Virus invisible

Antonio_Herrera_Carr · 3 Noviembre, 2019 15:02

hola buenas tardes, el caso es que el Edge me empezó a sacar montones de ventanas que no se podian cerrar, tenia Malwarebytes en version de prueba, le hice un analisis y me salieron un monton de virus, le di a eliminar y reinició. las ventanas dejaron de aparecer pero ahora ela proteccion del Malwarebytes se me queda deshabilitada, le meti el eset internet pero no me deja activarlo, he probrado con el panda y me hace lo mismo. le paso el Malwarebytes y me dice que no hay nada. ni adwcleaner tambien me dice que estoy limpio. correo electronico si que tengo.

gracias

Antonio_Herrera_Carr · 3 Noviembre, 2019 15:13

 Malwarebytes
www.malwarebytes.com

-Detalles del registro-
Fecha del análisis: 1/11/19
Hora del análisis: 18:44
Archivo de registro: 453052b2-fccf-11e9-8e4f-68f7284e136e.json

-Información del software-
Versión: 3.8.3.2965
Versión de los componentes: 1.0.629
Versión del paquete de actualización: 1.0.13141
Licencia: Prueba

-Información del sistema-
SO: Windows 10 (Build 18362.418)
CPU: x64
Sistema de archivos: NTFS
Usuario: ANTONIOMARIA\yuyub

-Resumen del análisis-
Tipo de análisis: Análisis de amenazas
Análisis iniciado por:: Manual
Resultado: Completado
Objetos analizados: 345288
Amenazas detectadas: 353
Amenazas en cuarentena: 347
Tiempo transcurrido: 3 hr, 41 min, 27 seg

-Opciones de análisis-
Memoria: Activado
Inicio: Activado
Sistema de archivos: Activado
Archivo: Activado
Rootkits: Desactivado
Heurística: Activado
PUP: Detectar
PUM: Detectar

-Detalles del análisis-
Proceso: 32
Adware.Tuto4PC.Generic, C:\USERS\YUYUB\APPDATA\LOCAL\TEMP\IS-JPV1C.TMP\EINSTEINFEED.EXE, En cuarentena, [3702], [667274],1.0.13141
Generic.Malware/Suspicious, C:\USERS\YUYUB\APPDATA\ROAMING\53OMLXWZ1KL\NHOEPEZTVRI.EXE, En cuarentena, [0], [392686],1.0.13141
Generic.Malware/Suspicious, C:\USERS\YUYUB\APPDATA\ROAMING\ZYXCPEELMP0\TL2U1FVVSEJ.EXE, En cuarentena, [0], [392686],1.0.13141
Generic.Malware/Suspicious, C:\USERS\YUYUB\APPDATA\ROAMING\UA5YNEA4VTO\SQ41BASBS3L.EXE, En cuarentena, [0], [392686],1.0.13141
Generic.Malware/Suspicious, C:\USERS\YUYUB\APPDATA\ROAMING\F2BIHHCMVF0\1VGL4A4HKEB.EXE, En cuarentena, [0], [392686],1.0.13141
Generic.Malware/Suspicious, C:\USERS\YUYUB\APPDATA\ROAMING\UXOF1ELGTUJ\2G2U4FJHECS.EXE, En cuarentena, [0], [392686],1.0.13141
Generic.Malware/Suspicious, C:\USERS\YUYUB\APPDATA\ROAMING\VRCLJZ5XEN0\WSOCPFKZFOW.EXE, En cuarentena, [0], [392686],1.0.13141
Generic.Malware/Suspicious, C:\USERS\YUYUB\APPDATA\ROAMING\NTLDPWLGWO3\2HHD2VNSIGV.EXE, En cuarentena, [0], [392686],1.0.13141
Generic.Malware/Suspicious, C:\USERS\YUYUB\APPDATA\ROAMING\R24PZJH5FLK\ZF4OEZG1QNG.EXE, En cuarentena, [0], [392686],1.0.13141
Generic.Malware/Suspicious, C:\USERS\YUYUB\APPDATA\ROAMING\IZ0QIYWR2YM\WL10YZF40Y2.EXE, En cuarentena, [0], [392686],1.0.13141
Adware.Tuto4PC.Generic, C:\USERS\YUYUB\APPDATA\ROAMING\CFOT1KVZM4H\DMO4JGCG01R.EXE, En cuarentena, [3702], [521959],1.0.13141
Adware.Tuto4PC.Generic, C:\USERS\YUYUB\APPDATA\ROAMING\SUUY3YSRVXJ\3TH2VLRP10J.EXE, En cuarentena, [3702], [521959],1.0.13141
Adware.Tuto4PC.Generic, C:\USERS\YUYUB\APPDATA\ROAMING\V4GEP5JKDRO\Z2YU3JAWUAE.EXE, En cuarentena, [3702], [521959],1.0.13141
Adware.Tuto4PC.Generic, C:\USERS\YUYUB\APPDATA\ROAMING\253B31USBAI\Y24OF3NG3UK.EXE, En cuarentena, [3702], [521959],1.0.13141
Adware.Tuto4PC.Generic, C:\USERS\YUYUB\APPDATA\ROAMING\CZKZ4VJGCMS\Y5ZE4AKQJPN.EXE, En cuarentena, [3702], [521959],1.0.13141
Adware.Tuto4PC.Generic, C:\PROGRAM FILES (X86)\SLIDE\467248868.EXE, En cuarentena, [3702], [730662],1.0.13141
Adware.Tuto4PC.Generic, C:\PROGRAM FILES (X86)\NAGA\542770149.EXE, En cuarentena, [3702], [730662],1.0.13141
Adware.Tuto4PC.Generic, C:\Program Files\6RYSU336US\05G0M7TPP.exe, En cuarentena, [3702], [385289],1.0.13141
Adware.Tuto4PC.Generic, C:\Program Files\IMO8XGMCBO\IMO8XGMCB.exe, En cuarentena, [3702], [357599],1.0.13141
Adware.Tuto4PC.Generic, C:\Program Files\1YW1JA8T1A\1YW1JA8T1.exe, En cuarentena, [3702], [357599],1.0.13141
Adware.Tuto4PC.Generic, C:\Program Files\F8CUYL4HU7\F8CUYL4HU.exe, En cuarentena, [3702], [357599],1.0.13141
Adware.Tuto4PC.Generic, C:\Program Files\UKLN3ZK7J9\8RXW35CA7.exe, En cuarentena, [3702], [357599],1.0.13141
Adware.Tuto4PC.Generic, C:\Program Files\FX8BJUS1RJ\FX8BJUS1R.exe, En cuarentena, [3702], [357599],1.0.13141
Adware.Tuto4PC.Generic, C:\Program Files\PXSIRCNJQT\PXSIRCNJQ.exe, En cuarentena, [3702], [357599],1.0.13141
Adware.Tuto4PC.Generic, C:\Program Files\OGQTN4JQ4D\PLNI9NGJQ.exe, En cuarentena, [3702], [357599],1.0.13141
Adware.Tuto4PC.Generic, C:\Program Files\0SCX5RSRP1\7V1J5UOBJ.exe, En cuarentena, [3702], [357599],1.0.13141
Adware.Csdimonetize, C:\PROGRAM FILES\3485FLQS0D\ESMTUTRHH.EXE, En cuarentena, [2925], [648561],1.0.13141
Adware.Csdimonetize, C:\PROGRAM FILES\8OKJJNUSMW\9QJWO5J5M.EXE, En cuarentena, [2925], [648561],1.0.13141
Adware.Csdimonetize, C:\PROGRAM FILES\F0FKB13TJP\VVCEX9DZN.EXE, En cuarentena, [2925], [648561],1.0.13141
Adware.Csdimonetize, C:\PROGRAM FILES\RDPDQCE7XY\RDPDQCE7X.EXE, En cuarentena, [2925], [648561],1.0.13141
Adware.Csdimonetize, C:\PROGRAM FILES\ECV04XHOM8\R12FCWOPM.EXE, En cuarentena, [2925], [648561],1.0.13141
Adware.Csdimonetize, C:\PROGRAM FILES\0NIUXOOFNU\0NIUXOOFN.EXE, En cuarentena, [2925], [648561],1.0.13141

Módulo: 32
Adware.Tuto4PC.Generic, C:\USERS\YUYUB\APPDATA\LOCAL\TEMP\IS-JPV1C.TMP\EINSTEINFEED.EXE, En cuarentena, [3702], [667274],1.0.13141
Generic.Malware/Suspicious, C:\USERS\YUYUB\APPDATA\ROAMING\53OMLXWZ1KL\NHOEPEZTVRI.EXE, En cuarentena, [0], [392686],1.0.13141
Generic.Malware/Suspicious, C:\USERS\YUYUB\APPDATA\ROAMING\ZYXCPEELMP0\TL2U1FVVSEJ.EXE, En cuarentena, [0], [392686],1.0.13141
Generic.Malware/Suspicious, C:\USERS\YUYUB\APPDATA\ROAMING\UA5YNEA4VTO\SQ41BASBS3L.EXE, En cuarentena, [0], [392686],1.0.13141
Generic.Malware/Suspicious, C:\USERS\YUYUB\APPDATA\ROAMING\F2BIHHCMVF0\1VGL4A4HKEB.EXE, En cuarentena, [0], [392686],1.0.13141
Generic.Malware/Suspicious, C:\USERS\YUYUB\APPDATA\ROAMING\UXOF1ELGTUJ\2G2U4FJHECS.EXE, En cuarentena, [0], [392686],1.0.13141
Generic.Malware/Suspicious, C:\USERS\YUYUB\APPDATA\ROAMING\VRCLJZ5XEN0\WSOCPFKZFOW.EXE, En cuarentena, [0], [392686],1.0.13141
Generic.Malware/Suspicious, C:\USERS\YUYUB\APPDATA\ROAMING\NTLDPWLGWO3\2HHD2VNSIGV.EXE, En cuarentena, [0], [392686],1.0.13141
Generic.Malware/Suspicious, C:\USERS\YUYUB\APPDATA\ROAMING\R24PZJH5FLK\ZF4OEZG1QNG.EXE, En cuarentena, [0], [392686],1.0.13141
Generic.Malware/Suspicious, C:\USERS\YUYUB\APPDATA\ROAMING\IZ0QIYWR2YM\WL10YZF40Y2.EXE, En cuarentena, [0], [392686],1.0.13141
Adware.Tuto4PC.Generic, C:\USERS\YUYUB\APPDATA\ROAMING\CFOT1KVZM4H\DMO4JGCG01R.EXE, En cuarentena, [3702], [521959],1.0.13141
Adware.Tuto4PC.Generic, C:\USERS\YUYUB\APPDATA\ROAMING\SUUY3YSRVXJ\3TH2VLRP10J.EXE, En cuarentena, [3702], [521959],1.0.13141
Adware.Tuto4PC.Generic, C:\USERS\YUYUB\APPDATA\ROAMING\V4GEP5JKDRO\Z2YU3JAWUAE.EXE, En cuarentena, [3702], [521959],1.0.13141
Adware.Tuto4PC.Generic, C:\USERS\YUYUB\APPDATA\ROAMING\253B31USBAI\Y24OF3NG3UK.EXE, En cuarentena, [3702], [521959],1.0.13141
Adware.Tuto4PC.Generic, C:\USERS\YUYUB\APPDATA\ROAMING\CZKZ4VJGCMS\Y5ZE4AKQJPN.EXE, En cuarentena, [3702], [521959],1.0.13141
Adware.Tuto4PC.Generic, C:\PROGRAM FILES (X86)\SLIDE\467248868.EXE, En cuarentena, [3702], [730662],1.0.13141
Adware.Tuto4PC.Generic, C:\PROGRAM FILES (X86)\NAGA\542770149.EXE, En cuarentena, [3702], [730662],1.0.13141
Adware.Tuto4PC.Generic, C:\Program Files\6RYSU336US\05G0M7TPP.exe, En cuarentena, [3702], [385289],1.0.13141
Adware.Tuto4PC.Generic, C:\Program Files\IMO8XGMCBO\IMO8XGMCB.exe, En cuarentena, [3702], [357599],1.0.13141
Adware.Tuto4PC.Generic, C:\Program Files\1YW1JA8T1A\1YW1JA8T1.exe, En cuarentena, [3702], [357599],1.0.13141
Adware.Tuto4PC.Generic, C:\Program Files\F8CUYL4HU7\F8CUYL4HU.exe, En cuarentena, [3702], [357599],1.0.13141
Adware.Tuto4PC.Generic, C:\Program Files\UKLN3ZK7J9\8RXW35CA7.exe, En cuarentena, [3702], [357599],1.0.13141
Adware.Tuto4PC.Generic, C:\Program Files\FX8BJUS1RJ\FX8BJUS1R.exe, En cuarentena, [3702], [357599],1.0.13141
Adware.Tuto4PC.Generic, C:\Program Files\PXSIRCNJQT\PXSIRCNJQ.exe, En cuarentena, [3702], [357599],1.0.13141
Adware.Tuto4PC.Generic, C:\Program Files\OGQTN4JQ4D\PLNI9NGJQ.exe, En cuarentena, [3702], [357599],1.0.13141
Adware.Tuto4PC.Generic, C:\Program Files\0SCX5RSRP1\7V1J5UOBJ.exe, En cuarentena, [3702], [357599],1.0.13141
Adware.Csdimonetize, C:\PROGRAM FILES\3485FLQS0D\ESMTUTRHH.EXE, En cuarentena, [2925], [648561],1.0.13141
Adware.Csdimonetize, C:\PROGRAM FILES\8OKJJNUSMW\9QJWO5J5M.EXE, En cuarentena, [2925], [648561],1.0.13141
Adware.Csdimonetize, C:\PROGRAM FILES\F0FKB13TJP\VVCEX9DZN.EXE, En cuarentena, [2925], [648561],1.0.13141
Adware.Csdimonetize, C:\PROGRAM FILES\RDPDQCE7XY\RDPDQCE7X.EXE, En cuarentena, [2925], [648561],1.0.13141
Adware.Csdimonetize, C:\PROGRAM FILES\ECV04XHOM8\R12FCWOPM.EXE, En cuarentena, [2925], [648561],1.0.13141
Adware.Csdimonetize, C:\PROGRAM FILES\0NIUXOOFNU\0NIUXOOFN.EXE, En cuarentena, [2925], [648561],1.0.13141

Clave del registro: 7
Trojan.FakeTool.E, HKU\S-1-5-21-2419783374-26214240-1524307561-1001\Inlog Software, En cuarentena, [3090], [746453],1.0.13141
PUP.Optional.GarbageCleaner, HKU\S-1-5-21-2419783374-26214240-1524307561-1001\SOFTWARE\GCleaner, En cuarentena, [1160], [676886],1.0.13141
PUP.Optional.DefaultSearch, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\nladljmabboanhihfkjacnnkgjhnokhj, En cuarentena, [305], [550469],1.0.13141
PUP.Optional.InlogOptimizer, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\Inlog Optimizer 3.1, En cuarentena, [3091], [698978],1.0.13141
Adware.ICLoader, HKLM\SOFTWARE\MICROSOFT\bestavicampaign563, En cuarentena, [488], [584322],1.0.13141
Adware.ICLoader, HKLM\SOFTWARE\MICROSOFT\campaign9961, En cuarentena, [488], [518478],1.0.13141
Adware.ICLoader, HKLM\SOFTWARE\MICROSOFT\multitimercampaign84170, En cuarentena, [488], [518476],1.0.13141

Valor del registro: 47
Adware.Tuto4PC.Generic, HKU\S-1-5-21-2419783374-26214240-1524307561-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|6502571, En cuarentena, [3702], [667274],1.0.13141
Generic.Malware/Suspicious, HKU\S-1-5-21-2419783374-26214240-1524307561-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|479756, En cuarentena, [0], [392686],1.0.13141
Generic.Malware/Suspicious, HKU\S-1-5-21-2419783374-26214240-1524307561-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|4404450, En cuarentena, [0], [392686],1.0.13141
Generic.Malware/Suspicious, HKU\S-1-5-21-2419783374-26214240-1524307561-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|2413085, En cuarentena, [0], [392686],1.0.13141
Generic.Malware/Suspicious, HKU\S-1-5-21-2419783374-26214240-1524307561-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|6051752, En cuarentena, [0], [392686],1.0.13141
Generic.Malware/Suspicious, HKU\S-1-5-21-2419783374-26214240-1524307561-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|9866604, En cuarentena, [0], [392686],1.0.13141
Generic.Malware/Suspicious, HKU\S-1-5-21-2419783374-26214240-1524307561-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|6092318, En cuarentena, [0], [392686],1.0.13141
Generic.Malware/Suspicious, HKU\S-1-5-21-2419783374-26214240-1524307561-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|476705, En cuarentena, [0], [392686],1.0.13141
Generic.Malware/Suspicious, HKU\S-1-5-21-2419783374-26214240-1524307561-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|1477792, En cuarentena, [0], [392686],1.0.13141
Generic.Malware/Suspicious, HKU\S-1-5-21-2419783374-26214240-1524307561-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|5774322, En cuarentena, [0], [392686],1.0.13141
Adware.Tuto4PC.Generic, HKU\S-1-5-21-2419783374-26214240-1524307561-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|2AJCQO5JQ0SN5TV, En cuarentena, [3702], [392931],1.0.13141
Adware.Tuto4PC.Generic, HKU\S-1-5-21-2419783374-26214240-1524307561-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|2755413, En cuarentena, [3702], [521959],1.0.13141
Adware.Tuto4PC.Generic, HKU\S-1-5-21-2419783374-26214240-1524307561-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|M8FJW5F7DVQ34J9, En cuarentena, [3702], [392931],1.0.13141
Adware.Tuto4PC.Generic, HKU\S-1-5-21-2419783374-26214240-1524307561-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|1768571, En cuarentena, [3702], [521959],1.0.13141
Adware.Tuto4PC.Generic, HKU\S-1-5-21-2419783374-26214240-1524307561-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|FKOGW81HM2FVE3P, En cuarentena, [3702], [392931],1.0.13141
Adware.Tuto4PC.Generic, HKU\S-1-5-21-2419783374-26214240-1524307561-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|4068496, En cuarentena, [3702], [521959],1.0.13141
Adware.Tuto4PC.Generic, HKU\S-1-5-21-2419783374-26214240-1524307561-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|Y8BUJNPRVUMY9NV, En cuarentena, [3702], [392931],1.0.13141
Adware.Tuto4PC.Generic, HKU\S-1-5-21-2419783374-26214240-1524307561-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|ZDPGA4QLBZT8PHX, En cuarentena, [3702], [392931],1.0.13141
Adware.Tuto4PC.Generic, HKU\S-1-5-21-2419783374-26214240-1524307561-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|5341740, En cuarentena, [3702], [521959],1.0.13141
Adware.Tuto4PC.Generic, HKU\S-1-5-21-2419783374-26214240-1524307561-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|HJSG2DD8OA4CZ86, En cuarentena, [3702], [392931],1.0.13141
Adware.Tuto4PC.Generic, HKU\S-1-5-21-2419783374-26214240-1524307561-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|4337803, En cuarentena, [3702], [521959],1.0.13141
Adware.Tuto4PC.Generic, HKU\S-1-5-21-2419783374-26214240-1524307561-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|SAFTODTLMRJ7IVJ, En cuarentena, [3702], [392931],1.0.13141
Adware.Tuto4PC.Generic, HKU\S-1-5-21-2419783374-26214240-1524307561-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|51RLK1GEI74JGUC, En cuarentena, [3702], [392931],1.0.13141
Adware.Tuto4PC.Generic, HKU\S-1-5-21-2419783374-26214240-1524307561-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|7V2158E7BHC31CA, En cuarentena, [3702], [392931],1.0.13141
Adware.Tuto4PC.Generic, HKU\S-1-5-21-2419783374-26214240-1524307561-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|LGNZ9H3T936G37L, En cuarentena, [3702], [392931],1.0.13141
Adware.Tuto4PC.Generic, HKU\S-1-5-21-2419783374-26214240-1524307561-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|ZD20ITZZ1P0D73I, En cuarentena, [3702], [392931],1.0.13141
Adware.Tuto4PC.Generic, HKU\S-1-5-21-2419783374-26214240-1524307561-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|JHF4JFC342DOSX3, En cuarentena, [3702], [392931],1.0.13141
Adware.Tuto4PC.Generic, HKU\S-1-5-21-2419783374-26214240-1524307561-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|5IEGZTO356INKII, En cuarentena, [3702], [392931],1.0.13141
Adware.Tuto4PC.Generic, HKU\S-1-5-21-2419783374-26214240-1524307561-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|6E8HW3HWR9TO3X4, En cuarentena, [3702], [392931],1.0.13141
Adware.Tuto4PC.Generic, HKU\S-1-5-21-2419783374-26214240-1524307561-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|HQU3H6PQN2WWLHE, En cuarentena, [3702], [392931],1.0.13141
Adware.Tuto4PC.Generic, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUNONCE|0XPBKE0WWVS, En cuarentena, [3702], [730662],1.0.13141
Adware.Tuto4PC.Generic, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUNONCE|GCAODV3PMQT, En cuarentena, [3702], [730662],1.0.13141
Adware.Tuto4PC.Generic, HKU\S-1-5-21-2419783374-26214240-1524307561-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|FKOGW81HM2FVE3P, En cuarentena, [3702], [385289],1.0.13141
Adware.Tuto4PC.Generic, HKU\S-1-5-21-2419783374-26214240-1524307561-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|LGNZ9H3T936G37L, En cuarentena, [3702], [357599],1.0.13141
Adware.Tuto4PC.Generic, HKU\S-1-5-21-2419783374-26214240-1524307561-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|Y8BUJNPRVUMY9NV, En cuarentena, [3702], [357599],1.0.13141
Adware.Tuto4PC.Generic, HKU\S-1-5-21-2419783374-26214240-1524307561-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|7V2158E7BHC31CA, En cuarentena, [3702], [357599],1.0.13141
Adware.Tuto4PC.Generic, HKU\S-1-5-21-2419783374-26214240-1524307561-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|51RLK1GEI74JGUC, En cuarentena, [3702], [357599],1.0.13141
Adware.Tuto4PC.Generic, HKU\S-1-5-21-2419783374-26214240-1524307561-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|SAFTODTLMRJ7IVJ, En cuarentena, [3702], [357599],1.0.13141
Adware.Tuto4PC.Generic, HKU\S-1-5-21-2419783374-26214240-1524307561-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|HQU3H6PQN2WWLHE, En cuarentena, [3702], [357599],1.0.13141
Adware.Tuto4PC.Generic, HKU\S-1-5-21-2419783374-26214240-1524307561-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|ZD20ITZZ1P0D73I, En cuarentena, [3702], [357599],1.0.13141
Adware.Tuto4PC.Generic, HKU\S-1-5-21-2419783374-26214240-1524307561-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|6E8HW3HWR9TO3X4, En cuarentena, [3702], [357599],1.0.13141
Adware.Csdimonetize, HKU\S-1-5-21-2419783374-26214240-1524307561-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|2AJCQO5JQ0SN5TV, En cuarentena, [2925], [648561],1.0.13141
Adware.Csdimonetize, HKU\S-1-5-21-2419783374-26214240-1524307561-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|JHF4JFC342DOSX3, En cuarentena, [2925], [648561],1.0.13141
Adware.Csdimonetize, HKU\S-1-5-21-2419783374-26214240-1524307561-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|5IEGZTO356INKII, En cuarentena, [2925], [648561],1.0.13141
Adware.Csdimonetize, HKU\S-1-5-21-2419783374-26214240-1524307561-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|M8FJW5F7DVQ34J9, En cuarentena, [2925], [648561],1.0.13141
Adware.Csdimonetize, HKU\S-1-5-21-2419783374-26214240-1524307561-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|ZDPGA4QLBZT8PHX, En cuarentena, [2925], [648561],1.0.13141
Adware.Csdimonetize, HKU\S-1-5-21-2419783374-26214240-1524307561-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|HJSG2DD8OA4CZ86, En cuarentena, [2925], [648561],1.0.13141

Datos del registro: 0
(No hay elementos maliciosos detectados)

Secuencia de datos: 0
(No hay elementos maliciosos detectados)

Carpeta: 27
PUP.Optional.BundleInstaller, C:\USERS\YUYUB\APPDATA\LOCAL\TEMP\56166500, En cuarentena, [476], [463480],1.0.13141
Adware.Yelloader, C:\Users\yuyub\AppData\Roaming\view\Chrome\Application\73.0.3683.75, En cuarentena, [2625], [593744],1.0.13141
Adware.Yelloader, C:\Users\yuyub\AppData\Roaming\view\Update, En cuarentena, [2625], [593744],1.0.13141
PUP.Optional.GarbageCleaner, C:\PROGRAMDATA\GARBAGE CLEANER, En cuarentena, [1160], [676884],1.0.13141
Spyware.StolenData.E, C:\ProgramData\EVVKWFOOXDQHD1YFE03ADD6SB\files\Wallets\ElectronCash, En cuarentena, [851], [697276],1.0.13141
Spyware.StolenData.E, C:\ProgramData\EVVKWFOOXDQHD1YFE03ADD6SB\files\Wallets\ElectrumLTC, En cuarentena, [851], [697276],1.0.13141
Spyware.StolenData.E, C:\ProgramData\EVVKWFOOXDQHD1YFE03ADD6SB\files\Wallets\MultiDoge, En cuarentena, [851], [697276],1.0.13141
Spyware.StolenData.E, C:\ProgramData\EVVKWFOOXDQHD1YFE03ADD6SB\files\Wallets\Electrum, En cuarentena, [851], [697276],1.0.13141
Spyware.StolenData.E, C:\ProgramData\EVVKWFOOXDQHD1YFE03ADD6SB\files\Wallets\Ethereum, En cuarentena, [851], [697276],1.0.13141
Spyware.StolenData.E, C:\ProgramData\EVVKWFOOXDQHD1YFE03ADD6SB\files\Wallets\Exodus, En cuarentena, [851], [697276],1.0.13141
Spyware.StolenData.E, C:\ProgramData\EVVKWFOOXDQHD1YFE03ADD6SB\files\Wallets\JAXX, En cuarentena, [851], [697276],1.0.13141
Spyware.StolenData.E, C:\PROGRAMDATA\EVVKWFOOXDQHD1YFE03ADD6SB\FILES\Wallets, En cuarentena, [851], [697276],1.0.13141
Adware.Tuto4PC.Generic, C:\PROGRAM FILES\6RYSU336US, En cuarentena, [3702], [385289],1.0.13141
Adware.Tuto4PC.Generic, C:\PROGRAM FILES\IMO8XGMCBO, En cuarentena, [3702], [357599],1.0.13141
Adware.Tuto4PC.Generic, C:\PROGRAM FILES\1YW1JA8T1A, En cuarentena, [3702], [357599],1.0.13141
Adware.Tuto4PC.Generic, C:\PROGRAM FILES\F8CUYL4HU7, En cuarentena, [3702], [357599],1.0.13141
Adware.Tuto4PC.Generic, C:\PROGRAM FILES\UKLN3ZK7J9, En cuarentena, [3702], [357599],1.0.13141
Adware.Tuto4PC.Generic, C:\PROGRAM FILES\3485FLQS0D, Error durante la eliminación, [3702], [385289],1.0.13141
Adware.Tuto4PC.Generic, C:\PROGRAM FILES\FX8BJUS1RJ, En cuarentena, [3702], [357599],1.0.13141
Adware.Tuto4PC.Generic, C:\PROGRAM FILES\0NIUXOOFNU, Error durante la eliminación, [3702], [357599],1.0.13141
Adware.Tuto4PC.Generic, C:\PROGRAM FILES\ECV04XHOM8, Error durante la eliminación, [3702], [357599],1.0.13141
Adware.Tuto4PC.Generic, C:\PROGRAM FILES\PXSIRCNJQT, En cuarentena, [3702], [357599],1.0.13141
Adware.Tuto4PC.Generic, C:\PROGRAM FILES\8OKJJNUSMW, Error durante la eliminación, [3702], [357599],1.0.13141
Adware.Tuto4PC.Generic, C:\PROGRAM FILES\OGQTN4JQ4D, En cuarentena, [3702], [357599],1.0.13141
Adware.Tuto4PC.Generic, C:\PROGRAM FILES\0SCX5RSRP1, En cuarentena, [3702], [357599],1.0.13141
Adware.Tuto4PC.Generic, C:\PROGRAM FILES\F0FKB13TJP, Error durante la eliminación, [3702], [357599],1.0.13141
Adware.Tuto4PC.Generic, C:\PROGRAM FILES\RDPDQCE7XY, Error durante la eliminación, [3702], [385289],1.0.13141

Archivo: 208
PUP.Optional.BundleInstaller, C:\USERS\YUYUB\APPDATA\LOCAL\TEMP\56166500\ic-0.2a347a5c38565.exe, En cuarentena, [476], [463480],1.0.13141
PUP.Optional.BundleInstaller, C:\Users\yuyub\AppData\Local\Temp\56166500\dlreport, En cuarentena, [476], [463480],1.0.13141
PUP.Optional.BundleInstaller, C:\Users\yuyub\AppData\Local\Temp\56166500\ic-0.b38ddd1bb9df.exe, En cuarentena, [476], [463480],1.0.13141
Adware.Yelloader, C:\USERS\YUYUB\APPDATA\ROAMING\VIEW\VIEWU.EXE, En cuarentena, [2625], [593744],1.0.13141
Adware.Yelloader, C:\Users\yuyub\AppData\Roaming\view\Chrome\Application\73.0.3683.75\73.0.3683.75.manifest, En cuarentena, [2625], [593744],1.0.13141
Adware.Yelloader, C:\Users\yuyub\AppData\Roaming\view\Chrome\Application\73.0.3683.75\chrome.dll, En cuarentena, [2625], [593744],1.0.13141
Adware.Yelloader, C:\Users\yuyub\AppData\Roaming\view\Chrome\Application\chrome.VisualElementsManifest.xml, En cuarentena, [2625], [593744],1.0.13141
Adware.Yelloader, C:\Users\yuyub\AppData\Roaming\view\Chrome\Application\master_preferences, En cuarentena, [2625], [593744],1.0.13141
Adware.Yelloader, C:\Users\yuyub\AppData\Roaming\view\Chrome\Application\VisualElementsManifest.xml, En cuarentena, [2625], [593744],1.0.13141
Adware.Yelloader, C:\Users\yuyub\AppData\Roaming\view\Update\setup.exe, En cuarentena, [2625], [593744],1.0.13141
Adware.Yelloader, C:\Users\yuyub\AppData\Roaming\view\Update\setup.php, En cuarentena, [2625], [593744],1.0.13141
Adware.Yelloader, C:\Users\yuyub\AppData\Roaming\view\chromedriver.exe, En cuarentena, [2625], [593744],1.0.13141
Adware.Yelloader, C:\Users\yuyub\AppData\Roaming\view\hashFind.exe, En cuarentena, [2625], [593744],1.0.13141
Adware.Yelloader, C:\Users\yuyub\AppData\Roaming\view\log4net.dll, En cuarentena, [2625], [593744],1.0.13141
Adware.Yelloader, C:\Users\yuyub\AppData\Roaming\view\Newtonsoft.Json.dll, En cuarentena, [2625], [593744],1.0.13141
Adware.Yelloader, C:\Users\yuyub\AppData\Roaming\view\view.exe, En cuarentena, [2625], [593744],1.0.13141
Adware.Yelloader, C:\Users\yuyub\AppData\Roaming\view\WebDriver.dll, En cuarentena, [2625], [593744],1.0.13141
Adware.Yelloader, C:\Users\yuyub\AppData\Roaming\view\websocket-sharp.dll, En cuarentena, [2625], [593744],1.0.13141
PUP.Optional.GarbageCleaner, C:\USERS\YUYUB\DESKTOP\GARBAGE CLEANER.LNK, En cuarentena, [1160], [676885],1.0.13141
Adware.Tuto4PC.Generic, C:\USERS\YUYUB\APPDATA\LOCAL\TEMP\IS-JPV1C.TMP\EINSTEINFEED.EXE, En cuarentena, [3702], [667274],1.0.13141
Generic.Malware/Suspicious, C:\USERS\YUYUB\APPDATA\ROAMING\53OMLXWZ1KL\NHOEPEZTVRI.EXE, En cuarentena, [0], [392686],1.0.13141
Generic.Malware/Suspicious, C:\USERS\YUYUB\APPDATA\ROAMING\ZYXCPEELMP0\TL2U1FVVSEJ.EXE, En cuarentena, [0], [392686],1.0.13141
Generic.Malware/Suspicious, C:\USERS\YUYUB\APPDATA\ROAMING\UA5YNEA4VTO\SQ41BASBS3L.EXE, En cuarentena, [0], [392686],1.0.13141
Generic.Malware/Suspicious, C:\USERS\YUYUB\APPDATA\ROAMING\F2BIHHCMVF0\1VGL4A4HKEB.EXE, En cuarentena, [0], [392686],1.0.13141
Generic.Malware/Suspicious, C:\USERS\YUYUB\APPDATA\ROAMING\UXOF1ELGTUJ\2G2U4FJHECS.EXE, En cuarentena, [0], [392686],1.0.13141
Generic.Malware/Suspicious, C:\USERS\YUYUB\APPDATA\ROAMING\VRCLJZ5XEN0\WSOCPFKZFOW.EXE, En cuarentena, [0], [392686],1.0.13141
Generic.Malware/Suspicious, C:\USERS\YUYUB\APPDATA\ROAMING\NTLDPWLGWO3\2HHD2VNSIGV.EXE, En cuarentena, [0], [392686],1.0.13141
Generic.Malware/Suspicious, C:\USERS\YUYUB\APPDATA\ROAMING\R24PZJH5FLK\ZF4OEZG1QNG.EXE, En cuarentena, [0], [392686],1.0.13141
Generic.Malware/Suspicious, C:\USERS\YUYUB\APPDATA\ROAMING\IZ0QIYWR2YM\WL10YZF40Y2.EXE, En cuarentena, [0], [392686],1.0.13141
Adware.Tuto4PC.Generic, C:\USERS\YUYUB\APPDATA\ROAMING\CFOT1KVZM4H\DMO4JGCG01R.EXE, En cuarentena, [3702], [521959],1.0.13141
Adware.Tuto4PC.Generic, C:\USERS\YUYUB\APPDATA\ROAMING\SUUY3YSRVXJ\3TH2VLRP10J.EXE, En cuarentena, [3702], [521959],1.0.13141
Adware.Tuto4PC.Generic, C:\USERS\YUYUB\APPDATA\ROAMING\V4GEP5JKDRO\Z2YU3JAWUAE.EXE, En cuarentena, [3702], [521959],1.0.13141
PUP.Optional.GarbageCleaner, C:\ProgramData\Garbage Cleaner\Bunifu_UI_v1.5.3.dll, En cuarentena, [1160], [676884],1.0.13141
PUP.Optional.GarbageCleaner, C:\ProgramData\Garbage Cleaner\Garbage Cleaner.exe, En cuarentena, [1160], [676884],1.0.13141
Adware.Tuto4PC.Generic, C:\USERS\YUYUB\APPDATA\ROAMING\253B31USBAI\Y24OF3NG3UK.EXE, En cuarentena, [3702], [521959],1.0.13141
Adware.Tuto4PC.Generic, C:\USERS\YUYUB\APPDATA\ROAMING\CZKZ4VJGCMS\Y5ZE4AKQJPN.EXE, En cuarentena, [3702], [521959],1.0.13141
Adware.Tuto4PC.Generic, C:\PROGRAM FILES (X86)\SLIDE\467248868.EXE, En cuarentena, [3702], [730662],1.0.13141
Adware.Tuto4PC.Generic, C:\PROGRAM FILES (X86)\NAGA\542770149.EXE, En cuarentena, [3702], [730662],1.0.13141
Adware.Tuto4PC.Generic, C:\PROGRAM FILES\6RYSU336US\CAST.CONFIG, En cuarentena, [3702], [385289],1.0.13141
Adware.Tuto4PC.Generic, C:\Program Files\6RYSU336US\05G0M7TPP.exe, En cuarentena, [3702], [385289],1.0.13141
Adware.Tuto4PC.Generic, C:\Program Files\6RYSU336US\05G0M7TPP.exe.config, En cuarentena, [3702], [385289],1.0.13141
Adware.Tuto4PC.Generic, C:\Program Files\6RYSU336US\uninstaller.exe, En cuarentena, [3702], [385289],1.0.13141
Adware.Tuto4PC.Generic, C:\Program Files\6RYSU336US\uninstaller.exe.config, En cuarentena, [3702], [385289],1.0.13141
Adware.Tuto4PC.Generic, C:\PROGRAM FILES\IMO8XGMCBO\CAST.CONFIG, En cuarentena, [3702], [357599],1.0.13141
Adware.Tuto4PC.Generic, C:\Program Files\IMO8XGMCBO\IMO8XGMCB.exe, En cuarentena, [3702], [357599],1.0.13141
Adware.Tuto4PC.Generic, C:\Program Files\IMO8XGMCBO\IMO8XGMCB.exe.config, En cuarentena, [3702], [357599],1.0.13141
Adware.Tuto4PC.Generic, C:\Program Files\IMO8XGMCBO\uninstaller.exe, En cuarentena, [3702], [357599],1.0.13141
Adware.Tuto4PC.Generic, C:\Program Files\IMO8XGMCBO\uninstaller.exe.config, En cuarentena, [3702], [357599],1.0.13141
Adware.Tuto4PC.Generic, C:\PROGRAM FILES\1YW1JA8T1A\CAST.CONFIG, En cuarentena, [3702], [357599],1.0.13141
Adware.Tuto4PC.Generic, C:\Program Files\1YW1JA8T1A\1YW1JA8T1.exe, En cuarentena, [3702], [357599],1.0.13141
Adware.Tuto4PC.Generic, C:\Program Files\1YW1JA8T1A\1YW1JA8T1.exe.config, En cuarentena, [3702], [357599],1.0.13141
Adware.Tuto4PC.Generic, C:\Program Files\1YW1JA8T1A\uninstaller.exe, En cuarentena, [3702], [357599],1.0.13141
Adware.Tuto4PC.Generic, C:\Program Files\1YW1JA8T1A\uninstaller.exe.config, En cuarentena, [3702], [357599],1.0.13141
Adware.Tuto4PC.Generic, C:\PROGRAM FILES\F8CUYL4HU7\CAST.CONFIG, En cuarentena, [3702], [357599],1.0.13141
Adware.Tuto4PC.Generic, C:\Program Files\F8CUYL4HU7\F8CUYL4HU.exe, En cuarentena, [3702], [357599],1.0.13141
Adware.Tuto4PC.Generic, C:\Program Files\F8CUYL4HU7\F8CUYL4HU.exe.config, En cuarentena, [3702], [357599],1.0.13141
Adware.Tuto4PC.Generic, C:\Program Files\F8CUYL4HU7\uninstaller.exe, En cuarentena, [3702], [357599],1.0.13141
Adware.Tuto4PC.Generic, C:\Program Files\F8CUYL4HU7\uninstaller.exe.config, En cuarentena, [3702], [357599],1.0.13141
Adware.Tuto4PC.Generic, C:\PROGRAM FILES\UKLN3ZK7J9\CAST.CONFIG, En cuarentena, [3702], [357599],1.0.13141
Adware.Tuto4PC.Generic, C:\Program Files\UKLN3ZK7J9\8RXW35CA7.exe, En cuarentena, [3702], [357599],1.0.13141
Adware.Tuto4PC.Generic, C:\Program Files\UKLN3ZK7J9\8RXW35CA7.exe.config, En cuarentena, [3702], [357599],1.0.13141
Adware.Tuto4PC.Generic, C:\Program Files\UKLN3ZK7J9\uninstaller.exe, En cuarentena, [3702], [357599],1.0.13141
Adware.Tuto4PC.Generic, C:\Program Files\UKLN3ZK7J9\uninstaller.exe.config, En cuarentena, [3702], [357599],1.0.13141
Adware.Tuto4PC.Generic, C:\PROGRAM FILES\3485FLQS0D\CAST.CONFIG, En cuarentena, [3702], [385289],1.0.13141
Adware.Tuto4PC.Generic, C:\Program Files\3485FLQS0D\ESMTUTRHH.exe.config, En cuarentena, [3702], [385289],1.0.13141
Adware.Tuto4PC.Generic, C:\Program Files\3485FLQS0D\uninstaller.exe, En cuarentena, [3702], [385289],1.0.13141
Adware.Tuto4PC.Generic, C:\Program Files\3485FLQS0D\uninstaller.exe.config, En cuarentena, [3702], [385289],1.0.13141
Adware.Tuto4PC.Generic, C:\PROGRAM FILES\FX8BJUS1RJ\CAST.CONFIG, En cuarentena, [3702], [357599],1.0.13141
Adware.Tuto4PC.Generic, C:\Program Files\FX8BJUS1RJ\FX8BJUS1R.exe, En cuarentena, [3702], [357599],1.0.13141
Adware.Tuto4PC.Generic, C:\Program Files\FX8BJUS1RJ\FX8BJUS1R.exe.config, En cuarentena, [3702], [357599],1.0.13141
Adware.Tuto4PC.Generic, C:\Program Files\FX8BJUS1RJ\uninstaller.exe, En cuarentena, [3702], [357599],1.0.13141
Adware.Tuto4PC.Generic, C:\Program Files\FX8BJUS1RJ\uninstaller.exe.config, En cuarentena, [3702], [357599],1.0.13141
PUP.Optional.Conduit, C:\USERS\YUYUB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\LNKYZC8A.DEFAULT-1533742726210\PREFS.JS, Sustituido, [202], [301520],1.0.13141
PUP.Optional.Conduit, C:\USERS\YUYUB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\LNKYZC8A.DEFAULT-1533742726210\PREFS.JS, Sustituido, [202], [303091],1.0.13141
Adware.Tuto4PC.Generic, C:\PROGRAM FILES\0NIUXOOFNU\CAST.CONFIG, En cuarentena, [3702], [357599],1.0.13141
Adware.Tuto4PC.Generic, C:\Program Files\0NIUXOOFNU\0NIUXOOFN.exe.config, En cuarentena, [3702], [357599],1.0.13141
Adware.Tuto4PC.Generic, C:\Program Files\0NIUXOOFNU\uninstaller.exe, En cuarentena, [3702], [357599],1.0.13141
Adware.Tuto4PC.Generic, C:\Program Files\0NIUXOOFNU\uninstaller.exe.config, En cuarentena, [3702], [357599],1.0.13141
Adware.Tuto4PC.Generic, C:\PROGRAM FILES\ECV04XHOM8\CAST.CONFIG, En cuarentena, [3702], [357599],1.0.13141
Adware.Tuto4PC.Generic, C:\Program Files\ECV04XHOM8\R12FCWOPM.exe.config, En cuarentena, [3702], [357599],1.0.13141
Adware.Tuto4PC.Generic, C:\Program Files\ECV04XHOM8\uninstaller.exe, En cuarentena, [3702], [357599],1.0.13141
Adware.Tuto4PC.Generic, C:\Program Files\ECV04XHOM8\uninstaller.exe.config, En cuarentena, [3702], [357599],1.0.13141
Adware.Tuto4PC.Generic, C:\PROGRAM FILES\PXSIRCNJQT\CAST.CONFIG, En cuarentena, [3702], [357599],1.0.13141
Adware.Tuto4PC.Generic, C:\Program Files\PXSIRCNJQT\PXSIRCNJQ.exe, En cuarentena, [3702], [357599],1.0.13141
Adware.Tuto4PC.Generic, C:\Program Files\PXSIRCNJQT\PXSIRCNJQ.exe.config, En cuarentena, [3702], [357599],1.0.13141
Adware.Tuto4PC.Generic, C:\Program Files\PXSIRCNJQT\uninstaller.exe, En cuarentena, [3702], [357599],1.0.13141
Adware.Tuto4PC.Generic, C:\Program Files\PXSIRCNJQT\uninstaller.exe.config, En cuarentena, [3702], [357599],1.0.13141
Adware.Tuto4PC.Generic, C:\PROGRAM FILES\8OKJJNUSMW\CAST.CONFIG, En cuarentena, [3702], [357599],1.0.13141
Adware.Tuto4PC.Generic, C:\Program Files\8OKJJNUSMW\9QJWO5J5M.exe.config, En cuarentena, [3702], [357599],1.0.13141
Adware.Tuto4PC.Generic, C:\Program Files\8OKJJNUSMW\uninstaller.exe, En cuarentena, [3702], [357599],1.0.13141
Adware.Tuto4PC.Generic, C:\Program Files\8OKJJNUSMW\uninstaller.exe.config, En cuarentena, [3702], [357599],1.0.13141
Adware.Tuto4PC.Generic, C:\PROGRAM FILES\OGQTN4JQ4D\CAST.CONFIG, En cuarentena, [3702], [357599],1.0.13141
Adware.Tuto4PC.Generic, C:\Program Files\OGQTN4JQ4D\PLNI9NGJQ.exe, En cuarentena, [3702], [357599],1.0.13141
Adware.Tuto4PC.Generic, C:\Program Files\OGQTN4JQ4D\PLNI9NGJQ.exe.config, En cuarentena, [3702], [357599],1.0.13141
Adware.Tuto4PC.Generic, C:\Program Files\OGQTN4JQ4D\uninstaller.exe, En cuarentena, [3702], [357599],1.0.13141
Adware.Tuto4PC.Generic, C:\Program Files\OGQTN4JQ4D\uninstaller.exe.config, En cuarentena, [3702], [357599],1.0.13141
Adware.Tuto4PC.Generic, C:\PROGRAM FILES\0SCX5RSRP1\CAST.CONFIG, En cuarentena, [3702], [357599],1.0.13141
Adware.Tuto4PC.Generic, C:\Program Files\0SCX5RSRP1\7V1J5UOBJ.exe, En cuarentena, [3702], [357599],1.0.13141
Adware.Tuto4PC.Generic, C:\Program Files\0SCX5RSRP1\7V1J5UOBJ.exe.config, En cuarentena, [3702], [357599],1.0.13141
Adware.Tuto4PC.Generic, C:\Program Files\0SCX5RSRP1\uninstaller.exe, En cuarentena, [3702], [357599],1.0.13141
Adware.Tuto4PC.Generic, C:\Program Files\0SCX5RSRP1\uninstaller.exe.config, En cuarentena, [3702], [357599],1.0.13141
Adware.Tuto4PC.Generic, C:\PROGRAM FILES\F0FKB13TJP\CAST.CONFIG, En cuarentena, [3702], [357599],1.0.13141
Adware.Tuto4PC.Generic, C:\Program Files\F0FKB13TJP\uninstaller.exe, En cuarentena, [3702], [357599],1.0.13141
Adware.Tuto4PC.Generic, C:\Program Files\F0FKB13TJP\uninstaller.exe.config, En cuarentena, [3702], [357599],1.0.13141
Adware.Tuto4PC.Generic, C:\Program Files\F0FKB13TJP\VVCEX9DZN.exe.config, En cuarentena, [3702], [357599],1.0.13141
Adware.Tuto4PC.Generic, C:\PROGRAM FILES\RDPDQCE7XY\CAST.CONFIG, En cuarentena, [3702], [385289],1.0.13141
Adware.Tuto4PC.Generic, C:\Program Files\RDPDQCE7XY\RDPDQCE7X.exe.config, En cuarentena, [3702], [385289],1.0.13141
Adware.Tuto4PC.Generic, C:\Program Files\RDPDQCE7XY\uninstaller.exe, En cuarentena, [3702], [385289],1.0.13141
Adware.Tuto4PC.Generic, C:\Program Files\RDPDQCE7XY\uninstaller.exe.config, En cuarentena, [3702], [385289],1.0.13141
Adware.Csdimonetize, C:\PROGRAM FILES\3485FLQS0D\ESMTUTRHH.EXE, En cuarentena, [2925], [648561],1.0.13141
Adware.Csdimonetize, C:\PROGRAM FILES\8OKJJNUSMW\9QJWO5J5M.EXE, En cuarentena, [2925], [648561],1.0.13141
Adware.Csdimonetize, C:\PROGRAM FILES\F0FKB13TJP\VVCEX9DZN.EXE, En cuarentena, [2925], [648561],1.0.13141
Adware.Csdimonetize, C:\PROGRAM FILES\RDPDQCE7XY\RDPDQCE7X.EXE, En cuarentena, [2925], [648561],1.0.13141
Adware.Csdimonetize, C:\PROGRAM FILES\ECV04XHOM8\R12FCWOPM.EXE, En cuarentena, [2925], [648561],1.0.13141
Adware.Csdimonetize, C:\PROGRAM FILES\0NIUXOOFNU\0NIUXOOFN.EXE, En cuarentena, [2925], [648561],1.0.13141
Generic.Malware/Suspicious, C:\USERS\YUYUB\APPDATA\ROAMING\L4FGV4HAYLW\3ZAWJ1AWXBV.EXE, En cuarentena, [0], [392686],1.0.13141
Spyware.CryptBot.Themida, C:\USERS\YUYUB\APPDATA\ROAMING\VPNPR\LINTER.EXE, En cuarentena, [11737], [750953],1.0.13141
Adware.Csdimonetize, C:\PROGRAM FILES (X86)\NAGA\423224110.EXE, En cuarentena, [2925], [754177],1.0.13141
Adware.Csdimonetize, C:\USERS\YUYUB\APPDATA\LOCAL\TEMP\1Y1UGWY10HB\KTFI32WWI01.EXE, En cuarentena, [2925], [648561],1.0.13141
Adware.Csdimonetize, C:\USERS\YUYUB\APPDATA\LOCAL\TEMP\AMSXCXC33O0\MIGUOPS455S.EXE, En cuarentena, [2925], [648561],1.0.13141
Adware.AdLoad, C:\USERS\YUYUB\APPDATA\LOCAL\TEMP\BTFVRXOHJKJ\WMBGAKTRET5.EXE, En cuarentena, [571], [684358],1.0.13141
Adware.Csdimonetize, C:\USERS\YUYUB\APPDATA\LOCAL\TEMP\EZUT4GRD4UY\0SCHW44QNYF.EXE, En cuarentena, [2925], [648561],1.0.13141
Adware.Csdimonetize, C:\USERS\YUYUB\APPDATA\LOCAL\TEMP\HHC5YWOSYHB\1CKBON4325I.EXE, En cuarentena, [2925], [648561],1.0.13141
PUP.Optional.Softomate, C:\USERS\YUYUB\APPDATA\LOCAL\TEMP\IP\INSTALLPACK.EXE, En cuarentena, [628], [634167],1.0.13141
Adware.Csdimonetize, C:\USERS\YUYUB\APPDATA\LOCAL\TEMP\0YM0HF4A3FZ\P5X3YABNYA4.EXE, En cuarentena, [2925], [648561],1.0.13141
Adware.Csdimonetize, C:\USERS\YUYUB\APPDATA\LOCAL\TEMP\1PVLGAG0LV3\WMEPWMFUHS2.EXE, En cuarentena, [2925], [648561],1.0.13141
Trojan.Downloader.Generic, C:\USERS\YUYUB\APPDATA\LOCAL\TEMP\IS-L0H1O.TMP\1.EXE, En cuarentena, [3863], [754021],1.0.13141
PUP.Optional.BundleInstaller, C:\USERS\YUYUB\APPDATA\LOCAL\TEMP\33GXEHMZTN4\2V5VZZHAUO3.EXE, En cuarentena, [476], [551282],1.0.13141
Generic.Malware/Suspicious, C:\USERS\YUYUB\APPDATA\LOCAL\TEMP\1X1UEKHPKTM\WYFDGGH.EXE, En cuarentena, [0], [392686],1.0.13141
Adware.Csdimonetize, C:\USERS\YUYUB\APPDATA\LOCAL\TEMP\2ZVKXMOPIOW\IGI2WHNZT2H.EXE, En cuarentena, [2925], [648561],1.0.13141
Adware.Csdimonetize, C:\USERS\YUYUB\APPDATA\LOCAL\TEMP\5MQLTBPRMZT\WAFG13ZE05N.EXE, En cuarentena, [2925], [648561],1.0.13141
Generic.Malware/Suspicious, C:\USERS\YUYUB\APPDATA\LOCAL\TEMP\IS-OMO4J.TMP\MODULARINSTALLER.EXE, En cuarentena, [0], [392686],1.0.13141
Adware.Csdimonetize, C:\USERS\YUYUB\APPDATA\LOCAL\TEMP\BJM1G2C45PO\UDUT22LL3Q4.EXE, En cuarentena, [2925], [648561],1.0.13141
Adware.AdLoad, C:\USERS\YUYUB\APPDATA\LOCAL\TEMP\0JEQ1DDUF2A\0EQ22I5XX1R.EXE, En cuarentena, [571], [684358],1.0.13141
PUP.Optional.BundleInstaller, C:\USERS\YUYUB\APPDATA\LOCAL\TEMP\D144U1U0KE2\IGF11TMM3CW.EXE, En cuarentena, [476], [551282],1.0.13141
Generic.Malware/Suspicious, C:\USERS\YUYUB\APPDATA\LOCAL\TEMP\IS-Q1E3E.TMP\MODULARINSTALLER.EXE, En cuarentena, [0], [392686],1.0.13141
MachineLearning/Anomalous.94%, C:\USERS\YUYUB\APPDATA\LOCAL\TEMP\DMJRCELEF1L\DUNESMULTIMEDIA.EXE, En cuarentena, [0], [392687],1.0.13141
MachineLearning/Anomalous.94%, C:\USERS\YUYUB\APPDATA\LOCAL\TEMP\DON25ZN1INY\DUNESMULTIMEDIA.EXE, En cuarentena, [0], [392687],1.0.13141
Adware.DownloadAssistant, C:\USERS\YUYUB\APPDATA\LOCAL\TEMP\E6BPIS6LOBF\W9LWNIENY8YT.EXE, En cuarentena, [8080], [755943],1.0.13141
Adware.AdLoad, C:\USERS\YUYUB\APPDATA\LOCAL\TEMP\G525LQILQDC\BNOFLCOBSQJ.EXE, En cuarentena, [571], [684358],1.0.13141
Adware.Csdimonetize, C:\USERS\YUYUB\APPDATA\LOCAL\TEMP\GH40VX0YJ23\DFVTE34HUOW.EXE, En cuarentena, [2925], [648561],1.0.13141
Generic.Malware/Suspicious, C:\USERS\YUYUB\APPDATA\LOCAL\TEMP\IS-SGIUC.TMP\MODULARINSTALLER.EXE, En cuarentena, [0], [392686],1.0.13141
Adware.Csdimonetize, C:\USERS\YUYUB\APPDATA\LOCAL\TEMP\IS-QR3FK.TMP\KIDJUMPS.EXE, En cuarentena, [2925], [754177],1.0.13141
Adware.Csdimonetize, C:\USERS\YUYUB\APPDATA\LOCAL\TEMP\JUACDPZXFMF\1BQER5UZSGR.EXE, En cuarentena, [2925], [648561],1.0.13141
Adware.AdLoad, C:\USERS\YUYUB\APPDATA\LOCAL\TEMP\ORNREJOG2I0\IRBJ310BZEU.EXE, En cuarentena, [571], [684358],1.0.13141
Generic.Malware/Suspicious, C:\USERS\YUYUB\APPDATA\LOCAL\TEMP\IS-DSM46.TMP\MODULARINSTALLER.EXE, En cuarentena, [0], [392686],1.0.13141
PUP.Optional.BundleInstaller, C:\USERS\YUYUB\APPDATA\LOCAL\TEMP\2YV1VWXH0UY\JZZHGMILDWH.EXE, En cuarentena, [476], [551282],1.0.13141
Adware.Csdimonetize, C:\USERS\YUYUB\APPDATA\LOCAL\TEMP\QZW4IS3BSA4\ZDJQFDKUJYLDTQ3.EXE, En cuarentena, [2925], [756035],1.0.13141
Adware.Csdimonetize, C:\USERS\YUYUB\APPDATA\LOCAL\TEMP\UFGGNHJ1VI5\QPJLSOIA1TN.EXE, En cuarentena, [2925], [648561],1.0.13141
Adware.AdLoad, C:\USERS\YUYUB\APPDATA\LOCAL\TEMP\WK3OPUSESP1\QB0KLVVQN13.EXE, En cuarentena, [571], [684358],1.0.13141
Adware.AdLoad, C:\USERS\YUYUB\APPDATA\LOCAL\TEMP\YPMH5QXKKVV\2G1MWVYYPXC.EXE, En cuarentena, [571], [684358],1.0.13141
PUP.Optional.BundleInstaller, C:\USERS\YUYUB\APPDATA\LOCAL\TEMP\0BRKTZ31U1V\DZJGOIFDDZI.EXE, En cuarentena, [476], [551282],1.0.13141
Adware.Csdimonetize, C:\USERS\YUYUB\APPDATA\LOCAL\TEMP\CKMTS0I4IGP\5Q3JOYHIMKW.EXE, En cuarentena, [2925], [648561],1.0.13141
Adware.Csdimonetize, C:\USERS\YUYUB\APPDATA\LOCAL\TEMP\IS-JPV1C.TMP\DREAMSALTY.EXE, En cuarentena, [2925], [754177],1.0.13141
Trojan.Downloader, C:\USERS\YUYUB\APPDATA\LOCAL\TEMP\DGVNWJ2WL9W\KVD0ZOW3UNEWNNGV12.EXE, En cuarentena, [519], [709397],1.0.13141
Adware.Csdimonetize, C:\USERS\YUYUB\APPDATA\LOCAL\TEMP\F4KQTIVEMXQ\SIMASQAKQZB.EXE, En cuarentena, [2925], [648561],1.0.13141
Adware.AdLoad, C:\USERS\YUYUB\APPDATA\LOCAL\TEMP\I4DEJR1MMEW\SN2DWOHQPQK.EXE, En cuarentena, [571], [684358],1.0.13141
Adware.Csdimonetize, C:\USERS\YUYUB\APPDATA\LOCAL\TEMP\IS-OS26H.TMP\KIDJUMPS.EXE, En cuarentena, [2925], [754177],1.0.13141
Generic.Malware/Suspicious, C:\USERS\YUYUB\APPDATA\LOCAL\TEMP\IS-83CCB.TMP\MODULARINSTALLER.EXE, En cuarentena, [0], [392686],1.0.13141
PUP.Optional.BundleInstaller, C:\USERS\YUYUB\APPDATA\LOCAL\TEMP\JK52RV3TI5Y\5BAIAD5PGX0.EXE, En cuarentena, [476], [551282],1.0.13141
PUP.Optional.BundleInstaller, C:\USERS\YUYUB\APPDATA\LOCAL\TEMP\CIP4NZ1DEH2\TZSLPCU4UEZ.EXE, En cuarentena, [476], [551282],1.0.13141
PUP.Optional.BundleInstaller, C:\USERS\YUYUB\APPDATA\LOCAL\TEMP\JM5KD1FDK0N\NKOUA3IHUHS.EXE, En cuarentena, [476], [551282],1.0.13141
Spyware.AgentTesla, C:\USERS\YUYUB\APPDATA\LOCAL\TEMP\IS-PO0U1.TMP\PA.EXE, En cuarentena, [3980], [755710],1.0.13141
Adware.Csdimonetize, C:\USERS\YUYUB\APPDATA\LOCAL\TEMP\QFGETG2TCES\VBQ1XS5IDX4.EXE, En cuarentena, [2925], [648561],1.0.13141
Adware.AdLoad, C:\USERS\YUYUB\APPDATA\LOCAL\TEMP\SR5MWHMR2KO\DPKVKL0JXAS.EXE, En cuarentena, [571], [684358],1.0.13141
PUP.Optional.BundleInstaller, C:\USERS\YUYUB\APPDATA\LOCAL\TEMP\QVMH3NB0WID\F1TVHDCLEUA.EXE, En cuarentena, [476], [551282],1.0.13141
PUP.Optional.BundleInstaller, C:\USERS\YUYUB\APPDATA\LOCAL\TEMP\SVV0NV5HGQI\DQX0IDYPDNJ.EXE, En cuarentena, [476], [551282],1.0.13141
Generic.Malware/Suspicious, C:\USERS\YUYUB\APPDATA\LOCAL\TEMP\IS-UQNGE.TMP\MODULARINSTALLER.EXE, En cuarentena, [0], [392686],1.0.13141
Generic.Malware/Suspicious, C:\USERS\YUYUB\APPDATA\LOCAL\TEMP\IS-H42KR.TMP\MODULARINSTALLER.EXE, En cuarentena, [0], [392686],1.0.13141
Generic.Malware/Suspicious, C:\USERS\YUYUB\APPDATA\LOCAL\TEMP\IS-JN4L3.TMP\MODULARINSTALLER.EXE, En cuarentena, [0], [392686],1.0.13141
Ransom.Sodinokibi, C:\USERS\YUYUB\APPDATA\LOCAL\TEMP\YNXVCSPTIQI\KOSMIX.EXE, En cuarentena, [7546], [756061],1.0.13141
PUP.Optional.BundleInstaller, C:\USERS\YUYUB\APPDATA\LOCAL\TEMP\YOYQMTYT4CA\RQUVCRIZQSX.EXE, En cuarentena, [476], [551282],1.0.13141
PUP.Optional.Softomate, C:\USERS\YUYUB\APPDATA\LOCAL\TEMP\7938849387.EXE, En cuarentena, [628], [634167],1.0.13141
Adware.AdLoad, C:\USERS\YUYUB\APPDATA\LOCAL\TEMP\KNBMEGOPYJK\JCF35LVLK5T.EXE, En cuarentena, [571], [684358],1.0.13141
PUP.Optional.BundleInstaller, C:\USERS\YUYUB\APPDATA\LOCAL\TEMP\PZPP3DI3YHN\XFMTLOVF1NL.EXE, En cuarentena, [476], [551282],1.0.13141
Generic.Malware/Suspicious, C:\USERS\YUYUB\APPDATA\LOCAL\TEMP\IS-241DT.TMP\MODULARINSTALLER.EXE, En cuarentena, [0], [392686],1.0.13141
Generic.Malware/Suspicious, C:\USERS\YUYUB\APPDATA\LOCAL\TEMP\IS-PBKRP.TMP\MODULARINSTALLER.EXE, En cuarentena, [0], [392686],1.0.13141
Generic.Malware/Suspicious, C:\USERS\YUYUB\APPDATA\LOCAL\TEMP\IS-42L7O.TMP\MODULARINSTALLER.EXE, En cuarentena, [0], [392686],1.0.13141
Adware.AdLoad, C:\USERS\YUYUB\APPDATA\LOCAL\TEMP\RUSTD51ONMM\JIIZE04KU5L.EXE, En cuarentena, [571], [684358],1.0.13141
Adware.AdLoad, C:\USERS\YUYUB\APPDATA\LOCAL\TEMP\VHO1SSXGKDY\1L0Z045OOAC.EXE, En cuarentena, [571], [684358],1.0.13141
PUP.Optional.DriverPack, C:\USERS\YUYUB\DESKTOP\DRIVERPACK.EXE, En cuarentena, [583], [714326],1.0.13141
Trojan.Downloader.AHK.Themida, C:\USERS\YUYUB\APPDATA\LOCAL\TEMP\Y5T1OXJIDGJ\INTERVPNPUB2.EXE, En cuarentena, [12214], [749231],1.0.13141
Adware.Adposhel, C:\USERS\YUYUB\APPDATA\LOCAL\TEMP\IS-EV2VI.TMP\SNLOXJ.DLL, En cuarentena, [509], [741292],1.0.13141
Generic.Malware/Suspicious, C:\USERS\YUYUB\APPDATA\LOCAL\TEMP\IS-V33A1.TMP\MODULARINSTALLER.EXE, En cuarentena, [0], [392686],1.0.13141
Generic.Malware/Suspicious, C:\USERS\YUYUB\APPDATA\LOCAL\TEMP\KFLBFSZRFVQ\OXIZNTN.EXE, En cuarentena, [0], [392686],1.0.13141
Generic.Malware/Suspicious, C:\USERS\YUYUB\APPDATA\LOCAL\TEMP\IS-PGBT9.TMP\MODULARINSTALLER.EXE, En cuarentena, [0], [392686],1.0.13141
Trojan.MalPack.GS, C:\USERS\YUYUB\APPDATA\LOCAL\TEMP\1893568808.EXE, En cuarentena, [7841], [753828],1.0.13141
Adware.AdLoad, C:\USERS\YUYUB\APPDATA\LOCAL\TEMP\OLY3ZH2VYEL\XEFPN51LCDU.EXE, En cuarentena, [571], [684358],1.0.13141
Adware.AdLoad, C:\USERS\YUYUB\APPDATA\LOCAL\TEMP\PBPEK3D3CTV\D43WGBHLERT.EXE, En cuarentena, [571], [684358],1.0.13141
Adware.AdLoad, C:\USERS\YUYUB\APPDATA\LOCAL\TEMP\UOXRNPHAHVK\GHBRZPBTAT5.EXE, En cuarentena, [571], [684358],1.0.13141
Adware.AdLoad, C:\USERS\YUYUB\APPDATA\LOCAL\TEMP\WSV4VU0BQGT\3QRL5BFYD1L.EXE, En cuarentena, [571], [684358],1.0.13141
Trojan.Downloader.Generic, C:\USERS\YUYUB\APPDATA\LOCAL\TEMP\IS-PO0U1.TMP\1.EXE, En cuarentena, [3863], [754021],1.0.13141
Trojan.MalPack.GS, C:\USERS\YUYUB\APPDATA\LOCAL\TEMP\1168617499.EXE, En cuarentena, [7841], [753828],1.0.13141
Trojan.MalPack.GS.Generic, C:\USERS\YUYUB\APPDATA\LOCAL\TEMP\5989372938.EXE, En cuarentena, [9944], [756172],1.0.13141
PUP.Optional.BundleInstaller, C:\USERS\YUYUB\APPDATA\LOCAL\TEMP\OKYEHEAMOJY\W5VIH0L3HXA.EXE, En cuarentena, [476], [551282],1.0.13141
PUP.Optional.BundleInstaller, C:\USERS\YUYUB\APPDATA\LOCAL\TEMP\RFUT4YQ4HD5\02SFFGRJELP.EXE, En cuarentena, [476], [551282],1.0.13141
PUP.Optional.BundleInstaller, C:\USERS\YUYUB\APPDATA\LOCAL\TEMP\UJWVSYUATSF\BNZRWWJSQCQ.EXE, En cuarentena, [476], [551282],1.0.13141
Adware.DownloadAssistant, C:\USERS\YUYUB\APPDATA\LOCAL\TEMP\WPWMKXJC7QF\97GIH0GRTPDFBY6G.EXE, En cuarentena, [8080], [755943],1.0.13141
PUP.Optional.BundleInstaller, C:\USERS\YUYUB\APPDATA\LOCAL\TEMP\ZOCINOQY1QS\TZLLGQB0PCI.EXE, En cuarentena, [476], [551282],1.0.13141
PUP.Optional.Softomate, C:\USERS\YUYUB\Desktop\InstallPack.lnk, En cuarentena, [628], [634167],1.0.13141
PUP.Optional.Softomate, C:\USERS\YUYUB\APPDATA\LOCAL\TEMP\5702537588.EXE, En cuarentena, [628], [634167],1.0.13141
Trojan.MalPack.VB, C:\USERS\YUYUB\APPDATA\LOCAL\MICROSOFT\WINDOWS\INETCACHE\IE\6652BWVW\2[1].EXE, En cuarentena, [789], [755894],1.0.13141
Spyware.AgentTesla, C:\USERS\YUYUB\APPDATA\LOCAL\MICROSOFT\WINDOWS\INETCACHE\IE\Q0F2COBD\1[1].EXE, En cuarentena, [3980], [755710],1.0.13141
Trojan.MalPack.GS, C:\USERS\YUYUB\APPDATA\LOCAL\MICROSOFT\WINDOWS\INETCACHE\IE\Q0F2COBD\RJUN[1].EXE, En cuarentena, [7841], [753828],1.0.13141
Trojan.MalPack.GS.Generic, C:\USERS\YUYUB\APPDATA\LOCAL\TEMP\FEA0G2CQNDT\KOSMIX.EXE, En cuarentena, [9944], [756192],1.0.13141
Trojan.MalPack.GS.Generic, C:\USERS\YUYUB\APPDATA\LOCAL\TEMP\2UGMKELCOSH\KOSMIX.EXE, En cuarentena, [9944], [756192],1.0.13141
Trojan.MalPack.GS.Generic, C:\USERS\YUYUB\APPDATA\LOCAL\TEMP\5301505910.EXE, En cuarentena, [9944], [756192],1.0.13141
Generic.Malware/Suspicious, C:\USERS\YUYUB\APPDATA\LOCAL\TEMP\APRK1QJ1JTP\XOGVD1QT150SDOLREZ.EXE, En cuarentena, [0], [392686],1.0.13141

Sector físico: 0
(No hay elementos maliciosos detectados)

WMI: 0
(No hay elementos maliciosos detectados)

Miguelgrado · 3 Noviembre, 2019 15:39

Si se acabo la duración de 14 dias de prueba de Malwarebytes, lógicamente no podras activar su proteccion ,pues eso es de pago.

Eset si ya alguna vez usaste una version de prueba, tampoco podras activarlo sin pagar

Podemos revisar si queda alguna infeccion

Desactiva Temporalmente tu antivirus y cualquier programa de seguridad.
Descarga a Tu Escritorio >> Esto es muy importante<<.,Fabar Recovery Scan Tool, considerando la versión adecuada para tu equipo. (32 o 64 bits) ¿Cómo saber si mi Windows es de 32 o 64 bits?
Doble clic para ejecutar Frst.exe. En la ventana del Disclaimer, presiona Yes.
En la nueva ventana que se abre, presiona el botón Scan y espera a que concluya el análisis.
Se abrirán dos (2) archivos (Logs), Frst.txt y Addition.txt, que estarán grabados en Tu escritorio.

En Tu próxima respuesta, copias y pegas los dos reportes Frst.txt y Addition.txt de FRST

Nota: Si el/los reportes solicitados no entraran en una sola respuesta porque superan la cantidad de caracteres permitidos, puedes utilizar dos o mas respuestas para pegarlos completamente.

Antonio_Herrera_Carr · 3 Noviembre, 2019 19:39

reporte FRST1

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 01-11-2019
Ran by yuyub (administrator) on ANTONIOMARIA (LENOVO 80E3) (03-11-2019 17:57:38)
Running from C:\Users\yuyub\Desktop
Loaded Profiles: yuyub (Available Profiles: yuyub)
Platform: Windows 10 Home Version 1903 18362.418 (X64) Language: Español (España, internacional)
Default browser: Opera
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\atieclxx.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\atiesrxx.exe
(Arvato Digital Services Canada Inc -> arvato digital services llc) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTShellHlp.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Conexant Systems, Inc. -> Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(Conexant Systems, Inc. -> Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
(Conexant Systems, Inc. -> Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe
(Disc Soft Ltd -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Pro\DiscSoftBusServicePro.exe
(Disc Soft Ltd -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Pro\DTShellHlp.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDIntelligent.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Fortemedia Inc -> ) C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
(Gladinet, Inc. -> ) C:\Program Files (x86)\Nuance\Nuance Cloud Connector\WOSVSSSvr.exe
(Gladinet, Inc. -> Gladinet, INC) C:\Program Files (x86)\Nuance\Nuance Cloud Connector\GladFileMonSvc.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.12026.20218.0_x64__8wekyb3d8bbwe\HxAccounts.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.12026.20218.0_x64__8wekyb3d8bbwe\HxOutlook.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.12026.20218.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11910.1001.5.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\AuthHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\PickerHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SecurityHealthHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\tbaseprovisioning.exe
(Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(Nero AG -> Nero AG) C:\Program Files (x86)\Nero\Nero 2018\Nero BackItUp\NBService.exe
(Nero AG -> Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Nuance Communications, Inc. -> Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PDF Professional 8\PDFProFiltSrv.exe
(Opera Software AS -> Opera Software) C:\Users\yuyub\AppData\Local\Programs\Opera\63.0.3368.107\opera.exe
(Opera Software AS -> Opera Software) C:\Users\yuyub\AppData\Local\Programs\Opera\63.0.3368.107\opera.exe
(Opera Software AS -> Opera Software) C:\Users\yuyub\AppData\Local\Programs\Opera\63.0.3368.107\opera.exe
(Opera Software AS -> Opera Software) C:\Users\yuyub\AppData\Local\Programs\Opera\63.0.3368.107\opera.exe
(Opera Software AS -> Opera Software) C:\Users\yuyub\AppData\Local\Programs\Opera\63.0.3368.107\opera.exe
(Opera Software AS -> Opera Software) C:\Users\yuyub\AppData\Local\Programs\Opera\63.0.3368.107\opera.exe
(Opera Software AS -> Opera Software) C:\Users\yuyub\AppData\Local\Programs\Opera\63.0.3368.107\opera.exe
(Opera Software AS -> Opera Software) C:\Users\yuyub\AppData\Local\Programs\Opera\63.0.3368.107\opera.exe
(Opera Software AS -> Opera Software) C:\Users\yuyub\AppData\Local\Programs\Opera\63.0.3368.107\opera.exe
(Opera Software AS -> Opera Software) C:\Users\yuyub\AppData\Local\Programs\Opera\63.0.3368.107\opera.exe
(Opera Software AS -> Opera Software) C:\Users\yuyub\AppData\Local\Programs\Opera\63.0.3368.107\opera_crashreporter.exe
(Panda Security S.L -> Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSANHost.exe
(Panda Security S.L -> Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSUAMain.exe
(Panda Security S.L -> Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSUAService.exe
(RealNetworks, Inc. -> RealNetworks, Inc.) C:\Program Files (x86)\Real\RealDownloader\recordingmanager.exe
(RealNetworks, Inc. -> RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe
(RealNetworks, Inc. -> RealNetworks, Inc.) C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe
(Safer Networking Ltd. -> Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer Networking Ltd. -> Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Safer Networking Ltd. -> Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Solute GmbH -> Avira) C:\Program Files (x86)\Avira\Safe Shopping\Avira Safe Shopping.exe
(SUPERAntiSpyware.com -> SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] (Fortemedia Inc -> )
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [919768 2014-11-20] (Conexant Systems, Inc. -> Conexant Systems, Inc.)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1830616 2014-04-10] (Conexant Systems, Inc. -> Conexant Systems, Inc.)
HKLM-x32\...\Run: [Argente Utilities] => C:\Program Files (x86)\Argente Utilities\ArgenteU.exe [2939904 2015-02-16] (Raúl Argente) [File not signed]
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [228728 2019-10-17] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-12-19] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [Nero BackItUp] => C:\Program Files (x86)\Nero\Nero 2018\Nero BackItup\BackItUp.exe [1162104 2017-12-15] (Nero AG -> Nero AG)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [1058512 2018-12-18] (DivX, LLC. -> DivX, LLC)
HKLM-x32\...\Run: [PDF8 Registry Controller] => C:\Program Files (x86)\Nuance\PDF Professional 8\RegistryController.exe [178576 2012-09-10] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
HKLM-x32\...\Run: [PDFProHook] => C:\Program Files (x86)\Nuance\PDF Professional 8\pdfpro8hook.exe [647568 2012-09-10] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
HKLM-x32\...\Run: [InboxMonitor] => C:\Program Files (x86)\Nuance\PDF Professional 8\InboxMonitor.exe [151040 2012-09-10] () [File not signed]
HKLM-x32\...\Run: [QuickFinder Scheduler] => c:\Program Files (x86)\Corel\WordPerfect Office X9\Programs\QFSCHD190.EXE [247512 2018-05-13] (Corel Corporation -> Corel Corporation)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 8.0\Reader\Reader_sl.exe [39792 2007-10-10] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [TkBellExe] => c:\program files (x86)\real\realplayer\Update\realsched.exe [353064 2019-03-21] (RealNetworks, Inc. -> RealNetworks, Inc.)
HKLM-x32\...\Run: [RealDownloader] => c:\program files (x86)\real\RealDownloader\downloader2.exe [1263400 2019-02-20] (RealNetworks, Inc. -> )
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer Networking Ltd. -> Safer-Networking Ltd.)
HKLM-x32\...\Run: [PSUAMain] => C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSUAMain.exe [32736 2013-10-19] (Panda Security S.L -> Panda Security, S.L.)
HKLM-x32\...\RunOnce: [PsNAvInstaller] => C:\WINDOWS\TEMP\Panda DomeDA88.tmp\setup.exe [1189336 2019-08-05] (Panda Security S.L. -> Panda Security, S.L.) <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-2419783374-26214240-1524307561-1001\...\Run: [Opera Browser Assistant] => C:\Users\yuyub\AppData\Local\Programs\Opera\assistant\browser_assistant.exe [2754584 2019-09-02] (Opera Software AS -> Opera Software)
HKU\S-1-5-21-2419783374-26214240-1524307561-1001\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7946656 2017-04-04] (SUPERAntiSpyware.com -> SUPERAntiSpyware)
HKU\S-1-5-21-2419783374-26214240-1524307561-1001\...\RunOnce: [Application Restart #1] => C:\ProgramData\Google\ChromeDir\Application\chrome.exe [1695728 2019-11-03] (Google LLC -> Google LLC)
HKU\S-1-5-21-2419783374-26214240-1524307561-1001\...\MountPoints2: {bd372f91-637b-11e8-a015-68f7284e136e} - "I:\setup.exe" 
HKLM\Software\...\AppCompatFlags\Custom\Heroes3.exe: [{1d3c859c-1028-4822-b0a7-da4f7bbc18bc}.sdb] -> GOG.com Heroes of Might and Magic 3
HKLM\Software\...\AppCompatFlags\InstalledSDB\{1d3c859c-1028-4822-b0a7-da4f7bbc18bc}: [DatabasePath] -> C:\Windows\AppPatch\CustomSDB\{1d3c859c-1028-4822-b0a7-da4f7bbc18bc}.sdb [2012-11-28]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\78.0.3904.70\Installer\chrmstp.exe [2019-10-30] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Nuance Cloud Connector.lnk [2018-02-18]
ShortcutTarget: Nuance Cloud Connector.lnk -> C:\Program Files (x86)\Nuance\Nuance Cloud Connector\GladLauncher.exe (Gladinet, Inc. -> )
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\RealTimes.lnk [2019-03-21]
ShortcutTarget: RealTimes.lnk -> C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpsystray.exe (RealNetworks, Inc. -> RealNetworks, Inc.)
Startup: C:\Users\yuyub\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Enviar a OneNote.lnk [2019-04-13]
ShortcutTarget: Enviar a OneNote.lnk -> C:\Program Files (x86)\Microsoft Office\Office15\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0EB31417-F1BC-4B15-9F32-300C3D0658F6} - System32\Tasks\Opera scheduled Autoupdate 1542189984 => C:\Users\yuyub\AppData\Local\Programs\Opera\launcher.exe [1520152 2019-10-04] (Opera Software AS -> Opera Software)
Task: {18060A44-3DB1-425B-8475-F06C1F63E8C7} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [360448 2019-11-01] (CloudBees, Inc.) [File not signed]
Task: {2461537F-9179-4012-8D00-CE73EFFB741A} - System32\Tasks\SUPERAntiSpyware Scheduled Task 8f075b21-fd01-496f-991f-3d074955bfd2 => C:\Program Files\SUPERAntiSpyware\SASTask.exe [49944 2013-11-07] (SUPERAntiSpyware.com -> SUPERAdBlocker.com)
Task: {2AF7FF68-FEC2-4B2F-A94E-5D62631403A4} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe
Task: {2BA0FDD6-FA59-4E5D-B4EE-F23B544329E8} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [360448 2019-11-01] (CloudBees, Inc.) [File not signed]
Task: {2DA724B6-5434-4E80-8281-B1541D6DC2FE} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [16494464 2019-03-11] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {3415FA61-9736-4064-94AC-36B9D0717C57} - System32\Tasks\Nero\Nero Info => C:\Program Files (x86)\Common Files\Nero\Nero Info\NeroInfo.exe [7018264 2018-07-18] (Nero AG -> Nero AG)
Task: {368A69FE-48B8-4B66-886C-EDD6B6A86123} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\yuyub\AppData\Local\Temp\scoped_dir12260_1181962117\esetonlinescanner_esn.exe [8162616 2019-11-03] (ESET, spol. s r.o. -> ESET spol. s r.o.) <==== ATTENTION
Task: {44380AF4-E4AD-4EE5-A1F7-8066317114D0} - System32\Tasks\DivXUpdate => C:\Program Files (x86)\Common Files\DivX Shared\DivX Update\DivXUpdate.exe [68568 2017-08-02] (DivX, LLC -> DivX, LLC)
Task: {7DAC5212-DE94-455F-A21A-E416EA512DE7} - System32\Tasks\Avira\Safe Shopping\Check => C:\Program Files (x86)\Avira\Safe Shopping\Updater\Updater.exe [112016 2019-09-10] (Solute GmbH -> Avira)
Task: {7F5166DB-473A-4D0B-AC23-5D70A0BB51CB} - System32\Tasks\Opera scheduled assistant Autoupdate 1547668043 => C:\Users\yuyub\AppData\Local\Programs\Opera\launcher.exe [1520152 2019-10-04] (Opera Software AS -> Opera Software)
Task: {830A6378-0AFB-4B7C-928E-408E30537AD6} - System32\Tasks\SUPERAntiSpyware Scheduled Task 6891ee42-ac1d-4b04-aefe-70e62b717b1a => C:\Program Files\SUPERAntiSpyware\SASTask.exe [49944 2013-11-07] (SUPERAntiSpyware.com -> SUPERAdBlocker.com)
Task: {8F188828-7AFA-423E-B576-1689998DB3DB} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [4818848 2014-06-24] (Safer Networking Ltd. -> Safer-Networking Ltd.)
Task: {973557C6-1566-4891-A915-5A2F0543EA1C} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {A24BD09B-288A-41C2-8F13-41977D102563} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [52104 2017-03-21] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {A2AED356-C328-48FF-92EB-374091A9D256} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-2419783374-26214240-1524307561-1001 => C:\program files (x86)\real\RealDownloader\RealUpgrade.exe [135464 2019-02-20] (RealNetworks, Inc. -> RealNetworks, Inc.)
Task: {A61768B2-1088-4E7D-90FD-271B9414D36A} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [4460472 2014-06-24] (Safer Networking Ltd. -> Safer-Networking Ltd.)
Task: {A61B0592-E69B-4585-A648-043A6778E492} - System32\Tasks\RealDownloader Update Check => c:\program files (x86)\real\RealDownloader\downloader2.exe [1263400 2019-02-20] (RealNetworks, Inc. -> )
Task: {B81574AA-515E-49D3-8B1F-45CBA0AC0D36} - System32\Tasks\Avira\Safe Shopping\Update => C:\Program Files (x86)\Avira\Safe Shopping\Updater\Updater.exe [112016 2019-09-10] (Solute GmbH -> Avira)
Task: {B977DEAB-EC98-4E98-A69F-056A30C1D960} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-2419783374-26214240-1524307561-1001 => C:\program files (x86)\real\RealDownloader\RealUpgrade.exe [135464 2019-02-20] (RealNetworks, Inc. -> RealNetworks, Inc.)
Task: {CC094629-7C45-4AFD-9B1D-4C36EB0FD018} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-03-11] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {E3C9E3D6-C272-4969-BB65-ACCEB0C523CE} - System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-2419783374-26214240-1524307561-1001 => c:\program files (x86)\real\RealDownloader\recordingmanager.exe [959784 2019-02-20] (RealNetworks, Inc. -> RealNetworks, Inc.)
Task: {E4BC5607-A82A-4B1D-9698-AE1E63319544} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\yuyub\AppData\Local\Temp\scoped_dir12260_1181962117\esetonlinescanner_esn.exe [8162616 2019-11-03] (ESET, spol. s r.o. -> ESET spol. s r.o.) <==== ATTENTION
Task: {E6EBBC0E-E251-4BAB-933A-11176035A52A} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {F6F2D1CA-145B-4F68-870D-0890E3F043E4} - System32\Tasks\Avira\Safe Shopping\Launch => C:\Program Files (x86)\Avira\Safe Shopping\Updater\Updater.exe [112016 2019-09-10] (Solute GmbH -> Avira)
Task: {FC172394-A732-4DE6-B848-3201249FDD32} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [4747720 2014-06-27] (Safer Networking Ltd. -> Safer-Networking Ltd.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\SUPERAntiSpyware Scheduled Task 6891ee42-ac1d-4b04-aefe-70e62b717b1a.job => C:\Program Files\SUPERAntiSpyware\SASTask.exe C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
Task: C:\WINDOWS\Tasks\SUPERAntiSpyware Scheduled Task 8f075b21-fd01-496f-991f-3d074955bfd2.job => C:\Program Files\SUPERAntiSpyware\SASTask.exe C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{77ed89d6-82ea-45bf-bad0-4c12568dc7c1}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{83665db3-a3f2-4b7c-9732-58bd37e95b83}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{be8a7d2a-86ab-4a9b-9bdc-1193960898f7}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{c67547fc-be96-4073-994b-66c1f78a5cae}: [DhcpNameServer] 192.168.42.129

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.bing.com/search?FORM=INCOH1&PC=IC05&PTAG=ICO-59641977
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-e97a2dcf&q={searchTerms}
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-e97a2dcf&q={searchTerms}
SearchScopes: HKLM -> {26080cad-4adc-49ac-8c63-eda16e595cbd} URL = hxxps://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-59641977&q={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-e97a2dcf&q={searchTerms}
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-e97a2dcf&q={searchTerms}
SearchScopes: HKLM-x32 -> {26080cad-4adc-49ac-8c63-eda16e595cbd} URL = hxxps://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-59641977&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2419783374-26214240-1524307561-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> c:\program files (x86)\real\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin64.dll [2019-02-20] (RealNetworks, Inc. -> RealDownloader)
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2019-07-18] (Microsoft Corporation -> Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2018-07-18] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Adobe PDF Reader Link Helper -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> c:\program files (x86)\real\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll [2019-02-20] (RealNetworks, Inc. -> RealDownloader)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2019-07-18] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: PlusIEEventHelper Class -> {551A852F-39A6-44A7-9C13-AFBEC9185A9D} -> C:\Program Files (x86)\Nuance\PDF Professional 8\Bin\PlusIEContextMenu.dll [2012-07-19] (Zeon Corporation -> Zeon Corporation) [File not signed]
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\ssv.dll [2018-01-30] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: ZeonIEEventHelper Class -> {C7DA0384-42AA-428c-B832-88AC343DE1A8} -> C:\Program Files (x86)\Nuance\PDF Professional 8\Bin\GZeonIEFavClient.dll [2012-07-27] (Zeon Corporation -> Zeon Corporation) [File not signed]
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2018-07-18] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\jp2ssv.dll [2018-01-30] (Oracle America, Inc. -> Oracle Corporation)
Toolbar: HKLM-x32 - Nuance PDF - {BCCE15AE-AC7E-4bc9-94AF-2A714A412BCB} - C:\Program Files (x86)\Nuance\PDF Professional 8\Bin\GZeonIEFavClient.dll [2012-07-27] (Zeon Corporation -> Zeon Corporation) [File not signed]

Edge: 
======
DownloadDir: C:\Users\yuyub\Desktop\APLICACIONES\DESCARGAR
Edge HomeButtonPage: HKU\S-1-5-21-2419783374-26214240-1524307561-1001 -> hxxp://www.google.com/

FireFox:
========
FF DefaultProfile: lnkyzc8a.default-1533742726210
FF ProfilePath: C:\Users\yuyub\AppData\Roaming\Mozilla\Firefox\Profiles\lnkyzc8a.default-1533742726210 [2019-11-03]
FF Homepage: Mozilla\Firefox\Profiles\lnkyzc8a.default-1533742726210 -> hxxps://www.malwarebytes.org/restorebrowser/
FF Extension: (Avast Online Security) - C:\Users\yuyub\AppData\Roaming\Mozilla\Firefox\Profiles\lnkyzc8a.default-1533742726210\Extensions\[email protected] [2019-10-31]
FF SearchPlugin: C:\Users\yuyub\AppData\Roaming\Mozilla\Firefox\Profiles\lnkyzc8a.default-1533742726210\searchplugins\bing-lavasoft-ff59.xml [2019-11-01]
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll [2017-11-21] (DivX, LLC -> DivX, LLC)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-10-13] (Google Inc -> Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.161.2 -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\dtplugin\npDeployJava1.dll [2018-01-30] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.161.2 -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\plugin2\npjp2.dll [2018-01-30] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2018-02-15] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=18.1.16.215 -> c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll [2019-03-21] (RealNetworks, Inc. -> RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=18.1.16.215 -> c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll [2019-03-21] (RealNetworks, Inc. -> RealPlayer)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.35.302\npGoogleUpdate3.dll [2019-10-06] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.35.302\npGoogleUpdate3.dll [2019-10-06] (Google Inc -> Google LLC)
FF Plugin-x32: ZEON/PDF,version=2.0 -> C:\Program Files (x86)\Nuance\PDF Professional 8\bin\nppdf.dll [2012-07-31] (Zeon Corporation -> Zeon Corporation) [File not signed]
FF Plugin HKU\S-1-5-21-2419783374-26214240-1524307561-1001: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2018-04-02] (Ubisoft Entertainment Sweden AB -> )

Chrome: 
=======
CHR StartupUrls: Default -> "hxxp://www.google.com"
CHR DefaultSearchURL: Default -> hxxps://ezy-search.com/serp.php?aid=001&q={searchTerms}
CHR DefaultSearchKeyword: Default -> safesearch
CHR Profile: C:\Users\yuyub\AppData\Local\Google\Chrome\User Data\Default [2019-11-03]
CHR Extension: (Presentaciones) - C:\Users\yuyub\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-03-23]
CHR Extension: (Documentos) - C:\Users\yuyub\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-03-23]
CHR Extension: (Google Drive) - C:\Users\yuyub\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-03-23]
CHR Extension: (YouTube) - C:\Users\yuyub\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-03-23]
CHR Extension: (Hojas de cálculo) - C:\Users\yuyub\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-03-23]
CHR Extension: (Avira Navegación segura) - C:\Users\yuyub\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2019-11-01]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\yuyub\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-11-01]
CHR Extension: (Avast Online Security) - C:\Users\yuyub\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2019-11-03]
CHR Extension: (SearchPreview) - C:\Users\yuyub\AppData\Local\Google\Chrome\User Data\Default\Extensions\hcjdanpjacpeeppdjkppebobilhaglfo [2019-11-03]
CHR Extension: (Ezy Search) - C:\Users\yuyub\AppData\Local\Google\Chrome\User Data\Default\Extensions\lecopdllcadfbliodgfpfbhgoaohmlfe [2019-11-03]
CHR Extension: (Total AV Safe Search) - C:\Users\yuyub\AppData\Local\Google\Chrome\User Data\Default\Extensions\looohgelibjoplmkhecmalapkgadkfcc [2019-11-03]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\yuyub\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-11-01]
CHR Extension: (Gmail) - C:\Users\yuyub\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-11-01]
CHR Extension: (Chrome Media Router) - C:\Users\yuyub\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-11-01]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [looohgelibjoplmkhecmalapkgadkfcc] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [hcjdanpjacpeeppdjkppebobilhaglfo] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lecopdllcadfbliodgfpfbhgoaohmlfe] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [looohgelibjoplmkhecmalapkgadkfcc] - hxxps://clients2.google.com/service/update2/crx

Opera: 
=======
OPR Notifications: hxxps://1v.to; hxxps://my.jdownloader.org; hxxps://ouo.press; hxxps://shortpaid.com; hxxps://tmearn.com; hxxps://www.mijazztel.com
OPR Extension: (MyJDownloader Browser Extension) - C:\Users\yuyub\AppData\Roaming\Opera Software\Opera Stable\Extensions\fbcohnmimjicjdomonkcbcpbpnhggkip [2019-03-22]
OPR Extension: (Install Chrome Extensions) - C:\Users\yuyub\AppData\Roaming\Opera Software\Opera Stable\Extensions\kipjbhgniklcnglfaldilecjomjaddfi [2019-10-16]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [173472 2017-01-31] (SUPERAntiSpyware.com -> SUPERAntiSpyware.com)
R2 AMD External Events Utility; C:\WINDOWS\system32\atiesrxx.exe [298904 2017-03-29] (Advanced Micro Devices, Inc. -> AMD)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [591872 2019-10-17] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S3 BITCOMET_HELPER_SERVICE; C:\Program Files\BitComet\tools\BitCometService.exe [1296728 2013-11-29] (Shanghai Comet Network Technology -> www.BitComet.com)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [3638888 2018-05-22] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R3 Disc Soft Pro Bus Service; C:\Program Files\DAEMON Tools Pro\DiscSoftBusServicePro.exe [1841344 2017-05-17] (Disc Soft Ltd -> Disc Soft Ltd)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [134888 2016-08-14] (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.)
R2 GladFileMonSvc; C:\Program Files (x86)\Nuance\Nuance Cloud Connector\GladFileMonSvc.exe [29592 2012-07-18] (Gladinet, Inc. -> Gladinet, INC)
S2 gupdate; C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [360448 2019-11-01] (CloudBees, Inc.) [File not signed]
S3 gupdatem; C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [360448 2019-11-01] (CloudBees, Inc.) [File not signed]
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6744288 2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
R2 NanoServiceMain; C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSANHost.exe [140768 2013-10-03] (Panda Security S.L -> Panda Security, S.L.)
R2 NeroBackItUpBackgroundService2018; C:\Program Files (x86)\Nero\Nero 2018\Nero BackItUp\NBService.exe [287096 2017-12-15] (Nero AG -> Nero AG)
R2 PDFProFiltSrv; C:\Program Files (x86)\Nuance\PDF Professional 8\PDFProFiltSrv.exe [135056 2012-09-10] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
S2 PSGenUn; C:\SMCLpav\SMCLpav.exe [532184 2019-08-01] (Panda Security S.L. -> Panda Security, S.L.)
R2 PSI_SVC_2; c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [277360 2014-04-30] (Arvato Digital Services Canada Inc -> arvato digital services llc)
R2 PSUAService; C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSUAService.exe [37344 2013-10-19] (Panda Security S.L -> Panda Security, S.L.)
R2 RealPlayerUpdateSvc; C:\program files (x86)\real\UpdateService\RealPlayerUpdateSvc.exe [38032 2019-02-20] (RealNetworks, Inc. -> RealNetworks, Inc.)
R2 RealTimes Desktop Service; c:\program files (x86)\real\realplayer\RPDS\Bin\rpdsvc.exe [990856 2019-03-21] (RealNetworks, Inc. -> RealNetworks, Inc.)
R2 RtkBtManServ; C:\WINDOWS\RtkBtManServ.exe [709168 2019-05-20] (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer Networking Ltd. -> Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer Networking Ltd. -> Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer Networking Ltd. -> Safer-Networking Ltd.)
R2 tbaseprovisioning; C:\WINDOWS\SysWOW64\tbaseprovisioning.exe [51224 2016-08-23] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4098056 2019-03-19] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [113992 2019-03-19] (Microsoft Corporation -> Microsoft Corporation)
S2 Winnmgr; C:\ProgramData\winnmgr\netmgr.exe [4779520 2019-10-23] (Microsoft Corporation) [File not signed]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Antonio_Herrera_Carr · 3 Noviembre, 2019 19:42

REPORTE2 FRST

S3 amdkmcsp; C:\WINDOWS\system32\DRIVERS\amdkmcsp.sys [100752 2016-08-23] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc. )
R3 amdkmdag; C:\WINDOWS\System32\DriverStore\FileRepository\c0312694.inf_amd64_9da804b05ab53fd2\atikmdag.sys [32703384 2017-03-29] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\WINDOWS\System32\DriverStore\FileRepository\c0312694.inf_amd64_9da804b05ab53fd2\atikmpag.sys [525208 2017-03-29] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R0 amdkmpfd; C:\WINDOWS\System32\drivers\amdkmpfd.sys [87840 2016-12-23] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R0 amdpsp; C:\WINDOWS\System32\DRIVERS\amdpsp.sys [254864 2016-08-23] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc. )
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [110096 2016-08-09] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2018-01-17] (Disc Soft Ltd -> Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2018-01-17] (Disc Soft Ltd -> Disc Soft Ltd)
R3 dtproscsibus; C:\WINDOWS\System32\drivers\dtproscsibus.sys [30264 2018-05-29] (Disc Soft Ltd -> Disc Soft Ltd)
R0 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [199768 2019-11-03] (Malwarebytes Corporation -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [20936 2019-06-26] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [275232 2019-11-03] (Malwarebytes Corporation -> Malwarebytes)
R1 NNSALPC; C:\WINDOWS\system32\DRIVERS\NNSALPC.sys [91368 2013-05-29] (Panda Security S.L -> Panda Security, S.L.)
S1 NNSHTTP; C:\WINDOWS\system32\DRIVERS\NNSHTTP.sys [122088 2013-05-29] (Panda Security S.L -> Panda Security, S.L.)
S1 NNSHTTPS; C:\WINDOWS\system32\DRIVERS\NNSHTTPS.sys [109288 2013-05-29] (Panda Security S.L -> Panda Security, S.L.)
S1 NNSIDS; C:\WINDOWS\system32\DRIVERS\NNSIDS.sys [114920 2013-05-29] (Panda Security S.L -> Panda Security, S.L.)
S1 NNSPICC; C:\WINDOWS\system32\DRIVERS\NNSPICC.sys [95464 2013-05-29] (Panda Security S.L -> Panda Security, S.L.)
S4 NNSPIHSW; C:\WINDOWS\system32\DRIVERS\NNSPIHSW.sys [69864 2013-05-29] (Panda Security S.L -> Panda Security, S.L.)
S1 NNSPOP3; C:\WINDOWS\system32\DRIVERS\NNSPOP3.sys [119016 2013-05-29] (Panda Security S.L -> Panda Security, S.L.)
S1 NNSPROT; C:\WINDOWS\system32\DRIVERS\NNSPROT.sys [305896 2013-05-29] (Panda Security S.L -> Panda Security, S.L.)
R1 NNSPRV; C:\WINDOWS\system32\DRIVERS\NNSPRV.sys [118504 2013-05-29] (Panda Security S.L -> Panda Security, S.L.)
S1 NNSSMTP; C:\WINDOWS\system32\DRIVERS\NNSSMTP.sys [114920 2013-05-29] (Panda Security S.L -> Panda Security, S.L.)
S1 NNSSTRM; C:\WINDOWS\system32\DRIVERS\NNSSTRM.sys [246504 2013-05-29] (Panda Security S.L -> Panda Security, S.L.)
S1 NNSTLSC; C:\WINDOWS\system32\DRIVERS\NNSTLSC.sys [106216 2013-05-29] (Panda Security S.L -> Panda Security, S.L.)
S2 PSINAflt; C:\WINDOWS\system32\DRIVERS\PSINAflt.sys [169192 2013-10-17] (Panda Security S.L -> Panda Security, S.L.)
R2 PSINFile; C:\WINDOWS\System32\DRIVERS\PSINFile.sys [122600 2013-10-11] (Panda Security S.L -> Panda Security, S.L.)
U1 PSINKNC; C:\WINDOWS\System32\DRIVERS\PSINKNC.sys [206056 2013-10-11] (Panda Security S.L -> Panda Security, S.L.)
R2 PSINProc; C:\WINDOWS\System32\DRIVERS\PSINProc.sys [124648 2013-10-11] (Panda Security S.L -> Panda Security, S.L.)
S2 PSINProt; C:\WINDOWS\system32\DRIVERS\PSINProt.sys [137960 2013-10-11] (Panda Security S.L -> Panda Security, S.L.)
S3 PSINReg; C:\WINDOWS\System32\DRIVERS\PSINReg.sys [105704 2013-10-11] (Panda Security S.L -> Panda Security, S.L.)
S3 PSKMAD; C:\WINDOWS\System32\DRIVERS\PSKMAD.sys [58808 2013-04-29] (Panda Security S.L -> Panda Security, S.L.)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [943104 2017-04-19] (Realtek Semiconductor Corp. -> Realtek )
R3 RtkBtFilter; C:\WINDOWS\System32\drivers\RtkBtfilter.sys [779104 2019-05-20] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corporation)
R3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [410880 2015-07-03] (Realtek Semiconductor Corp -> Realsil Semiconductor Corporation)
R3 rtsuvc; C:\WINDOWS\system32\DRIVERS\rtsuvc.sys [3127576 2016-07-26] (Realtek Semiconductor Corp -> Realtek Semiconductor Corp.)
R3 RTWlanE01; C:\WINDOWS\System32\drivers\rtwlane01.sys [8169472 2019-03-19] (Microsoft Windows -> Realtek Semiconductor Corporation )
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (Support.com, Inc. -> SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (Support.com, Inc. -> SUPERAdBlocker.com and SUPERAntiSpyware.com)
R0 sptd2; C:\WINDOWS\System32\Drivers\sptd2.sys [203296 2019-11-02] (Disc Soft Ltd -> Duplex Secure Ltd)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46472 2019-03-19] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [333784 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [62432 2019-03-19] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-11-03 17:57 - 2019-11-03 18:00 - 000040355 _____ C:\Users\yuyub\Desktop\FRST.txt
2019-11-03 15:51 - 2013-04-29 08:17 - 000058808 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\PSKMAD.sys
2019-11-03 15:50 - 2013-10-17 20:31 - 000169192 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\PSINAflt.sys
2019-11-03 15:50 - 2013-10-11 10:46 - 000137960 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\PSINProt.sys
2019-11-03 15:04 - 2019-11-03 16:12 - 000000070 _____ C:\WINDOWS\RAVDG.TMP
2019-11-03 15:04 - 2019-11-03 15:38 - 000000000 ____D C:\SMCLpav
2019-11-03 14:41 - 2019-11-03 15:50 - 000000000 ____D C:\Users\yuyub\AppData\Roaming\Panda Security
2019-11-03 14:41 - 2019-11-03 15:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Cloud Antivirus
2019-11-03 14:41 - 2013-10-11 10:46 - 000206056 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\PSINKNC.sys
2019-11-03 14:40 - 2019-11-03 15:49 - 000000000 ____D C:\ProgramData\Panda Security
2019-11-03 14:40 - 2019-11-03 14:40 - 000000000 ____D C:\temp
2019-11-03 14:35 - 2019-11-03 14:38 - 000305124 _____ C:\TDSSKiller.3.1.0.28_03.11.2019_14.35.42_log.txt
2019-11-03 13:47 - 2019-11-03 13:47 - 000255928 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\7253160F.sys
2019-11-03 13:42 - 2019-11-03 14:34 - 000000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2019-11-03 13:42 - 2019-11-03 13:42 - 000000000 ____D C:\Users\yuyub\Desktop\mbar
2019-11-03 13:35 - 2019-11-02 19:24 - 007622344 _____ (Malwarebytes) C:\Users\yuyub\Desktop\AdwCleaner.exe
2019-11-03 13:03 - 2019-11-03 13:03 - 000275232 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2019-11-03 12:38 - 2019-11-03 13:12 - 000000000 ____D C:\ProgramData\NtvHost1
2019-11-03 10:25 - 2019-11-03 10:25 - 000199768 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2019-11-03 09:36 - 2019-11-03 09:36 - 004291320 _____ (BrightFort LLC ) C:\Users\yuyub\Desktop\spywareblaster_5.5.exe
2019-11-03 09:31 - 2019-11-03 09:32 - 007622344 _____ (Malwarebytes) C:\Users\yuyub\Desktop\adwcleaner_7.4.2.exe
2019-11-03 09:30 - 2019-11-03 09:31 - 018579341 _____ C:\Users\yuyub\Downloads\unhackme_11.10.0.910.zip
2019-11-03 09:20 - 2019-11-03 09:20 - 000003878 _____ C:\WINDOWS\system32\Tasks\EOSv3 Scheduler onLogOn
2019-11-03 09:20 - 2019-11-03 09:20 - 000003436 _____ C:\WINDOWS\system32\Tasks\EOSv3 Scheduler onTime
2019-11-03 01:33 - 2019-11-03 01:33 - 000001360 _____ C:\Users\yuyub\Desktop\ESET Online Scanner.lnk
2019-11-03 01:32 - 2019-11-03 01:32 - 008162616 _____ (ESET spol. s r.o.) C:\Users\yuyub\Desktop\esetonlinescanner_esn.exe
2019-11-03 01:32 - 2019-11-03 01:32 - 000001437 _____ C:\Users\yuyub\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk
2019-11-03 01:27 - 2019-11-03 01:27 - 001169816 _____ C:\Users\yuyub\Downloads\eset_internet_security_live_installer.exe
2019-11-03 00:56 - 2019-11-03 01:32 - 000000000 ____D C:\Users\yuyub\AppData\Local\ESET
2019-11-03 00:50 - 2019-11-03 00:50 - 000000000 ____D C:\ProgramData\ESET
2019-11-02 23:52 - 2019-11-03 17:59 - 000000000 ____D C:\FRST
2019-11-02 23:46 - 2019-11-03 13:17 - 000003550 _____ C:\Users\yuyub\Desktop\Rkill.txt
2019-11-02 23:28 - 2019-11-03 17:57 - 000000000 ____D C:\Users\yuyub\Desktop\COSAS
2019-11-02 23:28 - 2019-11-02 19:21 - 001619456 _____ (Farbar) C:\Users\yuyub\Desktop\FRST64.exe
2019-11-02 17:00 - 2019-11-03 13:32 - 000000547 _____ C:\Users\yuyub\Desktop\JRT.txt
2019-11-02 16:51 - 2019-11-02 16:51 - 000203296 _____ (Duplex Secure Ltd) C:\WINDOWS\system32\Drivers\sptd2.sys
2019-11-02 16:49 - 2019-11-02 16:49 - 000000000 ____D C:\ProgramData\Kaspersky Lab Setup Files
2019-11-02 13:20 - 2019-11-02 23:39 - 000175386 _____ C:\WINDOWS\ntbtlog.txt
2019-11-02 13:20 - 2019-11-02 16:42 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2019-11-02 03:07 - 2019-11-02 03:07 - 000001306 _____ C:\Users\yuyub\OneDrive\Documentos\cc_20191102_030743.reg
2019-11-02 02:24 - 2019-11-02 15:50 - 000000536 _____ C:\WINDOWS\Tasks\SUPERAntiSpyware Scheduled Task 8f075b21-fd01-496f-991f-3d074955bfd2.job
2019-11-02 02:24 - 2019-11-02 15:50 - 000000536 _____ C:\WINDOWS\Tasks\SUPERAntiSpyware Scheduled Task 6891ee42-ac1d-4b04-aefe-70e62b717b1a.job
2019-11-02 02:24 - 2019-11-02 03:09 - 000003526 _____ C:\WINDOWS\system32\Tasks\SUPERAntiSpyware Scheduled Task 8f075b21-fd01-496f-991f-3d074955bfd2
2019-11-02 02:24 - 2019-11-02 03:09 - 000003268 _____ C:\WINDOWS\system32\Tasks\SUPERAntiSpyware Scheduled Task 6891ee42-ac1d-4b04-aefe-70e62b717b1a
2019-11-02 02:23 - 2019-11-02 02:23 - 000000000 ____D C:\Users\yuyub\AppData\Roaming\SUPERAntiSpyware.com
2019-11-02 02:22 - 2019-11-02 02:23 - 000000000 ____D C:\Program Files\SUPERAntiSpyware
2019-11-02 02:22 - 2019-11-02 02:22 - 000001860 _____ C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
2019-11-02 02:22 - 2019-11-02 02:22 - 000000000 ____D C:\ProgramData\SUPERAntiSpyware.com
2019-11-02 02:22 - 2019-11-02 02:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2019-11-02 00:41 - 2015-09-14 14:03 - 000039672 _____ C:\WINDOWS\system32\Drivers\DasPtct.SYS
2019-11-02 00:40 - 2019-11-03 15:49 - 000000000 ____D C:\Program Files (x86)\Panda Security
2019-11-02 00:40 - 2019-11-03 09:45 - 000001366 _____ C:\Users\Public\Desktop\Panda Cloud Cleaner.lnk
2019-11-02 00:40 - 2019-11-02 00:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Security
2019-11-02 00:39 - 2016-10-05 16:48 - 037786232 _____ (Panda Security ) C:\Users\yuyub\Desktop\PandaCloudCleaner.exe
2019-11-02 00:22 - 2019-11-02 00:22 - 000009472 _____ C:\Users\yuyub\OneDrive\Documentos\cc_20191102_002144.reg
2019-11-02 00:15 - 2019-11-02 00:15 - 000060594 _____ C:\Users\yuyub\OneDrive\Documentos\cc_20191102_001537.reg
2019-11-01 18:43 - 2019-11-01 18:43 - 000000000 ____D C:\Users\yuyub\AppData\Local\mbam
2019-11-01 18:27 - 2019-11-01 18:27 - 000000000 ____D C:\Users\yuyub\AppData\Local\mbamtray
2019-11-01 18:25 - 2019-11-02 13:25 - 000002104 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2019-11-01 18:25 - 2019-11-01 18:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-11-01 18:25 - 2019-09-30 06:25 - 000153312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2019-11-01 18:25 - 2019-06-26 13:00 - 000020936 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2019-11-01 18:03 - 2019-11-01 18:06 - 000000000 ____D C:\Users\defaultuser100000
2019-11-01 15:24 - 2019-11-01 23:33 - 000000000 ____D C:\Users\yuyub\AppData\Roaming\l4fgv4haylw
2019-11-01 15:23 - 2019-11-01 23:36 - 000000000 ____D C:\Users\yuyub\AppData\Roaming\ntldpwlgwo3
2019-11-01 15:14 - 2019-11-01 23:37 - 000000000 ____D C:\Program Files\F0FKB13TJP
2019-11-01 15:14 - 2019-11-01 23:36 - 000000000 ____D C:\Users\yuyub\AppData\Roaming\iz0qiywr2ym
2019-11-01 15:13 - 2019-11-01 23:37 - 000000000 ____D C:\Program Files\8OKJJNUSMW
2019-11-01 15:13 - 2019-11-01 23:36 - 000000000 ____D C:\Users\yuyub\AppData\Roaming\r24pzjh5flk
2019-11-01 15:04 - 2019-11-01 23:36 - 000000000 ____D C:\Users\yuyub\AppData\Roaming\vrcljz5xen0
2019-11-01 15:02 - 2019-11-01 23:36 - 000000000 ____D C:\Users\yuyub\AppData\Roaming\f2bihhcmvf0
2019-11-01 14:54 - 2019-11-02 16:00 - 000000000 ____D C:\ProgramData\Google
2019-11-01 14:53 - 2019-11-01 23:36 - 000000000 ____D C:\Users\yuyub\AppData\Roaming\uxof1elgtuj
2019-11-01 14:52 - 2019-11-01 23:36 - 000000000 ____D C:\Users\yuyub\AppData\Roaming\ua5ynea4vto
2019-11-01 14:51 - 2019-11-03 13:26 - 000000000 ____D C:\Users\yuyub\AppData\Local\GoogleChromeUserData
2019-11-01 14:43 - 2019-11-01 23:36 - 000000000 ____D C:\Users\yuyub\AppData\Roaming\zyxcpeelmp0
2019-11-01 14:42 - 2019-11-01 23:37 - 000000000 ____D C:\Users\yuyub\AppData\Roaming\czkz4vjgcms
2019-11-01 14:42 - 2019-11-01 23:37 - 000000000 ____D C:\Program Files\0NIUXOOFNU
2019-11-01 14:33 - 2019-11-01 23:37 - 000000000 ____D C:\Users\yuyub\AppData\Roaming\253b31usbai
2019-11-01 14:33 - 2019-11-01 23:37 - 000000000 ____D C:\Program Files\ECV04XHOM8
2019-11-01 14:32 - 2019-11-01 23:36 - 000000000 ____D C:\Users\yuyub\AppData\Roaming\53omlxwz1kl
2019-11-01 14:30 - 2019-11-01 14:49 - 000000000 ____D C:\Users\yuyub\AppData\Local\GoogleChromeApplication
2019-11-01 01:06 - 2019-11-01 01:06 - 000000000 ____D C:\ProgramData\Lamia
2019-11-01 01:06 - 2019-11-01 01:06 - 000000000 ____D C:\ProgramData\hVVxek6q
2019-11-01 01:04 - 2019-11-01 01:04 - 001246160 _____ (Mozilla Foundation) C:\ProgramData\nss3.dll
2019-11-01 01:04 - 2019-11-01 01:04 - 000137168 _____ (Mozilla Foundation) C:\ProgramData\mozglue.dll
2019-11-01 01:02 - 2019-11-01 23:37 - 000000000 ____D C:\Users\yuyub\AppData\Roaming\v4gep5jkdro
2019-11-01 01:02 - 2019-11-01 01:05 - 000000000 ____D C:\ProgramData\EVVKWFOOXDQHD1YFE03ADD6SB
2019-11-01 00:59 - 2019-11-01 23:33 - 000000000 ____D C:\Users\yuyub\AppData\Roaming\VPNPR
2019-11-01 00:58 - 2019-11-03 13:04 - 000000000 ____D C:\ProgramData\winnmgr
2019-11-01 00:57 - 2019-11-02 16:08 - 000000000 ____D C:\ProgramData\NtvHost
2019-11-01 00:55 - 2019-11-01 01:10 - 000000000 ____D C:\ProgramData\EventSvc
2019-11-01 00:53 - 2019-11-01 23:37 - 000000000 ____D C:\Users\yuyub\AppData\Roaming\suuy3ysrvxj
2019-11-01 00:53 - 2019-11-01 23:37 - 000000000 ____D C:\Program Files\RDPDQCE7XY
2019-11-01 00:53 - 2019-11-01 00:53 - 000000000 ____D C:\Program Files (x86)\Innovative Solutions
2019-11-01 00:52 - 2019-11-02 00:35 - 000000000 ____D C:\Program Files (x86)\YoutubeDownloader
2019-11-01 00:52 - 2019-11-01 23:37 - 000000000 ____D C:\Users\yuyub\AppData\Roaming\cfot1kvzm4h
2019-11-01 00:52 - 2019-11-01 23:37 - 000000000 ____D C:\Program Files\3485FLQS0D
2019-11-01 00:52 - 2019-11-01 00:52 - 000000000 ____D C:\Users\yuyub\AppData\Roaming\ScreenToGif
2019-11-01 00:50 - 2019-11-02 02:09 - 000000000 ____D C:\Program Files (x86)\Slide
2019-11-01 00:49 - 2019-11-01 00:49 - 000000000 ____D C:\Users\yuyub\Downloads\Anno.1800.Deluxe.Edition.UplayRip-InsaneRamZes
2019-11-01 00:04 - 2019-11-01 00:04 - 000000000 ____D C:\Users\yuyub\Downloads\Anno.1800.PC
2019-11-01 00:03 - 2019-11-01 15:25 - 000000000 ____D C:\Users\yuyub\AppData\Roaming\Lavasoft
2019-11-01 00:03 - 2019-11-01 15:25 - 000000000 ____D C:\Users\yuyub\AppData\Local\Lavasoft
2019-11-01 00:03 - 2019-11-01 15:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2019-11-01 00:03 - 2019-11-01 14:36 - 000000000 ____D C:\Users\yuyub\AppData\Local\BitTorrentHelper
2019-11-01 00:02 - 2019-11-01 15:25 - 000000000 ____D C:\ProgramData\Lavasoft
2019-11-01 00:02 - 2019-11-01 15:25 - 000000000 ____D C:\Program Files (x86)\Lavasoft
2019-11-01 00:02 - 2019-11-01 00:02 - 000000907 _____ C:\Users\yuyub\Desktop\µTorrent.lnk
2019-11-01 00:01 - 2019-11-02 00:06 - 000000000 ____D C:\Users\yuyub\AppData\Roaming\uTorrent
2019-10-31 23:15 - 2019-11-01 23:33 - 000000000 ____D C:\Program Files (x86)\Naga
2019-10-31 23:15 - 2019-11-01 23:31 - 000000000 ____D C:\Users\yuyub\AppData\Roaming\view
2019-10-31 23:13 - 2019-11-01 00:48 - 000070813 _____ C:\Users\yuyub\OneDrive\Documentos\anno_1800_deluxe_edition_uplayrip.torrent
2019-10-31 17:09 - 2019-10-31 17:09 - 000000052 _____ C:\Users\yuyub\Desktop\uploads_License.Key.Anno.1800..36413 (1).txt
2019-10-31 15:33 - 2019-10-31 15:33 - 000000000 ___HD C:\$AV_ASW
2019-10-31 15:21 - 2019-10-31 15:21 - 000000000 ____D C:\ProgramData\{9AD68BB1-B31A-721B-62AE-98FE6249C1AF}
2019-10-31 15:21 - 2019-10-31 15:21 - 000000000 ____D C:\ProgramData\{018D7543-4DE8-E940-9050-C36590B79A34}
2019-10-31 15:16 - 2019-10-31 15:16 - 000000000 ____D C:\Users\yuyub\AppData\Local\AdvinstAnalytics
2019-10-31 15:14 - 2019-10-31 15:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BitComet (64-bit)
2019-10-30 23:50 - 2019-10-30 23:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2019-10-13 13:14 - 2019-10-13 13:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Northgard
2019-10-10 16:07 - 2019-10-10 16:07 - 000000000 ____D C:\WINDOWS\PCHEALTH
2019-10-10 15:05 - 2019-10-10 15:05 - 000387832 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
2019-10-10 15:04 - 2019-10-10 15:04 - 025443840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2019-10-10 15:04 - 2019-10-10 15:04 - 019811840 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramWorld.dll
2019-10-10 15:04 - 2019-10-10 15:04 - 004481536 _____ (Microsoft Corporation) C:\WINDOWS\system32\DHolographicDisplay.dll
2019-10-10 15:04 - 2019-10-10 15:04 - 004129616 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2019-10-10 15:04 - 2019-10-10 15:04 - 003525592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2019-10-10 15:04 - 2019-10-10 15:04 - 003365376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2019-10-10 15:04 - 2019-10-10 15:04 - 002494440 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2019-10-10 15:04 - 2019-10-10 15:04 - 002422592 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVCORE.DLL
2019-10-10 15:04 - 2019-10-10 15:04 - 002314648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2019-10-10 15:04 - 2019-10-10 15:04 - 002236144 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2019-10-10 15:04 - 2019-10-10 15:04 - 002138472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVCORE.DLL
2019-10-10 15:04 - 2019-10-10 15:04 - 001610752 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2019-10-10 15:04 - 2019-10-10 15:04 - 001510752 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2019-10-10 15:04 - 2019-10-10 15:04 - 001273392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2019-10-10 15:04 - 2019-10-10 15:04 - 001244944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2019-10-10 15:04 - 2019-10-10 15:04 - 001152016 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2019-10-10 15:04 - 2019-10-10 15:04 - 001098712 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2019-10-10 15:04 - 2019-10-10 15:04 - 001012792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2019-10-10 15:04 - 2019-10-10 15:04 - 000952416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DolbyDecMFT.dll
2019-10-10 15:04 - 2019-10-10 15:04 - 000939008 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2019-10-10 15:04 - 2019-10-10 15:04 - 000742912 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2019-10-10 15:04 - 2019-10-10 15:04 - 000722944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapi.dll
2019-10-10 15:04 - 2019-10-10 15:04 - 000537600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2019-10-10 15:04 - 2019-10-10 15:04 - 000524800 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2019-10-10 15:04 - 2019-10-10 15:04 - 000516544 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2019-10-10 15:04 - 2019-10-10 15:04 - 000401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2019-10-10 15:04 - 2019-10-10 15:04 - 000334336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapibase.dll
2019-10-10 15:04 - 2019-10-10 15:04 - 000083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdbusenum.dll
2019-10-10 15:04 - 2019-10-10 15:04 - 000053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\BdeUISrv.exe
2019-10-10 15:03 - 2019-10-10 15:03 - 019849216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2019-10-10 15:03 - 2019-10-10 15:03 - 018019840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-10-10 15:03 - 2019-10-10 15:03 - 007015936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2019-10-10 15:03 - 2019-10-10 15:03 - 006232064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2019-10-10 15:03 - 2019-10-10 15:03 - 005915648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-10-10 15:03 - 2019-10-10 15:03 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2019-10-10 15:03 - 2019-10-10 15:03 - 001505320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll
2019-10-10 15:03 - 2019-10-10 15:03 - 001297936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll
2019-10-10 15:03 - 2019-10-10 15:03 - 000904704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\opengl32.dll
2019-10-10 15:03 - 2019-10-10 15:03 - 000843776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2019-10-10 15:03 - 2019-10-10 15:03 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2019-10-10 15:03 - 2019-10-10 15:03 - 000690176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2019-10-10 15:03 - 2019-10-10 15:03 - 000689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2019-10-10 15:03 - 2019-10-10 15:03 - 000667136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2019-10-10 15:03 - 2019-10-10 15:03 - 000450560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxdiagn.dll
2019-10-10 15:03 - 2019-10-10 15:03 - 000429568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2019-10-10 15:03 - 2019-10-10 15:03 - 000421376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2019-10-10 15:03 - 2019-10-10 15:03 - 000417280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SessEnv.dll
2019-10-10 15:03 - 2019-10-10 15:03 - 000353792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2019-10-10 15:03 - 2019-10-10 15:03 - 000245248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\glu32.dll
2019-10-10 15:03 - 2019-10-10 15:03 - 000241152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msltus40.dll
2019-10-10 15:03 - 2019-10-10 15:03 - 000186880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE
2019-10-10 15:03 - 2019-10-10 15:03 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IndexedDbLegacy.dll
2019-10-10 15:03 - 2019-10-10 15:03 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2019-10-10 15:03 - 2019-10-10 15:03 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll
2019-10-10 15:03 - 2019-10-10 15:03 - 000070144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll
2019-10-10 15:03 - 2019-10-10 15:03 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdvvmtransport.dll
2019-10-10 15:03 - 2019-10-10 15:03 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iemigplugin.dll
2019-10-10 15:02 - 2019-10-10 15:02 - 000802816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2019-10-10 15:02 - 2019-10-10 15:02 - 000476672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll
2019-10-10 15:02 - 2019-10-10 15:02 - 000315392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxdiag.exe
2019-10-10 15:02 - 2019-10-10 15:02 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sud.dll
2019-10-10 00:22 - 2019-10-10 00:22 - 008010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2019-10-10 00:22 - 2019-10-10 00:22 - 002132280 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
2019-10-10 00:22 - 2019-10-10 00:22 - 001788728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
2019-10-10 00:22 - 2019-10-10 00:22 - 001214976 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2019-10-10 00:22 - 2019-10-10 00:22 - 000893952 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2019-10-10 00:22 - 2019-10-10 00:22 - 000882688 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2019-10-10 00:22 - 2019-10-10 00:22 - 000483328 _____ (Microsoft Corporation) C:\WINDOWS\system32\SessEnv.dll
2019-10-10 00:22 - 2019-10-10 00:22 - 000327168 _____ (Microsoft Corporation) C:\WINDOWS\system32\VAN.dll
2019-10-10 00:22 - 2019-10-10 00:22 - 000158208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2019-10-10 00:22 - 2019-10-10 00:22 - 000100664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbkmcl.sys
2019-10-10 00:22 - 2019-10-10 00:22 - 000090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
2019-10-10 00:22 - 2019-10-10 00:22 - 000082432 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdvvmtransport.dll
2019-10-10 00:21 - 2019-10-10 00:21 - 025900544 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-10-10 00:21 - 2019-10-10 00:21 - 022628352 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-10-10 00:21 - 2019-10-10 00:21 - 007754240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-10-10 00:21 - 2019-10-10 00:21 - 007195648 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2019-10-10 00:21 - 2019-10-10 00:21 - 005764872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2019-10-10 00:21 - 2019-10-10 00:21 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2019-10-10 00:21 - 2019-10-10 00:21 - 001847808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsservices.dll
2019-10-10 00:21 - 2019-10-10 00:21 - 001563648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2019-10-10 00:21 - 2019-10-10 00:21 - 001394488 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-10-10 00:21 - 2019-10-10 00:21 - 001319936 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2019-10-10 00:21 - 2019-10-10 00:21 - 001283072 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2019-10-10 00:21 - 2019-10-10 00:21 - 001263616 _____ (Microsoft Corporation) C:\WINDOWS\system32\opengl32.dll
2019-10-10 00:21 - 2019-10-10 00:21 - 001217904 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2019-10-10 00:21 - 2019-10-10 00:21 - 001080320 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2019-10-10 00:21 - 2019-10-10 00:21 - 001072952 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-10-10 00:21 - 2019-10-10 00:21 - 000923136 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2019-10-10 00:21 - 2019-10-10 00:21 - 000875008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2019-10-10 00:21 - 2019-10-10 00:21 - 000842752 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2019-10-10 00:21 - 2019-10-10 00:21 - 000829536 _____ (Microsoft Corporation) C:\WINDOWS\system32\BioIso.exe
2019-10-10 00:21 - 2019-10-10 00:21 - 000783480 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2019-10-10 00:21 - 2019-10-10 00:21 - 000774672 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2019-10-10 00:21 - 2019-10-10 00:21 - 000691712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2019-10-10 00:21 - 2019-10-10 00:21 - 000669496 _____ (Microsoft Corporation) C:\WINDOWS\system32\computecore.dll
2019-10-10 00:21 - 2019-10-10 00:21 - 000623104 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2019-10-10 00:21 - 2019-10-10 00:21 - 000599552 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmsRouterSvc.dll
2019-10-10 00:21 - 2019-10-10 00:21 - 000568336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comctl32.dll
2019-10-10 00:21 - 2019-10-10 00:21 - 000546816 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxdiagn.dll
2019-10-10 00:21 - 2019-10-10 00:21 - 000541696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResourceMapper.dll
2019-10-10 00:21 - 2019-10-10 00:21 - 000531968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2019-10-10 00:21 - 2019-10-10 00:21 - 000500736 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2019-10-10 00:21 - 2019-10-10 00:21 - 000496640 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2019-10-10 00:21 - 2019-10-10 00:21 - 000487576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase_enclave.dll
2019-10-10 00:21 - 2019-10-10 00:21 - 000487424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.FileExplorer.dll
2019-10-10 00:21 - 2019-10-10 00:21 - 000422008 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave_secure.dll
2019-10-10 00:21 - 2019-10-10 00:21 - 000369664 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxdiag.exe
2019-10-10 00:21 - 2019-10-10 00:21 - 000300184 _____ (Microsoft Corporation) C:\WINDOWS\system32\skci.dll
2019-10-10 00:21 - 2019-10-10 00:21 - 000227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\IndexedDbLegacy.dll
2019-10-10 00:21 - 2019-10-10 00:21 - 000224768 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
2019-10-10 00:21 - 2019-10-10 00:21 - 000210744 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcbloader.dll
2019-10-10 00:21 - 2019-10-10 00:21 - 000174080 _____ (Microsoft Corporation) C:\WINDOWS\system32\sud.dll
2019-10-10 00:21 - 2019-10-10 00:21 - 000163328 _____ (Microsoft Corporation) C:\WINDOWS\system32\glu32.dll
2019-10-10 00:21 - 2019-10-10 00:21 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2019-10-10 00:21 - 2019-10-10 00:21 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
2019-10-10 00:21 - 2019-10-10 00:21 - 000139264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\prntvpt.dll
2019-10-10 00:21 - 2019-10-10 00:21 - 000122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
2019-10-10 00:21 - 2019-10-10 00:21 - 000110080 _____ C:\WINDOWS\system32\ResBParser.dll
2019-10-10 00:21 - 2019-10-10 00:21 - 000105832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpenWith.exe
2019-10-10 00:21 - 2019-10-10 00:21 - 000093712 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2019-10-10 00:21 - 2019-10-10 00:21 - 000084496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2019-10-10 00:21 - 2019-10-10 00:21 - 000065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2019-10-10 00:21 - 2019-10-10 00:21 - 000021544 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdhvcom.dll
2019-10-10 00:21 - 2019-10-10 00:21 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth9.bin
2019-10-10 00:21 - 2019-10-10 00:21 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2019-10-10 00:21 - 2019-10-10 00:21 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2019-10-10 00:21 - 2019-10-10 00:21 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2019-10-10 00:21 - 2019-10-10 00:21 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2019-10-10 00:21 - 2019-10-10 00:21 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2019-10-10 00:21 - 2019-10-10 00:21 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2019-10-10 00:21 - 2019-10-10 00:21 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2019-10-10 00:21 - 2019-10-10 00:21 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth12.bin
2019-10-10 00:21 - 2019-10-10 00:21 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth11.bin
2019-10-10 00:21 - 2019-10-10 00:21 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth10.bin
2019-10-10 00:21 - 2019-10-10 00:21 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2019-10-10 00:20 - 2019-10-10 00:20 - 014816256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2019-10-10 00:20 - 2019-10-10 00:20 - 006517640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-10-10 00:20 - 2019-10-10 00:20 - 006084048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2019-10-10 00:20 - 2019-10-10 00:20 - 005105152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2019-10-10 00:20 - 2019-10-10 00:20 - 004538880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2019-10-10 00:20 - 2019-10-10 00:20 - 003964056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2019-10-10 00:20 - 2019-10-10 00:20 - 003742032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneCoreUAPCommonProxyStub.dll
2019-10-10 00:20 - 2019-10-10 00:20 - 002821120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll
2019-10-10 00:20 - 2019-10-10 00:20 - 002799616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2019-10-10 00:20 - 2019-10-10 00:20 - 002258856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2019-10-10 00:20 - 2019-10-10 00:20 - 002095104 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2019-10-10 00:20 - 2019-10-10 00:20 - 001957008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2019-10-10 00:20 - 2019-10-10 00:20 - 001952360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2019-10-10 00:20 - 2019-10-10 00:20 - 001913296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2019-10-10 00:20 - 2019-10-10 00:20 - 001730560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll
2019-10-10 00:20 - 2019-10-10 00:20 - 001692160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2019-10-10 00:20 - 2019-10-10 00:20 - 001664928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2019-10-10 00:20 - 2019-10-10 00:20 - 001664376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2019-10-10 00:20 - 2019-10-10 00:20 - 001616784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
2019-10-10 00:20 - 2019-10-10 00:20 - 001562424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpserverbase.dll
2019-10-10 00:20 - 2019-10-10 00:20 - 001473488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll
2019-10-10 00:20 - 2019-10-10 00:20 - 001334064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ttdrecordcpu.dll
2019-10-10 00:20 - 2019-10-10 00:20 - 001178816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2019-10-10 00:20 - 2019-10-10 00:20 - 001154656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2019-10-10 00:20 - 2019-10-10 00:20 - 001054872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2019-10-10 00:20 - 2019-10-10 00:20 - 001047968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2019-10-10 00:20 - 2019-10-10 00:20 - 000904208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2019-10-10 00:20 - 2019-10-10 00:20 - 000836608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCoreProvisioning.dll
2019-10-10 00:20 - 2019-10-10 00:20 - 000814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2019-10-10 00:20 - 2019-10-10 00:20 - 000792296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputHost.dll
2019-10-10 00:20 - 2019-10-10 00:20 - 000784384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2019-10-10 00:20 - 2019-10-10 00:20 - 000775768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2019-10-10 00:20 - 2019-10-10 00:20 - 000772656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2019-10-10 00:20 - 2019-10-10 00:20 - 000701952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.FileExplorer.dll

Antonio_Herrera_Carr · 3 Noviembre, 2019 19:44

REPORTE 3 FRST

2019-10-10 00:20 - 2019-10-10 00:20 - 000679880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2019-10-10 00:20 - 2019-10-10 00:20 - 000673080 _____ (Microsoft Corporation) C:\WINDOWS\system32\comctl32.dll
2019-10-10 00:20 - 2019-10-10 00:20 - 000652800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2019-10-10 00:20 - 2019-10-10 00:20 - 000647168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2019-10-10 00:20 - 2019-10-10 00:20 - 000629248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.Search.dll
2019-10-10 00:20 - 2019-10-10 00:20 - 000599040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2019-10-10 00:20 - 2019-10-10 00:20 - 000598024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wimgapi.dll
2019-10-10 00:20 - 2019-10-10 00:20 - 000539648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9on12.dll
2019-10-10 00:20 - 2019-10-10 00:20 - 000510464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmenrollengine.dll
2019-10-10 00:20 - 2019-10-10 00:20 - 000507152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskschd.dll
2019-10-10 00:20 - 2019-10-10 00:20 - 000501232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp_win.dll
2019-10-10 00:20 - 2019-10-10 00:20 - 000476672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uxtheme.dll
2019-10-10 00:20 - 2019-10-10 00:20 - 000469504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webio.dll
2019-10-10 00:20 - 2019-10-10 00:20 - 000463272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2019-10-10 00:20 - 2019-10-10 00:20 - 000462848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2019-10-10 00:20 - 2019-10-10 00:20 - 000452408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2019-10-10 00:20 - 2019-10-10 00:20 - 000450360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11on12.dll
2019-10-10 00:20 - 2019-10-10 00:20 - 000404392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2019-10-10 00:20 - 2019-10-10 00:20 - 000383984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MMDevAPI.dll
2019-10-10 00:20 - 2019-10-10 00:20 - 000380216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2019-10-10 00:20 - 2019-10-10 00:20 - 000379840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ws2_32.dll
2019-10-10 00:20 - 2019-10-10 00:20 - 000375720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2019-10-10 00:20 - 2019-10-10 00:20 - 000346624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\secproc.dll
2019-10-10 00:20 - 2019-10-10 00:20 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2019-10-10 00:20 - 2019-10-10 00:20 - 000285256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2019-10-10 00:20 - 2019-10-10 00:20 - 000283688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ttdwriter.dll
2019-10-10 00:20 - 2019-10-10 00:20 - 000279040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2019-10-10 00:20 - 2019-10-10 00:20 - 000239104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2019-10-10 00:20 - 2019-10-10 00:20 - 000236520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cfgmgr32.dll
2019-10-10 00:20 - 2019-10-10 00:20 - 000199480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2019-10-10 00:20 - 2019-10-10 00:20 - 000195584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\container.dll
2019-10-10 00:20 - 2019-10-10 00:20 - 000193592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\weretw.dll
2019-10-10 00:20 - 2019-10-10 00:20 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallServiceTasks.dll
2019-10-10 00:20 - 2019-10-10 00:20 - 000157184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ComposableShellProxyStub.dll
2019-10-10 00:20 - 2019-10-10 00:20 - 000150328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe
2019-10-10 00:20 - 2019-10-10 00:20 - 000143872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SpatialAudioLicenseSrv.exe
2019-10-10 00:20 - 2019-10-10 00:20 - 000143808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imm32.dll
2019-10-10 00:20 - 2019-10-10 00:20 - 000137864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\devobj.dll
2019-10-10 00:20 - 2019-10-10 00:20 - 000125232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KerbClientShared.dll
2019-10-10 00:20 - 2019-10-10 00:20 - 000116904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\userenv.dll
2019-10-10 00:20 - 2019-10-10 00:20 - 000092160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EaseOfAccessDialog.exe
2019-10-10 00:20 - 2019-10-10 00:20 - 000089544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2019-10-10 00:20 - 2019-10-10 00:20 - 000080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mcbuilder.exe
2019-10-10 00:20 - 2019-10-10 00:20 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sethc.exe
2019-10-10 00:20 - 2019-10-10 00:20 - 000073024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll
2019-10-10 00:20 - 2019-10-10 00:20 - 000056832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\devrtl.dll
2019-10-10 00:20 - 2019-10-10 00:20 - 000051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnrollCtrl.exe
2019-10-10 00:20 - 2019-10-10 00:20 - 000047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AssignedAccessRuntime.dll
2019-10-10 00:20 - 2019-10-10 00:20 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2019-10-10 00:20 - 2019-10-10 00:20 - 000038912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werdiagcontroller.dll
2019-10-10 00:20 - 2019-10-10 00:20 - 000036352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\enrollmentapi.dll
2019-10-10 00:20 - 2019-10-10 00:20 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2019-10-10 00:20 - 2019-10-10 00:20 - 000033048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NtlmShared.dll
2019-10-10 00:20 - 2019-10-10 00:20 - 000032256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2019-10-10 00:20 - 2019-10-10 00:20 - 000013824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDJPN.DLL
2019-10-10 00:20 - 2019-10-10 00:20 - 000012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d8thk.dll
2019-10-10 00:20 - 2019-10-10 00:20 - 000011576 _____ (Microsoft Corporation) C:\WINDOWS\system32\uxlibres.dll
2019-10-10 00:20 - 2019-10-10 00:20 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kbd106.dll
2019-10-10 00:20 - 2019-10-10 00:20 - 000003584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCertResources.dll
2019-10-10 00:20 - 2019-10-10 00:20 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6r.dll
2019-10-10 00:19 - 2019-10-10 00:19 - 005865272 _____ (Microsoft Corporation) C:\WINDOWS\system32\spwizimg.dll
2019-10-10 00:19 - 2019-10-10 00:19 - 005041664 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2019-10-10 00:19 - 2019-10-10 00:19 - 002861568 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsservices.dll
2019-10-10 00:19 - 2019-10-10 00:19 - 002772032 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2019-10-10 00:19 - 2019-10-10 00:19 - 002703360 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2019-10-10 00:19 - 2019-10-10 00:19 - 002160640 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2019-10-10 00:19 - 2019-10-10 00:19 - 001857024 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2019-10-10 00:19 - 2019-10-10 00:19 - 001845408 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2019-10-10 00:19 - 2019-10-10 00:19 - 001835008 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2019-10-10 00:19 - 2019-10-10 00:19 - 001687040 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsPrint.dll
2019-10-10 00:19 - 2019-10-10 00:19 - 001412096 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2019-10-10 00:19 - 2019-10-10 00:19 - 000950784 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2019-10-10 00:19 - 2019-10-10 00:19 - 000923136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2019-10-10 00:19 - 2019-10-10 00:19 - 000856576 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2019-10-10 00:19 - 2019-10-10 00:19 - 000818688 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2019-10-10 00:19 - 2019-10-10 00:19 - 000612864 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2019-10-10 00:19 - 2019-10-10 00:19 - 000595456 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2019-10-10 00:19 - 2019-10-10 00:19 - 000551424 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2019-10-10 00:19 - 2019-10-10 00:19 - 000541480 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2019-10-10 00:19 - 2019-10-10 00:19 - 000518656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2019-10-10 00:19 - 2019-10-10 00:19 - 000507704 _____ (Microsoft Corporation) C:\WINDOWS\system32\spwizeng.dll
2019-10-10 00:19 - 2019-10-10 00:19 - 000382976 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll
2019-10-10 00:19 - 2019-10-10 00:19 - 000315904 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenterprisediagnostics.dll
2019-10-10 00:19 - 2019-10-10 00:19 - 000278080 _____ (Microsoft Corporation) C:\WINDOWS\system32\LsaIso.exe
2019-10-10 00:19 - 2019-10-10 00:19 - 000244736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndproxy.sys
2019-10-10 00:19 - 2019-10-10 00:19 - 000243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Gpu.dll
2019-10-10 00:19 - 2019-10-10 00:19 - 000178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\prntvpt.dll
2019-10-10 00:19 - 2019-10-10 00:19 - 000176440 _____ (Microsoft Corporation) C:\WINDOWS\system32\uxlib.dll
2019-10-10 00:19 - 2019-10-10 00:19 - 000173568 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvinst.exe
2019-10-10 00:19 - 2019-10-10 00:19 - 000140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2019-10-10 00:19 - 2019-10-10 00:19 - 000132608 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_ForceSync.dll
2019-10-10 00:19 - 2019-10-10 00:19 - 000094208 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcbuilder.exe
2019-10-10 00:19 - 2019-10-10 00:19 - 000093184 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlaapi.dll
2019-10-10 00:19 - 2019-10-10 00:19 - 000092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wanarp.sys
2019-10-10 00:19 - 2019-10-10 00:19 - 000066832 _____ (Microsoft Corporation) C:\WINDOWS\system32\iumcrypt.dll
2019-10-10 00:19 - 2019-10-10 00:19 - 000056832 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnppolicy.dll
2019-10-10 00:19 - 2019-10-10 00:19 - 000052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2019-10-10 00:19 - 2019-10-10 00:19 - 000049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2019-10-10 00:19 - 2019-10-10 00:19 - 000028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndistapi.sys
2019-10-10 00:19 - 2019-10-10 00:19 - 000016696 _____ (Microsoft Corporation) C:\WINDOWS\system32\spwizres.dll
2019-10-10 00:19 - 2019-10-10 00:19 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d8thk.dll
2019-10-10 00:18 - 2019-10-10 00:18 - 009928504 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-10-10 00:18 - 2019-10-10 00:18 - 007600664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-10-10 00:18 - 2019-10-10 00:18 - 006425600 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2019-10-10 00:18 - 2019-10-10 00:18 - 004562688 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2019-10-10 00:18 - 2019-10-10 00:18 - 003771392 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2019-10-10 00:18 - 2019-10-10 00:18 - 002762504 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2019-10-10 00:18 - 2019-10-10 00:18 - 002081976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2019-10-10 00:18 - 2019-10-10 00:18 - 002000168 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2019-10-10 00:18 - 2019-10-10 00:18 - 001819136 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreShell.dll
2019-10-10 00:18 - 2019-10-10 00:18 - 001743672 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2019-10-10 00:18 - 2019-10-10 00:18 - 001657856 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2019-10-10 00:18 - 2019-10-10 00:18 - 001482040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2019-10-10 00:18 - 2019-10-10 00:18 - 001261800 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2019-10-10 00:18 - 2019-10-10 00:18 - 001023128 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2019-10-10 00:18 - 2019-10-10 00:18 - 000984376 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2019-10-10 00:18 - 2019-10-10 00:18 - 000890472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2019-10-10 00:18 - 2019-10-10 00:18 - 000880088 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2019-10-10 00:18 - 2019-10-10 00:18 - 000858112 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2019-10-10 00:18 - 2019-10-10 00:18 - 000844800 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2019-10-10 00:18 - 2019-10-10 00:18 - 000759488 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskschd.dll
2019-10-10 00:18 - 2019-10-10 00:18 - 000674072 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2019-10-10 00:18 - 2019-10-10 00:18 - 000639400 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp_win.dll
2019-10-10 00:18 - 2019-10-10 00:18 - 000617784 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2019-10-10 00:18 - 2019-10-10 00:18 - 000606208 _____ (Microsoft Corporation) C:\WINDOWS\system32\uxtheme.dll
2019-10-10 00:18 - 2019-10-10 00:18 - 000598016 _____ (Microsoft Corporation) C:\WINDOWS\system32\webio.dll
2019-10-10 00:18 - 2019-10-10 00:18 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SppExtComObj.Exe
2019-10-10 00:18 - 2019-10-10 00:18 - 000533504 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2019-10-10 00:18 - 2019-10-10 00:18 - 000530432 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2019-10-10 00:18 - 2019-10-10 00:18 - 000515896 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2019-10-10 00:18 - 2019-10-10 00:18 - 000466416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2019-10-10 00:18 - 2019-10-10 00:18 - 000462136 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2019-10-10 00:18 - 2019-10-10 00:18 - 000456504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2019-10-10 00:18 - 2019-10-10 00:18 - 000442704 _____ (Microsoft Corporation) C:\WINDOWS\system32\ws2_32.dll
2019-10-10 00:18 - 2019-10-10 00:18 - 000398728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininit.exe
2019-10-10 00:18 - 2019-10-10 00:18 - 000334936 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll
2019-10-10 00:18 - 2019-10-10 00:18 - 000327168 _____ (Microsoft Corporation) C:\WINDOWS\system32\ComposableShellProxyStub.dll
2019-10-10 00:18 - 2019-10-10 00:18 - 000293344 _____ (Microsoft Corporation) C:\WINDOWS\system32\cfgmgr32.dll
2019-10-10 00:18 - 2019-10-10 00:18 - 000268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2019-10-10 00:18 - 2019-10-10 00:18 - 000247856 _____ (Microsoft Corporation) C:\WINDOWS\system32\weretw.dll
2019-10-10 00:18 - 2019-10-10 00:18 - 000224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
2019-10-10 00:18 - 2019-10-10 00:18 - 000220472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2019-10-10 00:18 - 2019-10-10 00:18 - 000206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll
2019-10-10 00:18 - 2019-10-10 00:18 - 000179512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2019-10-10 00:18 - 2019-10-10 00:18 - 000176152 _____ (Microsoft Corporation) C:\WINDOWS\system32\imm32.dll
2019-10-10 00:18 - 2019-10-10 00:18 - 000165832 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
2019-10-10 00:18 - 2019-10-10 00:18 - 000159112 _____ (Microsoft Corporation) C:\WINDOWS\system32\devobj.dll
2019-10-10 00:18 - 2019-10-10 00:18 - 000140496 _____ (Microsoft Corporation) C:\WINDOWS\system32\userenv.dll
2019-10-10 00:18 - 2019-10-10 00:18 - 000132408 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinelsa.dll
2019-10-10 00:18 - 2019-10-10 00:18 - 000107008 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreShellExtFramework.dll
2019-10-10 00:18 - 2019-10-10 00:18 - 000092624 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskhostw.exe
2019-10-10 00:18 - 2019-10-10 00:18 - 000092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe
2019-10-10 00:18 - 2019-10-10 00:18 - 000059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\devrtl.dll
2019-10-10 00:18 - 2019-10-10 00:18 - 000044544 _____ (Microsoft Corporation) C:\WINDOWS\system32\werdiagcontroller.dll
2019-10-10 00:18 - 2019-10-10 00:18 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2019-10-10 00:18 - 2019-10-10 00:18 - 000039304 _____ (Microsoft Corporation) C:\WINDOWS\system32\NtlmShared.dll
2019-10-10 00:18 - 2019-10-10 00:18 - 000020944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64cpu.dll
2019-10-10 00:18 - 2019-10-10 00:18 - 000019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmsgapi.dll
2019-10-10 00:18 - 2019-10-10 00:18 - 000012288 _____ (Microsoft Corporation) C:\WINDOWS\system32\pacjsworker.exe
2019-10-10 00:17 - 2019-10-10 00:17 - 007263992 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2019-10-10 00:17 - 2019-10-10 00:17 - 006164480 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2019-10-10 00:17 - 2019-10-10 00:17 - 004046336 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2019-10-10 00:17 - 2019-10-10 00:17 - 003727360 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2019-10-10 00:17 - 2019-10-10 00:17 - 003553280 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2019-10-10 00:17 - 2019-10-10 00:17 - 003386880 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2019-10-10 00:17 - 2019-10-10 00:17 - 002590208 _____ C:\WINDOWS\system32\dwmscene.dll
2019-10-10 00:17 - 2019-10-10 00:17 - 001940952 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2019-10-10 00:17 - 2019-10-10 00:17 - 001830200 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpserverbase.dll
2019-10-10 00:17 - 2019-10-10 00:17 - 001757096 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-10-10 00:17 - 2019-10-10 00:17 - 001721144 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2019-10-10 00:17 - 2019-10-10 00:17 - 001656392 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2019-10-10 00:17 - 2019-10-10 00:17 - 001607680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2019-10-10 00:17 - 2019-10-10 00:17 - 001512320 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-10-10 00:17 - 2019-10-10 00:17 - 001439744 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocoreworker.exe
2019-10-10 00:17 - 2019-10-10 00:17 - 001372160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2019-10-10 00:17 - 2019-10-10 00:17 - 001366128 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2019-10-10 00:17 - 2019-10-10 00:17 - 001182240 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2019-10-10 00:17 - 2019-10-10 00:17 - 001066496 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2019-10-10 00:17 - 2019-10-10 00:17 - 000975872 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2019-10-10 00:17 - 2019-10-10 00:17 - 000758584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll
2019-10-10 00:17 - 2019-10-10 00:17 - 000717312 _____ (Microsoft Corporation) C:\WINDOWS\system32\mousocoreworker.exe
2019-10-10 00:17 - 2019-10-10 00:17 - 000596992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2019-10-10 00:17 - 2019-10-10 00:17 - 000587776 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_PCDisplay.dll
2019-10-10 00:17 - 2019-10-10 00:17 - 000563200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnprv.dll
2019-10-10 00:17 - 2019-10-10 00:17 - 000558592 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Notifications.dll
2019-10-10 00:17 - 2019-10-10 00:17 - 000550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2019-10-10 00:17 - 2019-10-10 00:17 - 000520192 _____ (Microsoft Corporation) C:\WINDOWS\system32\usosvc.dll
2019-10-10 00:17 - 2019-10-10 00:17 - 000516408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe
2019-10-10 00:17 - 2019-10-10 00:17 - 000513536 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2019-10-10 00:17 - 2019-10-10 00:17 - 000457216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cldflt.sys
2019-10-10 00:17 - 2019-10-10 00:17 - 000448000 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll
2019-10-10 00:17 - 2019-10-10 00:17 - 000412152 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2019-10-10 00:17 - 2019-10-10 00:17 - 000392704 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationControllerPS.dll
2019-10-10 00:17 - 2019-10-10 00:17 - 000324408 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2019-10-10 00:17 - 2019-10-10 00:17 - 000288256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2019-10-10 00:17 - 2019-10-10 00:17 - 000284160 _____ (Microsoft Corporation) C:\WINDOWS\system32\container.dll
2019-10-10 00:17 - 2019-10-10 00:17 - 000252416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnservice.dll
2019-10-10 00:17 - 2019-10-10 00:17 - 000241152 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanagerprecheck.dll
2019-10-10 00:17 - 2019-10-10 00:17 - 000225080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wof.sys
2019-10-10 00:17 - 2019-10-10 00:17 - 000202040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys
2019-10-10 00:17 - 2019-10-10 00:17 - 000197632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Win32CompatibilityAppraiserCSP.dll
2019-10-10 00:17 - 2019-10-10 00:17 - 000137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmredir.dll
2019-10-10 00:17 - 2019-10-10 00:17 - 000130048 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudDomainJoinAUG.dll
2019-10-10 00:17 - 2019-10-10 00:17 - 000127064 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2019-10-10 00:17 - 2019-10-10 00:17 - 000121856 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatecsp.dll
2019-10-10 00:17 - 2019-10-10 00:17 - 000119840 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpenWith.exe
2019-10-10 00:17 - 2019-10-10 00:17 - 000117048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bindflt.sys
2019-10-10 00:17 - 2019-10-10 00:17 - 000116224 _____ (Microsoft Corporation) C:\WINDOWS\system32\EaseOfAccessDialog.exe
2019-10-10 00:17 - 2019-10-10 00:17 - 000098816 _____ (Microsoft Corporation) C:\WINDOWS\system32\sethc.exe
2019-10-10 00:17 - 2019-10-10 00:17 - 000071680 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwm.exe
2019-10-10 00:17 - 2019-10-10 00:17 - 000053248 _____ C:\WINDOWS\system32\Drivers\UsbPmApi.sys
2019-10-10 00:17 - 2019-10-10 00:17 - 000047616 _____ C:\WINDOWS\system32\UsbPmApi.dll
2019-10-10 00:17 - 2019-10-10 00:17 - 000037176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wimmount.sys
2019-10-10 00:17 - 2019-10-10 00:17 - 000017920 _____ (Microsoft Corporation) C:\WINDOWS\system32\bindflt.dll
2019-10-10 00:17 - 2019-10-10 00:17 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tier2punctuations.dll
2019-10-10 00:16 - 2019-10-10 00:16 - 017787392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2019-10-10 00:16 - 2019-10-10 00:16 - 007905000 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2019-10-10 00:16 - 2019-10-10 00:16 - 007848192 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2019-10-10 00:16 - 2019-10-10 00:16 - 004012544 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2019-10-10 00:16 - 2019-10-10 00:16 - 003701760 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-10-10 00:16 - 2019-10-10 00:16 - 003590968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2019-10-10 00:16 - 2019-10-10 00:16 - 003184128 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2019-10-10 00:16 - 2019-10-10 00:16 - 003105280 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2019-10-10 00:16 - 2019-10-10 00:16 - 002723328 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2019-10-10 00:16 - 2019-10-10 00:16 - 002552120 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2019-10-10 00:16 - 2019-10-10 00:16 - 002466304 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2019-10-10 00:16 - 2019-10-10 00:16 - 002456064 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll
2019-10-10 00:16 - 2019-10-10 00:16 - 002448712 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2019-10-10 00:16 - 2019-10-10 00:16 - 002284032 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-10-10 00:16 - 2019-10-10 00:16 - 002114048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
2019-10-10 00:16 - 2019-10-10 00:16 - 002069504 _____ (Microsoft Corporation) C:\WINDOWS\system32\ISM.dll
2019-10-10 00:16 - 2019-10-10 00:16 - 001748480 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-10-10 00:16 - 2019-10-10 00:16 - 001616608 _____ (Microsoft Corporation) C:\WINDOWS\system32\ttdrecordcpu.dll
2019-10-10 00:16 - 2019-10-10 00:16 - 001543168 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowManagement.dll
2019-10-10 00:16 - 2019-10-10 00:16 - 001383856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2019-10-10 00:16 - 2019-10-10 00:16 - 001150240 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputHost.dll
2019-10-10 00:16 - 2019-10-10 00:16 - 001149712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-10-10 00:16 - 2019-10-10 00:16 - 001084432 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2019-10-10 00:16 - 2019-10-10 00:16 - 001062912 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2019-10-10 00:16 - 2019-10-10 00:16 - 001029432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ClipSp.sys
2019-10-10 00:16 - 2019-10-10 00:16 - 001009152 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2019-10-10 00:16 - 2019-10-10 00:16 - 000944664 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2019-10-10 00:16 - 2019-10-10 00:16 - 000874296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2019-10-10 00:16 - 2019-10-10 00:16 - 000841216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2019-10-10 00:16 - 2019-10-10 00:16 - 000839680 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9on12.dll
2019-10-10 00:16 - 2019-10-10 00:16 - 000750080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.Search.dll
2019-10-10 00:16 - 2019-10-10 00:16 - 000749568 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2019-10-10 00:16 - 2019-10-10 00:16 - 000656960 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11on12.dll
2019-10-10 00:16 - 2019-10-10 00:16 - 000551936 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll
2019-10-10 00:16 - 2019-10-10 00:16 - 000441144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2019-10-10 00:16 - 2019-10-10 00:16 - 000363624 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2019-10-10 00:16 - 2019-10-10 00:16 - 000355840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicSvc.dll
2019-10-10 00:16 - 2019-10-10 00:16 - 000342896 _____ (Microsoft Corporation) C:\WINDOWS\system32\ttdwriter.dll
2019-10-10 00:16 - 2019-10-10 00:16 - 000338432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2019-10-10 00:16 - 2019-10-10 00:16 - 000285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\directxdatabaseupdater.exe
2019-10-10 00:16 - 2019-10-10 00:16 - 000275968 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2019-10-10 00:16 - 2019-10-10 00:16 - 000275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_CapabilityAccess.dll
2019-10-10 00:16 - 2019-10-10 00:16 - 000265216 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2019-10-10 00:16 - 2019-10-10 00:16 - 000261632 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicCapsule.dll
2019-10-10 00:16 - 2019-10-10 00:16 - 000256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateDeploymentProvider.dll
2019-10-10 00:16 - 2019-10-10 00:16 - 000235008 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwpolicyiomgr.dll
2019-10-10 00:16 - 2019-10-10 00:16 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallServiceTasks.dll
2019-10-10 00:16 - 2019-10-10 00:16 - 000221696 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgiadaptercache.exe
2019-10-10 00:16 - 2019-10-10 00:16 - 000208384 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2019-10-10 00:16 - 2019-10-10 00:16 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2019-10-10 00:16 - 2019-10-10 00:16 - 000162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwbase.dll
2019-10-10 00:16 - 2019-10-10 00:16 - 000155648 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_AppExecutionAlias.dll
2019-10-10 00:16 - 2019-10-10 00:16 - 000152408 _____ (Microsoft Corporation) C:\WINDOWS\system32\KerbClientShared.dll
2019-10-10 00:16 - 2019-10-10 00:16 - 000151552 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_BackgroundApps.dll
2019-10-10 00:16 - 2019-10-10 00:16 - 000105272 _____ (Microsoft Corporation) C:\WINDOWS\system32\icfupgd.dll
2019-10-10 00:16 - 2019-10-10 00:16 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicAgent.exe
2019-10-10 00:16 - 2019-10-10 00:16 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\CustomInstallExec.exe
2019-10-10 00:16 - 2019-10-10 00:16 - 000070144 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2019-10-10 00:16 - 2019-10-10 00:16 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnrollCtrl.exe
2019-10-10 00:16 - 2019-10-10 00:16 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AssignedAccessRuntime.dll
2019-10-10 00:16 - 2019-10-10 00:16 - 000057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2019-10-10 00:16 - 2019-10-10 00:16 - 000047000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2019-10-10 00:16 - 2019-10-10 00:16 - 000028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicPS.dll
2019-10-10 00:16 - 2019-10-10 00:16 - 000024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfapigp.dll
2019-10-10 00:16 - 2019-10-10 00:16 - 000024064 _____ (Microsoft Corporation) C:\WINDOWS\system32\CSystemEventsBrokerClient.dll
2019-10-10 00:16 - 2019-10-10 00:16 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6r.dll
2019-10-10 00:15 - 2019-10-10 00:15 - 006227624 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2019-10-10 00:15 - 2019-10-10 00:15 - 004612520 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2019-10-10 00:15 - 2019-10-10 00:15 - 002120704 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcDesktopMonSvc.dll
2019-10-10 00:15 - 2019-10-10 00:15 - 002120272 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2019-10-10 00:15 - 2019-10-10 00:15 - 001942528 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2019-10-10 00:15 - 2019-10-10 00:15 - 001413704 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2019-10-10 00:15 - 2019-10-10 00:15 - 001091584 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCoreProvisioning.dll
2019-10-10 00:15 - 2019-10-10 00:15 - 001036800 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2019-10-10 00:15 - 2019-10-10 00:15 - 000931840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2019-10-10 00:15 - 2019-10-10 00:15 - 000833312 _____ (Microsoft Corporation) C:\WINDOWS\system32\pkeyhelper.dll
2019-10-10 00:15 - 2019-10-10 00:15 - 000765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2019-10-10 00:15 - 2019-10-10 00:15 - 000735232 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2019-10-10 00:15 - 2019-10-10 00:15 - 000732176 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_StorageSense.dll
2019-10-10 00:15 - 2019-10-10 00:15 - 000702464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2019-10-10 00:15 - 2019-10-10 00:15 - 000589384 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2019-10-10 00:15 - 2019-10-10 00:15 - 000551952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Vid.sys
2019-10-10 00:15 - 2019-10-10 00:15 - 000449888 _____ (Microsoft Corporation) C:\WINDOWS\system32\MMDevAPI.dll
2019-10-10 00:15 - 2019-10-10 00:15 - 000436536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2019-10-10 00:15 - 2019-10-10 00:15 - 000415808 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2019-10-10 00:15 - 2019-10-10 00:15 - 000359424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\MbbCx.sys
2019-10-10 00:15 - 2019-10-10 00:15 - 000355000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys
2019-10-10 00:15 - 2019-10-10 00:15 - 000282112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.AppDefaults.dll
2019-10-10 00:15 - 2019-10-10 00:15 - 000268288 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3svc.dll
2019-10-10 00:15 - 2019-10-10 00:15 - 000250880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winnat.sys
2019-10-10 00:15 - 2019-10-10 00:15 - 000248832 _____ (Microsoft Corporation) C:\WINDOWS\system32\ManageCI.dll
2019-10-10 00:15 - 2019-10-10 00:15 - 000236544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2019-10-10 00:15 - 2019-10-10 00:15 - 000236032 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
2019-10-10 00:15 - 2019-10-10 00:15 - 000223032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelppm.sys
2019-10-10 00:15 - 2019-10-10 00:15 - 000208184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\processr.sys
2019-10-10 00:15 - 2019-10-10 00:15 - 000201016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\amdppm.sys
2019-10-10 00:15 - 2019-10-10 00:15 - 000199480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\amdk8.sys
2019-10-10 00:15 - 2019-10-10 00:15 - 000169472 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpatialAudioLicenseSrv.exe
2019-10-10 00:15 - 2019-10-10 00:15 - 000158720 _____ (Microsoft Corporation) C:\WINDOWS\system32\umpo.dll
2019-10-10 00:15 - 2019-10-10 00:15 - 000151568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbus.sys
2019-10-10 00:15 - 2019-10-10 00:15 - 000132096 _____ (Microsoft Corporation) C:\WINDOWS\splwow64.exe
2019-10-10 00:15 - 2019-10-10 00:15 - 000123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplicationControlCSP.dll
2019-10-10 00:15 - 2019-10-10 00:15 - 000108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2019-10-10 00:15 - 2019-10-10 00:15 - 000103936 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3msm.dll
2019-10-10 00:15 - 2019-10-10 00:15 - 000092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3api.dll
2019-10-10 00:15 - 2019-10-10 00:15 - 000088352 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll
2019-10-10 00:15 - 2019-10-10 00:15 - 000079376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\uaspstor.sys
2019-10-10 00:15 - 2019-10-10 00:15 - 000075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringclient.dll
2019-10-10 00:15 - 2019-10-10 00:15 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidspi.sys
2019-10-10 00:15 - 2019-10-10 00:15 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\audioresourceregistrar.dll
2019-10-10 00:15 - 2019-10-10 00:15 - 000052752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmstorfl.sys
2019-10-10 00:15 - 2019-10-10 00:15 - 000052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringconfigsp.dll
2019-10-10 00:15 - 2019-10-10 00:15 - 000045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\cellulardatacapabilityhandler.dll
2019-10-10 00:15 - 2019-10-10 00:15 - 000043536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storvsc.sys
2019-10-10 00:15 - 2019-10-10 00:15 - 000043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiredNetworkCSP.dll
2019-10-10 00:15 - 2019-10-10 00:15 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\IcsEntitlementHost.exe
2019-10-10 00:15 - 2019-10-10 00:15 - 000028936 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmbuspipe.dll
2019-10-10 00:15 - 2019-10-10 00:15 - 000027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Win32_DeviceGuard.dll
2019-10-10 00:15 - 2019-10-10 00:15 - 000003584 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCertResources.dll
2019-10-09 23:01 - 2019-09-20 05:36 - 000492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2019-10-09 23:01 - 2019-09-20 05:14 - 000390656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-11-03 17:34 - 2019-09-11 03:15 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-11-03 17:34 - 2019-03-19 05:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-11-03 15:57 - 2018-10-29 09:49 - 000000000 ____D C:\Users\yuyub\AppData\Local\PlaceholderTileLogoFolder
2019-11-03 15:50 - 2019-03-19 05:50 - 000000000 ____D C:\WINDOWS\INF
2019-11-03 15:08 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2019-11-03 15:08 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\GroupPolicy
2019-11-03 13:47 - 2018-01-16 12:45 - 000000000 ____D C:\ProgramData\Malwarebytes
2019-11-03 13:03 - 2019-09-11 04:13 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-11-03 13:02 - 2019-03-19 05:37 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2019-11-03 13:02 - 2018-01-16 01:07 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2019-11-03 12:58 - 2019-03-19 05:52 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2019-11-03 12:48 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\NDF
2019-11-03 11:38 - 2018-01-17 13:54 - 000000000 ____D C:\Users\yuyub\OneDrive\Documentos\Archivos de Outlook
2019-11-03 09:41 - 2018-11-16 12:40 - 000000000 ____D C:\Users\yuyub\AppData\Local\CrashDumps
2019-11-03 09:28 - 2019-09-02 13:38 - 000000000 ____D C:\AdwCleaner
2019-11-03 06:38 - 2019-03-19 05:52 - 000000000 ___HD C:\Program Files\WindowsApps
2019-11-03 06:38 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-11-03 06:37 - 2018-10-31 20:31 - 000000000 ____D C:\ProgramData\Packages
2019-11-03 01:56 - 2018-12-31 13:08 - 000000000 ____D C:\Users\yuyub\AppData\Local\Google
2019-11-02 23:38 - 2018-01-20 16:21 - 000000000 ____D C:\Users\yuyub\AppData\Local\ElevatedDiagnostics
2019-11-02 03:09 - 2019-09-11 04:13 - 000003610 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2019-11-02 03:09 - 2019-09-11 04:13 - 000003386 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2019-11-02 03:09 - 2019-09-11 04:13 - 000002276 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC
2019-11-02 02:44 - 2018-01-15 23:00 - 000000000 ___RD C:\Users\yuyub\Desktop\APLICACIONES
2019-11-02 00:06 - 2018-05-29 19:22 - 000000000 ____D C:\Users\yuyub\AppData\Roaming\DAEMON Tools Pro
2019-11-01 23:52 - 2019-09-11 04:13 - 000003370 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2419783374-26214240-1524307561-1001
2019-11-01 23:52 - 2019-09-11 03:33 - 000002408 _____ C:\Users\yuyub\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-11-01 23:52 - 2018-01-15 22:35 - 000000000 ___RD C:\Users\yuyub\OneDrive
2019-11-01 23:48 - 2019-09-11 03:49 - 001773362 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-11-01 23:48 - 2019-03-19 12:59 - 000789634 _____ C:\WINDOWS\system32\perfh00A.dat
2019-11-01 23:48 - 2019-03-19 12:59 - 000155888 _____ C:\WINDOWS\system32\perfc00A.dat
2019-11-01 23:35 - 2019-09-11 03:33 - 000000000 ____D C:\Users\yuyub
2019-10-31 23:56 - 2018-11-16 12:18 - 000000000 ____D C:\Users\yuyub\AppData\Roaming\BitComet
2019-10-31 23:49 - 2018-11-16 12:18 - 000000000 ____D C:\ProgramData\AVAST Software
2019-10-31 23:45 - 2019-09-06 16:26 - 000000000 ___DC C:\WINDOWS\Panther
2019-10-31 23:26 - 2018-11-16 12:36 - 000000000 ____D C:\Users\yuyub\AppData\Local\AVAST Software
2019-10-31 15:24 - 2018-01-30 20:03 - 000000000 ____D C:\Users\yuyub\AppData\Local\JDownloader v2.0
2019-10-31 00:09 - 2019-03-23 16:12 - 000002310 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-10-30 23:50 - 2018-01-16 01:08 - 000000000 ____D C:\ProgramData\Package Cache
2019-10-19 22:28 - 2018-01-15 22:55 - 000000000 ____D C:\Program Files\CCleaner
2019-10-13 13:26 - 2019-09-11 04:13 - 000004196 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1542189984
2019-10-13 13:26 - 2019-04-21 15:41 - 000001404 _____ C:\Users\yuyub\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Navegador Opera.lnk
2019-10-13 13:13 - 2018-01-19 12:38 - 000000000 ____D C:\Games
2019-10-11 00:39 - 2018-01-15 22:29 - 000000000 __RHD C:\Users\Public\AccountPictures
2019-10-11 00:39 - 2018-01-15 22:29 - 000000000 ___RD C:\Users\yuyub\3D Objects
2019-10-11 00:28 - 2019-09-11 03:15 - 000533736 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-10-11 00:23 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2019-10-11 00:23 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2019-10-11 00:23 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SystemResources
2019-10-11 00:23 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2019-10-11 00:23 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2019-10-11 00:23 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\oobe
2019-10-11 00:23 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\migwiz
2019-10-11 00:23 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\Dism
2019-10-11 00:22 - 2019-03-19 05:52 - 000000000 ___RD C:\WINDOWS\PrintDialog
2019-10-11 00:22 - 2019-03-19 05:52 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2019-10-11 00:22 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2019-10-11 00:22 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-10-10 16:08 - 2018-01-15 23:07 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2019-10-10 16:05 - 2017-09-29 14:46 - 000000167 _____ C:\WINDOWS\win.ini
2019-10-10 16:02 - 2019-03-19 05:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-10-10 15:53 - 2018-01-19 17:18 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-10-10 15:33 - 2018-01-30 20:40 - 127230528 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-10-06 21:09 - 2018-12-31 13:08 - 000000000 ____D C:\Program Files (x86)\Google

==================== Files in the root of some directories ========

2019-11-01 01:04 - 2019-11-01 01:04 - 000137168 _____ (Mozilla Foundation) C:\ProgramData\mozglue.dll
2019-11-01 01:04 - 2019-11-01 01:04 - 001246160 _____ (Mozilla Foundation) C:\ProgramData\nss3.dll
2019-04-05 01:17 - 2019-04-05 01:17 - 000000000 _____ () C:\Users\yuyub\AppData\Roaming\.NANotifyHere
2018-07-04 09:24 - 2018-07-25 09:26 - 000008192 _____ () C:\Users\yuyub\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Antonio_Herrera_Carr · 3 Noviembre, 2019 19:46

REPORTE ADITION 1

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-2419783374-26214240-1524307561-1001\...\uTorrent) (Version: 3.5.5.45395 - BitTorrent Inc.)
1.1.3 (HKLM-x32\...\{A4046FE1-986B-4463-B4DD-CFA473A7056B}_is1) (Version:  - PDFZilla)
Adobe Reader 8.1.1 (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-A81100000003}) (Version: 8.1.1 - Adobe Systems Incorporated)
AMD Radeon Settings (HKLM\...\WUCCCApp) (Version: 2017.0321.2159.37738 - Advanced Micro Devices, Inc.)
Argente Utilities 1.0.6.5 (HKLM-x32\...\Argente Utilities_is1) (Version: 1.0.6.5 - Raúl Argente)
Avira (HKLM-x32\...\{d1005689-1fdc-458f-956d-498db20c18df}) (Version: 1.2.138.20753 - Avira Operations GmbH & Co. KG)
Avira (HKLM-x32\...\{DA7052FA-B589-48D9-BF78-0A5AC11CB59A}) (Version: 1.2.138.20753 - Avira Operations GmbH & Co. KG) Hidden
Avira Safe Shopping (HKLM-x32\...\{7EB58250-F316-40E3-B07E-6CB6ED714120}) (Version: 1.1.43.3959 - Avira Operations GmbH & Co. KG)
Bannermen MULTi8 - ElAmigos versión 1.0.7 (HKLM-x32\...\{4910064A-3CD9-4174-9709-3657AFE9601A}_is1) (Version: 1.0.7 - 2tainment GmbH)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
BitComet 1.59 (HKLM-x32\...\BitComet_x64) (Version: 1.59 - CometNetwork)
Catalyst Control Center Next Localization BR (HKLM\...\{1BE58F4C-0F85-8B2E-5C30-F3CF4C430638}) (Version: 2017.0321.2159.37738 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization BR (HKLM\...\{DB929D3C-5DF3-95A0-456F-403306EE69B6}) (Version: 2016.1216.1933.35155 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{5F16D84E-851C-29BB-3CBE-A480DBAE3A09}) (Version: 2016.1216.1933.35155 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{BCA67CCE-4CC6-0E38-538C-3DEE736497B3}) (Version: 2017.0321.2159.37738 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{13D096A7-D644-944F-F99D-82A17015AAE0}) (Version: 2016.1216.1933.35155 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{C2AB6B4B-67D4-0EA7-B6E7-2714204F2CCE}) (Version: 2017.0321.2159.37738 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{5E575B5F-8815-855E-8D7E-831F1864B265}) (Version: 2017.0321.2159.37738 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{EE08C0D5-792F-B256-A499-ECEC56915562}) (Version: 2016.1216.1933.35155 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{37F9C96B-294A-D6A7-183D-930C8A2F5D68}) (Version: 2016.1216.1933.35155 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{B2EB8ADE-75EA-C07F-E9C3-211F261F6AE9}) (Version: 2017.0321.2159.37738 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{A0AF62E7-50FA-A6D5-3A41-AB0F2B78423C}) (Version: 2017.0321.2159.37738 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{DAC91F38-7D04-90FC-19CB-AC1C608012ED}) (Version: 2016.1216.1933.35155 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{40E57BA2-6029-7A5D-A2BE-7D47039159D0}) (Version: 2016.1216.1933.35155 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{4BA1606F-6B9D-D069-5D45-CC92C31566FD}) (Version: 2017.0321.2159.37738 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{14594745-CBC1-9B09-97F2-D87F4083AE59}) (Version: 2017.0321.2159.37738 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{7A54ECFD-70B7-08DF-D581-8CD04B4CDA09}) (Version: 2016.1216.1933.35155 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{B1A0EE0D-84AD-D650-23F8-C36C02BBA33B}) (Version: 2017.0321.2159.37738 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{C0F8A189-4C96-0179-ACEE-A98F618FD472}) (Version: 2016.1216.1933.35155 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{60694907-C4DE-A4AE-8DD0-E2E50E3A9C14}) (Version: 2016.1216.1933.35155 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{658CD2B5-A13F-FE0C-EB02-D032347E1E8C}) (Version: 2017.0321.2159.37738 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{144007A2-8FB2-14E6-B0A1-ACDAB319222F}) (Version: 2017.0321.2159.37738 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{592C6F67-5D6B-8E34-90B9-2E9D44FC537B}) (Version: 2016.1216.1933.35155 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{06B55CAD-9FF0-EE80-954C-32FA86AED3BF}) (Version: 2016.1216.1933.35155 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{13209EB8-E25D-6B1B-3807-581BC483A620}) (Version: 2017.0321.2159.37738 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{3B613BFA-C0AC-5FBF-29B1-3C362DFE417B}) (Version: 2016.1216.1933.35155 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{AC14F193-F900-C602-EAAA-A3D21C3E3939}) (Version: 2017.0321.2159.37738 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{11215EF3-7B35-EDD9-9735-CA1B03A71D81}) (Version: 2017.0321.2159.37738 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{E3364BA9-283A-2B4C-2DED-90C284A54B8D}) (Version: 2016.1216.1933.35155 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{4CB0C4BF-84CC-6C21-B2E6-99AA9EA3EA2B}) (Version: 2017.0321.2159.37738 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{6E30A3B3-5427-9D91-5878-BD61820C5671}) (Version: 2016.1216.1933.35155 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{1E282415-8F60-005E-58C2-8FA7A7A391FB}) (Version: 2016.1216.1933.35155 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{6E42D94A-7740-BC3B-E436-32CC2098F5D9}) (Version: 2017.0321.2159.37738 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{4748499C-DEE2-1953-7F01-BC908170709C}) (Version: 2017.0321.2159.37738 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{8384ACC1-D00D-3818-8C45-E41E3C3FC6F9}) (Version: 2016.1216.1933.35155 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{0F237AD1-B58E-9D8B-9B76-621992D0F987}) (Version: 2017.0321.2159.37738 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{DA4880B9-F477-386C-B07D-E13A7F4565C4}) (Version: 2016.1216.1933.35155 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{0FEDC0A5-8ED6-1A59-78A4-35E82784E3E0}) (Version: 2016.1216.1933.35155 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{3D6AB824-7B90-141C-D2AB-D88D1D90C2B2}) (Version: 2017.0321.2159.37738 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{3BF8C0EC-3127-F42D-78B7-7C5C9E682657}) (Version: 2016.1216.1933.35155 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{84AF1C48-9354-E614-4959-11AD41E74CCD}) (Version: 2017.0321.2159.37738 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{05EA44C5-E136-BF7A-1F49-9110EDF3213F}) (Version: 2017.0321.2159.37738 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{3F6354FB-8E86-4BEF-A53F-141D1493EE6D}) (Version: 2016.1216.1933.35155 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.55 - Piriform)
Corel Update Manager (HKLM-x32\...\{970F0689-74EE-4847-82DD-37F33D62C6A5}) (Version: 2.8.364 - Corel corporation) Hidden
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.8.0.0446 - Disc Soft Ltd)
DAEMON Tools Pro (HKLM\...\DAEMON Tools Pro) (Version: 8.2.0.0708 - Disc Soft Ltd)
Dolby Digital Plus Advanced Audio (HKLM\...\{B0BFC63F-EA07-419E-960B-3FB2ED5DD0B2}) (Version: 7.6.5.1 - Dolby Laboratories Inc)
Eines de correcció del Microsoft Office 2013: català (HKLM-x32\...\{90150000-001F-0403-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - )
Ferramentas de verificación de Microsoft Office 2013 - Galego (HKLM-x32\...\{90150000-001F-0456-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
GOG.com Heroes of Might and Magic 3 (HKLM\...\{1d3c859c-1028-4822-b0a7-da4f7bbc18bc}.sdb) (Version:  - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 78.0.3904.70 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.301 - Google LLC) Hidden
Grande Dizionario Hoepli Spagnolo (HKLM-x32\...\Grande Dizionario Hoepli Spagnolo) (Version: 1.0.0.0 - edPan search engine)
Heroes of Might and Magic 3 Complete (HKLM-x32\...\GOGPACKHOMM3COMPLETE_is1) (Version: 2.0.0.16 - GOG.com)
Instalación de DivX (HKLM\...\DivX Setup) (Version: 10.8.7.0 - DivX, LLC)
IPM_Common_x86 (HKLM-x32\...\{EE61B6C5-F017-4505-85D3-6D40B1797D32}) (Version: 2.6.332 - Your Company Name) Hidden
IsoBuster 4.0 (HKLM-x32\...\IsoBuster_is1) (Version: 4.0 - Smart Projects)
Java 8 Update 161 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180161F0}) (Version: 8.0.1610.12 - Oracle Corporation)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
King’s Bounty: The Legend (Solo eliminar) (HKLM-x32\...\{E43ED0A0-C85E-40F0-807C-6A8A9D2FAEF3}_is1) (Version: 1.0.0.0 - Nobilis)
King's Bounty - Crossworlds (HKLM-x32\...\King's Bounty - Crossworlds_is1) (Version:  - )
Malwarebytes versión 3.8.3.2965 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.8.3.2965 - Malwarebytes)
Microsoft Office Professional Plus 2013 (HKLM-x32\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2419783374-26214240-1524307561-1001\...\OneDriveSetup.exe) (Version: 19.174.0902.0013 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24212 (HKLM-x32\...\{462f63a8-6347-4894-a1b3-dbfe3a4c981d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.10.25008 (HKLM-x32\...\{f1e7e313-06df-4c56-96a9-99fdfd149c51}) (Version: 14.10.25008.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Might and Magic Heroes VII versión 1.6 (HKLM-x32\...\{4542DD6E-465A-4844-9851-08C316F2A1A8}_is1) (Version: 1.6 - UBISoft)
Mozilla Firefox 63.0.3 (x64 es-ES) (HKLM\...\Mozilla Firefox 63.0.3 (x64 es-ES)) (Version: 63.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 57.0.4 - Mozilla)
Nero 2018 (HKLM-x32\...\{08EC6511-372A-4EAF-A405-E846B822555F}) (Version: 19.0.10000 - Nero AG)
Nero Info (HKLM-x32\...\{F030BFE8-8476-4C08-A553-233DE80A2BE1}) (Version: 20.0.1011 - Nero AG)
Northgard MULTi7 - ElAmigos versión 1.8.6.14793 (HKLM-x32\...\{A75E7CE5-C3FE-4B34-AA67-8962AD1C8769}_is1) (Version: 1.8.6.14793 - Shiro Games)
Nuance Cloud Connector (HKLM-x32\...\{AB9D03EA-4365-4C03-89B9-F77F798102D3}) (Version: 3.2.912 - Nuance Communications, Inc.)
Nuance PDF Converter Enterprise 8 (HKLM\...\{E5F6DE36-F554-47E9-B6F6-08788C720F55}) (Version: 8.10.6243 - Nuance Communications, Inc.)
Nuance PDF Converter Enterprise 8 (HKLM-x32\...\{E5F6DE36-F554-47E9-B6F6-08788C720F55}) (Version: 8.10.6243 - Nuance Communications, Inc.)
Opera Stable 63.0.3368.107 (HKU\S-1-5-21-2419783374-26214240-1524307561-1001\...\Opera 63.0.3368.107) (Version: 63.0.3368.107 - Opera Software)
Outils de vérification linguistique 2013 de Microsoft Office - Français (HKLM-x32\...\{90150000-001F-040C-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Panda Cloud Antivirus (HKLM\...\{6AC9985D-E42D-4D64-BDFC-37B05CF8A036}) (Version: 6.06.00.0000 - Panda Security) Hidden
Panda Cloud Antivirus (HKLM-x32\...\Panda Universal Agent Endpoint) (Version: 02.03.00.0000 - Panda Security)
Panda Cloud Cleaner (HKLM-x32\...\{92B2B132-C7F0-43DC-921A-4493C04F78A4}_is1) (Version: 1.1.10 - Panda Security)
Paquete de idioma de Microsoft Visual Studio 2010 Tools para Office Runtime (x64) - ESN (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - ESN) (Version: 10.0.50903 - Microsoft Corporation)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.141.259 - Google, Inc.)
Prerequisite installer (HKLM-x32\...\{AD240F1A-3102-492E-B657-17969A9D5E9A}) (Version: 19.0.0004 - Nero AG) Hidden
RealDownloader (HKLM-x32\...\{2C1A45EC-8ED5-4CFF-B8B4-417DA850F67E}) (Version: 18.1.16.215 - RealNetworks, Inc.) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (HKLM-x32\...\{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}) (Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (HKLM-x32\...\{AAECF7BA-E83B-4A10-87EA-DE0B333F8734}) (Version: 10.0 - RealNetworks, Inc) Hidden
RealPlayer (HKLM-x32\...\RealPlayer 18.1) (Version: 18.1.16 - RealNetworks)
RealUpgrade 1.1 (HKLM-x32\...\{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}) (Version: 1.1.0 - RealNetworks, Inc.) Hidden
Recuva (HKLM\...\Recuva) (Version: 1.52 - Piriform)
Revisores de Texto do Microsoft Office 2013 – Português do Brasil (HKLM-x32\...\{90150000-001F-0416-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Scansoft PDF Professional (HKLM-x32\...\{068724F8-D8BE-4B43-8DDD-B9FE9E49FD76}) (Version:  - ) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{7F6C4883-A18C-459A-82C1-A2F9403F2DA6}) (Version:  - Microsoft)
SpellForce Platinum Edition version 1.0.0.009 (HKLM-x32\...\SpellForce Platinum Edition_is1) (Version: 1.0.0.009 - WaLMaRT)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
StarCraft II (HKLM-x32\...\StarCraft II) (Version:  - Blizzard Entertainment)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1240 - SUPERAntiSpyware.com)
Update for Skype for Business 2015 (KB4475564) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{14E2D22A-5164-4E35-8239-E2DB5D6B9A09}) (Version:  - Microsoft)
Update for Skype for Business 2015 (KB4475564) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0000-1000-0000000FF1CE}_Office15.PROPLUS_{14E2D22A-5164-4E35-8239-E2DB5D6B9A09}) (Version:  - Microsoft)
Update for Skype for Business 2015 (KB4475564) 32-Bit Edition (HKLM-x32\...\{90150000-012B-0C0A-0000-0000000FF1CE}_Office15.PROPLUS_{14E2D22A-5164-4E35-8239-E2DB5D6B9A09}) (Version:  - Microsoft)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden
UpdateAssistant (HKLM\...\{52C1DD03-104E-4AC6-9DC6-21D585721ED1}) (Version: 1.19.0.0 - Microsoft Corporation) Hidden
UpdateService (HKLM-x32\...\{E3AE96D6-E196-45B4-AF62-2B41998B9E37}) (Version: 1.0.0 - RealNetworks, Inc.) Hidden
Uplay (HKLM-x32\...\Uplay) (Version: 2.0 - Ubisoft)
vc2012_redist (HKLM-x32\...\{9402AEF2-5981-4097-8BE2-6501DAC4DBFD}) (Version: 1.0.0.0 - Realnetworks) Hidden
VC80CRTRedist - 8.0.50727.6195 (HKLM-x32\...\{933B4015-4618-4716-A828-5289FC03165F}) (Version: 1.2.0 - DivX, Inc) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.8 - VideoLAN)
vs2015_redist x86 (HKLM-x32\...\{BD46163A-0331-4A61-B65A-7B66D7C93F8E}) (Version: 1.0.0.0 - Realnetworks) Hidden
VueScan x64 (HKLM\...\VueScan x64) (Version:  - Hamrick Software)
WinRAR 5.50 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)
WordPerfect Office IFilter 32-bit (HKLM-x32\...\{1DF03ECE-6AF4-414E-B118-C316F151A9A2}) (Version: 1.6 - Corel Corporation)
WordPerfect Office IFilter 64-bit (HKLM\...\{1B45B85C-99E8-4523-8FB3-0248B3DECFC8}) (Version: 1.6 - Corel Corporation)
WordPerfect Office X8 - Common Files (HKLM-x32\...\{42428570-D010-4FC6-BD19-02D443418372}) (Version: 18.0 - Corel Corporation) Hidden
WordPerfect Office X8 - IPM Content TBYB  (HKLM-x32\...\{39D42D80-E7FA-445C-A6A0-0D90BF66D715}) (Version: 18.0 - Corel Corporation) Hidden
WordPerfect Office X8 - IPM TBYB (HKLM-x32\...\{0142A22B-3F10-4034-AC51-01B86449F89C}) (Version: 18.0 - Corel Corporation) Hidden
WordPerfect Office X8 - Lightning Files (HKLM-x32\...\{070A4546-460D-4B5D-BEEB-22F9BDC0CF6A}) (Version: 18.0 - Corel Corporation) Hidden
WordPerfect Office X8 - Oxford (HKLM-x32\...\{CC0E11EC-EE17-4351-9523-FDF15CDE36DB}) (Version: 18.0 - Corel Corporation) Hidden
WordPerfect Office X8 - Presentations Files (HKLM-x32\...\{56046687-93A2-420F-BC32-472A7BE02C78}) (Version: 18.0 - Corel Corporation) Hidden
WordPerfect Office X8 - Quattro Pro Files (HKLM-x32\...\{C6EA41FF-5BC2-4035-A08E-A66B3084EDCE}) (Version: 18.0 - Corel Corporation) Hidden
WordPerfect Office X8 - Setup Files (HKLM-x32\...\{8F19BD38-2FAE-4383-95F5-20FB54A647FC}) (Version: 18.0 - Corel Corporation) Hidden
WordPerfect Office X8 - System Files (HKLM-x32\...\{1E20010F-6730-4511-B1BA-66E5032A5860}) (Version: 18.0 - Corel Corporation) Hidden
WordPerfect Office X8 - WordPerfect Files (HKLM-x32\...\{31A0E52F-CA1A-4BAF-AD4F-F40A2BEE9FA7}) (Version: 18.0 - Corel Corporation) Hidden
WordPerfect Office X8 - WPD format Props x64 (HKLM\...\{5E7A9D3D-7A1B-4F4E-B4E4-74E3BCD28E77}) (Version: 18.0 - Corel Corporation) Hidden
WordPerfect Office X8 - WT (HKLM-x32\...\{DF751A12-329C-4963-BCE7-14C8265167E6}) (Version: 18.0 -  Corel Corporation) Hidden
WordPerfect Office X8 (HKLM-x32\...\_{8F19BD38-2FAE-4383-95F5-20FB54A647FC}) (Version: 18.0.0.200 - Corel Corporation)
WordPerfect Office X8 (HKLM-x32\...\{0BC87715-8C0B-4C9C-BF95-36A463B7A96C}) (Version: 18.0 - Corel Corporation) Hidden
WordPerfect Office X8 (HKLM-x32\...\{2067216B-D56E-4717-AB2C-38FBE8DB3FC3}) (Version: 18.0 - Corel Corporation) Hidden
WordPerfect Office X8 (HKLM-x32\...\{21D49A11-15ED-43F3-97D6-1C5B73F70F21}) (Version: 18.0 - Corel Corporation) Hidden
WordPerfect Office X8 (HKLM-x32\...\{7C6905CE-F10B-4629-8A5D-602BE91CCBB3}) (Version: 18.0 - Corel Corporation) Hidden
WordPerfect Office X8 (HKLM-x32\...\{B2BCF349-C7C0-4C02-8803-0191F9D83C7A}) (Version: 18.0 - Corel Corporation) Hidden
WordPerfect Office X8 (HKLM-x32\...\{E292E6B0-C84D-4C47-A61E-7C42540C4ECF}) (Version: 18.0 - Corel Corporation) Hidden
WordPerfect Office X9 - Common Files (HKLM-x32\...\{50567D26-6C7E-4A3E-9752-BE23977A6C8D}) (Version: 19.0 - Corel Corporation) Hidden
WordPerfect Office X9 - Common Files English (HKLM-x32\...\{97D165C7-7B4C-442D-9DC6-FE0240A1C98C}) (Version: 19.0 - Corel Corporation) Hidden
WordPerfect Office X9 - IPM Content TBYB  (HKLM-x32\...\{5942FE7F-F1AA-4B47-B21F-B6E2D75A406C}) (Version: 19.0 - Corel Corporation) Hidden
WordPerfect Office X9 - IPM TBYB (HKLM-x32\...\{5C14DD75-9286-4172-9251-066362F78262}) (Version: 19.0 - Corel Corporation) Hidden
WordPerfect Office X9 - Lightning Files (HKLM-x32\...\{5D00E927-0798-4F5D-83B2-A60AFA4C7B93}) (Version: 19.0 - Corel Corporation) Hidden
WordPerfect Office X9 - Lightning Files English (HKLM-x32\...\{0705BB45-E2C0-41AF-A24D-BB66FB78F574}) (Version: 19.0 - Corel Corporation) Hidden
WordPerfect Office X9 - Oxford (HKLM-x32\...\{9B32CB12-C951-417E-8490-EAD6E56D920D}) (Version: 19.0 - Corel Corporation) Hidden
WordPerfect Office X9 - Presentations Files (HKLM-x32\...\{6C2494D8-AA48-49E8-8449-BCDA8BB7F01C}) (Version: 19.0 - Corel Corporation) Hidden
WordPerfect Office X9 - Presentations Files English (HKLM-x32\...\{C55FBD71-ACA9-495F-9EBA-EB23A51206D0}) (Version: 19.0 - Corel Corporation) Hidden
WordPerfect Office X9 - Quattro Pro Files (HKLM-x32\...\{B085C003-6454-4512-A3CB-B873E4F8ABEF}) (Version: 19.0 - Corel Corporation) Hidden
WordPerfect Office X9 - Quattro Pro Files English (HKLM-x32\...\{941020B9-7483-4FA2-B40B-C56815361DAB}) (Version: 19.0 - Corel Corporation) Hidden
WordPerfect Office X9 - Redists (HKLM-x32\...\{8092CE83-3E55-499F-B746-06E6825C7381}) (Version: 19.0 - Corel Corporation) Hidden
WordPerfect Office X9 - Setup Files (HKLM-x32\...\{F5784FBC-42E2-429F-A7CF-34959D995957}) (Version: 19.0 - Corel Corporation) Hidden
WordPerfect Office X9 - WordPerfect Files (HKLM-x32\...\{55D49A6A-BCBE-40A4-8A9E-1AEC5F125CAC}) (Version: 19.0 - Corel Corporation) Hidden
WordPerfect Office X9 - WordPerfect Files English (HKLM-x32\...\{6052701D-0BA0-4AC9-9E7C-0209E0CB2873}) (Version: 19.0 - Corel Corporation) Hidden
WordPerfect Office X9 - WPD format Props x64 (HKLM\...\{32B843EE-A124-4DBE-84D0-BB2AE22FF5C1}) (Version: 19.0 - Corel Corporation) Hidden
WordPerfect Office X9 - Writing Tools Files (HKLM-x32\...\{116B261F-1198-4F52-B46A-D6C3A70171FA}) (Version: 19.0 -  Corel Corporation) Hidden
WordPerfect Office X9 (HKLM-x32\...\_{F5784FBC-42E2-429F-A7CF-34959D995957}) (Version: 19.0.0.325 - Corel Corporation)
WordPerfect Office X9 (HKLM-x32\...\{4C2E097B-066A-4576-A4CD-FB9B383371DD}) (Version: 19.0 - Corel Corporation) Hidden
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version:  - Blizzard Entertainment)

Packages:
=========
Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.0.2.0_x64__tf1gferkr813w [2019-09-11] (Autodesk Inc.)
Bubble Shooter POP! Bubbles -> C:\Program Files\WindowsApps\46728SweetCandyKingdom.BubbleShooterPOPBubbles_1.5.0.1000_x64__ncv0abr25ncwe [2018-11-02] (Sweet Candy Kingdom) [MS Ad]
Bubble Witch 3 Saga -> C:\Program Files\WindowsApps\king.com.BubbleWitch3Saga_6.2.6.0_x86__kgqvnymyfvs32 [2019-10-26] (king.com)
Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.151.300.0_x86__kgqvnymyfvs32 [2019-11-01] (king.com)
Correo y Calendario -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.12026.20218.0_x64__8wekyb3d8bbwe [2019-09-25] (Microsoft Corporation) [MS Ad]
Disney Magic Kingdoms -> C:\Program Files\WindowsApps\A278AB0D.DisneyMagicKingdoms_4.4.0.5_x86__h6adky7gbf63m [2019-10-16] (Gameloft.)
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.0.3587.0_x64__rz1tebttyb220 [2019-10-06] (Dolby Laboratories)
File Downloader -> C:\Program Files\WindowsApps\25974MegaScopes.UniversalFileDownloader_3.5.0.0_x64__0pcxtv3ezwmq8 [2018-10-30] (MegaScopes) [MS Ad]
March of Empires: War of Lords -> C:\Program Files\WindowsApps\A278AB0D.MarchofEmpires_4.4.0.10_x86__h6adky7gbf63m [2019-10-26] (Gameloft.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-17] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-16] (Microsoft Corporation) [MS Ad]
Microsoft Mahjong -> C:\Program Files\WindowsApps\Microsoft.MicrosoftMahjong_3.9.9231.0_x64__8wekyb3d8bbwe [2019-10-06] (Microsoft Studios) [MS Ad]
Microsoft News: Noticias destacadas en español -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.32.12463.0_x64__8wekyb3d8bbwe [2019-09-11] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.4.10022.0_x64__8wekyb3d8bbwe [2019-10-09] (Microsoft Studios) [MS Ad]
Mp3 music video download free -> C:\Program Files\WindowsApps\52536lnn4app.Mp3musicvideodownloadfree_1.1.0.7_x64__bjk6t4gaceyhw [2018-10-29] (lnn4app) [MS Ad]
MSN El Tiempo -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.32.12463.0_x64__8wekyb3d8bbwe [2019-09-11] (Microsoft Corporation) [MS Ad]
Out on a Limb -> C:\Program Files\WindowsApps\Microsoft.OutonaLimb_1.1.0.0_neutral__8wekyb3d8bbwe [2018-11-03] (Microsoft Corporation)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.118.611.0_x86__zpdnekdrzrea0 [2019-10-31] (Spotify AB) [Startup Task]
Tetris Classic -> C:\Program Files\WindowsApps\22450.TetrisClassic_1.1.9.0_x64__0aqw1zw0x2snt [2019-04-13] (韵华软件) [MS Ad]
Touring Spain -> C:\Program Files\WindowsApps\Microsoft.TouringSpain_1.0.0.0_neutral__8wekyb3d8bbwe [2018-11-03] (Microsoft Corporation)
WhatsApp Desktop -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_0.3.5149.0_x64__cv1g1gvanyjgm [2019-10-26] (WhatsApp Inc.)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ShellIconOverlayIdentifiers: [GladinetIconOverlay] -> {3C3DC57A-7535-48AF-BB9E-C3576A4F34D0} => C:\Program Files (x86)\Nuance\Nuance Cloud Connector\GlOverlayIcon.dll [2012-07-18] (Gladinet, Inc. -> Gladinet, INC)
ShellIconOverlayIdentifiers: [GladinetUploading] -> {959A18D3-9CC9-41e8-B76F-34ED9A89D4EA} => C:\Program Files (x86)\Nuance\Nuance Cloud Connector\GlOverlayIconU.dll [2012-07-18] (Gladinet, Inc. -> Gladinet, INC)
ShellIconOverlayIdentifiers-x32: [GladinetIconOverlay] -> {3C3DC57A-7535-48AF-BB9E-C3576A4F34D0} => C:\Program Files (x86)\Nuance\Nuance Cloud Connector\GlOverlayIcon.dll [2012-07-18] (Gladinet, Inc. -> Gladinet, INC)
ShellIconOverlayIdentifiers-x32: [GladinetUploading] -> {959A18D3-9CC9-41e8-B76F-34ED9A89D4EA} => C:\Program Files (x86)\Nuance\Nuance Cloud Connector\GlOverlayIconU.dll [2012-07-18] (Gladinet, Inc. -> Gladinet, INC)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} =>  -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} =>  -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> No File
ContextMenuHandlers1: [DivXShellExtensionItem] -> {48A8A3B0-57E8-4F2B-A49D-19E02B92377B} => C:\Program Files (x86)\Common Files\DivX Shared\DivXShellExtension64.dll [2018-10-09] (DivX, LLC -> DivX, LLC)
ContextMenuHandlers1: [DivXShellExtensionItem64] -> {6B49A276-0DBA-43F4-BC96-A841AD11B40B} => C:\Program Files (x86)\Common Files\DivX Shared\DivXShellExtension64.dll [2018-10-09] (DivX, LLC -> DivX, LLC)
ContextMenuHandlers1: [PDFC7.ShellExtension] -> {877327F4-8A93-4320-932C-338069C27BEA} => C:\Program Files (x86)\Nuance\PDF Professional 8\ShellExt70.dll [2012-09-10] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
ContextMenuHandlers1: [PDFCreator.ShellContextMenu] -> {d9cea52e-100d-4159-89ea-76e845bc13e1} =>  -> No File
ContextMenuHandlers1: [SDECon32] -> [CC]{44176360-2BBF-4EC1-93CE-384B8681A0BC} =>  -> No File
ContextMenuHandlers1: [SDECon64] -> [CC]{44176360-2BBF-4EC1-93CE-384B8681A0BC} =>  -> No File
ContextMenuHandlers1: [UAContextMenu] -> {A9B8E64D-3F7E-4D32-8FC9-E391DEE67D75} => C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSUAShell.dll [2013-10-19] (Panda Security S.L -> Panda Security, S.L.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1: [Zeon.GMFCDirectShellExt] -> {C037D85B-2F6F-4B14-9E6D-26D504D9194B} => C:\Program Files (x86)\Nuance\PDF Professional 8\bin\GDirectShellExt.dll [2012-07-25] (Zeon Corporation -> Zeon International Investment Corp. ) [File not signed]
ContextMenuHandlers2: [DaemonShellExtDrive] -> {A5415364-784A-41A5-B47A-D452909CA8FF} => C:\Program Files\DAEMON Tools Pro\DTShl64.dll [2017-05-17] (Disc Soft Ltd -> Disc Soft Ltd)
ContextMenuHandlers2: [DaemonShellExtDriveLite] -> {C06369D6-E77D-4626-9656-1256312BD576} => C:\Program Files\DAEMON Tools Lite\DTShl64.dll [2018-05-22] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers2: [QuickFinderMenu] -> [CC]{0c5824b1-555e-4799-b8be-97b08362623b} =>  -> No File
ContextMenuHandlers3: [DaemonShellExtImage] -> {40966797-8FFE-46C8-9EF8-7003F33CCF0F} => C:\Program Files\DAEMON Tools Pro\DTShl64.dll [2017-05-17] (Disc Soft Ltd -> Disc Soft Ltd)
ContextMenuHandlers3: [DaemonShellExtImageLite] -> {1D1B5D7B-0FC9-452E-902C-12BACD4FBC20} => C:\Program Files\DAEMON Tools Lite\DTShl64.dll [2018-05-22] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers3: [Open With Gladinet] -> {81695C6B-C2CA-492F-951D-5469840B2098} => C:\Program Files (x86)\Nuance\Nuance Cloud Connector\GladinetShellProxy.dll [2012-07-18] (Gladinet, Inc. -> Gladinet, INC)
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => c:\program files (x86)\real\realplayer\RPDS\Bin64\rpcontextmenu.dll [2019-03-21] (RealNetworks, Inc. -> RealNetworks, Inc.)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} =>  -> No File
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} =>  -> No File
ContextMenuHandlers4: [QuickFinderMenu] -> [CC]{0c5824b1-555e-4799-b8be-97b08362623b} =>  -> No File
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2017-03-21] (Advanced Micro Devices, Inc.) [File not signed]
ContextMenuHandlers5: [UAContextMenu] -> {A9B8E64D-3F7E-4D32-8FC9-E391DEE67D75} => C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSUAShell.dll [2013-10-19] (Panda Security S.L -> Panda Security, S.L.)
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> No File
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} =>  -> No File
ContextMenuHandlers6: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2014-06-24] (Safer Networking Ltd. -> Safer-Networking Ltd.)
ContextMenuHandlers6: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2014-06-24] (Safer Networking Ltd. -> Safer-Networking Ltd.)
ContextMenuHandlers6: [UAContextMenu] -> {A9B8E64D-3F7E-4D32-8FC9-E391DEE67D75} => C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSUAShell.dll [2013-10-19] (Panda Security S.L -> Panda Security, S.L.)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

Antonio_Herrera_Carr · 3 Noviembre, 2019 19:48

REPORTE ADITION 2

2013-04-12 18:23 - 2013-04-12 18:23 - 000612664 _____ () [File not signed] C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\SQLite3.dll
2016-09-14 02:18 - 2016-09-14 02:18 - 000011776 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libEGL.dll
2016-09-14 02:18 - 2016-09-14 02:18 - 002013696 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2016-09-14 02:19 - 2016-09-14 02:19 - 000014336 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2016-09-14 02:19 - 2016-09-14 02:19 - 000739840 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2016-09-14 02:19 - 2016-09-14 02:19 - 000191488 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Dialogs\dialogplugin.dll
2016-09-14 02:19 - 2016-09-14 02:19 - 000071168 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2016-09-14 02:19 - 2016-09-14 02:19 - 000014336 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2017-03-21 20:57 - 2017-03-21 20:57 - 000851456 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\AMD\CNext\CNext\atiacm64.dll
2017-03-21 20:57 - 2017-03-21 20:57 - 000005120 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\AMD\CNext\CNext\atiamesp.dll
2018-05-29 19:06 - 2017-05-17 08:26 - 005200576 _____ (Disc Soft Ltd -> Disc Soft Ltd) [File not signed] C:\Program Files\DAEMON Tools Pro\Engine.dll
2011-06-27 00:22 - 2011-06-27 00:22 - 001032192 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Nuance\Nuance Cloud Connector\LIBEAY32.dll
2016-09-14 02:19 - 2016-09-14 02:19 - 000049664 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qdds.dll
2016-09-14 02:19 - 2016-09-14 02:19 - 000029696 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qgif.dll
2016-09-14 02:19 - 2016-09-14 02:19 - 000037376 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qicns.dll
2016-09-14 02:19 - 2016-09-14 02:19 - 000030208 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qico.dll
2016-09-14 02:19 - 2016-09-14 02:19 - 000459776 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qjp2.dll
2016-09-14 02:19 - 2016-09-14 02:19 - 000236544 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qjpeg.dll
2016-09-14 02:19 - 2016-09-14 02:19 - 000275456 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qmng.dll
2016-09-14 02:19 - 2016-09-14 02:19 - 000023552 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qsvg.dll
2016-09-14 02:19 - 2016-09-14 02:19 - 000022528 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qtga.dll
2016-09-14 02:19 - 2016-09-14 02:19 - 000351744 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qtiff.dll
2016-09-14 02:19 - 2016-09-14 02:19 - 000021504 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qwbmp.dll
2016-09-14 02:19 - 2016-09-14 02:19 - 000374784 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qwebp.dll
2016-09-14 02:19 - 2016-09-14 02:19 - 001212416 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\platforms\qwindows.dll
2016-09-14 02:18 - 2016-09-14 02:18 - 000912384 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Charts.dll
2016-09-14 02:18 - 2016-09-14 02:18 - 005496320 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Core.dll
2016-09-14 02:18 - 2016-09-14 02:18 - 005804544 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Gui.dll
2016-09-14 02:18 - 2016-09-14 02:18 - 001061376 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Network.dll
2016-09-14 02:18 - 2016-09-14 02:18 - 003187712 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Qml.dll
2016-09-14 02:18 - 2016-09-14 02:18 - 002924544 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Quick.dll
2016-09-14 02:18 - 2016-09-14 02:18 - 000310784 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Svg.dll
2016-09-14 02:18 - 2016-09-14 02:18 - 005444608 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Widgets.dll
2016-09-14 02:18 - 2016-09-14 02:18 - 000277504 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WinExtras.dll
2016-09-14 02:18 - 2016-09-14 02:18 - 000193024 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Xml.dll
2012-07-25 10:32 - 2012-07-25 10:32 - 000350880 _____ (Zeon Corporation -> Zeon International Investment Corp. ) [File not signed] C:\Program Files (x86)\Nuance\PDF Professional 8\bin\GDirectShellExt.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NanoServiceMain => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PSUAService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NanoServiceMain => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PSUAService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer trusted/restricted ==========

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-2419783374-26214240-1524307561-1001\...\localhost -> localhost
IE restricted site: HKU\S-1-5-21-2419783374-26214240-1524307561-1001\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-2419783374-26214240-1524307561-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-2419783374-26214240-1524307561-1001\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-2419783374-26214240-1524307561-1001\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-2419783374-26214240-1524307561-1001\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-2419783374-26214240-1524307561-1001\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-2419783374-26214240-1524307561-1001\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-2419783374-26214240-1524307561-1001\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-2419783374-26214240-1524307561-1001\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-2419783374-26214240-1524307561-1001\...\0411dd.com -> 0411dd.com
IE restricted site: HKU\S-1-5-21-2419783374-26214240-1524307561-1001\...\0511zfhl.com -> 0511zfhl.com
IE restricted site: HKU\S-1-5-21-2419783374-26214240-1524307561-1001\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-2419783374-26214240-1524307561-1001\...\0632qyw.com -> 0632qyw.com
IE restricted site: HKU\S-1-5-21-2419783374-26214240-1524307561-1001\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-2419783374-26214240-1524307561-1001\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-2419783374-26214240-1524307561-1001\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-2419783374-26214240-1524307561-1001\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-2419783374-26214240-1524307561-1001\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-2419783374-26214240-1524307561-1001\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-2419783374-26214240-1524307561-1001\...\1-2005-search.com -> www.1-2005-search.com

There are 12681 more sites.


==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-11-03 00:33 - 2019-11-03 00:33 - 000000852 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\ProgramData\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Smart Projects\IsoBuster;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-2419783374-26214240-1524307561-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\yuyub\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\StartupFolder: => "RealTimes.lnk"
HKLM\...\StartupApproved\StartupFolder: => "Nuance Cloud Connector.lnk"
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run32: => "Argente Utilities"
HKLM\...\StartupApproved\Run32: => "Malwarebytes TrayApp"
HKLM\...\StartupApproved\Run32: => "RealDownloader"
HKLM\...\StartupApproved\Run32: => "SecurityHealth"
HKLM\...\StartupApproved\Run32: => "TkBellExe"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "DivXMediaServer"
HKLM\...\StartupApproved\Run32: => "InboxMonitor"
HKLM\...\StartupApproved\Run32: => "Nero BackItUp"
HKLM\...\StartupApproved\Run32: => "PDF8 Registry Controller"
HKLM\...\StartupApproved\Run32: => "PDFProHook"
HKLM\...\StartupApproved\Run32: => "Adobe Reader Speed Launcher"
HKLM\...\StartupApproved\Run32: => "QuickFinder Scheduler"
HKU\S-1-5-21-2419783374-26214240-1524307561-1001\...\StartupApproved\StartupFolder: => "Enviar a OneNote.lnk"
HKU\S-1-5-21-2419783374-26214240-1524307561-1001\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"
HKU\S-1-5-21-2419783374-26214240-1524307561-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-2419783374-26214240-1524307561-1001\...\StartupApproved\Run: => "CubeDesktopNXT"
HKU\S-1-5-21-2419783374-26214240-1524307561-1001\...\StartupApproved\Run: => "DAEMON Tools Pro Agent"
HKU\S-1-5-21-2419783374-26214240-1524307561-1001\...\StartupApproved\Run: => "Opera Browser Assistant"
HKU\S-1-5-21-2419783374-26214240-1524307561-1001\...\StartupApproved\Run: => "SUPERAntiSpyware"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{20DC06B3-3C4A-43ED-A833-79AC338563CB}] => (Allow) C:\ProgramData\winnmgr\svcnetwk.exe (Microsoft Corporation) [File not signed]
FirewallRules: [{F43E88DD-D507-46BC-8097-58103C1BE61F}] => (Allow) C:\ProgramData\Google\ChromeDir\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{05EF7632-B0B3-4FC4-B7EE-E8B1179FA9E1}] => (Allow) C:\ProgramData\Google\ChromeDir2\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{5B042DB3-BB25-437F-86C0-4F29AA2E35EF}] => (Allow) C:\ProgramData\Google\ChromeDir\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{59808FBE-0958-44BE-91D6-44862E0F079E}] => (Allow) C:\ProgramData\Google\ChromeDir2\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{D5BE5F23-D5E1-42E6-B460-E320089A558F}] => (Allow) C:\ProgramData\Google\ChromeDir\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{C34B55C5-58F3-460F-8574-299E9150EB6D}] => (Allow) C:\ProgramData\Google\ChromeDir2\Application\chrome.exe (Google LLC -> Google LLC)
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service

==================== Restore Points =========================

03-11-2019 13:24:18 JRT Pre-Junkware Removal
03-11-2019 14:34:24 Malwarebytes Anti-Rootkit Restore Point

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (11/03/2019 06:10:35 PM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Error al actualizar el estado de  a SECURITY_PRODUCT_STATE_ON.

Error: (11/03/2019 06:10:25 PM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Error al actualizar el estado de  a SECURITY_PRODUCT_STATE_ON.

Error: (11/03/2019 06:10:25 PM) (Source: SecurityCenter) (EventID: 17) (User: )
Description: Security Center no pudo validar al autor de la llamada con el error %1.

Error: (11/03/2019 06:10:15 PM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Error al actualizar el estado de  a SECURITY_PRODUCT_STATE_ON.

Error: (11/03/2019 06:10:04 PM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Error al actualizar el estado de  a SECURITY_PRODUCT_STATE_ON.

Error: (11/03/2019 06:09:54 PM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Error al actualizar el estado de  a SECURITY_PRODUCT_STATE_ON.

Error: (11/03/2019 06:09:44 PM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Error al actualizar el estado de  a SECURITY_PRODUCT_STATE_ON.

Error: (11/03/2019 06:09:34 PM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Error al actualizar el estado de  a SECURITY_PRODUCT_STATE_ON.


System errors:
=============
Error: (11/03/2019 05:35:45 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio PSINProt no pudo iniciarse debido al siguiente error: 
Uno de los dispositivos conectados al sistema no funciona.

Error: (11/03/2019 05:35:45 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio PSINAflt no pudo iniciarse debido al siguiente error: 
No se dispone de más datos.

Error: (11/03/2019 04:07:02 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio PSINProt no pudo iniciarse debido al siguiente error: 
Uno de los dispositivos conectados al sistema no funciona.

Error: (11/03/2019 04:07:02 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio PSINAflt no pudo iniciarse debido al siguiente error: 
No se dispone de más datos.

Error: (11/03/2019 04:02:44 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio PSINProt no pudo iniciarse debido al siguiente error: 
Uno de los dispositivos conectados al sistema no funciona.

Error: (11/03/2019 04:02:43 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio PSINAflt no pudo iniciarse debido al siguiente error: 
No se dispone de más datos.

Error: (11/03/2019 03:54:04 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio PSINProt no pudo iniciarse debido al siguiente error: 
Uno de los dispositivos conectados al sistema no funciona.

Error: (11/03/2019 03:54:04 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio PSINAflt no pudo iniciarse debido al siguiente error: 
No se dispone de más datos.


Windows Defender:
===================================
Date: 2019-11-02 01:30:27.557
Description: 
Antivirus de Windows Defender detectó malware u otro software potencialmente no deseado.
Para más información, consulta lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=VirTool:Win32/Obfuscator&threatid=2147584956&enterprise=0
Nombre: VirTool:Win32/Obfuscator
Id.: 2147584956
Gravedad: Grave
Categoría: Herramienta
Ruta de acceso: file:_C:\Program Files (x86)\Ubisoft\Might & Magic Heroes VI\ubiorbitapi_r2_loader_a23529c0.dll
Origen de detección: Equipo local
Tipo de detección: Heurística
Origen de detección: Protección en tiempo real
Usuario: ANTONIOMARIA\yuyub
Nombre de proceso: C:\Program Files (x86)\Panda Security\Panda Cloud Cleaner\PCloudCleaner.exe
Versión de inteligencia de seguridad: AV: 1.259.1659.0, AS: 1.259.1659.0, NIS: 1.259.1659.0
Versión de motor: AM: 1.1.14500.5, NIS: 1.1.14500.5

Date: 2019-11-02 01:25:37.749
Description: 
Antivirus de Windows Defender detectó malware u otro software potencialmente no deseado.
Para más información, consulta lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=VirTool:Win32/Obfuscator&threatid=2147584956&enterprise=0
Nombre: VirTool:Win32/Obfuscator
Id.: 2147584956
Gravedad: Grave
Categoría: Herramienta
Ruta de acceso: file:_C:\Program Files (x86)\Ubisoft\Might & Magic Heroes VI\ubiorbitapi_r2_loader_a23529c0.dll
Origen de detección: Equipo local
Tipo de detección: Heurística
Origen de detección: Protección en tiempo real
Usuario: ANTONIOMARIA\yuyub
Nombre de proceso: C:\Program Files (x86)\Panda Security\Panda Cloud Cleaner\PCloudCleaner.exe
Versión de inteligencia de seguridad: AV: 1.259.1659.0, AS: 1.259.1659.0, NIS: 1.259.1659.0
Versión de motor: AM: 1.1.14500.5, NIS: 1.1.14500.5

Date: 2019-11-02 00:15:36.324
Description: 
El examen de Antivirus de Windows Defender se detuvo antes de completarse.
Id. de examen: {8305D6C5-E36A-4C5F-8838-77A4E219C05C}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM

Date: 2019-11-02 00:04:14.433
Description: 
El examen de Antivirus de Windows Defender se detuvo antes de completarse.
Id. de examen: {84DE20B9-47AE-4B43-8568-41BD91E57EF9}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM

Date: 2019-11-01 23:20:06.973
Description: 
El examen de Antivirus de Windows Defender se detuvo antes de completarse.
Id. de examen: {F3CA48D6-73DB-42D8-9928-67FE9263E690}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM

Date: 2019-11-03 12:51:45.538
Description: 
Antivirus de Windows Defender detectó un error al intentar actualizar la inteligencia de seguridad.
Nueva versión de inteligencia de seguridad: 
Versión anterior de inteligencia de seguridad: 1.259.1659.0
Origen de actualización: Centro de protección contra malware de Microsoft
Tipo de inteligencia de seguridad: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\Servicio de red
Versión actual del motor: 
Versión anterior del motor: 1.1.14500.5
Código de error: 0x80070645
Descripción del error: Esta acción solo es válida para productos que están instalados actualmente. 

Date: 2019-11-03 12:51:45.537
Description: 
Antivirus de Windows Defender detectó un error al intentar actualizar la inteligencia de seguridad.
Nueva versión de inteligencia de seguridad: 
Versión anterior de inteligencia de seguridad: 1.259.1659.0
Origen de actualización: Centro de protección contra malware de Microsoft
Tipo de inteligencia de seguridad: AntiSpyware
Tipo de actualización: Completa
Usuario: NT AUTHORITY\Servicio de red
Versión actual del motor: 
Versión anterior del motor: 1.1.14500.5
Código de error: 0x80070645
Descripción del error: Esta acción solo es válida para productos que están instalados actualmente. 

Date: 2019-11-03 12:51:45.536
Description: 
Antivirus de Windows Defender detectó un error al intentar actualizar la inteligencia de seguridad.
Nueva versión de inteligencia de seguridad: 
Versión anterior de inteligencia de seguridad: 1.259.1659.0
Origen de actualización: Centro de protección contra malware de Microsoft
Tipo de inteligencia de seguridad: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\Servicio de red
Versión actual del motor: 
Versión anterior del motor: 1.1.14500.5
Código de error: 0x80070645
Descripción del error: Esta acción solo es válida para productos que están instalados actualmente. 

Date: 2019-11-03 12:50:43.093
Description: 
Antivirus de Windows Defender detectó un error al intentar actualizar la inteligencia de seguridad.
Nueva versión de inteligencia de seguridad: 
Versión anterior de inteligencia de seguridad: 1.259.1659.0
Origen de actualización: Servidor de Microsoft Update
Tipo de inteligencia de seguridad: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\SYSTEM
Versión actual del motor: 
Versión anterior del motor: 1.1.14500.5
Código de error: 0x80096004
Descripción del error: No se puede comprobar la firma del certificado. 

Date: 2019-11-03 12:31:38.591
Description: 
Antivirus de Windows Defender detectó un error al intentar actualizar la inteligencia de seguridad.
Nueva versión de inteligencia de seguridad: 
Versión anterior de inteligencia de seguridad: 1.259.1659.0
Origen de actualización: Centro de protección contra malware de Microsoft
Tipo de inteligencia de seguridad: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\Servicio de red
Versión actual del motor: 
Versión anterior del motor: 1.1.14500.5
Código de error: 0x80070645
Descripción del error: Esta acción solo es válida para productos que están instalados actualmente. 

CodeIntegrity:
===================================

Date: 2019-11-03 13:03:30.817
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-11-03 13:03:30.242
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-11-03 12:21:20.085
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\ESET\ESET Security\ecmds.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-11-03 12:21:20.061
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\ESET\ESET Security\ecmds.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-11-03 12:21:19.990
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\ESET\ESET Security\ecmds.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-11-03 12:21:19.912
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\ESET\ESET Security\ecmds.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-11-03 12:21:19.139
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\ESET\ESET Security\ecmds.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-11-03 12:21:19.117
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\ESET\ESET Security\ecmds.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

==================== Memory info =========================== 

BIOS: LENOVO A2CN27WW(V1.09) 12/12/2014
Motherboard: LENOVO Lancer 5B2
Processor: AMD E1-6010 APU with AMD Radeon R2 Graphics 
Percentage of memory in use: 51%
Total physical RAM: 7128.26 MB
Available physical RAM: 3475.7 MB
Total Virtual: 8280.26 MB
Available Virtual: 3841.82 MB

==================== Drives ================================

Drive c: (Windows8_OS) (Fixed) (Total:424.89 GB) (Free:130.24 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:23.56 GB) NTFS
Drive f: () (Fixed) (Total:0.49 GB) (Free:0.47 GB) NTFS

\\?\Volume{5db1ef42-892c-4cb5-9b1a-455e0499278c}\ () (Fixed) (Total:0.57 GB) (Free:0.08 GB) NTFS
\\?\Volume{90341c97-0f30-4e91-ae8a-756b449b49f6}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 204FF8C1)

Partition: GPT.

==================== End of Addition.txt =======================

Antonio_Herrera_Carr · 3 Noviembre, 2019 20:06

Perdon por la tardanza, te comento que el panda antivirus lo activo manual y se desactiva ipso facto teniendo deshabilitado el Malwarebytes, éste sí que lo puedo activar manualmente, pero al encenderlo aparece como deshabilitado. me salen notificaciones diciendome que tengo un virus o malware y que pinche para escanear el equipo, son de una pagina como de juegos, sale desde el Microsoft Edge, pero sin que éste esté abierto, es solo notificacion. gracias.

Miguelgrado · 3 Noviembre, 2019 20:19

Tienes infecciones todavía como parar para un tren…

En cuanto revise todo te doy respuesta.

Miguelgrado · 4 Noviembre, 2019 12:24

Desinstalas:

Spybot
Panda

Ejecutas las herramientas de limpieza de Panda y Avast:

Bien… y ahora sigue estos pasos, MUY Importante ~ Realiza una copia de seguridad del registro :

Para hacerlo descarga Delfix en tu escritorio.
Doble clic para ejecutarlo.(Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona "Ejecutar como Administrador.")
Atención, ahora marca/selecciona únicamente la casilla "Create registry backup", las demás NO
Pulsar en Run.

Se abrirá el informe (DelFix.txt), guárdalo por si fuera necesario y cierra la herramienta.

En el equipo con los demas programas cerrados:

Inicio >>> Ejecutar >>>Escribes notepad.exe.

Ahora copia y pega estos archivos dentro del Notepad:


Start
CreateRestorePoint:
CloseProcesses:

HKLM-x32\...\RunOnce: [PsNAvInstaller] => C:\WINDOWS\TEMP\Panda DomeDA88.tmp\setup.exe [1189336 2019-08-05] (Panda Security S.L. -> Panda Security, S.L.) <==== ATTENTION
HKU\S-1-5-21-2419783374-26214240-1524307561-1001\...\MountPoints2: {bd372f91-637b-11e8-a015-68f7284e136e} - "I:\setup.exe" 
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {368A69FE-48B8-4B66-886C-EDD6B6A86123} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\yuyub\AppData\Local\Temp\scoped_dir12260_1181962117\esetonlinescanner_esn.exe [8162616 2019-11-03] (ESET, spol. s r.o. -> ESET spol. s r.o.) <==== ATTENTION
Task: {E4BC5607-A82A-4B1D-9698-AE1E63319544} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\yuyub\AppData\Local\Temp\scoped_dir12260_1181962117\esetonlinescanner_esn.exe [8162616 2019-11-03] (ESET, spol. s r.o. -> ESET spol. s r.o.) <==== ATTENTION
SearchScopes: HKU\S-1-5-21-2419783374-26214240-1524307561-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [looohgelibjoplmkhecmalapkgadkfcc] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [hcjdanpjacpeeppdjkppebobilhaglfo] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lecopdllcadfbliodgfpfbhgoaohmlfe] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [looohgelibjoplmkhecmalapkgadkfcc] - hxxps://clients2.google.com/service/update2/crx
2019-11-01 15:24 - 2019-11-01 23:33 - 000000000 ____D C:\Users\yuyub\AppData\Roaming\l4fgv4haylw
2019-11-01 15:23 - 2019-11-01 23:36 - 000000000 ____D C:\Users\yuyub\AppData\Roaming\ntldpwlgwo3
2019-11-01 15:14 - 2019-11-01 23:37 - 000000000 ____D C:\Program Files\F0FKB13TJP
2019-11-01 15:14 - 2019-11-01 23:36 - 000000000 ____D C:\Users\yuyub\AppData\Roaming\iz0qiywr2ym
2019-11-01 15:13 - 2019-11-01 23:37 - 000000000 ____D C:\Program Files\8OKJJNUSMW
2019-11-01 15:13 - 2019-11-01 23:36 - 000000000 ____D C:\Users\yuyub\AppData\Roaming\r24pzjh5flk
2019-11-01 15:04 - 2019-11-01 23:36 - 000000000 ____D C:\Users\yuyub\AppData\Roaming\vrcljz5xen0
2019-11-01 15:02 - 2019-11-01 23:36 - 000000000 ____D C:\Users\yuyub\AppData\Roaming\f2bihhcmvf0
2019-11-01 14:53 - 2019-11-01 23:36 - 000000000 ____D C:\Users\yuyub\AppData\Roaming\uxof1elgtuj
2019-11-01 14:52 - 2019-11-01 23:36 - 000000000 ____D C:\Users\yuyub\AppData\Roaming\ua5ynea4vto
2019-11-01 14:51 - 2019-11-03 13:26 - 000000000 ____D C:\Users\yuyub\AppData\Local\GoogleChromeUserData
2019-11-01 14:43 - 2019-11-01 23:36 - 000000000 ____D C:\Users\yuyub\AppData\Roaming\zyxcpeelmp0
2019-11-01 14:42 - 2019-11-01 23:37 - 000000000 ____D C:\Users\yuyub\AppData\Roaming\czkz4vjgcms
2019-11-01 14:42 - 2019-11-01 23:37 - 000000000 ____D C:\Program Files\0NIUXOOFNU
2019-11-01 14:33 - 2019-11-01 23:37 - 000000000 ____D C:\Users\yuyub\AppData\Roaming\253b31usbai
2019-11-01 14:33 - 2019-11-01 23:37 - 000000000 ____D C:\Program Files\ECV04XHOM8
2019-11-01 14:32 - 2019-11-01 23:36 - 000000000 ____D C:\Users\yuyub\AppData\Roaming\53omlxwz1kl
2019-11-01 01:06 - 2019-11-01 01:06 - 000000000 ____D C:\ProgramData\Lamia
2019-11-01 01:06 - 2019-11-01 01:06 - 000000000 ____D C:\ProgramData\hVVxek6q
2019-11-01 01:04 - 2019-11-01 01:04 - 001246160 _____ (Mozilla Foundation) C:\ProgramData\nss3.dll
2019-11-01 01:04 - 2019-11-01 01:04 - 000137168 _____ (Mozilla Foundation) C:\ProgramData\mozglue.dll
2019-11-01 01:02 - 2019-11-01 23:37 - 000000000 ____D C:\Users\yuyub\AppData\Roaming\v4gep5jkdro
2019-11-01 01:02 - 2019-11-01 01:05 - 000000000 ____D C:\ProgramData\EVVKWFOOXDQHD1YFE03ADD6SB
2019-11-01 00:58 - 2019-11-03 13:04 - 000000000 ____D C:\ProgramData\winnmgr
2019-11-01 00:57 - 2019-11-02 16:08 - 000000000 ____D C:\ProgramData\NtvHost
2019-11-01 00:55 - 2019-11-01 01:10 - 000000000 ____D C:\ProgramData\EventSvc
2019-11-01 00:53 - 2019-11-01 23:37 - 000000000 ____D C:\Users\yuyub\AppData\Roaming\suuy3ysrvxj
2019-11-01 00:53 - 2019-11-01 23:37 - 000000000 ____D C:\Program Files\RDPDQCE7XY
2019-11-01 00:52 - 2019-11-01 23:37 - 000000000 ____D C:\Program Files\3485FLQS0D
2019-10-31 15:21 - 2019-10-31 15:21 - 000000000 ____D C:\ProgramData\{9AD68BB1-B31A-721B-62AE-98FE6249C1AF}
2019-10-31 15:21 - 2019-10-31 15:21 - 000000000 ____D C:\ProgramData\{018D7543-4DE8-E940-9050-C36590B79A34}
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} =>  -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} =>  -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> No File
ContextMenuHandlers1: [PDFCreator.ShellContextMenu] -> {d9cea52e-100d-4159-89ea-76e845bc13e1} =>  -> No File
ContextMenuHandlers1: [SDECon32] -> [CC]{44176360-2BBF-4EC1-93CE-384B8681A0BC} =>  -> No File
ContextMenuHandlers1: [SDECon64] -> [CC]{44176360-2BBF-4EC1-93CE-384B8681A0BC} =>  -> No File
ContextMenuHandlers2: [QuickFinderMenu] -> [CC]{0c5824b1-555e-4799-b8be-97b08362623b} =>  -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} =>  -> No File
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} =>  -> No File
ContextMenuHandlers4: [QuickFinderMenu] -> [CC]{0c5824b1-555e-4799-b8be-97b08362623b} =>  -> No File
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> No File
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} =>  -> No File
FF SearchPlugin: C:\Users\yuyub\AppData\Roaming\Mozilla\Firefox\Profiles\lnkyzc8a.default-1533742726210\searchplugins\bing-lavasoft-ff59.xml [2019-11-01]
2019-11-01 00:03 - 2019-11-01 15:25 - 000000000 ____D C:\Users\yuyub\AppData\Roaming\Lavasoft
2019-11-01 00:03 - 2019-11-01 15:25 - 000000000 ____D C:\Users\yuyub\AppData\Local\Lavasoft
2019-11-01 00:03 - 2019-11-01 15:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2019-11-01 00:02 - 2019-11-01 15:25 - 000000000 ____D C:\ProgramData\Lavasoft
2019-11-01 00:02 - 2019-11-01 15:25 - 000000000 ____D C:\Program Files (x86)\Lavasoft
2019-10-31 23:49 - 2018-11-16 12:18 - 000000000 ____D C:\ProgramData\AVAST Software
2019-10-31 23:26 - 2018-11-16 12:36 - 000000000 ____D C:\Users\yuyub\AppData\Local\AVAST Software
FF Extension: (Avast Online Security) - C:\Users\yuyub\AppData\Roaming\Mozilla\Firefox\Profiles\lnkyzc8a.default-1533742726210\Extensions\[email protected] [2019-10-31]
CHR Extension: (Avast Online Security) - C:\Users\yuyub\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2019-11-03]


HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
END

Lo guardas bajo el nombre de fixlist.txt en el escritorio <<< Esto es muy importante.<<

Nota: Es importante que la Hta Frst.exe y fixlist.txt se encuentren en la misma ubicación (escritorio) o si no no trabajara.

Y ahora usa esta Faq de Windows ¿Cómo iniciar Windows en Modo Seguro (Aplicable a Windows 10)?, para trabajar desde ese modo de windows. (Usa el Metodo 1 y si no puedes, usa el Metodo 2)
Ejecutas Frst.exe.
Presionas el botón Fix y aguardas a que termine.
La Herramienta guardara el reporte en tu escritorio (Fixlog.txt).

Lo pegas en tu próxima respuesta, comentado como va el problema

Antonio_Herrera_Carr · 4 Noviembre, 2019 17:47

Buenas, la cosa sigue igual. ahora pasa que algunas cosas desaparecen del escritorio, despues de pasar los limpiadores del panda y el avast desaparecio la FRST. la descargue de otro sitio porque tu enlace me dice error, que no tengo permiso para hacer la descarga. me equivoque a la hora de ejecutar y delfix y no le desmarque la opcion que traia marcada de desinfeccion. y el reporte lo puse en el escritorio junto al FRST, el modo seguro con red el caso que me dice que no hay internet, y le he tenido que hacer asi. el reporte del Frst decia que se quedaba en donde la aplicacion pero aqui no aparece.

Gracias

Antonio_Herrera_Carr · 4 Noviembre, 2019 17:58

AQUI DEJO EL REPORTE DE FIXLOG.TXT SI ESTABA.

Fix result of Farbar Recovery Scan Tool (x64) Version: 01-11-2019
Ran by yuyub (04-11-2019 14:54:33) Run:1
Running from C:\Users\yuyub\Desktop
Loaded Profiles: yuyub (Available Profiles: yuyub)
Boot Mode: Safe Mode (with Networking)
==============================================

fixlist content:
*****************
Start
CreateRestorePoint:
CloseProcesses:

HKLM-x32\...\RunOnce: [PsNAvInstaller] => C:\WINDOWS\TEMP\Panda DomeDA88.tmp\setup.exe [1189336 2019-08-05] (Panda Security S.L. -> Panda Security, S.L.) <==== ATTENTION
HKU\S-1-5-21-2419783374-26214240-1524307561-1001\...\MountPoints2: {bd372f91-637b-11e8-a015-68f7284e136e} - "I:\setup.exe" 
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {368A69FE-48B8-4B66-886C-EDD6B6A86123} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\yuyub\AppData\Local\Temp\scoped_dir12260_1181962117\esetonlinescanner_esn.exe [8162616 2019-11-03] (ESET, spol. s r.o. -> ESET spol. s r.o.) <==== ATTENTION
Task: {E4BC5607-A82A-4B1D-9698-AE1E63319544} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\yuyub\AppData\Local\Temp\scoped_dir12260_1181962117\esetonlinescanner_esn.exe [8162616 2019-11-03] (ESET, spol. s r.o. -> ESET spol. s r.o.) <==== ATTENTION
SearchScopes: HKU\S-1-5-21-2419783374-26214240-1524307561-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [looohgelibjoplmkhecmalapkgadkfcc] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [hcjdanpjacpeeppdjkppebobilhaglfo] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lecopdllcadfbliodgfpfbhgoaohmlfe] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [looohgelibjoplmkhecmalapkgadkfcc] - hxxps://clients2.google.com/service/update2/crx
2019-11-01 15:24 - 2019-11-01 23:33 - 000000000 ____D C:\Users\yuyub\AppData\Roaming\l4fgv4haylw
2019-11-01 15:23 - 2019-11-01 23:36 - 000000000 ____D C:\Users\yuyub\AppData\Roaming\ntldpwlgwo3
2019-11-01 15:14 - 2019-11-01 23:37 - 000000000 ____D C:\Program Files\F0FKB13TJP
2019-11-01 15:14 - 2019-11-01 23:36 - 000000000 ____D C:\Users\yuyub\AppData\Roaming\iz0qiywr2ym
2019-11-01 15:13 - 2019-11-01 23:37 - 000000000 ____D C:\Program Files\8OKJJNUSMW
2019-11-01 15:13 - 2019-11-01 23:36 - 000000000 ____D C:\Users\yuyub\AppData\Roaming\r24pzjh5flk
2019-11-01 15:04 - 2019-11-01 23:36 - 000000000 ____D C:\Users\yuyub\AppData\Roaming\vrcljz5xen0
2019-11-01 15:02 - 2019-11-01 23:36 - 000000000 ____D C:\Users\yuyub\AppData\Roaming\f2bihhcmvf0
2019-11-01 14:53 - 2019-11-01 23:36 - 000000000 ____D C:\Users\yuyub\AppData\Roaming\uxof1elgtuj
2019-11-01 14:52 - 2019-11-01 23:36 - 000000000 ____D C:\Users\yuyub\AppData\Roaming\ua5ynea4vto
2019-11-01 14:51 - 2019-11-03 13:26 - 000000000 ____D C:\Users\yuyub\AppData\Local\GoogleChromeUserData
2019-11-01 14:43 - 2019-11-01 23:36 - 000000000 ____D C:\Users\yuyub\AppData\Roaming\zyxcpeelmp0
2019-11-01 14:42 - 2019-11-01 23:37 - 000000000 ____D C:\Users\yuyub\AppData\Roaming\czkz4vjgcms
2019-11-01 14:42 - 2019-11-01 23:37 - 000000000 ____D C:\Program Files\0NIUXOOFNU
2019-11-01 14:33 - 2019-11-01 23:37 - 000000000 ____D C:\Users\yuyub\AppData\Roaming\253b31usbai
2019-11-01 14:33 - 2019-11-01 23:37 - 000000000 ____D C:\Program Files\ECV04XHOM8
2019-11-01 14:32 - 2019-11-01 23:36 - 000000000 ____D C:\Users\yuyub\AppData\Roaming\53omlxwz1kl
2019-11-01 01:06 - 2019-11-01 01:06 - 000000000 ____D C:\ProgramData\Lamia
2019-11-01 01:06 - 2019-11-01 01:06 - 000000000 ____D C:\ProgramData\hVVxek6q
2019-11-01 01:04 - 2019-11-01 01:04 - 001246160 _____ (Mozilla Foundation) C:\ProgramData\nss3.dll
2019-11-01 01:04 - 2019-11-01 01:04 - 000137168 _____ (Mozilla Foundation) C:\ProgramData\mozglue.dll
2019-11-01 01:02 - 2019-11-01 23:37 - 000000000 ____D C:\Users\yuyub\AppData\Roaming\v4gep5jkdro
2019-11-01 01:02 - 2019-11-01 01:05 - 000000000 ____D C:\ProgramData\EVVKWFOOXDQHD1YFE03ADD6SB
2019-11-01 00:58 - 2019-11-03 13:04 - 000000000 ____D C:\ProgramData\winnmgr
2019-11-01 00:57 - 2019-11-02 16:08 - 000000000 ____D C:\ProgramData\NtvHost
2019-11-01 00:55 - 2019-11-01 01:10 - 000000000 ____D C:\ProgramData\EventSvc
2019-11-01 00:53 - 2019-11-01 23:37 - 000000000 ____D C:\Users\yuyub\AppData\Roaming\suuy3ysrvxj
2019-11-01 00:53 - 2019-11-01 23:37 - 000000000 ____D C:\Program Files\RDPDQCE7XY
2019-11-01 00:52 - 2019-11-01 23:37 - 000000000 ____D C:\Program Files\3485FLQS0D
2019-10-31 15:21 - 2019-10-31 15:21 - 000000000 ____D C:\ProgramData\{9AD68BB1-B31A-721B-62AE-98FE6249C1AF}
2019-10-31 15:21 - 2019-10-31 15:21 - 000000000 ____D C:\ProgramData\{018D7543-4DE8-E940-9050-C36590B79A34}
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} =>  -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} =>  -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> No File
ContextMenuHandlers1: [PDFCreator.ShellContextMenu] -> {d9cea52e-100d-4159-89ea-76e845bc13e1} =>  -> No File
ContextMenuHandlers1: [SDECon32] -> [CC]{44176360-2BBF-4EC1-93CE-384B8681A0BC} =>  -> No File
ContextMenuHandlers1: [SDECon64] -> [CC]{44176360-2BBF-4EC1-93CE-384B8681A0BC} =>  -> No File
ContextMenuHandlers2: [QuickFinderMenu] -> [CC]{0c5824b1-555e-4799-b8be-97b08362623b} =>  -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} =>  -> No File
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} =>  -> No File
ContextMenuHandlers4: [QuickFinderMenu] -> [CC]{0c5824b1-555e-4799-b8be-97b08362623b} =>  -> No File
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> No File
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} =>  -> No File
FF SearchPlugin: C:\Users\yuyub\AppData\Roaming\Mozilla\Firefox\Profiles\lnkyzc8a.default-1533742726210\searchplugins\bing-lavasoft-ff59.xml [2019-11-01]
2019-11-01 00:03 - 2019-11-01 15:25 - 000000000 ____D C:\Users\yuyub\AppData\Roaming\Lavasoft
2019-11-01 00:03 - 2019-11-01 15:25 - 000000000 ____D C:\Users\yuyub\AppData\Local\Lavasoft
2019-11-01 00:03 - 2019-11-01 15:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2019-11-01 00:02 - 2019-11-01 15:25 - 000000000 ____D C:\ProgramData\Lavasoft
2019-11-01 00:02 - 2019-11-01 15:25 - 000000000 ____D C:\Program Files (x86)\Lavasoft
2019-10-31 23:49 - 2018-11-16 12:18 - 000000000 ____D C:\ProgramData\AVAST Software
2019-10-31 23:26 - 2018-11-16 12:36 - 000000000 ____D C:\Users\yuyub\AppData\Local\AVAST Software
FF Extension: (Avast Online Security) - C:\Users\yuyub\AppData\Roaming\Mozilla\Firefox\Profiles\lnkyzc8a.default-1533742726210\Extensions\[email protected] [2019-10-31]
CHR Extension: (Avast Online Security) - C:\Users\yuyub\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2019-11-03]


HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
END
*****************

Error: Restore point can only be created in normal mode.
Processes closed successfully.
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\RunOnce\\PsNAvInstaller" => not found
HKU\S-1-5-21-2419783374-26214240-1524307561-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{bd372f91-637b-11e8-a015-68f7284e136e} => removed successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{368A69FE-48B8-4B66-886C-EDD6B6A86123}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{368A69FE-48B8-4B66-886C-EDD6B6A86123}" => removed successfully
C:\WINDOWS\System32\Tasks\EOSv3 Scheduler onLogOn => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\EOSv3 Scheduler onLogOn" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E4BC5607-A82A-4B1D-9698-AE1E63319544}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E4BC5607-A82A-4B1D-9698-AE1E63319544}" => removed successfully
C:\WINDOWS\System32\Tasks\EOSv3 Scheduler onTime => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\EOSv3 Scheduler onTime" => removed successfully
"HKU\S-1-5-21-2419783374-26214240-1524307561-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully
HKLM\SOFTWARE\Google\Chrome\Extensions\flliilndjeohchalpbbcdekjklbdgfkk => removed successfully
HKLM\SOFTWARE\Google\Chrome\Extensions\looohgelibjoplmkhecmalapkgadkfcc => removed successfully
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\flliilndjeohchalpbbcdekjklbdgfkk => removed successfully
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\gomekmidlodglbbmalcneegieacbdmki => removed successfully
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\hcjdanpjacpeeppdjkppebobilhaglfo => removed successfully
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\lecopdllcadfbliodgfpfbhgoaohmlfe => removed successfully
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\looohgelibjoplmkhecmalapkgadkfcc => removed successfully
C:\Users\yuyub\AppData\Roaming\l4fgv4haylw => moved successfully
C:\Users\yuyub\AppData\Roaming\ntldpwlgwo3 => moved successfully
C:\Program Files\F0FKB13TJP => moved successfully
C:\Users\yuyub\AppData\Roaming\iz0qiywr2ym => moved successfully
C:\Program Files\8OKJJNUSMW => moved successfully
C:\Users\yuyub\AppData\Roaming\r24pzjh5flk => moved successfully
C:\Users\yuyub\AppData\Roaming\vrcljz5xen0 => moved successfully
C:\Users\yuyub\AppData\Roaming\f2bihhcmvf0 => moved successfully
C:\Users\yuyub\AppData\Roaming\uxof1elgtuj => moved successfully
C:\Users\yuyub\AppData\Roaming\ua5ynea4vto => moved successfully
C:\Users\yuyub\AppData\Local\GoogleChromeUserData => moved successfully
C:\Users\yuyub\AppData\Roaming\zyxcpeelmp0 => moved successfully
C:\Users\yuyub\AppData\Roaming\czkz4vjgcms => moved successfully
C:\Program Files\0NIUXOOFNU => moved successfully
C:\Users\yuyub\AppData\Roaming\253b31usbai => moved successfully
C:\Program Files\ECV04XHOM8 => moved successfully
C:\Users\yuyub\AppData\Roaming\53omlxwz1kl => moved successfully
C:\ProgramData\Lamia => moved successfully
C:\ProgramData\hVVxek6q => moved successfully
C:\ProgramData\nss3.dll => moved successfully
C:\ProgramData\mozglue.dll => moved successfully
C:\Users\yuyub\AppData\Roaming\v4gep5jkdro => moved successfully
C:\ProgramData\EVVKWFOOXDQHD1YFE03ADD6SB => moved successfully
C:\ProgramData\winnmgr => moved successfully
C:\ProgramData\NtvHost => moved successfully
C:\ProgramData\EventSvc => moved successfully
C:\Users\yuyub\AppData\Roaming\suuy3ysrvxj => moved successfully
C:\Program Files\RDPDQCE7XY => moved successfully
C:\Program Files\3485FLQS0D => moved successfully
C:\ProgramData\{9AD68BB1-B31A-721B-62AE-98FE6249C1AF} => moved successfully
C:\ProgramData\{018D7543-4DE8-E940-9050-C36590B79A34} => moved successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00asw => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\7-Zip => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\ANotepad++64 => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\BriefcaseMenu => removed successfully
"HKLM\Software\Classes\CLSID\{85BBD920-42A0-1069-A2E4-08002B30309D}" => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\PDFCreator.ShellContextMenu => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\SDECon32 => not found
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\SDECon64 => not found
HKLM\Software\Classes\Drive\ShellEx\ContextMenuHandlers\QuickFinderMenu => removed successfully
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\7-Zip => removed successfully
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\Offline Files => removed successfully
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\QuickFinderMenu => removed successfully
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\BriefcaseMenu => removed successfully
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\Offline Files => removed successfully
C:\Users\yuyub\AppData\Roaming\Mozilla\Firefox\Profiles\lnkyzc8a.default-1533742726210\searchplugins\bing-lavasoft-ff59.xml => moved successfully
C:\Users\yuyub\AppData\Roaming\Lavasoft => moved successfully
C:\Users\yuyub\AppData\Local\Lavasoft => moved successfully
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft => moved successfully
C:\ProgramData\Lavasoft => moved successfully
C:\Program Files (x86)\Lavasoft => moved successfully
C:\ProgramData\AVAST Software => moved successfully
C:\Users\yuyub\AppData\Local\AVAST Software => moved successfully
C:\Users\yuyub\AppData\Roaming\Mozilla\Firefox\Profiles\lnkyzc8a.default-1533742726210\Extensions\[email protected] => moved successfully
CHR Extension: (Avast Online Security) - C:\Users\yuyub\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2019-11-03] => Error: No automatic fix found for this entry.
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

========= RemoveProxy: =========

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\NlaSvc\Parameters\Internet\ManualProxies\\" => removed successfully
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully
"HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully
"HKU\S-1-5-21-2419783374-26214240-1524307561-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer" => removed successfully
"HKU\S-1-5-21-2419783374-26214240-1524307561-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\S-1-5-21-2419783374-26214240-1524307561-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully


========= End of RemoveProxy: =========


========= netsh winsock reset =========


El cat logo Winsock se restableci¢ correctamente.
Debe reiniciar el equipo para completar el restablecimiento.


========= End of CMD: =========


========= ipconfig /renew =========


Configuraci¢n IP de Windows

No se puede realizar ninguna operaci¢n en Ethernet mientras los medios
est‚n desconectados.

========= End of CMD: =========


========= ipconfig /flushdns =========


Configuraci¢n IP de Windows

Se vaci¢ correctamente la cach‚ de resoluci¢n de DNS.

========= End of CMD: =========


========= bitsadmin /reset /allusers =========


BITSADMIN version 3.0
BITS administration utility.
(C) Copyright Microsoft Corp.

Unable to connect to BITS - 0x8007043c
El servicio no puede iniciarse en modo a prueba de errores



========= End of CMD: =========


========= netsh advfirewall reset =========

Aceptar


========= End of CMD: =========


========= netsh advfirewall set allprofiles state ON =========

Aceptar


========= End of CMD: =========


========= netsh int ipv4 reset =========

Reenv¡o de compartimiento se restableci¢ correctamente.
Compartimiento se restableci¢ correctamente.
Protocolo de control se restableci¢ correctamente.
Solicitud de secuencia eco se restableci¢ correctamente.
Global se restableci¢ correctamente.
Interfaz se restableci¢ correctamente.
Direcci¢n de difusi¢n por proximidad (a se restableci¢ correctamente.
Direcciones de multidifusi¢n se restableci¢ correctamente.
Direcci¢n de unidifusi¢n se restableci¢ correctamente.
Vecino se restableci¢ correctamente.
Ruta de acceso se restableci¢ correctamente.
Posible se restableci¢ correctamente.
Directiva de prefijo se restableci¢ correctamente.
Vecino de proxy se restableci¢ correctamente.
Ruta se restableci¢ correctamente.
Prefijo de sitio se restableci¢ correctamente.
Subinterfaz se restableci¢ correctamente.
Patr¢n de reactivaci¢n se restableci¢ correctamente.
Resolver vecino se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
Error al restablecer .
Acceso denegado.

 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.


========= End of CMD: =========


========= netsh int ipv6 reset =========

Reenv¡o de compartimiento se restableci¢ correctamente.
Compartimiento se restableci¢ correctamente.
Protocolo de control se restableci¢ correctamente.
Solicitud de secuencia eco se restableci¢ correctamente.
Global se restableci¢ correctamente.
Interfaz se restableci¢ correctamente.
Direcci¢n de difusi¢n por proximidad (a se restableci¢ correctamente.
Direcciones de multidifusi¢n se restableci¢ correctamente.
Direcci¢n de unidifusi¢n se restableci¢ correctamente.
Vecino se restableci¢ correctamente.
Ruta de acceso se restableci¢ correctamente.
Posible se restableci¢ correctamente.
Directiva de prefijo se restableci¢ correctamente.
Vecino de proxy se restableci¢ correctamente.
Ruta se restableci¢ correctamente.
Prefijo de sitio se restableci¢ correctamente.
Subinterfaz se restableci¢ correctamente.
Patr¢n de reactivaci¢n se restableci¢ correctamente.
Resolver vecino se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
Error al restablecer .
Acceso denegado.

 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.


========= End of CMD: =========


=========== EmptyTemp: ==========

BITS transfer queue => 8151040 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 29110761 B
Java, Flash, Steam htmlcache => 1122 B
Windows/system/drivers => 290555087 B
Edge => 1036022 B
Chrome => 6500184 B
Firefox => 15328101 B
Opera => 57442289 B

Temp, IE cache, history, cookies, recent:
Default => 6656 B
Users => 6656 B
ProgramData => 6656 B
Public => 6656 B
systemprofile => 6656 B
systemprofile32 => 6656 B
LocalService => 100564 B
NetworkService => 560489534 B
yuyub => 989849968 B

RecycleBin => 0 B
EmptyTemp: => 1.8 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 14:57:27 ====

Miguelgrado · 4 Noviembre, 2019 18:02

Cuando dices que la cosa sigue igual…en que aspectos?

Antonio_Herrera_Carr · 4 Noviembre, 2019 21:24

Las notificaciones que me mandan a paginas raras diciendome que tengo un virus o un malware, o que karlos arguiñaño no se qué no paran de salir.

lo que no he probado es si ya puedo activar el Eset que lo desistalé tambien. El Malwarebytes me sacó unos positivos (sin yo hacer analisis), le di a eliminar. pongo el reporte:

Malwarebytes
www.malwarebytes.com

-Detalles del registro-
Fecha del análisis: 4/11/19
Hora del análisis: 10:47
Archivo de registro: 1092fd78-fee8-11e9-b87a-68f7284e136e.json

-Información del software-
Versión: 3.8.3.2965
Versión de los componentes: 1.0.629
Versión del paquete de actualización: 1.0.13167
Licencia: Prueba

-Información del sistema-
SO: Windows 10 (Build 18362.418)
CPU: x64
Sistema de archivos: NTFS
Usuario: System

-Resumen del análisis-
Tipo de análisis: Análisis de amenazas
Análisis iniciado por:: Programador de tareas
Resultado: Completado
Objetos analizados: 316184
Amenazas detectadas: 12
Amenazas en cuarentena: 12
Tiempo transcurrido: 39 min, 41 seg

-Opciones de análisis-
Memoria: Activado
Inicio: Activado
Sistema de archivos: Activado
Archivo: Activado
Rootkits: Desactivado
Heurística: Activado
PUP: Detectar
PUM: Detectar

-Detalles del análisis-
Proceso: 0
(No hay elementos maliciosos detectados)

Módulo: 0
(No hay elementos maliciosos detectados)

Clave del registro: 0
(No hay elementos maliciosos detectados)

Valor del registro: 11
Adware.Ghokswa.Generic, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{FC54A1E4-87C2-4CA5-9A31-5B7AC1FCF1EA}, En cuarentena, [5994], [416299],1.0.13167
Adware.Ghokswa.Generic, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{A41CB602-456B-4F26-A6BC-079DE29ECF56}, En cuarentena, [5994], [416299],1.0.13167
Adware.Ghokswa.Generic, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{9278025C-BA65-4305-93D7-EDA69E88B032}, En cuarentena, [5994], [416299],1.0.13167
Adware.Ghokswa.Generic, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{B0193436-BB05-4F41-9EDA-075E25DCA6B3}, En cuarentena, [5994], [416299],1.0.13167
Adware.Ghokswa.Generic, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{3B6CD2E6-5744-4008-982B-8C5EF23B3C66}, En cuarentena, [5994], [416299],1.0.13167
Adware.Ghokswa.Generic, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{8C1B265B-6878-4963-BAB1-63ADE8A2EC97}, En cuarentena, [5994], [416299],1.0.13167
Adware.Ghokswa.Generic, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{745FCE09-C4F8-4652-85A9-17DEB2CFF965}, En cuarentena, [5994], [416299],1.0.13167
Adware.Ghokswa.Generic, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{7B625466-03F7-4C19-82FF-1A57321B36E0}, En cuarentena, [5994], [416299],1.0.13167
Adware.Ghokswa.Generic, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{2ED7C19C-253C-4573-9B45-F299BF705A62}, En cuarentena, [5994], [416299],1.0.13167
Adware.Ghokswa.Generic, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{8958F2C5-C1DA-4636-BEFA-47DF9B37A505}, En cuarentena, [5994], [416299],1.0.13167
Adware.Ghokswa.Generic, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{A3EFE003-A267-422B-83B7-155A4841D368}, En cuarentena, [5994], [416299],1.0.13167

Datos del registro: 0
(No hay elementos maliciosos detectados)

Secuencia de datos: 0
(No hay elementos maliciosos detectados)

Carpeta: 0
(No hay elementos maliciosos detectados)

Archivo: 1
RiskWare.Tool.CK, C:\USERS\YUYUB\DESKTOP\COSAS\KASPERSKY 2011 CRACK-XTREME 3700\WWW.MISDESCARGAS.ORG_11KISSESSSERIES_WWW.MISDESCARGAS.ORG.RAR, En cuarentena, [7457], [137302],1.0.13167

Sector físico: 0
(No hay elementos maliciosos detectados)

WMI: 0
(No hay elementos maliciosos detectados)


(end)

Miguelgrado · 4 Noviembre, 2019 21:46

Esas notificaciones salen con cualquier navegador o dolo en Edge?

Antonio_Herrera_Carr · 4 Noviembre, 2019 22:07

Salen sin que este abierto ningun navegador, se quedan en el centro de actividades. las mayoria me mandan a una pagina concreta: www.grapcgames. pero en todas dice a traves de Microsotf Edge. de normal uso el opera.

Antonio_Herrera_Carr · 4 Noviembre, 2019 22:21

El Eset he podido activarlo.a ver. el gmail cuando lo abro medice que hay algun error, google intenta corregirlo y me pide que inicie sesion y certfique que soy yo, pero aun asi me dice que no puede.

Miguelgrado · 4 Noviembre, 2019 22:31

Por favor ,he advertido de que no realices ninguna actividad por tu cuenta ni instalases nada.

Mañana reviso y te respondo

Antonio_Herrera_Carr · 5 Noviembre, 2019 12:33

Como se si la cosa sigue igual si no pruebo a hacer cosas que antes no podia??

el panda se ve que no se habia borrado bien, he vuelto a pasar la herramienta y ya si se ha arreglado. la cuenta de google ya ha dejado de dar error y se ha sincronizado y activado de nuevo. laas notificaciones he visto que estaban puestas en el Edge, las he desactivado. el ordenador parece que empieza a funcionar normal.

No se si quieres que le pase algo para confirmar que esta bien. gracias por echarme una mano y perdona si no te he preguntado antes de probar si funcionaba el Eset.