Tengo un virus resistente, no puedo eliminarlo

Hola sin querer ayer descargue desde un canal ruso de youtube un supuesto activador para antivirus kaspersky version 21.1 y al parecer descargue un virus que comenzo a instalar programas extraños y autoejecutarse, desconecte el pc de inmediato, luego le pase el Antivirus kaspersky y detecto varios troyanos y otros virus, pero que do uno que por mas que lo reinicie aparece al inicio tratando de ejecutarse y el antivirus detecta que quiere conectar con paginas extrañas, quisiera que me ayudaran,

Espero puedan ayudarme. gracias.

Hola @Jhonny_Har, Bienvenido al Foro!!!

Ese es el problema de descargar cracks, a parte de que los antivirus piratas no te va a servir de mucho, es peor el remedio que la enfermedad.

Realiza los siguientes pasos, aunque hayas hecho alguno, sin cambiar el orden:

1) Descarga, actualiza y ejecuta Malwarebytes’ Anti-Malware, revisa en detalle el manual, para que sepas usarlo y configurarlo.

  • Realiza un Análisis personalizado, actualizando si te lo pide.
  • Pulsar en “Cuarentena seleccionado” para enviarlo a la cuarentena y Reinicias el sistema.
  • En el apartado del manual Historial de detecciones encontrarás el reporte de MBAM, clic en Exportar >> Copiar al portapapeles.

2) Descarga AdwCleaner | InfoSpyware en el escritorio.

  • Desactiva temporalmente el Antivirus >> Cómo deshabilitar temporalmente su Antivirus.
  • Cierra también todos los programas que tengas abiertos.
  • Ejecuta Adwcleaner.exe (Si usas Windows Vista/7 u 8 presiona clic derecho y selecciona "Ejecutar como Administrador".)
  • Pulsar en el botón Escanear, y espera a que se realice el proceso, inmediatamente pulsa sobre el botón Limpiar.
  • Espera a que se complete y sigue las instrucciones, si te pidiera Reiniciar el sistema Aceptas.
  • Guardas el reporte que te aparecerá, para copiarlo y pegarlo en tu próxima respuesta.
  • El informe también se puede encontrar en C:\AdwCleaner\Logs\AdwCleaner[C001]

3) Descarga CCleaner

  • Instala Ccleaner
  • Abres Ccleaner en la pestaña limpiador dejas como esta configurada predeterminadamente, haces clic en analizar esperas que termine >> clic en ejecutar limpiador
  • Clic en la pestaña Registro >> clic en buscar problemas esperas que termine >> clic en Reparar Seleccionadas y haces una copia de seguridad
  • Vuelves a darle clic en buscar problemas hasta que no encuentre ninguno.

Pega los reportes de Malwarebytes y AdwCleaner y comentas como va el problema.

¿Cómo pegar reportes en el foro?

Un saludo

Gracias, pondre en ejecucion tus pautas, enseguida te comento.

De acuerdo, por aquí estaré esperando los reportes y comentarios :coffee:

Hola este es el reporte del antivirus:

Malwarebytes
www.malwarebytes.com

-Detalles del registro-
Fecha del análisis: 19/9/20
Hora del análisis: 15:53
Archivo de registro: 29bf2e10-faba-11ea-b265-50e5492dc7af.json

-Información del software-
Versión: 4.2.1.89
Versión de los componentes: 1.0.1045
Versión del paquete de actualización: 1.0.30101
Licencia: Prueba

-Información del sistema-
SO: Windows 10 (Build 18362.1082)
CPU: x64
Sistema de archivos: NTFS
Usuario: User-PC\User

-Resumen del análisis-
Tipo de análisis: Análisis de amenazas
Análisis iniciado por:: Manual
Resultado: Completado
Objetos analizados: 293013
Amenazas detectadas: 51
Amenazas en cuarentena: 51
Tiempo transcurrido: 6 min, 5 seg

-Opciones de análisis-
Memoria: Activado
Inicio: Activado
Sistema de archivos: Activado
Archivo: Activado
Rootkits: Desactivado
Heurística: Activado
PUP: Detectar
PUM: Detectar

-Detalles del análisis-
Proceso: 0
(No hay elementos maliciosos detectados)

Módulo: 0
(No hay elementos maliciosos detectados)

Clave del registro: 12
Trojan.FakeTool.E, HKU\S-1-5-21-691198722-108262031-710922791-1000\SOFTWARE\DreamTrips, En cuarentena, 3112, 701670, 1.0.30101, , ame, , , 
PUP.Optional.InstallCore, HKU\S-1-5-21-691198722-108262031-710922791-1000\SOFTWARE\CSASTATS\ic, En cuarentena, 507, 586068, 1.0.30101, , ame, , , 
PUP.Optional.DiskFixer, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\DiskFixer_is1, En cuarentena, 2966, 758710, , , , , , 
Trojan.BitCoinMiner, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{C888C0AE-1C7E-4CB5-817A-1D97EE0F0158}, En cuarentena, 926, 475467, , , , , , 
Trojan.BitCoinMiner, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\LOGON\{C888C0AE-1C7E-4CB5-817A-1D97EE0F0158}, En cuarentena, 926, 475467, , , , , , 
Trojan.BitCoinMiner, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\SystemProcess, En cuarentena, 926, 475467, 1.0.30101, , ame, , , 
Adware.ICLoader, HKLM\SOFTWARE\MICROSOFT\bestavicampaign563, En cuarentena, 533, 584322, 1.0.30101, , ame, , , 
Adware.ICLoader, HKLM\SOFTWARE\MICROSOFT\campaign9961, En cuarentena, 533, 518478, 1.0.30101, , ame, , , 
Adware.ICLoader, HKLM\SOFTWARE\MICROSOFT\multitimercampaign84170, En cuarentena, 533, 518476, 1.0.30101, , ame, , , 
Adware.ICLoader, HKLM\SOFTWARE\MICROSOFT\Speedycar, En cuarentena, 533, 518473, 1.0.30101, , ame, , , 
Adware.ICLoader, HKLM\SOFTWARE\MICROSOFT\TechnologyDesktopnew, En cuarentena, 533, 518479, 1.0.30101, , ame, , , 
Adware.GoldDay, HKU\S-1-5-21-691198722-108262031-710922791-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\VIEW, En cuarentena, 6605, 573027, 1.0.30101, , ame, , , 

Valor del registro: 4
PUP.Optional.DiskFixer, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|DiskFixer, En cuarentena, 2966, 758710, , , , , , 
Adware.GoldDay, HKU\S-1-5-21-691198722-108262031-710922791-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\VIEW|PUBLISHER, En cuarentena, 6605, 573027, 1.0.30101, , ame, , , 
Trojan.BitCoinMiner, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{C888C0AE-1C7E-4CB5-817A-1D97EE0F0158}|PATH, En cuarentena, 926, 475466, 1.0.30101, , ame, , , 
Trojan.MalPack, HKU\S-1-5-21-691198722-108262031-710922791-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|opqzcvob, En cuarentena, 623, 858994, , , , , , 

Datos del registro: 0
(No hay elementos maliciosos detectados)

Secuencia de datos: 0
(No hay elementos maliciosos detectados)

Carpeta: 14
Spyware.StolenData.E, C:\ProgramData\2CLAPA0LRDXNNNT8EWHTK9AJ7\files\Wallets\ElectronCash, En cuarentena, 920, 697276, , , , , , 
Spyware.StolenData.E, C:\ProgramData\2CLAPA0LRDXNNNT8EWHTK9AJ7\files\Wallets\ElectrumLTC, En cuarentena, 920, 697276, , , , , , 
Spyware.StolenData.E, C:\ProgramData\2CLAPA0LRDXNNNT8EWHTK9AJ7\files\Wallets\MultiDoge, En cuarentena, 920, 697276, , , , , , 
Spyware.StolenData.E, C:\ProgramData\2CLAPA0LRDXNNNT8EWHTK9AJ7\files\Wallets\Electrum, En cuarentena, 920, 697276, , , , , , 
Spyware.StolenData.E, C:\ProgramData\2CLAPA0LRDXNNNT8EWHTK9AJ7\files\Wallets\Ethereum, En cuarentena, 920, 697276, , , , , , 
Spyware.StolenData.E, C:\ProgramData\2CLAPA0LRDXNNNT8EWHTK9AJ7\files\Wallets\Atomic, En cuarentena, 920, 697276, , , , , , 
Spyware.StolenData.E, C:\ProgramData\2CLAPA0LRDXNNNT8EWHTK9AJ7\files\Wallets\Exodus, En cuarentena, 920, 697276, , , , , , 
Spyware.StolenData.E, C:\ProgramData\2CLAPA0LRDXNNNT8EWHTK9AJ7\files\Wallets\JAXX, En cuarentena, 920, 697276, , , , , , 
Spyware.StolenData.E, C:\PROGRAMDATA\2CLAPA0LRDXNNNT8EWHTK9AJ7\FILES\Wallets, En cuarentena, 920, 697276, 1.0.30101, , ame, , , 
PUP.Optional.DiskFixer, C:\PROGRAM FILES (X86)\DISKFIXER, En cuarentena, 2966, 758710, 1.0.30101, , ame, , , 
Trojan.FakeTool.E, C:\Program Files (x86)\Seed Trade\Seed, En cuarentena, 3112, 820424, , , , , , 
Trojan.FakeTool.E, C:\PROGRAM FILES (X86)\SEED TRADE, En cuarentena, 3112, 820424, 1.0.30101, , ame, , , 
Adware.Tuto4PC.Generic, C:\PROGRAM FILES\K4P3AJCY1X, En cuarentena, 3726, 357599, 1.0.30101, , ame, , , 
Adware.Tuto4PC.Generic, C:\PROGRAM FILES\W5L3ZGGWFI, En cuarentena, 3726, 357599, 1.0.30101, , ame, , , 

Archivo: 21
PUP.Optional.DiskFixer, C:\Program Files (x86)\DiskFixer\DiskFixer.exe, En cuarentena, 2966, 758710, , , , , FB7AE086A094BA62708827F758A3977C, FF6751BBE4C13247610B9E68E406D75F07D93B8001BE849044DCF2E001D278E5
PUP.Optional.DiskFixer, C:\Program Files (x86)\DiskFixer\LinqBridge.dll, En cuarentena, 2966, 758710, , , , , B1D401765196DDDC72CD1341A684DEBC, ACB589D7708040E016CF3F25DFC3309D2366A58C85FDB79FA6295C07F95ACAA4
PUP.Optional.DiskFixer, C:\Program Files (x86)\DiskFixer\unins000.dat, En cuarentena, 2966, 758710, , , , , B67ED4EB43DA13D4F1F46E1AE340636B, 4BFD4C7442A2B25E009B8223D7DD5C18F3F6F623B16DCFEF79E1F1C3C8B552CD
PUP.Optional.DiskFixer, C:\Program Files (x86)\DiskFixer\unins000.exe, En cuarentena, 2966, 758710, , , , , 25ABDB21DD4D2D413D565582EA807CAE, 7FBAEA637BEE2EAE0EA44957E17C262031D4F59CC126C391FF7AFED5FAF68042
Adware.Tuto4PC.Generic, C:\PROGRAM FILES\K4P3AJCY1X\CAST.CONFIG, En cuarentena, 3726, 357599, 1.0.30101, , ame, , 4C7DFD940EB6D3CDC64F2369A27A06BF, 6A1FDC6E628076456FD6B9D02717C319F2ACC6E06777D6608ECBE751E0151DAE
Adware.Tuto4PC.Generic, C:\Program Files\K4P3AJCY1X\K4P3AJCY1.exe.config, En cuarentena, 3726, 357599, , , , , A2EBF843442988EE2D667E9C7FC28CE1, 8A0D5D6C5AB131BAB9C8A29A7BCC81D6470EC515F2E4BCA977A4FE62FD156ACC
Adware.Tuto4PC.Generic, C:\Program Files\K4P3AJCY1X\uninstaller.exe.config, En cuarentena, 3726, 357599, , , , , A2EBF843442988EE2D667E9C7FC28CE1, 8A0D5D6C5AB131BAB9C8A29A7BCC81D6470EC515F2E4BCA977A4FE62FD156ACC
Adware.Tuto4PC.Generic, C:\PROGRAM FILES\W5L3ZGGWFI\CAST.CONFIG, En cuarentena, 3726, 357599, 1.0.30101, , ame, , FDA6EAA0AFEA27920D209DD8595728AC, 68E50ED31252BD178D55331FA8F4ADB7D1D0161614DF4A5804A3B974D0DC0CFD
Adware.Tuto4PC.Generic, C:\Program Files\W5L3ZGGWFI\uninstaller.exe.config, En cuarentena, 3726, 357599, , , , , A2EBF843442988EE2D667E9C7FC28CE1, 8A0D5D6C5AB131BAB9C8A29A7BCC81D6470EC515F2E4BCA977A4FE62FD156ACC
Adware.Tuto4PC.Generic, C:\Program Files\W5L3ZGGWFI\W5L3ZGGWF.exe.config, En cuarentena, 3726, 357599, , , , , A2EBF843442988EE2D667E9C7FC28CE1, 8A0D5D6C5AB131BAB9C8A29A7BCC81D6470EC515F2E4BCA977A4FE62FD156ACC
Trojan.MalPack, C:\USERS\USER\TFESDNVP.EXE, En cuarentena, 623, 858994, 1.0.30101, , ame, , 296F0D2C17EB23F28454F319378E7065, 3431EAFFA51CB66937641D08DE96E0EAE07F1B5E4B3CCD3C67F06355DFAFAE48
RiskWare.MisusedLegit.E, C:\PROGRAMDATA\NSS3.DLL, En cuarentena, 3868, 820421, 1.0.30101, , ame, , BFAC4E3C5908856BA17D41EDCD455A51, E2935B5B28550D47DC971F456D6961F20D1633B4892998750140E0EAA9AE9D78
RiskWare.MisusedLegit.E, C:\PROGRAMDATA\SOFTOKN3.DLL, En cuarentena, 3868, 820420, 1.0.30101, , ame, , A2EE53DE9167BF0D6C019303B7CA84E5, 43536ADEF2DDCC811C28D35FA6CE3031029A2424AD393989DB36169FF2995083
RiskWare.MisusedLegit.E, C:\PROGRAMDATA\FREEBL3.DLL, En cuarentena, 3868, 820418, 1.0.30101, , ame, , EF2834AC4EE7D6724F255BEAF527E635, A770ECBA3B08BBABD0A567FC978E50615F8B346709F8EB3CFACF3FAAB24090BA
RiskWare.MisusedLegit.E, C:\PROGRAMDATA\VCRUNTIME140.DLL, En cuarentena, 3868, 820419, 1.0.30101, , ame, , 7587BF9CB4147022CD5681B015183046, C40BB03199A2054DABFC7A8E01D6098E91DE7193619EFFBD0F142A7BF031C14D
PUP.Optional.PQwick, C:\PROGRAM FILES (X86)\PIC\DREAMTRIP.EXE, En cuarentena, 3274, 451812, 1.0.30101, , ame, , 7EC2DC7B1F8F981BDA11868FD9493234, 1DE138BB3E707B6D6E0C8F5242444FF9F1C84882D18A00E3DA36A8547F6343C9
RiskWare.MisusedLegit.E, C:\PROGRAMDATA\MSVCP140.DLL, En cuarentena, 3868, 820423, 1.0.30101, , ame, , 109F0F02FD37C84BFC7508D4227D7ED5, 334E69AC9367F708CE601A6F490FF227D6C20636DA5222F148B25831D22E13D4
Generic.Malware/Suspicious, C:\USERS\USER\Desktop\textaloud.v4.0.22.ADMINISTRADOR.lnk, En cuarentena, 0, 392686, , , , , 159E3AD7BA111C9B7FB9FD59385AB77A, 69B7D91FBF40BDE5DE7E7A0A59A6828F1AC02DA3CA5CDE7AF54081DDE98A7ACB
Generic.Malware/Suspicious, C:\PROGRAM FILES (X86)\TEXTALOUD\TEXTALOUD.V4.0.22.LOADER.EXE, En cuarentena, 0, 392686, 1.0.30101, , shuriken, , 5F824012BC07EE697A18D2FA12A6F800, 12A00CC91746A30929F8D37BB441B1F4D08C085D7F244F09AEBB2A9ACD7E6813
RiskWare.MisusedLegit.E, C:\PROGRAMDATA\MOZGLUE.DLL, En cuarentena, 3868, 820422, 1.0.30101, , ame, , 8F73C08A9660691143661BF7332C3C27, 3FE6B1C54B8CF28F571E0C5D6636B4069A8AB00B4F11DD842CFEC00691D0C9CD
PUP.Optional.DiskFixer, C:\USERS\USER\APPDATA\LOCAL\TEMP\YKDMPQE1Z44.EXE, En cuarentena, 2966, 758704, 1.0.30101, , ame, , 2FF701F08A9BF6CDE708AD068A96F08B, F384C7CE84F7784C5A8A4612F440FA2EE797C669129FFE0CE2FC89062BF7A2C8

Sector físico: 0
(No hay elementos maliciosos detectados)

WMI: 0
(No hay elementos maliciosos detectados)


(end)

y este es el reporte de Adw Cleaner

# -------------------------------
# Malwarebytes AdwCleaner 8.0.7.0
# -------------------------------
# Build:    07-22-2020
# Database: 2020-07-20.1 (Local)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start:    09-19-2020
# Duration: 00:00:01
# OS:       Windows 10 Pro
# Cleaned:  4
# Failed:   0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted       C:\Users\User\AppData\Roaming\IObit\Advanced SystemCare

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted       HKCU\Software\csastats
Deleted       HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{13E374E4-E610-4F9E-ACC4-E461DA17D869}_is1

***** [ Chromium (and derivatives) ] *****

Deleted       ccjleegmemocfpghkhpjmiccjcacackp

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [2019 octets] - [19/09/2020 16:26:53]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

el antivirus sigue detectando movimientos de virus y mi carpeta de descargas tiene mis archivos encriptados

Hola

Has infectado bastante el equipo.

Como ya te dije, los antivirus crakeados/pirateados no son muy eficaces, deberías desinstalarlo, tienes la opción de descargar la versión gratuita y legal.

Desactiva temporalmente el Antivirus >> Cómo deshabilitar temporalmente su Antivirus

Descarga Farbar Recovery Scan Tool en el escritorio, seleccionando la versión adecuada para la arquitectura (32 o 64bits) de tu equipo. :arrow_right: Como saber si Mi Windows es de 32 o 64 Bits ?.

  • Ejecuta FRST.exe.
  • En el mensaje de la ventana del Disclaimer, pulsamos Yes
  • En la ventana principal pulsamos en el botón Scan y esperamos a que concluya el proceso.
  • Se abrirán dos(2) archivos(Logs), Frst.txt y Addition.txt, estos quedaran grabados en el escritorio.

Pon los dos reportes generados.

Debes copiarlos y pegarlos con todo su contenido y usaras varios mensajes si recibes un mensaje de error indicando que es muy largo(mas de 50.000 caracteres aprox.).

Un saludo

hare lo que me indicaste, también queria informarte que encontre este archivo de texto en el disco D de mi equipo, este es su contenido:

ATTENTION!

Don't worry, you can return all your files!
All your files like pictures, databases, documents and other important are encrypted with strongest encryption and unique key.
The only method of recovering files is to purchase decrypt tool and unique key for you.
This software will decrypt all your encrypted files.
What guarantees you have?
You can send one of your encrypted file from your PC and we decrypt it for free.
But we can decrypt only 1 file for free. File must not contain valuable information.
You can get and look video overview decrypt tool:
https://we.tl/t-67ue5AWKVu
Price of private key and decrypt software is $980.
Discount 50% available if you contact us first 72 hours, that's price for you is $490.
Please note that you'll never restore your data without payment.
Check your e-mail "Spam" or "Junk" folder if you don't get answer more than 6 hours.


To get this software you need write on our e-mail:
[email protected]

Reserve e-mail address to contact us:
[email protected]

Your personal ID:
0251riuyfghUHi987hHMYPFQP4a2mnn8ueIo7ZbkYRPM6sPbjcE

Te agarraste un ransomware y no en todos los casos se puede desencriptar los archivos.

Antes de ejecutar FRST loo primero que debes hacer es intentar identificar correctamente el tipo y/o variante que te ha infectado, para hacerlo revisa este tema y compruébalo :arrow_right: ID-Ransomware: ¿Cómo identificar el Ransomware que lo ha infectado?

Dependiendo que esa infección/variante fuera de las que tienen método/herramienta de recuperación de ficheros(te indicará cual es), quizás puedas lograrlo, pero desgraciadamente en su gran mayoría NO es posible.

Ya nos comentas lo que te ha indicado y los resultados obtenidos…

Un saludo

ok , eso hare. luego te aviso como me fue.

De acuerdo, ya nos comentas :+1:

me sale este resultado https://id-ransomware.malwarehunterteam.com/identify.php

sale una pagina con este mensaje : Esta página no funcionaLa página id-ransomware.malwarehunterteam.com no puede procesar esta solicitud ahora. HTTP ERROR 500

Acabo de entrar en esa página y no me salta el error, intenta de nuevo, habrá sido algo temporal.

entro a la pagina ransomware y cargo los archivos pero al pulsar upload el resultado sale error. Revisando, los archivos que encripto son archivos que no son importantes, lo que quiero es eliminar todos los virus, porque el antivirus detecta pups y paginas bloqueadas cada vez que uso el navegador.

Hola le pase el programa FRST64, aqui los reportes: Addition


Resultados del Análisis Adicional de Farbar Recovery Scan Tool (x64) Versión: 19-09-2020
Ejecutado por User (19-09-2020 20:59:18)
Ejecutado desde C:\Users\User\Desktop
Windows 10 Pro Versión 1909 18363.1082 (X64) (2020-01-15 19:08:53)
Modo de Inicio: Normal
==========================================================


==================== Cuentas: =============================

Administrador (S-1-5-21-691198722-108262031-710922791-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-691198722-108262031-710922791-503 - Limited - Disabled)
Invitado (S-1-5-21-691198722-108262031-710922791-501 - Limited - Disabled)
User (S-1-5-21-691198722-108262031-710922791-1000 - Administrator - Enabled) => C:\Users\User
WDAGUtilityAccount (S-1-5-21-691198722-108262031-710922791-504 - Limited - Disabled)

==================== Centro de Seguridad ========================

(Si una entrada es incluida en el fixlist, será eliminada.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Kaspersky Internet Security (Disabled - Up to date) {0AB30972-4BAC-7BEE-CBCA-B8F9E68797D8}
AS: Kaspersky Anti-Virus (Enabled - Up to date) {B1D2E896-6D96-7460-F17A-838B9D00DD65}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Disabled) {32888857-01C3-7AB6-E095-11CC1854D0A3}

==================== Programas instalados ======================

(Solo los programas de adware con indicador "Oculto", pueden ser añadidos al fixlist para hacerlos visibles. Los programas adware deben ser desinstalados manualmente.)

Adobe Acrobat Reader DC - Español (HKLM-x32\...\{AC76BA86-7AD7-1034-7B44-AC0F074E4100}) (Version: 20.012.20043 - Adobe Systems Incorporated)
Adobe Illustrator 2020 (HKLM-x32\...\ILST_24_0_1) (Version: 24.0.1 - Adobe Systems Incorporated)
Adobe Photoshop CC 2019 (HKLM-x32\...\PHSP_20_0_3) (Version: 20.0.3 - Adobe Systems Incorporated)
Camtasia 9 (HKLM\...\{33E08945-3D7B-40BB-B34F-1A3C8B9650DE}) (Version: 9.1.2.3011 - TechSmith Corporation) Hidden
Camtasia 9 (HKLM-x32\...\{34ab05ac-3089-417f-828e-c2da3d5b4e09}) (Version: 9.1.2.3011 - TechSmith Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 5.71 - Piriform)
Compresor WinRAR (HKLM-x32\...\WinRAR archiver) (Version:  - )
Corel Graphics - Windows Shell Extension (HKLM\...\_{C7C5C180-248D-4CF4-8636-4568DE8EDC3B}) (Version: 19.1.0.419 - Corel Corporation)
Corel Graphics - Windows Shell Extension (HKLM\...\{C7C5C180-248D-4CF4-8636-4568DE8EDC3B}) (Version: 19.1.419 - Corel Corporation) Hidden
Corel Graphics - Windows Shell Extension 32 Bit Keys (HKLM\...\{58EA2241-5840-4C95-A5A5-82FD2F037D72}) (Version: 19.1.419 - Corel Corporation) Hidden
Corel Update Manager (HKLM\...\{9E1EE683-0C7B-46E7-83EC-1F5A1D8F2296}) (Version: 2.4.244 - Corel corporation) Hidden
CorelDRAW Graphics Suite 2017 - Capture (x64) (HKLM\...\{AC9BB7B7-A763-43C5-9830-F3B78FDB051D}) (Version: 19.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2017 - Common (x64) (HKLM\...\{B8C51F00-63AE-4327-A533-375CB7B6BF26}) (Version: 19.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2017 - Connect (x64) (HKLM\...\{BD0F92AD-DFDB-4BC5-BAA5-FB27892F9483}) (Version: 19.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2017 - Custom Data (x64) (HKLM\...\{E7975CC5-05E4-45E3-AFD3-234809F694A0}) (Version: 19.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2017 - Draw (x64) (HKLM\...\{A16C7EEB-69CB-42A1-AD10-0E19A133D957}) (Version: 19.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2017 - ES (x64) (HKLM\...\{0EAC29D4-5379-4595-ACE9-FA6A3DC08418}) (Version: 19.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2017 - Filters (x64) (HKLM\...\{EEC42BAD-9517-450D-AF99-FA3C16D0377C}) (Version: 19.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2017 - Font Manager (x64) (HKLM\...\{D276DE88-654E-4738-A736-6E18D12F0C34}) (Version: 19.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2017 - IPM Content ES (x64) (HKLM\...\{B8719BFF-D4FE-45C7-99E1-811EBF8BB6CD}) (Version: 19.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2017 - IPM T (x64) (HKLM\...\{904B10A6-0D9C-4645-9C61-504FA92B9220}) (Version: 19.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2017 - PHOTO-PAINT (x64) (HKLM\...\{B2D66383-4F98-4108-B6A3-F9CF8715875C}) (Version: 19.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2017 - Redist (x64) (HKLM\...\{47865C60-4ED8-4678-B23F-C2D1C2DDC09C}) (Version: 19.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2017 - Setup Files (x64) (HKLM\...\{07B49D5C-2AB6-4D40-8A9B-BEDA6021A7C7}) (Version: 19.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2017 - VBA (x64) (HKLM\...\{5330DEB9-A612-4679-ACC1-D3D9C6190824}) (Version: 19.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2017 - VideoBrowser (x64) (HKLM\...\{C451F155-26B7-48F2-8A8F-9428B4D479D2}) (Version: 19.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2017 - Workspaces (x64) (HKLM\...\{F3EFAF0E-DF3C-4384-8A0F-90D79FEFD7F5}) (Version: 19.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2017 - Writing Tools (x64) (HKLM\...\{E38357D4-1B80-400F-A6D7-B4D5DD83D979}) (Version: 19.1 -  Corel Corporation) Hidden
CorelDRAW Graphics Suite 2017 (64-Bit) (HKLM\...\_{07B49D5C-2AB6-4D40-8A9B-BEDA6021A7C7}) (Version: 19.1.0.419 - Corel Corporation)
CorelDRAW Graphics Suite 2017 (HKLM\...\{79C52519-B717-45C2-8845-E55419A8E685}) (Version: 19.1 - Corel Corporation) Hidden
Disk Drill 1.0.0.187 (HKLM-x32\...\{8135C78F-F4AA-4742-8490-9C7FE59EBB33}) (Version: 1.0.187 - CleverFiles)
Epson Customer Research Participation (HKLM\...\{B26449A6-6007-4460-B4FE-C4776115BCEA}) (Version: 1.82.0000 - Seiko Epson Corporation)
Epson Easy Photo Print 2 (HKLM-x32\...\{922E2D91-9314-45AA-9AEF-E585F93B59A9}) (Version: 2.6.1.0 - Seiko Epson Corporation)
Epson Event Manager (HKLM-x32\...\{006C8256-3855-43BF-8BA5-4B4C40F41F71}) (Version: 3.10.0065 - Seiko Epson Corporation)
EPSON L380 Series Printer Uninstall (HKLM\...\EPSON L380 Series) (Version:  - Seiko Epson Corporation)
Epson Scan 2 (HKLM-x32\...\Epson Scan 2) (Version:  - Seiko Epson Corporation)
Epson Software Updater (HKLM-x32\...\{6DBD132B-7F42-4594-BBE7-0BB677EB2926}) (Version: 4.4.2 - SEIKO EPSON CORPORATION)
Ghostscript GPL 8.64 (Msi Setup) (HKLM-x32\...\_{06CD45E6-FF5E-4D8E-BC01-B276A90DADF2}) (Version: 8.64 - Corel Corporation)
Ghostscript GPL 8.64 (Msi Setup) (HKLM-x32\...\{06CD45E6-FF5E-4D8E-BC01-B276A90DADF2}) (Version: 8.64 - Corel Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 85.0.4183.102 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.115 - Google Inc.) Hidden
GPL Ghostscript (HKLM\...\GPL Ghostscript 9.04) (Version: 9.04 - Artifex Software Inc.)
GPL Ghostscript (HKLM\...\GPL Ghostscript 9.21) (Version: 9.21 - Artifex Software Inc.)
GSview 5.0 (HKLM-x32\...\GSview 5.0) (Version: 5.0 - Ghostgum Software Pty Ltd)
Hardwipe 5.2.1 (HKLM\...\{0F322F97-B3FB-4423-B23E-4E486693CD16}) (Version: 5.2.1 - Big Angry Dog)
Intel(R) C++ Redistributables for Windows* on Intel(R) 64 (HKLM-x32\...\{D2437C5C-2D8C-40D2-8059-689AD7239FA3}) (Version: 11.1.048 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3517 - Intel Corporation)
Kaspersky Internet Security (HKLM-x32\...\{0124CD8C-8A9A-4A95-BF8C-F084040A93CE}) (Version: 21.1.15.500 - Kaspersky) Hidden
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{0124CD8C-8A9A-4A95-BF8C-F084040A93CE}) (Version: 21.1.15.500 - Kaspersky)
Kaspersky Password Manager (HKLM-x32\...\{B2F7333E-6C8D-4994-AAC4-FEC8EBBF9611}) (Version: 9.0.2.767 - Kaspersky Lab) Hidden
Kaspersky Password Manager (HKLM-x32\...\InstallWIX_{B2F7333E-6C8D-4994-AAC4-FEC8EBBF9611}) (Version: 9.0.2.767 - Kaspersky Lab)
Kaspersky Secure Connection (HKLM-x32\...\{8E3A90F0-23D4-4761-AEBF-409CBBA48C80}) (Version: 21.1.15.500 - Kaspersky) Hidden
Kaspersky Secure Connection (HKLM-x32\...\InstallWIX_{8E3A90F0-23D4-4761-AEBF-409CBBA48C80}) (Version: 21.1.15.500 - Kaspersky)
K-Lite Codec Pack 6.6.6 (Full) (HKLM-x32\...\KLiteCodecPack_is1) (Version: 6.6.6 - )
Krita (x64) 4.3.0 (HKLM\...\Krita_x64) (Version: 4.3.0.0 - Krita Foundation)
Loquendo TTS: Carmen (Spanish) (HKLM-x32\...\LoqTTS-Carmen_is1) (Version:  - )
Loquendo TTS: Jorge (Spanish) (HKLM-x32\...\LoqTTS-Jorge_is1) (Version:  - )
Malwarebytes version 4.2.1.89 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.2.1.89 - Malwarebytes)
Manual Epson L380 (HKLM-x32\...\UsersGuideManual Epson L380_is1) (Version: 1.0 - Epson America, Inc.)
MaskVPN (HKLM-x32\...\{4A4ACF2E-4A98-4D18-80E3-5A5E5706F81E}_is1) (Version: 1.1.0.31 - Global Media (Thailand) Co., Ltd)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 85.0.564.51 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.135.29 - )
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-691198722-108262031-710922791-1000\...\OneDriveSetup.exe) (Version: 20.143.0716.0003 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable - x64 8.0.61000 (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable - x86 8.0.61001 (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x64 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{a2199617-3609-410f-a8e8-e8806c73545b}) (Version: 11.0.61030.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{f0080ca2-80ae-4958-b6eb-e8fa916d744a}) (Version: 11.0.61030.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{49e969a1-2990-464d-92b5-25f6f34573c6}) (Version: 12.0.40664.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{d2c8df0e-f15d-4426-9e51-f13f329f9cb4}) (Version: 12.0.40664.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.20.27305 (HKLM-x32\...\{623911de-3905-419c-826f-ddc168c6df55}) (Version: 14.20.27305.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.20.27305 (HKLM-x32\...\{d9671869-e224-4016-b780-a08239895ec1}) (Version: 14.20.27305.0 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2012 (HKLM-x32\...\{89ca2a32-2b52-4595-8dfd-6fe4757958d0}) (Version: 11.0.51108 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2015 (HKLM-x32\...\{dd8b09df-3ef8-49f1-bd1a-65278435860b}) (Version: 14.0.23217 - Microsoft Corporation)
MiniLyrics version 1.7.1.49 (HKLM-x32\...\{57A123C1-A349-4E13-BAE0-59B070D18B77}_is1) (Version: 1.7.1.49 - MiniLyrics)
Mobile Broadband HL Service (HKLM-x32\...\Mobile Broadband HL Service) (Version: 22.001.29.01.03 - Huawei Technologies Co.,Ltd)
Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x64 Hosting Support - PTB (HKLM\...\{E237254B-36A1-3D27-815E-B37C13BE0796}) (Version: 11.0.51108 - Microsoft Corporation) Hidden
Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x86 Hosting Support - PTB (HKLM-x32\...\{03077B58-6ACF-32CA-B42A-EAA458C295A1}) (Version: 11.0.51108 - Microsoft Corporation) Hidden
PaperCut Print Logger 1.10 (HKLM-x32\...\PaperCut Print Logger_is1) (Version:  - PaperCut Software Int. Pty. Ltd.)
Protected Folder (HKLM-x32\...\Protected Folder_is1) (Version:  - IObit)
SystemProcess (HKU\S-1-5-21-691198722-108262031-710922791-1000\...\SystemProcess) (Version: 1.0.0.2 - SystemProcess)
TextAloud 4.0 (HKLM-x32\...\{2d52d1c9-9281-4e32-8bfb-018332abcba7}_is1) (Version: 4.0.22.0 - NextUp.com)
UltraISO Premium V9.75 (HKLM-x32\...\UltraISO_is1) (Version: 9.75 - EZB Systems, Inc.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.11 - VideoLAN)
Winamp (HKLM-x32\...\Winamp) (Version: 5.6  - Nullsoft, Inc)
WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)
WinRAR 5.71 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.71.0 - win.rar GmbH)
Wondershare Filmora9(Build 9.5.1) (HKLM\...\Wondershare Filmora9_is1) (Version:  - Wondershare Software)
Wondershare Helper Compact 2.6.0 (HKLM-x32\...\{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.6.0 - Wondershare)
Your Application Name (HKLM-x32\...\{AA6EB693-FE08-4515-A991-C74F53AD7D7A}) (Version:  - )
Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x64) - RUS (HKLM\...\{25FB53C5-BE4C-3B6C-A0C9-D49A39227E1E}) (Version: 11.0.51108 - Microsoft Corporation) Hidden
Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x86) - RUS (HKLM-x32\...\{68DC347D-C1C0-3DE2-A53E-CCC71DA53E57}) (Version: 11.0.51108 - Microsoft Corporation) Hidden

Packages:
=========
Complemento de Fotos -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2017.39121.36610.0_x64__8wekyb3d8bbwe [2020-01-31] (Microsoft Corporation)
Complemento de motor multimedia para Fotos -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-01-18] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2020-01-16] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2020-01-16] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.7.8101.0_x64__8wekyb3d8bbwe [2020-08-20] (Microsoft Studios) [MS Ad]

==================== Personalizado CLSID (Lista blanca): ==============

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

ShellExecuteHooks: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [6722448 2010-03-25] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [Kaspersky Anti-Virus 21.1] -> {091EC05A-4A09-4108-8D41-F7B1078DAA9E} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.1\x64\shellex.dll [2020-08-25] (Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers1: [PfMenu] -> {2F844462-7CB8-489C-828C-32A6422506AF} => C:\Program Files (x86)\IObit\Protected Folder\PfShellExtension.dll [2015-03-10] (IObit Information Technology -> IObit)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [BigAngryDog_HWipe] -> {B0FFE529-A5D3-4ECE-91C0-9E3585C373D8} => C:\Program Files\Hardwipe\hw-bin\hwshell.dll [2017-04-03] (Big Angry Dog Ltd -> Big Angry Dog)
ContextMenuHandlers2: [Kaspersky Anti-Virus 21.1] -> {091EC05A-4A09-4108-8D41-F7B1078DAA9E} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.1\x64\shellex.dll [2020-08-25] (Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers2: [UltraISO] -> {AD392E40-428C-459F-961E-9B147782D099} => C:\Program Files (x86)\UltraISO\isoshl64.dll [2009-10-22] (SHENZHEN YIBO DIGITAL SYSTEMS DEVELOPMENT CO. LTD. -> EZB Systems, Inc.)
ContextMenuHandlers3: [BigAngryDog_HWipe] -> {8154B7C1-BB68-457C-931A-5BFABBA86CD9} => C:\Program Files\Hardwipe\hw-bin\hwshell.dll [2017-04-03] (Big Angry Dog Ltd -> Big Angry Dog)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-09-19] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [Kaspersky Anti-Virus 21.1] -> {091EC05A-4A09-4108-8D41-F7B1078DAA9E} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.1\x64\shellex.dll [2020-08-25] (Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers4: [PfMenu] -> {2F844462-7CB8-489C-828C-32A6422506AF} => C:\Program Files (x86)\IObit\Protected Folder\PfShellExtension.dll [2015-03-10] (IObit Information Technology -> IObit)
ContextMenuHandlers4: [UltraISO] -> {AD392E40-428C-459F-961E-9B147782D099} => C:\Program Files (x86)\UltraISO\isoshl64.dll [2009-10-22] (SHENZHEN YIBO DIGITAL SYSTEMS DEVELOPMENT CO. LTD. -> EZB Systems, Inc.)
ContextMenuHandlers4: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers4-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} =>  -> Ningún archivo
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\WINDOWS\system32\igfxpph.dll [2017-03-09] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [Kaspersky Anti-Virus 21.1] -> {091EC05A-4A09-4108-8D41-F7B1078DAA9E} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.1\x64\shellex.dll [2020-08-25] (Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-09-19] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [PfMenu] -> {2F844462-7CB8-489C-828C-32A6422506AF} => C:\Program Files (x86)\IObit\Protected Folder\PfShellExtension.dll [2015-03-10] (IObit Information Technology -> IObit)
ContextMenuHandlers6: [UltraISO] -> {AD392E40-428C-459F-961E-9B147782D099} => C:\Program Files (x86)\UltraISO\isoshl64.dll [2009-10-22] (SHENZHEN YIBO DIGITAL SYSTEMS DEVELOPMENT CO. LTD. -> EZB Systems, Inc.)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Lista blanca) ====================

(Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.)

HKLM\...\Drivers32: [VIDC.XVID] => C:\Windows\SysWOW64\xvidvfw.dll [183808 2010-12-07] () [Archivo no firmado]
HKLM\...\Drivers32: [VIDC.YV12] => C:\Windows\SysWOW64\yv12vfw.dll [237568 2010-11-03] (www.helixcommunity.org) [Archivo no firmado]
HKLM\...\Drivers32: [msacm.ac3acm] => C:\Windows\SysWOW64\ac3acm.acm [151552 2010-01-17] (fccHandler) [Archivo no firmado]
HKLM\...\Drivers32: [msacm.lameacm] => C:\Windows\SysWOW64\lameACM.acm [839680 2008-09-24] (hxxp://www.mp3dev.org/) [Archivo no firmado]
HKLM\...\Drivers32: [VIDC.FFDS] => C:\Windows\SysWOW64\ff_vfw.dll [108032 2010-12-11] () [Archivo no firmado]

==================== Accesos directos & WMI ========================

(Las entradas pueden ser listadas para ser restauradas o eliminadas.)

WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]

==================== Módulos cargados (Lista blanca) =============

2020-02-26 14:29 - 2016-07-21 10:54 - 000137728 _____ () [Archivo no firmado] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSCreateVC.dll
2020-02-26 14:29 - 2017-09-12 10:34 - 001506304 _____ () [Archivo no firmado] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\DAQExp.dll
2016-05-09 09:20 - 2016-05-09 09:20 - 000132096 _____ (Seiko Epson Corporation) [Archivo no firmado] C:\Program Files (x86)\EPSON Software\Event Manager\epnsm.dll
2009-10-21 17:39 - 2009-10-21 17:39 - 000291328 _____ (SEIKO EPSON CORPORATION) [Archivo no firmado] C:\Program Files (x86)\EPSON Software\Event Manager\LcMgr.dll
2020-02-26 14:29 - 2017-09-12 10:36 - 000708608 _____ (Wondershare) [Archivo no firmado] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSProducstInfo.dll

==================== Alternate Data Streams (Lista blanca) ========

(Si una entrada es incluida en el fixlist, solamente los ADS serán eliminados.)

AlternateDataStreams: C:\Users\User:.repos [616611]
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxlctlfudivq`qsp`20hfm [0]
AlternateDataStreams: C:\Users\User\Desktop\Notepad.lnk:com.dropbox.attributes [168]

==================== Modo Seguro (Lista blanca) ==================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El "AlternateShell" será restaurado.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Asociación (Lista blanca) =================

==================== Internet Explorer (Lista blanca) ==========

BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation -> Microsoft Corporation)
BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2014-11-14] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation -> Microsoft Corporation)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2014-11-14] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)

==================== Hosts contenido: =========================

(Si es necesario, la directiva Hosts: puede ser incluida en el fixlist para restablecer Hosts.)

2009-07-13 21:34 - 2020-09-18 17:27 - 000001439 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 validation.sls.microsoft.com
127.0.0.1 mc.corel.com
127.0.0.1 apps.corel.com
127.0.0.1 activation.cloud.techsmith.com
127.0.0.1 oscount.techsmith.com
127.0.0.1 65.52.240.48
127.0.0.1 69.167.144.18
127.0.0.1 157.56.8.159
127.0.0.1 69.167.144.15
127.0.0.1 updater.techsmith.com
127.0.0.1 camtasiatudi.techsmith.com
127.0.0.1 tsccloud.cloudapp.net
127.0.0.1 assets.cloud.techsmith.com
127.0.0.1 ultramediaburner.com
127.0.0.1 pro-zipper.com
127.0.0.1 productsdetails.online
127.0.0.1 post-back-url.com
127.0.0.1 rothsideadome.pw
127.0.0.1 room1.360dev.info
127.0.0.1 telechargini.com

2020-01-14 09:18 - 2020-01-15 08:39 - 000000374 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics

==================== Otras Áreas ===========================

(Actualmente no existe una corrección automática para esta sección.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files\Hardwipe\;%C_EM64T_REDIST11%bin\Intel64;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-691198722-108262031-710922791-1000\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 190.113.220.18 - 190.113.220.51
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (Ningún archivo)
Firewall de Windows está habilitado.

==================== MSCONFIG/TASK MANAGER elementos deshabilitados ==

==================== Reglas de firewall (Lista blanca) ================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

FirewallRules: [{C14E84C2-5BE1-4C15-ADD3-1C674E7FC20E}] => (Block) c:\Program Files\Corel\CorelDRAW Graphics Suite 2017\Programs64\CorelPP.exe (Corel Corporation -> Corel Corporation)
FirewallRules: [{4E14E54D-2743-4A85-8EFD-9C3F5A44FBB9}] => (Block) c:\Program Files\Corel\CorelDRAW Graphics Suite 2017\Programs64\CorelDrw.exe (Corel Corporation -> Corel Corporation)
FirewallRules: [TCP Query User{25EF65FE-2976-4C38-9896-9808BB3DD257}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Block) C:\program files (x86)\epson software\event manager\eeventmanager.exe (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
FirewallRules: [UDP Query User{0B510B79-4C46-4487-A9CA-9F4CF20FBB86}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Block) C:\program files (x86)\epson software\event manager\eeventmanager.exe (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
FirewallRules: [{6AA4A636-5354-40CE-86EA-D4339F156483}] => (Allow) LPort=8318
FirewallRules: [TCP Query User{FB065986-9CE3-42FA-BB5F-DE3DFF6F76F3}C:\program files (x86)\winamp\winamp.exe] => (Allow) C:\program files (x86)\winamp\winamp.exe (Winamp -> Nullsoft, Inc.)
FirewallRules: [UDP Query User{4BC0B802-758E-4261-99F3-36B71A903018}C:\program files (x86)\winamp\winamp.exe] => (Allow) C:\program files (x86)\winamp\winamp.exe (Winamp -> Nullsoft, Inc.)
FirewallRules: [{6FC04688-1FFC-4EA4-BD99-AE3059C2EDD6}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.63.76.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{59A06366-C4F5-40C6-A91F-30ACA38CC611}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.63.76.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{FF423195-C021-4237-8AC3-9885C7103CB4}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.63.76.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{CFECB76B-EB3B-455B-9D7C-42D39232D4BF}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.63.76.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{DF00E2A4-16AA-4BA9-BE3D-DD792504D6CC}] => (Allow) C:\Program Files (x86)\MaskVPN\mask_svc.exe (Global Media (Thailand) Co., Ltd -> Global Media (Thailand) Co., Ltd)
FirewallRules: [{30C1BF2B-4463-4110-A7FD-4AFC916A8102}] => (Allow) C:\Program Files (x86)\MaskVPN\MaskVPN.exe (Global Media (Thailand) Co., Ltd -> Global Media (Thailand) Co., Ltd)
FirewallRules: [{DE242E1D-80FE-4530-8A4C-9E164FCAD8D1}] => (Allow) C:\Program Files (x86)\MaskVPN\MaskVPNUpdate.exe (Global Media (Thailand) Co., Ltd -> Global Media (Thailand) Co., Ltd)
FirewallRules: [{8DDDBFE9-D280-40EE-9B69-FECD457EF59E}] => (Allow) C:\Program Files (x86)\MaskVPN\tunnle.exe (Global Media (Thailand) Co., Ltd -> Global Media (Thailand) Co., Ltd)
FirewallRules: [{A16D7752-BEEC-4B7A-A55B-F0FABE6F1658}] => (Allow) 㩃啜敳獲啜敳屲灁䑰瑡屡潒浡湩屧楶睥癜敩⹷硥e => Ningún archivo
FirewallRules: [{D14D2381-AC84-488C-92A6-986E5BE91C62}] => (Allow) 㩃啜敳獲啜敳屲灁䑰瑡屡潒浡湩屧楶睥捜牨浯摥楲敶⹲硥e => Ningún archivo
FirewallRules: [{E21C6073-85CA-4B98-A619-8546EBDB5BE7}] => (Allow) 㩃啜敳獲啜敳屲灁䑰瑡屡潒浡湩屧楶睥䍜牨浯履灁汰捩瑡潩屮桃潲敭攮數 => Ningún archivo
FirewallRules: [{933CC82A-E871-402C-B716-20290160DF1E}] => (Allow) 㩃啜敳獲啜敳屲灁䑰瑡屡潒浡湩屧楶睥癜敩啷攮數 => Ningún archivo
FirewallRules: [TCP Query User{68A64324-9790-49FC-AFA7-4A6D2367AB8F}C:\windows\syswow64\svchost.exe] => (Block) C:\windows\syswow64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)
FirewallRules: [UDP Query User{58B3D121-399C-4EF9-9B1C-62349DF4C936}C:\windows\syswow64\svchost.exe] => (Block) C:\windows\syswow64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)
FirewallRules: [{F5437D57-4109-4C33-A09E-7E4919663D6D}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Puntos de Restauración =========================

14-09-2020 18:51:39 Punto de control programado

==================== Dispositivos defectuosos en el Administrador de dispositivos ============


==================== Errores del registro de eventos: ========================

Errores de aplicación:
==================
Error: (09/19/2020 08:37:12 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (120,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) al abrir un archivo de registro C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (09/19/2020 06:38:48 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: mbamtray.exe, versión: 4.0.0.794, marca de tiempo: 0x5f52571b
Nombre del módulo con errores: Qt5Core.dll, versión: 5.14.1.0, marca de tiempo: 0x5e8272e4
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x0000000000219d05
Identificador del proceso con errores: 0x1478
Hora de inicio de la aplicación con errores: 0x01d68ed64ec00f32
Ruta de acceso de la aplicación con errores: C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
Ruta de acceso del módulo con errores: C:\Program Files\Malwarebytes\Anti-Malware\Qt5Core.dll
Identificador del informe: fd0c51fc-e5dc-4f9d-bd40-b0fb29198b22
Nombre completo del paquete con errores: 
Identificador de aplicación relativa del paquete con errores:

Error: (09/19/2020 06:34:32 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (11220,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) al abrir un archivo de registro C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (09/19/2020 05:59:29 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (5060,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) al abrir un archivo de registro C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (09/19/2020 05:42:23 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Error del Servicio de instantáneas de volumen: error inesperado al llamar a la rutina CoCreateInstance. HR = 0x8007045b, Se está cerrando el sistema.
.

Error: (09/19/2020 05:42:23 PM) (Source: VSS) (EventID: 13) (User: )
Description: Información del Servicio de instantáneas de volumen: el servidor COM con CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} y el nombre CEventSystem no puede iniciarse. [0x8007045b, Se está cerrando el sistema.
]

Error: (09/19/2020 05:35:45 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (2380,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) al abrir un archivo de registro C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (09/19/2020 05:26:44 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (2236,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) al abrir un archivo de registro C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.


Errores del sistema:
=============
Error: (09/19/2020 08:30:43 PM) (Source: DCOM) (EventID: 10010) (User: User-PC)
Description: El servidor Microsoft.SkypeApp_15.63.76.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca no se registró con DCOM dentro del tiempo de espera requerido.

Error: (09/19/2020 06:13:38 PM) (Source: DCOM) (EventID: 10010) (User: User-PC)
Description: El servidor Microsoft.SkypeApp_15.63.76.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca no se registró con DCOM dentro del tiempo de espera requerido.

Error: (09/19/2020 05:47:15 PM) (Source: DCOM) (EventID: 10010) (User: User-PC)
Description: El servidor Microsoft.SkypeApp_15.63.76.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca no se registró con DCOM dentro del tiempo de espera requerido.

Error: (09/19/2020 05:43:59 PM) (Source: DCOM) (EventID: 10010) (User: User-PC)
Description: El servidor Microsoft.SkypeApp_15.63.76.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca no se registró con DCOM dentro del tiempo de espera requerido.

Error: (09/19/2020 05:39:03 PM) (Source: DCOM) (EventID: 10000) (User: User-PC)
Description: No se puede iniciar un servidor DCOM: {0358B920-0AC7-461F-98F4-58E32CD89148}. Error 
"2147942767"
al iniciar este comando:
C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}

Error: (09/19/2020 04:58:55 PM) (Source: DCOM) (EventID: 10010) (User: User-PC)
Description: El servidor Microsoft.SkypeApp_15.63.76.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca no se registró con DCOM dentro del tiempo de espera requerido.

Error: (09/19/2020 04:34:52 PM) (Source: DCOM) (EventID: 10000) (User: User-PC)
Description: No se puede iniciar un servidor DCOM: {0358B920-0AC7-461F-98F4-58E32CD89148}. Error 
"2147942767"
al iniciar este comando:
C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}

Error: (09/19/2020 04:33:49 PM) (Source: DCOM) (EventID: 10000) (User: User-PC)
Description: No se puede iniciar un servidor DCOM: {0358B920-0AC7-461F-98F4-58E32CD89148}. Error 
"2147942767"
al iniciar este comando:
C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}


CodeIntegrity:
===================================

Date: 2020-09-19 17:45:20.073
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.1\x64\antimalware_provider.dll that did not meet the Windows signing level requirements.

Date: 2020-09-19 17:45:20.017
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.1\x64\antimalware_provider.dll that did not meet the Windows signing level requirements.

Date: 2020-09-19 17:45:19.927
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.1\x64\antimalware_provider.dll that did not meet the Windows signing level requirements.

Date: 2020-09-19 16:30:38.321
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.1\x64\antimalware_provider.dll that did not meet the Windows signing level requirements.

Date: 2020-09-19 16:30:38.287
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.1\x64\antimalware_provider.dll that did not meet the Windows signing level requirements.

Date: 2020-09-19 16:30:38.195
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.1\x64\antimalware_provider.dll that did not meet the Windows signing level requirements.

Date: 2020-09-19 16:14:03.616
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.1\x64\antimalware_provider.dll that did not meet the Windows signing level requirements.

Date: 2020-09-19 16:14:03.567
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.1\x64\antimalware_provider.dll that did not meet the Windows signing level requirements.

==================== Información de la memoria =========================== 

BIOS: Award Software International, Inc. F4 05/25/2011
Placa base: Gigabyte Technology Co., Ltd. H61M-S2V-B3
Procesador: Intel(R) Core(TM) i3-2100 CPU @ 3.10GHz
Porcentaje de memoria en uso: 38%
RAM física total: 8109.43 MB
RAM física disponible: 4981.75 MB
Virtual total: 16301.43 MB
Virtual disponible: 13158.29 MB

==================== Unidades ================================

Drive c: () (Fixed) (Total:149.6 GB) (Free:70.62 GB) NTFS
Drive d: () (Fixed) (Total:781.25 GB) (Free:319.54 GB) NTFS

\\?\Volume{726b3af9-86c3-11e7-a52c-806e6f6e6963}\ (Reservado para el sistema) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS
\\?\Volume{6f242199-0000-0000-0000-f06c25000000}\ () (Fixed) (Total:0.56 GB) (Free:0.08 GB) NTFS

==================== MBR & Tabla de particiones ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 6F242199)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=149.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=573 MB) - (Type=27)
Partition 4: (Not Active) - (Size=781.2 GB) - (Type=07 NTFS)

==================== Final de Addition.txt =======================    

REPORTE FRST :

Resultado del análisis realizado por Farbar Recovery Scan Tool (FRST) (x64) Versión: 19-09-2020
Ejecutado por User (administrador) sobre USER-PC (Gigabyte Technology Co., Ltd. H61M-S2V-B3) (19-09-2020 20:57:40)
Ejecutado desde C:\Users\User\Desktop
Perfiles cargados: User
Platform: Windows 10 Pro Versión 1909 18363.1082 (X64) Idioma: Español (España, internacional)
Navegador predeterminado: Chrome
Modo de Inicio: Normal
Tutorial para Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Procesos (Lista blanca) =================

(Si una entrada es incluida en el fixlist, el proceso será cerrado. El archivo no será movido.)

(Adobe Inc. -> Adobe Inc) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Systems Incorporated -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Arcai.com) [Archivo no firmado] C:\Program Files (x86)\netcut\services\aips.exe
(Arvato Digital Services Canada Inc -> arvato digital services llc) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Global Media (Thailand) Co., Ltd -> Global Media (Thailand) Co., Ltd) C:\Program Files (x86)\MaskVPN\mask_svc.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler64.exe
(Huawei Technologies Co.,Ltd. -> ) C:\Program Files (x86)\MobileBrServ\mbbService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxtray.exe
(Kaspersky Lab -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.1\avp.exe <2>
(Kaspersky Lab -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.1\avpui.exe
(Kaspersky Lab -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 5.1\ksde.exe
(Kaspersky Lab -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 5.1\ksdeui.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe <2>
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2007.1.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.20032.12611.0_x64__8wekyb3d8bbwe\Music.UI.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\mobsync.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.18362.1073_none_171f6eef2a0feed0\TiWorker.exe
(Node.js Foundation -> Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\libs\node.exe
(Nullsoft, Inc.) [Archivo no firmado] C:\Program Files (x86)\Winamp\winampa.exe
(PaperCut Software International Pty Ltd) [Archivo no firmado] C:\Program Files (x86)\PaperCut Print Logger\pcpl.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe
(SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S60RPB.EXE
(SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) C:\Program Files\EPSON\EpsonCustomerResearchParticipation\EPCP.exe
(SEIKO EPSON CORPORATION -> Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe

==================== Registro (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.)

HKLM-x32\...\Run: [WinampAgent] => C:\Program Files (x86)\Winamp\winampa.exe [74752 2010-11-30] (Nullsoft, Inc.) [Archivo no firmado]
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1092304 2016-03-14] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2133728 2017-09-12] (Wondershare Technology Co.,Ltd -> Wondershare)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restricción <==== ATENCIÓN
HKU\S-1-5-21-691198722-108262031-710922791-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [31651000 2020-09-08] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-691198722-108262031-710922791-1000\...\Run: [CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [144008 2019-10-22] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-18\...\Run: [EPLTarget\P0000000000000000] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATIRQE.EXE [417776 2014-11-13] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
HKLM\...\Print\Monitors\EPSON L380 Series 64MonitorBE: C:\WINDOWS\system32\E_YLMBRQE.DLL [182784 2015-12-08] (Microsoft Windows Hardware Compatibility Publisher -> SEIKO EPSON CORPORATION)
HKLM\...\Print\Monitors\PJL Language Monitor: C:\WINDOWS\system32\PJLMON.DLL [23040 2020-05-27] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\85.0.4183.102\Installer\chrmstp.exe [2020-09-19] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] -> 
CHR HKLM\SOFTWARE\Policies\Google: Restricción <==== ATENCIÓN

==================== Tareas programadas (Lista blanca) ============

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

Task: {0C99FCBB-1D6C-4C29-8F92-31DFA7809C61} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}
Task: {0F090DCF-0CAB-4D42-B9CF-4CCF2BB8D6E2} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43da-BFD7-FBEEA2180A1E}
Task: {16A187BD-6C30-449A-8F9D-E7993A0C3E4E} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {27F7052E-459C-4ACE-9429-3B2D62089085} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {28CEC093-35C3-4395-ABA1-B48BAA929BF5} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {3AC54776-08B2-4B18-9197-19F974274E3D} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe
Task: {483748A9-8FD8-47E2-A759-3EF301287F41} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {486D715E-6AA2-44CF-BC48-B6990CBB53C6} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControlsMigration => {343D770D-7788-47c2-B62A-B7C4CED925CB}
Task: {495E8337-8C15-47BE-B2A0-4A41E6076AD5} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {4CDA1A47-A3D1-433F-B0D5-9125B741040E} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {4F0CDBE7-6986-4DDD-BE18-4F393DCC8F19} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {5B42DD9C-5A26-4F27-BB95-34603F0997E5} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControls => {DFA14C43-F385-4170-99CC-1B7765FA0E4A}
Task: {5C64B4D7-52D7-4E72-817B-781670F3D39B} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {647EECB4-E958-4D1D-B1C2-A16BD0E7A6E1} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {6A894658-22C6-4902-AD59-226CF901B735} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [26588344 2020-09-08] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {6EC9B1F7-8524-43BF-B677-DF9B1707FB18} - System32\Tasks\EPSON L380 Series Update {A651D55D-F840-41D5-86FF-CA5FE875B924} => C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSRQE.EXE [690536 2013-11-21] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
Task: {72E2A4BF-83A8-4697-A24F-9AC319E161DE} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {761842B0-1AAF-497C-AA7A-03195F37B242} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDfE067B1}
Task: {78A8A1AA-6522-4F50-877D-7C4A2FD59A62} - System32\Tasks\avast! Emergency Update => C:\Program Files\Alwil Software\Avast5\AvastEmUpdate.exe
Task: {7C6614CA-F2A1-4422-B8E7-9E3452B268D0} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {7F7DF831-CD85-4CC8-8350-D0A685E5EE1B} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {8176D806-E990-4E18-9A30-CB264313FBA0} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {85F348E2-E75C-4EF7-BF1E-51AF13473548} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-09-19] (Google LLC -> Google LLC)
Task: {887921BB-EF67-48D2-9E9A-FB75B5892FC9} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}
Task: {8B210F50-E023-483E-BF69-0DCB8E68BEDA} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {8D53CB0A-3337-4D37-A87E-1FA92E85D132} - \Microsoft\Windows\UpdateOrchestrator\Universal Orchestrator Start -> Ningún archivo <==== ATENCIÓN
Task: {8D82842C-1030-4E34-B65C-427502468DE4} - System32\Tasks\CorelUpdateHelperTask => C:\Program Files (x86)\Corel\CUH\v2\CUH.exe [1627072 2017-09-26] (Corel Corporation -> Corel Corporation)
Task: {9127392A-B798-4146-BD81-F38578464D57} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {9702A779-66A8-4C1C-B060-8AE3BA952223} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4f47-879B-29A80C355D61}
Task: {993B27C2-FAF4-4398-82E8-9C719704FAA3} - System32\Tasks\{FC7D55D7-C8EF-489B-90C3-58D69275AEE6} => C:\Program Files (x86)\epson\Epson Scan 2\Core\es2launcher.exe [330776 2016-05-17] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
Task: {9C735C5D-58F8-4C26-9B2B-CD34122006BA} - \Microsoft\Windows\Setup\EOSNotify2 -> Ningún archivo <==== ATENCIÓN
Task: {A0E8352B-E94C-4B08-BF83-BB386303FB6C} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {AD3BC9AC-570D-4152-98B1-D420514D7D83} - \Microsoft\Windows\Setup\EOSNotify -> Ningún archivo <==== ATENCIÓN
Task: {AF7DE13B-1976-40F5-A995-77B6739A6BE4} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2872400 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {B0CBAB43-44FC-469B-A4CE-87426761FDCE} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40b4-8963-D3C761B18371}
Task: {BB70E26B-C146-4F0A-8474-9BBFB29868B5} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {C6DB75F4-0427-48D0-9874-CEAE15EA045C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-09-19] (Google LLC -> Google LLC)
Task: {C829AEA9-EA94-4A2D-9E25-BFF647B2FF2A} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {CBDC7579-5E90-49CF-9EC4-DC487D51DA01} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2020-09-08] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {CF865521-F578-4637-A572-90478DC2110A} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {DC2888E3-3006-4B46-A156-2C8D97C7EC73} - System32\Tasks\{786AE432-67F6-4807-A798-1597747CFD5A} => C:\Program Files (x86)\epson\Epson Scan 2\Core\es2launcher.exe [330776 2016-05-17] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
Task: {E2F5D455-717D-48FC-B961-8F7B5742BB71} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {E4400E28-A8C6-4E55-9C4C-CE0A8B09CC2D} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {E5805567-EC47-4633-AA63-20BE45D13555} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1336400 2020-07-08] (Adobe Inc. -> Adobe Inc.)
Task: {E5ABD385-2B0A-4687-9D81-8810E1F56A39} - System32\Tasks\CorelUpdateHelperTaskCore => c:\Program Files (x86)\Corel\CUH\v2\CUH.exe [1627072 2017-09-26] (Corel Corporation -> Corel Corporation)
Task: {F98E5CDE-00E3-40E8-8C2C-17E9855B34F3} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe

(Si una entrada es incluida en el fixlist, el archivo de tarea (.job) será movido. El archivo que está siendo ejecutado por la tarea no será movido.)

Task: C:\WINDOWS\Tasks\EPSON L380 Series Update {A651D55D-F840-41D5-86FF-CA5FE875B924}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSRQE.EXE:/EXE:{A651D55D-F840-41D5-86FF-CA5FE875B924} /F:UpdateSYSTEMĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\WINDOWS\Tasks\EPSON L380 Series Update {C39D5438-C739-4B97-938C-771C3FF42F5B}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSRQE.EXE:/EXE:{C39D5438-C739-4B97-938C-771C3FF42F5B} /F:UpdateWORKGROUP\USER-PC$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi

==================== Internet (Lista blanca) ====================

(Si un elemento es incluido en el fixlist, y éste pertenece al registro, será eliminado o restaurado a su valor predeterminado.)

Hosts: Hay más de una entrada en Hosts. Consulte la sección Hosts de Addition.txt
Tcpip\Parameters: [DhcpNameServer] 190.113.220.18 190.113.220.51 190.113.220.54
Tcpip\..\Interfaces\{54453265-f9f5-4da0-a682-0a6fcce2d40b}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{606DD3B9-F416-46BF-84A5-D50E6E1EFAA6}: [DhcpNameServer] 190.113.220.18 190.113.220.51 190.113.220.54
Tcpip\..\Interfaces\{9BA44B7D-3F78-4E77-AEB1-779BECD0DA92}: [DhcpNameServer] 192.168.8.1 192.168.8.1

Edge: 
======
DownloadDir: C:\Users\User\Downloads
Edge Profile: C:\Users\User\AppData\Local\Microsoft\Edge\User Data\Default [2020-09-19]
Edge DownloadDir: C:\Users\User\Downloads
Edge Extension: (Kaspersky Protection) - C:\Users\User\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ahkjpbeeocnddjkakilopmfdlnjdpcdm [2020-09-11]
Edge HKU\S-1-5-21-691198722-108262031-710922791-1000\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm]

FireFox:
========
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 18.0.0\FFExt\light_plugin_firefox\addon.xpi => no encontrado
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.1\FFExt\light_plugin_firefox\addon.xpi => no encontrado
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 18.0.0\FFExt\light_plugin_firefox\addon.xpi => no encontrado
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.1\FFExt\light_plugin_firefox\addon.xpi => no encontrado
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=3.0.11 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-08-17] (Adobe Inc. -> Adobe Systems Inc.)

Chrome: 
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Default [2020-09-19]
CHR Notifications: Default -> hxxps://forospyware.com; hxxps://www.facebook.com
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Extension: (Kaspersky Protection) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahkjpbeeocnddjkakilopmfdlnjdpcdm [2020-09-18]
CHR Extension: (Adobe Acrobat) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2020-09-18]
CHR Extension: (LockPW) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\kjcloihghgncbdkaafgkckbokjnehfmo [2020-02-19]
CHR Extension: (d8yI+Hf7rX) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\mbhgemjpjakkjohiflifdkefijjdcnbj [2020-09-18]
CHR Extension: (Google Docs) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfmbilnmhhjncjchhhhbodmbcgibnbfh [2020-09-18]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-07]
CHR Extension: (Chrome Media Router) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-09-02]
CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Guest Profile [2020-09-19]
CHR Extension: (d8yI+Hf7rX) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Guest Profile\Extensions\mbhgemjpjakkjohiflifdkefijjdcnbj [2020-09-18]
CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\System Profile [2020-09-19]
CHR Extension: (d8yI+Hf7rX) - C:\Users\User\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\mbhgemjpjakkjohiflifdkefijjdcnbj [2020-09-18]
CHR HKLM\...\Chrome\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm] - hxxps://chrome.google.com/webstore/detail/ahkjpbeeocnddjkakilopmfdlnjdpcdm
CHR HKLM-x32\...\Chrome\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm] - hxxps://chrome.google.com/webstore/detail/ahkjpbeeocnddjkakilopmfdlnjdpcdm
CHR HKLM-x32\...\Chrome\Extension: [ccjleegmemocfpghkhpjmiccjcacackp]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]

==================== Servicios (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169544 2020-07-08] (Adobe Inc. -> Adobe Inc.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [818136 2018-09-13] (Adobe Systems Incorporated -> Adobe Inc.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3147344 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
S4 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2914896 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AIPS; C:\Program Files (x86)\netcut\services\AIPS.exe [262144 2011-07-28] (Arcai.com) [Archivo no firmado]
R2 AVP21.1; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.1\avp.exe [381968 2020-06-29] (Kaspersky Lab -> AO Kaspersky Lab)
S3 cfbackd; C:\Program Files (x86)\CleverFiles\Disk Drill\cfbackd.w32.exe [211520 2014-08-31] (508 Software, LLC -> CleverFiles)
R2 EpsonCustomerResearchParticipation; C:\Program Files\EPSON\EpsonCustomerResearchParticipation\EPCP.exe [681400 2018-11-27] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
R2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [145224 2016-04-18] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
R2 EPSON_PM_RPCV4_06; C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S60RPB.EXE [152640 2013-04-14] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
S3 klvssbridge64_21.1; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.1\x64\vssbridge64.exe [436168 2020-06-29] (Kaspersky Lab -> AO Kaspersky Lab)
S3 kpm_launch_service; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 9.0.2\kpm_service.exe [354152 2020-04-01] (Kaspersky Lab -> AO Kaspersky Lab)
R2 KSDE5.1; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 5.1\ksde.exe [644312 2020-06-29] (Kaspersky Lab -> AO Kaspersky Lab)
R2 MaskVPNService; C:\Program Files (x86)\MaskVPN\mask_svc.exe [7493560 2020-08-06] (Global Media (Thailand) Co., Ltd -> Global Media (Thailand) Co., Ltd)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7185288 2020-09-19] (Malwarebytes Inc -> Malwarebytes)
R2 Mobile Broadband HL Service; C:\Program Files (x86)\MobileBrServ\mbbservice.exe [242264 2016-03-23] (Huawei Technologies Co.,Ltd. -> )
R2 PCPrintLogger; C:\Program Files (x86)\PaperCut Print Logger\pcpl.exe [929792 2013-07-03] (PaperCut Software International Pty Ltd) [Archivo no firmado]
R2 PSI_SVC_2; c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [277360 2014-04-30] (Arvato Digital Services Canada Inc -> arvato digital services llc)
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [117264 2010-06-25] (CACE Technologies, Inc. -> CACE Technologies, Inc.)

===================== Controladores (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [231936 2019-10-06] (Microsoft Corporation) [Archivo no firmado]
R0 cm_km; C:\WINDOWS\System32\DRIVERS\cm_km.sys [248504 2020-06-29] (Kaspersky Lab -> AO Kaspersky Lab)
R1 ISODrive; C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys [115600 2010-01-29] (SHENZHEN YIBO DIGITAL SYSTEMS DEVELOPMENT CO. LTD. -> EZB Systems, Inc.)
R1 klbackupdisk; C:\WINDOWS\system32\DRIVERS\klbackupdisk.sys [104712 2020-06-29] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klbackupflt; C:\WINDOWS\System32\DRIVERS\klbackupflt.sys [205048 2020-06-29] (Kaspersky Lab -> AO Kaspersky Lab)
R1 kldisk; C:\WINDOWS\system32\DRIVERS\kldisk.sys [121088 2020-06-29] (Kaspersky Lab -> AO Kaspersky Lab)
S0 klelam; C:\WINDOWS\System32\DRIVERS\klelam.sys [37496 2020-06-29] (Microsoft Windows Early Launch Anti-malware Publisher -> AO Kaspersky Lab)
R1 klflt; C:\WINDOWS\system32\DRIVERS\klflt.sys [509184 2020-06-29] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klgse; C:\WINDOWS\System32\DRIVERS\klgse.sys [643840 2020-06-26] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klhk; C:\WINDOWS\system32\DRIVERS\klhk.sys [1277704 2020-06-26] (Kaspersky Lab -> AO Kaspersky Lab)
S3 klids; C:\ProgramData\Kaspersky Lab\AVP21.1\Bases\klids.sys [240728 2020-09-15] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 KLIF; C:\WINDOWS\System32\DRIVERS\klif.sys [984320 2020-06-29] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klim6; C:\WINDOWS\system32\DRIVERS\klim6.sys [87808 2020-06-29] (Kaspersky Lab -> AO Kaspersky Lab)
R3 klkbdflt; C:\WINDOWS\system32\DRIVERS\klkbdflt.sys [106768 2020-06-29] (Kaspersky Lab -> AO Kaspersky Lab)
R3 klmouflt; C:\WINDOWS\system32\DRIVERS\klmouflt.sys [106752 2020-06-29] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klpd; C:\WINDOWS\System32\DRIVERS\klpd.sys [79104 2020-06-29] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klpnpflt; C:\WINDOWS\system32\DRIVERS\klpnpflt.sys [90368 2020-06-29] (Kaspersky Lab -> AO Kaspersky Lab)
R3 kltap; C:\WINDOWS\System32\drivers\kltap.sys [55592 2020-06-29] (AnchorFree Inc -> The OpenVPN Project)
R0 klupd_klif_arkmon; C:\WINDOWS\System32\Drivers\klupd_klif_arkmon.sys [256760 2020-08-25] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R3 klupd_klif_kimul; C:\WINDOWS\System32\Drivers\klupd_klif_kimul.sys [99152 2020-08-25] (Kaspersky Lab -> AO Kaspersky Lab)
R3 klupd_klif_klark; C:\WINDOWS\System32\Drivers\klupd_klif_klark.sys [309768 2020-08-25] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R0 klupd_klif_klbg; C:\WINDOWS\System32\Drivers\klupd_klif_klbg.sys [117512 2020-08-25] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R3 klupd_klif_mark; C:\WINDOWS\System32\Drivers\klupd_klif_mark.sys [206888 2020-08-25] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klwfp; C:\WINDOWS\system32\DRIVERS\klwfp.sys [133888 2020-06-29] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klwtp; C:\WINDOWS\system32\DRIVERS\klwtp.sys [242944 2020-06-29] (Kaspersky Lab -> AO Kaspersky Lab)
R1 kneps; C:\WINDOWS\system32\DRIVERS\kneps.sys [279824 2020-06-29] (Kaspersky Lab -> AO Kaspersky Lab)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [217592 2020-09-19] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2020-09-19] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248968 2020-09-19] (Malwarebytes Inc -> Malwarebytes)
R2 NPF; C:\WINDOWS\System32\drivers\npf.sys [35344 2010-06-25] (CACE Technologies, Inc. -> CACE Technologies, Inc.)
R2 PfFilter; C:\Program Files (x86)\IObit\Protected Folder\pffilter.sys [39104 2015-03-10] (IObit Information Technology -> IObit Information Technology)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166760 2019-09-26] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [27136 2018-08-29] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46472 2019-03-18] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [62432 2019-03-18] (Microsoft Windows -> Microsoft Corporation)
U3 idsvc; no ImagePath

==================== NetSvcs (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)


==================== Un mes (creado) ===================

(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)

2020-09-19 20:57 - 2020-09-19 20:58 - 000028513 _____ C:\Users\User\Desktop\FRST.txt
2020-09-19 20:50 - 2020-09-19 20:58 - 000000000 ____D C:\FRST
2020-09-19 17:57 - 2020-09-19 17:59 - 002298880 _____ (Farbar) C:\Users\User\Desktop\FRST64.exe
2020-09-19 17:49 - 2020-09-19 17:49 - 000002313 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-09-19 17:49 - 2020-09-19 17:49 - 000000000 ____D C:\Program Files\Google
2020-09-19 17:48 - 2020-09-19 17:48 - 000003622 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2020-09-19 17:48 - 2020-09-19 17:48 - 000003498 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2020-09-19 17:47 - 2020-09-19 20:33 - 000004196 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{47AB50BC-0014-418A-B318-9D499B73F510}
2020-09-19 16:35 - 2020-09-19 16:35 - 000001644 _____ C:\Users\User\Documents\cc_20200919_163543.reg
2020-09-19 16:25 - 2020-09-19 16:14 - 008414384 _____ (Malwarebytes) C:\Users\User\Desktop\adwcleaner_8.0.7.exe
2020-09-19 16:09 - 2020-09-19 16:09 - 000009830 _____ C:\Users\User\Desktop\Informe Malwarebytes.txt
2020-09-19 15:52 - 2020-09-19 15:52 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2020-09-19 15:52 - 2020-09-19 15:52 - 000002021 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2020-09-19 15:52 - 2020-09-19 15:52 - 000000000 ____D C:\Users\User\AppData\Local\mbam
2020-09-19 15:51 - 2020-09-19 15:51 - 000248968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2020-09-19 15:51 - 2020-09-19 15:51 - 000217592 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2020-09-19 15:51 - 2020-09-19 15:51 - 000153312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2020-09-19 15:51 - 2020-09-19 15:51 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2020-09-19 15:51 - 2020-09-19 15:51 - 000000000 ____D C:\ProgramData\Malwarebytes
2020-09-19 15:50 - 2020-09-19 15:50 - 000000000 ____D C:\Program Files\Malwarebytes
2020-09-18 17:31 - 2020-09-18 17:43 - 000000000 ____D C:\Users\User\AppData\Roaming\iy5ue114omm
2020-09-18 17:31 - 2020-09-18 17:31 - 000001113 _____ C:\Users\User\_readme.txt
2020-09-18 17:28 - 2020-09-18 19:18 - 000000000 ____D C:\Users\User\AppData\Local\f13d4dae-6fd3-4154-af4d-e1da0a7d59f7
2020-09-18 17:28 - 2020-09-18 17:44 - 000000000 ____D C:\Users\User\AppData\Local\8fea09cf-4f47-46bd-8ae1-06f32126dd62
2020-09-18 17:28 - 2020-09-18 17:28 - 000000560 _____ C:\Users\User\AppData\Local\bowsakkdestx.txt
2020-09-18 17:28 - 2020-09-18 17:28 - 000000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\view
2020-09-18 17:28 - 2020-09-18 17:28 - 000000000 ____D C:\SystemID
2020-09-18 17:28 - 2020-09-18 17:28 - 000000000 ____D C:\ProgramData\2CLAPA0LRDXNNNT8EWHTK9AJ7
2020-09-18 17:27 - 2020-09-19 16:00 - 000000000 ____D C:\Program Files (x86)\Pic
2020-09-18 17:27 - 2020-09-19 15:53 - 000000000 ____D C:\Users\User\AppData\Roaming\view
2020-09-18 17:27 - 2020-09-18 17:57 - 000000000 ____D C:\Users\User\AppData\Local\ScrSnap
2020-09-18 17:27 - 2020-09-18 17:43 - 000000000 ____D C:\Program Files (x86)\agjx
2020-09-18 17:27 - 2020-09-18 17:27 - 000000000 ____D C:\Users\User\AppData\Roaming\d23za3iegxq
2020-09-18 17:27 - 2020-09-18 17:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pic
2020-09-18 17:27 - 2020-09-18 17:27 - 000000000 ____D C:\Program Files (x86)\MaskVPN
2020-09-18 17:27 - 2018-08-29 15:48 - 000027136 _____ (The OpenVPN Project) C:\WINDOWS\system32\Drivers\tap0901.sys
2020-09-18 17:26 - 2020-09-18 17:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiniLyrics
2020-09-18 17:26 - 2020-09-18 17:26 - 000000000 ____D C:\Program Files (x86)\MiniLyrics
2020-09-08 16:43 - 2020-09-08 16:43 - 032928920 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecsRaw.dll
2020-09-08 16:43 - 2020-09-08 16:43 - 031598936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecsRaw.dll
2020-09-08 16:43 - 2020-09-08 16:43 - 025444864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2020-09-08 16:43 - 2020-09-08 16:43 - 019812864 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramWorld.dll
2020-09-08 16:43 - 2020-09-08 16:43 - 005503488 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2020-09-08 16:43 - 2020-09-08 16:43 - 004470272 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2020-09-08 16:43 - 2020-09-08 16:43 - 004309504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2020-09-08 16:43 - 2020-09-08 16:43 - 004129416 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2020-09-08 16:43 - 2020-09-08 16:43 - 003525608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2020-09-08 16:43 - 2020-09-08 16:43 - 003365376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2020-09-08 16:43 - 2020-09-08 16:43 - 002494752 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2020-09-08 16:43 - 2020-09-08 16:43 - 002422384 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVCORE.DLL
2020-09-08 16:43 - 2020-09-08 16:43 - 002369336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.AppAgent.dll
2020-09-08 16:43 - 2020-09-08 16:43 - 002315472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2020-09-08 16:43 - 2020-09-08 16:43 - 002230240 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2020-09-08 16:43 - 2020-09-08 16:43 - 002190664 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystems64.dll
2020-09-08 16:43 - 2020-09-08 16:43 - 002138264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVCORE.DLL
2020-09-08 16:43 - 2020-09-08 16:43 - 001659208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft.Uev.AppAgent.dll
2020-09-08 16:43 - 2020-09-08 16:43 - 001610240 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2020-09-08 16:43 - 2020-09-08 16:43 - 001491160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2020-09-08 16:43 - 2020-09-08 16:43 - 001386824 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystemController.dll
2020-09-08 16:43 - 2020-09-08 16:43 - 001272160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2020-09-08 16:43 - 2020-09-08 16:43 - 001247744 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMSPDMOE.DLL
2020-09-08 16:43 - 2020-09-08 16:43 - 001151808 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2020-09-08 16:43 - 2020-09-08 16:43 - 001108384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2020-09-08 16:43 - 2020-09-08 16:43 - 001099600 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2020-09-08 16:43 - 2020-09-08 16:43 - 001098720 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2020-09-08 16:43 - 2020-09-08 16:43 - 001039872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMSPDMOE.DLL
2020-09-08 16:43 - 2020-09-08 16:43 - 001012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2020-09-08 16:43 - 2020-09-08 16:43 - 000952416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DolbyDecMFT.dll
2020-09-08 16:43 - 2020-09-08 16:43 - 000941568 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2020-09-08 16:43 - 2020-09-08 16:43 - 000928768 _____ (Microsoft Corporation) C:\WINDOWS\system32\WFS.exe
2020-09-08 16:43 - 2020-09-08 16:43 - 000748384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2020-09-08 16:43 - 2020-09-08 16:43 - 000744960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.Office2013CustomActions.dll
2020-09-08 16:43 - 2020-09-08 16:43 - 000744240 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMADMOE.DLL
2020-09-08 16:43 - 2020-09-08 16:43 - 000738072 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMADMOD.DLL
2020-09-08 16:43 - 2020-09-08 16:43 - 000724480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapi.dll
2020-09-08 16:43 - 2020-09-08 16:43 - 000709632 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2020-09-08 16:43 - 2020-09-08 16:43 - 000682752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMADMOE.DLL
2020-09-08 16:43 - 2020-09-08 16:43 - 000669696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WFSR.dll
2020-09-08 16:43 - 2020-09-08 16:43 - 000666288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMADMOD.DLL
2020-09-08 16:43 - 2020-09-08 16:43 - 000588800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfh264enc.dll
2020-09-08 16:43 - 2020-09-08 16:43 - 000574976 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfh264enc.dll
2020-09-08 16:43 - 2020-09-08 16:43 - 000537608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2020-09-08 16:43 - 2020-09-08 16:43 - 000522752 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModel.dll
2020-09-08 16:43 - 2020-09-08 16:43 - 000516544 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2020-09-08 16:43 - 2020-09-08 16:43 - 000514560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft.Uev.Office2013CustomActions.dll
2020-09-08 16:43 - 2020-09-08 16:43 - 000420168 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAudDecMFT.dll
2020-09-08 16:43 - 2020-09-08 16:43 - 000415232 _____ (Microsoft Corporation) C:\WINDOWS\system32\FXSCOMPOSE.dll
2020-09-08 16:43 - 2020-09-08 16:43 - 000408576 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2020-09-08 16:43 - 2020-09-08 16:43 - 000338944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapibase.dll
2020-09-08 16:43 - 2020-09-08 16:43 - 000234496 _____ (Microsoft Corporation) C:\WINDOWS\system32\FXSCOVER.exe
2020-09-08 16:43 - 2020-09-08 16:43 - 000181248 _____ (Microsoft Corporation) C:\WINDOWS\system32\FXSUTILITY.dll
2020-09-08 16:43 - 2020-09-08 16:43 - 000080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModelOOBE.exe
2020-09-08 16:43 - 2020-09-08 16:43 - 000045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.Office2010CustomActions.dll
2020-09-08 16:43 - 2020-09-08 16:43 - 000036352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft.Uev.Office2010CustomActions.dll
2020-09-08 16:43 - 2020-09-08 16:43 - 000035328 _____ (Microsoft Corporation) C:\WINDOWS\system32\FXSCOMPOSERES.dll
2020-09-08 16:42 - 2020-09-08 16:42 - 022642176 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2020-09-08 16:42 - 2020-09-08 16:42 - 019852288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2020-09-08 16:42 - 2020-09-08 16:42 - 018032128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2020-09-08 16:42 - 2020-09-08 16:42 - 007761408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2020-09-08 16:42 - 2020-09-08 16:42 - 007284736 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2020-09-08 16:42 - 2020-09-08 16:42 - 006526448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2020-09-08 16:42 - 2020-09-08 16:42 - 006304256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2020-09-08 16:42 - 2020-09-08 16:42 - 006069360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2020-09-08 16:42 - 2020-09-08 16:42 - 005907456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2020-09-08 16:42 - 2020-09-08 16:42 - 005848848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2020-09-08 16:42 - 2020-09-08 16:42 - 005767744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2020-09-08 16:42 - 2020-09-08 16:42 - 005003832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2020-09-08 16:42 - 2020-09-08 16:42 - 004859904 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2020-09-08 16:42 - 2020-09-08 16:42 - 004605952 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2020-09-08 16:42 - 2020-09-08 16:42 - 004538368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2020-09-08 16:42 - 2020-09-08 16:42 - 003822592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2020-09-08 16:42 - 2020-09-08 16:42 - 003740456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneCoreUAPCommonProxyStub.dll
2020-09-08 16:42 - 2020-09-08 16:42 - 003501568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2020-09-08 16:42 - 2020-09-08 16:42 - 002799104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2020-09-08 16:42 - 2020-09-08 16:42 - 002585032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2020-09-08 16:42 - 2020-09-08 16:42 - 002576896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2020-09-08 16:42 - 2020-09-08 16:42 - 002565120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2020-09-08 16:42 - 2020-09-08 16:42 - 002306048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2020-09-08 16:42 - 2020-09-08 16:42 - 002259680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2020-09-08 16:42 - 2020-09-08 16:42 - 001957552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2020-09-08 16:42 - 2020-09-08 16:42 - 001750016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll
2020-09-08 16:42 - 2020-09-08 16:42 - 001672544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2020-09-08 16:42 - 2020-09-08 16:42 - 001521664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbghelp.dll
2020-09-08 16:42 - 2020-09-08 16:42 - 001459200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2020-09-08 16:42 - 2020-09-08 16:42 - 001421392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2020-09-08 16:42 - 2020-09-08 16:42 - 001397560 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2020-09-08 16:42 - 2020-09-08 16:42 - 001326592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2020-09-08 16:42 - 2020-09-08 16:42 - 001313792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2020-09-08 16:42 - 2020-09-08 16:42 - 001218424 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2020-09-08 16:42 - 2020-09-08 16:42 - 001138688 _____ (Microsoft Corporation) C:\WINDOWS\system32\nettrace.dll
2020-09-08 16:42 - 2020-09-08 16:42 - 001124864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Vpn.dll
2020-09-08 16:42 - 2020-09-08 16:42 - 001077048 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2020-09-08 16:42 - 2020-09-08 16:42 - 001009200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2020-09-08 16:42 - 2020-09-08 16:42 - 000894032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2020-09-08 16:42 - 2020-09-08 16:42 - 000882688 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2020-09-08 16:42 - 2020-09-08 16:42 - 000864768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2020-09-08 16:42 - 2020-09-08 16:42 - 000844088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll
2020-09-08 16:42 - 2020-09-08 16:42 - 000783496 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2020-09-08 16:42 - 2020-09-08 16:42 - 000776192 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2020-09-08 16:42 - 2020-09-08 16:42 - 000775768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2020-09-08 16:42 - 2020-09-08 16:42 - 000775480 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2020-09-08 16:42 - 2020-09-08 16:42 - 000706560 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsecedit.dll
2020-09-08 16:42 - 2020-09-08 16:42 - 000705536 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2020-09-08 16:42 - 2020-09-08 16:42 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2020-09-08 16:42 - 2020-09-08 16:42 - 000689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2020-09-08 16:42 - 2020-09-08 16:42 - 000675032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2020-09-08 16:42 - 2020-09-08 16:42 - 000671560 _____ (Microsoft Corporation) C:\WINDOWS\system32\computecore.dll
2020-09-08 16:42 - 2020-09-08 16:42 - 000670720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2020-09-08 16:42 - 2020-09-08 16:42 - 000652800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2020-09-08 16:42 - 2020-09-08 16:42 - 000632320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll
2020-09-08 16:42 - 2020-09-08 16:42 - 000609280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2020-09-08 16:42 - 2020-09-08 16:42 - 000600064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2020-09-08 16:42 - 2020-09-08 16:42 - 000593480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2020-09-08 16:42 - 2020-09-08 16:42 - 000572208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryPS.dll
2020-09-08 16:42 - 2020-09-08 16:42 - 000564480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StateRepository.Core.dll
2020-09-08 16:42 - 2020-09-08 16:42 - 000562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2020-09-08 16:42 - 2020-09-08 16:42 - 000553664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2020-09-08 16:42 - 2020-09-08 16:42 - 000553472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsecedit.dll
2020-09-08 16:42 - 2020-09-08 16:42 - 000529920 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe
2020-09-08 16:42 - 2020-09-08 16:42 - 000528896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ddraw.dll
2020-09-08 16:42 - 2020-09-08 16:42 - 000499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.FileExplorer.dll
2020-09-08 16:42 - 2020-09-08 16:42 - 000466432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2020-09-08 16:42 - 2020-09-08 16:42 - 000466352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2020-09-08 16:42 - 2020-09-08 16:42 - 000462848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2020-09-08 16:42 - 2020-09-08 16:42 - 000457216 _____ (Microsoft Corporation) C:\WINDOWS\system32\upnphost.dll
2020-09-08 16:42 - 2020-09-08 16:42 - 000422008 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave_secure.dll
2020-09-08 16:42 - 2020-09-08 16:42 - 000404480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Payments.dll
2020-09-08 16:42 - 2020-09-08 16:42 - 000374784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2020-09-08 16:42 - 2020-09-08 16:42 - 000353280 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnrpsvc.dll
2020-09-08 16:42 - 2020-09-08 16:42 - 000336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2020-09-08 16:42 - 2020-09-08 16:42 - 000330752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\upnphost.dll
2020-09-08 16:42 - 2020-09-08 16:42 - 000328192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2020-09-08 16:42 - 2020-09-08 16:42 - 000324608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll
2020-09-08 16:42 - 2020-09-08 16:42 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2020-09-08 16:42 - 2020-09-08 16:42 - 000307712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2020-09-08 16:42 - 2020-09-08 16:42 - 000299520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2020-09-08 16:42 - 2020-09-08 16:42 - 000299072 _____ (Microsoft Corporation) C:\WINDOWS\system32\SIHClient.exe
2020-09-08 16:42 - 2020-09-08 16:42 - 000294728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\thumbcache.dll
2020-09-08 16:42 - 2020-09-08 16:42 - 000292864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Lights.dll
2020-09-08 16:42 - 2020-09-08 16:42 - 000285056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2020-09-08 16:42 - 2020-09-08 16:42 - 000283136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2020-09-08 16:42 - 2020-09-08 16:42 - 000272896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstext40.dll
2020-09-08 16:42 - 2020-09-08 16:42 - 000272384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppLockerCSP.dll
2020-09-08 16:42 - 2020-09-08 16:42 - 000269824 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAFMCP.dll
2020-09-08 16:42 - 2020-09-08 16:42 - 000268800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovs.dll
2020-09-08 16:42 - 2020-09-08 16:42 - 000256000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll
2020-09-08 16:42 - 2020-09-08 16:42 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2020-09-08 16:42 - 2020-09-08 16:42 - 000249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\FileHistory.exe
2020-09-08 16:42 - 2020-09-08 16:42 - 000245248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pdh.dll
2020-09-08 16:42 - 2020-09-08 16:42 - 000240128 _____ (Microsoft Corporation) C:\WINDOWS\system32\ssdpsrv.dll
2020-09-08 16:42 - 2020-09-08 16:42 - 000232960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2020-09-08 16:42 - 2020-09-08 16:42 - 000224064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinesam.dll
2020-09-08 16:42 - 2020-09-08 16:42 - 000219136 _____ (Microsoft Corporation) C:\WINDOWS\system32\P2P.dll
2020-09-08 16:42 - 2020-09-08 16:42 - 000214016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scecli.dll
2020-09-08 16:42 - 2020-09-08 16:42 - 000211968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFilterHost.exe
2020-09-08 16:42 - 2020-09-08 16:42 - 000211256 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcbloader.dll
2020-09-08 16:42 - 2020-09-08 16:42 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallServiceTasks.dll
2020-09-08 16:42 - 2020-09-08 16:42 - 000170496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryUpgrade.dll
2020-09-08 16:42 - 2020-09-08 16:42 - 000165184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll
2020-09-08 16:42 - 2020-09-08 16:42 - 000163840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2020-09-08 16:42 - 2020-09-08 16:42 - 000163840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BitLockerCsp.dll
2020-09-08 16:42 - 2020-09-08 16:42 - 000160768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2020-09-08 16:42 - 2020-09-08 16:42 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2020-09-08 16:42 - 2020-09-08 16:42 - 000152064 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdWSD.dll
2020-09-08 16:42 - 2020-09-08 16:42 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
2020-09-08 16:42 - 2020-09-08 16:42 - 000136192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srpapi.dll
2020-09-08 16:42 - 2020-09-08 16:42 - 000133632 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnscmmc.dll
2020-09-08 16:42 - 2020-09-08 16:42 - 000127488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdWSD.dll
2020-09-08 16:42 - 2020-09-08 16:42 - 000124416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnscmmc.dll
2020-09-08 16:42 - 2020-09-08 16:42 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2020-09-08 16:42 - 2020-09-08 16:42 - 000113152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssitlb.dll
2020-09-08 16:42 - 2020-09-08 16:42 - 000108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdSSDP.dll
2020-09-08 16:42 - 2020-09-08 16:42 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll
2020-09-08 16:42 - 2020-09-08 16:42 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2020-09-08 16:42 - 2020-09-08 16:42 - 000096768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2020-09-08 16:42 - 2020-09-08 16:42 - 000093496 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2020-09-08 16:42 - 2020-09-08 16:42 - 000090944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryBroker.dll
2020-09-08 16:42 - 2020-09-08 16:42 - 000090936 _____ (Microsoft Corporation) C:\WINDOWS\system32\vid.dll
2020-09-08 16:42 - 2020-09-08 16:42 - 000089344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2020-09-08 16:42 - 2020-09-08 16:42 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdSSDP.dll
2020-09-08 16:42 - 2020-09-08 16:42 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\samlib.dll
2020-09-08 16:42 - 2020-09-08 16:42 - 000084280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2020-09-08 16:42 - 2020-09-08 16:42 - 000081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dtdump.exe
2020-09-08 16:42 - 2020-09-08 16:42 - 000078336 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhuxgraphics.dll
2020-09-08 16:42 - 2020-09-08 16:42 - 000070144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc.dll
2020-09-08 16:42 - 2020-09-08 16:42 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\udhisapi.dll
2020-09-08 16:42 - 2020-09-08 16:42 - 000065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2020-09-08 16:42 - 2020-09-08 16:42 - 000065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\ssdpapi.dll
2020-09-08 16:42 - 2020-09-08 16:42 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iemigplugin.dll
2020-09-08 16:42 - 2020-09-08 16:42 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssprxy.dll
2020-09-08 16:42 - 2020-09-08 16:42 - 000058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\udhisapi.dll
2020-09-08 16:42 - 2020-09-08 16:42 - 000058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc6.dll
2020-09-08 16:42 - 2020-09-08 16:42 - 000056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndiscap.sys
2020-09-08 16:42 - 2020-09-08 16:42 - 000053760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtutils.dll
2020-09-08 16:42 - 2020-09-08 16:42 - 000050688 _____ (Microsoft Corporation) C:\WINDOWS\system32\tar.exe
2020-09-08 16:42 - 2020-09-08 16:42 - 000050688 _____ (Microsoft Corporation) C:\WINDOWS\system32\NAPCRYPT.DLL
2020-09-08 16:42 - 2020-09-08 16:42 - 000048640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edpnotify.exe
2020-09-08 16:42 - 2020-09-08 16:42 - 000046592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf3216.dll
2020-09-08 16:42 - 2020-09-08 16:42 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msscntrs.dll
2020-09-08 16:42 - 2020-09-08 16:42 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2020-09-08 16:42 - 2020-09-08 16:42 - 000044032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NAPCRYPT.DLL
2020-09-08 16:42 - 2020-09-08 16:42 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tar.exe
2020-09-08 16:42 - 2020-09-08 16:42 - 000041472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\perfctrs.dll
2020-09-08 16:42 - 2020-09-08 16:42 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\upnpcont.exe
2020-09-08 16:42 - 2020-09-08 16:42 - 000039424 _____ (Microsoft Corporation)
C:\WINDOWS\SysWOW64\perfproc.dll
2020-09-08 16:42 - 2020-09-08 16:42 - 000037888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\perfdisk.dll
2020-09-08 16:42 - 2020-09-08 16:42 - 000037888 _____ (Microsoft Corporation) C:\WINDOWS\system32\wslapi.dll
2020-09-08 16:42 - 2020-09-08 16:42 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\perfos.dll
2020-09-08 16:42 - 2020-09-08 16:42 - 000035328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\upnpcont.exe
2020-09-08 16:42 - 2020-09-08 16:42 - 000032256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryCore.dll
2020-09-08 16:42 - 2020-09-08 16:42 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cmintegrator.dll
2020-09-08 16:42 - 2020-09-08 16:42 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msimsg.dll
2020-09-08 16:42 - 2020-09-08 16:42 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimsg.dll
2020-09-08 16:42 - 2020-09-08 16:42 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\perfnet.dll
2020-09-08 16:42 - 2020-09-08 16:42 - 000021304 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdhvcom.dll
2020-09-08 16:42 - 2020-09-08 16:42 - 000020992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appidtel.exe
2020-09-08 16:42 - 2020-09-08 16:42 - 000013824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDJPN.DLL
2020-09-08 16:42 - 2020-09-08 16:42 - 000013312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDKOR.DLL
2020-09-08 16:42 - 2020-09-08 16:42 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dciman32.dll
2020-09-08 16:42 - 2020-09-08 16:42 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kbd106n.dll
2020-09-08 16:42 - 2020-09-08 16:42 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kbd106.dll
2020-09-08 16:42 - 2020-09-08 16:42 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kbd101.DLL
2020-09-08 16:42 - 2020-09-08 16:42 - 000007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msimg32.dll
2020-09-08 16:42 - 2020-09-08 16:42 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2020-09-08 16:42 - 2020-09-08 16:42 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6r.dll
2020-09-08 16:42 - 2020-09-08 16:42 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3r.dll
2020-09-08 16:42 - 2020-09-08 16:42 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\lpk.dll
2020-09-08 16:42 - 2020-09-08 16:42 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth9.bin
2020-09-08 16:42 - 2020-09-08 16:42 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2020-09-08 16:42 - 2020-09-08 16:42 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2020-09-08 16:42 - 2020-09-08 16:42 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2020-09-08 16:42 - 2020-09-08 16:42 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2020-09-08 16:42 - 2020-09-08 16:42 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2020-09-08 16:42 - 2020-09-08 16:42 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2020-09-08 16:42 - 2020-09-08 16:42 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2020-09-08 16:42 - 2020-09-08 16:42 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth12.bin
2020-09-08 16:42 - 2020-09-08 16:42 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth11.bin
2020-09-08 16:42 - 2020-09-08 16:42 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth10.bin
2020-09-08 16:42 - 2020-09-08 16:42 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2020-09-08 16:41 - 2020-09-08 16:41 - 009926456 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2020-09-08 16:41 - 2020-09-08 16:41 - 007910152 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2020-09-08 16:41 - 2020-09-08 16:41 - 007604584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2020-09-08 16:41 - 2020-09-08 16:41 - 007582768 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2020-09-08 16:41 - 2020-09-08 16:41 - 007271232 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2020-09-08 16:41 - 2020-09-08 16:41 - 006170624 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2020-09-08 16:41 - 2020-09-08 16:41 - 005284328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2020-09-08 16:41 - 2020-09-08 16:41 - 005041152 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2020-09-08 16:41 - 2020-09-08 16:41 - 004565248 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2020-09-08 16:41 - 2020-09-08 16:41 - 004048384 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2020-09-08 16:41 - 2020-09-08 16:41 - 004005888 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2020-09-08 16:41 - 2020-09-08 16:41 - 003805696 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2020-09-08 16:41 - 2020-09-08 16:41 - 003727872 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2020-09-08 16:41 - 2020-09-08 16:41 - 003547136 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2020-09-08 16:41 - 2020-09-08 16:41 - 003371176 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2020-09-08 16:41 - 2020-09-08 16:41 - 003265024 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2020-09-08 16:41 - 2020-09-08 16:41 - 003084800 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2020-09-08 16:41 - 2020-09-08 16:41 - 002986808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2020-09-08 16:41 - 2020-09-08 16:41 - 002870784 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2020-09-08 16:41 - 2020-09-08 16:41 - 002774088 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2020-09-08 16:41 - 2020-09-08 16:41 - 002772616 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2020-09-08 16:41 - 2020-09-08 16:41 - 002697536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2020-09-08 16:41 - 2020-09-08 16:41 - 002483712 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll
2020-09-08 16:41 - 2020-09-08 16:41 - 002260824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2020-09-08 16:41 - 2020-09-08 16:41 - 002090280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2020-09-08 16:41 - 2020-09-08 16:41 - 002073600 _____ (Microsoft Corporation) C:\WINDOWS\system32\ISM.dll
2020-09-08 16:41 - 2020-09-08 16:41 - 001999968 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2020-09-08 16:41 - 2020-09-08 16:41 - 001930752 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbghelp.dll
2020-09-08 16:41 - 2020-09-08 16:41 - 001918464 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2020-09-08 16:41 - 2020-09-08 16:41 - 001885184 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2020-09-08 16:41 - 2020-09-08 16:41 - 001743680 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2020-09-08 16:41 - 2020-09-08 16:41 - 001726264 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2020-09-08 16:41 - 2020-09-08 16:41 - 001704960 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2020-09-08 16:41 - 2020-09-08 16:41 - 001698816 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2020-09-08 16:41 - 2020-09-08 16:41 - 001688064 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsPrint.dll
2020-09-08 16:41 - 2020-09-08 16:41 - 001670144 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2020-09-08 16:41 - 2020-09-08 16:41 - 001664696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2020-09-08 16:41 - 2020-09-08 16:41 - 001653792 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2020-09-08 16:41 - 2020-09-08 16:41 - 001522176 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowManagement.dll
2020-09-08 16:41 - 2020-09-08 16:41 - 001512960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdprt.dll
2020-09-08 16:41 - 2020-09-08 16:41 - 001486848 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocoreworker.exe
2020-09-08 16:41 - 2020-09-08 16:41 - 001485824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Vpn.dll
2020-09-08 16:41 - 2020-09-08 16:41 - 001480520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2020-09-08 16:41 - 2020-09-08 16:41 - 001399216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2020-09-08 16:41 - 2020-09-08 16:41 - 001393960 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2020-09-08 16:41 - 2020-09-08 16:41 - 001369088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2020-09-08 16:41 - 2020-09-08 16:41 - 001307464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContentDeliveryManager.Utilities.dll
2020-09-08 16:41 - 2020-09-08 16:41 - 001274128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryPS.dll
2020-09-08 16:41 - 2020-09-08 16:41 - 001260752 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2020-09-08 16:41 - 2020-09-08 16:41 - 001246208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2020-09-08 16:41 - 2020-09-08 16:41 - 001170960 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2020-09-08 16:41 - 2020-09-08 16:41 - 001141048 _____ (Microsoft Corporation) C:\WINDOWS\system32\efscore.dll
2020-09-08 16:41 - 2020-09-08 16:41 - 001092096 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2020-09-08 16:41 - 2020-09-08 16:41 - 001054160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2020-09-08 16:41 - 2020-09-08 16:41 - 000944680 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2020-09-08 16:41 - 2020-09-08 16:41 - 000932352 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2020-09-08 16:41 - 2020-09-08 16:41 - 000932256 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
2020-09-08 16:41 - 2020-09-08 16:41 - 000893104 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2020-09-08 16:41 - 2020-09-08 16:41 - 000892728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2020-09-08 16:41 - 2020-09-08 16:41 - 000867328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2020-09-08 16:41 - 2020-09-08 16:41 - 000858928 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2020-09-08 16:41 - 2020-09-08 16:41 - 000851968 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2020-09-08 16:41 - 2020-09-08 16:41 - 000842240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Language.dll
2020-09-08 16:41 - 2020-09-08 16:41 - 000823752 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2020-09-08 16:41 - 2020-09-08 16:41 - 000822784 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2020-09-08 16:41 - 2020-09-08 16:41 - 000777216 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2020-09-08 16:41 - 2020-09-08 16:41 - 000768504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2020-09-08 16:41 - 2020-09-08 16:41 - 000716304 _____ (Microsoft Corporation) C:\WINDOWS\system32\StateRepository.Core.dll
2020-09-08 16:41 - 2020-09-08 16:41 - 000675840 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2020-09-08 16:41 - 2020-09-08 16:41 - 000667312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PCPKsp.dll
2020-09-08 16:41 - 2020-09-08 16:41 - 000661832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2020-09-08 16:41 - 2020-09-08 16:41 - 000628400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2020-09-08 16:41 - 2020-09-08 16:41 - 000621568 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2020-09-08 16:41 - 2020-09-08 16:41 - 000602112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Payments.dll
2020-09-08 16:41 - 2020-09-08 16:41 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SppExtComObj.Exe
2020-09-08 16:41 - 2020-09-08 16:41 - 000578048 _____ (Microsoft Corporation) C:\WINDOWS\system32\ddraw.dll
2020-09-08 16:41 - 2020-09-08 16:41 - 000561464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2020-09-08 16:41 - 2020-09-08 16:41 - 000550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2020-09-08 16:41 - 2020-09-08 16:41 - 000544336 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2020-09-08 16:41 - 2020-09-08 16:41 - 000544256 _____ (Microsoft Corporation) C:\WINDOWS\system32\usosvc.dll
2020-09-08 16:41 - 2020-09-08 16:41 - 000533504 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2020-09-08 16:41 - 2020-09-08 16:41 - 000530432 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2020-09-08 16:41 - 2020-09-08 16:41 - 000525824 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2020-09-08 16:41 - 2020-09-08 16:41 - 000516608 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2020-09-08 16:41 - 2020-09-08 16:41 - 000510792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64win.dll
2020-09-08 16:41 - 2020-09-08 16:41 - 000506880 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputSwitch.dll
2020-09-08 16:41 - 2020-09-08 16:41 - 000492032 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2020-09-08 16:41 - 2020-09-08 16:41 - 000477496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2020-09-08 16:41 - 2020-09-08 16:41 - 000460192 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2020-09-08 16:41 - 2020-09-08 16:41 - 000457016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2020-09-08 16:41 - 2020-09-08 16:41 - 000444416 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2020-09-08 16:41 - 2020-09-08 16:41 - 000435200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll
2020-09-08 16:41 - 2020-09-08 16:41 - 000424448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputSwitch.dll
2020-09-08 16:41 - 2020-09-08 16:41 - 000419328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Lights.dll
2020-09-08 16:41 - 2020-09-08 16:41 - 000410624 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2020-09-08 16:41 - 2020-09-08 16:41 - 000401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2020-09-08 16:41 - 2020-09-08 16:41 - 000400696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2020-09-08 16:41 - 2020-09-08 16:41 - 000392704 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
2020-09-08 16:41 - 2020-09-08 16:41 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2020-09-08 16:41 - 2020-09-08 16:41 - 000382464 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppLockerCSP.dll
2020-09-08 16:41 - 2020-09-08 16:41 - 000372536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msrpc.sys
2020-09-08 16:41 - 2020-09-08 16:41 - 000368128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2020-09-08 16:41 - 2020-09-08 16:41 - 000365056 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovs.dll
2020-09-08 16:41 - 2020-09-08 16:41 - 000363128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2020-09-08 16:41 - 2020-09-08 16:41 - 000356160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthAgent.dll
2020-09-08 16:41 - 2020-09-08 16:41 - 000353792 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2020-09-08 16:41 - 2020-09-08 16:41 - 000332800 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
2020-09-08 16:41 - 2020-09-08 16:41 - 000324408 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2020-09-08 16:41 - 2020-09-08 16:41 - 000315904 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenterprisediagnostics.dll
2020-09-08 16:41 - 2020-09-08 16:41 - 000312832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2020-09-08 16:41 - 2020-09-08 16:41 - 000308736 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2020-09-08 16:41 - 2020-09-08 16:41 - 000293376 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll
2020-09-08 16:41 - 2020-09-08 16:41 - 000291840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ahcache.sys
2020-09-08 16:41 - 2020-09-08 16:41 - 000279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2020-09-08 16:41 - 2020-09-08 16:41 - 000278016 _____ (Microsoft Corporation) C:\WINDOWS\system32\pdh.dll
2020-09-08 16:41 - 2020-09-08 16:41 - 000277504 _____ (Microsoft Corporation) C:\WINDOWS\system32\scecli.dll
2020-09-08 16:41 - 2020-09-08 16:41 - 000260408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2020-09-08 16:41 - 2020-09-08 16:41 - 000259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\VPNv2CSP.dll
2020-09-08 16:41 - 2020-09-08 16:41 - 000255488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnservice.dll
2020-09-08 16:41 - 2020-09-08 16:41 - 000254776 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinesam.dll
2020-09-08 16:41 - 2020-09-08 16:41 - 000253952 _____ (Microsoft Corporation) C:\WINDOWS\system32\BitLockerCsp.dll
2020-09-08 16:41 - 2020-09-08 16:41 - 000244736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndproxy.sys
2020-09-08 16:41 - 2020-09-08 16:41 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2020-09-08 16:41 - 2020-09-08 16:41 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallServiceTasks.dll
2020-09-08 16:41 - 2020-09-08 16:41 - 000224768 _____ (Microsoft Corporation) C:\WINDOWS\system32\TabSvc.dll
2020-09-08 16:41 - 2020-09-08 16:41 - 000213824 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspicli.dll
2020-09-08 16:41 - 2020-09-08 16:41 - 000209216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2020-09-08 16:41 - 2020-09-08 16:41 - 000208384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryUpgrade.dll
2020-09-08 16:41 - 2020-09-08 16:41 - 000205640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys
2020-09-08 16:41 - 2020-09-08 16:41 - 000204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2020-09-08 16:41 - 2020-09-08 16:41 - 000197632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Win32CompatibilityAppraiserCSP.dll
2020-09-08 16:41 - 2020-09-08 16:41 - 000179512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2020-09-08 16:41 - 2020-09-08 16:41 - 000159232 _____ (Microsoft Corporation) C:\WINDOWS\system32\srpapi.dll
2020-09-08 16:41 - 2020-09-08 16:41 - 000158720 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidpolicyconverter.exe
2020-09-08 16:41 - 2020-09-08 16:41 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2020-09-08 16:41 - 2020-09-08 16:41 - 000146640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sspicli.dll
2020-09-08 16:41 - 2020-09-08 16:41 - 000146248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecdd.sys
2020-09-08 16:41 - 2020-09-08 16:41 - 000132408 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinelsa.dll
2020-09-08 16:41 - 2020-09-08 16:41 - 000131896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mup.sys
2020-09-08 16:41 - 2020-09-08 16:41 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssitlb.dll
2020-09-08 16:41 - 2020-09-08 16:41 - 000127064 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2020-09-08 16:41 - 2020-09-08 16:41 - 000125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2020-09-08 16:41 - 2020-09-08 16:41 - 000123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptcatsvc.dll
2020-09-08 16:41 - 2020-09-08 16:41 - 000122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\samlib.dll
2020-09-08 16:41 - 2020-09-08 16:41 - 000121856 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2020-09-08 16:41 - 2020-09-08 16:41 - 000121856 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatecsp.dll
2020-09-08 16:41 - 2020-09-08 16:41 - 000120832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mapistub.dll
2020-09-08 16:41 - 2020-09-08 16:41 - 000120832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mapi32.dll
2020-09-08 16:41 - 2020-09-08 16:41 - 000108856 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthProxyStub.dll
2020-09-08 16:41 - 2020-09-08 16:41 - 000105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\utcutil.dll
2020-09-08 16:41 - 2020-09-08 16:41 - 000104248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
2020-09-08 16:41 - 2020-09-08 16:41 - 000102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidsvc.dll
2020-09-08 16:41 - 2020-09-08 16:41 - 000092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wanarp.sys
2020-09-08 16:41 - 2020-09-08 16:41 - 000092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc.dll
2020-09-08 16:41 - 2020-09-08 16:41 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2020-09-08 16:41 - 2020-09-08 16:41 - 000079576 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidapi.dll
2020-09-08 16:41 - 2020-09-08 16:41 - 000076800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2020-09-08 16:41 - 2020-09-08 16:41 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc6.dll
2020-09-08 16:41 - 2020-09-08 16:41 - 000066872 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostBroker.exe
2020-09-08 16:41 - 2020-09-08 16:41 - 000065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtutils.dll
2020-09-08 16:41 - 2020-09-08 16:41 - 000063296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthHost.exe
2020-09-08 16:41 - 2020-09-08 16:41 - 000061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
2020-09-08 16:41 - 2020-09-08 16:41 - 000061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\edpnotify.exe
2020-09-08 16:41 - 2020-09-08 16:41 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\msscntrs.dll
2020-09-08 16:41 - 2020-09-08 16:41 - 000059392 _____ C:\WINDOWS\system32\runexehelper.exe
2020-09-08 16:41 - 2020-09-08 16:41 - 000057888 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsass.exe
2020-09-08 16:41 - 2020-09-08 16:41 - 000052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2020-09-08 16:41 - 2020-09-08 16:41 - 000049152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tbauth.dll
2020-09-08 16:41 - 2020-09-08 16:41 - 000047104 _____ (Microsoft Corporation) C:\WINDOWS\system32\perfctrs.dll
2020-09-08 16:41 - 2020-09-08 16:41 - 000045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryCore.dll
2020-09-08 16:41 - 2020-09-08 16:41 - 000045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\cmintegrator.dll
2020-09-08 16:41 - 2020-09-08 16:41 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\perfproc.dll
2020-09-08 16:41 - 2020-09-08 16:41 - 000041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\perfdisk.dll
2020-09-08 16:41 - 2020-09-08 16:41 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\perfos.dll
2020-09-08 16:41 - 2020-09-08 16:41 - 000029184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerCookies.exe
2020-09-08 16:41 - 2020-09-08 16:41 - 000029184 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspisrv.dll
2020-09-08 16:41 - 2020-09-08 16:41 - 000028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndistapi.sys
2020-09-08 16:41 - 2020-09-08 16:41 - 000026624 _____ (Microsoft Corporation) C:\WINDOWS\system32\perfnet.dll
2020-09-08 16:41 - 2020-09-08 16:41 - 000025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidtel.exe
2020-09-08 16:41 - 2020-09-08 16:41 - 000019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidcertstorecheck.exe
2020-09-08 16:41 - 2020-09-08 16:41 - 000018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\applockerfltr.sys
2020-09-08 16:41 - 2020-09-08 16:41 - 000016384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fixmapi.exe
2020-09-08 16:41 - 2020-09-08 16:41 - 000015872 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDJPN.DLL
2020-09-08 16:41 - 2020-09-08 16:41 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\dciman32.dll
2020-09-08 16:41 - 2020-09-08 16:41 - 000008704 _____ (Microsoft Corporation) C:\WINDOWS\system32\kbd106.dll
2020-09-08 16:41 - 2020-09-08 16:41 - 000008192 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimg32.dll
2020-09-08 16:41 - 2020-09-08 16:41 - 000008192 _____ (Microsoft Corporation) C:\WINDOWS\system32\kbd106n.dll
2020-09-08 16:41 - 2020-09-08 16:41 - 000008192 _____ (Microsoft Corporation) C:\WINDOWS\system32\kbd101.dll
2020-09-08 16:41 - 2020-09-08 16:41 - 000003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpk.dll
2020-09-08 16:41 - 2020-09-08 16:41 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2020-09-08 16:41 - 2020-09-08 16:41 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tier2punctuations.dll
2020-09-08 16:41 - 2020-09-08 16:41 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6r.dll
2020-09-08 16:41 - 2020-09-08 16:41 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3r.dll
2020-09-08 16:40 - 2020-09-08 16:40 - 007845080 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2020-09-08 16:40 - 2020-09-08 16:40 - 006233080 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2020-09-08 16:40 - 2020-09-08 16:40 - 003985920 _____ (Microsoft Corporation) C:\WINDOWS\system32\tellib.dll
2020-09-08 16:40 - 2020-09-08 16:40 - 003714048 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2020-09-08 16:40 - 2020-09-08 16:40 - 003581240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2020-09-08 16:40 - 2020-09-08 16:40 - 003136000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2020-09-08 16:40 - 2020-09-08 16:40 - 002711552 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2020-09-08 16:40 - 2020-09-08 16:40 - 002454904 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2020-09-08 16:40 - 2020-09-08 16:40 - 002291712 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2020-09-08 16:40 - 2020-09-08 16:40 - 002060288 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdprt.dll
2020-09-08 16:40 - 2020-09-08 16:40 - 001942016 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2020-09-08 16:40 - 2020-09-08 16:40 - 001784832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2020-09-08 16:40 - 2020-09-08 16:40 - 001767424 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2020-09-08 16:40 - 2020-09-08 16:40 - 001751040 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2020-09-08 16:40 - 2020-09-08 16:40 - 001746232 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2020-09-08 16:40 - 2020-09-08 16:40 - 001499136 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2020-09-08 16:40 - 2020-09-08 16:40 - 001182720 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2020-09-08 16:40 - 2020-09-08 16:40 - 001182208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2020-09-08 16:40 - 2020-09-08 16:40 - 001149712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2020-09-08 16:40 - 2020-09-08 16:40 - 001008952 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2020-09-08 16:40 - 2020-09-08 16:40 - 000981320 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2020-09-08 16:40 - 2020-09-08 16:40 - 000978232 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCPKsp.dll
2020-09-08 16:40 - 2020-09-08 16:40 - 000874296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2020-09-08 16:40 - 2020-09-08 16:40 - 000841216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2020-09-08 16:40 - 2020-09-08 16:40 - 000817152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\PEAuth.sys
2020-09-08 16:40 - 2020-09-08 16:40 - 000750080 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2020-09-08 16:40 - 2020-09-08 16:40 - 000722072 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2020-09-08 16:40 - 2020-09-08 16:40 - 000648192 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpsvc.dll
2020-09-08 16:40 - 2020-09-08 16:40 - 000555320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Vid.sys
2020-09-08 16:40 - 2020-09-08 16:40 - 000521728 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpusersvc.dll
2020-09-08 16:40 - 2020-09-08 16:40 - 000441152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2020-09-08 16:40 - 2020-09-08 16:40 - 000434176 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountExtension.dll
2020-09-08 16:40 - 2020-09-08 16:40 - 000379904 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2020-09-08 16:40 - 2020-09-08 16:40 - 000375096 _____ (Microsoft Corporation) C:\WINDOWS\system32\thumbcache.dll
2020-09-08 16:40 - 2020-09-08 16:40 - 000294400 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2020-09-08 16:40 - 2020-09-08 16:40 - 000279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\smbwmiv2.dll
2020-09-08 16:40 - 2020-09-08 16:40 - 000273208 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostUser.dll
2020-09-08 16:40 - 2020-09-08 16:40 - 000271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2020-09-08 16:40 - 2020-09-08 16:40 - 000265216 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2020-09-08 16:40 - 2020-09-08 16:40 - 000256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateDeploymentProvider.dll
2020-09-08 16:40 - 2020-09-08 16:40 - 000250680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
2020-09-08 16:40 - 2020-09-08 16:40 - 000233472 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2020-09-08 16:40 - 2020-09-08 16:40 - 000232960 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2020-09-08 16:40 - 2020-09-08 16:40 - 000224072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelppm.sys
2020-09-08 16:40 - 2020-09-08 16:40 - 000209920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2020-09-08 16:40 - 2020-09-08 16:40 - 000208712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\processr.sys
2020-09-08 16:40 - 2020-09-08 16:40 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2020-09-08 16:40 - 2020-09-08 16:40 - 000201544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\amdppm.sys
2020-09-08 16:40 - 2020-09-08 16:40 - 000200704 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2020-09-08 16:40 - 2020-09-08 16:40 - 000200008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\amdk8.sys
2020-09-08 16:40 - 2020-09-08 16:40 - 000160256 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
2020-09-08 16:40 - 2020-09-08 16:40 - 000150528 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapistub.dll
2020-09-08 16:40 - 2020-09-08 16:40 - 000150528 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapi32.dll
2020-09-08 16:40 - 2020-09-08 16:40 - 000142152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2020-09-08 16:40 - 2020-09-08 16:40 - 000129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\UtcDecoderHost.exe
2020-09-08 16:40 - 2020-09-08 16:40 - 000120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
2020-09-08 16:40 - 2020-09-08 16:40 - 000108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanprotdim.dll
2020-09-08 16:40 - 2020-09-08 16:40 - 000102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\NFCProvisioningPlugin.dll
2020-09-08 16:40 - 2020-09-08 16:40 - 000097792 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdatastore.dll
2020-09-08 16:40 - 2020-09-08 16:40 - 000091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll
2020-09-08 16:40 - 2020-09-08 16:40 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\BarcodeProvisioningPlugin.dll
2020-09-08 16:40 - 2020-09-08 16:40 - 000084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe
2020-09-08 16:40 - 2020-09-08 16:40 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\CustomInstallExec.exe
2020-09-08 16:40 - 2020-09-08 16:40 - 000066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemovableMediaProvisioningPlugin.dll
2020-09-08 16:40 - 2020-09-08 16:40 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\tbauth.dll
2020-09-08 16:40 - 2020-09-08 16:40 - 000059192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storufs.sys
2020-09-08 16:40 - 2020-09-08 16:40 - 000057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2020-09-08 16:40 - 2020-09-08 16:40 - 000047008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2020-09-08 16:40 - 2020-09-08 16:40 - 000041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rndismp6.sys
2020-09-08 16:40 - 2020-09-08 16:40 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerCookies.exe
2020-09-08 16:40 - 2020-09-08 16:40 - 000036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BtaMPM.sys
2020-09-08 16:40 - 2020-09-08 16:40 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Provisioning.ProxyStub.dll
2020-09-08 16:40 - 2020-09-08 16:40 - 000031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\FaxPrinterInstaller.dll
2020-09-08 16:40 - 2020-09-08 16:40 - 000030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\KNetPwrDepBroker.sys
2020-09-08 16:40 - 2020-09-08 16:40 - 000024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usb80236.sys
2020-09-08 16:40 - 2020-09-08 16:40 - 000021504 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdiagnostics.dll
2020-09-08 16:40 - 2020-09-08 16:40 - 000021504 _____ (Microsoft Corporation) C:\WINDOWS\system32\fixmapi.exe
2020-09-08 16:26 - 2020-08-15 00:25 - 000492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2020-09-08 16:26 - 2020-08-15 00:15 - 000390656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2020-08-28 11:22 - 2020-09-02 14:47 - 000000000 ____D C:\Users\User\Desktop\tia anita
2020-08-27 11:48 - 2020-08-27 12:02 - 002616286 _____ C:\Users\User\Desktop\REPORTE DIARIO DE EQUIPO Y OPERADOR.cdr
2020-08-25 14:45 - 2020-08-25 14:45 - 001064124 _____ C:\Users\User\Desktop\los que faltan.cdr
2020-08-25 11:31 - 2020-08-25 11:31 - 000309768 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_klark.sys
2020-08-25 11:21 - 2020-08-25 11:21 - 000256760 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_arkmon.sys
2020-08-25 11:21 - 2020-08-25 11:21 - 000206888 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_mark.sys
2020-08-25 11:21 - 2020-08-25 11:21 - 000117512 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_klbg.sys
2020-08-25 11:21 - 2020-08-25 11:21 - 000099152 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_kimul.sys
2020-08-25 11:21 - 2020-08-25 11:21 - 000002199 _____ C:\Users\Public\Desktop\Kaspersky Internet Security.lnk
2020-08-25 11:21 - 2020-08-25 11:21 - 000001263 _____ C:\Users\Public\Desktop\Kaspersky Secure Connection.lnk
2020-08-25 11:21 - 2020-08-25 11:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Secure Connection
2020-08-25 11:21 - 2020-08-25 11:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security
2020-08-25 11:20 - 2020-06-29 20:14 - 000984320 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klif.sys
2020-08-25 11:20 - 2020-06-29 20:14 - 000509184 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klflt.sys
2020-08-25 11:20 - 2020-06-29 20:14 - 000110176 _____ (Kaspersky Lab ZAO) C:\WINDOWS\system32\klfphc.dll

==================== Un mes (modificado) ==================

(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)

2020-09-19 20:57 - 2019-03-18 23:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-09-19 17:48 - 2020-01-15 14:02 - 001980476 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-09-19 17:48 - 2019-03-19 06:59 - 000863328 _____ C:\WINDOWS\system32\perfh00A.dat
2020-09-19 17:48 - 2019-03-19 06:59 - 000192064 _____ C:\WINDOWS\system32\perfc00A.dat
2020-09-19 17:48 - 2019-03-18 23:50 - 000000000 ____D C:\WINDOWS\INF
2020-09-19 17:48 - 2017-08-21 18:10 - 000000000 ____D C:\Program Files (x86)\Google
2020-09-19 17:43 - 2020-01-15 14:08 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-09-19 17:42 - 2019-03-18 23:37 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2020-09-19 16:47 - 2018-06-18 17:41 - 000000000 ____D C:\Users\User\AppData\Local\CrashDumps
2020-09-19 16:33 - 2020-01-18 23:26 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2020-09-19 16:27 - 2017-09-16 13:54 - 000000000 ____D C:\Users\User\AppData\Roaming\IObit
2020-09-19 16:26 - 2017-08-28 14:20 - 000000000 ____D C:\AdwCleaner
2020-09-19 16:00 - 2019-04-26 13:46 - 000000000 ____D C:\Program Files (x86)\TextAloud
2020-09-19 15:51 - 2019-03-18 23:52 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2020-09-19 15:19 - 2020-01-18 23:26 - 000000000 ____D C:\Program Files\CCleaner
2020-09-19 15:09 - 2020-01-15 13:53 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-09-18 19:37 - 2019-03-18 23:52 - 000000000 ____D C:\WINDOWS\system32\NDF
2020-09-18 19:10 - 2017-08-21 18:30 - 000000000 ____D C:\Users\User\AppData\Roaming\vlc
2020-09-18 18:36 - 2020-02-04 14:50 - 000000000 ____D C:\Users\User\AppData\Local\DiskDrill
2020-09-18 17:31 - 2020-03-03 18:34 - 000000000 ____D C:\SUNATPDT
2020-09-18 17:31 - 2020-01-15 11:51 - 000000000 ____D C:\ESD
2020-09-18 17:31 - 2017-08-21 18:00 - 000000000 ____D C:\Users\User\AppData\Local\VirtualStore
2020-09-18 17:28 - 2017-08-22 00:35 - 000000000 ____D C:\ProgramData\Kaspersky Lab
2020-09-18 17:07 - 2017-08-21 18:12 - 000000000 ____D C:\Users\User\AppData\Roaming\Winamp
2020-09-18 16:38 - 2019-03-18 23:37 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2020-09-17 22:44 - 2020-02-11 22:14 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2020-09-17 15:42 - 2019-03-18 23:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-09-17 15:34 - 2017-08-28 22:38 - 000011228 _____ C:\Users\User\gsview32.ini
2020-09-14 17:17 - 2020-01-06 17:15 - 147983687 _____ C:\Users\User\Desktop\PAGOS ALEXANDRA.cdr
2020-09-13 22:24 - 2019-03-18 23:52 - 000000000 ___HD C:\Program Files\WindowsApps
2020-09-12 11:43 - 2020-01-15 14:21 - 000000000 ____D C:\Users\User\AppData\Local\PlaceholderTileLogoFolder
2020-09-11 00:48 - 2018-01-26 01:59 - 000000000 ____D C:\Users\User\Documents\Camtasia Studio
2020-09-10 22:22 - 2020-06-08 19:40 - 000002440 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2020-09-10 22:22 - 2020-01-15 14:20 - 000003356 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-691198722-108262031-710922791-1000
2020-09-10 22:22 - 2020-01-15 14:20 - 000000000 __RDL C:\Users\User\OneDrive
2020-09-10 22:22 - 2020-01-15 14:02 - 000002427 _____ C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-09-09 10:40 - 2020-01-15 14:09 - 000000000 __RHD C:\Users\Public\AccountPictures
2020-09-09 10:40 - 2020-01-15 14:09 - 000000000 ___RD C:\Users\User\3D Objects
2020-09-09 10:39 - 2020-01-15 13:52 - 005340576 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-09-08 23:50 - 2019-03-19 07:01 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2020-09-08 23:50 - 2019-03-18 23:52 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2020-09-08 23:50 - 2019-03-18 23:52 - 000000000 ___RD C:\WINDOWS\PrintDialog
2020-09-08 23:50 - 2019-03-18 23:52 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2020-09-08 23:50 - 2019-03-18 23:52 - 000000000 ____D C:\WINDOWS\SystemResources
2020-09-08 23:50 - 2019-03-18 23:52 - 000000000 ____D C:\WINDOWS\system32\oobe
2020-09-08 23:50 - 2019-03-18 23:52 - 000000000 ____D C:\WINDOWS\system32\migwiz
2020-09-08 23:50 - 2019-03-18 23:52 - 000000000 ____D C:\WINDOWS\ShellExperiences
2020-09-08 23:50 - 2019-03-18 23:52 - 000000000 ____D C:\WINDOWS\Provisioning
2020-09-08 23:50 - 2019-03-18 23:52 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2020-09-08 23:50 - 2019-03-18 23:52 - 000000000 ____D C:\WINDOWS\bcastdvr
2020-09-08 16:53 - 2019-03-18 23:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-09-08 16:51 - 2017-08-21 21:50 - 000000000 ____D C:\WINDOWS\system32\MRT
2020-09-08 16:48 - 2017-08-21 21:50 - 129170736 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2020-09-08 16:40 - 2020-01-15 13:55 - 002876416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2020-08-25 19:24 - 2017-08-21 18:10 - 000001135 _____ C:\Users\Public\Desktop\VLC media player.lnk
2020-08-25 19:24 - 2017-08-21 18:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2020-08-25 16:17 - 2017-08-21 18:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UltraISO
2020-08-25 16:17 - 2017-08-21 18:08 - 000000000 ____D C:\Program Files (x86)\UltraISO
2020-08-25 12:26 - 2017-08-22 00:09 - 000000000 ____D C:\ProgramData\Kaspersky Lab Setup Files
2020-08-25 11:21 - 2017-08-22 00:36 - 000000000 ____D C:\Program Files\Common Files\AV
2020-08-25 11:21 - 2017-08-22 00:35 - 000000000 ____D C:\Program Files (x86)\Kaspersky Lab
2020-08-24 21:11 - 2018-03-16 18:23 - 000000000 ____D C:\Users\User\AppData\Roaming\Media Player Classic
2020-08-24 09:22 - 2020-06-08 19:40 - 000003652 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2020-08-24 09:22 - 2020-06-08 19:40 - 000003528 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2020-08-21 22:03 - 2017-08-29 22:37 - 000002136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2020-08-20 16:02 - 2019-04-05 16:26 - 000001456 _____ C:\Users\User\AppData\Local\Adobe Guardar para Web 13.0 Prefs

==================== Archivos en la raíz de algunos directorios ========

2014-07-10 01:16 - 2014-07-10 01:16 - 002174976 _____ (Advanced Micro Devices Inc.) C:\Program Files (x86)\Common Files\atimpenc.dll
2017-09-09 17:30 - 2019-12-14 11:09 - 000000132 _____ () C:\Users\User\AppData\Roaming\Prefs. de formato PNG de Adobe CS6
2019-04-05 16:26 - 2020-08-20 16:02 - 000001456 _____ () C:\Users\User\AppData\Local\Adobe Guardar para Web 13.0 Prefs
2020-09-18 17:28 - 2020-09-18 17:28 - 000000560 _____ () C:\Users\User\AppData\Local\bowsakkdestx.txt
2020-08-10 16:00 - 2020-08-10 16:10 - 000003168 _____ () C:\Users\User\AppData\Local\krita-sysinfo.log
2020-08-10 16:00 - 2020-08-10 18:22 - 000003768 _____ () C:\Users\User\AppData\Local\krita.log
2020-08-10 18:22 - 2020-08-10 18:22 - 000000153 _____ () C:\Users\User\AppData\Local\kritadisplayrc
2020-08-10 16:01 - 2020-08-10 18:22 - 000024107 _____ () C:\Users\User\AppData\Local\kritarc
2020-02-11 22:25 - 2020-02-11 22:25 - 000000000 _____ () C:\Users\User\AppData\Local\oobelibMkey.log
2020-03-12 08:37 - 2020-03-12 08:37 - 000000000 _____ () C:\Users\User\AppData\Local\{E1CDF383-ADBA-4C88-A1AB-49504175F60A}

==================== SigCheck ============================

(No existe una corrección automática para los archivos que no pasan la verificación.)

==================== Final de FRST.txt ========================

Hola

:arrow_forward: MUY Importante :arrow_backward: Realiza una copia de seguridad del registro :

  • Para hacerlo descarga :arrow_forward: DelFix.exe( en tu escritorio).

  • Doble clic para ejecutarlo.(Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona -Ejecutar como Administrador-).

  • Atención, ahora marca/selecciona únicamente la casilla "Create registry backup", las demás NO.

  • Pulsar en Run.

Se abrirá el informe (DelFix.txt), guárdalo por si fuera necesario y cierra la herramienta.

A continuación :warning: con los demás programas cerrados ve a :arrow_forward: Inicio :arrow_forward: Ejecutar :arrow_forward: y escribe Notepad.exe.

  • Ahora debes copiar y pegar los códigos/líneas que están en el interior del recuadro de más abajo, dentro del Notepad.
START
CREATERESTOREPOINT:
CLOSEPROCESSES:
CHR HKLM\SOFTWARE\Policies\Google: Restricción <==== ATENCIÓN
Task: {9C735C5D-58F8-4C26-9B2B-CD34122006BA} - \Microsoft\Windows\Setup\EOSNotify2 -> Ningún archivo <==== ATENCIÓN
Task: {AD3BC9AC-570D-4152-98B1-D420514D7D83} - \Microsoft\Windows\Setup\EOSNotify -> Ningún archivo <==== ATENCIÓN
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 18.0.0\FFExt\light_plugin_firefox\addon.xpi => no encontrado
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.1\FFExt\light_plugin_firefox\addon.xpi => no encontrado
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 18.0.0\FFExt\light_plugin_firefox\addon.xpi => no encontrado
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_7571494CE0B94E11[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.1\FFExt\light_plugin_firefox\addon.xpi => no encontrado
CHR Extension: (d8yI+Hf7rX) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\mbhgemjpjakkjohiflifdkefijjdcnbj [2020-09-18]
CHR Extension: (d8yI+Hf7rX) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Guest Profile\Extensions\mbhgemjpjakkjohiflifdkefijjdcnbj [2020-09-18]
CHR Extension: (d8yI+Hf7rX) - C:\Users\User\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\mbhgemjpjakkjohiflifdkefijjdcnbj [2020-09-18]
CHR HKLM\...\Chrome\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm] - hxxps://chrome.google.com/webstore/detail/ahkjpbeeocnddjkakilopmfdlnjdpcdm
CHR HKLM-x32\...\Chrome\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm] - hxxps://chrome.google.com/webstore/detail/ahkjpbeeocnddjkakilopmfdlnjdpcdm
CHR HKLM-x32\...\Chrome\Extension: [ccjleegmemocfpghkhpjmiccjcacackp]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
R2 PfFilter; C:\Program Files (x86)\IObit\Protected Folder\pffilter.sys [39104 2015-03-10] (IObit Information Technology -> IObit Information Technology)
U3 idsvc; no ImagePath
2020-09-18 17:31 - 2020-09-18 17:43 - 000000000 ____D C:\Users\User\AppData\Roaming\iy5ue114omm
2020-09-18 17:28 - 2020-09-18 19:18 - 000000000 ____D C:\Users\User\AppData\Local\f13d4dae-6fd3-4154-af4d-e1da0a7d59f7
2020-09-18 17:28 - 2020-09-18 17:44 - 000000000 ____D C:\Users\User\AppData\Local\8fea09cf-4f47-46bd-8ae1-06f32126dd62
2020-09-18 17:28 - 2020-09-18 17:28 - 000000000 ____D C:\ProgramData\2CLAPA0LRDXNNNT8EWHTK9AJ7
2020-09-18 17:27 - 2020-09-18 17:27 - 000000000 ____D C:\Users\User\AppData\Roaming\d23za3iegxq
2020-09-19 16:27 - 2017-09-16 13:54 - 000000000 ____D C:\Users\User\AppData\Roaming\IObit
2020-02-11 22:25 - 2020-02-11 22:25 - 000000000 _____ () C:\Users\User\AppData\Local\oobelibMkey.log
2020-03-12 08:37 - 2020-03-12 08:37 - 000000000 _____ () C:\Users\User\AppData\Local\{E1CDF383-ADBA-4C88-A1AB-49504175F60A}
AlternateDataStreams: C:\Users\User:.repos [616611]
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxlctlfudivq`qsp`20hfm [0]
AlternateDataStreams: C:\Users\User\Desktop\Notepad.lnk:com.dropbox.attributes [168]

HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
END

Guárdalo bajo el nombre de FIXLIST.TXT en el escritorio :arrow_backward: Esto es muy importante.

:o: Nota :o: Es importante que la herramienta FRST.exe (Farbar Recovery Scanner Tool) y FIXLIST.TXT se encuentren en la misma ubicación (escritorio) o si no, no trabajara.


Y ahora usa el 2º MÉTODO: de esta Faq de Windows 8(aplicable a Windows 10) :arrow_forward: ¿Cómo iniciar Windows 8/8.1 en Modo Seguro?, para trabajar desde ese modo de windows.

  • Ejecuta FRST.exe.(Si usas Windows Vista/7/8 o 10, presiona clic derecho y seleccionas -Ejecutar como Administrador-).
  • Presionar el botón FIX/Corregir y aguardar a que termine.
  • La Herramienta guardara el reporte de reparación en el escritorio (FIXLOG.TXT).

Pega el contenido de este fichero en tu próxima respuesta.

Reiniciar el equipo y comprobar su funcionamiento en relación al problema planteado y comentarlo.

Un saludo

Hola, realice todo el procedimiento, los programas se ejecutaron y emitieron los reportes a excepción de FRST que solamente creo una carpeta en el que había un exe llamado FRST64.EXE , mas no generó ningún reporte, pero comprobé usando el navegador y note que ya no había esas detecciones de dominios bloqueados del antivirus al entrar a paginas, si hay alguna forma de acceder al reporte me lo comentan por favor. Una pregunta, el antivirus que descargue le quedan 14 dias de prueba, en la version gratuita mi equipo esta vulnerable a nuevas infecciones, como podria mantenerlo protegido? le agradeceria su respuesta, les envío los 2 reportes de DELFIX Y FIXLOG. Saludos

REPORTE DELFIX :


  # DelFix v1.013 - Logfile created 20/09/2020 at 17:22:48
# Updated 17/04/2016 by Xplode
# Username : User - USER-PC
# Operating System : Windows 10 Enterprise  (64 bits)

~ Creating registry backup ... OK

########## - EOF - ##########

REPORTE FIXLOG:

  
Resultados de la corrección de Farbar Recovery Scan Tool (x64) Versión: 20-09-2020
Ejecutado por User (20-09-2020 17:52:45) Run:1
Ejecutado desde C:\Users\User\Desktop
Perfiles cargados: User
Modo de Inicio: Safe Mode (with Networking)
==============================================

fixlist contenido:
*****************
START
CREATERESTOREPOINT:
CLOSEPROCESSES:
CHR HKLM\SOFTWARE\Policies\Google: Restricción <==== ATENCIÓN
Task: {9C735C5D-58F8-4C26-9B2B-CD34122006BA} - \Microsoft\Windows\Setup\EOSNotify2 -> Ningún archivo <==== ATENCIÓN
Task: {AD3BC9AC-570D-4152-98B1-D420514D7D83} - \Microsoft\Windows\Setup\EOSNotify -> Ningún archivo <==== ATENCIÓN
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 18.0.0\FFExt\light_plugin_firefox\addon.xpi => no encontrado
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.1\FFExt\light_plugin_firefox\addon.xpi => no encontrado
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 18.0.0\FFExt\light_plugin_firefox\addon.xpi => no encontrado
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.1\FFExt\light_plugin_firefox\addon.xpi => no encontrado
CHR Extension: (d8yI+Hf7rX) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\mbhgemjpjakkjohiflifdkefijjdcnbj [2020-09-18]
CHR Extension: (d8yI+Hf7rX) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Guest Profile\Extensions\mbhgemjpjakkjohiflifdkefijjdcnbj [2020-09-18]
CHR Extension: (d8yI+Hf7rX) - C:\Users\User\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\mbhgemjpjakkjohiflifdkefijjdcnbj [2020-09-18]
CHR HKLM\...\Chrome\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm] - hxxps://chrome.google.com/webstore/detail/ahkjpbeeocnddjkakilopmfdlnjdpcdm
CHR HKLM-x32\...\Chrome\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm] - hxxps://chrome.google.com/webstore/detail/ahkjpbeeocnddjkakilopmfdlnjdpcdm
CHR HKLM-x32\...\Chrome\Extension: [ccjleegmemocfpghkhpjmiccjcacackp]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
R2 PfFilter; C:\Program Files (x86)\IObit\Protected Folder\pffilter.sys [39104 2015-03-10] (IObit Information Technology -> IObit Information Technology)
U3 idsvc; no ImagePath
2020-09-18 17:31 - 2020-09-18 17:43 - 000000000 ____D C:\Users\User\AppData\Roaming\iy5ue114omm
*****************

Error: El punto de restauración solamente puede ser creado en modo normal.
Procesos cerrados correctamente.
HKLM\SOFTWARE\Policies\Google => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9C735C5D-58F8-4C26-9B2B-CD34122006BA}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9C735C5D-58F8-4C26-9B2B-CD34122006BA}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\EOSNotify2" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{AD3BC9AC-570D-4152-98B1-D420514D7D83}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AD3BC9AC-570D-4152-98B1-D420514D7D83}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\EOSNotify" => eliminado correctamente
"HKLM\Software\Mozilla\Firefox\Extensions\\[email protected]" => eliminado correctamente
"HKLM\Software\Mozilla\Firefox\Extensions\\[email protected]" => eliminado correctamente
"HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\[email protected]" => eliminado correctamente
"HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\[email protected]" => eliminado correctamente
CHR Extension: (d8yI+Hf7rX) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\mbhgemjpjakkjohiflifdkefijjdcnbj [2020-09-18] => Error: Ninguna corrección automática encontrada para esta entrada.
CHR Extension: (d8yI+Hf7rX) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Guest Profile\Extensions\mbhgemjpjakkjohiflifdkefijjdcnbj [2020-09-18] => Error: Ninguna corrección automática encontrada para esta entrada.
CHR Extension: (d8yI+Hf7rX) - C:\Users\User\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\mbhgemjpjakkjohiflifdkefijjdcnbj [2020-09-18] => Error: Ninguna corrección automática encontrada para esta entrada.
HKLM\SOFTWARE\Google\Chrome\Extensions\ahkjpbeeocnddjkakilopmfdlnjdpcdm => eliminado correctamente
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\ahkjpbeeocnddjkakilopmfdlnjdpcdm => eliminado correctamente
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\ccjleegmemocfpghkhpjmiccjcacackp => eliminado correctamente
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\efaidnbmnnnibpcajpcglclefindmkaj => eliminado correctamente
HKLM\System\CurrentControlSet\Services\PfFilter => eliminado correctamente
PfFilter => servicio eliminado correctamente
HKLM\System\CurrentControlSet\Services\idsvc => eliminado correctamente
idsvc => servicio eliminado correctamente
C:\Users\User\AppData\Roaming\iy5ue114omm => movido correctamente


El sistema necesita reiniciarse.

==== Final de Fixlog 17:52:45 ====