Virus invisible

REPORTE 3 FRST

2019-10-10 00:20 - 2019-10-10 00:20 - 000679880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2019-10-10 00:20 - 2019-10-10 00:20 - 000673080 _____ (Microsoft Corporation) C:\WINDOWS\system32\comctl32.dll
2019-10-10 00:20 - 2019-10-10 00:20 - 000652800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2019-10-10 00:20 - 2019-10-10 00:20 - 000647168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2019-10-10 00:20 - 2019-10-10 00:20 - 000629248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.Search.dll
2019-10-10 00:20 - 2019-10-10 00:20 - 000599040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2019-10-10 00:20 - 2019-10-10 00:20 - 000598024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wimgapi.dll
2019-10-10 00:20 - 2019-10-10 00:20 - 000539648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9on12.dll
2019-10-10 00:20 - 2019-10-10 00:20 - 000510464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmenrollengine.dll
2019-10-10 00:20 - 2019-10-10 00:20 - 000507152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskschd.dll
2019-10-10 00:20 - 2019-10-10 00:20 - 000501232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp_win.dll
2019-10-10 00:20 - 2019-10-10 00:20 - 000476672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uxtheme.dll
2019-10-10 00:20 - 2019-10-10 00:20 - 000469504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webio.dll
2019-10-10 00:20 - 2019-10-10 00:20 - 000463272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2019-10-10 00:20 - 2019-10-10 00:20 - 000462848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2019-10-10 00:20 - 2019-10-10 00:20 - 000452408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2019-10-10 00:20 - 2019-10-10 00:20 - 000450360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11on12.dll
2019-10-10 00:20 - 2019-10-10 00:20 - 000404392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2019-10-10 00:20 - 2019-10-10 00:20 - 000383984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MMDevAPI.dll
2019-10-10 00:20 - 2019-10-10 00:20 - 000380216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2019-10-10 00:20 - 2019-10-10 00:20 - 000379840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ws2_32.dll
2019-10-10 00:20 - 2019-10-10 00:20 - 000375720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2019-10-10 00:20 - 2019-10-10 00:20 - 000346624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\secproc.dll
2019-10-10 00:20 - 2019-10-10 00:20 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2019-10-10 00:20 - 2019-10-10 00:20 - 000285256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2019-10-10 00:20 - 2019-10-10 00:20 - 000283688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ttdwriter.dll
2019-10-10 00:20 - 2019-10-10 00:20 - 000279040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2019-10-10 00:20 - 2019-10-10 00:20 - 000239104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2019-10-10 00:20 - 2019-10-10 00:20 - 000236520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cfgmgr32.dll
2019-10-10 00:20 - 2019-10-10 00:20 - 000199480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2019-10-10 00:20 - 2019-10-10 00:20 - 000195584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\container.dll
2019-10-10 00:20 - 2019-10-10 00:20 - 000193592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\weretw.dll
2019-10-10 00:20 - 2019-10-10 00:20 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallServiceTasks.dll
2019-10-10 00:20 - 2019-10-10 00:20 - 000157184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ComposableShellProxyStub.dll
2019-10-10 00:20 - 2019-10-10 00:20 - 000150328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe
2019-10-10 00:20 - 2019-10-10 00:20 - 000143872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SpatialAudioLicenseSrv.exe
2019-10-10 00:20 - 2019-10-10 00:20 - 000143808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imm32.dll
2019-10-10 00:20 - 2019-10-10 00:20 - 000137864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\devobj.dll
2019-10-10 00:20 - 2019-10-10 00:20 - 000125232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KerbClientShared.dll
2019-10-10 00:20 - 2019-10-10 00:20 - 000116904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\userenv.dll
2019-10-10 00:20 - 2019-10-10 00:20 - 000092160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EaseOfAccessDialog.exe
2019-10-10 00:20 - 2019-10-10 00:20 - 000089544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2019-10-10 00:20 - 2019-10-10 00:20 - 000080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mcbuilder.exe
2019-10-10 00:20 - 2019-10-10 00:20 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sethc.exe
2019-10-10 00:20 - 2019-10-10 00:20 - 000073024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll
2019-10-10 00:20 - 2019-10-10 00:20 - 000056832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\devrtl.dll
2019-10-10 00:20 - 2019-10-10 00:20 - 000051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnrollCtrl.exe
2019-10-10 00:20 - 2019-10-10 00:20 - 000047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AssignedAccessRuntime.dll
2019-10-10 00:20 - 2019-10-10 00:20 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2019-10-10 00:20 - 2019-10-10 00:20 - 000038912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werdiagcontroller.dll
2019-10-10 00:20 - 2019-10-10 00:20 - 000036352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\enrollmentapi.dll
2019-10-10 00:20 - 2019-10-10 00:20 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2019-10-10 00:20 - 2019-10-10 00:20 - 000033048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NtlmShared.dll
2019-10-10 00:20 - 2019-10-10 00:20 - 000032256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2019-10-10 00:20 - 2019-10-10 00:20 - 000013824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDJPN.DLL
2019-10-10 00:20 - 2019-10-10 00:20 - 000012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d8thk.dll
2019-10-10 00:20 - 2019-10-10 00:20 - 000011576 _____ (Microsoft Corporation) C:\WINDOWS\system32\uxlibres.dll
2019-10-10 00:20 - 2019-10-10 00:20 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kbd106.dll
2019-10-10 00:20 - 2019-10-10 00:20 - 000003584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCertResources.dll
2019-10-10 00:20 - 2019-10-10 00:20 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6r.dll
2019-10-10 00:19 - 2019-10-10 00:19 - 005865272 _____ (Microsoft Corporation) C:\WINDOWS\system32\spwizimg.dll
2019-10-10 00:19 - 2019-10-10 00:19 - 005041664 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2019-10-10 00:19 - 2019-10-10 00:19 - 002861568 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsservices.dll
2019-10-10 00:19 - 2019-10-10 00:19 - 002772032 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2019-10-10 00:19 - 2019-10-10 00:19 - 002703360 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2019-10-10 00:19 - 2019-10-10 00:19 - 002160640 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2019-10-10 00:19 - 2019-10-10 00:19 - 001857024 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2019-10-10 00:19 - 2019-10-10 00:19 - 001845408 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2019-10-10 00:19 - 2019-10-10 00:19 - 001835008 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2019-10-10 00:19 - 2019-10-10 00:19 - 001687040 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsPrint.dll
2019-10-10 00:19 - 2019-10-10 00:19 - 001412096 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2019-10-10 00:19 - 2019-10-10 00:19 - 000950784 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2019-10-10 00:19 - 2019-10-10 00:19 - 000923136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2019-10-10 00:19 - 2019-10-10 00:19 - 000856576 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2019-10-10 00:19 - 2019-10-10 00:19 - 000818688 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2019-10-10 00:19 - 2019-10-10 00:19 - 000612864 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2019-10-10 00:19 - 2019-10-10 00:19 - 000595456 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2019-10-10 00:19 - 2019-10-10 00:19 - 000551424 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2019-10-10 00:19 - 2019-10-10 00:19 - 000541480 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2019-10-10 00:19 - 2019-10-10 00:19 - 000518656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2019-10-10 00:19 - 2019-10-10 00:19 - 000507704 _____ (Microsoft Corporation) C:\WINDOWS\system32\spwizeng.dll
2019-10-10 00:19 - 2019-10-10 00:19 - 000382976 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll
2019-10-10 00:19 - 2019-10-10 00:19 - 000315904 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenterprisediagnostics.dll
2019-10-10 00:19 - 2019-10-10 00:19 - 000278080 _____ (Microsoft Corporation) C:\WINDOWS\system32\LsaIso.exe
2019-10-10 00:19 - 2019-10-10 00:19 - 000244736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndproxy.sys
2019-10-10 00:19 - 2019-10-10 00:19 - 000243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Gpu.dll
2019-10-10 00:19 - 2019-10-10 00:19 - 000178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\prntvpt.dll
2019-10-10 00:19 - 2019-10-10 00:19 - 000176440 _____ (Microsoft Corporation) C:\WINDOWS\system32\uxlib.dll
2019-10-10 00:19 - 2019-10-10 00:19 - 000173568 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvinst.exe
2019-10-10 00:19 - 2019-10-10 00:19 - 000140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2019-10-10 00:19 - 2019-10-10 00:19 - 000132608 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_ForceSync.dll
2019-10-10 00:19 - 2019-10-10 00:19 - 000094208 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcbuilder.exe
2019-10-10 00:19 - 2019-10-10 00:19 - 000093184 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlaapi.dll
2019-10-10 00:19 - 2019-10-10 00:19 - 000092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wanarp.sys
2019-10-10 00:19 - 2019-10-10 00:19 - 000066832 _____ (Microsoft Corporation) C:\WINDOWS\system32\iumcrypt.dll
2019-10-10 00:19 - 2019-10-10 00:19 - 000056832 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnppolicy.dll
2019-10-10 00:19 - 2019-10-10 00:19 - 000052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2019-10-10 00:19 - 2019-10-10 00:19 - 000049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2019-10-10 00:19 - 2019-10-10 00:19 - 000028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndistapi.sys
2019-10-10 00:19 - 2019-10-10 00:19 - 000016696 _____ (Microsoft Corporation) C:\WINDOWS\system32\spwizres.dll
2019-10-10 00:19 - 2019-10-10 00:19 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d8thk.dll
2019-10-10 00:18 - 2019-10-10 00:18 - 009928504 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-10-10 00:18 - 2019-10-10 00:18 - 007600664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-10-10 00:18 - 2019-10-10 00:18 - 006425600 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2019-10-10 00:18 - 2019-10-10 00:18 - 004562688 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2019-10-10 00:18 - 2019-10-10 00:18 - 003771392 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2019-10-10 00:18 - 2019-10-10 00:18 - 002762504 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2019-10-10 00:18 - 2019-10-10 00:18 - 002081976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2019-10-10 00:18 - 2019-10-10 00:18 - 002000168 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2019-10-10 00:18 - 2019-10-10 00:18 - 001819136 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreShell.dll
2019-10-10 00:18 - 2019-10-10 00:18 - 001743672 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2019-10-10 00:18 - 2019-10-10 00:18 - 001657856 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2019-10-10 00:18 - 2019-10-10 00:18 - 001482040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2019-10-10 00:18 - 2019-10-10 00:18 - 001261800 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2019-10-10 00:18 - 2019-10-10 00:18 - 001023128 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2019-10-10 00:18 - 2019-10-10 00:18 - 000984376 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2019-10-10 00:18 - 2019-10-10 00:18 - 000890472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2019-10-10 00:18 - 2019-10-10 00:18 - 000880088 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2019-10-10 00:18 - 2019-10-10 00:18 - 000858112 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2019-10-10 00:18 - 2019-10-10 00:18 - 000844800 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2019-10-10 00:18 - 2019-10-10 00:18 - 000759488 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskschd.dll
2019-10-10 00:18 - 2019-10-10 00:18 - 000674072 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2019-10-10 00:18 - 2019-10-10 00:18 - 000639400 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp_win.dll
2019-10-10 00:18 - 2019-10-10 00:18 - 000617784 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2019-10-10 00:18 - 2019-10-10 00:18 - 000606208 _____ (Microsoft Corporation) C:\WINDOWS\system32\uxtheme.dll
2019-10-10 00:18 - 2019-10-10 00:18 - 000598016 _____ (Microsoft Corporation) C:\WINDOWS\system32\webio.dll
2019-10-10 00:18 - 2019-10-10 00:18 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SppExtComObj.Exe
2019-10-10 00:18 - 2019-10-10 00:18 - 000533504 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2019-10-10 00:18 - 2019-10-10 00:18 - 000530432 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2019-10-10 00:18 - 2019-10-10 00:18 - 000515896 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2019-10-10 00:18 - 2019-10-10 00:18 - 000466416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2019-10-10 00:18 - 2019-10-10 00:18 - 000462136 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2019-10-10 00:18 - 2019-10-10 00:18 - 000456504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2019-10-10 00:18 - 2019-10-10 00:18 - 000442704 _____ (Microsoft Corporation) C:\WINDOWS\system32\ws2_32.dll
2019-10-10 00:18 - 2019-10-10 00:18 - 000398728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininit.exe
2019-10-10 00:18 - 2019-10-10 00:18 - 000334936 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll
2019-10-10 00:18 - 2019-10-10 00:18 - 000327168 _____ (Microsoft Corporation) C:\WINDOWS\system32\ComposableShellProxyStub.dll
2019-10-10 00:18 - 2019-10-10 00:18 - 000293344 _____ (Microsoft Corporation) C:\WINDOWS\system32\cfgmgr32.dll
2019-10-10 00:18 - 2019-10-10 00:18 - 000268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2019-10-10 00:18 - 2019-10-10 00:18 - 000247856 _____ (Microsoft Corporation) C:\WINDOWS\system32\weretw.dll
2019-10-10 00:18 - 2019-10-10 00:18 - 000224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
2019-10-10 00:18 - 2019-10-10 00:18 - 000220472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2019-10-10 00:18 - 2019-10-10 00:18 - 000206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll
2019-10-10 00:18 - 2019-10-10 00:18 - 000179512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2019-10-10 00:18 - 2019-10-10 00:18 - 000176152 _____ (Microsoft Corporation) C:\WINDOWS\system32\imm32.dll
2019-10-10 00:18 - 2019-10-10 00:18 - 000165832 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
2019-10-10 00:18 - 2019-10-10 00:18 - 000159112 _____ (Microsoft Corporation) C:\WINDOWS\system32\devobj.dll
2019-10-10 00:18 - 2019-10-10 00:18 - 000140496 _____ (Microsoft Corporation) C:\WINDOWS\system32\userenv.dll
2019-10-10 00:18 - 2019-10-10 00:18 - 000132408 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinelsa.dll
2019-10-10 00:18 - 2019-10-10 00:18 - 000107008 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreShellExtFramework.dll
2019-10-10 00:18 - 2019-10-10 00:18 - 000092624 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskhostw.exe
2019-10-10 00:18 - 2019-10-10 00:18 - 000092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe
2019-10-10 00:18 - 2019-10-10 00:18 - 000059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\devrtl.dll
2019-10-10 00:18 - 2019-10-10 00:18 - 000044544 _____ (Microsoft Corporation) C:\WINDOWS\system32\werdiagcontroller.dll
2019-10-10 00:18 - 2019-10-10 00:18 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2019-10-10 00:18 - 2019-10-10 00:18 - 000039304 _____ (Microsoft Corporation) C:\WINDOWS\system32\NtlmShared.dll
2019-10-10 00:18 - 2019-10-10 00:18 - 000020944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64cpu.dll
2019-10-10 00:18 - 2019-10-10 00:18 - 000019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmsgapi.dll
2019-10-10 00:18 - 2019-10-10 00:18 - 000012288 _____ (Microsoft Corporation) C:\WINDOWS\system32\pacjsworker.exe
2019-10-10 00:17 - 2019-10-10 00:17 - 007263992 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2019-10-10 00:17 - 2019-10-10 00:17 - 006164480 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2019-10-10 00:17 - 2019-10-10 00:17 - 004046336 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2019-10-10 00:17 - 2019-10-10 00:17 - 003727360 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2019-10-10 00:17 - 2019-10-10 00:17 - 003553280 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2019-10-10 00:17 - 2019-10-10 00:17 - 003386880 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2019-10-10 00:17 - 2019-10-10 00:17 - 002590208 _____ C:\WINDOWS\system32\dwmscene.dll
2019-10-10 00:17 - 2019-10-10 00:17 - 001940952 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2019-10-10 00:17 - 2019-10-10 00:17 - 001830200 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpserverbase.dll
2019-10-10 00:17 - 2019-10-10 00:17 - 001757096 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-10-10 00:17 - 2019-10-10 00:17 - 001721144 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2019-10-10 00:17 - 2019-10-10 00:17 - 001656392 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2019-10-10 00:17 - 2019-10-10 00:17 - 001607680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2019-10-10 00:17 - 2019-10-10 00:17 - 001512320 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-10-10 00:17 - 2019-10-10 00:17 - 001439744 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocoreworker.exe
2019-10-10 00:17 - 2019-10-10 00:17 - 001372160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2019-10-10 00:17 - 2019-10-10 00:17 - 001366128 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2019-10-10 00:17 - 2019-10-10 00:17 - 001182240 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2019-10-10 00:17 - 2019-10-10 00:17 - 001066496 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2019-10-10 00:17 - 2019-10-10 00:17 - 000975872 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2019-10-10 00:17 - 2019-10-10 00:17 - 000758584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll
2019-10-10 00:17 - 2019-10-10 00:17 - 000717312 _____ (Microsoft Corporation) C:\WINDOWS\system32\mousocoreworker.exe
2019-10-10 00:17 - 2019-10-10 00:17 - 000596992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2019-10-10 00:17 - 2019-10-10 00:17 - 000587776 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_PCDisplay.dll
2019-10-10 00:17 - 2019-10-10 00:17 - 000563200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnprv.dll
2019-10-10 00:17 - 2019-10-10 00:17 - 000558592 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Notifications.dll
2019-10-10 00:17 - 2019-10-10 00:17 - 000550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2019-10-10 00:17 - 2019-10-10 00:17 - 000520192 _____ (Microsoft Corporation) C:\WINDOWS\system32\usosvc.dll
2019-10-10 00:17 - 2019-10-10 00:17 - 000516408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe
2019-10-10 00:17 - 2019-10-10 00:17 - 000513536 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2019-10-10 00:17 - 2019-10-10 00:17 - 000457216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cldflt.sys
2019-10-10 00:17 - 2019-10-10 00:17 - 000448000 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll
2019-10-10 00:17 - 2019-10-10 00:17 - 000412152 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2019-10-10 00:17 - 2019-10-10 00:17 - 000392704 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationControllerPS.dll
2019-10-10 00:17 - 2019-10-10 00:17 - 000324408 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2019-10-10 00:17 - 2019-10-10 00:17 - 000288256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2019-10-10 00:17 - 2019-10-10 00:17 - 000284160 _____ (Microsoft Corporation) C:\WINDOWS\system32\container.dll
2019-10-10 00:17 - 2019-10-10 00:17 - 000252416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnservice.dll
2019-10-10 00:17 - 2019-10-10 00:17 - 000241152 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanagerprecheck.dll
2019-10-10 00:17 - 2019-10-10 00:17 - 000225080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wof.sys
2019-10-10 00:17 - 2019-10-10 00:17 - 000202040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys
2019-10-10 00:17 - 2019-10-10 00:17 - 000197632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Win32CompatibilityAppraiserCSP.dll
2019-10-10 00:17 - 2019-10-10 00:17 - 000137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmredir.dll
2019-10-10 00:17 - 2019-10-10 00:17 - 000130048 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudDomainJoinAUG.dll
2019-10-10 00:17 - 2019-10-10 00:17 - 000127064 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2019-10-10 00:17 - 2019-10-10 00:17 - 000121856 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatecsp.dll
2019-10-10 00:17 - 2019-10-10 00:17 - 000119840 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpenWith.exe
2019-10-10 00:17 - 2019-10-10 00:17 - 000117048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bindflt.sys
2019-10-10 00:17 - 2019-10-10 00:17 - 000116224 _____ (Microsoft Corporation) C:\WINDOWS\system32\EaseOfAccessDialog.exe
2019-10-10 00:17 - 2019-10-10 00:17 - 000098816 _____ (Microsoft Corporation) C:\WINDOWS\system32\sethc.exe
2019-10-10 00:17 - 2019-10-10 00:17 - 000071680 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwm.exe
2019-10-10 00:17 - 2019-10-10 00:17 - 000053248 _____ C:\WINDOWS\system32\Drivers\UsbPmApi.sys
2019-10-10 00:17 - 2019-10-10 00:17 - 000047616 _____ C:\WINDOWS\system32\UsbPmApi.dll
2019-10-10 00:17 - 2019-10-10 00:17 - 000037176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wimmount.sys
2019-10-10 00:17 - 2019-10-10 00:17 - 000017920 _____ (Microsoft Corporation) C:\WINDOWS\system32\bindflt.dll
2019-10-10 00:17 - 2019-10-10 00:17 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tier2punctuations.dll
2019-10-10 00:16 - 2019-10-10 00:16 - 017787392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2019-10-10 00:16 - 2019-10-10 00:16 - 007905000 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2019-10-10 00:16 - 2019-10-10 00:16 - 007848192 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2019-10-10 00:16 - 2019-10-10 00:16 - 004012544 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2019-10-10 00:16 - 2019-10-10 00:16 - 003701760 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-10-10 00:16 - 2019-10-10 00:16 - 003590968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2019-10-10 00:16 - 2019-10-10 00:16 - 003184128 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2019-10-10 00:16 - 2019-10-10 00:16 - 003105280 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2019-10-10 00:16 - 2019-10-10 00:16 - 002723328 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2019-10-10 00:16 - 2019-10-10 00:16 - 002552120 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2019-10-10 00:16 - 2019-10-10 00:16 - 002466304 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2019-10-10 00:16 - 2019-10-10 00:16 - 002456064 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll
2019-10-10 00:16 - 2019-10-10 00:16 - 002448712 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2019-10-10 00:16 - 2019-10-10 00:16 - 002284032 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-10-10 00:16 - 2019-10-10 00:16 - 002114048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
2019-10-10 00:16 - 2019-10-10 00:16 - 002069504 _____ (Microsoft Corporation) C:\WINDOWS\system32\ISM.dll
2019-10-10 00:16 - 2019-10-10 00:16 - 001748480 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-10-10 00:16 - 2019-10-10 00:16 - 001616608 _____ (Microsoft Corporation) C:\WINDOWS\system32\ttdrecordcpu.dll
2019-10-10 00:16 - 2019-10-10 00:16 - 001543168 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowManagement.dll
2019-10-10 00:16 - 2019-10-10 00:16 - 001383856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2019-10-10 00:16 - 2019-10-10 00:16 - 001150240 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputHost.dll
2019-10-10 00:16 - 2019-10-10 00:16 - 001149712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-10-10 00:16 - 2019-10-10 00:16 - 001084432 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2019-10-10 00:16 - 2019-10-10 00:16 - 001062912 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2019-10-10 00:16 - 2019-10-10 00:16 - 001029432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ClipSp.sys
2019-10-10 00:16 - 2019-10-10 00:16 - 001009152 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2019-10-10 00:16 - 2019-10-10 00:16 - 000944664 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2019-10-10 00:16 - 2019-10-10 00:16 - 000874296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2019-10-10 00:16 - 2019-10-10 00:16 - 000841216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2019-10-10 00:16 - 2019-10-10 00:16 - 000839680 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9on12.dll
2019-10-10 00:16 - 2019-10-10 00:16 - 000750080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.Search.dll
2019-10-10 00:16 - 2019-10-10 00:16 - 000749568 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2019-10-10 00:16 - 2019-10-10 00:16 - 000656960 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11on12.dll
2019-10-10 00:16 - 2019-10-10 00:16 - 000551936 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll
2019-10-10 00:16 - 2019-10-10 00:16 - 000441144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2019-10-10 00:16 - 2019-10-10 00:16 - 000363624 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2019-10-10 00:16 - 2019-10-10 00:16 - 000355840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicSvc.dll
2019-10-10 00:16 - 2019-10-10 00:16 - 000342896 _____ (Microsoft Corporation) C:\WINDOWS\system32\ttdwriter.dll
2019-10-10 00:16 - 2019-10-10 00:16 - 000338432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2019-10-10 00:16 - 2019-10-10 00:16 - 000285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\directxdatabaseupdater.exe
2019-10-10 00:16 - 2019-10-10 00:16 - 000275968 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2019-10-10 00:16 - 2019-10-10 00:16 - 000275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_CapabilityAccess.dll
2019-10-10 00:16 - 2019-10-10 00:16 - 000265216 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2019-10-10 00:16 - 2019-10-10 00:16 - 000261632 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicCapsule.dll
2019-10-10 00:16 - 2019-10-10 00:16 - 000256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateDeploymentProvider.dll
2019-10-10 00:16 - 2019-10-10 00:16 - 000235008 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwpolicyiomgr.dll
2019-10-10 00:16 - 2019-10-10 00:16 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallServiceTasks.dll
2019-10-10 00:16 - 2019-10-10 00:16 - 000221696 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgiadaptercache.exe
2019-10-10 00:16 - 2019-10-10 00:16 - 000208384 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2019-10-10 00:16 - 2019-10-10 00:16 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2019-10-10 00:16 - 2019-10-10 00:16 - 000162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwbase.dll
2019-10-10 00:16 - 2019-10-10 00:16 - 000155648 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_AppExecutionAlias.dll
2019-10-10 00:16 - 2019-10-10 00:16 - 000152408 _____ (Microsoft Corporation) C:\WINDOWS\system32\KerbClientShared.dll
2019-10-10 00:16 - 2019-10-10 00:16 - 000151552 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_BackgroundApps.dll
2019-10-10 00:16 - 2019-10-10 00:16 - 000105272 _____ (Microsoft Corporation) C:\WINDOWS\system32\icfupgd.dll
2019-10-10 00:16 - 2019-10-10 00:16 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicAgent.exe
2019-10-10 00:16 - 2019-10-10 00:16 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\CustomInstallExec.exe
2019-10-10 00:16 - 2019-10-10 00:16 - 000070144 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2019-10-10 00:16 - 2019-10-10 00:16 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnrollCtrl.exe
2019-10-10 00:16 - 2019-10-10 00:16 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AssignedAccessRuntime.dll
2019-10-10 00:16 - 2019-10-10 00:16 - 000057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2019-10-10 00:16 - 2019-10-10 00:16 - 000047000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2019-10-10 00:16 - 2019-10-10 00:16 - 000028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicPS.dll
2019-10-10 00:16 - 2019-10-10 00:16 - 000024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfapigp.dll
2019-10-10 00:16 - 2019-10-10 00:16 - 000024064 _____ (Microsoft Corporation) C:\WINDOWS\system32\CSystemEventsBrokerClient.dll
2019-10-10 00:16 - 2019-10-10 00:16 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6r.dll
2019-10-10 00:15 - 2019-10-10 00:15 - 006227624 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2019-10-10 00:15 - 2019-10-10 00:15 - 004612520 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2019-10-10 00:15 - 2019-10-10 00:15 - 002120704 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcDesktopMonSvc.dll
2019-10-10 00:15 - 2019-10-10 00:15 - 002120272 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2019-10-10 00:15 - 2019-10-10 00:15 - 001942528 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2019-10-10 00:15 - 2019-10-10 00:15 - 001413704 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2019-10-10 00:15 - 2019-10-10 00:15 - 001091584 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCoreProvisioning.dll
2019-10-10 00:15 - 2019-10-10 00:15 - 001036800 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2019-10-10 00:15 - 2019-10-10 00:15 - 000931840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2019-10-10 00:15 - 2019-10-10 00:15 - 000833312 _____ (Microsoft Corporation) C:\WINDOWS\system32\pkeyhelper.dll
2019-10-10 00:15 - 2019-10-10 00:15 - 000765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2019-10-10 00:15 - 2019-10-10 00:15 - 000735232 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2019-10-10 00:15 - 2019-10-10 00:15 - 000732176 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_StorageSense.dll
2019-10-10 00:15 - 2019-10-10 00:15 - 000702464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2019-10-10 00:15 - 2019-10-10 00:15 - 000589384 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2019-10-10 00:15 - 2019-10-10 00:15 - 000551952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Vid.sys
2019-10-10 00:15 - 2019-10-10 00:15 - 000449888 _____ (Microsoft Corporation) C:\WINDOWS\system32\MMDevAPI.dll
2019-10-10 00:15 - 2019-10-10 00:15 - 000436536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2019-10-10 00:15 - 2019-10-10 00:15 - 000415808 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2019-10-10 00:15 - 2019-10-10 00:15 - 000359424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\MbbCx.sys
2019-10-10 00:15 - 2019-10-10 00:15 - 000355000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys
2019-10-10 00:15 - 2019-10-10 00:15 - 000282112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.AppDefaults.dll
2019-10-10 00:15 - 2019-10-10 00:15 - 000268288 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3svc.dll
2019-10-10 00:15 - 2019-10-10 00:15 - 000250880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winnat.sys
2019-10-10 00:15 - 2019-10-10 00:15 - 000248832 _____ (Microsoft Corporation) C:\WINDOWS\system32\ManageCI.dll
2019-10-10 00:15 - 2019-10-10 00:15 - 000236544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2019-10-10 00:15 - 2019-10-10 00:15 - 000236032 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
2019-10-10 00:15 - 2019-10-10 00:15 - 000223032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelppm.sys
2019-10-10 00:15 - 2019-10-10 00:15 - 000208184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\processr.sys
2019-10-10 00:15 - 2019-10-10 00:15 - 000201016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\amdppm.sys
2019-10-10 00:15 - 2019-10-10 00:15 - 000199480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\amdk8.sys
2019-10-10 00:15 - 2019-10-10 00:15 - 000169472 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpatialAudioLicenseSrv.exe
2019-10-10 00:15 - 2019-10-10 00:15 - 000158720 _____ (Microsoft Corporation) C:\WINDOWS\system32\umpo.dll
2019-10-10 00:15 - 2019-10-10 00:15 - 000151568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbus.sys
2019-10-10 00:15 - 2019-10-10 00:15 - 000132096 _____ (Microsoft Corporation) C:\WINDOWS\splwow64.exe
2019-10-10 00:15 - 2019-10-10 00:15 - 000123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplicationControlCSP.dll
2019-10-10 00:15 - 2019-10-10 00:15 - 000108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2019-10-10 00:15 - 2019-10-10 00:15 - 000103936 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3msm.dll
2019-10-10 00:15 - 2019-10-10 00:15 - 000092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3api.dll
2019-10-10 00:15 - 2019-10-10 00:15 - 000088352 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll
2019-10-10 00:15 - 2019-10-10 00:15 - 000079376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\uaspstor.sys
2019-10-10 00:15 - 2019-10-10 00:15 - 000075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringclient.dll
2019-10-10 00:15 - 2019-10-10 00:15 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidspi.sys
2019-10-10 00:15 - 2019-10-10 00:15 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\audioresourceregistrar.dll
2019-10-10 00:15 - 2019-10-10 00:15 - 000052752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmstorfl.sys
2019-10-10 00:15 - 2019-10-10 00:15 - 000052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringconfigsp.dll
2019-10-10 00:15 - 2019-10-10 00:15 - 000045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\cellulardatacapabilityhandler.dll
2019-10-10 00:15 - 2019-10-10 00:15 - 000043536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storvsc.sys
2019-10-10 00:15 - 2019-10-10 00:15 - 000043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiredNetworkCSP.dll
2019-10-10 00:15 - 2019-10-10 00:15 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\IcsEntitlementHost.exe
2019-10-10 00:15 - 2019-10-10 00:15 - 000028936 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmbuspipe.dll
2019-10-10 00:15 - 2019-10-10 00:15 - 000027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Win32_DeviceGuard.dll
2019-10-10 00:15 - 2019-10-10 00:15 - 000003584 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCertResources.dll
2019-10-09 23:01 - 2019-09-20 05:36 - 000492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2019-10-09 23:01 - 2019-09-20 05:14 - 000390656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-11-03 17:34 - 2019-09-11 03:15 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-11-03 17:34 - 2019-03-19 05:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-11-03 15:57 - 2018-10-29 09:49 - 000000000 ____D C:\Users\yuyub\AppData\Local\PlaceholderTileLogoFolder
2019-11-03 15:50 - 2019-03-19 05:50 - 000000000 ____D C:\WINDOWS\INF
2019-11-03 15:08 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2019-11-03 15:08 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\GroupPolicy
2019-11-03 13:47 - 2018-01-16 12:45 - 000000000 ____D C:\ProgramData\Malwarebytes
2019-11-03 13:03 - 2019-09-11 04:13 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-11-03 13:02 - 2019-03-19 05:37 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2019-11-03 13:02 - 2018-01-16 01:07 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2019-11-03 12:58 - 2019-03-19 05:52 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2019-11-03 12:48 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\NDF
2019-11-03 11:38 - 2018-01-17 13:54 - 000000000 ____D C:\Users\yuyub\OneDrive\Documentos\Archivos de Outlook
2019-11-03 09:41 - 2018-11-16 12:40 - 000000000 ____D C:\Users\yuyub\AppData\Local\CrashDumps
2019-11-03 09:28 - 2019-09-02 13:38 - 000000000 ____D C:\AdwCleaner
2019-11-03 06:38 - 2019-03-19 05:52 - 000000000 ___HD C:\Program Files\WindowsApps
2019-11-03 06:38 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-11-03 06:37 - 2018-10-31 20:31 - 000000000 ____D C:\ProgramData\Packages
2019-11-03 01:56 - 2018-12-31 13:08 - 000000000 ____D C:\Users\yuyub\AppData\Local\Google
2019-11-02 23:38 - 2018-01-20 16:21 - 000000000 ____D C:\Users\yuyub\AppData\Local\ElevatedDiagnostics
2019-11-02 03:09 - 2019-09-11 04:13 - 000003610 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2019-11-02 03:09 - 2019-09-11 04:13 - 000003386 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2019-11-02 03:09 - 2019-09-11 04:13 - 000002276 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC
2019-11-02 02:44 - 2018-01-15 23:00 - 000000000 ___RD C:\Users\yuyub\Desktop\APLICACIONES
2019-11-02 00:06 - 2018-05-29 19:22 - 000000000 ____D C:\Users\yuyub\AppData\Roaming\DAEMON Tools Pro
2019-11-01 23:52 - 2019-09-11 04:13 - 000003370 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2419783374-26214240-1524307561-1001
2019-11-01 23:52 - 2019-09-11 03:33 - 000002408 _____ C:\Users\yuyub\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-11-01 23:52 - 2018-01-15 22:35 - 000000000 ___RD C:\Users\yuyub\OneDrive
2019-11-01 23:48 - 2019-09-11 03:49 - 001773362 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-11-01 23:48 - 2019-03-19 12:59 - 000789634 _____ C:\WINDOWS\system32\perfh00A.dat
2019-11-01 23:48 - 2019-03-19 12:59 - 000155888 _____ C:\WINDOWS\system32\perfc00A.dat
2019-11-01 23:35 - 2019-09-11 03:33 - 000000000 ____D C:\Users\yuyub
2019-10-31 23:56 - 2018-11-16 12:18 - 000000000 ____D C:\Users\yuyub\AppData\Roaming\BitComet
2019-10-31 23:49 - 2018-11-16 12:18 - 000000000 ____D C:\ProgramData\AVAST Software
2019-10-31 23:45 - 2019-09-06 16:26 - 000000000 ___DC C:\WINDOWS\Panther
2019-10-31 23:26 - 2018-11-16 12:36 - 000000000 ____D C:\Users\yuyub\AppData\Local\AVAST Software
2019-10-31 15:24 - 2018-01-30 20:03 - 000000000 ____D C:\Users\yuyub\AppData\Local\JDownloader v2.0
2019-10-31 00:09 - 2019-03-23 16:12 - 000002310 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-10-30 23:50 - 2018-01-16 01:08 - 000000000 ____D C:\ProgramData\Package Cache
2019-10-19 22:28 - 2018-01-15 22:55 - 000000000 ____D C:\Program Files\CCleaner
2019-10-13 13:26 - 2019-09-11 04:13 - 000004196 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1542189984
2019-10-13 13:26 - 2019-04-21 15:41 - 000001404 _____ C:\Users\yuyub\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Navegador Opera.lnk
2019-10-13 13:13 - 2018-01-19 12:38 - 000000000 ____D C:\Games
2019-10-11 00:39 - 2018-01-15 22:29 - 000000000 __RHD C:\Users\Public\AccountPictures
2019-10-11 00:39 - 2018-01-15 22:29 - 000000000 ___RD C:\Users\yuyub\3D Objects
2019-10-11 00:28 - 2019-09-11 03:15 - 000533736 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-10-11 00:23 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2019-10-11 00:23 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2019-10-11 00:23 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SystemResources
2019-10-11 00:23 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2019-10-11 00:23 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2019-10-11 00:23 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\oobe
2019-10-11 00:23 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\migwiz
2019-10-11 00:23 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\Dism
2019-10-11 00:22 - 2019-03-19 05:52 - 000000000 ___RD C:\WINDOWS\PrintDialog
2019-10-11 00:22 - 2019-03-19 05:52 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2019-10-11 00:22 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2019-10-11 00:22 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-10-10 16:08 - 2018-01-15 23:07 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2019-10-10 16:05 - 2017-09-29 14:46 - 000000167 _____ C:\WINDOWS\win.ini
2019-10-10 16:02 - 2019-03-19 05:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-10-10 15:53 - 2018-01-19 17:18 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-10-10 15:33 - 2018-01-30 20:40 - 127230528 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-10-06 21:09 - 2018-12-31 13:08 - 000000000 ____D C:\Program Files (x86)\Google

==================== Files in the root of some directories ========

2019-11-01 01:04 - 2019-11-01 01:04 - 000137168 _____ (Mozilla Foundation) C:\ProgramData\mozglue.dll
2019-11-01 01:04 - 2019-11-01 01:04 - 001246160 _____ (Mozilla Foundation) C:\ProgramData\nss3.dll
2019-04-05 01:17 - 2019-04-05 01:17 - 000000000 _____ () C:\Users\yuyub\AppData\Roaming\.NANotifyHere
2018-07-04 09:24 - 2018-07-25 09:26 - 000008192 _____ () C:\Users\yuyub\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================
REPORTE ADITION 1

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-2419783374-26214240-1524307561-1001\...\uTorrent) (Version: 3.5.5.45395 - BitTorrent Inc.)
1.1.3 (HKLM-x32\...\{A4046FE1-986B-4463-B4DD-CFA473A7056B}_is1) (Version:  - PDFZilla)
Adobe Reader 8.1.1 (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-A81100000003}) (Version: 8.1.1 - Adobe Systems Incorporated)
AMD Radeon Settings (HKLM\...\WUCCCApp) (Version: 2017.0321.2159.37738 - Advanced Micro Devices, Inc.)
Argente Utilities 1.0.6.5 (HKLM-x32\...\Argente Utilities_is1) (Version: 1.0.6.5 - Raúl Argente)
Avira (HKLM-x32\...\{d1005689-1fdc-458f-956d-498db20c18df}) (Version: 1.2.138.20753 - Avira Operations GmbH & Co. KG)
Avira (HKLM-x32\...\{DA7052FA-B589-48D9-BF78-0A5AC11CB59A}) (Version: 1.2.138.20753 - Avira Operations GmbH & Co. KG) Hidden
Avira Safe Shopping (HKLM-x32\...\{7EB58250-F316-40E3-B07E-6CB6ED714120}) (Version: 1.1.43.3959 - Avira Operations GmbH & Co. KG)
Bannermen MULTi8 - ElAmigos versión 1.0.7 (HKLM-x32\...\{4910064A-3CD9-4174-9709-3657AFE9601A}_is1) (Version: 1.0.7 - 2tainment GmbH)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
BitComet 1.59 (HKLM-x32\...\BitComet_x64) (Version: 1.59 - CometNetwork)
Catalyst Control Center Next Localization BR (HKLM\...\{1BE58F4C-0F85-8B2E-5C30-F3CF4C430638}) (Version: 2017.0321.2159.37738 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization BR (HKLM\...\{DB929D3C-5DF3-95A0-456F-403306EE69B6}) (Version: 2016.1216.1933.35155 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{5F16D84E-851C-29BB-3CBE-A480DBAE3A09}) (Version: 2016.1216.1933.35155 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{BCA67CCE-4CC6-0E38-538C-3DEE736497B3}) (Version: 2017.0321.2159.37738 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{13D096A7-D644-944F-F99D-82A17015AAE0}) (Version: 2016.1216.1933.35155 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{C2AB6B4B-67D4-0EA7-B6E7-2714204F2CCE}) (Version: 2017.0321.2159.37738 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{5E575B5F-8815-855E-8D7E-831F1864B265}) (Version: 2017.0321.2159.37738 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{EE08C0D5-792F-B256-A499-ECEC56915562}) (Version: 2016.1216.1933.35155 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{37F9C96B-294A-D6A7-183D-930C8A2F5D68}) (Version: 2016.1216.1933.35155 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{B2EB8ADE-75EA-C07F-E9C3-211F261F6AE9}) (Version: 2017.0321.2159.37738 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{A0AF62E7-50FA-A6D5-3A41-AB0F2B78423C}) (Version: 2017.0321.2159.37738 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{DAC91F38-7D04-90FC-19CB-AC1C608012ED}) (Version: 2016.1216.1933.35155 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{40E57BA2-6029-7A5D-A2BE-7D47039159D0}) (Version: 2016.1216.1933.35155 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{4BA1606F-6B9D-D069-5D45-CC92C31566FD}) (Version: 2017.0321.2159.37738 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{14594745-CBC1-9B09-97F2-D87F4083AE59}) (Version: 2017.0321.2159.37738 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{7A54ECFD-70B7-08DF-D581-8CD04B4CDA09}) (Version: 2016.1216.1933.35155 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{B1A0EE0D-84AD-D650-23F8-C36C02BBA33B}) (Version: 2017.0321.2159.37738 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{C0F8A189-4C96-0179-ACEE-A98F618FD472}) (Version: 2016.1216.1933.35155 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{60694907-C4DE-A4AE-8DD0-E2E50E3A9C14}) (Version: 2016.1216.1933.35155 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{658CD2B5-A13F-FE0C-EB02-D032347E1E8C}) (Version: 2017.0321.2159.37738 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{144007A2-8FB2-14E6-B0A1-ACDAB319222F}) (Version: 2017.0321.2159.37738 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{592C6F67-5D6B-8E34-90B9-2E9D44FC537B}) (Version: 2016.1216.1933.35155 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{06B55CAD-9FF0-EE80-954C-32FA86AED3BF}) (Version: 2016.1216.1933.35155 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{13209EB8-E25D-6B1B-3807-581BC483A620}) (Version: 2017.0321.2159.37738 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{3B613BFA-C0AC-5FBF-29B1-3C362DFE417B}) (Version: 2016.1216.1933.35155 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{AC14F193-F900-C602-EAAA-A3D21C3E3939}) (Version: 2017.0321.2159.37738 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{11215EF3-7B35-EDD9-9735-CA1B03A71D81}) (Version: 2017.0321.2159.37738 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{E3364BA9-283A-2B4C-2DED-90C284A54B8D}) (Version: 2016.1216.1933.35155 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{4CB0C4BF-84CC-6C21-B2E6-99AA9EA3EA2B}) (Version: 2017.0321.2159.37738 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{6E30A3B3-5427-9D91-5878-BD61820C5671}) (Version: 2016.1216.1933.35155 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{1E282415-8F60-005E-58C2-8FA7A7A391FB}) (Version: 2016.1216.1933.35155 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{6E42D94A-7740-BC3B-E436-32CC2098F5D9}) (Version: 2017.0321.2159.37738 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{4748499C-DEE2-1953-7F01-BC908170709C}) (Version: 2017.0321.2159.37738 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{8384ACC1-D00D-3818-8C45-E41E3C3FC6F9}) (Version: 2016.1216.1933.35155 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{0F237AD1-B58E-9D8B-9B76-621992D0F987}) (Version: 2017.0321.2159.37738 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{DA4880B9-F477-386C-B07D-E13A7F4565C4}) (Version: 2016.1216.1933.35155 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{0FEDC0A5-8ED6-1A59-78A4-35E82784E3E0}) (Version: 2016.1216.1933.35155 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{3D6AB824-7B90-141C-D2AB-D88D1D90C2B2}) (Version: 2017.0321.2159.37738 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{3BF8C0EC-3127-F42D-78B7-7C5C9E682657}) (Version: 2016.1216.1933.35155 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{84AF1C48-9354-E614-4959-11AD41E74CCD}) (Version: 2017.0321.2159.37738 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{05EA44C5-E136-BF7A-1F49-9110EDF3213F}) (Version: 2017.0321.2159.37738 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{3F6354FB-8E86-4BEF-A53F-141D1493EE6D}) (Version: 2016.1216.1933.35155 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.55 - Piriform)
Corel Update Manager (HKLM-x32\...\{970F0689-74EE-4847-82DD-37F33D62C6A5}) (Version: 2.8.364 - Corel corporation) Hidden
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.8.0.0446 - Disc Soft Ltd)
DAEMON Tools Pro (HKLM\...\DAEMON Tools Pro) (Version: 8.2.0.0708 - Disc Soft Ltd)
Dolby Digital Plus Advanced Audio (HKLM\...\{B0BFC63F-EA07-419E-960B-3FB2ED5DD0B2}) (Version: 7.6.5.1 - Dolby Laboratories Inc)
Eines de correcció del Microsoft Office 2013: català (HKLM-x32\...\{90150000-001F-0403-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - )
Ferramentas de verificación de Microsoft Office 2013 - Galego (HKLM-x32\...\{90150000-001F-0456-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
GOG.com Heroes of Might and Magic 3 (HKLM\...\{1d3c859c-1028-4822-b0a7-da4f7bbc18bc}.sdb) (Version:  - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 78.0.3904.70 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.301 - Google LLC) Hidden
Grande Dizionario Hoepli Spagnolo (HKLM-x32\...\Grande Dizionario Hoepli Spagnolo) (Version: 1.0.0.0 - edPan search engine)
Heroes of Might and Magic 3 Complete (HKLM-x32\...\GOGPACKHOMM3COMPLETE_is1) (Version: 2.0.0.16 - GOG.com)
Instalación de DivX (HKLM\...\DivX Setup) (Version: 10.8.7.0 - DivX, LLC)
IPM_Common_x86 (HKLM-x32\...\{EE61B6C5-F017-4505-85D3-6D40B1797D32}) (Version: 2.6.332 - Your Company Name) Hidden
IsoBuster 4.0 (HKLM-x32\...\IsoBuster_is1) (Version: 4.0 - Smart Projects)
Java 8 Update 161 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180161F0}) (Version: 8.0.1610.12 - Oracle Corporation)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
King’s Bounty: The Legend (Solo eliminar) (HKLM-x32\...\{E43ED0A0-C85E-40F0-807C-6A8A9D2FAEF3}_is1) (Version: 1.0.0.0 - Nobilis)
King's Bounty - Crossworlds (HKLM-x32\...\King's Bounty - Crossworlds_is1) (Version:  - )
Malwarebytes versión 3.8.3.2965 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.8.3.2965 - Malwarebytes)
Microsoft Office Professional Plus 2013 (HKLM-x32\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2419783374-26214240-1524307561-1001\...\OneDriveSetup.exe) (Version: 19.174.0902.0013 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24212 (HKLM-x32\...\{462f63a8-6347-4894-a1b3-dbfe3a4c981d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.10.25008 (HKLM-x32\...\{f1e7e313-06df-4c56-96a9-99fdfd149c51}) (Version: 14.10.25008.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Might and Magic Heroes VII versión 1.6 (HKLM-x32\...\{4542DD6E-465A-4844-9851-08C316F2A1A8}_is1) (Version: 1.6 - UBISoft)
Mozilla Firefox 63.0.3 (x64 es-ES) (HKLM\...\Mozilla Firefox 63.0.3 (x64 es-ES)) (Version: 63.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 57.0.4 - Mozilla)
Nero 2018 (HKLM-x32\...\{08EC6511-372A-4EAF-A405-E846B822555F}) (Version: 19.0.10000 - Nero AG)
Nero Info (HKLM-x32\...\{F030BFE8-8476-4C08-A553-233DE80A2BE1}) (Version: 20.0.1011 - Nero AG)
Northgard MULTi7 - ElAmigos versión 1.8.6.14793 (HKLM-x32\...\{A75E7CE5-C3FE-4B34-AA67-8962AD1C8769}_is1) (Version: 1.8.6.14793 - Shiro Games)
Nuance Cloud Connector (HKLM-x32\...\{AB9D03EA-4365-4C03-89B9-F77F798102D3}) (Version: 3.2.912 - Nuance Communications, Inc.)
Nuance PDF Converter Enterprise 8 (HKLM\...\{E5F6DE36-F554-47E9-B6F6-08788C720F55}) (Version: 8.10.6243 - Nuance Communications, Inc.)
Nuance PDF Converter Enterprise 8 (HKLM-x32\...\{E5F6DE36-F554-47E9-B6F6-08788C720F55}) (Version: 8.10.6243 - Nuance Communications, Inc.)
Opera Stable 63.0.3368.107 (HKU\S-1-5-21-2419783374-26214240-1524307561-1001\...\Opera 63.0.3368.107) (Version: 63.0.3368.107 - Opera Software)
Outils de vérification linguistique 2013 de Microsoft Office - Français (HKLM-x32\...\{90150000-001F-040C-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Panda Cloud Antivirus (HKLM\...\{6AC9985D-E42D-4D64-BDFC-37B05CF8A036}) (Version: 6.06.00.0000 - Panda Security) Hidden
Panda Cloud Antivirus (HKLM-x32\...\Panda Universal Agent Endpoint) (Version: 02.03.00.0000 - Panda Security)
Panda Cloud Cleaner (HKLM-x32\...\{92B2B132-C7F0-43DC-921A-4493C04F78A4}_is1) (Version: 1.1.10 - Panda Security)
Paquete de idioma de Microsoft Visual Studio 2010 Tools para Office Runtime (x64) - ESN (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - ESN) (Version: 10.0.50903 - Microsoft Corporation)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.141.259 - Google, Inc.)
Prerequisite installer (HKLM-x32\...\{AD240F1A-3102-492E-B657-17969A9D5E9A}) (Version: 19.0.0004 - Nero AG) Hidden
RealDownloader (HKLM-x32\...\{2C1A45EC-8ED5-4CFF-B8B4-417DA850F67E}) (Version: 18.1.16.215 - RealNetworks, Inc.) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (HKLM-x32\...\{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}) (Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (HKLM-x32\...\{AAECF7BA-E83B-4A10-87EA-DE0B333F8734}) (Version: 10.0 - RealNetworks, Inc) Hidden
RealPlayer (HKLM-x32\...\RealPlayer 18.1) (Version: 18.1.16 - RealNetworks)
RealUpgrade 1.1 (HKLM-x32\...\{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}) (Version: 1.1.0 - RealNetworks, Inc.) Hidden
Recuva (HKLM\...\Recuva) (Version: 1.52 - Piriform)
Revisores de Texto do Microsoft Office 2013 – Português do Brasil (HKLM-x32\...\{90150000-001F-0416-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Scansoft PDF Professional (HKLM-x32\...\{068724F8-D8BE-4B43-8DDD-B9FE9E49FD76}) (Version:  - ) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{7F6C4883-A18C-459A-82C1-A2F9403F2DA6}) (Version:  - Microsoft)
SpellForce Platinum Edition version 1.0.0.009 (HKLM-x32\...\SpellForce Platinum Edition_is1) (Version: 1.0.0.009 - WaLMaRT)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
StarCraft II (HKLM-x32\...\StarCraft II) (Version:  - Blizzard Entertainment)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1240 - SUPERAntiSpyware.com)
Update for Skype for Business 2015 (KB4475564) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{14E2D22A-5164-4E35-8239-E2DB5D6B9A09}) (Version:  - Microsoft)
Update for Skype for Business 2015 (KB4475564) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0000-1000-0000000FF1CE}_Office15.PROPLUS_{14E2D22A-5164-4E35-8239-E2DB5D6B9A09}) (Version:  - Microsoft)
Update for Skype for Business 2015 (KB4475564) 32-Bit Edition (HKLM-x32\...\{90150000-012B-0C0A-0000-0000000FF1CE}_Office15.PROPLUS_{14E2D22A-5164-4E35-8239-E2DB5D6B9A09}) (Version:  - Microsoft)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden
UpdateAssistant (HKLM\...\{52C1DD03-104E-4AC6-9DC6-21D585721ED1}) (Version: 1.19.0.0 - Microsoft Corporation) Hidden
UpdateService (HKLM-x32\...\{E3AE96D6-E196-45B4-AF62-2B41998B9E37}) (Version: 1.0.0 - RealNetworks, Inc.) Hidden
Uplay (HKLM-x32\...\Uplay) (Version: 2.0 - Ubisoft)
vc2012_redist (HKLM-x32\...\{9402AEF2-5981-4097-8BE2-6501DAC4DBFD}) (Version: 1.0.0.0 - Realnetworks) Hidden
VC80CRTRedist - 8.0.50727.6195 (HKLM-x32\...\{933B4015-4618-4716-A828-5289FC03165F}) (Version: 1.2.0 - DivX, Inc) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.8 - VideoLAN)
vs2015_redist x86 (HKLM-x32\...\{BD46163A-0331-4A61-B65A-7B66D7C93F8E}) (Version: 1.0.0.0 - Realnetworks) Hidden
VueScan x64 (HKLM\...\VueScan x64) (Version:  - Hamrick Software)
WinRAR 5.50 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)
WordPerfect Office IFilter 32-bit (HKLM-x32\...\{1DF03ECE-6AF4-414E-B118-C316F151A9A2}) (Version: 1.6 - Corel Corporation)
WordPerfect Office IFilter 64-bit (HKLM\...\{1B45B85C-99E8-4523-8FB3-0248B3DECFC8}) (Version: 1.6 - Corel Corporation)
WordPerfect Office X8 - Common Files (HKLM-x32\...\{42428570-D010-4FC6-BD19-02D443418372}) (Version: 18.0 - Corel Corporation) Hidden
WordPerfect Office X8 - IPM Content TBYB  (HKLM-x32\...\{39D42D80-E7FA-445C-A6A0-0D90BF66D715}) (Version: 18.0 - Corel Corporation) Hidden
WordPerfect Office X8 - IPM TBYB (HKLM-x32\...\{0142A22B-3F10-4034-AC51-01B86449F89C}) (Version: 18.0 - Corel Corporation) Hidden
WordPerfect Office X8 - Lightning Files (HKLM-x32\...\{070A4546-460D-4B5D-BEEB-22F9BDC0CF6A}) (Version: 18.0 - Corel Corporation) Hidden
WordPerfect Office X8 - Oxford (HKLM-x32\...\{CC0E11EC-EE17-4351-9523-FDF15CDE36DB}) (Version: 18.0 - Corel Corporation) Hidden
WordPerfect Office X8 - Presentations Files (HKLM-x32\...\{56046687-93A2-420F-BC32-472A7BE02C78}) (Version: 18.0 - Corel Corporation) Hidden
WordPerfect Office X8 - Quattro Pro Files (HKLM-x32\...\{C6EA41FF-5BC2-4035-A08E-A66B3084EDCE}) (Version: 18.0 - Corel Corporation) Hidden
WordPerfect Office X8 - Setup Files (HKLM-x32\...\{8F19BD38-2FAE-4383-95F5-20FB54A647FC}) (Version: 18.0 - Corel Corporation) Hidden
WordPerfect Office X8 - System Files (HKLM-x32\...\{1E20010F-6730-4511-B1BA-66E5032A5860}) (Version: 18.0 - Corel Corporation) Hidden
WordPerfect Office X8 - WordPerfect Files (HKLM-x32\...\{31A0E52F-CA1A-4BAF-AD4F-F40A2BEE9FA7}) (Version: 18.0 - Corel Corporation) Hidden
WordPerfect Office X8 - WPD format Props x64 (HKLM\...\{5E7A9D3D-7A1B-4F4E-B4E4-74E3BCD28E77}) (Version: 18.0 - Corel Corporation) Hidden
WordPerfect Office X8 - WT (HKLM-x32\...\{DF751A12-329C-4963-BCE7-14C8265167E6}) (Version: 18.0 -  Corel Corporation) Hidden
WordPerfect Office X8 (HKLM-x32\...\_{8F19BD38-2FAE-4383-95F5-20FB54A647FC}) (Version: 18.0.0.200 - Corel Corporation)
WordPerfect Office X8 (HKLM-x32\...\{0BC87715-8C0B-4C9C-BF95-36A463B7A96C}) (Version: 18.0 - Corel Corporation) Hidden
WordPerfect Office X8 (HKLM-x32\...\{2067216B-D56E-4717-AB2C-38FBE8DB3FC3}) (Version: 18.0 - Corel Corporation) Hidden
WordPerfect Office X8 (HKLM-x32\...\{21D49A11-15ED-43F3-97D6-1C5B73F70F21}) (Version: 18.0 - Corel Corporation) Hidden
WordPerfect Office X8 (HKLM-x32\...\{7C6905CE-F10B-4629-8A5D-602BE91CCBB3}) (Version: 18.0 - Corel Corporation) Hidden
WordPerfect Office X8 (HKLM-x32\...\{B2BCF349-C7C0-4C02-8803-0191F9D83C7A}) (Version: 18.0 - Corel Corporation) Hidden
WordPerfect Office X8 (HKLM-x32\...\{E292E6B0-C84D-4C47-A61E-7C42540C4ECF}) (Version: 18.0 - Corel Corporation) Hidden
WordPerfect Office X9 - Common Files (HKLM-x32\...\{50567D26-6C7E-4A3E-9752-BE23977A6C8D}) (Version: 19.0 - Corel Corporation) Hidden
WordPerfect Office X9 - Common Files English (HKLM-x32\...\{97D165C7-7B4C-442D-9DC6-FE0240A1C98C}) (Version: 19.0 - Corel Corporation) Hidden
WordPerfect Office X9 - IPM Content TBYB  (HKLM-x32\...\{5942FE7F-F1AA-4B47-B21F-B6E2D75A406C}) (Version: 19.0 - Corel Corporation) Hidden
WordPerfect Office X9 - IPM TBYB (HKLM-x32\...\{5C14DD75-9286-4172-9251-066362F78262}) (Version: 19.0 - Corel Corporation) Hidden
WordPerfect Office X9 - Lightning Files (HKLM-x32\...\{5D00E927-0798-4F5D-83B2-A60AFA4C7B93}) (Version: 19.0 - Corel Corporation) Hidden
WordPerfect Office X9 - Lightning Files English (HKLM-x32\...\{0705BB45-E2C0-41AF-A24D-BB66FB78F574}) (Version: 19.0 - Corel Corporation) Hidden
WordPerfect Office X9 - Oxford (HKLM-x32\...\{9B32CB12-C951-417E-8490-EAD6E56D920D}) (Version: 19.0 - Corel Corporation) Hidden
WordPerfect Office X9 - Presentations Files (HKLM-x32\...\{6C2494D8-AA48-49E8-8449-BCDA8BB7F01C}) (Version: 19.0 - Corel Corporation) Hidden
WordPerfect Office X9 - Presentations Files English (HKLM-x32\...\{C55FBD71-ACA9-495F-9EBA-EB23A51206D0}) (Version: 19.0 - Corel Corporation) Hidden
WordPerfect Office X9 - Quattro Pro Files (HKLM-x32\...\{B085C003-6454-4512-A3CB-B873E4F8ABEF}) (Version: 19.0 - Corel Corporation) Hidden
WordPerfect Office X9 - Quattro Pro Files English (HKLM-x32\...\{941020B9-7483-4FA2-B40B-C56815361DAB}) (Version: 19.0 - Corel Corporation) Hidden
WordPerfect Office X9 - Redists (HKLM-x32\...\{8092CE83-3E55-499F-B746-06E6825C7381}) (Version: 19.0 - Corel Corporation) Hidden
WordPerfect Office X9 - Setup Files (HKLM-x32\...\{F5784FBC-42E2-429F-A7CF-34959D995957}) (Version: 19.0 - Corel Corporation) Hidden
WordPerfect Office X9 - WordPerfect Files (HKLM-x32\...\{55D49A6A-BCBE-40A4-8A9E-1AEC5F125CAC}) (Version: 19.0 - Corel Corporation) Hidden
WordPerfect Office X9 - WordPerfect Files English (HKLM-x32\...\{6052701D-0BA0-4AC9-9E7C-0209E0CB2873}) (Version: 19.0 - Corel Corporation) Hidden
WordPerfect Office X9 - WPD format Props x64 (HKLM\...\{32B843EE-A124-4DBE-84D0-BB2AE22FF5C1}) (Version: 19.0 - Corel Corporation) Hidden
WordPerfect Office X9 - Writing Tools Files (HKLM-x32\...\{116B261F-1198-4F52-B46A-D6C3A70171FA}) (Version: 19.0 -  Corel Corporation) Hidden
WordPerfect Office X9 (HKLM-x32\...\_{F5784FBC-42E2-429F-A7CF-34959D995957}) (Version: 19.0.0.325 - Corel Corporation)
WordPerfect Office X9 (HKLM-x32\...\{4C2E097B-066A-4576-A4CD-FB9B383371DD}) (Version: 19.0 - Corel Corporation) Hidden
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version:  - Blizzard Entertainment)

Packages:
=========
Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.0.2.0_x64__tf1gferkr813w [2019-09-11] (Autodesk Inc.)
Bubble Shooter POP! Bubbles -> C:\Program Files\WindowsApps\46728SweetCandyKingdom.BubbleShooterPOPBubbles_1.5.0.1000_x64__ncv0abr25ncwe [2018-11-02] (Sweet Candy Kingdom) [MS Ad]
Bubble Witch 3 Saga -> C:\Program Files\WindowsApps\king.com.BubbleWitch3Saga_6.2.6.0_x86__kgqvnymyfvs32 [2019-10-26] (king.com)
Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.151.300.0_x86__kgqvnymyfvs32 [2019-11-01] (king.com)
Correo y Calendario -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.12026.20218.0_x64__8wekyb3d8bbwe [2019-09-25] (Microsoft Corporation) [MS Ad]
Disney Magic Kingdoms -> C:\Program Files\WindowsApps\A278AB0D.DisneyMagicKingdoms_4.4.0.5_x86__h6adky7gbf63m [2019-10-16] (Gameloft.)
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.0.3587.0_x64__rz1tebttyb220 [2019-10-06] (Dolby Laboratories)
File Downloader -> C:\Program Files\WindowsApps\25974MegaScopes.UniversalFileDownloader_3.5.0.0_x64__0pcxtv3ezwmq8 [2018-10-30] (MegaScopes) [MS Ad]
March of Empires: War of Lords -> C:\Program Files\WindowsApps\A278AB0D.MarchofEmpires_4.4.0.10_x86__h6adky7gbf63m [2019-10-26] (Gameloft.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-17] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-16] (Microsoft Corporation) [MS Ad]
Microsoft Mahjong -> C:\Program Files\WindowsApps\Microsoft.MicrosoftMahjong_3.9.9231.0_x64__8wekyb3d8bbwe [2019-10-06] (Microsoft Studios) [MS Ad]
Microsoft News: Noticias destacadas en español -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.32.12463.0_x64__8wekyb3d8bbwe [2019-09-11] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.4.10022.0_x64__8wekyb3d8bbwe [2019-10-09] (Microsoft Studios) [MS Ad]
Mp3 music video download free -> C:\Program Files\WindowsApps\52536lnn4app.Mp3musicvideodownloadfree_1.1.0.7_x64__bjk6t4gaceyhw [2018-10-29] (lnn4app) [MS Ad]
MSN El Tiempo -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.32.12463.0_x64__8wekyb3d8bbwe [2019-09-11] (Microsoft Corporation) [MS Ad]
Out on a Limb -> C:\Program Files\WindowsApps\Microsoft.OutonaLimb_1.1.0.0_neutral__8wekyb3d8bbwe [2018-11-03] (Microsoft Corporation)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.118.611.0_x86__zpdnekdrzrea0 [2019-10-31] (Spotify AB) [Startup Task]
Tetris Classic -> C:\Program Files\WindowsApps\22450.TetrisClassic_1.1.9.0_x64__0aqw1zw0x2snt [2019-04-13] (韵华软件) [MS Ad]
Touring Spain -> C:\Program Files\WindowsApps\Microsoft.TouringSpain_1.0.0.0_neutral__8wekyb3d8bbwe [2018-11-03] (Microsoft Corporation)
WhatsApp Desktop -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_0.3.5149.0_x64__cv1g1gvanyjgm [2019-10-26] (WhatsApp Inc.)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ShellIconOverlayIdentifiers: [GladinetIconOverlay] -> {3C3DC57A-7535-48AF-BB9E-C3576A4F34D0} => C:\Program Files (x86)\Nuance\Nuance Cloud Connector\GlOverlayIcon.dll [2012-07-18] (Gladinet, Inc. -> Gladinet, INC)
ShellIconOverlayIdentifiers: [GladinetUploading] -> {959A18D3-9CC9-41e8-B76F-34ED9A89D4EA} => C:\Program Files (x86)\Nuance\Nuance Cloud Connector\GlOverlayIconU.dll [2012-07-18] (Gladinet, Inc. -> Gladinet, INC)
ShellIconOverlayIdentifiers-x32: [GladinetIconOverlay] -> {3C3DC57A-7535-48AF-BB9E-C3576A4F34D0} => C:\Program Files (x86)\Nuance\Nuance Cloud Connector\GlOverlayIcon.dll [2012-07-18] (Gladinet, Inc. -> Gladinet, INC)
ShellIconOverlayIdentifiers-x32: [GladinetUploading] -> {959A18D3-9CC9-41e8-B76F-34ED9A89D4EA} => C:\Program Files (x86)\Nuance\Nuance Cloud Connector\GlOverlayIconU.dll [2012-07-18] (Gladinet, Inc. -> Gladinet, INC)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} =>  -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} =>  -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> No File
ContextMenuHandlers1: [DivXShellExtensionItem] -> {48A8A3B0-57E8-4F2B-A49D-19E02B92377B} => C:\Program Files (x86)\Common Files\DivX Shared\DivXShellExtension64.dll [2018-10-09] (DivX, LLC -> DivX, LLC)
ContextMenuHandlers1: [DivXShellExtensionItem64] -> {6B49A276-0DBA-43F4-BC96-A841AD11B40B} => C:\Program Files (x86)\Common Files\DivX Shared\DivXShellExtension64.dll [2018-10-09] (DivX, LLC -> DivX, LLC)
ContextMenuHandlers1: [PDFC7.ShellExtension] -> {877327F4-8A93-4320-932C-338069C27BEA} => C:\Program Files (x86)\Nuance\PDF Professional 8\ShellExt70.dll [2012-09-10] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
ContextMenuHandlers1: [PDFCreator.ShellContextMenu] -> {d9cea52e-100d-4159-89ea-76e845bc13e1} =>  -> No File
ContextMenuHandlers1: [SDECon32] -> [CC]{44176360-2BBF-4EC1-93CE-384B8681A0BC} =>  -> No File
ContextMenuHandlers1: [SDECon64] -> [CC]{44176360-2BBF-4EC1-93CE-384B8681A0BC} =>  -> No File
ContextMenuHandlers1: [UAContextMenu] -> {A9B8E64D-3F7E-4D32-8FC9-E391DEE67D75} => C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSUAShell.dll [2013-10-19] (Panda Security S.L -> Panda Security, S.L.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1: [Zeon.GMFCDirectShellExt] -> {C037D85B-2F6F-4B14-9E6D-26D504D9194B} => C:\Program Files (x86)\Nuance\PDF Professional 8\bin\GDirectShellExt.dll [2012-07-25] (Zeon Corporation -> Zeon International Investment Corp. ) [File not signed]
ContextMenuHandlers2: [DaemonShellExtDrive] -> {A5415364-784A-41A5-B47A-D452909CA8FF} => C:\Program Files\DAEMON Tools Pro\DTShl64.dll [2017-05-17] (Disc Soft Ltd -> Disc Soft Ltd)
ContextMenuHandlers2: [DaemonShellExtDriveLite] -> {C06369D6-E77D-4626-9656-1256312BD576} => C:\Program Files\DAEMON Tools Lite\DTShl64.dll [2018-05-22] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers2: [QuickFinderMenu] -> [CC]{0c5824b1-555e-4799-b8be-97b08362623b} =>  -> No File
ContextMenuHandlers3: [DaemonShellExtImage] -> {40966797-8FFE-46C8-9EF8-7003F33CCF0F} => C:\Program Files\DAEMON Tools Pro\DTShl64.dll [2017-05-17] (Disc Soft Ltd -> Disc Soft Ltd)
ContextMenuHandlers3: [DaemonShellExtImageLite] -> {1D1B5D7B-0FC9-452E-902C-12BACD4FBC20} => C:\Program Files\DAEMON Tools Lite\DTShl64.dll [2018-05-22] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers3: [Open With Gladinet] -> {81695C6B-C2CA-492F-951D-5469840B2098} => C:\Program Files (x86)\Nuance\Nuance Cloud Connector\GladinetShellProxy.dll [2012-07-18] (Gladinet, Inc. -> Gladinet, INC)
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => c:\program files (x86)\real\realplayer\RPDS\Bin64\rpcontextmenu.dll [2019-03-21] (RealNetworks, Inc. -> RealNetworks, Inc.)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} =>  -> No File
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} =>  -> No File
ContextMenuHandlers4: [QuickFinderMenu] -> [CC]{0c5824b1-555e-4799-b8be-97b08362623b} =>  -> No File
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2017-03-21] (Advanced Micro Devices, Inc.) [File not signed]
ContextMenuHandlers5: [UAContextMenu] -> {A9B8E64D-3F7E-4D32-8FC9-E391DEE67D75} => C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSUAShell.dll [2013-10-19] (Panda Security S.L -> Panda Security, S.L.)
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> No File
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} =>  -> No File
ContextMenuHandlers6: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2014-06-24] (Safer Networking Ltd. -> Safer-Networking Ltd.)
ContextMenuHandlers6: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2014-06-24] (Safer Networking Ltd. -> Safer-Networking Ltd.)
ContextMenuHandlers6: [UAContextMenu] -> {A9B8E64D-3F7E-4D32-8FC9-E391DEE67D75} => C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSUAShell.dll [2013-10-19] (Panda Security S.L -> Panda Security, S.L.)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============
REPORTE ADITION 2

2013-04-12 18:23 - 2013-04-12 18:23 - 000612664 _____ () [File not signed] C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\SQLite3.dll
2016-09-14 02:18 - 2016-09-14 02:18 - 000011776 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libEGL.dll
2016-09-14 02:18 - 2016-09-14 02:18 - 002013696 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2016-09-14 02:19 - 2016-09-14 02:19 - 000014336 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2016-09-14 02:19 - 2016-09-14 02:19 - 000739840 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2016-09-14 02:19 - 2016-09-14 02:19 - 000191488 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Dialogs\dialogplugin.dll
2016-09-14 02:19 - 2016-09-14 02:19 - 000071168 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2016-09-14 02:19 - 2016-09-14 02:19 - 000014336 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2017-03-21 20:57 - 2017-03-21 20:57 - 000851456 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\AMD\CNext\CNext\atiacm64.dll
2017-03-21 20:57 - 2017-03-21 20:57 - 000005120 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\AMD\CNext\CNext\atiamesp.dll
2018-05-29 19:06 - 2017-05-17 08:26 - 005200576 _____ (Disc Soft Ltd -> Disc Soft Ltd) [File not signed] C:\Program Files\DAEMON Tools Pro\Engine.dll
2011-06-27 00:22 - 2011-06-27 00:22 - 001032192 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Nuance\Nuance Cloud Connector\LIBEAY32.dll
2016-09-14 02:19 - 2016-09-14 02:19 - 000049664 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qdds.dll
2016-09-14 02:19 - 2016-09-14 02:19 - 000029696 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qgif.dll
2016-09-14 02:19 - 2016-09-14 02:19 - 000037376 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qicns.dll
2016-09-14 02:19 - 2016-09-14 02:19 - 000030208 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qico.dll
2016-09-14 02:19 - 2016-09-14 02:19 - 000459776 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qjp2.dll
2016-09-14 02:19 - 2016-09-14 02:19 - 000236544 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qjpeg.dll
2016-09-14 02:19 - 2016-09-14 02:19 - 000275456 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qmng.dll
2016-09-14 02:19 - 2016-09-14 02:19 - 000023552 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qsvg.dll
2016-09-14 02:19 - 2016-09-14 02:19 - 000022528 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qtga.dll
2016-09-14 02:19 - 2016-09-14 02:19 - 000351744 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qtiff.dll
2016-09-14 02:19 - 2016-09-14 02:19 - 000021504 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qwbmp.dll
2016-09-14 02:19 - 2016-09-14 02:19 - 000374784 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qwebp.dll
2016-09-14 02:19 - 2016-09-14 02:19 - 001212416 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\platforms\qwindows.dll
2016-09-14 02:18 - 2016-09-14 02:18 - 000912384 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Charts.dll
2016-09-14 02:18 - 2016-09-14 02:18 - 005496320 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Core.dll
2016-09-14 02:18 - 2016-09-14 02:18 - 005804544 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Gui.dll
2016-09-14 02:18 - 2016-09-14 02:18 - 001061376 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Network.dll
2016-09-14 02:18 - 2016-09-14 02:18 - 003187712 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Qml.dll
2016-09-14 02:18 - 2016-09-14 02:18 - 002924544 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Quick.dll
2016-09-14 02:18 - 2016-09-14 02:18 - 000310784 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Svg.dll
2016-09-14 02:18 - 2016-09-14 02:18 - 005444608 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Widgets.dll
2016-09-14 02:18 - 2016-09-14 02:18 - 000277504 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WinExtras.dll
2016-09-14 02:18 - 2016-09-14 02:18 - 000193024 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Xml.dll
2012-07-25 10:32 - 2012-07-25 10:32 - 000350880 _____ (Zeon Corporation -> Zeon International Investment Corp. ) [File not signed] C:\Program Files (x86)\Nuance\PDF Professional 8\bin\GDirectShellExt.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NanoServiceMain => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PSUAService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NanoServiceMain => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PSUAService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer trusted/restricted ==========

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-2419783374-26214240-1524307561-1001\...\localhost -> localhost
IE restricted site: HKU\S-1-5-21-2419783374-26214240-1524307561-1001\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-2419783374-26214240-1524307561-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-2419783374-26214240-1524307561-1001\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-2419783374-26214240-1524307561-1001\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-2419783374-26214240-1524307561-1001\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-2419783374-26214240-1524307561-1001\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-2419783374-26214240-1524307561-1001\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-2419783374-26214240-1524307561-1001\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-2419783374-26214240-1524307561-1001\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-2419783374-26214240-1524307561-1001\...\0411dd.com -> 0411dd.com
IE restricted site: HKU\S-1-5-21-2419783374-26214240-1524307561-1001\...\0511zfhl.com -> 0511zfhl.com
IE restricted site: HKU\S-1-5-21-2419783374-26214240-1524307561-1001\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-2419783374-26214240-1524307561-1001\...\0632qyw.com -> 0632qyw.com
IE restricted site: HKU\S-1-5-21-2419783374-26214240-1524307561-1001\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-2419783374-26214240-1524307561-1001\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-2419783374-26214240-1524307561-1001\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-2419783374-26214240-1524307561-1001\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-2419783374-26214240-1524307561-1001\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-2419783374-26214240-1524307561-1001\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-2419783374-26214240-1524307561-1001\...\1-2005-search.com -> www.1-2005-search.com

There are 12681 more sites.


==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-11-03 00:33 - 2019-11-03 00:33 - 000000852 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\ProgramData\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Smart Projects\IsoBuster;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-2419783374-26214240-1524307561-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\yuyub\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\StartupFolder: => "RealTimes.lnk"
HKLM\...\StartupApproved\StartupFolder: => "Nuance Cloud Connector.lnk"
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run32: => "Argente Utilities"
HKLM\...\StartupApproved\Run32: => "Malwarebytes TrayApp"
HKLM\...\StartupApproved\Run32: => "RealDownloader"
HKLM\...\StartupApproved\Run32: => "SecurityHealth"
HKLM\...\StartupApproved\Run32: => "TkBellExe"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "DivXMediaServer"
HKLM\...\StartupApproved\Run32: => "InboxMonitor"
HKLM\...\StartupApproved\Run32: => "Nero BackItUp"
HKLM\...\StartupApproved\Run32: => "PDF8 Registry Controller"
HKLM\...\StartupApproved\Run32: => "PDFProHook"
HKLM\...\StartupApproved\Run32: => "Adobe Reader Speed Launcher"
HKLM\...\StartupApproved\Run32: => "QuickFinder Scheduler"
HKU\S-1-5-21-2419783374-26214240-1524307561-1001\...\StartupApproved\StartupFolder: => "Enviar a OneNote.lnk"
HKU\S-1-5-21-2419783374-26214240-1524307561-1001\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"
HKU\S-1-5-21-2419783374-26214240-1524307561-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-2419783374-26214240-1524307561-1001\...\StartupApproved\Run: => "CubeDesktopNXT"
HKU\S-1-5-21-2419783374-26214240-1524307561-1001\...\StartupApproved\Run: => "DAEMON Tools Pro Agent"
HKU\S-1-5-21-2419783374-26214240-1524307561-1001\...\StartupApproved\Run: => "Opera Browser Assistant"
HKU\S-1-5-21-2419783374-26214240-1524307561-1001\...\StartupApproved\Run: => "SUPERAntiSpyware"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{20DC06B3-3C4A-43ED-A833-79AC338563CB}] => (Allow) C:\ProgramData\winnmgr\svcnetwk.exe (Microsoft Corporation) [File not signed]
FirewallRules: [{F43E88DD-D507-46BC-8097-58103C1BE61F}] => (Allow) C:\ProgramData\Google\ChromeDir\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{05EF7632-B0B3-4FC4-B7EE-E8B1179FA9E1}] => (Allow) C:\ProgramData\Google\ChromeDir2\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{5B042DB3-BB25-437F-86C0-4F29AA2E35EF}] => (Allow) C:\ProgramData\Google\ChromeDir\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{59808FBE-0958-44BE-91D6-44862E0F079E}] => (Allow) C:\ProgramData\Google\ChromeDir2\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{D5BE5F23-D5E1-42E6-B460-E320089A558F}] => (Allow) C:\ProgramData\Google\ChromeDir\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{C34B55C5-58F3-460F-8574-299E9150EB6D}] => (Allow) C:\ProgramData\Google\ChromeDir2\Application\chrome.exe (Google LLC -> Google LLC)
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service

==================== Restore Points =========================

03-11-2019 13:24:18 JRT Pre-Junkware Removal
03-11-2019 14:34:24 Malwarebytes Anti-Rootkit Restore Point

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (11/03/2019 06:10:35 PM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Error al actualizar el estado de  a SECURITY_PRODUCT_STATE_ON.

Error: (11/03/2019 06:10:25 PM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Error al actualizar el estado de  a SECURITY_PRODUCT_STATE_ON.

Error: (11/03/2019 06:10:25 PM) (Source: SecurityCenter) (EventID: 17) (User: )
Description: Security Center no pudo validar al autor de la llamada con el error %1.

Error: (11/03/2019 06:10:15 PM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Error al actualizar el estado de  a SECURITY_PRODUCT_STATE_ON.

Error: (11/03/2019 06:10:04 PM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Error al actualizar el estado de  a SECURITY_PRODUCT_STATE_ON.

Error: (11/03/2019 06:09:54 PM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Error al actualizar el estado de  a SECURITY_PRODUCT_STATE_ON.

Error: (11/03/2019 06:09:44 PM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Error al actualizar el estado de  a SECURITY_PRODUCT_STATE_ON.

Error: (11/03/2019 06:09:34 PM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Error al actualizar el estado de  a SECURITY_PRODUCT_STATE_ON.


System errors:
=============
Error: (11/03/2019 05:35:45 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio PSINProt no pudo iniciarse debido al siguiente error: 
Uno de los dispositivos conectados al sistema no funciona.

Error: (11/03/2019 05:35:45 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio PSINAflt no pudo iniciarse debido al siguiente error: 
No se dispone de más datos.

Error: (11/03/2019 04:07:02 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio PSINProt no pudo iniciarse debido al siguiente error: 
Uno de los dispositivos conectados al sistema no funciona.

Error: (11/03/2019 04:07:02 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio PSINAflt no pudo iniciarse debido al siguiente error: 
No se dispone de más datos.

Error: (11/03/2019 04:02:44 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio PSINProt no pudo iniciarse debido al siguiente error: 
Uno de los dispositivos conectados al sistema no funciona.

Error: (11/03/2019 04:02:43 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio PSINAflt no pudo iniciarse debido al siguiente error: 
No se dispone de más datos.

Error: (11/03/2019 03:54:04 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio PSINProt no pudo iniciarse debido al siguiente error: 
Uno de los dispositivos conectados al sistema no funciona.

Error: (11/03/2019 03:54:04 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio PSINAflt no pudo iniciarse debido al siguiente error: 
No se dispone de más datos.


Windows Defender:
===================================
Date: 2019-11-02 01:30:27.557
Description: 
Antivirus de Windows Defender detectó malware u otro software potencialmente no deseado.
Para más información, consulta lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=VirTool:Win32/Obfuscator&threatid=2147584956&enterprise=0
Nombre: VirTool:Win32/Obfuscator
Id.: 2147584956
Gravedad: Grave
Categoría: Herramienta
Ruta de acceso: file:_C:\Program Files (x86)\Ubisoft\Might & Magic Heroes VI\ubiorbitapi_r2_loader_a23529c0.dll
Origen de detección: Equipo local
Tipo de detección: Heurística
Origen de detección: Protección en tiempo real
Usuario: ANTONIOMARIA\yuyub
Nombre de proceso: C:\Program Files (x86)\Panda Security\Panda Cloud Cleaner\PCloudCleaner.exe
Versión de inteligencia de seguridad: AV: 1.259.1659.0, AS: 1.259.1659.0, NIS: 1.259.1659.0
Versión de motor: AM: 1.1.14500.5, NIS: 1.1.14500.5

Date: 2019-11-02 01:25:37.749
Description: 
Antivirus de Windows Defender detectó malware u otro software potencialmente no deseado.
Para más información, consulta lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=VirTool:Win32/Obfuscator&threatid=2147584956&enterprise=0
Nombre: VirTool:Win32/Obfuscator
Id.: 2147584956
Gravedad: Grave
Categoría: Herramienta
Ruta de acceso: file:_C:\Program Files (x86)\Ubisoft\Might & Magic Heroes VI\ubiorbitapi_r2_loader_a23529c0.dll
Origen de detección: Equipo local
Tipo de detección: Heurística
Origen de detección: Protección en tiempo real
Usuario: ANTONIOMARIA\yuyub
Nombre de proceso: C:\Program Files (x86)\Panda Security\Panda Cloud Cleaner\PCloudCleaner.exe
Versión de inteligencia de seguridad: AV: 1.259.1659.0, AS: 1.259.1659.0, NIS: 1.259.1659.0
Versión de motor: AM: 1.1.14500.5, NIS: 1.1.14500.5

Date: 2019-11-02 00:15:36.324
Description: 
El examen de Antivirus de Windows Defender se detuvo antes de completarse.
Id. de examen: {8305D6C5-E36A-4C5F-8838-77A4E219C05C}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM

Date: 2019-11-02 00:04:14.433
Description: 
El examen de Antivirus de Windows Defender se detuvo antes de completarse.
Id. de examen: {84DE20B9-47AE-4B43-8568-41BD91E57EF9}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM

Date: 2019-11-01 23:20:06.973
Description: 
El examen de Antivirus de Windows Defender se detuvo antes de completarse.
Id. de examen: {F3CA48D6-73DB-42D8-9928-67FE9263E690}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM

Date: 2019-11-03 12:51:45.538
Description: 
Antivirus de Windows Defender detectó un error al intentar actualizar la inteligencia de seguridad.
Nueva versión de inteligencia de seguridad: 
Versión anterior de inteligencia de seguridad: 1.259.1659.0
Origen de actualización: Centro de protección contra malware de Microsoft
Tipo de inteligencia de seguridad: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\Servicio de red
Versión actual del motor: 
Versión anterior del motor: 1.1.14500.5
Código de error: 0x80070645
Descripción del error: Esta acción solo es válida para productos que están instalados actualmente. 

Date: 2019-11-03 12:51:45.537
Description: 
Antivirus de Windows Defender detectó un error al intentar actualizar la inteligencia de seguridad.
Nueva versión de inteligencia de seguridad: 
Versión anterior de inteligencia de seguridad: 1.259.1659.0
Origen de actualización: Centro de protección contra malware de Microsoft
Tipo de inteligencia de seguridad: AntiSpyware
Tipo de actualización: Completa
Usuario: NT AUTHORITY\Servicio de red
Versión actual del motor: 
Versión anterior del motor: 1.1.14500.5
Código de error: 0x80070645
Descripción del error: Esta acción solo es válida para productos que están instalados actualmente. 

Date: 2019-11-03 12:51:45.536
Description: 
Antivirus de Windows Defender detectó un error al intentar actualizar la inteligencia de seguridad.
Nueva versión de inteligencia de seguridad: 
Versión anterior de inteligencia de seguridad: 1.259.1659.0
Origen de actualización: Centro de protección contra malware de Microsoft
Tipo de inteligencia de seguridad: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\Servicio de red
Versión actual del motor: 
Versión anterior del motor: 1.1.14500.5
Código de error: 0x80070645
Descripción del error: Esta acción solo es válida para productos que están instalados actualmente. 

Date: 2019-11-03 12:50:43.093
Description: 
Antivirus de Windows Defender detectó un error al intentar actualizar la inteligencia de seguridad.
Nueva versión de inteligencia de seguridad: 
Versión anterior de inteligencia de seguridad: 1.259.1659.0
Origen de actualización: Servidor de Microsoft Update
Tipo de inteligencia de seguridad: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\SYSTEM
Versión actual del motor: 
Versión anterior del motor: 1.1.14500.5
Código de error: 0x80096004
Descripción del error: No se puede comprobar la firma del certificado. 

Date: 2019-11-03 12:31:38.591
Description: 
Antivirus de Windows Defender detectó un error al intentar actualizar la inteligencia de seguridad.
Nueva versión de inteligencia de seguridad: 
Versión anterior de inteligencia de seguridad: 1.259.1659.0
Origen de actualización: Centro de protección contra malware de Microsoft
Tipo de inteligencia de seguridad: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\Servicio de red
Versión actual del motor: 
Versión anterior del motor: 1.1.14500.5
Código de error: 0x80070645
Descripción del error: Esta acción solo es válida para productos que están instalados actualmente. 

CodeIntegrity:
===================================

Date: 2019-11-03 13:03:30.817
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-11-03 13:03:30.242
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-11-03 12:21:20.085
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\ESET\ESET Security\ecmds.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-11-03 12:21:20.061
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\ESET\ESET Security\ecmds.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-11-03 12:21:19.990
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\ESET\ESET Security\ecmds.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-11-03 12:21:19.912
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\ESET\ESET Security\ecmds.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-11-03 12:21:19.139
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\ESET\ESET Security\ecmds.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-11-03 12:21:19.117
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\ESET\ESET Security\ecmds.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

==================== Memory info =========================== 

BIOS: LENOVO A2CN27WW(V1.09) 12/12/2014
Motherboard: LENOVO Lancer 5B2
Processor: AMD E1-6010 APU with AMD Radeon R2 Graphics 
Percentage of memory in use: 51%
Total physical RAM: 7128.26 MB
Available physical RAM: 3475.7 MB
Total Virtual: 8280.26 MB
Available Virtual: 3841.82 MB

==================== Drives ================================

Drive c: (Windows8_OS) (Fixed) (Total:424.89 GB) (Free:130.24 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:23.56 GB) NTFS
Drive f: () (Fixed) (Total:0.49 GB) (Free:0.47 GB) NTFS

\\?\Volume{5db1ef42-892c-4cb5-9b1a-455e0499278c}\ () (Fixed) (Total:0.57 GB) (Free:0.08 GB) NTFS
\\?\Volume{90341c97-0f30-4e91-ae8a-756b449b49f6}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 204FF8C1)

Partition: GPT.

==================== End of Addition.txt =======================

Perdon por la tardanza, te comento que el panda antivirus lo activo manual y se desactiva ipso facto teniendo deshabilitado el Malwarebytes, éste sí que lo puedo activar manualmente, pero al encenderlo aparece como deshabilitado. me salen notificaciones diciendome que tengo un virus o malware y que pinche para escanear el equipo, son de una pagina como de juegos, sale desde el Microsoft Edge, pero sin que éste esté abierto, es solo notificacion. gracias.

Tienes infecciones todavía como parar para un tren…:cold_sweat:

En cuanto revise todo te doy respuesta.

2 Me gusta

Desinstalas:

  • Spybot
  • Panda

Ejecutas las herramientas de limpieza de Panda y Avast:

Bien… y ahora sigue estos pasos, MUY Importante ~ Realiza una copia de seguridad del registro :

  • Para hacerlo descarga Delfix en tu escritorio.

  • Doble clic para ejecutarlo.(Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona "Ejecutar como Administrador.")

  • Atención, ahora marca/selecciona únicamente la casilla "Create registry backup", las demás NO

  • Pulsar en Run.

Se abrirá el informe (DelFix.txt), guárdalo por si fuera necesario y cierra la herramienta.


En el equipo con los demas programas cerrados:

Inicio >>> Ejecutar >>>Escribes notepad.exe.

Ahora copia y pega estos archivos dentro del Notepad:


Start
CreateRestorePoint:
CloseProcesses:

HKLM-x32\...\RunOnce: [PsNAvInstaller] => C:\WINDOWS\TEMP\Panda DomeDA88.tmp\setup.exe [1189336 2019-08-05] (Panda Security S.L. -> Panda Security, S.L.) <==== ATTENTION
HKU\S-1-5-21-2419783374-26214240-1524307561-1001\...\MountPoints2: {bd372f91-637b-11e8-a015-68f7284e136e} - "I:\setup.exe" 
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {368A69FE-48B8-4B66-886C-EDD6B6A86123} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\yuyub\AppData\Local\Temp\scoped_dir12260_1181962117\esetonlinescanner_esn.exe [8162616 2019-11-03] (ESET, spol. s r.o. -> ESET spol. s r.o.) <==== ATTENTION
Task: {E4BC5607-A82A-4B1D-9698-AE1E63319544} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\yuyub\AppData\Local\Temp\scoped_dir12260_1181962117\esetonlinescanner_esn.exe [8162616 2019-11-03] (ESET, spol. s r.o. -> ESET spol. s r.o.) <==== ATTENTION
SearchScopes: HKU\S-1-5-21-2419783374-26214240-1524307561-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [looohgelibjoplmkhecmalapkgadkfcc] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [hcjdanpjacpeeppdjkppebobilhaglfo] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lecopdllcadfbliodgfpfbhgoaohmlfe] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [looohgelibjoplmkhecmalapkgadkfcc] - hxxps://clients2.google.com/service/update2/crx
2019-11-01 15:24 - 2019-11-01 23:33 - 000000000 ____D C:\Users\yuyub\AppData\Roaming\l4fgv4haylw
2019-11-01 15:23 - 2019-11-01 23:36 - 000000000 ____D C:\Users\yuyub\AppData\Roaming\ntldpwlgwo3
2019-11-01 15:14 - 2019-11-01 23:37 - 000000000 ____D C:\Program Files\F0FKB13TJP
2019-11-01 15:14 - 2019-11-01 23:36 - 000000000 ____D C:\Users\yuyub\AppData\Roaming\iz0qiywr2ym
2019-11-01 15:13 - 2019-11-01 23:37 - 000000000 ____D C:\Program Files\8OKJJNUSMW
2019-11-01 15:13 - 2019-11-01 23:36 - 000000000 ____D C:\Users\yuyub\AppData\Roaming\r24pzjh5flk
2019-11-01 15:04 - 2019-11-01 23:36 - 000000000 ____D C:\Users\yuyub\AppData\Roaming\vrcljz5xen0
2019-11-01 15:02 - 2019-11-01 23:36 - 000000000 ____D C:\Users\yuyub\AppData\Roaming\f2bihhcmvf0
2019-11-01 14:53 - 2019-11-01 23:36 - 000000000 ____D C:\Users\yuyub\AppData\Roaming\uxof1elgtuj
2019-11-01 14:52 - 2019-11-01 23:36 - 000000000 ____D C:\Users\yuyub\AppData\Roaming\ua5ynea4vto
2019-11-01 14:51 - 2019-11-03 13:26 - 000000000 ____D C:\Users\yuyub\AppData\Local\GoogleChromeUserData
2019-11-01 14:43 - 2019-11-01 23:36 - 000000000 ____D C:\Users\yuyub\AppData\Roaming\zyxcpeelmp0
2019-11-01 14:42 - 2019-11-01 23:37 - 000000000 ____D C:\Users\yuyub\AppData\Roaming\czkz4vjgcms
2019-11-01 14:42 - 2019-11-01 23:37 - 000000000 ____D C:\Program Files\0NIUXOOFNU
2019-11-01 14:33 - 2019-11-01 23:37 - 000000000 ____D C:\Users\yuyub\AppData\Roaming\253b31usbai
2019-11-01 14:33 - 2019-11-01 23:37 - 000000000 ____D C:\Program Files\ECV04XHOM8
2019-11-01 14:32 - 2019-11-01 23:36 - 000000000 ____D C:\Users\yuyub\AppData\Roaming\53omlxwz1kl
2019-11-01 01:06 - 2019-11-01 01:06 - 000000000 ____D C:\ProgramData\Lamia
2019-11-01 01:06 - 2019-11-01 01:06 - 000000000 ____D C:\ProgramData\hVVxek6q
2019-11-01 01:04 - 2019-11-01 01:04 - 001246160 _____ (Mozilla Foundation) C:\ProgramData\nss3.dll
2019-11-01 01:04 - 2019-11-01 01:04 - 000137168 _____ (Mozilla Foundation) C:\ProgramData\mozglue.dll
2019-11-01 01:02 - 2019-11-01 23:37 - 000000000 ____D C:\Users\yuyub\AppData\Roaming\v4gep5jkdro
2019-11-01 01:02 - 2019-11-01 01:05 - 000000000 ____D C:\ProgramData\EVVKWFOOXDQHD1YFE03ADD6SB
2019-11-01 00:58 - 2019-11-03 13:04 - 000000000 ____D C:\ProgramData\winnmgr
2019-11-01 00:57 - 2019-11-02 16:08 - 000000000 ____D C:\ProgramData\NtvHost
2019-11-01 00:55 - 2019-11-01 01:10 - 000000000 ____D C:\ProgramData\EventSvc
2019-11-01 00:53 - 2019-11-01 23:37 - 000000000 ____D C:\Users\yuyub\AppData\Roaming\suuy3ysrvxj
2019-11-01 00:53 - 2019-11-01 23:37 - 000000000 ____D C:\Program Files\RDPDQCE7XY
2019-11-01 00:52 - 2019-11-01 23:37 - 000000000 ____D C:\Program Files\3485FLQS0D
2019-10-31 15:21 - 2019-10-31 15:21 - 000000000 ____D C:\ProgramData\{9AD68BB1-B31A-721B-62AE-98FE6249C1AF}
2019-10-31 15:21 - 2019-10-31 15:21 - 000000000 ____D C:\ProgramData\{018D7543-4DE8-E940-9050-C36590B79A34}
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} =>  -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} =>  -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> No File
ContextMenuHandlers1: [PDFCreator.ShellContextMenu] -> {d9cea52e-100d-4159-89ea-76e845bc13e1} =>  -> No File
ContextMenuHandlers1: [SDECon32] -> [CC]{44176360-2BBF-4EC1-93CE-384B8681A0BC} =>  -> No File
ContextMenuHandlers1: [SDECon64] -> [CC]{44176360-2BBF-4EC1-93CE-384B8681A0BC} =>  -> No File
ContextMenuHandlers2: [QuickFinderMenu] -> [CC]{0c5824b1-555e-4799-b8be-97b08362623b} =>  -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} =>  -> No File
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} =>  -> No File
ContextMenuHandlers4: [QuickFinderMenu] -> [CC]{0c5824b1-555e-4799-b8be-97b08362623b} =>  -> No File
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> No File
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} =>  -> No File
FF SearchPlugin: C:\Users\yuyub\AppData\Roaming\Mozilla\Firefox\Profiles\lnkyzc8a.default-1533742726210\searchplugins\bing-lavasoft-ff59.xml [2019-11-01]
2019-11-01 00:03 - 2019-11-01 15:25 - 000000000 ____D C:\Users\yuyub\AppData\Roaming\Lavasoft
2019-11-01 00:03 - 2019-11-01 15:25 - 000000000 ____D C:\Users\yuyub\AppData\Local\Lavasoft
2019-11-01 00:03 - 2019-11-01 15:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2019-11-01 00:02 - 2019-11-01 15:25 - 000000000 ____D C:\ProgramData\Lavasoft
2019-11-01 00:02 - 2019-11-01 15:25 - 000000000 ____D C:\Program Files (x86)\Lavasoft
2019-10-31 23:49 - 2018-11-16 12:18 - 000000000 ____D C:\ProgramData\AVAST Software
2019-10-31 23:26 - 2018-11-16 12:36 - 000000000 ____D C:\Users\yuyub\AppData\Local\AVAST Software
FF Extension: (Avast Online Security) - C:\Users\yuyub\AppData\Roaming\Mozilla\Firefox\Profiles\lnkyzc8a.default-1533742726210\Extensions\[email protected] [2019-10-31]
CHR Extension: (Avast Online Security) - C:\Users\yuyub\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2019-11-03]


HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
END

Lo guardas bajo el nombre de fixlist.txt en el escritorio <<< Esto es muy importante.<<

Nota: Es importante que la Hta Frst.exe y fixlist.txt se encuentren en la misma ubicación (escritorio) o si no no trabajara.

  • Y ahora usa esta Faq de Windows ¿Cómo iniciar Windows en Modo Seguro (Aplicable a Windows 10)?, para trabajar desde ese modo de windows. (Usa el Metodo 1 y si no puedes, usa el Metodo 2)

  • Ejecutas Frst.exe.

  • Presionas el botón Fix y aguardas a que termine.

  • La Herramienta guardara el reporte en tu escritorio (Fixlog.txt).

Lo pegas en tu próxima respuesta, comentado como va el problema

1 me gusta

Buenas, la cosa sigue igual. ahora pasa que algunas cosas desaparecen del escritorio, despues de pasar los limpiadores del panda y el avast desaparecio la FRST. la descargue de otro sitio porque tu enlace me dice error, que no tengo permiso para hacer la descarga. me equivoque a la hora de ejecutar y delfix y no le desmarque la opcion que traia marcada de desinfeccion. y el reporte lo puse en el escritorio junto al FRST, el modo seguro con red el caso que me dice que no hay internet, y le he tenido que hacer asi. el reporte del Frst decia que se quedaba en donde la aplicacion pero aqui no aparece.

Gracias

AQUI DEJO EL REPORTE DE FIXLOG.TXT SI ESTABA.

Fix result of Farbar Recovery Scan Tool (x64) Version: 01-11-2019
Ran by yuyub (04-11-2019 14:54:33) Run:1
Running from C:\Users\yuyub\Desktop
Loaded Profiles: yuyub (Available Profiles: yuyub)
Boot Mode: Safe Mode (with Networking)
==============================================

fixlist content:
*****************
Start
CreateRestorePoint:
CloseProcesses:

HKLM-x32\...\RunOnce: [PsNAvInstaller] => C:\WINDOWS\TEMP\Panda DomeDA88.tmp\setup.exe [1189336 2019-08-05] (Panda Security S.L. -> Panda Security, S.L.) <==== ATTENTION
HKU\S-1-5-21-2419783374-26214240-1524307561-1001\...\MountPoints2: {bd372f91-637b-11e8-a015-68f7284e136e} - "I:\setup.exe" 
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {368A69FE-48B8-4B66-886C-EDD6B6A86123} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\yuyub\AppData\Local\Temp\scoped_dir12260_1181962117\esetonlinescanner_esn.exe [8162616 2019-11-03] (ESET, spol. s r.o. -> ESET spol. s r.o.) <==== ATTENTION
Task: {E4BC5607-A82A-4B1D-9698-AE1E63319544} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\yuyub\AppData\Local\Temp\scoped_dir12260_1181962117\esetonlinescanner_esn.exe [8162616 2019-11-03] (ESET, spol. s r.o. -> ESET spol. s r.o.) <==== ATTENTION
SearchScopes: HKU\S-1-5-21-2419783374-26214240-1524307561-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [looohgelibjoplmkhecmalapkgadkfcc] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [hcjdanpjacpeeppdjkppebobilhaglfo] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lecopdllcadfbliodgfpfbhgoaohmlfe] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [looohgelibjoplmkhecmalapkgadkfcc] - hxxps://clients2.google.com/service/update2/crx
2019-11-01 15:24 - 2019-11-01 23:33 - 000000000 ____D C:\Users\yuyub\AppData\Roaming\l4fgv4haylw
2019-11-01 15:23 - 2019-11-01 23:36 - 000000000 ____D C:\Users\yuyub\AppData\Roaming\ntldpwlgwo3
2019-11-01 15:14 - 2019-11-01 23:37 - 000000000 ____D C:\Program Files\F0FKB13TJP
2019-11-01 15:14 - 2019-11-01 23:36 - 000000000 ____D C:\Users\yuyub\AppData\Roaming\iz0qiywr2ym
2019-11-01 15:13 - 2019-11-01 23:37 - 000000000 ____D C:\Program Files\8OKJJNUSMW
2019-11-01 15:13 - 2019-11-01 23:36 - 000000000 ____D C:\Users\yuyub\AppData\Roaming\r24pzjh5flk
2019-11-01 15:04 - 2019-11-01 23:36 - 000000000 ____D C:\Users\yuyub\AppData\Roaming\vrcljz5xen0
2019-11-01 15:02 - 2019-11-01 23:36 - 000000000 ____D C:\Users\yuyub\AppData\Roaming\f2bihhcmvf0
2019-11-01 14:53 - 2019-11-01 23:36 - 000000000 ____D C:\Users\yuyub\AppData\Roaming\uxof1elgtuj
2019-11-01 14:52 - 2019-11-01 23:36 - 000000000 ____D C:\Users\yuyub\AppData\Roaming\ua5ynea4vto
2019-11-01 14:51 - 2019-11-03 13:26 - 000000000 ____D C:\Users\yuyub\AppData\Local\GoogleChromeUserData
2019-11-01 14:43 - 2019-11-01 23:36 - 000000000 ____D C:\Users\yuyub\AppData\Roaming\zyxcpeelmp0
2019-11-01 14:42 - 2019-11-01 23:37 - 000000000 ____D C:\Users\yuyub\AppData\Roaming\czkz4vjgcms
2019-11-01 14:42 - 2019-11-01 23:37 - 000000000 ____D C:\Program Files\0NIUXOOFNU
2019-11-01 14:33 - 2019-11-01 23:37 - 000000000 ____D C:\Users\yuyub\AppData\Roaming\253b31usbai
2019-11-01 14:33 - 2019-11-01 23:37 - 000000000 ____D C:\Program Files\ECV04XHOM8
2019-11-01 14:32 - 2019-11-01 23:36 - 000000000 ____D C:\Users\yuyub\AppData\Roaming\53omlxwz1kl
2019-11-01 01:06 - 2019-11-01 01:06 - 000000000 ____D C:\ProgramData\Lamia
2019-11-01 01:06 - 2019-11-01 01:06 - 000000000 ____D C:\ProgramData\hVVxek6q
2019-11-01 01:04 - 2019-11-01 01:04 - 001246160 _____ (Mozilla Foundation) C:\ProgramData\nss3.dll
2019-11-01 01:04 - 2019-11-01 01:04 - 000137168 _____ (Mozilla Foundation) C:\ProgramData\mozglue.dll
2019-11-01 01:02 - 2019-11-01 23:37 - 000000000 ____D C:\Users\yuyub\AppData\Roaming\v4gep5jkdro
2019-11-01 01:02 - 2019-11-01 01:05 - 000000000 ____D C:\ProgramData\EVVKWFOOXDQHD1YFE03ADD6SB
2019-11-01 00:58 - 2019-11-03 13:04 - 000000000 ____D C:\ProgramData\winnmgr
2019-11-01 00:57 - 2019-11-02 16:08 - 000000000 ____D C:\ProgramData\NtvHost
2019-11-01 00:55 - 2019-11-01 01:10 - 000000000 ____D C:\ProgramData\EventSvc
2019-11-01 00:53 - 2019-11-01 23:37 - 000000000 ____D C:\Users\yuyub\AppData\Roaming\suuy3ysrvxj
2019-11-01 00:53 - 2019-11-01 23:37 - 000000000 ____D C:\Program Files\RDPDQCE7XY
2019-11-01 00:52 - 2019-11-01 23:37 - 000000000 ____D C:\Program Files\3485FLQS0D
2019-10-31 15:21 - 2019-10-31 15:21 - 000000000 ____D C:\ProgramData\{9AD68BB1-B31A-721B-62AE-98FE6249C1AF}
2019-10-31 15:21 - 2019-10-31 15:21 - 000000000 ____D C:\ProgramData\{018D7543-4DE8-E940-9050-C36590B79A34}
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} =>  -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} =>  -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> No File
ContextMenuHandlers1: [PDFCreator.ShellContextMenu] -> {d9cea52e-100d-4159-89ea-76e845bc13e1} =>  -> No File
ContextMenuHandlers1: [SDECon32] -> [CC]{44176360-2BBF-4EC1-93CE-384B8681A0BC} =>  -> No File
ContextMenuHandlers1: [SDECon64] -> [CC]{44176360-2BBF-4EC1-93CE-384B8681A0BC} =>  -> No File
ContextMenuHandlers2: [QuickFinderMenu] -> [CC]{0c5824b1-555e-4799-b8be-97b08362623b} =>  -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} =>  -> No File
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} =>  -> No File
ContextMenuHandlers4: [QuickFinderMenu] -> [CC]{0c5824b1-555e-4799-b8be-97b08362623b} =>  -> No File
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> No File
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} =>  -> No File
FF SearchPlugin: C:\Users\yuyub\AppData\Roaming\Mozilla\Firefox\Profiles\lnkyzc8a.default-1533742726210\searchplugins\bing-lavasoft-ff59.xml [2019-11-01]
2019-11-01 00:03 - 2019-11-01 15:25 - 000000000 ____D C:\Users\yuyub\AppData\Roaming\Lavasoft
2019-11-01 00:03 - 2019-11-01 15:25 - 000000000 ____D C:\Users\yuyub\AppData\Local\Lavasoft
2019-11-01 00:03 - 2019-11-01 15:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2019-11-01 00:02 - 2019-11-01 15:25 - 000000000 ____D C:\ProgramData\Lavasoft
2019-11-01 00:02 - 2019-11-01 15:25 - 000000000 ____D C:\Program Files (x86)\Lavasoft
2019-10-31 23:49 - 2018-11-16 12:18 - 000000000 ____D C:\ProgramData\AVAST Software
2019-10-31 23:26 - 2018-11-16 12:36 - 000000000 ____D C:\Users\yuyub\AppData\Local\AVAST Software
FF Extension: (Avast Online Security) - C:\Users\yuyub\AppData\Roaming\Mozilla\Firefox\Profiles\lnkyzc8a.default-1533742726210\Extensions\[email protected] [2019-10-31]
CHR Extension: (Avast Online Security) - C:\Users\yuyub\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2019-11-03]


HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
END
*****************

Error: Restore point can only be created in normal mode.
Processes closed successfully.
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\RunOnce\\PsNAvInstaller" => not found
HKU\S-1-5-21-2419783374-26214240-1524307561-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{bd372f91-637b-11e8-a015-68f7284e136e} => removed successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{368A69FE-48B8-4B66-886C-EDD6B6A86123}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{368A69FE-48B8-4B66-886C-EDD6B6A86123}" => removed successfully
C:\WINDOWS\System32\Tasks\EOSv3 Scheduler onLogOn => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\EOSv3 Scheduler onLogOn" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E4BC5607-A82A-4B1D-9698-AE1E63319544}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E4BC5607-A82A-4B1D-9698-AE1E63319544}" => removed successfully
C:\WINDOWS\System32\Tasks\EOSv3 Scheduler onTime => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\EOSv3 Scheduler onTime" => removed successfully
"HKU\S-1-5-21-2419783374-26214240-1524307561-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully
HKLM\SOFTWARE\Google\Chrome\Extensions\flliilndjeohchalpbbcdekjklbdgfkk => removed successfully
HKLM\SOFTWARE\Google\Chrome\Extensions\looohgelibjoplmkhecmalapkgadkfcc => removed successfully
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\flliilndjeohchalpbbcdekjklbdgfkk => removed successfully
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\gomekmidlodglbbmalcneegieacbdmki => removed successfully
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\hcjdanpjacpeeppdjkppebobilhaglfo => removed successfully
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\lecopdllcadfbliodgfpfbhgoaohmlfe => removed successfully
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\looohgelibjoplmkhecmalapkgadkfcc => removed successfully
C:\Users\yuyub\AppData\Roaming\l4fgv4haylw => moved successfully
C:\Users\yuyub\AppData\Roaming\ntldpwlgwo3 => moved successfully
C:\Program Files\F0FKB13TJP => moved successfully
C:\Users\yuyub\AppData\Roaming\iz0qiywr2ym => moved successfully
C:\Program Files\8OKJJNUSMW => moved successfully
C:\Users\yuyub\AppData\Roaming\r24pzjh5flk => moved successfully
C:\Users\yuyub\AppData\Roaming\vrcljz5xen0 => moved successfully
C:\Users\yuyub\AppData\Roaming\f2bihhcmvf0 => moved successfully
C:\Users\yuyub\AppData\Roaming\uxof1elgtuj => moved successfully
C:\Users\yuyub\AppData\Roaming\ua5ynea4vto => moved successfully
C:\Users\yuyub\AppData\Local\GoogleChromeUserData => moved successfully
C:\Users\yuyub\AppData\Roaming\zyxcpeelmp0 => moved successfully
C:\Users\yuyub\AppData\Roaming\czkz4vjgcms => moved successfully
C:\Program Files\0NIUXOOFNU => moved successfully
C:\Users\yuyub\AppData\Roaming\253b31usbai => moved successfully
C:\Program Files\ECV04XHOM8 => moved successfully
C:\Users\yuyub\AppData\Roaming\53omlxwz1kl => moved successfully
C:\ProgramData\Lamia => moved successfully
C:\ProgramData\hVVxek6q => moved successfully
C:\ProgramData\nss3.dll => moved successfully
C:\ProgramData\mozglue.dll => moved successfully
C:\Users\yuyub\AppData\Roaming\v4gep5jkdro => moved successfully
C:\ProgramData\EVVKWFOOXDQHD1YFE03ADD6SB => moved successfully
C:\ProgramData\winnmgr => moved successfully
C:\ProgramData\NtvHost => moved successfully
C:\ProgramData\EventSvc => moved successfully
C:\Users\yuyub\AppData\Roaming\suuy3ysrvxj => moved successfully
C:\Program Files\RDPDQCE7XY => moved successfully
C:\Program Files\3485FLQS0D => moved successfully
C:\ProgramData\{9AD68BB1-B31A-721B-62AE-98FE6249C1AF} => moved successfully
C:\ProgramData\{018D7543-4DE8-E940-9050-C36590B79A34} => moved successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00asw => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\7-Zip => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\ANotepad++64 => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\BriefcaseMenu => removed successfully
"HKLM\Software\Classes\CLSID\{85BBD920-42A0-1069-A2E4-08002B30309D}" => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\PDFCreator.ShellContextMenu => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\SDECon32 => not found
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\SDECon64 => not found
HKLM\Software\Classes\Drive\ShellEx\ContextMenuHandlers\QuickFinderMenu => removed successfully
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\7-Zip => removed successfully
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\Offline Files => removed successfully
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\QuickFinderMenu => removed successfully
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\BriefcaseMenu => removed successfully
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\Offline Files => removed successfully
C:\Users\yuyub\AppData\Roaming\Mozilla\Firefox\Profiles\lnkyzc8a.default-1533742726210\searchplugins\bing-lavasoft-ff59.xml => moved successfully
C:\Users\yuyub\AppData\Roaming\Lavasoft => moved successfully
C:\Users\yuyub\AppData\Local\Lavasoft => moved successfully
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft => moved successfully
C:\ProgramData\Lavasoft => moved successfully
C:\Program Files (x86)\Lavasoft => moved successfully
C:\ProgramData\AVAST Software => moved successfully
C:\Users\yuyub\AppData\Local\AVAST Software => moved successfully
C:\Users\yuyub\AppData\Roaming\Mozilla\Firefox\Profiles\lnkyzc8a.default-1533742726210\Extensions\[email protected] => moved successfully
CHR Extension: (Avast Online Security) - C:\Users\yuyub\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2019-11-03] => Error: No automatic fix found for this entry.
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

========= RemoveProxy: =========

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\NlaSvc\Parameters\Internet\ManualProxies\\" => removed successfully
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully
"HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully
"HKU\S-1-5-21-2419783374-26214240-1524307561-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer" => removed successfully
"HKU\S-1-5-21-2419783374-26214240-1524307561-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\S-1-5-21-2419783374-26214240-1524307561-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully


========= End of RemoveProxy: =========


========= netsh winsock reset =========


El cat logo Winsock se restableci¢ correctamente.
Debe reiniciar el equipo para completar el restablecimiento.


========= End of CMD: =========


========= ipconfig /renew =========


Configuraci¢n IP de Windows

No se puede realizar ninguna operaci¢n en Ethernet mientras los medios
est‚n desconectados.

========= End of CMD: =========


========= ipconfig /flushdns =========


Configuraci¢n IP de Windows

Se vaci¢ correctamente la cach‚ de resoluci¢n de DNS.

========= End of CMD: =========


========= bitsadmin /reset /allusers =========


BITSADMIN version 3.0
BITS administration utility.
(C) Copyright Microsoft Corp.

Unable to connect to BITS - 0x8007043c
El servicio no puede iniciarse en modo a prueba de errores



========= End of CMD: =========


========= netsh advfirewall reset =========

Aceptar


========= End of CMD: =========


========= netsh advfirewall set allprofiles state ON =========

Aceptar


========= End of CMD: =========


========= netsh int ipv4 reset =========

Reenv¡o de compartimiento se restableci¢ correctamente.
Compartimiento se restableci¢ correctamente.
Protocolo de control se restableci¢ correctamente.
Solicitud de secuencia eco se restableci¢ correctamente.
Global se restableci¢ correctamente.
Interfaz se restableci¢ correctamente.
Direcci¢n de difusi¢n por proximidad (a se restableci¢ correctamente.
Direcciones de multidifusi¢n se restableci¢ correctamente.
Direcci¢n de unidifusi¢n se restableci¢ correctamente.
Vecino se restableci¢ correctamente.
Ruta de acceso se restableci¢ correctamente.
Posible se restableci¢ correctamente.
Directiva de prefijo se restableci¢ correctamente.
Vecino de proxy se restableci¢ correctamente.
Ruta se restableci¢ correctamente.
Prefijo de sitio se restableci¢ correctamente.
Subinterfaz se restableci¢ correctamente.
Patr¢n de reactivaci¢n se restableci¢ correctamente.
Resolver vecino se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
Error al restablecer .
Acceso denegado.

 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.


========= End of CMD: =========


========= netsh int ipv6 reset =========

Reenv¡o de compartimiento se restableci¢ correctamente.
Compartimiento se restableci¢ correctamente.
Protocolo de control se restableci¢ correctamente.
Solicitud de secuencia eco se restableci¢ correctamente.
Global se restableci¢ correctamente.
Interfaz se restableci¢ correctamente.
Direcci¢n de difusi¢n por proximidad (a se restableci¢ correctamente.
Direcciones de multidifusi¢n se restableci¢ correctamente.
Direcci¢n de unidifusi¢n se restableci¢ correctamente.
Vecino se restableci¢ correctamente.
Ruta de acceso se restableci¢ correctamente.
Posible se restableci¢ correctamente.
Directiva de prefijo se restableci¢ correctamente.
Vecino de proxy se restableci¢ correctamente.
Ruta se restableci¢ correctamente.
Prefijo de sitio se restableci¢ correctamente.
Subinterfaz se restableci¢ correctamente.
Patr¢n de reactivaci¢n se restableci¢ correctamente.
Resolver vecino se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
Error al restablecer .
Acceso denegado.

 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.


========= End of CMD: =========


=========== EmptyTemp: ==========

BITS transfer queue => 8151040 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 29110761 B
Java, Flash, Steam htmlcache => 1122 B
Windows/system/drivers => 290555087 B
Edge => 1036022 B
Chrome => 6500184 B
Firefox => 15328101 B
Opera => 57442289 B

Temp, IE cache, history, cookies, recent:
Default => 6656 B
Users => 6656 B
ProgramData => 6656 B
Public => 6656 B
systemprofile => 6656 B
systemprofile32 => 6656 B
LocalService => 100564 B
NetworkService => 560489534 B
yuyub => 989849968 B

RecycleBin => 0 B
EmptyTemp: => 1.8 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 14:57:27 ====

Cuando dices que la cosa sigue igual…en que aspectos?

Las notificaciones que me mandan a paginas raras diciendome que tengo un virus o un malware, o que karlos arguiñaño no se qué no paran de salir.

lo que no he probado es si ya puedo activar el Eset que lo desistalé tambien. El Malwarebytes me sacó unos positivos (sin yo hacer analisis), le di a eliminar. pongo el reporte:

Malwarebytes
www.malwarebytes.com

-Detalles del registro-
Fecha del análisis: 4/11/19
Hora del análisis: 10:47
Archivo de registro: 1092fd78-fee8-11e9-b87a-68f7284e136e.json

-Información del software-
Versión: 3.8.3.2965
Versión de los componentes: 1.0.629
Versión del paquete de actualización: 1.0.13167
Licencia: Prueba

-Información del sistema-
SO: Windows 10 (Build 18362.418)
CPU: x64
Sistema de archivos: NTFS
Usuario: System

-Resumen del análisis-
Tipo de análisis: Análisis de amenazas
Análisis iniciado por:: Programador de tareas
Resultado: Completado
Objetos analizados: 316184
Amenazas detectadas: 12
Amenazas en cuarentena: 12
Tiempo transcurrido: 39 min, 41 seg

-Opciones de análisis-
Memoria: Activado
Inicio: Activado
Sistema de archivos: Activado
Archivo: Activado
Rootkits: Desactivado
Heurística: Activado
PUP: Detectar
PUM: Detectar

-Detalles del análisis-
Proceso: 0
(No hay elementos maliciosos detectados)

Módulo: 0
(No hay elementos maliciosos detectados)

Clave del registro: 0
(No hay elementos maliciosos detectados)

Valor del registro: 11
Adware.Ghokswa.Generic, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{FC54A1E4-87C2-4CA5-9A31-5B7AC1FCF1EA}, En cuarentena, [5994], [416299],1.0.13167
Adware.Ghokswa.Generic, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{A41CB602-456B-4F26-A6BC-079DE29ECF56}, En cuarentena, [5994], [416299],1.0.13167
Adware.Ghokswa.Generic, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{9278025C-BA65-4305-93D7-EDA69E88B032}, En cuarentena, [5994], [416299],1.0.13167
Adware.Ghokswa.Generic, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{B0193436-BB05-4F41-9EDA-075E25DCA6B3}, En cuarentena, [5994], [416299],1.0.13167
Adware.Ghokswa.Generic, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{3B6CD2E6-5744-4008-982B-8C5EF23B3C66}, En cuarentena, [5994], [416299],1.0.13167
Adware.Ghokswa.Generic, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{8C1B265B-6878-4963-BAB1-63ADE8A2EC97}, En cuarentena, [5994], [416299],1.0.13167
Adware.Ghokswa.Generic, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{745FCE09-C4F8-4652-85A9-17DEB2CFF965}, En cuarentena, [5994], [416299],1.0.13167
Adware.Ghokswa.Generic, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{7B625466-03F7-4C19-82FF-1A57321B36E0}, En cuarentena, [5994], [416299],1.0.13167
Adware.Ghokswa.Generic, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{2ED7C19C-253C-4573-9B45-F299BF705A62}, En cuarentena, [5994], [416299],1.0.13167
Adware.Ghokswa.Generic, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{8958F2C5-C1DA-4636-BEFA-47DF9B37A505}, En cuarentena, [5994], [416299],1.0.13167
Adware.Ghokswa.Generic, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{A3EFE003-A267-422B-83B7-155A4841D368}, En cuarentena, [5994], [416299],1.0.13167

Datos del registro: 0
(No hay elementos maliciosos detectados)

Secuencia de datos: 0
(No hay elementos maliciosos detectados)

Carpeta: 0
(No hay elementos maliciosos detectados)

Archivo: 1
RiskWare.Tool.CK, C:\USERS\YUYUB\DESKTOP\COSAS\KASPERSKY 2011 CRACK-XTREME 3700\WWW.MISDESCARGAS.ORG_11KISSESSSERIES_WWW.MISDESCARGAS.ORG.RAR, En cuarentena, [7457], [137302],1.0.13167

Sector físico: 0
(No hay elementos maliciosos detectados)

WMI: 0
(No hay elementos maliciosos detectados)


(end)

Esas notificaciones salen con cualquier navegador o dolo en Edge?

Salen sin que este abierto ningun navegador, se quedan en el centro de actividades. las mayoria me mandan a una pagina concreta: www.grapcgames. pero en todas dice a traves de Microsotf Edge. de normal uso el opera.

El Eset he podido activarlo.a ver. el gmail cuando lo abro medice que hay algun error, google intenta corregirlo y me pide que inicie sesion y certfique que soy yo, pero aun asi me dice que no puede.

Por favor ,he advertido de que no realices ninguna actividad por tu cuenta ni instalases nada.

Mañana reviso y te respondo

1 me gusta

Como se si la cosa sigue igual si no pruebo a hacer cosas que antes no podia??

el panda se ve que no se habia borrado bien, he vuelto a pasar la herramienta y ya si se ha arreglado. la cuenta de google ya ha dejado de dar error y se ha sincronizado y activado de nuevo. laas notificaciones he visto que estaban puestas en el Edge, las he desactivado. el ordenador parece que empieza a funcionar normal.

No se si quieres que le pase algo para confirmar que esta bien. gracias por echarme una mano y perdona si no te he preguntado antes de probar si funcionaba el Eset.

Puedes probar el pc como siempre, pero nunca debes instalar mas antivirus que uno, pues puedes dañar el sistema…para eso hay antivirus online u otras herramientas.

Si tienes Avira, no debes instalar otro, sin quitar ese, por ejemplo

Ahora vamos a hacer una revison:

Me pegas el log y comentas como va todo

voy a pasarlo, pero me pasa que ultimamente tengo problemas hasta para llegar al foro, el opera me bloquea la pagina y para bajarme el Dr Web me lo ponia como malicioso. El Avira lo tenia quitado solo tenia la extension para opera. ahora solo esta el Malware bytes y el Eset, en prueba y despues ya vere cual de los dos me quedo, a ver que oferta me interesa mas de los dos y el funcionamiento.

Lo de Dr web es un falso positivo, ,vas comentado

he desactivado el Malwareytes y el Eset para pasarlo y me dice que no hay nada, esto pone al final del reporte:

Total 10273379246 bytes in 24204 files scanned (26797 objects) Total 24336 files (26760 objects) are clean There are no infected objects detected Total 37 files are raised error condition Scan time is 00:30:15.259

Ok… prueba bien el pc y comenta

1 me gusta