Problemas con posible troyano: www.thenewworking.info

Buenas noches, tengo activado el Malawarebyte ver. 3.8.3 y a cada rato me sale mensaje que ha blockeado ataque del troyano y me pone la siguente dirección: www.thenewworking.info sin embargo he padaso los antivirus y no medtecta nada.

Cuando abro el navegado de Chrome abajo de la barra de dirección me pone: Un software automatizado de pruebas está controlando Chrome.

Por favor apoyenme, en la limpieza de la PC.

Realiza los siguientes pasos, , sin cambiar el orden

1) Descarga, actualiza y ejecuta Malwarebytes’ Anti-Malware,

Manual Malwarebytes, para que sepas usarlo y configurarlo.

  • Realiza un Análisis Personalizado,marcando Todas las casillas de la derecha y de la Izquierda actualizando si te lo pide.
  • Pulsar en “Eliminar Seleccionados” para enviarlo a la cuarentena y Reinicias el sistema.
  • Para acceder posteriormente al informe del análisis : Informes >> Registro de análisis >> Pulsar en >> Exportar >> Copiar al Portapapeles, y lo pegas en tu respuesta

2) Descarga Adwcleaner en el escritorio.

  • Desactiva tu antivirus :arrow_forward:Como deshabilitar temporalmente un antivirus y cualquier programa de seguridad.

  • Ejecuta Adwcleaner.exe (Si usas Windows Vista/7 u 8 presiona clic derecho y selecciona "Ejecutar como Administrador.")

  • Pulsar en el botón Analizar Ahora, y espera a que se realice el proceso, inmediatamente pulsa sobre el botón Iniciar Reparacion.

  • Espera a que se complete y sigue las instrucciones, si te pidiera Reiniciar el sistema Aceptas.

  • Si no encuentra nada, pulsamos “Omitir Reparación

  • El log lo encontramos en la pestaña “Informes”, volviendo a abrir el programa, si es necesario o en"C:\AdwCleaner\Logs\AdwCleaner[C0].txt"

Puedes mirar su manual >> Manual de Adwcleaner

Pega los reportes de Malwarebytes, AdwCleaner y comentas como va el problema.


# -------------------------------
# Malwarebytes AdwCleaner 7.4.0.0
# -------------------------------
# Build:    07-23-2019
# Database: 2019-08-13.1 (Cloud)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start:    08-17-2019
# Duration: 00:01:20
# OS:       Windows 10 Home Single Language
# Cleaned:  6
# Failed:   0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Preinstalled Software ] *****

Deleted       Preinstalled.HPSupportAssistant
Deleted       Preinstalled.HPTouchpointAnalyticsClient


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1890 octets] - [16/08/2019 07:34:18]
AdwCleaner[C00].txt - [1851 octets] - [16/08/2019 07:35:32]
AdwCleaner[S01].txt - [1543 octets] - [17/08/2019 03:31:07]
AdwCleaner[S02].txt - [1569 octets] - [17/08/2019 17:56:15]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C02].txt ##########
Malwarebytes
www.malwarebytes.com

-Detalles del registro-
Fecha del análisis: 16/8/19
Hora del análisis: 18:17
Archivo de registro: f496ab38-c07b-11e9-a205-68f728f35bb6.json

-Información del software-
Versión: 3.8.3.2965
Versión de los componentes: 1.0.613
Versión del paquete de actualización: 1.0.12045
Licencia: Prueba

-Información del sistema-
SO: Windows 10 (Build 17134.950)
CPU: x64
Sistema de archivos: NTFS
Usuario: COQUINO-PC\COQUINO

-Resumen del análisis-
Tipo de análisis: Análisis personalizado
Análisis iniciado por:: Manual
Resultado: Completado
Objetos analizados: 439358
Amenazas detectadas: 0
Amenazas en cuarentena: 0
Tiempo transcurrido: 9 hr, 7 min, 19 seg

-Opciones de análisis-
Memoria: Activado
Inicio: Activado
Sistema de archivos: Activado
Archivo: Activado
Rootkits: Activado
Heurística: Activado
PUP: Detectar
PUM: Detectar

-Detalles del análisis-
Proceso: 0
(No hay elementos maliciosos detectados)

Módulo: 0
(No hay elementos maliciosos detectados)

Clave del registro: 0
(No hay elementos maliciosos detectados)

Valor del registro: 0
(No hay elementos maliciosos detectados)

Datos del registro: 0
(No hay elementos maliciosos detectados)

Secuencia de datos: 0
(No hay elementos maliciosos detectados)

Carpeta: 0
(No hay elementos maliciosos detectados)

Archivo: 0
(No hay elementos maliciosos detectados)

Sector físico: 0
(No hay elementos maliciosos detectados)

WMI: 0
(No hay elementos maliciosos detectados)


(end)

Tienes los que pertenecen a la detección o protección en tiempo real.

copia y pega me uno como el que me pusiste del análisis pero esta vez de la detención donde aparece easy troyano que te detecta

Malwarebytes
www.malwarebytes.com

-Detalles del registro-
Fecha del evento de protección: 19/8/19
Hora del evento de protección: 20:06
Archivo de registro: b2b6ae9e-c2e6-11e9-8f0f-68f728f35bb6.json

-Información del software-
Versión: 3.8.3.2965
Versión de los componentes: 1.0.613
Versión del paquete de actualización: 1.0.12091
Licencia: Prueba

-Información del sistema-
SO: Windows 10 (Build 17134.950)
CPU: x64
Sistema de archivos: NTFS
Usuario: System

-Detalles del sitio web bloqueado-
Sitio web malicioso: 1
, , Bloqueado, [-1], [-1],0.0.0

-Datos de sitio web-
Categoría: Troyano
Dominio: www.thenewworking.info
Dirección IP: 176.31.60.248
Puerto: [53585]
Tipo: Saliente
Archivo: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe



(end)
  • Desactiva Temporalmente tu antivirus y cualquier programa de seguridad.

  • Descarga a Tu Escritorio >> Esto es muy importante<<.,Fabar Recovery Scan Tool, considerando la versión adecuada para tu equipo. (32 o 64 bits) :arrow_forward: ¿Cómo saber si mi Windows es de 32 o 64 bits?

  • Doble clic para ejecutar Frst.exe. En la ventana del Disclaimer, presiona Yes.

  • En la nueva ventana que se abre, presiona el botón Scan y espera a que concluya el análisis.

  • Se abrirán dos (2) archivos (Logs), Frst.txt y Addition.txt, que estarán grabados en Tu escritorio.

En Tu próxima respuesta, copias y pegas los dos reportes Frst.txt y Addition.txt de FRST

Nota: Si el/los reportes solicitados no entraran en una sola respuesta porque superan la cantidad de caracteres permitidos, puedes utilizar dos o mas respuestas para pegarlos completamente.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14-08-2019
Ran by COQUINO (administrator) on COQUINO-PC (LENOVO 80E3) (21-08- 
2019 07:09:31)
Running from C:\Us
==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\atieclxx.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\atiesrxx.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.11\GoogleCrashHandler.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.11\GoogleCrashHandler64.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19051.16210.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.17134.881_none_eada7c8e1d8131a8\TiWorker.exe
(Microsoft Windows Hardware Compatibility Publisher -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-11] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Run: [StartCN] => C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe [8029064 2016-12-16] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [269192 2019-08-08] (AVAST Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2133216 2017-03-23] (Wondershare Technology Co.,Ltd -> Wondershare)
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-11] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-11] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-3115299202-1178083710-835377459-1002\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [23153344 2019-07-11] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-3115299202-1178083710-835377459-1002\...\MountPoints2: {1bd496a4-5817-11e9-a40d-b88687433940} - "F:\HiSuiteDownLoader.exe" 
HKU\S-1-5-21-3115299202-1178083710-835377459-1002\...\MountPoints2: {46e5e29c-e2d6-11e8-a3df-b88687433940} - "F:\iLinker.exe" 
HKU\S-1-5-21-3115299202-1178083710-835377459-1002\...\MountPoints2: {7c067396-3721-11e9-a3f7-b88687433940} - "F:\HiSuiteDownLoader.exe" 
HKU\S-1-5-21-3115299202-1178083710-835377459-1002\...\MountPoints2: {a29a5b30-aba3-11e7-a37f-b88687433940} - "F:\HiSuiteDownLoader.exe" 
HKU\S-1-5-18\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [23153344 2019-07-11] (Piriform Software Ltd -> Piriform Software Ltd)
HKLM\...\Drivers32: [VIDC.FICV] => C:\WINDOWS\system32\ficvdec_x64.dll [652288 2013-05-28] () [File not signed]
HKLM\...\Drivers32: [VIDC.FICV] => C:\Windows\SysWOW64\ficvdec_x86.dll [641024 2013-05-28] () [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\76.0.3809.100\Installer\chrmstp.exe [2019-08-06] (Google LLC -> Google LLC)
Startup: C:\Users\COQUINO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Enviar a OneNote.lnk [2016-11-28]
ShortcutTarget: Enviar a OneNote.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (No File)
Startup: C:\Users\COQUINO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Supervisar alertas de tinta - HP Deskjet 1510 series.lnk [2016-08-09]
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {03199CED-8654-4A60-B9C1-F9DCE5923BF3} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {1F647E9B-97B1-4942-963E-5E9555C2B94E} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [16835256 2019-07-11] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {25F54C9E-6595-4123-B377-DB6F5E1FB61B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe
Task: {26765130-C79C-40CA-A8C4-6433CB86E6D6} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_223_pepper.exe [1453112 2019-07-12] (Adobe Inc. -> Adobe)
Task: {29F84DCA-82AD-46F8-A409-59271E197B97} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2017-02-27] (Google Inc -> Google Inc.)
Task: {2D8F428E-6E3B-4284-829F-6227C998EDC4} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [3940232 2019-08-08] (AVAST Software s.r.o. -> AVAST Software)
Task: {33F7CD9C-7DA6-49AF-B34C-6F10F3459A7B} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe
Task: {34B38C37-B023-4C1F-8763-0D1CDA914154} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [1626328 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {41B4E283-3730-4C41-ACD2-FABEFFF92884} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe
Task: {44587A2E-F2C3-4C68-AFA0-F2B4AC8201D9} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1236048 2019-07-24] (Adobe Inc. -> Adobe Systems)
Task: {5251CCBA-3C72-4665-B15B-6EEFF0428D2D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe
Task: {53B2F850-B4E0-448F-851C-47ED0C6898B5} - System32\Tasks\BlueStacksHelper => C:\ProgramData\BlueStacks\Client\Helper\BlueStacksHelper.exe [745480 2019-04-16] (BlueStack Systems, Inc. -> BlueStack Systems, Inc.)
Task: {60D42FA3-9C4C-42CB-95F0-7D581F99C950} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {74C6B8A7-ED29-4E35-8407-7C24959397E6} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-07-11] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {76A62BC3-03C6-451A-90CE-D20213613795} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [25928360 2019-01-28] (Microsoft Corporation -> Microsoft Corporation)
Task: {7CEB3AAB-83A1-400C-B8ED-9878CC37F09C} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [2045832 2019-08-20] (AVAST Software s.r.o. -> AVAST Software)
Task: {82787D00-D41C-45F3-A9C3-01C9E4783C7B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe
Task: {85169AE7-7DE8-41E7-9ADE-947D6C6D0F45} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe
Task: {936610E0-9399-4BCF-ABEB-9B782A05832B} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {978BE695-BEEA-4472-9C4E-23153DBFAD30} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe
Task: {A830E046-637D-431C-B94D-09B8CC38E630} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [25928360 2019-01-28] (Microsoft Corporation -> Microsoft Corporation)
Task: {B6796BB3-A357-4B3C-9812-BE5ED148A007} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-07-12] (Adobe Inc. -> Adobe)
Task: {BD3CC56F-EEB7-46C0-BA89-4929A37245E4} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe
Task: {C43BDB11-0863-43E2-A407-F6362A87A423} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe
Task: {CBE253A8-85E4-47B1-AF94-F949826B952D} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe
Task: {D1A32FCF-7C06-4C98-8733-D8FD9F619F1A} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe
Task: {DC6FF076-59DE-47F3-8DD9-9537482C92F7} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe
Task: {DC78831F-A9F7-460A-B02A-EDDB16851F04} - System32\Tasks\VideoStudioUpdater => c:\Program Files\Corel\Corel VideoStudio 2019\VSNotification.exe
Task: {E1B04CDC-D098-44EB-88DD-246D91663F7E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2017-02-27] (Google Inc -> Google Inc.)
Task: {E82177E3-E19A-4321-84F6-90AA57815013} - \Microsoft\Windows\Application Experience\ProgramDataUpdater -> No File <==== ATTENTION
Task: {F0B75824-FB28-4E9D-AB6B-AA606C51148B} - System32\Tasks\HPCeeScheduleForCOQUINO => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [99392 2016-05-12] (Hewlett-Packard Company -> HP Development Company, L.P.)
Task: {F334622A-7FA3-4D4C-9BB7-D880F72DAF3F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\HPCeeScheduleForCOQUINO.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

AutoConfigURL: [S-1-5-21-3115299202-1178083710-835377459-1002] => hxxp://www.thenewworking.info/magmx.dat
Tcpip\Parameters: [DhcpNameServer] 10.10.14.131 189.215.128.14
Tcpip\..\Interfaces\{4b03ec80-44c9-49d4-aa45-dfbee46ce287}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{4b03ec80-44c9-49d4-aa45-dfbee46ce287}: [DhcpNameServer] 10.10.14.131 189.215.128.14
ManualProxies: 0hxxp://www.thenewworking.info/magmx.dat

Internet Explorer:
==================
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2019-07-18] (Microsoft Corporation -> Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2018-07-18] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2019-07-18] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2018-07-18] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} -  No File
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} -  No File
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2018-03-14] (Microsoft Corporation -> Microsoft Corporation)

FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2018-10-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-06-11] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-06-11] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.7 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-06-11] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-06-11] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-05-02] (Adobe Inc. -> Adobe Systems Inc.)

Chrome: 
=======
CHR DefaultProfile: Profile 2
CHR Profile: C:\Users\COQUINO\AppData\Local\Google\Chrome\User Data\Guest Profile [2019-08-17]
CHR Profile: C:\Users\COQUINO\AppData\Local\Google\Chrome\User Data\Profile 1 [2019-08-17]
CHR Extension: (Adobe Acrobat) - C:\Users\COQUINO\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2019-04-10]
CHR Extension: (MyJDownloader Browser Extension) - C:\Users\COQUINO\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fbcohnmimjicjdomonkcbcpbpnhggkip [2019-04-11]
CHR Extension: (Video DownloadHelper) - C:\Users\COQUINO\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lmjnegcaeklhafolokijcfjliaokphfk [2019-04-11]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\COQUINO\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-04-10]
CHR Extension: (Chrome Media Router) - C:\Users\COQUINO\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-04-10]
CHR Profile: C:\Users\COQUINO\AppData\Local\Google\Chrome\User Data\Profile 2 [2019-08-21]
CHR Extension: (Presentaciones) - C:\Users\COQUINO\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-04-11]
CHR Extension: (Documentos) - C:\Users\COQUINO\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aohghmighlieiainnegkcijnfilokake [2019-04-11]
CHR Extension: (Google Drive) - C:\Users\COQUINO\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-04-11]
CHR Extension: (YouTube) - C:\Users\COQUINO\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-04-11]
CHR Extension: (Adobe Acrobat) - C:\Users\COQUINO\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2019-08-14]
CHR Extension: (Hojas de cálculo) - C:\Users\COQUINO\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-04-11]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\COQUINO\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-04-12]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\COQUINO\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-04-11]
CHR Extension: (Gmail) - C:\Users\COQUINO\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-11]
CHR Extension: (Chrome Media Router) - C:\Users\COQUINO\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-08-07]
CHR Extension: (Chrome) - C:\ProgramData\chrome [2019-08-14]
CHR Profile: C:\Users\COQUINO\AppData\Local\Google\Chrome\User Data\System Profile [2019-08-17]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD External Events Utility; C:\WINDOWS\system32\atiesrxx.exe [295832 2016-12-23] (Advanced Micro Devices, Inc. -> AMD)
S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6797008 2019-08-08] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [414976 2019-08-08] (AVAST Software s.r.o. -> AVAST Software)
S3 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [57504 2019-08-08] (AVAST Software s.r.o. -> AVAST Software)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [41576 2016-10-24] (Microsoft Windows Hardware Compatibility Publisher -> Dropbox, Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6744288 2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [267328 2017-05-16] (Synaptics Incorporated -> Synaptics Incorporated)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1907.4-0\NisSrv.exe [2552416 2019-07-27] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1907.4-0\MsMpEng.exe [108832 2019-07-27] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 amdkmcsp; C:\WINDOWS\system32\DRIVERS\amdkmcsp.sys [101232 2017-06-16] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc. )
R3 amdkmdag; C:\WINDOWS\System32\DriverStore\FileRepository\c0309839.inf_amd64_168acb088d48fafb\atikmdag.sys [26587656 2016-12-23] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\WINDOWS\System32\DriverStore\FileRepository\c0309839.inf_amd64_168acb088d48fafb\atikmpag.sys [527256 2016-12-23] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R0 amdkmpfd; C:\WINDOWS\System32\drivers\amdkmpfd.sys [36608 2013-12-11] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R0 amdpsp; C:\WINDOWS\System32\DRIVERS\amdpsp.sys [243048 2017-06-16] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc. )
R0 amd_sata; C:\WINDOWS\System32\drivers\amd_sata.sys [81608 2014-03-20] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
R0 amd_xata; C:\WINDOWS\System32\drivers\amd_xata.sys [23752 2014-03-20] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [37320 2019-08-08] (AVAST Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [209256 2019-08-08] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [263224 2019-08-08] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [206056 2019-08-08] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [61688 2019-08-08] (AVAST Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [15488 2019-08-08] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [279336 2019-08-08] (AVAST Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42504 2019-08-08] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [168896 2019-08-08] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [112520 2019-08-08] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [88160 2019-08-08] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [1030784 2019-08-08] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [477288 2019-08-08] (AVAST Software s.r.o. -> AVAST Software)
S2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [225816 2019-08-08] (AVAST Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [387688 2019-08-08] (AVAST Software s.r.o. -> AVAST Software)
R3 athr; C:\WINDOWS\System32\drivers\athw10x.sys [4325808 2017-01-17] (Qualcomm Atheros -> Qualcomm Atheros Communications, Inc.)
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [102912 2015-05-28] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
R3 BlueStacksDrv; C:\Program Files\BlueStacks\BstkDrv.sys [303712 2018-09-04] (Bluestack Systems, Inc. -> Bluestack System Inc. )
R3 BtFilter; C:\WINDOWS\system32\DRIVERS\btfilter.sys [610336 2016-07-13] (Microsoft Windows Hardware Compatibility Publisher -> Qualcomm Atheros)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2016-11-02] (Disc Soft Ltd -> Disc Soft Ltd)
S3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2016-11-02] (Disc Soft Ltd -> Disc Soft Ltd)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [199768 2019-08-14] (Malwarebytes Corporation -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [20936 2019-06-26] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [275232 2019-08-17] (Malwarebytes Corporation -> Malwarebytes)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [943104 2017-04-19] (Realtek Semiconductor Corp. -> Realtek )
S3 RtlWlanu; C:\WINDOWS\System32\drivers\rtwlanu.sys [5707264 2018-04-11] (Microsoft Windows -> Realtek Semiconductor Corporation )
R3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [410880 2015-07-03] (Realtek Semiconductor Corp -> Realsil Semiconductor Corporation)
S3 SmbDrv; C:\WINDOWS\System32\drivers\Smb_driver_AMDASF.sys [30376 2014-12-22] (Synaptics Incorporated -> Synaptics Incorporated)
S3 SmbDrvI; C:\WINDOWS\System32\drivers\Smb_driver_Intel.sys [31400 2014-12-22] (Synaptics Incorporated -> Synaptics Incorporated)
R3 SNP2UVC; C:\WINDOWS\system32\DRIVERS\snp2uvc.sys [3481696 2015-06-30] (Sonix Technology CO., LTD -> Sonix Co. Ltd.)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [47496 2019-07-27] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [344288 2019-07-27] (Microsoft Windows -> Microsoft Corporation)
S3 wdm_usb; C:\WINDOWS\system32\DRIVERS\usb2ser.sys [151184 2016-07-15] (NGO -> MBB)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [54496 2019-07-27] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-08-21 01:17 - 2019-08-21 07:08 - 000057793 _____ C:\Users\COQUINO\Desktop\Addition.txt
2019-08-21 01:10 - 2019-08-21 07:13 - 000027143 _____ C:\Users\COQUINO\Desktop\FRST.txt
2019-08-21 01:10 - 2019-08-21 07:09 - 000000000 ____D C:\FRST
2019-08-21 01:09 - 2019-08-21 01:09 - 001612800 _____ (Farbar) C:\Users\COQUINO\Desktop\FRST64 (1).exe
2019-08-20 23:41 - 2019-08-20 23:42 - 004222988 _____ C:\Users\COQUINO\Downloads\RMF2019.220419.pdf
2019-08-20 17:47 - 2019-08-20 17:47 - 000013390 _____ C:\Users\COQUINO\Downloads\Ley_UMA_30122016,0.pdf
2019-08-20 11:08 - 2019-08-20 11:08 - 000607228 _____ C:\Users\COQUINO\Downloads\ETIquetas Santiago.pdf
2019-08-20 01:36 - 2019-08-20 01:36 - 000000000 ____D C:\WINDOWS\system32\ ‰Èû
2019-08-19 20:12 - 2019-08-19 20:12 - 000000803 _____ C:\Users\COQUINO\Desktop\troyano.txt
2019-08-19 19:42 - 2019-08-19 19:42 - 004834880 _____ C:\Users\COQUINO\Downloads\GuiaDeRegistro-PrepaEnLineaSEP-Conv2019-2a.pdf
2019-08-17 18:03 - 2019-08-17 18:03 - 000275232 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2019-08-17 17:11 - 2019-08-17 17:11 - 000000000 ____D C:\WINDOWS\system32\ ‰ûÓ
2019-08-17 13:59 - 2019-08-17 16:15 - 004882913 _____ C:\Users\COQUINO\Documents\DIRECIÓN SABADO.pptx
2019-08-17 04:43 - 2019-08-17 04:43 - 000000000 ____D C:\WINDOWS\system32\ ‰˜a
2019-08-16 10:12 - 2019-08-16 10:12 - 000177094 _____ C:\Users\COQUINO\Desktop\EBDV CANTO LEMA-1.pptx
2019-08-16 08:39 - 2019-08-16 13:04 - 007501615 _____ C:\Users\COQUINO\Documents\DIRECCIÓN VIERNES.pptx
2019-08-16 08:10 - 2019-08-16 08:18 - 000010160 _____ C:\Users\COQUINO\Downloads\LISTA DE MATERIALES.xlsx
2019-08-14 20:33 - 2019-03-28 01:35 - 000087296 _____ (Microsoft Corporation) C:\WINDOWS\system32\vcruntime140_clr0400.dll
2019-08-14 20:33 - 2019-03-28 01:35 - 000083768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vcruntime140_clr0400.dll
2019-08-14 20:32 - 2019-03-28 04:11 - 000029232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aspnet_counters.dll
2019-08-14 20:32 - 2019-03-28 04:09 - 000032816 _____ (Microsoft Corporation) C:\WINDOWS\system32\aspnet_counters.dll
2019-08-14 20:32 - 2019-03-28 04:09 - 000017968 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr100_clr0400.dll
2019-08-14 20:32 - 2019-03-28 01:35 - 000622832 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp140_clr0400.dll
2019-08-14 20:32 - 2019-03-28 01:35 - 000433448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp140_clr0400.dll
2019-08-14 20:31 - 2019-03-28 04:11 - 000017968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr100_clr0400.dll
2019-08-14 20:31 - 2019-03-28 01:35 - 000772176 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase_clr0400.dll
2019-08-14 20:31 - 2019-03-28 01:35 - 000702400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase_clr0400.dll
2019-08-14 20:07 - 2019-08-14 20:07 - 000199768 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2019-08-14 20:05 - 2019-08-14 20:05 - 000001923 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2019-08-14 20:05 - 2019-08-14 20:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-08-14 20:05 - 2019-06-26 13:00 - 000020936 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2019-08-14 20:04 - 2019-01-08 16:32 - 000153328 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2019-08-14 19:01 - 2019-08-07 08:13 - 021389776 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2019-08-14 19:01 - 2019-08-07 03:07 - 007520112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-08-14 19:01 - 2019-08-07 02:56 - 006570368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-08-14 19:01 - 2019-08-07 02:49 - 025857536 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-08-14 19:01 - 2019-08-07 02:47 - 022017536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2019-08-14 19:01 - 2019-08-07 02:42 - 022717952 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-08-14 19:01 - 2019-08-07 02:39 - 019372544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-08-14 19:01 - 2019-08-07 02:32 - 004938240 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2019-08-14 19:01 - 2019-08-07 02:32 - 004516864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2019-08-14 19:01 - 2019-07-09 03:01 - 004527792 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2019-08-14 19:01 - 2019-07-09 02:44 - 012757504 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2019-08-14 19:01 - 2019-07-09 01:42 - 011943424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2019-08-14 19:00 - 2019-08-07 08:13 - 001632112 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2019-08-14 19:00 - 2019-08-07 08:13 - 001515904 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2019-08-14 19:00 - 2019-08-07 07:55 - 008626688 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2019-08-14 19:00 - 2019-08-07 07:53 - 003614208 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2019-08-14 19:00 - 2019-08-07 07:43 - 001453416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2019-08-14 19:00 - 2019-08-07 07:41 - 001322688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2019-08-14 19:00 - 2019-08-07 07:40 - 020384344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2019-08-14 19:00 - 2019-08-07 07:27 - 007990272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2019-08-14 19:00 - 2019-08-07 07:24 - 002882048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2019-08-14 19:00 - 2019-08-07 07:24 - 001472000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2019-08-14 19:00 - 2019-08-07 03:09 - 001219896 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-08-14 19:00 - 2019-08-07 03:09 - 001027384 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-08-14 19:00 - 2019-08-07 03:08 - 007435720 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2019-08-14 19:00 - 2019-08-07 03:08 - 002810680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2019-08-14 19:00 - 2019-08-07 03:08 - 002470648 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2019-08-14 19:00 - 2019-08-07 03:08 - 001566736 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2019-08-14 19:00 - 2019-08-07 03:07 - 009084432 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-08-14 19:00 - 2019-08-07 03:07 - 000786288 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2019-08-14 19:00 - 2019-08-07 02:56 - 006044008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2019-08-14 19:00 - 2019-08-07 02:56 - 001993344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2019-08-14 19:00 - 2019-08-07 02:44 - 008189440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2019-08-14 19:00 - 2019-08-07 02:38 - 006661632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2019-08-14 19:00 - 2019-08-07 02:38 - 004385792 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2019-08-14 19:00 - 2019-08-07 02:36 - 007572480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-08-14 19:00 - 2019-08-07 02:34 - 005769728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-08-14 19:00 - 2019-08-07 02:34 - 001826816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
2019-08-14 19:00 - 2019-08-07 02:34 - 001680384 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreShell.dll
2019-08-14 19:00 - 2019-08-07 02:32 - 002165760 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2019-08-14 19:00 - 2019-08-07 02:32 - 001154048 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2019-08-14 19:00 - 2019-08-07 02:32 - 000669184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2019-08-14 19:00 - 2019-08-07 02:31 - 001110016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2019-08-14 19:00 - 2019-08-07 02:31 - 000947200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2019-08-14 19:00 - 2019-08-07 02:31 - 000925696 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2019-08-14 19:00 - 2019-08-07 02:31 - 000793088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2019-08-14 19:00 - 2019-07-10 20:30 - 000353280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2019-08-14 19:00 - 2019-07-09 03:00 - 001616824 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2019-08-14 19:00 - 2019-07-09 02:43 - 004718080 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2019-08-14 19:00 - 2019-07-08 22:23 - 001213264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2019-08-14 19:00 - 2019-07-08 22:23 - 001035040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-08-14 19:00 - 2019-07-08 22:21 - 005625160 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2019-08-14 19:00 - 2019-07-08 22:19 - 002769472 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2019-08-14 19:00 - 2019-07-08 22:19 - 002371504 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2019-08-14 19:00 - 2019-07-08 22:19 - 001674216 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2019-08-14 19:00 - 2019-07-08 22:19 - 000799248 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2019-08-14 19:00 - 2019-07-08 22:12 - 002331480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2019-08-14 19:00 - 2019-07-08 22:11 - 002257336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2019-08-14 19:00 - 2019-07-08 21:55 - 002700288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2019-08-14 19:00 - 2019-07-08 21:53 - 003708416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2019-08-14 19:00 - 2019-07-08 21:52 - 002258944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2019-08-14 19:00 - 2019-07-08 21:50 - 004861440 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2019-08-14 19:00 - 2019-07-08 21:49 - 000487424 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2019-08-14 19:00 - 2019-07-08 21:48 - 003402240 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-08-14 19:00 - 2019-07-08 21:47 - 003392000 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2019-08-14 19:00 - 2019-07-08 21:47 - 002738688 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2019-08-14 19:00 - 2019-07-08 21:47 - 002176000 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-08-14 19:00 - 2019-07-08 21:47 - 000928768 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2019-08-14 19:00 - 2019-07-08 21:47 - 000894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2019-08-14 19:00 - 2019-07-08 21:47 - 000808448 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2019-08-14 19:00 - 2019-07-08 21:46 - 002912256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2019-08-14 19:00 - 2019-07-08 21:45 - 001400832 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2019-08-14 19:00 - 2019-07-08 21:45 - 001218560 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2019-08-14 19:00 - 2019-07-08 21:44 - 001058304 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2019-08-14 19:00 - 2019-07-08 21:44 - 000922112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2019-08-14 19:00 - 2019-07-08 21:44 - 000629248 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2019-08-14 19:00 - 2019-07-08 21:43 - 001854976 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2019-08-14 19:00 - 2019-07-08 21:43 - 001398272 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2019-08-14 18:59 - 2019-08-07 08:13 - 000790208 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2019-08-14 18:59 - 2019-08-07 07:58 - 000178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2019-08-14 18:59 - 2019-08-07 07:58 - 000123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2019-08-14 18:59 - 2019-08-07 07:55 - 000424448 _____ (Microsoft Corporation) C:\WINDOWS\system32\P2PGraph.dll
2019-08-14 18:59 - 2019-08-07 07:55 - 000210944 _____ (Microsoft Corporation) C:\WINDOWS\system32\P2P.dll
2019-08-14 18:59 - 2019-08-07 07:54 - 004783104 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2019-08-14 18:59 - 2019-08-07 07:53 - 000343552 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnrpsvc.dll
2019-08-14 18:59 - 2019-08-07 07:52 - 001663488 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2019-08-14 18:59 - 2019-08-07 07:41 - 000662112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2019-08-14 18:59 - 2019-08-07 07:30 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2019-08-14 18:59 - 2019-08-07 07:30 - 000098304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2019-08-14 18:59 - 2019-08-07 07:26 - 000366592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\P2PGraph.dll
2019-08-14 18:59 - 2019-08-07 07:26 - 000174592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\P2P.dll
2019-08-14 18:59 - 2019-08-07 07:25 - 004175360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2019-08-14 18:59 - 2019-08-07 04:40 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MixedRealityCapture.dll
2019-08-14 18:59 - 2019-08-07 03:09 - 001328440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll
2019-08-14 18:59 - 2019-08-07 03:09 - 001098064 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2019-08-14 18:59 - 2019-08-07 03:09 - 000568104 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2019-08-14 18:59 - 2019-08-07 03:09 - 000194352 _____ (Microsoft Corporation) C:\WINDOWS\system32\skci.dll
2019-08-14 18:59 - 2019-08-07 03:09 - 000192824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys
2019-08-14 18:59 - 2019-08-07 03:09 - 000134968 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2019-08-14 18:59 - 2019-08-07 03:09 - 000095008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll
2019-08-14 18:59 - 2019-08-07 03:08 - 001141712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2019-08-14 18:59 - 2019-08-07 03:08 - 000723216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2019-08-14 18:59 - 2019-08-07 03:08 - 000710232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2019-08-14 18:59 - 2019-08-07 03:08 - 000494992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2019-08-14 18:59 - 2019-08-07 03:08 - 000227744 _____ (Microsoft Corporation) C:\WINDOWS\system32\xmllite.dll
2019-08-14 18:59 - 2019-08-07 03:08 - 000170296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2019-08-14 18:59 - 2019-08-07 03:08 - 000130840 _____ (Microsoft Corporation) C:\WINDOWS\system32\rmclient.dll
2019-08-14 18:59 - 2019-08-07 03:08 - 000091568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpfve.sys
2019-08-14 18:59 - 2019-08-07 03:07 - 002719240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2019-08-14 18:59 - 2019-08-07 03:07 - 001459328 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-08-14 18:59 - 2019-08-07 03:07 - 001260992 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-08-14 18:59 - 2019-08-07 03:07 - 001031696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2019-08-14 18:59 - 2019-08-07 03:07 - 000984152 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2019-08-14 18:59 - 2019-08-07 03:07 - 000115728 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdnet.dll
2019-08-14 18:59 - 2019-08-07 02:57 - 000081256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wldp.dll
2019-08-14 18:59 - 2019-08-07 02:56 - 001427768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll
2019-08-14 18:59 - 2019-08-07 02:56 - 000357336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2019-08-14 18:59 - 2019-08-07 02:56 - 000192608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xmllite.dll
2019-08-14 18:59 - 2019-08-07 02:56 - 000101400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rmclient.dll
2019-08-14 18:59 - 2019-08-07 02:55 - 000603792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2019-08-14 18:59 - 2019-08-07 02:38 - 000310272 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll
2019-08-14 18:59 - 2019-08-07 02:38 - 000113664 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreShellExtFramework.dll
2019-08-14 18:59 - 2019-08-07 02:37 - 000386048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Diagnostics.dll
2019-08-14 18:59 - 2019-08-07 02:37 - 000170496 _____ (Microsoft Corporation) C:\WINDOWS\system32\appsruprov.dll
2019-08-14 18:59 - 2019-08-07 02:37 - 000079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\offreg.dll
2019-08-14 18:59 - 2019-08-07 02:36 - 000462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2019-08-14 18:59 - 2019-08-07 02:36 - 000354816 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
2019-08-14 18:59 - 2019-08-07 02:36 - 000326144 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Flights.dll
2019-08-14 18:59 - 2019-08-07 02:36 - 000311296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.Diagnostics.dll
2019-08-14 18:59 - 2019-08-07 02:36 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountTokenProvider.dll
2019-08-14 18:59 - 2019-08-07 02:35 - 001361408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSPhotography.dll
2019-08-14 18:59 - 2019-08-07 02:35 - 000726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\PEAuth.sys
2019-08-14 18:59 - 2019-08-07 02:35 - 000624640 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2019-08-14 18:59 - 2019-08-07 02:35 - 000619520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncController.dll
2019-08-14 18:59 - 2019-08-07 02:35 - 000567808 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2019-08-14 18:59 - 2019-08-07 02:35 - 000265728 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2019-08-14 18:59 - 2019-08-07 02:35 - 000153088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MicrosoftAccountTokenProvider.dll
2019-08-14 18:59 - 2019-08-07 02:34 - 001549824 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2019-08-14 18:59 - 2019-08-07 02:34 - 000786432 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2019-08-14 18:59 - 2019-08-07 02:34 - 000521216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncController.dll
2019-08-14 18:59 - 2019-08-07 02:34 - 000392704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2019-08-14 18:59 - 2019-08-07 02:34 - 000278528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ComposableShellProxyStub.dll
2019-08-14 18:59 - 2019-08-07 02:34 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offreg.dll
2019-08-14 18:59 - 2019-08-07 02:33 - 001220608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2019-08-14 18:59 - 2019-08-07 02:33 - 000228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ssdpsrv.dll
2019-08-14 18:59 - 2019-08-07 02:32 - 001235968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpbase.dll
2019-08-14 18:59 - 2019-08-07 02:32 - 000330752 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptprov.dll
2019-08-14 18:59 - 2019-08-07 02:32 - 000318976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll
2019-08-14 18:59 - 2019-08-07 02:32 - 000275968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptprov.dll
2019-08-14 18:59 - 2019-08-07 02:32 - 000135168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ComposableShellProxyStub.dll
2019-08-14 18:59 - 2019-08-07 02:31 - 001421312 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpbase.dll
2019-08-14 18:59 - 2019-08-07 02:31 - 000965632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2019-08-14 18:59 - 2019-08-07 02:31 - 000776192 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2019-08-14 18:59 - 2019-08-07 02:31 - 000544256 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2019-08-14 18:59 - 2019-08-07 02:31 - 000531968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2019-08-14 18:59 - 2019-08-07 02:31 - 000367616 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll
2019-08-14 18:59 - 2019-07-11 01:48 - 001008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MixedRealityCapture.dll
2019-08-14 18:59 - 2019-07-10 20:30 - 000341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2019-08-14 18:59 - 2019-07-10 20:30 - 000313344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd2x40.dll
2019-08-14 18:59 - 2019-07-09 03:07 - 000506088 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2019-08-14 18:59 - 2019-07-09 03:04 - 000348664 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2019-08-14 18:59 - 2019-07-09 02:44 - 000039936 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsUpdateElevatedInstaller.exe
2019-08-14 18:59 - 2019-07-09 02:43 - 000124416 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2019-08-14 18:59 - 2019-07-09 02:41 - 002019840 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2019-08-14 18:59 - 2019-07-09 02:40 - 000677888 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2019-08-14 18:59 - 2019-07-09 02:39 - 001193472 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdengin2.dll
2019-08-14 18:59 - 2019-07-09 02:39 - 001121792 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2019-08-14 18:59 - 2019-07-09 02:38 - 000740864 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2019-08-14 18:59 - 2019-07-09 02:37 - 001180672 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2019-08-14 18:59 - 2019-07-09 02:37 - 000517632 _____ (Microsoft Corporation) C:\WINDOWS\system32\newdev.dll
2019-08-14 18:59 - 2019-07-09 02:37 - 000167424 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvinst.exe
2019-08-14 18:59 - 2019-07-09 01:38 - 000908288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSWorkspace.dll
2019-08-14 18:59 - 2019-07-09 01:37 - 000485888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\newdev.dll
2019-08-14 18:59 - 2019-07-08 22:29 - 000375312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2019-08-14 18:59 - 2019-07-08 22:29 - 000230200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
2019-08-14 18:59 - 2019-07-08 22:29 - 000031032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\uefi.sys
2019-08-14 18:59 - 2019-07-08 22:21 - 000133136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ImplatSetup.dll
2019-08-14 18:59 - 2019-07-08 22:20 - 000500536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2019-08-14 18:59 - 2019-07-08 22:20 - 000275512 _____ (Microsoft Corporation) C:\WINDOWS\system32\LsaIso.exe
2019-08-14 18:59 - 2019-07-08 22:20 - 000227640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2019-08-14 18:59 - 2019-07-08 22:19 - 000767232 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2019-08-14 18:59 - 2019-07-08 22:19 - 000713488 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2019-08-14 18:59 - 2019-07-08 22:19 - 000152104 _____ (Microsoft Corporation) C:\WINDOWS\system32\KerbClientShared.dll
2019-08-14 18:59 - 2019-07-08 22:19 - 000142352 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2019-08-14 18:59 - 2019-07-08 22:19 - 000046608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\werkernel.sys
2019-08-14 18:59 - 2019-07-08 22:12 - 001286528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll
2019-08-14 18:59 - 2019-07-08 22:12 - 000573808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2019-08-14 18:59 - 2019-07-08 22:12 - 000125504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KerbClientShared.dll
2019-08-14 18:59 - 2019-07-08 22:11 - 000576528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2019-08-14 18:59 - 2019-07-08 22:11 - 000108560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll
2019-08-14 18:59 - 2019-07-08 21:56 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usoapi.dll
2019-08-14 18:59 - 2019-07-08 21:53 - 000288768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2019-08-14 18:59 - 2019-07-08 21:51 - 000608768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2019-08-14 18:59 - 2019-07-08 21:51 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2019-08-14 18:59 - 2019-07-08 21:51 - 000119296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2019-08-14 18:59 - 2019-07-08 21:51 - 000115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatecsp.dll
2019-08-14 18:59 - 2019-07-08 21:51 - 000108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\DuCsps.dll
2019-08-14 18:59 - 2019-07-08 21:51 - 000106496 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationControllerPS.dll
2019-08-14 18:59 - 2019-07-08 21:51 - 000097792 _____ (Microsoft Corporation) C:\WINDOWS\system32\usoapi.dll
2019-08-14 18:59 - 2019-07-08 21:51 - 000041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\UsoClient.exe
2019-08-14 18:59 - 2019-07-08 21:50 - 001003008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2019-08-14 18:59 - 2019-07-08 21:50 - 000835584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2019-08-14 18:59 - 2019-07-08 21:50 - 000681472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2019-08-14 18:59 - 2019-07-08 21:50 - 000659456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2019-08-14 18:59 - 2019-07-08 21:50 - 000414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cldflt.sys
2019-08-14 18:59 - 2019-07-08 21:49 - 000856576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2019-08-14 18:59 - 2019-07-08 21:49 - 000735744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2019-08-14 18:59 - 2019-07-08 21:49 - 000372736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll
2019-08-14 18:59 - 2019-07-08 21:49 - 000348160 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2019-08-14 18:59 - 2019-07-08 21:49 - 000345088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2019-08-14 18:59 - 2019-07-08 21:49 - 000145408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2019-08-14 18:59 - 2019-07-08 21:48 - 000697344 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2019-08-14 18:59 - 2019-07-08 21:48 - 000395776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2019-08-14 18:59 - 2019-07-08 21:48 - 000335360 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2019-08-14 18:59 - 2019-07-08 21:48 - 000227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2019-08-14 18:59 - 2019-07-08 21:48 - 000175104 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2019-08-14 18:59 - 2019-07-08 21:48 - 000142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2019-08-14 18:59 - 2019-07-08 21:47 - 000726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2019-08-14 18:59 - 2019-07-08 21:46 - 001561088 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-08-14 18:59 - 2019-07-08 21:46 - 000532992 _____ (Microsoft Corporation) C:\WINDOWS\system32\QuietHours.dll
2019-08-14 18:59 - 2019-07-08 21:46 - 000300544 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2019-08-14 18:59 - 2019-07-08 21:45 - 000773120 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2019-08-14 18:59 - 2019-07-08 21:45 - 000510976 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Notifications.dll
2019-08-14 18:59 - 2019-07-08 21:45 - 000504832 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll
2019-08-14 18:59 - 2019-07-08 21:44 - 000796672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2019-08-14 18:59 - 2019-07-08 21:44 - 000466432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2019-08-14 18:59 - 2019-07-08 21:44 - 000406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2019-08-14 18:59 - 2019-07-08 21:44 - 000176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2019-08-14 18:59 - 2019-07-08 21:43 - 000917504 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2019-08-14 18:59 - 2019-07-08 21:43 - 000582144 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnrSvc.dll
2019-08-14 18:58 - 2019-08-07 07:53 - 000202752 _____ (Microsoft Corporation) C:\WINDOWS\system32\p2pnetsh.dll
2019-08-14 18:58 - 2019-08-07 07:51 - 000424960 _____ (Microsoft Corporation) C:\WINDOWS\system32\p2psvc.dll
2019-08-14 18:58 - 2019-08-07 07:24 - 000178176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\p2pnetsh.dll
2019-08-14 18:58 - 2019-08-07 02:36 - 000154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2019-08-14 18:58 - 2019-08-07 02:33 - 000115712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2019-08-14 18:58 - 2019-08-07 01:15 - 000001310 _____ C:\WINDOWS\system32\tcbres.wim
2019-08-14 18:58 - 2019-07-09 02:43 - 000123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdshext.dll
2019-08-14 18:58 - 2019-07-09 02:39 - 001210880 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdclt.exe
2019-08-14 18:58 - 2019-07-09 02:37 - 000174080 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngOnline.dll
2019-08-14 18:58 - 2019-07-08 21:56 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hmkd.dll
2019-08-14 18:58 - 2019-07-08 21:55 - 000081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetDriverInstall.dll
2019-08-14 18:58 - 2019-07-08 21:55 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2019-08-14 18:58 - 2019-07-08 21:52 - 000058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\hmkd.dll
2019-08-14 18:58 - 2019-07-08 21:51 - 000144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2019-08-14 18:58 - 2019-07-08 21:50 - 000141312 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2019-08-14 18:58 - 2019-07-08 21:50 - 000078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetCfgNotifyObjectHost.exe
2019-08-14 18:58 - 2019-07-08 21:50 - 000026624 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdcpw.dll
2019-08-14 18:58 - 2019-07-08 21:50 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2019-08-14 18:58 - 2019-07-08 21:49 - 000110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetDriverInstall.dll
2019-08-14 18:58 - 2019-06-19 21:21 - 000058882 _____ C:\WINDOWS\system32\srms.dat
2019-08-14 18:33 - 2019-08-14 18:33 - 000029225 _____ C:\ProgramData\chrome.zip
2019-08-14 18:33 - 2019-08-14 18:33 - 000000000 ____D C:\ProgramData\chrome
2019-08-14 18:33 - 2019-08-14 18:33 - 000000000 _____ C:\ProgramData\zevx.txt
2019-08-14 12:24 - 2019-08-14 15:05 - 010213901 _____ C:\Users\COQUINO\Desktop\DIOS SALVA A MOISES DE LAS AGUAS.pptx
2019-08-14 12:09 - 2019-08-14 12:09 - 002728885 _____ C:\Users\COQUINO\Documents\DIOS SALVA A MOISES DE LAS AGUAS.pptx
2019-08-13 14:30 - 2019-08-13 14:30 - 000215455 _____ C:\Users\COQUINO\Downloads\actividad Carmen.pdf
2019-08-13 13:41 - 2019-08-13 13:44 - 000554100 _____ C:\Users\COQUINO\Downloads\impresión semana de los niños.pdf
2019-08-13 10:48 - 2019-08-13 11:41 - 000038778 ____H C:\Users\COQUINO\Downloads\~WRL0003.tmp
2019-08-13 10:48 - 2019-08-13 10:48 - 000017374 ____H C:\Users\COQUINO\Downloads\~WRL4051.tmp
2019-08-13 09:15 - 2019-08-13 09:22 - 000650797 ____H C:\Users\COQUINO\Downloads\~WRL0400.tmp
2019-08-08 00:45 - 2019-08-08 00:45 - 000002099 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Free Antivirus.lnk
2019-08-08 00:45 - 2019-08-08 00:45 - 000002087 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2019-08-08 00:45 - 2019-08-08 00:45 - 000000000 ____D C:\Users\COQUINO\AppData\Roaming\AVAST Software
2019-08-08 00:39 - 2019-08-21 06:43 - 000004264 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
2019-08-08 00:37 - 2019-08-08 00:40 - 001030784 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2019-08-08 00:37 - 2019-08-08 00:40 - 000387688 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2019-08-08 00:37 - 2019-08-08 00:40 - 000168896 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2019-08-08 00:37 - 2019-08-08 00:37 - 000477288 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2019-08-08 00:37 - 2019-08-08 00:37 - 000279336 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHdsKe.sys
2019-08-08 00:37 - 2019-08-08 00:37 - 000225816 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2019-08-08 00:37 - 2019-08-08 00:37 - 000112520 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2019-08-08 00:37 - 2019-08-08 00:37 - 000088160 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2019-08-08 00:37 - 2019-08-08 00:37 - 000042504 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2019-08-08 00:37 - 2019-08-08 00:37 - 000015488 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswElam.sys
2019-08-08 00:37 - 2019-08-08 00:36 - 000363400 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2019-08-08 00:37 - 2019-08-08 00:36 - 000263224 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2019-08-08 00:37 - 2019-08-08 00:36 - 000209256 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2019-08-08 00:37 - 2019-08-08 00:36 - 000206056 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2019-08-08 00:37 - 2019-08-08 00:36 - 000061688 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2019-08-08 00:37 - 2019-08-08 00:36 - 000037320 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2019-08-08 00:33 - 2019-08-08 00:33 - 000000000 ____D C:\Program Files\AVAST Software
2019-08-08 00:29 - 2019-08-08 00:30 - 020891464 _____ (Piriform Software Ltd) C:\Users\COQUINO\Downloads\ccsetup560.exe
2019-08-05 14:31 - 2019-08-07 20:40 - 000000000 ____D C:\Users\COQUINO\Downloads\what the duck the series sub español ep 10 - Vídeo Dailymotion
2019-08-05 11:09 - 2019-08-07 20:36 - 000000000 ____D C:\Users\COQUINO\Downloads\Make it Right 2  EP 01 (Sub  Español) - Vídeo Dailymotion
2019-08-05 08:37 - 2019-08-05 08:41 - 000386276 _____ C:\Users\COQUINO\Desktop\agosto talento.pdf
2019-08-05 08:26 - 2019-08-05 08:49 - 000218334 _____ C:\Users\COQUINO\Desktop\AGOSTO LIMPIEZA.pdf
2019-08-04 22:34 - 2019-08-05 08:46 - 000000000 ____D C:\Users\COQUINO\Downloads\Make it Right
2019-08-04 00:02 - 2019-08-04 00:02 - 000000048 _____ C:\Users\COQUINO\Downloads\Make it Right EP 5 sub español - Vídeo Dailymotion_640X480.mp4.part
2019-08-02 22:16 - 2019-08-02 22:16 - 000000000 ____D C:\WINDOWS\system32\ ‰J³
2019-07-27 23:52 - 2019-07-27 23:52 - 000000000 ____D C:\WINDOWS\system32\ ‰U

==================== One month (modified) ========
(If an entry is included in the fixlist, the file/folder will be moved.)

2019-08-21 06:47 - 2018-04-11 18:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-08-21 06:39 - 2018-06-01 07:17 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-08-21 01:41 - 2018-04-11 18:38 - 000000000 ___HD C:\Program Files\WindowsApps
2019-08-21 01:41 - 2018-04-11 18:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-08-21 00:45 - 2018-04-11 18:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-08-20 12:47 - 2019-03-16 18:04 - 000000000 ____D C:\Users\COQUINO\AppData\Local\CrashDumps
2019-08-20 09:28 - 2018-04-19 16:23 - 000000000 ____D C:\Users\COQUINO\AppData\Roaming\StardewValley
2019-08-20 09:27 - 2019-03-16 16:36 - 000000000 ____D C:\WINDOWS\System32\Tasks\Avast Software
2019-08-20 09:27 - 2018-06-01 07:57 - 000002218 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2019-08-20 01:03 - 2018-04-11 18:36 - 000000000 ____D C:\WINDOWS\INF
2019-08-18 23:41 - 2018-04-11 18:38 - 000000000 ____D C:\WINDOWS\system32\NDF
2019-08-18 13:56 - 2018-04-11 16:04 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2019-08-17 18:02 - 2018-06-01 07:57 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-08-17 18:01 - 2018-04-11 16:04 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2019-08-17 18:01 - 2017-10-10 20:29 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2019-08-17 17:59 - 2016-06-30 20:17 - 000000000 ____D C:\Program Files (x86)\Hewlett-Packard
2019-08-17 17:59 - 2016-06-30 20:16 - 000000000 ____D C:\Program Files\HP
2019-08-17 17:59 - 2016-06-30 19:32 - 000000000 ____D C:\ProgramData\HP
2019-08-17 03:45 - 2016-08-26 11:51 - 000000000 ____D C:\ProgramData\Hewlett-Packard
2019-08-17 03:44 - 2016-08-26 15:55 - 000000000 ____D C:\Users\COQUINO\AppData\Local\Hewlett-Packard
2019-08-17 03:44 - 2016-08-26 12:16 - 000000000 ____D C:\Users\COQUINO\AppData\Roaming\Hewlett-Packard
2019-08-16 22:45 - 2019-01-03 14:15 - 000001807 _____ C:\Users\COQUINO\Desktop\BlueStacks.lnk
2019-08-16 22:42 - 2016-06-19 13:13 - 000000000 ____D C:\Program Files\KMSpico
2019-08-16 07:19 - 2018-06-01 07:24 - 000000000 ____D C:\Users\COQUINO
2019-08-16 07:17 - 2019-06-16 22:42 - 000000000 ____D C:\Users\COQUINO\Downloads\KMSAuto Net 2016 1.4.9 Portable + 1.5.1
2019-08-15 19:02 - 2018-07-01 20:11 - 000000000 ____D C:\WINDOWS\Minidump
2019-08-14 20:51 - 2017-12-12 21:50 - 000000000 ____D C:\Users\COQUINO\AppData\Local\Packages
2019-08-14 20:22 - 2019-06-21 14:46 - 000000000 ____D C:\ProgramData\KMSAuto
2019-08-14 20:22 - 2017-11-10 22:20 - 000000000 ____D C:\Users\COQUINO\Desktop\KMSAC1.5.1
2019-08-14 20:05 - 2018-04-11 18:38 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2019-08-14 20:05 - 2017-11-15 23:29 - 000000000 ___RD C:\Users\COQUINO\3D Objects
2019-08-14 20:05 - 2016-02-13 08:08 - 000000000 __RHD C:\Users\Public\AccountPictures
2019-08-14 20:03 - 2018-06-01 07:17 - 000555632 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-08-14 19:59 - 2018-04-11 18:38 - 000000000 ___SD C:\WINDOWS\system32\UNP
2019-08-14 19:59 - 2018-04-11 18:38 - 000000000 ____D C:\WINDOWS\TextInput
2019-08-14 19:59 - 2018-04-11 18:38 - 000000000 ____D C:\WINDOWS\system32\oobe
2019-08-14 19:59 - 2018-04-11 18:38 - 000000000 ____D C:\WINDOWS\ShellExperiences
2019-08-14 19:59 - 2018-04-11 18:38 - 000000000 ____D C:\WINDOWS\Provisioning
2019-08-14 19:59 - 2018-04-11 18:38 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-08-14 19:23 - 2016-06-16 20:42 - 000001150 _____ C:\Users\Public\Desktop\VLC media player.lnk
2019-08-14 19:20 - 2016-07-23 02:28 - 000000000 ____D C:\ProgramData\Malwarebytes
2019-08-14 19:19 - 2016-06-16 20:31 - 000000000 ____D C:\Users\COQUINO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2019-08-14 19:19 - 2016-06-16 20:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2019-08-14 19:19 - 2016-06-16 20:31 - 000000000 ____D C:\Program Files\WinRAR
2019-08-14 18:51 - 2019-02-01 13:31 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2019-08-14 18:43 - 2017-09-13 19:00 - 006304880 _____ C:\Users\COQUINO\Desktop\psiphon3.exe
2019-08-14 18:43 - 2017-09-13 19:00 - 000000000 ____D C:\Users\COQUINO\AppData\Roaming\Psiphon3
2019-08-14 18:33 - 2017-02-28 00:02 - 000002358 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-08-14 18:33 - 2017-02-28 00:02 - 000002346 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-08-14 16:04 - 2016-06-16 21:27 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-08-14 15:27 - 2016-06-16 21:27 - 134272480 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-08-13 16:42 - 2016-04-06 19:14 - 000000000 ___RD C:\Users\COQUINO\Documents\DOCUMENTOS YOHANA
2019-08-13 12:03 - 2016-06-16 11:47 - 000000167 _____ C:\WINDOWS\win.ini
2019-08-12 19:06 - 2019-06-15 14:21 - 000000362 _____ C:\WINDOWS\Tasks\HPCeeScheduleForCOQUINO.job
2019-08-12 19:01 - 2019-06-15 14:21 - 000002862 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleForCOQUINO
2019-08-12 19:01 - 2019-04-01 19:53 - 000002796 _____ C:\WINDOWS\System32\Tasks\VideoStudioUpdater
2019-08-12 19:01 - 2019-03-16 16:27 - 000003048 _____ C:\WINDOWS\System32\Tasks\CCleaner Update
2019-08-12 19:01 - 2019-01-03 14:19 - 000003024 _____ C:\WINDOWS\System32\Tasks\BlueStacksHelper
2019-08-12 19:01 - 2018-06-01 07:57 - 000003848 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2019-08-12 19:01 - 2018-06-01 07:57 - 000003544 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2019-08-12 19:01 - 2018-06-01 07:57 - 000003542 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2019-08-12 19:01 - 2018-06-01 07:57 - 000003514 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2019-08-12 19:01 - 2018-06-01 07:57 - 000003320 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2019-08-12 19:01 - 2018-06-01 07:57 - 000002918 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3115299202-1178083710-835377459-1002
2019-08-11 17:56 - 2016-06-16 20:44 - 000000000 ____D C:\Users\COQUINO\AppData\Roaming\vlc
2019-08-09 12:33 - 2018-06-01 07:24 - 000002414 _____ C:\Users\COQUINO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-08-09 12:33 - 2016-04-04 16:11 - 000000000 ___RD C:\Users\COQUINO\OneDrive
2019-08-08 00:32 - 2019-03-16 16:27 - 000000000 ____D C:\ProgramData\AVAST Software
2019-08-08 00:31 - 2016-06-18 06:15 - 000000874 _____ C:\Users\Public\Desktop\CCleaner.lnk
2019-08-07 22:09 - 2016-07-04 18:48 - 000000000 ____D C:\Users\COQUINO\AppData\Local\JDownloader v2.0
2019-08-07 15:17 - 2018-04-11 18:38 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2019-08-05 09:07 - 2019-02-01 14:27 - 000016226 _____ C:\Users\COQUINO\Desktop\TALENTO FUENTE DE VIDA 2019.xlsx
2019-08-05 08:48 - 2019-04-01 12:25 - 000014310 _____ C:\Users\COQUINO\Desktop\LIMPIEZA 2019.xlsx
2019-08-01 20:19 - 2017-09-28 19:20 - 000000000 ____D C:\Program Files\rempl
2019-07-29 12:04 - 2016-06-16 18:47 - 000000000 ____D C:\Users\COQUINO\AppData\Local\ElevatedDiagnostics
2019-07-27 21:20 - 2017-12-30 22:27 - 000000000 ____D C:\Users\COQUINO\AppData\Local\PlaceholderTileLogoFolder
2019-07-27 21:05 - 2016-06-16 18:35 - 000000000 ____D C:\Users\COQUINO\AppData\Local\Publishers
2019-07-27 21:01 - 2016-10-19 13:06 - 000000000 ____D C:\Users\COQUINO\AppData\Local\ConnectedDevicesPlatform
2019-07-27 20:57 - 2018-03-01 21:27 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd

==================== Files in the root of some directories ================

2018-01-30 15:25 - 2018-01-30 15:25 - 000000001 _____ () C:\Users\COQUINO\AppData\Local\llftool.4.25.agreement
2017-03-17 01:09 - 2017-03-17 01:09 - 000000552 _____ () C:\Users\COQUINO\AppData\Local\TroubleshooterConfig.json

==================== SigCheck ===============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-08-2019
Ran by COQUINO (21-08-2019 07:16:05)
Running from C:\Users\COQUINO\Desktop
Windows 10 Home Single Language Version 1803 17134.950 (X64) (2018-06-01 12:59:38)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrador (S-1-5-21-3115299202-1178083710-835377459-500 - Administrator - Disabled)
COQUINO (S-1-5-21-3115299202-1178083710-835377459-1002 - Administrator - Enabled) => C:\Users\COQUINO
DefaultAccount (S-1-5-21-3115299202-1178083710-835377459-503 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3115299202-1178083710-835377459-1004 - Limited - Enabled)
Invitado (S-1-5-21-3115299202-1178083710-835377459-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-3115299202-1178083710-835377459-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Disabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Disabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Disabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC - Español (HKLM-x32\...\{AC76BA86-7AD7-1034-7B44-AC0F074E4100}) (Version: 19.012.20035 - Adobe Systems Incorporated)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.223 - Adobe)
AMD Radeon Settings (HKLM\...\WUCCCApp) (Version: 2016.1216.1933.35155 - Advanced Micro Devices, Inc.)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 19.6.2383 - AVAST Software)
BlueStacks App Player (HKLM\...\BlueStacks) (Version: 4.30.50.1690 - BlueStack Systems, Inc.)
Catalyst Control Center Next Localization BR (HKLM\...\{118C2119-84B6-E32C-63E2-B56DBCF41CE5}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization BR (HKLM\...\{3E245378-BF77-6946-C6F6-096DBE5EAB82}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization BR (HKLM\...\{51F85784-6799-5CA3-97B2-2E5904FC3E58}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization BR (HKLM\...\{55A4D3AB-C8DF-26B2-89A8-7E16E1E40700}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization BR (HKLM\...\{DB929D3C-5DF3-95A0-456F-403306EE69B6}) (Version: 2016.1216.1933.35155 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{365AEAB2-4CF3-7CBB-0DAC-E9E14B688E65}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{45907537-804A-514F-5280-5F4F12A6DCBC}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{5A083A57-10D6-D4E5-292C-F274870E73A4}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{5F16D84E-851C-29BB-3CBE-A480DBAE3A09}) (Version: 2016.1216.1933.35155 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{8E6F5592-ED7E-9C50-74AC-BF417B1FE291}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{13D096A7-D644-944F-F99D-82A17015AAE0}) (Version: 2016.1216.1933.35155 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{7ABC6D83-816E-6D48-E65D-B0CEDD294E4E}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{962364E4-08BB-347D-32E7-2B789F37BF8A}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{AD28960A-6190-C991-C964-308B86EAA2E2}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{DF0D7C1C-72B6-9FFB-DF66-B3720237BB80}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{238F6F6F-2544-86CF-3AB6-2CDADAB58CF0}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{84C3F2C5-F7B2-2F08-CDF4-79EF7CC55D74}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{A0407E39-2AA4-60B3-885F-3C5347B6909E}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{C3EE628C-7394-FE2C-0C90-C05284EB528D}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{EE08C0D5-792F-B256-A499-ECEC56915562}) (Version: 2016.1216.1933.35155 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{0989D0EA-AFF3-5F9A-3D25-20EE133E409B}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{0E8A3B17-D603-B1B6-C205-1685EBDD23E9}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{2F544F46-5F6E-97BB-3550-A0242A3C5754}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{37F9C96B-294A-D6A7-183D-930C8A2F5D68}) (Version: 2016.1216.1933.35155 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{EC688BD0-240D-AE40-55F3-234E54919AE6}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{1E7D3072-1D28-E33A-99DF-85D9F7ECD06E}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{A8689A0F-5928-7300-B82B-C5E85131B7BA}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{DAC91F38-7D04-90FC-19CB-AC1C608012ED}) (Version: 2016.1216.1933.35155 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{E27224E3-7913-DA1E-5B08-9BEEC8FEE3D1}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{FC4086D6-E345-5F43-08BB-280FB57DAF49}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{40E57BA2-6029-7A5D-A2BE-7D47039159D0}) (Version: 2016.1216.1933.35155 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{76AAF56B-93D8-161D-809A-EC05F3B913DA}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{95A52FC1-C728-841D-1BFC-CC793B77B0A4}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{BA26B70C-3D8C-2D14-4122-211FB3E6F691}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{F8EBE530-A4D5-BF51-F623-3787E6B8A878}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{063CED74-F5F0-870E-DC9C-2D78FDEDA3EE}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{42FBD43F-DE53-6D4D-5134-E3C93B45CBEF}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{5FEACE78-C338-9AED-FF05-7DE7E273C774}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{7A54ECFD-70B7-08DF-D581-8CD04B4CDA09}) (Version: 2016.1216.1933.35155 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{A22CDEBA-6DB5-12CD-F6CE-6238C2D78363}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{13BB60AA-88F7-4B1F-2DEC-D81EEDE8B3AA}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{A3795528-F572-6314-C4E3-EE9DAF0FBF02}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{AC85CF50-9A55-0103-ADBF-365C37603AA4}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{C0BFC67D-E447-02C8-6046-C078DFE9EC97}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{C0F8A189-4C96-0179-ACEE-A98F618FD472}) (Version: 2016.1216.1933.35155 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{37AA6227-FF2C-95AC-87C0-45DCC0BB87DA}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{4853A56D-7931-A08B-5BA7-8E2D61043DF9}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{60694907-C4DE-A4AE-8DD0-E2E50E3A9C14}) (Version: 2016.1216.1933.35155 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{94C72EBE-2908-F0AC-62DA-D61951830F8F}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{B349892D-B015-033C-4CA8-3635E6B655D7}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{592C6F67-5D6B-8E34-90B9-2E9D44FC537B}) (Version: 2016.1216.1933.35155 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{5B987681-3652-492B-6A11-E02AC0FE5959}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{B28CF677-E2C8-12CA-52BB-19B6F066D36A}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{BE8D6AB1-3049-2F0C-67FA-00C0A5D321A3}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{EB328356-1DF0-1CCE-3607-6361DD329219}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{06B55CAD-9FF0-EE80-954C-32FA86AED3BF}) (Version: 2016.1216.1933.35155 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{26567561-DFB2-2B63-9BA8-6A490ED37016}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{43F6D22B-E0E9-EE90-9B62-1C5FC5D15A55}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{86BFE5B4-1FCE-3C02-6373-92B1AE6431E8}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{87E6EC29-AEC5-28CB-F773-93EB6C1B8A2B}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{0742432E-42D9-2240-4CA1-8595CCCBAA77}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{0809FEC1-EF86-51E9-8210-DC1B1BDB6745}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{3B613BFA-C0AC-5FBF-29B1-3C362DFE417B}) (Version: 2016.1216.1933.35155 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{CA55697D-BD74-3ED8-6B21-D7EDAD3B7D02}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{D4490E0F-8E7B-1097-B56A-7643C75F1C28}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{5FD706FF-6AD8-E372-A35A-879409982655}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{CFC860C8-4F51-E08C-A74C-2E444ED06160}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{DAB44116-0266-C65B-B643-AC11217C3041}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{E3364BA9-283A-2B4C-2DED-90C284A54B8D}) (Version: 2016.1216.1933.35155 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{EAEAA839-44F4-22DF-D1CC-88C3B2A3D4B1}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{3AF70346-52C7-0334-606F-118D1C1CB7A2}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{6E30A3B3-5427-9D91-5878-BD61820C5671}) (Version: 2016.1216.1933.35155 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{9338D693-38B7-1ED4-9B42-BFA1D5600CCB}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{A3973655-E448-4A1B-477C-988A79D132D9}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{A4E7CA0C-84EB-5E29-2F04-06C4E4790C2F}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{1E282415-8F60-005E-58C2-8FA7A7A391FB}) (Version: 2016.1216.1933.35155 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{53AE8AC7-5213-67AF-0DC0-CED696B77643}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{59D2664C-949B-7FA7-9880-ECB993B6616A}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{6DC92550-D065-4B36-C4D3-D8D7A702A7A7}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{C971C145-258D-6650-7088-13DDB161327A}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{8384ACC1-D00D-3818-8C45-E41E3C3FC6F9}) (Version: 2016.1216.1933.35155 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{970A40CA-46AB-986C-1798-976ED0EA00FA}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{B2A83706-3F14-1532-20CD-B4EE715A8945}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{DC9DFCBF-87DA-892C-6151-99CC9EF46E3E}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{EBA09DAF-14B4-7BE7-676E-6E2FB21EDBDD}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{44ED2CDA-4197-E9E9-B328-26E1FB749116}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{4707CBFC-8ED4-463E-0FF9-DE86F4A743E9}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{9AA4DD93-94BF-22EA-C9D2-7084F304A31B}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{C1EFF2A2-DF4A-F6D1-B99C-1ED194AE9E78}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{DA4880B9-F477-386C-B07D-E13A7F4565C4}) (Version: 2016.1216.1933.35155 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{0FEDC0A5-8ED6-1A59-78A4-35E82784E3E0}) (Version: 2016.1216.1933.35155 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{3450566C-4561-0EE8-B1AB-D5C79CCE8D2C}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{379D900B-A785-6DB0-012E-434356A365B3}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{46EB68BE-8AAC-8C2B-7284-8DEDE6B5CD2A}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{C14A3A5B-8A86-C239-37D7-158211778C54}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{366C4FB5-CF6E-258B-418D-E6D29549A278}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{3BF8C0EC-3127-F42D-78B7-7C5C9E682657}) (Version: 2016.1216.1933.35155 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{7A6E431B-CF43-EC3E-FD7E-0A0AAB1B25FC}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{A50C89BC-8D8E-8828-824A-7171F6D583D5}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{FCE8438C-3272-D63F-479F-670F082B294B}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{0B5633F0-C415-2F08-671E-4C9E2FAACD45}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{25D1751E-7CA2-5F6D-0125-0A16E47AF9FE}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{3F6354FB-8E86-4BEF-A53F-141D1493EE6D}) (Version: 2016.1216.1933.35155 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{89A1F076-19B8-A2B1-D5A3-E8247EFAF157}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{B10089DE-934F-6E0F-683A-B788F89348DF}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.60 - Piriform)
Eines de correcció del Microsoft Office 2013: català (HKLM\...\{90150000-001F-0403-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Ferramentas de verificación de Microsoft Office 2013 - Galego (HKLM\...\{90150000-001F-0456-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 76.0.3809.100 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden
Haali Media Splitter (HKLM-x32\...\HaaliMkx) (Version:  - )
HP Deskjet 1510 series Software básico del dispositivo (HKLM\...\{B610C583-FDD7-41B6-8CED-C668E51114AC}) (Version: 32.2.188.47710 - Hewlett-Packard Co.)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Support Solutions Framework (HKLM-x32\...\{E8FF0A82-0696-4347-B4AE-708DE306FFE9}) (Version: 12.12.32.3 - HP Inc.)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
MAGIX Speed burnR (MSI) (HKLM-x32\...\{CD6B42D0-BE82-4DD4-A019-C920B0EE39A2}) (Version: 7.0.1.27 - MAGIX AG)
Malwarebytes versión 3.8.3.2965 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.8.3.2965 - Malwarebytes)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft OneDrive (HKU\.DEFAULT\...\OneDriveSetup.exe) (Version: 17.3.6743.1212 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3115299202-1178083710-835377459-1002\...\OneDriveSetup.exe) (Version: 19.123.0624.0005 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24212 (HKLM-x32\...\{462f63a8-6347-4894-a1b3-dbfe3a4c981d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Outils de vérification linguistique 2013 de Microsoft Office - Français (HKLM\...\{90150000-001F-040C-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
paint.net (HKLM\...\{E8FA8815-3817-4128-A814-E2EAC456ADF0}) (Version: 4.0.21 - dotPDN LLC)
Paquete de idioma de Microsoft Visual Studio 2010 Tools para Office Runtime (x64) - ESN (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - ESN) (Version: 10.0.50903 - Microsoft Corporation)
Revisores de Texto do Microsoft Office 2013 – Português do Brasil (HKLM\...\{90150000-001F-0416-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version:  - Microsoft)
Sistema Único de Autodeterminación (HKLM-x32\...\{4038CCF6-A4E3-45D4-B122-33A476E02ECF}) (Version: 3.4.6 - Instituto Mexicano del Seguro Social)
Update for Skype for Business 2015 (KB4475564) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{CD0EE05F-11E6-46FA-BB7B-D2A28C47A4F3}) (Version:  - Microsoft)
Update for Skype for Business 2015 (KB4475564) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{CD0EE05F-11E6-46FA-BB7B-D2A28C47A4F3}) (Version:  - Microsoft)
Update for Skype for Business 2015 (KB4475564) 64-Bit Edition (HKLM\...\{90150000-012B-0C0A-1000-0000000FF1CE}_Office15.PROPLUS_{CD0EE05F-11E6-46FA-BB7B-D2A28C47A4F3}) (Version:  - Microsoft)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{16AD6161-2E47-4BF1-AA77-0946EFE93E08}) (Version: 2.61.0.0 - Microsoft Corporation)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.7.1 - VideoLAN)
WinRAR 5.71 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.71.0 - win.rar GmbH)
Wondershare Helper Compact 2.5.3 (HKLM-x32\...\{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.5.3 - Wondershare)

Packages:
=========
Autoridad Web -> C:\Program Files\WindowsApps\24991AppsAuthority.AppsAuthority_1.3.1.0_x86__e7hskwtaefjvr [2018-05-26] (Apps Authority)
Complemento de teléfono de Microsoft -> C:\Program Files\WindowsApps\Microsoft.WindowsPhone_10.1802.311.0_x64__8wekyb3d8bbwe [2018-02-13] (Microsoft Corporation)
Correo y Calendario -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11901.20184.0_x64__8wekyb3d8bbwe [2019-08-01] (Microsoft Corporation) [MS Ad]
Homicide Squad: Crímenes ocultos -> C:\Program Files\WindowsApps\828B5831.HomicideSquadHiddenCrimes_2.21.2300.0_x86__ytsefhwckbdv6 [2019-08-21] (G5 Entertainment AB)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_100.1.581.0_x64__v10z8vjag6ke6 [2019-07-20] (HP Inc.)
Lenovo Vantage -> C:\Program Files\WindowsApps\E046963F.LenovoCompanion_4.27.32.0_x86__k1h2ywk1493x8 [2019-03-26] (LENOVO INC.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-02-12] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-02-12] (Microsoft Corporation) [MS Ad]
Microsoft Noticias -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.31.12124.0_x64__8wekyb3d8bbwe [2019-08-07] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.4.6132.0_x64__8wekyb3d8bbwe [2019-06-15] (Microsoft Studios) [MS Ad]
MSN Dinero -> C:\Program Files\WindowsApps\Microsoft.BingFinance_4.31.11905.0_x64__8wekyb3d8bbwe [2019-07-20] (Microsoft Corporation) [MS Ad]
MSN El tiempo -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.31.11905.0_x64__8wekyb3d8bbwe [2019-07-20] (Microsoft Corporation) [MS Ad]
Red Hands - 2-Player Games -> C:\Program Files\WindowsApps\Peaksel.RedHands-2-PlayerGames_1.1.0.1_x86__tyntx30xb5zhp [2018-09-25] (PEAKSEL D.O.O. NIŠ)
Samsung Printer Experience -> C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCO.LTD.SamsungPrinterExperience_1.3.15.0_x64__3c1yjt4zspk6g [2017-03-03] (Samsung Electronics Co. Ltd.)
Stand O’Food City: Frenesí virtual -> C:\Program Files\WindowsApps\828B5831.StandOFoodCityVirtualFrenzyHD_1.8.9.0_x86__ytsefhwckbdv6 [2019-07-27] (G5 Entertainment AB)
Supermarket Mania le périple: Aventura de gestión del tiempo -> C:\Program Files\WindowsApps\828B5831.SupermarketManiaJourney_3.8.901.0_x86__ytsefhwckbdv6 [2019-07-27] (G5 Entertainment AB)
Teléfono Microsoft -> C:\Program Files\WindowsApps\Microsoft.CommsPhone_3.43.20002.1000_x64__8wekyb3d8bbwe [2018-09-09] (Microsoft Corporation)
The Secret Society® - La Sociedad Secreta -> C:\Program Files\WindowsApps\828B5831.TheSecretSociety-HiddenMystery_1.42.4200.0_x86__ytsefhwckbdv6 [2019-08-09] (G5 Entertainment AB)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-08-08] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-08-08] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-08-08] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2016-12-16] (Advanced Micro Devices, Inc.) [File not signed]
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-08-08] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


ShortcutWithArgument: C:\Users\COQUINO\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --load-extension="%programdata%\chrome" --enable-automation --disable-infobars
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --load-extension="%programdata%\chrome" --enable-automation --disable-infobars
ShortcutWithArgument: C:\Users\Public\Desktop\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --load-extension="%programdata%\chrome" --enable-automation --disable-infobars

==================== Loaded Modules (Whitelisted) ==============

2019-02-21 14:03 - 2016-07-21 11:54 - 000137728 _____ () [File not signed] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSCreateVC.dll
2019-02-21 14:03 - 2017-03-23 10:49 - 001506304 _____ () [File not signed] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\DAQExp.dll
2016-06-29 19:13 - 2016-06-29 19:13 - 000011776 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libEGL.dll
2016-06-29 19:13 - 2016-06-29 19:13 - 002013696 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2016-06-29 19:13 - 2016-06-29 19:13 - 000014336 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2016-06-29 19:13 - 2016-06-29 19:13 - 000739840 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2016-06-29 19:13 - 2016-06-29 19:13 - 000071168 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2016-06-29 19:13 - 2016-06-29 19:13 - 000014336 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2016-06-29 19:13 - 2016-06-29 19:13 - 000049664 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qdds.dll
2016-06-29 19:13 - 2016-06-29 19:13 - 000029696 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qgif.dll
2016-06-29 19:13 - 2016-06-29 19:13 - 000037376 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qicns.dll
2016-06-29 19:13 - 2016-06-29 19:13 - 000030208 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qico.dll
2016-06-29 19:13 - 2016-06-29 19:13 - 000459776 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qjp2.dll
2016-06-29 19:13 - 2016-06-29 19:13 - 000236544 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qjpeg.dll
2016-06-29 19:13 - 2016-06-29 19:13 - 000275456 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qmng.dll
2016-06-29 19:13 - 2016-06-29 19:13 - 000023552 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qsvg.dll
2016-06-29 19:13 - 2016-06-29 19:13 - 000022528 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qtga.dll
2016-06-29 19:13 - 2016-06-29 19:13 - 000351744 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qtiff.dll
2016-06-29 19:13 - 2016-06-29 19:13 - 000021504 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qwbmp.dll
2016-06-29 19:13 - 2016-06-29 19:13 - 000374784 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qwebp.dll
2016-06-29 19:13 - 2016-06-29 19:13 - 001212416 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\platforms\qwindows.dll
2016-06-29 19:13 - 2016-06-29 19:13 - 000912384 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Charts.dll
2016-06-29 19:13 - 2016-06-29 19:13 - 005496320 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Core.dll
2016-06-29 19:13 - 2016-06-29 19:13 - 005804544 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Gui.dll
2016-06-29 19:13 - 2016-06-29 19:13 - 001061376 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Network.dll
2016-06-29 19:13 - 2016-06-29 19:13 - 003187712 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Qml.dll
2016-06-29 19:13 - 2016-06-29 19:13 - 002924544 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Quick.dll
2016-06-29 19:13 - 2016-06-29 19:13 - 000310784 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Svg.dll
2016-06-29 19:13 - 2016-06-29 19:13 - 005444608 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Widgets.dll
2016-06-29 19:13 - 2016-06-29 19:13 - 000277504 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WinExtras.dll
2016-06-29 19:13 - 2016-06-29 19:13 - 000193024 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Xml.dll
2019-02-21 14:03 - 2017-03-23 10:52 - 000708608 _____ (Wondershare) [File not signed] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSProducstInfo.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:90C320E1 [133]
AlternateDataStreams: C:\ProgramData\TEMP:F33592E3 [114]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2016-06-16 11:48 - 2017-06-11 22:29 - 000000828 _____ C:\WINDOWS\system32\drivers\etc\hosts


2017-10-11 20:04 - 2017-10-11 20:09 - 000000439 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3115299202-1178083710-835377459-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\COQUINO\Downloads\maxresdefault.jpg
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

HKLM\...\StartupApproved\Run32: => "Dropbox"
HKU\S-1-5-21-3115299202-1178083710-835377459-1002\...\StartupApproved\StartupFolder: => "Enviar a OneNote.lnk"
HKU\S-1-5-21-3115299202-1178083710-835377459-1002\...\StartupApproved\Run: => "BlueStacks Agent"
HKU\S-1-5-21-3115299202-1178083710-835377459-1002\...\StartupApproved\Run: => "OneDrive"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{42828009-E70D-453E-8588-8547584128E4}] => (Allow) C:\Program Files\HP\HP Deskjet 1510 series\Bin\USBSetup.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{BBC8630F-4873-4E95-AD82-3585156A4D6F}] => (Allow) C:\Program Files\HP\HP Deskjet 1510 series\Bin\HPNetworkCommunicatorCom.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{B8B812D9-0AAA-4FF0-8504-9116B19D1B1D}] => (Allow) C:\Program Files\BlueStacks\HD-Player.exe (BlueStack Systems, Inc. -> BlueStack Systems, Inc.)
FirewallRules: [{A3440511-4EAD-4B5F-8519-19739B0CD69B}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{8BE9C9B6-E036-48F7-8B2A-B0BA234BBDE0}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{3198BFE3-CD8E-4F42-BA8B-1921C6EF846C}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{830EA14E-5CD1-4574-A8C7-F5642C853456}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{D613F8A0-28AB-4BC5-9FA1-45D9EEB09293}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

19-08-2019 12:22:15 Punto de control programado

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (08/21/2019 06:41:15 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Error de la activación de licencia (slui.exe) con el siguiente código:
hr=0x8007232B
Argumentos de línea de comandos:
RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=cd918a57-a41b-4c82-8dce-1a538e221a83;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (08/21/2019 02:55:54 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Error de la activación de licencia (slui.exe) con el siguiente código:
hr=0x8007232B
Argumentos de línea de comandos:
RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=cd918a57-a41b-4c82-8dce-1a538e221a83;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (08/21/2019 01:22:48 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Error de la activación de licencia (slui.exe) con el siguiente código:
hr=0x8007232B
Argumentos de línea de comandos:
RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=cd918a57-a41b-4c82-8dce-1a538e221a83;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (08/20/2019 10:33:06 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Error de la activación de licencia (slui.exe) con el siguiente código:
hr=0x8007232B
Argumentos de línea de comandos:
RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=cd918a57-a41b-4c82-8dce-1a538e221a83;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (08/20/2019 10:33:01 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Error de la activación de licencia (slui.exe) con el siguiente código:
hr=0x8007232B
Argumentos de línea de comandos:
RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=cd918a57-a41b-4c82-8dce-1a538e221a83;NotificationInterval=1440;Trigger=UserLogon;SessionId=8

Error: (08/20/2019 05:16:08 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Error de la activación de licencia (slui.exe) con el siguiente código:
hr=0x8007232B
Argumentos de línea de comandos:
RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=cd918a57-a41b-4c82-8dce-1a538e221a83;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (08/20/2019 05:16:03 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Error de la activación de licencia (slui.exe) con el siguiente código:
hr=0x8007232B
Argumentos de línea de comandos:
RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=cd918a57-a41b-4c82-8dce-1a538e221a83;NotificationInterval=1440;Trigger=UserLogon;SessionId=7

Error: (08/20/2019 05:15:51 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Error de la activación de licencia (slui.exe) con el siguiente código:
hr=0x8007232B
Argumentos de línea de comandos:
RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=cd918a57-a41b-4c82-8dce-1a538e221a83;NotificationInterval=1440;Trigger=NetworkAvailable


System errors:
=============
Error: (08/21/2019 06:55:12 AM) (Source: DCOM) (EventID: 10016) (User: COQUINO-PC)
Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID 
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
 y APPID 
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
 al usuario COQUINO-PC\COQUINO con SID (S-1-5-21-3115299202-1178083710-835377459-1002) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID Microsoft.Windows.ContentDeliveryManager_10.0.17134.1_neutral_neutral_cw5n1h2txyewy (S-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.

Error: (08/21/2019 02:55:39 AM) (Source: DCOM) (EventID: 10016) (User: COQUINO-PC)
Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID 
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
 y APPID 
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
 al usuario COQUINO-PC\COQUINO con SID (S-1-5-21-3115299202-1178083710-835377459-1002) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID Microsoft.Windows.ContentDeliveryManager_10.0.17134.1_neutral_neutral_cw5n1h2txyewy (S-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.

Error: (08/21/2019 02:55:25 AM) (Source: DCOM) (EventID: 10016) (User: COQUINO-PC)
Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID 
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
 y APPID 
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
 al usuario COQUINO-PC\COQUINO con SID (S-1-5-21-3115299202-1178083710-835377459-1002) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID Microsoft.Windows.ContentDeliveryManager_10.0.17134.1_neutral_neutral_cw5n1h2txyewy (S-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.

Error: (08/21/2019 02:31:53 AM) (Source: DCOM) (EventID: 10016) (User: COQUINO-PC)
Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID 
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
 y APPID 
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
 al usuario COQUINO-PC\COQUINO con SID (S-1-5-21-3115299202-1178083710-835377459-1002) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID Microsoft.Windows.ContentDeliveryManager_10.0.17134.1_neutral_neutral_cw5n1h2txyewy (S-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.

Error: (08/21/2019 01:00:06 AM) (Source: DCOM) (EventID: 10016) (User: COQUINO-PC)
Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 y APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 al usuario COQUINO-PC\COQUINO con SID (S-1-5-21-3115299202-1178083710-835377459-1002) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.

Error: (08/21/2019 12:04:22 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 y APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 al usuario NT AUTHORITY\SERVICIO LOCAL con SID (S-1-5-19) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.

Error: (08/21/2019 12:03:25 AM) (Source: DCOM) (EventID: 10016) (User: COQUINO-PC)
Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 y APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 al usuario COQUINO-PC\COQUINO con SID (S-1-5-21-3115299202-1178083710-835377459-1002) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.

Error: (08/20/2019 10:33:41 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 y APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 al usuario NT AUTHORITY\SERVICIO LOCAL con SID (S-1-5-19) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.


Windows Defender:
===================================
Date: 2019-08-17 03:42:46.842
Description: 
El examen de Antivirus de Windows Defender se detuvo antes de completarse.
Id. de examen: {41C75C0B-3C7E-48DB-A6D2-A7015465FCFD}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM

Date: 2019-08-14 21:17:34.154
Description: 
El examen de Antivirus de Windows Defender se detuvo antes de completarse.
Id. de examen: {5AB4049D-BB04-474E-B282-6082A04FD134}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: COQUINO-PC\COQUINO

Date: 2019-08-07 09:59:43.948
Description: 
El examen de Antivirus de Windows Defender se detuvo antes de completarse.
Id. de examen: {F1395D08-7ADA-4C9A-9DB2-377F7EECB3CF}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM

Date: 2019-08-07 00:02:35.529
Description: 
El examen de Antivirus de Windows Defender se detuvo antes de completarse.
Id. de examen: {B3E315A2-FA09-4DEE-A6ED-FE2C0397E000}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM

Date: 2019-08-05 21:30:15.115
Description: 
El examen de Antivirus de Windows Defender se detuvo antes de completarse.
Id. de examen: {8DB72FCB-9DE6-4E2F-A814-F81097A2DEC3}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM

Date: 2019-08-18 13:56:47.662
Description: 
La característica Protección en tiempo real de Antivirus de Windows Defender encontró un error:
Característica: Supervisión de comportamiento
Código de error: 0x80508023
Descripción del error: El programa no encontró malware ni otro software potencialmente no deseado en este dispositivo. 
Motivo: La protección antimalware dejó de funcionar por motivos desconocidos. En algunos casos, reiniciar el servicio puede que resuelva el problema.

Date: 2019-08-16 07:27:18.291
Description: 
La característica Protección en tiempo real de Antivirus de Windows Defender encontró un error:
Característica: Supervisión de comportamiento
Código de error: 0x80508023
Descripción del error: El programa no encontró malware ni otro software potencialmente no deseado en este dispositivo. 
Motivo: La protección antimalware dejó de funcionar por motivos desconocidos. En algunos casos, reiniciar el servicio puede que resuelva el problema.

Date: 2019-08-01 20:19:04.869
Description: 
Antivirus de Windows Defender encontró un error al intentar actualizar las firmas.
Nueva versión de firma: 
Versión de firma anterior: 1.299.867.0
Origen de actualización: Servidor de Microsoft Update
Tipo de firma: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\SYSTEM
Versión de motor actual: 
Versión de motor anterior: 1.1.16200.1
Código de error: 0x80240016
Descripción del error: Se produjo un problema inesperado mientras se buscaban actualizaciones. Para obtener más información sobre cómo instalar o solucionar problemas en las actualizaciones, consulte Ayuda y soporte técnico. 

Date: 2019-06-29 00:05:57.567
Description: 
Antivirus de Windows Defender encontró un error al intentar actualizar las firmas.
Nueva versión de firma: 
Versión de firma anterior: 1.297.69.0
Origen de actualización: Servidor de Microsoft Update
Tipo de firma: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\SYSTEM
Versión de motor actual: 
Versión de motor anterior: 1.1.16100.4
Código de error: 0x80240438
Descripción del error: Se produjo un problema inesperado mientras se buscaban actualizaciones. Para obtener más información sobre cómo instalar o solucionar problemas en las actualizaciones, consulte Ayuda y soporte técnico. 

Date: 2019-06-28 19:40:43.863
Description: 
Antivirus de Windows Defender encontró un error al intentar actualizar las firmas.
Nueva versión de firma: 
Versión de firma anterior: 1.297.69.0
Origen de actualización: Servidor de Microsoft Update
Tipo de firma: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\SYSTEM
Versión de motor actual: 
Versión de motor anterior: 1.1.16100.4
Código de error: 0x80240438
Descripción del error: Se produjo un problema inesperado mientras se buscaban actualizaciones. Para obtener más información sobre cómo instalar o solucionar problemas en las actualizaciones, consulte Ayuda y soporte técnico. 

CodeIntegrity:
===================================

Date: 2019-08-14 19:20:30.801
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\BrowserSDKDLL.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-08-14 19:20:27.132
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\Actions.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-06-21 15:36:26.172
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

Date: 2019-06-21 15:36:26.172
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

Date: 2018-11-07 15:31:29.713
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\FlightSettings.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-11-07 15:31:29.603
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\FlightSettings.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-11-07 15:31:28.962
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\FlightSettings.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-11-07 15:31:28.881
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\FlightSettings.dll because the set of per-page image hashes could not be found on the system.

==================== Memory info =========================== 

BIOS: LENOVO A2CN38WW(V2.06) 07/15/2015
Motherboard: LENOVO Lancer 5B2
Processor: AMD A8-6410 APU with AMD Radeon R5 Graphics 
Percentage of memory in use: 81%
Total physical RAM: 3544.27 MB
Available physical RAM: 655.54 MB
Total Virtual: 7007.59 MB
Available Virtual: 3037.57 MB

==================== Drives ================================

Drive c: (Windows8_OS) (Fixed) (Total:891.71 GB) (Free:14.72 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:23.09 GB) NTFS

\\?\Volume{033da713-47fc-4646-8f6f-4eb8358673ca}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.68 GB) NTFS
\\?\Volume{f77c101a-d090-4a76-9401-3fac00aa2fcf}\ (PBR_DRV) (Fixed) (Total:12.47 GB) (Free:3.06 GB) NTFS
\\?\Volume{e06c64d2-5b89-4cb1-b937-a618010c8998}\ (SYSTEM_DRV) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 988E74B1)

Partition: GPT.

==================== End of Addition.txt ============================

Bien… y ahora sigue estos pasos, MUY Importante ~ Realiza una copia de seguridad del registro :

  • Para hacerlo descarga Delfix en tu escritorio.

  • Doble clic para ejecutarlo.(Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona "Ejecutar como Administrador.")

  • Atención, ahora marca/selecciona únicamente la casilla "Create registry backup", las demás NO

  • Pulsar en Run.

Se abrirá el informe (DelFix.txt), guárdalo por si fuera necesario y cierra la herramienta.


En el equipo con los demas programas cerrados:

Inicio >>> Ejecutar >>>Escribes notepad.exe.

Ahora copia y pega estos archivos dentro del Notepad:


Start
CreateRestorePoint:
CloseProcesses:

HKU\S-1-5-21-3115299202-1178083710-835377459-1002\...\MountPoints2: {1bd496a4-5817-11e9-a40d-b88687433940} - "F:\HiSuiteDownLoader.exe" 
HKU\S-1-5-21-3115299202-1178083710-835377459-1002\...\MountPoints2: {46e5e29c-e2d6-11e8-a3df-b88687433940} - "F:\iLinker.exe" 
HKU\S-1-5-21-3115299202-1178083710-835377459-1002\...\MountPoints2: {7c067396-3721-11e9-a3f7-b88687433940} - "F:\HiSuiteDownLoader.exe" 
HKU\S-1-5-21-3115299202-1178083710-835377459-1002\...\MountPoints2: {a29a5b30-aba3-11e7-a37f-b88687433940} - "F:\HiSuiteDownLoader.exe" 
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {936610E0-9399-4BCF-ABEB-9B782A05832B} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
AutoConfigURL: [S-1-5-21-3115299202-1178083710-835377459-1002] => hxxp://www.thenewworking.info/magmx.dat
ManualProxies: 0hxxp://www.thenewworking.info/magmx.dat
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} -  No File
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} -  No File
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-06-11] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-06-11] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.7 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-06-11] (VideoLAN -> VideoLAN)
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
ShortcutWithArgument: C:\Users\COQUINO\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --load-extension="%programdata%\chrome" --enable-automation --disable-infobars
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --load-extension="%programdata%\chrome" --enable-automation --disable-infobars
ShortcutWithArgument: C:\Users\Public\Desktop\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --load-extension="%programdata%\chrome" --enable-automation --disable-infobars
AlternateDataStreams: C:\ProgramData\TEMP:90C320E1 [133]
AlternateDataStreams: C:\ProgramData\TEMP:F33592E3 [114]

HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
END

Lo guardas bajo el nombre de fixlist.txt en el escritorio <<< Esto es muy importante.<<

Nota: Es importante que la Hta Frst.exe y fixlist.txt se encuentren en la misma ubicación (escritorio) o si no no trabajara.

  • Y ahora usa esta Faq de Windows ¿Cómo iniciar Windows en Modo Seguro (Aplicable a Windows 10)?, para trabajar desde ese modo de windows. (Usa el Metodo 1 y si no puedes, usa el Metodo 2)

  • Ejecutas Frst.exe.

  • Presionas el botón Fix y aguardas a que termine.

  • La Herramienta guardara el reporte en tu escritorio (Fixlog.txt).

Lo pegas en tu próxima respuesta, comentado como va el problema

Fix result of Farbar Recovery Scan Tool (x64) Version: 14-08-2019
Ran by COQUINO (21-08-2019 17:54:37) Run:1
Running from C:\Users\COQUINO\Desktop
Loaded Profiles: COQUINO (Available Profiles: COQUINO)
Boot Mode: Safe Mode (minimal)
==============================================

fixlist content:
*****************
Start
CreateRestorePoint:
CloseProcesses:

HKU\S-1-5-21-3115299202-1178083710-835377459-1002\...\MountPoints2: {1bd496a4-5817-11e9-a40d-b88687433940} - "F:\HiSuiteDownLoader.exe" 
HKU\S-1-5-21-3115299202-1178083710-835377459-1002\...\MountPoints2: {46e5e29c-e2d6-11e8-a3df-b88687433940} - "F:\iLinker.exe" 
HKU\S-1-5-21-3115299202-1178083710-835377459-1002\...\MountPoints2: {7c067396-3721-11e9-a3f7-b88687433940} - "F:\HiSuiteDownLoader.exe" 
HKU\S-1-5-21-3115299202-1178083710-835377459-1002\...\MountPoints2: {a29a5b30-aba3-11e7-a37f-b88687433940} - "F:\HiSuiteDownLoader.exe" 
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {936610E0-9399-4BCF-ABEB-9B782A05832B} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
AutoConfigURL: [S-1-5-21-3115299202-1178083710-835377459-1002] => hxxp://www.thenewworking.info/magmx.dat
ManualProxies: 0hxxp://www.thenewworking.info/magmx.dat
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} -  No File
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} -  No File
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-06-11] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-06-11] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.7 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-06-11] (VideoLAN -> VideoLAN)
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
ShortcutWithArgument: C:\Users\COQUINO\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --load-extension="%programdata%\chrome" --enable-automation --disable-infobars
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --load-extension="%programdata%\chrome" --enable-automation --disable-infobars
ShortcutWithArgument: C:\Users\Public\Desktop\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --load-extension="%programdata%\chrome" --enable-automation --disable-infobars
AlternateDataStreams: C:\ProgramData\TEMP:90C320E1 [133]
AlternateDataStreams: C:\ProgramData\TEMP:F33592E3 [114]

HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
END
*****************

Error: Restore point can only be created in normal mode.
Processes closed successfully.
HKU\S-1-5-21-3115299202-1178083710-835377459-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1bd496a4-5817-11e9-a40d-b88687433940} => removed successfully
HKLM\Software\Classes\CLSID\{1bd496a4-5817-11e9-a40d-b88687433940} => not found
HKU\S-1-5-21-3115299202-1178083710-835377459-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{46e5e29c-e2d6-11e8-a3df-b88687433940} => removed successfully
HKLM\Software\Classes\CLSID\{46e5e29c-e2d6-11e8-a3df-b88687433940} => not found
HKU\S-1-5-21-3115299202-1178083710-835377459-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7c067396-3721-11e9-a3f7-b88687433940} => removed successfully
HKLM\Software\Classes\CLSID\{7c067396-3721-11e9-a3f7-b88687433940} => not found
HKU\S-1-5-21-3115299202-1178083710-835377459-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a29a5b30-aba3-11e7-a37f-b88687433940} => removed successfully
HKLM\Software\Classes\CLSID\{a29a5b30-aba3-11e7-a37f-b88687433940} => not found
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{936610E0-9399-4BCF-ABEB-9B782A05832B}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{936610E0-9399-4BCF-ABEB-9B782A05832B}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager" => not found
"HKU\S-1-5-21-3115299202-1178083710-835377459-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\AutoConfigURL" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\NlaSvc\Parameters\Internet\ManualProxies\\" => removed successfully
HKLM\Software\Classes\PROTOCOLS\Handler\mso-minsb-roaming.16 => removed successfully
HKLM\Software\Classes\CLSID\{83C25742-A9F7-49FB-9138-434302C88D07} => not found
HKLM\Software\Classes\PROTOCOLS\Handler\mso-minsb.16 => removed successfully
HKLM\Software\Classes\CLSID\{42089D2D-912D-4018-9087-2B87803E93FB} => not found
"HKLM\Software\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-06-11] (VideoLAN" => not found
C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll => moved successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-06-11] (VideoLAN" => not found
"C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll" => not found
"HKLM\Software\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=3.0.7 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-06-11] (VideoLAN" => not found
"C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll" => not found
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\efaidnbmnnnibpcajpcglclefindmkaj => removed successfully
C:\Users\COQUINO\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk => Shortcut argument removed successfully
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk => Shortcut argument removed successfully
C:\Users\Public\Desktop\Google Chrome.lnk => Shortcut argument removed successfully
C:\ProgramData\TEMP => ":90C320E1" ADS removed successfully
C:\ProgramData\TEMP => ":F33592E3" ADS removed successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

========= RemoveProxy: =========

"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully
"HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully
"HKU\S-1-5-21-3115299202-1178083710-835377459-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\S-1-5-21-3115299202-1178083710-835377459-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully


========= End of RemoveProxy: =========


========= netsh winsock reset =========


El cat logo Winsock se restableci¢ correctamente.
Debe reiniciar el equipo para completar el restablecimiento.


========= End of CMD: =========


========= ipconfig /renew =========


Configuraci¢n IP de Windows


========= End of CMD: =========


========= ipconfig /flushdns =========


Configuraci¢n IP de Windows

No se puede vaciar la cach‚ de resoluci¢n de DNS: Error de una funci¢n durante la ejecuci¢n.


========= End of CMD: =========


========= bitsadmin /reset /allusers =========


BITSADMIN version 3.0
BITS administration utility.
(C) Copyright Microsoft Corp.

Unable to connect to BITS - 0x8007043c

========= End of CMD: =========


========= netsh advfirewall reset =========


Error al intentar ponerse en contacto con el servicio Firewall de Windows Defender. Aseg£rate de que el servicio se est  ejecutando e intenta la solicitud de nuevo.


========= End of CMD: =========


========= netsh advfirewall set allprofiles state ON =========


Error al intentar ponerse en contacto con el servicio Firewall de Windows Defender. Aseg£rate de que el servicio se est  ejecutando e intenta la solicitud de nuevo.


========= End of CMD: =========


========= netsh int ipv4 reset =========

No hay valores configurados por el usuario para restablecer.


========= End of CMD: =========


========= netsh int ipv6 reset =========

No hay valores configurados por el usuario para restablecer.


========= End of CMD: =========


=========== EmptyTemp: ==========

BITS transfer queue => 7888896 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 55265126 B
Java, Flash, Steam htmlcache => 1158 B
Windows/system/drivers => 1312010 B
Edge => 9216 B
Chrome => 238680130 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 6656 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 8592 B
LocalService => 0 B
NetworkService => 14398 B
NetworkService => 0 B
COQUINO => 10738795 B

RecycleBin => 78960 B
EmptyTemp: => 299.5 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 17:56:44 ====

Al reiniciar noté que estaba deshabilitado el altavoces, le dí solucionar problemas y el asistente resolvió el problema. También hasta ahora al abrir el navegador ya no salta el anuncio de troyano y la barra que estaba en chrome ya no aparece.

Al parecer ya se resolvió el problema, salvo lo que me indiquen.

Gracias por el apoyo y la paciencia que han tenido con un servidor.

1 me gusta

Para eliminar las herramientas usadas en la desinfección, realizas:

  • Descargas y Ejecutas >> Delfix, en tu escritorio.

  • Doble clic para ejecutarlo.(Si usas Windows Vista/7 /8 /10,presiona clic derecho y selecciona >>;Ejecutar como Administrador.)

  • Marca solamente la casilla Remove disinfection tools

  • Pulsar en Run.

Se abrirá el informe (DelFix.txt), guárdalo por si fuera necesario y cierra la herramienta.

Si queda alguna herramienta, la desinstalas desde panel de Windows y aquellas que no estén listadas, se eliminan directamente.


Me alegro de haberte podido ayudar! :+1:


TEMA SOLUCIONADO

Este tema se cerró automáticamente 2 días después del último post. No se permiten nuevas respuestas.