - 002036576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_40.dll
2018-11-04 14:58 - 2008-10-15 06:22 - 000519000 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll
2018-11-04 14:58 - 2008-10-15 06:22 - 000452440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_40.dll
2018-11-04 14:53 - 2018-11-04 15:05 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2018-11-04 14:53 - 2018-11-04 14:59 - 000000000 ____D C:\Program Files (x86)\Ubisoft
2018-11-04 14:38 - 2018-11-04 14:38 - 000000000 ____D C:\Users\Admin\AppData\Roaming\Macromedia
2018-11-04 11:51 - 2018-11-04 11:51 - 000001149 _____ C:\Users\Public\Desktop\Oracle VM VirtualBox.lnk
2018-11-04 11:51 - 2018-11-04 11:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox
2018-11-04 11:51 - 2018-10-15 11:27 - 000168824 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxUSBMon.sys
2018-11-04 11:51 - 2018-10-15 11:26 - 000984512 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxDrv.sys
2018-11-04 11:37 - 2018-11-04 11:37 - 000001122 _____ C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk
2018-11-04 11:37 - 2018-11-04 11:37 - 000000000 ____D C:\Users\Admin\AppData\Local\VS Revo Group
2018-11-04 11:36 - 2018-11-04 11:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro
2018-11-04 11:36 - 2018-11-04 11:36 - 000000000 ____D C:\ProgramData\VS Revo Group
2018-11-04 11:36 - 2018-11-04 11:36 - 000000000 ____D C:\Program Files\VS Revo Group
2018-11-04 11:36 - 2016-12-21 14:52 - 000040240 _____ (VS Revo Group) C:\Windows\system32\Drivers\revoflt.sys
2018-11-04 11:26 - 2018-11-19 16:47 - 000000000 ____D C:\Users\Admin\AppData\Roaming\DAEMON Tools Pro
2018-11-04 11:26 - 2018-11-16 20:40 - 000000000 ____D C:\Program Files\DAEMON Tools Pro
2018-11-04 11:26 - 2018-11-04 11:26 - 000030264 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtproscsibus.sys
2018-11-04 11:26 - 2018-11-04 11:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Pro
2018-11-04 11:20 - 2018-11-04 11:31 - 000000000 ____D C:\ProgramData\DAEMON Tools Pro
2018-11-04 11:19 - 2018-11-19 16:29 - 000000000 ____D C:\Users\Admin\Desktop\Daemon.Tools.Pro.v8.2.0.708.Multilingual.Incl.Patch
2018-11-04 09:07 - 2018-11-04 09:07 - 028097916 _____ C:\Users\Admin\Downloads\Gigantic dildo Goliath for Hotkinkyjo ass - anal fun HKJLIVE 01.11.2018 - XVIDEOS.COM.TS
2018-11-03 10:16 - 2018-11-17 22:39 - 000000000 ____D C:\Users\Admin\AppData\Roaming\FileZilla
2018-11-03 10:16 - 2018-11-03 15:57 - 000000000 ____D C:\Users\Admin\AppData\Local\FileZilla
2018-11-03 10:15 - 2018-11-03 10:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2018-11-03 10:15 - 2018-11-03 10:15 - 000000000 ____D C:\Program Files\FileZilla FTP Client
2018-11-03 08:03 - 2018-11-03 08:04 - 199634545 _____ C:\Users\Admin\Downloads\Ver Tonari no Kyuuketsuki-san Episodio 5 Online Sub Español .mp4
2018-11-02 17:14 - 2018-11-02 17:33 - 000000155 _____ C:\Windows\winamp.ini
2018-11-02 17:14 - 2018-11-02 17:14 - 000001052 _____ C:\Users\Admin\Desktop\Winamp.lnk
2018-11-02 17:14 - 2018-11-02 17:14 - 000000000 ____D C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Winamp
2018-11-02 17:14 - 2018-11-02 17:14 - 000000000 ____D C:\Program Files (x86)\Winamp
2018-11-02 17:14 - 2003-10-28 18:34 - 000462848 ____N (Sonic Solutions) C:\Windows\SysWOW64\px.dll
2018-11-02 17:14 - 2003-10-28 18:33 - 000286720 ____N (Sonic Solutions) C:\Windows\SysWOW64\pxwave.dll
2018-11-02 17:14 - 2003-10-28 18:33 - 000143360 ____N (Sonic Solutions) C:\Windows\SysWOW64\pxmas.dll
2018-11-02 17:14 - 2003-10-28 04:02 - 000053248 ____N C:\Windows\SysWOW64\pxhpinst.exe
2018-11-02 17:14 - 2003-10-27 03:00 - 000319488 ____N (Sonic Solutions) C:\Windows\SysWOW64\pxdrv.dll
2018-11-02 17:14 - 2003-10-14 03:00 - 000028672 ____N (Sonic Solutions) C:\Windows\SysWOW64\vxblock.dll
2018-11-01 23:45 - 2018-11-01 23:45 - 000852692 _____ C:\Users\Admin\Downloads\JellyBeanNose GIFs (THT and others; freshly made, lighting i(2).mp4
2018-11-01 23:44 - 2018-11-01 23:44 - 000000000 ____D C:\Program Files\net.downloadhelper.coapp
2018-11-01 23:43 - 2018-11-01 23:43 - 000688604 _____ C:\Users\Admin\Downloads\JellyBeanNose GIFs (THT and others; freshly made, lighting i(1).mp4
2018-11-01 23:42 - 2018-11-01 23:42 - 001132925 _____ C:\Users\Admin\Downloads\JellyBeanNose GIFs (THT and others; freshly made, lighting i.mp4
2018-11-01 20:10 - 2018-11-10 08:55 - 000000000 ____D C:\Users\Admin\AppData\Local\Downloaded Installations
2018-11-01 20:10 - 2018-11-01 20:10 - 000002120 _____ C:\Users\Public\Desktop\RGBFusion.lnk
2018-11-01 20:10 - 2018-11-01 20:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIGABYTE
2018-11-01 20:10 - 2018-11-01 20:10 - 000000000 ____D C:\Program Files (x86)\GIGABYTE
2018-11-01 20:06 - 2018-10-26 01:36 - 000000000 ____D C:\Users\Admin\Desktop\B18.1019.1_Pack
2018-11-01 08:38 - 2018-11-12 14:32 - 000002375 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-11-01 08:38 - 2018-11-12 14:32 - 000002334 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-11-01 08:38 - 2018-11-05 08:29 - 000003608 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2018-11-01 08:38 - 2018-11-05 08:29 - 000003384 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2018-11-01 08:38 - 2018-11-01 08:46 - 000000000 ____D C:\Users\Admin\AppData\Local\Google
2018-11-01 08:38 - 2018-11-01 08:38 - 000000000 ____D C:\Program Files (x86)\Google
2018-11-01 08:36 - 2018-11-19 12:00 - 000000000 ____D C:\Users\Admin\AppData\LocalLow\AMD
2018-11-01 08:08 - 2018-11-01 08:08 - 000289856 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klupd_klif_klark.sys
2018-11-01 08:07 - 2018-11-01 19:24 - 000193168 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klupd_klif_mark.sys
2018-11-01 08:07 - 2018-11-01 08:07 - 000238528 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klupd_klif_arkmon.sys
2018-11-01 08:07 - 2018-11-01 08:07 - 000110640 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klupd_klif_klbg.sys
2018-10-30 19:56 - 2018-10-30 19:56 - 000000020 ___SH C:\Users\DefaultAppPool\ntuser.ini
2018-10-30 19:56 - 2018-10-30 19:56 - 000000000 _SHDL C:\Users\DefaultAppPool\Reciente
2018-10-30 19:56 - 2018-10-30 19:56 - 000000000 _SHDL C:\Users\DefaultAppPool\Plantillas
2018-10-30 19:56 - 2018-10-30 19:56 - 000000000 _SHDL C:\Users\DefaultAppPool\Mis documentos
2018-10-30 19:56 - 2018-10-30 19:56 - 000000000 _SHDL C:\Users\DefaultAppPool\Menú Inicio
2018-10-30 19:56 - 2018-10-30 19:56 - 000000000 _SHDL C:\Users\DefaultAppPool\Impresoras
2018-10-30 19:56 - 2018-10-30 19:56 - 000000000 _SHDL C:\Users\DefaultAppPool\Entorno de red
2018-10-30 19:56 - 2018-10-30 19:56 - 000000000 _SHDL C:\Users\DefaultAppPool\Documents\Mis vídeos
2018-10-30 19:56 - 2018-10-30 19:56 - 000000000 _SHDL C:\Users\DefaultAppPool\Documents\Mis imágenes
2018-10-30 19:56 - 2018-10-30 19:56 - 000000000 _SHDL C:\Users\DefaultAppPool\Documents\Mi música
2018-10-30 19:56 - 2018-10-30 19:56 - 000000000 _SHDL C:\Users\DefaultAppPool\Datos de programa
2018-10-30 19:56 - 2018-10-30 19:56 - 000000000 _SHDL C:\Users\DefaultAppPool\Configuración local
2018-10-30 19:56 - 2018-10-30 19:56 - 000000000 _SHDL C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
2018-10-30 19:56 - 2018-10-30 19:56 - 000000000 _SHDL C:\Users\DefaultAppPool\AppData\Local\Historial
2018-10-30 19:56 - 2018-10-30 19:56 - 000000000 _SHDL C:\Users\DefaultAppPool\AppData\Local\Datos de programa
2018-10-30 19:56 - 2018-10-30 19:56 - 000000000 _SHDL C:\Users\DefaultAppPool\AppData\Local\Archivos temporales de Internet
2018-10-30 19:56 - 2018-10-30 19:56 - 000000000 ____D C:\Users\DefaultAppPool
2018-10-30 18:45 - 2018-10-30 18:45 - 000000000 ____D C:\Users\Admin\Desktop\Leatrix_Latency_Fix_3.03
2018-10-30 18:44 - 2018-10-30 18:44 - 000000000 ____D C:\Windows\system32\msmq
2018-10-30 17:01 - 2018-10-30 17:01 - 000000852 _____ C:\Users\Admin\Documents\cc_20181030_170107.reg
2018-10-30 16:20 - 2018-10-30 16:20 - 000027434 _____ C:\Users\Admin\Documents\cc_20181030_162044.reg
2018-10-30 16:20 - 2018-10-30 16:20 - 000004032 _____ C:\Users\Admin\Documents\cc_20181030_162054.reg
2018-10-30 16:19 - 2018-11-19 13:20 - 000003936 _____ C:\Windows\System32\Tasks\CCleaner Update
2018-10-30 16:19 - 2018-11-19 13:20 - 000000863 _____ C:\Users\Public\Desktop\CCleaner.lnk
2018-10-30 16:19 - 2018-10-30 16:19 - 000002870 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2018-10-30 16:19 - 2018-10-30 16:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2018-10-30 16:19 - 2018-10-30 16:19 - 000000000 ____D C:\Program Files\CCleaner
2018-10-30 16:17 - 2018-10-30 16:17 - 000000000 ____D C:\Windows\system32\appmgmt
2018-10-30 15:21 - 2018-10-30 15:21 - 000000000 ____D C:\Program Files\Common Files\AV
2018-10-30 15:20 - 2018-10-30 15:20 - 000002209 _____ C:\Users\Public\Desktop\Kaspersky Internet Security.lnk
2018-10-30 15:20 - 2018-10-30 15:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Secure Connection
2018-10-30 15:20 - 2018-10-30 15:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security
2018-10-30 15:20 - 2013-05-06 08:13 - 000110176 _____ (Kaspersky Lab ZAO) C:\Windows\system32\klfphc.dll
2018-10-30 15:19 - 2018-11-19 16:32 - 000000000 ____D C:\ProgramData\Kaspersky Lab
2018-10-30 15:19 - 2018-10-30 15:20 - 000000000 ____D C:\Program Files (x86)\Kaspersky Lab
2018-10-30 15:19 - 2018-10-30 15:19 - 001214752 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klhk.sys
2018-10-30 15:19 - 2018-10-30 15:19 - 001113912 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klif.sys
2018-10-30 15:19 - 2018-10-30 15:19 - 000220472 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klflt.sys
2018-10-30 15:19 - 2018-10-30 15:19 - 000152960 _____ (AO Kaspersky Lab) C:\Windows\system32\klhkum.dll
2018-10-30 15:18 - 2018-10-30 18:44 - 000000000 ____D C:\inetpub
2018-10-30 15:18 - 2018-10-30 15:18 - 001731692 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2018-10-30 15:18 - 2018-10-30 15:18 - 000000000 ____D C:\Windows\SysWOW64\BestPractices
2018-10-30 15:18 - 2018-10-30 15:18 - 000000000 ____D C:\Windows\system32\BestPractices
2018-10-30 15:17 - 2018-10-30 15:17 - 000000000 ____D C:\Program Files\Reference Assemblies
2018-10-30 15:17 - 2018-10-30 15:17 - 000000000 ____D C:\Program Files\MSBuild
2018-10-30 15:17 - 2018-10-30 15:17 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
2018-10-30 15:17 - 2018-10-30 15:17 - 000000000 ____D C:\Program Files (x86)\MSBuild
2018-10-30 15:16 - 2015-08-11 22:52 - 000000000 ____D C:\sources
2018-10-30 15:16 - 2015-06-17 18:10 - 001166520 _____ (Microsoft Corporation) C:\Windows\system32\PresentationNative_v0300.dll
2018-10-30 15:16 - 2015-06-17 18:10 - 000124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2018-10-30 15:16 - 2015-06-17 18:10 - 000035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2018-10-30 15:16 - 2015-05-29 21:07 - 000778936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationNative_v0300.dll
2018-10-30 15:16 - 2015-05-29 21:07 - 000102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2018-10-30 15:16 - 2015-05-29 21:07 - 000035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2018-10-30 15:01 - 2018-10-30 15:01 - 000000000 ____D C:\ProgramData\Kaspersky Lab Setup Files
2018-10-30 14:22 - 2018-11-05 18:25 - 000000000 ____D C:\Users\Admin\VirtualBox VMs
2018-10-30 14:08 - 2018-10-30 14:08 - 019641208 _____ C:\Users\Admin\Downloads\Oracle_VM_VirtualBox_Extension_Pack-5.2.20-125813.vbox-extpack
2018-10-30 14:07 - 2018-11-17 23:14 - 000000000 ____D C:\Users\Admin\.VirtualBox
2018-10-30 14:06 - 2018-11-04 11:51 - 000000000 ____D C:\Program Files\Oracle
2018-10-30 11:29 - 2018-11-18 23:57 - 000000000 ____D C:\Users\Admin\AppData\Roaming\WhatsApp
2018-10-30 11:29 - 2018-11-09 08:48 - 000002265 _____ C:\Users\Admin\Desktop\WhatsApp.lnk
2018-10-30 11:29 - 2018-11-09 08:48 - 000000000 ____D C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WhatsApp
2018-10-30 11:29 - 2018-11-09 08:47 - 000000000 ____D C:\Users\Admin\AppData\Local\WhatsApp
2018-10-30 11:29 - 2018-11-09 08:47 - 000000000 ____D C:\Users\Admin\AppData\Local\SquirrelTemp
2018-10-30 10:51 - 2018-10-30 10:51 - 000003786 _____ C:\Windows\System32\Tasks\KMSAutoNet
2018-10-30 10:17 - 2018-10-30 10:17 - 000000000 ____D C:\Users\Admin\AppData\Roaming\TightVNC
2018-10-30 10:05 - 2018-10-30 10:12 - 000000000 ____D C:\Users\Admin\Desktop\Respaldo Bianca Pavimentos
2018-10-30 08:40 - 2018-10-30 08:40 - 000000000 ____D C:\Users\Admin\AppData\Roaming\MPC-HC
2018-10-30 08:40 - 2018-10-30 08:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Combined Community Codec Pack 64bit
2018-10-30 08:40 - 2018-10-30 08:40 - 000000000 ____D C:\Program Files\Combined Community Codec Pack 64bit
2018-10-30 07:49 - 2018-11-19 16:47 - 000000000 ____D C:\Users\Admin\AppData\Roaming\TeamViewer
2018-10-30 07:49 - 2018-11-19 16:29 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2018-10-30 07:49 - 2018-10-30 07:49 - 000001116 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 13.lnk
2018-10-30 07:49 - 2018-10-30 07:49 - 000001104 _____ C:\Users\Public\Desktop\TeamViewer 13.lnk
2018-10-30 07:43 - 2018-10-30 07:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TightVNC
2018-10-30 07:43 - 2018-10-30 07:43 - 000000000 ____D C:\Program Files\TightVNC
2018-10-30 07:32 - 2018-11-19 16:47 - 000000000 ____D C:\Windows\Minidump
2018-10-30 07:25 - 2018-10-30 07:25 - 057284896 _____ C:\Users\Admin\Downloads\PROWinx64Legacy.exe
2018-10-30 07:21 - 2018-10-30 07:21 - 000000000 ____D C:\Users\Admin\Desktop\Aida64
2018-10-30 07:13 - 2018-10-30 07:18 - 000000000 ____D C:\Users\Admin\Documents\Mabinogi
2018-10-30 07:13 - 2018-10-30 07:13 - 000000000 ____D C:\Users\Admin\Documents\마비노기
2018-10-30 07:13 - 2018-10-30 07:13 - 000000000 ____D C:\ProgramData\Nexon
2018-10-30 07:12 - 2018-10-30 07:12 - 000000000 ____D C:\Windows\SysWOW64\directx
2018-10-30 07:12 - 2010-06-02 04:55 - 000527192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_7.dll
2018-10-30 07:12 - 2010-06-02 04:55 - 000518488 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll
2018-10-30 07:12 - 2010-06-02 04:55 - 000239960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_7.dll
2018-10-30 07:12 - 2010-06-02 04:55 - 000176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll
2018-10-30 07:12 - 2010-06-02 04:55 - 000077656 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll
2018-10-30 07:12 - 2010-06-02 04:55 - 000074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_5.dll
2018-10-30 07:12 - 2010-05-26 11:41 - 002526056 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll
2018-10-30 07:12 - 2010-05-26 11:41 - 002401112 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll
2018-10-30 07:12 - 2010-05-26 11:41 - 002106216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll
2018-10-30 07:12 - 2010-05-26 11:41 - 001998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll
2018-10-30 07:12 - 2010-05-26 11:41 - 001907552 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll
2018-10-30 07:12 - 2010-05-26 11:41 - 001868128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_43.dll
2018-10-30 07:12 - 2010-05-26 11:41 - 000511328 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll
2018-10-30 07:12 - 2010-05-26 11:41 - 000470880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll
2018-10-30 07:12 - 2010-05-26 11:41 - 000276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2018-10-30 07:12 - 2010-05-26 11:41 - 000248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll
2018-10-30 07:12 - 2010-02-04 10:01 - 000530776 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_6.dll
2018-10-30 07:12 - 2010-02-04 10:01 - 000528216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_6.dll
2018-10-30 07:12 - 2010-02-04 10:01 - 000238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_6.dll
2018-10-30 07:12 - 2010-02-04 10:01 - 000176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_6.dll
2018-10-30 07:12 - 2010-02-04 10:01 - 000078680 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_4.dll
2018-10-30 07:12 - 2010-02-04 10:01 - 000074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_4.dll
2018-10-30 07:12 - 2010-02-04 10:01 - 000024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_7.dll
2018-10-30 07:12 - 2010-02-04 10:01 - 000022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_7.dll
2018-10-30 07:12 - 2009-09-04 17:44 - 000517960 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_5.dll
2018-10-30 07:12 - 2009-09-04 17:44 - 000515416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_5.dll
2018-10-30 07:12 - 2009-09-04 17:44 - 000238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_5.dll
2018-10-30 07:12 - 2009-09-04 17:44 - 000176968 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_5.dll
2018-10-30 07:12 - 2009-09-04 17:44 - 000073544 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_3.dll
2018-10-30 07:12 - 2009-09-04 17:44 - 000069464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_3.dll
2018-10-30 07:12 - 2009-09-04 17:29 - 005554512 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_42.dll
2018-10-30 07:12 - 2009-09-04 17:29 - 005501792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_42.dll
2018-10-30 07:12 - 2009-09-04 17:29 - 002582888 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_42.dll
2018-10-30 07:12 - 2009-09-04 17:29 - 002475352 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_42.dll
2018-10-30 07:12 - 2009-09-04 17:29 - 001974616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_42.dll
2018-10-30 07:12 - 2009-09-04 17:29 - 001892184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_42.dll
2018-10-30 07:12 - 2009-09-04 17:29 - 000523088 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_42.dll
2018-10-30 07:12 - 2009-09-04 17:29 - 000453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_42.dll
2018-10-30 07:12 - 2009-09-04 17:29 - 000285024 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_42.dll
2018-10-30 07:12 - 2009-09-04 17:29 - 000235344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_42.dll
2018-10-30 07:12 - 2009-03-16 14:18 - 000521560 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_4.dll
2018-10-30 07:12 - 2009-03-16 14:18 - 000517448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_4.dll
2018-10-30 07:12 - 2009-03-16 14:18 - 000235352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_4.dll
2018-10-30 07:12 - 2009-03-16 14:18 - 000174936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_4.dll
2018-10-30 07:12 - 2009-03-16 14:18 - 000024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_6.dll
2018-10-30 07:12 - 2009-03-16 14:18 - 000022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_6.dll
2018-10-30 07:12 - 2009-03-09 15:27 - 005425496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_41.dll
2018-10-30 07:12 - 2009-03-09 15:27 - 004178264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_41.dll
2018-10-30 07:12 - 2009-03-09 15:27 - 002430312 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_41.dll
2018-10-30 07:12 - 2009-03-09 15:27 - 001846632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_41.dll
2018-10-30 07:12 - 2009-03-09 15:27 - 000520544 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_41.dll
2018-10-30 07:12 - 2009-03-09 15:27 - 000453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_41.dll
2018-10-30 07:12 - 2008-10-27 10:04 - 000518480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_3.dll
2018-10-30 07:12 - 2008-10-27 10:04 - 000514384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_3.dll
2018-10-30 07:12 - 2008-10-27 10:04 - 000235856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_3.dll
2018-10-30 07:12 - 2008-10-27 10:04 - 000175440 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_3.dll
2018-10-30 07:12 - 2008-10-27 10:04 - 000074576 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_2.dll
2018-10-30 07:12 - 2008-10-27 10:04 - 000070992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_2.dll
2018-10-30 07:12 - 2008-10-27 10:04 - 000025936 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_5.dll
2018-10-30 07:12 - 2008-10-27 10:04 - 000023376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_5.dll
2018-10-30 07:12 - 2008-07-31 10:41 - 000238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_2.dll
2018-10-30 07:12 - 2008-07-31 10:41 - 000177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_2.dll
2018-10-30 07:12 - 2008-07-31 10:41 - 000072200 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_1.dll
2018-10-30 07:12 - 2008-07-31 10:41 - 000068616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_1.dll
2018-10-30 07:12 - 2008-07-31 10:40 - 000513544 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_2.dll
2018-10-30 07:12 - 2008-07-31 10:40 - 000509448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_2.dll
2018-10-30 07:12 - 2008-07-10 11:01 - 000467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_39.dll
2018-10-30 07:12 - 2008-07-10 11:00 - 004992520 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_39.dll
2018-10-30 07:12 - 2008-07-10 11:00 - 003851784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_39.dll
2018-10-30 07:12 - 2008-07-10 11:00 - 001942552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_39.dll
2018-10-30 07:12 - 2008-07-10 11:00 - 001493528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_39.dll
2018-10-30 07:12 - 2008-07-10 11:00 - 000540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_39.dll
2018-10-30 07:12 - 2008-05-30 14:19 - 000511496 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_1.dll
2018-10-30 07:12 - 2008-05-30 14:19 - 000507400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_1.dll
2018-10-30 07:12 - 2008-05-30 14:18 - 000238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_1.dll
2018-10-30 07:12 - 2008-05-30 14:18 - 000177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_1.dll
2018-10-30 07:12 - 2008-05-30 14:17 - 000068104 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_0.dll
2018-10-30 07:12 - 2008-05-30 14:17 - 000065032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_0.dll
2018-10-30 07:12 - 2008-05-30 14:17 - 000025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_4.dll
2018-10-30 07:12 - 2008-05-30 14:16 - 000028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_4.dll
2018-10-30 07:12 - 2008-05-30 14:11 - 004991496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_38.dll
2018-10-30 07:12 - 2008-05-30 14:11 - 003850760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_38.dll
2018-10-30 07:12 - 2008-05-30 14:11 - 001941528 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_38.dll
2018-10-30 07:12 - 2008-05-30 14:11 - 001491992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_38.dll
2018-10-30 07:12 - 2008-05-30 14:11 - 000540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_38.dll
2018-10-30 07:12 - 2008-05-30 14:11 - 000467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_38.dll
2018-10-30 07:12 - 2008-03-05 16:04 - 000489480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_0.dll
2018-10-30 07:12 - 2008-03-05 16:03 - 000479752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_0.dll
2018-10-30 07:12 - 2008-03-05 16:03 - 000238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_0.dll
2018-10-30 07:12 - 2008-03-05 16:03 - 000177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_0.dll
2018-10-30 07:12 - 2008-03-05 16:00 - 000028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_3.dll
2018-10-30 07:12 - 2008-03-05 16:00 - 000025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_3.dll
2018-10-30 07:12 - 2008-03-05 15:56 - 004910088 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_37.dll
2018-10-30 07:12 - 2008-03-05 15:56 - 003786760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_37.dll
2018-10-30 07:12 - 2008-03-05 15:56 - 001860120 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_37.dll
2018-10-30 07:12 - 2008-03-05 15:56 - 001420824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_37.dll
2018-10-30 07:12 - 2008-02-05 23:07 - 000529424 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_37.dll
2018-10-30 07:12 - 2008-02-05 23:07 - 000462864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_37.dll
2018-10-30 07:12 - 2007-10-22 03:40 - 000411656 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_10.dll
2018-10-30 07:12 - 2007-10-22 03:39 - 000267272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_10.dll
2018-10-30 07:12 - 2007-10-22 03:37 - 000021000 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_2.dll
2018-10-30 07:12 - 2007-10-22 03:37 - 000017928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_2.dll
2018-10-30 07:12 - 2007-10-12 15:14 - 005081608 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_36.dll
2018-10-30 07:12 - 2007-10-12 15:14 - 003734536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_36.dll
2018-10-30 07:12 - 2007-10-12 15:14 - 002006552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_36.dll
2018-10-30 07:12 - 2007-10-12 15:14 - 001374232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_36.dll
2018-10-30 07:12 - 2007-10-02 09:56 - 000508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_36.dll
2018-10-30 07:12 - 2007-10-02 09:56 - 000444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_36.dll
2018-10-30 07:12 - 2007-07-20 00:57 - 000411496 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_9.dll
2018-10-30 07:12 - 2007-07-20 00:57 - 000267112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_9.dll
2018-10-30 07:12 - 2007-07-19 18:14 - 005073256 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_35.dll
2018-10-30 07:12 - 2007-07-19 18:14 - 003727720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_35.dll
2018-10-30 07:12 - 2007-07-19 18:14 - 001985904 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_35.dll
2018-10-30 07:12 - 2007-07-19 18:14 - 001358192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_35.dll
2018-10-30 07:12 - 2007-07-19 18:14 - 000508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_35.dll
2018-10-30 07:12 - 2007-07-19 18:14 - 000444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_35.dll
2018-10-30 07:12 - 2007-06-20 20:49 - 000409960 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_8.dll
2018-10-30 07:12 - 2007-06-20 20:46 - 000266088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_8.dll
2018-10-30 07:12 - 2007-05-16 16:45 - 004496232 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_34.dll
2018-10-30 07:12 - 2007-05-16 16:45 - 003497832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_34.dll
2018-10-30 07:12 - 2007-05-16 16:45 - 001401200 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_34.dll
2018-10-30 07:12 - 2007-05-16 16:45 - 001124720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_34.dll
2018-10-30 07:12 - 2007-05-16 16:45 - 000506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_34.dll
2018-10-30 07:12 - 2007-05-16 16:45 - 000443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_34.dll
2018-10-30 07:12 - 2007-04-04 18:55 - 000403304 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_7.dll
2018-10-30 07:12 - 2007-04-04 18:55 - 000261480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_7.dll
2018-10-30 07:12 - 2007-04-04 18:54 - 000107368 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_3.dll
2018-10-30 07:12 - 2007-04-04 18:53 - 000081768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_3.dll
2018-10-30 07:12 - 2007-03-15 16:57 - 000506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_33.dll
2018-10-30 07:12 - 2007-03-15 16:57 - 000443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_33.dll
2018-10-30 07:12 - 2007-03-12 16:42 - 004494184 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_33.dll
2018-10-30 07:12 - 2007-03-12 16:42 - 003495784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_33.dll
2018-10-30 07:12 - 2007-03-12 16:42 - 001400176 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_33.dll
2018-10-30 07:12 - 2007-03-12 16:42 - 001123696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_33.dll
2018-10-30 07:12 - 2007-03-05 12:42 - 000017688 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_1.dll
2018-10-30 07:12 - 2007-03-05 12:42 - 000015128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_1.dll
2018-10-30 07:12 - 2007-01-24 15:27 - 000393576 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_6.dll
2018-10-30 07:12 - 2007-01-24 15:27 - 000255848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_6.dll
2018-10-30 07:12 - 2006-12-08 12:02 - 000251672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_5.dll
2018-10-30 07:12 - 2006-12-08 12:00 - 000390424 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_5.dll
2018-10-30 07:12 - 2006-11-29 13:06 - 004398360 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_32.dll
2018-10-30 07:12 - 2006-11-29 13:06 - 003426072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_32.dll
2018-10-30 07:12 - 2006-11-29 13:06 - 000469264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10.dll
2018-10-30 07:12 - 2006-11-29 13:06 - 000440080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10.dll
2018-10-30 07:12 - 2006-09-28 16:05 - 003977496 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_31.dll
2018-10-30 07:12 - 2006-09-28 16:05 - 002414360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_31.dll
2018-10-30 07:12 - 2006-09-28 16:05 - 000237848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_4.dll
2018-10-30 07:12 - 2006-09-28 16:04 - 000364824 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_4.dll
2018-10-30 07:12 - 2006-07-28 09:31 - 000083736 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_2.dll
2018-10-30 07:12 - 2006-07-28 09:30 - 000363288 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_3.dll
2018-10-30 07:12 - 2006-07-28 09:30 - 000236824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_3.dll
2018-10-30 07:12 - 2006-07-28 09:30 - 000062744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_2.dll
2018-10-30 07:12 - 2006-05-31 07:24 - 000230168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_2.dll
2018-10-30 07:12 - 2006-05-31 07:22 - 000354072 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_2.dll
2018-10-30 07:12 - 2006-03-31 12:41 - 003927248 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_30.dll
2018-10-30 07:12 - 2006-03-31 12:40 - 002388176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_30.dll
2018-10-30 07:12 - 2006-03-31 12:40 - 000352464 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_1.dll
2018-10-30 07:12 - 2006-03-31 12:39 - 000229584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_1.dll
2018-10-30 07:12 - 2006-03-31 12:39 - 000083664 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_1.dll
2018-10-30 07:12 - 2006-03-31 12:39 - 000062672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_1.dllSegunda parte de FRST:
2018-10-30 07:12 - 2006-02-03 08:43 - 003830992 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_29.dll
2018-10-30 07:12 - 2006-02-03 08:43 - 002332368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_29.dll
2018-10-30 07:12 - 2006-02-03 08:42 - 000355536 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_0.dll
2018-10-30 07:12 - 2006-02-03 08:42 - 000230096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_0.dll
2018-10-30 07:12 - 2006-02-03 08:41 - 000016592 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_0.dll
2018-10-30 07:12 - 2006-02-03 08:41 - 000014032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_0.dll
2018-10-30 07:12 - 2005-12-05 18:09 - 003815120 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_28.dll
2018-10-30 07:12 - 2005-12-05 18:09 - 002323664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_28.dll
2018-10-30 07:12 - 2005-07-22 19:59 - 003807440 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_27.dll
2018-10-30 07:12 - 2005-07-22 19:59 - 002319568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_27.dll
2018-10-30 07:12 - 2005-05-26 15:34 - 003767504 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_26.dll
2018-10-30 07:12 - 2005-05-26 15:34 - 002297552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_26.dll
2018-10-30 07:12 - 2005-03-18 17:19 - 003823312 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_25.dll
2018-10-30 07:12 - 2005-03-18 17:19 - 002337488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_25.dll
2018-10-30 07:12 - 2005-02-05 19:45 - 003544272 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_24.dll
2018-10-30 07:12 - 2005-02-05 19:45 - 002222800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_24.dll
2018-10-30 07:08 - 2018-11-19 16:47 - 000000000 ____D C:\Users\Admin\AppData\Roaming\IDM
2018-10-30 07:08 - 2018-11-19 16:28 - 000000000 ____D C:\Users\Admin\AppData\Roaming\DMCache
2018-10-30 07:08 - 2018-11-19 13:53 - 000000000 ____D C:\Users\Admin\Downloads\Video
2018-10-30 07:08 - 2018-11-18 16:27 - 000000000 ____D C:\Users\Admin\Downloads\Compressed
2018-10-30 07:08 - 2018-10-30 07:08 - 000000000 ____D C:\ProgramData\IDM
2018-10-30 07:05 - 2018-10-30 07:05 - 000002198 _____ C:\Users\Admin\Desktop\Mabinogi.lnk
2018-10-30 07:05 - 2018-10-30 07:05 - 000000000 ____D C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Nexon
2018-10-30 07:03 - 2018-10-30 07:03 - 004214704 _____ (Don HO [email protected]) C:\Users\Admin\Downloads\npp.7.5.9.Installer.exe
2018-10-30 07:03 - 2018-10-30 07:03 - 000001104 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++.lnk
2018-10-30 07:03 - 2018-10-30 07:03 - 000000000 ____D C:\Users\Admin\AppData\Roaming\Notepad++
2018-10-30 07:03 - 2018-10-30 07:03 - 000000000 ____D C:\Users\Admin\AppData\Local\Notepad++
2018-10-30 07:03 - 2018-10-30 07:03 - 000000000 ____D C:\Program Files (x86)\Notepad++
2018-10-30 07:01 - 2018-11-17 23:18 - 000000000 ____D C:\Program Files (x86)\Internet Download Manager
2018-10-30 07:01 - 2018-11-17 23:17 - 000001082 _____ C:\Users\Admin\Desktop\Internet Download Manager.lnk
2018-10-30 07:01 - 2018-10-30 07:01 - 000000000 ____D C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
2018-10-30 07:01 - 2018-10-30 07:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
2018-10-30 07:00 - 2018-10-30 07:00 - 002524384 _____ (Kaspersky Lab) C:\Users\Admin\Downloads\startup_14804.exe
2018-10-30 07:00 - 2018-07-11 05:03 - 000000000 ____D C:\Users\Admin\Desktop\Internet.Download.Manager.v6.31.Build.3.Retail.FiNAL.Incl.Crack-addhaloka+PORTABLE
2018-10-30 06:56 - 2018-10-30 06:56 - 017267404 _____ C:\Users\Admin\Downloads\6.31.3.rar
2018-10-30 06:47 - 2018-10-30 06:47 - 000000000 ____D C:\Nexon
2018-10-30 06:42 - 2018-10-30 06:42 - 000002156 _____ C:\Users\Public\Desktop\Nexon Launcher.lnk
2018-10-30 06:42 - 2018-10-30 06:42 - 000000000 ____D C:\Users\Admin\AppData\Roaming\NexonLauncherSwapApp
2018-10-30 06:42 - 2018-10-30 06:42 - 000000000 ____D C:\Users\Admin\AppData\Roaming\Nexon Launcher
2018-10-30 06:40 - 2018-11-19 16:28 - 000000000 ____D C:\Users\Admin\AppData\Roaming\NexonLauncher
2018-10-30 06:40 - 2018-10-30 06:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nexon
2018-10-30 06:40 - 2018-10-30 06:40 - 011765112 _____ C:\Users\Admin\Downloads\NexonLauncherSetup.exe
2018-10-30 06:40 - 2018-10-30 06:40 - 000000000 ____D C:\Program Files (x86)\Nexon
2018-10-30 06:36 - 2018-10-30 06:36 - 000000000 ____D C:\Users\Admin\AppData\Local\GHISLER
2018-10-30 06:35 - 2018-10-30 06:36 - 000000000 ____D C:\totalcmd
2018-10-30 06:35 - 2018-10-30 06:35 - 000000683 _____ C:\Users\Admin\Desktop\Total Commander 64 bit.lnk
2018-10-30 06:35 - 2018-10-30 06:35 - 000000000 ____D C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Total Commander
2018-10-30 06:35 - 2018-10-30 06:35 - 000000000 ____D C:\Users\Admin\AppData\Roaming\GHISLER
2018-10-30 06:35 - 2018-08-21 13:54 - 000000000 ____D C:\Users\Admin\Desktop\Ghisler.Software.Total.Commander.v9.21a.Multilingual.Incl.KEY
2018-10-30 06:34 - 2018-10-30 06:34 - 003253552 _____ (Alexander Roshal) C:\Users\Admin\Downloads\winrar-x64-561es.exe
2018-10-30 06:34 - 2018-10-30 06:34 - 000000000 ____D C:\Users\Admin\AppData\Roaming\WinRAR
2018-10-30 06:34 - 2018-10-30 06:34 - 000000000 ____D C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2018-10-30 06:34 - 2018-10-30 06:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2018-10-30 06:34 - 2018-10-30 06:34 - 000000000 ____D C:\Program Files\WinRAR
2018-10-30 06:33 - 2018-10-30 06:33 - 007535164 _____ C:\Users\Admin\Downloads\9.21a.rar
2018-10-30 00:29 - 2018-10-30 06:28 - 000000000 ____D C:\Users\Admin\AppData\Local\AMD
2018-10-30 00:29 - 2018-10-30 00:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\##ID_STRING16##
2018-10-30 00:28 - 2018-11-16 20:15 - 000000000 ____D C:\Program Files (x86)\VulkanRT
2018-10-30 00:27 - 2018-11-19 12:08 - 000065536 _____ C:\Windows\system32\spu_storage.bin
2018-10-30 00:27 - 2018-10-30 00:27 - 000000000 ____D C:\Program Files\Common Files\ATI Technologies
2018-10-30 00:25 - 2018-11-16 09:24 - 000000000 ____D C:\ProgramData\Intel
2018-10-30 00:25 - 2018-10-30 00:25 - 000000000 ___HD C:\Program Files (x86)\Temp
2018-10-30 00:25 - 2018-10-30 00:25 - 000000000 ____D C:\Users\Admin\Intel
2018-10-30 00:24 - 2018-11-19 12:00 - 000000000 ____D C:\ProgramData\Package Cache
2018-10-30 00:24 - 2018-10-30 00:24 - 001763931 _____ C:\Users\Admin\Downloads\mb_driver_chipset_serialio_30.100.1727.1_dch.zip
2018-10-30 00:23 - 2018-10-30 00:23 - 025784075 _____ C:\Users\Admin\Downloads\mb_driver_audio_realtek_8475_dch.zip
2018-10-30 00:23 - 2018-10-30 00:23 - 004938808 _____ C:\Users\Admin\Downloads\mb_driver_chipset_intel_10.1.17695.8086.zip
2018-10-30 00:20 - 2018-11-19 12:02 - 000000000 ____D C:\Program Files\AMD
2018-10-30 00:20 - 2018-10-30 00:20 - 000000000 ____D C:\Users\Admin\AppData\Local\RadeonInstaller
2018-10-30 00:19 - 2018-11-19 11:58 - 000000000 ____D C:\AMD
2018-10-30 00:18 - 2018-10-30 00:19 - 334407064 _____ (AMD Inc.) C:\Users\Admin\Downloads\win10-64bit-radeon-software-adrenalin-edition-18.10.2-oct25.exe
2018-10-30 00:16 - 2018-11-19 16:48 - 000000000 ____D C:\Users\Admin\AppData\LocalLow\Mozilla
2018-10-30 00:16 - 2018-11-16 19:26 - 000000000 ____D C:\Program Files\Mozilla Firefox
2018-10-30 00:16 - 2018-11-16 19:26 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-10-30 00:16 - 2018-11-16 19:07 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2018-10-30 00:16 - 2018-10-30 00:16 - 000320072 _____ (Mozilla) C:\Users\Admin\Downloads\Firefox Installer.exe
2018-10-30 00:16 - 2018-10-30 00:16 - 000000993 _____ C:\Users\Public\Desktop\Firefox.lnk
2018-10-30 00:16 - 2018-10-30 00:16 - 000000000 ____D C:\Users\Admin\AppData\Roaming\Mozilla
2018-10-30 00:16 - 2018-10-30 00:16 - 000000000 ____D C:\Users\Admin\AppData\Local\Mozilla
2018-10-30 00:15 - 2018-10-30 00:15 - 000000000 ____D C:\Users\Admin\AppData\Local\MicrosoftEdge
2018-10-30 00:14 - 2018-11-16 09:24 - 000000000 ____D C:\Program Files\Intel
2018-10-30 00:14 - 2018-10-30 00:14 - 002269456 _____ (Intel Corporation) C:\Windows\system32\PRONtObj.dll
2018-10-30 00:14 - 2018-10-30 00:14 - 000431128 _____ (Intel Corporation) C:\Windows\system32\PROUnstl.exe
2018-10-30 00:14 - 2018-10-30 00:14 - 000164904 _____ (Intel Corporation) C:\Windows\system32\Drivers\iANSW60e.sys
2018-10-30 00:14 - 2018-10-30 00:14 - 000058456 _____ (Intel Corporation ) C:\Windows\system32\Drivers\iqvw64e.sys
2018-10-30 00:14 - 2018-10-30 00:14 - 000002291 ____N C:\Windows\system32\SetupBD.din
2018-10-30 00:05 - 2018-10-30 00:05 - 000000000 ____D C:\Users\Admin\AppData\Local\Comms
2018-10-30 00:03 - 2018-10-30 00:03 - 000006124 __RSH C:\ProgramData\ntuser.pol
2018-10-29 23:59 - 2018-10-29 23:59 - 000000000 ____D C:\Users\Admin\AppData\Local\PeerDistRepub
2018-10-29 23:57 - 2018-10-29 23:57 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2018-10-29 23:51 - 2018-10-29 23:51 - 000002399 _____ C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-10-29 23:51 - 2018-10-29 23:51 - 000000000 ___RD C:\Users\Admin\OneDrive
2018-10-29 23:50 - 2018-11-07 07:22 - 002019112 _____ C:\Windows\system32\PerfStringBackup.INI
2018-10-29 23:50 - 2018-10-29 23:50 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2018-10-29 23:49 - 2018-11-15 20:25 - 000000000 ____D C:\Users\Admin\AppData\Local\Packages
2018-10-29 23:49 - 2018-11-13 20:24 - 000000000 ____D C:\Users\Admin\AppData\Roaming\Adobe
2018-10-29 23:49 - 2018-10-30 06:29 - 000000000 ____D C:\Users\Admin\AppData\Local\ConnectedDevicesPlatform
2018-10-29 23:49 - 2018-10-29 23:49 - 000000000 __RHD C:\Users\Public\AccountPictures
2018-10-29 23:49 - 2018-10-29 23:49 - 000000000 ____D C:\Users\Admin\AppData\Local\VirtualStore
2018-10-29 23:49 - 2018-10-29 23:49 - 000000000 ____D C:\Users\Admin\AppData\Local\TileDataLayer
2018-10-29 23:49 - 2018-10-29 23:49 - 000000000 ____D C:\Users\Admin\AppData\Local\Publishers
2018-10-29 23:48 - 2018-11-19 16:28 - 000000000 ____D C:\Users\Admin
2018-10-29 23:48 - 2018-10-29 23:48 - 000000020 ___SH C:\Users\Admin\ntuser.ini
2018-10-29 23:48 - 2018-10-29 23:48 - 000000000 _SHDL C:\Users\Admin\Reciente
2018-10-29 23:48 - 2018-10-29 23:48 - 000000000 _SHDL C:\Users\Admin\Plantillas
2018-10-29 23:48 - 2018-10-29 23:48 - 000000000 _SHDL C:\Users\Admin\Mis documentos
2018-10-29 23:48 - 2018-10-29 23:48 - 000000000 _SHDL C:\Users\Admin\Menú Inicio
2018-10-29 23:48 - 2018-10-29 23:48 - 000000000 _SHDL C:\Users\Admin\Impresoras
2018-10-29 23:48 - 2018-10-29 23:48 - 000000000 _SHDL C:\Users\Admin\Entorno de red
2018-10-29 23:48 - 2018-10-29 23:48 - 000000000 _SHDL C:\Users\Admin\Documents\Mis vídeos
2018-10-29 23:48 - 2018-10-29 23:48 - 000000000 _SHDL C:\Users\Admin\Documents\Mis imágenes
2018-10-29 23:48 - 2018-10-29 23:48 - 000000000 _SHDL C:\Users\Admin\Documents\Mi música
2018-10-29 23:48 - 2018-10-29 23:48 - 000000000 _SHDL C:\Users\Admin\Datos de programa
2018-10-29 23:48 - 2018-10-29 23:48 - 000000000 _SHDL C:\Users\Admin\Configuración local
2018-10-29 23:48 - 2018-10-29 23:48 - 000000000 _SHDL C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
2018-10-29 23:48 - 2018-10-29 23:48 - 000000000 _SHDL C:\Users\Admin\AppData\Local\Historial
2018-10-29 23:48 - 2018-10-29 23:48 - 000000000 _SHDL C:\Users\Admin\AppData\Local\Datos de programa
2018-10-29 23:48 - 2018-10-29 23:48 - 000000000 _SHDL C:\Users\Admin\AppData\Local\Archivos temporales de Internet
2018-10-29 23:48 - 2018-10-29 23:48 - 000000000 ____D C:\Windows\CSC
2018-10-29 23:48 - 2018-10-29 23:48 - 000000000 ____D C:\Users\defaultuser0\AppData\Local\VirtualStore
2018-10-29 23:48 - 2018-10-29 23:48 - 000000000 ____D C:\Users\defaultuser0\AppData\Local\TileDataLayer
2018-10-29 23:48 - 2018-10-29 23:48 - 000000000 ____D C:\Users\defaultuser0\AppData\Local\Packages
2018-10-29 23:48 - 2018-10-29 23:48 - 000000000 ____D C:\Users\defaultuser0\AppData\Local\ConnectedDevicesPlatform
2018-10-29 23:48 - 2016-07-16 05:41 - 002716672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2018-10-29 23:46 - 2018-10-29 23:46 - 000000020 ___SH C:\Users\defaultuser0\ntuser.ini
2018-10-29 23:46 - 2018-10-29 23:46 - 000000000 _SHDL C:\Users\Public\Documents\Mis vídeos
2018-10-29 23:46 - 2018-10-29 23:46 - 000000000 _SHDL C:\Users\Public\Documents\Mis imágenes
2018-10-29 23:46 - 2018-10-29 23:46 - 000000000 _SHDL C:\Users\Public\Documents\Mi música
2018-10-29 23:46 - 2018-10-29 23:46 - 000000000 _SHDL C:\Users\defaultuser0\Reciente
2018-10-29 23:46 - 2018-10-29 23:46 - 000000000 _SHDL C:\Users\defaultuser0\Plantillas
2018-10-29 23:46 - 2018-10-29 23:46 - 000000000 _SHDL C:\Users\defaultuser0\Mis documentos
2018-10-29 23:46 - 2018-10-29 23:46 - 000000000 _SHDL C:\Users\defaultuser0\Menú Inicio
2018-10-29 23:46 - 2018-10-29 23:46 - 000000000 _SHDL C:\Users\defaultuser0\Impresoras
2018-10-29 23:46 - 2018-10-29 23:46 - 000000000 _SHDL C:\Users\defaultuser0\Entorno de red
2018-10-29 23:46 - 2018-10-29 23:46 - 000000000 _SHDL C:\Users\defaultuser0\Documents\Mis vídeos
2018-10-29 23:46 - 2018-10-29 23:46 - 000000000 _SHDL C:\Users\defaultuser0\Documents\Mis imágenes
2018-10-29 23:46 - 2018-10-29 23:46 - 000000000 _SHDL C:\Users\defaultuser0\Documents\Mi música
2018-10-29 23:46 - 2018-10-29 23:46 - 000000000 _SHDL C:\Users\defaultuser0\Datos de programa
2018-10-29 23:46 - 2018-10-29 23:46 - 000000000 _SHDL C:\Users\defaultuser0\Configuración local
2018-10-29 23:46 - 2018-10-29 23:46 - 000000000 _SHDL C:\Users\defaultuser0\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
2018-10-29 23:46 - 2018-10-29 23:46 - 000000000 _SHDL C:\Users\defaultuser0\AppData\Local\Historial
2018-10-29 23:46 - 2018-10-29 23:46 - 000000000 _SHDL C:\Users\defaultuser0\AppData\Local\Datos de programa
2018-10-29 23:46 - 2018-10-29 23:46 - 000000000 _SHDL C:\Users\defaultuser0\AppData\Local\Archivos temporales de Internet
2018-10-29 23:46 - 2018-10-29 23:46 - 000000000 _SHDL C:\Users\Default\Reciente
2018-10-29 23:46 - 2018-10-29 23:46 - 000000000 _SHDL C:\Users\Default\Plantillas
2018-10-29 23:46 - 2018-10-29 23:46 - 000000000 _SHDL C:\Users\Default\Mis documentos
2018-10-29 23:46 - 2018-10-29 23:46 - 000000000 _SHDL C:\Users\Default\Menú Inicio
2018-10-29 23:46 - 2018-10-29 23:46 - 000000000 _SHDL C:\Users\Default\Impresoras
2018-10-29 23:46 - 2018-10-29 23:46 - 000000000 _SHDL C:\Users\Default\Entorno de red
2018-10-29 23:46 - 2018-10-29 23:46 - 000000000 _SHDL C:\Users\Default\Documents\Mis vídeos
2018-10-29 23:46 - 2018-10-29 23:46 - 000000000 _SHDL C:\Users\Default\Documents\Mis imágenes
2018-10-29 23:46 - 2018-10-29 23:46 - 000000000 _SHDL C:\Users\Default\Documents\Mi música
2018-10-29 23:46 - 2018-10-29 23:46 - 000000000 _SHDL C:\Users\Default\Datos de programa
2018-10-29 23:46 - 2018-10-29 23:46 - 000000000 _SHDL C:\Users\Default\Configuración local
2018-10-29 23:46 - 2018-10-29 23:46 - 000000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
2018-10-29 23:46 - 2018-10-29 23:46 - 000000000 _SHDL C:\Users\Default\AppData\Local\Historial
2018-10-29 23:46 - 2018-10-29 23:46 - 000000000 _SHDL C:\Users\Default\AppData\Local\Datos de programa
2018-10-29 23:46 - 2018-10-29 23:46 - 000000000 _SHDL C:\Users\Default\AppData\Local\Archivos temporales de Internet
2018-10-29 23:46 - 2018-10-29 23:46 - 000000000 _SHDL C:\Users\Default User\Documents\Mis vídeos
2018-10-29 23:46 - 2018-10-29 23:46 - 000000000 _SHDL C:\Users\Default User\Documents\Mis imágenes
2018-10-29 23:46 - 2018-10-29 23:46 - 000000000 _SHDL C:\Users\Default User\Documents\Mi música
2018-10-29 23:46 - 2018-10-29 23:46 - 000000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
2018-10-29 23:46 - 2018-10-29 23:46 - 000000000 _SHDL C:\Users\Default User\AppData\Local\Historial
2018-10-29 23:46 - 2018-10-29 23:46 - 000000000 _SHDL C:\Users\Default User\AppData\Local\Datos de programa
2018-10-29 23:46 - 2018-10-29 23:46 - 000000000 _SHDL C:\Users\Default User\AppData\Local\Archivos temporales de Internet
2018-10-29 23:46 - 2018-10-29 23:46 - 000000000 _SHDL C:\ProgramData\Plantillas
2018-10-29 23:46 - 2018-10-29 23:46 - 000000000 _SHDL C:\ProgramData\Microsoft\Windows\Start Menu\Programas
2018-10-29 23:46 - 2018-10-29 23:46 - 000000000 _SHDL C:\ProgramData\Menú Inicio
2018-10-29 23:46 - 2018-10-29 23:46 - 000000000 _SHDL C:\ProgramData\Escritorio
2018-10-29 23:46 - 2018-10-29 23:46 - 000000000 _SHDL C:\ProgramData\Documentos
2018-10-29 23:46 - 2018-10-29 23:46 - 000000000 _SHDL C:\ProgramData\Datos de programa
2018-10-29 23:46 - 2018-10-29 23:46 - 000000000 _SHDL C:\Program Files\Archivos comunes
2018-10-29 23:46 - 2018-10-29 23:46 - 000000000 _SHDL C:\Documents and Settings
2018-10-29 23:46 - 2018-10-29 23:46 - 000000000 _SHDL C:\Archivos de programa
2018-10-29 23:46 - 2018-10-29 23:46 - 000000000 ____D C:\Users\defaultuser0
2018-10-29 23:41 - 2018-10-29 23:41 - 000000000 ____D C:\ProgramData\USOShared
2018-10-29 23:40 - 2018-11-19 17:21 - 000000000 ____D C:\Windows\system32\SleepStudy
2018-10-29 23:40 - 2018-11-19 16:29 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-10-29 23:40 - 2018-11-19 12:09 - 005005280 _____ C:\Windows\system32\FNTCACHE.DAT
2018-10-29 23:40 - 2018-10-29 23:40 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2018-10-29 23:40 - 2018-10-29 23:40 - 000000000 ____D C:\Windows\ServiceProfiles
2018-10-29 16:39 - 2018-11-19 16:47 - 000000000 ____D C:\Windows\Panther
2018-10-25 12:50 - 2018-10-25 12:50 - 001629280 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\SETB11F.tmp
2018-10-25 12:50 - 2018-10-25 12:50 - 001629280 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\SET99F7.tmp
2018-10-25 12:50 - 2018-10-25 12:50 - 001587816 _____ (AMD) C:\Windows\system32\SETB1C4.tmp
2018-10-25 12:50 - 2018-10-25 12:50 - 001587816 _____ (AMD) C:\Windows\system32\coinst_18.40.dll
2018-10-25 12:50 - 2018-10-25 12:50 - 000204952 _____ C:\Windows\SysWOW64\ativvsvl.dat
2018-10-25 12:50 - 2018-10-25 12:50 - 000204952 _____ C:\Windows\system32\ativvsvl.dat
2018-10-25 12:50 - 2018-10-25 12:50 - 000157144 _____ C:\Windows\SysWOW64\ativvsva.dat
2018-10-25 12:50 - 2018-10-25 12:50 - 000157144 _____ C:\Windows\system32\ativvsva.dat
2018-10-25 12:50 - 2018-10-25 12:50 - 000154384 _____ C:\Windows\system32\samu_krnl_ci.sbin
2018-10-25 12:50 - 2018-10-25 12:50 - 000138832 _____ C:\Windows\system32\samu_krnl_isv_ci.sbin
2018-10-25 12:50 - 2018-10-25 12:50 - 000034450 _____ C:\Windows\system32\AMDKernelEvents.man
2018-10-25 12:50 - 2018-10-04 16:39 - 003718632 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amfrt64.dll
2018-10-25 12:50 - 2018-10-04 16:39 - 003346920 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amfrt32.dll
2018-10-25 12:50 - 2018-10-04 16:39 - 001628648 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiadlxx.dll
2018-10-25 12:50 - 2018-10-04 16:39 - 001192216 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atiadlxy.dll
2018-10-25 12:50 - 2018-10-04 16:39 - 000754968 _____ (AMD) C:\Windows\system32\atieclxx.exe
2018-10-25 12:50 - 2018-10-04 16:39 - 000570344 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Rapidfire64.dll
2018-10-25 12:50 - 2018-10-04 16:39 - 000489240 _____ C:\Windows\system32\dgtrayicon.exe
2018-10-25 12:50 - 2018-10-04 16:39 - 000481256 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\Rapidfire.dll
2018-10-25 12:50 - 2018-10-04 16:39 - 000476432 _____ C:\Windows\system32\GameManager64.dll
2018-10-25 12:50 - 2018-10-04 16:39 - 000467216 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atidemgy.dll
2018-10-25 12:50 - 2018-10-04 16:39 - 000431896 _____ C:\Windows\system32\atieah64.exe
2018-10-25 12:50 - 2018-10-04 16:39 - 000382224 _____ C:\Windows\SysWOW64\GameManager32.dll
2018-10-25 12:50 - 2018-10-04 16:39 - 000349976 _____ C:\Windows\SysWOW64\atieah32.exe
2018-10-25 12:50 - 2018-10-04 16:39 - 000339736 _____ C:\Windows\system32\clinfo.exe
2018-10-25 12:50 - 2018-10-04 16:39 - 000249112 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6txx.dll
2018-10-25 12:50 - 2018-10-04 16:39 - 000218384 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atigktxx.dll
2018-10-25 12:50 - 2018-10-04 16:39 - 000184592 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\mantle64.dll
2018-10-25 12:50 - 2018-10-04 16:39 - 000168928 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\aticfx64.dll
2018-10-25 12:50 - 2018-10-04 16:39 - 000162584 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\mantleaxl64.dll
2018-10-25 12:50 - 2018-10-04 16:39 - 000158992 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atisamu64.dll
2018-10-25 12:50 - 2018-10-04 16:39 - 000153360 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\mantle32.dll
2018-10-25 12:50 - 2018-10-04 16:39 - 000148816 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\aticfx32.dll
2018-10-25 12:50 - 2018-10-04 16:39 - 000138512 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\mantleaxl32.dll
2018-10-25 12:50 - 2018-10-04 16:39 - 000135952 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atisamu32.dll
2018-10-25 12:50 - 2018-10-04 16:39 - 000131864 _____ C:\Windows\system32\atidxx64.dll
2018-10-25 12:50 - 2018-10-04 16:39 - 000127976 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdxc64.dll
2018-10-25 12:50 - 2018-10-04 16:39 - 000124176 _____ (AMD) C:\Windows\system32\atimuixx.dll
2018-10-25 12:50 - 2018-10-04 16:39 - 000111888 _____ C:\Windows\SysWOW64\atidxx32.dll
2018-10-25 12:50 - 2018-10-04 16:39 - 000109032 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdxc32.dll
2018-10-25 12:50 - 2018-10-04 16:39 - 000069096 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\ati2erec.dll
2018-10-25 12:50 - 2018-10-04 16:39 - 000045544 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\RapidFireServer64.dll
2018-10-25 12:50 - 2018-10-04 16:39 - 000042472 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\RapidFireServer.dll
2018-10-25 12:50 - 2018-10-04 16:38 - 000919528 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amdlvr64.dll
2018-10-25 12:50 - 2018-10-04 16:38 - 000750080 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amdlvr32.dll
2018-10-25 12:50 - 2018-10-04 16:38 - 000552424 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdmcl64.dll
2018-10-25 12:50 - 2018-10-04 16:38 - 000465896 _____ C:\Windows\system32\amdgfxinfo64.dll
2018-10-25 12:50 - 2018-10-04 16:38 - 000382440 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdmcl32.dll
2018-10-25 12:50 - 2018-10-04 16:38 - 000379368 _____ C:\Windows\SysWOW64\amdgfxinfo32.dll
2018-10-25 12:50 - 2018-10-04 13:36 - 000545704 _____ C:\Windows\system32\amdmiracast.dll
2018-10-25 12:50 - 2018-10-04 13:36 - 000198704 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amdhcp64.dll
2018-10-25 12:50 - 2018-10-04 13:36 - 000173256 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amdhcp32.dll
2018-10-25 12:50 - 2018-10-04 13:36 - 000144168 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdave64.dll
2018-10-25 12:50 - 2018-10-04 13:36 - 000136936 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atimpc64.dll
2018-10-25 12:50 - 2018-10-04 13:36 - 000136936 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdpcom64.dll
2018-10-25 12:50 - 2018-10-04 13:36 - 000124920 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdave32.dll
2018-10-25 12:50 - 2018-10-04 13:36 - 000113536 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atimpc32.dll
2018-10-25 12:50 - 2018-10-04 13:36 - 000113536 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdpcom32.dll
2018-10-25 12:50 - 2018-10-04 13:07 - 003471376 _____ C:\Windows\SysWOW64\atiumdva.cap
2018-10-25 12:50 - 2018-10-04 13:07 - 003437632 _____ C:\Windows\system32\atiumd6a.cap
2018-10-25 12:50 - 2018-10-04 13:07 - 000902184 _____ C:\Windows\SysWOW64\atiapfxx.blb
2018-10-25 12:50 - 2018-10-04 13:07 - 000902184 _____ C:\Windows\system32\atiapfxx.blb
2018-10-22 17:11 - 2018-10-22 17:11 - 000161080 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klwtp.sys
2018-10-22 17:11 - 2018-10-22 17:11 - 000123152 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klbackupflt.sys
2018-10-22 17:11 - 2018-10-22 17:11 - 000089168 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\kldisk.sys
2018-10-22 17:11 - 2018-10-22 17:11 - 000073416 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klbackupdisk.sys
2018-10-22 17:11 - 2018-10-22 17:11 - 000045768 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klpnpflt.sys
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-11-19 16:47 - 2016-07-16 05:47 - 000000000 ____D C:\Windows\LiveKernelReports
2018-11-19 16:47 - 2016-07-16 05:45 - 000000000 ____D C:\Windows\INF
2018-11-19 16:31 - 2016-07-16 05:47 - 000000000 ____D C:\Windows\system32\inetsrv
2018-11-19 12:08 - 2016-07-16 00:04 - 000262144 _____ C:\Windows\system32\config\BBI
2018-11-09 13:52 - 2016-07-16 05:47 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2018-11-09 13:52 - 2016-07-16 05:47 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2018-11-09 13:50 - 2016-07-16 05:47 - 000000167 _____ C:\Windows\win.ini
2018-11-09 13:50 - 2016-07-16 05:47 - 000000000 ____D C:\Program Files\Common Files\System
2018-11-07 07:22 - 2016-07-16 16:40 - 000753528 _____ C:\Windows\system32\perfh00A.dat
2018-11-07 07:22 - 2016-07-16 16:40 - 000171026 _____ C:\Windows\system32\perfc00A.dat
2018-11-06 18:51 - 2016-07-16 00:04 - 000032768 _____ C:\Windows\system32\config\ELAM
2018-11-06 07:28 - 2016-07-16 05:36 - 000000000 ____D C:\Windows\CbsTemp
2018-11-03 12:24 - 2016-07-16 05:47 - 000000000 ____D C:\Windows\rescache
2018-10-30 18:44 - 2016-07-16 05:47 - 000000000 ____D C:\Windows\SysWOW64\inetsrv
2018-10-30 18:44 - 2016-07-16 05:44 - 000165376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mqtrig.dll
2018-10-30 18:44 - 2016-07-16 05:43 - 000127488 _____ (Microsoft Corporation) C:\Windows\system32\mqlogmgr.dll
2018-10-30 18:43 - 2016-07-16 05:44 - 000621568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mqsnap.dll
2018-10-30 18:43 - 2016-07-16 05:44 - 000562176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mqutil.dll
2018-10-30 18:43 - 2016-07-16 05:44 - 000265728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mqoa.dll
2018-10-30 18:43 - 2016-07-16 05:44 - 000216064 _____ (Microsoft Corporation) C:\Windows\system32\mqtrig.dll
2018-10-30 18:43 - 2016-07-16 05:44 - 000160768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mqrt.dll
2018-10-30 18:43 - 2016-07-16 05:44 - 000096256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mqoa.tlb
2018-10-30 18:43 - 2016-07-16 05:44 - 000090624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mqoa30.tlb
2018-10-30 18:43 - 2016-07-16 05:44 - 000055296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mqoa20.tlb
2018-10-30 18:43 - 2016-07-16 05:44 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\mqise.dll
2018-10-30 18:43 - 2016-07-16 05:44 - 000038912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mqise.dll
2018-10-30 18:43 - 2016-07-16 05:44 - 000036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mqoa10.tlb
2018-10-30 18:43 - 2016-07-16 05:44 - 000015360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mqcertui.dll
2018-10-30 18:43 - 2016-07-16 05:44 - 000009096 _____ C:\Windows\SysWOW64\msmqtrc.mof
2018-10-30 18:43 - 2016-07-16 05:43 - 001414144 _____ (Microsoft Corporation) C:\Windows\system32\mqqm.dll
2018-10-30 18:43 - 2016-07-16 05:43 - 000785408 _____ (Microsoft Corporation) C:\Windows\system32\mqsnap.dll
2018-10-30 18:43 - 2016-07-16 05:43 - 000564224 _____ (Microsoft Corporation) C:\Windows\system32\mqutil.dll
2018-10-30 18:43 - 2016-07-16 05:43 - 000310784 _____ (Microsoft Corporation) C:\Windows\system32\mqoa.dll
2018-10-30 18:43 - 2016-07-16 05:43 - 000227328 _____ (Microsoft Corporation) C:\Windows\system32\mqrt.dll
2018-10-30 18:43 - 2016-07-16 05:43 - 000175616 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mqac.sys
2018-10-30 18:43 - 2016-07-16 05:43 - 000163840 _____ (Microsoft Corporation) C:\Windows\system32\mqtgsvc.exe
2018-10-30 18:43 - 2016-07-16 05:43 - 000096256 _____ (Microsoft Corporation) C:\Windows\system32\mqoa.tlb
2018-10-30 18:43 - 2016-07-16 05:43 - 000090624 _____ (Microsoft Corporation) C:\Windows\system32\mqoa30.tlb
2018-10-30 18:43 - 2016-07-16 05:43 - 000055296 _____ (Microsoft Corporation) C:\Windows\system32\mqoa20.tlb
2018-10-30 18:43 - 2016-07-16 05:43 - 000052224 _____ (Microsoft Corporation) C:\Windows\system32\mqbkup.exe
2018-10-30 18:43 - 2016-07-16 05:43 - 000036864 _____ (Microsoft Corporation) C:\Windows\system32\mqoa10.tlb
2018-10-30 18:43 - 2016-07-16 05:43 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\mqsvc.exe
2018-10-30 18:43 - 2016-07-16 05:43 - 000023040 _____ (Microsoft Corporation) C:\Windows\system32\infoadmn.dll
2018-10-30 18:43 - 2016-07-16 05:43 - 000018944 _____ (Microsoft Corporation) C:\Windows\system32\mqcertui.dll
2018-10-30 18:43 - 2016-07-16 05:43 - 000018432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infoadmn.dll
2018-10-30 18:43 - 2016-07-16 05:43 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\infoctrs.dll
2018-10-30 18:43 - 2016-07-16 05:43 - 000011264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infoctrs.dll
2018-10-30 18:43 - 2016-07-16 05:43 - 000009096 _____ C:\Windows\system32\msmqtrc.mof
2018-10-30 15:19 - 2016-07-16 05:47 - 000000000 ___HD C:\Windows\ELAMBKUP
2018-10-30 15:18 - 2016-07-16 05:44 - 000172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iisRtl.dll
2018-10-30 15:18 - 2016-07-16 05:44 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\admwprox.dll
2018-10-30 15:18 - 2016-07-16 05:44 - 000026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ahadmin.dll
2018-10-30 15:18 - 2016-07-16 05:44 - 000017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iisreset.exe
2018-10-30 15:18 - 2016-07-16 05:44 - 000011264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wamregps.dll
2018-10-30 15:18 - 2016-07-16 05:44 - 000010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iisrstap.dll
2018-10-30 15:18 - 2016-07-16 05:44 - 000009216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngkeyhelper.dll
2018-10-30 15:18 - 2016-07-16 05:43 - 000203776 _____ (Microsoft Corporation) C:\Windows\system32\iisRtl.dll
2018-10-30 15:18 - 2016-07-16 05:43 - 000055296 _____ (Microsoft Corporation) C:\Windows\system32\admwprox.dll
2018-10-30 15:18 - 2016-07-16 05:43 - 000053248 _____ (Microsoft Corporation) C:\Windows\system32\ahadmin.dll
2018-10-30 15:18 - 2016-07-16 05:43 - 000019456 _____ (Microsoft Corporation) C:\Windows\system32\iisreset.exe
2018-10-30 15:18 - 2016-07-16 05:43 - 000015360 _____ (Microsoft Corporation) C:\Windows\system32\wamregps.dll
2018-10-30 15:18 - 2016-07-16 05:43 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\iisrstap.dll
2018-10-30 15:18 - 2016-07-16 05:43 - 000011264 _____ (Microsoft Corporation) C:\Windows\system32\cngkeyhelper.dll
2018-10-30 00:14 - 2018-05-08 08:03 - 000560648 _____ (Intel Corporation) C:\Windows\system32\Drivers\e1d65x64.sys
2018-10-30 00:14 - 2018-05-08 08:03 - 000134416 _____ (Intel Corporation) C:\Windows\system32\NicCo4.dll
2018-10-30 00:14 - 2018-05-08 08:03 - 000099776 _____ (Intel Corporation) C:\Windows\system32\NicInstD.dll
2018-10-30 00:14 - 2018-05-08 08:03 - 000088624 _____ (Intel Corporation) C:\Windows\system32\e1dmsg.dll
2018-10-30 00:14 - 2018-05-08 08:03 - 000003130 _____ C:\Windows\system32\e1d65x64.din
2018-10-30 00:10 - 2016-07-16 05:47 - 000000000 ____D C:\Windows\AppReadiness
2018-10-30 00:05 - 2016-07-16 05:47 - 000000000 ___HD C:\Program Files\WindowsApps
2018-10-30 00:02 - 2016-07-16 05:47 - 000000000 ___HD C:\Windows\system32\GroupPolicy
2018-10-29 23:48 - 2016-07-16 05:47 - 000000000 ____D C:\Windows\system32\spool
2018-10-29 23:48 - 2016-07-16 05:47 - 000000000 ____D C:\Windows\system32\FxsTmp
2018-10-29 23:46 - 2016-07-16 05:47 - 000000000 ____D C:\Program Files\Windows NT
2018-10-29 23:43 - 2016-07-16 00:04 - 000000000 ____D C:\Windows\system32\Sysprep
2018-10-29 23:41 - 2016-07-16 05:47 - 000000000 ___RD C:\Windows\PrintDialog
2018-10-29 23:41 - 2016-07-16 05:47 - 000000000 ___RD C:\Windows\MiracastView
2018-10-29 23:41 - 2016-07-16 05:47 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2018-10-29 23:41 - 2016-07-16 05:47 - 000000000 ____D C:\ProgramData\USOPrivate
2018-10-29 16:39 - 2016-07-16 05:47 - 000028672 _____ C:\Windows\system32\config\BCD-Template
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2018-11-11 23:49
==================== End of FRST.txt ============================Informe de Addition:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15.11.2018
Ran by Admin (19-11-2018 17:30:58)
Running from C:\Users\Admin\Desktop
Windows 10 Pro Version 1607 (X64) (2018-10-30 05:48:32)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Admin (S-1-5-21-1755836162-1755776415-1301256422-1001 - Administrator - Enabled) => C:\Users\Admin
Administrador (S-1-5-21-1755836162-1755776415-1301256422-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1755836162-1755776415-1301256422-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-1755836162-1755776415-1301256422-1000 - Limited - Disabled) => C:\Users\defaultuser0
Invitado (S-1-5-21-1755836162-1755776415-1301256422-501 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Acrobat Reader DC - Español (HKLM-x32\...\{AC76BA86-7AD7-1034-7B44-AC0F074E4100}) (Version: 19.008.20081 - Adobe Systems Incorporated)
Adobe Premiere Pro CC 2015 (HKLM-x32\...\{38C72D42-0672-43B1-9E05-E7631684F9A1}) (Version: 9.0.0 - Adobe Systems Incorporated)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 18.10.2 - Advanced Micro Devices, Inc.)
Branding64 (HKLM\...\{EE2AFCE4-0238-4DE0-A140-1647021627C1}) (Version: 1.00.0001 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.49 - Piriform)
Combined Community Codec Pack 64bit 2015-10-18 (HKLM\...\Combined Community Codec Pack 64bit_is1) (Version: 2015.10.19.0 - CCCP Project)
CrystalDiskInfo 7.8.3 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 7.8.3 - Crystal Dew World)
DAEMON Tools Pro (HKLM\...\DAEMON Tools Pro) (Version: 8.2.0.0708 - Disc Soft Ltd)
Eines de correcció del Microsoft Office 2016: català (HKLM\...\{90160000-001F-0403-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Ferramentas de verificación de Microsoft Office 2016 - Galego (HKLM\...\{90160000-001F-0456-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
FileZilla Client 3.38.1 (HKLM-x32\...\FileZilla Client) (Version: 3.38.1 - Tim Kosse)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 70.0.3538.102 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
Herramientas de corrección de Microsoft Office 2016: español (HKLM\...\{90160000-001F-0C0A-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Intel(R) Network Connections 23.2.0.1006 (HKLM\...\PROSetDX) (Version: 23.2.0.1006 - Intel)
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1727.1 - Intel Corporation)
Internet Download Manager (HKLM-x32\...\Internet Download Manager) (Version: - Tonec Inc.)
Kaspersky Internet Security (HKLM-x32\...\{718613F4-492D-4272-ACC3-D04A8EF0F883}) (Version: 19.0.0.1088 - Kaspersky Lab) Hidden
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{718613F4-492D-4272-ACC3-D04A8EF0F883}) (Version: 19.0.0.1088 - Kaspersky Lab)
Kaspersky Secure Connection (HKLM-x32\...\{F10AA188-7166-430E-8810-FEAB2AD73DE3}) (Version: 19.0.0.1088 - Kaspersky Lab) Hidden
Kaspersky Secure Connection (HKLM-x32\...\InstallWIX_{F10AA188-7166-430E-8810-FEAB2AD73DE3}) (Version: 19.0.0.1088 - Kaspersky Lab)
Malwarebytes versión 3.6.1.2711 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.6.1.2711 - Malwarebytes)
Microsoft Office Professional Plus 2016 (HKLM\...\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24123 (HKLM-x32\...\{206898cc-4b41-4d98-ac28-9f9ae57f91fe}) (Version: 14.0.24123.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.14.26429 (HKLM-x32\...\{80586c77-db42-44bb-bfc8-7aebbb220c00}) (Version: 14.14.26429.4 - Microsoft Corporation)
Mozilla Firefox 63.0.3 (x64 es-MX) (HKLM\...\Mozilla Firefox 63.0.3 (x64 es-MX)) (Version: 63.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 63.0 - Mozilla)
Nexon Launcher (HKLM-x32\...\Nexon Nexon Launcher) (Version: 2.0.0 - Nexon)
Notepad++ (32-bit x86) (HKLM-x32\...\Notepad++) (Version: 7.5.9 - Notepad++ Team)
Oracle VM VirtualBox 5.2.20 (HKLM\...\{B7EC6E32-AA9F-4EC8-ACE6-1DCECE6E4C08}) (Version: 5.2.20 - Oracle Corporation)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
Radeon RAMDisk (HKLM-x32\...\{BBC956B0-3DD9-4A48-ACAC-DC6AC0FE10D5}) (Version: 4.4.0.36 - Dataram, Inc.)
Revisores de Texto do Microsoft Office 2016 – Português (Brasil) (HKLM\...\{90160000-001F-0416-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Revo Uninstaller Pro 4.0.1 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 4.0.1 - VS Revo Group, Ltd.)
RGB Fusion (HKLM-x32\...\{FFA8F1FA-3C2C-4A94-AC0B-0DF47272C25F}) (Version: 3.18.1019.1 - GIGABYTE)
Software para dispositivos de chipset Intel® (HKLM-x32\...\{eb0d4a41-3065-42b0-a868-c60d42d3ea98}) (Version: 10.1.17695.8086 - Intel(R) Corporation) Hidden
TeamViewer 13 (HKLM-x32\...\TeamViewer) (Version: 13.2.26558 - TeamViewer)
TightVNC (HKLM\...\{B7458EC3-2AA0-4DB4-8FC4-FBB73CC44948}) (Version: 2.8.11.0 - GlavSoft LLC.)
Total Commander 64+32-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.21a - Ghisler Software GmbH)
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
VdhCoApp 1.2.4 (HKLM\...\weh-iss-net.downloadhelper.coapp_is1) (Version: - DownloadHelper)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.4 - VideoLAN)
WhatsApp (HKU\S-1-5-21-1755836162-1755776415-1301256422-1001\...\WhatsApp) (Version: 0.3.1475 - WhatsApp)
Winamp (remove only) (HKLM-x32\...\Winamp) (Version: - )
WinRAR 5.61 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.61.0 - win.rar GmbH)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellIconOverlayIdentifiers: [ IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll [2018-05-12] (Tonec Inc.)
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files (x86)\Notepad++\NppShell_06.dll [2018-10-14] ()
ContextMenuHandlers1: [Kaspersky Anti-Virus 19.0.0] -> {755D388B-420B-4692-A974-84AAF0E577D3} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\x64\ShellEx.dll [2018-10-30] (AO Kaspersky Lab)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-09-30] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-09-30] (Alexander Roshal)
ContextMenuHandlers2: [DaemonShellExtDrive] -> {A5415364-784A-41A5-B47A-D452909CA8FF} => C:\Program Files\DAEMON Tools Pro\DTShl64.dll [2017-05-17] (Disc Soft Ltd)
ContextMenuHandlers2: [Kaspersky Anti-Virus 19.0.0] -> {755D388B-420B-4692-A974-84AAF0E577D3} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\x64\ShellEx.dll [2018-10-30] (AO Kaspersky Lab)
ContextMenuHandlers3: [DaemonShellExtImage] -> {40966797-8FFE-46C8-9EF8-7003F33CCF0F} => C:\Program Files\DAEMON Tools Pro\DTShl64.dll [2017-05-17] (Disc Soft Ltd)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes)
ContextMenuHandlers4: [Kaspersky Anti-Virus 19.0.0] -> {755D388B-420B-4692-A974-84AAF0E577D3} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\x64\ShellEx.dll [2018-10-30] (AO Kaspersky Lab)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2018-09-25] (Advanced Micro Devices, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_0541b698fc6e40b0\igfxDTCM.dll [2018-02-17] (Intel Corporation)
ContextMenuHandlers6: [Kaspersky Anti-Virus 19.0.0] -> {755D388B-420B-4692-A974-84AAF0E577D3} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\x64\ShellEx.dll [2018-10-30] (AO Kaspersky Lab)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes)
ContextMenuHandlers6: [RUShellExt] -> {2C5515DC-2A7E-4BFD-B813-CACC2B685EB7} => C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RUExt.dll [2018-09-06] (VS Revo Group)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-09-30] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-09-30] (Alexander Roshal)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0A9CCE54-FEF5-4A0D-9A50-906DA9391FF4} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-08-14] (Adobe Systems Incorporated)
Task: {2428D03B-63AC-4660-9526-A4376044169C} - System32\Tasks\AdobeAAMUpdater-1.0-DESKTOP-N8C7JI0-Admin => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2015-04-28] (Adobe Systems Incorporated)
Task: {3431CDF6-F4A2-4F2D-9DF0-CBE73F7F210E} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe
Task: {37852CE9-AA16-4435-AB61-330AB888A16F} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [2018-09-25] (Advanced Micro Devices, Inc.)
Task: {3FB66743-5CD7-4E33-A1A2-495332D1E0BC} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [2015-07-31] (Microsoft Corporation)
Task: {4D7C37CD-98EA-4537-9B06-5E0931336497} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [2015-07-31] (Microsoft Corporation)
Task: {4D9FB879-F8B3-47CB-A096-20509E079E14} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-11-01] (Google Inc.)
Task: {77483B97-ACE2-4596-B3BC-2F036D72F2D8} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2015-07-31] (Microsoft Corporation)
Task: {7762B3CE-CED2-48CA-82FC-3957321DE525} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-11-06] (Piriform Ltd)
Task: {87541F52-C730-4D57-BECE-FCEB83A1B836} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\dvrcmd.exe [2018-09-25] (Advanced Micro Devices, Inc.)
Task: {A8406CAD-B483-4A3E-82EA-71E4EFD82142} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-11-01] (Google Inc.)
Task: {AA4AAB1C-DA21-4A3D-AE03-175D2C826ACE} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-11-06] (Piriform Software Ltd)
Task: {FC6A94E4-A6FC-4F00-80F5-AA352FD0ED24} - System32\Tasks\KMSAutoNet => C:\ProgramData\KMSAutoS\KMSAuto Net.exe
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2016-07-16 05:42 - 2016-07-16 05:42 - 000231424 _____ () C:\Windows\SYSTEM32\ism32k.dll
2016-07-16 05:42 - 2016-07-16 05:42 - 002681200 _____ () C:\Windows\system32\CoreUIComponents.dll
2018-11-04 15:00 - 2018-11-04 15:00 - 000075136 _____ () C:\Windows\SysWoW64\PnkBstrA.exe
2018-10-29 23:51 - 2018-10-29 23:51 - 000959168 _____ () C:\Users\Admin\AppData\Local\Microsoft\OneDrive\17.3.6381.0405\amd64\ClientTelemetry.dll
2016-07-16 05:42 - 2016-07-16 05:42 - 000130048 _____ () C:\Windows\SYSTEM32\CHARTV.dll
2018-10-27 11:48 - 2018-10-27 11:48 - 000054440 _____ () C:\Program Files\FileZilla FTP Client\fzshellext_64.dll
2018-10-14 12:45 - 2018-10-14 12:45 - 000230064 _____ () C:\Program Files (x86)\Notepad++\NppShell_06.dll
2018-04-24 22:07 - 2018-04-24 22:07 - 000015360 _____ () C:\Program Files\AMD\CNext\CNext\libEGL.DLL
2018-04-24 22:07 - 2018-04-24 22:07 - 002519040 _____ () C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2016-07-16 05:42 - 2016-07-16 05:42 - 000134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2016-07-16 05:43 - 2016-07-16 05:43 - 000474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2016-07-16 05:43 - 2016-07-16 16:45 - 009761280 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-07-16 05:43 - 2016-07-16 16:45 - 001400320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-07-16 05:43 - 2016-07-16 16:45 - 000757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2016-07-16 05:43 - 2016-07-16 16:45 - 002438144 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-07-16 05:43 - 2016-07-16 16:45 - 004853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2018-10-30 08:40 - 2015-10-04 21:12 - 000300544 _____ () C:\Program Files\Combined Community Codec Pack 64bit\Filters\LAVFilters\libbluray.dll
2016-07-16 16:49 - 2016-07-16 16:49 - 000071168 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.4.86.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2016-07-16 16:49 - 2016-07-16 16:49 - 000157184 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.4.86.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2016-07-16 16:49 - 2016-07-16 16:49 - 029443072 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.4.86.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2018-11-06 10:14 - 2018-11-06 10:14 - 000100936 _____ () C:\Program Files\CCleaner\lang\lang-1034.dll
2016-07-16 16:49 - 2016-07-16 16:49 - 003790336 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1605.1582.0_x64__8wekyb3d8bbwe\Calculator.exe
2016-07-16 16:49 - 2016-07-16 16:49 - 000258560 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1605.1582.0_x64__8wekyb3d8bbwe\StoreRatingPromotion.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\42066957.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\42066957.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2016-07-16 05:47 - 2018-11-07 09:44 - 000021280 _____ C:\Windows\system32\Drivers\etc\hosts
0.0.0.0 ars.smartscreen.microsoft.com
0.0.0.0 az361816.vo.msecnd.net
0.0.0.0 az512334.vo.msecnd.net
0.0.0.0 blob.weather.microsoft.com
0.0.0.0 candycrushsoda.king.com
0.0.0.0 cdn.content.prod.cms.msn.com
0.0.0.0 cdn.onenote.net
0.0.0.0 choice.microsoft.com
0.0.0.0 choice.microsoft.com.nsatc.net
0.0.0.0 client.wns.windows.com
0.0.0.0 client-s.gateway.messenger.live.com
0.0.0.0 clientconfig.passport.net
0.0.0.0 deploy.static.akamaitechnologies.com
0.0.0.0 device.auth.xboxlive.com
0.0.0.0 dmd.metaservices.microsoft.com
0.0.0.0 dns.msftncsi.com
0.0.0.0 feedback.microsoft-hohm.com
0.0.0.0 feedback.search.microsoft.com
0.0.0.0 feedback.windows.com
0.0.0.0 img-s-msn-com.akamaized.net
0.0.0.0 insiderppe.cloudapp.net
0.0.0.0 licensing.mp.microsoft.com
0.0.0.0 mediaredirect.microsoft.com
0.0.0.0 msftncsi.com
0.0.0.0 officeclient.microsoft.com
0.0.0.0 oneclient.sfx.ms
0.0.0.0 pti.store.microsoft.com
0.0.0.0 query.prod.cms.rt.microsoft.com
0.0.0.0 register.cdpcs.microsoft.com
0.0.0.0 s0.2mdn.net
There are 487 more lines.
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1755836162-1755776415-1301256422-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 208.67.222.222 - 208.67.220.220
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
If an entry is included in the fixlist, it will be removed.
HKLM\...\StartupApproved\Run: => "MsmqIntCert"
HKLM\...\StartupApproved\Run32: => "AdobeAAMUpdater-1.0"
HKU\S-1-5-21-1755836162-1755776415-1301256422-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1755836162-1755776415-1301256422-1001\...\StartupApproved\Run: => "DAEMON Tools Pro Agent"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{60E6D465-398E-4850-BE86-7EF7620A2377}] => (Block) C:\windows\system32\svchost.exe
FirewallRules: [{2765E0F4-2918-4A46-B9C9-43CDD8FCBA2B}] => (Block) C:\windows\systemapps\microsoft.windows.cortana_cw5n1h2txyewy\searchui.exe
FirewallRules: [{3D039E7E-D2EF-4F05-B284-0FB9206A8B35}] => (Block) C:\Windows\explorer.exe
FirewallRules: [{7151485C-1382-463F-BD07-AE6BBACBB112}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{BAA2DE15-D104-4A8D-8078-2FD0BD568A4D}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{527158D9-095E-4298-9BFD-5AB4CAEFCD1C}] => (Allow) C:\Program Files\TightVNC\tvnviewer.exe
FirewallRules: [{EF77E55F-006B-4EFE-9F92-7EBADECBEDE8}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{629C6E7C-96E3-4CF5-AB9B-5B8656E28281}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{3CE92375-9EDA-49D2-A134-4519457A0D97}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{3B0E7D65-9502-48C5-9F7B-BC271912111A}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{F7C415E8-06AA-477A-9D07-2C9E1DAC8EE2}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{8CF6E8C2-6379-4DB2-8CAE-579C95F04025}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{A5B2B715-B346-4F2B-AC37-F952215DA584}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{742BB6FF-1A01-4233-BA98-822BA941A145}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{1FD6617A-2DA9-45A4-AFCD-458B7D5385BB}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{56413256-6865-4573-A28A-6BC774D227DE}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{B7349C67-05FF-4716-B1C0-2D5B94A89F6B}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe
FirewallRules: [{74AF2F9B-95F0-4E26-B477-6A7094ACDF69}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe
FirewallRules: [{74846318-017B-4517-A3E9-1464F10B0FA2}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe
FirewallRules: [{C0055CBF-CA3C-4DCD-A4BD-5D12FA276A13}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe
FirewallRules: [{1AE560AB-DEE4-423E-85ED-A087923401EF}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{30BE8125-D91F-4D35-9DA9-FEFB95DD881C}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{9F2E1DD6-5B57-4564-BFCF-DBC8C2E27BEB}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
==================== Restore Points =========================
16-11-2018 19:54:31 JRT Pre-Junkware Removal
16-11-2018 20:47:05 JRT Pre-Junkware Removal
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
System errors:
=============
Windows Defender:
===================================
Date: 2018-10-29 23:59:22.064
Description:
Windows Defender detectó malware u otro software potencialmente no deseado.
Para obtener más información consulte lo siguiente:
http://go.microsoft.com/fwlink/?linkid=37020&name=SettingsModifier:Win32/PossibleHostsFileHijack&threatid=14994&enterprise=0
Nombre: SettingsModifier:Win32/PossibleHostsFileHijack
Id.: 14994
Gravedad: Media
Categoría: Modificador de configuración
Ruta de acceso: file:_C:\Windows\System32\drivers\etc\hosts
Origen de detección: Equipo local
Tipo de detección: Concreto
Fuente de detección: Protección en tiempo real
Usuario: DESKTOP-N8C7JI0\Admin
Nombre de proceso: C:\Windows\System32\cmd.exe
Versión de firma: AV: 1.221.14.0, AS: 1.221.14.0, NIS: 116.1.0.0
Versión de motor: AM: 1.1.12805.0, NIS: 2.1.12706.0
Date: 2018-10-29 23:59:21.990
Description:
Windows Defender detectó malware u otro software potencialmente no deseado.
Para obtener más información consulte lo siguiente:
http://go.microsoft.com/fwlink/?linkid=37020&name=SettingsModifier:Win32/PossibleHostsFileHijack&threatid=14994&enterprise=0
Nombre: SettingsModifier:Win32/PossibleHostsFileHijack
Id.: 14994
Gravedad: Media
Categoría: Modificador de configuración
Ruta de acceso: file:_C:\Windows\System32\drivers\etc\hosts
Origen de detección: Equipo local
Tipo de detección: Concreto
Fuente de detección: Protección en tiempo real
Usuario: DESKTOP-N8C7JI0\Admin
Nombre de proceso: C:\Windows\System32\cmd.exe
Versión de firma: AV: 1.221.14.0, AS: 1.221.14.0, NIS: 116.1.0.0
Versión de motor: AM: 1.1.12805.0, NIS: 2.1.12706.0
Date: 2018-10-29 23:59:21.925
Description:
Windows Defender detectó malware u otro software potencialmente no deseado.
Para obtener más información consulte lo siguiente:
http://go.microsoft.com/fwlink/?linkid=37020&name=SettingsModifier:Win32/PossibleHostsFileHijack&threatid=14994&enterprise=0
Nombre: SettingsModifier:Win32/PossibleHostsFileHijack
Id.: 14994
Gravedad: Media
Categoría: Modificador de configuración
Ruta de acceso: file:_C:\Windows\System32\drivers\etc\hosts
Origen de detección: Equipo local
Tipo de detección: Concreto
Fuente de detección: Protección en tiempo real
Usuario: DESKTOP-N8C7JI0\Admin
Nombre de proceso: C:\Windows\System32\cmd.exe
Versión de firma: AV: 1.221.14.0, AS: 1.221.14.0, NIS: 116.1.0.0
Versión de motor: AM: 1.1.12805.0, NIS: 2.1.12706.0
Date: 2018-10-29 23:59:21.852
Description:
Windows Defender detectó malware u otro software potencialmente no deseado.
Para obtener más información consulte lo siguiente:
http://go.microsoft.com/fwlink/?linkid=37020&name=SettingsModifier:Win32/PossibleHostsFileHijack&threatid=14994&enterprise=0
Nombre: SettingsModifier:Win32/PossibleHostsFileHijack
Id.: 14994
Gravedad: Media
Categoría: Modificador de configuración
Ruta de acceso: file:_C:\Windows\System32\drivers\etc\hosts
Origen de detección: Equipo local
Tipo de detección: Concreto
Fuente de detección: Protección en tiempo real
Usuario: DESKTOP-N8C7JI0\Admin
Nombre de proceso: C:\Windows\System32\cmd.exe
Versión de firma: AV: 1.221.14.0, AS: 1.221.14.0, NIS: 116.1.0.0
Versión de motor: AM: 1.1.12805.0, NIS: 2.1.12706.0
Date: 2018-10-29 23:59:21.772
Description:
Windows Defender detectó malware u otro software potencialmente no deseado.
Para obtener más información consulte lo siguiente:
http://go.microsoft.com/fwlink/?linkid=37020&name=SettingsModifier:Win32/PossibleHostsFileHijack&threatid=14994&enterprise=0
Nombre: SettingsModifier:Win32/PossibleHostsFileHijack
Id.: 14994
Gravedad: Media
Categoría: Modificador de configuración
Ruta de acceso: file:_C:\Windows\System32\drivers\etc\hosts
Origen de detección: Equipo local
Tipo de detección: Concreto
Fuente de detección: Protección en tiempo real
Usuario: DESKTOP-N8C7JI0\Admin
Nombre de proceso: C:\Windows\System32\cmd.exe
Versión de firma: AV: 1.221.14.0, AS: 1.221.14.0, NIS: 116.1.0.0
Versión de motor: AM: 1.1.12805.0, NIS: 2.1.12706.0
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i7-8700K CPU @ 3.70GHz
Percentage of memory in use: 18%
Total physical RAM: 16283.54 MB
Available physical RAM: 13340.36 MB
Total Virtual: 18715.54 MB
Available Virtual: 14804.85 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:297.6 GB) (Free:119.27 GB) NTFS
Drive d: () (Fixed) (Total:1863.02 GB) (Free:17.64 GB) NTFS
Drive e: (Nuevo) (Fixed) (Total:1863.01 GB) (Free:65.12 GB) NTFS
\\?\Volume{afc39352-0000-0000-0000-100000000000}\ (Reservado para el sistema) (Fixed) (Total:0.49 GB) (Free:0.16 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 298.1 GB) (Disk ID: AFC39352)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=297.6 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 1863 GB) (Disk ID: 411C2AC1)
Partition 1: (Active) - (Size=1863 GB) - (Type=07 NTFS)
========================================================
Disk: 2 (MBR Code: Windows 7/8/10) (Size: 1863 GB) (Disk ID: 38922AAF)
Partition 1: (Active) - (Size=1863 GB) - (Type=07 NTFS)
==================== End of Addition.txt ============================Hola
Cuanto tiempo hace que usas Kaspersky como antivirus ?
Abrí un nuevo archivo Notepad y copia y pega este contenido:
Start
CreateRestorePoint:
CloseProcesses
() C:\Windows\SysWOW64\PnkBstrA.exe
(Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IDMan.exe
(MPC-HC Team) C:\Program Files\Combined Community Codec Pack 64bit\MPC\mpc-hc64.exe
HKLM\...\Run: [MsmqIntCert] => "C:\Windows\System32\regsvr32.exe" /s "C:\Windows\System32\mqrt.dll"
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500936 2015-04-28] (Adobe Systems Incorporated)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-1755836162-1755776415-1301256422-1001\...\Run: [IDMan] => C:\Program Files (x86)\Internet Download Manager\IDMan.exe [3973176 2018-10-17] (Tonec Inc.)
HKU\S-1-5-21-1755836162-1755776415-1301256422-1001\...\MountPoints2: {60ea5ee5-e053-11e8-bbcd-e0d55e8bc5ca} - "F:\setup.exe"
HKU\S-1-5-21-1755836162-1755776415-1301256422-1001\...\MountPoints2: {60ea605e-e053-11e8-bbcd-e0d55e8bc5ca} - "H:\setup.exe"
GroupPolicy: Restriction ? <==== ATTENTION
GroupPolicy\User: Restriction ? <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
FF DefaultProfile: e9d8nqvf.default
FF ProfilePath: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\e9d8nqvf.default [2018-11-19]
FF Extension: (IDM Integration Module) - C:\Program Files (x86)\Internet Download Manager\idmmzcc3.xpi [2018-10-17]
FF HKU\S-1-5-21-1755836162-1755776415-1301256422-1001\...\SeaMonkey\Extensions: [[email protected]] - C:\Users\Admin\AppData\Roaming\IDM\idmmzcc5
FF Extension: (IDM CC) - C:\Users\Admin\AppData\Roaming\IDM\idmmzcc5 [2018-10-30] [Legacy] [not signed]
FF HKU\S-1-5-21-1755836162-1755776415-1301256422-1001\...\SeaMonkey\Extensions: [[email protected]] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi
FF Extension: (IDM integration) - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi [2017-12-20] [Legacy]
CHR HKLM\...\Chrome\Extension: [amkpcclbbgegoafihnpgomddadjhcadd] - hxxps://chrome.google.com/webstore/detail/amkpcclbbgegoafihnpgomddadjhcadd
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2018-10-18]
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2018-11-04] ()
CMD: ipconfig /flushdns
CMD: ipconfig /renew
CMD: bitsadmin /reset /allusers
CMD: netsh winsock reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
RemoveProxy:
EmptyTemp:
Hosts:
END
- Lo guardas bajo el nombre de fixlist.txt en el escritorio <<< Esto es muy importante.
Nota: Es necesario que el ejecutable Frst.exe y fixlist.txt se encuentren en la misma ubicación (escritorio) o si no la herramienta no trabajara.
- Ejecutas Frst.exe.
- Presionas el botón Fix y aguardas a que termine.
- La Herramienta guardara el reporte en tu escritorio (Fixlog.txt).
- Lo pegas en tu próxima respuesta.
Saludos
Aqui esta el informe de Farbar:
Fix result of Farbar Recovery Scan Tool (x64) Version: 15.11.2018
Ran by Admin (19-11-2018 17:49:27) Run:1
Running from C:\Users\Admin\Desktop
Loaded Profiles: Admin (Available Profiles: defaultuser0 & Admin & DefaultAppPool)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CreateRestorePoint:
CloseProcesses
() C:\Windows\SysWOW64\PnkBstrA.exe
(Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IDMan.exe
(MPC-HC Team) C:\Program Files\Combined Community Codec Pack 64bit\MPC\mpc-hc64.exe
HKLM\...\Run: [MsmqIntCert] => "C:\Windows\System32\regsvr32.exe" /s "C:\Windows\System32\mqrt.dll"
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500936 2015-04-28] (Adobe Systems Incorporated)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-1755836162-1755776415-1301256422-1001\...\Run: [IDMan] => C:\Program Files (x86)\Internet Download Manager\IDMan.exe [3973176 2018-10-17] (Tonec Inc.)
HKU\S-1-5-21-1755836162-1755776415-1301256422-1001\...\MountPoints2: {60ea5ee5-e053-11e8-bbcd-e0d55e8bc5ca} - "F:\setup.exe"
HKU\S-1-5-21-1755836162-1755776415-1301256422-1001\...\MountPoints2: {60ea605e-e053-11e8-bbcd-e0d55e8bc5ca} - "H:\setup.exe"
GroupPolicy: Restriction ? <==== ATTENTION
GroupPolicy\User: Restriction ? <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
FF DefaultProfile: e9d8nqvf.default
FF ProfilePath: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\e9d8nqvf.default [2018-11-19]
FF Extension: (IDM Integration Module) - C:\Program Files (x86)\Internet Download Manager\idmmzcc3.xpi [2018-10-17]
FF HKU\S-1-5-21-1755836162-1755776415-1301256422-1001\...\SeaMonkey\Extensions: [[email protected]] - C:\Users\Admin\AppData\Roaming\IDM\idmmzcc5
FF Extension: (IDM CC) - C:\Users\Admin\AppData\Roaming\IDM\idmmzcc5 [2018-10-30] [Legacy] [not signed]
FF HKU\S-1-5-21-1755836162-1755776415-1301256422-1001\...\SeaMonkey\Extensions: [[email protected]] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi
FF Extension: (IDM integration) - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi [2017-12-20] [Legacy]
CHR HKLM\...\Chrome\Extension: [amkpcclbbgegoafihnpgomddadjhcadd] - hxxps://chrome.google.com/webstore/detail/amkpcclbbgegoafihnpgomddadjhcadd
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2018-10-18]
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2018-11-04] ()
CMD: ipconfig /flushdns
CMD: ipconfig /renew
CMD: bitsadmin /reset /allusers
CMD: netsh winsock reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
RemoveProxy:
EmptyTemp:
Hosts:
END
*****************
Restore point was successfully created.
CloseProcesses => Error: No automatic fix found for this entry.
[2384] C:\Windows\SysWOW64\PnkBstrA.exe => process closed successfully.
[7592] C:\Program Files (x86)\Internet Download Manager\IDMan.exe => process closed successfully.
[5140] C:\Program Files\Combined Community Codec Pack 64bit\MPC\mpc-hc64.exe => process closed successfully.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\MsmqIntCert" => removed successfully
"HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeAAMUpdater-1.0" => removed successfully
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => removed successfully
"HKU\S-1-5-21-1755836162-1755776415-1301256422-1001\Software\Microsoft\Windows\CurrentVersion\Run\\IDMan" => removed successfully
HKU\S-1-5-21-1755836162-1755776415-1301256422-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{60ea5ee5-e053-11e8-bbcd-e0d55e8bc5ca} => removed successfully
HKLM\Software\Classes\CLSID\{60ea5ee5-e053-11e8-bbcd-e0d55e8bc5ca} => not found
HKU\S-1-5-21-1755836162-1755776415-1301256422-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{60ea605e-e053-11e8-bbcd-e0d55e8bc5ca} => removed successfully
HKLM\Software\Classes\CLSID\{60ea605e-e053-11e8-bbcd-e0d55e8bc5ca} => not found
C:\Windows\system32\GroupPolicy\Machine => moved successfully
C:\Windows\system32\GroupPolicy\GPT.ini => moved successfully
C:\Windows\system32\GroupPolicy\User => moved successfully
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer => removed successfully
FF DefaultProfile: e9d8nqvf.default => Error: No automatic fix found for this entry.
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\e9d8nqvf.default => moved successfully
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\e9d8nqvf.default => path removed successfully
C:\Program Files (x86)\Internet Download Manager\idmmzcc3.xpi => moved successfully
"HKU\S-1-5-21-1755836162-1755776415-1301256422-1001\Software\Mozilla\SeaMonkey\Extensions\\[email protected]" => removed successfully
C:\Users\Admin\AppData\Roaming\IDM\idmmzcc5 => moved successfully
"HKU\S-1-5-21-1755836162-1755776415-1301256422-1001\Software\Mozilla\SeaMonkey\Extensions\\[email protected]" => removed successfully
C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi => moved successfully
HKLM\SOFTWARE\Google\Chrome\Extensions\amkpcclbbgegoafihnpgomddadjhcadd => removed successfully
HKLM\SOFTWARE\Google\Chrome\Extensions\ngpampappnmepgilojfohadhhmbhlaek => removed successfully
C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx => moved successfully
HKLM\System\CurrentControlSet\Services\PnkBstrA => removed successfully
PnkBstrA => service removed successfully
========= ipconfig /flushdns =========
Configuraci¢n IP de Windows
Se vaci¢ correctamente la cach‚ de resoluci¢n de DNS.
========= End of CMD: =========
========= ipconfig /renew =========
Configuraci¢n IP de Windows
No se puede realizar ninguna operaci¢n en Ethernet 2 mientras los medios
est‚n desconectados.
Adaptador de Ethernet Ethernet:
Sufijo DNS espec¡fico para la conexi¢n. . :
Direcci¢n IPv4. . . . . . . . . . . . . . : 192.168.1.154
M scara de subred . . . . . . . . . . . . : 255.255.255.0
Puerta de enlace predeterminada . . . . . : 192.168.1.254
Adaptador de Ethernet VirtualBox Host-Only Network:
Sufijo DNS espec¡fico para la conexi¢n. . :
V¡nculo: direcci¢n IPv6 local. . . : fe80::1c81:b463:ce2a:f6%14
Direcci¢n IPv4. . . . . . . . . . . . . . : 192.168.56.1
M scara de subred . . . . . . . . . . . . : 255.255.255.0
Puerta de enlace predeterminada . . . . . :
Adaptador de Ethernet Ethernet 2:
Estado de los medios. . . . . . . . . . . : medios desconectados
Sufijo DNS espec¡fico para la conexi¢n. . :
Adaptador de t£nel isatap.{ADA121D7-D94F-4568-A803-316DF8AA0EA2}:
Estado de los medios. . . . . . . . . . . : medios desconectados
Sufijo DNS espec¡fico para la conexi¢n. . :
Adaptador de t£nel isatap.{F882B86B-B26B-453D-8508-07111343866B}:
Estado de los medios. . . . . . . . . . . : medios desconectados
Sufijo DNS espec¡fico para la conexi¢n. . :
========= End of CMD: =========
========= bitsadmin /reset /allusers =========
BITSADMIN version 3.0
BITS administration utility.
(C) Copyright 2000-2006 Microsoft Corp.
BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.
Unable to cancel {6C501609-B722-4E77-A251-FB07F311D082}.
Unable to cancel {7649F394-24E3-4E2A-8D9D-8F8F451215A5}.
Unable to cancel {299341AE-3A39-4423-8B21-44786818DBB5}.
Unable to cancel {8E6B6034-1593-45D0-B282-A0C02364A707}.
Unable to cancel {79A1484E-EE5F-4F9C-A337-2D44D317A03C}.
Unable to cancel {7FF68AA5-8F12-4BDD-AFAC-49CF7562B92C}.
Unable to cancel {BAD60D6B-E33E-4D9D-9A27-D2471470A2EB}.
Unable to cancel {425C8396-F54D-43E5-83D4-89320D0AD607}.
Unable to cancel {591B9109-CAAE-4998-A002-2BAC18FACB05}.
Unable to cancel {45997D97-D674-467B-8880-11752A0F0FEC}.
Unable to cancel {78665372-3538-4EC7-BB09-04354D114B6B}.
Unable to cancel {345F2A2B-845C-4E34-859E-BC84CF6F645D}.
Unable to cancel {120E9B78-A58F-4F71-B2EB-D427ADC86DB0}.
Unable to cancel {7D7DF8FC-BE80-4349-867A-BA9D89AADBD5}.
Unable to cancel {CDD68EBE-D875-42A5-A34E-36972C4A3B53}.
0 out of 15 jobs canceled.
========= End of CMD: =========
========= netsh winsock reset =========
El cat logo Winsock se restableci¢ correctamente.
Debe reiniciar el equipo para completar el restablecimiento.
========= End of CMD: =========
========= netsh advfirewall set allprofiles state ON =========
Aceptar
========= End of CMD: =========
========= netsh int ipv4 reset =========
Global se restableci¢ correctamente.
Interfaz se restableci¢ correctamente.
Direcci¢n de unidifusi¢n se restableci¢ correctamente.
Vecino se restableci¢ correctamente.
Ruta de acceso se restableci¢ correctamente.
Ruta se restableci¢ correctamente.
Error al restablecer .
Acceso denegado.
se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.
========= End of CMD: =========
========= netsh int ipv6 reset =========
Interfaz se restableci¢ correctamente.
Vecino se restableci¢ correctamente.
Ruta de acceso se restableci¢ correctamente.
Error al restablecer .
Acceso denegado.
se restableci¢ correctamente.
se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.
========= End of CMD: =========
========= RemoveProxy: =========
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully
"HKU\S-1-5-21-1755836162-1755776415-1301256422-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\S-1-5-21-1755836162-1755776415-1301256422-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully
========= End of RemoveProxy: =========
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
=========== EmptyTemp: ==========
BITS transfer queue => 67532 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 7520523 B
Java, Flash, Steam htmlcache => 441 B
Windows/system/drivers => 0 B
Edge => 24064 B
Chrome => 172872 B
Firefox => 51984118 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 128 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 0 B
defaultuser0 => 7296 B
Admin => 1652772 B
DefaultAppPool => 0 B
RecycleBin => 5202 B
EmptyTemp: => 58.6 MB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 17:50:22 ====llevare unos 20 días me canse de Avast y estaba probando Kaspersky para ver si compraba una licencia de la version Internet Security
Y como sigue el problema que mencionaste inicialmente ?
Durante los escaneos no me ha vuelto a aparecer el error de pantalla azul, pero siento que la maquina tarda mucho en arrancar, cuando inicia en la barra de tareas tengo ancladas un par de aplicaciones tarda como 30 segundos después de que me muestra el escritorio en aparecer. Eso y también uso dos monitores el segundo monitor parpadea de vez en cuando cuando abro un video o entro a un video online.
Controla el Pc y nos comentas cómo sigue el problema que planteaste inicialmente.
Volve a descargar Delfix y ejecútalo tal como lo hiciste anteriormente.
Espero esa respuesta.
Saludos
Voy a meterle caña a la maquina y te comento en un par de minutos, si algo mas esta pasando.
No me ha vuelto a mostrar la pantalla azul con letras blancas. Espero que no vuelva a aparecer.
Hola
Descargá la herramienta Delfix a Tu escritorio.
Ejecutala, Tildá la casilla Remove disinfection tools y presioná Run
Al terminar Se abrirá un reporte llamado DelFix.txt, verifica que se hayan eliminado las herramientas usadas para desinfectar el Pc.
Para cualquier otro problema, no dudes en volver a postear. Ya sabes dónde estamos.
Tema Solucionado
Saludos
Este tema se cerró automáticamente 2 días después del último post. No se permiten nuevas respuestas.