HijackThis encuentra muchos elementos O1 - Hosts: 127.0.0.1 www.007guard.com

O1 - Hosts: Reset contents to default
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 127.0.0.1 123fporn.info
O1 - Hosts: 127.0.0.1 www.123fporn.info
O1 - Hosts: 127.0.0.1 www.123haustiereundmehr.com
O1 - Hosts: 127.0.0.1 123haustiereundmehr.com
O1 - Hosts: 127.0.0.1 123moviedownload.com
O1 - Hosts: 127.0.0.1 www.123moviedownload.com
O1 - Hosts: 127.0.0.1 123simsen.com
O1 - Hosts: 127.0.0.1 www.123simsen.com
O1 - Hosts: 127.0.0.1 123topsearch.com
O1 - Hosts: 127.0.0.1 www.123topsearch.com
O1 - Hosts: 127.0.0.1 125sms.co.uk
O1 - Hosts: 127.0.0.1 www.125sms.co.uk
O1 - Hosts: 127.0.0.1 www.125sms.com
O1 - Hosts: 127.0.0.1 125sms.com
O1 - Hosts: 127.0.0.1 132.com
O1 - Hosts: 127.0.0.1 www.132.com
O1 - Hosts: 127.0.0.1 www.1337crew.info
O1 - Hosts: 127.0.0.1 1337crew.info
O1 - Hosts: 127.0.0.1 www.1337-crew.to
O1 - Hosts: 127.0.0.1 1337-crew.to
O1 - Hosts: 127.0.0.1 136136.net
O1 - Hosts: 127.0.0.1 www.136136.net
O1 - Hosts: 127.0.0.1 150freesms.de
O1 - Hosts: 127.0.0.1 www.150freesms.de
O1 - Hosts: 127.0.0.1 163ns.com
O1 - Hosts: 127.0.0.1 www.163ns.com
O1 - Hosts: 127.0.0.1 171203.com
O1 - Hosts: 127.0.0.1 17concepts.info
O1 - Hosts: 127.0.0.1 www.17concepts.info
O1 - Hosts: 127.0.0.1 17-plus.com
O1 - Hosts: 127.0.0.1 1800searchonline.com
O1 - Hosts: 127.0.0.1 www.1800searchonline.com
O1 - Hosts: 127.0.0.1 180searchassistant.com
O1 - Hosts: 127.0.0.1 www.180searchassistant.com
O1 - Hosts: 127.0.0.1 180solutions.com
O1 - Hosts: 127.0.0.1 www.180solutions.com
O1 - Hosts: 127.0.0.1 181.365soft.info
O1 - Hosts: 127.0.0.1 www.181.365soft.info
O1 - Hosts: 127.0.0.1 1987324.com
O1 - Hosts: 127.0.0.1 www.1987324.com
O1 - Hosts: 127.0.0.1 1-domains-registrations.com
O1 - Hosts: 127.0.0.1 www.1-domains-registrations.com
O1 - Hosts: 127.0.0.1 www.1ghporn.info
O1 - Hosts: 127.0.0.1 1ghporn.info
O1 - Hosts: 127.0.0.1 www.1importantiamreal.com
O1 - Hosts: 127.0.0.1 1importantiamreal.com
O1 - Hosts: 127.0.0.1 www.1mybigdreamnowreal.com
O1 - Hosts: 127.0.0.1 1mybigdreamnowreal.com
O1 - Hosts: 127.0.0.1 www.1sexparty.com
O1 - Hosts: 127.0.0.1 1sexparty.com
O1 - Hosts: 127.0.0.1 www.1sms.de
O1 - Hosts: 127.0.0.1 1sms.de
O1 - Hosts: 127.0.0.1 www.1spybot.com
O1 - Hosts: 127.0.0.1 1spybot.com
O1 - Hosts: 127.0.0.1 www.1stantivirus.com
O1 - Hosts: 127.0.0.1 1stantivirus.com
O1 - Hosts: 127.0.0.1 www.1stpagehere.com
O1 - Hosts: 127.0.0.1 1stpagehere.com
O1 - Hosts: 127.0.0.1 www.1stsearchportal.com
O1 - Hosts: 127.0.0.1 1stsearchportal.com
O1 - Hosts: 127.0.0.1 2.82211.net
O1 - Hosts: 127.0.0.1 2006ooo.com
O1 - Hosts: 127.0.0.1 www.2006ooo.com
O1 - Hosts: 127.0.0.1 www.2007-download.com
O1 - Hosts: 127.0.0.1 2007-download.com
O1 - Hosts: 127.0.0.1 www.2008firefox.com
O1 - Hosts: 127.0.0.1 2008firefox.com
O1 - Hosts: 127.0.0.1 www.2008search-destroy.com
O1 - Hosts: 127.0.0.1 2008search-destroy.com
O1 - Hosts: 127.0.0.1 www.2008-search-destroy.com
O1 - Hosts: 127.0.0.1 2008-search-destroy.com
O1 - Hosts: 127.0.0.1 2008-viewer.com
O1 - Hosts: 127.0.0.1 www.2008-viewer.com
O1 - Hosts: 127.0.0.1 2009--access.com
O1 - Hosts: 127.0.0.1 www.2009--access.com
O1 - Hosts: 127.0.0.1 www.2009antivirpro.com
O1 - Hosts: 127.0.0.1 2009antivirpro.com
O1 - Hosts: 127.0.0.1 www.2009-edition.com
O1 - Hosts: 127.0.0.1 2009-edition.com
O1 - Hosts: 127.0.0.1 www.2009-phone.com
O1 - Hosts: 127.0.0.1 2009-phone.com
O1 - Hosts: 127.0.0.1 www.2009search-destroy.com
O1 - Hosts: 127.0.0.1 2009search-destroy.com
O1 - Hosts: 127.0.0.1 2009-version.info
O1 - Hosts: 127.0.0.1 www.2009-version.info
O1 - Hosts: 127.0.0.1 2011-kilos-verlieren.eu
O1 - Hosts: 127.0.0.1 www.2011-kilos-verlieren.eu
O1 - Hosts: 127.0.0.1 www.2020search.com
O1 - Hosts: 127.0.0.1 2020search.com
O1 - Hosts: 127.0.0.1 20x2p.com
O1 - Hosts: 127.0.0.1 21dice.net
O1 - Hosts: 127.0.0.1 www.21dice.net
O1 - Hosts: 127.0.0.1 www.2-2005-search.com
O1 - Hosts: 127.0.0.1 2-2005-search.com
O1 - Hosts: 127.0.0.1 www.24.365soft.info
O1 - Hosts: 127.0.0.1 24.365soft.info
O1 - Hosts: 127.0.0.1 www.247fxxx.info
O1 - Hosts: 127.0.0.1 247fxxx.info
O1 - Hosts: 127.0.0.1 www.24-7pharmacy.info
O1 - Hosts: 127.0.0.1 24-7pharmacy.info
O1 - Hosts: 127.0.0.1 www.24-7searching-and-more.com
O1 - Hosts: 127.0.0.1 24-7searching-and-more.com
O1 - Hosts: 127.0.0.1 www.24teen.com
O1 - Hosts: 127.0.0.1 24teen.com
O1 - Hosts: 127.0.0.1 2777f1.makemegood24.com
O1 - Hosts: 127.0.0.1 28f049.perfectchoice1.com
O1 - Hosts: 127.0.0.1 2ae207.ddr-cash.net
O1 - Hosts: 127.0.0.1 2fcffd.perfectchoice1.com
O1 - Hosts: 127.0.0.1 2hj5jtnrlax.baptogbyog.com
O1 - Hosts: 127.0.0.1 2ndpower.com
O1 - Hosts: 127.0.0.1 www.2rfsex.info
O1 - Hosts: 127.0.0.1 2rfsex.info
O1 - Hosts: 127.0.0.1 www.2search.com
O1 - Hosts: 127.0.0.1 2search.com
O1 - Hosts: 127.0.0.1 www.2search.org
O1 - Hosts: 127.0.0.1 2search.org
O1 - Hosts: 127.0.0.1 www.2squared.com
O1 - Hosts: 127.0.0.1 2squared.com
O1 - Hosts: 127.0.0.1 www.2vgporn.info
O1 - Hosts: 127.0.0.1 2vgporn.info
O1 - Hosts: 127.0.0.1 2vt27zn0.firoli-sys.com
O1 - Hosts: 127.0.0.1 2zgfd0.hoststorageforyou.com
O1 - Hosts: 127.0.0.1 30horasdesexoonline.com
O1 - Hosts: 127.0.0.1 www.30horasdesexoonline.com
O1 - Hosts: 127.0.0.1 31columns.com
O1 - Hosts: 127.0.0.1 www.31columns.com
O1 - Hosts: 127.0.0.1 www.3-2005-search.com
O1 - Hosts: 127.0.0.1 3-2005-search.com
O1 - Hosts: 127.0.0.1 www.321-gratis-sms.com
O1 - Hosts: 127.0.0.1 321-gratis-sms.com
O1 - Hosts: 127.0.0.1 www.3322.org
O1 - Hosts: 127.0.0.1 3322.org
O1 - Hosts: 127.0.0.1 www.365fporn.info
O1 - Hosts: 127.0.0.1 365fporn.info
O1 - Hosts: 127.0.0.1 www.365sites.info
O1 - Hosts: 127.0.0.1 365sites.info
O1 - Hosts: 127.0.0.1 365soft.info
O1 - Hosts: 127.0.0.1 36obv2gzq5k.siercevay.com
O1 - Hosts: 127.0.0.1 www.36site.com
O1 - Hosts: 127.0.0.1 36site.com
O1 - Hosts: 127.0.0.1 3721.com
O1 - Hosts: 127.0.0.1 39-93.com
O1 - Hosts: 127.0.0.1 www.3bay.it
O1 - Hosts: 127.0.0.1 3bay.it
O1 - Hosts: 127.0.0.1 www.3dgsex.info
O1 - Hosts: 127.0.0.1 3dgsex.info
O1 - Hosts: 127.0.0.1 www.3mates.com
O1 - Hosts: 127.0.0.1 3mates.com
O1 - Hosts: 127.0.0.1 3o7dbisqfd4.nedqunefr.com
O1 - Hosts: 127.0.0.1 www.3wgporn.info
O1 - Hosts: 127.0.0.1 3wgporn.info
O1 - Hosts: 127.0.0.1 3xclipsonline.com
O1 - Hosts: 127.0.0.1 www.3xclipsonline.com
O1 - Hosts: 127.0.0.1 3xcurves.com
O1 - Hosts: 127.0.0.1 www.3xcurves.com
O1 - Hosts: 127.0.0.1 www.3xfestival.com
O1 - Hosts: 127.0.0.1 3xfestival.com
O1 - Hosts: 127.0.0.1 www.3x-festival.com
O1 - Hosts: 127.0.0.1 3x-festival.com
O1 - Hosts: 127.0.0.1 www.3x-galls.com
O1 - Hosts: 127.0.0.1 3x-galls.com
O1 - Hosts: 127.0.0.1 www.3xmiracle.com
O1 - Hosts: 127.0.0.1 3xmiracle.com
O1 - Hosts: 127.0.0.1 www.3xmoviesblog.com
O1 - Hosts: 127.0.0.1 3xmoviesblog.com
O1 - Hosts: 127.0.0.1 404dns.com
O1 - Hosts: 127.0.0.1 www.404dns.com
O1 - Hosts: 127.0.0.1 4115.duxipefer.com
O1 - Hosts: 127.0.0.1 www.4115.duxipefer.com
O1 - Hosts: 127.0.0.1 www.4199.com
O1 - Hosts: 127.0.0.1 4199.com
O1 - Hosts: 127.0.0.1 www.4-2005-search.com
O1 - Hosts: 127.0.0.1 4-2005-search.com
O1 - Hosts: 127.0.0.1 www.4corn.net
O1 - Hosts: 127.0.0.1 4corn.net
O1 - Hosts: 127.0.0.1 4ebay.it
O1 - Hosts: 127.0.0.1 www.4ebay.it
O1 - Hosts: 127.0.0.1 4klm.com
O1 - Hosts: 127.0.0.1 www.4mpg.com
O1 - Hosts: 127.0.0.1 4mpg.com
O1 - Hosts: 127.0.0.1 4-open-davinci.com
O1 - Hosts: 127.0.0.1 www.4-open-davinci.com
O1 - Hosts: 127.0.0.1 www.4thsex.info
O1 - Hosts: 127.0.0.1 4thsex.info
O1 - Hosts: 127.0.0.1 500sex.info
O1 - Hosts: 127.0.0.1 www.500sex.info
O1 - Hosts: 127.0.0.1 5-2005-search.com
O1 - Hosts: 127.0.0.1 www.5-2005-search.com
O1 - Hosts: 127.0.0.1 www.555royalclub.net
O1 - Hosts: 127.0.0.1 555royalclub.net
O1 - Hosts: 127.0.0.1 www.59cn.cn
O1 - Hosts: 127.0.0.1 59cn.cn
O1 - Hosts: 127.0.0.1 www.5okporn.info
O1 - Hosts: 127.0.0.1 5okporn.info
O1 - Hosts: 127.0.0.1 www.5starsblog.com
O1 - Hosts: 127.0.0.1 5starsblog.com
O1 - Hosts: 127.0.0.1 www.5zgmu7o20kt5d8yq.com
O1 - Hosts: 127.0.0.1 5zgmu7o20kt5d8yq.com
O1 - Hosts: 127.0.0.1 www.6000vornamen.de
O1 - Hosts: 127.0.0.1 6000vornamen.de
O1 - Hosts: 127.0.0.1 www.6700.cn
O1 - Hosts: 127.0.0.1 6700.cn
O1 - Hosts: 127.0.0.1 www.680180.net
O1 - Hosts: 127.0.0.1 680180.net
O1 - Hosts: 127.0.0.1 www.69loadz.com
O1 - Hosts: 127.0.0.1 69loadz.com
O1 - Hosts: 127.0.0.1 www.6hporn.info
O1 - Hosts: 127.0.0.1 6hporn.info
O1 - Hosts: 127.0.0.1 6o64cfcmkyt.tabletprescriptionshop.net
O1 - Hosts: 127.0.0.1 www.6plosex.info
O1 - Hosts: 127.0.0.1 6plosex.info
O1 - Hosts: 127.0.0.1 www.6sek.com
O1 - Hosts: 127.0.0.1 6sek.com
O1 - Hosts: 127.0.0.1 www.70-music.com
O1 - Hosts: 127.0.0.1 70-music.com
O1 - Hosts: 127.0.0.1 7172224.hostedresource.com
O1 - Hosts: 127.0.0.1 www.7322.com
O1 - Hosts: 127.0.0.1 7322.com
O1 - Hosts: 127.0.0.1 www.745970.com
O1 - Hosts: 127.0.0.1 745970.com
O1 - Hosts: 127.0.0.1 75tz.com
O1 - Hosts: 127.0.0.1 www.777bestcasino7.ru
O1 - Hosts: 127.0.0.1 777bestcasino7.ru
O1 - Hosts: 127.0.0.1 www.777casinoroyal.net
O1 - Hosts: 127.0.0.1 777casinoroyal.net
O1 - Hosts: 127.0.0.1 www.777casinozbest.net
O1 - Hosts: 127.0.0.1 777casinozbest.net
O1 - Hosts: 127.0.0.1 www.777gamecard.net
O1 - Hosts: 127.0.0.1 777gamecard.net
O1 - Hosts: 127.0.0.1 www.777jackpotgame.net
O1 - Hosts: 127.0.0.1 777jackpotgame.net
O1 - Hosts: 127.0.0.1 www.777luxcasino.net
O1 - Hosts: 127.0.0.1 777luxcasino.net
O1 - Hosts: 127.0.0.1 www.777playeuro.net
O1 - Hosts: 127.0.0.1 777playeuro.net
O1 - Hosts: 127.0.0.1 www.777search.com
O1 - Hosts: 127.0.0.1 777search.com
O1 - Hosts: 127.0.0.1 www.777starsgame.net
O1 - Hosts: 127.0.0.1 777starsgame.net
O1 - Hosts: 127.0.0.1 www.777top.com
O1 - Hosts: 127.0.0.1 777top.com
O1 - Hosts: 127.0.0.1 www.777web-casinoz.net
O1 - Hosts: 127.0.0.1 777web-casinoz.net
O1 - Hosts: 127.0.0.1 www.777webgamez.ru
O1 - Hosts: 127.0.0.1 777webgamez.ru
O1 - Hosts: 127.0.0.1 www.77zip.com
O1 - Hosts: 127.0.0.1 77zip.com
O1 - Hosts: 127.0.0.1 www.7939.com
O1 - Hosts: 127.0.0.1 7939.com
O1 - Hosts: 127.0.0.1 www.7dailynews.net
O1 - Hosts: 127.0.0.1 7dailynews.net
O1 - Hosts: 127.0.0.1 www.7jksex.info
O1 - Hosts: 127.0.0.1 7jksex.info
O1 - Hosts: 127.0.0.1 80gw6ry3i3x3qbrkwhxhw.032439.com
O1 - Hosts: 127.0.0.1 www.80-music.com
O1 - Hosts: 127.0.0.1 80-music.com
O1 - Hosts: 127.0.0.1 82211.net
O1 - Hosts: 127.0.0.1 85ni5bnb60.firoli-sys.com
O1 - Hosts: 127.0.0.1 8866.org
O1 - Hosts: 127.0.0.1 888best-games.net
O1 - Hosts: 127.0.0.1 www.888best-games.net
O1 - Hosts: 127.0.0.1 888gamegold.net
O1 - Hosts: 127.0.0.1 www.888gamegold.net
O1 - Hosts: 127.0.0.1 www.888gamevip.net
O1 - Hosts: 127.0.0.1 888gamevip.net
O1 - Hosts: 127.0.0.1 www.888globalplay.net
O1 - Hosts: 127.0.0.1 888globalplay.net
O1 - Hosts: 127.0.0.1 www.888-lucky.net
O1 - Hosts: 127.0.0.1 888-lucky.net
O1 - Hosts: 127.0.0.1 www.88sms.ch
O1 - Hosts: 127.0.0.1 88sms.ch
O1 - Hosts: 127.0.0.1 88vcd.com
O1 - Hosts: 127.0.0.1 www.88vcd.com
O1 - Hosts: 127.0.0.1 8ad.com
O1 - Hosts: 127.0.0.1 www.8ad.com
O1 - Hosts: 127.0.0.1 8-download.com
O1 - Hosts: 127.0.0.1 www.8-download.com
O1 - Hosts: 127.0.0.1 www.90-music.com
O1 - Hosts: 127.0.0.1 90-music.com
O1 - Hosts: 127.0.0.1 www.9505.com
O1 - Hosts: 127.0.0.1 9505.com
O1 - Hosts: 127.0.0.1 www.971searchbox.com
O1 - Hosts: 127.0.0.1 971searchbox.com
O1 - Hosts: 127.0.0.1 www.99downloads.de
O1 - Hosts: 127.0.0.1 99downloads.de
O1 - Hosts: 127.0.0.1 9mmporn.com

y muchos mas.

Hola @Sebastian_Egea

Bienvenido al Foro!!!

No es necesario que sigas pegando ese reporte, Hijackthis ha quedado obsoleto para el malware actual-

Realiza lo siguiente:

1.- Desactiva temporalmente tu antivirus y cualquier programa de seguridad.

2.- Descarga Farbar Recovery Scan Tool. en el escritorio, seleccionando la versión adecuada para la arquitectura (32 o 64bits) de su equipo. >> Como saber si mi Windows es de 32 o 64 bits.?

  • Ejecuta FRST.exe.
  • En el mensaje de la ventana del Disclaimer, pulsamos Yes
  • En la ventana principal pulsamos en el botón Scan y esperamos a que concluya el proceso.
  • Se abrirán dos(2) archivos(Logs), Frst.txt y Addition.txt, estos quedaran grabados en el escritorio.

Guía: Como Ejecutar FRST

3.- En tu próxima respuesta, pega los reportes generados.

Guía : ¿Como Pegar reportes en el Foro?

Esperamos esos reporte.

Salu2

¡Muchas gracias SanMar! =). Y mil disculpas por postear tantas veces pero como viste el reporte era extrañamente largo. Ahora te envío los reportes del FRST

Resultados del Análisis Adicional de Farbar Recovery Scan Tool (x64) Versión: 22-01-2020 01
Ejecutado por Seba (24-01-2020 15:21:12)
Ejecutado desde C:\Users\Seba\Desktop
Windows 7 Ultimate Service Pack 1 (X64) (2017-06-20 10:36:57)
Modo de Inicio: Normal
==========================================================


==================== Cuentas: =============================

Administrador (S-1-5-21-2551973510-2106251972-3254095100-500 - Administrator - Disabled)
HomeGroupUser$ (S-1-5-21-2551973510-2106251972-3254095100-1002 - Limited - Enabled)
Invitado (S-1-5-21-2551973510-2106251972-3254095100-501 - Limited - Disabled)
Seba (S-1-5-21-2551973510-2106251972-3254095100-1001 - Administrator - Enabled) => C:\Users\Seba

==================== Centro de Seguridad ========================

(Si una entrada es incluida en el fixlist, será eliminada.)

AV: Bitdefender Antivirus Free Antimalware (Enabled - Up to date) {EA21BCE8-A461-99C3-3A0D-4C964E75494E}
AS: Bitdefender Antivirus Free Antimalware (Enabled - Up to date) {51405D0C-825B-964D-00BD-77E435F203F3}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Programas instalados ======================

(Solo los programas de adware con indicador "Oculto", pueden ser añadidos al fixlist para hacerlos visibles. Los programas adware deben ser desinstalados manualmente.)

Adobe Acrobat Reader DC - Español (HKLM-x32\...\{AC76BA86-7AD7-1034-7B44-AC0F074E4100}) (Version: 19.021.20061 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.114 - Adobe Systems Incorporated)
AMD Catalyst Install Manager (HKLM\...\{37FCE154-7F59-74F0-3A35-BF503CEB230B}) (Version: 8.0.877.0 - Advanced Micro Devices, Inc.)
Audacity 2.1.3 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.3 - Audacity Team)
CCleaner (HKLM\...\CCleaner) (Version: 5.31 - Piriform)
ChemSep 7.41 (HKLM-x32\...\ChemSepL7v41) (Version: 7.41 - ChemSep)
COCO (HKLM\...\COCO) (Version: 3.2 - AmsterCHEM)
COSMOthermCO-LITE (HKLM-x32\...\COSMOthermCO-LITE) (Version:  - )
CPUID CPU-Z 1.79.1 (HKLM\...\CPUID CPU-Z_is1) (Version:  - ) <==== ATENCIÓN
DjVuLibre DjView  3.5.25.4+4.9.2 (HKLM-x32\...\DjVuLibre+DjView) (Version: 3.5.25.4+4.9.2 - DjVuZone)
Estudio para la mejora del producto HP Deskjet 3540 series (HKLM\...\{633A392F-5CE5-4659-8BE6-510A2F5C11E4}) (Version: 32.2.188.47710 - Hewlett-Packard Co.)
Excel CAPE-OPEN Unit Operation (HKLM-x32\...\ExcelUO) (Version: 1.0.56.0 - AmsterCHEM)
FFmpeg (Windows) for Audacity versión 2.2.2 (HKLM-x32\...\{9C7E31E3-017F-434C-AC40-24431A354A1E}_is1) (Version: 2.2.2 - )
FreeMind (HKLM-x32\...\B991B020-2968-11D8-AF23-444553540000_is1) (Version: 1.0.0 - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 79.0.3945.130 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.421 - Google LLC) Hidden
HP Deskjet 3540 series Ayuda (HKLM-x32\...\{5DC3CE31-4900-49C2-B56D-624E2DB162BC}) (Version: 30.0.0 - Hewlett Packard)
HP Deskjet 3540 series Software básico del dispositivo (HKLM\...\{37F7BADF-64F5-4A21-84EC-28E85BC2241B}) (Version: 32.2.188.47710 - Hewlett-Packard Co.)
HP ePrint SW (HKLM-x32\...\{cdb5f70f-5107-4613-bf69-15de903b5b5d}) (Version: 5.5.22560 - HP Inc.)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
IBM SPSS Statistics 23 (HKLM-x32\...\{C3BA73A4-2A45-4036-8541-4F5F8146078B}) (Version: 23.0.0.0 - IBM Corp)
Java 8 Update 131 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180131F0}) (Version: 8.0.1310.11 - Oracle Corporation)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
Mathcad PDSi viewable support (HKLM-x32\...\{AC76D478-1033-0000-3478-000000000004}) (Version: 9.0.0 - Adobe Systems) Hidden
Mathcad PDSi viewable support (HKLM-x32\...\Mathcad PDSi viewable support) (Version: 9.0.0 - Adobe Systems)
MEGAsync (HKLM-x32\...\MEGAsync) (Version:  - Mega Limited)
Microsoft .NET Framework 4.7.2 (español) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 3082) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft .NET Framework 4.7.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Project Professional 2010 (HKLM-x32\...\Office14.PRJPRO) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft Visio Premium 2010 (HKLM-x32\...\Office14.VISIO) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.15.26706 (HKLM-x32\...\{95ac1cfa-f4fb-4d1b-8912-7f9d5fbb140d}) (Version: 14.15.26706.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.12.25810 (HKLM-x32\...\{56e11d69-7cc9-40a5-a4f9-8f6190c4d84d}) (Version: 14.12.25810.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 22.0.2 - OBS Project)
Paquete de idioma de Microsoft Visual Studio 2010 Tools para Office Runtime (x64) - ESN (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - ESN) (Version: 10.0.50903 - Microsoft Corporation)
PTC Diagnostic Tools (HKLM\...\{1813AEF6-64CD-4AE9-B2AA-4DB3F7E246F3}) (Version: 4.0.0.0 - PTC)
PTC Mathcad Prime 4.0 (HKLM\...\{76F154D2-2092-41FC-956C-DC0B79D2B8CA}) (Version: 4.0.0 - PTC)
Puran File Recovery 1.2.1 (HKLM\...\Puran File Recovery_is1) (Version:  - Puran Software)
Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003B-0000-0000-0000000FF1CE}_Office14.PRJPRO_{58FA40EF-ABA9-4FED-AD3D-318A6073934D}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0057-0000-0000-0000000FF1CE}_Office14.VISIO_{359ADBEC-068A-4CC9-9174-77AB8EDB867A}) (Version:  - Microsoft)
Skype versión 8.48 (HKLM-x32\...\Skype_is1) (Version: 8.48 - Skype Technologies S.A.)
Software para dispositivos de chipset Intel® (HKLM-x32\...\{98f335cd-0a32-4b3f-b74c-ef9480e834f0}) (Version: 10.0.27 - Intel(R) Corporation) Hidden
USEPA Cape Open Class Library with WAR Add-In (HKLM-x32\...\{174EB4DF-7074-4405-A775-361B205C9BE1}) (Version: 1.4.17 - USEPA)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.6 - VideoLAN)
WD Drive Utilities (HKLM-x32\...\{48996CDD-DD81-4197-93FE-0971E73C5CA7}) (Version: 1.3.2.2 - Western Digital Technologies, Inc.) Hidden
WD Drive Utilities (HKLM-x32\...\{eab1fb93-61fb-48de-b815-b4e9b68d2ef1}) (Version: 1.3.2.2 - Western Digital Technologies, Inc.)
WD Quick View (HKLM-x32\...\{E83047E3-B85C-40E4-A421-017B264AB761}) (Version: 2.4.16.16 - Western Digital Technologies, Inc.)
WD Security (HKLM-x32\...\{83270912-15C7-4336-822E-E8F1B1BBCA60}) (Version: 1.0.3.3 - Western Digital Technologies, Inc.)
WD SmartWare (HKLM\...\{02D359F8-1DEF-41DD-8561-99C7321BFE00}) (Version: 2.4.16.16 - Western Digital Technologies, Inc.)
WD SmartWare Installer (HKLM-x32\...\{4555885d-a64c-4234-9aac-72a8a6b5590b}) (Version: 2.4.16.16 - Western Digital Technologies, Inc.)
WinRAR 5.40 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
XnView 2.40 (HKLM-x32\...\XnView_is1) (Version: 2.40 - Gougelet Pierre-e)

==================== Personalizado CLSID (Lista blanca): ==============

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

ShellExecuteHooks: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [6671064 2013-12-19] (Microsoft Corporation -> Microsoft Corporation)
ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [4171480 2013-12-19] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2019-09-05] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2019-09-05] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2019-09-05] (Mega Limited -> )
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2019-09-05] (Mega Limited -> )
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2019-09-05] (Mega Limited -> )
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2019-09-05] (Mega Limited -> )
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {D25B2CAB-8A9A-4517-A9B2-CB5F68A5A802} => C:\Program Files (x86)\PTC\Mathcad PDSi\Acrobat\..\Acrobat Elements\ContextMenu64.dll [2008-10-06] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2019-09-05] (Mega Limited -> )
ContextMenuHandlers1: [WDBackupMenuHandler] -> {C752BC82-C19A-4827-9C15-0996BA85C180} => C:\Program Files\Western Digital\WD SmartWare\\WDContextMenuHandler.dll [2016-04-19] (WESTERN DIGITAL TECHNOLOGIES -> Western Digital Technologies, Inc.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-15] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-15] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [CWDDriveMenuHandler] -> {CCEFA845-DCDB-4A2F-8BED-DBE87CD198EC} => C:\Program Files\Western Digital\WD SmartWare\\WDContextMenuHandler.dll [2016-04-19] (WESTERN DIGITAL TECHNOLOGIES -> Western Digital Technologies, Inc.)
ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2019-09-05] (Mega Limited -> )
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2019-09-05] (Mega Limited -> )
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2019-09-05] (Mega Limited -> )
ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2013-04-29] (Advanced Micro Devices, Inc.) [Archivo no firmado]
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {D25B2CAB-8A9A-4517-A9B2-CB5F68A5A802} => C:\Program Files (x86)\PTC\Mathcad PDSi\Acrobat\..\Acrobat Elements\ContextMenu64.dll [2008-10-06] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
ContextMenuHandlers6: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers6: [WDBackupMenuHandler] -> {C752BC82-C19A-4827-9C15-0996BA85C180} => C:\Program Files\Western Digital\WD SmartWare\\WDContextMenuHandler.dll [2016-04-19] (WESTERN DIGITAL TECHNOLOGIES -> Western Digital Technologies, Inc.)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-15] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-15] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Lista blanca) ====================

==================== Accesos directos & WMI ========================

(Las entradas pueden ser listadas para ser restauradas o eliminadas.)

WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]
ShortcutWithArgument: C:\Users\Seba\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\d249d9ddd424b688\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default

==================== Módulos cargados (Lista blanca) =============

2013-06-02 16:24 - 2013-06-02 16:24 - 001162752 _____ () [Archivo no firmado] C:\Program Files (x86)\DjVuLibre\libdjvulibre.dll
2013-06-02 16:24 - 2013-06-02 16:24 - 000108544 _____ () [Archivo no firmado] C:\Program Files (x86)\DjVuLibre\libjpeg.dll
2013-06-02 16:24 - 2013-06-02 16:24 - 000298496 _____ () [Archivo no firmado] C:\Program Files (x86)\DjVuLibre\libtiff.dll
2013-06-02 16:24 - 2013-06-02 16:24 - 000065024 _____ () [Archivo no firmado] C:\Program Files (x86)\DjVuLibre\libz.dll
2013-04-29 23:03 - 2013-04-29 23:03 - 000837632 _____ (Advanced Micro Devices, Inc.) [Archivo no firmado] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll
2013-04-29 23:02 - 2013-04-29 23:02 - 000004608 _____ (Advanced Micro Devices, Inc.) [Archivo no firmado] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiamesp.dll
2013-06-02 16:24 - 2013-06-02 16:24 - 000026624 _____ (Nokia Corporation and/or its subsidiary(-ies)) [Archivo no firmado] C:\Program Files (x86)\DjVuLibre\plugins\imageformats\qgif4.dll
2013-06-02 16:24 - 2013-06-02 16:24 - 000028672 _____ (Nokia Corporation and/or its subsidiary(-ies)) [Archivo no firmado] C:\Program Files (x86)\DjVuLibre\plugins\imageformats\qico4.dll
2013-06-02 16:24 - 2013-06-02 16:24 - 000201216 _____ (Nokia Corporation and/or its subsidiary(-ies)) [Archivo no firmado] C:\Program Files (x86)\DjVuLibre\plugins\imageformats\qjpeg4.dll
2013-06-02 16:24 - 2013-06-02 16:24 - 000222208 _____ (Nokia Corporation and/or its subsidiary(-ies)) [Archivo no firmado] C:\Program Files (x86)\DjVuLibre\plugins\imageformats\qmng4.dll
2013-06-02 16:24 - 2013-06-02 16:24 - 000019968 _____ (Nokia Corporation and/or its subsidiary(-ies)) [Archivo no firmado] C:\Program Files (x86)\DjVuLibre\plugins\imageformats\qtga4.dll
2013-06-02 16:24 - 2013-06-02 16:24 - 000287232 _____ (Nokia Corporation and/or its subsidiary(-ies)) [Archivo no firmado] C:\Program Files (x86)\DjVuLibre\plugins\imageformats\qtiff4.dll
2013-06-02 16:24 - 2013-06-02 16:24 - 002562560 _____ (Nokia Corporation and/or its subsidiary(-ies)) [Archivo no firmado] C:\Program Files (x86)\DjVuLibre\QtCore4.dll
2013-06-02 16:24 - 2013-06-02 16:24 - 008569856 _____ (Nokia Corporation and/or its subsidiary(-ies)) [Archivo no firmado] C:\Program Files (x86)\DjVuLibre\QtGui4.dll
2013-06-02 16:24 - 2013-06-02 16:24 - 001037312 _____ (Nokia Corporation and/or its subsidiary(-ies)) [Archivo no firmado] C:\Program Files (x86)\DjVuLibre\QtNetwork4.dll
2013-06-02 16:24 - 2013-06-02 16:24 - 000778752 _____ (Nokia Corporation and/or its subsidiary(-ies)) [Archivo no firmado] C:\Program Files (x86)\DjVuLibre\QtOpenGL4.dll
2017-08-10 12:24 - 2017-08-10 12:24 - 000217600 _____ (RSA - The Security Division of EMC) [Archivo no firmado] C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\ccme_asym.dll
2017-08-10 12:24 - 2017-08-10 12:24 - 000404480 _____ (RSA - The Security Division of EMC) [Archivo no firmado] C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\ccme_base.dll
2017-08-10 12:24 - 2017-08-10 12:24 - 000379904 _____ (RSA - The Security Division of EMC) [Archivo no firmado] C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\ccme_base_non_fips.dll
2017-08-10 12:24 - 2017-08-10 12:24 - 000504320 _____ (RSA - The Security Division of EMC) [Archivo no firmado] C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\ccme_ecc.dll
2017-08-10 12:24 - 2017-08-10 12:24 - 000218624 _____ (RSA - The Security Division of EMC) [Archivo no firmado] C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\cryptocme.dll

==================== Alternate Data Streams (Lista blanca) ========

==================== Modo Seguro (Lista blanca) ==================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El "AlternateShell" será restaurado.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BsScanner => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BsScanner => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Asociación (Lista blanca) =================

==================== Internet Explorer sitios de confianza/restringidos ==========

(Si una entrada es incluida en el fixlist, será eliminada del registro.)

IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com

Hay 7942 más sitios.

IE restricted site: HKU\S-1-5-21-2551973510-2106251972-3254095100-1001\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-2551973510-2106251972-3254095100-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-2551973510-2106251972-3254095100-1001\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-2551973510-2106251972-3254095100-1001\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-2551973510-2106251972-3254095100-1001\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-2551973510-2106251972-3254095100-1001\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-2551973510-2106251972-3254095100-1001\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-2551973510-2106251972-3254095100-1001\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-2551973510-2106251972-3254095100-1001\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-2551973510-2106251972-3254095100-1001\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-2551973510-2106251972-3254095100-1001\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-2551973510-2106251972-3254095100-1001\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-2551973510-2106251972-3254095100-1001\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-2551973510-2106251972-3254095100-1001\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-2551973510-2106251972-3254095100-1001\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-2551973510-2106251972-3254095100-1001\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-2551973510-2106251972-3254095100-1001\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-2551973510-2106251972-3254095100-1001\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-2551973510-2106251972-3254095100-1001\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-2551973510-2106251972-3254095100-1001\...\123simsen.com -> www.123simsen.com

Hay 7942 más sitios.


==================== Hosts contenido: =========================

(Si es necesario, la directiva Hosts: puede ser incluida en el fixlist para restablecer Hosts.)

2009-07-13 23:34 - 2020-01-16 08:35 - 000454708 ____R C:\Windows\system32\drivers\etc\hosts
127.0.0.1	www.007guard.com
127.0.0.1	007guard.com
127.0.0.1	008i.com
127.0.0.1	www.008k.com
127.0.0.1	008k.com
127.0.0.1	www.00hq.com
127.0.0.1	00hq.com
127.0.0.1	010402.com
127.0.0.1	www.032439.com
127.0.0.1	032439.com
127.0.0.1	www.0scan.com
127.0.0.1	0scan.com
127.0.0.1	1000gratisproben.com
127.0.0.1	www.1000gratisproben.com
127.0.0.1	1001namen.com
127.0.0.1	www.1001namen.com
127.0.0.1	100888290cs.com
127.0.0.1	www.100888290cs.com
127.0.0.1	www.100sexlinks.com
127.0.0.1	100sexlinks.com
127.0.0.1	10sek.com
127.0.0.1	www.10sek.com
127.0.0.1	www.1-2005-search.com
127.0.0.1	1-2005-search.com
127.0.0.1	123fporn.info
127.0.0.1	www.123fporn.info
127.0.0.1	www.123haustiereundmehr.com
127.0.0.1	123haustiereundmehr.com
127.0.0.1	123moviedownload.com
127.0.0.1	www.123moviedownload.com

Hay 15607 más lineas.


==================== Otras Áreas ===========================

(Actualmente no existe una corrección automática para esta sección.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\AMD APP\bin\x86_64;C:\Program Files (x86)\AMD APP\bin\x86;C:\ProgramData\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static
HKU\S-1-5-21-2551973510-2106251972-3254095100-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Seba\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.100.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Firewall de Windows está habilitado.

==================== MSCONFIG/TASK MANAGER elementos deshabilitados ==

(Si una entrada es incluida en el fixlist, será eliminada.)

MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AMD External Events Utility => 2
MSCONFIG\Services: Fax => 3
MSCONFIG\Services: QHActiveDefense => 
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: WDBackup => 2
MSCONFIG\Services: WDDriveService => 2
MSCONFIG\Services: WDRulesService => 2
MSCONFIG\startupreg: Acrobat Assistant 8.0 => "C:\Program Files (x86)\PTC\Mathcad PDSi\Acrobat\Acrotray.exe"
MSCONFIG\startupreg: DriveUtilitiesHelper => C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilitiesHelper.exe
MSCONFIG\startupreg: HP Deskjet 3540 series (NET) => "C:\Program Files\HP\HP Deskjet 3540 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN47V1323Q05X5:NW" -scfn "HP Deskjet 3540 series (NET)" -AutoStart 1
MSCONFIG\startupreg: HP Software Update => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
MSCONFIG\startupreg: OfficeSyncProcess => "C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE"
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: WD Drive Unlocker => C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe
MSCONFIG\startupreg: WD Quick View => C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe

==================== Reglas de firewall (Lista blanca) ================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

FirewallRules: [{06EE3F62-5026-4402-814D-1AA7B7B8EF32}] => (Allow) C:\Program Files\HP\HP Deskjet 3540 series\Bin\DeviceSetup.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{21D78B2F-F0ED-4A49-90F9-6E3A18DC091F}] => (Allow) LPort=5357
FirewallRules: [{37016D8D-D49F-431F-B8FF-F3D8C7DA5AAD}] => (Allow) C:\Program Files\HP\HP Deskjet 3540 series\Bin\HPNetworkCommunicatorCom.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [TCP Query User{1FE96847-1184-4CC8-9BC2-EB94161F04CC}C:\program files\ansys inc\shared files\licensing\winx64\ansysli_client.exe] => (Allow) C:\program files\ansys inc\shared files\licensing\winx64\ansysli_client.exe (ANSYS, Inc.) [Archivo no firmado]
FirewallRules: [UDP Query User{B03F114A-F883-42AD-9E49-7B2C8EFEEF5F}C:\program files\ansys inc\shared files\licensing\winx64\ansysli_client.exe] => (Allow) C:\program files\ansys inc\shared files\licensing\winx64\ansysli_client.exe (ANSYS, Inc.) [Archivo no firmado]
FirewallRules: [TCP Query User{3B827813-C7BF-45E9-9CB9-A4AA916A45F9}C:\program files\ansys inc\v170\framework\bin\win64\ansysfww.exe] => (Allow) C:\program files\ansys inc\v170\framework\bin\win64\ansysfww.exe (ANSYS, Inc.) [Archivo no firmado]
FirewallRules: [UDP Query User{D7E11D95-8580-4F7A-8516-367B3406AB51}C:\program files\ansys inc\v170\framework\bin\win64\ansysfww.exe] => (Allow) C:\program files\ansys inc\v170\framework\bin\win64\ansysfww.exe (ANSYS, Inc.) [Archivo no firmado]
FirewallRules: [TCP Query User{1542E1D4-C5A1-4741-9E41-CA5263DB570E}C:\program files\ansys inc\v170\rsm\bin\ans.rsm.jmhost.exe] => (Allow) C:\program files\ansys inc\v170\rsm\bin\ans.rsm.jmhost.exe (ANSYS, Inc.) [Archivo no firmado]
FirewallRules: [UDP Query User{AFFEB045-AC75-4410-A960-7BD8B487A027}C:\program files\ansys inc\v170\rsm\bin\ans.rsm.jmhost.exe] => (Allow) C:\program files\ansys inc\v170\rsm\bin\ans.rsm.jmhost.exe (ANSYS, Inc.) [Archivo no firmado]
FirewallRules: [TCP Query User{C6D4AEC9-EC36-476A-83A9-C945BCA5F56A}C:\program files\ansys inc\v170\aisol\bin\winx64\ansyswbu.exe] => (Allow) C:\program files\ansys inc\v170\aisol\bin\winx64\ansyswbu.exe (Ansys, Inc.) [Archivo no firmado]
FirewallRules: [UDP Query User{82CD1D68-5E99-4519-8705-22DBF3B0EFFD}C:\program files\ansys inc\v170\aisol\bin\winx64\ansyswbu.exe] => (Allow) C:\program files\ansys inc\v170\aisol\bin\winx64\ansyswbu.exe (Ansys, Inc.) [Archivo no firmado]
FirewallRules: [TCP Query User{0846FE9C-BFC7-467B-95B3-BB6EB4B1FD47}C:\program files\ansys inc\v170\scdm\spaceclaim.exe] => (Allow) C:\program files\ansys inc\v170\scdm\spaceclaim.exe (Spaceclaim Corporation -> SpaceClaim)
FirewallRules: [UDP Query User{2E304DE1-37C4-49E3-ADA7-458958FF441B}C:\program files\ansys inc\v170\scdm\spaceclaim.exe] => (Allow) C:\program files\ansys inc\v170\scdm\spaceclaim.exe (Spaceclaim Corporation -> SpaceClaim)
FirewallRules: [TCP Query User{3616B9D7-5C13-4474-B15A-CF3D926276C6}C:\program files\ansys inc\v170\commonfiles\help\helpviewer\ansyshelpviewer.exe] => (Allow) C:\program files\ansys inc\v170\commonfiles\help\helpviewer\ansyshelpviewer.exe () [Archivo no firmado]
FirewallRules: [UDP Query User{3A35AF9C-E66A-4200-A34A-74384AB13B77}C:\program files\ansys inc\v170\commonfiles\help\helpviewer\ansyshelpviewer.exe] => (Allow) C:\program files\ansys inc\v170\commonfiles\help\helpviewer\ansyshelpviewer.exe () [Archivo no firmado]
FirewallRules: [TCP Query User{2CCCD17B-CE05-4AD2-AED7-A05469F25808}C:\program files\ansys inc\v170\cfx\bin\winnt-amd64\pregui_ogl.exe] => (Allow) C:\program files\ansys inc\v170\cfx\bin\winnt-amd64\pregui_ogl.exe () [Archivo no firmado]
FirewallRules: [UDP Query User{723BEFAA-B000-401C-A17F-739269317744}C:\program files\ansys inc\v170\cfx\bin\winnt-amd64\pregui_ogl.exe] => (Allow) C:\program files\ansys inc\v170\cfx\bin\winnt-amd64\pregui_ogl.exe () [Archivo no firmado]
FirewallRules: [TCP Query User{10D813C9-85CD-48A2-8744-DFD73A6321E4}C:\program files\ansys inc\v170\cfx\bin\winnt-amd64\preengine.exe] => (Allow) C:\program files\ansys inc\v170\cfx\bin\winnt-amd64\preengine.exe () [Archivo no firmado]
FirewallRules: [UDP Query User{444B0663-1FE0-4766-9174-A1271EBA9EC1}C:\program files\ansys inc\v170\cfx\bin\winnt-amd64\preengine.exe] => (Allow) C:\program files\ansys inc\v170\cfx\bin\winnt-amd64\preengine.exe () [Archivo no firmado]
FirewallRules: [TCP Query User{876EE12B-69BA-4B9C-A47F-EEA7BACED596}C:\program files\ansys inc\v170\aisol\bin\winx64\ansmeshingserver.exe] => (Allow) C:\program files\ansys inc\v170\aisol\bin\winx64\ansmeshingserver.exe () [Archivo no firmado]
FirewallRules: [UDP Query User{15E11EDD-3836-46E5-9DA4-A584CE996366}C:\program files\ansys inc\v170\aisol\bin\winx64\ansmeshingserver.exe] => (Allow) C:\program files\ansys inc\v170\aisol\bin\winx64\ansmeshingserver.exe () [Archivo no firmado]
FirewallRules: [TCP Query User{5B0E9D5C-5EA7-4836-BE2E-851BB71F3D97}C:\program files\ansys inc\v170\cfd-post\bin\winnt-amd64\postgui_ogl.exe] => (Allow) C:\program files\ansys inc\v170\cfd-post\bin\winnt-amd64\postgui_ogl.exe () [Archivo no firmado]
FirewallRules: [UDP Query User{3F7EF16E-555F-4A85-932C-948EF744F6BF}C:\program files\ansys inc\v170\cfd-post\bin\winnt-amd64\postgui_ogl.exe] => (Allow) C:\program files\ansys inc\v170\cfd-post\bin\winnt-amd64\postgui_ogl.exe () [Archivo no firmado]
FirewallRules: [TCP Query User{67A3F110-8F11-4BDB-9CE4-0A6BA04529D4}C:\program files\ansys inc\v170\cfd-post\bin\winnt-amd64\postengine.exe] => (Allow) C:\program files\ansys inc\v170\cfd-post\bin\winnt-amd64\postengine.exe () [Archivo no firmado]
FirewallRules: [UDP Query User{312F8823-5683-48F8-AA9E-F0F083079BAB}C:\program files\ansys inc\v170\cfd-post\bin\winnt-amd64\postengine.exe] => (Allow) C:\program files\ansys inc\v170\cfd-post\bin\winnt-amd64\postengine.exe () [Archivo no firmado]
FirewallRules: [TCP Query User{0A378942-9DC2-4012-8F46-EE00A747BCB7}C:\program files\ansys inc\v170\cfx\bin\winnt-amd64\viewer_ogl.exe] => (Allow) C:\program files\ansys inc\v170\cfx\bin\winnt-amd64\viewer_ogl.exe () [Archivo no firmado]
FirewallRules: [UDP Query User{1A3F3866-53BF-4FAA-87C2-1A82529EE114}C:\program files\ansys inc\v170\cfx\bin\winnt-amd64\viewer_ogl.exe] => (Allow) C:\program files\ansys inc\v170\cfx\bin\winnt-amd64\viewer_ogl.exe () [Archivo no firmado]
FirewallRules: [TCP Query User{A55432E6-4DBC-415A-A5BE-86CA5E29AEEC}C:\program files\ansys inc\shared files\licensing\winx64\ansysli_client.exe] => (Allow) C:\program files\ansys inc\shared files\licensing\winx64\ansysli_client.exe (ANSYS, Inc.) [Archivo no firmado]
FirewallRules: [UDP Query User{E3ABB178-C982-4933-AF47-58F6E80B1D76}C:\program files\ansys inc\shared files\licensing\winx64\ansysli_client.exe] => (Allow) C:\program files\ansys inc\shared files\licensing\winx64\ansysli_client.exe (ANSYS, Inc.) [Archivo no firmado]
FirewallRules: [TCP Query User{EED0D09F-2663-4C33-BBAA-C6FC1BDF8C98}C:\program files\ansys inc\v170\framework\bin\win64\ansysfww.exe] => (Allow) C:\program files\ansys inc\v170\framework\bin\win64\ansysfww.exe (ANSYS, Inc.) [Archivo no firmado]
FirewallRules: [UDP Query User{9B96B8FC-4896-496E-8D22-C135C6887D08}C:\program files\ansys inc\v170\framework\bin\win64\ansysfww.exe] => (Allow) C:\program files\ansys inc\v170\framework\bin\win64\ansysfww.exe (ANSYS, Inc.) [Archivo no firmado]
FirewallRules: [TCP Query User{A777AFD4-DB8E-4DFD-A939-EF57797F0207}C:\program files\ansys inc\v170\commonfiles\mpi\intel\5.0.3.048\winx64\bin\mpiexec.exe] => (Allow) C:\program files\ansys inc\v170\commonfiles\mpi\intel\5.0.3.048\winx64\bin\mpiexec.exe (Intel(R) Software Development Products -> Intel Corporation)
FirewallRules: [UDP Query User{6E0F1FCF-40BB-4D76-BBCB-215EDB9CBD61}C:\program files\ansys inc\v170\commonfiles\mpi\intel\5.0.3.048\winx64\bin\mpiexec.exe] => (Allow) C:\program files\ansys inc\v170\commonfiles\mpi\intel\5.0.3.048\winx64\bin\mpiexec.exe (Intel(R) Software Development Products -> Intel Corporation)
FirewallRules: [TCP Query User{BAA4F16E-8208-4592-BEB2-C7FBD10DAE08}C:\program files\ansys inc\v170\commonfiles\mpi\intel\5.0.3.048\winx64\bin\pmi_proxy.exe] => (Allow) C:\program files\ansys inc\v170\commonfiles\mpi\intel\5.0.3.048\winx64\bin\pmi_proxy.exe (Intel(R) Software Development Products -> Intel Corporation)
FirewallRules: [UDP Query User{0BE242B2-F217-4C11-848B-93BA74E1408E}C:\program files\ansys inc\v170\commonfiles\mpi\intel\5.0.3.048\winx64\bin\pmi_proxy.exe] => (Allow) C:\program files\ansys inc\v170\commonfiles\mpi\intel\5.0.3.048\winx64\bin\pmi_proxy.exe (Intel(R) Software Development Products -> Intel Corporation)
FirewallRules: [TCP Query User{765CA11D-D475-4958-A6DA-5E6B8F9597E7}C:\program files\ansys inc\v170\cfx\bin\winnt-amd64\solver-impi.exe] => (Allow) C:\program files\ansys inc\v170\cfx\bin\winnt-amd64\solver-impi.exe () [Archivo no firmado]
FirewallRules: [UDP Query User{4E24B9B2-4016-4955-ACDE-2F5D47D44037}C:\program files\ansys inc\v170\cfx\bin\winnt-amd64\solver-impi.exe] => (Allow) C:\program files\ansys inc\v170\cfx\bin\winnt-amd64\solver-impi.exe () [Archivo no firmado]
FirewallRules: [{5B89E1E2-770D-4D8D-BF11-70554A561CA1}] => (Allow) C:\Program Files (x86)\IBM\SPSS\Statistics\23\stats.com (INTERNATIONAL BUSINESS MACHINES CORPORATION -> IBM Corp.) [Archivo no firmado]
FirewallRules: [{0B7AB179-03EB-40AC-829B-C6AE78FE8C1F}] => (Allow) C:\Program Files (x86)\IBM\SPSS\Statistics\23\stats.exe (INTERNATIONAL BUSINESS MACHINES CORPORATION -> IBM Corp.) [Archivo no firmado]
FirewallRules: [{41C38A6B-D831-45C7-B996-19BE55E448D8}] => (Allow) C:\Program Files (x86)\IBM\SPSS\Statistics\23\WinWrapIDE.exe (INTERNATIONAL BUSINESS MACHINES CORPORATION -> IBM Corp.) [Archivo no firmado]
FirewallRules: [{6BC8712C-43F9-41BE-955C-FA39567FD4D1}] => (Allow) C:\Program Files (x86)\IBM\SPSS\Statistics\23\stats.com (INTERNATIONAL BUSINESS MACHINES CORPORATION -> IBM Corp.) [Archivo no firmado]
FirewallRules: [{E839150B-357B-4448-A9F8-291CDBA72B0C}] => (Allow) C:\Program Files (x86)\IBM\SPSS\Statistics\23\stats.exe (INTERNATIONAL BUSINESS MACHINES CORPORATION -> IBM Corp.) [Archivo no firmado]
FirewallRules: [{EE7CBC00-E9A3-488D-8738-3EB50B5D0580}] => (Allow) C:\Program Files (x86)\IBM\SPSS\Statistics\23\WinWrapIDE.exe (INTERNATIONAL BUSINESS MACHINES CORPORATION -> IBM Corp.) [Archivo no firmado]
FirewallRules: [TCP Query User{43C9D821-2391-4575-9BA6-B43685F54421}C:\program files (x86)\ibm\spss\statistics\23\stats.exe] => (Block) C:\program files (x86)\ibm\spss\statistics\23\stats.exe (INTERNATIONAL BUSINESS MACHINES CORPORATION -> IBM Corp.) [Archivo no firmado]
FirewallRules: [UDP Query User{BC6F618F-346F-46D8-A8BC-307A2B6A4C76}C:\program files (x86)\ibm\spss\statistics\23\stats.exe] => (Block) C:\program files (x86)\ibm\spss\statistics\23\stats.exe (INTERNATIONAL BUSINESS MACHINES CORPORATION -> IBM Corp.) [Archivo no firmado]
FirewallRules: [{3AD984E9-67BC-4DA9-8BF6-41B1074B4D24}] => (Allow) C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe Ningún archivo
FirewallRules: [{58C10C82-99FF-4378-AB97-27661FE2B9CF}] => (Allow) C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe Ningún archivo
FirewallRules: [{49E09B09-82FF-4CF6-AB1F-CDAE31AE0C66}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{F516FBB7-38FC-43BA-B094-53C49B11F988}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{780C2E43-EB3C-4427-A9F2-82E4CA04F2F9}] => (Allow) C:\Users\Seba\AppData\Local\Temp\7zS665D\HPDiagnosticCoreUI.exe Ningún archivo
FirewallRules: [{BCC10781-666B-46CF-8183-83516ECC01B1}] => (Allow) C:\Users\Seba\AppData\Local\Temp\7zS665D\HPDiagnosticCoreUI.exe Ningún archivo
FirewallRules: [TCP Query User{ADA8735F-8763-439C-BDAD-96E2CBCC32D6}C:\users\seba\appdata\local\temp\7zs7176\enterprisedu.exe] => (Allow) C:\users\seba\appdata\local\temp\7zs7176\enterprisedu.exe Ningún archivo
FirewallRules: [UDP Query User{14A8EAA3-26BB-4014-AEDE-961CFFC3F306}C:\users\seba\appdata\local\temp\7zs7176\enterprisedu.exe] => (Allow) C:\users\seba\appdata\local\temp\7zs7176\enterprisedu.exe Ningún archivo
FirewallRules: [{9CF81F13-0183-4319-8C47-F93A12BA5313}] => (Allow) C:\Users\Seba\AppData\Local\Temp\7zS72F6\HPDiagnosticCoreUI.exe Ningún archivo
FirewallRules: [{2921D71D-D96D-4F9D-B47A-7FC3029AE64A}] => (Allow) C:\Users\Seba\AppData\Local\Temp\7zS72F6\HPDiagnosticCoreUI.exe Ningún archivo
FirewallRules: [{F4B87081-DDBE-49AF-A36D-C2ABEA646FEA}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Puntos de Restauración =========================


==================== Dispositivos defectuosos en el Administrador de dispositivos ============


==================== Errores del registro de eventos: ========================

Errores de aplicación:
==================
Error: (01/24/2020 03:13:42 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Error al generar el contexto de activación para "C:\Program Files (x86)\Audacity\audacity.exe". Error en el archivo de manifiesto o directiva "" en la línea .
Una versión de componente requerida por la aplicación está en conflicto con la versión de otro componente activo.
Los componentes en conflicto son:.
Componente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.24483_none_e372d88f30fbb845.manifest.
Componente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.24483_none_2b200f664577e14b.manifest.

Error: (01/23/2020 04:09:11 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: No se pudo reactivar el filtro de eventos con la consulta "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" en el espacio de nombres "//./root/CIMV2" por el error 0x80041003. Los eventos no se podrán entregar a través de este filtro hasta que se corrija este problema.

Error: (01/23/2020 04:07:37 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Error al generar el contexto de activación para "C:\Program Files (x86)\Audacity\audacity.exe". Error en el archivo de manifiesto o directiva "" en la línea .
Una versión de componente requerida por la aplicación está en conflicto con la versión de otro componente activo.
Los componentes en conflicto son:.
Componente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.24483_none_e372d88f30fbb845.manifest.
Componente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.24483_none_2b200f664577e14b.manifest.

Error: (01/23/2020 01:48:38 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: No se pudo reactivar el filtro de eventos con la consulta "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" en el espacio de nombres "//./root/CIMV2" por el error 0x80041003. Los eventos no se podrán entregar a través de este filtro hasta que se corrija este problema.

Error: (01/23/2020 01:47:11 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Error al generar el contexto de activación para "C:\Program Files (x86)\Audacity\audacity.exe". Error en el archivo de manifiesto o directiva "" en la línea .
Una versión de componente requerida por la aplicación está en conflicto con la versión de otro componente activo.
Los componentes en conflicto son:.
Componente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.24483_none_e372d88f30fbb845.manifest.
Componente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.24483_none_2b200f664577e14b.manifest.

Error: (01/18/2020 03:32:40 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: No se pudo reactivar el filtro de eventos con la consulta "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" en el espacio de nombres "//./root/CIMV2" por el error 0x80041003. Los eventos no se podrán entregar a través de este filtro hasta que se corrija este problema.

Error: (01/18/2020 03:31:13 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Error al generar el contexto de activación para "C:\Program Files (x86)\Audacity\audacity.exe". Error en el archivo de manifiesto o directiva "" en la línea .
Una versión de componente requerida por la aplicación está en conflicto con la versión de otro componente activo.
Los componentes en conflicto son:.
Componente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.24483_none_e372d88f30fbb845.manifest.
Componente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.24483_none_2b200f664577e14b.manifest.

Error: (01/18/2020 01:05:53 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: No se pudo reactivar el filtro de eventos con la consulta "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" en el espacio de nombres "//./root/CIMV2" por el error 0x80041003. Los eventos no se podrán entregar a través de este filtro hasta que se corrija este problema.


Errores del sistema:
=============
Error: (01/24/2020 03:18:59 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio ProductAgentService se terminó de manera inesperada. Esto ha sucedido 1 veces.

Error: (01/23/2020 05:39:22 PM) (Source: volsnap) (EventID: 36) (User: )
Description: Se anularon las instantáneas del volumen C: porque el almacenamiento de instantáneas no pudo crecer debido a un límite impuesto por el usuario.

Error: (01/23/2020 04:08:06 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: El siguiente controlador de inicio del sistema o de inicio del arranque no se cargó correctamente: 
cdrom

Error: (01/23/2020 04:07:09 PM) (Source: Microsoft-Windows-Kernel-Processor-Power) (EventID: 6) (User: NT AUTHORITY)
Description: Se deshabilitaron algunas características de administración de energía en estado de rendimiento del procesador debido a un problema conocido de firmware. Consulte al fabricante del equipo si hay firmware actualizado.

Error: (01/23/2020 01:47:43 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: El siguiente controlador de inicio del sistema o de inicio del arranque no se cargó correctamente: 
cdrom

Error: (01/23/2020 01:46:43 PM) (Source: Microsoft-Windows-Kernel-Processor-Power) (EventID: 6) (User: NT AUTHORITY)
Description: Se deshabilitaron algunas características de administración de energía en estado de rendimiento del procesador debido a un problema conocido de firmware. Consulte al fabricante del equipo si hay firmware actualizado.

Error: (01/18/2020 03:31:54 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: El siguiente controlador de inicio del sistema o de inicio del arranque no se cargó correctamente: 
cdrom

Error: (01/18/2020 03:30:35 PM) (Source: Microsoft-Windows-Kernel-Processor-Power) (EventID: 6) (User: NT AUTHORITY)
Description: Se deshabilitaron algunas características de administración de energía en estado de rendimiento del procesador debido a un problema conocido de firmware. Consulte al fabricante del equipo si hay firmware actualizado.


Windows Defender:
===================================
Date: 2019-07-12 03:57:17.039
Description: 
El examen de Windows Defender se detuvo antes de completarse.
Id. de examen:{2571A91B-6E1D-4293-974E-D8BF5EB891E4}
Tipo de examen:AntiSpyware
Parámetros de examen:Examen rápido
Usuario:NT AUTHORITY\Servicio de red

Date: 2020-01-05 06:15:29.359
Description: 
Windows Defender encontró un error al intentar actualizar las firmas.
Nueva versión de firma:
Versión de firma anterior:1.307.990.0
Origen de actualización:Usuario
Tipo de firma:AntiSpyware
Tipo de actualización:Diferencia
Usuario:NT AUTHORITY\SYSTEM
Versión de motor actual:
Versión de motor anterior:1.1.16600.7
Código de error:0x80070070
Descripción de error:Espacio en disco insuficiente. 

Date: 2020-01-03 04:25:56.711
Description: 
Windows Defender encontró un error al intentar actualizar las firmas.
Nueva versión de firma:
Versión de firma anterior:1.307.990.0
Origen de actualización:Usuario
Tipo de firma:AntiSpyware
Tipo de actualización:Diferencia
Usuario:NT AUTHORITY\SYSTEM
Versión de motor actual:
Versión de motor anterior:1.1.16600.7
Código de error:0x80070070
Descripción de error:Espacio en disco insuficiente. 

Date: 2019-12-25 04:52:27.646
Description: 
El examen de Windows Defender encontró un error y finalizó.
Id. de examen:{25B78BAD-4BFE-4CEA-BA82-DCA25D5E6DFF}
Tipo de examen:AntiSpyware
Parámetros de examen:Examen rápido
Usuario:NT AUTHORITY\Servicio de red
Código de error:0x8050800d
Descripción de error:No se pudieron mostrar algunos elementos del historial. Espere unos minutos e inténtelo de nuevo Si esto no funcionara, borre el historial e inténtelo de nuevo. 

Date: 2019-12-12 08:27:13.708
Description: 
Windows Defender encontró un error al intentar actualizar las firmas.
Nueva versión de firma:
Versión de firma anterior:1.307.13.0
Origen de actualización:Usuario
Tipo de firma:AntiSpyware
Tipo de actualización:Diferencia
Usuario:NT AUTHORITY\SYSTEM
Versión de motor actual:
Versión de motor anterior:1.1.16600.7
Código de error:0x80070070
Descripción de error:Espacio en disco insuficiente. 

Date: 2019-11-25 08:50:31.795
Description: 
El motor de %1 se detuvo debido a un error inesperado.
Tipo de error:%5
Código de excepción:%6
Recurso:%3

CodeIntegrity:
===================================

Date: 2017-06-21 14:14:22.859
Description: 
Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\drivers\AtihdW76.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.

Date: 2017-06-21 14:14:22.859
Description: 
Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\drivers\AtihdW76.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.

Date: 2017-06-21 03:12:19.871
Description: 
Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\drivers\AtihdW76.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.

Date: 2017-06-21 03:12:19.797
Description: 
Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\drivers\AtihdW76.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.

Date: 2017-06-20 08:46:17.593
Description: 
Windows no puede comprobar la integridad de imagen del archivo \Device\CdRom1\NTGLM7X.SYS porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.

Date: 2017-06-20 08:46:17.593
Description: 
Windows no puede comprobar la integridad de imagen del archivo \Device\CdRom1\NTGLM7X.SYS porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.

Date: 2017-06-20 08:46:09.953
Description: 
Windows no puede comprobar la integridad de imagen del archivo \Device\CdRom1\Install\GMSIPCI.SYS porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.

Date: 2017-06-20 08:46:09.890
Description: 
Windows no puede comprobar la integridad de imagen del archivo \Device\CdRom1\Install\GMSIPCI.SYS porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.

==================== Información de la memoria =========================== 

BIOS: American Megatrends Inc. P1.50 06/30/2008
Motherboard:                        Wolfdale1333-D667. 
Procesador: Intel(R) Core(TM)2 Duo CPU E4600 @ 2.40GHz
Porcentaje de memoria en uso: 89%
RAM física total: 3199.3 MB
RAM física disponible: 336.74 MB
Virtual total: 6396.75 MB
Virtual disponible: 2332.27 MB

==================== Unidades ================================

Drive c: () (Fixed) (Total:148.95 GB) (Free:15.26 GB) NTFS

\\?\Volume{37c545ef-5597-11e7-b151-806e6f6e6963}\ () (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS

==================== MBR & Tabla de particiones ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 149.1 GB) (Disk ID: 1D5B1D5A)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=149 GB) - (Type=07 NTFS)

==================== Final de Addition.txt =======================

El anterior fue el correspondiente a Addition.txt, ahora va el de FRST.txt. Mil gracias de antemano nuevamente.

Resultado del análisis realizado por Farbar Recovery Scan Tool (FRST) (x64) Versión: 22-01-2020 01
Ejecutado por Seba (administrador) sobre SEBA-PC (24-01-2020 15:16:30)
Ejecutado desde C:\Users\Seba\Desktop
Perfiles cargados: Seba (Perfiles disponibles: Seba)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Idioma: Español (España, internacional)
Internet Explorer Versión 11 (Navegador predeterminado: Chrome)
Modo de Inicio: Normal
Tutorial para Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Procesos (Lista blanca) =================

(Si una entrada es incluida en el fixlist, el proceso será cerrado. El archivo no será movido.)

(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Agent\DiscoverySrv.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Agent\ProductAgentService.exe
(DjVuLibre) [Archivo no firmado] C:\Program Files (x86)\DjVuLibre\djview.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Windows -> Microsoft Corporation) C:\Windows\splwow64.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe
(Piriform Ltd -> Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe

==================== Registro (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.)

HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-2551973510-2106251972-3254095100-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\79.0.3945.130\Installer\chrmstp.exe [2020-01-23] (Google LLC -> Google LLC)
BootExecute: autocheck autochk * sdnclean64.exe

==================== Tareas programadas (Lista blanca) ============

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

Task: {0BEF4D44-A6DF-440F-9D03-952E442989ED} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-08-27] (Google Inc -> Google LLC)
Task: {10516A9C-F7F7-43F2-B8AF-56C3960DC633} - System32\Tasks\MEGA\MEGAsync Update Task S-1-5-21-2551973510-2106251972-3254095100-1001 => C:\ProgramData\MEGAsync\MEGAupdater.exe [615160 2019-09-05] (Mega Limited -> Mega Limited)
Task: {155D0325-28C2-44B4-8054-200EE1D95AF9} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [7648984 2017-06-13] (Piriform Ltd -> Piriform Ltd)
Task: {1B63A760-0A42-42ED-8F3A-37EF9D668EB8} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1240656 2019-09-10] (Adobe Inc. -> Adobe Systems)
Task: {89EB9678-A236-41D4-8FB7-AF88DB0D29FE} - System32\Tasks\HPCustParticipation HP Deskjet 3540 series => C:\Program Files\HP\HP Deskjet 3540 series\Bin\HPCustPartic.exe [5745672 2014-03-06] (Hewlett Packard -> Hewlett-Packard Co.)
Task: {8E644241-18D0-49FA-A8EF-F6E8B503F48F} - System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 => C:\Program Files\Bitdefender Agent\WatchDog.exe [488760 2019-07-15] (Bitdefender SRL -> Bitdefender)
Task: {97AF39DC-D13C-4B3B-B561-8C1D924FFF72} - System32\Tasks\HPEA3JOBS => C:\Program [Argument = Files\HP\HP ePrint\hpeprint.exe /CheckJobs]
Task: {A7408485-5C0F-4A10-B0EF-FAC91498924B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-08-27] (Google Inc -> Google LLC)

(Si una entrada es incluida en el fixlist, el archivo de tarea (.job) será movido. El archivo que está siendo ejecutado por la tarea no será movido.)


==================== Internet (Lista blanca) ====================

(Si un elemento es incluido en el fixlist, y éste pertenece al registro, será eliminado o restaurado a su valor predeterminado.)

Hosts: Hay más de una entrada en Hosts. Consulte la sección Hosts de Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.100.1
Tcpip\..\Interfaces\{06904C87-FB3B-4CC3-A82B-F268E8FDC9D4}: [DhcpNameServer] 192.168.100.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKU\S-1-5-21-2551973510-2106251972-3254095100-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation -> Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\ssv.dll [2017-06-22] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\jp2ssv.dll [2017-06-22] (Oracle America, Inc. -> Oracle Corporation)

FireFox:
========
FF DefaultProfile: 6tw36jlw.default
FF ProfilePath: C:\Users\Seba\AppData\Roaming\Mozilla\Firefox\Profiles\6tw36jlw.default [2020-01-24]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_114.dll [2019-01-29] (Adobe Systems Incorporated -> )
FF Plugin: @microsoft.com/GENUINE -> disabled [Ningún archivo]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_114.dll [2019-01-29] (Adobe Systems Incorporated -> )
FF Plugin-x32: @java.com/DTPlugin,version=11.131.2 -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\dtplugin\npDeployJava1.dll [2017-06-22] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.131.2 -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\plugin2\npjp2.dll [2017-06-22] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Ningún archivo]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-14] (Google LLC -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-14] (Google LLC -> Google LLC)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-12-17] (Adobe Inc. -> Adobe Systems Inc.)

Chrome: 
=======
CHR Profile: C:\Users\Seba\AppData\Local\Google\Chrome\User Data\Default [2020-01-24]
CHR Extension: (Presentaciones) - C:\Users\Seba\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-08-27]
CHR Extension: (Documentos) - C:\Users\Seba\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-08-27]
CHR Extension: (Google Drive) - C:\Users\Seba\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-08-27]
CHR Extension: (YouTube) - C:\Users\Seba\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-08-27]
CHR Extension: (Hojas de cálculo) - C:\Users\Seba\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-08-27]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\Seba\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-01-14]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Seba\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-04]
CHR Extension: (Gmail) - C:\Users\Seba\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-08-27]
CHR Extension: (Chrome Media Router) - C:\Users\Seba\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-12-26]

==================== Servicios (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

R2 AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [238080 2013-04-30] (Microsoft Windows Hardware Compatibility Publisher -> AMD)
S2 KMService; C:\Windows\SysWOW64\srvany.exe [8192 2017-06-24] () [Archivo no firmado]
R2 ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [1291888 2019-07-15] (Bitdefender SRL -> Bitdefender)
S4 WDBackup; C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe [1049464 2016-04-19] (WESTERN DIGITAL TECHNOLOGIES -> Western Digital Technologies, Inc.)
S4 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [314744 2016-04-19] (WESTERN DIGITAL TECHNOLOGIES -> Western Digital Technologies, Inc.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)

===================== Controladores (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

R3 amdkmdag; C:\Windows\System32\DRIVERS\atikmdag.sys [11922944 2013-04-30] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\Windows\System32\DRIVERS\atikmpag.sys [359936 2013-04-29] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R3 AtiHDAudioService; C:\Windows\System32\drivers\AtihdW76.sys [104976 2016-04-01] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
S3 atikmdag; C:\Windows\System32\DRIVERS\atikmdag.sys [11922944 2013-04-30] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R3 RTL8167; C:\Windows\System32\DRIVERS\Rt64win7.sys [187392 2009-03-01] (Microsoft Windows Hardware Compatibility Publisher -> Realtek Corporation )
S3 WDC_SAM; C:\Windows\System32\DRIVERS\wdcsam64_prewin8.sys [23200 2016-01-14] (Microsoft Windows Hardware Compatibility Publisher -> Western Digital Technologies)
U2 bddci; no ImagePath
S3 cpuz143; \??\C:\Users\Seba\AppData\Local\Temp\cpuz143\cpuz143_x64.sys [X] <==== ATENCIÓN
S3 GMSIPCI; \??\E:\INSTALL\GMSIPCI.SYS [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)


==================== Un mes (creado) ===================

(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)

2020-01-24 15:20 - 2020-01-24 15:20 - 000066604 _____ C:\ProgramData\agent.uninstall.1579889916.bdinstall.v2.bin
2020-01-24 15:16 - 2020-01-24 15:18 - 000015882 _____ C:\Users\Seba\Desktop\FRST.txt
2020-01-24 15:15 - 2020-01-24 15:17 - 000000000 ____D C:\FRST
2020-01-24 15:13 - 2020-01-24 15:13 - 002580480 _____ (Farbar) C:\Users\Seba\Desktop\FRST64.exe
2020-01-24 14:52 - 2020-01-24 14:52 - 001297210 _____ C:\Users\Seba\Documents\HijackThisSeba.txt
2020-01-24 10:45 - 2020-01-24 10:45 - 000031296 _____ C:\Users\Seba\Documents\Calendario-Febrero-2020-Imprimir.pdf
2020-01-24 10:45 - 2020-01-24 10:45 - 000031253 _____ C:\Users\Seba\Documents\Calendario-Enero-2020-Imprimir.pdf
2020-01-18 14:31 - 2020-01-18 14:32 - 000026615 _____ C:\Users\Seba\Downloads\comprobanteComprobante de Pago (1).pdf
2020-01-18 01:10 - 2020-01-18 01:10 - 000075244 _____ C:\ProgramData\agent.update.1579320512.bdinstall.v2.bin
2020-01-16 18:05 - 2020-01-16 18:07 - 000000000 ____D C:\Windows\rescache
2020-01-16 11:02 - 2020-01-16 11:02 - 000223108 _____ C:\Users\Seba\Documents\brevisimarelaciondeladestrucciondeindias.pdf
2020-01-16 10:28 - 2020-01-16 10:29 - 000330789 _____ C:\Users\Seba\Downloads\350789845.pdf
2020-01-16 09:49 - 2020-01-16 09:49 - 000000085 _____ C:\Windows\wininit.ini
2020-01-16 09:11 - 2020-01-24 15:09 - 000000000 ____D C:\Program Files\Bitdefender Antivirus Free
2020-01-16 08:35 - 2009-06-10 18:00 - 000000824 _____ C:\Windows\system32\Drivers\etc\hosts.20200116-083526.backup
2020-01-16 08:09 - 2020-01-16 08:09 - 000000000 ____D C:\Windows\system32\Tasks\Safer-Networking
2020-01-16 08:08 - 2020-01-16 09:54 - 000000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2020-01-16 08:08 - 2020-01-16 09:49 - 000000000 ____D C:\ProgramData\Spybot - Search & Destroy
2020-01-16 04:44 - 2020-01-16 04:48 - 069910960 _____ (Safer-Networking Ltd. ) C:\Users\Seba\Downloads\spybotsd-2.7.64.0.exe
2020-01-16 04:32 - 2020-01-16 04:35 - 000000000 ____D C:\AdwCleaner
2020-01-16 04:31 - 2020-01-16 04:32 - 007241296 _____ (Stanislav Polshyn & Trend Micro Inc.) C:\Users\Seba\Downloads\HiJackThis.exe
2020-01-16 04:28 - 2020-01-16 04:31 - 008237744 _____ (Malwarebytes) C:\Users\Seba\Downloads\adwcleaner_8.0.1.exe
2020-01-16 01:25 - 2020-01-16 01:25 - 000000000 ____D C:\ProgramData\Bitdefender
2020-01-16 01:24 - 2019-11-13 17:32 - 000739024 _____ (Bitdefender) C:\Windows\system32\Drivers\bddci.sys
2020-01-16 00:56 - 2020-01-24 15:20 - 000000000 ____D C:\Program Files\Bitdefender Agent
2020-01-16 00:56 - 2020-01-16 00:56 - 000104072 _____ C:\ProgramData\agent.1579146959.bdinstall.v2.bin
2020-01-16 00:56 - 2020-01-16 00:56 - 000000000 ____D C:\ProgramData\Bitdefender Agent
2020-01-16 00:51 - 2020-01-16 00:54 - 010527368 _____ C:\Users\Seba\Downloads\bitdefender_online.exe
2020-01-15 22:07 - 2019-12-16 23:39 - 025754624 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2020-01-15 22:07 - 2019-12-16 21:53 - 005500928 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2020-01-15 22:07 - 2019-12-16 21:52 - 020290048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2020-01-15 22:07 - 2019-12-16 20:56 - 013838336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2020-01-15 22:07 - 2019-12-10 05:38 - 000113664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wiadss.dll
2020-01-15 22:07 - 2019-12-10 05:32 - 002222080 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2020-01-15 22:07 - 2019-12-10 05:17 - 006136320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2020-01-15 22:06 - 2020-01-03 00:42 - 004061624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2020-01-15 22:06 - 2020-01-03 00:42 - 003967416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2020-01-15 22:06 - 2020-01-03 00:41 - 001320248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2020-01-15 22:06 - 2020-01-03 00:38 - 000834048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2020-01-15 22:06 - 2020-01-03 00:37 - 005553888 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2020-01-15 22:06 - 2020-01-03 00:37 - 000709856 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2020-01-15 22:06 - 2020-01-03 00:37 - 000627424 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2020-01-15 22:06 - 2020-01-03 00:37 - 000342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2020-01-15 22:06 - 2020-01-03 00:37 - 000263904 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2020-01-15 22:06 - 2020-01-03 00:37 - 000096992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2020-01-15 22:06 - 2020-01-03 00:36 - 000155360 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2020-01-15 22:06 - 2020-01-03 00:35 - 001671296 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2020-01-15 22:06 - 2020-01-03 00:33 - 001010688 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2020-01-15 22:06 - 2020-01-03 00:33 - 000463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2020-01-15 22:06 - 2020-01-03 00:01 - 000338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2020-01-15 22:06 - 2019-12-31 00:04 - 000492032 _____ (Microsoft Corporation) C:\Windows\system32\EOSNotify.exe
2020-01-15 22:06 - 2019-12-18 14:45 - 000390536 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2020-01-15 22:06 - 2019-12-18 13:48 - 000341896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2020-01-15 22:06 - 2019-12-16 22:06 - 002910720 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2020-01-15 22:06 - 2019-12-16 21:52 - 000797184 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2020-01-15 22:06 - 2019-12-16 21:45 - 000969216 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2020-01-15 22:06 - 2019-12-16 21:27 - 000662528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2020-01-15 22:06 - 2019-12-16 21:16 - 000809472 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2020-01-15 22:06 - 2019-12-16 21:14 - 015445504 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2020-01-15 22:06 - 2019-12-16 21:14 - 001359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2020-01-15 22:06 - 2019-12-16 21:04 - 004859392 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2020-01-15 22:06 - 2019-12-16 21:03 - 004112384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2020-01-15 22:06 - 2019-12-16 21:00 - 001155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2020-01-15 22:06 - 2019-12-16 20:52 - 001566720 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2020-01-15 22:06 - 2019-12-16 20:43 - 004387840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2020-01-15 22:06 - 2019-12-16 20:39 - 001331712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2020-01-15 22:06 - 2019-12-12 00:35 - 000271872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsmf.dll
2020-01-15 22:06 - 2019-12-12 00:34 - 000253952 _____ (Microsoft) C:\Windows\SysWOW64\DShowRdpFilter.dll
2020-01-15 22:06 - 2019-12-12 00:28 - 000301568 _____ (Microsoft Corporation) C:\Windows\system32\tsmf.dll
2020-01-15 22:06 - 2019-12-12 00:27 - 000284160 _____ (Microsoft) C:\Windows\system32\DShowRdpFilter.dll
2020-01-15 22:06 - 2019-12-12 00:07 - 000119296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tsusbhub.sys
2020-01-15 22:06 - 2019-12-12 00:07 - 000055296 _____ (Microsoft Corporation) C:\Windows\system32\LSCSHostPolicy.dll
2020-01-15 22:06 - 2019-12-10 06:36 - 000375008 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2020-01-15 22:06 - 2019-12-10 05:38 - 001549312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2020-01-15 22:06 - 2019-12-10 05:38 - 001400320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2020-01-15 22:06 - 2019-12-10 05:38 - 001177088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2020-01-15 22:06 - 2019-12-10 05:38 - 000666624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
2020-01-15 22:06 - 2019-12-10 05:38 - 000544768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wiaaut.dll
2020-01-15 22:06 - 2019-12-10 05:38 - 000364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StructuredQuery.dll
2020-01-15 22:06 - 2019-12-10 05:38 - 000337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2020-01-15 22:06 - 2019-12-10 05:38 - 000328704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shsvcs.dll
2020-01-15 22:06 - 2019-12-10 05:38 - 000203264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sti.dll
2020-01-15 22:06 - 2019-12-10 05:38 - 000197120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssphtb.dll
2020-01-15 22:06 - 2019-12-10 05:38 - 000179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2020-01-15 22:06 - 2019-12-10 05:38 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2020-01-15 22:06 - 2019-12-10 05:38 - 000106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2020-01-15 22:06 - 2019-12-10 05:38 - 000104448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssitlb.dll
2020-01-15 22:06 - 2019-12-10 05:38 - 000059392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscntrs.dll
2020-01-15 22:06 - 2019-12-10 05:38 - 000034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssprxy.dll
2020-01-15 22:06 - 2019-12-10 05:32 - 003165184 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2020-01-15 22:06 - 2019-12-10 05:32 - 002319360 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2020-01-15 22:06 - 2019-12-10 05:32 - 001484800 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2020-01-15 22:06 - 2019-12-10 05:32 - 000778240 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
2020-01-15 22:06 - 2019-12-10 05:32 - 000670208 _____ (Microsoft Corporation) C:\Windows\system32\wiaaut.dll
2020-01-15 22:06 - 2019-12-10 05:32 - 000583168 _____ (Microsoft Corporation) C:\Windows\system32\wiaservc.dll
2020-01-15 22:06 - 2019-12-10 05:32 - 000491520 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
2020-01-15 22:06 - 2019-12-10 05:32 - 000486912 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll
2020-01-15 22:06 - 2019-12-10 05:32 - 000371712 _____ (Microsoft Corporation) C:\Windows\system32\shsvcs.dll
2020-01-15 22:06 - 2019-12-10 05:32 - 000295424 _____ (Microsoft Corporation) C:\Windows\system32\sti.dll
2020-01-15 22:06 - 2019-12-10 05:32 - 000288256 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll
2020-01-15 22:06 - 2019-12-10 05:32 - 000229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2020-01-15 22:06 - 2019-12-10 05:32 - 000191488 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2020-01-15 22:06 - 2019-12-10 05:32 - 000149504 _____ (Microsoft Corporation) C:\Windows\system32\sti_ci.dll
2020-01-15 22:06 - 2019-12-10 05:32 - 000141824 _____ (Microsoft Corporation) C:\Windows\system32\wiadss.dll
2020-01-15 22:06 - 2019-12-10 05:32 - 000141824 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2020-01-15 22:06 - 2019-12-10 05:32 - 000115200 _____ (Microsoft Corporation) C:\Windows\system32\mssitlb.dll
2020-01-15 22:06 - 2019-12-10 05:32 - 000099840 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll
2020-01-15 22:06 - 2019-12-10 05:32 - 000098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2020-01-15 22:06 - 2019-12-10 05:32 - 000075264 _____ (Microsoft Corporation) C:\Windows\system32\msscntrs.dll
2020-01-15 22:06 - 2019-12-10 05:32 - 000067072 _____ (Microsoft Corporation) C:\Windows\system32\wiarpc.dll
2020-01-15 22:06 - 2019-12-10 05:32 - 000014848 _____ (Microsoft Corporation) C:\Windows\system32\wiatrace.dll
2020-01-15 22:06 - 2019-12-10 05:32 - 000014336 _____ (Microsoft Corporation) C:\Windows\system32\msshooks.dll
2020-01-15 22:06 - 2019-12-10 05:23 - 000573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2020-01-15 22:06 - 2019-12-10 05:22 - 000428544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2020-01-15 22:06 - 2019-12-10 05:22 - 000164352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2020-01-15 22:06 - 2019-12-10 05:22 - 000093184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2020-01-15 22:06 - 2019-12-10 05:22 - 000086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFilterHost.exe
2020-01-15 22:06 - 2019-12-10 05:22 - 000030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2020-01-15 22:06 - 2019-12-10 05:22 - 000012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wiatrace.dll
2020-01-15 22:06 - 2019-12-10 05:22 - 000009728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msshooks.dll
2020-01-15 22:06 - 2019-12-10 05:17 - 002651136 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2020-01-15 22:06 - 2019-12-10 05:16 - 000709120 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2020-01-15 22:06 - 2019-12-10 05:16 - 000140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2020-01-15 22:06 - 2019-12-10 05:16 - 000037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2020-01-15 22:06 - 2019-12-10 05:16 - 000036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2020-01-15 22:06 - 2019-12-10 05:16 - 000012288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\serscan.sys
2020-01-15 22:06 - 2019-12-10 05:15 - 000594432 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2020-01-15 22:06 - 2019-12-10 05:15 - 000249856 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2020-01-15 22:06 - 2019-12-10 05:14 - 000113664 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe
2020-01-15 22:06 - 2019-12-10 05:01 - 003233280 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2020-01-15 22:06 - 2019-12-10 04:56 - 000754176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2020-01-15 22:06 - 2019-12-10 03:17 - 007084032 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2020-01-15 22:05 - 2020-01-03 00:38 - 001114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2020-01-15 22:05 - 2020-01-03 00:38 - 000666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2020-01-15 22:05 - 2020-01-03 00:38 - 000555520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2020-01-15 22:05 - 2020-01-03 00:38 - 000275968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2020-01-15 22:05 - 2020-01-03 00:38 - 000261632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2020-01-15 22:05 - 2020-01-03 00:38 - 000254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2020-01-15 22:05 - 2020-01-03 00:38 - 000223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2020-01-15 22:05 - 2020-01-03 00:38 - 000172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2020-01-15 22:05 - 2020-01-03 00:38 - 000141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2020-01-15 22:05 - 2020-01-03 00:38 - 000096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2020-01-15 22:05 - 2020-01-03 00:38 - 000082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2020-01-15 22:05 - 2020-01-03 00:38 - 000070144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2020-01-15 22:05 - 2020-01-03 00:38 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2020-01-15 22:05 - 2020-01-03 00:38 - 000022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2020-01-15 22:05 - 2020-01-03 00:38 - 000005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2020-01-15 22:05 - 2020-01-03 00:37 - 000644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2020-01-15 22:05 - 2020-01-03 00:37 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2020-01-15 22:05 - 2020-01-03 00:37 - 000017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2020-01-15 22:05 - 2020-01-03 00:37 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2020-01-15 22:05 - 2020-01-03 00:37 - 000005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2020-01-15 22:05 - 2020-01-03 00:37 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2020-01-15 22:05 - 2020-01-03 00:37 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2020-01-15 22:05 - 2020-01-03 00:37 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2020-01-15 22:05 - 2020-01-03 00:37 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2020-01-15 22:05 - 2020-01-03 00:37 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2020-01-15 22:05 - 2020-01-03 00:37 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2020-01-15 22:05 - 2020-01-03 00:37 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2020-01-15 22:05 - 2020-01-03 00:37 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2020-01-15 22:05 - 2020-01-03 00:37 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2020-01-15 22:05 - 2020-01-03 00:37 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2020-01-15 22:05 - 2020-01-03 00:37 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2020-01-15 22:05 - 2020-01-03 00:37 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2020-01-15 22:05 - 2020-01-03 00:37 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2020-01-15 22:05 - 2020-01-03 00:37 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2020-01-15 22:05 - 2020-01-03 00:37 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2020-01-15 22:05 - 2020-01-03 00:37 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2020-01-15 22:05 - 2020-01-03 00:37 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2020-01-15 22:05 - 2020-01-03 00:37 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2020-01-15 22:05 - 2020-01-03 00:37 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2020-01-15 22:05 - 2020-01-03 00:37 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2020-01-15 22:05 - 2020-01-03 00:37 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2020-01-15 22:05 - 2020-01-03 00:37 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2020-01-15 22:05 - 2020-01-03 00:37 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2020-01-15 22:05 - 2020-01-03 00:33 - 001472512 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2020-01-15 22:05 - 2020-01-03 00:33 - 001211392 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2020-01-15 22:05 - 2020-01-03 00:33 - 001162752 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2020-01-15 22:05 - 2020-01-03 00:33 - 000880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2020-01-15 22:05 - 2020-01-03 00:33 - 000733184 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2020-01-15 22:05 - 2020-01-03 00:33 - 000503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2020-01-15 22:05 - 2020-01-03 00:33 - 000408576 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2020-01-15 22:05 - 2020-01-03 00:33 - 000361984 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2020-01-15 22:05 - 2020-01-03 00:33 - 000345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2020-01-15 22:05 - 2020-01-03 00:33 - 000316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2020-01-15 22:05 - 2020-01-03 00:33 - 000312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2020-01-15 22:05 - 2020-01-03 00:33 - 000243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2020-01-15 22:05 - 2020-01-03 00:33 - 000236032 _____ (Microsoft Corporation) C:\Windows\system32\srvsvc.dll
2020-01-15 22:05 - 2020-01-03 00:33 - 000215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2020-01-15 22:05 - 2020-01-03 00:33 - 000210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2020-01-15 22:05 - 2020-01-03 00:33 - 000190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2020-01-15 22:05 - 2020-01-03 00:33 - 000135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2020-01-15 22:05 - 2020-01-03 00:33 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2020-01-15 22:05 - 2020-01-03 00:33 - 000094208 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2020-01-15 22:05 - 2020-01-03 00:33 - 000063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2020-01-15 22:05 - 2020-01-03 00:33 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2020-01-15 22:05 - 2020-01-03 00:33 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2020-01-15 22:05 - 2020-01-03 00:33 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2020-01-15 22:05 - 2020-01-03 00:33 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2020-01-15 22:05 - 2020-01-03 00:33 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2020-01-15 22:05 - 2020-01-03 00:33 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2020-01-15 22:05 - 2020-01-03 00:33 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2020-01-15 22:05 - 2020-01-03 00:33 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2020-01-15 22:05 - 2020-01-03 00:33 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2020-01-15 22:05 - 2020-01-03 00:33 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2020-01-15 22:05 - 2020-01-03 00:33 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\sscore.dll
2020-01-15 22:05 - 2020-01-03 00:33 - 000007168 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2020-01-15 22:05 - 2020-01-03 00:33 - 000006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2020-01-15 22:05 - 2020-01-03 00:33 - 000005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2020-01-15 22:05 - 2020-01-03 00:33 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2020-01-15 22:05 - 2020-01-03 00:33 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2020-01-15 22:05 - 2020-01-03 00:33 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2020-01-15 22:05 - 2020-01-03 00:33 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2020-01-15 22:05 - 2020-01-03 00:33 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2020-01-15 22:05 - 2020-01-03 00:33 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2020-01-15 22:05 - 2020-01-03 00:33 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2020-01-15 22:05 - 2020-01-03 00:33 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2020-01-15 22:05 - 2020-01-03 00:33 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2020-01-15 22:05 - 2020-01-03 00:33 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2020-01-15 22:05 - 2020-01-03 00:33 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2020-01-15 22:05 - 2020-01-03 00:33 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2020-01-15 22:05 - 2020-01-03 00:33 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2020-01-15 22:05 - 2020-01-03 00:33 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2020-01-15 22:05 - 2020-01-03 00:33 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2020-01-15 22:05 - 2020-01-03 00:33 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2020-01-15 22:05 - 2020-01-03 00:33 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2020-01-15 22:05 - 2020-01-03 00:33 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2020-01-15 22:05 - 2020-01-03 00:33 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2020-01-15 22:05 - 2020-01-03 00:33 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2020-01-15 22:05 - 2020-01-03 00:33 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2020-01-15 22:05 - 2020-01-03 00:33 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2020-01-15 22:05 - 2020-01-03 00:33 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2020-01-15 22:05 - 2020-01-03 00:33 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2020-01-15 22:05 - 2020-01-03 00:33 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2020-01-15 22:05 - 2020-01-03 00:33 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2020-01-15 22:05 - 2020-01-03 00:10 - 000009728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sscore.dll
2020-01-15 22:05 - 2020-01-03 00:09 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2020-01-15 22:05 - 2020-01-03 00:05 - 000148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2020-01-15 22:05 - 2020-01-03 00:05 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2020-01-15 22:05 - 2020-01-03 00:05 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2020-01-15 22:05 - 2020-01-03 00:04 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2020-01-15 22:05 - 2020-01-03 00:04 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2020-01-15 22:05 - 2020-01-03 00:04 - 000014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2020-01-15 22:05 - 2020-01-03 00:04 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2020-01-15 22:05 - 2020-01-03 00:04 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2020-01-15 22:05 - 2020-01-03 00:02 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2020-01-15 22:05 - 2020-01-03 00:02 - 000006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2020-01-15 22:05 - 2020-01-03 00:02 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2020-01-15 22:05 - 2020-01-03 00:02 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2020-01-15 22:05 - 2020-01-03 00:02 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2020-01-15 22:05 - 2020-01-03 00:01 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\videoprt.sys
2020-01-15 22:05 - 2020-01-03 00:00 - 000296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2020-01-15 22:05 - 2020-01-02 23:57 - 000464384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2020-01-15 22:05 - 2020-01-02 23:57 - 000406016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2020-01-15 22:05 - 2020-01-02 23:57 - 000291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2020-01-15 22:05 - 2020-01-02 23:57 - 000169984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2020-01-15 22:05 - 2020-01-02 23:57 - 000161280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2020-01-15 22:05 - 2020-01-02 23:56 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2020-01-15 22:05 - 2020-01-02 23:55 - 000112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2020-01-15 22:05 - 2020-01-02 23:55 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdk8.sys
2020-01-15 22:05 - 2020-01-02 23:55 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelppm.sys
2020-01-15 22:05 - 2020-01-02 23:55 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\processr.sys
2020-01-15 22:05 - 2020-01-02 23:55 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdppm.sys
2020-01-15 22:05 - 2020-01-02 23:55 - 000044544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\npfs.sys
2020-01-15 22:05 - 2020-01-02 23:55 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2020-01-15 22:05 - 2019-12-16 22:04 - 000580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2020-01-15 22:05 - 2019-12-16 22:04 - 000417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2020-01-15 22:05 - 2019-12-16 22:04 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2020-01-15 22:05 - 2019-12-16 22:04 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2020-01-15 22:05 - 2019-12-16 22:03 - 000088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2020-01-15 22:05 - 2019-12-16 21:57 - 000054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2020-01-15 22:05 - 2019-12-16 21:56 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2020-01-15 22:05 - 2019-12-16 21:54 - 000615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2020-01-15 22:05 - 2019-12-16 21:52 - 000814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2020-01-15 22:05 - 2019-12-16 21:52 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2020-01-15 22:05 - 2019-12-16 21:52 - 000116224 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2020-01-15 22:05 - 2019-12-16 21:42 - 000489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2020-01-15 22:05 - 2019-12-16 21:37 - 000496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2020-01-15 22:05 - 2019-12-16 21:37 - 000062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2020-01-15 22:05 - 2019-12-16 21:36 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2020-01-15 22:05 - 2019-12-16 21:36 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2020-01-15 22:05 - 2019-12-16 21:36 - 000047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2020-01-15 22:05 - 2019-12-16 21:35 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2020-01-15 22:05 - 2019-12-16 21:35 - 000087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2020-01-15 22:05 - 2019-12-16 21:35 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2020-01-15 22:05 - 2019-12-16 21:33 - 002304000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2020-01-15 22:05 - 2019-12-16 21:32 - 000199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2020-01-15 22:05 - 2019-12-16 21:31 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2020-01-15 22:05 - 2019-12-16 21:30 - 000047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2020-01-15 22:05 - 2019-12-16 21:30 - 000030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2020-01-15 22:05 - 2019-12-16 21:29 - 000315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2020-01-15 22:05 - 2019-12-16 21:28 - 000476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2020-01-15 22:05 - 2019-12-16 21:27 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2020-01-15 22:05 - 2019-12-16 21:27 - 000115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2020-01-15 22:05 - 2019-12-16 21:26 - 000620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2020-01-15 22:05 - 2019-12-16 21:18 - 000416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2020-01-15 22:05 - 2019-12-16 21:18 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2020-01-15 22:05 - 2019-12-16 21:16 - 000728064 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2020-01-15 22:05 - 2019-12-16 21:14 - 002132992 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2020-01-15 22:05 - 2019-12-16 21:14 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2020-01-15 22:05 - 2019-12-16 21:14 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2020-01-15 22:05 - 2019-12-16 21:13 - 000091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2020-01-15 22:05 - 2019-12-16 21:11 - 000168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2020-01-15 22:05 - 2019-12-16 21:10 - 000076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2020-01-15 22:05 - 2019-12-16 21:09 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2020-01-15 22:05 - 2019-12-16 21:08 - 000130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2020-01-15 22:05 - 2019-12-16 21:02 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2020-01-15 22:05 - 2019-12-16 21:01 - 002058752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2020-01-15 22:05 - 2019-12-16 21:01 - 000696320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2020-01-15 22:05 - 2019-12-16 20:41 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2020-01-15 22:05 - 2019-12-16 20:38 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2020-01-15 22:05 - 2019-12-12 00:28 - 000133120 _____ (Microsoft Corporation) C:\Windows\system32\tssrvlic.dll
2020-01-15 22:04 - 2020-01-03 00:38 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2020-01-15 22:04 - 2020-01-03 00:38 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2020-01-15 22:04 - 2020-01-03 00:37 - 000690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2020-01-15 22:04 - 2020-01-03 00:33 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2020-01-15 22:04 - 2020-01-03 00:33 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2020-01-15 22:04 - 2020-01-03 00:33 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2020-01-15 22:04 - 2019-12-16 22:18 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2020-01-15 22:04 - 2019-12-16 22:18 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2020-01-15 22:04 - 2019-12-16 21:49 - 002724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2020-01-15 21:36 - 2020-01-15 21:36 - 000000000 ____D C:\ProgramData\SecuritySuite
2020-01-15 21:32 - 2020-01-15 21:37 - 000000000 ____D C:\ProgramData\TotalAV
2020-01-15 21:28 - 2020-01-15 21:28 - 000262144 _____ C:\Windows\system32\config\ELAM
2020-01-15 21:27 - 2019-12-30 23:40 - 000123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2020-01-15 21:27 - 2019-12-30 23:32 - 000142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2020-01-15 21:17 - 2020-01-15 21:18 - 000406376 _____ C:\Users\Seba\Downloads\BullGuardDownloader.exe
2020-01-15 21:13 - 2020-01-15 21:14 - 011789216 _____ C:\Users\Seba\Downloads\TotalAV_Setup.exe
2020-01-15 21:00 - 2020-01-15 21:05 - 000000000 ____D C:\Users\Seba\AppData\Local\Opera Software
2020-01-15 20:58 - 2020-01-15 21:08 - 000000000 ____D C:\Users\Seba\AppData\Roaming\Opera Software
2020-01-15 20:54 - 2020-01-15 20:58 - 000000000 ____D C:\Users\Seba\Downloads\TS Recommended Apps
2020-01-14 08:04 - 2020-01-14 08:04 - 000002181 _____ C:\Users\Seba\Desktop\virus140120.txt
2020-01-13 20:11 - 2020-01-14 08:11 - 000000000 ____D C:\Users\Seba\Desktop\NV
2020-01-12 04:44 - 2020-01-12 04:44 - 000003346 _____ C:\Windows\system32\Tasks\HPEA3JOBS
2020-01-12 04:44 - 2020-01-12 04:44 - 000002739 _____ C:\ProgramData\Microsoft\Windows\Start Menu\HP ePrint SW.lnk
2020-01-12 04:44 - 2020-01-12 04:44 - 000000000 ____D C:\ProgramData\Apple
2020-01-12 04:38 - 2020-01-12 04:38 - 000003608 _____ C:\Windows\system32\Tasks\HPCustParticipation HP Deskjet 3540 series
2020-01-12 04:38 - 2020-01-12 04:38 - 000000000 ____D C:\ProgramData\Visan
2020-01-12 04:38 - 2020-01-12 04:38 - 000000000 ____D C:\ProgramData\HP Photo Creations
2020-01-12 04:38 - 2020-01-12 04:38 - 000000000 ____D C:\Program Files (x86)\HP Photo Creations
2020-01-12 04:14 - 2020-01-12 04:21 - 115248648 _____ C:\Users\Seba\Downloads\DJ3540_188.exe
2020-01-12 04:14 - 2020-01-12 04:16 - 009617352 _____ C:\Users\Seba\Downloads\HPPSdr.exe
2020-01-12 04:13 - 2020-01-12 04:19 - 032701616 _____ (HP) C:\Users\Seba\Downloads\HPEPrintAppSetupx64.exe
2020-01-12 04:13 - 2020-01-12 04:14 - 003646496 _____ C:\Users\Seba\Downloads\DJ3540_R1828A.exe
2020-01-12 04:12 - 2020-01-12 04:16 - 035903784 _____ C:\Users\Seba\Downloads\DJ3540_Basicx64_188 (1).exe
2020-01-12 04:12 - 2020-01-12 04:14 - 003630696 _____ C:\Users\Seba\Downloads\DJ3540_R1547A.exe
2020-01-12 03:47 - 2020-01-12 03:49 - 035903784 _____ C:\Users\Seba\Downloads\DJ3540_Basicx64_188.exe
2020-01-11 10:08 - 2020-01-11 10:08 - 000000000 ____D C:\Users\Seba\AppData\Local\Apps\2.0
2020-01-11 02:31 - 2020-01-11 02:31 - 000132034 _____ C:\Users\Seba\Downloads\Poynting_effect.pdf
2020-01-11 02:27 - 2020-01-11 02:27 - 000257010 _____ C:\Users\Seba\Downloads\Potential_well.pdf
2020-01-11 01:59 - 2020-01-11 02:00 - 000040073 _____ C:\Users\Seba\Downloads\constancia-cuil.pdf
2020-01-10 21:53 - 2020-01-10 21:53 - 000036212 _____ C:\Users\Seba\Downloads\Aviso_178072.pdf
2020-01-10 21:36 - 2020-01-10 21:36 - 000240847 _____ C:\Users\Seba\Downloads\resumen_cuenta_visa_Nov_2019.pdf
2020-01-10 21:26 - 2020-01-10 21:26 - 000008136 _____ C:\Users\Seba\Downloads\Credencial_27343241009 (202001).pdf
2020-01-10 21:18 - 2020-01-10 21:18 - 000001351 _____ C:\Users\Seba\Downloads\Movimientos.csv
2020-01-10 20:46 - 2020-01-10 20:46 - 000008186 _____ C:\Users\Seba\Downloads\comprobante10400953046200110.pdf
2020-01-10 20:41 - 2020-01-10 20:41 - 000008117 _____ C:\Users\Seba\Downloads\comprobante10400953041200110.pdf
2020-01-10 20:35 - 2020-01-10 20:35 - 000008184 _____ C:\Users\Seba\Downloads\comprobante10400953023200110.pdf
2020-01-10 20:20 - 2020-01-10 20:20 - 000026537 _____ C:\Users\Seba\Downloads\comprobanteComprobante de pago.pdf
2020-01-09 01:37 - 2020-01-09 01:37 - 000535014 _____ C:\Users\Seba\Downloads\Nitrous_oxide_(medication).pdf
2020-01-09 01:06 - 2020-01-09 01:06 - 000001180 _____ C:\Users\Seba\Downloads\eether.pdb
2020-01-09 01:06 - 2020-01-09 01:06 - 000000706 _____ C:\Users\Seba\Downloads\ethanol.pdb
2020-01-08 21:28 - 2020-01-08 21:28 - 000000000 ____D 

se pasó la cantidad de caracteres así que aquí va la segunda y última parte el FRST.txt

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2020-01-08 21:26 - 2020-01-08 21:26 - 000000000 ____D C:\Program Files\Microsoft Silverlight
2020-01-08 21:26 - 2020-01-08 21:26 - 000000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2020-01-08 21:22 - 2019-11-28 00:29 - 000313344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2020-01-08 21:22 - 2019-11-28 00:28 - 000405504 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2020-01-08 21:22 - 2019-11-20 21:48 - 000629984 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2020-01-08 21:22 - 2019-11-14 23:32 - 000311008 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2020-01-08 21:22 - 2019-11-14 23:29 - 001425920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2020-01-08 21:22 - 2019-11-14 23:29 - 001330176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2020-01-08 21:22 - 2019-11-14 23:29 - 000583680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2020-01-08 21:22 - 2019-11-14 23:29 - 000479232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscms.dll
2020-01-08 21:22 - 2019-11-14 23:29 - 000215040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icm32.dll
2020-01-08 21:22 - 2019-11-14 23:29 - 000111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\t2embed.dll
2020-01-08 21:22 - 2019-11-14 23:29 - 000071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2020-01-08 21:22 - 2019-11-14 23:29 - 000026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleres.dll
2020-01-08 21:22 - 2019-11-14 23:29 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2020-01-08 21:22 - 2019-11-14 23:29 - 000010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2020-01-08 21:22 - 2019-11-14 23:25 - 000385248 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2020-01-08 21:22 - 2019-11-14 23:22 - 002072576 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2020-01-08 21:22 - 2019-11-14 23:22 - 001574400 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2020-01-08 21:22 - 2019-11-14 23:22 - 000878080 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2020-01-08 21:22 - 2019-11-14 23:22 - 000517632 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2020-01-08 21:22 - 2019-11-14 23:22 - 000151552 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll
2020-01-08 21:22 - 2019-11-14 23:22 - 000040960 _____ (Microsoft Corporation) C:\Windows\system32\WcsPlugInService.dll
2020-01-08 21:22 - 2019-11-14 23:22 - 000035840 _____ (Microsoft Corporation) C:\Windows\system32\printfilterpipelineprxy.dll
2020-01-08 21:22 - 2019-11-14 23:22 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\oleres.dll
2020-01-08 21:22 - 2019-11-14 23:21 - 000623104 _____ (Microsoft Corporation) C:\Windows\system32\mscms.dll
2020-01-08 21:22 - 2019-11-14 23:21 - 000250880 _____ (Microsoft Corporation) C:\Windows\system32\icm32.dll
2020-01-08 21:22 - 2019-11-14 23:21 - 000101376 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2020-01-08 21:22 - 2019-11-14 23:21 - 000046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2020-01-08 21:22 - 2019-11-14 23:21 - 000041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2020-01-08 21:22 - 2019-11-14 23:21 - 000014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2020-01-08 21:22 - 2019-11-14 23:21 - 000008704 _____ (Microsoft Corporation) C:\Windows\system32\comcat.dll
2020-01-08 21:22 - 2019-11-14 23:06 - 000748544 _____ (Microsoft Corporation) C:\Windows\system32\printfilterpipelinesvc.exe
2020-01-08 21:22 - 2019-11-14 23:04 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comcat.dll
2020-01-08 21:22 - 2019-11-14 22:59 - 000034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2020-01-08 21:22 - 2019-11-14 22:59 - 000033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WcsPlugInService.dll
2020-01-08 21:22 - 2019-11-14 22:45 - 000327680 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2020-01-08 21:22 - 2019-11-14 08:34 - 003187712 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2020-01-08 21:22 - 2019-11-05 18:25 - 002368000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2020-01-08 21:22 - 2019-11-05 18:25 - 000628224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2020-01-08 21:22 - 2019-11-05 18:25 - 000573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netlogon.dll
2020-01-08 21:22 - 2019-11-05 18:25 - 000337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2020-01-08 21:22 - 2019-11-05 18:25 - 000266752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\upnphost.dll
2020-01-08 21:22 - 2019-11-05 18:25 - 000175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netcorehc.dll
2020-01-08 21:22 - 2019-11-05 18:25 - 000162016 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2020-01-08 21:22 - 2019-11-05 18:25 - 000083968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\userenv.dll
2020-01-08 21:22 - 2019-11-05 18:25 - 000046080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf3216.dll
2020-01-08 21:22 - 2019-11-05 18:25 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2020-01-08 21:22 - 2019-11-05 18:25 - 000004608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimg32.dll
2020-01-08 21:22 - 2019-11-05 18:24 - 001806848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2020-01-08 21:22 - 2019-11-05 18:24 - 001005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll
2020-01-08 21:22 - 2019-11-05 18:23 - 000368352 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msrpc.sys
2020-01-08 21:22 - 2019-11-05 18:22 - 000115936 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2020-01-08 21:22 - 2019-11-05 18:20 - 003247616 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2020-01-08 21:22 - 2019-11-05 18:20 - 001068544 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2020-01-08 21:22 - 2019-11-05 18:20 - 000806400 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2020-01-08 21:22 - 2019-11-05 18:20 - 000706560 _____ (Microsoft Corporation) C:\Windows\system32\netlogon.dll
2020-01-08 21:22 - 2019-11-05 18:20 - 000572416 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll
2020-01-08 21:22 - 2019-11-05 18:20 - 000504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2020-01-08 21:22 - 2019-11-05 18:20 - 000354816 _____ (Microsoft Corporation) C:\Windows\system32\upnphost.dll
2020-01-08 21:22 - 2019-11-05 18:20 - 000246272 _____ (Microsoft Corporation) C:\Windows\system32\netcorehc.dll
2020-01-08 21:22 - 2019-11-05 18:20 - 000110592 _____ (Microsoft Corporation) C:\Windows\system32\userenv.dll
2020-01-08 21:22 - 2019-11-05 18:20 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\mf3216.dll
2020-01-08 21:22 - 2019-11-05 18:20 - 000053248 _____ (Microsoft Corporation) C:\Windows\system32\udhisapi.dll
2020-01-08 21:22 - 2019-11-05 18:20 - 000025600 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2020-01-08 21:22 - 2019-11-05 18:20 - 000008192 _____ (Microsoft Corporation) C:\Windows\system32\msimg32.dll
2020-01-08 21:22 - 2019-11-05 18:19 - 001942016 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2020-01-08 21:22 - 2019-11-05 18:19 - 000114688 _____ (Microsoft Corporation) C:\Windows\system32\AxInstSv.dll
2020-01-08 21:22 - 2019-11-05 18:19 - 000070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2020-01-08 21:22 - 2019-11-05 18:12 - 001312256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjet40.dll
2020-01-08 21:22 - 2019-11-05 18:03 - 000045056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\udhisapi.dll
2020-01-08 21:22 - 2019-11-05 18:03 - 000023552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\upnpcont.exe
2020-01-08 21:22 - 2019-11-05 17:57 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2020-01-08 21:22 - 2019-11-05 17:57 - 000025600 _____ (Microsoft Corporation) C:\Windows\system32\upnpcont.exe
2020-01-08 21:22 - 2019-11-05 17:51 - 000058880 _____ (Microsoft Corporation) C:\Windows\system32\AxInstUI.exe
2020-01-08 21:22 - 2019-11-05 17:50 - 000128512 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2020-01-08 21:22 - 2019-11-05 16:43 - 001251840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2020-01-08 21:22 - 2019-10-25 21:17 - 001717760 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2020-01-08 21:22 - 2019-10-14 20:58 - 001650176 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2020-01-08 21:22 - 2019-10-14 20:58 - 001182208 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2020-01-08 21:22 - 2019-09-16 23:28 - 000738816 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2020-01-08 21:22 - 2019-09-09 23:27 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2020-01-08 21:22 - 2019-09-09 23:24 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2020-01-08 21:22 - 2019-09-09 21:09 - 002863104 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2020-01-08 21:22 - 2019-09-09 21:09 - 000802816 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2020-01-08 21:22 - 2019-09-09 21:09 - 000634368 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2020-01-08 21:22 - 2019-09-09 21:09 - 000503808 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2020-01-08 21:22 - 2019-09-09 21:09 - 000456704 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2020-01-08 21:22 - 2019-09-09 21:09 - 000315904 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2020-01-08 21:22 - 2019-09-09 21:09 - 000257024 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2020-01-08 20:37 - 2020-01-11 03:34 - 000000000 ___RD C:\Users\Seba\Documents\MEGAsync
2020-01-08 20:36 - 2020-01-08 20:36 - 000000000 ____D C:\Windows\system32\Tasks\MEGA
2020-01-08 20:36 - 2020-01-08 20:36 - 000000000 ____D C:\Users\Seba\AppData\Local\Mega Limited
2020-01-08 20:35 - 2020-01-08 20:35 - 000000758 _____ C:\Users\Public\Desktop\MEGAsync.lnk
2020-01-08 20:35 - 2020-01-08 20:35 - 000000758 _____ C:\ProgramData\Desktop\MEGAsync.lnk
2020-01-08 20:35 - 2020-01-08 20:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MEGAsync
2020-01-08 20:35 - 2020-01-08 20:35 - 000000000 ____D C:\ProgramData\MEGAsync
2020-01-08 20:32 - 2020-01-08 20:34 - 033424624 _____ (MEGA Limited) C:\Users\Seba\Downloads\MEGAsyncSetup.exe
2020-01-07 21:19 - 2020-01-07 22:59 - 000010369 _____ C:\Users\Seba\Documents\compras.xlsx
2020-01-07 16:59 - 2020-01-07 16:59 - 000014924 _____ C:\Users\Seba\Documents\cc_20200107_165909.reg
2020-01-04 01:42 - 2020-01-04 01:43 - 001305423 _____ C:\Users\Seba\Downloads\UNIDAD 1  TEMA A EQUILIBRIO DE FASES  2da PARTE 2019 [Modo de compatibilidad].pdf
2020-01-02 22:08 - 2020-01-23 15:19 - 000014178 _____ C:\Users\Seba\Documents\DeudaCaro.xlsx
2020-01-02 08:36 - 2020-01-02 08:36 - 036800213 _____ C:\Users\Seba\Downloads\Apuntes de Diseño de Máquinas. Juan M. Marín.pdf
2020-01-02 01:33 - 2020-01-02 01:33 - 000009976 _____ C:\Users\Seba\Downloads\afip_vep_cuit_20107897764_nrovep_650711153.pdf

==================== Un mes (modificado) ==================

(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)

2020-01-24 13:36 - 2009-07-14 01:45 - 000021280 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2020-01-24 13:36 - 2009-07-14 01:45 - 000021280 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2020-01-23 22:07 - 2017-06-21 22:16 - 000004476 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task
2020-01-23 22:05 - 2017-06-21 22:13 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2020-01-23 21:59 - 2009-07-14 02:32 - 000000000 ____D C:\Windows\system32\FxsTmp
2020-01-23 16:07 - 2009-07-14 02:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2020-01-23 14:38 - 2019-08-27 02:57 - 000002222 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-01-23 14:38 - 2019-08-27 02:57 - 000002181 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-01-23 14:38 - 2019-08-27 02:57 - 000002181 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2020-01-16 09:21 - 2017-06-21 04:31 - 000000000 ____D C:\Windows\system32\MRT
2020-01-16 08:19 - 2017-06-21 04:30 - 120202352 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2020-01-16 08:07 - 2017-06-21 04:22 - 001651452 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2020-01-16 08:07 - 2011-04-12 06:10 - 000747622 _____ C:\Windows\system32\perfh00A.dat
2020-01-16 08:07 - 2011-04-12 06:10 - 000159094 _____ C:\Windows\system32\perfc00A.dat
2020-01-16 08:07 - 2009-07-14 02:13 - 001651452 _____ C:\Windows\system32\PerfStringBackup.INI
2020-01-16 08:07 - 2009-07-14 00:20 - 000000000 ____D C:\Windows\inf
2020-01-16 07:41 - 2018-05-18 09:22 - 000427776 _____ C:\Windows\system32\FNTCACHE.DAT
2020-01-16 00:40 - 2017-06-21 02:56 - 000007628 _____ C:\Users\Seba\AppData\Local\Resmon.ResmonCfg
2020-01-15 21:38 - 2017-06-24 05:56 - 000000000 ____D C:\ProgramData\Package Cache
2020-01-14 08:12 - 2017-06-21 04:25 - 000000000 ____D C:\Users\Seba\AppData\Roaming\audacity
2020-01-12 04:46 - 2017-06-28 20:56 - 000000000 ____D C:\ProgramData\HP
2020-01-12 04:44 - 2017-06-28 20:56 - 000000000 ____D C:\Program Files\HP
2020-01-12 04:38 - 2017-06-28 20:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2020-01-12 04:32 - 2017-06-28 20:56 - 000000000 ____D C:\Program Files (x86)\HP
2020-01-11 10:09 - 2009-07-14 00:20 - 000000000 ____D C:\PerfLogs
2020-01-11 01:57 - 2009-07-14 00:20 - 000000000 ____D C:\Windows\system32\NDF
2020-01-08 22:07 - 2017-06-22 00:02 - 000000000 ___SD C:\Windows\system32\CompatTel
2020-01-08 22:07 - 2017-06-22 00:02 - 000000000 ____D C:\Windows\system32\appraiser
2020-01-08 22:07 - 2009-07-14 00:20 - 000000000 ____D C:\Windows\PolicyDefinitions
2020-01-08 20:09 - 2017-06-24 10:51 - 000000000 ____D C:\Users\Seba\Documents\Facturas
2020-01-07 17:07 - 2017-06-22 04:32 - 000000000 ____D C:\Users\Seba\AppData\Roaming\vlc
2020-01-07 17:06 - 2017-06-24 10:49 - 000000000 ____D C:\Users\Seba\Documents\Amigos
2020-01-03 01:49 - 2017-06-21 00:43 - 000000000 ____D C:\Users\Seba\AppData\LocalLow\Mozilla

==================== Archivos en la raíz de algunos directorios ========

2019-11-26 03:58 - 2019-11-26 06:07 - 000004307 _____ () C:\Users\Seba\AppData\Roaming\Programa 2Mp.xml
2017-06-21 02:56 - 2020-01-16 00:40 - 000007628 _____ () C:\Users\Seba\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ============================

(No existe una corrección automática para los archivos que no pasan la verificación.)


LastRegBack: 2020-01-18 01:52
==================== Final de FRST.txt ========================

Hola @Sebastian_Egea

Paso 1: Desinstala con Revo Uninstaller en su Modo Avanzado:

  • Spybot - Search & Destroy

Manual de Revo Uninstaller.


Paso 2: Posteriormente realizas lo siguiente:

1.- Desactiva temporalmente tu antivirus y cualquier programa de seguridad.

2.- Descarga, instala y/o actualiza a las siguientes herramientas:

3.- Ejecutas respetando el orden los pasos con todos los programas cerrados incluido los navegadores

CCleaner

Usando su opción Limpiador de acuerdo su Manual:

  • Para borrar Cookies, temporales de Internet y todos los archivos que este te muestre como obsoletos.
  • Cuando lo instales destilda las casillas para no permitir la instalación de Ccleaner Browser/Avast Browser o similar…
  • NO necesitamos este reporte

AdwCleaner

Lo ejecutas.

  • Pulsa en el botón Escanear y espera a que se realice el proceso. Luego pulsa sobre el botón Limpiar.
  • Espera a que se complete. Si te pidiera reiniciar el sistema Aceptas.
  • Guarda el reporte que le aparecerá para copiarlo y pegarlo en tu próxima respuesta.
  • El informe también puede encontrarse en “C:\AdwCleaner\AdwCleaner.txt”

ZHPCleaner

  • Siguiendo su manual, lo instalas y ejecutas. Cuando termine, elimina todo lo que encuentre.

Malwarebytes Versión 4

  • Lo ejecutas siguiendo los pasos de su Manual.
  • Realizas un Análisis Personalizado
  • Revisa especialmente como salvar el reporte.

4.- Nota Importante:

En tu próxima respuesta debes pegar los reportes de AdwCleaner , ZHPCleaner y Malwarebytes.

Guía: ¿Como Pegar reportes en el Foro?

Nos comentas.

Salu2

Hola @SanMar, gracias por tu pronta respuesta. No tengo ese programa que mencionás instalado en mi PC (creo que lo tuve hace bastante pero lo borré ya hace un tiempo). De hecho, cuando abro el Revo Uninstaller, no me figura siquiera entre los soft que hay en la máquina para desinstalar. No sé si tengo que hacer otra cosa. Espero tu respuesta, muchas gracias.

Seba

Hola @Sebastian_Egea

Perfecto tienes restos de el ya los eliminaremos, por lo pronto continua con los demás pasos.

Salu2

¡Muchísimas gracias SanMar! Sí, ahí vi, que el limpiador de registro del CCleaner borró varias claves del Spybot - Search & Destroy. No sé si querés que además ejecute el regedit, busque cualquier clave que tenga que ver con el Spybot y la borre manualmente. Por otro lado, acá te dejo los reportes del AdwCleaner, ZHPCleaner y Malwarebytes. Desde ya, mis más sinceros agradecimientos por tu ayuda.

# -------------------------------
# Malwarebytes AdwCleaner 8.0.1.0
# -------------------------------
# Build:    12-17-2019
# Database: 2020-01-24.1 (Cloud)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start:    01-25-2020
# Duration: 00:00:06
# OS:       Windows 7 Ultimate
# Cleaned:  12
# Failed:   0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted       C:\ProgramData\SecuritySuite
Deleted       C:\ProgramData\TotalAV
Deleted       C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\TotalAV

***** [ Files ] *****

Deleted       C:\Users\Seba\Downloads\TOTALAV_SETUP.EXE

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted       HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\dospop.com
Deleted       HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\incredibar.com
Deleted       HKCU\Software\SSProtect
Deleted       HKLM\SOFTWARE\Mozilla\NativeMessagingHosts\com.totalav.passwordvaultassistant
Deleted       HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\dospop.com
Deleted       HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\incredibar.com
Deleted       HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\dospop.com
Deleted       HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\incredibar.com

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [2306 octets] - [16/01/2020 04:35:40]
AdwCleaner[S01].txt - [2550 octets] - [25/01/2020 17:46:29]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C01].txt ##########
~ ZHPCleaner v2020.1.23.174 by Nicolas Coolman (2020/01/23)
~ Run by Seba (Administrator)  (25/01/2020 18:55:04)
~ Web: https://www.nicolascoolman.com
~ Blog: https://nicolascoolman.eu/
~ Facebook : https://www.facebook.com/nicolascoolman1
~ State version : Version OK
~ Type : Reparar
~ Report : C:\Users\Seba\Desktop\ZHPCleaner (R).txt
~ Quarantine : C:\Users\Seba\AppData\Roaming\ZHP\ZHPCleaner_Reg.txt
~ System Restore Point : 
~ UAC : Activate
~ Boot Mode : Normal (Normal boot)
Windows 7 Ultimate, 64-bit Service Pack 1 (Build 7601)


---\\  Alternate Data Stream (ADS). (0)
~ No malintencionados o innecesarios artículos encontrados.


---\\  Servicios (0)
~ No malintencionados o innecesarios artículos encontrados.


---\\  Navegadores de Internet (0)
~ No malintencionados o innecesarios artículos encontrados.


---\\  Hosts carpeta (1)
~ El archivo hosts es legítimo (15660)


---\\  Tareas automáticas programadas. (0)
~ No malintencionados o innecesarios artículos encontrados.


---\\  Explorador ( Archivos, Carpetas ) (1)
MOVIDO archivo: C:\Users\Seba\AppData\Roaming\Mozilla\Firefox\Profiles\6tw36jlw.default\browser-extension-data\hel[email protected]  =>.SUP.BrowserExtension


---\\  Registro ( Claves, Valores, Datos) (4)
BORRADOS clave*: HKEY_USERS\S-1-5-21-2551973510-2106251972-3254095100-1001\SOFTWARE\Magicbit []  =>.SUP.Magicbit
BORRADOS clave**: HKCU\Software\Magicbit []  =>.SUP.Magicbit
BORRADOS clave*: [X64] HKLM\SOFTWARE\Classes\totalav [URL:Total AV Protocol]  =>SUP.Optional.TotalAV
BORRADOS clave*: [X64] HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5} [ITool]  =>Toolbar.Ask


---\\  Resumen de elementos en su estación de trabajo (4)
https://nicolascoolman.eu/2017/10/05/sup-browserextension/  =>.SUP.BrowserExtension
https://nicolascoolman.eu/2017/12/23/sup-magicbit/  =>.SUP.Magicbit
https://nicolascoolman.eu/2019/08/totalav-optimzer-zone-antimalware.jpg  =>SUP.Optional.TotalAV
https://nicolascoolman.eu/2017/02/28/toolbar-ask/  =>Toolbar.Ask


---\\ Limpieza adicional. (2)
~ Clave de registro Tracing borrados (2)
~ Quitar los antiguos informes de ZHPCleaner. (0)


---\\ Resultado de la reparación.
~ Reparación llevada a cabo con éxito
~ Google Chrome OK
~ Mozilla Firefox OK
~ Internet Explorer OK


---\\ STATISTIQUES
~ Items escaneado : 33337
~ Items encontrado : 0
~ artículos cancelados : 0
~ Ahorro de espacio (bytes) : 0
~ Items opciones : 8/15


---\\ OPCIONES NO ACTIVAS
~ Temporary file analysis
~ Temporary folder analysis
~ Empty Folder CLSID Analysis
~ Empty Other Folder Analysis
~ Empty LocalLow Folder Analysis
~ Empty Local Folder Analysis
~ Obsolete Installer File Analysis





~ End of clean in 00h01mn56s

---\\  Reporte (3)
ZHPCleaner-[S]-25012020-18_12_59.txt
ZHPCleaner-[S]-25012020-18_43_31.txt
ZHPCleaner-[R]-25012020-18_57_00.txt
Malwarebytes
www.malwarebytes.com

-Detalles del registro-
Fecha del análisis: 25/1/20
Hora del análisis: 19:01
Archivo de registro: 49bd226a-3fbe-11ea-b7ed-00196667646f.json

-Información del software-
Versión: 4.0.4.49
Versión de los componentes: 1.0.793
Versión del paquete de actualización: 1.0.18236
Licencia: Gratis

-Información del sistema-
SO: Windows 7 Service Pack 1
CPU: x64
Sistema de archivos: NTFS
Usuario: Seba-PC\Seba

-Resumen del análisis-
Tipo de análisis: Análisis personalizado
Análisis iniciado por:: Manual
Resultado: Completado
Objetos analizados: 90850
Amenazas detectadas: 0
Amenazas en cuarentena: 0
Tiempo transcurrido: 0 min, 57 seg

-Opciones de análisis-
Memoria: Activado
Inicio: Activado
Sistema de archivos: Desactivado
Archivo: Activado
Rootkits: Desactivado
Heurística: Activado
PUP: Detectar
PUM: Detectar

-Detalles del análisis-
Proceso: 0
(No hay elementos maliciosos detectados)

Módulo: 0
(No hay elementos maliciosos detectados)

Clave del registro: 0
(No hay elementos maliciosos detectados)

Valor del registro: 0
(No hay elementos maliciosos detectados)

Datos del registro: 0
(No hay elementos maliciosos detectados)

Secuencia de datos: 0
(No hay elementos maliciosos detectados)

Carpeta: 0
(No hay elementos maliciosos detectados)

Archivo: 0
(No hay elementos maliciosos detectados)

Sector físico: 0
(No hay elementos maliciosos detectados)

WMI: 0
(No hay elementos maliciosos detectados)


(end)

Hola @Sebastian_Egea

No es necesario, ya los pescaremos con la próxima herramienta. :+1:


Realiza lo siguiente:

1.- Desactiva temporalmente tu antivirus y cualquier programa de seguridad.

2.- Descarga Farbar Recovery Scan Tool. en el escritorio, seleccionando la versión adecuada para la arquitectura (32 o 64bits) de su equipo. >> Como saber si mi Windows es de 32 o 64 bits.?

  • Ejecuta FRST.exe.
  • En el mensaje de la ventana del Disclaimer, pulsamos Yes
  • En la ventana principal pulsamos en el botón Scan y esperamos a que concluya el proceso.
  • Se abrirán dos(2) archivos(Logs), Frst.txt y Addition.txt, estos quedaran grabados en el escritorio.

Guía: Como Ejecutar FRST

3.- En tu próxima respuesta, pega los reportes generados.

Guía : ¿Como Pegar reportes en el Foro?

Esperamos esos reporte.

Salu2

Resultado del análisis realizado por Farbar Recovery Scan Tool (FRST) (x64) Versión: 25-01-2020 01
Ejecutado por Seba (administrador) sobre SEBA-PC (25-01-2020 19:56:53)
Ejecutado desde C:\Users\Seba\Desktop
Perfiles cargados: Seba (Perfiles disponibles: Seba)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Idioma: Español (España, internacional)
Internet Explorer Versión 11 (Navegador predeterminado: Chrome)
Modo de Inicio: Normal
Tutorial para Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Procesos (Lista blanca) =================

(Si una entrada es incluida en el fixlist, el proceso será cerrado. El archivo no será movido.)

(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe

==================== Registro (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.)

HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-2551973510-2106251972-3254095100-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\79.0.3945.130\Installer\chrmstp.exe [2020-01-23] (Google LLC -> Google LLC)
BootExecute: autocheck autochk * sdnclean64.exe

==================== Tareas programadas (Lista blanca) ============

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

Task: {0BEF4D44-A6DF-440F-9D03-952E442989ED} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-08-27] (Google Inc -> Google LLC)
Task: {10516A9C-F7F7-43F2-B8AF-56C3960DC633} - System32\Tasks\MEGA\MEGAsync Update Task S-1-5-21-2551973510-2106251972-3254095100-1001 => C:\ProgramData\MEGAsync\MEGAupdater.exe [615160 2019-09-05] (Mega Limited -> Mega Limited)
Task: {155D0325-28C2-44B4-8054-200EE1D95AF9} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [18458752 2019-10-14] (Piriform Software Ltd -> Piriform Ltd)
Task: {1B63A760-0A42-42ED-8F3A-37EF9D668EB8} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1240656 2019-09-10] (Adobe Inc. -> Adobe Systems)
Task: {89EB9678-A236-41D4-8FB7-AF88DB0D29FE} - System32\Tasks\HPCustParticipation HP Deskjet 3540 series => C:\Program Files\HP\HP Deskjet 3540 series\Bin\HPCustPartic.exe [5745672 2014-03-06] (Hewlett Packard -> Hewlett-Packard Co.)
Task: {97AF39DC-D13C-4B3B-B561-8C1D924FFF72} - System32\Tasks\HPEA3JOBS => C:\Program [Argument = Files\HP\HP ePrint\hpeprint.exe /CheckJobs]
Task: {98063B46-6A20-4222-A409-7BB98C438A79} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [608384 2019-10-14] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {A7408485-5C0F-4A10-B0EF-FAC91498924B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-08-27] (Google Inc -> Google LLC)

(Si una entrada es incluida en el fixlist, el archivo de tarea (.job) será movido. El archivo que está siendo ejecutado por la tarea no será movido.)


==================== Internet (Lista blanca) ====================

(Si un elemento es incluido en el fixlist, y éste pertenece al registro, será eliminado o restaurado a su valor predeterminado.)

Hosts: Hay más de una entrada en Hosts. Consulte la sección Hosts de Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.100.1
Tcpip\..\Interfaces\{06904C87-FB3B-4CC3-A82B-F268E8FDC9D4}: [DhcpNameServer] 192.168.100.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKU\S-1-5-21-2551973510-2106251972-3254095100-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation -> Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\ssv.dll [2017-06-22] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\jp2ssv.dll [2017-06-22] (Oracle America, Inc. -> Oracle Corporation)

FireFox:
========
FF DefaultProfile: 6tw36jlw.default
FF ProfilePath: C:\Users\Seba\AppData\Roaming\Mozilla\Firefox\Profiles\6tw36jlw.default [2020-01-25]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_114.dll [2019-01-29] (Adobe Systems Incorporated -> )
FF Plugin: @microsoft.com/GENUINE -> disabled [Ningún archivo]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_114.dll [2019-01-29] (Adobe Systems Incorporated -> )
FF Plugin-x32: @java.com/DTPlugin,version=11.131.2 -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\dtplugin\npDeployJava1.dll [2017-06-22] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.131.2 -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\plugin2\npjp2.dll [2017-06-22] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Ningún archivo]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-14] (Google LLC -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-14] (Google LLC -> Google LLC)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-12-17] (Adobe Inc. -> Adobe Systems Inc.)

Chrome: 
=======
CHR Profile: C:\Users\Seba\AppData\Local\Google\Chrome\User Data\Default [2020-01-25]
CHR Extension: (Presentaciones) - C:\Users\Seba\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-08-27]
CHR Extension: (Documentos) - C:\Users\Seba\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-08-27]
CHR Extension: (Google Drive) - C:\Users\Seba\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-08-27]
CHR Extension: (YouTube) - C:\Users\Seba\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-08-27]
CHR Extension: (Hojas de cálculo) - C:\Users\Seba\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-08-27]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\Seba\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-01-14]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Seba\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-04]
CHR Extension: (Gmail) - C:\Users\Seba\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-08-27]
CHR Extension: (Chrome Media Router) - C:\Users\Seba\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-12-26]

==================== Servicios (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

R2 AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [238080 2013-04-30] (Microsoft Windows Hardware Compatibility Publisher -> AMD)
S2 KMService; C:\Windows\SysWOW64\srvany.exe [8192 2017-06-24] () [Archivo no firmado]
S2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [6960640 2020-01-25] (Malwarebytes Inc -> Malwarebytes)
S4 WDBackup; C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe [1049464 2016-04-19] (WESTERN DIGITAL TECHNOLOGIES -> Western Digital Technologies, Inc.)
S4 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [314744 2016-04-19] (WESTERN DIGITAL TECHNOLOGIES -> Western Digital Technologies, Inc.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)

===================== Controladores (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

R3 amdkmdag; C:\Windows\System32\DRIVERS\atikmdag.sys [11922944 2013-04-30] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\Windows\System32\DRIVERS\atikmpag.sys [359936 2013-04-29] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R3 AtiHDAudioService; C:\Windows\System32\drivers\AtihdW76.sys [104976 2016-04-01] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
S3 atikmdag; C:\Windows\System32\DRIVERS\atikmdag.sys [11922944 2013-04-30] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R3 RTL8167; C:\Windows\System32\DRIVERS\Rt64win7.sys [187392 2009-03-01] (Microsoft Windows Hardware Compatibility Publisher -> Realtek Corporation )
S3 WDC_SAM; C:\Windows\System32\DRIVERS\wdcsam64_prewin8.sys [23200 2016-01-14] (Microsoft Windows Hardware Compatibility Publisher -> Western Digital Technologies)
U2 bddci; no ImagePath
S3 cpuz143; \??\C:\Users\Seba\AppData\Local\Temp\cpuz143\cpuz143_x64.sys [X] <==== ATENCIÓN
S3 GMSIPCI; \??\E:\INSTALL\GMSIPCI.SYS [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)


==================== Un mes (creado) ===================

(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)

2020-01-25 19:56 - 2020-01-25 19:56 - 000000000 ____D C:\Users\Seba\Desktop\FRST-OlderVersion
2020-01-25 19:03 - 2020-01-25 19:03 - 000001538 _____ C:\Users\Seba\Desktop\Malwarebytes.txt
2020-01-25 18:57 - 2020-01-25 18:57 - 000002931 _____ C:\Users\Seba\Desktop\ZHPCleaner (R).txt
2020-01-25 18:12 - 2020-01-25 18:43 - 000002768 _____ C:\Users\Seba\Desktop\ZHPCleaner (S).txt
2020-01-25 17:57 - 2020-01-25 17:57 - 000002516 _____ C:\Users\Seba\Desktop\AdwCleaner[C01].txt
2020-01-25 17:44 - 2020-01-25 17:44 - 000000492 _____ C:\Users\Seba\Documents\cc_20200125_174400.reg
2020-01-25 17:44 - 2020-01-25 17:44 - 000000180 _____ C:\Users\Seba\Documents\cc_20200125_174414.reg
2020-01-25 17:43 - 2020-01-25 17:43 - 000022248 _____ C:\Users\Seba\Documents\cc_20200125_174316.reg
2020-01-25 17:32 - 2020-01-25 17:32 - 000003870 _____ C:\Windows\system32\Tasks\CCleaner Update
2020-01-25 17:32 - 2020-01-25 17:32 - 000001948 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2020-01-25 17:32 - 2020-01-25 17:32 - 000001948 _____ C:\ProgramData\Desktop\Malwarebytes.lnk
2020-01-25 17:32 - 2020-01-25 17:32 - 000000000 ____D C:\Users\Seba\AppData\Local\cache
2020-01-25 17:32 - 2020-01-25 17:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2020-01-25 17:32 - 2020-01-25 17:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2020-01-25 17:31 - 2020-01-25 18:57 - 000000000 ____D C:\Users\Seba\AppData\Roaming\ZHP
2020-01-25 17:31 - 2020-01-25 18:25 - 000000828 _____ C:\Users\Seba\Desktop\ZHPCleaner.lnk
2020-01-25 17:31 - 2020-01-25 17:31 - 000000000 ____D C:\Users\Seba\AppData\Local\ZHP
2020-01-25 17:30 - 2020-01-25 17:29 - 000153312 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2020-01-25 17:29 - 2020-01-25 17:29 - 000000000 ____D C:\ProgramData\Malwarebytes
2020-01-25 17:28 - 2020-01-25 17:31 - 024578944 _____ (Piriform Software Ltd) C:\Users\Seba\Downloads\ccsetup563.exe
2020-01-25 17:26 - 2020-01-25 17:26 - 008237744 _____ (Malwarebytes) C:\Users\Seba\Downloads\adwcleaner_8.0.1 (1).exe
2020-01-25 17:25 - 2020-01-25 17:30 - 003331968 _____ (Nicolas Coolman) C:\Users\Seba\Downloads\ZHPCleaner.exe
2020-01-25 17:22 - 2020-01-25 17:23 - 001924728 _____ (Malwarebytes) C:\Users\Seba\Downloads\MBSetup.exe
2020-01-25 02:57 - 2020-01-25 02:57 - 000001034 _____ C:\Users\Public\Desktop\Revo Uninstaller.lnk
2020-01-25 02:57 - 2020-01-25 02:57 - 000001034 _____ C:\ProgramData\Desktop\Revo Uninstaller.lnk
2020-01-25 02:57 - 2020-01-25 02:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2020-01-25 02:57 - 2020-01-25 02:57 - 000000000 ____D C:\Program Files\VS Revo Group
2020-01-25 02:55 - 2020-01-25 02:55 - 007432520 _____ (VS Revo Group ) C:\Users\Seba\Downloads\revosetup.exe
2020-01-24 15:21 - 2020-01-24 15:25 - 000054186 _____ C:\Users\Seba\Desktop\Addition.txt
2020-01-24 15:20 - 2020-01-24 15:20 - 000066604 _____ C:\ProgramData\agent.uninstall.1579889916.bdinstall.v2.bin
2020-01-24 15:16 - 2020-01-25 19:58 - 000013669 _____ C:\Users\Seba\Desktop\FRST.txt
2020-01-24 15:15 - 2020-01-25 19:57 - 000000000 ____D C:\FRST
2020-01-24 15:13 - 2020-01-25 19:56 - 002580480 _____ (Farbar) C:\Users\Seba\Desktop\FRST64.exe
2020-01-24 14:52 - 2020-01-24 14:52 - 001297210 _____ C:\Users\Seba\Documents\HijackThisSeba.txt
2020-01-24 10:45 - 2020-01-24 10:45 - 000031296 _____ C:\Users\Seba\Documents\Calendario-Febrero-2020-Imprimir.pdf
2020-01-24 10:45 - 2020-01-24 10:45 - 000031253 _____ C:\Users\Seba\Documents\Calendario-Enero-2020-Imprimir.pdf
2020-01-18 14:31 - 2020-01-18 14:32 - 000026615 _____ C:\Users\Seba\Downloads\comprobanteComprobante de Pago (1).pdf
2020-01-18 01:10 - 2020-01-18 01:10 - 000075244 _____ C:\ProgramData\agent.update.1579320512.bdinstall.v2.bin
2020-01-16 18:05 - 2020-01-16 18:07 - 000000000 ____D C:\Windows\rescache
2020-01-16 11:02 - 2020-01-16 11:02 - 000223108 _____ C:\Users\Seba\Documents\brevisimarelaciondeladestrucciondeindias.pdf
2020-01-16 10:28 - 2020-01-16 10:29 - 000330789 _____ C:\Users\Seba\Downloads\350789845.pdf
2020-01-16 09:49 - 2020-01-16 09:49 - 000000085 _____ C:\Windows\wininit.ini
2020-01-16 08:35 - 2009-06-10 18:00 - 000000824 _____ C:\Windows\system32\Drivers\etc\hosts.20200116-083526.backup
2020-01-16 08:09 - 2020-01-16 08:09 - 000000000 ____D C:\Windows\system32\Tasks\Safer-Networking
2020-01-16 08:08 - 2020-01-16 09:54 - 000000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2020-01-16 08:08 - 2020-01-16 09:49 - 000000000 ____D C:\ProgramData\Spybot - Search & Destroy
2020-01-16 04:44 - 2020-01-16 04:48 - 069910960 _____ (Safer-Networking Ltd. ) C:\Users\Seba\Downloads\spybotsd-2.7.64.0.exe
2020-01-16 04:32 - 2020-01-25 17:46 - 000000000 ____D C:\AdwCleaner
2020-01-16 04:31 - 2020-01-16 04:32 - 007241296 _____ (Stanislav Polshyn & Trend Micro Inc.) C:\Users\Seba\Downloads\HiJackThis.exe
2020-01-16 04:28 - 2020-01-16 04:31 - 008237744 _____ (Malwarebytes) C:\Users\Seba\Downloads\adwcleaner_8.0.1.exe
2020-01-16 01:25 - 2020-01-16 01:25 - 000000000 ____D C:\ProgramData\Bitdefender
2020-01-16 01:24 - 2019-11-13 17:32 - 000739024 _____ (Bitdefender) C:\Windows\system32\Drivers\bddci.sys
2020-01-16 00:56 - 2020-01-16 00:56 - 000104072 _____ C:\ProgramData\agent.1579146959.bdinstall.v2.bin
2020-01-16 00:56 - 2020-01-16 00:56 - 000000000 ____D C:\ProgramData\Bitdefender Agent
2020-01-16 00:51 - 2020-01-16 00:54 - 010527368 _____ C:\Users\Seba\Downloads\bitdefender_online.exe
2020-01-15 22:07 - 2019-12-16 23:39 - 025754624 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2020-01-15 22:07 - 2019-12-16 21:53 - 005500928 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2020-01-15 22:07 - 2019-12-16 21:52 - 020290048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2020-01-15 22:07 - 2019-12-16 20:56 - 013838336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2020-01-15 22:07 - 2019-12-10 05:38 - 000113664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wiadss.dll
2020-01-15 22:07 - 2019-12-10 05:32 - 002222080 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2020-01-15 22:07 - 2019-12-10 05:17 - 006136320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2020-01-15 22:06 - 2020-01-03 00:42 - 004061624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2020-01-15 22:06 - 2020-01-03 00:42 - 003967416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2020-01-15 22:06 - 2020-01-03 00:41 - 001320248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2020-01-15 22:06 - 2020-01-03 00:38 - 000834048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2020-01-15 22:06 - 2020-01-03 00:37 - 005553888 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2020-01-15 22:06 - 2020-01-03 00:37 - 000709856 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2020-01-15 22:06 - 2020-01-03 00:37 - 000627424 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2020-01-15 22:06 - 2020-01-03 00:37 - 000342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2020-01-15 22:06 - 2020-01-03 00:37 - 000263904 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2020-01-15 22:06 - 2020-01-03 00:37 - 000096992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2020-01-15 22:06 - 2020-01-03 00:36 - 000155360 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2020-01-15 22:06 - 2020-01-03 00:35 - 001671296 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2020-01-15 22:06 - 2020-01-03 00:33 - 001010688 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2020-01-15 22:06 - 2020-01-03 00:33 - 000463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2020-01-15 22:06 - 2020-01-03 00:01 - 000338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2020-01-15 22:06 - 2019-12-31 00:04 - 000492032 _____ (Microsoft Corporation) C:\Windows\system32\EOSNotify.exe
2020-01-15 22:06 - 2019-12-18 14:45 - 000390536 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2020-01-15 22:06 - 2019-12-18 13:48 - 000341896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2020-01-15 22:06 - 2019-12-16 22:06 - 002910720 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2020-01-15 22:06 - 2019-12-16 21:52 - 000797184 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2020-01-15 22:06 - 2019-12-16 21:45 - 000969216 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2020-01-15 22:06 - 2019-12-16 21:27 - 000662528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2020-01-15 22:06 - 2019-12-16 21:16 - 000809472 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2020-01-15 22:06 - 2019-12-16 21:14 - 015445504 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2020-01-15 22:06 - 2019-12-16 21:14 - 001359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2020-01-15 22:06 - 2019-12-16 21:04 - 004859392 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2020-01-15 22:06 - 2019-12-16 21:03 - 004112384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2020-01-15 22:06 - 2019-12-16 21:00 - 001155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2020-01-15 22:06 - 2019-12-16 20:52 - 001566720 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2020-01-15 22:06 - 2019-12-16 20:43 - 004387840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2020-01-15 22:06 - 2019-12-16 20:39 - 001331712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2020-01-15 22:06 - 2019-12-12 00:35 - 000271872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsmf.dll
2020-01-15 22:06 - 2019-12-12 00:34 - 000253952 _____ (Microsoft) C:\Windows\SysWOW64\DShowRdpFilter.dll
2020-01-15 22:06 - 2019-12-12 00:28 - 000301568 _____ (Microsoft Corporation) C:\Windows\system32\tsmf.dll
2020-01-15 22:06 - 2019-12-12 00:27 - 000284160 _____ (Microsoft) C:\Windows\system32\DShowRdpFilter.dll
2020-01-15 22:06 - 2019-12-12 00:07 - 000119296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tsusbhub.sys
2020-01-15 22:06 - 2019-12-12 00:07 - 000055296 _____ (Microsoft Corporation) C:\Windows\system32\LSCSHostPolicy.dll
2020-01-15 22:06 - 2019-12-10 06:36 - 000375008 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2020-01-15 22:06 - 2019-12-10 05:38 - 001549312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2020-01-15 22:06 - 2019-12-10 05:38 - 001400320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2020-01-15 22:06 - 2019-12-10 05:38 - 001177088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2020-01-15 22:06 - 2019-12-10 05:38 - 000666624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
2020-01-15 22:06 - 2019-12-10 05:38 - 000544768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wiaaut.dll
2020-01-15 22:06 - 2019-12-10 05:38 - 000364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StructuredQuery.dll
2020-01-15 22:06 - 2019-12-10 05:38 - 000337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2020-01-15 22:06 - 2019-12-10 05:38 - 000328704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shsvcs.dll
2020-01-15 22:06 - 2019-12-10 05:38 - 000203264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sti.dll
2020-01-15 22:06 - 2019-12-10 05:38 - 000197120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssphtb.dll
2020-01-15 22:06 - 2019-12-10 05:38 - 000179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2020-01-15 22:06 - 2019-12-10 05:38 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2020-01-15 22:06 - 2019-12-10 05:38 - 000106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2020-01-15 22:06 - 2019-12-10 05:38 - 000104448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssitlb.dll
2020-01-15 22:06 - 2019-12-10 05:38 - 000059392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscntrs.dll
2020-01-15 22:06 - 2019-12-10 05:38 - 000034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssprxy.dll
2020-01-15 22:06 - 2019-12-10 05:32 - 003165184 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2020-01-15 22:06 - 2019-12-10 05:32 - 002319360 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2020-01-15 22:06 - 2019-12-10 05:32 - 001484800 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2020-01-15 22:06 - 2019-12-10 05:32 - 000778240 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
2020-01-15 22:06 - 2019-12-10 05:32 - 000670208 _____ (Microsoft Corporation) C:\Windows\system32\wiaaut.dll
2020-01-15 22:06 - 2019-12-10 05:32 - 000583168 _____ (Microsoft Corporation) C:\Windows\system32\wiaservc.dll
2020-01-15 22:06 - 2019-12-10 05:32 - 000491520 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
2020-01-15 22:06 - 2019-12-10 05:32 - 000486912 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll
2020-01-15 22:06 - 2019-12-10 05:32 - 000371712 _____ (Microsoft Corporation) C:\Windows\system32\shsvcs.dll
2020-01-15 22:06 - 2019-12-10 05:32 - 000295424 _____ (Microsoft Corporation) C:\Windows\system32\sti.dll
2020-01-15 22:06 - 2019-12-10 05:32 - 000288256 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll
2020-01-15 22:06 - 2019-12-10 05:32 - 000229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2020-01-15 22:06 - 2019-12-10 05:32 - 000191488 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2020-01-15 22:06 - 2019-12-10 05:32 - 000149504 _____ (Microsoft Corporation) C:\Windows\system32\sti_ci.dll
2020-01-15 22:06 - 2019-12-10 05:32 - 000141824 _____ (Microsoft Corporation) C:\Windows\system32\wiadss.dll
2020-01-15 22:06 - 2019-12-10 05:32 - 000141824 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2020-01-15 22:06 - 2019-12-10 05:32 - 000115200 _____ (Microsoft Corporation) C:\Windows\system32\mssitlb.dll
2020-01-15 22:06 - 2019-12-10 05:32 - 000099840 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll
2020-01-15 22:06 - 2019-12-10 05:32 - 000098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2020-01-15 22:06 - 2019-12-10 05:32 - 000075264 _____ (Microsoft Corporation) C:\Windows\system32\msscntrs.dll
2020-01-15 22:06 - 2019-12-10 05:32 - 000067072 _____ (Microsoft Corporation) C:\Windows\system32\wiarpc.dll
2020-01-15 22:06 - 2019-12-10 05:32 - 000014848 _____ (Microsoft Corporation) C:\Windows\system32\wiatrace.dll
2020-01-15 22:06 - 2019-12-10 05:32 - 000014336 _____ (Microsoft Corporation) C:\Windows\system32\msshooks.dll
2020-01-15 22:06 - 2019-12-10 05:23 - 000573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2020-01-15 22:06 - 2019-12-10 05:22 - 000428544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2020-01-15 22:06 - 2019-12-10 05:22 - 000164352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2020-01-15 22:06 - 2019-12-10 05:22 - 000093184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2020-01-15 22:06 - 2019-12-10 05:22 - 000086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFilterHost.exe
2020-01-15 22:06 - 2019-12-10 05:22 - 000030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2020-01-15 22:06 - 2019-12-10 05:22 - 000012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wiatrace.dll
2020-01-15 22:06 - 2019-12-10 05:22 - 000009728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msshooks.dll
2020-01-15 22:06 - 2019-12-10 05:17 - 002651136 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2020-01-15 22:06 - 2019-12-10 05:16 - 000709120 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2020-01-15 22:06 - 2019-12-10 05:16 - 000140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2020-01-15 22:06 - 2019-12-10 05:16 - 000037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2020-01-15 22:06 - 2019-12-10 05:16 - 000036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2020-01-15 22:06 - 2019-12-10 05:16 - 000012288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\serscan.sys
2020-01-15 22:06 - 2019-12-10 05:15 - 000594432 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2020-01-15 22:06 - 2019-12-10 05:15 - 000249856 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2020-01-15 22:06 - 2019-12-10 05:14 - 000113664 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe
2020-01-15 22:06 - 2019-12-10 05:01 - 003233280 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2020-01-15 22:06 - 2019-12-10 04:56 - 000754176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2020-01-15 22:06 - 2019-12-10 03:17 - 007084032 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2020-01-15 22:05 - 2020-01-03 00:38 - 001114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2020-01-15 22:05 - 2020-01-03 00:38 - 000666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2020-01-15 22:05 - 2020-01-03 00:38 - 000555520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2020-01-15 22:05 - 2020-01-03 00:38 - 000275968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2020-01-15 22:05 - 2020-01-03 00:38 - 000261632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2020-01-15 22:05 - 2020-01-03 00:38 - 000254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2020-01-15 22:05 - 2020-01-03 00:38 - 000223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2020-01-15 22:05 - 2020-01-03 00:38 - 000172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2020-01-15 22:05 - 2020-01-03 00:38 - 000141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2020-01-15 22:05 - 2020-01-03 00:38 - 000096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2020-01-15 22:05 - 2020-01-03 00:38 - 000082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2020-01-15 22:05 - 2020-01-03 00:38 - 000070144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2020-01-15 22:05 - 2020-01-03 00:38 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2020-01-15 22:05 - 2020-01-03 00:38 - 000022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2020-01-15 22:05 - 2020-01-03 00:38 - 000005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2020-01-15 22:05 - 2020-01-03 00:37 - 000644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2020-01-15 22:05 - 2020-01-03 00:37 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2020-01-15 22:05 - 2020-01-03 00:37 - 000017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2020-01-15 22:05 - 2020-01-03 00:37 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2020-01-15 22:05 - 2020-01-03 00:37 - 000005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2020-01-15 22:05 - 2020-01-03 00:37 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2020-01-15 22:05 - 2020-01-03 00:37 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2020-01-15 22:05 - 2020-01-03 00:37 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2020-01-15 22:05 - 2020-01-03 00:37 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2020-01-15 22:05 - 2020-01-03 00:37 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2020-01-15 22:05 - 2020-01-03 00:37 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2020-01-15 22:05 - 2020-01-03 00:37 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2020-01-15 22:05 - 2020-01-03 00:37 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2020-01-15 22:05 - 2020-01-03 00:37 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2020-01-15 22:05 - 2020-01-03 00:37 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2020-01-15 22:05 - 2020-01-03 00:37 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2020-01-15 22:05 - 2020-01-03 00:37 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2020-01-15 22:05 - 2020-01-03 00:37 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2020-01-15 22:05 - 2020-01-03 00:37 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2020-01-15 22:05 - 2020-01-03 00:37 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2020-01-15 22:05 - 2020-01-03 00:37 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2020-01-15 22:05 - 2020-01-03 00:37 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2020-01-15 22:05 - 2020-01-03 00:37 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2020-01-15 22:05 - 2020-01-03 00:37 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2020-01-15 22:05 - 2020-01-03 00:37 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2020-01-15 22:05 - 2020-01-03 00:37 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2020-01-15 22:05 - 2020-01-03 00:37 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2020-01-15 22:05 - 2020-01-03 00:37 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2020-01-15 22:05 - 2020-01-03 00:33 - 001472512 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2020-01-15 22:05 - 2020-01-03 00:33 - 001211392 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2020-01-15 22:05 - 2020-01-03 00:33 - 001162752 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2020-01-15 22:05 - 2020-01-03 00:33 - 000880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2020-01-15 22:05 - 2020-01-03 00:33 - 000733184 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2020-01-15 22:05 - 2020-01-03 00:33 - 000503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2020-01-15 22:05 - 2020-01-03 00:33 - 000408576 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2020-01-15 22:05 - 2020-01-03 00:33 - 000361984 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2020-01-15 22:05 - 2020-01-03 00:33 - 000345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2020-01-15 22:05 - 2020-01-03 00:33 - 000316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2020-01-15 22:05 - 2020-01-03 00:33 - 000312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2020-01-15 22:05 - 2020-01-03 00:33 - 000243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2020-01-15 22:05 - 2020-01-03 00:33 - 000236032 _____ (Microsoft Corporation) C:\Windows\system32\srvsvc.dll
2020-01-15 22:05 - 2020-01-03 00:33 - 000215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2020-01-15 22:05 - 2020-01-03 00:33 - 000210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2020-01-15 22:05 - 2020-01-03 00:33 - 000190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2020-01-15 22:05 - 2020-01-03 00:33 - 000135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2020-01-15 22:05 - 2020-01-03 00:33 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2020-01-15 22:05 - 2020-01-03 00:33 - 000094208 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2020-01-15 22:05 - 2020-01-03 00:33 - 000063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2020-01-15 22:05 - 2020-01-03 00:33 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2020-01-15 22:05 - 2020-01-03 00:33 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2020-01-15 22:05 - 2020-01-03 00:33 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2020-01-15 22:05 - 2020-01-03 00:33 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2020-01-15 22:05 - 2020-01-03 00:33 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2020-01-15 22:05 - 2020-01-03 00:33 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2020-01-15 22:05 - 2020-01-03 00:33 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2020-01-15 22:05 - 2020-01-03 00:33 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2020-01-15 22:05 - 2020-01-03 00:33 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2020-01-15 22:05 - 2020-01-03 00:33 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2020-01-15 22:05 - 2020-01-03 00:33 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\sscore.dll
2020-01-15 22:05 - 2020-01-03 00:33 - 000007168 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2020-01-15 22:05 - 2020-01-03 00:33 - 000006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2020-01-15 22:05 - 2020-01-03 00:33 - 000005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2020-01-15 22:05 - 2020-01-03 00:33 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2020-01-15 22:05 - 2020-01-03 00:33 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2020-01-15 22:05 - 2020-01-03 00:33 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2020-01-15 22:05 - 2020-01-03 00:33 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2020-01-15 22:05 - 2020-01-03 00:33 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2020-01-15 22:05 - 2020-01-03 00:33 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2020-01-15 22:05 - 2020-01-03 00:33 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2020-01-15 22:05 - 2020-01-03 00:33 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2020-01-15 22:05 - 2020-01-03 00:33 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2020-01-15 22:05 - 2020-01-03 00:33 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2020-01-15 22:05 - 2020-01-03 00:33 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2020-01-15 22:05 - 2020-01-03 00:33 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2020-01-15 22:05 - 2020-01-03 00:33 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2020-01-15 22:05 - 2020-01-03 00:33 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2020-01-15 22:05 - 2020-01-03 00:33 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2020-01-15 22:05 - 2020-01-03 00:33 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2020-01-15 22:05 - 2020-01-03 00:33 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2020-01-15 22:05 - 2020-01-03 00:33 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2020-01-15 22:05 - 2020-01-03 00:33 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2020-01-15 22:05 - 2020-01-03 00:33 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2020-01-15 22:05 - 2020-01-03 00:33 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2020-01-15 22:05 - 2020-01-03 00:33 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2020-01-15 22:05 - 2020-01-03 00:33 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2020-01-15 22:05 - 2020-01-03 00:33 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2020-01-15 22:05 - 2020-01-03 00:33 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2020-01-15 22:05 - 2020-01-03 00:33 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2020-01-15 22:05 - 2020-01-03 00:10 - 000009728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sscore.dll
2020-01-15 22:05 - 2020-01-03 00:09 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2020-01-15 22:05 - 2020-01-03 00:05 - 000148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2020-01-15 22:05 - 2020-01-03 00:05 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2020-01-15 22:05 - 2020-01-03 00:05 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2020-01-15 22:05 - 2020-01-03 00:04 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2020-01-15 22:05 - 2020-01-03 00:04 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2020-01-15 22:05 - 2020-01-03 00:04 - 000014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2020-01-15 22:05 - 2020-01-03 00:04 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2020-01-15 22:05 - 2020-01-03 00:04 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2020-01-15 22:05 - 2020-01-03 00:02 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2020-01-15 22:05 - 2020-01-03 00:02 - 000006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2020-01-15 22:05 - 2020-01-03 00:02 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2020-01-15 22:05 - 2020-01-03 00:02 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2020-01-15 22:05 - 2020-01-03 00:02 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2020-01-15 22:05 - 2020-01-03 00:01 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\videoprt.sys
2020-01-15 22:05 - 2020-01-03 00:00 - 000296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2020-01-15 22:05 - 2020-01-02 23:57 - 000464384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2020-01-15 22:05 - 2020-01-02 23:57 - 000406016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2020-01-15 22:05 - 2020-01-02 23:57 - 000291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2020-01-15 22:05 - 2020-01-02 23:57 - 000169984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2020-01-15 22:05 - 2020-01-02 23:57 - 000161280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2020-01-15 22:05 - 2020-01-02 23:56 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2020-01-15 22:05 - 2020-01-02 23:55 - 000112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2020-01-15 22:05 - 2020-01-02 23:55 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdk8.sys
2020-01-15 22:05 - 2020-01-02 23:55 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelppm.sys
2020-01-15 22:05 - 2020-01-02 23:55 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\processr.sys
2020-01-15 22:05 - 2020-01-02 23:55 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdppm.sys
2020-01-15 22:05 - 2020-01-02 23:55 - 000044544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\npfs.sys
2020-01-15 22:05 - 2020-01-02 23:55 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2020-01-15 22:05 - 2019-12-16 22:04 - 000580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2020-01-15 22:05 - 2019-12-16 22:04 - 000417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2020-01-15 22:05 - 2019-12-16 22:04 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2020-01-15 22:05 - 2019-12-16 22:04 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2020-01-15 22:05 - 2019-12-16 22:03 - 000088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2020-01-15 22:05 - 2019-12-16 21:57 - 000054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2020-01-15 22:05 - 2019-12-16 21:56 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2020-01-15 22:05 - 2019-12-16 21:54 - 000615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2020-01-15 22:05 - 2019-12-16 21:52 - 000814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2020-01-15 22:05 - 2019-12-16 21:52 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2020-01-15 22:05 - 2019-12-16 21:52 - 000116224 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2020-01-15 22:05 - 2019-12-16 21:42 - 000489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2020-01-15 22:05 - 2019-12-16 21:37 - 000496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2020-01-15 22:05 - 2019-12-16 21:37 - 000062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2020-01-15 22:05 - 2019-12-16 21:36 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2020-01-15 22:05 - 2019-12-16 21:36 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2020-01-15 22:05 - 2019-12-16 21:36 - 000047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2020-01-15 22:05 - 2019-12-16 21:35 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2020-01-15 22:05 - 2019-12-16 21:35 - 000087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2020-01-15 22:05 - 2019-12-16 21:35 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2020-01-15 22:05 - 2019-12-16 21:33 - 002304000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2020-01-15 22:05 - 2019-12-16 21:32 - 000199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2020-01-15 22:05 - 2019-12-16 21:31 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2020-01-15 22:05 - 2019-12-16 21:30 - 000047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2020-01-15 22:05 - 2019-12-16 21:30 - 000030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2020-01-15 22:05 - 2019-12-16 21:29 - 000315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2020-01-15 22:05 - 2019-12-16 21:28 - 000476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2020-01-15 22:05 - 2019-12-16 21:27 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2020-01-15 22:05 - 2019-12-16 21:27 - 000115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2020-01-15 22:05 - 2019-12-16 21:26 - 000620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2020-01-15 22:05 - 2019-12-16 21:18 - 000416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2020-01-15 22:05 - 2019-12-16 21:18 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2020-01-15 22:05 - 2019-12-16 21:16 - 000728064 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2020-01-15 22:05 - 2019-12-16 21:14 - 002132992 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2020-01-15 22:05 - 2019-12-16 21:14 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2020-01-15 22:05 - 2019-12-16 21:14 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2020-01-15 22:05 - 2019-12-16 21:13 - 000091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2020-01-15 22:05 - 2019-12-16 21:11 - 000168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2020-01-15 22:05 - 2019-12-16 21:10 - 000076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2020-01-15 22:05 - 2019-12-16 21:09 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2020-01-15 22:05 - 2019-12-16 21:08 - 000130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2020-01-15 22:05 - 2019-12-16 21:02 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2020-01-15 22:05 - 2019-12-16 21:01 - 002058752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2020-01-15 22:05 - 2019-12-16 21:01 - 000696320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2020-01-15 22:05 - 2019-12-16 20:41 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2020-01-15 22:05 - 2019-12-16 20:38 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2020-01-15 22:05 - 2019-12-12 00:28 - 000133120 _____ (Microsoft Corporation) C:\Windows\system32\tssrvlic.dll
2020-01-15 22:04 - 2020-01-03 00:38 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2020-01-15 22:04 - 2020-01-03 00:38 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2020-01-15 22:04 - 2020-01-03 00:37 - 000690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2020-01-15 22:04 - 2020-01-03 00:33 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2020-01-15 22:04 - 2020-01-03 00:33 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2020-01-15 22:04 - 2020-01-03 00:33 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2020-01-15 22:04 - 2019-12-16 22:18 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2020-01-15 22:04 - 2019-12-16 22:18 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2020-01-15 22:04 - 2019-12-16 21:49 - 002724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2020-01-15 21:28 - 2020-01-15 21:28 - 000262144 _____ C:\Windows\system32\config\ELAM
2020-01-15 21:27 - 2019-12-30 23:40 - 000123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2020-01-15 21:27 - 2019-12-30 23:32 - 000142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2020-01-15 21:17 - 2020-01-15 21:18 - 000406376 _____ C:\Users\Seba\Downloads\BullGuardDownloader.exe
2020-01-15 21:00 - 2020-01-15 21:05 - 000000000 ____D C:\Users\Seba\AppData\Local\Opera Software
2020-01-15 20:58 - 2020-01-15 21:08 - 000000000 ____D C:\Users\Seba\AppData\Roaming\Opera Software
2020-01-15 20:54 - 2020-01-15 20:58 - 000000000 ____D C:\Users\Seba\Downloads\TS Recommended Apps
2020-01-14 08:04 - 2020-01-14 08:04 - 000002181 _____ C:\Users\Seba\Desktop\virus140120.txt
2020-01-13 20:11 - 2020-01-14 08:11 - 000000000 ____D C:\Users\Seba\Desktop\NV
2020-01-12 04:44 - 2020-01-12 04:44 - 000003346 _____ C:\Windows\system32\Tasks\HPEA3JOBS
2020-01-12 04:44 - 2020-01-12 04:44 - 000002739 _____ C:\ProgramData\Microsoft\Windows\Start Menu\HP ePrint SW.lnk
2020-01-12 04:44 - 2020-01-12 04:44 - 000000000 ____D C:\ProgramData\Apple
2020-01-12 04:38 - 2020-01-12 04:38 - 000003608 _____ C:\Windows\system32\Tasks\HPCustParticipation HP Deskjet 3540 series
2020-01-12 04:38 - 2020-01-12 04:38 - 000000000 ____D C:\ProgramData\Visan
2020-01-12 04:38 - 2020-01-12 04:38 - 000000000 ____D C:\ProgramData\HP Photo Creations
2020-01-12 04:38 - 2020-01-12 04:38 - 000000000 ____D C:\Program Files (x86)\HP Photo Creations
2020-01-12 04:14 - 2020-01-12 04:21 - 115248648 _____ C:\Users\Seba\Downloads\DJ3540_188.exe
2020-01-12 04:14 - 2020-01-12 04:16 - 009617352 _____ C:\Users\Seba\Downloads\HPPSdr.exe
2020-01-12 04:13 - 2020-01-12 04:19 - 032701616 _____ (HP) C:\Users\Seba\Downloads\HPEPrintAppSetupx64.exe
2020-01-12 04:13 - 2020-01-12 04:14 - 003646496 _____ C:\Users\Seba\Downloads\DJ3540_R1828A.exe
2020-01-12 04:12 - 2020-01-12 04:16 - 035903784 _____ C:\Users\Seba\Downloads\DJ3540_Basicx64_188 (1).exe
2020-01-12 04:12 - 2020-01-12 04:14 - 003630696 _____ C:\Users\Seba\Downloads\DJ3540_R1547A.exe
2020-01-12 03:47 - 2020-01-12 03:49 - 035903784 _____ C:\Users\Seba\Downloads\DJ3540_Basicx64_188.exe
2020-01-11 10:08 - 2020-01-11 10:08 - 000000000 ____D C:\Users\Seba\AppData\Local\Apps\2.0
2020-01-11 02:31 - 2020-01-11 02:31 - 000132034 _____ C:\Users\Seba\Downloads\Poynting_effect.pdf
2020-01-11 02:27 - 2020-01-11 02:27 - 000257010 _____ C:\Users\Seba\Downloads\Potential_well.pdf
2020-01-11 01:59 - 2020-01-11 02:00 - 000040073 _____ C:\Users\Seba\Downloads\constancia-cuil.pdf
2020-01-10 21:53 - 2020-01-10 21:53 - 000036212 _____ C:\Users\Seba\Downloads\Aviso_178072.pdf
2020-01-10 21:36 - 2020-01-10 21:36 - 000240847 _____ C:\Users\Seba\Downloads\resumen_cuenta_visa_Nov_2019.pdf
2020-01-10 21:26 - 2020-01-10 21:26 - 000008136 _____ C:\Users\Seba\Downloads\Credencial_27343241009 (202001).pdf
2020-01-10 21:18 - 2020-01-10 21:18 - 000001351 _____ C:\Users\Seba\Downloads\Movimientos.csv
2020-01-10 20:46 - 2020-01-10 20:46 - 000008186 _____ C:\Users\Seba\Downloads\comprobante10400953046200110.pdf
2020-01-10 20:41 - 2020-01-10 20:41 - 000008117 _____ C:\Users\Seba\Downloads\comprobante10400953041200110.pdf
2020-01-10 20:35 - 2020-01-10 20:35 - 000008184 _____ C:\Users\Seba\Downloads\comprobante10400953023200110.pdf
2020-01-10 20:20 - 2020-01-10 20:20 - 000026537 _____ C:\Users\Seba\Downloads\comprobanteComprobante de pago.pdf
2020-01-09 01:37 - 2020-01-09 01:37 - 000535014 _____ C:\Users\Seba\Downloads\Nitrous_oxide_(medication).pdf
2020-01-09 01:06 - 2020-01-09 01:06 - 000001180 _____ 
C:\Users\Seba\Downloads\eether.pdb
2020-01-09 01:06 - 2020-01-09 01:06 - 000000706 _____ C:\Users\Seba\Downloads\ethanol.pdb
2020-01-08 21:28 - 2020-01-08 21:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2020-01-08 21:26 - 2020-01-08 21:26 - 000000000 ____D C:\Program Files\Microsoft Silverlight
2020-01-08 21:26 - 2020-01-08 21:26 - 000000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2020-01-08 21:22 - 2019-11-28 00:29 - 000313344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2020-01-08 21:22 - 2019-11-28 00:28 - 000405504 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2020-01-08 21:22 - 2019-11-20 21:48 - 000629984 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2020-01-08 21:22 - 2019-11-14 23:32 - 000311008 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2020-01-08 21:22 - 2019-11-14 23:29 - 001425920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2020-01-08 21:22 - 2019-11-14 23:29 - 001330176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2020-01-08 21:22 - 2019-11-14 23:29 - 000583680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2020-01-08 21:22 - 2019-11-14 23:29 - 000479232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscms.dll
2020-01-08 21:22 - 2019-11-14 23:29 - 000215040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icm32.dll
2020-01-08 21:22 - 2019-11-14 23:29 - 000111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\t2embed.dll
2020-01-08 21:22 - 2019-11-14 23:29 - 000071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2020-01-08 21:22 - 2019-11-14 23:29 - 000026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleres.dll
2020-01-08 21:22 - 2019-11-14 23:29 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2020-01-08 21:22 - 2019-11-14 23:29 - 000010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2020-01-08 21:22 - 2019-11-14 23:25 - 000385248 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2020-01-08 21:22 - 2019-11-14 23:22 - 002072576 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2020-01-08 21:22 - 2019-11-14 23:22 - 001574400 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2020-01-08 21:22 - 2019-11-14 23:22 - 000878080 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2020-01-08 21:22 - 2019-11-14 23:22 - 000517632 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2020-01-08 21:22 - 2019-11-14 23:22 - 000151552 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll
2020-01-08 21:22 - 2019-11-14 23:22 - 000040960 _____ (Microsoft Corporation) C:\Windows\system32\WcsPlugInService.dll
2020-01-08 21:22 - 2019-11-14 23:22 - 000035840 _____ (Microsoft Corporation) C:\Windows\system32\printfilterpipelineprxy.dll
2020-01-08 21:22 - 2019-11-14 23:22 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\oleres.dll
2020-01-08 21:22 - 2019-11-14 23:21 - 000623104 _____ (Microsoft Corporation) C:\Windows\system32\mscms.dll
2020-01-08 21:22 - 2019-11-14 23:21 - 000250880 _____ (Microsoft Corporation) C:\Windows\system32\icm32.dll
2020-01-08 21:22 - 2019-11-14 23:21 - 000101376 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2020-01-08 21:22 - 2019-11-14 23:21 - 000046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2020-01-08 21:22 - 2019-11-14 23:21 - 000041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2020-01-08 21:22 - 2019-11-14 23:21 - 000014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2020-01-08 21:22 - 2019-11-14 23:21 - 000008704 _____ (Microsoft Corporation) C:\Windows\system32\comcat.dll
2020-01-08 21:22 - 2019-11-14 23:06 - 000748544 _____ (Microsoft Corporation) C:\Windows\system32\printfilterpipelinesvc.exe
2020-01-08 21:22 - 2019-11-14 23:04 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comcat.dll
2020-01-08 21:22 - 2019-11-14 22:59 - 000034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2020-01-08 21:22 - 2019-11-14 22:59 - 000033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WcsPlugInService.dll
2020-01-08 21:22 - 2019-11-14 22:45 - 000327680 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2020-01-08 21:22 - 2019-11-14 08:34 - 003187712 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2020-01-08 21:22 - 2019-11-05 18:25 - 002368000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2020-01-08 21:22 - 2019-11-05 18:25 - 000628224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2020-01-08 21:22 - 2019-11-05 18:25 - 000573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netlogon.dll
2020-01-08 21:22 - 2019-11-05 18:25 - 000337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2020-01-08 21:22 - 2019-11-05 18:25 - 000266752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\upnphost.dll
2020-01-08 21:22 - 2019-11-05 18:25 - 000175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netcorehc.dll
2020-01-08 21:22 - 2019-11-05 18:25 - 000162016 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2020-01-08 21:22 - 2019-11-05 18:25 - 000083968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\userenv.dll
2020-01-08 21:22 - 2019-11-05 18:25 - 000046080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf3216.dll
2020-01-08 21:22 - 2019-11-05 18:25 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2020-01-08 21:22 - 2019-11-05 18:25 - 000004608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimg32.dll
2020-01-08 21:22 - 2019-11-05 18:24 - 001806848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2020-01-08 21:22 - 2019-11-05 18:24 - 001005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll
2020-01-08 21:22 - 2019-11-05 18:23 - 000368352 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msrpc.sys
2020-01-08 21:22 - 2019-11-05 18:22 - 000115936 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2020-01-08 21:22 - 2019-11-05 18:20 - 003247616 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2020-01-08 21:22 - 2019-11-05 18:20 - 001068544 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2020-01-08 21:22 - 2019-11-05 18:20 - 000806400 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2020-01-08 21:22 - 2019-11-05 18:20 - 000706560 _____ (Microsoft Corporation) C:\Windows\system32\netlogon.dll
2020-01-08 21:22 - 2019-11-05 18:20 - 000572416 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll
2020-01-08 21:22 - 2019-11-05 18:20 - 000504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2020-01-08 21:22 - 2019-11-05 18:20 - 000354816 _____ (Microsoft Corporation) C:\Windows\system32\upnphost.dll
2020-01-08 21:22 - 2019-11-05 18:20 - 000246272 _____ (Microsoft Corporation) C:\Windows\system32\netcorehc.dll
2020-01-08 21:22 - 2019-11-05 18:20 - 000110592 _____ (Microsoft Corporation) C:\Windows\system32\userenv.dll
2020-01-08 21:22 - 2019-11-05 18:20 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\mf3216.dll
2020-01-08 21:22 - 2019-11-05 18:20 - 000053248 _____ (Microsoft Corporation) C:\Windows\system32\udhisapi.dll
2020-01-08 21:22 - 2019-11-05 18:20 - 000025600 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2020-01-08 21:22 - 2019-11-05 18:20 - 000008192 _____ (Microsoft Corporation) C:\Windows\system32\msimg32.dll
2020-01-08 21:22 - 2019-11-05 18:19 - 001942016 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2020-01-08 21:22 - 2019-11-05 18:19 - 000114688 _____ (Microsoft Corporation) C:\Windows\system32\AxInstSv.dll
2020-01-08 21:22 - 2019-11-05 18:19 - 000070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2020-01-08 21:22 - 2019-11-05 18:12 - 001312256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjet40.dll
2020-01-08 21:22 - 2019-11-05 18:03 - 000045056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\udhisapi.dll
2020-01-08 21:22 - 2019-11-05 18:03 - 000023552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\upnpcont.exe
2020-01-08 21:22 - 2019-11-05 17:57 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2020-01-08 21:22 - 2019-11-05 17:57 - 000025600 _____ (Microsoft Corporation) C:\Windows\system32\upnpcont.exe
2020-01-08 21:22 - 2019-11-05 17:51 - 000058880 _____ (Microsoft Corporation) C:\Windows\system32\AxInstUI.exe
2020-01-08 21:22 - 2019-11-05 17:50 - 000128512 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2020-01-08 21:22 - 2019-11-05 16:43 - 001251840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2020-01-08 21:22 - 2019-10-25 21:17 - 001717760 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2020-01-08 21:22 - 2019-10-14 20:58 - 001650176 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2020-01-08 21:22 - 2019-10-14 20:58 - 001182208 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2020-01-08 21:22 - 2019-09-16 23:28 - 000738816 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2020-01-08 21:22 - 2019-09-09 23:27 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2020-01-08 21:22 - 2019-09-09 23:24 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2020-01-08 21:22 - 2019-09-09 21:09 - 002863104 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2020-01-08 21:22 - 2019-09-09 21:09 - 000802816 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2020-01-08 21:22 - 2019-09-09 21:09 - 000634368 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2020-01-08 21:22 - 2019-09-09 21:09 - 000503808 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2020-01-08 21:22 - 2019-09-09 21:09 - 000456704 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2020-01-08 21:22 - 2019-09-09 21:09 - 000315904 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2020-01-08 21:22 - 2019-09-09 21:09 - 000257024 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2020-01-08 20:37 - 2020-01-11 03:34 - 000000000 ___RD C:\Users\Seba\Documents\MEGAsync
2020-01-08 20:36 - 2020-01-08 20:36 - 000000000 ____D C:\Windows\system32\Tasks\MEGA
2020-01-08 20:36 - 2020-01-08 20:36 - 000000000 ____D C:\Users\Seba\AppData\Local\Mega Limited
2020-01-08 20:35 - 2020-01-08 20:35 - 000000758 _____ C:\Users\Public\Desktop\MEGAsync.lnk
2020-01-08 20:35 - 2020-01-08 20:35 - 000000758 _____ C:\ProgramData\Desktop\MEGAsync.lnk
2020-01-08 20:35 - 2020-01-08 20:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MEGAsync
2020-01-08 20:35 - 2020-01-08 20:35 - 000000000 ____D C:\ProgramData\MEGAsync
2020-01-08 20:32 - 2020-01-08 20:34 - 033424624 _____ (MEGA Limited) C:\Users\Seba\Downloads\MEGAsyncSetup.exe
2020-01-07 21:19 - 2020-01-07 22:59 - 000010369 _____ C:\Users\Seba\Documents\compras.xlsx
2020-01-07 16:59 - 2020-01-07 16:59 - 000014924 _____ C:\Users\Seba\Documents\cc_20200107_165909.reg
2020-01-04 01:42 - 2020-01-04 01:43 - 001305423 _____ C:\Users\Seba\Downloads\UNIDAD 1  TEMA A EQUILIBRIO DE FASES  2da PARTE 2019 [Modo de compatibilidad].pdf
2020-01-02 22:08 - 2020-01-23 15:19 - 000014178 _____ C:\Users\Seba\Documents\DeudaCaro.xlsx
2020-01-02 08:36 - 2020-01-02 08:36 - 036800213 _____ C:\Users\Seba\Downloads\Apuntes de Diseño de Máquinas. Juan M. Marín.pdf
2020-01-02 01:33 - 2020-01-02 01:33 - 000009976 _____ C:\Users\Seba\Downloads\afip_vep_cuit_20107897764_nrovep_650711153.pdf

==================== Un mes (modificado) ==================

(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)

2020-01-25 17:57 - 2009-07-14 01:45 - 000021280 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2020-01-25 17:57 - 2009-07-14 01:45 - 000021280 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2020-01-25 17:49 - 2009-07-14 00:20 - 000000000 ____D C:\Windows\inf
2020-01-25 17:48 - 2009-07-14 02:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2020-01-25 17:32 - 2017-06-22 03:02 - 000000822 _____ C:\Users\Public\Desktop\CCleaner.lnk
2020-01-25 17:32 - 2017-06-22 03:02 - 000000822 _____ C:\ProgramData\Desktop\CCleaner.lnk
2020-01-25 17:32 - 2017-06-22 03:02 - 000000000 ____D C:\Program Files\CCleaner
2020-01-23 22:07 - 2017-06-21 22:16 - 000004476 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task
2020-01-23 22:05 - 2017-06-21 22:13 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2020-01-23 21:59 - 2009-07-14 02:32 - 000000000 ____D C:\Windows\system32\FxsTmp
2020-01-23 14:38 - 2019-08-27 02:57 - 000002222 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-01-23 14:38 - 2019-08-27 02:57 - 000002181 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-01-23 14:38 - 2019-08-27 02:57 - 000002181 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2020-01-16 09:21 - 2017-06-21 04:31 - 000000000 ____D C:\Windows\system32\MRT
2020-01-16 08:19 - 2017-06-21 04:30 - 120202352 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2020-01-16 08:07 - 2017-06-21 04:22 - 001651452 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2020-01-16 08:07 - 2011-04-12 06:10 - 000747622 _____ C:\Windows\system32\perfh00A.dat
2020-01-16 08:07 - 2011-04-12 06:10 - 000159094 _____ C:\Windows\system32\perfc00A.dat
2020-01-16 08:07 - 2009-07-14 02:13 - 001651452 _____ C:\Windows\system32\PerfStringBackup.INI
2020-01-16 07:41 - 2018-05-18 09:22 - 000427776 _____ C:\Windows\system32\FNTCACHE.DAT
2020-01-16 00:40 - 2017-06-21 02:56 - 000007628 _____ C:\Users\Seba\AppData\Local\Resmon.ResmonCfg
2020-01-15 21:38 - 2017-06-24 05:56 - 000000000 ____D C:\ProgramData\Package Cache
2020-01-14 08:12 - 2017-06-21 04:25 - 000000000 ____D C:\Users\Seba\AppData\Roaming\audacity
2020-01-12 04:46 - 2017-06-28 20:56 - 000000000 ____D C:\ProgramData\HP
2020-01-12 04:44 - 2017-06-28 20:56 - 000000000 ____D C:\Program Files\HP
2020-01-12 04:38 - 2017-06-28 20:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2020-01-12 04:32 - 2017-06-28 20:56 - 000000000 ____D C:\Program Files (x86)\HP
2020-01-11 10:09 - 2009-07-14 00:20 - 000000000 ____D C:\PerfLogs
2020-01-11 01:57 - 2009-07-14 00:20 - 000000000 ____D C:\Windows\system32\NDF
2020-01-08 22:07 - 2017-06-22 00:02 - 000000000 ___SD C:\Windows\system32\CompatTel
2020-01-08 22:07 - 2017-06-22 00:02 - 000000000 ____D C:\Windows\system32\appraiser
2020-01-08 22:07 - 2009-07-14 00:20 - 000000000 ____D C:\Windows\PolicyDefinitions
2020-01-08 20:09 - 2017-06-24 10:51 - 000000000 ____D C:\Users\Seba\Documents\Facturas
2020-01-07 17:07 - 2017-06-22 04:32 - 000000000 ____D C:\Users\Seba\AppData\Roaming\vlc
2020-01-07 17:06 - 2017-06-24 10:49 - 000000000 ____D C:\Users\Seba\Documents\Amigos
2020-01-03 01:49 - 2017-06-21 00:43 - 000000000 ____D C:\Users\Seba\AppData\LocalLow\Mozilla

==================== Archivos en la raíz de algunos directorios ========

2019-11-26 03:58 - 2019-11-26 06:07 - 000004307 _____ () C:\Users\Seba\AppData\Roaming\Programa 2Mp.xml
2017-06-21 02:56 - 2020-01-16 00:40 - 000007628 _____ () C:\Users\Seba\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ============================

(No existe una corrección automática para los archivos que no pasan la verificación.)


LastRegBack: 2020-01-18 01:52
==================== Final de FRST.txt ========================
Resultados del Análisis Adicional de Farbar Recovery Scan Tool (x64) Versión: 25-01-2020 01
Ejecutado por Seba (25-01-2020 19:59:31)
Ejecutado desde C:\Users\Seba\Desktop
Windows 7 Ultimate Service Pack 1 (X64) (2017-06-20 10:36:57)
Modo de Inicio: Normal
==========================================================


==================== Cuentas: =============================

Administrador (S-1-5-21-2551973510-2106251972-3254095100-500 - Administrator - Disabled)
HomeGroupUser$ (S-1-5-21-2551973510-2106251972-3254095100-1002 - Limited - Enabled)
Invitado (S-1-5-21-2551973510-2106251972-3254095100-501 - Limited - Disabled)
Seba (S-1-5-21-2551973510-2106251972-3254095100-1001 - Administrator - Enabled) => C:\Users\Seba

==================== Centro de Seguridad ========================

(Si una entrada es incluida en el fixlist, será eliminada.)

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Programas instalados ======================

(Solo los programas de adware con indicador "Oculto", pueden ser añadidos al fixlist para hacerlos visibles. Los programas adware deben ser desinstalados manualmente.)

Adobe Acrobat Reader DC - Español (HKLM-x32\...\{AC76BA86-7AD7-1034-7B44-AC0F074E4100}) (Version: 19.021.20061 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.114 - Adobe Systems Incorporated)
AMD Catalyst Install Manager (HKLM\...\{37FCE154-7F59-74F0-3A35-BF503CEB230B}) (Version: 8.0.877.0 - Advanced Micro Devices, Inc.)
Audacity 2.1.3 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.3 - Audacity Team)
CCleaner (HKLM\...\CCleaner) (Version: 5.63 - Piriform)
ChemSep 7.41 (HKLM-x32\...\ChemSepL7v41) (Version: 7.41 - ChemSep)
COCO (HKLM\...\COCO) (Version: 3.2 - AmsterCHEM)
COSMOthermCO-LITE (HKLM-x32\...\COSMOthermCO-LITE) (Version:  - )
CPUID CPU-Z 1.79.1 (HKLM\...\CPUID CPU-Z_is1) (Version:  - ) <==== ATENCIÓN
DjVuLibre DjView  3.5.25.4+4.9.2 (HKLM-x32\...\DjVuLibre+DjView) (Version: 3.5.25.4+4.9.2 - DjVuZone)
Estudio para la mejora del producto HP Deskjet 3540 series (HKLM\...\{633A392F-5CE5-4659-8BE6-510A2F5C11E4}) (Version: 32.2.188.47710 - Hewlett-Packard Co.)
Excel CAPE-OPEN Unit Operation (HKLM-x32\...\ExcelUO) (Version: 1.0.56.0 - AmsterCHEM)
FFmpeg (Windows) for Audacity versión 2.2.2 (HKLM-x32\...\{9C7E31E3-017F-434C-AC40-24431A354A1E}_is1) (Version: 2.2.2 - )
FreeMind (HKLM-x32\...\B991B020-2968-11D8-AF23-444553540000_is1) (Version: 1.0.0 - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 79.0.3945.130 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.421 - Google LLC) Hidden
HP Deskjet 3540 series Ayuda (HKLM-x32\...\{5DC3CE31-4900-49C2-B56D-624E2DB162BC}) (Version: 30.0.0 - Hewlett Packard)
HP Deskjet 3540 series Software básico del dispositivo (HKLM\...\{37F7BADF-64F5-4A21-84EC-28E85BC2241B}) (Version: 32.2.188.47710 - Hewlett-Packard Co.)
HP ePrint SW (HKLM-x32\...\{cdb5f70f-5107-4613-bf69-15de903b5b5d}) (Version: 5.5.22560 - HP Inc.)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
IBM SPSS Statistics 23 (HKLM-x32\...\{C3BA73A4-2A45-4036-8541-4F5F8146078B}) (Version: 23.0.0.0 - IBM Corp)
Java 8 Update 131 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180131F0}) (Version: 8.0.1310.11 - Oracle Corporation)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
Malwarebytes version 4.0.4.49 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.0.4.49 - Malwarebytes)
Mathcad PDSi viewable support (HKLM-x32\...\{AC76D478-1033-0000-3478-000000000004}) (Version: 9.0.0 - Adobe Systems) Hidden
Mathcad PDSi viewable support (HKLM-x32\...\Mathcad PDSi viewable support) (Version: 9.0.0 - Adobe Systems)
MEGAsync (HKLM-x32\...\MEGAsync) (Version:  - Mega Limited)
Microsoft .NET Framework 4.7.2 (español) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 3082) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft .NET Framework 4.7.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Project Professional 2010 (HKLM-x32\...\Office14.PRJPRO) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft Visio Premium 2010 (HKLM-x32\...\Office14.VISIO) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.15.26706 (HKLM-x32\...\{95ac1cfa-f4fb-4d1b-8912-7f9d5fbb140d}) (Version: 14.15.26706.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.12.25810 (HKLM-x32\...\{56e11d69-7cc9-40a5-a4f9-8f6190c4d84d}) (Version: 14.12.25810.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 22.0.2 - OBS Project)
Paquete de idioma de Microsoft Visual Studio 2010 Tools para Office Runtime (x64) - ESN (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - ESN) (Version: 10.0.50903 - Microsoft Corporation)
PTC Diagnostic Tools (HKLM\...\{1813AEF6-64CD-4AE9-B2AA-4DB3F7E246F3}) (Version: 4.0.0.0 - PTC)
PTC Mathcad Prime 4.0 (HKLM\...\{76F154D2-2092-41FC-956C-DC0B79D2B8CA}) (Version: 4.0.0 - PTC)
Puran File Recovery 1.2.1 (HKLM\...\Puran File Recovery_is1) (Version:  - Puran Software)
Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
Revo Uninstaller 2.1.1 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.1.1 - VS Revo Group, Ltd.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003B-0000-0000-0000000FF1CE}_Office14.PRJPRO_{58FA40EF-ABA9-4FED-AD3D-318A6073934D}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0057-0000-0000-0000000FF1CE}_Office14.VISIO_{359ADBEC-068A-4CC9-9174-77AB8EDB867A}) (Version:  - Microsoft)
Skype versión 8.48 (HKLM-x32\...\Skype_is1) (Version: 8.48 - Skype Technologies S.A.)
Software para dispositivos de chipset Intel® (HKLM-x32\...\{98f335cd-0a32-4b3f-b74c-ef9480e834f0}) (Version: 10.0.27 - Intel(R) Corporation) Hidden
USEPA Cape Open Class Library with WAR Add-In (HKLM-x32\...\{174EB4DF-7074-4405-A775-361B205C9BE1}) (Version: 1.4.17 - USEPA)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.6 - VideoLAN)
WD Drive Utilities (HKLM-x32\...\{48996CDD-DD81-4197-93FE-0971E73C5CA7}) (Version: 1.3.2.2 - Western Digital Technologies, Inc.) Hidden
WD Drive Utilities (HKLM-x32\...\{eab1fb93-61fb-48de-b815-b4e9b68d2ef1}) (Version: 1.3.2.2 - Western Digital Technologies, Inc.)
WD Quick View (HKLM-x32\...\{E83047E3-B85C-40E4-A421-017B264AB761}) (Version: 2.4.16.16 - Western Digital Technologies, Inc.)
WD Security (HKLM-x32\...\{83270912-15C7-4336-822E-E8F1B1BBCA60}) (Version: 1.0.3.3 - Western Digital Technologies, Inc.)
WD SmartWare (HKLM\...\{02D359F8-1DEF-41DD-8561-99C7321BFE00}) (Version: 2.4.16.16 - Western Digital Technologies, Inc.)
WD SmartWare Installer (HKLM-x32\...\{4555885d-a64c-4234-9aac-72a8a6b5590b}) (Version: 2.4.16.16 - Western Digital Technologies, Inc.)
WinRAR 5.40 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
XnView 2.40 (HKLM-x32\...\XnView_is1) (Version: 2.40 - Gougelet Pierre-e)

==================== Personalizado CLSID (Lista blanca): ==============

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

ShellExecuteHooks: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [6671064 2013-12-19] (Microsoft Corporation -> Microsoft Corporation)
ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [4171480 2013-12-19] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2019-09-05] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2019-09-05] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2019-09-05] (Mega Limited -> )
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2019-09-05] (Mega Limited -> )
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2019-09-05] (Mega Limited -> )
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2019-09-05] (Mega Limited -> )
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {D25B2CAB-8A9A-4517-A9B2-CB5F68A5A802} => C:\Program Files (x86)\PTC\Mathcad PDSi\Acrobat\..\Acrobat Elements\ContextMenu64.dll [2008-10-06] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2019-09-05] (Mega Limited -> )
ContextMenuHandlers1: [WDBackupMenuHandler] -> {C752BC82-C19A-4827-9C15-0996BA85C180} => C:\Program Files\Western Digital\WD SmartWare\\WDContextMenuHandler.dll [2016-04-19] (WESTERN DIGITAL TECHNOLOGIES -> Western Digital Technologies, Inc.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-15] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-15] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [CWDDriveMenuHandler] -> {CCEFA845-DCDB-4A2F-8BED-DBE87CD198EC} => C:\Program Files\Western Digital\WD SmartWare\\WDContextMenuHandler.dll [2016-04-19] (WESTERN DIGITAL TECHNOLOGIES -> Western Digital Technologies, Inc.)
ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2019-09-05] (Mega Limited -> )
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-01-25] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2019-09-05] (Mega Limited -> )
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2019-09-05] (Mega Limited -> )
ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2013-04-29] (Advanced Micro Devices, Inc.) [Archivo no firmado]
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {D25B2CAB-8A9A-4517-A9B2-CB5F68A5A802} => C:\Program Files (x86)\PTC\Mathcad PDSi\Acrobat\..\Acrobat Elements\ContextMenu64.dll [2008-10-06] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-01-25] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers6: [WDBackupMenuHandler] -> {C752BC82-C19A-4827-9C15-0996BA85C180} => C:\Program Files\Western Digital\WD SmartWare\\WDContextMenuHandler.dll [2016-04-19] (WESTERN DIGITAL TECHNOLOGIES -> Western Digital Technologies, Inc.)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-15] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-15] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Lista blanca) ====================

==================== Accesos directos & WMI ========================

(Las entradas pueden ser listadas para ser restauradas o eliminadas.)

WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]
ShortcutWithArgument: C:\Users\Seba\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\d249d9ddd424b688\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default

==================== Módulos cargados (Lista blanca) =============

2013-04-29 23:03 - 2013-04-29 23:03 - 000837632 _____ (Advanced Micro Devices, Inc.) [Archivo no firmado] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll
2013-04-29 23:02 - 2013-04-29 23:02 - 000004608 _____ (Advanced Micro Devices, Inc.) [Archivo no firmado] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiamesp.dll

==================== Alternate Data Streams (Lista blanca) ========

==================== Modo Seguro (Lista blanca) ==================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El "AlternateShell" será restaurado.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BsScanner => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BsScanner => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Asociación (Lista blanca) =================

==================== Internet Explorer sitios de confianza/restringidos ==========

(Si una entrada es incluida en el fixlist, será eliminada del registro.)

IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com

Hay 7940 más sitios.

IE restricted site: HKU\S-1-5-21-2551973510-2106251972-3254095100-1001\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-2551973510-2106251972-3254095100-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-2551973510-2106251972-3254095100-1001\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-2551973510-2106251972-3254095100-1001\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-2551973510-2106251972-3254095100-1001\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-2551973510-2106251972-3254095100-1001\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-2551973510-2106251972-3254095100-1001\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-2551973510-2106251972-3254095100-1001\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-2551973510-2106251972-3254095100-1001\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-2551973510-2106251972-3254095100-1001\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-2551973510-2106251972-3254095100-1001\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-2551973510-2106251972-3254095100-1001\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-2551973510-2106251972-3254095100-1001\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-2551973510-2106251972-3254095100-1001\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-2551973510-2106251972-3254095100-1001\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-2551973510-2106251972-3254095100-1001\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-2551973510-2106251972-3254095100-1001\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-2551973510-2106251972-3254095100-1001\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-2551973510-2106251972-3254095100-1001\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-2551973510-2106251972-3254095100-1001\...\123simsen.com -> www.123simsen.com

Hay 7940 más sitios.


==================== Hosts contenido: =========================

(Si es necesario, la directiva Hosts: puede ser incluida en el fixlist para restablecer Hosts.)

2009-07-13 23:34 - 2020-01-16 08:35 - 000454708 ____R C:\Windows\system32\drivers\etc\hosts
127.0.0.1	www.007guard.com
127.0.0.1	007guard.com
127.0.0.1	008i.com
127.0.0.1	www.008k.com
127.0.0.1	008k.com
127.0.0.1	www.00hq.com
127.0.0.1	00hq.com
127.0.0.1	010402.com
127.0.0.1	www.032439.com
127.0.0.1	032439.com
127.0.0.1	www.0scan.com
127.0.0.1	0scan.com
127.0.0.1	1000gratisproben.com
127.0.0.1	www.1000gratisproben.com
127.0.0.1	1001namen.com
127.0.0.1	www.1001namen.com
127.0.0.1	100888290cs.com
127.0.0.1	www.100888290cs.com
127.0.0.1	www.100sexlinks.com
127.0.0.1	100sexlinks.com
127.0.0.1	10sek.com
127.0.0.1	www.10sek.com
127.0.0.1	www.1-2005-search.com
127.0.0.1	1-2005-search.com
127.0.0.1	123fporn.info
127.0.0.1	www.123fporn.info
127.0.0.1	www.123haustiereundmehr.com
127.0.0.1	123haustiereundmehr.com
127.0.0.1	123moviedownload.com
127.0.0.1	www.123moviedownload.com

Hay 15607 más lineas.


==================== Otras Áreas ===========================

(Actualmente no existe una corrección automática para esta sección.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\AMD APP\bin\x86_64;C:\Program Files (x86)\AMD APP\bin\x86;C:\ProgramData\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static
HKU\S-1-5-21-2551973510-2106251972-3254095100-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Seba\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.100.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Firewall de Windows está habilitado.

==================== MSCONFIG/TASK MANAGER elementos deshabilitados ==

(Si una entrada es incluida en el fixlist, será eliminada.)

MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AMD External Events Utility => 2
MSCONFIG\Services: Fax => 3
MSCONFIG\Services: QHActiveDefense => 
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: WDBackup => 2
MSCONFIG\Services: WDDriveService => 2
MSCONFIG\Services: WDRulesService => 2
MSCONFIG\startupreg: Acrobat Assistant 8.0 => "C:\Program Files (x86)\PTC\Mathcad PDSi\Acrobat\Acrotray.exe"
MSCONFIG\startupreg: DriveUtilitiesHelper => C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilitiesHelper.exe
MSCONFIG\startupreg: HP Deskjet 3540 series (NET) => "C:\Program Files\HP\HP Deskjet 3540 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN47V1323Q05X5:NW" -scfn "HP Deskjet 3540 series (NET)" -AutoStart 1
MSCONFIG\startupreg: HP Software Update => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
MSCONFIG\startupreg: OfficeSyncProcess => "C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE"
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: WD Drive Unlocker => C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe
MSCONFIG\startupreg: WD Quick View => C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe

==================== Reglas de firewall (Lista blanca) ================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

FirewallRules: [{06EE3F62-5026-4402-814D-1AA7B7B8EF32}] => (Allow) C:\Program Files\HP\HP Deskjet 3540 series\Bin\DeviceSetup.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{21D78B2F-F0ED-4A49-90F9-6E3A18DC091F}] => (Allow) LPort=5357
FirewallRules: [{37016D8D-D49F-431F-B8FF-F3D8C7DA5AAD}] => (Allow) C:\Program Files\HP\HP Deskjet 3540 series\Bin\HPNetworkCommunicatorCom.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [TCP Query User{1FE96847-1184-4CC8-9BC2-EB94161F04CC}C:\program files\ansys inc\shared files\licensing\winx64\ansysli_client.exe] => (Allow) C:\program files\ansys inc\shared files\licensing\winx64\ansysli_client.exe (ANSYS, Inc.) [Archivo no firmado]
FirewallRules: [UDP Query User{B03F114A-F883-42AD-9E49-7B2C8EFEEF5F}C:\program files\ansys inc\shared files\licensing\winx64\ansysli_client.exe] => (Allow) C:\program files\ansys inc\shared files\licensing\winx64\ansysli_client.exe (ANSYS, Inc.) [Archivo no firmado]
FirewallRules: [TCP Query User{3B827813-C7BF-45E9-9CB9-A4AA916A45F9}C:\program files\ansys inc\v170\framework\bin\win64\ansysfww.exe] => (Allow) C:\program files\ansys inc\v170\framework\bin\win64\ansysfww.exe (ANSYS, Inc.) [Archivo no firmado]
FirewallRules: [UDP Query User{D7E11D95-8580-4F7A-8516-367B3406AB51}C:\program files\ansys inc\v170\framework\bin\win64\ansysfww.exe] => (Allow) C:\program files\ansys inc\v170\framework\bin\win64\ansysfww.exe (ANSYS, Inc.) [Archivo no firmado]
FirewallRules: [TCP Query User{1542E1D4-C5A1-4741-9E41-CA5263DB570E}C:\program files\ansys inc\v170\rsm\bin\ans.rsm.jmhost.exe] => (Allow) C:\program files\ansys inc\v170\rsm\bin\ans.rsm.jmhost.exe (ANSYS, Inc.) [Archivo no firmado]
FirewallRules: [UDP Query User{AFFEB045-AC75-4410-A960-7BD8B487A027}C:\program files\ansys inc\v170\rsm\bin\ans.rsm.jmhost.exe] => (Allow) C:\program files\ansys inc\v170\rsm\bin\ans.rsm.jmhost.exe (ANSYS, Inc.) [Archivo no firmado]
FirewallRules: [TCP Query User{C6D4AEC9-EC36-476A-83A9-C945BCA5F56A}C:\program files\ansys inc\v170\aisol\bin\winx64\ansyswbu.exe] => (Allow) C:\program files\ansys inc\v170\aisol\bin\winx64\ansyswbu.exe (Ansys, Inc.) [Archivo no firmado]
FirewallRules: [UDP Query User{82CD1D68-5E99-4519-8705-22DBF3B0EFFD}C:\program files\ansys inc\v170\aisol\bin\winx64\ansyswbu.exe] => (Allow) C:\program files\ansys inc\v170\aisol\bin\winx64\ansyswbu.exe (Ansys, Inc.) [Archivo no firmado]
FirewallRules: [TCP Query User{0846FE9C-BFC7-467B-95B3-BB6EB4B1FD47}C:\program files\ansys inc\v170\scdm\spaceclaim.exe] => (Allow) C:\program files\ansys inc\v170\scdm\spaceclaim.exe (Spaceclaim Corporation -> SpaceClaim)
FirewallRules: [UDP Query User{2E304DE1-37C4-49E3-ADA7-458958FF441B}C:\program files\ansys inc\v170\scdm\spaceclaim.exe] => (Allow) C:\program files\ansys inc\v170\scdm\spaceclaim.exe (Spaceclaim Corporation -> SpaceClaim)
FirewallRules: [TCP Query User{3616B9D7-5C13-4474-B15A-CF3D926276C6}C:\program files\ansys inc\v170\commonfiles\help\helpviewer\ansyshelpviewer.exe] => (Allow) C:\program files\ansys inc\v170\commonfiles\help\helpviewer\ansyshelpviewer.exe () [Archivo no firmado]
FirewallRules: [UDP Query User{3A35AF9C-E66A-4200-A34A-74384AB13B77}C:\program files\ansys inc\v170\commonfiles\help\helpviewer\ansyshelpviewer.exe] => (Allow) C:\program files\ansys inc\v170\commonfiles\help\helpviewer\ansyshelpviewer.exe () [Archivo no firmado]
FirewallRules: [TCP Query User{2CCCD17B-CE05-4AD2-AED7-A05469F25808}C:\program files\ansys inc\v170\cfx\bin\winnt-amd64\pregui_ogl.exe] => (Allow) C:\program files\ansys inc\v170\cfx\bin\winnt-amd64\pregui_ogl.exe () [Archivo no firmado]
FirewallRules: [UDP Query User{723BEFAA-B000-401C-A17F-739269317744}C:\program files\ansys inc\v170\cfx\bin\winnt-amd64\pregui_ogl.exe] => (Allow) C:\program files\ansys inc\v170\cfx\bin\winnt-amd64\pregui_ogl.exe () [Archivo no firmado]
FirewallRules: [TCP Query User{10D813C9-85CD-48A2-8744-DFD73A6321E4}C:\program files\ansys inc\v170\cfx\bin\winnt-amd64\preengine.exe] => (Allow) C:\program files\ansys inc\v170\cfx\bin\winnt-amd64\preengine.exe () [Archivo no firmado]
FirewallRules: [UDP Query User{444B0663-1FE0-4766-9174-A1271EBA9EC1}C:\program files\ansys inc\v170\cfx\bin\winnt-amd64\preengine.exe] => (Allow) C:\program files\ansys inc\v170\cfx\bin\winnt-amd64\preengine.exe () [Archivo no firmado]
FirewallRules: [TCP Query User{876EE12B-69BA-4B9C-A47F-EEA7BACED596}C:\program files\ansys inc\v170\aisol\bin\winx64\ansmeshingserver.exe] => (Allow) C:\program files\ansys inc\v170\aisol\bin\winx64\ansmeshingserver.exe () [Archivo no firmado]
FirewallRules: [UDP Query User{15E11EDD-3836-46E5-9DA4-A584CE996366}C:\program files\ansys inc\v170\aisol\bin\winx64\ansmeshingserver.exe] => (Allow) C:\program files\ansys inc\v170\aisol\bin\winx64\ansmeshingserver.exe () [Archivo no firmado]
FirewallRules: [TCP Query User{5B0E9D5C-5EA7-4836-BE2E-851BB71F3D97}C:\program files\ansys inc\v170\cfd-post\bin\winnt-amd64\postgui_ogl.exe] => (Allow) C:\program files\ansys inc\v170\cfd-post\bin\winnt-amd64\postgui_ogl.exe () [Archivo no firmado]
FirewallRules: [UDP Query User{3F7EF16E-555F-4A85-932C-948EF744F6BF}C:\program files\ansys inc\v170\cfd-post\bin\winnt-amd64\postgui_ogl.exe] => (Allow) C:\program files\ansys inc\v170\cfd-post\bin\winnt-amd64\postgui_ogl.exe () [Archivo no firmado]
FirewallRules: [TCP Query User{67A3F110-8F11-4BDB-9CE4-0A6BA04529D4}C:\program files\ansys inc\v170\cfd-post\bin\winnt-amd64\postengine.exe] => (Allow) C:\program files\ansys inc\v170\cfd-post\bin\winnt-amd64\postengine.exe () [Archivo no firmado]
FirewallRules: [UDP Query User{312F8823-5683-48F8-AA9E-F0F083079BAB}C:\program files\ansys inc\v170\cfd-post\bin\winnt-amd64\postengine.exe] => (Allow) C:\program files\ansys inc\v170\cfd-post\bin\winnt-amd64\postengine.exe () [Archivo no firmado]
FirewallRules: [TCP Query User{0A378942-9DC2-4012-8F46-EE00A747BCB7}C:\program files\ansys inc\v170\cfx\bin\winnt-amd64\viewer_ogl.exe] => (Allow) C:\program files\ansys inc\v170\cfx\bin\winnt-amd64\viewer_ogl.exe () [Archivo no firmado]
FirewallRules: [UDP Query User{1A3F3866-53BF-4FAA-87C2-1A82529EE114}C:\program files\ansys inc\v170\cfx\bin\winnt-amd64\viewer_ogl.exe] => (Allow) C:\program files\ansys inc\v170\cfx\bin\winnt-amd64\viewer_ogl.exe () [Archivo no firmado]
FirewallRules: [TCP Query User{A55432E6-4DBC-415A-A5BE-86CA5E29AEEC}C:\program files\ansys inc\shared files\licensing\winx64\ansysli_client.exe] => (Allow) C:\program files\ansys inc\shared files\licensing\winx64\ansysli_client.exe (ANSYS, Inc.) [Archivo no firmado]
FirewallRules: [UDP Query User{E3ABB178-C982-4933-AF47-58F6E80B1D76}C:\program files\ansys inc\shared files\licensing\winx64\ansysli_client.exe] => (Allow) C:\program files\ansys inc\shared files\licensing\winx64\ansysli_client.exe (ANSYS, Inc.) [Archivo no firmado]
FirewallRules: [TCP Query User{EED0D09F-2663-4C33-BBAA-C6FC1BDF8C98}C:\program files\ansys inc\v170\framework\bin\win64\ansysfww.exe] => (Allow) C:\program files\ansys inc\v170\framework\bin\win64\ansysfww.exe (ANSYS, Inc.) [Archivo no firmado]
FirewallRules: [UDP Query User{9B96B8FC-4896-496E-8D22-C135C6887D08}C:\program files\ansys inc\v170\framework\bin\win64\ansysfww.exe] => (Allow) C:\program files\ansys inc\v170\framework\bin\win64\ansysfww.exe (ANSYS, Inc.) [Archivo no firmado]
FirewallRules: [TCP Query User{A777AFD4-DB8E-4DFD-A939-EF57797F0207}C:\program files\ansys inc\v170\commonfiles\mpi\intel\5.0.3.048\winx64\bin\mpiexec.exe] => (Allow) C:\program files\ansys inc\v170\commonfiles\mpi\intel\5.0.3.048\winx64\bin\mpiexec.exe (Intel(R) Software Development Products -> Intel Corporation)
FirewallRules: [UDP Query User{6E0F1FCF-40BB-4D76-BBCB-215EDB9CBD61}C:\program files\ansys inc\v170\commonfiles\mpi\intel\5.0.3.048\winx64\bin\mpiexec.exe] => (Allow) C:\program files\ansys inc\v170\commonfiles\mpi\intel\5.0.3.048\winx64\bin\mpiexec.exe (Intel(R) Software Development Products -> Intel Corporation)
FirewallRules: [TCP Query User{BAA4F16E-8208-4592-BEB2-C7FBD10DAE08}C:\program files\ansys inc\v170\commonfiles\mpi\intel\5.0.3.048\winx64\bin\pmi_proxy.exe] => (Allow) C:\program files\ansys inc\v170\commonfiles\mpi\intel\5.0.3.048\winx64\bin\pmi_proxy.exe (Intel(R) Software Development Products -> Intel Corporation)
FirewallRules: [UDP Query User{0BE242B2-F217-4C11-848B-93BA74E1408E}C:\program files\ansys inc\v170\commonfiles\mpi\intel\5.0.3.048\winx64\bin\pmi_proxy.exe] => (Allow) C:\program files\ansys inc\v170\commonfiles\mpi\intel\5.0.3.048\winx64\bin\pmi_proxy.exe (Intel(R) Software Development Products -> Intel Corporation)
FirewallRules: [TCP Query User{765CA11D-D475-4958-A6DA-5E6B8F9597E7}C:\program files\ansys inc\v170\cfx\bin\winnt-amd64\solver-impi.exe] => (Allow) C:\program files\ansys inc\v170\cfx\bin\winnt-amd64\solver-impi.exe () [Archivo no firmado]
FirewallRules: [UDP Query User{4E24B9B2-4016-4955-ACDE-2F5D47D44037}C:\program files\ansys inc\v170\cfx\bin\winnt-amd64\solver-impi.exe] => (Allow) C:\program files\ansys inc\v170\cfx\bin\winnt-amd64\solver-impi.exe () [Archivo no firmado]
FirewallRules: [{5B89E1E2-770D-4D8D-BF11-70554A561CA1}] => (Allow) C:\Program Files (x86)\IBM\SPSS\Statistics\23\stats.com (INTERNATIONAL BUSINESS MACHINES CORPORATION -> IBM Corp.) [Archivo no firmado]
FirewallRules: [{0B7AB179-03EB-40AC-829B-C6AE78FE8C1F}] => (Allow) C:\Program Files (x86)\IBM\SPSS\Statistics\23\stats.exe (INTERNATIONAL BUSINESS MACHINES CORPORATION -> IBM Corp.) [Archivo no firmado]
FirewallRules: [{41C38A6B-D831-45C7-B996-19BE55E448D8}] => (Allow) C:\Program Files (x86)\IBM\SPSS\Statistics\23\WinWrapIDE.exe (INTERNATIONAL BUSINESS MACHINES CORPORATION -> IBM Corp.) [Archivo no firmado]
FirewallRules: [{6BC8712C-43F9-41BE-955C-FA39567FD4D1}] => (Allow) C:\Program Files (x86)\IBM\SPSS\Statistics\23\stats.com (INTERNATIONAL BUSINESS MACHINES CORPORATION -> IBM Corp.) [Archivo no firmado]
FirewallRules: [{E839150B-357B-4448-A9F8-291CDBA72B0C}] => (Allow) C:\Program Files (x86)\IBM\SPSS\Statistics\23\stats.exe (INTERNATIONAL BUSINESS MACHINES CORPORATION -> IBM Corp.) [Archivo no firmado]
FirewallRules: [{EE7CBC00-E9A3-488D-8738-3EB50B5D0580}] => (Allow) C:\Program Files (x86)\IBM\SPSS\Statistics\23\WinWrapIDE.exe (INTERNATIONAL BUSINESS MACHINES CORPORATION -> IBM Corp.) [Archivo no firmado]
FirewallRules: [TCP Query User{43C9D821-2391-4575-9BA6-B43685F54421}C:\program files (x86)\ibm\spss\statistics\23\stats.exe] => (Block) C:\program files (x86)\ibm\spss\statistics\23\stats.exe (INTERNATIONAL BUSINESS MACHINES CORPORATION -> IBM Corp.) [Archivo no firmado]
FirewallRules: [UDP Query User{BC6F618F-346F-46D8-A8BC-307A2B6A4C76}C:\program files (x86)\ibm\spss\statistics\23\stats.exe] => (Block) C:\program files (x86)\ibm\spss\statistics\23\stats.exe (INTERNATIONAL BUSINESS MACHINES CORPORATION -> IBM Corp.) [Archivo no firmado]
FirewallRules: [{49E09B09-82FF-4CF6-AB1F-CDAE31AE0C66}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{F516FBB7-38FC-43BA-B094-53C49B11F988}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{F4B87081-DDBE-49AF-A36D-C2ABEA646FEA}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Puntos de Restauración =========================


==================== Dispositivos defectuosos en el Administrador de dispositivos ============


==================== Errores del registro de eventos: ========================

Errores de aplicación:
==================
Error: (01/25/2020 05:50:13 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: No se pudo reactivar el filtro de eventos con la consulta "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" en el espacio de nombres "//./root/CIMV2" por el error 0x80041003. Los eventos no se podrán entregar a través de este filtro hasta que se corrija este problema.

Error: (01/25/2020 05:49:59 PM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: No se puede inicializar el índice.

Detalles:
	El catálogo del índice de contenido está dañado.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (01/25/2020 05:49:59 PM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: No se puede inicializar la aplicación.

Contexto: aplicación Windows

Detalles:
	El catálogo del índice de contenido está dañado.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (01/25/2020 05:49:59 PM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: No se puede inicializar el objeto Recopilador.

Contexto: aplicación Windows, catálogo SystemIndex

Detalles:
	El catálogo del índice de contenido está dañado.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (01/25/2020 05:49:59 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: No se puede inicializar el complemento <Search.TripoliIndexer>.

Contexto: aplicación Windows, catálogo SystemIndex

Detalles:
	No se ha encontrado el elemento.  (HRESULT : 0x80070490) (0x80070490)

Error: (01/25/2020 05:49:55 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: No se puede inicializar el complemento <Search.JetPropStore>.

Contexto: aplicación Windows, catálogo SystemIndex

Detalles:
	El catálogo del índice de contenido está dañado.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (01/25/2020 05:49:55 PM) (Source: Windows Search Service) (EventID: 9002) (User: )
Description: El servicio Windows Search no puede cargar la información del almacén de propiedades.

Contexto: aplicación Windows, catálogo SystemIndex

Detalles:
	La base de datos del índice de contenido está dañada.  (HRESULT : 0xc0041800) (0xc0041800)

Error: (01/25/2020 05:49:55 PM) (Source: Windows Search Service) (EventID: 7042) (User: )
Description: El servicio Windows Search se está deteniendo porque hay un problema con el indizador: The catalog is corrupt.

Detalles:
	El catálogo del índice de contenido está dañado.  (HRESULT : 0xc0041801) (0xc0041801)


Errores del sistema:
=============
Error: (01/25/2020 05:50:00 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: El servicio Windows Search terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 30000 milisegundos: Reiniciar el servicio.

Error: (01/25/2020 05:50:00 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: El servicio Windows Search se cerró con el error específico de servicio %%-1073473535.

Error: (01/25/2020 05:48:57 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: El siguiente controlador de inicio del sistema o de inicio del arranque no se cargó correctamente: 
cdrom

Error: (01/25/2020 05:48:20 PM) (Source: Microsoft-Windows-Kernel-Processor-Power) (EventID: 6) (User: NT AUTHORITY)
Description: Se deshabilitaron algunas características de administración de energía en estado de rendimiento del procesador debido a un problema conocido de firmware. Consulte al fabricante del equipo si hay firmware actualizado.

Error: (01/25/2020 05:47:00 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: El servicio Servicio de uso compartido de red del Reproductor de Windows Media terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 30000 milisegundos: Reiniciar el servicio.

Error: (01/25/2020 05:47:00 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio AMD External Events Utility se terminó de manera inesperada. Esto ha sucedido 1 veces.

Error: (01/25/2020 05:46:59 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio Office Software Protection Platform se terminó de manera inesperada. Esto ha sucedido 1 veces.

Error: (01/25/2020 05:46:59 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio Adobe Acrobat Update Service se terminó de manera inesperada. Esto ha sucedido 1 veces.


Windows Defender:
===================================
Date: 2019-07-12 03:57:17.039
Description: 
El examen de Windows Defender se detuvo antes de completarse.
Id. de examen:{2571A91B-6E1D-4293-974E-D8BF5EB891E4}
Tipo de examen:AntiSpyware
Parámetros de examen:Examen rápido
Usuario:NT AUTHORITY\Servicio de red

Date: 2020-01-05 06:15:29.359
Description: 
Windows Defender encontró un error al intentar actualizar las firmas.
Nueva versión de firma:
Versión de firma anterior:1.307.990.0
Origen de actualización:Usuario
Tipo de firma:AntiSpyware
Tipo de actualización:Diferencia
Usuario:NT AUTHORITY\SYSTEM
Versión de motor actual:
Versión de motor anterior:1.1.16600.7
Código de error:0x80070070
Descripción de error:Espacio en disco insuficiente. 

Date: 2020-01-03 04:25:56.711
Description: 
Windows Defender encontró un error al intentar actualizar las firmas.
Nueva versión de firma:
Versión de firma anterior:1.307.990.0
Origen de actualización:Usuario
Tipo de firma:AntiSpyware
Tipo de actualización:Diferencia
Usuario:NT AUTHORITY\SYSTEM
Versión de motor actual:
Versión de motor anterior:1.1.16600.7
Código de error:0x80070070
Descripción de error:Espacio en disco insuficiente. 

Date: 2019-12-25 04:52:27.646
Description: 
El examen de Windows Defender encontró un error y finalizó.
Id. de examen:{25B78BAD-4BFE-4CEA-BA82-DCA25D5E6DFF}
Tipo de examen:AntiSpyware
Parámetros de examen:Examen rápido
Usuario:NT AUTHORITY\Servicio de red
Código de error:0x8050800d
Descripción de error:No se pudieron mostrar algunos elementos del historial. Espere unos minutos e inténtelo de nuevo Si esto no funcionara, borre el historial e inténtelo de nuevo. 

Date: 2019-12-12 08:27:13.708
Description: 
Windows Defender encontró un error al intentar actualizar las firmas.
Nueva versión de firma:
Versión de firma anterior:1.307.13.0
Origen de actualización:Usuario
Tipo de firma:AntiSpyware
Tipo de actualización:Diferencia
Usuario:NT AUTHORITY\SYSTEM
Versión de motor actual:
Versión de motor anterior:1.1.16600.7
Código de error:0x80070070
Descripción de error:Espacio en disco insuficiente. 

Date: 2019-11-25 08:50:31.795
Description: 
El motor de %1 se detuvo debido a un error inesperado.
Tipo de error:%5
Código de excepción:%6
Recurso:%3

CodeIntegrity:
===================================

Date: 2017-06-21 14:14:22.859
Description: 
Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\drivers\AtihdW76.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.

Date: 2017-06-21 14:14:22.859
Description: 
Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\drivers\AtihdW76.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.

Date: 2017-06-21 03:12:19.871
Description: 
Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\drivers\AtihdW76.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.

Date: 2017-06-21 03:12:19.797
Description: 
Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\drivers\AtihdW76.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.

Date: 2017-06-20 08:46:17.593
Description: 
Windows no puede comprobar la integridad de imagen del archivo \Device\CdRom1\NTGLM7X.SYS porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.

Date: 2017-06-20 08:46:17.593
Description: 
Windows no puede comprobar la integridad de imagen del archivo \Device\CdRom1\NTGLM7X.SYS porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.

Date: 2017-06-20 08:46:09.953
Description: 
Windows no puede comprobar la integridad de imagen del archivo \Device\CdRom1\Install\GMSIPCI.SYS porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.

Date: 2017-06-20 08:46:09.890
Description: 
Windows no puede comprobar la integridad de imagen del archivo \Device\CdRom1\Install\GMSIPCI.SYS porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.

==================== Información de la memoria =========================== 

BIOS: American Megatrends Inc. P1.50 06/30/2008
Motherboard:                        Wolfdale1333-D667. 
Procesador: Intel(R) Core(TM)2 Duo CPU E4600 @ 2.40GHz
Porcentaje de memoria en uso: 87%
RAM física total: 3199.3 MB
RAM física disponible: 385.01 MB
Virtual total: 6396.75 MB
Virtual disponible: 3203.94 MB

==================== Unidades ================================

Drive c: () (Fixed) (Total:148.95 GB) (Free:15.46 GB) NTFS

\\?\Volume{37c545ef-5597-11e7-b151-806e6f6e6963}\ () (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS

==================== MBR & Tabla de particiones ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 149.1 GB) (Disk ID: 1D5B1D5A)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=149 GB) - (Type=07 NTFS)

==================== Final de Addition.txt =======================

Hola @Sebastian_Egea

Sigue estos pasos:

1.- Muy Importante >>> Realizar una copia de Seguridad de su Registro.

  • Descarga DelFix en el escritorio de Windows.
  • Clic Derecho, “Ejecutar como Administrador”.
  • En la ventana principal, marca solamente la casilla “Create Registry Backup”.
  • Clic en Run.

Al terminar se abrirá un reporte llamado DelFix.txt, guárdelo por si fuera necesario y cierre la herramienta…

2.- Desactiva Temporalmente tu antivirus.

3.- Abre un nuevo archivo Notepad/Bloc de Notas y copia y pega este contenido:

Start
CloseProcesses:
CreateRestorePoint:
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-2551973510-2106251972-3254095100-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\79.0.3945.130\Installer\chrmstp.exe [2020-01-23] (Google LLC -> Google LLC)
BootExecute: autocheck autochk * sdnclean64.exe
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\ssv.dll [2017-06-22] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\jp2ssv.dll [2017-06-22] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [Ningún archivo]
FF Plugin-x32: @java.com/DTPlugin,version=11.131.2 -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\dtplugin\npDeployJava1.dll [2017-06-22] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.131.2 -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\plugin2\npjp2.dll [2017-06-22] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Ningún archivo]
S3 cpuz143; \??\C:\Users\Seba\AppData\Local\Temp\cpuz143\cpuz143_x64.sys [X] <==== ATENCIÓN
S3 GMSIPCI; \??\E:\INSTALL\GMSIPCI.SYS [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
2020-01-24 14:52 - 2020-01-24 14:52 - 001297210 _____ C:\Users\Seba\Documents\HijackThisSeba.txt
2020-01-16 08:35 - 2009-06-10 18:00 - 000000824 _____ C:\Windows\system32\Drivers\etc\hosts.20200116-083526.backup
2020-01-16 08:09 - 2020-01-16 08:09 - 000000000 ____D C:\Windows\system32\Tasks\Safer-Networking
2020-01-16 08:08 - 2020-01-16 09:54 - 000000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2020-01-16 08:08 - 2020-01-16 09:49 - 000000000 ____D C:\ProgramData\Spybot - Search & Destroy
2020-01-16 04:44 - 2020-01-16 04:48 - 069910960 _____ (Safer-Networking Ltd. ) C:\Users\Seba\Downloads\spybotsd-2.7.64.0.exe
2020-01-16 04:31 - 2020-01-16 04:32 - 007241296 _____ (Stanislav Polshyn & Trend Micro Inc.) C:\Users\Seba\Downloads\HiJackThis.exe
WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]

CMD: ipconfig /flushdns
CMD: ipconfig /renew
CMD: bitsadmin /reset /allusers
CMD: netsh winsock reset
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
RemoveProxy:
EmptyTemp:
Hosts:
END
  • Lo guardas bajo el nombre de fixlist.txt en el escritorio <<< Esto es muy importante.

Nota: Es necesario que el ejecutable Frst.exe y fixlist.txt se encuentren en la misma ubicación (escritorio) o si no la herramienta no trabajara.

  • Ejecutas Frst.exe.
  • Presionas el botón Fix y aguardas a que termine.
  • La Herramienta guardara el reporte en tu escritorio (Fixlog.txt).
  • Lo pegas en tu próxima respuesta.

Nos comentas .

Salu2.

Excelente @SanMar. Hice todo tal cual me dijiste. =). Acá va el fixlog

Resultados de la corrección de Farbar Recovery Scan Tool (x64) Versión: 25-01-2020 01
Ejecutado por Seba (25-01-2020 20:58:51) Run:1
Ejecutado desde C:\Users\Seba\Desktop
Perfiles cargados: Seba (Perfiles disponibles: Seba)
Modo de Inicio: Normal
==============================================

fixlist contenido:
*****************
Start
CloseProcesses:
CreateRestorePoint:
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-2551973510-2106251972-3254095100-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\79.0.3945.130\Installer\chrmstp.exe [2020-01-23] (Google LLC -> Google LLC)
BootExecute: autocheck autochk * sdnclean64.exe
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\ssv.dll [2017-06-22] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\jp2ssv.dll [2017-06-22] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [Ning�n archivo]
FF Plugin-x32: @java.com/DTPlugin,version=11.131.2 -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\dtplugin\npDeployJava1.dll [2017-06-22] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.131.2 -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\plugin2\npjp2.dll [2017-06-22] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Ning�n archivo]
S3 cpuz143; \??\C:\Users\Seba\AppData\Local\Temp\cpuz143\cpuz143_x64.sys [X] <==== ATENCI�N
S3 GMSIPCI; \??\E:\INSTALL\GMSIPCI.SYS [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
2020-01-24 14:52 - 2020-01-24 14:52 - 001297210 _____ C:\Users\Seba\Documents\HijackThisSeba.txt
2020-01-16 08:35 - 2009-06-10 18:00 - 000000824 _____ C:\Windows\system32\Drivers\etc\hosts.20200116-083526.backup
2020-01-16 08:09 - 2020-01-16 08:09 - 000000000 ____D C:\Windows\system32\Tasks\Safer-Networking
2020-01-16 08:08 - 2020-01-16 09:54 - 000000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2020-01-16 08:08 - 2020-01-16 09:49 - 000000000 ____D C:\ProgramData\Spybot - Search & Destroy
2020-01-16 04:44 - 2020-01-16 04:48 - 069910960 _____ (Safer-Networking Ltd. ) C:\Users\Seba\Downloads\spybotsd-2.7.64.0.exe
2020-01-16 04:31 - 2020-01-16 04:32 - 007241296 _____ (Stanislav Polshyn & Trend Micro Inc.) C:\Users\Seba\Downloads\HiJackThis.exe
WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]

CMD: ipconfig /flushdns
CMD: ipconfig /renew
CMD: bitsadmin /reset /allusers
CMD: netsh winsock reset
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
RemoveProxy:
EmptyTemp:
Hosts:
END
*****************

Procesos cerrados correctamente.
El punto de restauración fue creado correctamente.
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\" => eliminado correctamente
"HKU\S-1-5-21-2551973510-2106251972-3254095100-1001\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoLowDiskSpaceChecks" => eliminado correctamente
HKLM\Software\Microsoft\Active Setup\Installed Components\{8A69D345-D564-463c-AFF1-A69D9E530F96} => eliminado correctamente
HKLM\System\CurrentControlSet\Control\Session Manager\\"BootExecute"="autocheck autochk *" => valor restaurado correctamente
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} => eliminado correctamente
HKLM\Software\Wow6432Node\Classes\CLSID\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} => eliminado correctamente
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9} => eliminado correctamente
HKLM\Software\Wow6432Node\Classes\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9} => eliminado correctamente
HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE => eliminado correctamente
"HKLM\Software\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.131.2 -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\dtplugin\npDeployJava1.dll [2017-06-22] (Oracle America, Inc." => no encontrado
C:\Program Files (x86)\Java\jre1.8.0_131\bin\dtplugin\npDeployJava1.dll => movido correctamente
"HKLM\Software\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.131.2 -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\plugin2\npjp2.dll [2017-06-22] (Oracle America, Inc." => no encontrado
C:\Program Files (x86)\Java\jre1.8.0_131\bin\plugin2\npjp2.dll => movido correctamente
HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE => eliminado correctamente
HKLM\System\CurrentControlSet\Services\cpuz143 => eliminado correctamente
cpuz143 => servicio eliminado correctamente
HKLM\System\CurrentControlSet\Services\GMSIPCI => eliminado correctamente
GMSIPCI => servicio eliminado correctamente
HKLM\System\CurrentControlSet\Services\VGPU => eliminado correctamente
VGPU => servicio eliminado correctamente
C:\Users\Seba\Documents\HijackThisSeba.txt => movido correctamente
C:\Windows\system32\Drivers\etc\hosts.20200116-083526.backup => movido correctamente
C:\Windows\system32\Tasks\Safer-Networking => movido correctamente
C:\Program Files (x86)\Spybot - Search & Destroy 2 => movido correctamente
C:\ProgramData\Spybot - Search & Destroy => movido correctamente
C:\Users\Seba\Downloads\spybotsd-2.7.64.0.exe => movido correctamente
C:\Users\Seba\Downloads\HiJackThis.exe => movido correctamente
"CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"" => eliminado correctamente
"BVTFilter" => eliminado correctamente
"BVTConsumer" => eliminado correctamente

========= ipconfig /flushdns =========


Configuraci¢n IP de Windows

Se vaci¢ correctamente la cach‚ de resoluci¢n de DNS.

========= Final de CMD: =========


========= ipconfig /renew =========


Configuraci¢n IP de Windows


Adaptador de Ethernet Conexi¢n de  rea local:

   Sufijo DNS espec¡fico para la conexi¢n. . : 
   V¡nculo: direcci¢n IPv6 local. . . : fe80::64b1:bee0:2267:80db%11
   Direcci¢n IPv4. . . . . . . . . . . . . . : 192.168.100.179
   M scara de subred . . . . . . . . . . . . : 255.255.255.0
   Puerta de enlace predeterminada . . . . . : 192.168.100.1

Adaptador de t£nel isatap.{06904C87-FB3B-4CC3-A82B-F268E8FDC9D4}:

   Estado de los medios. . . . . . . . . . . : medios desconectados
   Sufijo DNS espec¡fico para la conexi¢n. . : 

Adaptador de t£nel Teredo Tunneling Pseudo-Interface:

   Estado de los medios. . . . . . . . . . . : medios desconectados
   Sufijo DNS espec¡fico para la conexi¢n. . : 

========= Final de CMD: =========


========= bitsadmin /reset /allusers =========


BITSADMIN version 3.0 [ 7.5.7601 ]
BITS administration utility.
(C) Copyright 2000-2006 Microsoft Corp.

BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.

Unable to cancel {5EE9571E-0022-4888-9952-7520A67CB900}.
Unable to cancel {03BA0989-4837-4411-A9B7-B72D2A59E928}.
Unable to cancel {58631B29-93FC-4ABA-A815-0AAF9DC1B682}.
Unable to cancel {7A518B20-13EE-4C8E-8F50-7DCD2AF0CB39}.
Unable to cancel {F17FE8BF-4D78-4CC5-BD92-25A9DEF73270}.
Unable to cancel {6E81C29A-E4D7-4EA1-AC90-903C744300BC}.
Unable to cancel {291FF1D8-5544-405C-9D7E-2B9A4125552C}.
Unable to cancel {40AA5B6C-15A9-4DE0-90D4-4759D062F639}.
{5C8E057B-4DCD-4A36-AD03-18094F06C0DD} canceled.
1 out of 9 jobs canceled.

========= Final de CMD: =========


========= netsh winsock reset =========


El cat logo Winsock se restableci¢ correctamente.
Debe reiniciar el equipo para completar el restablecimiento.


========= Final de CMD: =========


========= netsh advfirewall reset =========

Aceptar


========= Final de CMD: =========


========= netsh advfirewall set allprofiles state ON =========

Aceptar


========= Final de CMD: =========


========= netsh int ipv4 reset =========

Global se restableci¢ correctamente.
Interfaz se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.


========= Final de CMD: =========


========= netsh int ipv6 reset =========

Interfaz se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.


========= Final de CMD: =========


========= RemoveProxy: =========

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer => eliminado correctamente
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => eliminado correctamente
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => eliminado correctamente
"HKU\S-1-5-21-2551973510-2106251972-3254095100-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => eliminado correctamente
"HKU\S-1-5-21-2551973510-2106251972-3254095100-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => eliminado correctamente


========= Final de RemoveProxy: =========

C:\Windows\System32\Drivers\etc\hosts => movido correctamente
Hosts restaurado correctamente.

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 6192155 B
Java, Flash, Steam htmlcache => 1171 B
Windows/system/drivers => 560637 B
Edge => 0 B
Chrome => 145989861 B
Firefox => 41989066 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 83725 B
systemprofile32 => 2323568 B
LocalService => 2609144 B
NetworkService => 2676702 B
Seba => 19749883 B

RecycleBin => 0 B
EmptyTemp: => 219.9 MB datos temporales eliminados.

================================


El sistema necesita reiniciarse.

==== Final de Fixlog 21:00:38 ====

Hola @Sebastian_Egea

Perfecto.

Resta comentarte que el tipo de entradas 01 (la modificación de tu archivo Host) suele hacerlo Spybot. Ya lo restauramos a sus valores predeterminados.

Faltaría que comentes como sientes el equipo.??

Salu2

Aaah, claro, había estado probando antivirus porque el espacio en disco se me reducía a veces de la nada y estaba muy lenta la PC. Fue ahí cuando instalé varios “antivirus” (entre ellos el SpyBot) que, si bien un poco me resolvieron el problema de la fluctuación del espacio en disco, veo que fue peor el remedio que la enfermedad. Ahora el equipo se siente algo más rápido y creo que pasé de tener 13 Gb libres a 15 Gb así que en términos generales creo que me has resuelto el problema =). Las únicas consultas que me quedan por hacerte es qué hago con todas las herramientas que instalamos, ¿las desinstalo? Además Windows me pide que busque un programa antivirus en línea porque me quedé sin ninguno, ¿cuál de los gratuitos recomendarías? Un billón de gracias @SanMar

Seba

Hola @Sebastian_Egea

Casi me olvidaba, actualiza Java a su ultima versión.

No te apresures… :upside_down_face:

Para eliminar las herramientas utilizadas:

Descargas/Ejecutas >> Delfix, desde tu escritorio.

  • Doble clic para ejecutarlo.(Si usas Windows Vista/7 /8 /10,presiona clic derecho y selecciona >> “Ejecutar como Administrador”)
  • Marca las casilla Remove disinfection tools y Purgue Sistem Restore
  • Pulsar en Run.

Se abrirá el informe (DelFix.txt), lo pegas en tu proxima respuesta.


Para mi uno muy bueno es Kaspersky Free.

Nos comentas si todo esta en orden para dar por Solucionado el tema.

Salu2.