Malwarebytes Anti-Malware: Unable to connect the service

#1

Hola, foro. Resulta, que, desinstalé el MBAM y, cuando, lo vuelvo a instalar no me deja abrir el navegador. Me sale un mensaje, diciendo: “Unable to connect the service”. Ya probé desinstalándolo varias veces, a través, de Revo Uninstaller, desde el desinstalador del mismo MBAM y con el mbam clean 2.3.0.1001… y nada. También, intenté entrando en los servicios ( services.msc ) para hacer unas modificaciones que había encontrado en otros foros, pero, no aparece en la lista. Y, ya no me quedan más recursos; por eso, acudo a ustedes.

Estoy usando Windows 7 Ultimate x64.

0 me gusta

Limpieza de PC (No puedo abrir MBAM + al buscar en navegador me redirecciona a "consent.yahoo.com...")
#2

Hola @Mongohurelio

Que versión de Malwarebytes tenias instalada en ese equipo o estas intentando reinstalar.??

Saludos.

0 me gusta

#3

Hola, Javier. La versión anterior, no me acuerdo, pero, la versión, que quiero instalar es la 3.7.1.2839.

0 me gusta

#4

Hola @Mongohurelio

Utiliza la ultima :arrow_right: Herramientas de desinstalación de Antivirus, AntiSpyware y Firewall , especifica de desinstalación para Malwarebytes(fichero MB-Clean) que se corresponde con la versión 3 y que teóricamente debe desinstalar correctamente TODAS las versiones del producto.

Una vez realizado el proceso debes REINICIAR el equipo y probar directamente SI puedes navegar sin problemas.

Ademas y despumes de hacerlo nos comentas el funcionamiento y también que antivirus tienes instalado(o que otros tuviste anteriormente) en tu equipo y cualquier otra herramienta/programa de seguridad tengas instalado. :thinking:

Y de momento NO instales de nuevo Malwarebytes o cualquier otro programa/software/complemento mientras estemos dándote ayuda.

Saludos.

0 me gusta

#5

Al MBAM, ya lo tengo desinstalado, ¿ se lo paso igual a la herramienta de desinstalación ?

El antivirus que estoy usando actualmente es el COMODO Cloud ( anteriormente, tenia el PANDA Cloud; ya hace casi 1 año apróx. ) y el COMODO Firewall 11.

0 me gusta

#6

Hola.

SI, por supuesto, usa la herramienta que te indique y sigues los pasos comentados.

Entonces… usa igualmente las DOS herramientas especificas de desinstalación que existen para PANDA, en el enlace que te puse.

Usa las herramientas de una en una, y cada vez que termines de usar cualquiera de ellas debes REINICIAR, SI o SI. :+1:

Cuando termines con esos pasos compruebas el funcionamiento del navegador y nos comentas, y ya sabes, de momento NO reinstales Malwarebytes o cualquier otro programa/software/complemento de cualquier tipo.

Saludos.

0 me gusta

#7

El desinstalador de MBAM no hizo nada. Lo único que hizo fue dejarme esto…

2019-04-02 11:49:55.617   mb-clean:3.1.0.1035  @ Malwarebytes. All rights reserved.
2019-04-02 11:49:57.832   No Malwarebytes software installed.
2019-04-02 11:50:18.627   Trying to delete REG key: HKCU\SOFTWARE\Malwarebytes
2019-04-02 11:50:18.643   HKLM\SYSTEM\CurrentControlSet\Services\ESProtectionDriver does not exist.
2019-04-02 11:50:18.643   HKLM\SYSTEM\CurrentControlSet\Services\MBAMChameleon does not exist.
2019-04-02 11:50:18.643   HKLM\SYSTEM\CurrentControlSet\Services\MBAMFarflt does not exist.
2019-04-02 11:50:18.643   HKLM\SYSTEM\CurrentControlSet\Services\MBAMProtection does not exist.
2019-04-02 11:50:18.643   HKLM\SYSTEM\CurrentControlSet\Services\MBAMService does not exist.
2019-04-02 11:50:18.643   HKLM\SYSTEM\CurrentControlSet\Services\MBAMSwissArmy does not exist.
2019-04-02 11:50:18.643   HKLM\SYSTEM\CurrentControlSet\Services\MBAMWebProtection does not exist.
2019-04-02 11:50:21.217   Trying to delete path C:\ProgramData\Malwarebytes\
2019-04-02 11:50:21.217   Trying to delete file or folder: C:\ProgramData\Malwarebytes\
2019-04-02 11:50:21.295   Trying to delete path C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes\
2019-04-02 11:50:21.310   Cannot delete path C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes\, reason:((error=3))
2019-04-02 11:50:21.310   Trying to delete path C:\Program Files\Malwarebytes\Anti-Malware\
2019-04-02 11:50:21.310   Cannot delete path C:\Program Files\Malwarebytes\Anti-Malware\, reason:((error=3))
2019-04-02 11:50:21.310   Trying to delete REG key: HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService
2019-04-02 11:50:21.310   Trying to delete REG key: HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService
2019-04-02 11:50:21.310   --------END OF LOG FILE ----------

Y, en cuanto al desinstalador del PANDA no era necesario, porque, ya había pasado por este foro para que me ayudaran a desinstalarlo en limpio.

Volvamos al principio. Creo, que me expresé mal. Lo que estuve intentando es hacer que funcione el MBAM; o sea, instalando y desinstalando el programa. Espero que me haya explicado bien.

0 me gusta

#8

Hola.

Veamos…según decías en tu primer mensaje, el problema, NO era que NO pudieras instalar o desinstalar Malwarebytes, TU problema era que una vez que lo volvías a instalar no te dejaba abrir el navegador…:thinking:

Nos puedes ACLARAR cual es el problema que tienes…porque me parece que te estas contradiciendo…??

0 me gusta

#9

Me había expresado mal. El problema es que no puedo hacer funcionar el MBAM. Lo que traté de explicar en la primera publicación era que había intentado desinstalando e instalando dicho programa y no lo puedo hacer funcionar.

0 me gusta

#10

Hola.

Bien… pero… que te ocurre exactamente cuando lo intentas instalar…??

La instalación se realiza correctamente…??

Una vez instalado el programa NO funciona…??

Te sale algún mensaje de error al instalar y/o al ejecutar…??

Que versión de Windows tienes en ese equipo…??

0 me gusta

#11

Perdón por no expresarme bien desde el principio. El programa, creo, que se instala bien, porque, no me sale ningún mensaje, ni tampoco, hace nada raro. El problema es cuando lo abro, me sale el mensaje: “Unable to connect the service”. El Sistema Operativo es Windows 7 Ultimate x64. Espero se haya entendido.

0 me gusta

#12

Bien… pues ahora realiza estos pasos :

:one: Desactiva temporalmente el Antivirus :arrow_forward: Cómo deshabilitar temporalmente su Antivirus, mientras estemos realizando TODOS los pasos.

Descargar en TU ESCRITORIO(y NO en otro lugar :face_with_monocle:)

:two: Farbar Recovery Scan Tool.-

  • Ejecuta FRST.exe.

  • En el mensaje de la ventana del Disclaimer, pulsamos Yes

  • En la ventana principal pulsamos en el botón Scan y esperamos a que concluya el proceso.

  • Se abrirán dos(2) archivos(Logs), Frst.txt y Addition.txt, estos quedaran grabados en el escritorio.

:three: Poner los dos informes en tu próxima respuesta.

Debes copiarlos y pegarlos con todo su contenido y usaras varios mensajes si recibes un mensaje de error indicando que es muy largo(mas de 50.000 caracteres aprox.).

Saludos

0 me gusta

#13

Acá, va el FRST…

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 17.03.2019
Ran by Juan (administrator) on JUAN-PC (02-04-2019 20:11:48)
Running from C:\Users\Juan\Desktop
Loaded Profiles: Juan (Available Profiles: Juan)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: Español (España, internacional)
Internet Explorer Version 11 (Default browser: "C:\Users\Juan\AppData\Local\Kinza\Application\kinza.exe" -- "%1")
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Comodo Security Solutions, Inc. -> COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe
(Comodo Security Solutions, Inc. -> COMODO) C:\Program Files (x86)\Comodo\COMODO Cloud Antivirus\ccavsrv.exe
(Comodo Security Solutions, Inc. -> COMODO) C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
(Comodo Security Solutions, Inc. -> Comodo) C:\Program Files\COMODO\Dragon\dragon_updater.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Encarta\Encarta 2009 Biblioteca Premium DVD\EDICT.EXE
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Comodo Security Solutions, Inc. -> COMODO) C:\Program Files (x86)\Comodo\Internet Security Essentials\vkise.exe
(Comodo Security Solutions, Inc. -> COMODO) C:\Program Files (x86)\Comodo\COMODO Cloud Antivirus\ccavsrv.exe
(Comodo Security Solutions, Inc. -> Comodo Inc.) C:\Program Files (x86)\Comodo\IceDragon\icedragon_updater.exe
(Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Comodo Security Solutions, Inc. -> COMODO) C:\Program Files (x86)\Comodo\Internet Security Essentials\isesrv.exe
(Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(ATI Technologies Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Comodo Security Solutions, Inc. -> COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
(Comodo Security Solutions, Inc. -> COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6548112 2012-06-12] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10}] => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [1598144 2018-12-17] (Comodo Security Solutions, Inc. -> COMODO)
HKLM\...\Run: [COMODO Internet Security] => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [1598144 2018-12-17] (Comodo Security Solutions, Inc. -> COMODO)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2010-02-10] (Advanced Micro Devices, Inc.) [File not signed]
HKLM-x32\...\Run: [IseUI] => C:\Program Files (x86)\COMODO\Internet Security Essentials\vkise.exe [4072376 2018-01-17] (Comodo Security Solutions, Inc. -> COMODO)
HKLM-x32\...\Run: [CCAV] => C:\Program Files (x86)\COMODO\COMODO Cloud Antivirus\ccavsrv.exe [7462072 2018-11-06] (Comodo Security Solutions, Inc. -> COMODO)
HKU\S-1-5-21-492065729-501448629-2822315028-1000\...\Run: [E09EXLRD_11158221] => C:\Program Files (x86)\Microsoft Encarta\Encarta 2009 Biblioteca Premium DVD\EDICT.EXE [351000 2008-06-06] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-492065729-501448629-2822315028-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\ssText3d.scr [333824 2010-11-21] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Drivers32: [VIDC.FMVC] => C:\Windows\SysWOW64\fmcodec.dll [77824 2017-03-03] (Fox Magic Software) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\73.0.3683.86\Installer\chrmstp.exe [2019-03-20] (Google LLC -> Google Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{F8A0B131-5F68-486c-8040-7E8FC3C85BB6}] -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL [2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
BootExecute: autocheck autochk * 

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 8.26.56.26 8.20.247.20
Tcpip\..\Interfaces\{C5B11EF8-5BA9-43EA-9A1C-F73DE925F2E8}: [NameServer] 8.26.56.26,8.20.247.20
Tcpip\..\Interfaces\{C5B11EF8-5BA9-43EA-9A1C-F73DE925F2E8}: [DhcpNameServer] 8.26.56.26 8.20.247.20

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\S-1-5-21-492065729-501448629-2822315028-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://bing.com/
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_181\bin\ssv.dll [2018-07-20] (Oracle America, Inc. -> Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_181\bin\jp2ssv.dll [2018-07-20] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Aplicación auxiliar de inicio de sesión en la cuenta Microsoft -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corporation -> Microsoft Corp.)

FireFox:
========
FF DefaultProfile: wfnixs5t.default
FF DefaultProfile: ti8jot3e.default
FF DefaultProfile: 7ibtrihw.default
FF DefaultProfile: o3f8v1tj.default
FF ProfilePath: C:\Users\Juan\AppData\Roaming\Waterfox\Profiles\wfnixs5t.default [2019-04-02]
FF Homepage: Waterfox\Profiles\wfnixs5t.default -> ar.search.yahoo.com
FF Extension: (United States English Spellchecker) - C:\Users\Juan\AppData\Roaming\Waterfox\Profiles\wfnixs5t.default\Extensions\[email protected] [2018-05-07] [Legacy]
FF Extension: (Diccionario Español Argentina) - C:\Users\Juan\AppData\Roaming\Waterfox\Profiles\wfnixs5t.default\Extensions\[email protected] [2018-05-07] [Legacy]
FF Extension: (Tampermonkey) - C:\Users\Juan\AppData\Roaming\Waterfox\Profiles\wfnixs5t.default\Extensions\[email protected] [2018-09-14]
FF Extension: (Flash y descarga de video) - C:\Users\Juan\AppData\Roaming\Waterfox\Profiles\wfnixs5t.default\Extensions\{bee6eb20-01e0-ebd1-da83-080329fb9a3a}.xpi [2018-09-04]
FF ProfilePath: C:\Users\Juan\AppData\Roaming\Mozilla\SeaMonkey\Profiles\ti8jot3e.default [2019-04-01]
FF Homepage: Mozilla\SeaMonkey\Profiles\ti8jot3e.default -> yandex.com
FF Extension: (DOM Inspector) - C:\Users\Juan\AppData\Roaming\Mozilla\SeaMonkey\Profiles\ti8jot3e.default\Extensions\[email protected] [2016-04-28] [Legacy]
FF Extension: (True Full Screen in SeaMonkey) - C:\Users\Juan\AppData\Roaming\Mozilla\SeaMonkey\Profiles\ti8jot3e.default\Extensions\[email protected]_juice.addons.mozilla.org [2016-01-30] [Legacy] [not signed]
FF Extension: (ChatZilla) - C:\Users\Juan\AppData\Roaming\Mozilla\SeaMonkey\Profiles\ti8jot3e.default\Extensions\{59c81df5-4b7a-477b-912d-4e0fdf64e5f2} [2016-11-14] [Legacy]
FF ProfilePath: C:\Users\Juan\AppData\Roaming\Mozilla\Firefox\Profiles\56fy6fyv.default [2019-04-01]
FF Homepage: Mozilla\Firefox\Profiles\56fy6fyv.default -> hxxps://www.ecosia.org/
FF NewTab: Mozilla\Firefox\Profiles\56fy6fyv.default -> www.ecosia.org
FF Extension: (Diccionario Español Argentina) - C:\Users\Juan\AppData\Roaming\Mozilla\Firefox\Profiles\56fy6fyv.default\Extensions\[email protected] [2017-06-14] [Legacy]
FF Extension: (Español (AR) Language Pack) - C:\Users\Juan\AppData\Roaming\Mozilla\Firefox\Profiles\56fy6fyv.default\Extensions\[email protected] [2017-06-22] [Legacy]
FF Extension: (Video DownloadHelper) - C:\Users\Juan\AppData\Roaming\Mozilla\Firefox\Profiles\56fy6fyv.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2017-05-13] [Legacy]
FF Extension: (Tab Mix Plus) - C:\Users\Juan\AppData\Roaming\Mozilla\Firefox\Profiles\56fy6fyv.default\Extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi [2017-08-28] [Legacy]
FF ProfilePath: C:\Users\Juan\AppData\Roaming\Comodo\IceDragon\Profiles\7ibtrihw.default [2019-04-02]
FF Homepage: Comodo\IceDragon\Profiles\7ibtrihw.default -> ixquick.com
FF Extension: (English United States Dictionary) - C:\Users\Juan\AppData\Roaming\Comodo\IceDragon\Profiles\7ibtrihw.default\Extensions\@unitedstatesenglishdictionary.xpi [2018-11-28]
FF Extension: (Online Security Pro) - C:\Users\Juan\AppData\Roaming\Comodo\IceDragon\Profiles\7ibtrihw.default\Extensions\[email protected] [2019-03-15]
FF Extension: (Diccionario español Argentina) - C:\Users\Juan\AppData\Roaming\Comodo\IceDragon\Profiles\7ibtrihw.default\Extensions\[email protected] [2019-01-25]
FF Extension: (Tampermonkey) - C:\Users\Juan\AppData\Roaming\Comodo\IceDragon\Profiles\7ibtrihw.default\Extensions\[email protected] [2018-09-16]
FF Extension: (Https Enforcement) - C:\Users\Juan\AppData\Roaming\Comodo\IceDragon\Profiles\7ibtrihw.default\Extensions\[email protected] [2019-01-22]
FF Extension: (Español (España) Language Pack) - C:\Users\Juan\AppData\Roaming\Comodo\IceDragon\Profiles\7ibtrihw.default\Extensions\[email protected] [2019-01-22]
FF Extension: (UNDER THE MIDNIGHT  MOON) - C:\Users\Juan\AppData\Roaming\Comodo\IceDragon\Profiles\7ibtrihw.default\Extensions\{2b02bbf4-452c-4276-88c0-8d63d6430467}.xpi [2019-03-23]
FF Extension: (Media Downloader) - C:\Users\Juan\AppData\Roaming\Comodo\IceDragon\Profiles\7ibtrihw.default\Extensions\{5e9eca63-6e0d-47ce-9862-07d938121575}.xpi [2019-01-22] [Legacy]
FF Extension: (Flag of Iran 2) - C:\Users\Juan\AppData\Roaming\Comodo\IceDragon\Profiles\7ibtrihw.default\Extensions\{782bd0b8-b842-4d9f-a20f-1ef8de078e84}.xpi [2019-03-23]
FF Extension: (ANIMATED AVIATOR SNOOPY) - C:\Users\Juan\AppData\Roaming\Comodo\IceDragon\Profiles\7ibtrihw.default\Extensions\{ac835a9d-b7cc-49d0-8854-4f4dffe03dd1}.xpi [2019-03-23]
FF Extension: (Video DownloadHelper) - C:\Users\Juan\AppData\Roaming\Comodo\IceDragon\Profiles\7ibtrihw.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2018-08-01]
FF Extension: (NeoBux AdAlert) - C:\Users\Juan\AppData\Roaming\Comodo\IceDragon\Profiles\7ibtrihw.default\Extensions\{eb80b076-a444-444c-a590-5aee5d977d80}.xpi [2018-08-10]
FF ProfilePath: C:\Users\Juan\AppData\Roaming\8pecxstudios\Cyberfox\Profiles\o3f8v1tj.default [2019-04-01]
FF Extension: (Diccionario Español Argentina) - C:\Users\Juan\AppData\Roaming\8pecxstudios\Cyberfox\Profiles\o3f8v1tj.default\Extensions\[email protected] [2018-04-12] [Legacy]
FF Extension: (Tampermonkey) - C:\Users\Juan\AppData\Roaming\8pecxstudios\Cyberfox\Profiles\o3f8v1tj.default\Extensions\[email protected] [2018-09-19]
FF Extension: (CyberCTR) - C:\Program Files\Cyberfox\browser\features\[email protected] [2018-06-29] [Legacy] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_156.dll [2019-03-13] (Adobe Systems Incorporated -> )
FF Plugin: @java.com/DTPlugin,version=11.181.2 -> C:\Program Files\Java\jre1.8.0_181\bin\dtplugin\npDeployJava1.dll [2018-07-20] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.181.2 -> C:\Program Files\Java\jre1.8.0_181\bin\plugin2\npjp2.dll [2018-07-20] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_156.dll [2019-03-13] (Adobe Systems Incorporated -> )
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2016-02-24] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2016-02-24] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google Inc -> Google)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-03-27] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-03-27] (Google Inc -> Google LLC)
FF Plugin-x32: @videolan.org/vlc,version=3.0.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [No File]
FF Plugin-x32: @videolan.org/vlc,version=3.0.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [No File]
FF Plugin-x32: @videolan.org/vlc,version=3.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [No File]

Chrome: 
=======
CHR HomePage: Default -> hxxp://google.com.ar/
CHR StartupUrls: Default -> "hxxp://google.com.ar/"
CHR Profile: C:\Users\Juan\AppData\Local\Google\Chrome\User Data\Default [2019-04-02]
CHR Extension: (Presentaciones) - C:\Users\Juan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-05-16]
CHR Extension: (Email Notifier) - C:\Users\Juan\AppData\Local\Google\Chrome\User Data\Default\Extensions\akhfkpnhebiocdilofmaigoggiopgbbd [2018-09-30]
CHR Extension: (Documentos) - C:\Users\Juan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-05-16]
CHR Extension: (Google Drive) - C:\Users\Juan\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-05-16]
CHR Extension: (YouTube) - C:\Users\Juan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-05-16]
CHR Extension: (Tampermonkey) - C:\Users\Juan\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2019-04-02]
CHR Extension: (Hojas de cálculo) - C:\Users\Juan\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-05-16]
CHR Extension: (Watcher for Yandex Mail™) - C:\Users\Juan\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbahpfmknhllfegibbfdialakjagbdkl [2018-05-16]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\Juan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-21]
CHR Extension: (The Simpsons Theme for Chrome) - C:\Users\Juan\AppData\Local\Google\Chrome\User Data\Default\Extensions\mbaojbbngafehcppeijgefadcbjlfnoc [2018-05-16]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Juan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-06-19]
CHR Extension: (Gmail) - C:\Users\Juan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-05-16]
CHR Extension: (Chrome Media Router) - C:\Users\Juan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-04-02]

Opera: 
=======
OPR Extension: (Tampermonkey) - C:\Users\Juan\AppData\Roaming\Opera Software\Opera Stable\Extensions\mfdhdgbonjidekjkjmjaneanmdmpmidf [2019-01-07]
OPR Extension: (Flash Video Downloader (FVD)) - C:\Users\Juan\AppData\Roaming\Opera Software\Opera Stable\Extensions\neacgcjokggofibnbfapeaejhclmpple [2018-05-08]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [202752 2010-05-22] (Microsoft Windows Hardware Compatibility Publisher -> AMD)
R2 ccavsrv; C:\Program Files (x86)\COMODO\COMODO Cloud Antivirus\ccavsrv.exe [7462072 2018-11-06] (Comodo Security Solutions, Inc. -> COMODO)
S3 ccavvirth; C:\Program Files (x86)\COMODO\COMODO Cloud Antivirus\ccavvirth.exe [2858160 2018-11-06] (Comodo Security Solutions, Inc. -> COMODO)
R2 CmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [10736912 2019-02-11] (Comodo Security Solutions, Inc. -> COMODO)
S3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2876096 2018-12-17] (Comodo Security Solutions, Inc. -> COMODO)
R2 DragonUpdater; C:\Program Files\Comodo\Dragon\dragon_updater.exe [2941712 2019-03-08] (Comodo Security Solutions, Inc. -> Comodo)
R2 IceDragonUpdater; C:\Program Files (x86)\Comodo\IceDragon\icedragon_updater.exe [2608912 2019-01-22] (Comodo Security Solutions, Inc. -> Comodo Inc.)
R2 isesrv; C:\Program Files (x86)\COMODO\Internet Security Essentials\isesrv.exe [1199544 2018-01-17] (Comodo Security Solutions, Inc. -> COMODO)
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2015-08-05] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 aftap0901; C:\Windows\System32\DRIVERS\aftap0901.sys [48624 2017-11-16] (AnchorFree Inc -> The OpenVPN Project)
R3 amdkmdag; C:\Windows\System32\DRIVERS\atipmdag.sys [6368256 2010-05-22] (Microsoft Windows Hardware Compatibility Publisher -> ATI Technologies Inc.)
R3 amdkmdap; C:\Windows\System32\DRIVERS\atikmpag.sys [188416 2015-07-14] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2009-08-06] (ASUSTeK Computer Inc. -> )
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [13368 2009-07-08] (ASUSTeK Computer Inc. -> )
S3 atikmdag; C:\Windows\System32\DRIVERS\atikmdag.sys [6368256 2015-07-14] (Microsoft Windows Hardware Compatibility Publisher -> ATI Technologies Inc.)
R0 AtiPcie; C:\Windows\System32\DRIVERS\AtiPcie.sys [16440 2010-05-22] (Advanced Micro Devices, Inc. -> Advanced Micro Devices Inc.)
R1 CFRMD; C:\Windows\System32\DRIVERS\CFRMD.sys [37976 2015-07-10] (Comodo Security Solutions, Inc. -> Windows (R) Win 7 DDK provider) [File not signed]
R0 cmdccav; C:\Windows\System32\drivers\CmdCCAV.sys [462272 2018-11-06] (Comodo Security Solutions, Inc. -> COMODO)
R1 cmderd; C:\Windows\System32\DRIVERS\cmderd.sys [34280 2018-05-22] (Comodo Security Solutions, Inc. -> COMODO)
R1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [846624 2018-05-22] (Comodo Security Solutions, Inc. -> COMODO)
R1 cmdHlp; C:\Windows\System32\DRIVERS\cmdhlp.sys [59096 2018-05-22] (Comodo Security Solutions, Inc. -> COMODO)
R1 inspect; C:\Windows\System32\DRIVERS\inspect.sys [124568 2018-05-22] (Comodo Security Solutions, Inc. -> COMODO)
R1 isedrv; C:\Windows\system32\drivers\isedrv.sys [50576 2018-01-17] (Comodo Security Solutions, Inc. -> COMODO)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-07-19] (ASUSTeK Computer Inc. -> )
R2 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-02-28] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-04-02 20:11 - 2019-04-02 20:14 - 000023269 _____ C:\Users\Juan\Desktop\FRST.txt
2019-04-02 19:44 - 2019-04-02 19:45 - 002434048 _____ (Farbar) C:\Users\Juan\Desktop\FRST64.exe
2019-04-02 11:49 - 2019-04-02 11:50 - 000001826 _____ C:\Users\Juan\Desktop\mb-clean-results.txt
2019-04-02 11:47 - 2019-04-02 11:47 - 000858912 _____ (Malwarebytes) C:\Users\Juan\Desktop\mb-clean-3.1.0.1035.exe
2019-04-01 08:51 - 2019-04-01 10:00 - 000000000 ____D C:\Program Files\Malwarebytes
2019-03-28 17:44 - 2019-03-28 17:44 - 000015625 _____ C:\Users\Juan\AppData\Local\recently-used.xbel
2019-03-28 16:56 - 2019-03-28 16:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2019-03-28 16:56 - 2019-03-28 16:56 - 000000000 ____D C:\Program Files\7-Zip
2019-03-27 08:24 - 2019-04-02 20:11 - 000000000 ____D C:\FRST
2019-03-13 08:57 - 2019-02-26 19:41 - 000397104 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2019-03-13 08:57 - 2019-02-26 18:47 - 000348984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2019-03-13 08:57 - 2019-02-26 04:45 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2019-03-13 08:57 - 2019-02-26 04:33 - 002902528 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2019-03-13 08:57 - 2019-02-26 04:32 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2019-03-13 08:57 - 2019-02-26 04:31 - 000576512 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2019-03-13 08:57 - 2019-02-26 04:31 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2019-03-13 08:57 - 2019-02-26 04:25 - 020281856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2019-03-13 08:57 - 2019-02-26 04:24 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2019-03-13 08:57 - 2019-02-26 04:22 - 005777920 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2019-03-13 08:57 - 2019-02-26 04:21 - 000615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2019-03-13 08:57 - 2019-02-26 04:20 - 000814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2019-03-13 08:57 - 2019-02-26 04:20 - 000790528 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2019-03-13 08:57 - 2019-02-26 04:20 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2019-03-13 08:57 - 2019-02-26 04:20 - 000116224 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2019-03-13 08:57 - 2019-02-26 04:12 - 000969216 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2019-03-13 08:57 - 2019-02-26 04:09 - 000489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2019-03-13 08:57 - 2019-02-26 04:07 - 000498176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2019-03-13 08:57 - 2019-02-26 04:07 - 000062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2019-03-13 08:57 - 2019-02-26 04:06 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2019-03-13 08:57 - 2019-02-26 04:05 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2019-03-13 08:57 - 2019-02-26 04:04 - 002295808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2019-03-13 08:57 - 2019-02-26 04:03 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2019-03-13 08:57 - 2019-02-26 04:02 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2019-03-13 08:57 - 2019-02-26 04:02 - 000087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2019-03-13 08:57 - 2019-02-26 04:01 - 000047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2019-03-13 08:57 - 2019-02-26 04:00 - 000030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2019-03-13 08:57 - 2019-02-26 03:58 - 000476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2019-03-13 08:57 - 2019-02-26 03:58 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2019-03-13 08:57 - 2019-02-26 03:57 - 000663040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2019-03-13 08:57 - 2019-02-26 03:57 - 000620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2019-03-13 08:57 - 2019-02-26 03:57 - 000115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2019-03-13 08:57 - 2019-02-26 03:56 - 000315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2019-03-13 08:57 - 2019-02-26 03:54 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2019-03-13 08:57 - 2019-02-26 03:49 - 000416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2019-03-13 08:57 - 2019-02-26 03:46 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2019-03-13 08:57 - 2019-02-26 03:44 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2019-03-13 08:57 - 2019-02-26 03:44 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2019-03-13 08:57 - 2019-02-26 03:43 - 015284224 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2019-03-13 08:57 - 2019-02-26 03:43 - 000809472 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2019-03-13 08:57 - 2019-02-26 03:43 - 000728064 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2019-03-13 08:57 - 2019-02-26 03:43 - 000091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2019-03-13 08:57 - 2019-02-26 03:41 - 002135552 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2019-03-13 08:57 - 2019-02-26 03:41 - 001359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2019-03-13 08:57 - 2019-02-26 03:41 - 000168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2019-03-13 08:57 - 2019-02-26 03:41 - 000076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2019-03-13 08:57 - 2019-02-26 03:39 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2019-03-13 08:57 - 2019-02-26 03:38 - 000130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2019-03-13 08:57 - 2019-02-26 03:35 - 004494848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2019-03-13 08:57 - 2019-02-26 03:33 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2019-03-13 08:57 - 2019-02-26 03:31 - 002059776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2019-03-13 08:57 - 2019-02-26 03:31 - 000696320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2019-03-13 08:57 - 2019-02-26 03:30 - 001155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2019-03-13 08:57 - 2019-02-26 03:29 - 013681664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2019-03-13 08:57 - 2019-02-26 03:29 - 004858880 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2019-03-13 08:57 - 2019-02-26 03:18 - 001557504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2019-03-13 08:57 - 2019-02-26 03:12 - 004386304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2019-03-13 08:57 - 2019-02-26 03:09 - 001332224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2019-03-13 08:57 - 2019-02-26 03:07 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2019-03-13 08:57 - 2019-02-26 03:06 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2019-03-13 08:56 - 2019-03-06 00:18 - 000154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2019-03-13 08:56 - 2019-03-06 00:18 - 000095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2019-03-13 08:56 - 2019-03-06 00:14 - 000708328 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2019-03-13 08:56 - 2019-03-06 00:14 - 000631680 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2019-03-13 08:56 - 2019-03-06 00:13 - 005552872 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2019-03-13 08:56 - 2019-03-06 00:13 - 000262376 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2019-03-13 08:56 - 2019-03-06 00:12 - 001664360 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2019-03-13 08:56 - 2019-03-06 00:10 - 001472512 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2019-03-13 08:56 - 2019-03-06 00:10 - 001211392 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2019-03-13 08:56 - 2019-03-06 00:10 - 001162752 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2019-03-13 08:56 - 2019-03-06 00:10 - 000880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2019-03-13 08:56 - 2019-03-06 00:10 - 000733184 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2019-03-13 08:56 - 2019-03-06 00:10 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2019-03-13 08:56 - 2019-03-06 00:10 - 000503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2019-03-13 08:56 - 2019-03-06 00:10 - 000463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2019-03-13 08:56 - 2019-03-06 00:10 - 000419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2019-03-13 08:56 - 2019-03-06 00:10 - 000361984 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2019-03-13 08:56 - 2019-03-06 00:10 - 000345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2019-03-13 08:56 - 2019-03-06 00:10 - 000316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2019-03-13 08:56 - 2019-03-06 00:10 - 000312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2019-03-13 08:56 - 2019-03-06 00:10 - 000243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2019-03-13 08:56 - 2019-03-06 00:10 - 000236032 _____ (Microsoft Corporation) C:\Windows\system32\srvsvc.dll
2019-03-13 08:56 - 2019-03-06 00:10 - 000215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2019-03-13 08:56 - 2019-03-06 00:10 - 000210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2019-03-13 08:56 - 2019-03-06 00:10 - 000190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2019-03-13 08:56 - 2019-03-06 00:10 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2019-03-13 08:56 - 2019-03-06 00:10 - 000135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2019-03-13 08:56 - 2019-03-06 00:10 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2019-03-13 08:56 - 2019-03-06 00:10 - 000094208 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2019-03-13 08:56 - 2019-03-06 00:10 - 000063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2019-03-13 08:56 - 2019-03-06 00:10 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2019-03-13 08:56 - 2019-03-06 00:10 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2019-03-13 08:56 - 2019-03-06 00:10 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2019-03-13 08:56 - 2019-03-06 00:10 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2019-03-13 08:56 - 2019-03-06 00:10 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2019-03-13 08:56 - 2019-03-06 00:10 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2019-03-13 08:56 - 2019-03-06 00:10 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2019-03-13 08:56 - 2019-03-06 00:10 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2019-03-13 08:56 - 2019-03-06 00:10 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2019-03-13 08:56 - 2019-03-06 00:10 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2019-03-13 08:56 - 2019-03-06 00:10 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2019-03-13 08:56 - 2019-03-06 00:10 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\sscore.dll
2019-03-13 08:56 - 2019-03-06 00:10 - 000007168 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2019-03-13 08:56 - 2019-03-06 00:10 - 000006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2019-03-13 08:56 - 2019-03-06 00:10 - 000005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2019-03-13 08:56 - 2019-03-06 00:10 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2019-03-13 08:56 - 2019-03-06 00:10 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2019-03-13 08:56 - 2019-03-06 00:10 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2019-03-13 08:56 - 2019-03-06 00:10 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2019-03-13 08:56 - 2019-03-06 00:10 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2019-03-13 08:56 - 2019-03-06 00:10 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2019-03-13 08:56 - 2019-03-06 00:10 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2019-03-13 08:56 - 2019-03-06 00:10 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2019-03-13 08:56 - 2019-03-06 00:10 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2019-03-13 08:56 - 2019-03-06 00:10 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2019-03-13 08:56 - 2019-03-06 00:10 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2019-03-13 08:56 - 2019-03-06 00:10 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2019-03-13 08:56 - 2019-03-06 00:10 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2019-03-13 08:56 - 2019-03-06 00:10 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2019-03-13 08:56 - 2019-03-06 00:10 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2019-03-13 08:56 - 2019-03-06 00:10 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2019-03-13 08:56 - 2019-03-06 00:10 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2019-03-13 08:56 - 2019-03-06 00:10 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2019-03-13 08:56 - 2019-03-06 00:10 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2019-03-13 08:56 - 2019-03-06 00:10 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2019-03-13 08:56 - 2019-03-06 00:10 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2019-03-13 08:56 - 2019-03-06 00:10 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2019-03-13 08:56 - 2019-03-06 00:10 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2019-03-13 08:56 - 2019-03-06 00:10 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2019-03-13 08:56 - 2019-03-06 00:10 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2019-03-13 08:56 - 2019-03-06 00:10 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2019-03-13 08:56 - 2019-03-06 00:04 - 004055784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2019-03-13 08:56 - 2019-03-06 00:04 - 003960552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2019-03-13 08:56 - 2019-03-06 00:02 - 001314104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2019-03-13 08:56 - 2019-03-06 00:01 - 001114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2019-03-13 08:56 - 2019-03-06 00:01 - 000666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2019-03-13 08:56 - 2019-03-06 00:01 - 000556032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2019-03-13 08:56 - 2019-03-06 00:01 - 000275968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2019-03-13 08:56 - 2019-03-06 00:01 - 000261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2019-03-13 08:56 - 2019-03-06 00:01 - 000254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2019-03-13 08:56 - 2019-03-06 00:01 - 000223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2019-03-13 08:56 - 2019-03-06 00:01 - 000172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2019-03-13 08:56 - 2019-03-06 00:01 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2019-03-13 08:56 - 2019-03-06 00:01 - 000141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2019-03-13 08:56 - 2019-03-06 00:01 - 000096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2019-03-13 08:56 - 2019-03-06 00:01 - 000082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2019-03-13 08:56 - 2019-03-06 00:01 - 000070144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2019-03-13 08:56 - 2019-03-06 00:01 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2019-03-13 08:56 - 2019-03-06 00:01 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2019-03-13 08:56 - 2019-03-06 00:01 - 000022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2019-03-13 08:56 - 2019-03-06 00:01 - 000005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2019-03-13 08:56 - 2019-03-06 00:00 - 000690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2019-03-13 08:56 - 2019-03-06 00:00 - 000644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2019-03-13 08:56 - 2019-03-06 00:00 - 000342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2019-03-13 08:56 - 2019-03-06 00:00 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2019-03-13 08:56 - 2019-03-06 00:00 - 000017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2019-03-13 08:56 - 2019-03-06 00:00 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2019-03-13 08:56 - 2019-03-06 00:00 - 000005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2019-03-13 08:56 - 2019-03-06 00:00 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2019-03-13 08:56 - 2019-03-06 00:00 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2019-03-13 08:56 - 2019-03-06 00:00 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2019-03-13 08:56 - 2019-03-06 00:00 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2019-03-13 08:56 - 2019-03-06 00:00 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2019-03-13 08:56 - 2019-03-06 00:00 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2019-03-13 08:56 - 2019-03-06 00:00 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2019-03-13 08:56 - 2019-03-06 00:00 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2019-03-13 08:56 - 2019-03-06 00:00 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2019-03-13 08:56 - 2019-03-06 00:00 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2019-03-13 08:56 - 2019-03-06 00:00 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2019-03-13 08:56 - 2019-03-06 00:00 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2019-03-13 08:56 - 2019-03-06 00:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2019-03-13 08:56 - 2019-03-06 00:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2019-03-13 08:56 - 2019-03-06 00:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2019-03-13 08:56 - 2019-03-06 00:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2019-03-13 08:56 - 2019-03-06 00:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2019-03-13 08:56 - 2019-03-06 00:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2019-03-13 08:56 - 2019-03-06 00:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2019-03-13 08:56 - 2019-03-06 00:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2019-03-13 08:56 - 2019-03-06 00:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2019-03-13 08:56 - 2019-03-06 00:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2019-03-13 08:56 - 2019-03-06 00:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2019-03-13 08:56 - 2019-03-05 23:45 - 000148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2019-03-13 08:56 - 2019-03-05 23:45 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2019-03-13 08:56 - 2019-03-05 23:45 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2019-03-13 08:56 - 2019-03-05 23:44 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2019-03-13 08:56 - 2019-03-05 23:42 - 003228160 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2019-03-13 08:56 - 2019-03-05 23:42 - 000338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2019-03-13 08:56 - 2019-03-05 23:41 - 000296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2019-03-13 08:56 - 2019-03-05 23:41 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\videoprt.sys
2019-03-13 08:56 - 2019-03-05 23:41 - 000009728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sscore.dll
2019-03-13 08:56 - 2019-03-05 23:40 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2019-03-13 08:56 - 2019-03-05 23:38 - 000464384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2019-03-13 08:56 - 2019-03-05 23:38 - 000406016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2019-03-13 08:56 - 2019-03-05 23:38 - 000291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2019-03-13 08:56 - 2019-03-05 23:38 - 000169984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2019-03-13 08:56 - 2019-03-05 23:38 - 000161280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2019-03-13 08:56 - 2019-03-05 23:38 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2019-03-13 08:56 - 2019-03-05 23:37 - 000112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2019-03-13 08:56 - 2019-03-05 23:37 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdk8.sys
2019-03-13 08:56 - 2019-03-05 23:37 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\processr.sys
2019-03-13 08:56 - 2019-03-05 23:37 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdppm.sys
2019-03-13 08:56 - 2019-03-05 23:37 - 000044544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\npfs.sys
2019-03-13 08:56 - 2019-03-05 23:37 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2019-03-13 08:56 - 2019-03-05 23:37 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2019-03-13 08:56 - 2019-03-05 23:37 - 000014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2019-03-13 08:56 - 2019-03-05 23:37 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2019-03-13 08:56 - 2019-03-05 23:37 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2019-03-13 08:56 - 2019-03-05 23:36 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2019-03-13 08:56 - 2019-03-05 23:36 - 000006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2019-03-13 08:56 - 2019-03-05 23:36 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2019-03-13 08:56 - 2019-03-05 23:36 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2019-03-13 08:56 - 2019-03-05 23:36 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2019-03-13 08:56 - 2019-03-04 23:44 - 000076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2019-03-13 08:56 - 2019-03-04 23:44 - 000033280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2019-03-13 08:56 - 2019-03-04 23:44 - 000030208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidusb.sys
2019-03-13 08:56 - 2019-02-26 04:57 - 025737216 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2019-03-13 08:56 - 2019-02-26 04:46 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2019-03-13 08:56 - 2019-02-26 04:31 - 000417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2019-03-13 08:56 - 2019-02-26 04:31 - 000088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2019-03-13 08:56 - 2019-02-26 04:25 - 000054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2019-03-13 08:56 - 2019-02-26 04:19 - 002724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2019-03-13 08:56 - 2019-02-26 04:06 - 000047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2019-03-13 08:56 - 2019-02-26 03:59 - 000199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2019-03-13 08:56 - 2019-02-22 00:07 - 000058880 _____ (Microsoft Corporation) C:\Windows\system32\mf3216.dll
2019-03-13 08:56 - 2019-02-22 00:07 - 000008192 _____ (Microsoft Corporation) C:\Windows\system32\msimg32.dll
2019-03-13 08:56 - 2019-02-21 23:56 - 000004608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimg32.dll
2019-03-13 08:56 - 2019-02-21 23:55 - 000044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf3216.dll
2019-03-13 08:56 - 2019-02-21 23:35 - 000313344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrd2x40.dll
2019-03-13 08:56 - 2019-02-16 03:02 - 002072576 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2019-03-13 08:56 - 2019-02-16 03:02 - 000972288 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2019-03-13 08:56 - 2019-02-16 03:02 - 000878080 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2019-03-13 08:56 - 2019-02-16 03:02 - 000516608 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2019-03-13 08:56 - 2019-02-16 03:02 - 000443904 _____ (Microsoft Corporation) C:\Windows\system32\winspool.drv
2019-03-13 08:56 - 2019-02-16 03:02 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\oleres.dll
2019-03-13 08:56 - 2019-02-16 03:01 - 000008704 _____ (Microsoft Corporation) C:\Windows\system32\comcat.dll
2019-03-13 08:56 - 2019-02-16 02:50 - 001425920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2019-03-13 08:56 - 2019-02-16 02:50 - 000583680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2019-03-13 08:56 - 2019-02-16 02:50 - 000321536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winspool.drv
2019-03-13 08:56 - 2019-02-16 02:50 - 000026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleres.dll
2019-03-13 08:56 - 2019-02-16 02:33 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comcat.dll
2019-03-13 08:56 - 2019-02-15 13:09 - 000485888 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2019-03-13 08:56 - 2019-02-15 13:09 - 000355328 _____ (Microsoft Corporation) C:\Windows\system32\Faultrep.dll
2019-03-13 08:56 - 2019-02-15 13:09 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\werdiagcontroller.dll
2019-03-13 08:56 - 2019-02-15 12:58 - 000382976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2019-03-13 08:56 - 2019-02-15 12:58 - 000320512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Faultrep.dll
2019-03-13 08:56 - 2019-02-15 12:40 - 000415744 _____ (Microsoft Corporation) C:\Windows\system32\WerFault.exe
2019-03-13 08:56 - 2019-02-15 12:40 - 000050688 _____ (Microsoft Corporation) C:\Windows\system32\wermgr.exe
2019-03-13 08:56 - 2019-02-15 12:40 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\WerFaultSecure.exe
2019-03-13 08:56 - 2019-02-15 12:38 - 000360960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFault.exe
2019-03-13 08:56 - 2019-02-15 12:38 - 000053760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wermgr.exe
2019-03-13 08:56 - 2019-02-15 12:38 - 000028672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFaultSecure.exe
2019-03-13 08:56 - 2019-02-15 12:38 - 000028672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\werdiagcontroller.dll
2019-03-13 08:56 - 2019-02-10 13:10 - 001680104 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2019-03-13 08:56 - 2019-02-10 12:36 - 000328192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\udfs.sys
2019-03-13 08:56 - 2019-02-10 12:36 - 000205312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fastfat.sys
2019-03-13 08:56 - 2019-02-10 12:36 - 000195584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\exfat.sys
2019-03-13 08:56 - 2019-02-10 12:35 - 000092672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cdfs.sys
2019-03-13 08:56 - 2019-02-08 13:08 - 002009088 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2019-03-13 08:56 - 2019-02-08 13:08 - 001889280 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2019-03-13 08:56 - 2019-02-08 13:08 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2019-03-13 08:56 - 2019-02-08 13:08 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2019-03-13 08:56 - 2019-02-08 13:07 - 001133568 _____ (Microsoft Corporation) C:\Windows\system32\cdosys.dll
2019-03-13 08:56 - 2019-02-08 12:59 - 001391104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2019-03-13 08:56 - 2019-02-08 12:59 - 001241088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2019-03-13 08:56 - 2019-02-08 12:59 - 000805376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cdosys.dll
2019-03-13 08:56 - 2019-02-08 12:59 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2019-03-13 08:56 - 2019-02-08 12:59 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2019-03-13 08:56 - 2019-02-07 13:06 - 000027648 _____ (Microsoft Corporation) C:\Windows\system32\brdgcfg.dll
2019-03-13 08:56 - 2019-02-07 13:06 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\bridgeres.dll
2019-03-13 08:56 - 2019-02-07 13:01 - 000095232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bridge.sys
2019-03-13 08:56 - 2019-02-07 12:46 - 000020992 _____ (Microsoft Corporation) C:\Windows\system32\bridgeunattend.exe
2019-03-13 08:56 - 2019-02-03 12:36 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msfs.sys
2019-03-13 08:56 - 2019-01-04 13:13 - 000143592 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2019-03-13 08:56 - 2019-01-04 13:07 - 000727040 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2019-03-13 08:56 - 2019-01-04 11:05 - 002862592 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2019-03-13 08:56 - 2019-01-04 11:05 - 001635328 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2019-03-13 08:56 - 2019-01-04 11:05 - 000799744 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2019-03-13 08:56 - 2019-01-04 11:05 - 000623104 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2019-03-13 08:56 - 2019-01-04 11:05 - 000495616 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2019-03-13 08:56 - 2019-01-04 11:05 - 000451584 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2019-03-13 08:56 - 2019-01-04 11:05 - 000313856 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2019-03-13 08:56 - 2019-01-04 11:05 - 000253952 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2019-03-13 08:56 - 2019-01-03 13:10 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2019-03-13 08:56 - 2019-01-03 12:55 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2019-03-13 08:47 - 2019-02-16 02:32 - 000142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2019-03-13 08:47 - 2019-02-16 02:30 - 000123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2019-03-13 08:47 - 2019-02-10 13:41 - 012574208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2019-03-13 08:47 - 2019-02-10 13:41 - 011411968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2019-03-13 08:47 - 2019-02-10 13:41 - 003207168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2019-03-13 08:47 - 2019-02-10 13:41 - 001329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2019-03-13 08:47 - 2019-02-10 13:41 - 001177088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2019-03-13 08:47 - 2019-02-10 13:41 - 001005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll
2019-03-13 08:47 - 2019-02-10 13:41 - 000988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll
2019-03-13 08:47 - 2019-02-10 13:41 - 000744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll
2019-03-13 08:47 - 2019-02-10 13:41 - 000617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll
2019-03-13 08:47 - 2019-02-10 13:41 - 000519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2019-03-13 08:47 - 2019-02-10 13:41 - 000504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll
2019-03-13 08:47 - 2019-02-10 13:41 - 000489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2019-03-13 08:47 - 2019-02-10 13:41 - 000442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2019-03-13 08:47 - 2019-02-10 13:41 - 000406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll
2019-03-13 08:47 - 2019-02-10 13:41 - 000373248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2019-03-13 08:47 - 2019-02-10 13:41 - 000354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2019-03-13 08:47 - 2019-02-10 13:41 - 000265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll
2019-03-13 08:47 - 2019-02-10 13:41 - 000195072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2019-03-13 08:47 - 2019-02-10 13:41 - 000179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2019-03-13 08:47 - 2019-02-10 13:41 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2019-03-13 08:47 - 2019-02-10 13:41 - 000106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2019-03-13 08:47 - 2019-02-10 13:41 - 000103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2019-03-13 08:47 - 2019-02-10 13:41 - 000080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll
2019-03-13 08:47 - 2019-02-10 13:41 - 000046592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssign32.dll
2019-03-13 08:47 - 2019-02-10 13:41 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2019-03-13 08:47 - 2019-02-10 13:29 - 000008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2019-03-13 08:47 - 2019-02-10 13:29 - 000004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2019-03-13 08:47 - 2019-02-10 13:29 - 000004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2019-03-13 08:47 - 2019-02-10 13:28 - 000050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2019-03-13 08:47 - 2019-02-10 13:28 - 000023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2019-03-13 08:47 - 2019-02-10 13:10 - 000094440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2019-03-13 08:47 - 2019-02-10 13:09 - 014635520 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2019-03-13 08:47 - 2019-02-10 13:09 - 012574720 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2019-03-13 08:47 - 2019-02-10 13:09 - 001574400 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2019-03-13 08:47 - 2019-02-10 13:09 - 000782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2019-03-13 08:47 - 2019-02-10 13:09 - 000499712 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2019-03-13 08:47 - 2019-02-10 13:09 - 000371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2019-03-13 08:47 - 2019-02-10 13:09 - 000229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2019-03-13 08:47 - 2019-02-10 13:09 - 000187904 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2019-03-13 08:47 - 2019-02-10 13:09 - 000037376 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll
2019-03-13 08:47 - 2019-02-10 13:09 - 000009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2019-03-13 08:47 - 2019-02-10 13:09 - 000008704 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll
2019-03-13 08:47 - 2019-02-10 13:09 - 000005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2019-03-13 08:47 - 2019-02-10 13:09 - 000005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2019-03-13 08:47 - 2019-02-10 13:08 - 004120576 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2019-03-13 08:47 - 2019-02-10 13:08 - 001484800 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2019-03-13 08:47 - 2019-02-10 13:08 - 001202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2019-03-13 08:47 - 2019-02-10 13:08 - 001068544 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2019-03-13 08:47 - 2019-02-10 13:08 - 000641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2019-03-13 08:47 - 2019-02-10 13:08 - 000632320 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2019-03-13 08:47 - 2019-02-10 13:08 - 000497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2019-03-13 08:47 - 2019-02-10 13:08 - 000433152 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2019-03-13 08:47 - 2019-02-10 13:08 - 000325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2019-03-13 08:47 - 2019-02-10 13:08 - 000284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2019-03-13 08:47 - 2019-02-10 13:08 - 000206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2019-03-13 08:47 - 2019-02-10 13:08 - 000190976 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2019-03-13 08:47 - 2019-02-10 13:08 - 000141824 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2019-03-13 08:47 - 2019-02-10 13:08 - 000081920 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2019-03-13 08:47 - 2019-02-10 13:08 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\mssign32.dll
2019-03-13 08:47 - 2019-02-10 13:08 - 000011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2019-03-13 08:47 - 2019-02-10 13:08 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2019-03-13 08:47 - 2019-02-10 13:07 - 000842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2019-03-13 08:47 - 2019-02-10 13:07 - 000680448 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2019-03-13 08:47 - 2019-02-10 13:07 - 000438784 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2019-03-13 08:47 - 2019-02-10 13:07 - 000295936 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2019-03-13 08:47 - 2019-02-10 13:02 - 000663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2019-03-13 08:47 - 2019-02-10 12:50 - 000055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2019-03-13 08:47 - 2019-02-10 12:49 - 000125952 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2019-03-13 08:47 - 2019-02-10 12:49 - 000024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2019-03-13 08:47 - 2019-02-10 12:38 - 000011264 _____ (Microsoft Corporation) C:\Windows\system32\pcawrk.exe
2019-03-13 08:47 - 2019-02-10 12:38 - 000009728 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe
0 me gusta

#14
==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-04-02 19:53 - 2018-08-06 16:37 - 000306887 _____ C:\Windows\system32\Drivers\ccavsfi.dat
2019-04-02 19:44 - 2013-10-14 10:28 - 000000000 ___RD C:\Users\Juan\Descargas
2019-04-02 18:22 - 2009-07-14 01:45 - 000027344 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2019-04-02 18:22 - 2009-07-14 01:45 - 000027344 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2019-04-02 18:13 - 2009-07-14 02:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-04-02 13:35 - 2017-02-03 11:16 - 000003970 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{B4D6B0E4-EDBA-4020-882C-26E1A856B43D}
2019-04-02 11:26 - 2018-04-04 11:49 - 000000000 ____D C:\Users\Juan\AppData\LocalLow\Comodo
2019-04-02 11:00 - 2019-01-16 20:16 - 000000000 ____D C:\Users\Juan\AppData\Roaming\vlc
2019-04-02 09:30 - 2016-11-24 16:32 - 000000000 ____D C:\Users\Juan\AppData\LocalLow\Mozilla
2019-04-01 23:45 - 2018-12-18 11:58 - 008800774 _____ C:\Users\Juan\Desktop\Martin Manley.odt
2019-04-01 08:25 - 2018-08-17 14:42 - 000000000 ____D C:\Users\Juan\AppData\Local\CrashDumps
2019-04-01 08:25 - 2009-07-14 00:20 - 000000000 ____D C:\Windows\inf
2019-03-31 12:22 - 2018-05-08 10:17 - 000000000 ____D C:\Program Files\Opera
2019-03-31 11:52 - 2017-11-08 10:09 - 000004128 _____ C:\Windows\System32\Tasks\CCleaner Update
2019-03-29 12:22 - 2018-05-08 10:24 - 000003840 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1525785882
2019-03-28 17:44 - 2019-01-20 16:26 - 000000000 ____D C:\Users\Juan\AppData\Local\midori
2019-03-28 17:36 - 2019-01-20 16:26 - 000000000 ____D C:\Users\Juan\.dbus-keyrings
2019-03-27 23:17 - 2018-05-16 22:40 - 000003532 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2019-03-27 23:17 - 2018-05-16 22:40 - 000003404 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2019-03-27 07:49 - 2009-07-14 02:08 - 000032556 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2019-03-26 07:49 - 2018-12-10 08:15 - 000002260 _____ C:\Users\Juan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Kinza.lnk
2019-03-26 07:49 - 2018-12-10 08:15 - 000002223 _____ C:\Users\Juan\Desktop\Kinza.lnk
2019-03-26 07:49 - 2018-12-10 08:15 - 000000000 ____D C:\Users\Juan\AppData\Local\Kinza
2019-03-23 07:48 - 2018-05-03 23:14 - 000000000 ____D C:\Users\Juan\AppData\Local\babl-0.1
2019-03-22 09:13 - 2011-04-12 06:10 - 000702032 _____ C:\Windows\system32\perfh00A.dat
2019-03-22 09:13 - 2011-04-12 06:10 - 000141900 _____ C:\Windows\system32\perfc00A.dat
2019-03-22 09:13 - 2009-07-14 02:13 - 001593672 _____ C:\Windows\system32\PerfStringBackup.INI
2019-03-22 08:34 - 2018-09-22 07:06 - 000000822 _____ C:\Users\Public\Desktop\CCleaner.lnk
2019-03-21 19:03 - 2018-05-16 23:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FlashPeak Slimjet (64 bit)
2019-03-21 19:03 - 2018-05-16 23:50 - 000000000 ____D C:\Program Files\Slimjet
2019-03-21 19:02 - 2018-05-16 23:50 - 000000814 _____ C:\Users\Juan\Desktop\SlimJet.lnk
2019-03-20 20:19 - 2018-05-16 22:54 - 000002222 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-03-14 18:43 - 2018-05-07 08:14 - 000000000 ____D C:\Program Files\Waterfox
2019-03-13 21:09 - 2015-03-06 11:31 - 000000000 ____D C:\Users\Juan\AppData\Local\gtk-2.0
2019-03-13 19:41 - 2017-11-03 07:02 - 000335624 _____ C:\Windows\system32\FNTCACHE.DAT
2019-03-13 19:37 - 2009-07-14 00:20 - 000000000 ____D C:\Windows\SysWOW64\Dism
2019-03-13 19:37 - 2009-07-14 00:20 - 000000000 ____D C:\Windows\system32\Dism
2019-03-13 19:36 - 2014-12-10 08:19 - 000000000 ____D C:\Windows\system32\appraiser
2019-03-13 19:36 - 2014-05-06 12:25 - 000000000 ___SD C:\Windows\system32\CompatTel
2019-03-13 19:14 - 2013-10-10 16:00 - 000000000 ____D C:\Windows\system32\MRT
2019-03-13 19:13 - 2013-10-10 15:59 - 127411920 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2019-03-13 05:57 - 2017-01-13 13:00 - 000004472 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2019-03-13 05:57 - 2016-12-23 20:46 - 000004320 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2019-03-13 05:57 - 2013-10-09 17:28 - 000842240 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2019-03-13 05:57 - 2013-10-09 17:28 - 000175104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2019-03-13 05:57 - 2013-10-09 17:28 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2019-03-13 05:57 - 2013-10-09 17:28 - 000000000 ____D C:\Windows\system32\Macromed
2019-03-13 05:53 - 2018-03-13 20:01 - 000004488 _____ C:\Windows\System32\Tasks\Adobe Flash Player NPAPI Notifier
2019-03-03 20:15 - 2014-12-01 20:57 - 001293806 _____ C:\Users\Juan\Desktop\Televisión.pdf
2019-03-03 05:38 - 2016-09-27 10:31 - 000000000 ____D C:\Users\Juan\Documents\RomLach

==================== Files in the root of some directories =======

2017-10-12 01:39 - 2017-10-12 01:39 - 120025417 _____ () C:\Program Files (x86)\openoffice1.cab
2017-10-12 01:36 - 2017-10-12 01:36 - 002314240 _____ () C:\Program Files (x86)\openoffice414.msi
2014-11-06 22:49 - 2015-05-16 18:14 - 000000096 _____ () C:\Users\Juan\AppData\Roaming\Camdata.ini
2014-11-06 22:49 - 2015-05-16 18:14 - 000000408 _____ () C:\Users\Juan\AppData\Roaming\CamLayout.ini
2014-11-06 22:49 - 2015-05-16 18:14 - 000000408 _____ () C:\Users\Juan\AppData\Roaming\CamShapes.ini
2014-11-06 22:49 - 2015-05-16 18:14 - 000004535 _____ () C:\Users\Juan\AppData\Roaming\CamStudio.cfg
2014-11-20 00:27 - 2014-11-20 00:27 - 000000000 _____ () C:\Users\Juan\AppData\Roaming\CamStudio.Producer.Data.ini
2014-11-20 00:27 - 2014-11-20 00:27 - 000001206 _____ () C:\Users\Juan\AppData\Roaming\CamStudio.Producer.ini
2014-11-06 22:49 - 2015-05-16 18:14 - 000000096 _____ () C:\Users\Juan\AppData\Roaming\version2.xml
2015-04-21 09:56 - 2015-04-21 09:58 - 000000513 _____ () C:\Users\Juan\AppData\Roaming\Weather Monitor_Settings.ini
2019-03-28 17:44 - 2019-03-28 17:44 - 000015625 _____ () C:\Users\Juan\AppData\Local\recently-used.xbel
2015-11-05 16:02 - 2018-01-21 11:14 - 000007598 _____ () C:\Users\Juan\AppData\Local\Resmon.ResmonCfg

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\dllhost.exe => File is digitally signed
C:\Windows\SysWOW64\dllhost.exe => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-12-30 22:23

==================== End of FRST.txt ============================
0 me gusta

#15

Y, acá, va el Addition…

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17.03.2019
Ran by Juan (02-04-2019 20:14:50)
Running from C:\Users\Juan\Desktop
Windows 7 Ultimate Service Pack 1 (X64) (2013-10-07 15:21:10)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrador (S-1-5-21-492065729-501448629-2822315028-500 - Administrator - Disabled)
Invitado (S-1-5-21-492065729-501448629-2822315028-501 - Limited - Disabled)
Juan (S-1-5-21-492065729-501448629-2822315028-1000 - Administrator - Enabled) => C:\Users\Juan

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: COMODO Cloud Antivirus (Disabled - Up to date) {08B84BA8-CC77-5A8B-A100-3F522B1B6106}
AS: COMODO Advanced Protection (Enabled - Up to date) {255FE707-DEDA-33CA-1986-80AAD408CE05}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: COMODO Sandbox (Disabled - Up to date) {B3D9AA4C-EA4D-5505-9BB0-0420509C2BBB}
FW: COMODO Firewall (Enabled) {A60587C6-B28F-3D1C-0869-12ED515CC3C3}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7GIF (HKLM\...\{D27A1E28-51AD-4CB7-9AAD-11D8DDA3B619}_is1) (Version: 1.2.2.1298 - Xtreme-LAb®)
7-Zip 19.00 (x64) (HKLM\...\7-Zip) (Version: 19.00 - Igor Pavlov)
Adobe Flash Player 32 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 32.0.0.156 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.156 - Adobe Systems Incorporated)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.156 - Adobe Systems Incorporated)
ASUSUpdate (HKLM-x32\...\{587178E7-B1DF-494E-9838-FA4DD36E873C}) (Version: 7.18.03 - ASUSTeK Computer Inc.)
ATI Catalyst Install Manager (HKLM\...\{2A13EF26-4D68-B2D7-A486-DBBD2FDE366B}) (Version: 3.0.765.0 - ATI Technologies, Inc.)
BitTorrent (HKU\S-1-5-21-492065729-501448629-2822315028-1000\...\BitTorrent) (Version: 7.10.3.44397 - BitTorrent Inc.)
Blender (HKLM\...\{DEA73CCA-7EC9-41EA-8509-1041C1CABFD0}) (Version: 2.78.3 - Blender Foundation)
ccc-core-static (HKLM-x32\...\{8ADE5280-35CA-CF98-A456-F66B98C77244}) (Version: 2010.0210.2206.39615 - Nombre de su organización) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.55 - Piriform)
COMODO Cloud Antivirus (HKLM-x32\...\{9E04F23D-3E2E-4A62-AEBF-8BC952465847}) (Version: 1.21.842.0 - COMODO) Hidden
COMODO Cloud Antivirus (HKLM-x32\...\COMODO Cloud Antivirus_list_uninstall) (Version: 1.21.465847.842 - COMODO)
Comodo Dragon (HKLM-x32\...\Comodo Dragon) (Version: 72.0.3626.121 - Comodo)
COMODO Firewall (HKLM\...\{01182FCE-8E8E-419F-8745-24236D28F2F9}) (Version: 11.0.0.6744 - COMODO Security Solutions Inc.) Hidden
COMODO Firewall (HKLM\...\COMODO Internet Security) (Version: 11.0.0.6744 - COMODO Security Solutions Inc.)
Comodo IceDragon (HKLM-x32\...\Comodo IceDragon) (Version: 64.0.4.15 - COMODO)
Core Temp 1.13 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 1.13 - ALCPU)
CPUID CPU-Z 1.87 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.87 - CPUID, Inc.)
Cyberfox Web Browser (HKLM\...\{5EFB52C0-4EC9-46B4-80EB-8432C6599641}_is1) (Version: 52.9.1.0 - 8pecxstudios)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
FlashPeak Slimjet 64bit (HKLM\...\Slimjet) (Version: 22.0.4.0 - FlashPeak Inc.)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 7.2.8.1124 - Foxit Software Inc.)
Galería de fotos (HKLM-x32\...\{198CEF22-A27F-4DC7-9B66-2C22A4B1CA09}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
GeekBuddy (HKLM\...\{3DA2EB59-FB68-4383-9A3B-B348521367C7}) (Version: 4.19.137 - Comodo Security Solutions Inc)
GIMP 2.10.8 (HKLM\...\GIMP-2_is1) (Version: 2.10.8 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 73.0.3683.86 - Google Inc.)
Google Earth (HKLM-x32\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.7 - Google LLC) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
Internet Security Essentials (HKLM-x32\...\ComodoIse) (Version: 1.3.438464.135 - Comodo)
Java 8 Update 181 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180181F0}) (Version: 8.0.1810.13 - Oracle Corporation)
Kinza (HKU\S-1-5-21-492065729-501448629-2822315028-1000\...\Kinza) (Version: 5.4.0 - Los creadores de Kinza)
Lunascape6 (All Users) (HKLM-x32\...\Lunascape6) (Version: 6.15.2.27564 - Lunascape)
Microsoft .NET Framework 4.7.2 (español) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 3082) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft .NET Framework 4.7.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft Encarta 2009 Biblioteca Premium (HKLM-x32\...\{09140081-2C94-4A67-8E55-8483C019C7D2}) (Version: 2009 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Movie Maker (HKLM-x32\...\{38F03569-A636-4CF3-BDDE-032C8C251304}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{9C82436F-F19C-42A4-B476-F87A28A95BF9}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
OpenOffice 4.1.6 (HKLM-x32\...\{ABA77258-70D6-4A14-9AB7-3FA087C470DB}) (Version: 4.16.9790 - Apache Software Foundation)
Opera Stable 58.0.3135.127 (HKLM-x32\...\Opera 58.0.3135.127) (Version: 58.0.3135.127 - Opera Software)
Qualcomm Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.12 - Qualcomm Atheros Communications Inc.)
Qualcomm Atheros Ethernet Utility (HKLM-x32\...\{FB686487-C637-4EEF-BCB1-C92463F2CC05}) (Version: 1.1.0.11 - Qualcomm Atheros Communications Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6657 - Realtek Semiconductor Corp.)
Revo Uninstaller 2.0.6 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.6 - VS Revo Group, Ltd.)
SeaMonkey 2.49.4 (x86 es-AR) (HKLM-x32\...\SeaMonkey 2.49.4 (x86 es-AR)) (Version: 2.49.4 - Mozilla)
VC80CRTRedist - 8.0.50727.6195 (HKLM-x32\...\{933B4015-4618-4716-A828-5289FC03165F}) (Version: 1.2.0 - DivX, Inc) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 3.0.6 - VideoLAN)
Waterfox 56.2.8 (x64 en-US) (HKLM\...\Waterfox 56.2.8 (x64 en-US)) (Version: 56.2.8 - Waterfox Ltd)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-492065729-501448629-2822315028-1000_Classes\CLSID\{635EFA6F-08D6-4EC9-BD14-8A0FDE975159}\localserver32 -> C:\Users\Juan\AppData\Local\Kinza\Application\73.0.3683.86\notification_helper.exe (Dayz Inc.) [File not signed]
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2018-12-17] (Comodo Security Solutions, Inc. -> COMODO)
ContextMenuHandlers1: [Comodo Cloud Antivirus] -> {299C868F-0FB0-46B2-8973-205982E04C7D} => C:\Program Files (x86)\COMODO\COMODO Cloud Antivirus\ccavhelper64.dll [2018-11-06] (Comodo Security Solutions, Inc. -> COMODO)
ContextMenuHandlers1: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x64.dll [2016-02-24] (Foxit Software Incorporated -> Foxit Software Inc.)
ContextMenuHandlers2: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2018-12-17] (Comodo Security Solutions, Inc. -> COMODO)
ContextMenuHandlers2: [Comodo Cloud Antivirus] -> {299C868F-0FB0-46B2-8973-205982E04C7D} => C:\Program Files (x86)\COMODO\COMODO Cloud Antivirus\ccavhelper64.dll [2018-11-06] (Comodo Security Solutions, Inc. -> COMODO)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [MSSE] -> {0365FE2C-F183-4091-AC82-BFC39FB75C49} =>  -> No File
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2010-02-10] (Advanced Micro Devices, Inc.) [File not signed]
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2018-12-17] (Comodo Security Solutions, Inc. -> COMODO)
ContextMenuHandlers6: [Comodo Cloud Antivirus] -> {299C868F-0FB0-46B2-8973-205982E04C7D} => C:\Program Files (x86)\COMODO\COMODO Cloud Antivirus\ccavhelper64.dll [2018-11-06] (Comodo Security Solutions, Inc. -> COMODO)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0193DF24-9C93-4E82-9165-2472627EDB32} - System32\Tasks\COMODO\COMODO Telemetry {18AD3DFA-30C0-4B5F-84F7-F1870B1A4921} => C:\Program Files\COMODO\COMODO Internet Security\cis.exe (Comodo Security Solutions, Inc. -> COMODO)
Task: {09921954-08C5-4695-977F-3ABB9DFF41F8} - System32\Tasks\COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe (Comodo Security Solutions, Inc. -> COMODO)
Task: {0FE2556C-8FC7-4621-A6E0-53656A327BF4} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_156_pepper.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {18E7C200-2FB1-465D-8463-DEB215BCC635} - System32\Tasks\COMODO\COMODO CMC {06A09C0F-DD9C-4191-A670-71115CD78627} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe (Comodo Security Solutions, Inc. -> COMODO)
Task: {277204F1-52F0-472A-82C8-4A4E36E3D96D} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_156_Plugin.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {31B6EB8A-16E9-4960-A74D-35990987BD6B} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe (Comodo Security Solutions, Inc. -> COMODO)
Task: {464CEAE7-574B-4D26-95E9-CA4A5221931C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {6B495784-47A7-4D89-92F8-90E09F937CC4} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe (Comodo Security Solutions, Inc. -> COMODO)
Task: {6E7F8D97-7296-43F6-B44C-9DC9F02D5B45} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe (Piriform Software Ltd -> Piriform Software Ltd)
Task: {7835F476-6880-485D-A81A-956715A0470A} - System32\Tasks\Opera scheduled Autoupdate 1525785882 => C:\Program Files\Opera\launcher.exe (Opera Software AS -> Opera Software)
Task: {7FE616EE-3D03-485F-9705-BFCB59B7DDCE} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {80C91E35-574A-43D7-970F-319C498F37F8} - System32\Tasks\ASUS\ASUS Update Checker => C:\Program Files (x86)\ASUS\ASUSUpdate\UpdateChecker\UpdateChecker.exe (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
Task: {B1FE9306-21E3-4355-B754-EE8F29992023} - System32\Tasks\CCAVPostInstall => C:\Program Files (x86)\COMODO\COMODO Cloud Antivirus\ccavsrv.exe (Comodo Security Solutions, Inc. -> COMODO)
Task: {C03C8988-286F-4076-B753-DB67085D6BEE} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
Task: {E49F0B92-52FD-4AD8-9058-15657B1848FD} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Actualización del Navegador Yandex.job => C:\Users\Juan\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
Task: C:\Windows\Tasks\Actualización del sistema del Navegador Yandex.job => C:\Program Files (x86)\Yandex\YandexBrowser\18.4.0.2080\service_update.exe
Task: C:\Windows\Tasks\AdwCleaner_onReboot.job => C:\Users\Juan\Desktop\adwcleaner_7.2.7.0.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


ShortcutWithArgument: C:\Users\Juan\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\4242a155fcc27c2b\FlashPeak Slimjet (64 bit).lnk -> C:\Program Files\Slimjet\slimjet.exe (FlashPeak Inc.) -> --profile-directory=Default
ShortcutWithArgument: C:\Users\Juan\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\199cd564bdca96dc\FlashPeak Slimjet (64 bit).lnk -> C:\Program Files\Slimjet\slimjet.exe (FlashPeak Inc.) -> --profile-directory=Default

==================== Loaded Modules (Whitelisted) ==============

2019-03-28 16:56 - 2019-02-21 13:00 - 000078336 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
2009-04-22 17:38 - 2009-04-22 17:38 - 000065536 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
2013-10-07 16:32 - 2013-10-07 16:32 - 000106496 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\MOM.Implementation\2.0.3693.39720__90ba9c70f846762e\MOM.Implementation.dll
2013-10-07 16:32 - 2013-10-07 16:32 - 000032768 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\LOG.Foundation\2.0.3693.39579__90ba9c70f846762e\LOG.Foundation.dll
2013-10-07 16:32 - 2013-10-07 16:32 - 000036864 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.3693.39584__90ba9c70f846762e\LOG.Foundation.Private.dll
2013-10-07 16:32 - 2013-10-07 16:32 - 000065536 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.3693.39717__90ba9c70f846762e\LOG.Foundation.Implementation.dll
2013-10-07 16:32 - 2013-10-07 16:32 - 000005632 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\MOM.Foundation\2.0.3693.39585__90ba9c70f846762e\MOM.Foundation.dll
2013-10-07 16:32 - 2013-10-07 16:32 - 000020480 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.3693.39585__90ba9c70f846762e\LOG.Foundation.Implementation.Private.dll
2013-10-07 16:32 - 2013-10-07 16:32 - 000019456 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CCC.Implementation\2.0.3693.39719__90ba9c70f846762e\CCC.Implementation.dll
2013-10-07 16:32 - 2013-10-07 16:32 - 000015360 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.3693.39581__90ba9c70f846762e\NEWAEM.Foundation.dll
2009-04-22 17:37 - 2009-04-22 17:37 - 000065536 _____ (ATI Technologies Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
2013-10-07 16:32 - 2013-10-07 16:32 - 000098304 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Foundation\2.0.3693.39581__90ba9c70f846762e\CLI.Foundation.dll
2013-10-07 16:32 - 2013-10-07 16:32 - 000057344 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Component.SkinFactory\2.0.3693.39592__90ba9c70f846762e\CLI.Component.SkinFactory.dll
2013-10-07 16:32 - 2013-10-07 16:32 - 000028672 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.3693.39720__90ba9c70f846762e\CLI.Foundation.XManifest.dll
2013-10-07 16:32 - 2013-10-07 16:32 - 000061440 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.3693.39591__90ba9c70f846762e\CLI.Component.Runtime.dll
2013-10-07 16:32 - 2013-10-07 16:32 - 000049152 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.3693.39587__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.dll
2013-10-07 16:32 - 2013-10-07 16:32 - 000040960 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.3693.39586__90ba9c70f846762e\CLI.Foundation.Private.dll
2013-10-07 16:32 - 2013-10-07 16:32 - 000005632 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared\2.0.3693.39586__90ba9c70f846762e\CLI.Component.Runtime.Shared.dll
2013-10-07 16:32 - 2013-10-07 16:32 - 000032768 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.dll
2009-12-11 12:09 - 2009-12-11 12:09 - 000073728 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\ADL.Foundation.dll
2013-10-07 16:32 - 2013-10-07 16:32 - 000045056 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\AEM.Server\2.0.3693.39589__90ba9c70f846762e\AEM.Server.dll
2013-10-07 16:32 - 2013-10-07 16:32 - 000006144 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\AEM.Server.Shared\2.0.3693.39588__90ba9c70f846762e\AEM.Server.Shared.dll
2013-10-07 16:32 - 2013-10-07 16:32 - 000045056 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.3693.39736__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.dll
2013-10-07 16:32 - 2013-10-07 16:32 - 000006656 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.3693.39726__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.dll
2013-10-07 16:32 - 2013-10-07 16:32 - 000007168 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.3693.39581__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.dll
2013-10-07 16:32 - 2013-10-07 16:32 - 000006144 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\AEM.Plugin.WinMessages.Shared\2.0.3693.39587__90ba9c70f846762e\AEM.Plugin.WinMessages.Shared.dll
2013-10-07 16:32 - 2013-10-07 16:32 - 000045056 _____ (ATI Technologies Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.dll
2013-10-07 16:32 - 2013-10-07 16:32 - 000016384 _____ (ATI Technologies Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.dll
2013-10-07 16:32 - 2013-10-07 16:32 - 000006656 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\DEM.Graphics\2.0.3693.39592__90ba9c70f846762e\DEM.Graphics.dll
2013-10-07 16:32 - 2013-10-07 16:32 - 000380928 _____ (Advanced Mirco Devices, Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.3693.39594__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.dll
2013-10-07 16:32 - 2013-10-07 16:32 - 000151552 _____ (Advanced Mirco Devices, Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.3693.39584__90ba9c70f846762e\CLI.Caste.Graphics.Shared.dll
2009-06-17 05:27 - 2009-06-17 05:27 - 000016384 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0709.dll
2013-10-07 16:32 - 2013-10-07 16:32 - 000005632 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.3693.39593__90ba9c70f846762e\AEM.Plugin.GD.Shared.dll
2013-10-07 16:32 - 2013-10-07 16:32 - 000008192 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.3693.39586__90ba9c70f846762e\AEM.Actions.CCAA.Shared.dll
2013-10-07 16:32 - 2013-10-07 16:32 - 000007168 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\ResourceManagement.Foundation.Private\2.0.3693.39591__90ba9c70f846762e\ResourceManagement.Foundation.Private.dll
2008-04-03 16:29 - 2008-04-03 16:29 - 000020480 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0804.dll
2013-10-07 16:32 - 2013-10-07 16:32 - 000069632 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Runtime\2.0.3693.39671__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Runtime.dll
2013-10-07 16:32 - 2013-10-07 16:32 - 000077824 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Runtime\2.0.3693.39701__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Runtime.dll
2013-10-07 16:32 - 2013-10-07 16:32 - 000008704 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime.Shared.Private\2.0.3693.39623__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.Shared.Private.dll
2013-10-07 16:32 - 2013-10-07 16:32 - 000020480 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.3693.39608__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll
2013-10-07 16:32 - 2013-10-07 16:32 - 000040960 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Shared\2.0.3693.39670__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Shared.dll
2013-10-07 16:32 - 2013-10-07 16:32 - 000020480 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.3693.39593__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll
2013-10-07 16:32 - 2013-10-07 16:32 - 000028672 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CustomFormats.Graphics.Shared\2.0.3693.39620__90ba9c70f846762e\CLI.Aspect.CustomFormats.Graphics.Shared.dll
2013-10-07 16:32 - 2013-10-07 16:32 - 000040960 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Runtime\2.0.3693.39630__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Runtime.dll
2009-04-22 12:13 - 2009-04-22 12:13 - 000016384 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0805.dll
2013-10-07 16:32 - 2013-10-07 16:32 - 000040960 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Runtime\2.0.3693.39666__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Runtime.dll
2013-10-07 16:32 - 2013-10-07 16:32 - 000028672 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Shared\2.0.3693.39607__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Shared.dll
2013-10-07 16:32 - 2013-10-07 16:32 - 000045056 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Runtime\2.0.3693.39658__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll
2009-12-08 06:49 - 2009-12-08 06:49 - 000016384 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0912.dll
2013-10-07 16:32 - 2013-10-07 16:32 - 000036864 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Runtime\2.0.3693.39668__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Runtime.dll
2013-10-07 16:32 - 2013-10-07 16:32 - 000065536 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Runtime\2.0.3693.39657__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll
2013-10-07 16:32 - 2013-10-07 16:32 - 000016384 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0706\2.0.2743.23304__90ba9c70f846762e\DEM.Graphics.I0706.dll
2013-10-07 16:32 - 2013-10-07 16:32 - 000065536 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Runtime\2.0.3693.39678__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Runtime.dll
2013-10-07 16:32 - 2013-10-07 16:32 - 000032768 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Shared\2.0.3693.39607__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Shared.dll
2013-10-07 16:32 - 2013-10-07 16:32 - 000053248 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Shared\2.0.3693.39621__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Shared.dll
2013-10-07 16:32 - 2013-10-07 16:32 - 000049152 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Shared\2.0.3693.39606__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Shared.dll
2013-10-07 16:32 - 2013-10-07 16:32 - 000057344 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.3693.39677__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.dll
2013-10-07 16:32 - 2013-10-07 16:32 - 000094208 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Runtime\2.0.3693.39659__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Runtime.dll
2013-10-07 16:32 - 2013-10-07 16:32 - 000065536 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Shared\2.0.3693.39700__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Shared.dll
2013-10-07 16:32 - 2013-10-07 16:32 - 000013312 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Runtime\2.0.3693.39773__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Runtime.dll
2013-10-07 16:32 - 2013-10-07 16:32 - 000061440 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Shared\2.0.3693.39646__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Shared.dll
2013-10-07 16:32 - 2013-10-07 16:32 - 000024576 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Shared\2.0.3693.39665__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Shared.dll
2009-06-17 10:24 - 2009-06-17 10:24 - 000016384 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0906.dll
2013-10-07 16:32 - 2013-10-07 16:32 - 000053248 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Shared\2.0.3693.39657__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Shared.dll
2009-06-17 10:24 - 2009-06-17 10:24 - 000016384 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0712.dll
2013-10-07 16:32 - 2013-10-07 16:32 - 000009728 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Shared\2.0.3693.39728__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Shared.dll
2013-10-07 16:32 - 2013-10-07 16:32 - 000053248 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Runtime\2.0.3693.39656__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Runtime.dll
2008-12-30 11:04 - 2008-12-30 11:04 - 000016384 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0812.dll
2013-10-07 16:32 - 2013-10-07 16:32 - 000061440 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\APM.Server\2.0.3693.39590__90ba9c70f846762e\APM.Server.dll
2013-10-07 16:32 - 2013-10-07 16:32 - 000020480 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\APM.Foundation\2.0.3693.39582__90ba9c70f846762e\APM.Foundation.dll
2013-10-07 16:32 - 2013-10-07 16:32 - 000007168 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Extension.EEU\2.0.3693.39588__90ba9c70f846762e\CLI.Component.Runtime.Extension.EEU.dll
2013-10-07 16:32 - 2013-10-07 16:32 - 000005632 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\AEM.Plugin.REG.Shared\2.0.3693.39736__90ba9c70f846762e\AEM.Plugin.REG.Shared.dll
2013-10-07 16:32 - 2013-10-07 16:32 - 000577536 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Component.Systemtray\2.0.3693.39712__90ba9c70f846762e\CLI.Component.Systemtray.dll
2013-10-07 16:32 - 2013-10-07 16:32 - 000005632 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\AEM.Plugin.EEU.Shared\2.0.3693.39587__90ba9c70f846762e\AEM.Plugin.EEU.Shared.dll
2013-10-07 16:32 - 2013-10-07 16:32 - 000040960 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.3693.39599__90ba9c70f846762e\CLI.Component.Client.Shared.Private.dll
2013-10-07 16:32 - 2013-10-07 16:32 - 000405504 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.3693.39615__90ba9c70f846762e\CLI.Component.Wizard.dll
2013-10-07 16:32 - 2013-10-07 16:32 - 000007680 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.3693.39582__90ba9c70f846762e\CLI.Component.Client.Shared.dll
2013-10-07 16:32 - 2013-10-07 16:32 - 000020480 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.3693.39583__90ba9c70f846762e\CLI.Component.Wizard.Shared.dll
2013-10-07 16:32 - 2013-10-07 16:32 - 000011776 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.3693.39614__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.dll
2013-10-07 16:32 - 2013-10-07 16:32 - 000040960 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.3693.39616__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.dll
2013-10-07 16:32 - 2013-10-07 16:32 - 000016384 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.3693.39615__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.dll
2013-10-07 16:32 - 2013-10-07 16:32 - 000491520 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Wizard\2.0.3693.39728__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Wizard.dll
2013-10-07 16:32 - 2013-10-07 16:32 - 000040960 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.3693.39727__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.dll
2013-10-07 16:32 - 2013-10-07 16:32 - 000741376 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\ResourceManagement.Foundation.Implementation\2.0.3693.39765__90ba9c70f846762e\ResourceManagement.Foundation.Implementation.dll
2013-10-07 16:32 - 2013-10-07 16:32 - 000094208 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.3693.39679__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.dll
2013-10-07 16:32 - 2013-10-07 16:32 - 000007168 _____ ( ) [File not signed] C:\Windows\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.dll
2013-10-07 16:32 - 2013-10-07 16:32 - 000409600 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Wizard\2.0.3693.39691__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Wizard.dll
2013-10-07 16:32 - 2013-10-07 16:32 - 001708032 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager2.Graphics.Wizard\2.0.3693.39773__90ba9c70f846762e\CLI.Aspect.DisplaysManager2.Graphics.Wizard.dll
2013-10-07 16:32 - 2013-10-07 16:32 - 000204800 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.3693.39624__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.dll
2013-10-07 16:32 - 2013-10-07 16:32 - 001220608 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.3693.39601__90ba9c70f846762e\CLI.Component.Dashboard.dll
2013-10-07 16:32 - 2013-10-07 16:32 - 000024576 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.3693.39583__90ba9c70f846762e\CLI.Component.Dashboard.Shared.dll
2013-10-07 16:32 - 2013-10-07 16:32 - 000010240 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.3693.39599__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.dll
2013-10-07 16:32 - 2013-10-07 16:32 - 000073728 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.3693.39606__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.dll
2013-10-07 16:32 - 2013-10-07 16:32 - 000016384 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.3693.39606__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.dll
2013-10-07 16:32 - 2013-10-07 16:32 - 000065536 _____ (Advanced Mirco Devices, Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.3693.39729__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.dll
2013-10-07 16:32 - 2013-10-07 16:32 - 000196608 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.3693.39625__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll
2013-10-07 16:32 - 2013-10-07 16:32 - 001294336 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager2.Graphics.Dashboard\2.0.3693.39768__90ba9c70f846762e\CLI.Aspect.DisplaysManager2.Graphics.Dashboard.dll
2013-10-07 16:32 - 2013-10-07 16:32 - 000270336 _____ () [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2013-10-07 16:32 - 2013-10-07 16:32 - 000094208 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Dashboard\2.0.3693.39666__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.dll
2013-10-07 16:32 - 2013-10-07 16:32 - 000397312 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Dashboard\2.0.3693.39658__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Dashboard.dll
2013-10-07 16:32 - 2013-10-07 16:32 - 000372736 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Dashboard\2.0.3693.39652__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Dashboard.dll
2013-10-07 16:32 - 2013-10-07 16:32 - 000356352 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Dashboard\2.0.3693.39678__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Dashboard.dll
2013-10-07 16:32 - 2013-10-07 16:32 - 000573440 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Dashboard\2.0.3693.39626__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Dashboard.dll
2013-10-07 16:32 - 2013-10-07 16:32 - 000827392 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Dashboard\2.0.3693.39660__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Dashboard.dll
2013-11-18 00:00 - 2013-11-18 00:00 - 001093632 _____ (Microsoft Corporation) [File not signed] C:\Windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.42_none_d6c3e7af9bae13a2\MFC80.DLL
2001-06-20 13:26 - 2001-06-20 13:26 - 000221184 _____ (Microsoft Corporation) [File not signed] C:\Program Files (x86)\Common Files\Microsoft Shared\Information Retrieval\msitss.dll
2001-06-20 13:14 - 2001-06-20 13:14 - 000188416 _____ (Microsoft Corporation) [File not signed] C:\Program Files (x86)\Common Files\Microsoft Shared\Information Retrieval\itircl54.dll
2008-06-06 04:23 - 2008-06-06 04:23 - 000033792 _____ (Microsoft Corporation) [File not signed] C:\Program Files (x86)\Microsoft Encarta\Encarta 2009 Biblioteca Premium DVD\custsat.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Windows\explorer.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\notepad.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\WLXPGSS.SCR:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\aaclient.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\adsmsext.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\aelupsvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\amdpcom64.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\apphelp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\asycfilt.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\atiapfxx.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\aticalcl64.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\aticaldd64.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\aticalrt64.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\atiedu64.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\atig6pxx.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\atig6txx.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\atiglpxx.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\atimpc64.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\atimuixx.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\atio6axx.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ATIODCLI.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ATIODE.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\atitmm64.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\atiu9p64.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\atiumd64.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\atiumd6a.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\basesrv.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\bcdedit.exe:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\bcryptprimitives.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\chajei.ime:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\cintlgnt.ime:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\coinst.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\COLORCNV.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\comctl32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\CPFilters.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\d3d10level9.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\davclnt.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\devenum.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\diskperf.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\dwmapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\dwmcore.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\els.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\EncDec.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\fixmapi.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\fveapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\fveapibase.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\FwRemoteSvr.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\gpapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\gpprefcl.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\gpscript.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\gpscript.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\gpsvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\IMJP10.IME:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\IMJP10K.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\imkr80.ime:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\InkEd.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\input.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\IPSECSVC.DLL:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\KBDAZE.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\KBDAZEL.DLL:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\kbdgeoqw.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ksproxy.ax:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ksuser.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\logman.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mapistub.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mcmde.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mfmjpegdec.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mfvdsp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\MFWMAAEC.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\MP3DMOD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\MP43DECD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\MP4SDECD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\MPG4DECD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\msmpeg2adec.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\MSMPEG2ENC.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\msmpeg2vdec.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mstscax.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mtxoci.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\nlsbres.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\notepad.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\phon.ime:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\pintlgnt.ime:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\pku2u.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\polstore.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\qasf.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\qintlgnt.ime:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\quick.ime:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\relog.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\RESAMPLEDMO.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\samlib.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\samsrv.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\scavengeui.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\sdbinst.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\sechost.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\shimeng.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\SysFxUI.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\tbs.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\tdh.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\tintlgnt.ime:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\tracerpt.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\tsgqec.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\typeperf.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\UIAnimation.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\user32.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\VIDRESZR.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WebClnt.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\winipsec.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\winresume.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WMADMOD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WMADMOE.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wmpmde.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WMSPDMOD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WMSPDMOE.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WMVDECOD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WMVENCOD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WMVSDECD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WMVSENCD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WMVXENCD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wshrm.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WSManHTTPConfig.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WSManMigrationPlugin.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WsmAuto.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wsmplpxy.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wsmprovhost.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WsmRes.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WsmSvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WsmWmiPl.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\aaclient.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\adsmsext.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\amdpcom32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\apphelp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\asycfilt.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\ati2edxx.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\atiadlxy.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\aticalcl.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\aticaldd.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\aticalrt.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\aticfx32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\atidxx32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\atigktxx.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\atiglpxx.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\atimpc32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\atioglxx.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\atiu9pag.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\atiumdag.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\atiumdva.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\atiuxpag.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\bcryptprimitives.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\cewmdm.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\chajei.ime:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\cintlgnt.ime:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\COLORCNV.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\comctl32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\CPFilters.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\d3d10level9.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\davclnt.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\devenum.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\diskperf.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\dwmapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\dwmcore.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\els.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\EncDec.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\explorer.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\fixmapi.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\fmcodec.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\FwRemoteSvr.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\gpapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\gpprefcl.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\gpscript.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\gpscript.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\IMJP10.IME:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\IMJP10K.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\imkr80.ime:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\InkEd.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\input.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\KBDAZE.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\KBDAZEL.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\kbdgeoqw.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\ksproxy.ax:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\ksuser.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\logman.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\mapi32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\mapistub.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\mfds.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\mfmjpegdec.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\mfvdsp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\MFWMAAEC.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\MP3DMOD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\MP43DECD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\MP4SDECD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\MPG4DECD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\msmpeg2adec.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\MSMPEG2ENC.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\msmpeg2vdec.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\msorcl32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\mstscax.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\mswsock.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\mtxoci.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\nlsbres.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\notepad.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\olepro32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\phon.ime:$CmdTcID [32]
AlternateDataStreams: C:\Windows\SysWOW64\pintlgnt.ime:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\pku2u.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\polstore.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\qasf.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\qedit.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\qintlgnt.ime:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\quick.ime:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\relog.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\RESAMPLEDMO.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\samlib.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\sdbinst.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\sechost.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\shimeng.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\tbs.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\tdh.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\tintlgnt.ime:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\tracerpt.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\tsgqec.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\typeperf.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\UIAnimation.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\user32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\VIDRESZR.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WebClnt.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\webio.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\winipsec.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WMADMOD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WMADMOE.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\wmpmde.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WMSPDMOD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WMSPDMOE.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WMVDECOD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WMVENCOD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WMVSDECD.DLL:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\WMVSENCD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WMVXENCD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\wpdshext.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\ws2_32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\wshrm.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WSManHTTPConfig.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WSManMigrationPlugin.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WsmAuto.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\wsmplpxy.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\wsmprovhost.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WsmRes.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WsmSvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WsmWmiPl.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\ati2erec.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\atikmdag.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\atikmpag.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\CFRMD.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\disk.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\drmk.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\drmkaud.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\mrxdav.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\portcls.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\rmcast.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\tcpipreg.sys:$CmdTcID [64]
AlternateDataStreams: C:\ProgramData\TEMP:56E2E879 [131]
0 me gusta

#16
==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppXSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BFE => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BITS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\camsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ClipSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dps => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\lfsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mbamchameleon => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MpsSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\msiserver => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\semgrsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SharedAccess => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\shellhwdetection => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TokenBroker => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRemoveSafeBoot => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vss => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WSService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppXSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BITS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\camsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ClipSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dps => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\lfsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mbamchameleon => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\msiserver => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SamSs => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\semgrsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\shellhwdetection => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srv => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srv2 => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srvnet => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TokenBroker => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRemoveSafeBoot => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vss => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WSService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 23:34 - 2018-08-10 08:29 - 000000855 _____ C:\Windows\system32\drivers\etc\hosts

127.0.0.1       localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path: C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\Java\javapath;C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files (x86)\Windows Live\Shared
HKU\S-1-5-21-492065729-501448629-2822315028-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Juan\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: Media is not connected to internet.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is disabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

MSCONFIG\startupreg: Vivaldi Update Notifier => "C:\Users\Juan\AppData\Local\Vivaldi\Application\update_notifier.exe"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{EAF0AB41-FA73-4228-9E3B-7A8E367C8EB2}] => (Allow) C:\Program Files\Waterfox\waterfox.exe (Waterfox Limited -> Mozilla Corporation)
FirewallRules: [{A9B7E064-A8A9-4F55-9C70-2900A0309E51}] => (Allow) C:\Program Files\Waterfox\waterfox.exe (Waterfox Limited -> Mozilla Corporation)
FirewallRules: [{F8861793-05B5-400D-B826-5BC7E8BA8169}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{61897C85-A016-442D-8AFA-E0BAAF810899}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{B28C560D-FD98-4296-AEB9-3096B955272A}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.)
FirewallRules: [{ED8900B2-6400-4D19-A847-6FD0D44BB7D8}] => (Allow) C:\Users\Juan\AppData\Local\Kinza\Application\kinza.exe (Dayz Corporation -> Dayz Inc.)
FirewallRules: [{5F998169-3A79-43E3-A785-EF2719CA175C}] => (Allow) C:\Program Files\Opera\58.0.3135.118\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{4089613D-63D1-467A-9E00-68524B911FBE}] => (Allow) C:\Program Files\Opera\58.0.3135.127\opera.exe (Opera Software AS -> Opera Software)

==================== Restore Points =========================

28-03-2019 01:13:43 Windows Update
28-03-2019 17:05:24 Revo Uninstaller's restore point - WinZip 23.0
28-03-2019 17:06:22 Removed WinZip 23.0.
01-04-2019 08:33:29 Revo Uninstaller's restore point - Malwarebytes versión 3.7.1.2839

==================== Faulty Device Manager Devices =============

Name: Teredo Tunneling Pseudo-Interface
Description: Adaptador de tunelización Teredo de Microsoft
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (04/02/2019 06:14:46 PM) (Source: Windows Search Service) (EventID: 10021) (User: )
Description: No se pudo obtener la información del Registro del contador de rendimiento de WSearchIdxPi para la instancia   debido al siguiente error: La operación se completó correctamente.   0x0.

Error: (04/02/2019 06:14:22 PM) (Source: Windows Search Service) (EventID: 3007) (User: )
Description: No se puede inicializar la supervisión de rendimiento para el objeto Recopilador; no se cargaron los contadores o no se pudo abrir el objeto de memoria compartida. Esto sólo afecta a la disponibilidad de contadores del rendimiento. Reinicie el equipo.

Contexto: aplicación , catálogo SystemIndex

Error: (04/02/2019 06:14:22 PM) (Source: Windows Search Service) (EventID: 3006) (User: )
Description: No se puede inicializar la supervisión del rendimiento para el servicio Recopilador; no se cargaron los contadores o no se puede abrir el objeto de memoria compartida. Esto sólo afecta a la disponibilidad de contadores del rendimiento. Reinicie el equipo.

Error: (04/02/2019 11:53:52 AM) (Source: Windows Search Service) (EventID: 10021) (User: )
Description: No se pudo obtener la información del Registro del contador de rendimiento de WSearchIdxPi para la instancia   debido al siguiente error: La operación se completó correctamente.   0x0.

Error: (04/02/2019 11:53:40 AM) (Source: Windows Search Service) (EventID: 3007) (User: )
Description: No se puede inicializar la supervisión de rendimiento para el objeto Recopilador; no se cargaron los contadores o no se pudo abrir el objeto de memoria compartida. Esto sólo afecta a la disponibilidad de contadores del rendimiento. Reinicie el equipo.

Contexto: aplicación , catálogo SystemIndex

Error: (04/02/2019 11:53:40 AM) (Source: Windows Search Service) (EventID: 3006) (User: )
Description: No se puede inicializar la supervisión del rendimiento para el servicio Recopilador; no se cargaron los contadores o no se puede abrir el objeto de memoria compartida. Esto sólo afecta a la disponibilidad de contadores del rendimiento. Reinicie el equipo.

Error: (04/02/2019 07:03:32 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Error en la extracción de la lista raíz de terceros del archivo .CAB actualizado automáticamente: <http://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> con el error: El certificado no es valido para el uso solicitado.
.

Error: (04/02/2019 07:02:30 AM) (Source: Windows Search Service) (EventID: 10021) (User: )
Description: No se pudo obtener la información del Registro del contador de rendimiento de WSearchIdxPi para la instancia   debido al siguiente error: La operación se completó correctamente.   0x0.


System errors:
=============
Error: (04/02/2019 06:16:16 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Se recibió la siguiente alerta irrecuperable: 80.

Error: (04/02/2019 06:16:14 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Se recibió la siguiente alerta irrecuperable: 80.

Error: (04/02/2019 06:16:13 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Se recibió la siguiente alerta irrecuperable: 80.

Error: (04/02/2019 02:47:58 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Se recibió la siguiente alerta irrecuperable: 80.

Error: (04/02/2019 02:47:56 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Se recibió la siguiente alerta irrecuperable: 80.

Error: (04/02/2019 02:47:54 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Se recibió la siguiente alerta irrecuperable: 80.

Error: (04/02/2019 02:41:57 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: El servidor {995C996E-D918-4A8C-A302-45719A6F4EA7} no se registró con DCOM dentro del tiempo de espera requerido.

Error: (04/02/2019 02:41:51 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Se agotó el tiempo de espera (30000 ms) para la respuesta de transacción del servicio WwanSvc.


CodeIntegrity:
===================================

Date: 2018-08-08 15:53:30.557
Description: 
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\SMCLpav\Pav2WSC.exe porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

Date: 2018-08-08 15:53:30.198
Description: 
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\SMCLpav\Pav2WSC.exe porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

Date: 2018-08-08 15:53:29.823
Description: 
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\SMCLpav\Pav2WSC.exe porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

Date: 2018-08-08 15:12:04.806
Description: 
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\SMCLpav\Pav2WSC.exe porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

Date: 2018-08-08 15:12:04.478
Description: 
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\SMCLpav\Pav2WSC.exe porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

Date: 2018-08-08 15:12:04.151
Description: 
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\SMCLpav\Pav2WSC.exe porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

Date: 2018-08-08 15:12:03.823
Description: 
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\SMCLpav\Pav2WSC.exe porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

Date: 2018-08-08 15:12:03.511
Description: 
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\SMCLpav\Pav2WSC.exe porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

==================== Memory info =========================== 

Processor: AMD Athlon(tm) II X2 270 Processor
Percentage of memory in use: 70%
Total physical RAM: 3838.12 MB
Available physical RAM: 1126.85 MB
Total Virtual: 7674.38 MB
Available Virtual: 4502.52 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:465.66 GB) (Free:300.29 GB) NTFS

\\?\Volume{ad258d42-2f38-11e3-af71-806e6f6e6963}\ (Reservado para el sistema) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 46678705)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465.7 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================
0 me gusta

#17

Bien… y ahora sigue estos pasos, :arrow_forward: MUY Importante :arrow_backward: Realiza una copia de seguridad del registro :

  • Para hacerlo descarga :arrow_forward: DelFix.exe(en tu escritorio).

  • Doble clic para ejecutarlo.(Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona -Ejecutar como Administrador-).

  • Atención, ahora marca/selecciona únicamente la casilla :white_check_mark: Create registry backup, las demás casillas NO. :face_with_monocle:

  • Pulsar en Run.

Se abrirá el informe (DelFix.txt), guárdalo por si fuera necesario y cierra la herramienta.

:warning: Con los demás programas cerrados ve a :arrow_forward: Inicio :arrow_forward: Ejecutar :arrow_forward: y escribe Notepad.exe.

  • Ahora debes copiar y pegar los códigos/líneas que están en el interior del recuadro de más abajo, dentro del Notepad.
START
CREATERESTOREPOINT:
CLOSEPROCESSES:
ContextMenuHandlers4: [MSSE] -> {0365FE2C-F183-4091-AC82-BFC39FB75C49} => -> No File
Task: C:\Windows\Tasks\Actualización del Navegador Yandex.job => C:\Users\Juan\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
Task: C:\Windows\Tasks\Actualización del sistema del Navegador Yandex.job => C:\Program Files (x86)\Yandex\YandexBrowser\18.4.0.2080\service_update.exe
Task: C:\Windows\Tasks\AdwCleaner_onReboot.job => C:\Users\Juan\Desktop\adwcleaner_7.2.7.0.exe
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mbamchameleon => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mbamchameleon => ""="Driver"
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
FF Homepage: Mozilla\SeaMonkey\Profiles\ti8jot3e.default -> yandex.com
FF Extension: (UNDER THE MIDNIGHT MOON) - C:\Users\Juan\AppData\Roaming\Comodo\IceDragon\Profiles\7ibtrihw.default\Extensions\{2b02bbf4-452c-4276-88c0-8d63d6430467}.xpi [2019-03-23]
FF Extension: (Media Downloader) - C:\Users\Juan\AppData\Roaming\Comodo\IceDragon\Profiles\7ibtrihw.default\Extensions\{5e9eca63-6e0d-47ce-9862-07d938121575}.xpi [2019-01-22] [Legacy]
FF Extension: (Flag of Iran 2) - C:\Users\Juan\AppData\Roaming\Comodo\IceDragon\Profiles\7ibtrihw.default\Extensions\{782bd0b8-b842-4d9f-a20f-1ef8de078e84}.xpi [2019-03-23]
FF Extension: (ANIMATED AVIATOR SNOOPY) - C:\Users\Juan\AppData\Roaming\Comodo\IceDragon\Profiles\7ibtrihw.default\Extensions\{ac835a9d-b7cc-49d0-8854-4f4dffe03dd1}.xpi [2019-03-23]
FF Extension: (NeoBux AdAlert) - C:\Users\Juan\AppData\Roaming\Comodo\IceDragon\Profiles\7ibtrihw.default\Extensions\{eb80b076-a444-444c-a590-5aee5d977d80}.xpi [2018-08-10]
FF Plugin: @videolan.org/vlc,version=2.2.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [No File]
FF Plugin-x32: @videolan.org/vlc,version=3.0.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [No File]
FF Plugin-x32: @videolan.org/vlc,version=3.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [No File]
2019-03-28 17:44 - 2019-03-28 17:44 - 000015625 _____ () C:\Users\Juan\AppData\Local\recently-used.xbel
2015-11-05 16:02 - 2018-01-21 11:14 - 000007598 _____ () C:\Users\Juan\AppData\Local\Resmon.ResmonCfg
2019-04-02 11:47 - 2019-04-02 11:47 - 000858912 _____ (Malwarebytes) C:\Users\Juan\Desktop\mb-clean-3.1.0.1035.exe
2019-04-01 08:51 - 2019-04-01 10:00 - 000000000 ____D C:\Program Files\Malwarebytes
HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
END

Guárdalo bajo el nombre de FIXLIST.TXT en el escritorio :arrow_backward: Esto es muy importante.

:o: Nota :o: Es importante que la herramienta FRST.exe(Farbar Recovery Scanner Tool) y FIXLIST.TXT se encuentren en la misma ubicación (escritorio) o si no, no trabajara.

Y ahora inicia tu equipo desde el :arrow_forward: Modo Seguro – con funciones de Red, de Windows

  • Ejecuta FRST.exe.(Si usas Windows Vista/7/8 o 10, presiona clic derecho y seleccionas -Ejecutar como Administrador-).

  • Presionar el botón FIX y aguardar a que termine.

  • La Herramienta guardara el reporte de reparación en el escritorio (FIXLOG.TXT).

Pegar el contenido de este fichero en tu próxima respuesta, para que podamos analizarlo. :+1:

Saludos.

0 me gusta

#18

Acá, te mando el FIXLOG.TXT.

Fix result of Farbar Recovery Scan Tool (x64) Version: 17.03.2019
Ran by Juan (03-04-2019 10:13:13) Run:1
Running from C:\Users\Juan\Desktop
Loaded Profiles: Juan (Available Profiles: Juan)
Boot Mode: Safe Mode (with Networking)
==============================================

fixlist content:
*****************
START
CREATERESTOREPOINT:
CLOSEPROCESSES:
ContextMenuHandlers4: [MSSE] -> {0365FE2C-F183-4091-AC82-BFC39FB75C49} => -> No File
Task: C:\Windows\Tasks\Actualizaci�n del Navegador Yandex.job => C:\Users\Juan\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
Task: C:\Windows\Tasks\Actualizaci�n del sistema del Navegador Yandex.job => C:\Program Files (x86)\Yandex\YandexBrowser\18.4.0.2080\service_update.exe
Task: C:\Windows\Tasks\AdwCleaner_onReboot.job => C:\Users\Juan\Desktop\adwcleaner_7.2.7.0.exe
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mbamchameleon => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mbamchameleon => ""="Driver"
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
FF Homepage: Mozilla\SeaMonkey\Profiles\ti8jot3e.default -> yandex.com
FF Extension: (UNDER THE MIDNIGHT MOON) - C:\Users\Juan\AppData\Roaming\Comodo\IceDragon\Profiles\7ibtrihw.default\Extensions\{2b02bbf4-452c-4276-88c0-8d63d6430467}.xpi [2019-03-23]
FF Extension: (Media Downloader) - C:\Users\Juan\AppData\Roaming\Comodo\IceDragon\Profiles\7ibtrihw.default\Extensions\{5e9eca63-6e0d-47ce-9862-07d938121575}.xpi [2019-01-22] [Legacy]
FF Extension: (Flag of Iran 2) - C:\Users\Juan\AppData\Roaming\Comodo\IceDragon\Profiles\7ibtrihw.default\Extensions\{782bd0b8-b842-4d9f-a20f-1ef8de078e84}.xpi [2019-03-23]
FF Extension: (ANIMATED AVIATOR SNOOPY) - C:\Users\Juan\AppData\Roaming\Comodo\IceDragon\Profiles\7ibtrihw.default\Extensions\{ac835a9d-b7cc-49d0-8854-4f4dffe03dd1}.xpi [2019-03-23]
FF Extension: (NeoBux AdAlert) - C:\Users\Juan\AppData\Roaming\Comodo\IceDragon\Profiles\7ibtrihw.default\Extensions\{eb80b076-a444-444c-a590-5aee5d977d80}.xpi [2018-08-10]
FF Plugin: @videolan.org/vlc,version=2.2.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [No File]
FF Plugin-x32: @videolan.org/vlc,version=3.0.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [No File]
FF Plugin-x32: @videolan.org/vlc,version=3.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [No File]
2019-03-28 17:44 - 2019-03-28 17:44 - 000015625 _____ () C:\Users\Juan\AppData\Local\recently-used.xbel
2015-11-05 16:02 - 2018-01-21 11:14 - 000007598 _____ () C:\Users\Juan\AppData\Local\Resmon.ResmonCfg
2019-04-02 11:47 - 2019-04-02 11:47 - 000858912 _____ (Malwarebytes) C:\Users\Juan\Desktop\mb-clean-3.1.0.1035.exe
2019-04-01 08:51 - 2019-04-01 10:00 - 000000000 ____D C:\Program Files\Malwarebytes
HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
END
*****************

Error: Restore point can only be created in normal mode.
Processes closed successfully.
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\MSSE => removed successfully
HKLM\Software\Classes\CLSID\{0365FE2C-F183-4091-AC82-BFC39FB75C49} => not found
"C:\Windows\Tasks\Actualizaci�n del Navegador Yandex.job" => not found
"C:\Windows\Tasks\Actualizaci�n del sistema del Navegador Yandex.job" => not found
C:\Windows\Tasks\AdwCleaner_onReboot.job => moved successfully
HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\mbamchameleon => removed successfully
HKLM\System\CurrentControlSet\Control\SafeBoot\Network\mbamchameleon => removed successfully
"HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully
"HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully
"HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully
"Firefox homepage" => removed successfully
C:\Users\Juan\AppData\Roaming\Comodo\IceDragon\Profiles\7ibtrihw.default\Extensions\{2b02bbf4-452c-4276-88c0-8d63d6430467}.xpi => moved successfully
C:\Users\Juan\AppData\Roaming\Comodo\IceDragon\Profiles\7ibtrihw.default\Extensions\{5e9eca63-6e0d-47ce-9862-07d938121575}.xpi => moved successfully
C:\Users\Juan\AppData\Roaming\Comodo\IceDragon\Profiles\7ibtrihw.default\Extensions\{782bd0b8-b842-4d9f-a20f-1ef8de078e84}.xpi => moved successfully
C:\Users\Juan\AppData\Roaming\Comodo\IceDragon\Profiles\7ibtrihw.default\Extensions\{ac835a9d-b7cc-49d0-8854-4f4dffe03dd1}.xpi => moved successfully
C:\Users\Juan\AppData\Roaming\Comodo\IceDragon\Profiles\7ibtrihw.default\Extensions\{eb80b076-a444-444c-a590-5aee5d977d80}.xpi => moved successfully
"HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.2.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN" => not found
C:\Program Files\VideoLAN\VLC\npvlc.dll => moved successfully
"HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN" => not found
"C:\Program Files\VideoLAN\VLC\npvlc.dll" => not found
"HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.2.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN" => not found
"C:\Program Files\VideoLAN\VLC\npvlc.dll" => not found
"HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.2.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN" => not found
"C:\Program Files\VideoLAN\VLC\npvlc.dll" => not found
"HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN" => not found
"C:\Program Files\VideoLAN\VLC\npvlc.dll" => not found
HKLM\Software\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=3.0.0 => removed successfully
HKLM\Software\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=3.0.3 => removed successfully
HKLM\Software\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=3.0.4 => removed successfully
C:\Users\Juan\AppData\Local\recently-used.xbel => moved successfully
C:\Users\Juan\AppData\Local\Resmon.ResmonCfg => moved successfully
"C:\Users\Juan\Desktop\mb-clean-3.1.0.1035.exe" => not found
C:\Program Files\Malwarebytes => moved successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

========= RemoveProxy: =========

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer => removed successfully
HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Internet Explorer => removed successfully
HKU\S-1-5-21-492065729-501448629-2822315028-1000\SOFTWARE\Policies\Microsoft\Internet Explorer => removed successfully
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully
"HKU\S-1-5-21-492065729-501448629-2822315028-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\S-1-5-21-492065729-501448629-2822315028-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully


========= End of RemoveProxy: =========


========= netsh winsock reset =========


El cat logo Winsock se restableci¢ correctamente.
Debe reiniciar el equipo para completar el restablecimiento.


========= End of CMD: =========


========= ipconfig /renew =========


Configuraci¢n IP de Windows


Adaptador de Ethernet Conexi¢n de  rea local:

   Sufijo DNS espec¡fico para la conexi¢n. . : 
   V¡nculo: direcci¢n IPv6 local. . . : fe80::8967:c0a:4e92:fe5e%11
   Direcci¢n IPv4. . . . . . . . . . . . . . : 192.168.13.100
   M scara de subred . . . . . . . . . . . . : 255.255.255.0
   Puerta de enlace predeterminada . . . . . : 192.168.13.1

========= End of CMD: =========


========= ipconfig /flushdns =========


Configuraci¢n IP de Windows

Se vaci¢ correctamente la cach‚ de resoluci¢n de DNS.

========= End of CMD: =========


========= bitsadmin /reset /allusers =========


BITSADMIN version 3.0 [ 7.5.7601 ]
BITS administration utility.
(C) Copyright 2000-2006 Microsoft Corp.

BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.

Unable to connect to BITS - 0x8007042c
No se puede iniciar el servicio o grupo de dependencia.



========= End of CMD: =========


========= netsh advfirewall reset =========

Aceptar


========= End of CMD: =========


========= netsh advfirewall set allprofiles state ON =========

Aceptar


========= End of CMD: =========


========= netsh int ipv4 reset =========

Global se restableci¢ correctamente.
Interfaz se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.


========= End of CMD: =========


========= netsh int ipv6 reset =========

No hay valores configurados por el usuario para restablecer.


========= End of CMD: =========


=========== EmptyTemp: ==========

BITS transfer queue => 4194304 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 34842584 B
Java, Flash, Steam htmlcache => 1154 B
Windows/system/drivers => 81916155 B
Edge => 0 B
Chrome => 414856656 B
Firefox => 0 B
Opera => 16778132 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 128 B
systemprofile32 => 128 B
LocalService => 0 B
NetworkService => 0 B
Juan => 4116688 B

RecycleBin => 4884906160 B
EmptyTemp: => 5.1 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 10:14:48 ====
0 me gusta

#19

Perfecto y ahora ejecuta un análisis con :arrow_forward: ESET Online y cuando te salga esta pantalla :


Debes seguir estos pasos :

  • 1.- Marcas :ballot_box_with_check: todas esas opciones.
  • 2.- Pulsar sobre " Cambiar……" y seleccionas todas las unidades de disco y/o usb que tengas.
  • 3.- Pulsar en “Iniciar” y comenzara el análisis.

Con esto realizaras un análisis completo de todo el equipo, cuando termines todo el proceso, guardas el informe, que veras la opción para exportar/guardar en TXT y lo dejas guardado en tu escritorio para ponerlo en tu próxima respuesta.

Finalizas el proceso desinfectando los elementos encontrados y Reinicia tu PC, y nos pones el informe en tu próxima respuesta para poder analizarlo.

Saludos.

0 me gusta

#20

Tengo dos opciones que no aparecen en la descripción. Y, para poder seguir adelante, tenía que seleccionar una de esas; entonces, seleccioné la 1ª.

Y, después, en el 2do paso, casi al final, me sale este mensaje…

Aclaro, que, el procedimiento lo hice desactivando el antivirus.

0 me gusta