No puedo instalar MALWAREBYTES ANTIMALWARE Free

Eliminar Malwares
1

Estoy intentando instalar Malwarebytes Antimalware Free y no me deja ya que me sale un cuadro que textualmente dice “You do not have sufficient permissions (either disk or registry) to install Malwarebytes” ¿Alguien me puede decir algo?. Muchas gracias

2

Un saludo.

¿Estás ejecutando la instalación desde una cuenta de administrador?

Saludos.

3

Si. Casi todos los programas los instalo como Administrador. Muchas gracias por tu rápida contestación. Habrá que seguir investigando…

4

Hola.

Es posible que un malware esté impidiendo la instalación del programa. Vamos a pasar KVRT para ver si podemos solucionarlo.

Descárgalo desde este enlace oficial:

Lo ejecutas con las unidades externas conectadas, por si son vector de infección. Sigue su manual, mandando a cuarentena aquello que detecte:

Para que pueda ver los resultados, sube una captura de pantalla en tu siguiente respuesta.

Saludos.

5

No me deja ejecutarlo, aunque lo intento como administrador. He pasado el ESET y el PANDA ONLINE, y no me detectan nada. Tambien he escaneado con F-SECURE que es el que tengo instalado (online) y tampoco me detecta nada. El AdAware tampoco. Te envío imagen del resultado de ejecutar el KVRT.

imagen
imagen1440×900 111 KB

6

Un saludo.

Aquí hay que ponerse serios. Que KVRT tampoco se pueda ejecutar aumenta mis sospechas de que tengas algún malware oculto en el sistema.

Vamos a usar la herramienta Rkill, que no elimina ningún malware, pero sí que machaca los procesos de estos mientras está abierta, permitiendo a los antimalware trabajar. Descárgalo desde aquí:

Lo ejecutas y esperas hasta ver esta ventana:

image

Le das a aceptar. Hecho eso, intenta ejecutar de nuevo KVRT. Si puedes, me subes los resultados de KVRT (captura, como te dije antes) y también el Rkill.txt, de esta forma:

image

NOTA: Como he indicado, Rkill solo mata procesos. Por tanto, si reiniciases tu PC antes del análisis, tendrías que volver a ejecutarlo.

Saludos.

1 me gusta
7

Hola Pablo. Gracias por tu ayuda. He ejecutado el Rkill y cuando ha acabado y creado el fichero Rkill.txt, que te envío, he intentado ejecutar el KVRT con el mismo resultado de “Can´t load Driver”. Te envío el texto contenido en Rkill.txt porque no se como adjuntarte el fichero.

Rkill 2.9.1 by Lawrence Abrams (Grinler)

Copyright 2008-2021 BleepingComputer.com More Information about Rkill can be found at this link: RKill - What it does and What it Doesn't - A brief introduction to the program - Anti-Virus, Anti-Malware, and Privacy Software

Program started at: 06/29/2021 01:22:36 PM in x86 mode. Windows Version: Windows 7 Ultimate Service Pack 1

Checking for Windows services to stop:

  • No malware services found to stop.

Checking for processes to terminate:

  • C:\Windows\runSW.exe (PID: 2916) [WD-HEUR]
  • C:\Windows\SwUSB.exe (PID: 556) [WD-HEUR]
  • C:\Users\Ernesto\AppData\Local\Temp\mwb1B8B.tmp\mb-support.exe (PID: 7620) [T-HEUR]

3 proccesses terminated!

Checking Registry for malware related settings:

  • No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

  • No issues found.

Searching for Missing Digital Signatures:

  • No issues found.

Checking HOSTS File:

127.0.0.1 209.34.83.73:443 127.0.0.1 209.34.83.73:43 127.0.0.1 209.34.83.73 127.0.0.1 209.34.83.67:443 127.0.0.1 209.34.83.67:43 127.0.0.1 209.34.83.67 127.0.0.1 ood.opsource.net 127.0.0.1 199.7.52.190:80 127.0.0.1 199.7.52.190 127.0.0.1 OCSP.SPO1.VERISIGN.COM 127.0.0.1 199.7.54.72:80 127.0.0.1 199.7.54.72 127.0.0.1 192.150.14.69 127.0.0.1 192.150.18.101 127.0.0.1 192.150.18.108 127.0.0.1 192.150.22.40 127.0.0.1 192.150.8.100 127.0.0.1 192.150.8.118 127.0.0.1 209-34-83-73.ood.opsource.net 127.0.0.1 3dns-1.adobe.com

20 out of 331 HOSTS entries shown. Please review HOSTS file for further entries.

Program finished at: 06/29/2021 01:26:28 PM Execution time: 0 hours(s), 3 minute(s), and 51 seconds(s)

8

Un saludo.

Trata de hacer exactamente lo mismo, Rkill y luego KVRT pero en modo seguro, entrando en dicho modo como se explica aquí:

https://support.microsoft.com/es-es/windows/iniciar-el-pc-en-modo-seguro-en-windows-10-92c27cff-db89-8644-1ce4-b3e5e56fe234

Si tampoco pudieses, intenta instalar Malwarebytes, igualmente, previa ejecución de Rkill.

Cada vez que uses Rkill, pégame aquí el reporte, pero por favor, como yo lo he indicado, no en texto plano. Lo único que tienes que hacer es escribir (con los corchetes y todo) [code] y [/code] y, entre esas dos cosas, pegar el contenido del TXT. Mira este ejemplo, fíjate en cómo yo lo veo en el editor y cómo lo ves tú en el mensaje:

Esto es una prueba

image
image1337×121 6.64 KB

Saludos.

9

Hola Pablo. He seguido tus instrucciones al pié de la letra de la siguiente forma. 1.- Reinicié en modo seguro degún indicaba el Link que me enviaste. Sin problemas. 2.- Ejecuté Rkill como administrador. 3.- Intenté ejecutar el KVRT y me dió el mismo error. “Can´t load Driver” 4.- Intenté ejecutar el Malwarebytes y me dió el mismo error. “You do not have sufficient permissions (either disk or registry) to install Malwarebytes”.

Te adjunto el Rkill.txt que se originó y muchas cracias por tu ayuda.

Rkill 2.9.1 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2021 BleepingComputer.com
More Information about Rkill can be found at this link:
 http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 06/29/2021 10:25:24 PM in x86 mode. (Safe Mode)
Windows Version: Windows 7 Ultimate Service Pack 1

Checking for Windows services to stop:

 * No malware services found to stop.

Checking for processes to terminate:

 * No malware processes found to kill.

Checking Registry for malware related settings:

 * No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

 * No issues found.

Searching for Missing Digital Signatures: 

 * No issues found.

Checking HOSTS File: 

 * Cannot edit the HOSTS file.
 * Permissions could not be fixed. Use Hosts-perm.bat to fix permissions: http://www.bleepingcomputer.com/download/hosts-permbat/

 * HOSTS file entries found: 

  127.0.0.1 209.34.83.73:443
  127.0.0.1 209.34.83.73:43
  127.0.0.1 209.34.83.73
  127.0.0.1 209.34.83.67:443
  127.0.0.1 209.34.83.67:43
  127.0.0.1 209.34.83.67
  127.0.0.1 ood.opsource.net
  127.0.0.1 199.7.52.190:80
  127.0.0.1 199.7.52.190
  127.0.0.1 OCSP.SPO1.VERISIGN.COM
  127.0.0.1 199.7.54.72:80
  127.0.0.1 199.7.54.72
  127.0.0.1 192.150.14.69
  127.0.0.1 192.150.18.101
  127.0.0.1 192.150.18.108
  127.0.0.1 192.150.22.40
  127.0.0.1 192.150.8.100
  127.0.0.1 192.150.8.118
  127.0.0.1 209-34-83-73.ood.opsource.net
  127.0.0.1 3dns-1.adobe.com

  20 out of 330 HOSTS entries shown.
  Please review HOSTS file for further entries.

Program finished at: 06/29/2021 10:28:12 PM
Execution time: 0 hours(s), 2 minute(s), and 47 seconds(s)
1 me gusta
10

Saludos de nuevo.

Viendo lo visto, mejor ir por otro lado. Vamos a analizar tu equipo con Kaspersky, pero desde fuera de Windows. Para ello, usaremos Kaspersky Rescue Disc.

Descárgalo desde el enlace oficial (es una imagen ISO): Kaspersky Rescue Disk gratuito | Kaspersky

Hecho eso, utiliza la herramienta Rufus: Rufus - Cree unidades USB arrancables fácilmente para crear un USB arrancable con dicha imagen ISO, apaga tu PC y arranca con el USB creado (si tienes dudas de cómo hacerlo, indícame el modelo de tu PC y puedo intentar darte alguna guía). Te preguntará el idioma, selecciona Inglés con ENTER. A continuación, verás esta pantalla:

image
image1026×358 47.8 KB

Selecciona la opción marcada en rojo. Cuando arranque, mostrará el acuerdo de licencia. Marca las dos casillas y pulsa en aceptar:

image
image528×587 81 KB

Saldrá un proceso Inicialización, simplemente espera hasta llegar a esta ventana:

image
image807×605 100 KB

Haz clic en Change Parameters y comprueba que estén marcadas estas dos casillas:

image

Hecho eso, pulsa en OK. Seguidamente, pulsa en el botón grande Start Scan.

Cuando termine, si hay detecciones, envíalas a cuarentena y luego haz clic en details:

image

Se abrirá una ventana como esta (aunque seguramente no estará en blanco):

image
image805×565 22.3 KB

Hazle una foto, con el móvil por ejemplo, y súbemela en tu próxima respuesta. Si hubiese que hacer scroll para verlo todo, haz varias fotos.

Saludos.

11

Buenas noches Pablo, te reitero mi agradecimiento por tu ayuda y te cuento lo que he hecho siguiendo tus instrucciones, pero no consigo arrancar con el pendrive. Supongo que algo debo de estar haciendo mal. Te cuento: 1º.- Me he bajado la imagen ISO de Kaspersky Rescue Disk. 2º.- Despues con RUFUS he creado la unidad USB arrancable o al menos lo he intentado (te envio imagenes 1 y 2 de lo que hay en mi ordenador y lo que contiene el pendrive despues de ejecutar el RUFUS. 3º.-He entrado en la BIOS y he seleccionado la unidad que creo es el pendrive (nº 4) y después he salvado y salido de la bios. (Te envio imagenes 3 y 4 de mi BIOS para que me indiques si lo he hecho bien)

NO ME ARRANCA CON EL PENDRIVE. ¿Qué he hecho mal?.

Muchas gracias

12

Por mail te mando las imágenes 1, 2, 3 y 4 que te digo en mi anterior contestación, porque veo que no salen por aquí

13

No me deje enviar por Mail. Me da error

1
1863×700 127 KB
2
2865×695 117 KB
3
33262×2134 1.37 MB
4
43262×2197 1.37 MB

14

Perdón por mis errores al contestar y enviar. Soy novato, pero creo que poco a poco lo conseguiré

15

Eso es lo que está mal. No se trata de que le des a enter sobre el pendrive en la BIOS, sino de que, con la tecla +, lo subas a la primera posición y, luego, pulses F10 para guardar los cambios y salir. Así, ya debería arrancar desde el USB.

Saludos.

16

Buenos días Pablo. Te reitero mi agradecimiento por tu ayuda. Efectivamente siguiendo tus instrucciones, he escaneado el ordenador y te envío el resultado. RESULTADOS ESCANER

Un saludo

17

Un saludo.

He estado investigando… vamos a ver si vemos algo raro en tu PC con FRST, porque ya has pasado varios antivirus sin que detecten nada.

Lo que Kaspersky ha detectado es, que o tienes Windows pirata, o tienes Office pirata, o tienes los dos pirata :pirate_flag: No es recomendable (ni necesario) utilizar esas herramientas de KMS, pero no tiene, en principio, nada que ver con nuestro problema.

1.- Desactivar tu antivirus

Si tienes algún antivirus activo, tienes que desactivarlo. Para ello, tenemos unas instrucciones:

2.- Descarga de FRST y generación de reportes

La descarga debes realizarla EN EL ESCRITORIO, Y NO EN OTRO SITIO. Tienes que seleccionar la edición adecuada, según si tu PC es de 32 o de 64 bits. ¿Cómo saber si mi Windows es de 32 o 64 bits?

Descarga de FRST: ¿Como ejecutar Farbar Recovery Scan Tool (FRST)?

Una vez que lo tengas descargado, sigue estos pasos:

  1. Ejecutas el FRST.exe haciendo clic derecho → ejecutar como administrador.
  2. Aparecerá una ventana con un mensaje de Disclaimer/Responsabilidad, presionas sobre Si o Yes.
  3. En la ventana principal del programa presionas sobre Analizar/Scan y esperas a que finalice el análisis. Tras ello, en el escritorio aparecerán dos reportes que serán: Frst.txt y Addition.txt.

Una vez llegues a este punto, vuelve a activar tu antivirus, si tenías alguno.

En tu próxima respuesta, me traes, igual que has hecho con los reportes anteriores, el contenido de los archivos Frst.txt y Addition.txt, cada uno en un bloque separado, no los mezcles.

NOTA: Si recibes un error debido a que el mensaje es demasiado largo, divídelo en todos los mensajes que necesites.

Saludos.

1 me gusta
18

Hola Pablo. Te envio los resportes de Frst.txt y Addition.txt. Te los envío en varias partes porque no me deja en una sola. Este ordenador me lo regaló un hijo cuando él se compró otro mas moderno. Le he preguntado y me ha dicho que él tuvo instalado el Malwarebyes (posiblemente pirata) que es el que yo ahora intento instalar el Free de prueba. Muchas gracias por tu ayuda.

Resultado del análisis realizado por Farbar Recovery Scan Tool (FRST) (x86) Versión: 11-07-2021
Ejecutado por Ernesto (administrador) sobre ERNESTO-AHTEC (Generic Products) (14-07-2021 00:13:32)
Ejecutado desde C:\Users\Ernesto\Desktop
Perfiles cargados: Ernesto
Platform: Microsoft Windows 7 Ultimate  Service Pack 1 (X86) Idioma: Español (España, internacional)
Navegador predeterminado: FF
Modo de Inicio: Normal

==================== Procesos (Lista blanca) =================

(Si una entrada es incluida en el fixlist, el proceso será cerrado. El archivo no será movido.)

() [Archivo no firmado] C:\Windows\runSW.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files\Common Files\Adobe\AdobeGCClient\AGSService.exe
(aSwIt S.r.l.) [Archivo no firmado] C:\Program Files\Printfil\Printfil.exe
(AVG Netherlands B.V. -> TuneUp Software) C:\Program Files\TuneUp Utilities 2014\TuneUpUtilitiesApp32.exe
(AVG Netherlands B.V. -> TuneUp Software) C:\Program Files\TuneUp Utilities 2014\TuneUpUtilitiesService32.exe
(CobianSoft, Luis Cobian) [Archivo no firmado] C:\Program Files\Cobian Backup 11\cbVSCService11.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files\Dropbox\Client\Dropbox.exe <3>
(Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Dropbox, Inc -> The Qt Company Ltd.) C:\Program Files\Dropbox\Client\126.4.4618\QtWebEngineProcess.exe <2>
(Flexera Software LLC -> Flexera Software LLC) C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
(F-Secure Corporation -> F-Secure Corporation) C:\Program Files\Seguridad Total PC\fs_ui_32.exe
(F-Secure Corporation -> F-Secure Corporation) C:\Program Files\Seguridad Total PC\fshoster32.exe <3>
(F-Secure Corporation -> F-Secure Corporation) C:\Program Files\Seguridad Total PC\ui\fsmainui.exe
(F-Secure Corporation -> F-Secure Corporation) C:\Program Files\Seguridad Total PC\Ultralight\ulcore\1625740549\fsorsp.exe
(F-Secure Corporation -> F-Secure Corporation) C:\Program Files\Seguridad Total PC\Ultralight\ulcore\1625740549\fsulprothoster.exe
(geek software GmbH -> geek software GmbH) C:\Program Files\PDF24\pdf24.exe <2>
(Luis Cobian, CobianSoft) [Archivo no firmado] C:\Program Files\Cobian Backup 11\cbInterface.exe
(Luis Cobian, CobianSoft) [Archivo no firmado] C:\Program Files\Cobian Backup 11\Cobian.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner.exe
(Realtek) [Archivo no firmado] C:\Windows\SwUSB.exe
(Samsung Electronics CO., LTD. -> ) C:\Windows\System32\SecUPDUtilSvc.exe
(Solid Documents -> Solid Documents, LLC) C:\Windows\Installer\MSIA4CB.tmp
(WASEO) [Archivo no firmado] C:\Program Files\ClickTray Calendar\ClickTray.exe

==================== Registro (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.)

HKLM\...\Run: [PDFPrint] => C:\Program Files\PDF24\pdf24.exe [486464 2020-10-01] (geek software GmbH -> geek software GmbH)
HKLM\...\Run: [Dropbox] => C:\Program Files\Dropbox\Client\Dropbox.exe [8107808 2021-07-03] (Dropbox, Inc -> Dropbox, Inc.)
HKLM\...\Run: [Acrobat Assistant 8.0] => C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrotray.exe [5296352 2021-05-28] (Adobe Inc. -> Adobe Systems Inc.)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [706288 2021-04-09] (Oracle America, Inc. -> Oracle Corporation)
HKLM\...\Run: [doPDF 11 doPdf_Softland Tray] => C:\Program Files\Softland\novaPDF 11\Driver\Tray.exe [146752 2021-06-23] (Softland SRL -> )
HKU\S-1-5-21-408995212-1637284617-1868651882-1000\...\Run: [Cobian Backup 11] => C:\Program Files\Cobian Backup 11\Cobian.exe [720896 2012-12-06] (Luis Cobian, CobianSoft) [Archivo no firmado]
HKU\S-1-5-21-408995212-1637284617-1868651882-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner.exe [28880512 2021-06-17] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-408995212-1637284617-1868651882-1000\...\Run: [Reset-COMO ADMINISTRADOR] => C:\Users\Ernesto\Desktop\Reset-COMO ADMINISTRADOR\Reset-COMO ADMINISTRADOR.exe [66048 2021-04-25] () [Archivo no firmado]
HKU\S-1-5-21-408995212-1637284617-1868651882-1000\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [5549280 2021-05-28] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-408995212-1637284617-1868651882-1000\...\Policies\Explorer: [] 
HKU\S-1-5-21-408995212-1637284617-1868651882-1000\...\MountPoints2: {176167e5-62a0-11e8-8c23-00197ee56f64} - G:\INSTALA.EXE
HKU\S-1-5-18\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [894344 2013-02-05] (Autodesk, Inc -> Autodesk, Inc.)
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [280576 2016-08-10] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Windows NT x86\Print Processors\LMABDC4C: C:\Windows\System32\spool\prtprocs\W32X86\LMABDC4C.DLL [59392 2007-09-27] (Lexmark International Inc.) [Archivo no firmado]
HKLM\...\Windows NT x86\Print Processors\SSP2MPC: C:\Windows\System32\spool\prtprocs\W32X86\ssp2mpc.dll [19968 2008-01-11] (Windows (R) 2000 DDK provider) [Archivo no firmado]
HKLM\...\Windows NT x86\Print Processors\us003PC: C:\Windows\System32\spool\prtprocs\W32X86\us003pc.dll [29696 2015-03-12] (Windows (R) Codename Longhorn DDK provider) [Archivo no firmado]
HKLM\...\Windows NT x86\Print Processors\usp02PC: C:\Windows\System32\spool\prtprocs\W32X86\usp02pc.dll [29696 2014-02-24] (Windows (R) Codename Longhorn DDK provider) [Archivo no firmado]
HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\Windows\SYSTEM32\AdobePDF.dll [59016 2021-05-28] (Adobe Inc. -> Adobe Systems Inc)
HKLM\...\Print\Monitors\novaPDF 11 Port Monitor: C:\Windows\SYSTEM32\novamn11.dll [16384 2021-06-23] (Softland) [Archivo no firmado]
HKLM\...\Print\Monitors\Solid PDF Port Monitor: C:\Windows\SYSTEM32\solidlocalmon.dll [27392 2009-09-10] (Solid Documents -> )
HKLM\...\Print\Monitors\SSP2M Langmon: C:\Windows\SYSTEM32\ssp2ml3.dll [22723 2008-01-11] () [Archivo no firmado]
HKLM\...\Print\Monitors\us003 Langmon: C:\Windows\SYSTEM32\us003lm.dll [18432 2015-03-12] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\...\Print\Monitors\usp02 Langmon: C:\Windows\SYSTEM32\usp02l.dll [25600 2014-04-16] () [Archivo no firmado]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\91.0.4472.124\Installer\chrmstp.exe [2021-07-01] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{50968FF7-10C1-4fb3-98B0-CD654D6CB97E}] -> C:\Program Files\WIDCOMM\Bluetooth Software\\BtwCP.dll [2012-10-17] (Broadcom Corporation -> Broadcom Corporation.)
HKLM\Software\...\Authentication\Credential Providers: [{D28973E5-8630-41af-8831-50A15FEB396B}] -> C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll [2012-10-17] (Broadcom Corporation -> Broadcom Corporation.)
IFEO\Acrobat.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2014\TUAutoReactivator32.exe"
IFEO\acrodist.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2014\TUAutoReactivator32.exe"
IFEO\chrome.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2014\TUAutoReactivator32.exe"
IFEO\codectweaktool.exe: [Debugger] 
IFEO\connect.service.contentservice.admin.exe: [Debugger] 
IFEO\epoccamtest.exe: [Debugger] 
IFEO\excel.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2014\TUAutoReactivator32.exe"
IFEO\graphstudionext.exe: [Debugger] 
IFEO\groove.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2014\TUAutoReactivator32.exe"
IFEO\icloud.exe: [Debugger] 
IFEO\iclouddrive.exe: [Debugger] 
IFEO\icloudweb.exe: [Debugger] 
IFEO\infopath.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2014\TUAutoReactivator32.exe"
IFEO\install.exe: [Debugger] 
IFEO\javacpl.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2014\TUAutoReactivator32.exe"
IFEO\javaw.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2014\TUAutoReactivator32.exe"
IFEO\jp2launcher.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2014\TUAutoReactivator32.exe"
IFEO\k-lite_codec_pack_1620_full.exe: [Debugger] 
IFEO\madhcctrl.exe: [Debugger] 
IFEO\mediainfo.exe: [Debugger] 
IFEO\megasync.exe: [Debugger] 
IFEO\mpc-hc.exe: [Debugger] 
IFEO\msaccess.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2014\TUAutoReactivator32.exe"
IFEO\msoxmled.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2014\TUAutoReactivator32.exe"
IFEO\mspub.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2014\TUAutoReactivator32.exe"
IFEO\mstore.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2014\TUAutoReactivator32.exe"
IFEO\ois.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2014\TUAutoReactivator32.exe"
IFEO\onenote.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2014\TUAutoReactivator32.exe"
IFEO\outlook.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2014\TUAutoReactivator32.exe"
IFEO\powerpnt.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2014\TUAutoReactivator32.exe"
IFEO\shellstreamsshortcut.exe: [Debugger] 
IFEO\startup.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2014\TUAutoReactivator32.exe"
IFEO\unchecky.exe: [Debugger] 
IFEO\unins000.exe: [Debugger] 
IFEO\uninst.exe: [Debugger] 
IFEO\uninstall.exe: [Debugger] 
IFEO\Winword.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2014\TUAutoReactivator32.exe"
Lsa: [Notification Packages] scecli C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Printfil.lnk [2018-07-13]
ShortcutTarget: Printfil.lnk -> C:\Program Files\Printfil\Printfil.exe (aSwIt S.r.l.) [Archivo no firmado]
Startup: C:\Users\Ernesto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ClickTray Calendar.lnk [2016-08-10]
ShortcutTarget: ClickTray Calendar.lnk -> C:\Program Files\ClickTray Calendar\ClickTray.exe (WASEO) [Archivo no firmado]
Startup: C:\Users\Ernesto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk [2021-06-18]
ShortcutTarget: MEGAsync.lnk -> C:\Users\Ernesto\AppData\Local\MEGAsync\MEGAsync.exe (Mega Limited -> Mega Limited)
Startup: C:\Users\Ernesto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Reset-COMO ADMINISTRADOR.exe [2021-06-13] () [Archivo no firmado]
GroupPolicy: Restricción ? <==== ATENCIÓN
GroupPolicy\User: Restricción ? <==== ATENCIÓN
Policies: C:\ProgramData\NTUSER.pol: Restricción <==== ATENCIÓN
Policies: C:\Users\Ernesto\NTUSER.pol: Restricción <==== ATENCIÓN
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restricción <==== ATENCIÓN
HKLM\SOFTWARE\Policies\Google: Restricción <==== ATENCIÓN

==================== Tareas programadas (Lista blanca) ============

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

Task: {00AA0A50-ED48-4EEE-84D3-C20C4E1F17E1} - System32\Tasks\Restore Point Creator\Restore Point Creator -- Run with no UAC (For User Ernesto) => C:\Program Files\Restore Point Creator\Restore Point Creator.exe [1165312 2018-09-10] () [Archivo no firmado]
Task: {02D09FCC-0A7E-4ACC-82F0-DEB956327AA5} - System32\Tasks\doPDF 11 Update => C:\Program Files\Softland\novaPDF 11\Driver\UpdateApplication.exe [99136 2021-06-23] (Softland SRL -> )
Task: {09A2DE53-7A61-4E0E-953D-9CF56AE33200} - System32\Tasks\{4CB031CE-6426-4B2C-8AAA-15E591FEDB43} => C:\Windows\system32\pcalua.exe -a C:\Users\Ernesto\Downloads\jre-8u111-windows-i586-iftw.exe -d C:\Users\Ernesto\Downloads
Task: {10B08F34-5AA1-4F4D-989B-8B5AC18C4A6C} - System32\Tasks\AMD Updater => C:\Program Files\AMD\CIM\\Bin\InstallManagerApp.exe [9287368 2015-12-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {165BFCF6-9FC8-4D22-9905-C6A91B6E1280} - System32\Tasks\{4A83D9B1-0242-40E0-85D1-653A1D90B490} => C:\Windows\system32\pcalua.exe -a G:\SanDiskSecureAccessV3_win.exe -d G:\
Task: {1F5DC024-3A72-4411-AF38-78B7D4E88DC8} - System32\Tasks\klcp_update => C:\Program Files\K-Lite Codec Pack\Tools\CodecTweakTool.exe [1907712 2021-05-20] () [Archivo no firmado]
Task: {27074DFE-7B0E-408A-9625-53F8B1A8D4B0} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [625080 2021-07-13] (Mozilla Corporation -> Mozilla Foundation)
Task: {406EA970-AE1C-4604-9343-3CF3FFEF0868} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.)
Task: {40CFB8A0-7414-43FF-B49D-8A9EF838AF37} - System32\Tasks\{003E5C71-426C-4A41-88B7-77909AE9670D} => C:\Windows\system32\pcalua.exe -a "C:\Users\Ernesto\Desktop\Malwarebytes Premium v4.1.2.73 + Fix {CracksHash}\Setup\mb4-setup-consumer-4.1.2.173-1.0.972-1.0.26203.exe" -d "C:\Users\Ernesto\Desktop\Malwarebytes Premium v4.1.2.73 + Fix {CracksHash}\Setup"
Task: {43E070AB-6BC0-476B-A1CE-F23476159FC9} - System32\Tasks\Scheduled scanning task => C:\Program Files\Seguridad Total PC\fsscan.exe [283480 2021-05-19] (F-Secure Corporation -> F-Secure Corporation)
Task: {4DB44A47-62D5-4D1E-96A9-0F920514506E} - System32\Tasks\Restore Point Creator\Restore Point Creator -- Run with no UAC (Delete old Restore Points) (For User Ernesto) => C:\Program Files\Restore Point Creator\Restore Point Creator.exe [1165312 2018-09-10] () [Archivo no firmado]
Task: {515008D2-2DB6-4327-823C-3FB09E3BC55D} - System32\Tasks\Restore Point Creator\Restore Point Creator -- Run with no UAC (Create Custom Restore Point) (For User Ernesto) => C:\Program Files\Restore Point Creator\Restore Point Creator.exe [1165312 2018-09-10] () [Archivo no firmado]
Task: {548A5093-34D3-4C9E-B6A0-FB759E4906AB} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-06-17] (Piriform Software Ltd -> Piriform)
Task: {5A970F02-D43E-4475-84E8-D0643308F366} - System32\Tasks\Games\UpdateCheck_S-1-5-21-408995212-1637284617-1868651882-1000 => {CA22F5B1-E06F-4A2B-94FC-21E87FE53781} C:\Windows\System32\gameux.dll [2576384 2012-12-07] (Microsoft Windows -> Microsoft Corporation)
Task: {6243DD6F-1C26-4577-8680-C0681955AA3A} - System32\Tasks\MEGA\MEGAsync Update Task S-1-5-21-408995212-1637284617-1868651882-1000 => C:\Users\Ernesto\AppData\Local\MEGAsync\MEGAupdater.exe [1303800 2020-12-06] (Mega Limited -> Mega Limited)
Task: {63512828-1639-4A90-B7A8-936AA138254B} - System32\Tasks\{105DE7F3-C45F-4440-B782-764154774E08} => C:\Windows\system32\pcalua.exe -a C:\Users\Ernesto\Downloads\jxpiinstall.exe -d C:\Users\Ernesto\Downloads
Task: {6846C5D0-B902-4C19-B859-5C704A8579F9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [153168 2017-08-05] (Google Inc -> Google Inc.)
Task: {6950B5EF-1A00-4627-A2DF-2EB2887EE7E1} - System32\Tasks\Restore Point Creator\Restore Point Creator -- Run with no UAC (Keep X Number of Restore Points) (For User Ernesto) => C:\Program Files\Restore Point Creator\Restore Point Creator.exe [1165312 2018-09-10] () [Archivo no firmado]
Task: {719FD850-81E4-4213-A30E-580414BDC11A} - System32\Tasks\{F801D3AF-D07A-427A-975E-8575B3A940CA} => C:\Windows\system32\pcalua.exe -a "C:\Program Files\SUPERAntiSpyware\Uninstall.exe" -d "C:\Program Files\SUPERAntiSpyware"
Task: {79A6936B-E790-478C-B6B9-1006B8552986} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files\Dropbox\Update\DropboxUpdate.exe [143144 2020-03-22] (Dropbox, Inc -> Dropbox, Inc.)
Task: {807F4B72-38D7-4A45-8D79-864215F8C127} - System32\Tasks\Java Platform SE Auto Updater => C:\Program Files\Common Files\Java\Java Update\jusched.exe [706288 2021-04-09] (Oracle America, Inc. -> Oracle Corporation)
Task: {862BC026-0E17-43B3-AF7C-4F2FAA7A4991} - System32\Tasks\Apple Diagnostics => C:\Program Files\Common Files\Apple\Internet Services\EReporter.exe [67896 2020-09-08] (Apple Inc. -> Apple Inc.)
Task: {97E6C446-41F8-4B4F-B1B3-AE62677A1B0D} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3325520 2020-05-05] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {9B5061C8-19CC-4F81-B803-E6AB10E05211} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [28880512 2021-06-17] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {9C25955E-B9C9-4E94-9A68-A18CEAC3D1CB} - System32\Tasks\{95E3264D-EC94-4B5D-9535-A8A278BB333A} => C:\Windows\system32\pcalua.exe -a C:\Users\Ernesto\Downloads\4200fvst8611a_xpen\SetupSG.exe -d C:\Users\Ernesto\Downloads\4200fvst8611a_xpen
Task: {A60F3ED0-D409-4882-A470-1032F14B6AEF} - System32\Tasks\{C89416CC-0A25-484F-B255-D1045DF9053D} => C:\Windows\system32\pcalua.exe -a C:\Users\Ernesto\Downloads\4200fvst8611a_xpes\SetupSG.exe -d C:\Users\Ernesto\Downloads\4200fvst8611a_xpes
Task: {A813EDFA-E4B9-4909-978C-12B09B8E93B7} - System32\Tasks\F-Secure\F-Secure Hotfix => C:\Program Files\Seguridad Total PC\fs_hotfix.exe [338264 2021-05-19] (F-Secure Corporation -> F-Secure Corporation)
Task: {AFD69807-6F84-4B87-8C85-690B303B5329} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files\Dropbox\Update\DropboxUpdate.exe [143144 2020-03-22] (Dropbox, Inc -> Dropbox, Inc.)
Task: {B2A53466-5FF0-4AA8-B0F4-E8D1CCB51814} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe [1725440 2018-02-11] () [Archivo no firmado]
Task: {B2E9E3CD-4456-4FDD-8F1B-02E521424B37} - System32\Tasks\{C6A2472E-C73A-4F0C-AF0A-D1AC8C22CD94} => C:\Windows\system32\pcalua.exe -a "C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RevoAppBar.exe" -d C:\Windows\system32 -c /in "I:\D en PORTATIL 19-2-2017\DRIVERS PORTATIL\DRIVERS IMPRESORA-SCANER"
Task: {B3744CB9-E85E-4FFF-91E7-7267ED157B7E} - System32\Tasks\{5DC18C4B-B688-42FA-931F-A51879373E34} => C:\Windows\system32\pcalua.exe -a "C:\Users\Ernesto\Desktop\MALWAREBYTES 3.8_C_ADICTIVO\Malwarebytes Anti-Malware Premium v4.1.2.173-1.0.972-1.0.26203\MBAMPV41273MINLC\Malwarebytes.Premium.v4.1.2.73.Multilingual.Incl.License\mb4-setup-consumer-4.1.2.173-1.0.972-1.0.26203.exe" -d "C:\Users\Ernesto\Desktop\MALWAREBYTES 3.8_C_ADICTIVO\Malwarebytes Anti-Malware Premium v4.1.2.173-1.0.972-1.0.26203\MBAMPV41273MINLC\Malwarebytes.Premium.v4.1.2.73.Multilingual.Incl.License" -> -a "C:\Users\Ernesto\Desktop\MALWAREBYTES 3.8_C_ADICTIVO\Malwarebytes Anti-Malware Premium v4.1.2.173-1.0.972-1.0.26203\MBAMPV41273MINLC\Malwarebytes.Premium.v4.1.2.73.Multilingual.Incl.License\mb4-setup-consumer-4.1.2.173-1.0.972-1.0.26203.exe" -d "C:\Users\Ernesto\Desktop\MALWAREBYTES 3.8_C_ADICTI (la entrada de datos tiene 140 más caracteres).
Task: {B3B68748-C97C-4F86-A808-2E3534B9C7EA} - System32\Tasks\{FDCFC6EC-0DEA-4F5C-BA95-ED30E68E015A} => C:\Windows\system32\pcalua.exe -a "C:\Users\Ernesto\Desktop\MALWAREBYTES 3.8_C_ADICTIVO\Malwarebytes Anti-Malware Premium v4.1.2.173-1.0.972-1.0.26203\mb4-setup-consumer-4.1.2.173-1.0.972-1.0.26203.exe" -d "C:\Users\Ernesto\Desktop\MALWAREBYTES 3.8_C_ADICTIVO\Malwarebytes Anti-Malware Premium v4.1.2.173-1.0.972-1.0.26203"
Task: {CC76B646-FF38-48F9-A2B8-45FDA5EAD127} - System32\Tasks\doPDF 11 Telemetry => C:\Program Files\Softland\novaPDF 11\Driver\GoogleAnalytics.exe [50496 2021-06-23] (Softland SRL -> )
Task: {CEAE3A0F-2888-4714-8BC7-D55CEBB3DB24} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [153168 2017-08-05] (Google Inc -> Google Inc.)
Task: {D6620D9B-527D-43A1-977B-270BB0E3373A} - System32\Tasks\{9D4597AF-0F99-4CC7-B3C2-DDF0CF9778D8} => C:\Windows\system32\pcalua.exe -a "C:\Program Files\Kodi\kodi.exe" -d "C:\Program Files\Kodi"
Task: {E4B86A07-00AC-4304-A87F-681AE63425D5} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [616832 2019-09-04] (Apple Inc. -> Apple Inc.)
Task: {EE09B938-1AAD-4E88-81CE-82D8D1F7FAEA} - System32\Tasks\Restore Point Creator\Restore Point Creator -- Run with no UAC (Create Restore Point) (For User Ernesto) => C:\Program Files\Restore Point Creator\Restore Point Creator.exe [1165312 2018-09-10] () [Archivo no firmado]
Task: {FE658C1E-0A94-483B-9549-59C425813AC9} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files\TuneUp Utilities 2014\OneClick.exe [460088 2015-06-25] (AVG Netherlands B.V. -> TuneUp Software)

(Si una entrada es incluida en el fixlist, el archivo de tarea (.job) será movido. El archivo que está siendo ejecutado por la tarea no será movido.)

Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\Scheduled scanning task.job => C:\Program Files\Seguridad Total PC\fsscan.exe

==================== Internet (Lista blanca) ====================

(Si un elemento es incluido en el fixlist, y éste pertenece al registro, será eliminado o restaurado a su valor predeterminado.)

Winsock: Catalog5 08 C:\Program Files\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc. -> Apple Inc.)
Hosts: Hay más de una entrada en Hosts. Consulte la sección Hosts de Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{269AEBB5-DD8F-4D88-B869-120203342C86}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{34DF5680-C07D-4DDE-8076-915CC4D4EF9C}: [NameServer] 10.64.0.1
Tcpip\..\Interfaces\{8ACE8CFF-6022-4783-9915-191C4743FF40}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{8EA5CA60-6B4C-4BA5-98CF-5EF9A705C7AA}: [DhcpNameServer] 172.20.10.1

FireFox:
========
FF DefaultProfile: biiyu2og.default
FF ProfilePath: C:\Users\Ernesto\AppData\Roaming\Mozilla\Firefox\Profiles\biiyu2og.default [2021-06-05]
FF user.js: detected! => C:\Users\Ernesto\AppData\Roaming\Mozilla\Firefox\Profiles\biiyu2og.default\user.js [2020-05-30]
FF Extension: (IBM Security Rapport) - C:\Users\Ernesto\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\[email protected] [2019-05-26] [UpdateUrl:hxxps://clients2.google.com/service/update2/crx]
FF ProfilePath: C:\Users\Ernesto\AppData\Roaming\Mozilla\Firefox\Profiles\0glm6w65.default-release-1587209563718 [2021-07-14]
FF user.js: detected! => C:\Users\Ernesto\AppData\Roaming\Mozilla\Firefox\Profiles\0glm6w65.default-release-1587209563718\user.js [2020-05-30]
FF DownloadDir: C:\Users\Ernesto\Downloads
FF Homepage: Mozilla\Firefox\Profiles\0glm6w65.default-release-1587209563718 -> hxxp://www.alaup.com/
FF Notifications: Mozilla\Firefox\Profiles\0glm6w65.default-release-1587209563718 -> hxxps://web.whatsapp.com; hxxps://www.larazon.es; hxxps://www.rebajasde.es; hxxps://mx1l.rateneveryap.club; hxxps://www.micolet.com; hxxps://www.actualidadiphone.com; hxxps://www.milanuncios.com; hxxps://www.iberdrola.es; hxxps://es.savefrom.net; hxxps://www.leroymerlin.es; hxxps://www.mitele.es; hxxps://www.noticiascyl.com; hxxps://www.elnortedecastilla.es; hxxps://www.artistapirata.com; hxxps://www.evobanco.com; hxxps://es.aliexpress.com; hxxps://mail.google.com; hxxps://www.elindependiente.com; hxxps://forospyware.com
FF Extension: (Facebook Container) - C:\Users\Ernesto\AppData\Roaming\Mozilla\Firefox\Profiles\0glm6w65.default-release-1587209563718\Extensions\@contain-facebook.xpi [2021-05-07]
FF Extension: (SaveFrom.net helper) - C:\Users\Ernesto\AppData\Roaming\Mozilla\Firefox\Profiles\0glm6w65.default-release-1587209563718\Extensions\[email protected] [2021-07-01]
FF Extension: (Browsing Protection by F-Secure) - C:\Users\Ernesto\AppData\Roaming\Mozilla\Firefox\Profiles\0glm6w65.default-release-1587209563718\Extensions\[email protected] [2021-07-01] [UpdateUrl:hxxps://download.sp.f-secure.com/online-safety/updates.json]
FF Extension: (Traducir páginas web) - C:\Users\Ernesto\AppData\Roaming\Mozilla\Firefox\Profiles\0glm6w65.default-release-1587209563718\Extensions\{036a55b4-5e72-4d05-a06c-cba2dfcc134a}.xpi [2021-07-12]
FF Extension: (Malwarebytes Browser Guard) - C:\Users\Ernesto\AppData\Roaming\Mozilla\Firefox\Profiles\0glm6w65.default-release-1587209563718\Extensions\{242af0bb-db11-4734-b7a0-61cb8a9b20fb}.xpi [2021-07-09]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Extension: (Adobe Acrobat) - C:\Program Files\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2021-04-20]
FF HKU\S-1-5-21-408995212-1637284617-1868651882-1000\...\Firefox\Extensions: [[email protected]] - C:\Users\Ernesto\AppData\Roaming\ACEStream\extensions\awe\firefox\acewebextension_unlisted.xpi => no encontrado
FF Plugin: @java.com/DTPlugin,version=11.291.2 -> C:\Program Files\Java\jre1.8.0_291\bin\dtplugin\npDeployJava1.dll [2021-05-20] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.291.2 -> C:\Program Files\Java\jre1.8.0_291\bin\plugin2\npjp2.dll [2021-05-20] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.10 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.14 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.16 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2021-05-28] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-01-23] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin HKU\S-1-5-21-408995212-1637284617-1868651882-1000: @acestream.net/acestreamplugin,version=3.1.1 -> C:\Users\Ernesto\AppData\Roaming\ACEStream\player\npace_plugin.dll [Ningún archivo]
FF Plugin HKU\S-1-5-21-408995212-1637284617-1868651882-1000: @acestream.net/acestreamplugin,version=3.1.28 -> C:\Users\Ernesto\AppData\Roaming\ACEStream\player\npace_plugin.dll [Ningún archivo]
FF Plugin HKU\S-1-5-21-408995212-1637284617-1868651882-1000: @acestream.net/acestreamplugin,version=3.1.32 -> C:\Users\Ernesto\AppData\Roaming\ACEStream\player\npace_plugin.dll [Ningún archivo]

Chrome: 
=======
CHR Profile: C:\Users\Ernesto\AppData\Local\Google\Chrome\User Data\Default [2021-07-05]
CHR StartupUrls: Default -> "hxxp://www.paginadeinicio.com/","hxxp://www.paginadeinicio.com/"
CHR Extension: (Presentaciones) - C:\Users\Ernesto\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-12]
CHR Extension: (Documentos) - C:\Users\Ernesto\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-12]
CHR Extension: (Google Drive) - C:\Users\Ernesto\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-11-03]
CHR Extension: (YouTube) - C:\Users\Ernesto\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-08-05]
CHR Extension: (Adobe Acrobat) - C:\Users\Ernesto\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2021-03-27]
CHR Extension: (Hojas de cálculo) - C:\Users\Ernesto\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-12]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\Ernesto\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-07-05]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\Ernesto\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2021-07-05]
CHR Extension: (Browsing Protection by F-Secure) - C:\Users\Ernesto\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmjjnhpacphpjmnnlnccpfmhkcloaade [2020-11-03]
CHR Extension: (Ace Script) - C:\Users\Ernesto\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjbepbhonbojpoaenhckjocchgfiaofo [2019-02-12]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Ernesto\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-03-27]
CHR Extension: (Gmail) - C:\Users\Ernesto\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-11-03]
CHR Extension: (Chrome Media Router) - C:\Users\Ernesto\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-05-03]
CHR HKLM\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
CHR HKLM\...\Chrome\Extension: [jmjjnhpacphpjmnnlnccpfmhkcloaade]
CHR HKLM\...\Chrome\Extension: [mbckjcfnjmoiinpgddefodcighgikkgn]
CHR HKU\S-1-5-21-408995212-1637284617-1868651882-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [mjbepbhonbojpoaenhckjocchgfiaofo]

==================== Servicios (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

S4 AdobeARMservice; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.)
S4 AgereModemAudio; C:\Program Files\LSI SoftModem\agrsmsvc.exe [14336 2009-03-27] (Microsoft Windows Hardware Compatibility Publisher -> LSI Corporation)
R2 AGMService; C:\Program Files\Common Files\Adobe\AdobeGCClient\AGMService.exe [3673680 2020-05-05] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files\Common Files\Adobe\AdobeGCClient\AGSService.exe [3406416 2020-05-05] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [217088 2016-09-21] (Microsoft Windows Hardware Compatibility Publisher -> AMD)
S4 Autodesk Content Service; C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe [12288 2012-12-13] (Autodesk, Inc.) [Archivo no firmado]
R2 cbVSCService11; C:\Program Files\Cobian Backup 11\cbVSCService11.exe [67584 2012-12-05] (CobianSoft, Luis Cobian) [Archivo no firmado]
S2 dbupdate; C:\Program Files\Dropbox\Update\DropboxUpdate.exe [143144 2020-03-22] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files\Dropbox\Update\DropboxUpdate.exe [143144 2020-03-22] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\Windows\system32\DbxSvc.exe [37104 2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
R2 FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2649064 2018-05-06] (Flexera Software LLC -> Flexera Software LLC)
S2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [81280 2019-07-09] (Mixbyte Inc -> Freemake)
R2 fshoster; C:\Program Files\Seguridad Total PC\fshoster32.exe [238936 2021-05-19] (F-Secure Corporation -> F-Secure Corporation)
R2 fsnethoster; C:\Program Files\Seguridad Total PC\fshoster32.exe [238936 2021-05-19] (F-Secure Corporation -> F-Secure Corporation)
S2 fsulhoster; C:\Program Files\Seguridad Total PC\Ultralight\ulcore\1625740549\fshoster32.exe [482544 2021-07-08] (F-Secure Corporation -> F-Secure Corporation)
S2 fsulnethoster; C:\Program Files\Seguridad Total PC\Ultralight\ulcore\1625740549\fshoster32.exe [482544 2021-07-08] (F-Secure Corporation -> F-Secure Corporation)
R2 fsulorsp; C:\Program Files\Seguridad Total PC\Ultralight\ulcore\1625740549\fsorsp.exe [87704 2021-07-08] (F-Secure Corporation -> F-Secure Corporation)
R2 fsulprothoster; C:\Program Files\Seguridad Total PC\Ultralight\ulcore\1625740549\fsulprothoster.exe [482544 2021-07-08] (F-Secure Corporation -> F-Secure Corporation)
S4 KinoniSvc; C:\Program Files\Kinoni\EpocCam\KinoniSvc.exe [743936 2019-01-25] () [Archivo no firmado]
S4 NovaPdf11Server; C:\Program Files\Softland\novaPDF 11\Server\novapdfs.exe [51520 2021-06-23] (Softland SRL -> Microsoft)
R2 PDF24; C:\Program Files\PDF24\pdf24.exe [486464 2020-10-01] (geek software GmbH -> geek software GmbH)
S4 RealtekWlanU; C:\Program Files\Realtek\USB Wireless LAN Utility\RtlService.exe [36864 2010-04-16] (Realtek) [Archivo no firmado]
S4 RTLDHCPService; C:\Program Files\Realtek\USB Wireless LAN Utility\RTLDHCP.exe [261848 2013-11-12] (Realtek Semiconductor Corp -> Realtek)
R2 RunSwUSB; C:\Windows\runSW.exe [36864 2014-04-15] () [Archivo no firmado]
R2 SamsungUPDUtilSvc; C:\Windows\system32\SecUPDUtilSvc.exe [118576 2014-11-26] (Samsung Electronics CO., LTD. -> )
R2 SCPDFReadSpool; C:\Windows\Installer\MSIA4CB.tmp [189696 2016-08-12] (Solid Documents -> Solid Documents, LLC)
S4 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [12871464 2021-04-20] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
R2 TuneUp.UtilitiesSvc; C:\Program Files\TuneUp Utilities 2014\TuneUpUtilitiesService32.exe [1781048 2015-06-25] (AVG Netherlands B.V. -> TuneUp Software)
S4 Unchecky; C:\Program Files\Unchecky\bin\unchecky_svc.exe [297240 2018-04-10] (Reason Software Company Inc. -> Reason Software Company Inc.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
S4 WsAppService; C:\Program Files\Wondershare\WAF\2.3.1.204\WsAppService.exe [437392 2016-11-16] (Wondershare software CO., LIMITED -> Wondershare)

===================== Controladores (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

R3 AgereSoftModem; C:\Windows\System32\DRIVERS\AGRSM.sys [1202560 2008-02-29] (Microsoft Windows Hardware Compatibility Publisher -> Agere Systems)
R3 amdkmdag; C:\Windows\System32\DRIVERS\atikmdag.sys [10070016 2016-09-21] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\Windows\System32\DRIVERS\atikmpag.sys [290304 2016-09-21] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
S3 atikmdag; C:\Windows\System32\DRIVERS\atikmdag.sys [10070016 2016-09-21] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R3 Btcsrusb; C:\Windows\System32\Drivers\btcusb.sys [47504 2020-12-07] (IVT CORPORATION -> IVT Corporation.)
S3 btwampfl; C:\Windows\System32\drivers\btwampfl.sys [507704 2012-07-03] (Broadcom Corporation -> Broadcom Corporation.)
S3 btwaudio; C:\Windows\System32\drivers\btwaudio.sys [152400 2012-05-01] (Broadcom Corporation -> Broadcom Corporation.)
S3 btwavdt; C:\Windows\System32\DRIVERS\btwavdt.sys [175144 2012-03-06] (Broadcom Corporation -> Broadcom Corporation.)
S3 btwl2cap; C:\Windows\System32\DRIVERS\btwl2cap.sys [33832 2011-09-17] (Broadcom Corporation -> Broadcom Corporation.)
S3 btwrchid; C:\Windows\System32\DRIVERS\btwrchid.sys [18728 2012-03-06] (Broadcom Corporation -> Broadcom Corporation.)
S2 DgiVecp; C:\Windows\system32\Drivers\DgiVecp.sys [38400 2009-06-09] (Samsung Electronics Co., Ltd.) [Archivo no firmado]
S3 EMVSCARD; C:\Windows\System32\Drivers\EMVSCARD.sys [20736 2006-12-19] (Microsoft Windows Hardware Compatibility Publisher -> USB Smart Card Reader)
R3 F-Secure Gatekeeper; C:\Program Files\Seguridad Total PC\Ultralight\ulcore\1625740549\fsulgk.sys [249872 2021-07-08] (Microsoft Windows Hardware Compatibility Publisher -> F-Secure Corporation)
R0 fsbts; C:\Windows\System32\drivers\fsbts.sys [42264 2020-12-02] (F-Secure Corporation -> F-Secure Corporation)
R2 fsnif2; C:\Program Files\Seguridad Total PC\Ultralight\nif2\1623937389\nif2s32.sys [118272 2021-06-18] (Microsoft Windows Hardware Compatibility Publisher -> F-Secure Corporation)
S3 GeneStor; C:\Windows\System32\DRIVERS\GeneStor.sys [56832 2020-12-07] (Microsoft Windows Hardware Compatibility Publisher -> GenesysLogic)
S3 InputFilter_Hid_FlexDef2b; C:\Windows\System32\DRIVERS\InputFilter_FlexDef2b.sys [14848 2010-06-19] (Microsoft Windows Hardware Compatibility Publisher -> Siliten)
R3 kinonivd; C:\Windows\System32\DRIVERS\kinonivd.sys [231624 2019-02-01] (Kinoni Oy -> Windows (R) Win 7 DDK provider)
R3 KINONI_Wave; C:\Windows\System32\drivers\kinonivad.sys [18432 2019-01-04] (Kinoni Oy -> Windows (R) Win 7 DDK provider)
S3 KMWDFILTER; C:\Windows\System32\DRIVERS\KMWDFILTER.sys [17408 2008-10-10] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Codename Longhorn DDK provider)
S3 Netaapl; C:\Windows\System32\DRIVERS\netaapl.sys [18944 2016-03-28] (Microsoft Windows Hardware Compatibility Publisher -> Apple Inc.)
R3 NETwLv32; C:\Windows\System32\DRIVERS\NETwLv32.sys [6639616 2010-10-06] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
S3 pccsmcfd; C:\Windows\System32\DRIVERS\pccsmcfd.sys [19072 2012-10-17] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
R2 rimmptsk; C:\Windows\System32\DRIVERS\rimmptsk.sys [48128 2016-09-21] (Microsoft Windows Hardware Compatibility Publisher -> REDC)
R2 rimsptsk; C:\Windows\System32\DRIVERS\rimsptsk.sys [44544 2020-12-07] (Microsoft Windows Hardware Compatibility Publisher -> REDC)
R2 risdptsk; C:\Windows\System32\DRIVERS\risdptsk.sys [46592 2015-10-10] (REDC) [Archivo no firmado]
R3 ROCKEYNT; C:\Windows\System32\DRIVERS\Rockey4.sys [26976 2018-05-06] (Feitian Technologies Co., Ltd. -> Feitian Technologies Co., Ltd.)
S3 RtlWlanu; C:\Windows\System32\DRIVERS\rtwlanu.sys [2589912 2000-01-01] (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation)
S2 Sentinel; C:\Windows\System32\Drivers\SENTINEL.SYS [64512 1997-05-30] () [Archivo no firmado]
R2 SSPORT; C:\Windows\system32\Drivers\SSPORT.sys [5120 2008-01-10] (Samsung Electronics) [Archivo no firmado]
R3 TuneUpUtilitiesDrv; C:\Program Files\TuneUp Utilities 2014\TuneUpUtilitiesDriver32.sys [30632 2015-06-04] (AVG Technologies CZ, s.r.o. -> TuneUp Software)
S3 USBAAPL; C:\Windows\System32\Drivers\usbaapl.sys [45056 2016-03-28] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
U1 avgbdisk; no ImagePath
S1 fsvista; \??\C:\Program Files\Seguridad Total PC\apps\ComputerSecurity\Anti-Virus\minifilter\fsvista.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)


==================== Un mes (creado) (Lista blanca) =========

(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)

2021-07-14 00:13 - 2021-07-14 00:18 - 000041579 _____ C:\Users\Ernesto\Desktop\FRST.txt
2021-07-13 22:58 - 2021-07-13 22:58 - 000000000 ____D C:\Windows\system32\Tasks\Mozilla
2021-07-13 21:51 - 2021-07-13 21:51 - 002014208 _____ (Farbar) C:\Users\Ernesto\Desktop\FRST.exe
2021-07-13 12:25 - 2021-07-13 12:25 - 000046592 ___SH C:\Users\Ernesto\Desktop\Thumbs.db
2021-07-12 22:35 - 2021-07-12 22:35 - 000050273 ____N C:\Users\Ernesto\Desktop\justificante_5368BGNMB6P2.pdf
2021-07-12 20:25 - 2021-07-12 20:25 - 000000000 _____ C:\Users\Ernesto\filename.txt
2021-07-11 16:19 - 2021-07-12 06:15 - 000000000 ____D C:\KRD2018_Data
2021-07-09 21:12 - 2021-07-09 21:13 - 000000000 ____D C:\Users\Ernesto\Downloads\rufus_files
2021-07-09 21:11 - 2021-07-09 21:17 - 000000424 __RSH C:\ProgramData\ntuser.pol
2021-07-09 14:27 - 2021-07-09 14:27 - 001173560 _____ (Akeo Consulting) C:\Users\Ernesto\Downloads\rufus-3.14.exe
2021-07-09 10:31 - 2021-07-09 10:33 - 000000000 ____D C:\Users\Ernesto\AppData\Roaming\QTranslate
2021-07-09 10:31 - 2021-07-09 10:31 - 000000989 ____N C:\Users\Ernesto\Desktop\QTranslate.lnk
2021-07-09 10:31 - 2021-07-09 10:31 - 000000000 ____D C:\Users\Ernesto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\QTranslate
2021-07-09 10:31 - 2021-07-09 10:31 - 000000000 ____D C:\Program Files\QTranslate
2021-07-08 20:25 - 2021-07-08 20:25 - 000000734 ____N C:\Users\Ernesto\Desktop\ANUNCIOS - Acceso directo.lnk
2021-07-08 10:49 - 2021-07-08 10:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2021-07-07 09:38 - 2021-07-13 10:46 - 000000182 ____N C:\Users\Ernesto\Desktop\ESCUCHAR RADIO.es.URL
2021-07-04 11:40 - 2021-07-07 10:37 - 000003474 _____ C:\Windows\system32\Tasks\doPDF 11 Update
2021-07-04 11:40 - 2021-07-07 10:36 - 000003460 _____ C:\Windows\system32\Tasks\doPDF 11 Telemetry
2021-07-04 11:40 - 2021-07-04 11:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\doPDF 11
2021-07-01 12:06 - 2021-07-12 17:21 - 000000356 _____ C:\Windows\Tasks\Scheduled scanning task.job
2021-07-01 12:06 - 2021-07-01 12:06 - 000003176 _____ C:\Windows\system32\Tasks\Scheduled scanning task
2021-06-29 13:21 - 2021-06-29 13:21 - 001802704 _____ (Bleeping Computer, LLC) C:\Users\Ernesto\Downloads\rkill.exe
2021-06-28 21:28 - 2021-06-29 22:28 - 000000000 ____D C:\KVRT2020_Data
2021-06-26 11:00 - 2021-06-26 11:03 - 000000908 ____N C:\Users\Ernesto\Desktop\DISCOS.lnk
2021-06-23 13:19 - 2021-06-23 13:19 - 000016384 _____ (Softland) C:\Windows\system32\novamn11.dll
2021-06-23 13:19 - 2021-06-23 13:19 - 000014848 _____ (Softland) C:\Windows\system32\novami11.dll
2021-06-23 11:52 - 2021-06-23 11:53 - 000000000 ____D C:\Users\Ernesto\Desktop\GORRAS
2021-06-21 13:14 - 2021-06-22 12:28 - 000000000 ____D C:\Users\Ernesto\Desktop\AMAZON
2021-06-17 21:34 - 2021-06-17 21:35 - 010730955 _____ C:\Users\Ernesto\Downloads\BODA VICTORIA&AITOR.rar

==================== Un mes (modificado) ==================

(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)

2021-07-14 00:17 - 2021-06-08 13:19 - 000000000 ____D C:\FRST
2021-07-14 00:11 - 2018-02-11 22:35 - 000003486 _____ C:\Windows\system32\Tasks\AutoKMS
2021-07-14 00:09 - 2018-06-02 12:12 - 000000000 ____D C:\Program Files\CCleaner
2021-07-14 00:07 - 2020-03-22 22:55 - 000000978 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job
2021-07-14 00:07 - 2009-07-14 06:53 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2021-07-13 23:57 - 2019-01-30 20:50 - 000000000 ____D C:\ProgramData\Mozilla
2021-07-13 23:56 - 2016-11-23 13:40 - 000000000 ____D C:\Users\Ernesto\AppData\LocalLow\Mozilla
2021-07-13 23:49 - 2009-07-14 06:34 - 000024320 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2021-07-13 23:49 - 2009-07-14 06:34 - 000024320 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2021-07-13 23:21 - 2016-08-09 14:13 - 000004006 _____ C:\Windows\system32\Tasks\User_Feed_Synchronization-{1953C800-7761-4447-B8F2-F88855800B51}
2021-07-13 23:14 - 2021-03-15 11:56 - 000000000 ____D C:\Program Files\Mozilla Firefox
2021-07-13 23:14 - 2017-11-25 13:44 - 000000000 ____D C:\Program Files\Mozilla Maintenance Service
2021-07-13 22:39 - 2016-08-13 10:38 - 000000000 ____D C:\Users\Ernesto\Documents\Archivos de Outlook
2021-07-13 22:38 - 2020-06-01 22:01 - 000000000 ____D C:\Users\Ernesto\AppData\Local\F2EBF1ED-E803-45A3-A952-E48788DA658B.aplzod
2021-07-13 22:38 - 2017-09-20 20:51 - 000000000 ____D C:\Users\Ernesto\AppData\Local\Deployment
2021-07-13 22:33 - 2020-02-11 13:30 - 000000000 ____D C:\Users\Ernesto\Desktop\CApp.v2.0.4-Final.140218.Portable.Windows
2021-07-13 22:29 - 2020-03-22 22:55 - 000000982 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job
2021-07-13 22:26 - 2021-03-06 12:39 - 000000000 ____D C:\Users\Ernesto\AppData\Local\CrashDumps
2021-07-13 10:10 - 2018-11-18 21:02 - 000004466 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task
2021-07-13 09:59 - 2019-10-03 12:05 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2021-07-12 22:44 - 2018-02-03 21:39 - 000000057 _____ C:\Users\Ernesto\AppData\Roaming\stsetting.ini
2021-07-12 21:54 - 2016-08-10 12:23 - 000000000 ____D C:\Users\Ernesto\Desktop\Bases de Datos
2021-07-12 20:25 - 2016-08-09 11:57 - 000000000 ____D C:\Users\Ernesto
2021-07-12 13:11 - 2021-02-01 22:50 - 000000000 ____D C:\Users\Ernesto\Desktop\IBERDROLA ERNESTO
2021-07-12 13:00 - 2016-08-20 13:43 - 000000000 ____D C:\Users\Ernesto\Desktop\AUTOCAD
2021-07-10 14:09 - 2016-08-14 11:21 - 000000000 ____D C:\Users\Ernesto\AppData\Roaming\vlc
2021-07-09 13:39 - 2016-08-09 11:40 - 001685896 _____ C:\Windows\system32\PerfStringBackup.INI
2021-07-09 13:39 - 2009-07-14 10:48 - 000751282 _____ C:\Windows\system32\perfh00A.dat
2021-07-09 13:39 - 2009-07-14 10:48 - 000160292 _____ C:\Windows\system32\perfc00A.dat
2021-07-09 13:39 - 2009-07-14 04:37 - 000000000 ____D C:\Windows\inf
2021-07-08 10:50 - 2020-03-22 22:55 - 000000000 ____D C:\Program Files\Dropbox
2021-07-08 10:36 - 2016-12-01 14:20 - 000000000 ____D C:\Users\Ernesto\Documents\CEX
2021-07-08 10:35 - 2016-08-14 13:44 - 000000000 ___RD C:\Users\Ernesto\Documents\Scanned Documents
2021-07-07 10:34 - 2016-08-13 11:58 - 000000000 ____D C:\Users\Ernesto\Desktop\LIMPIAR REGISTRO
2021-07-05 14:26 - 2016-08-09 14:32 - 000000000 ____D C:\ProgramData\F-Secure
2021-07-04 11:41 - 2016-09-29 22:54 - 000000000 ____D C:\ProgramData\Package Cache
2021-07-04 11:36 - 2021-02-24 14:04 - 000000000 ____D C:\Program Files\Softland
2021-07-03 12:02 - 2017-07-29 11:55 - 000000000 ____D C:\Windows\Minidump
2021-07-03 11:43 - 2016-08-24 11:22 - 000000000 ____D C:\Program Files\Driver Magician
2021-07-02 12:47 - 2016-08-14 10:18 - 001125376 ____N C:\Users\Ernesto\Desktop\LECTURA CONTADOR COMILLAS.xls
2021-06-30 13:21 - 2020-06-08 11:06 - 000000000 ____D C:\Users\Ernesto\AppData\Roaming\Kodi
2021-06-30 13:09 - 2016-08-13 11:59 - 000000000 ____D C:\Users\Ernesto\Desktop\MUSICA Y FOTOS
2021-06-29 21:25 - 2017-08-01 20:44 - 000000000 ____D C:\Windows\pss
2021-06-29 13:30 - 2018-03-19 11:13 - 000011866 _____ C:\Windows\system32\Drivers\etc\hosts.txt
2021-06-24 13:24 - 2020-05-08 10:50 - 000000000 ____D C:\Users\Ernesto\Desktop\GASTOS 2020-2021
2021-06-24 11:24 - 2020-03-22 22:55 - 000003978 _____ C:\Windows\system32\Tasks\DropboxUpdateTaskMachineUA
2021-06-24 11:24 - 2020-03-22 22:55 - 000003726 _____ C:\Windows\system32\Tasks\DropboxUpdateTaskMachineCore
2021-06-21 14:31 - 2017-02-12 11:14 - 000000000 ____D C:\Windows\system32\F-Secure
2021-06-19 13:21 - 2016-09-04 21:58 - 000000000 ____D C:\Windows\system32\RTCOM
2021-06-19 11:01 - 2019-06-01 13:03 - 000003182 _____ C:\Windows\system32\Tasks\klcp_update
2021-06-19 10:59 - 2021-02-21 13:05 - 000003870 _____ C:\Windows\system32\Tasks\CCleaner Update
2021-06-18 12:59 - 2018-07-12 20:02 - 000000000 ___RD C:\Users\Ernesto\Desktop\Reset-COMO ADMINISTRADOR
2021-06-18 12:55 - 2018-04-23 20:23 - 000000000 ____D C:\Users\Ernesto\Desktop\Gestion Colegio
2021-06-18 10:42 - 2018-08-07 13:14 - 000000000 ____D C:\Users\Ernesto\Desktop\fotos transferidas
2021-06-18 10:41 - 2020-12-27 00:12 - 000000000 ____D C:\Users\Ernesto\Desktop\AQUALIA COMILLAS 2020-2021
2021-06-17 21:02 - 2020-10-24 12:42 - 000000000 ____D C:\Users\Ernesto\AppData\Roaming\Telegram Desktop
2021-06-15 13:18 - 2019-03-03 14:04 - 000000000 ____D C:\Users\Ernesto\AppData\Roaming\Canon
2021-06-14 10:30 - 2021-06-09 13:25 - 000000000 ____D C:\ProgramData\MB3Migration
24

Otra parte


==================== Archivos en la raíz de algunos directorios ========

2016-12-06 12:25 - 2016-12-06 23:30 - 007065600 _____ () C:\Program Files\GUT4E9D.tmp
2016-12-01 14:21 - 2016-12-01 14:21 - 000005340 _____ () C:\Program Files\unins000.dat
2016-12-01 14:21 - 2016-12-01 14:21 - 000719954 _____ () C:\Program Files\unins000.exe
2016-12-01 14:22 - 2016-12-01 14:22 - 000025928 _____ () C:\Program Files\unins001.dat
2016-12-01 14:22 - 2016-12-01 14:22 - 000719954 _____ () C:\Program Files\unins001.exe
2016-12-01 14:26 - 2016-12-01 14:27 - 000009504 _____ () C:\Program Files\unins004.dat
2016-12-01 14:26 - 2016-12-01 14:26 - 000719954 _____ () C:\Program Files\unins004.exe
2016-12-01 14:27 - 2016-12-01 14:27 - 000011941 _____ () C:\Program Files\unins005.dat
2016-12-01 14:27 - 2016-12-01 14:27 - 000719954 _____ () C:\Program Files\unins005.exe
2018-07-10 21:50 - 2018-07-10 21:50 - 000007427 _____ () C:\Program Files\unins006.dat
2018-07-10 21:50 - 2018-07-10 21:50 - 000719954 _____ () C:\Program Files\unins006.exe
2018-10-23 22:33 - 2018-10-24 12:40 - 000013380 _____ () C:\Program Files\unins007.dat
2016-08-14 12:05 - 2019-06-02 21:04 - 000000666 _____ () C:\Users\Ernesto\AppData\Roaming\burnaware.ini
2016-08-15 22:13 - 2016-08-15 22:32 - 000000115 _____ () C:\Users\Ernesto\AppData\Roaming\LogFile.txt
2019-06-28 21:06 - 2019-06-28 21:06 - 000000004 _____ () C:\Users\Ernesto\AppData\Roaming\stlan.ini
2018-02-03 21:39 - 2021-07-12 22:44 - 000000057 _____ () C:\Users\Ernesto\AppData\Roaming\stsetting.ini
2020-04-23 21:54 - 2020-04-23 21:54 - 000000008 _____ () C:\Users\Ernesto\AppData\Roaming\stsound.dll
2017-09-20 12:24 - 2017-09-21 10:55 - 000038439 _____ () C:\Users\Ernesto\AppData\Roaming\Valores separados por comas (Windows).ADR
2020-05-18 13:59 - 2020-05-18 14:43 - 000000716 ____H () C:\Users\Ernesto\AppData\Roaming\{FC8D7619-D302-BD53-4ABB-8EE5A1ECDA75}
2021-05-31 10:59 - 2021-05-31 10:59 - 000000000 ____H () C:\Users\Ernesto\AppData\Local\BIT8ECC.tmp
2017-03-11 13:43 - 2017-03-11 13:43 - 000004096 ____H () C:\Users\Ernesto\AppData\Local\keyfile3.drm
2016-10-22 10:09 - 2016-10-22 10:09 - 000000001 _____ () C:\Users\Ernesto\AppData\Local\llftool.4.30.agreement
2018-09-30 09:23 - 2018-09-30 09:23 - 000000000 _____ () C:\Users\Ernesto\AppData\Local\oobelibMkey.log
2021-05-31 10:59 - 2021-05-31 10:59 - 000000000 _____ () C:\Users\Ernesto\AppData\Local\{2EF24744-DE29-4005-9D1E-5903DA2DBC6D}
2020-05-01 20:10 - 2020-05-01 20:10 - 000000000 _____ () C:\Users\Ernesto\AppData\Local\{8E1E5D4A-8103-42CC-B49F-E7A5EA872940}

==================== FLock ==============================

2016-03-24 00:39 C:\bootmgr
2021-07-12 06:15 C:\KRD2018_Data
2009-06-10 23:16 C:\Windows\system32\12520437.cpx
2009-06-10 23:16 C:\Windows\system32\12520850.cpx
2010-11-20 14:18 C:\Windows\system32\accessibilitycpl.dll
2009-07-14 03:03 C:\Windows\system32\ACCTRES.dll
2009-07-14 03:14 C:\Windows\system32\acledit.dll
2009-07-14 03:14 C:\Windows\system32\aclui.dll
2019-09-10 02:10 C:\Windows\system32\acmigration.dll
2010-11-20 14:18 C:\Windows\system32\acppage.dll
2009-07-14 03:14 C:\Windows\system32\acproxy.dll
2010-11-20 14:18 C:\Windows\system32\ActionCenter.dll
2010-11-20 14:18 C:\Windows\system32\ActionCenterCPL.dll
2010-11-20 14:18 C:\Windows\system32\ActionQueue.dll
2010-11-20 14:18 C:\Windows\system32\activeds.dll
2009-07-14 01:37 C:\Windows\system32\activeds.tlb
2010-11-20 14:18 C:\Windows\system32\actxprxy.dll
2009-07-14 03:14 C:\Windows\system32\AdapterTroubleshooter.exe
2010-11-20 14:18 C:\Windows\system32\AdmTmpl.dll
2014-03-04 11:17 C:\Windows\system32\adprovider.dll
2010-11-20 14:18 C:\Windows\system32\adsldp.dll
2009-07-14 03:14 C:\Windows\system32\adsldpc.dll
2016-09-12 22:49 C:\Windows\system32\adsmsext.dll
2009-07-14 03:14 C:\Windows\system32\adsnt.dll
2020-01-03 05:37 C:\Windows\system32\adtschema.dll
2016-08-16 21:28 C:\Windows\system32\AdvancedInstallers
2020-01-03 05:37 C:\Windows\system32\advapi32.dll
2009-07-14 03:14 C:\Windows\system32\advpack.dll
2009-07-14 03:14 C:\Windows\system32\aecache.dll
2009-07-14 03:03 C:\Windows\system32\aeevts.dll
2019-09-17 04:29 C:\Windows\system32\aeinv.dll
2015-10-29 19:49 C:\Windows\system32\aelupsvc.dll
2019-09-10 02:10 C:\Windows\system32\aepic.dll
2010-11-20 14:16 C:\Windows\system32\aitagent.exe
2019-09-10 02:10 C:\Windows\system32\aitstatic.exe
2009-07-14 03:14 C:\Windows\system32\alg.exe
2009-07-14 03:14 C:\Windows\system32\AltTab.dll
2009-07-13 23:04 C:\Windows\system32\amcompat.tlb
2010-11-20 14:18 C:\Windows\system32\amstream.dll
2009-07-14 03:14 C:\Windows\system32\amxread.dll
2009-07-13 23:40 C:\Windows\system32\ANSI.SYS
2009-07-14 03:14 C:\Windows\system32\apds.dll
2020-01-03 05:37 C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2020-01-03 05:37 C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2020-01-03 05:37 C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2020-01-03 05:37 C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2020-01-03 05:37 C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2020-01-03 05:37 C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2020-01-03 05:37 C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2019-04-12 15:04 C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2019-04-12 15:04 C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2020-01-03 05:37 C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2020-01-03 05:37 C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2020-01-03 05:37 C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2020-01-03 05:37 C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2020-01-03 05:37 C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2020-01-03 05:37 C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2019-04-12 15:04 C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2020-01-03 05:37 C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2020-01-03 05:37 C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2020-01-03 05:37 C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2020-01-03 05:37 C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2020-01-03 05:37 C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2020-01-03 05:37 C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2019-04-12 15:04 C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2020-01-03 05:37 C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2020-01-03 05:37 C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2020-01-03 05:37 C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2020-01-03 05:37 C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2019-04-12 15:04 C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2020-01-03 05:37 C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2020-01-03 05:02 C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2019-04-12 15:04 C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2020-01-03 05:02 C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2020-01-03 05:02 C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2019-04-12 15:04 C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2019-04-12 15:04 C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2019-04-12 15:04 C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2019-04-12 15:04 C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2019-04-12 15:04 C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2019-04-12 15:04 C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2019-04-12 15:04 C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2019-04-12 15:04 C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2019-04-12 15:04 C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2019-04-12 15:04 C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2019-04-12 15:04 C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2019-04-12 15:04 C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2019-04-12 15:04 C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2019-04-12 15:04 C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2019-04-12 15:04 C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2019-04-12 15:04 C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2016-08-10 12:31 C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2016-08-10 12:31 C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2016-08-10 12:31 C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2016-08-10 12:31 C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2016-08-10 12:31 C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2016-08-10 12:31 C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2016-08-10 12:31 C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2016-08-10 12:31 C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2016-08-10 12:31 C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2020-01-03 05:02 C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2009-07-14 01:11 C:\Windows\system32\api-ms-win-security-lsalookup-l1-1-0.dll
2009-07-14 01:11 C:\Windows\system32\api-ms-win-security-sddl-l1-1-0.dll
2009-07-14 03:03 C:\Windows\system32\api-ms-win-service-core-l1-1-0.dll
2009-07-14 03:03 C:\Windows\system32\api-ms-win-service-management-l1-1-0.dll
2009-07-14 03:03 C:\Windows\system32\api-ms-win-service-management-l2-1-0.dll
2009-07-14 03:03 C:\Windows\system32\api-ms-win-service-winsvc-l1-1-0.dll
2009-07-14 03:14 C:\Windows\system32\apilogen.dll
2009-07-14 03:14 C:\Windows\system32\apircl.dll
2020-01-03 05:37 C:\Windows\system32\apisetschema.dll
2009-07-13 23:40 C:\Windows\system32\append.exe
2015-10-29 19:49 C:\Windows\system32\apphelp.dll
2009-07-14 03:14 C:\Windows\system32\Apphlpdm.dll
2020-01-03 05:37 C:\Windows\system32\appidapi.dll
2020-01-03 05:10 C:\Windows\system32\appidcertstorecheck.exe
2020-01-03 05:10 C:\Windows\system32\appidpolicyconverter.exe
2009-07-14 03:14 C:\Windows\system32\AppIdPolicyEngineApi.dll
2020-01-03 05:10 C:\Windows\system32\appidsvc.dll
2019-11-05 23:24 C:\Windows\system32\appinfo.dll
2009-07-14 03:14 C:\Windows\system32\appmgmts.dll
2010-11-20 14:18 C:\Windows\system32\appmgr.dll
2019-10-26 02:17 C:\Windows\system32\appraiser.dll
2010-11-20 14:16 C:\Windows\system32\appwiz.cpl
2009-07-14 03:14 C:\Windows\system32\apss.dll
2009-07-14 03:14 C:\Windows\system32\ARP.EXE
2009-07-14 03:03 C:\Windows\system32\asferror.dll
2017-03-07 18:17 C:\Windows\system32\asycfilt.dll
2009-07-14 03:14 C:\Windows\system32\at.exe
2009-07-14 03:14 C:\Windows\system32\AtBroker.exe
2009-07-14 03:14 C:\Windows\system32\atl.dll
2019-11-15 04:32 C:\Windows\system32\atmfd.dll
2019-11-15 03:59 C:\Windows\system32\atmlib.dll
2009-07-14 03:14 C:\Windows\system32\attrib.exe
2010-11-20 14:18 C:\Windows\system32\audiodev.dll
2019-09-12 05:32 C:\Windows\system32\audiodg.exe
2019-09-12 05:52 C:\Windows\system32\AudioEng.dll
2019-09-12 05:53 C:\Windows\system32\AUDIOKSE.dll
2019-09-12 05:52 C:\Windows\system32\AudioSes.dll
2019-09-12 05:52 C:\Windows\system32\audiosrv.dll
2009-07-14 03:14 C:\Windows\system32\auditcse.dll
2009-07-14 03:14 C:\Windows\system32\AuditNativeSnapIn.dll
2020-01-03 05:09 C:\Windows\system32\auditpol.exe
2009-07-14 03:14 C:\Windows\system32\AuditPolicyGPInterop.dll
2009-07-14 03:03 C:\Windows\system32\auditpolmsg.dll
2009-07-14 03:14 C:\Windows\system32\authfwcfg.dll
2009-07-14 03:14 C:\Windows\system32\AuthFWGP.dll
2010-11-20 14:32 C:\Windows\system32\AuthFWSnapin.dll
2009-07-14 03:20 C:\Windows\system32\AuthFWWizFwk.dll
2019-11-05 23:24 C:\Windows\system32\authui.dll
2009-07-14 03:14 C:\Windows\system32\authz.dll
2010-11-20 14:16 C:\Windows\system32\autochk.exe
2010-11-20 14:16 C:\Windows\system32\autoconv.exe
2010-11-20 14:16 C:\Windows\system32\autofmt.exe
2010-11-20 14:18 C:\Windows\system32\autoplay.dll
2009-07-14 03:14 C:\Windows\system32\AuxiliaryDisplayApi.dll
2009-07-14 03:14 C:\Windows\system32\AuxiliaryDisplayClassInstaller.dll
2010-11-20 14:18 C:\Windows\system32\AuxiliaryDisplayCpl.dll
2009-07-14 03:14 C:\Windows\system32\AuxiliaryDisplayDriverLib.dll
2010-11-20 14:18 C:\Windows\system32\AuxiliaryDisplayServices.dll
2009-06-10 23:21 C:\Windows\system32\avicap.dll
2009-07-14 03:14 C:\Windows\system32\avicap32.dll
2010-11-20 14:18 C:\Windows\system32\avifil32.dll
2009-06-10 23:21 C:\Windows\system32\avifile.dll
2009-07-14 03:14 C:\Windows\system32\avrt.dll
2019-11-05 23:24 C:\Windows\system32\AxInstSv.dll
2019-11-05 22:57 C:\Windows\system32\AxInstUI.exe
2009-06-10 23:21 C:\Windows\system32\azman.msc
2010-11-20 14:18 C:\Windows\system32\azroles.dll
2010-11-20 14:18 C:\Windows\system32\azroleui.dll
2010-11-20 14:18 C:\Windows\system32\AzSqlExt.dll
2009-07-14 03:14 C:\Windows\system32\baaupdate.exe
2018-03-06 20:13 C:\Windows\system32\basecsp.dll
2015-07-15 04:55 C:\Windows\system32\basesrv.dll
2010-11-20 14:18 C:\Windows\system32\batmeter.dll
2009-07-14 03:14 C:\Windows\system32\batt.dll
2010-11-20 14:16 C:\Windows\system32\bcdboot.exe
2016-10-11 16:51 C:\Windows\system32\bcdedit.exe
2009-07-14 03:14 C:\Windows\system32\bcdprov.dll
2010-11-20 14:18 C:\Windows\system32\bcdsrv.dll
2020-01-03 05:37 C:\Windows\system32\bcrypt.dll
2016-05-12 15:04 C:\Windows\system32\bcryptprimitives.dll
2009-07-14 03:14 C:\Windows\system32\bdaplgin.ax
2010-11-20 14:16 C:\Windows\system32\BdeHdCfg.exe
2009-07-14 03:14 C:\Windows\system32\BdeHdCfgLib.dll
2009-07-14 03:14 C:\Windows\system32\bderepair.dll
2009-07-14 03:14 C:\Windows\system32\bdesvc.dll
2009-07-14 03:14 C:\Windows\system32\bdeui.dll
2009-07-14 03:14 C:\Windows\system32\BdeUISrv.exe
2009-07-14 03:14 C:\Windows\system32\BdeUnlockWizard.exe
2010-11-20 14:18 C:\Windows\system32\BFE.DLL
2009-07-14 03:14 C:\Windows\system32\bidispl.dll
2010-11-20 14:18 C:\Windows\system32\biocpl.dll
2009-07-14 03:14 C:\Windows\system32\BioCredProv.dll
2009-06-10 23:42 C:\Windows\system32\bios1.rom
2009-06-10 23:42 C:\Windows\system32\bios4.rom
2009-07-14 03:14 C:\Windows\system32\BitLockerWizard.exe
2009-07-14 03:14 C:\Windows\system32\BitLockerWizardElev.exe
2010-11-20 14:16 C:\Windows\system32\bitsadmin.exe
2009-07-14 03:14 C:\Windows\system32\bitsigd.dll
2010-11-20 14:18 C:\Windows\system32\bitsperf.dll
2009-07-14 03:14 C:\Windows\system32\bitsprx2.dll
2009-07-14 03:14 C:\Windows\system32\bitsprx3.dll
2009-07-14 03:14 C:\Windows\system32\bitsprx4.dll
2009-07-14 03:14 C:\Windows\system32\bitsprx5.dll
2009-07-14 03:14 C:\Windows\system32\bitsprx6.dll
2019-06-12 17:19 C:\Windows\system32\blackbox.dll
2010-11-20 13:56 C:\Windows\system32\BlbEvents.dll
2009-07-14 03:04 C:\Windows\system32\blbres.dll
2009-07-14 03:15 C:\Windows\system32\blb_ps.dll
2019-12-13 12:13 C:\Windows\system32\Boot
2009-06-10 23:44 C:\Windows\system32\boot.sdi
2009-07-14 03:14 C:\Windows\system32\bootcfg.exe
2010-11-20 14:29 C:\Windows\system32\bootres.dll
2009-07-14 03:04 C:\Windows\system32\bootstr.dll
2009-07-14 03:26 C:\Windows\system32\BOOTVID.DLL
2009-06-10 23:30 C:\Windows\system32\bopomofo.uce
2019-02-07 17:42 C:\Windows\system32\brdgcfg.dll
2019-02-07 17:57 C:\Windows\system32\bridgeres.dll
2019-02-07 17:42 C:\Windows\system32\bridgeunattend.exe
2012-07-04 23:14 C:\Windows\system32\browcli.dll
2012-07-04 23:14 C:\Windows\system32\browser.dll
2010-11-20 14:18 C:\Windows\system32\browseui.dll
2009-07-14 03:15 C:\Windows\system32\bthci.dll
2009-07-14 03:15 C:\Windows\system32\BthMtpContextHandler.dll
2009-07-14 03:15 C:\Windows\system32\bthpanapi.dll
2009-07-14 03:15 C:\Windows\system32\BthpanContextHandler.dll
2010-11-20 14:16 C:\Windows\system32\bthprops.cpl
2009-07-14 03:15 C:\Windows\system32\bthserv.dll
2009-07-14 03:14 C:\Windows\system32\bthudtask.exe
2009-07-14 03:15 C:\Windows\system32\btpanui.dll
2010-11-20 14:16 C:\Windows\system32\Bubbles.scr
2009-07-14 03:15 C:\Windows\system32\BWContextHandler.dll
2009-07-14 03:15 C:\Windows\system32\BWUnpairElevated.dll
2010-11-20 14:18 C:\Windows\system32\cabinet.dll
2010-11-20 14:18 C:\Windows\system32\cabview.dll
2009-07-14 03:14 C:\Windows\system32\cacls.exe
2010-11-20 14:16 C:\Windows\system32\calc.exe
2014-03-04 11:17 C:\Windows\system32\capiprovider.dll
2009-07-14 03:15 C:\Windows\system32\capisp.dll
2009-07-14 03:04 C:\Windows\system32\CardGames.dll
2009-07-14 03:15 C:\Windows\system32\catsrv.dll
2009-07-14 03:15 C:\Windows\system32\catsrvps.dll
2018-04-10 18:32 C:\Windows\system32\catsrvut.dll
2010-11-20 14:18 C:\Windows\system32\cca.dll
2019-08-14 00:12 C:\Windows\system32\cdd.dll
2019-05-09 17:17 C:\Windows\system32\cdosys.dll
2019-09-10 02:10 C:\Windows\system32\centel.dll
2012-12-07 12:46 C:\Windows\system32\cero.rs
2015-04-18 04:56 C:\Windows\system32\certcli.dll
2009-07-14 03:15 C:\Windows\system32\certCredProvider.dll
2013-05-13 05:08 C:\Windows\system32\certenc.dll
2010-11-20 14:18 C:\Windows\system32\CertEnroll.dll
2009-07-14 03:14 C:\Windows\system32\CertEnrollCtrl.exe
2009-07-14 03:15 C:\Windows\system32\CertEnrollUI.dll
2010-11-20 14:18 C:\Windows\system32\certmgr.dll
2009-06-10 23:36 C:\Windows\system32\certmgr.msc
2010-11-20 14:18 C:\Windows\system32\CertPolEng.dll
2010-11-20 14:18 C:\Windows\system32\certprop.dll
2009-07-14 03:14 C:\Windows\system32\certreq.exe
2013-05-13 05:08 C:\Windows\system32\certutil.exe
2015-06-02 01:47 C:\Windows\system32\cewmdm.dll
2009-07-14 03:15 C:\Windows\system32\cfgbkend.dll
2010-11-20 14:18 C:\Windows\system32\cfgmgr32.dll
2016-10-11 17:18 C:\Windows\system32\chajei.ime
25

Otra parte:

2010-11-20 14:16 C:\Windows\system32\change.exe
2014-10-30 03:45 C:\Windows\system32\charmap.exe
2009-07-14 01:15 C:\Windows\system32\chcp.com
2010-11-20 14:16 C:\Windows\system32\chglogon.exe
2010-11-20 14:16 C:\Windows\system32\chgport.exe
2010-11-20 14:16 C:\Windows\system32\chgusr.exe
2009-07-14 03:14 C:\Windows\system32\chkdsk.exe
2009-07-14 03:14 C:\Windows\system32\chkntfs.exe
2009-07-14 03:15 C:\Windows\system32\chkwudrv.dll
2009-07-14 03:14 C:\Windows\system32\choice.exe
2009-07-14 03:15 C:\Windows\system32\chsbrkr.dll
2009-07-14 03:15 C:\Windows\system32\chtbrkr.dll
2009-07-14 03:15 C:\Windows\system32\CHxReadingStringIME.dll
2019-09-17 02:10 C:\Windows\system32\ci.dll
2017-08-14 19:35 C:\Windows\system32\cic.dll
2016-10-11 17:18 C:\Windows\system32\cintlgnt.ime
2009-07-14 03:14 C:\Windows\system32\cipher.exe
2009-07-14 03:15 C:\Windows\system32\clb.dll
2009-07-14 03:15 C:\Windows\system32\clbcatq.dll
2009-07-14 03:14 C:\Windows\system32\cleanmgr.exe
2019-12-10 11:43 C:\Windows\system32\clfs.sys
2015-03-04 06:10 C:\Windows\system32\clfsw32.dll
2009-07-14 03:15 C:\Windows\system32\cliconfg.dll
2009-07-14 03:14 C:\Windows\system32\cliconfg.exe
2009-07-14 02:12 C:\Windows\system32\cliconfg.rll
2009-07-14 03:14 C:\Windows\system32\clip.exe
2010-11-20 14:18 C:\Windows\system32\clusapi.dll
2009-07-14 03:15 C:\Windows\system32\cmcfg32.dll
2010-11-20 14:17 C:\Windows\system32\cmd.exe
2009-07-14 03:15 C:\Windows\system32\cmdial32.dll
2009-07-14 03:14 C:\Windows\system32\cmdkey.exe
2009-07-14 03:14 C:\Windows\system32\cmdl32.exe
2009-07-14 03:15 C:\Windows\system32\cmicryptinstall.dll
2009-07-14 03:15 C:\Windows\system32\cmifw.dll
2009-07-14 03:15 C:\Windows\system32\cmipnpinstall.dll
2009-07-14 03:15 C:\Windows\system32\cmlua.dll
2009-07-14 03:14 C:\Windows\system32\cmmon32.exe
2009-07-14 03:15 C:\Windows\system32\cmncliM.dll
2009-07-14 03:15 C:\Windows\system32\cmpbk32.dll
2010-11-20 14:17 C:\Windows\system32\cmstp.exe
2009-07-14 03:15 C:\Windows\system32\cmstplua.dll
2009-07-14 03:15 C:\Windows\system32\cmutil.dll
2009-07-14 03:15 C:\Windows\system32\cngaudit.dll
2014-03-04 11:17 C:\Windows\system32\cngprovider.dll
2009-07-14 03:15 C:\Windows\system32\cnvfat.dll
2012-12-07 12:46 C:\Windows\system32\cob-au.rs
2009-07-14 03:14 C:\Windows\system32\cofire.exe
2009-07-14 03:15 C:\Windows\system32\cofiredm.dll
2009-07-14 03:15 C:\Windows\system32\colbact.dll
2009-07-14 03:14 C:\Windows\system32\collab.cpl
2015-12-08 23:53 C:\Windows\system32\COLORCNV.DLL
2009-07-14 03:14 C:\Windows\system32\colorcpl.exe
2009-07-14 03:15 C:\Windows\system32\colorui.dll
2019-11-15 04:04 C:\Windows\system32\comcat.dll
2015-04-24 19:56 C:\Windows\system32\comctl32.dll
2010-11-20 14:18 C:\Windows\system32\comdlg32.dll
2009-06-10 23:17 C:\Windows\system32\comexp.msc
2009-07-13 23:41 C:\Windows\system32\COMM.drv
2009-07-13 23:40 C:\Windows\system32\COMMAND.COM
2009-07-13 23:41 C:\Windows\system32\COMMDLG.DLL
2009-07-14 03:14 C:\Windows\system32\comp.exe
2009-07-14 03:14 C:\Windows\system32\compact.exe
2019-11-05 23:27 C:\Windows\system32\CompatTelRunner.exe
2009-06-10 23:21 C:\Windows\system32\compmgmt.msc
2009-07-14 03:14 C:\Windows\system32\CompMgmtLauncher.exe
2009-06-10 23:25 C:\Windows\system32\compobj.dll
2009-07-14 03:15 C:\Windows\system32\compstui.dll
2009-07-14 03:14 C:\Windows\system32\ComputerDefaults.exe
2009-07-14 03:15 C:\Windows\system32\comrepl.dll
2009-07-14 03:04 C:\Windows\system32\comres.dll
2009-07-14 03:15 C:\Windows\system32\comsnap.dll
2018-04-10 18:33 C:\Windows\system32\comsvcs.dll
2009-07-14 03:15 C:\Windows\system32\comuid.dll
2020-01-03 05:07 C:\Windows\system32\conhost.exe
2009-07-14 03:15 C:\Windows\system32\connect.dll
2019-11-05 23:29 C:\Windows\system32\consent.exe
2009-07-14 03:15 C:\Windows\system32\console.dll
2009-07-14 03:14 C:\Windows\system32\control.exe
2009-07-14 03:14 C:\Windows\system32\convert.exe
2009-07-14 03:15 C:\Windows\system32\correngine.dll
2009-07-13 23:40 C:\Windows\system32\country.sys
2016-01-22 08:04 C:\Windows\system32\CPFilters.dll
2020-01-03 05:37 C:\Windows\system32\credssp.dll
2013-10-04 03:56 C:\Windows\system32\credui.dll
2009-07-14 03:14 C:\Windows\system32\credwiz.exe
2009-07-14 03:15 C:\Windows\system32\CRPPresentation.dll
2009-07-14 03:15 C:\Windows\system32\crtdll.dll
2019-12-10 10:38 C:\Windows\system32\crypt32.dll
2020-01-03 05:02 C:\Windows\system32\cryptbase.dll
2013-05-10 05:20 C:\Windows\system32\cryptdlg.dll
2019-04-05 02:23 C:\Windows\system32\cryptdll.dll
2009-07-14 03:15 C:\Windows\system32\cryptext.dll
2019-12-10 10:38 C:\Windows\system32\cryptnet.dll
2019-06-12 17:19 C:\Windows\system32\cryptsp.dll
2019-12-10 10:38 C:\Windows\system32\cryptsvc.dll
2019-11-05 23:24 C:\Windows\system32\cryptui.dll
2009-07-14 03:15 C:\Windows\system32\cryptxml.dll
2018-06-29 17:09 C:\Windows\system32\cscapi.dll
2018-06-29 17:40 C:\Windows\system32\cscdll.dll
2018-06-29 17:40 C:\Windows\system32\CscMig.dll
2010-11-20 14:18 C:\Windows\system32\cscobj.dll
2018-10-27 05:04 C:\Windows\system32\cscript.exe
2018-06-29 17:40 C:\Windows\system32\cscsvc.dll
2010-11-20 14:18 C:\Windows\system32\cscui.dll
2012-12-07 12:46 C:\Windows\system32\csrr.rs
2020-01-03 05:37 C:\Windows\system32\csrsrv.dll
2009-07-14 03:14 C:\Windows\system32\csrss.exe
2009-07-14 03:14 C:\Windows\system32\csrstub.exe
2009-07-14 03:14 C:\Windows\system32\ctfmon.exe
2009-07-14 03:15 C:\Windows\system32\ctl3d32.dll
2009-06-10 23:42 C:\Windows\system32\ctl3dv2.dll
2009-07-14 03:14 C:\Windows\system32\cttune.exe
2009-07-14 03:14 C:\Windows\system32\cttunesvr.exe
2009-06-10 23:48 C:\Windows\system32\C_037.NLS
2009-06-10 23:48 C:\Windows\system32\C_10000.NLS
2009-06-10 23:48 C:\Windows\system32\C_10001.NLS
2009-06-10 23:48 C:\Windows\system32\C_10002.NLS
2009-06-10 23:48 C:\Windows\system32\C_10003.NLS
2009-06-10 23:48 C:\Windows\system32\C_10004.NLS
2009-06-10 23:48 C:\Windows\system32\C_10005.NLS
2009-06-10 23:48 C:\Windows\system32\C_10006.NLS
2009-06-10 23:48 C:\Windows\system32\C_10007.NLS
2009-06-10 23:48 C:\Windows\system32\C_10008.NLS
2009-06-10 23:48 C:\Windows\system32\C_10010.NLS
2009-06-10 23:48 C:\Windows\system32\C_10017.NLS
2009-06-10 23:48 C:\Windows\system32\C_10021.NLS
2009-06-10 23:48 C:\Windows\system32\C_10029.NLS
2009-06-10 23:48 C:\Windows\system32\C_10079.NLS
2009-06-10 23:48 C:\Windows\system32\C_10081.NLS
2009-06-10 23:48 C:\Windows\system32\C_10082.NLS
2009-06-10 23:48 C:\Windows\system32\C_1026.NLS
2009-06-10 23:48 C:\Windows\system32\C_1047.NLS
2009-06-10 23:48 C:\Windows\system32\C_1140.NLS
2009-06-10 23:48 C:\Windows\system32\C_1141.NLS
2009-06-10 23:48 C:\Windows\system32\C_1142.NLS
2009-06-10 23:48 C:\Windows\system32\C_1143.NLS
2009-06-10 23:48 C:\Windows\system32\C_1144.NLS
2009-06-10 23:48 C:\Windows\system32\C_1145.NLS
2009-06-10 23:48 C:\Windows\system32\C_1146.NLS
2009-06-10 23:48 C:\Windows\system32\C_1147.NLS
2009-06-10 23:48 C:\Windows\system32\C_1148.NLS
2009-06-10 23:48 C:\Windows\system32\C_1149.NLS
2009-06-10 23:48 C:\Windows\system32\C_1250.NLS
2009-06-10 23:48 C:\Windows\system32\C_1251.NLS
2009-06-10 23:48 C:\Windows\system32\C_1252.NLS
2009-06-10 23:48 C:\Windows\system32\C_1253.NLS
2009-06-10 23:48 C:\Windows\system32\C_1254.NLS
2009-06-10 23:48 C:\Windows\system32\C_1255.NLS
2009-06-10 23:48 C:\Windows\system32\C_1256.NLS
2009-06-10 23:48 C:\Windows\system32\C_1257.NLS
2009-06-10 23:48 C:\Windows\system32\C_1258.NLS
2009-06-10 23:48 C:\Windows\system32\C_1361.NLS
2009-06-10 23:48 C:\Windows\system32\C_20000.NLS
2009-06-10 23:48 C:\Windows\system32\C_20001.NLS
2009-06-10 23:48 C:\Windows\system32\C_20002.NLS
2009-06-10 23:48 C:\Windows\system32\C_20003.NLS
2009-06-10 23:48 C:\Windows\system32\C_20004.NLS
2009-06-10 23:48 C:\Windows\system32\C_20005.NLS
2009-06-10 23:48 C:\Windows\system32\C_20105.NLS
2009-06-10 23:48 C:\Windows\system32\C_20106.NLS
2009-06-10 23:48 C:\Windows\system32\C_20107.NLS
2009-06-10 23:48 C:\Windows\system32\C_20108.NLS
2009-06-10 23:48 C:\Windows\system32\C_20127.NLS
2009-06-10 23:48 C:\Windows\system32\C_20261.NLS
2009-06-10 23:48 C:\Windows\system32\C_20269.NLS
2009-06-10 23:48 C:\Windows\system32\C_20273.NLS
2009-06-10 23:48 C:\Windows\system32\C_20277.NLS
2009-06-10 23:48 C:\Windows\system32\C_20278.NLS
2009-06-10 23:48 C:\Windows\system32\C_20280.NLS
2009-06-10 23:48 C:\Windows\system32\C_20284.NLS
2009-06-10 23:48 C:\Windows\system32\C_20285.NLS
2009-06-10 23:48 C:\Windows\system32\C_20290.NLS
2009-06-10 23:48 C:\Windows\system32\C_20297.NLS
2009-06-10 23:48 C:\Windows\system32\C_20420.NLS
2009-06-10 23:48 C:\Windows\system32\C_20423.NLS
2009-06-10 23:48 C:\Windows\system32\C_20424.NLS
2009-06-10 23:48 C:\Windows\system32\C_20833.NLS
2009-06-10 23:48 C:\Windows\system32\C_20838.NLS
2009-06-10 23:48 C:\Windows\system32\C_20866.NLS
2009-06-10 23:48 C:\Windows\system32\C_20871.NLS
2009-06-10 23:48 C:\Windows\system32\C_20880.NLS
2009-06-10 23:48 C:\Windows\system32\C_20905.NLS
2009-06-10 23:48 C:\Windows\system32\C_20924.NLS
2009-06-10 23:48 C:\Windows\system32\C_20932.NLS
2009-06-10 23:48 C:\Windows\system32\C_20936.NLS
2009-06-10 23:48 C:\Windows\system32\C_20949.NLS
2009-06-10 23:48 C:\Windows\system32\C_21025.NLS
2009-06-10 23:48 C:\Windows\system32\C_21027.NLS
2009-06-10 23:48 C:\Windows\system32\C_21866.NLS
2009-06-10 23:48 C:\Windows\system32\C_28591.NLS
2009-06-10 23:48 C:\Windows\system32\C_28592.NLS
2009-06-10 23:48 C:\Windows\system32\C_28593.NLS
2009-06-10 23:48 C:\Windows\system32\C_28594.NLS
2009-06-10 23:48 C:\Windows\system32\C_28595.NLS
2009-06-10 23:48 C:\Windows\system32\C_28596.NLS
2009-06-10 23:48 C:\Windows\system32\C_28597.NLS
2009-06-10 23:48 C:\Windows\system32\C_28598.NLS
2009-06-10 23:48 C:\Windows\system32\C_28599.NLS
2009-06-10 23:48 C:\Windows\system32\c_28603.nls
2009-06-10 23:48 C:\Windows\system32\C_28605.NLS
2009-06-10 23:48 C:\Windows\system32\C_437.NLS
2009-06-10 23:48 C:\Windows\system32\C_500.NLS
2009-06-10 23:48 C:\Windows\system32\C_708.NLS
2009-06-10 23:48 C:\Windows\system32\C_720.NLS
2009-06-10 23:48 C:\Windows\system32\C_737.NLS
2009-06-10 23:48 C:\Windows\system32\C_775.NLS
2009-06-10 23:48 C:\Windows\system32\C_850.NLS
2009-06-10 23:48 C:\Windows\system32\C_852.NLS
2009-06-10 23:48 C:\Windows\system32\C_855.NLS
2009-06-10 23:48 C:\Windows\system32\C_857.NLS
2009-06-10 23:48 C:\Windows\system32\C_858.NLS
2009-06-10 23:48 C:\Windows\system32\C_860.NLS
2009-06-10 23:48 C:\Windows\system32\C_861.NLS
2009-06-10 23:48 C:\Windows\system32\C_862.NLS
2009-06-10 23:48 C:\Windows\system32\C_863.NLS
2009-06-10 23:48 C:\Windows\system32\C_864.NLS
2009-06-10 23:48 C:\Windows\system32\C_865.NLS
2009-06-10 23:48 C:\Windows\system32\C_866.NLS
2009-06-10 23:48 C:\Windows\system32\C_869.NLS
2009-06-10 23:48 C:\Windows\system32\C_870.NLS
2009-06-10 23:48 C:\Windows\system32\C_874.NLS
2009-06-10 23:48 C:\Windows\system32\C_875.NLS
2009-06-10 23:48 C:\Windows\system32\C_932.NLS
2009-06-10 23:48 C:\Windows\system32\C_936.NLS
2009-06-10 23:48 C:\Windows\system32\C_949.NLS
2009-06-10 23:48 C:\Windows\system32\C_950.NLS
2009-07-14 03:15 C:\Windows\system32\C_G18030.DLL
2009-07-14 03:15 C:\Windows\system32\C_IS2022.DLL
2010-11-20 14:18 C:\Windows\system32\C_ISCII.DLL
2013-11-26 10:16 C:\Windows\system32\d2d1.dll
2016-08-10 12:31 C:\Windows\system32\d3d10.dll
2016-08-10 12:31 C:\Windows\system32\d3d10core.dll
2016-04-14 15:49 C:\Windows\system32\d3d10level9.dll
2018-10-06 15:42 C:\Windows\system32\d3d10warp.dll
2016-08-10 12:31 C:\Windows\system32\d3d10_1.dll
2016-08-10 12:31 C:\Windows\system32\d3d10_1core.dll
2016-08-10 12:28 C:\Windows\system32\d3d11.dll
2009-07-14 03:15 C:\Windows\system32\d3d8.dll
2009-07-14 03:15 C:\Windows\system32\d3d8thk.dll
2010-11-20 14:18 C:\Windows\system32\d3d9.dll
2017-04-28 00:50 C:\Windows\system32\D3DCompiler_47.dll
2009-07-14 03:15 C:\Windows\system32\d3dim.dll
2009-07-14 03:15 C:\Windows\system32\d3dim700.dll
2009-07-14 03:15 C:\Windows\system32\d3dramp.dll
2009-07-14 03:15 C:\Windows\system32\d3dxof.dll
2009-07-14 03:15 C:\Windows\system32\dataclen.dll
2016-09-08 22:34 C:\Windows\system32\davclnt.dll
2009-07-14 03:15 C:\Windows\system32\davhlpr.dll
2010-11-20 14:18 C:\Windows\system32\dbgeng.dll
2010-11-20 14:18 C:\Windows\system32\dbghelp.dll
2009-07-14 03:15 C:\Windows\system32\dbnetlib.dll
2009-07-14 03:15 C:\Windows\system32\dbnmpntw.dll
2009-07-14 03:14 C:\Windows\system32\dccw.exe
2019-11-15 04:29 C:\Windows\system32\dciman32.dll
2009-07-14 03:14 C:\Windows\system32\dcomcnfg.exe
2009-07-14 03:15 C:\Windows\system32\DDACLSys.dll
2009-07-13 23:41 C:\Windows\system32\DDEML.DLL
2009-07-14 03:14 C:\Windows\system32\ddodiag.exe
2009-07-14 03:15 C:\Windows\system32\DDOIProxy.dll
2009-07-14 03:15 C:\Windows\system32\DDORes.dll
2009-07-14 03:15 C:\Windows\system32\ddraw.dll
2009-07-14 03:15 C:\Windows\system32\ddrawex.dll
2009-07-13 23:40 C:\Windows\system32\debug.exe
2010-11-20 14:18 C:\Windows\system32\defaultlocationcpl.dll
2009-07-14 03:14 C:\Windows\system32\Defrag.exe
2009-07-14 03:15 C:\Windows\system32\defragproxy.dll
2009-07-14 03:15 C:\Windows\system32\defragsvc.dll
2010-11-20 14:16 C:\Windows\system32\desk.cpl
2009-07-14 03:15 C:\Windows\system32\deskadp.dll
2009-07-14 03:15 C:\Windows\system32\deskmon.dll
2009-07-14 03:15 C:\Windows\system32\deskperf.dll
2015-12-08 23:53 C:\Windows\system32\devenum.dll
2010-11-20 14:18 C:\Windows\system32\DeviceCenter.dll
2009-07-14 03:14 C:\Windows\system32\DeviceDisplayObjectProvider.exe
2009-07-14 03:15 C:\Windows\system32\DeviceDisplayStatusManager.dll
2009-07-14 03:14 C:\Windows\system32\DeviceEject.exe
2009-07-14 03:15 C:\Windows\system32\DeviceMetadataParsers.dll
2009-07-14 03:15 C:\Windows\system32\DevicePairing.dll
2010-11-20 14:18 C:\Windows\system32\DevicePairingFolder.dll
2009-07-14 03:15 C:\Windows\system32\DevicePairingHandler.dll
2009-07-14 03:15 C:\Windows\system32\DevicePairingProxy.dll
2009-07-14 03:14 C:\Windows\system32\DevicePairingWizard.exe
2009-07-14 03:14 C:\Windows\system32\DeviceProperties.exe
2009-07-14 03:15 C:\Windows\system32\DeviceUxRes.dll
2019-09-10 02:10 C:\Windows\system32\devinv.dll
2009-06-10 23:46 C:\Windows\system32\devmgmt.msc
2009-07-14 03:15 C:\Windows\system32\devmgr.dll
2009-07-14 03:15 C:\Windows\system32\devobj.dll
2009-07-14 03:15 C:\Windows\system32\devrtl.dll
2009-07-14 03:15 C:\Windows\system32\dfdts.dll
2009-07-14 03:14 C:\Windows\system32\DFDWiz.exe
2010-11-20 14:17 C:\Windows\system32\dfrgui.exe
2009-07-14 03:15 C:\Windows\system32\dfscli.dll
2014-06-19 00:23 C:\Windows\system32\dfshim.dll
2009-07-14 03:15 C:\Windows\system32\DfsShlEx.dll
2019-07-13 10:13 C:\Windows\system32\dhcpcmonitor.dll
2019-07-13 10:33 C:\Windows\system32\dhcpcore.dll
2019-07-13 10:33 C:\Windows\system32\dhcpcore6.dll
2019-07-13 10:33 C:\Windows\system32\dhcpcsvc.dll
2019-07-13 10:33 C:\Windows\system32\dhcpcsvc6.dll
2009-07-14 03:15 C:\Windows\system32\DHCPQEC.DLL
2009-07-14 03:15 C:\Windows\system32\dhcpsapi.dll
2010-11-20 14:18 C:\Windows\system32\DiagCpl.dll
2010-11-20 14:18 C:\Windows\system32\diagperf.dll
2018-08-13 23:48 C:\Windows\system32\diagtrack.dll
2009-07-14 03:14 C:\Windows\system32\dialer.exe
2009-07-14 03:14 C:\Windows\system32\diantz.exe
2009-07-14 03:15 C:\Windows\system32\difxapi.dll
2009-07-14 03:15 C:\Windows\system32\dimsjob.dll
2014-03-04 11:17 C:\Windows\system32\dimsroam.dll
2009-07-14 03:14 C:\Windows\system32\dinotify.exe
2009-07-14 03:15 C:\Windows\system32\dinput.dll
2009-07-14 03:15 C:\Windows\system32\dinput8.dll
2009-07-14 01:15 C:\Windows\system32\diskcomp.com
2009-07-14 01:15 C:\Windows\system32\diskcopy.com
2009-07-14 03:15 C:\Windows\system32\diskcopy.dll
2009-06-10 23:47 C:\Windows\system32\diskmgmt.msc
2010-11-20 14:17 C:\Windows\system32\diskpart.exe
2015-05-25 20:00 C:\Windows\system32\diskperf.exe
2010-11-20 14:17 C:\Windows\system32\diskraid.exe
2019-06-12 16:49 C:\Windows\system32\Dism.exe
2009-07-14 03:15 C:\Windows\system32\dispci.dll
2009-07-14 03:14 C:\Windows\system32\dispdiag.exe
2018-10-27 05:04 C:\Windows\system32\dispex.dll
2010-11-20 14:18 C:\Windows\system32\Display.dll
2009-07-14 03:14 C:\Windows\system32\DisplaySwitch.exe
2012-12-07 12:46 C:\Windows\system32\djctq.rs
2010-11-20 14:17 C:\Windows\system32\djoin.exe
2009-07-14 03:14 C:\Windows\system32\dllhost.exe
2009-07-14 03:14 C:\Windows\system32\dllhst3g.exe
2009-07-14 03:15 C:\Windows\system32\dmband.dll
2009-07-14 03:15 C:\Windows\system32\dmcompos.dll
2009-07-14 03:15 C:\Windows\system32\dmdlgs.dll
2009-07-14 03:15 C:\Windows\system32\dmdskmgr.dll
2009-07-14 03:04 C:\Windows\system32\dmdskres.dll
2009-07-14 03:04 C:\Windows\system32\dmdskres2.dll