Virus redirecciona a www5.mylot.com y pwz2.com

Hola a todos.

Me registro en este foro como medida desesperada para encontrar solución a un problema que me trae de cabeza desde hace meses con el navegador Chrome. Como indico en el asunto, cuando visito ciertas páginas, se me abren una o dos ventanas que me redireccionan a “www5. mylot. com” y a “pwz2 . com”. Ahora mismo, que recuerde, me pasa siempre en Filmaffinity, página que ya estoy dejando de utilizar por lo incómodo que me resulta la navegación a cada refresco que hace la web.

He buscado en internet acerca de estos virus y solo me aparecen resultados que redireccionan a webs para descargar antispyware de dudosa fiabilidad.

He probado a formatear el disco duro y el problema persiste, así que se tiene que tratar de alguna o algunas extensiones, pero no logro dar con cuál. Las he ido deshabilitando una por una sin éxito, así que supongo que hasta que no se desinstalen, no solucionaré el problema.

Buscando en el foro, he visto que un usuario tenía prácticamente mi mismo problema. ¿@SanMar o cualquier otro usuario sería tan amable de analizar los registros que saque de esos programas (entiendo que hay que seguir los mismos pasos) y localizarme las extensiones problemáticas?

Muchas gracias de antemano.

1 me gusta

Hola @Grimmer, Bienvenido al foro!!!

Pon los reportes de las herramientas utilizadas para revisarlos.

Un saludo

1 me gusta

Muchas gracias por la bienvenida y por ofrecerte a ayudarme, @Daniela. A continuación pongo los reportes (los pongo en distintos mensajes, que me paso del límite de espacio):

# -------------------------------
# Malwarebytes AdwCleaner 8.0.7.0
# -------------------------------
# Build:    07-22-2020
# Database: 2020-07-20.1 (Local)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start:    09-19-2020
# Duration: 00:00:01
# OS:       Windows 10 Pro
# Cleaned:  0
# Failed:   0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1405 octets] - [10/09/2020 00:31:16]
AdwCleaner[C00].txt - [1595 octets] - [10/09/2020 00:32:10]
AdwCleaner[S01].txt - [1527 octets] - [12/09/2020 02:17:43]
AdwCleaner[S02].txt - [1588 octets] - [19/09/2020 02:03:32]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C02].txt ##########
~ ZHPCleaner v2020.9.11.230 by Nicolas Coolman (2020/09/11)
~ Run by dcd_9 (Administrator)  (19/09/2020 02:25:53)
~ Web: https://www.nicolascoolman.com
~ Blog: https://nicolascoolman.eu/
~ Facebook : https://www.facebook.com/nicolascoolman1
~ State version : Version KO
~ Certificate ZHPCleaner: Legal
~ Type : Reparar
~ Report : C:\Users\dcd_9\OneDrive\Desktop\ZHPCleaner (R).txt
~ Quarantine : C:\Users\dcd_9\AppData\Roaming\ZHP\ZHPCleaner_Reg.txt
~ UAC : Activate
~ Boot Mode : Normal (Normal boot)
Windows 10 Pro, 64-bit  (Build 18363)

---\  Alternate Data Stream (ADS). (0)
~ No malintencionados o innecesarios artículos encontrados. (ADS)

---\  Servicios (0)
~ No malintencionados o innecesarios artículos encontrados. (Servicio)

---\  Navegadores de Internet (1)
MOVIDO carpeta: C:\Users\dcd_9\AppData\Local\Google\Chrome\User Data\Default\Preferences

---\  Hosts carpeta (1)
~ El archivo hosts es legítimo (23)

---\  Tareas automáticas programadas. (0)
~ No malintencionados o innecesarios artículos encontrados. (Tarea)

---\  Explorador ( Archivos, Carpetas ) (0)
~ No malintencionados o innecesarios artículos encontrados. (Explorer)

---\  Registro ( Claves, Valores, Datos) (1)
BORRADOS valor: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\GoogleChromeAutoLaunch_2A1DD5A7C9FE5CA32A8A08411741386C ['C:\Program Files (x86)\Google\Chrome\Application\]  =>PUP.Optional.MyBrowser

---\  Resumen de elementos en su estación de trabajo (1)
https://nicolascoolman.eu/2017/11/01/adware-mybrowser/  =>PUP.Optional.MyBrowser

---\ Limpieza adicional. (5)
~ Clave de registro Tracing borrados (5)
~ Quitar los antiguos informes de ZHPCleaner. (0)

---\ Resultado de la reparación.
~ Reparación llevada a cabo con éxito
~ Mozilla Firefox OK
~ Internet Explorer OK

---\ STATISTIQUES
~ Items escaneado : 1526
~ Items encontrado : 0
~ artículos cancelados : 0
~ Ahorro de espacio (bytes) : 0
~ Items opciones : 8/15

---\ OPCIONES NO ACTIVAS
~ Análisis temporal de archivos
~ Análisis temporal de carpetas
~ Análisis de CLSID de carpetas vacías
~ Vaciar otro análisis de carpetas
~ Análisis de carpetas locales vacías
~ Análisis de archivos de instalación obsoleto

~ End of clean in 00h00mn19s

---\  Reporte (3)
ZHPCleaner-[S]-14092020-21_19_47.txt
ZHPCleaner-[S]-19092020-02_23_32.txt
ZHPCleaner-[R]-19092020-02_26_12.txt
Malwarebytes
www.malwarebytes.com

-Detalles del registro-
Fecha del análisis: 19/9/20
Hora del análisis: 2:30
Archivo de registro: 583a6134-fa0f-11ea-b7dd-ec21e562d222.json

-Información del software-
Versión: 4.2.1.89
Versión de los componentes: 1.0.1045
Versión del paquete de actualización: 1.0.30055
Licencia: Prueba

-Información del sistema-
SO: Windows 10 (Build 18362.1082)
CPU: x64
Sistema de archivos: NTFS
Usuario: DESKTOP-12LII22\dcd_9

-Resumen del análisis-
Tipo de análisis: Análisis personalizado
Análisis iniciado por:: Manual
Resultado: Completado
Objetos analizados: 479506
Amenazas detectadas: 6
Amenazas en cuarentena: 0
Tiempo transcurrido: 47 min, 41 seg

-Opciones de análisis-
Memoria: Activado
Inicio: Activado
Sistema de archivos: Activado
Archivo: Activado
Rootkits: Desactivado
Heurística: Activado
PUP: Detectar
PUM: Detectar

-Detalles del análisis-
Proceso: 0
(No hay elementos maliciosos detectados)

Módulo: 0
(No hay elementos maliciosos detectados)

Clave del registro: 0
(No hay elementos maliciosos detectados)

Valor del registro: 0
(No hay elementos maliciosos detectados)

Datos del registro: 0
(No hay elementos maliciosos detectados)

Secuencia de datos: 0
(No hay elementos maliciosos detectados)

Carpeta: 0
(No hay elementos maliciosos detectados)

Archivo: 6
HackTool.FilePatch, C:\PROGRAM FILES (X86)\ADOBE\ACROBAT DC\ACROBAT\ADOBE.ACROBAT.PRO.DC.2019.XXX-PATCH 13.11.2019.EXE, Sin acciones por parte del usuario, 7504, 281135, 1.0.30055, , ame, , FB219D4675AD48DEB65020AFF42E3995, D8D330D717C1C90C1CB2FA05049BD402EDB816DA304EAFBE2C85A7C723F7DF2E
HackTool.Patcher, C:\PROGRAM FILES (X86)\ADOBE\ACROBAT DC\ACROBAT\ADOBE.SNR.PATCH.V2.0-PAINTER.EXE, Sin acciones por parte del usuario, 7526, 473286, 1.0.30055, 7FC2D1E630CEDB42FC9A7ED2, dds, 00902831, B31679DB7DB878992B4553290A9E6C7C, 256C2A409C97448D168F3EB1BFB89AF3D259DFC05A510A3F464D8E4B348116D4
HackTool.Patcher, C:\USERS\DCD_9\APPDATA\LOCAL\PACKAGES\MICROSOFT.WINDOWSCOMMUNICATIONSAPPS_8WEKYB3D8BBWE\LOCALSTATE\FILES\S0\8\ATTACHMENTS\ADOBE.SNR.PATCH.V2.0-PAINTER[1288].ZIP, Sin acciones por parte del usuario, 7526, 473286, 1.0.30055, 7FC2D1E630CEDB42FC9A7ED2, dds, 00902831, 0CF0907EA199909CA9C86DE3097FFD21, 7B0BDEDD52B08BBED1DF72F13F333A556286AA6B0E9804422477994A245A4FE6
Generic.Malware/Suspicious, C:\USERS\DCD_9\APPDATA\LOCAL\PACKAGES\MICROSOFT.WINDOWSCOMMUNICATIONSAPPS_8WEKYB3D8BBWE\LOCALSTATE\FILES\S0\8\ATTACHMENTS\KM1.4.9[1336].RAR, Sin acciones por parte del usuario, 0, 392686, 1.0.30055, , shuriken, , 1B6A6F66A68FBCA69384B15BD0785964, C19F25BDA2427057A489BFD0000956F05741937A8D1102B1D05FF4E63670F9A3
Generic.Malware/Suspicious, C:\USERS\DCD_9\APPDATA\LOCAL\PACKAGES\MICROSOFT.WINDOWSCOMMUNICATIONSAPPS_8WEKYB3D8BBWE\LOCALSTATE\FILES\S0\8\ATTACHMENTS\KM1.4.9[1337].RAR, Sin acciones por parte del usuario, 0, 392686, 1.0.30055, , shuriken, , 1B6A6F66A68FBCA69384B15BD0785964, C19F25BDA2427057A489BFD0000956F05741937A8D1102B1D05FF4E63670F9A3
PUP.Optional.OpenCandy, C:\USERS\DCD_9\APPDATA\LOCAL\PACKAGES\MICROSOFT.WINDOWSCOMMUNICATIONSAPPS_8WEKYB3D8BBWE\LOCALSTATE\FILES\S0\8\ATTACHMENTS\PARTICIONAR HDD[1364].RAR, Sin acciones por parte del usuario, 1259, 63152, 1.0.30055, , ame, , D79B3867DAD48ADB515643CCABAFD5D4, CB45B3C2D3B5B8195873A541D8F8B1468BBB129CBCAF2AEE06CEBBEBDA5B7453

Sector físico: 0
(No hay elementos maliciosos detectados)

WMI: 0
(No hay elementos maliciosos detectados)


(end)

El FRST no cabe entero, lo parto en dos (1):

Resultado del análisis realizado por Farbar Recovery Scan Tool (FRST) (x64) Versión: 16-09-2020
Ejecutado por dcd_9 (administrador) sobre DESKTOP-12LII22 (TOSHIBA SATELLITE PRO R50-C) (19-09-2020 03:47:04)
Ejecutado desde D:\Descargas
Perfiles cargados: dcd_9
Platform: Windows 10 Pro Versión 1909 18363.1082 (X64) Idioma: Español (España, internacional)
Navegador predeterminado: Chrome
Modo de Inicio: Normal
Tutorial para Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Procesos (Lista blanca) =================

(Si una entrada es incluida en el fixlist, el proceso será cerrado. El archivo no será movido.)

(Adobe Inc. -> Adobe Inc) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Inc. -> Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\acrotray.exe
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe <2>
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Adobe Systems Incorporated) C:\Program Files\WindowsApps\AcrobatNotificationClient_1.0.4.0_x86__e1rzdqpraam7r\AcrobatNotificationClient.exe
(Adobe Systems Incorporated) C:\Program Files\WindowsApps\AdobeNotificationClient_2.0.1.8_x86__enpm4xejd91yc\AdobeNotificationClient.exe
(Code Sector -> Code Sector) C:\Program Files\TeraCopy\TeraCopyService.exe
(Dynabook Inc. -> Dynabook Inc.) C:\Windows\System32\DriverStore\FileRepository\thpevm.inf_amd64_fbe1ecd1798ba35b\dynabookHDDProtection.exe
(Dynabook Inc. -> Dynabook Inc.) C:\Windows\System32\DriverStore\FileRepository\tossrvctl.inf_amd64_394009051d127e50\DSDFunctionKeyCtlService.exe <2>
(Dynabook Inc. -> Dynabook Inc.) C:\Windows\System32\DriverStore\FileRepository\tossrvctl.inf_amd64_394009051d127e50\dynabookSystemService.exe
(Dynabook Inc. -> Dynabook Inc.) C:\Windows\System32\DriverStore\FileRepository\tossrvctl.inf_amd64_394009051d127e50\RMService.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <24>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler64.exe
(Intel(R) pGFX 2020 -> ) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_cf129e457c51e71b\OneApp.IGCC.WinService.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_0ff9f497187b8bed\igfxCUIService.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_0ff9f497187b8bed\igfxEM.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_020c2c7d3ac4a7d3\IntelCpHDCPSvc.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_020c2c7d3ac4a7d3\IntelCpHeciSvc.exe
(Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Mega Limited -> Mega Limited) C:\Users\dcd_9\AppData\Local\MEGAsync\MEGAsync.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SecurityHealthHost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUI.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2008.9-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe <2>
(Node.js Foundation -> Node.js) C:\Program Files\Adobe\Adobe Creative Cloud Experience\libs\node.exe
(Open Source Developer, Robin Krom -> Greenshot) C:\Program Files\Greenshot\Greenshot.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe

==================== Registro (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.)

HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3022416 2020-03-04] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [Greenshot] => C:\Program Files\Greenshot\Greenshot.exe [527792 2017-08-09] (Open Source Developer, Robin Krom -> Greenshot)
HKLM\...\Run: [WindowsDefender] => "%ProgramFiles%\Windows Defender\MSASCuiL.exe"
HKLM-x32\...\Run: [TeamsMachineInstaller] => C:\Program Files (x86)\Teams Installer\Teams.exe [97509120 2020-01-03] (Microsoft Corporation -> Microsoft Corporation)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2091064 2020-07-17] (Adobe Inc. -> Adobe Inc.)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [5314096 2020-02-05] (Adobe Inc. -> Adobe Systems Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard Company -> Hewlett-Packard)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [710264 2020-06-18] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [114824 2020-06-06] (Adobe Inc. -> )
HKU\S-1-5-21-2889404154-267517090-4050638038-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\dcd_9\AppData\Local\Microsoft\Teams\Update.exe [2324624 2020-04-05] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-2889404154-267517090-4050638038-1001\...\Run: [CCXProcess] => C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [677512 2020-09-01] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-2889404154-267517090-4050638038-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3395360 2020-09-04] (Valve -> Valve Corporation)
HKU\S-1-5-21-2889404154-267517090-4050638038-1001\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [5557296 2020-02-05] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-2889404154-267517090-4050638038-1001\...\Run: [09C5EF2B9223BF97CCA89F0E2688E220D5BA0720._service_run] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=service /prefetch:8
HKU\S-1-5-21-2889404154-267517090-4050638038-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [28990136 2020-06-17] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-2889404154-267517090-4050638038-1001\...\Run: [GoogleChromeAutoLaunch_2A1DD5A7C9FE5CA32A8A08411741386C] => "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5
HKU\S-1-5-21-2889404154-267517090-4050638038-1001\...\RunOnce: [Application Restart #1] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe  --flag-switches-begin --flag-switches-end --enable-audio-service-sandbox --restore-last-session --flag-switches-begin --flag-switches-end - (la entrada de datos tiene 102 más caracteres).
HKLM\...\Windows x64\Print Processors\hpfpp70v: C:\Windows\System32\spool\prtprocs\x64\hpfpp70v.dll [248320 2009-04-16] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Corporation)
HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\Windows\system32\AdobePDF.dll [65488 2020-02-05] (Adobe Inc. -> Adobe Systems Inc)
HKLM\...\Print\Monitors\hpf3l70v.dll: C:\Windows\system32\hpf3l70v.dll [136704 2009-04-16] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Company)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\85.0.4183.102\Installer\chrmstp.exe [2020-09-10] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2020-05-07]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett Packard -> Hewlett-Packard Co.)
Startup: C:\Users\dcd_9\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Enviar a OneNote.lnk [2020-09-06]
ShortcutTarget: Enviar a OneNote.lnk -> C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
Startup: C:\Users\dcd_9\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk [2020-06-26]
ShortcutTarget: MEGAsync.lnk -> C:\Users\dcd_9\AppData\Local\MEGAsync\MEGAsync.exe (Mega Limited -> Mega Limited)
GroupPolicy: Restricción ? <==== ATENCIÓN

==================== Tareas programadas (Lista blanca) ============

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

Task: {1DCF731B-343D-42EC-BAE6-B7985CD22F75} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2008.9-0\MpCmdRun.exe [525032 2020-08-29] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {1F1DB053-4E23-4E5A-B45D-79C4C547E853} - System32\Tasks\MEGA\MEGAsync Update Task S-1-5-21-2889404154-267517090-4050638038-1001 => C:\Users\dcd_9\AppData\Local\MEGAsync\MEGAupdater.exe [1818360 2020-06-10] (Mega Limited -> Mega Limited)
Task: {20A0EC34-D218-4C80-B0E9-6D2931F0D90A} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [126152 2020-04-10] (Mozilla Corporation -> Mozilla Foundation)
Task: {318F9ECB-A987-4C71-99A1-AD2387BF4F62} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3022416 2020-03-04] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {399433D3-6B5C-4576-BE3D-8FB92947A563} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2008.9-0\MpCmdRun.exe [525032 2020-08-29] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {428C32F3-C01A-4A6D-88FE-606AB0B8E233} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [145768 2020-09-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {44B9D8E7-5707-4301-B425-BD3E273A1DF6} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2020-06-17] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {55A996B9-8505-47E4-B8C9-5391B648B34F} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1683344 2020-09-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {55FE09AE-F40B-42BB-A168-068CC068B39A} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22764408 2020-09-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {6B0946D7-12B7-4C6B-A39D-CBD4D2F58B1A} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [3617568 2020-03-30] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {8BA097EA-7E94-4FC7-8FF4-10BB94B785A2} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2008.9-0\MpCmdRun.exe [525032 2020-08-29] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {94976531-E179-45E0-90B3-C0042A8A76D8} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [24584376 2020-06-17] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {A4A605D5-EB00-4204-ADB3-59714B30271B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-04-09] (Google LLC -> Google LLC)
Task: {B02648F5-1895-44EA-B29D-211FA2A8058F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-04-09] (Google LLC -> Google LLC)
Task: {B8A209C9-3D45-46D9-AF0A-23F1889E20AD} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [5057952 2020-09-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {B9220838-3A74-45F6-9942-B3DCF2D4473D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-09-08] (Adobe Inc. -> Adobe)
Task: {C52DA16F-CA59-4326-B3BE-29C02C9F53D6} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_433_pepper.exe [1497656 2020-09-08] (Adobe Inc. -> Adobe)
Task: {D44EBD61-8649-4356-A2D4-F7F1FD4F8052} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [145768 2020-09-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {DA186097-7FFC-4460-A86F-6BE6412978C7} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [5057952 2020-09-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {E4A9083B-99AD-4CE6-84C1-52D7B56379D9} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22764408 2020-09-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {E66DB9BE-5B28-4874-8E62-8CA6AC893ED2} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1336400 2020-07-08] (Adobe Inc. -> Adobe Inc.)
Task: {F6A3DC73-624F-4BAF-8766-1CD6E817C6F7} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2008.9-0\MpCmdRun.exe [525032 2020-08-29] (Microsoft Windows Publisher -> Microsoft Corporation)

(Si una entrada es incluida en el fixlist, el archivo de tarea (.job) será movido. El archivo que está siendo ejecutado por la tarea no será movido.)


==================== Internet (Lista blanca) ====================

(Si un elemento es incluido en el fixlist, y éste pertenece al registro, será eliminado o restaurado a su valor predeterminado.)

Hosts: 0.0.0.0 www.airexplorer.net
Tcpip\Parameters: [DhcpNameServer] 80.58.61.254 80.58.61.250
Tcpip\..\Interfaces\{99d30504-dd6c-4e21-b076-69d794e3f960}: [DhcpNameServer] 80.58.61.254 80.58.61.250

Edge: 
======
Edge Profile: C:\Users\dcd_9\AppData\Local\Microsoft\Edge\User Data\Default [2020-09-19]

FireFox:
========
FF DefaultProfile: 864lz2yc.default
FF ProfilePath: C:\Users\dcd_9\AppData\Roaming\Mozilla\Firefox\Profiles\864lz2yc.default [2020-04-05]
FF ProfilePath: C:\Users\dcd_9\AppData\Roaming\Mozilla\Firefox\Profiles\6aqac050.default-release [2020-09-19]
FF Homepage: Mozilla\Firefox\Profiles\6aqac050.default-release -> www.google.es/
FF Extension: (Browsec VPN - Free and Unlimited VPN) - C:\Users\dcd_9\AppData\Roaming\Mozilla\Firefox\Profiles\6aqac050.default-release\Extensions\[email protected] [2020-04-05]
FF Extension: (Tampermonkey) - C:\Users\dcd_9\AppData\Roaming\Mozilla\Firefox\Profiles\6aqac050.default-release\Extensions\[email protected] [2020-04-11]
FF Extension: (El Camelizer) - C:\Users\dcd_9\AppData\Roaming\Mozilla\Firefox\Profiles\6aqac050.default-release\Extensions\[email protected] [2020-04-05]
FF Extension: (Hola Free VPN Proxy Unblocker) - C:\Users\dcd_9\AppData\Roaming\Mozilla\Firefox\Profiles\6aqac050.default-release\Extensions\[email protected] [2020-04-20]
FF Extension: (I don't care about cookies) - C:\Users\dcd_9\AppData\Roaming\Mozilla\Firefox\Profiles\6aqac050.default-release\Extensions\[email protected] [2020-04-20]
FF Extension: (uBlock Origin) - C:\Users\dcd_9\AppData\Roaming\Mozilla\Firefox\Profiles\6aqac050.default-release\Extensions\[email protected] [2020-04-08]
FF Extension: (Buscar imagen en Google) - C:\Users\dcd_9\AppData\Roaming\Mozilla\Firefox\Profiles\6aqac050.default-release\Extensions\{466147da-7e04-41ab-bb22-fd192370262e}.xpi [2020-04-05]
FF Extension: (Open image in a new tab) - C:\Users\dcd_9\AppData\Roaming\Mozilla\Firefox\Profiles\6aqac050.default-release\Extensions\{7276f3bb-de56-4b5a-b940-88b62731d409}.xpi [2020-04-05]
FF Extension: (Adblock Plus - bloqueador de anuncios gratis) - C:\Users\dcd_9\AppData\Roaming\Mozilla\Firefox\Profiles\6aqac050.default-release\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2020-04-05]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Extension: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2020-02-04]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-09-16] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2020-07-17] (Adobe Inc. -> Adobe Systems)
FF Plugin-x32: @java.com/DTPlugin,version=11.261.2 -> C:\Program Files (x86)\Java\jre1.8.0_261\bin\dtplugin\npDeployJava1.dll [2020-08-15] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.261.2 -> C:\Program Files (x86)\Java\jre1.8.0_261\bin\plugin2\npjp2.dll [2020-08-15] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2020-09-16] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2020-09-16] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=3.0.10 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.11 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2020-02-05] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2020-07-17] (Adobe Inc. -> Adobe Systems)
FF Plugin HKU\S-1-5-21-2889404154-267517090-4050638038-1001: @zoom.us/ZoomVideoPlugin -> C:\Users\dcd_9\AppData\Roaming\Zoom\bin\npzoomplugin.dll [2020-04-26] (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)

Chrome: 
=======
CHR Profile: C:\Users\dcd_9\AppData\Local\Google\Chrome\User Data\Default [2020-09-19]
CHR Notifications: Default -> hxxps://meet.google.com; hxxps://pacot.es; hxxps://tinder.com; hxxps://www.youtube.com
CHR HomePage: Default -> hxxp://www.google.es/
CHR StartupUrls: Default -> "hxxp://www.google.es/"
CHR NewTab: Default ->  Active:"chrome-extension://llaficoajjainaijghjlofdfmbjpebpa/newtab.html"
CHR Extension: (Flash Video Downloader) - C:\Users\dcd_9\AppData\Local\Google\Chrome\User Data\Default\Extensions\aiimdkdngfcipjohbjenkahhlhccpdbc [2020-09-19]
CHR Extension: (Flash Video Downloader Plus) - C:\Users\dcd_9\AppData\Local\Google\Chrome\User Data\Default\Extensions\alfnggielnhdpdamedeokgppcilgainm [2020-09-19]
CHR Extension: (That is Worth) - C:\Users\dcd_9\AppData\Local\Google\Chrome\User Data\Default\Extensions\apcjfffnnlfkhfilnooghekpobiadgmd [2020-09-19]
CHR Extension: (Adblock Plus - bloqueador de anuncios gratis) - C:\Users\dcd_9\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2020-09-19]
CHR Extension: (Descargador de Vídeo Vimeo) - C:\Users\dcd_9\AppData\Local\Google\Chrome\User Data\Default\Extensions\cgpbghdbejagejmciefmekcklikpoeel [2020-09-19]
CHR Extension: (uBlock Origin) - C:\Users\dcd_9\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2020-09-19]
CHR Extension: (Tampermonkey) - C:\Users\dcd_9\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2020-09-19]
CHR Extension: (Adobe Acrobat) - C:\Users\dcd_9\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2020-09-19]
CHR Extension: (GoFullPage - Full Page Screen Capture) - C:\Users\dcd_9\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdpohaocaechififmbbbbbknoalclacl [2020-09-19]
CHR Extension: (Gyazo) - C:\Users\dcd_9\AppData\Local\Google\Chrome\User Data\Default\Extensions\ffdaeeijbbijklfcpahbghahojgfgebo [2020-09-19]
CHR Extension: (I don't care about cookies) - C:\Users\dcd_9\AppData\Local\Google\Chrome\User Data\Default\Extensions\fihnjjcciajhdojfnbdddfaoknhalnja [2020-09-19]
CHR Extension: (EditThisCookie) - C:\Users\dcd_9\AppData\Local\Google\Chrome\User Data\Default\Extensions\fngmhnnpilhplaeedifhccceomclgfbg [2020-09-19]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\dcd_9\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-09-19]
CHR Extension: (Hola Free VPN Proxy Unblocker - Best VPN) - C:\Users\dcd_9\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio [2020-09-19]
CHR Extension: (Google Search \) - C:\Users\dcd_9\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgngncnljacgakaiifjcgdnknaglfipo [2020-09-19]
CHR Extension: (Windscribe - Free Proxy and Ad Blocker) - C:\Users\dcd_9\AppData\Local\Google\Chrome\User Data\Default\Extensions\hnmpcagpplmpfojmgmnngilcnanddlhb [2020-09-19]
CHR Extension: (EverSync - Sync bookmarks, backup favorites) - C:\Users\dcd_9\AppData\Local\Google\Chrome\User Data\Default\Extensions\iohcojnlgnfbmjfjfkbhahhmppcggdog [2020-09-19]
CHR Extension: (Video Blocker) - C:\Users\dcd_9\AppData\Local\Google\Chrome\User Data\Default\Extensions\jknkjnpcbbgcbdbaampbjlhkcghmgfhk [2020-09-19]
CHR Extension: (Ver Imagen) - C:\Users\dcd_9\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpcmhcelnjdmblfmjabdeclccemkghjk [2020-09-19]
CHR Extension: (Player para ver Movistar+) - C:\Users\dcd_9\AppData\Local\Google\Chrome\User Data\Default\Extensions\kenfcfndncbbggmafjjeihkdclggbojn [2020-09-19]
CHR Extension: (Zoom Scheduler) - C:\Users\dcd_9\AppData\Local\Google\Chrome\User Data\Default\Extensions\kgjfgplpablkjnlkjmjdecgdpfankdle [2020-09-19]
CHR Extension: (imgur Uploader) - C:\Users\dcd_9\AppData\Local\Google\Chrome\User Data\Default\Extensions\lcpkicdemehhmkjolekhlglljnkggfcf [2020-09-19]
CHR Extension: (Speed Dial [FVD] - New Tab Page, 3D, Sync...) - C:\Users\dcd_9\AppData\Local\Google\Chrome\User Data\Default\Extensions\llaficoajjainaijghjlofdfmbjpebpa [2020-09-19]
CHR Extension: (LightShot (la herramienta de captura de pantalla)) - C:\Users\dcd_9\AppData\Local\Google\Chrome\User Data\Default\Extensions\mbniclmhobmnbdlbpiphghaielnnpgdp [2020-09-19]
CHR Extension: (Captura de página completa - FireShot) - C:\Users\dcd_9\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbpblocgmgfnpjjppndjkmgjaogfceg [2020-09-19]
CHR Extension: (Keepa - Amazon Price Tracker) - C:\Users\dcd_9\AppData\Local\Google\Chrome\User Data\Default\Extensions\neebplgakaahbhdphmkckjjcegoiijjo [2020-09-19]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\dcd_9\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-09-19]
CHR Extension: (Browsec VPN - Free VPN for Chrome) - C:\Users\dcd_9\AppData\Local\Google\Chrome\User Data\Default\Extensions\omghfjlpggmjjaagoclmmobgdodcjboh [2020-09-19]
CHR Extension: (Chrome Media Router) - C:\Users\dcd_9\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-09-19]
CHR Extension: (Enhancer for YouTube™) - C:\Users\dcd_9\AppData\Local\Google\Chrome\User Data\Default\Extensions\ponfpcnoihfmfllpaingbgckeeldkhle [2020-09-19]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]

==================== Servicios (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169544 2020-07-08] (Adobe Inc. -> Adobe Inc.)
S3 AdobeFlashPlayerUpdateSvc; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-09-08] (Adobe Inc. -> Adobe)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [844856 2020-06-20] (Adobe Inc. -> Adobe Inc.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3374160 2020-03-04] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3103824 2020-03-04] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8838528 2020-09-04] (Microsoft Corporation -> Microsoft Corporation)
R2 DSDFunctionKeyCtlService; C:\Windows\System32\DriverStore\FileRepository\tossrvctl.inf_amd64_394009051d127e50\DSDFunctionKeyCtlService.exe [615752 2020-04-07] (Dynabook Inc. -> Dynabook Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7185288 2020-09-19] (Malwarebytes Inc -> Malwarebytes)
R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [Archivo no firmado]
R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [Archivo no firmado]
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [6150504 2020-09-10] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [13109264 2020-06-22] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
R2 TeraCopyService; C:\Program Files\TeraCopy\TeraCopyService.exe [110416 2017-05-05] (Code Sector -> Code Sector)
R2 TSDHDDProtectService; C:\Windows\System32\DriverStore\FileRepository\thpevm.inf_amd64_fbe1ecd1798ba35b\dynabookHDDProtection.exe [426000 2019-10-09] (Dynabook Inc. -> Dynabook Inc.)
R2 TSDSettingService; C:\Windows\System32\DriverStore\FileRepository\tossrvctl.inf_amd64_394009051d127e50\dynabookSystemService.exe [44764976 2020-04-07] (Dynabook Inc. -> Dynabook Inc.)
S2 TSDTabletControlService; C:\Windows\System32\DriverStore\FileRepository\tossrvctl.inf_amd64_394009051d127e50\TOSTABSYSSVC.exe [254264 2020-04-07] (Dynabook Inc. -> Dynabook Inc.)
R2 TSDWirelessLEDCtlService; C:\Windows\System32\DriverStore\FileRepository\tossrvctl.inf_amd64_394009051d127e50\RMService.exe [446224 2020-04-07] (Dynabook Inc. -> Dynabook Inc.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2008.9-0\NisSrv.exe [2343112 2020-08-29] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2008.9-0\MsMpEng.exe [128360 2020-08-29] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Controladores (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [231936 2020-01-09] (Microsoft Corporation) [Archivo no firmado]
R3 libusb0; C:\Windows\system32\DRIVERS\libusb0.sys [52832 2020-08-15] (Travis Lee Robinson -> hxxp://libusb-win32.sourceforge.net)
S3 libusbK; C:\Windows\System32\drivers\libusbK.sys [47928 2020-08-15] (Travis Lee Robinson -> hxxp://libusb-win32.sourceforge.net)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [217592 2020-09-19] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [19912 2020-09-19] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [248968 2020-09-19] (Malwarebytes Inc -> Malwarebytes)
R3 Thotkey; C:\Windows\System32\drivers\Thotkey.sys [47816 2019-04-30] (Dynabook Inc. -> Dynabook Inc.)
R0 Thpevm; C:\Windows\System32\drivers\Thpevm.SYS [27600 2019-10-09] (Dynabook Inc. -> Dynabook Inc.)
R3 tosrfec; C:\Windows\System32\drivers\tosrfec.sys [37808 2019-04-30] (Dynabook Inc. -> Dynabook Inc.)
R1 TosSrvCtlDrv; C:\Windows\System32\DriverStore\FileRepository\tossrvctl.inf_amd64_394009051d127e50\TosSrvCtlDrv.sys [25816 2020-04-07] (Dynabook Inc. -> Dynabook Inc.)
R0 TVALZ; C:\Windows\System32\drivers\TVALZ.SYS [45880 2020-08-01] (Dynabook Inc. -> Dynabook Inc.)
S3 WacomPen; C:\Windows\System32\drivers\wacompen.sys [31744 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [48520 2020-08-29] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [428256 2020-08-29] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [69856 2020-08-29] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)


==================== Un mes (creado) ===================

(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)

2020-09-19 03:32 - 2020-09-19 03:47 - 000000000 ____D C:\FRST
2020-09-19 02:29 - 2020-09-19 02:29 - 000217592 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
2020-09-19 01:52 - 2020-09-19 01:52 - 000248968 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2020-09-19 01:52 - 2020-09-19 01:52 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2020-09-19 01:52 - 2020-09-19 01:52 - 000002021 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2020-09-19 01:52 - 2020-09-19 01:52 - 000000000 ____D C:\Users\dcd_9\AppData\Local\mbam
2020-09-19 01:52 - 2020-09-19 01:51 - 000019912 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamElam.sys
2020-09-19 01:51 - 2020-09-19 01:51 - 000153312 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2020-09-19 01:51 - 2020-09-19 01:51 - 000000000 ____D C:\ProgramData\Malwarebytes
2020-09-19 01:50 - 2020-09-19 01:50 - 000000000 ____D C:\Program Files\Malwarebytes
2020-09-19 01:32 - 2020-09-19 01:32 - 000003936 _____ C:\Windows\system32\Tasks\CCleaner Update
2020-09-19 01:32 - 2020-09-19 01:32 - 000002888 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC
2020-09-19 01:32 - 2020-09-19 01:32 - 000000863 _____ C:\Users\Public\Desktop\CCleaner.lnk
2020-09-19 01:32 - 2020-09-19 01:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2020-09-19 01:32 - 2020-09-19 01:32 - 000000000 ____D C:\Program Files\CCleaner
2020-09-16 17:03 - 2020-09-16 17:03 - 000002456 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype for Business.lnk
2020-09-16 17:03 - 2020-09-16 17:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
2020-09-15 16:51 - 2020-09-15 16:51 - 000000000 ____D C:\Program Files\AutoFirma
2020-09-15 16:33 - 2020-09-15 16:41 - 000000000 ____D C:\Users\dcd_9\.fnmt
2020-09-15 16:33 - 2020-09-15 16:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ConfiguradorFnmt
2020-09-15 16:33 - 2020-09-15 16:33 - 000000000 ____D C:\Program Files\ConfiguradorFnmt
2020-09-14 20:51 - 2020-09-19 02:26 - 000000000 ____D C:\Users\dcd_9\AppData\Roaming\ZHP
2020-09-14 20:51 - 2020-09-14 20:51 - 000000000 ____D C:\Users\dcd_9\AppData\Local\ZHP
2020-09-12 02:18 - 2020-09-12 16:55 - 000000000 ____D C:\ProgramData\HitmanPro
2020-09-10 16:42 - 2020-09-10 16:42 - 025444864 _____ (Microsoft Corporation) C:\Windows\system32\Hydrogen.dll
2020-09-10 16:42 - 2020-09-10 16:42 - 019812864 _____ (Microsoft Corporation) C:\Windows\system32\HologramWorld.dll
2020-09-10 16:42 - 2020-09-10 16:42 - 005503488 _____ (Microsoft Corporation) C:\Windows\system32\cdp.dll
2020-09-10 16:42 - 2020-09-10 16:42 - 004309504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cdp.dll
2020-09-10 16:42 - 2020-09-10 16:42 - 003525608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll
2020-09-10 16:42 - 2020-09-10 16:42 - 002494752 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2020-09-10 16:42 - 2020-09-10 16:42 - 002422384 _____ (Microsoft Corporation) C:\Windows\system32\WMVCORE.DLL
2020-09-10 16:42 - 2020-09-10 16:42 - 002315472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2020-09-10 16:42 - 2020-09-10 16:42 - 002138264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVCORE.DLL
2020-09-10 16:42 - 2020-09-10 16:42 - 001610240 _____ (Microsoft Corporation) C:\Windows\system32\HologramCompositor.dll
2020-09-10 16:42 - 2020-09-10 16:42 - 001272160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfasfsrcsnk.dll
2020-09-10 16:42 - 2020-09-10 16:42 - 001247744 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOE.DLL
2020-09-10 16:42 - 2020-09-10 16:42 - 001151808 _____ (Microsoft Corporation) C:\Windows\system32\mfmpeg2srcsnk.dll
2020-09-10 16:42 - 2020-09-10 16:42 - 001108384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfsvr.dll
2020-09-10 16:42 - 2020-09-10 16:42 - 001099600 _____ (Microsoft Corporation) C:\Windows\system32\mfds.dll
2020-09-10 16:42 - 2020-09-10 16:42 - 001098720 _____ (Microsoft Corporation) C:\Windows\system32\DolbyDecMFT.dll
2020-09-10 16:42 - 2020-09-10 16:42 - 001039872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMSPDMOE.DLL
2020-09-10 16:42 - 2020-09-10 16:42 - 001012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmpeg2srcsnk.dll
2020-09-10 16:42 - 2020-09-10 16:42 - 000952416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DolbyDecMFT.dll
2020-09-10 16:42 - 2020-09-10 16:42 - 000941568 _____ (Microsoft Corporation) C:\Windows\system32\fveapi.dll
2020-09-10 16:42 - 2020-09-10 16:42 - 000928768 _____ (Microsoft Corporation) C:\Windows\system32\WFS.exe
2020-09-10 16:42 - 2020-09-10 16:42 - 000748384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfds.dll
2020-09-10 16:42 - 2020-09-10 16:42 - 000744240 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOE.DLL
2020-09-10 16:42 - 2020-09-10 16:42 - 000738072 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOD.DLL
2020-09-10 16:42 - 2020-09-10 16:42 - 000724480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fveapi.dll
2020-09-10 16:42 - 2020-09-10 16:42 - 000709632 _____ (Microsoft Corporation) C:\Windows\system32\AppReadiness.dll
2020-09-10 16:42 - 2020-09-10 16:42 - 000682752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMADMOE.DLL
2020-09-10 16:42 - 2020-09-10 16:42 - 000669696 _____ (Microsoft Corporation) C:\Windows\system32\WFSR.dll
2020-09-10 16:42 - 2020-09-10 16:42 - 000666288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMADMOD.DLL
2020-09-10 16:42 - 2020-09-10 16:42 - 000588800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfh264enc.dll
2020-09-10 16:42 - 2020-09-10 16:42 - 000574976 _____ (Microsoft Corporation) C:\Windows\system32\mfh264enc.dll
2020-09-10 16:42 - 2020-09-10 16:42 - 000537608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2020-09-10 16:42 - 2020-09-10 16:42 - 000522752 _____ (Microsoft Corporation) C:\Windows\system32\WinBioDataModel.dll
2020-09-10 16:42 - 2020-09-10 16:42 - 000420168 _____ (Microsoft Corporation) C:\Windows\system32\MSAudDecMFT.dll
2020-09-10 16:42 - 2020-09-10 16:42 - 000415232 _____ (Microsoft Corporation) C:\Windows\system32\FXSCOMPOSE.dll
2020-09-10 16:42 - 2020-09-10 16:42 - 000408576 _____ (Microsoft Corporation) C:\Windows\system32\fveapibase.dll
2020-09-10 16:42 - 2020-09-10 16:42 - 000338944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fveapibase.dll
2020-09-10 16:42 - 2020-09-10 16:42 - 000234496 _____ (Microsoft Corporation) C:\Windows\system32\FXSCOVER.exe
2020-09-10 16:42 - 2020-09-10 16:42 - 000181248 _____ (Microsoft Corporation) C:\Windows\system32\FXSUTILITY.dll
2020-09-10 16:42 - 2020-09-10 16:42 - 000080896 _____ (Microsoft Corporation) C:\Windows\system32\WinBioDataModelOOBE.exe
2020-09-10 16:42 - 2020-09-10 16:42 - 000035328 _____ (Microsoft Corporation) C:\Windows\system32\FXSCOMPOSERES.dll
2020-09-10 16:41 - 2020-09-10 16:42 - 004129416 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
2020-09-10 16:41 - 2020-09-10 16:41 - 032928920 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsRaw.dll
2020-09-10 16:41 - 2020-09-10 16:41 - 031598936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsRaw.dll
2020-09-10 16:41 - 2020-09-10 16:41 - 022642176 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2020-09-10 16:41 - 2020-09-10 16:41 - 019852288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgehtml.dll
2020-09-10 16:41 - 2020-09-10 16:41 - 018032128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2020-09-10 16:41 - 2020-09-10 16:41 - 007761408 _____ (Microsoft Corporation) C:\Windows\system32\Chakra.dll
2020-09-10 16:41 - 2020-09-10 16:41 - 007284736 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2020-09-10 16:41 - 2020-09-10 16:41 - 006304256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2020-09-10 16:41 - 2020-09-10 16:41 - 005907456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakra.dll
2020-09-10 16:41 - 2020-09-10 16:41 - 005767744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2020-09-10 16:41 - 2020-09-10 16:41 - 004859904 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2020-09-10 16:41 - 2020-09-10 16:41 - 004605952 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2020-09-10 16:41 - 2020-09-10 16:41 - 003822592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2020-09-10 16:41 - 2020-09-10 16:41 - 003501568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2020-09-10 16:41 - 2020-09-10 16:41 - 002369336 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.AppAgent.dll
2020-09-10 16:41 - 2020-09-10 16:41 - 002230240 _____ (Microsoft Corporation) C:\Windows\system32\mfasfsrcsnk.dll
2020-09-10 16:41 - 2020-09-10 16:41 - 002190664 _____ (Microsoft Corporation) C:\Windows\system32\AppVEntSubsystems64.dll
2020-09-10 16:41 - 2020-09-10 16:41 - 001659208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Microsoft.Uev.AppAgent.dll
2020-09-10 16:41 - 2020-09-10 16:41 - 001491160 _____ (Microsoft Corporation) C:\Windows\system32\mfsvr.dll
2020-09-10 16:41 - 2020-09-10 16:41 - 001397560 _____ (Microsoft Corporation) C:\Windows\system32\hvix64.exe
2020-09-10 16:41 - 2020-09-10 16:41 - 001386824 _____ (Microsoft Corporation) C:\Windows\system32\AppVEntSubsystemController.dll
2020-09-10 16:41 - 2020-09-10 16:41 - 001313792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjet40.dll
2020-09-10 16:41 - 2020-09-10 16:41 - 001218424 _____ (Microsoft Corporation) C:\Windows\system32\ClipUp.exe
2020-09-10 16:41 - 2020-09-10 16:41 - 001138688 _____ (Microsoft Corporation) C:\Windows\system32\nettrace.dll
2020-09-10 16:41 - 2020-09-10 16:41 - 001077048 _____ (Microsoft Corporation) C:\Windows\system32\hvax64.exe
2020-09-10 16:41 - 2020-09-10 16:41 - 000882688 _____ (Microsoft Corporation) C:\Windows\system32\CPFilters.dll
2020-09-10 16:41 - 2020-09-10 16:41 - 000864768 _____ (Microsoft Corporation) C:\Windows\system32\ieproxy.dll
2020-09-10 16:41 - 2020-09-10 16:41 - 000783496 _____ (Microsoft Corporation) C:\Windows\system32\tcblaunch.exe
2020-09-10 16:41 - 2020-09-10 16:41 - 000776192 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2020-09-10 16:41 - 2020-09-10 16:41 - 000775480 _____ (Microsoft Corporation) C:\Windows\system32\securekernel.exe
2020-09-10 16:41 - 2020-09-10 16:41 - 000744960 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.Office2013CustomActions.dll
2020-09-10 16:41 - 2020-09-10 16:41 - 000706560 _____ (Microsoft Corporation) C:\Windows\system32\wsecedit.dll
==================== Registro (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.)

HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3022416 2020-03-04] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [Greenshot] => C:\Program Files\Greenshot\Greenshot.exe [527792 2017-08-09] (Open Source Developer, Robin Krom -> Greenshot)
HKLM\...\Run: [WindowsDefender] => "%ProgramFiles%\Windows Defender\MSASCuiL.exe"
HKLM-x32\...\Run: [TeamsMachineInstaller] => C:\Program Files (x86)\Teams Installer\Teams.exe [97509120 2020-01-03] (Microsoft Corporation -> Microsoft Corporation)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2091064 2020-07-17] (Adobe Inc. -> Adobe Inc.)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [5314096 2020-02-05] (Adobe Inc. -> Adobe Systems Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard Company -> Hewlett-Packard)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [710264 2020-06-18] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [114824 2020-06-06] (Adobe Inc. -> )
HKU\S-1-5-21-2889404154-267517090-4050638038-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\dcd_9\AppData\Local\Microsoft\Teams\Update.exe [2324624 2020-04-05] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-2889404154-267517090-4050638038-1001\...\Run: [CCXProcess] => C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [677512 2020-09-01] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-2889404154-267517090-4050638038-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3395360 2020-09-04] (Valve -> Valve Corporation)
HKU\S-1-5-21-2889404154-267517090-4050638038-1001\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [5557296 2020-02-05] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-2889404154-267517090-4050638038-1001\...\Run: [09C5EF2B9223BF97CCA89F0E2688E220D5BA0720._service_run] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=service /prefetch:8
HKU\S-1-5-21-2889404154-267517090-4050638038-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [28990136 2020-06-17] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-2889404154-267517090-4050638038-1001\...\Run: [GoogleChromeAutoLaunch_2A1DD5A7C9FE5CA32A8A08411741386C] => "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5
HKU\S-1-5-21-2889404154-267517090-4050638038-1001\...\RunOnce: [Application Restart #1] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe  --flag-switches-begin --flag-switches-end --enable-audio-service-sandbox --restore-last-session --flag-switches-begin --flag-switches-end - (la entrada de datos tiene 102 más caracteres).
HKLM\...\Windows x64\Print Processors\hpfpp70v: C:\Windows\System32\spool\prtprocs\x64\hpfpp70v.dll [248320 2009-04-16] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Corporation)
HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\Windows\system32\AdobePDF.dll [65488 2020-02-05] (Adobe Inc. -> Adobe Systems Inc)
HKLM\...\Print\Monitors\hpf3l70v.dll: C:\Windows\system32\hpf3l70v.dll [136704 2009-04-16] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Company)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\85.0.4183.102\Installer\chrmstp.exe [2020-09-10] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2020-05-07]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett Packard -> Hewlett-Packard Co.)
Startup: C:\Users\dcd_9\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Enviar a OneNote.lnk [2020-09-06]
ShortcutTarget: Enviar a OneNote.lnk -> C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
Startup: C:\Users\dcd_9\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk [2020-06-26]
ShortcutTarget: MEGAsync.lnk -> C:\Users\dcd_9\AppData\Local\MEGAsync\MEGAsync.exe (Mega Limited -> Mega Limited)
GroupPolicy: Restricción ? <==== ATENCIÓN

==================== Tareas programadas (Lista blanca) ============

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

Task: {1DCF731B-343D-42EC-BAE6-B7985CD22F75} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2008.9-0\MpCmdRun.exe [525032 2020-08-29] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {1F1DB053-4E23-4E5A-B45D-79C4C547E853} - System32\Tasks\MEGA\MEGAsync Update Task S-1-5-21-2889404154-267517090-4050638038-1001 => C:\Users\dcd_9\AppData\Local\MEGAsync\MEGAupdater.exe [1818360 2020-06-10] (Mega Limited -> Mega Limited)
Task: {20A0EC34-D218-4C80-B0E9-6D2931F0D90A} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [126152 2020-04-10] (Mozilla Corporation -> Mozilla Foundation)
Task: {318F9ECB-A987-4C71-99A1-AD2387BF4F62} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3022416 2020-03-04] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {399433D3-6B5C-4576-BE3D-8FB92947A563} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2008.9-0\MpCmdRun.exe [525032 2020-08-29] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {428C32F3-C01A-4A6D-88FE-606AB0B8E233} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [145768 2020-09-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {44B9D8E7-5707-4301-B425-BD3E273A1DF6} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2020-06-17] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {55A996B9-8505-47E4-B8C9-5391B648B34F} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1683344 2020-09-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {55FE09AE-F40B-42BB-A168-068CC068B39A} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22764408 2020-09-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {6B0946D7-12B7-4C6B-A39D-CBD4D2F58B1A} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [3617568 2020-03-30] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {8BA097EA-7E94-4FC7-8FF4-10BB94B785A2} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2008.9-0\MpCmdRun.exe [525032 2020-08-29] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {94976531-E179-45E0-90B3-C0042A8A76D8} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [24584376 2020-06-17] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {A4A605D5-EB00-4204-ADB3-59714B30271B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-04-09] (Google LLC -> Google LLC)
Task: {B02648F5-1895-44EA-B29D-211FA2A8058F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-04-09] (Google LLC -> Google LLC)
Task: {B8A209C9-3D45-46D9-AF0A-23F1889E20AD} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [5057952 2020-09-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {B9220838-3A74-45F6-9942-B3DCF2D4473D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-09-08] (Adobe Inc. -> Adobe)
Task: {C52DA16F-CA59-4326-B3BE-29C02C9F53D6} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_433_pepper.exe [1497656 2020-09-08] (Adobe Inc. -> Adobe)
Task: {D44EBD61-8649-4356-A2D4-F7F1FD4F8052} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [145768 2020-09-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {DA186097-7FFC-4460-A86F-6BE6412978C7} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [5057952 2020-09-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {E4A9083B-99AD-4CE6-84C1-52D7B56379D9} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22764408 2020-09-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {E66DB9BE-5B28-4874-8E62-8CA6AC893ED2} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1336400 2020-07-08] (Adobe Inc. -> Adobe Inc.)
Task: {F6A3DC73-624F-4BAF-8766-1CD6E817C6F7} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2008.9-0\MpCmdRun.exe [525032 2020-08-29] (Microsoft Windows Publisher -> Microsoft Corporation)

(Si una entrada es incluida en el fixlist, el archivo de tarea (.job) será movido. El archivo que está siendo ejecutado por la tarea no será movido.)


==================== Internet (Lista blanca) ====================

(Si un elemento es incluido en el fixlist, y éste pertenece al registro, será eliminado o restaurado a su valor predeterminado.)

Hosts: 0.0.0.0 www.airexplorer.net
Tcpip\Parameters: [DhcpNameServer] 80.58.61.254 80.58.61.250
Tcpip\..\Interfaces\{99d30504-dd6c-4e21-b076-69d794e3f960}: [DhcpNameServer] 80.58.61.254 80.58.61.250

Edge: 
======
Edge Profile: C:\Users\dcd_9\AppData\Local\Microsoft\Edge\User Data\Default [2020-09-19]

FireFox:
========
FF DefaultProfile: 864lz2yc.default
FF ProfilePath: C:\Users\dcd_9\AppData\Roaming\Mozilla\Firefox\Profiles\864lz2yc.default [2020-04-05]
FF ProfilePath: C:\Users\dcd_9\AppData\Roaming\Mozilla\Firefox\Profiles\6aqac050.default-release [2020-09-19]
FF Homepage: Mozilla\Firefox\Profiles\6aqac050.default-release -> www.google.es/
FF Extension: (Browsec VPN - Free and Unlimited VPN) - C:\Users\dcd_9\AppData\Roaming\Mozilla\Firefox\Profiles\6aqac050.default-release\Extensions\[email protected] [2020-04-05]
FF Extension: (Tampermonkey) - C:\Users\dcd_9\AppData\Roaming\Mozilla\Firefox\Profiles\6aqac050.default-release\Extensions\[email protected] [2020-04-11]
FF Extension: (El Camelizer) - C:\Users\dcd_9\AppData\Roaming\Mozilla\Firefox\Profiles\6aqac050.default-release\Extensions\[email protected] [2020-04-05]
FF Extension: (Hola Free VPN Proxy Unblocker) - C:\Users\dcd_9\AppData\Roaming\Mozilla\Firefox\Profiles\6aqac050.default-release\Extensions\[email protected] [2020-04-20]
FF Extension: (I don't care about cookies) - C:\Users\dcd_9\AppData\Roaming\Mozilla\Firefox\Profiles\6aqac050.default-release\Extensions\[email protected] [2020-04-20]
FF Extension: (uBlock Origin) - C:\Users\dcd_9\AppData\Roaming\Mozilla\Firefox\Profiles\6aqac050.default-release\Extensions\[email protected] [2020-04-08]
FF Extension: (Buscar imagen en Google) - C:\Users\dcd_9\AppData\Roaming\Mozilla\Firefox\Profiles\6aqac050.default-release\Extensions\{466147da-7e04-41ab-bb22-fd192370262e}.xpi [2020-04-05]
FF Extension: (Open image in a new tab) - C:\Users\dcd_9\AppData\Roaming\Mozilla\Firefox\Profiles\6aqac050.default-release\Extensions\{7276f3bb-de56-4b5a-b940-88b62731d409}.xpi [2020-04-05]
FF Extension: (Adblock Plus - bloqueador de anuncios gratis) - C:\Users\dcd_9\AppData\Roaming\Mozilla\Firefox\Profiles\6aqac050.default-release\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2020-04-05]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Extension: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2020-02-04]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-09-16] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2020-07-17] (Adobe Inc. -> Adobe Systems)
FF Plugin-x32: @java.com/DTPlugin,version=11.261.2 -> C:\Program Files (x86)\Java\jre1.8.0_261\bin\dtplugin\npDeployJava1.dll [2020-08-15] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.261.2 -> C:\Program Files (x86)\Java\jre1.8.0_261\bin\plugin2\npjp2.dll [2020-08-15] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2020-09-16] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2020-09-16] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=3.0.10 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.11 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2020-02-05] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2020-07-17] (Adobe Inc. -> Adobe Systems)
FF Plugin HKU\S-1-5-21-2889404154-267517090-4050638038-1001: @zoom.us/ZoomVideoPlugin -> C:\Users\dcd_9\AppData\Roaming\Zoom\bin\npzoomplugin.dll [2020-04-26] (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)

Chrome: 
=======
CHR Profile: C:\Users\dcd_9\AppData\Local\Google\Chrome\User Data\Default [2020-09-19]
CHR Notifications: Default -> hxxps://meet.google.com; hxxps://pacot.es; hxxps://tinder.com; hxxps://www.youtube.com
CHR HomePage: Default -> hxxp://www.google.es/
CHR StartupUrls: Default -> "hxxp://www.google.es/"
CHR NewTab: Default ->  Active:"chrome-extension://llaficoajjainaijghjlofdfmbjpebpa/newtab.html"
CHR Extension: (Flash Video Downloader) - C:\Users\dcd_9\AppData\Local\Google\Chrome\User Data\Default\Extensions\aiimdkdngfcipjohbjenkahhlhccpdbc [2020-09-19]
CHR Extension: (Flash Video Downloader Plus) - C:\Users\dcd_9\AppData\Local\Google\Chrome\User Data\Default\Extensions\alfnggielnhdpdamedeokgppcilgainm [2020-09-19]
CHR Extension: (That is Worth) - C:\Users\dcd_9\AppData\Local\Google\Chrome\User Data\Default\Extensions\apcjfffnnlfkhfilnooghekpobiadgmd [2020-09-19]
CHR Extension: (Adblock Plus - bloqueador de anuncios gratis) - C:\Users\dcd_9\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2020-09-19]
CHR Extension: (Descargador de Vídeo Vimeo) - C:\Users\dcd_9\AppData\Local\Google\Chrome\User Data\Default\Extensions\cgpbghdbejagejmciefmekcklikpoeel [2020-09-19]
CHR Extension: (uBlock Origin) - C:\Users\dcd_9\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2020-09-19]
CHR Extension: (Tampermonkey) - C:\Users\dcd_9\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2020-09-19]
CHR Extension: (Adobe Acrobat) - C:\Users\dcd_9\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2020-09-19]
CHR Extension: (GoFullPage - Full Page Screen Capture) - C:\Users\dcd_9\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdpohaocaechififmbbbbbknoalclacl [2020-09-19]
CHR Extension: (Gyazo) - C:\Users\dcd_9\AppData\Local\Google\Chrome\User Data\Default\Extensions\ffdaeeijbbijklfcpahbghahojgfgebo [2020-09-19]
CHR Extension: (I don't care about cookies) - C:\Users\dcd_9\AppData\Local\Google\Chrome\User Data\Default\Extensions\fihnjjcciajhdojfnbdddfaoknhalnja [2020-09-19]
CHR Extension: (EditThisCookie) - C:\Users\dcd_9\AppData\Local\Google\Chrome\User Data\Default\Extensions\fngmhnnpilhplaeedifhccceomclgfbg [2020-09-19]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\dcd_9\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-09-19]
CHR Extension: (Hola Free VPN Proxy Unblocker - Best VPN) - C:\Users\dcd_9\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio [2020-09-19]
CHR Extension: (Google Search \) - C:\Users\dcd_9\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgngncnljacgakaiifjcgdnknaglfipo [2020-09-19]
CHR Extension: (Windscribe - Free Proxy and Ad Blocker) - C:\Users\dcd_9\AppData\Local\Google\Chrome\User Data\Default\Extensions\hnmpcagpplmpfojmgmnngilcnanddlhb [2020-09-19]
CHR Extension: (EverSync - Sync bookmarks, backup favorites) - C:\Users\dcd_9\AppData\Local\Google\Chrome\User Data\Default\Extensions\iohcojnlgnfbmjfjfkbhahhmppcggdog [2020-09-19]
CHR Extension: (Video Blocker) - C:\Users\dcd_9\AppData\Local\Google\Chrome\User Data\Default\Extensions\jknkjnpcbbgcbdbaampbjlhkcghmgfhk [2020-09-19]
CHR Extension: (Ver Imagen) - C:\Users\dcd_9\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpcmhcelnjdmblfmjabdeclccemkghjk [2020-09-19]
CHR Extension: (Player para ver Movistar+) - C:\Users\dcd_9\AppData\Local\Google\Chrome\User Data\Default\Extensions\kenfcfndncbbggmafjjeihkdclggbojn [2020-09-19]
CHR Extension: (Zoom Scheduler) - C:\Users\dcd_9\AppData\Local\Google\Chrome\User Data\Default\Extensions\kgjfgplpablkjnlkjmjdecgdpfankdle [2020-09-19]
CHR Extension: (imgur Uploader) - C:\Users\dcd_9\AppData\Local\Google\Chrome\User Data\Default\Extensions\lcpkicdemehhmkjolekhlglljnkggfcf [2020-09-19]
CHR Extension: (Speed Dial [FVD] - New Tab Page, 3D, Sync...) - C:\Users\dcd_9\AppData\Local\Google\Chrome\User Data\Default\Extensions\llaficoajjainaijghjlofdfmbjpebpa [2020-09-19]
CHR Extension: (LightShot (la herramienta de captura de pantalla)) - C:\Users\dcd_9\AppData\Local\Google\Chrome\User Data\Default\Extensions\mbniclmhobmnbdlbpiphghaielnnpgdp [2020-09-19]
CHR Extension: (Captura de página completa - FireShot) - C:\Users\dcd_9\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbpblocgmgfnpjjppndjkmgjaogfceg [2020-09-19]
CHR Extension: (Keepa - Amazon Price Tracker) - C:\Users\dcd_9\AppData\Local\Google\Chrome\User Data\Default\Extensions\neebplgakaahbhdphmkckjjcegoiijjo [2020-09-19]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\dcd_9\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-09-19]
CHR Extension: (Browsec VPN - Free VPN for Chrome) - C:\Users\dcd_9\AppData\Local\Google\Chrome\User Data\Default\Extensions\omghfjlpggmjjaagoclmmobgdodcjboh [2020-09-19]
CHR Extension: (Chrome Media Router) - C:\Users\dcd_9\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-09-19]
CHR Extension: (Enhancer for YouTube™) - C:\Users\dcd_9\AppData\Local\Google\Chrome\User Data\Default\Extensions\ponfpcnoihfmfllpaingbgckeeldkhle [2020-09-19]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]

==================== Servicios (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169544 2020-07-08] (Adobe Inc. -> Adobe Inc.)
S3 AdobeFlashPlayerUpdateSvc; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-09-08] (Adobe Inc. -> Adobe)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [844856 2020-06-20] (Adobe Inc. -> Adobe Inc.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3374160 2020-03-04] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3103824 2020-03-04] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8838528 2020-09-04] (Microsoft Corporation -> Microsoft Corporation)
R2 DSDFunctionKeyCtlService; C:\Windows\System32\DriverStore\FileRepository\tossrvctl.inf_amd64_394009051d127e50\DSDFunctionKeyCtlService.exe [615752 2020-04-07] (Dynabook Inc. -> Dynabook Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7185288 2020-09-19] (Malwarebytes Inc -> Malwarebytes)
R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [Archivo no firmado]
R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [Archivo no firmado]
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [6150504 2020-09-10] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [13109264 2020-06-22] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
R2 TeraCopyService; C:\Program Files\TeraCopy\TeraCopyService.exe [110416 2017-05-05] (Code Sector -> Code Sector)
R2 TSDHDDProtectService; C:\Windows\System32\DriverStore\FileRepository\thpevm.inf_amd64_fbe1ecd1798ba35b\dynabookHDDProtection.exe [426000 2019-10-09] (Dynabook Inc. -> Dynabook Inc.)
R2 TSDSettingService; C:\Windows\System32\DriverStore\FileRepository\tossrvctl.inf_amd64_394009051d127e50\dynabookSystemService.exe [44764976 2020-04-07] (Dynabook Inc. -> Dynabook Inc.)
S2 TSDTabletControlService; C:\Windows\System32\DriverStore\FileRepository\tossrvctl.inf_amd64_394009051d127e50\TOSTABSYSSVC.exe [254264 2020-04-07] (Dynabook Inc. -> Dynabook Inc.)
R2 TSDWirelessLEDCtlService; C:\Windows\System32\DriverStore\FileRepository\tossrvctl.inf_amd64_394009051d127e50\RMService.exe [446224 2020-04-07] (Dynabook Inc. -> Dynabook Inc.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2008.9-0\NisSrv.exe [2343112 2020-08-29] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2008.9-0\MsMpEng.exe [128360 2020-08-29] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Controladores (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [231936 2020-01-09] (Microsoft Corporation) [Archivo no firmado]
R3 libusb0; C:\Windows\system32\DRIVERS\libusb0.sys [52832 2020-08-15] (Travis Lee Robinson -> hxxp://libusb-win32.sourceforge.net)
S3 libusbK; C:\Windows\System32\drivers\libusbK.sys [47928 2020-08-15] (Travis Lee Robinson -> hxxp://libusb-win32.sourceforge.net)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [217592 2020-09-19] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [19912 2020-09-19] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [248968 2020-09-19] (Malwarebytes Inc -> Malwarebytes)
R3 Thotkey; C:\Windows\System32\drivers\Thotkey.sys [47816 2019-04-30] (Dynabook Inc. -> Dynabook Inc.)
R0 Thpevm; C:\Windows\System32\drivers\Thpevm.SYS [27600 2019-10-09] (Dynabook Inc. -> Dynabook Inc.)
R3 tosrfec; C:\Windows\System32\drivers\tosrfec.sys [37808 2019-04-30] (Dynabook Inc. -> Dynabook Inc.)
R1 TosSrvCtlDrv; C:\Windows\System32\DriverStore\FileRepository\tossrvctl.inf_amd64_394009051d127e50\TosSrvCtlDrv.sys [25816 2020-04-07] (Dynabook Inc. -> Dynabook Inc.)
R0 TVALZ; C:\Windows\System32\drivers\TVALZ.SYS [45880 2020-08-01] (Dynabook Inc. -> Dynabook Inc.)
S3 WacomPen; C:\Windows\System32\drivers\wacompen.sys [31744 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [48520 2020-08-29] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [428256 2020-08-29] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [69856 2020-08-29] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)


==================== Un mes (creado) ===================

(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)

2020-09-19 03:32 - 2020-09-19 04:05 - 000000000 ____D C:\FRST
2020-09-19 02:29 - 2020-09-19 02:29 - 000217592 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
2020-09-19 01:52 - 2020-09-19 01:52 - 000248968 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2020-09-19 01:52 - 2020-09-19 01:52 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2020-09-19 01:52 - 2020-09-19 01:52 - 000002021 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2020-09-19 01:52 - 2020-09-19 01:52 - 000000000 ____D C:\Users\dcd_9\AppData\Local\mbam
2020-09-19 01:52 - 2020-09-19 01:51 - 000019912 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamElam.sys
2020-09-19 01:51 - 2020-09-19 01:51 - 000153312 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2020-09-19 01:51 - 2020-09-19 01:51 - 000000000 ____D C:\ProgramData\Malwarebytes
2020-09-19 01:50 - 2020-09-19 01:50 - 000000000 ____D C:\Program Files\Malwarebytes
2020-09-19 01:32 - 2020-09-19 01:32 - 000003936 _____ C:\Windows\system32\Tasks\CCleaner Update
2020-09-19 01:32 - 2020-09-19 01:32 - 000002888 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC
2020-09-19 01:32 - 2020-09-19 01:32 - 000000863 _____ C:\Users\Public\Desktop\CCleaner.lnk
2020-09-19 01:32 - 2020-09-19 01:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2020-09-19 01:32 - 2020-09-19 01:32 - 000000000 ____D C:\Program Files\CCleaner
2020-09-16 17:03 - 2020-09-16 17:03 - 000002456 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype for Business.lnk
2020-09-16 17:03 - 2020-09-16 17:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
2020-09-15 16:51 - 2020-09-15 16:51 - 000000000 ____D C:\Program Files\AutoFirma
2020-09-15 16:33 - 2020-09-15 16:41 - 000000000 ____D C:\Users\dcd_9\.fnmt
2020-09-15 16:33 - 2020-09-15 16:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ConfiguradorFnmt
2020-09-15 16:33 - 2020-09-15 16:33 - 000000000 ____D C:\Program Files\ConfiguradorFnmt
2020-09-14 20:51 - 2020-09-19 02:26 - 000000000 ____D C:\Users\dcd_9\AppData\Roaming\ZHP
2020-09-14 20:51 - 2020-09-14 20:51 - 000000000 ____D C:\Users\dcd_9\AppData\Local\ZHP
2020-09-12 02:18 - 2020-09-12 16:55 - 000000000 ____D C:\ProgramData\HitmanPro
2020-09-10 16:42 - 2020-09-10 16:42 - 025444864 _____ (Microsoft Corporation) C:\Windows\system32\Hydrogen.dll
2020-09-10 16:42 - 2020-09-10 16:42 - 019812864 _____ (Microsoft Corporation) C:\Windows\system32\HologramWorld.dll
2020-09-10 16:42 - 2020-09-10 16:42 - 005503488 _____ (Microsoft Corporation) C:\Windows\system32\cdp.dll
2020-09-10 16:42 - 2020-09-10 16:42 - 004309504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cdp.dll
2020-09-10 16:42 - 2020-09-10 16:42 - 003525608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll
2020-09-10 16:42 - 2020-09-10 16:42 - 002494752 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2020-09-10 16:42 - 2020-09-10 16:42 - 002422384 _____ (Microsoft Corporation) C:\Windows\system32\WMVCORE.DLL
2020-09-10 16:42 - 2020-09-10 16:42 - 002315472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2020-09-10 16:42 - 2020-09-10 16:42 - 002138264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVCORE.DLL
2020-09-10 16:42 - 2020-09-10 16:42 - 001610240 _____ (Microsoft Corporation) C:\Windows\system32\HologramCompositor.dll
2020-09-10 16:42 - 2020-09-10 16:42 - 001272160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfasfsrcsnk.dll
2020-09-10 16:42 - 2020-09-10 16:42 - 001247744 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOE.DLL
2020-09-10 16:42 - 2020-09-10 16:42 - 001151808 _____ (Microsoft Corporation) C:\Windows\system32\mfmpeg2srcsnk.dll
2020-09-10 16:42 - 2020-09-10 16:42 - 001108384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfsvr.dll
2020-09-10 16:42 - 2020-09-10 16:42 - 001099600 _____ (Microsoft Corporation) C:\Windows\system32\mfds.dll
2020-09-10 16:42 - 2020-09-10 16:42 - 001098720 _____ (Microsoft Corporation) C:\Windows\system32\DolbyDecMFT.dll
2020-09-10 16:42 - 2020-09-10 16:42 - 001039872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMSPDMOE.DLL
2020-09-10 16:42 - 2020-09-10 16:42 - 001012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmpeg2srcsnk.dll
2020-09-10 16:42 - 2020-09-10 16:42 - 000952416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DolbyDecMFT.dll
2020-09-10 16:42 - 2020-09-10 16:42 - 000941568 _____ (Microsoft Corporation) C:\Windows\system32\fveapi.dll
2020-09-10 16:42 - 2020-09-10 16:42 - 000928768 _____ (Microsoft Corporation) C:\Windows\system32\WFS.exe
2020-09-10 16:42 - 2020-09-10 16:42 - 000748384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfds.dll
2020-09-10 16:42 - 2020-09-10 16:42 - 000744240 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOE.DLL
2020-09-10 16:42 - 2020-09-10 16:42 - 000738072 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOD.DLL
2020-09-10 16:42 - 2020-09-10 16:42 - 000724480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fveapi.dll
2020-09-10 16:42 - 2020-09-10 16:42 - 000709632 _____ (Microsoft Corporation) C:\Windows\system32\AppReadiness.dll
2020-09-10 16:42 - 2020-09-10 16:42 - 000682752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMADMOE.DLL
2020-09-10 16:42 - 2020-09-10 16:42 - 000669696 _____ (Microsoft Corporation) C:\Windows\system32\WFSR.dll
2020-09-10 16:42 - 2020-09-10 16:42 - 000666288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMADMOD.DLL
2020-09-10 16:42 - 2020-09-10 16:42 - 000588800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfh264enc.dll
2020-09-10 16:42 - 2020-09-10 16:42 - 000574976 _____ (Microsoft Corporation) C:\Windows\system32\mfh264enc.dll
2020-09-10 16:42 - 2020-09-10 16:42 - 000537608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2020-09-10 16:42 - 2020-09-10 16:42 - 000522752 _____ (Microsoft Corporation) C:\Windows\system32\WinBioDataModel.dll
2020-09-10 16:42 - 2020-09-10 16:42 - 000420168 _____ (Microsoft Corporation) C:\Windows\system32\MSAudDecMFT.dll
2020-09-10 16:42 - 2020-09-10 16:42 - 000415232 _____ (Microsoft Corporation) C:\Windows\system32\FXSCOMPOSE.dll
2020-09-10 16:42 - 2020-09-10 16:42 - 000408576 _____ (Microsoft Corporation) C:\Windows\system32\fveapibase.dll
2020-09-10 16:42 - 2020-09-10 16:42 - 000338944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fveapibase.dll
2020-09-10 16:42 - 2020-09-10 16:42 - 000234496 _____ (Microsoft Corporation) C:\Windows\system32\FXSCOVER.exe
2020-09-10 16:42 - 2020-09-10 16:42 - 000181248 _____ (Microsoft Corporation) C:\Windows\system32\FXSUTILITY.dll
2020-09-10 16:42 - 2020-09-10 16:42 - 000080896 _____ (Microsoft Corporation) C:\Windows\system32\WinBioDataModelOOBE.exe
2020-09-10 16:42 - 2020-09-10 16:42 - 000035328 _____ (Microsoft Corporation) C:\Windows\system32\FXSCOMPOSERES.dll
2020-09-10 16:41 - 2020-09-10 16:42 - 004129416 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
2020-09-10 16:41 - 2020-09-10 16:41 - 032928920 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsRaw.dll
2020-09-10 16:41 - 2020-09-10 16:41 - 031598936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsRaw.dll
2020-09-10 16:41 - 2020-09-10 16:41 - 022642176 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2020-09-10 16:41 - 2020-09-10 16:41 - 019852288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgehtml.dll
2020-09-10 16:41 - 2020-09-10 16:41 - 018032128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2020-09-10 16:41 - 2020-09-10 16:41 - 007761408 _____ (Microsoft Corporation) C:\Windows\system32\Chakra.dll
2020-09-10 16:41 - 2020-09-10 16:41 - 007284736 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2020-09-10 16:41 - 2020-09-10 16:41 - 006304256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2020-09-10 16:41 - 2020-09-10 16:41 - 005907456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakra.dll
2020-09-10 16:41 - 2020-09-10 16:41 - 005767744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2020-09-10 16:41 - 2020-09-10 16:41 - 004859904 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2020-09-10 16:41 - 2020-09-10 16:41 - 004605952 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2020-09-10 16:41 - 2020-09-10 16:41 - 003822592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2020-09-10 16:41 - 2020-09-10 16:41 - 003501568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2020-09-10 16:41 - 2020-09-10 16:41 - 002369336 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.AppAgent.dll
2020-09-10 16:41 - 2020-09-10 16:41 - 002230240 _____ (Microsoft Corporation) C:\Windows\system32\mfasfsrcsnk.dll
2020-09-10 16:41 - 2020-09-10 16:41 - 002190664 _____ (Microsoft Corporation) C:\Windows\system32\AppVEntSubsystems64.dll
2020-09-10 16:41 - 2020-09-10 16:41 - 001659208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Microsoft.Uev.AppAgent.dll
2020-09-10 16:41 - 2020-09-10 16:41 - 001491160 _____ (Microsoft Corporation) C:\Windows\system32\mfsvr.dll
2020-09-10 16:41 - 2020-09-10 16:41 - 001397560 _____ (Microsoft Corporation) C:\Windows\system32\hvix64.exe
2020-09-10 16:41 - 2020-09-10 16:41 - 001386824 _____ (Microsoft Corporation) C:\Windows\system32\AppVEntSubsystemController.dll
2020-09-10 16:41 - 2020-09-10 16:41 - 001313792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjet40.dll
2020-09-10 16:41 - 2020-09-10 16:41 - 001218424 _____ (Microsoft Corporation) C:\Windows\system32\ClipUp.exe
2020-09-10 16:41 - 2020-09-10 16:41 - 001138688 _____ (Microsoft Corporation) C:\Windows\system32\nettrace.dll
2020-09-10 16:41 - 2020-09-10 16:41 - 001077048 _____ (Microsoft Corporation) C:\Windows\system32\hvax64.exe
2020-09-10 16:41 - 2020-09-10 16:41 - 000882688 _____ (Microsoft Corporation) C:\Windows\system32\CPFilters.dll
2020-09-10 16:41 - 2020-09-10 16:41 - 000864768 _____ (Microsoft Corporation) C:\Windows\system32\ieproxy.dll
2020-09-10 16:41 - 2020-09-10 16:41 - 000783496 _____ (Microsoft Corporation) C:\Windows\system32\tcblaunch.exe
2020-09-10 16:41 - 2020-09-10 16:41 - 000776192 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2020-09-10 16:41 - 2020-09-10 16:41 - 000775480 _____ (Microsoft Corporation) C:\Windows\system32\securekernel.exe
2020-09-10 16:41 - 2020-09-10 16:41 - 000744960 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.Office2013CustomActions.dll
2020-09-10 16:41 - 2020-09-10 16:41 - 000706560 _____ (Microsoft Corporation) C:\Windows\system32\wsecedit.dll
2020-09-10 16:41 - 2020-09-10 16:41 - 000705536 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2020-09-10 16:41 - 2020-09-10 16:41 - 000701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Mirage.Internal.dll
2020-09-10 16:41 - 2020-09-10 16:41 - 000689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CPFilters.dll
2020-09-10 16:41 - 2020-09-10 16:41 - 000671560 _____ (Microsoft Corporation) C:\Windows\system32\computecore.dll
2020-09-10 16:41 - 2020-09-10 16:41 - 000609280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2020-09-10 16:41 - 2020-09-10 16:41 - 000562176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2020-09-10 16:41 - 2020-09-10 16:41 - 000553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsecedit.dll
2020-09-10 16:41 - 2020-09-10 16:41 - 000529920 _____ (Microsoft Corporation) C:\Windows\system32\nltest.exe
2020-09-10 16:41 - 2020-09-10 16:41 - 000516544 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2020-09-10 16:41 - 2020-09-10 16:41 - 000514560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Microsoft.Uev.Office2013CustomActions.dll
2020-09-10 16:41 - 2020-09-10 16:41 - 000499200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.FileExplorer.dll
2020-09-10 16:41 - 2020-09-10 16:41 - 000457216 _____ (Microsoft Corporation) C:\Windows\system32\upnphost.dll
2020-09-10 16:41 - 2020-09-10 16:41 - 000422008 _____ (Microsoft Corporation) C:\Windows\system32\SgrmEnclave_secure.dll
2020-09-10 16:41 - 2020-09-10 16:41 - 000374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieproxy.dll
2020-09-10 16:41 - 2020-09-10 16:41 - 000353280 _____ (Microsoft Corporation) C:\Windows\system32\pnrpsvc.dll
2020-09-10 16:41 - 2020-09-10 16:41 - 000330752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\upnphost.dll
2020-09-10 16:41 - 2020-09-10 16:41 - 000299072 _____ (Microsoft Corporation) C:\Windows\system32\SIHClient.exe
2020-09-10 16:41 - 2020-09-10 16:41 - 000272896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstext40.dll
2020-09-10 16:41 - 2020-09-10 16:41 - 000269824 _____ (Microsoft Corporation) C:\Windows\system32\DAFMCP.dll
2020-09-10 16:41 - 2020-09-10 16:41 - 000249856 _____ (Microsoft Corporation) C:\Windows\system32\FileHistory.exe
2020-09-10 16:41 - 2020-09-10 16:41 - 000240128 _____ (Microsoft Corporation) C:\Windows\system32\ssdpsrv.dll
2020-09-10 16:41 - 2020-09-10 16:41 - 000219136 _____ (Microsoft Corporation) C:\Windows\system32\P2P.dll
2020-09-10 16:41 - 2020-09-10 16:41 - 000214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scecli.dll
2020-09-10 16:41 - 2020-09-10 16:41 - 000211256 _____ (Microsoft Corporation) C:\Windows\system32\tcbloader.dll
2020-09-10 16:41 - 2020-09-10 16:41 - 000155136 _____ (Microsoft Corporation) C:\Windows\system32\Chakradiag.dll
2020-09-10 16:41 - 2020-09-10 16:41 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\fdWSD.dll
2020-09-10 16:41 - 2020-09-10 16:41 - 000139776 _____ (Microsoft Corporation) C:\Windows\system32\Chakrathunk.dll
2020-09-10 16:41 - 2020-09-10 16:41 - 000133632 _____ (Microsoft Corporation) C:\Windows\system32\dnscmmc.dll
2020-09-10 16:41 - 2020-09-10 16:41 - 000127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fdWSD.dll
2020-09-10 16:41 - 2020-09-10 16:41 - 000124416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnscmmc.dll
2020-09-10 16:41 - 2020-09-10 16:41 - 000117248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakradiag.dll
2020-09-10 16:41 - 2020-09-10 16:41 - 000108544 _____ (Microsoft Corporation) C:\Windows\system32\fdSSDP.dll
2020-09-10 16:41 - 2020-09-10 16:41 - 000105472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakrathunk.dll
2020-09-10 16:41 - 2020-09-10 16:41 - 000093496 _____ (Microsoft Corporation) C:\Windows\system32\hvloader.dll
2020-09-10 16:41 - 2020-09-10 16:41 - 000090936 _____ (Microsoft Corporation) C:\Windows\system32\vid.dll
2020-09-10 16:41 - 2020-09-10 16:41 - 000089088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fdSSDP.dll
2020-09-10 16:41 - 2020-09-10 16:41 - 000084280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hvservice.sys
2020-09-10 16:41 - 2020-09-10 16:41 - 000078336 _____ (Microsoft Corporation) C:\Windows\system32\fhuxgraphics.dll
2020-09-10 16:41 - 2020-09-10 16:41 - 000068096 _____ (Microsoft Corporation) C:\Windows\system32\udhisapi.dll
2020-09-10 16:41 - 2020-09-10 16:41 - 000065536 _____ (Microsoft Corporation) C:\Windows\system32\iemigplugin.dll
2020-09-10 16:41 - 2020-09-10 16:41 - 000065024 _____ (Microsoft Corporation) C:\Windows\system32\ssdpapi.dll
2020-09-10 16:41 - 2020-09-10 16:41 - 000063488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iemigplugin.dll
2020-09-10 16:41 - 2020-09-10 16:41 - 000058368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\udhisapi.dll
2020-09-10 16:41 - 2020-09-10 16:41 - 000056320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndiscap.sys
2020-09-10 16:41 - 2020-09-10 16:41 - 000050688 _____ (Microsoft Corporation) C:\Windows\system32\tar.exe
2020-09-10 16:41 - 2020-09-10 16:41 - 000050688 _____ (Microsoft Corporation) C:\Windows\system32\NAPCRYPT.DLL
2020-09-10 16:41 - 2020-09-10 16:41 - 000045568 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.Office2010CustomActions.dll
2020-09-10 16:41 - 2020-09-10 16:41 - 000044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NAPCRYPT.DLL
2020-09-10 16:41 - 2020-09-10 16:41 - 000043520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tar.exe
2020-09-10 16:41 - 2020-09-10 16:41 - 000040960 _____ (Microsoft Corporation) C:\Windows\system32\upnpcont.exe
2020-09-10 16:41 - 2020-09-10 16:41 - 000037888 _____ (Microsoft Corporation) C:\Windows\system32\wslapi.dll
2020-09-10 16:41 - 2020-09-10 16:41 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Microsoft.Uev.Office2010CustomActions.dll
2020-09-10 16:41 - 2020-09-10 16:41 - 000035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\upnpcont.exe
2020-09-10 16:41 - 2020-09-10 16:41 - 000026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2020-09-10 16:41 - 2020-09-10 16:41 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2020-09-10 16:41 - 2020-09-10 16:41 - 000021304 _____ (Microsoft Corporation) C:\Windows\system32\kdhvcom.dll
2020-09-10 16:41 - 2020-09-10 16:41 - 000000315 _____ C:\Windows\system32\DrtmAuth9.bin
2020-09-10 16:41 - 2020-09-10 16:41 - 000000315 _____ C:\Windows\system32\DrtmAuth8.bin
2020-09-10 16:41 - 2020-09-10 16:41 - 000000315 _____ C:\Windows\system32\DrtmAuth7.bin
2020-09-10 16:41 - 2020-09-10 16:41 - 000000315 _____ C:\Windows\system32\DrtmAuth6.bin
2020-09-10 16:41 - 2020-09-10 16:41 - 000000315 _____ C:\Windows\system32\DrtmAuth5.bin
2020-09-10 16:41 - 2020-09-10 16:41 - 000000315 _____ C:\Windows\system32\DrtmAuth4.bin
2020-09-10 16:41 - 2020-09-10 16:41 - 000000315 _____   C:\Windows\system32\DrtmAuth3.bin
    2020-09-10 16:41 - 2020-09-10 16:41 - 000000315 _____ C:\Windows\system32\DrtmAuth2.bin
    2020-09-10 16:41 - 2020-09-10 16:41 - 000000315 _____ C:\Windows\system32\DrtmAuth12.bin
    2020-09-10 16:41 - 2020-09-10 16:41 - 000000315 _____ C:\Windows\system32\DrtmAuth11.bin
    2020-09-10 16:41 - 2020-09-10 16:41 - 000000315 _____ C:\Windows\system32\DrtmAuth10.bin
    2020-09-10 16:41 - 2020-09-10 16:41 - 000000315 _____ C:\Windows\system32\DrtmAuth1.bin
    2020-09-10 16:40 - 2020-09-10 16:41 - 000053760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rtutils.dll
    2020-09-10 16:40 - 2020-09-10 16:40 - 006526448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Protection.PlayReady.dll
    2020-09-10 16:40 - 2020-09-10 16:40 - 006069360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\windows.storage.dll
    2020-09-10 16:40 - 2020-09-10 16:40 - 005848848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
    2020-09-10 16:40 - 2020-09-10 16:40 - 005041152 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
    2020-09-10 16:40 - 2020-09-10 16:40 - 005003832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.StateRepository.dll
    2020-09-10 16:40 - 2020-09-10 16:40 - 004538368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
    2020-09-10 16:40 - 2020-09-10 16:40 - 003740456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\OneCoreUAPCommonProxyStub.dll
    2020-09-10 16:40 - 2020-09-10 16:40 - 002799104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32kfull.sys
    2020-09-10 16:40 - 2020-09-10 16:40 - 002774088 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
    2020-09-10 16:40 - 2020-09-10 16:40 - 002585032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\combase.dll
    2020-09-10 16:40 - 2020-09-10 16:40 - 002576896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
    2020-09-10 16:40 - 2020-09-10 16:40 - 002565120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
    2020-09-10 16:40 - 2020-09-10 16:40 - 002306048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
    2020-09-10 16:40 - 2020-09-10 16:40 - 002259680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
    2020-09-10 16:40 - 2020-09-10 16:40 - 001957552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
    2020-09-10 16:40 - 2020-09-10 16:40 - 001750016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InstallService.dll
    2020-09-10 16:40 - 2020-09-10 16:40 - 001704960 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
    2020-09-10 16:40 - 2020-09-10 16:40 - 001698816 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll
    2020-09-10 16:40 - 2020-09-10 16:40 - 001688064 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
    2020-09-10 16:40 - 2020-09-10 16:40 - 001672544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.dll
    2020-09-10 16:40 - 2020-09-10 16:40 - 001664696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
    2020-09-10 16:40 - 2020-09-10 16:40 - 001653792 _____ (Microsoft Corporation) C:\Windows\system32\gdi32full.dll
    2020-09-10 16:40 - 2020-09-10 16:40 - 001521664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dbghelp.dll
    2020-09-10 16:40 - 2020-09-10 16:40 - 001512960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cdprt.dll
    2020-09-10 16:40 - 2020-09-10 16:40 - 001459200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
    2020-09-10 16:40 - 2020-09-10 16:40 - 001421392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32full.dll
    2020-09-10 16:40 - 2020-09-10 16:40 - 001369088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Input.Inking.dll
    2020-09-10 16:40 - 2020-09-10 16:40 - 001326592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
    2020-09-10 16:40 - 2020-09-10 16:40 - 001307464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ContentDeliveryManager.Utilities.dll
    2020-09-10 16:40 - 2020-09-10 16:40 - 001246208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TokenBroker.dll
    2020-09-10 16:40 - 2020-09-10 16:40 - 001141048 _____ (Microsoft Corporation) C:\Windows\system32\efscore.dll
    2020-09-10 16:40 - 2020-09-10 16:40 - 001124864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.Vpn.dll
    2020-09-10 16:40 - 2020-09-10 16:40 - 001054160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
    2020-09-10 16:40 - 2020-09-10 16:40 - 001009200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
    2020-09-10 16:40 - 2020-09-10 16:40 - 000894032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinTypes.dll
    2020-09-10 16:40 - 2020-09-10 16:40 - 000892728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe
    2020-09-10 16:40 - 2020-09-10 16:40 - 000867328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Security.Authentication.Web.Core.dll
    2020-09-10 16:40 - 2020-09-10 16:40 - 000844088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CloudExperienceHostCommon.dll
    2020-09-10 16:40 - 2020-09-10 16:40 - 000777216 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
    2020-09-10 16:40 - 2020-09-10 16:40 - 000775768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
    2020-09-10 16:40 - 2020-09-10 16:40 - 000768504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
    2020-09-10 16:40 - 2020-09-10 16:40 - 000675032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontdrvhost.exe
    2020-09-10 16:40 - 2020-09-10 16:40 - 000670720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
    2020-09-10 16:40 - 2020-09-10 16:40 - 000667312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PCPKsp.dll
    2020-09-10 16:40 - 2020-09-10 16:40 - 000652800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
    2020-09-10 16:40 - 2020-09-10 16:40 - 000632320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
    2020-09-10 16:40 - 2020-09-10 16:40 - 000628400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
    2020-09-10 16:40 - 2020-09-10 16:40 - 000600064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ActivationManager.dll
    2020-09-10 16:40 - 2020-09-10 16:40 - 000593480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll
    2020-09-10 16:40 - 2020-09-10 16:40 - 000578048 _____ (Microsoft Corporation) C:\Windows\system32\ddraw.dll
    2020-09-10 16:40 - 2020-09-10 16:40 - 000572208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.StateRepositoryPS.dll
    2020-09-10 16:40 - 2020-09-10 16:40 - 000564480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StateRepository.Core.dll
    2020-09-10 16:40 - 2020-09-10 16:40 - 000553664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CoreMessaging.dll
    2020-09-10 16:40 - 2020-09-10 16:40 - 000544336 _____ (Microsoft Corporation) C:\Windows\system32\policymanager.dll
    2020-09-10 16:40 - 2020-09-10 16:40 - 000528896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ddraw.dll
    2020-09-10 16:40 - 2020-09-10 16:40 - 000466432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\daxexec.dll
    2020-09-10 16:40 - 2020-09-10 16:40 - 000466352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\policymanager.dll
    2020-09-10 16:40 - 2020-09-10 16:40 - 000462848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
    2020-09-10 16:40 - 2020-09-10 16:40 - 000444416 _____ (Microsoft Corporation) C:\Windows\system32\edgeIso.dll
    2020-09-10 16:40 - 2020-09-10 16:40 - 000424448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InputSwitch.dll
    2020-09-10 16:40 - 2020-09-10 16:40 - 000410624 _____ (Microsoft Corporation) C:\Windows\system32\rascustom.dll
    2020-09-10 16:40 - 2020-09-10 16:40 - 000404480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Payments.dll
    2020-09-10 16:40 - 2020-09-10 16:40 - 000365056 _____ (Microsoft Corporation) C:\Windows\system32\credprovs.dll
    2020-09-10 16:40 - 2020-09-10 16:40 - 000336384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
    2020-09-10 16:40 - 2020-09-10 16:40 - 000332800 _____ (Microsoft Corporation) C:\Windows\system32\omadmclient.exe
    2020-09-10 16:40 - 2020-09-10 16:40 - 000328192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgeIso.dll
    2020-09-10 16:40 - 2020-09-10 16:40 - 000324608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore.dll
    2020-09-10 16:40 - 2020-09-10 16:40 - 000324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32k.sys
    2020-09-10 16:40 - 2020-09-10 16:40 - 000315904 _____ (Microsoft Corporation) C:\Windows\system32\dmenterprisediagnostics.dll
    2020-09-10 16:40 - 2020-09-10 16:40 - 000308736 _____ (Microsoft Corporation) C:\Windows\system32\msIso.dll
    2020-09-10 16:40 - 2020-09-10 16:40 - 000307712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincorlib.dll
    2020-09-10 16:40 - 2020-09-10 16:40 - 000299520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
    2020-09-10 16:40 - 2020-09-10 16:40 - 000294728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\thumbcache.dll
    2020-09-10 16:40 - 2020-09-10 16:40 - 000292864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Lights.dll
    2020-09-10 16:40 - 2020-09-10 16:40 - 000291840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ahcache.sys
    2020-09-10 16:40 - 2020-09-10 16:40 - 000285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
    2020-09-10 16:40 - 2020-09-10 16:40 - 000283136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Search.ProtocolHandler.MAPI2.dll
    2020-09-10 16:40 - 2020-09-10 16:40 - 000278016 _____ (Microsoft Corporation) C:\Windows\system32\pdh.dll
    2020-09-10 16:40 - 2020-09-10 16:40 - 000277504 _____ (Microsoft Corporation) C:\Windows\system32\scecli.dll
    2020-09-10 16:40 - 2020-09-10 16:40 - 000272384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppLockerCSP.dll
    2020-09-10 16:40 - 2020-09-10 16:40 - 000268800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credprovs.dll
    2020-09-10 16:40 - 2020-09-10 16:40 - 000256000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore6.dll
    2020-09-10 16:40 - 2020-09-10 16:40 - 000253952 _____ (Microsoft Corporation) C:\Windows\system32\BitLockerCsp.dll
    2020-09-10 16:40 - 2020-09-10 16:40 - 000251904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msIso.dll
    2020-09-10 16:40 - 2020-09-10 16:40 - 000245248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pdh.dll
    2020-09-10 16:40 - 2020-09-10 16:40 - 000244736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndproxy.sys
    2020-09-10 16:40 - 2020-09-10 16:40 - 000232960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
    2020-09-10 16:40 - 2020-09-10 16:40 - 000224064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\offlinesam.dll
    2020-09-10 16:40 - 2020-09-10 16:40 - 000211968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFilterHost.exe
    2020-09-10 16:40 - 2020-09-10 16:40 - 000179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InstallServiceTasks.dll
    2020-09-10 16:40 - 2020-09-10 16:40 - 000170496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.StateRepositoryUpgrade.dll
    2020-09-10 16:40 - 2020-09-10 16:40 - 000165184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.StateRepositoryClient.dll
    2020-09-10 16:40 - 2020-09-10 16:40 - 000163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\updatepolicy.dll
    2020-09-10 16:40 - 2020-09-10 16:40 - 000163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BitLockerCsp.dll
    2020-09-10 16:40 - 2020-09-10 16:40 - 000160768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
    2020-09-10 16:40 - 2020-09-10 16:40 - 000146640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
    2020-09-10 16:40 - 2020-09-10 16:40 - 000136192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srpapi.dll
    2020-09-10 16:40 - 2020-09-10 16:40 - 000123392 _____ (Microsoft Corporation) C:\Windows\system32\cryptcatsvc.dll
    2020-09-10 16:40 - 2020-09-10 16:40 - 000120832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mapistub.dll
    2020-09-10 16:40 - 2020-09-10 16:40 - 000120832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mapi32.dll
    2020-09-10 16:40 - 2020-09-10 16:40 - 000113152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssitlb.dll
    2020-09-10 16:40 - 2020-09-10 16:40 - 000099328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
    2020-09-10 16:40 - 2020-09-10 16:40 - 000096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserDataTimeUtil.dll
    2020-09-10 16:40 - 2020-09-10 16:40 - 000092672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wanarp.sys
    2020-09-10 16:40 - 2020-09-10 16:40 - 000090944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.StateRepositoryBroker.dll
    2020-09-10 16:40 - 2020-09-10 16:40 - 000089344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32u.dll
    2020-09-10 16:40 - 2020-09-10 16:40 - 000084992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\samlib.dll
    2020-09-10 16:40 - 2020-09-10 16:40 - 000081408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dtdump.exe
    2020-09-10 16:40 - 2020-09-10 16:40 - 000076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
    2020-09-10 16:40 - 2020-09-10 16:40 - 000070144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcsvc.dll
    2020-09-10 16:40 - 2020-09-10 16:40 - 000065024 _____ (Microsoft Corporation) C:\Windows\system32\rtutils.dll
    2020-09-10 16:40 - 2020-09-10 16:40 - 000061952 _____ (Microsoft Corporation) C:\Windows\system32\edpnotify.exe
    2020-09-10 16:40 - 2020-09-10 16:40 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssprxy.dll
    2020-09-10 16:40 - 2020-09-10 16:40 - 000058368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcsvc6.dll
    2020-09-10 16:40 - 2020-09-10 16:40 - 000052736 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
    2020-09-10 16:40 - 2020-09-10 16:40 - 000049152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tbauth.dll
    2020-09-10 16:40 - 2020-09-10 16:40 - 000048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edpnotify.exe
    2020-09-10 16:40 - 2020-09-10 16:40 - 000047104 _____ (Microsoft Corporation) C:\Windows\system32\perfctrs.dll
    2020-09-10 16:40 - 2020-09-10 16:40 - 000046592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf3216.dll
    2020-09-10 16:40 - 2020-09-10 16:40 - 000046080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscntrs.dll
    2020-09-10 16:40 - 2020-09-10 16:40 - 000045056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
    2020-09-10 16:40 - 2020-09-10 16:40 - 000045056 _____ (Microsoft Corporation) C:\Windows\system32\perfproc.dll
    2020-09-10 16:40 - 2020-09-10 16:40 - 000041472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\perfctrs.dll
    2020-09-10 16:40 - 2020-09-10 16:40 - 000041472 _____ (Microsoft Corporation) C:\Windows\system32\perfdisk.dll
    2020-09-10 16:40 - 2020-09-10 16:40 - 000040960 _____ (Microsoft Corporation) C:\Windows\system32\perfos.dll
    2020-09-10 16:40 - 2020-09-10 16:40 - 000039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\perfproc.dll
    2020-09-10 16:40 - 2020-09-10 16:40 - 000037888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\perfdisk.dll
    2020-09-10 16:40 - 2020-09-10 16:40 - 000036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\perfos.dll
    2020-09-10 16:40 - 2020-09-10 16:40 - 000032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.StateRepositoryCore.dll
    2020-09-10 16:40 - 2020-09-10 16:40 - 000029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cmintegrator.dll
    2020-09-10 16:40 - 2020-09-10 16:40 - 000029184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TokenBrokerCookies.exe
    2020-09-10 16:40 - 2020-09-10 16:40 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndistapi.sys
    2020-09-10 16:40 - 2020-09-10 16:40 - 000026624 _____ (Microsoft Corporation) C:\Windows\system32\perfnet.dll
    2020-09-10 16:40 - 2020-09-10 16:40 - 000023552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\perfnet.dll
    2020-09-10 16:40 - 2020-09-10 16:40 - 000020992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidtel.exe
    2020-09-10 16:40 - 2020-09-10 16:40 - 000016384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fixmapi.exe
    2020-09-10 16:40 - 2020-09-10 16:40 - 000015872 _____ (Microsoft Corporation) C:\Windows\system32\KBDJPN.DLL
    2020-09-10 16:40 - 2020-09-10 16:40 - 000013824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDJPN.DLL
    2020-09-10 16:40 - 2020-09-10 16:40 - 000013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDKOR.DLL
    2020-09-10 16:40 - 2020-09-10 16:40 - 000011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
    2020-09-10 16:40 - 2020-09-10 16:40 - 000008704 _____ (Microsoft Corporation) C:\Windows\system32\kbd106.dll
    2020-09-10 16:40 - 2020-09-10 16:40 - 000008192 _____ (Microsoft Corporation) C:\Windows\system32\kbd106n.dll
    2020-09-10 16:40 - 2020-09-10 16:40 - 000008192 _____ (Microsoft Corporation) C:\Windows\system32\kbd101.dll
    2020-09-10 16:40 - 2020-09-10 16:40 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kbd106n.dll
    2020-09-10 16:40 - 2020-09-10 16:40 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kbd106.dll
    2020-09-10 16:40 - 2020-09-10 16:40 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kbd101.DLL
    2020-09-10 16:40 - 2020-09-10 16:40 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimg32.dll
    2020-09-10 16:40 - 2020-09-10 16:40 - 000002560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
    2020-09-10 16:40 - 2020-09-10 16:40 - 000002560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
    2020-09-10 16:40 - 2020-09-10 16:40 - 000002560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
    2020-09-10 16:40 - 2020-09-10 16:40 - 000002560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
    2020-09-10 16:40 - 2020-09-10 16:40 - 000002560 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
    2020-09-10 16:39 - 2020-09-10 16:39 - 009926456 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
    2020-09-10 16:39 - 2020-09-10 16:39 - 007910152 _____ (Microsoft Corporation) C:\Windows\system32\windows.storage.dll
    2020-09-10 16:39 - 2020-09-10 16:39 - 007604584 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Protection.PlayReady.dll
    2020-09-10 16:39 - 2020-09-10 16:39 - 007582768 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
    2020-09-10 16:39 - 2020-09-10 16:39 - 007271232 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
    2020-09-10 16:39 - 2020-09-10 16:39 - 006170624 _____ (Microsoft Corporation) C:\Windows\system32\twinui.pcshell.dll
    2020-09-10 16:39 - 2020-09-10 16:39 - 005284328 _____ (Microsoft Corporation) C:\Windows\system32\Windows.StateRepository.dll
    2020-09-10 16:39 - 2020-09-10 16:39 - 004565248 _____ (Microsoft Corporation) C:\Windows\system32\sppsvc.exe
    2020-09-10 16:39 - 2020-09-10 16:39 - 004048384 _____ (Microsoft Corporation) C:\Windows\system32\SRH.dll
    2020-09-10 16:39 - 2020-09-10 16:39 - 004005888 _____ (Microsoft Corporation) C:\Windows\system32\EdgeContent.dll
    2020-09-10 16:39 - 2020-09-10 16:39 - 003805696 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
    2020-09-10 16:39 - 2020-09-10 16:39 - 003727872 _____ (Microsoft Corporation) C:\Windows\system32\win32kfull.sys
    2020-09-10 16:39 - 2020-09-10 16:39 - 003547136 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
    2020-09-10 16:39 - 2020-09-10 16:39 - 003371176 _____ (Microsoft Corporation) C:\Windows\system32\combase.dll
    2020-09-10 16:39 - 2020-09-10 16:39 - 003265024 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
    2020-09-10 16:39 - 2020-09-10 16:39 - 003084800 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
    2020-09-10 16:39 - 2020-09-10 16:39 - 002986808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
    2020-09-10 16:39 - 2020-09-10 16:39 - 002870784 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
    2020-09-10 16:39 - 2020-09-10 16:39 - 002772616 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
    2020-09-10 16:39 - 2020-09-10 16:39 - 002697536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
    2020-09-10 16:39 - 2020-09-10 16:39 - 002483712 _____ (Microsoft Corporation) C:\Windows\system32\InstallService.dll
    2020-09-10 16:39 - 2020-09-10 16:39 - 002454904 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
    2020-09-10 16:39 - 2020-09-10 16:39 - 002260824 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.dll
    2020-09-10 16:39 - 2020-09-10 16:39 - 002090280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
    2020-09-10 16:39 - 2020-09-10 16:39 - 002073600 _____ (Microsoft Corporation) C:\Windows\system32\ISM.dll
    2020-09-10 16:39 - 2020-09-10 16:39 - 001999968 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
    2020-09-10 16:39 - 2020-09-10 16:39 - 001930752 _____ (Microsoft Corporation) C:\Windows\system32\dbghelp.dll
    2020-09-10 16:39 - 2020-09-10 16:39 - 001918464 _____ (Microsoft Corporation) C:\Windows\system32\wevtsvc.dll
    2020-09-10 16:39 - 2020-09-10 16:39 - 001885184 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
    2020-09-10 16:39 - 2020-09-10 16:39 - 001743680 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll
    2020-09-10 16:39 - 2020-09-10 16:39 - 001726264 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
    2020-09-10 16:39 - 2020-09-10 16:39 - 001670144 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
    2020-09-10 16:39 - 2020-09-10 16:39 - 001522176 _____ (Microsoft Corporation) C:\Windows\system32\WindowManagement.dll
    2020-09-10 16:39 - 2020-09-10 16:39 - 001486848 _____ (Microsoft Corporation) C:\Windows\system32\usocoreworker.exe
    2020-09-10 16:39 - 2020-09-10 16:39 - 001485824 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.Vpn.dll
    2020-09-10 16:39 - 2020-09-10 16:39 - 001480520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
    2020-09-10 16:39 - 2020-09-10 16:39 - 001399216 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
    2020-09-10 16:39 - 2020-09-10 16:39 - 001393960 _____ (Microsoft Corporation) C:\Windows\system32\WinTypes.dll
    2020-09-10 16:39 - 2020-09-10 16:39 - 001274128 _____ (Microsoft Corporation) C:\Windows\system32\Windows.StateRepositoryPS.dll
    2020-09-10 16:39 - 2020-09-10 16:39 - 001260752 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
    2020-09-10 16:39 - 2020-09-10 16:39 - 001170960 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
    2020-09-10 16:39 - 2020-09-10 16:39 - 001092096 _____ (Microsoft Corporation) C:\Windows\system32\MusUpdateHandlers.dll
    2020-09-10 16:39 - 2020-09-10 16:39 - 000944680 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
    2020-09-10 16:39 - 2020-09-10 16:39 - 000932352 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll
    2020-09-10 16:39 - 2020-09-10 16:39 - 000932256 _____ (Microsoft Corporation) C:\Windows\system32\SecurityHealthService.exe
    2020-09-10 16:39 - 2020-09-10 16:39 - 000893104 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
    2020-09-10 16:39 - 2020-09-10 16:39 - 000858928 _____ (Microsoft Corporation) C:\Windows\system32\CoreMessaging.dll
    2020-09-10 16:39 - 2020-09-10 16:39 - 000851968 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
    2020-09-10 16:39 - 2020-09-10 16:39 - 000842240 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_Language.dll
    2020-09-10 16:39 - 2020-09-10 16:39 - 000823752 _____ (Microsoft Corporation) C:\Windows\system32\fontdrvhost.exe
    2020-09-10 16:39 - 2020-09-10 16:39 - 000822784 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll
    2020-09-10 16:39 - 2020-09-10 16:39 - 000716304 _____ (Microsoft Corporation) C:\Windows\system32\StateRepository.Core.dll
    2020-09-10 16:39 - 2020-09-10 16:39 - 000675840 _____ (Microsoft Corporation) C:\Windows\system32\daxexec.dll
    2020-09-10 16:39 - 2020-09-10 16:39 - 000661832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
    2020-09-10 16:39 - 2020-09-10 16:39 - 000621568 _____ (Microsoft Corporation) C:\Windows\system32\MusNotification.exe
    2020-09-10 16:39 - 2020-09-10 16:39 - 000602112 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Payments.dll
    2020-09-10 16:39 - 2020-09-10 16:39 - 000578560 _____ (Microsoft Corporation) C:\Windows\system32\SppExtComObj.Exe
    2020-09-10 16:39 - 2020-09-10 16:39 - 000561464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
    2020-09-10 16:39 - 2020-09-10 16:39 - 000550400 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
    2020-09-10 16:39 - 2020-09-10 16:39 - 000544256 _____ (Microsoft Corporation) C:\Windows\system32\usosvc.dll
    2020-09-10 16:39 - 2020-09-10 16:39 - 000533504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
    2020-09-10 16:39 - 2020-09-10 16:39 - 000530432 _____ (Microsoft Corporation) C:\Windows\system32\MusNotificationUx.exe
    2020-09-10 16:39 - 2020-09-10 16:39 - 000525824 _____ (Microsoft Corporation) C:\Windows\system32\sppcext.dll
    2020-09-10 16:39 - 2020-09-10 16:39 - 000516608 _____ (Microsoft Corporation) C:\Windows\system32\wuuhext.dll
    2020-09-10 16:39 - 2020-09-10 16:39 - 000510792 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
    2020-09-10 16:39 - 2020-09-10 16:39 - 000506880 _____ (Microsoft Corporation) C:\Windows\system32\InputSwitch.dll
    2020-09-10 16:39 - 2020-09-10 16:39 - 000492032 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
    2020-09-10 16:39 - 2020-09-10 16:39 - 000477496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
    2020-09-10 16:39 - 2020-09-10 16:39 - 000460192 _____ (Microsoft Corporation) C:\Windows\system32\MusNotifyIcon.exe
    2020-09-10 16:39 - 2020-09-10 16:39 - 000457016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdbss.sys
    2020-09-10 16:39 - 2020-09-10 16:39 - 000435200 _____ (Microsoft Corporation) C:\Windows\system32\wincorlib.dll
    2020-09-10 16:39 - 2020-09-10 16:39 - 000419328 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Lights.dll
    2020-09-10 16:39 - 2020-09-10 16:39 - 000401408 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
    2020-09-10 16:39 - 2020-09-10 16:39 - 000400696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\clfs.sys
    2020-09-10 16:39 - 2020-09-10 16:39 - 000392704 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore.dll
    2020-09-10 16:39 - 2020-09-10 16:39 - 000392192 _____ (Microsoft Corporation) C:\Windows\system32\Search.ProtocolHandler.MAPI2.dll
    2020-09-10 16:39 - 2020-09-10 16:39 - 000382464 _____ (Microsoft Corporation) C:\Windows\system32\AppLockerCSP.dll
    2020-09-10 16:39 - 2020-09-10 16:39 - 000372536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msrpc.sys
    2020-09-10 16:39 - 2020-09-10 16:39 - 000368128 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
    2020-09-10 16:39 - 2020-09-10 16:39 - 000363128 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
    2020-09-10 16:39 - 2020-09-10 16:39 - 000356160 _____ (Microsoft Corporation) C:\Windows\system32\SecurityHealthAgent.dll
    2020-09-10 16:39 - 2020-09-10 16:39 - 000353792 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll
    2020-09-10 16:39 - 2020-09-10 16:39 - 000324408 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
    2020-09-10 16:39 - 2020-09-10 16:39 - 000312832 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
    2020-09-10 16:39 - 2020-09-10 16:39 - 000293376 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore6.dll
    2020-09-10 16:39 - 2020-09-10 16:39 - 000279552 _____ (Microsoft Corporation) C:\Windows\system32\storewuauth.dll
    2020-09-10 16:39 - 2020-09-10 16:39 - 000260408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
    2020-09-10 16:39 - 2020-09-10 16:39 - 000259072 _____ (Microsoft Corporation) C:\Windows\system32\VPNv2CSP.dll
    2020-09-10 16:39 - 2020-09-10 16:39 - 000256000 _____ (Microsoft Corporation) C:\Windows\system32\UpdateDeploymentProvider.dll
    2020-09-10 16:39 - 2020-09-10 16:39 - 000255488 _____ (Microsoft Corporation) C:\Windows\system32\wpnservice.dll
    2020-09-10 16:39 - 2020-09-10 16:39 - 000254776 _____ (Microsoft Corporation) C:\Windows\system32\offlinesam.dll
    2020-09-10 16:39 - 2020-09-10 16:39 - 000240640 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe
    2020-09-10 16:39 - 2020-09-10 16:39 - 000231936 _____ (Microsoft Corporation) C:\Windows\system32\InstallServiceTasks.dll
    2020-09-10 16:39 - 2020-09-10 16:39 - 000224768 _____ (Microsoft Corporation) C:\Windows\system32\TabSvc.dll
    2020-09-10 16:39 - 2020-09-10 16:39 - 000213824 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
    2020-09-10 16:39 - 2020-09-10 16:39 - 000209920 _____ (Microsoft Corporation) C:\Windows\system32\wuuhosdeployment.dll
    2020-09-10 16:39 - 2020-09-10 16:39 - 000209216 _____ (Microsoft Corporation) C:\Windows\system32\Windows.StateRepositoryClient.dll
    2020-09-10 16:39 - 2020-09-10 16:39 - 000208384 _____ (Microsoft Corporation) C:\Windows\system32\Windows.StateRepositoryUpgrade.dll
    2020-09-10 16:39 - 2020-09-10 16:39 - 000205640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
    2020-09-10 16:39 - 2020-09-10 16:39 - 000204800 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
    2020-09-10 16:39 - 2020-09-10 16:39 - 000200704 _____ (Microsoft Corporation) C:\Windows\system32\updatepolicy.dll
    2020-09-10 16:39 - 2020-09-10 16:39 - 000197632 _____ (Microsoft Corporation) C:\Windows\system32\Win32CompatibilityAppraiserCSP.dll
    2020-09-10 16:39 - 2020-09-10 16:39 - 000179512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
    2020-09-10 16:39 - 2020-09-10 16:39 - 000159232 _____ (Microsoft Corporation) C:\Windows\system32\srpapi.dll
    2020-09-10 16:39 - 2020-09-10 16:39 - 000158720 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
    2020-09-10 16:39 - 2020-09-10 16:39 - 000147456 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll
    2020-09-10 16:39 - 2020-09-10 16:39 - 000146248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
    2020-09-10 16:39 - 2020-09-10 16:39 - 000132408 _____ (Microsoft Corporation) C:\Windows\system32\offlinelsa.dll
    2020-09-10 16:39 - 2020-09-10 16:39 - 000131896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mup.sys
    2020-09-10 16:39 - 2020-09-10 16:39 - 000128512 _____ (Microsoft Corporation) C:\Windows\system32\mssitlb.dll
    2020-09-10 16:39 - 2020-09-10 16:39 - 000127064 _____ (Microsoft Corporation) C:\Windows\system32\win32u.dll
    2020-09-10 16:39 - 2020-09-10 16:39 - 000125952 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
    2020-09-10 16:39 - 2020-09-10 16:39 - 000122368 _____ (Microsoft Corporation) C:\Windows\system32\samlib.dll
    2020-09-10 16:39 - 2020-09-10 16:39 - 000121856 _____ (Microsoft Corporation) C:\Windows\system32\UserDataTimeUtil.dll
    2020-09-10 16:39 - 2020-09-10 16:39 - 000121856 _____ (Microsoft Corporation) C:\Windows\system32\updatecsp.dll
    2020-09-10 16:39 - 2020-09-10 16:39 - 000108856 _____ (Microsoft Corporation) C:\Windows\system32\SecurityHealthProxyStub.dll
    2020-09-10 16:39 - 2020-09-10 16:39 - 000105984 _____ (Microsoft Corporation) C:\Windows\system32\utcutil.dll
    2020-09-10 16:39 - 2020-09-10 16:39 - 000104248 _____ (Microsoft Corporation) C:\Windows\system32\Windows.StateRepositoryBroker.dll
    2020-09-10 16:39 - 2020-09-10 16:39 - 000102912 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
    2020-09-10 16:39 - 2020-09-10 16:39 - 000092672 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcsvc.dll
    2020-09-10 16:39 - 2020-09-10 16:39 - 000089088 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
    2020-09-10 16:39 - 2020-09-10 16:39 - 000079576 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
    2020-09-10 16:39 - 2020-09-10 16:39 - 000068096 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcsvc6.dll
    2020-09-10 16:39 - 2020-09-10 16:39 - 000066872 _____ (Microsoft Corporation) C:\Windows\system32\CloudExperienceHostBroker.exe
    2020-09-10 16:39 - 2020-09-10 16:39 - 000063296 _____ (Microsoft Corporation) C:\Windows\system32\SecurityHealthHost.exe
    2020-09-10 16:39 - 2020-09-10 16:39 - 000061952 _____ (Microsoft Corporation) C:\Windows\system32\mf3216.dll
    2020-09-10 16:39 - 2020-09-10 16:39 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msscntrs.dll
    2020-09-10 16:39 - 2020-09-10 16:39 - 000059392 _____ C:\Windows\system32\runexehelper.exe
    2020-09-10 16:39 - 2020-09-10 16:39 - 000057888 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
    2020-09-10 16:39 - 2020-09-10 16:39 - 000057856 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
    2020-09-10 16:39 - 2020-09-10 16:39 - 000047008 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
    2020-09-10 16:39 - 2020-09-10 16:39 - 000045568 _____ (Microsoft Corporation) C:\Windows\system32\Windows.StateRepositoryCore.dll
    2020-09-10 16:39 - 2020-09-10 16:39 - 000045568 _____ (Microsoft Corporation) C:\Windows\system32\cmintegrator.dll
    2020-09-10 16:39 - 2020-09-10 16:39 - 000029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
    2020-09-10 16:39 - 2020-09-10 16:39 - 000025600 _____ (Microsoft Corporation) C:\Windows\system32\appidtel.exe
    2020-09-10 16:39 - 2020-09-10 16:39 - 000019456 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
    2020-09-10 16:39 - 2020-09-10 16:39 - 000018432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\applockerfltr.sys
    2020-09-10 16:39 - 2020-09-10 16:39 - 000014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
    2020-09-10 16:39 - 2020-09-10 16:39 - 000008192 _____ (Microsoft Corporation) C:\Windows\system32\msimg32.dll
    2020-09-10 16:39 - 2020-09-10 16:39 - 000003072 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
    2020-09-10 16:39 - 2020-09-10 16:39 - 000002560 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
    2020-09-10 16:39 - 2020-09-10 16:39 - 000002560 _____ (Microsoft Corporation) C:\Windows\system32\tier2punctuations.dll
    2020-09-10 16:39 - 2020-09-10 16:39 - 000002560 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
    2020-09-10 16:38 - 2020-09-10 16:39 - 003136000 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
    2020-09-10 16:38 - 2020-09-10 16:38 - 007845080 _____ (Microsoft Corporation) C:\Windows\system32\OneCoreUAPCommonProxyStub.dll
    2020-09-10 16:38 - 2020-09-10 16:38 - 006233080 _____ (Microsoft Corporation) C:\Windows\system32\StartTileData.dll
    2020-09-10 16:38 - 2020-09-10 16:38 - 003985920 _____ (Microsoft Corporation) C:\Windows\system32\tellib.dll
    2020-09-10 16:38 - 2020-09-10 16:38 - 003714048 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll
    2020-09-10 16:38 - 2020-09-10 16:38 - 003581240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
    2020-09-10 16:38 - 2020-09-10 16:38 - 002711552 _____ (Microsoft Corporation) C:\Windows\system32\win32kbase.sys
    2020-09-10 16:38 - 2020-09-10 16:38 - 002291712 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.onecore.dll
    2020-09-10 16:38 - 2020-09-10 16:38 - 002060288 _____ (Microsoft Corporation) C:\Windows\system32\cdprt.dll
    2020-09-10 16:38 - 2020-09-10 16:38 - 001942016 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
    2020-09-10 16:38 - 2020-09-10 16:38 - 001784832 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Input.Inking.dll
    2020-09-10 16:38 - 2020-09-10 16:38 - 001767424 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
    2020-09-10 16:38 - 2020-09-10 16:38 - 001751040 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.desktop.dll
    2020-09-10 16:38 - 2020-09-10 16:38 - 001746232 _____ (Microsoft Corporation) C:\Windows\system32\ContentDeliveryManager.Utilities.dll
    2020-09-10 16:38 - 2020-09-10 16:38 - 001499136 _____ (Microsoft Corporation) C:\Windows\system32\TokenBroker.dll
    2020-09-10 16:38 - 2020-09-10 16:38 - 001182720 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
    2020-09-10 16:38 - 2020-09-10 16:38 - 001182208 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Security.Authentication.Web.Core.dll
    2020-09-10 16:38 - 2020-09-10 16:38 - 001149712 _____ (Microsoft Corporation) C:\Windows\system32\ApplyTrustOffline.exe
    2020-09-10 16:38 - 2020-09-10 16:38 - 001008952 _____ (Microsoft Corporation) C:\Windows\system32\CloudExperienceHostCommon.dll
    2020-09-10 16:38 - 2020-09-10 16:38 - 000981320 _____ (Microsoft Corporation) C:\Windows\system32\WWAHost.exe
    2020-09-10 16:38 - 2020-09-10 16:38 - 000978232 _____ (Microsoft Corporation) C:\Windows\system32\PCPKsp.dll
    2020-09-10 16:38 - 2020-09-10 16:38 - 000874296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms2.sys
    2020-09-10 16:38 - 2020-09-10 16:38 - 000841216 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
    2020-09-10 16:38 - 2020-09-10 16:38 - 000817152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
    2020-09-10 16:38 - 2020-09-10 16:38 - 000750080 _____ (Microsoft Corporation) C:\Windows\system32\ActivationManager.dll
    2020-09-10 16:38 - 2020-09-10 16:38 - 000722072 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
    2020-09-10 16:38 - 2020-09-10 16:38 - 000648192 _____ (Microsoft Corporation) C:\Windows\system32\cdpsvc.dll
    2020-09-10 16:38 - 2020-09-10 16:38 - 000555320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Vid.sys
    2020-09-10 16:38 - 2020-09-10 16:38 - 000521728 _____ (Microsoft Corporation) C:\Windows\system32\cdpusersvc.dll
    2020-09-10 16:38 - 2020-09-10 16:38 - 000441152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
    2020-09-10 16:38 - 2020-09-10 16:38 - 000434176 _____ (Microsoft Corporation) C:\Windows\system32\MicrosoftAccountExtension.dll
    2020-09-10 16:38 - 2020-09-10 16:38 - 000379904 _____ (Microsoft Corporation) C:\Windows\system32\provengine.dll
    2020-09-10 16:38 - 2020-09-10 16:38 - 000375096 _____ (Microsoft Corporation) C:\Windows\system32\thumbcache.dll
    2020-09-10 16:38 - 2020-09-10 16:38 - 000294400 _____ (Microsoft Corporation) C:\Windows\system32\provops.dll
    2020-09-10 16:38 - 2020-09-10 16:38 - 000279552 _____ (Microsoft Corporation) C:\Windows\system32\smbwmiv2.dll
    2020-09-10 16:38 - 2020-09-10 16:38 - 000273208 _____ (Microsoft Corporation) C:\Windows\system32\CloudExperienceHostUser.dll
    2020-09-10 16:38 - 2020-09-10 16:38 - 000271872 _____ (Microsoft Corporation) C:\Windows\system32\provhandlers.dll
    2020-09-10 16:38 - 2020-09-10 16:38 - 000265216 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
    2020-09-10 16:38 - 2020-09-10 16:38 - 000250680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tpm.sys
    2020-09-10 16:38 - 2020-09-10 16:38 - 000233472 _____ (Microsoft Corporation) C:\Windows\system32\KnobsCore.dll
    2020-09-10 16:38 - 2020-09-10 16:38 - 000232960 _____ (Microsoft Corporation) C:\Windows\system32\provisioningcsp.dll
    2020-09-10 16:38 - 2020-09-10 16:38 - 000224072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelppm.sys
    2020-09-10 16:38 - 2020-09-10 16:38 - 000208712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\processr.sys
    2020-09-10 16:38 - 2020-09-10 16:38 - 000201728 _____ (Microsoft Corporation) C:\Windows\system32\AppXApplicabilityBlob.dll
    2020-09-10 16:38 - 2020-09-10 16:38 - 000201544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdppm.sys
    2020-09-10 16:38 - 2020-09-10 16:38 - 000200008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdk8.sys
    2020-09-10 16:38 - 2020-09-10 16:38 - 000160256 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
    2020-09-10 16:38 - 2020-09-10 16:38 - 000150528 _____ (Microsoft Corporation) C:\Windows\system32\mapistub.dll
    2020-09-10 16:38 - 2020-09-10 16:38 - 000150528 _____ (Microsoft Corporation) C:\Windows\system32\mapi32.dll
    2020-09-10 16:38 - 2020-09-10 16:38 - 000142152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\stornvme.sys
    2020-09-10 16:38 - 2020-09-10 16:38 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\UtcDecoderHost.exe
    2020-09-10 16:38 - 2020-09-10 16:38 - 000120320 _____ (Microsoft Corporation) C:\Windows\system32\KnobsCsp.dll
    2020-09-10 16:38 - 2020-09-10 16:38 - 000108032 _____ (Microsoft Corporation) C:\Windows\system32\wwanprotdim.dll
    2020-09-10 16:38 - 2020-09-10 16:38 - 000102912 _____ (Microsoft Corporation) C:\Windows\system32\NFCProvisioningPlugin.dll
    2020-09-10 16:38 - 2020-09-10 16:38 - 000097792 _____ (Microsoft Corporation) C:\Windows\system32\provdatastore.dll
    2020-09-10 16:38 - 2020-09-10 16:38 - 000091136 _____ (Microsoft Corporation) C:\Windows\system32\ProvPluginEng.dll
    2020-09-10 16:38 - 2020-09-10 16:38 - 000089088 _____ (Microsoft Corporation) C:\Windows\system32\BarcodeProvisioningPlugin.dll
    2020-09-10 16:38 - 2020-09-10 16:38 - 000084480 _____ (Microsoft Corporation) C:\Windows\system32\provtool.exe
    2020-09-10 16:38 - 2020-09-10 16:38 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\CustomInstallExec.exe
    2020-09-10 16:38 - 2020-09-10 16:38 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\RemovableMediaProvisioningPlugin.dll
    2020-09-10 16:38 - 2020-09-10 16:38 - 000064000 _____ (Microsoft Corporation) C:\Windows\system32\tbauth.dll
    2020-09-10 16:38 - 2020-09-10 16:38 - 000059192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storufs.sys
    2020-09-10 16:38 - 2020-09-10 16:38 - 000036864 _____ (Microsoft Corporation) C:\Windows\system32\TokenBrokerCookies.exe
    2020-09-10 16:38 - 2020-09-10 16:38 - 000036352 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BtaMPM.sys
    2020-09-10 16:38 - 2020-09-10 16:38 - 000033792 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Management.Provisioning.ProxyStub.dll
    2020-09-10 16:38 - 2020-09-10 16:38 - 000031232 _____ (Microsoft Corporation) C:\Windows\system32\FaxPrinterInstaller.dll
    2020-09-10 16:38 - 2020-09-10 16:38 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\KNetPwrDepBroker.sys
    2020-09-10 16:38 - 2020-09-10 16:38 - 000021504 _____ (Microsoft Corporation) C:\Windows\system32\provdiagnostics.dll
    2020-09-10 16:38 - 2020-09-10 16:38 - 000021504 _____ (Microsoft Corporation) C:\Windows\system32\fixmapi.exe
    2020-09-10 00:28 - 2020-09-10 00:31 - 000000000 ____D C:\AdwCleaner
    2020-09-10 00:12 - 2020-08-15 07:25 - 000492544 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
    2020-09-10 00:12 - 2020-08-15 07:15 - 000390656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
    2020-08-23 04:53 - 2020-09-11 16:57 - 000002440 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
    2020-08-23 04:53 - 2020-08-24 16:01 - 000003652 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
    2020-08-23 04:53 - 2020-08-24 16:01 - 000003528 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore

    ==================== Un mes (modificado) ==================

    (Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)

    2020-09-19 03:52 - 2019-03-19 06:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
    2020-09-19 03:37 - 2019-03-19 06:50 - 000000000 ____D C:\Windows\INF
    2020-09-19 03:29 - 2020-04-06 01:22 - 000000000 ____D C:\Program Files (x86)\Steam
    2020-09-19 03:26 - 2020-04-05 02:56 - 000000000 __SHD C:\Users\dcd_9\IntelGraphicsProfiles
    2020-09-19 03:25 - 2020-04-06 01:11 - 000000000 ____D C:\Program Files (x86)\TeamViewer
    2020-09-19 03:25 - 2020-04-05 02:56 - 000000000 ____D C:\Intel
    2020-09-19 03:25 - 2020-04-05 02:14 - 000000006 ____H C:\Windows\Tasks\SA.DAT
    2020-09-19 03:24 - 2019-03-19 06:37 - 000786432 _____ C:\Windows\system32\config\BBI
    2020-09-19 02:00 - 2020-04-06 01:11 - 000000000 ____D C:\Users\dcd_9\AppData\Roaming\TeamViewer
    2020-09-19 01:55 - 2020-04-05 03:13 - 000000000 ____D C:\Windows\Panther
    2020-09-19 01:54 - 2020-04-05 22:42 - 000000000 ____D C:\Users\dcd_9\AppData\Local\CrashDumps
    2020-09-19 01:52 - 2019-03-19 06:52 - 000000000 ___HD C:\Windows\ELAMBKUP
    2020-09-19 01:42 - 2020-04-05 21:31 - 000000000 ____D C:\Users\dcd_9\AppData\Roaming\WhatsApp
    2020-09-18 23:02 - 2019-03-19 06:52 - 000000000 ____D C:\Windows\AppReadiness
    2020-09-18 23:00 - 2020-04-05 02:14 - 000000000 ____D C:\Windows\system32\SleepStudy
    2020-09-18 20:58 - 2020-04-15 11:20 - 000000000 ____D C:\Users\dcd_9\AppData\Roaming\vlc
    2020-09-17 23:38 - 2019-03-19 06:52 - 000000000 ___HD C:\Program Files\WindowsApps
    2020-09-16 17:03 - 2020-04-05 22:35 - 000002451 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
    2020-09-16 17:03 - 2020-04-05 22:35 - 000002450 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
    2020-09-16 17:03 - 2020-04-05 22:35 - 000002414 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
    2020-09-16 17:03 - 2020-04-05 22:35 - 000002413 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
    2020-09-16 17:03 - 2020-04-05 22:35 - 000002407 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
    2020-09-16 17:03 - 2020-04-05 22:35 - 000002401 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
    2020-09-16 17:03 - 2020-04-05 22:35 - 000002393 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote.lnk
    2020-09-16 17:03 - 2020-04-05 22:18 - 000000000 ____D C:\Program Files\Microsoft Office
    2020-09-15 16:50 - 2020-04-05 16:49 - 000000000 ____D C:\Users\dcd_9\AppData\LocalLow\Mozilla
    2020-09-15 16:39 - 2020-04-10 05:22 - 000000000 ____D C:\Program Files\Mozilla Firefox
    2020-09-15 16:33 - 2020-04-05 02:46 - 000000000 ____D C:\Users\dcd_9
    2020-09-14 23:43 - 2020-04-05 02:48 - 000000000 ____D C:\Users\dcd_9\AppData\Local\Packages
    2020-09-14 21:29 - 2020-04-05 02:32 - 001684180 _____ C:\Windows\system32\PerfStringBackup.INI
    2020-09-14 21:29 - 2019-03-19 13:59 - 000753744 _____ C:\Windows\system32\perfh00A.dat
    2020-09-14 21:29 - 2019-03-19 13:59 - 000148288 _____ C:\Windows\system32\perfc00A.dat
    2020-09-14 21:28 - 2020-04-05 23:46 - 000000000 ____D C:\Users\dcd_9\AppData\Roaming\Telegram Desktop
    2020-09-14 21:20 - 2020-04-05 22:34 - 000000000 ____D C:\Users\dcd_9\AppData\Roaming\qBittorrent
    2020-09-14 20:36 - 2020-04-09 18:10 - 000000000 ____D C:\Users\dcd_9\AppData\Roaming\TeraCopy
    2020-09-12 02:15 - 2020-05-07 21:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
    2020-09-12 02:15 - 2020-05-07 21:03 - 000000000 ____D C:\Program Files (x86)\HP
    2020-09-11 20:54 - 2020-04-06 01:06 - 000000000 ___RD C:\Users\dcd_9\Creative Cloud Files
    2020-09-11 00:01 - 2020-04-05 02:48 - 000000000 __RHD C:\Users\Public\AccountPictures
    2020-09-11 00:01 - 2020-04-05 02:48 - 000000000 ___RD C:\Users\dcd_9\3D Objects
    2020-09-10 23:58 - 2020-04-05 02:14 - 000472480 _____ C:\Windows\system32\FNTCACHE.DAT
    2020-09-10 23:50 - 2019-03-19 14:01 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
    2020-09-10 23:50 - 2019-03-19 06:52 - 000000000 ___SD C:\Windows\system32\DiagSvcs
    2020-09-10 23:50 - 2019-03-19 06:52 - 000000000 ___RD C:\Windows\PrintDialog
    2020-09-10 23:50 - 2019-03-19 06:52 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
    2020-09-10 23:50 - 2019-03-19 06:52 - 000000000 ____D C:\Windows\SystemResources
    2020-09-10 23:50 - 2019-03-19 06:52 - 000000000 ____D C:\Windows\system32\oobe
    2020-09-10 23:50 - 2019-03-19 06:52 - 000000000 ____D C:\Windows\system32\migwiz
    2020-09-10 23:50 - 2019-03-19 06:52 - 000000000 ____D C:\Windows\ShellExperiences
    2020-09-10 23:50 - 2019-03-19 06:52 - 000000000 ____D C:\Windows\Provisioning
    2020-09-10 23:50 - 2019-03-19 06:52 - 000000000 ____D C:\Windows\PolicyDefinitions
    2020-09-10 23:50 - 2019-03-19 06:52 - 000000000 ____D C:\Windows\bcastdvr
    2020-09-10 23:41 - 2020-04-09 16:47 - 000002299 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
    2020-09-10 23:41 - 2020-04-09 16:47 - 000002258 _____ C:\Users\Public\Desktop\Google Chrome.lnk
    2020-09-10 23:37 - 2020-04-05 02:55 - 000003378 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2889404154-267517090-4050638038-1001
    2020-09-10 23:37 - 2020-04-05 02:55 - 000000000 ___RD C:\Users\dcd_9\OneDrive
    2020-09-10 23:37 - 2020-04-05 02:46 - 000002397 _____ C:\Users\dcd_9\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
    2020-09-10 16:57 - 2019-03-19 06:37 - 000000000 ____D C:\Windows\CbsTemp
    2020-09-10 16:38 - 2020-04-05 02:17 - 002876416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
    2020-09-10 01:32 - 2020-04-08 00:12 - 000000000 ____D C:\Windows\system32\MRT
    2020-09-10 00:54 - 2020-04-08 00:11 - 129170736 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
    2020-09-08 16:40 - 2020-07-14 19:40 - 004687416 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
    2020-09-08 16:40 - 2020-06-12 00:10 - 000842296 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerApp.exe
    2020-09-08 16:40 - 2020-06-12 00:10 - 000175160 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
    2020-09-08 16:40 - 2020-04-09 20:18 - 000004584 _____ C:\Windows\system32\Tasks\Adobe Flash Player PPAPI Notifier
    2020-09-08 16:40 - 2019-03-19 06:52 - 000000000 ____D C:\Windows\SysWOW64\Macromed
    2020-09-08 16:40 - 2019-03-19 06:52 - 000000000 ____D C:\Windows\system32\Macromed
    2020-09-04 01:50 - 2020-04-06 00:57 - 000000000 ____D C:\Program Files\Adobe
    2020-08-29 16:11 - 2020-04-05 02:15 - 000000000 ____D C:\Windows\system32\Drivers\wd

    ==================== Archivos en la raíz de algunos directorios ========

    2020-04-27 03:46 - 2020-04-27 03:46 - 000000703 _____ () C:\Users\dcd_9\AppData\Roaming\codec.dll
    2020-04-05 23:05 - 2020-04-05 23:05 - 000000000 _____ () C:\Users\dcd_9\AppData\Local\oobelibMkey.log

    ==================== SigCheck ============================

    (No existe una corrección automática para los archivos que no pasan la verificación.)

    ==================== Final de FRST.txt ========================
Resultados del Análisis Adicional de Farbar Recovery Scan Tool (x64) Versión: 16-09-2020
Ejecutado por dcd_9 (19-09-2020 04:07:02)
Ejecutado desde C:\Users\dcd_9\OneDrive\Desktop
Windows 10 Pro Versión 1909 18363.1082 (X64) (2020-04-05 00:31:22)
Modo de Inicio: Normal
==========================================================


==================== Cuentas: =============================

Administrador (S-1-5-21-2889404154-267517090-4050638038-500 - Administrator - Disabled)
dcd_9 (S-1-5-21-2889404154-267517090-4050638038-1001 - Administrator - Enabled) => C:\Users\dcd_9
DefaultAccount (S-1-5-21-2889404154-267517090-4050638038-503 - Limited - Disabled)
Invitado (S-1-5-21-2889404154-267517090-4050638038-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-2889404154-267517090-4050638038-504 - Limited - Disabled)

==================== Centro de Seguridad ========================

(Si una entrada es incluida en el fixlist, será eliminada.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}

==================== Programas instalados ======================

(Solo los programas de adware con indicador "Oculto", pueden ser añadidos al fixlist para hacerlos visibles. Los programas adware deben ser desinstalados manualmente.)

64 Bit HP CIO Components Installer (HKLM\...\{FF21C3E6-97FD-474F-9518-8DCBE94C2854}) (Version: 7.2.8 - Hewlett-Packard) Hidden
Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 20.006.20034 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 5.2.1.441 - Adobe Systems Incorporated)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.433 - Adobe)
Adobe Photoshop 2020 (HKLM-x32\...\PHSP_21_1_1) (Version: 21.1.1 - Adobe Inc.)
Air Explorer Pro (HKLM-x32\...\Air Explorer Pro) (Version: 2.8.1 - airexplorer.net)
Aplicaciones de Microsoft 365 para empresas - es-es (HKLM\...\O365ProPlusRetail - es-es) (Version: 16.0.13127.20408 - Microsoft Corporation)
BufferChm (HKLM-x32\...\{FA0FF682-CC70-4C57-93CD-E276F3E7537E}) (Version: 140.0.298.000 - Hewlett-Packard) Hidden
Camtasia 9 (HKLM\...\{33E08945-3D7B-40BB-B34F-1A3C8B9650DE}) (Version: 9.1.2.3011 - TechSmith Corporation) Hidden
Camtasia 9 (HKLM-x32\...\{34ab05ac-3089-417f-828e-c2da3d5b4e09}) (Version: 9.1.2.3011 - TechSmith Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 5.68 - Piriform)
Configurador FNMT (HKLM-x32\...\ConfiguradorFnmt) (Version: 1.0.2 - FNMT-RCM)
Copy (HKLM-x32\...\{9BE466FF-70B7-4DA8-807C-DB4C3610FDAA}) (Version: 140.0.298.000 - Hewlett-Packard) Hidden
Destinations (HKLM-x32\...\{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}) (Version: 140.0.253.000 - Hewlett-Packard) Hidden
DeviceDiscovery (HKLM-x32\...\{1458BB78-1DC5-4BC0-B9A3-2B644F5A8105}) (Version: 140.0.298.000 - Hewlett-Packard) Hidden
DJ_AIO_06_F2400_SW_Min (HKLM-x32\...\{D1E8CEBA-EC2B-4B37-97B8-C87AF6302601}) (Version: 140.0.851.000 - Hewlett-Packard) Hidden
F2400 (HKLM-x32\...\{60F0F139-0C04-4D9C-9C6C-DEF35766BAB3}) (Version: 140.0.851.000 - Hewlett-Packard) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 85.0.4183.102 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
GPBaseService2 (HKLM-x32\...\{BB3447F6-9553-4AA9-960E-0DB5310C5779}) (Version: 140.0.297.000 - Hewlett-Packard) Hidden
Greenshot 1.2.10.6 (HKLM\...\Greenshot_is1) (Version: 1.2.10.6 - Greenshot)
HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)
HP Deskjet F2400 All-in-One Driver Software 14.0 Rel. 6 (HKLM\...\{BCDD692B-172D-440A-9A1B-501C71D72CC8}) (Version: 14.0 - HP)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPPhotoGadget (HKLM-x32\...\{CAE4213F-F797-439D-BD9E-79B71D115BE3}) (Version: 140.0.524.000 - Hewlett-Packard) Hidden
HPProductAssistant (HKLM-x32\...\{150B6201-E9E6-4DFB-960E-CCBD53FBDDED}) (Version: 140.0.298.000 - Hewlett-Packard) Hidden
IBM SPSS Statistics 25 (HKLM\...\{C2D1E17D-CB8A-4742-84FA-1DB5C6A1ABDD}) (Version: 25.0.0.0 - IBM Corp)
Java 8 Update 261 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180261F0}) (Version: 8.0.2610.12 - Oracle Corporation)
Malwarebytes version 4.2.1.89 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.2.1.89 - Malwarebytes)
MarketResearch (HKLM-x32\...\{D360FA88-17C8-4F14-B67F-13AAF9607B12}) (Version: 140.0.212.000 - Hewlett-Packard) Hidden
MediaInfo 20.03 (HKLM\...\MediaInfo) (Version: 20.03 - MediaArea.net)
MEGAsync (HKLM-x32\...\MEGAsync) (Version:  - Mega Limited)
Mendeley Desktop 1.19.4 (HKLM-x32\...\Mendeley Desktop) (Version: 1.19.4 - Mendeley Ltd.)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 85.0.564.51 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.135.29 - )
Microsoft OneDrive (HKU\S-1-5-21-2889404154-267517090-4050638038-1001\...\OneDriveSetup.exe) (Version: 20.143.0716.0003 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-2889404154-267517090-4050638038-1001\...\Teams) (Version: 1.3.00.362 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.23.27820 (HKLM-x32\...\{852adda4-4c78-4a38-b583-c0b360a329d6}) (Version: 14.23.27820.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.23.27820 (HKLM-x32\...\{45231ab4-69fd-486a-859d-7a59fcd11013}) (Version: 14.23.27820.0 - Microsoft Corporation)
Mozilla Firefox 75.0 (x64 es-ES) (HKLM\...\Mozilla Firefox 75.0 (x64 es-ES)) (Version: 75.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 74.0.1 - Mozilla)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.13127.20164 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.13127.20378 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0C0A-1000-0000000FF1CE}) (Version: 16.0.13127.20164 - Microsoft Corporation) Hidden
qBittorrent 4.2.5 (HKLM-x32\...\qBittorrent) (Version: 4.2.5 - The qBittorrent project)
QuickTransfer (HKLM-x32\...\{E517094C-06B6-419F-8FFD-EF4F57972130}) (Version: 140.0.98.000 - Hewlett-Packard) Hidden
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10586.31225 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.8924.1 - Realtek Semiconductor Corp.)
Scan (HKLM-x32\...\{06A1D88C-E102-4527-AF70-29FFD7AF215A}) (Version: 140.0.253.000 - Hewlett-Packard) Hidden
SolutionCenter (HKLM-x32\...\{BC5DD87B-0143-4D14-AAE6-97109614DC6B}) (Version: 140.0.299.000 - Hewlett-Packard) Hidden
Status (HKLM-x32\...\{5B025634-7D5B-4B8D-BE2A-7943C1CF2D5D}) (Version: 140.0.342.000 - Hewlett-Packard) Hidden
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.4.3.191 - Synaptics Incorporated)
Teams Machine-Wide Installer (HKLM-x32\...\{731F6BAA-A986-45A4-8936-7C3AAAAA760B}) (Version: 1.3.0.362 - Microsoft Corporation)
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.7.6 - TeamViewer)
Telegram Desktop version 2.3.1 (HKU\S-1-5-21-2889404154-267517090-4050638038-1001\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 2.3.1 - Telegram FZ-LLC)
TeraCopy version 3.26 (HKLM\...\TeraCopy_is1) (Version: 3.26 - Code Sector)
Toolbox (HKLM-x32\...\{292F0F52-B62D-4E71-921B-89A682402201}) (Version: 140.0.596.000 - Hewlett-Packard) Hidden
TrayApp (HKLM-x32\...\{CD31E63D-47FD-491C-8117-CF201D0AFAB5}) (Version: 140.0.297.000 - Hewlett-Packard) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.11 - VideoLAN)
WebReg (HKLM-x32\...\{8EE94FD8-5F52-4463-A340-185D16328158}) (Version: 140.0.297.017 - Hewlett-Packard) Hidden
WhatsApp (HKU\S-1-5-21-2889404154-267517090-4050638038-1001\...\WhatsApp) (Version: 2.2037.6 - WhatsApp)
WinRAR 5.90 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.90.0 - win.rar GmbH)
Zoom (HKU\S-1-5-21-2889404154-267517090-4050638038-1001\...\ZoomUMX) (Version: 4.6 - Zoom Video Communications, Inc.)

Packages:
=========
Acrobat Notification Client -> C:\Program Files\WindowsApps\AcrobatNotificationClient_1.0.4.0_x86__e1rzdqpraam7r [2020-04-17] (Adobe Systems Incorporated)
Adobe Notification Client -> C:\Program Files\WindowsApps\AdobeNotificationClient_2.0.1.8_x86__enpm4xejd91yc [2020-08-17] (Adobe Systems Incorporated)
Centro de comando de gráficos Intel® -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.2765.0_x64__8j3eq9eme6ctt [2020-08-27] (INTEL CORP) [Startup Task]
Farming Simulator 16 -> C:\Program Files\WindowsApps\GIANTSSoftware.FarmingSimulator16_1.1.2.8_x86__fa8jxm5fj0esw [2020-06-22] (GIANTS Software)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_115.1.152.0_x64__v10z8vjag6ke6 [2020-05-29] (HP Inc.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2020-04-07] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2020-04-07] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.7.8101.0_x64__8wekyb3d8bbwe [2020-08-20] (Microsoft Studios) [MS Ad]

==================== Personalizado CLSID (Lista blanca): ==============

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

CustomCLSID: HKU\S-1-5-21-2889404154-267517090-4050638038-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-F1127A27E882} -> [Creative Cloud Files] => C:\Users\dcd_9\Creative Cloud Files [2020-04-06 01:06]
CustomCLSID: HKU\S-1-5-21-2889404154-267517090-4050638038-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\dcd_9\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.19317.2\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2889404154-267517090-4050638038-1001_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> C:\Users\dcd_9\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.19317.2\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2889404154-267517090-4050638038-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Inc. -> Adobe Systems)
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\dcd_9\AppData\Local\MEGAsync\ShellExtX64.dll [2020-06-10] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\dcd_9\AppData\Local\MEGAsync\ShellExtX64.dll [2020-06-10] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\dcd_9\AppData\Local\MEGAsync\ShellExtX64.dll [2020-06-10] (Mega Limited -> )
ShellIconOverlayIdentifiers: [   AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2020-08-20] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [   AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2020-08-20] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [   AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2020-08-20] (Adobe Inc. -> )
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2020-08-20] (Adobe Inc. -> )
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2020-02-05] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\dcd_9\AppData\Local\MEGAsync\ShellExtX64.dll [2020-06-10] (Mega Limited -> )
ContextMenuHandlers1: [TeraCopy] -> {A8005AF0-D6E8-48AF-8DFA-023B1CF660A7} => C:\Program Files\TeraCopy\TeraCopyExt.dll [2016-12-07] (Code Sector -> )
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-03-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-03-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\dcd_9\AppData\Local\MEGAsync\ShellExtX64.dll [2020-06-10] (Mega Limited -> )
ContextMenuHandlers2: [TeraCopy] -> {A8005AF0-D6E8-48AF-8DFA-023B1CF660A7} => C:\Program Files\TeraCopy\TeraCopyExt.dll [2016-12-07] (Code Sector -> )
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-09-19] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\dcd_9\AppData\Local\MEGAsync\ShellExtX64.dll [2020-06-10] (Mega Limited -> )
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\dcd_9\AppData\Local\MEGAsync\ShellExtX64.dll [2020-06-10] (Mega Limited -> )
ContextMenuHandlers4: [TeraCopy] -> {A8005AF0-D6E8-48AF-8DFA-023B1CF660A7} => C:\Program Files\TeraCopy\TeraCopyExt.dll [2016-12-07] (Code Sector -> )
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2020-08-20] (Adobe Inc. -> )
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2020-02-05] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-09-19] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [TeraCopy] -> {A8005AF0-D6E8-48AF-8DFA-023B1CF660A7} => C:\Program Files\TeraCopy\TeraCopyExt.dll [2016-12-07] (Code Sector -> )
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-03-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-03-26] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Lista blanca) ====================

==================== Accesos directos & WMI ========================

==================== Módulos cargados (Lista blanca) =============

2020-02-05 00:21 - 2020-02-05 00:21 - 000010240 _____ () [Archivo no firmado] C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\locale\es_es\acrotray.esp
2020-04-09 18:08 - 2017-03-14 16:51 - 001714688 _____ () [Archivo no firmado] C:\Program Files\TeraCopy\TeraCopy64.dll
2020-02-05 00:21 - 2020-02-05 00:21 - 000021504 _____ (Adobe Systems Inc.) [Archivo no firmado] C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\locale\es_es\Acrobat Elements\ContextMenuShim64.esp
2010-08-06 11:15 - 2010-08-06 11:15 - 000071680 _____ (Hewlett-Packard) [Archivo no firmado] c:\windows\system32\hpzinw12.dll
2010-08-06 11:15 - 2010-08-06 11:15 - 000089600 _____ (Hewlett-Packard) [Archivo no firmado] c:\windows\system32\hpzipm12.dll
2020-04-28 05:05 - 2020-04-28 05:05 - 006164600 _____ (The Qt Company Oy -> The Qt Company Ltd.) [Archivo no firmado] C:\Users\dcd_9\AppData\Local\MEGAsync\Qt5Core.dll

==================== Alternate Data Streams (Lista blanca) ========

==================== Modo Seguro (Lista blanca) ==================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El "AlternateShell" será restaurado.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Asociación (Lista blanca) =================

==================== Internet Explorer (Lista blanca) ==========

HKU\S-1-5-21-2889404154-267517090-4050638038-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://go.microsoft.com/fwlink/p/?LinkId=620947&OCID=AVRES000&pc=UE00
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2020-09-16] (Microsoft Corporation -> Microsoft Corporation)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2020-02-05] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2020-02-05] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2020-09-16] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_261\bin\ssv.dll [2020-08-15] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2020-02-05] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_261\bin\jp2ssv.dll [2020-08-15] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2020-02-05] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2020-02-05] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2020-02-05] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-09-16] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-09-16] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-09-16] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-09-16] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-09-16] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-09-16] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-09-16] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-09-16] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts contenido: =========================

(Si es necesario, la directiva Hosts: puede ser incluida en el fixlist para restablecer Hosts.)

2019-03-19 06:49 - 2020-06-08 06:40 - 000000853 _____ C:\Windows\system32\drivers\etc\hosts
0.0.0.0 www.airexplorer.net

==================== Otras Áreas ===========================

(Actualmente no existe una corrección automática para esta sección.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\IBM\SPSS\Statistics\25\JRE\bin
HKU\S-1-5-21-2889404154-267517090-4050638038-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\dcd_9\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\nier automata 2.jpg
DNS Servers: 80.58.61.254 - 80.58.61.250
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Firewall de Windows está habilitado.

==================== MSCONFIG/TASK MANAGER elementos deshabilitados ==

(Si una entrada es incluida en el fixlist, será eliminada.)

HKLM\...\StartupApproved\StartupFolder: => "HP Digital Imaging Monitor.lnk"
HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKLM\...\StartupApproved\Run32: => "HP Software Update"
HKU\S-1-5-21-2889404154-267517090-4050638038-1001\...\StartupApproved\StartupFolder: => "Enviar a OneNote.lnk"
HKU\S-1-5-21-2889404154-267517090-4050638038-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2889404154-267517090-4050638038-1001\...\StartupApproved\Run: => "com.squirrel.Teams.Teams"
HKU\S-1-5-21-2889404154-267517090-4050638038-1001\...\StartupApproved\Run: => "CCXProcess"

==================== Reglas de firewall (Lista blanca) ================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

FirewallRules: [{55F39F84-4540-4366-A64C-18546BAD7D5C}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{FCE85657-86D2-4BA0-B612-6AF6022E7DA6}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{79E83819-D479-4348-AFBB-12E11CC9DB2C}] => (Allow) LPort=8318
FirewallRules: [{27C87623-A975-4F62-9A39-BD0546505366}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{08C6AAB3-A819-41A5-AD20-3642BA52DD53}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{5A5C2B50-2DDD-4352-8D73-039E0DF7932C}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{0F019902-DF2C-4D2D-87AD-5A2CE0D4D055}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{A6571A01-7F61-4C24-BF06-E6961C028071}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{E3BD07A7-48C8-40FE-997A-863B688EF3C3}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{9559F727-5AFC-4A9B-B78A-94EA4A9A15AE}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => Ningún archivo
FirewallRules: [{6D718965-AF39-42DA-9D73-4C15BBC8869E}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => Ningún archivo
FirewallRules: [{8A25BDFB-0DC7-433B-B684-DED4D464B411}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{DB021BAB-4744-4AEE-8335-0298DA381183}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{75323ECD-DC03-4FA5-A59C-C4D3AE92E1E4}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\25\stats.exe (IBM -> IBM Corp.) [Archivo no firmado]
FirewallRules: [{95A51C12-946F-458A-A205-5A36E7266DE9}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\25\stats.com (IBM -> IBM Corp.) [Archivo no firmado]
FirewallRules: [{4C562BB0-2BEE-438B-9A24-FE33A594AD1F}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\25\WinWrapIDE.exe (IBM -> IBM Corp.) [Archivo no firmado]
FirewallRules: [{07451F04-3C55-421A-9379-33DD5C0244AD}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\25\stats.exe (IBM -> IBM Corp.) [Archivo no firmado]
FirewallRules: [{923EC441-833C-4262-B31C-E0FC44F1717F}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\25\stats.com (IBM -> IBM Corp.) [Archivo no firmado]
FirewallRules: [{374F4C8B-04CD-4803-B364-D16F60BCFC38}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\25\WinWrapIDE.exe (IBM -> IBM Corp.) [Archivo no firmado]
FirewallRules: [{E2ABE012-2ADA-4006-89E4-92457AE1B501}] => (Block) C:\Program Files\IBM\SPSS\Statistics\25\licenseactivator.exe (IBM Corp.) [Archivo no firmado]
FirewallRules: [{56C3B53B-0A40-49A5-827E-B63F83F4E54E}] => (Block) C:\Program Files\IBM\SPSS\Statistics\25\licenseactivator.exe (IBM Corp.) [Archivo no firmado]
FirewallRules: [TCP Query User{B7111461-684E-41DF-B2A1-7B2C606862F4}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{A90248B4-491D-43D0-939D-16C29686E022}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{5D15746E-631D-403E-AE2E-37DD4535D561}] => (Allow) C:\Users\dcd_9\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{CDA417FF-6285-49B2-9A6E-902D5E320286}] => (Allow) C:\Users\dcd_9\AppData\Roaming\Zoom\bin\airhost.exe => Ningún archivo
FirewallRules: [{529D8833-994C-4F26-97AE-9B55FD068D22}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe () [Archivo no firmado]
FirewallRules: [{8F247AAB-2F2B-47F4-B27E-8C55BE6E67D6}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe () [Archivo no firmado]
FirewallRules: [{DB0D51B6-611A-4944-9809-06604D43ED23}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{4498D12B-DBE6-4F64-8D25-239B1966B0E7}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{BEF30C21-8D07-4285-964A-FD6004E93992}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{897132E6-5916-48DA-845C-B937ACCE3316}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{F41937EC-687C-48AC-B387-202FD194A96B}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{EA87E815-1E67-43E3-A3ED-22BAC23BB8B8}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{139D5CE8-DD8B-4A35-BC1A-26B734E44BB4}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{60D30D5A-0A42-4315-BCEA-86606B1706FD}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{996CCAD4-80F3-47B6-A9F2-0D4ABB5035CE}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{DC88A36C-DFA0-4BE2-A1A8-7B686EE7FA31}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)

==================== Puntos de Restauración =========================

14-09-2020 21:06:24 ZHPcleaner
19-09-2020 02:24:51 ZHPcleaner

==================== Dispositivos defectuosos en el Administrador de dispositivos ============


==================== Errores del registro de eventos: ========================

Errores de aplicación:
==================
Error: (09/19/2020 03:27:11 AM) (Source: CertEnroll) (EventID: 87) (User: NT AUTHORITY)
Description: Error en la inscripción de certificados de SCEP para WORKGROUP\DESKTOP-12LII22$ a través de https://IFX-KeyId-5c2920742179bc704db1d8c54c34ca94405617ca.microsoftaik.azure.net/templates/Aik/scep:

SubmitDone
Submit(Request): Bad Request
{"Message":"Attestation statement cannot be verified, rejecting request. TPM firmware needs update."}
HTTP/1.1 400 Bad Request
Date: Sat, 19 Sep 2020 01:27:12 GMT
Content-Length: 101
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: ec32aef2-7fbf-4c39-b304-fb57d0fac40f

Método: POST(9094ms)
Fase: SubmitDone
Solicitud incorrecta (400). 0x80190190 (-2145844848 HTTP_E_STATUS_BAD_REQUEST)

Error: (09/19/2020 03:24:42 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Error del Servicio de instantáneas de volumen: error inesperado al llamar a la rutina CoCreateInstance. HR = 0x8007045b, Se está cerrando el sistema.
.

Error: (09/19/2020 03:24:42 AM) (Source: VSS) (EventID: 13) (User: )
Description: Información del Servicio de instantáneas de volumen: el servidor COM con CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} y el nombre CEventSystem no puede iniciarse. [0x8007045b, Se está cerrando el sistema.
]

Error: (09/19/2020 02:11:28 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: El programa AcrobatNotificationClient.exe (versión 0.0.0.0) dejó de interactuar con Windows y se cerró. Para ver si hay más información disponible sobre el problema, comprueba el historial de problemas en el panel de control de seguridad y mantenimiento.

Id. de proceso: 2794

Hora de Inicio: 01d68e1940643e2b

Hora de finalización: 4294967295

Ruta de la aplicación: C:\Program Files\WindowsApps\AcrobatNotificationClient_1.0.4.0_x86__e1rzdqpraam7r\AcrobatNotificationClient.exe

Id. de informe: 385d20db-fe41-4c49-be68-d31ee78de277

Nombre completo del paquete con errores: AcrobatNotificationClient_1.0.4.0_x86__e1rzdqpraam7r

Id. de la aplicación relativa al paquete con errores: App

Tipo de bloqueo: Quiesce

Error: (09/19/2020 02:06:33 AM) (Source: CertEnroll) (EventID: 87) (User: NT AUTHORITY)
Description: Error en la inscripción de certificados de SCEP para WORKGROUP\DESKTOP-12LII22$ a través de https://IFX-KeyId-5c2920742179bc704db1d8c54c34ca94405617ca.microsoftaik.azure.net/templates/Aik/scep:

SubmitDone
Submit(Request): Bad Request
{"Message":"Attestation statement cannot be verified, rejecting request. TPM firmware needs update."}
HTTP/1.1 400 Bad Request
Date: Sat, 19 Sep 2020 00:06:32 GMT
Content-Length: 101
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: e19ac9dc-0092-4984-904e-330e30c01755

Método: POST(5890ms)
Fase: SubmitDone
Solicitud incorrecta (400). 0x80190190 (-2145844848 HTTP_E_STATUS_BAD_REQUEST)

Error: (09/19/2020 02:04:09 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Error del Servicio de instantáneas de volumen: error inesperado al llamar a la rutina CoCreateInstance. HR = 0x8007045b, Se está cerrando el sistema.
.

Error: (09/19/2020 02:04:09 AM) (Source: VSS) (EventID: 13) (User: )
Description: Información del Servicio de instantáneas de volumen: el servidor COM con CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} y el nombre CEventSystem no puede iniciarse. [0x8007045b, Se está cerrando el sistema.
]

Error: (09/19/2020 02:04:09 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Error del Servicio de instantáneas de volumen: error inesperado al llamar a la rutina CoCreateInstance. HR = 0x8007045b, Se está cerrando el sistema.
.


Errores del sistema:
=============
Error: (09/19/2020 03:31:10 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-12LII22)
Description: El servidor Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca no se registró con DCOM dentro del tiempo de espera requerido.

Error: (09/19/2020 03:28:15 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-12LII22)
Description: El servidor Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca no se registró con DCOM dentro del tiempo de espera requerido.

Error: (09/19/2020 02:36:06 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-12LII22)
Description: El servidor Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca no se registró con DCOM dentro del tiempo de espera requerido.

Error: (09/19/2020 02:10:59 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-12LII22)
Description: El servidor Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca no se registró con DCOM dentro del tiempo de espera requerido.

Error: (09/19/2020 02:09:44 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: El servicio Administrador de mapas descargados no respondió después de iniciar.

Error: (09/19/2020 02:08:04 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-12LII22)
Description: El servidor Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca no se registró con DCOM dentro del tiempo de espera requerido.

Error: (09/19/2020 02:04:12 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: El módulo de extensibilidad de WLAN se detuvo inesperadamente.

Ruta de acceso del módulo: C:\Windows\system32\IntelIHVRouter04.dll

Error: (09/19/2020 02:04:12 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: El módulo de extensibilidad de WLAN se detuvo inesperadamente.

Ruta de acceso del módulo: C:\Windows\system32\IntelIHVRouter04.dll


Windows Defender:
===================================
Date: 2020-09-19 03:28:21.348
Description: 
El acceso controlado a carpetas impidió que C:\Program Files\CCleaner\CCleaner64.exe realizara cambios en la memoria.
Tiempo de detección: 2020-09-19T01:28:21.320Z
Usuario: DESKTOP-12LII22\dcd_9
Ruta de acceso: \Device\Harddisk0\DR0
Nombre del proceso: C:\Program Files\CCleaner\CCleaner64.exe
Versión de inteligencia de seguridad: 1.323.1442.0
Versión del motor: 1.1.17400.5
Versión del producto: 4.18.2008.9

Date: 2020-09-19 02:08:21.563
Description: 
El acceso controlado a carpetas impidió que C:\Program Files\CCleaner\CCleaner64.exe realizara cambios en la memoria.
Tiempo de detección: 2020-09-19T00:08:21.558Z
Usuario: DESKTOP-12LII22\dcd_9
Ruta de acceso: \Device\Harddisk0\DR0
Nombre del proceso: C:\Program Files\CCleaner\CCleaner64.exe
Versión de inteligencia de seguridad: 1.323.1442.0
Versión del motor: 1.1.17400.5
Versión del producto: 4.18.2008.9

Date: 2020-09-19 01:33:01.485
Description: 
El acceso controlado a carpetas impidió que C:\Program Files\CCleaner\CCUpdate.exe realizara cambios en la memoria.
Tiempo de detección: 2020-09-18T23:33:01.484Z
Usuario: DESKTOP-12LII22\dcd_9
Ruta de acceso: \Device\Harddisk0\DR0
Nombre del proceso: C:\Program Files\CCleaner\CCUpdate.exe
Versión de inteligencia de seguridad: 1.323.1437.0
Versión del motor: 1.1.17400.5
Versión del producto: 4.18.2008.9

Date: 2020-09-19 01:31:12.762
Description: 
El acceso controlado a carpetas impidió que D:\Descargas\ccsetup568.exe realizara cambios en la memoria.
Tiempo de detección: 2020-09-18T23:31:12.746Z
Usuario: DESKTOP-12LII22\dcd_9
Ruta de acceso: \Device\Harddisk0\DR0
Nombre del proceso: D:\Descargas\ccsetup568.exe
Versión de inteligencia de seguridad: 1.323.1437.0
Versión del motor: 1.1.17400.5
Versión del producto: 4.18.2008.9

Date: 2020-09-18 00:07:23.149
Description: 
El examen de Antivirus de Windows Defender se detuvo antes de completarse.
Id. de examen: {4E05AA46-AA45-4A78-966C-9C2A3F9507CD}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM

Date: 2020-09-10 16:22:09.292
Description: 
Antivirus de Windows Defender detectó un error al intentar actualizar la inteligencia de seguridad.
Nueva versión de inteligencia de seguridad: 
Versión anterior de inteligencia de seguridad: 1.323.822.0
Origen de actualización: Servidor de Microsoft Update
Tipo de inteligencia de seguridad: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\SYSTEM
Versión actual del motor: 
Versión anterior del motor: 1.1.17400.5
Código de error: 0x80240016
Descripción del error: Se produjo un problema inesperado mientras se buscaban actualizaciones. Para obtener más información sobre cómo instalar o solucionar problemas en las actualizaciones, consulte Ayuda y soporte técnico. 

CodeIntegrity:
===================================

Date: 2020-09-19 03:25:55.727
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\spoolsv.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\AdobePDF.dll that did not meet the Unchecked signing level requirements.

Date: 2020-09-19 02:05:25.508
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\spoolsv.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\AdobePDF.dll that did not meet the Unchecked signing level requirements.

Date: 2020-09-19 01:45:16.784
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\spoolsv.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\AdobePDF.dll that did not meet the Unchecked signing level requirements.

Date: 2020-09-14 21:22:57.798
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\spoolsv.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\AdobePDF.dll that did not meet the Unchecked signing level requirements.

Date: 2020-09-10 23:58:06.143
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\spoolsv.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\AdobePDF.dll that did not meet the Unchecked signing level requirements.

Date: 2020-09-10 02:00:59.058
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\spoolsv.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\AdobePDF.dll that did not meet the Unchecked signing level requirements.

Date: 2020-09-10 00:36:04.273
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\spoolsv.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\AdobePDF.dll that did not meet the Unchecked signing level requirements.

Date: 2020-08-25 16:39:34.733
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\spoolsv.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\AdobePDF.dll that did not meet the Unchecked signing level requirements.

==================== Información de la memoria =========================== 

BIOS: TOSHIBA Version 7.60 11/02/2016
Placa base: TOSHIBA SATELLITE PRO R50-C
Procesador: Intel(R) Core(TM) i3-6006U CPU @ 2.00GHz
Porcentaje de memoria en uso: 43%
RAM física total: 8123.81 MB
RAM física disponible: 4559.8 MB
Virtual total: 14523.81 MB
Virtual disponible: 10559.42 MB

==================== Unidades ================================

Drive c: () (Fixed) (Total:324.44 GB) (Free:257.79 GB) NTFS
Drive d: (Datos) (Fixed) (Total:606.44 GB) (Free:571.62 GB) NTFS

\\?\Volume{8e3f1096-cba4-4317-a840-39b1247fade4}\ (Recuperación) (Fixed) (Total:0.52 GB) (Free:0.07 GB) NTFS
\\?\Volume{b2576818-bbe6-411f-8f34-83acda794be9}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Tabla de particiones ====================

==========================================================
Disk: 0 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)

Partition: GPT.

==================== Final de Addition.txt =======================

El FRST lo he partido en dos (mensajes 9 y 10 del hilo) porque no cabía en la extensión máxima permitida por post.

Espero haber seguido todos los pasos bien y no haber dejado nada en el tintero…

¡Muchas gracias de nuevo!

Hola

En el reporte de Malwarebytes dice que no se tomaron acciones por parte del usuario, mandaste a cuarentena lo que detectó? Si no es así vuelve a ejecutar Malwarebytes y elimina lo que encuentre.

FRST lo descargas te y ejecutante desde la unidad D y carpeta de descargas, tienes que hacerlo desde la unidad principal C y que esté en el escritorio fuera de ninguna carpeta.

Cuando tengas los reportes los vuelves a poner.

Un saludo

1 me gusta

@Daniela ¡Hola de nuevo!

Cierto, pasé FIRST desde Descargas, pero me di cuenta del error y borré los posts, lo que pasa es que los nuevos archivos los nombra con una “®” en el nombre y no me di cuenta y volví a postear los mismos :sweat_smile:

Aquí pongo los buenos:

Resultado del análisis realizado por Farbar Recovery Scan Tool (FRST) (x64) Versión: 19-09-2020
Ejecutado por dcd_9 (administrador) sobre DESKTOP-12LII22 (TOSHIBA SATELLITE PRO R50-C) (19-09-2020 16:19:20)
Ejecutado desde C:\Users\dcd_9\OneDrive\Desktop
Perfiles cargados: dcd_9
Platform: Windows 10 Pro Versión 1909 18363.1082 (X64) Idioma: Español (España, internacional)
Navegador predeterminado: Chrome
Modo de Inicio: Normal
Tutorial para Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Procesos (Lista blanca) =================

(Si una entrada es incluida en el fixlist, el proceso será cerrado. El archivo no será movido.)

(Adobe Inc. -> Adobe Inc) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Inc. -> Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\acrotray.exe
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe <2>
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Adobe Systems Incorporated) C:\Program Files\WindowsApps\AcrobatNotificationClient_1.0.4.0_x86__e1rzdqpraam7r\AcrobatNotificationClient.exe
(Code Sector -> Code Sector) C:\Program Files\TeraCopy\TeraCopyService.exe
(Dynabook Inc. -> Dynabook Inc.) C:\Windows\System32\DriverStore\FileRepository\thpevm.inf_amd64_fbe1ecd1798ba35b\dynabookHDDProtection.exe
(Dynabook Inc. -> Dynabook Inc.) C:\Windows\System32\DriverStore\FileRepository\tossrvctl.inf_amd64_394009051d127e50\DSDFunctionKeyCtlService.exe <2>
(Dynabook Inc. -> Dynabook Inc.) C:\Windows\System32\DriverStore\FileRepository\tossrvctl.inf_amd64_394009051d127e50\dynabookSystemService.exe
(Dynabook Inc. -> Dynabook Inc.) C:\Windows\System32\DriverStore\FileRepository\tossrvctl.inf_amd64_394009051d127e50\RMService.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <23>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler64.exe
(Intel(R) pGFX 2020 -> ) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_cf129e457c51e71b\OneApp.IGCC.WinService.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_0ff9f497187b8bed\igfxCUIService.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_0ff9f497187b8bed\igfxEM.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_020c2c7d3ac4a7d3\IntelCpHDCPSvc.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_020c2c7d3ac4a7d3\IntelCpHeciSvc.exe
(Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Mega Limited -> Mega Limited) C:\Users\dcd_9\AppData\Local\MEGAsync\MEGAsync.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SecurityHealthHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2008.9-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe <2>
(Node.js Foundation -> Node.js) C:\Program Files\Adobe\Adobe Creative Cloud Experience\libs\node.exe
(Open Source Developer, Robin Krom -> Greenshot) C:\Program Files\Greenshot\Greenshot.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <7>
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\steam.exe

==================== Registro (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.)

HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3022416 2020-03-04] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [Greenshot] => C:\Program Files\Greenshot\Greenshot.exe [527792 2017-08-09] (Open Source Developer, Robin Krom -> Greenshot)
HKLM\...\Run: [WindowsDefender] => "%ProgramFiles%\Windows Defender\MSASCuiL.exe"
HKLM-x32\...\Run: [TeamsMachineInstaller] => C:\Program Files (x86)\Teams Installer\Teams.exe [97509120 2020-01-03] (Microsoft Corporation -> Microsoft Corporation)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2091064 2020-07-17] (Adobe Inc. -> Adobe Inc.)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [5314096 2020-02-05] (Adobe Inc. -> Adobe Systems Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard Company -> Hewlett-Packard)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [710264 2020-06-18] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [114824 2020-06-06] (Adobe Inc. -> )
HKU\S-1-5-21-2889404154-267517090-4050638038-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\dcd_9\AppData\Local\Microsoft\Teams\Update.exe [2324624 2020-04-05] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-2889404154-267517090-4050638038-1001\...\Run: [CCXProcess] => C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [677512 2020-09-01] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-2889404154-267517090-4050638038-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3395360 2020-09-04] (Valve -> Valve Corporation)
HKU\S-1-5-21-2889404154-267517090-4050638038-1001\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [5557296 2020-02-05] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-2889404154-267517090-4050638038-1001\...\Run: [09C5EF2B9223BF97CCA89F0E2688E220D5BA0720._service_run] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=service /prefetch:8
HKU\S-1-5-21-2889404154-267517090-4050638038-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [28990136 2020-06-17] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-2889404154-267517090-4050638038-1001\...\Run: [GoogleChromeAutoLaunch_2A1DD5A7C9FE5CA32A8A08411741386C] => "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5
HKU\S-1-5-21-2889404154-267517090-4050638038-1001\...\RunOnce: [Application Restart #1] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe  --flag-switches-begin --flag-switches-end --enable-audio-service-sandbox --restore-last-session --flag-switches-begin --flag-switches-end - (la entrada de datos tiene 102 más caracteres).
HKLM\...\Windows x64\Print Processors\hpfpp70v: C:\Windows\System32\spool\prtprocs\x64\hpfpp70v.dll [248320 2009-04-16] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Corporation)
HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\Windows\system32\AdobePDF.dll [65488 2020-02-05] (Adobe Inc. -> Adobe Systems Inc)
HKLM\...\Print\Monitors\hpf3l70v.dll: C:\Windows\system32\hpf3l70v.dll [136704 2009-04-16] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Company)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\85.0.4183.102\Installer\chrmstp.exe [2020-09-10] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2020-05-07]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett Packard -> Hewlett-Packard Co.)
Startup: C:\Users\dcd_9\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Enviar a OneNote.lnk [2020-09-06]
ShortcutTarget: Enviar a OneNote.lnk -> C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
Startup: C:\Users\dcd_9\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk [2020-06-26]
ShortcutTarget: MEGAsync.lnk -> C:\Users\dcd_9\AppData\Local\MEGAsync\MEGAsync.exe (Mega Limited -> Mega Limited)
GroupPolicy: Restricción ? <==== ATENCIÓN

==================== Tareas programadas (Lista blanca) ============

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

Task: {1DCF731B-343D-42EC-BAE6-B7985CD22F75} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2008.9-0\MpCmdRun.exe [525032 2020-08-29] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {1F1DB053-4E23-4E5A-B45D-79C4C547E853} - System32\Tasks\MEGA\MEGAsync Update Task S-1-5-21-2889404154-267517090-4050638038-1001 => C:\Users\dcd_9\AppData\Local\MEGAsync\MEGAupdater.exe [1818360 2020-06-10] (Mega Limited -> Mega Limited)
Task: {20A0EC34-D218-4C80-B0E9-6D2931F0D90A} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [126152 2020-04-10] (Mozilla Corporation -> Mozilla Foundation)
Task: {318F9ECB-A987-4C71-99A1-AD2387BF4F62} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3022416 2020-03-04] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {399433D3-6B5C-4576-BE3D-8FB92947A563} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2008.9-0\MpCmdRun.exe [525032 2020-08-29] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {428C32F3-C01A-4A6D-88FE-606AB0B8E233} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [145768 2020-09-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {44B9D8E7-5707-4301-B425-BD3E273A1DF6} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2020-06-17] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {55A996B9-8505-47E4-B8C9-5391B648B34F} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1683344 2020-09-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {55FE09AE-F40B-42BB-A168-068CC068B39A} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22764408 2020-09-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {6B0946D7-12B7-4C6B-A39D-CBD4D2F58B1A} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [3617568 2020-03-30] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {8BA097EA-7E94-4FC7-8FF4-10BB94B785A2} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2008.9-0\MpCmdRun.exe [525032 2020-08-29] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {94976531-E179-45E0-90B3-C0042A8A76D8} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [24584376 2020-06-17] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {A4A605D5-EB00-4204-ADB3-59714B30271B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-04-09] (Google LLC -> Google LLC)
Task: {B02648F5-1895-44EA-B29D-211FA2A8058F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-04-09] (Google LLC -> Google LLC)
Task: {B8A209C9-3D45-46D9-AF0A-23F1889E20AD} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [5057952 2020-09-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {B9220838-3A74-45F6-9942-B3DCF2D4473D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-09-08] (Adobe Inc. -> Adobe)
Task: {C52DA16F-CA59-4326-B3BE-29C02C9F53D6} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_433_pepper.exe [1497656 2020-09-08] (Adobe Inc. -> Adobe)
Task: {D44EBD61-8649-4356-A2D4-F7F1FD4F8052} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [145768 2020-09-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {DA186097-7FFC-4460-A86F-6BE6412978C7} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [5057952 2020-09-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {E4A9083B-99AD-4CE6-84C1-52D7B56379D9} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22764408 2020-09-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {E66DB9BE-5B28-4874-8E62-8CA6AC893ED2} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1336400 2020-07-08] (Adobe Inc. -> Adobe Inc.)
Task: {F6A3DC73-624F-4BAF-8766-1CD6E817C6F7} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2008.9-0\MpCmdRun.exe [525032 2020-08-29] (Microsoft Windows Publisher -> Microsoft Corporation)

(Si una entrada es incluida en el fixlist, el archivo de tarea (.job) será movido. El archivo que está siendo ejecutado por la tarea no será movido.)


==================== Internet (Lista blanca) ====================

(Si un elemento es incluido en el fixlist, y éste pertenece al registro, será eliminado o restaurado a su valor predeterminado.)

Hosts: 0.0.0.0 www.airexplorer.net
Tcpip\Parameters: [DhcpNameServer] 80.58.61.254 80.58.61.250
Tcpip\..\Interfaces\{99d30504-dd6c-4e21-b076-69d794e3f960}: [DhcpNameServer] 80.58.61.254 80.58.61.250

Edge: 
======
Edge Profile: C:\Users\dcd_9\AppData\Local\Microsoft\Edge\User Data\Default [2020-09-19]

FireFox:
========
FF DefaultProfile: 864lz2yc.default
FF ProfilePath: C:\Users\dcd_9\AppData\Roaming\Mozilla\Firefox\Profiles\864lz2yc.default [2020-04-05]
FF ProfilePath: C:\Users\dcd_9\AppData\Roaming\Mozilla\Firefox\Profiles\6aqac050.default-release [2020-09-19]
FF Homepage: Mozilla\Firefox\Profiles\6aqac050.default-release -> www.google.es/
FF Extension: (Browsec VPN - Free and Unlimited VPN) - C:\Users\dcd_9\AppData\Roaming\Mozilla\Firefox\Profiles\6aqac050.default-release\Extensions\[email protected] [2020-04-05]
FF Extension: (Tampermonkey) - C:\Users\dcd_9\AppData\Roaming\Mozilla\Firefox\Profiles\6aqac050.default-release\Extensions\[email protected] [2020-04-11]
FF Extension: (El Camelizer) - C:\Users\dcd_9\AppData\Roaming\Mozilla\Firefox\Profiles\6aqac050.default-release\Extensions\[email protected] [2020-04-05]
FF Extension: (Hola Free VPN Proxy Unblocker) - C:\Users\dcd_9\AppData\Roaming\Mozilla\Firefox\Profiles\6aqac050.default-release\Extensions\[email protected] [2020-04-20]
FF Extension: (I don't care about cookies) - C:\Users\dcd_9\AppData\Roaming\Mozilla\Firefox\Profiles\6aqac050.default-release\Extensions\[email protected] [2020-04-20]
FF Extension: (uBlock Origin) - C:\Users\dcd_9\AppData\Roaming\Mozilla\Firefox\Profiles\6aqac050.default-release\Extensions\[email protected] [2020-04-08]
FF Extension: (Buscar imagen en Google) - C:\Users\dcd_9\AppData\Roaming\Mozilla\Firefox\Profiles\6aqac050.default-release\Extensions\{466147da-7e04-41ab-bb22-fd192370262e}.xpi [2020-04-05]
FF Extension: (Open image in a new tab) - C:\Users\dcd_9\AppData\Roaming\Mozilla\Firefox\Profiles\6aqac050.default-release\Extensions\{7276f3bb-de56-4b5a-b940-88b62731d409}.xpi [2020-04-05]
FF Extension: (Adblock Plus - bloqueador de anuncios gratis) - C:\Users\dcd_9\AppData\Roaming\Mozilla\Firefox\Profiles\6aqac050.default-release\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2020-04-05]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Extension: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2020-02-04]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-09-16] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2020-07-17] (Adobe Inc. -> Adobe Systems)
FF Plugin-x32: @java.com/DTPlugin,version=11.261.2 -> C:\Program Files (x86)\Java\jre1.8.0_261\bin\dtplugin\npDeployJava1.dll [2020-08-15] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.261.2 -> C:\Program Files (x86)\Java\jre1.8.0_261\bin\plugin2\npjp2.dll [2020-08-15] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2020-09-16] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2020-09-16] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=3.0.10 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.11 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2020-02-05] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2020-07-17] (Adobe Inc. -> Adobe Systems)
FF Plugin HKU\S-1-5-21-2889404154-267517090-4050638038-1001: @zoom.us/ZoomVideoPlugin -> C:\Users\dcd_9\AppData\Roaming\Zoom\bin\npzoomplugin.dll [2020-04-26] (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)

Chrome: 
=======
CHR Profile: C:\Users\dcd_9\AppData\Local\Google\Chrome\User Data\Default [2020-09-19]
CHR Notifications: Default -> hxxps://forospyware.com; hxxps://meet.google.com; hxxps://pacot.es; hxxps://tinder.com; hxxps://www.youtube.com
CHR HomePage: Default -> hxxp://www.google.es/
CHR StartupUrls: Default -> "hxxp://www.google.es/"
CHR NewTab: Default ->  Active:"chrome-extension://llaficoajjainaijghjlofdfmbjpebpa/newtab.html"
CHR Extension: (Flash Video Downloader) - C:\Users\dcd_9\AppData\Local\Google\Chrome\User Data\Default\Extensions\aiimdkdngfcipjohbjenkahhlhccpdbc [2020-09-19]
CHR Extension: (Flash Video Downloader Plus) - C:\Users\dcd_9\AppData\Local\Google\Chrome\User Data\Default\Extensions\alfnggielnhdpdamedeokgppcilgainm [2020-09-19]
CHR Extension: (That is Worth) - C:\Users\dcd_9\AppData\Local\Google\Chrome\User Data\Default\Extensions\apcjfffnnlfkhfilnooghekpobiadgmd [2020-09-19]
CHR Extension: (Adblock Plus - bloqueador de anuncios gratis) - C:\Users\dcd_9\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2020-09-19]
CHR Extension: (Descargador de Vídeo Vimeo) - C:\Users\dcd_9\AppData\Local\Google\Chrome\User Data\Default\Extensions\cgpbghdbejagejmciefmekcklikpoeel [2020-09-19]
CHR Extension: (uBlock Origin) - C:\Users\dcd_9\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2020-09-19]
CHR Extension: (Tampermonkey) - C:\Users\dcd_9\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2020-09-19]
CHR Extension: (Adobe Acrobat) - C:\Users\dcd_9\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2020-09-19]
CHR Extension: (GoFullPage - Full Page Screen Capture) - C:\Users\dcd_9\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdpohaocaechififmbbbbbknoalclacl [2020-09-19]
CHR Extension: (Gyazo) - C:\Users\dcd_9\AppData\Local\Google\Chrome\User Data\Default\Extensions\ffdaeeijbbijklfcpahbghahojgfgebo [2020-09-19]
CHR Extension: (I don't care about cookies) - C:\Users\dcd_9\AppData\Local\Google\Chrome\User Data\Default\Extensions\fihnjjcciajhdojfnbdddfaoknhalnja [2020-09-19]
CHR Extension: (EditThisCookie) - C:\Users\dcd_9\AppData\Local\Google\Chrome\User Data\Default\Extensions\fngmhnnpilhplaeedifhccceomclgfbg [2020-09-19]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\dcd_9\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-09-19]
CHR Extension: (Hola Free VPN Proxy Unblocker - Best VPN) - C:\Users\dcd_9\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio [2020-09-19]
CHR Extension: (Google Search \) - C:\Users\dcd_9\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgngncnljacgakaiifjcgdnknaglfipo [2020-09-19]
CHR Extension: (Windscribe - Free Proxy and Ad Blocker) - C:\Users\dcd_9\AppData\Local\Google\Chrome\User Data\Default\Extensions\hnmpcagpplmpfojmgmnngilcnanddlhb [2020-09-19]
CHR Extension: (EverSync - Sync bookmarks, backup favorites) - C:\Users\dcd_9\AppData\Local\Google\Chrome\User Data\Default\Extensions\iohcojnlgnfbmjfjfkbhahhmppcggdog [2020-09-19]
CHR Extension: (Video Blocker) - C:\Users\dcd_9\AppData\Local\Google\Chrome\User Data\Default\Extensions\jknkjnpcbbgcbdbaampbjlhkcghmgfhk [2020-09-19]
CHR Extension: (Ver Imagen) - C:\Users\dcd_9\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpcmhcelnjdmblfmjabdeclccemkghjk [2020-09-19]
CHR Extension: (Player para ver Movistar+) - C:\Users\dcd_9\AppData\Local\Google\Chrome\User Data\Default\Extensions\kenfcfndncbbggmafjjeihkdclggbojn [2020-09-19]
CHR Extension: (Zoom Scheduler) - C:\Users\dcd_9\AppData\Local\Google\Chrome\User Data\Default\Extensions\kgjfgplpablkjnlkjmjdecgdpfankdle [2020-09-19]
CHR Extension: (imgur Uploader) - C:\Users\dcd_9\AppData\Local\Google\Chrome\User Data\Default\Extensions\lcpkicdemehhmkjolekhlglljnkggfcf [2020-09-19]
CHR Extension: (Speed Dial [FVD] - New Tab Page, 3D, Sync...) - C:\Users\dcd_9\AppData\Local\Google\Chrome\User Data\Default\Extensions\llaficoajjainaijghjlofdfmbjpebpa [2020-09-19]
CHR Extension: (LightShot (la herramienta de captura de pantalla)) - C:\Users\dcd_9\AppData\Local\Google\Chrome\User Data\Default\Extensions\mbniclmhobmnbdlbpiphghaielnnpgdp [2020-09-19]
CHR Extension: (Captura de página completa - FireShot) - C:\Users\dcd_9\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbpblocgmgfnpjjppndjkmgjaogfceg [2020-09-19]
CHR Extension: (Keepa - Amazon Price Tracker) - C:\Users\dcd_9\AppData\Local\Google\Chrome\User Data\Default\Extensions\neebplgakaahbhdphmkckjjcegoiijjo [2020-09-19]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\dcd_9\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-09-19]
CHR Extension: (Browsec VPN - Free VPN for Chrome) - C:\Users\dcd_9\AppData\Local\Google\Chrome\User Data\Default\Extensions\omghfjlpggmjjaagoclmmobgdodcjboh [2020-09-19]
CHR Extension: (Chrome Media Router) - C:\Users\dcd_9\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-09-19]
CHR Extension: (Enhancer for YouTube™) - C:\Users\dcd_9\AppData\Local\Google\Chrome\User Data\Default\Extensions\ponfpcnoihfmfllpaingbgckeeldkhle [2020-09-19]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]

==================== Servicios (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169544 2020-07-08] (Adobe Inc. -> Adobe Inc.)
S3 AdobeFlashPlayerUpdateSvc; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-09-08] (Adobe Inc. -> Adobe)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [844856 2020-06-20] (Adobe Inc. -> Adobe Inc.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3374160 2020-03-04] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3103824 2020-03-04] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8838528 2020-09-04] (Microsoft Corporation -> Microsoft Corporation)
R2 DSDFunctionKeyCtlService; C:\Windows\System32\DriverStore\FileRepository\tossrvctl.inf_amd64_394009051d127e50\DSDFunctionKeyCtlService.exe [615752 2020-04-07] (Dynabook Inc. -> Dynabook Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7185288 2020-09-19] (Malwarebytes Inc -> Malwarebytes)
S2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [Archivo no firmado]
S2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [Archivo no firmado]
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [6150504 2020-09-10] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [13109264 2020-06-22] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
R2 TeraCopyService; C:\Program Files\TeraCopy\TeraCopyService.exe [110416 2017-05-05] (Code Sector -> Code Sector)
R2 TSDHDDProtectService; C:\Windows\System32\DriverStore\FileRepository\thpevm.inf_amd64_fbe1ecd1798ba35b\dynabookHDDProtection.exe [426000 2019-10-09] (Dynabook Inc. -> Dynabook Inc.)
R2 TSDSettingService; C:\Windows\System32\DriverStore\FileRepository\tossrvctl.inf_amd64_394009051d127e50\dynabookSystemService.exe [44764976 2020-04-07] (Dynabook Inc. -> Dynabook Inc.)
S2 TSDTabletControlService; C:\Windows\System32\DriverStore\FileRepository\tossrvctl.inf_amd64_394009051d127e50\TOSTABSYSSVC.exe [254264 2020-04-07] (Dynabook Inc. -> Dynabook Inc.)
R2 TSDWirelessLEDCtlService; C:\Windows\System32\DriverStore\FileRepository\tossrvctl.inf_amd64_394009051d127e50\RMService.exe [446224 2020-04-07] (Dynabook Inc. -> Dynabook Inc.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2008.9-0\NisSrv.exe [2343112 2020-08-29] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2008.9-0\MsMpEng.exe [128360 2020-08-29] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Controladores (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [231936 2020-01-09] (Microsoft Corporation) [Archivo no firmado]
R3 libusb0; C:\Windows\system32\DRIVERS\libusb0.sys [52832 2020-08-15] (Travis Lee Robinson -> hxxp://libusb-win32.sourceforge.net)
S3 libusbK; C:\Windows\System32\drivers\libusbK.sys [47928 2020-08-15] (Travis Lee Robinson -> hxxp://libusb-win32.sourceforge.net)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [217592 2020-09-19] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [19912 2020-09-19] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [248968 2020-09-19] (Malwarebytes Inc -> Malwarebytes)
R3 Thotkey; C:\Windows\System32\drivers\Thotkey.sys [47816 2019-04-30] (Dynabook Inc. -> Dynabook Inc.)
R0 Thpevm; C:\Windows\System32\drivers\Thpevm.SYS [27600 2019-10-09] (Dynabook Inc. -> Dynabook Inc.)
R3 tosrfec; C:\Windows\System32\drivers\tosrfec.sys [37808 2019-04-30] (Dynabook Inc. -> Dynabook Inc.)
R1 TosSrvCtlDrv; C:\Windows\System32\DriverStore\FileRepository\tossrvctl.inf_amd64_394009051d127e50\TosSrvCtlDrv.sys [25816 2020-04-07] (Dynabook Inc. -> Dynabook Inc.)
R0 TVALZ; C:\Windows\System32\drivers\TVALZ.SYS [45880 2020-08-01] (Dynabook Inc. -> Dynabook Inc.)
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [48520 2020-08-29] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [428256 2020-08-29] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [69856 2020-08-29] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)


==================== Un mes (creado) ===================

(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)

2020-09-19 03:32 - 2020-09-19 16:20 - 000000000 ____D C:\FRST
2020-09-19 02:29 - 2020-09-19 02:29 - 000217592 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
2020-09-19 01:52 - 2020-09-19 01:52 - 000248968 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2020-09-19 01:52 - 2020-09-19 01:52 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2020-09-19 01:52 - 2020-09-19 01:52 - 000002021 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2020-09-19 01:52 - 2020-09-19 01:52 - 000000000 ____D C:\Users\dcd_9\AppData\Local\mbam
2020-09-19 01:52 - 2020-09-19 01:51 - 000019912 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamElam.sys
2020-09-19 01:51 - 2020-09-19 01:51 - 000153312 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2020-09-19 01:51 - 2020-09-19 01:51 - 000000000 ____D C:\ProgramData\Malwarebytes
2020-09-19 01:50 - 2020-09-19 01:50 - 000000000 ____D C:\Program Files\Malwarebytes
2020-09-19 01:32 - 2020-09-19 01:32 - 000003936 _____ C:\Windows\system32\Tasks\CCleaner Update
2020-09-19 01:32 - 2020-09-19 01:32 - 000002888 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC
2020-09-19 01:32 - 2020-09-19 01:32 - 000000863 _____ C:\Users\Public\Desktop\CCleaner.lnk
2020-09-19 01:32 - 2020-09-19 01:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2020-09-19 01:32 - 2020-09-19 01:32 - 000000000 ____D C:\Program Files\CCleaner
2020-09-16 17:03 - 2020-09-16 17:03 - 000002456 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype for Business.lnk
2020-09-16 17:03 - 2020-09-16 17:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
2020-09-15 16:51 - 2020-09-15 16:51 - 000000000 ____D C:\Program Files\AutoFirma
2020-09-15 16:33 - 2020-09-15 16:41 - 000000000 ____D C:\Users\dcd_9\.fnmt
2020-09-15 16:33 - 2020-09-15 16:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ConfiguradorFnmt
2020-09-15 16:33 - 2020-09-15 16:33 - 000000000 ____D C:\Program Files\ConfiguradorFnmt
2020-09-14 20:51 - 2020-09-19 02:26 - 000000000 ____D C:\Users\dcd_9\AppData\Roaming\ZHP
2020-09-14 20:51 - 2020-09-14 20:51 - 000000000 ____D C:\Users\dcd_9\AppData\Local\ZHP
2020-09-12 02:18 - 2020-09-12 16:55 - 000000000 ____D C:\ProgramData\HitmanPro
2020-09-10 16:42 - 2020-09-10 16:42 - 025444864 _____ (Microsoft Corporation) C:\Windows\system32\Hydrogen.dll
2020-09-10 16:42 - 2020-09-10 16:42 - 019812864 _____ (Microsoft Corporation) C:\Windows\system32\HologramWorld.dll
2020-09-10 16:42 - 2020-09-10 16:42 - 005503488 _____ (Microsoft Corporation) C:\Windows\system32\cdp.dll
2020-09-10 16:42 - 2020-09-10 16:42 - 004309504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cdp.dll
2020-09-10 16:42 - 2020-09-10 16:42 - 003525608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll
2020-09-10 16:42 - 2020-09-10 16:42 - 002494752 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2020-09-10 16:42 - 2020-09-10 16:42 - 002422384 _____ (Microsoft Corporation) C:\Windows\system32\WMVCORE.DLL
2020-09-10 16:42 - 2020-09-10 16:42 - 002315472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2020-09-10 16:42 - 2020-09-10 16:42 - 002138264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVCORE.DLL
2020-09-10 16:42 - 2020-09-10 16:42 - 001610240 _____ (Microsoft Corporation) C:\Windows\system32\HologramCompositor.dll
2020-09-10 16:42 - 2020-09-10 16:42 - 001272160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfasfsrcsnk.dll
2020-09-10 16:42 - 2020-09-10 16:42 - 001247744 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOE.DLL
2020-09-10 16:42 - 2020-09-10 16:42 - 001151808 _____ (Microsoft Corporation) C:\Windows\system32\mfmpeg2srcsnk.dll
2020-09-10 16:42 - 2020-09-10 16:42 - 001108384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfsvr.dll
2020-09-10 16:42 - 2020-09-10 16:42 - 001099600 _____ (Microsoft Corporation) C:\Windows\system32\mfds.dll
2020-09-10 16:42 - 2020-09-10 16:42 - 001098720 _____ (Microsoft Corporation) C:\Windows\system32\DolbyDecMFT.dll
2020-09-10 16:42 - 2020-09-10 16:42 - 001039872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMSPDMOE.DLL
2020-09-10 16:42 - 2020-09-10 16:42 - 001012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmpeg2srcsnk.dll
2020-09-10 16:42 - 2020-09-10 16:42 - 000952416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DolbyDecMFT.dll
2020-09-10 16:42 - 2020-09-10 16:42 - 000941568 _____ (Microsoft Corporation) C:\Windows\system32\fveapi.dll
2020-09-10 16:42 - 2020-09-10 16:42 - 000928768 _____ (Microsoft Corporation) C:\Windows\system32\WFS.exe
2020-09-10 16:42 - 2020-09-10 16:42 - 000748384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfds.dll
2020-09-10 16:42 - 2020-09-10 16:42 - 000744240 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOE.DLL
2020-09-10 16:42 - 2020-09-10 16:42 - 000738072 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOD.DLL
2020-09-10 16:42 - 2020-09-10 16:42 - 000724480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fveapi.dll
2020-09-10 16:42 - 2020-09-10 16:42 - 000709632 _____ (Microsoft Corporation) C:\Windows\system32\AppReadiness.dll
2020-09-10 16:42 - 2020-09-10 16:42 - 000682752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMADMOE.DLL
2020-09-10 16:42 - 2020-09-10 16:42 - 000669696 _____ (Microsoft Corporation) C:\Windows\system32\WFSR.dll
2020-09-10 16:42 - 2020-09-10 16:42 - 000666288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMADMOD.DLL
2020-09-10 16:42 - 2020-09-10 16:42 - 000588800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfh264enc.dll
2020-09-10 16:42 - 2020-09-10 16:42 - 000574976 _____ (Microsoft Corporation) C:\Windows\system32\mfh264enc.dll
2020-09-10 16:42 - 2020-09-10 16:42 - 000537608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2020-09-10 16:42 - 2020-09-10 16:42 - 000522752 _____ (Microsoft Corporation) C:\Windows\system32\WinBioDataModel.dll
2020-09-10 16:42 - 2020-09-10 16:42 - 000420168 _____ (Microsoft Corporation) C:\Windows\system32\MSAudDecMFT.dll
2020-09-10 16:42 - 2020-09-10 16:42 - 000415232 _____ (Microsoft Corporation) C:\Windows\system32\FXSCOMPOSE.dll
2020-09-10 16:42 - 2020-09-10 16:42 - 000408576 _____ (Microsoft Corporation) C:\Windows\system32\fveapibase.dll
2020-09-10 16:42 - 2020-09-10 16:42 - 000338944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fveapibase.dll
2020-09-10 16:42 - 2020-09-10 16:42 - 000234496 _____ (Microsoft Corporation) C:\Windows\system32\FXSCOVER.exe
2020-09-10 16:42 - 2020-09-10 16:42 - 000181248 _____ (Microsoft Corporation) C:\Windows\system32\FXSUTILITY.dll
2020-09-10 16:42 - 2020-09-10 16:42 - 000080896 _____ (Microsoft Corporation) C:\Windows\system32\WinBioDataModelOOBE.exe
2020-09-10 16:42 - 2020-09-10 16:42 - 000035328 _____ (Microsoft Corporation) C:\Windows\system32\FXSCOMPOSERES.dll
2020-09-10 16:41 - 2020-09-10 16:42 - 004129416 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
2020-09-10 16:41 - 2020-09-10 16:41 - 032928920 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsRaw.dll
2020-09-10 16:41 - 2020-09-10 16:41 - 031598936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsRaw.dll
2020-09-10 16:41 - 2020-09-10 16:41 - 022642176 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2020-09-10 16:41 - 2020-09-10 16:41 - 019852288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgehtml.dll
2020-09-10 16:41 - 2020-09-10 16:41 - 018032128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2020-09-10 16:41 - 2020-09-10 16:41 - 007761408 _____ (Microsoft Corporation) C:\Windows\system32\Chakra.dll
2020-09-10 16:41 - 2020-09-10 16:41 - 007284736 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2020-09-10 16:41 - 2020-09-10 16:41 - 006304256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2020-09-10 16:41 - 2020-09-10 16:41 - 005907456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakra.dll
2020-09-10 16:41 - 2020-09-10 16:41 - 005767744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2020-09-10 16:41 - 2020-09-10 16:41 - 004859904 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2020-09-10 16:41 - 2020-09-10 16:41 - 004605952 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2020-09-10 16:41 - 2020-09-10 16:41 - 003822592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2020-09-10 16:41 - 2020-09-10 16:41 - 003501568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2020-09-10 16:41 - 2020-09-10 16:41 - 002369336 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.AppAgent.dll
2020-09-10 16:41 - 2020-09-10 16:41 - 002230240 _____ (Microsoft Corporation) C:\Windows\system32\mfasfsrcsnk.dll
2020-09-10 16:41 - 2020-09-10 16:41 - 002190664 _____ (Microsoft Corporation) C:\Windows\system32\AppVEntSubsystems64.dll
2020-09-10 16:41 - 2020-09-10 16:41 - 001659208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Microsoft.Uev.AppAgent.dll
2020-09-10 16:41 - 2020-09-10 16:41 - 001491160 _____ (Microsoft Corporation) C:\Windows\system32\mfsvr.dll
2020-09-10 16:41 - 2020-09-10 16:41 - 001397560 _____ (Microsoft Corporation) C:\Windows\system32\hvix64.exe
2020-09-10 16:41 - 2020-09-10 16:41 - 001386824 _____ (Microsoft Corporation) C:\Windows\system32\AppVEntSubsystemController.dll
2020-09-10 16:41 - 2020-09-10 16:41 - 001313792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjet40.dll
2020-09-10 16:41 - 2020-09-10 16:41 - 001218424 _____ (Microsoft Corporation) C:\Windows\system32\ClipUp.exe
2020-09-10 16:41 - 2020-09-10 16:41 - 001138688 _____ (Microsoft Corporation) C:\Windows\system32\nettrace.dll
2020-09-10 16:41 - 2020-09-10 16:41 - 001077048 _____ (Microsoft Corporation) C:\Windows\system32\hvax64.exe
2020-09-10 16:41 - 2020-09-10 16:41 - 000882688 _____ (Microsoft Corporation) C:\Windows\system32\CPFilters.dll
2020-09-10 16:41 - 2020-09-10 16:41 - 000864768 _____ (Microsoft Corporation) C:\Windows\system32\ieproxy.dll
2020-09-10 16:41 - 2020-09-10 16:41 - 000783496 _____ (Microsoft Corporation) C:\Windows\system32\tcblaunch.exe
2020-09-10 16:41 - 2020-09-10 16:41 - 000776192 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2020-09-10 16:41 - 2020-09-10 16:41 - 000775480 _____ (Microsoft Corporation) C:\Windows\system32\securekernel.exe
2020-09-10 16:41 - 2020-09-10 16:41 - 000744960 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.Office2013CustomActions.dll
2020-09-10 16:41 - 2020-09-10 16:41 - 000706560 _____ (Microsoft Corporation) C:\Windows\system32\wsecedit.dll
2020-09-10 16:41 - 2020-09-10 16:41 - 000705536 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2020-09-10 16:41 - 2020-09-10 16:41 - 000701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Mirage.Internal.dll
2020-09-10 16:41 - 2020-09-10 16:41 - 000689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CPFilters.dll
2020-09-10 16:41 - 2020-09-10 16:41 - 000671560 _____ (Microsoft Corporation) C:\Windows\system32\computecore.dll
2020-09-10 16:41 - 2020-09-10 16:41 - 000609280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2020-09-10 16:41 - 2020-09-10 16:41 - 000562176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2020-09-10 16:41 - 2020-09-10 16:41 - 000553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsecedit.dll
2020-09-10 16:41 - 2020-09-10 16:41 - 000529920 _____ (Microsoft Corporation) C:\Windows\system32\nltest.exe
2020-09-10 16:41 - 2020-09-10 16:41 - 000516544 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2020-09-10 16:41 - 2020-09-10 16:41 - 000514560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Microsoft.Uev.Office2013CustomActions.dll
2020-09-10 16:41 - 2020-09-10 16:41 - 000499200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.FileExplorer.dll
2020-09-10 16:41 - 2020-09-10 16:41 - 000457216 _____ (Microsoft Corporation) C:\Windows\system32\upnphost.dll
2020-09-10 16:41 - 2020-09-10 16:41 - 000422008 _____ (Microsoft Corporation) C:\Windows\system32\SgrmEnclave_secure.dll
2020-09-10 16:41 - 2020-09-10 16:41 - 000374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieproxy.dll
2020-09-10 16:41 - 2020-09-10 16:41 - 000353280 _____ (Microsoft Corporation) C:\Windows\system32\pnrpsvc.dll
2020-09-10 16:41 - 2020-09-10 16:41 - 000330752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\upnphost.dll
2020-09-10 16:41 - 2020-09-10 16:41 - 000299072 _____ (Microsoft Corporation) C:\Windows\system32\SIHClient.exe
2020-09-10 16:41 - 2020-09-10 16:41 - 000272896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstext40.dll
2020-09-10 16:41 - 2020-09-10 16:41 - 000269824 _____ (Microsoft Corporation) C:\Windows\system32\DAFMCP.dll
2020-09-10 16:41 - 2020-09-10 16:41 - 000249856 _____ (Microsoft Corporation) C:\Windows\system32\FileHistory.exe
2020-09-10 16:41 - 2020-09-10 16:41 - 000240128 _____ (Microsoft Corporation) C:\Windows\system32\ssdpsrv.dll
2020-09-10 16:41 - 2020-09-10 16:41 - 000219136 _____ (Microsoft Corporation) C:\Windows\system32\P2P.dll
2020-09-10 16:41 - 2020-09-10 16:41 - 000214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scecli.dll
2020-09-10 16:41 - 2020-09-10 16:41 - 000211256 _____ (Microsoft Corporation) C:\Windows\system32\tcbloader.dll
2020-09-10 16:41 - 2020-09-10 16:41 - 000155136 _____ (Microsoft Corporation) C:\Windows\system32\Chakradiag.dll
2020-09-10 16:41 - 2020-09-10 16:41 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\fdWSD.dll
2020-09-10 16:41 - 2020-09-10 16:41 - 000139776 _____ (Microsoft Corporation) C:\Windows\system32\Chakrathunk.dll
2020-09-10 16:41 - 2020-09-10 16:41 - 000133632 _____ (Microsoft Corporation) C:\Windows\system32\dnscmmc.dll
2020-09-10 16:41 - 2020-09-10 16:41 - 000127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fdWSD.dll
2020-09-10 16:41 - 2020-09-10 16:41 - 000124416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnscmmc.dll
2020-09-10 16:41 - 2020-09-10 16:41 - 000117248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakradiag.dll
2020-09-10 16:41 - 2020-09-10 16:41 - 000108544 _____ (Microsoft Corporation) C:\Windows\system32\fdSSDP.dll
2020-09-10 16:41 - 2020-09-10 16:41 - 000105472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakrathunk.dll
2020-09-10 16:41 - 2020-09-10 16:41 - 000093496 _____ (Microsoft Corporation) C:\Windows\system32\hvloader.dll
2020-09-10 16:41 - 2020-09-10 16:41 - 000090936 _____ (Microsoft Corporation) C:\Windows\system32\vid.dll
2020-09-10 16:41 - 2020-09-10 16:41 - 000089088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fdSSDP.dll
2020-09-10 16:41 - 2020-09-10 16:41 - 000084280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hvservice.sys
2020-09-10 16:41 - 2020-09-10 16:41 - 000078336 _____ (Microsoft Corporation) C:\Windows\system32\fhuxgraphics.dll
2020-09-10 16:41 - 2020-09-10 16:41 - 000068096 _____ (Microsoft Corporation) C:\Windows\system32\udhisapi.dll
2020-09-10 16:41 - 2020-09-10 16:41 - 000065536 _____ (Microsoft Corporation) C:\Windows\system32\iemigplugin.dll
2020-09-10 16:41 - 2020-09-10 16:41 - 000065024 _____ (Microsoft Corporation) C:\Windows\system32\ssdpapi.dll
2020-09-10 16:41 - 2020-09-10 16:41 - 000063488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iemigplugin.dll
2020-09-10 16:41 - 2020-09-10 16:41 - 000058368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\udhisapi.dll
2020-09-10 16:41 - 2020-09-10 16:41 - 000056320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndiscap.sys
2020-09-10 16:41 - 2020-09-10 16:41 - 000050688 _____ (Microsoft Corporation) C:\Windows\system32\tar.exe
2020-09-10 16:41 - 2020-09-10 16:41 - 000050688 _____ (Microsoft Corporation) C:\Windows\system32\NAPCRYPT.DLL
2020-09-10 16:41 - 2020-09-10 16:41 - 000045568 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.Office2010CustomActions.dll
2020-09-10 16:41 - 2020-09-10 16:41 - 000044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NAPCRYPT.DLL
2020-09-10 16:41 - 2020-09-10 16:41 - 000043520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tar.exe
2020-09-10 16:41 - 2020-09-10 16:41 - 000040960 _____ (Microsoft Corporation) C:\Windows\system32\upnpcont.exe
2020-09-10 16:41 - 2020-09-10 16:41 - 000037888 _____ (Microsoft Corporation) C:\Windows\system32\wslapi.dll
2020-09-10 16:41 - 2020-09-10 16:41 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Microsoft.Uev.Office2010CustomActions.dll
2020-09-10 16:41 - 2020-09-10 16:41 - 000035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\upnpcont.exe
2020-09-10 16:41 - 2020-09-10 16:41 - 000026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2020-09-10 16:41 - 2020-09-10 16:41 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2020-09-10 16:41 - 2020-09-10 16:41 - 000021304 _____ (Microsoft Corporation) C:\Windows\system32\kdhvcom.dll
2020-09-10 16:41 - 2020-09-10 16:41 - 000000315 _____ C:\Windows\system32\DrtmAuth9.bin
2020-09-10 16:41 - 2020-09-10 16:41 - 000000315 _____ C:\Windows\system32\DrtmAuth8.bin
2020-09-10 16:41 - 2020-09-10 16:41 - 000000315 _____ C:\Windows\system32\DrtmAuth7.bin
2020-09-10 16:41 - 2020-09-10 16:41 - 000000315 _____ C:\Windows\system32\DrtmAuth6.bin
2020-09-10 16:41 - 2020-09-10 16:41 - 000000315 _____ C:\Windows\system32\DrtmAuth5.bin
2020-09-10 16:41 - 2020-09-10 16:41 - 000000315 _____ C:\Windows\system32\DrtmAuth4.bin
2020-09-10 16:41 - 2020-09-10 16:41 - 000000315 _____ C:\Windows\system32\DrtmAuth3.bin
2020-09-10 16:41 - 2020-09-10 16:41 - 000000315 _____ C:\Windows\system32\DrtmAuth2.bin
2020-09-10 16:41 - 2020-09-10 16:41 - 000000315 _____ C:\Windows\system32\DrtmAuth12.bin
2020-09-10 16:41 - 2020-09-10 16:41 - 000000315 _____ C:\Windows\system32\DrtmAuth11.bin
2020-09-10 16:41 - 2020-09-10 16:41 - 000000315 _____ C:\Windows\system32\DrtmAuth10.bin
2020-09-10 16:41 - 2020-09-10 16:41 - 000000315 _____ C:\Windows\system32\DrtmAuth1.bin
2020-09-10 16:40 - 2020-09-10 16:41 - 000053760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rtutils.dll
2020-09-10 16:40 - 2020-09-10 16:40 - 006526448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Protection.PlayReady.dll
2020-09-10 16:40 - 2020-09-10 16:40 - 006069360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\windows.storage.dll
2020-09-10 16:40 - 2020-09-10 16:40 - 005848848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2020-09-10 16:40 - 2020-09-10 16:40 - 005041152 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2020-09-10 16:40 - 2020-09-10 16:40 - 005003832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.StateRepository.dll
2020-09-10 16:40 - 2020-09-10 16:40 - 004538368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2020-09-10 16:40 - 2020-09-10 16:40 - 003740456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\OneCoreUAPCommonProxyStub.dll
2020-09-10 16:40 - 2020-09-10 16:40 - 002799104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32kfull.sys
2020-09-10 16:40 - 2020-09-10 16:40 - 002774088 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2020-09-10 16:40 - 2020-09-10 16:40 - 002585032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\combase.dll
2020-09-10 16:40 - 2020-09-10 16:40 - 002576896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2020-09-10 16:40 - 2020-09-10 16:40 - 002565120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2020-09-10 16:40 - 2020-09-10 16:40 - 002306048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2020-09-10 16:40 - 2020-09-10 16:40 - 002259680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2020-09-10 16:40 - 2020-09-10 16:40 - 001957552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2020-09-10 16:40 - 2020-09-10 16:40 - 001750016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InstallService.dll
2020-09-10 16:40 - 2020-09-10 16:40 - 001704960 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2020-09-10 16:40 - 2020-09-10 16:40 - 001698816 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll
2020-09-10 16:40 - 2020-09-10 16:40 - 001688064 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
2020-09-10 16:40 - 2020-09-10 16:40 - 001672544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.dll
2020-09-10 16:40 - 2020-09-10 16:40 - 001664696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2020-09-10 16:40 - 2020-09-10 16:40 - 001653792 _____ (Microsoft Corporation) C:\Windows\system32\gdi32full.dll
2020-09-10 16:40 - 2020-09-10 16:40 - 001521664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dbghelp.dll
2020-09-10 16:40 - 2020-09-10 16:40 - 001512960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cdprt.dll
2020-09-10 16:40 - 2020-09-10 16:40 - 001459200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
2020-09-10 16:40 - 2020-09-10 16:40 - 001421392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32full.dll
2020-09-10 16:40 - 2020-09-10 16:40 - 001369088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Input.Inking.dll
2020-09-10 16:40 - 2020-09-10 16:40 - 001326592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2020-09-10 16:40 - 2020-09-10 16:40 - 001307464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ContentDeliveryManager.Utilities.dll
2020-09-10 16:40 - 2020-09-10 16:40 - 001246208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TokenBroker.dll
2020-09-10 16:40 - 2020-09-10 16:40 - 001141048 _____ (Microsoft Corporation) C:\Windows\system32\efscore.dll
2020-09-10 16:40 - 2020-09-10 16:40 - 001124864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.Vpn.dll
2020-09-10 16:40 - 2020-09-10 16:40 - 001054160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2020-09-10 16:40 - 2020-09-10 16:40 - 001009200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2020-09-10 16:40 - 2020-09-10 16:40 - 000894032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinTypes.dll
2020-09-10 16:40 - 2020-09-10 16:40 - 000892728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe
2020-09-10 16:40 - 2020-09-10 16:40 - 000867328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2020-09-10 16:40 - 2020-09-10 16:40 - 000844088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CloudExperienceHostCommon.dll
2020-09-10 16:40 - 2020-09-10 16:40 - 000777216 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2020-09-10 16:40 - 2020-09-10 16:40 - 000775768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2020-09-10 16:40 - 2020-09-10 16:40 - 000768504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2020-09-10 16:40 - 2020-09-10 16:40 - 000675032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontdrvhost.exe
2020-09-10 16:40 - 2020-09-10 16:40 - 000670720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2020-09-10 16:40 - 2020-09-10 16:40 - 000667312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PCPKsp.dll
2020-09-10 16:40 - 2020-09-10 16:40 - 000652800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2020-09-10 16:40 - 2020-09-10 16:40 - 000632320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2020-09-10 16:40 - 2020-09-10 16:40 - 000628400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2020-09-10 16:40 - 2020-09-10 16:40 - 000600064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ActivationManager.dll
2020-09-10 16:40 - 2020-09-10 16:40 - 000593480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll
2020-09-10 16:40 - 2020-09-10 16:40 - 000578048 _____ (Microsoft Corporation) C:\Windows\system32\ddraw.dll
2020-09-10 16:40 - 2020-09-10 16:40 - 000572208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.StateRepositoryPS.dll
2020-09-10 16:40 - 2020-09-10 16:40 - 000564480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StateRepository.Core.dll
2020-09-10 16:40 - 2020-09-10 16:40 - 000553664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CoreMessaging.dll
2020-09-10 16:40 - 2020-09-10 16:40 - 000544336 _____ (Microsoft Corporation) C:\Windows\system32\policymanager.dll
2020-09-10 16:40 - 2020-09-10 16:40 - 000528896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ddraw.dll
2020-09-10 16:40 - 2020-09-10 16:40 - 000466432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\daxexec.dll
2020-09-10 16:40 - 2020-09-10 16:40 - 000466352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\policymanager.dll
2020-09-10 16:40 - 2020-09-10 16:40 - 000462848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2020-09-10 16:40 - 2020-09-10 16:40 - 000444416 _____ (Microsoft Corporation) C:\Windows\system32\edgeIso.dll
2020-09-10 16:40 - 2020-09-10 16:40 - 000424448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InputSwitch.dll
2020-09-10 16:40 - 2020-09-10 16:40 - 000410624 _____ (Microsoft Corporation) C:\Windows\system32\rascustom.dll
2020-09-10 16:40 - 2020-09-10 16:40 - 000404480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Payments.dll
2020-09-10 16:40 - 2020-09-10 16:40 - 000365056 _____ (Microsoft Corporation) C:\Windows\system32\credprovs.dll
2020-09-10 16:40 - 2020-09-10 16:40 - 000336384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2020-09-10 16:40 - 2020-09-10 16:40 - 000332800 _____ (Microsoft Corporation) C:\Windows\system32\omadmclient.exe
2020-09-10 16:40 - 2020-09-10 16:40 - 000328192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgeIso.dll
2020-09-10 16:40 - 2020-09-10 16:40 - 000324608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore.dll
2020-09-10 16:40 - 2020-09-10 16:40 - 000324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32k.sys
2020-09-10 16:40 - 2020-09-10 16:40 - 000315904 _____ (Microsoft Corporation) C:\Windows\system32\dmenterprisediagnostics.dll
2020-09-10 16:40 - 2020-09-10 16:40 - 000308736 _____ (Microsoft Corporation) C:\Windows\system32\msIso.dll
2020-09-10 16:40 - 2020-09-10 16:40 - 000307712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincorlib.dll
2020-09-10 16:40 - 2020-09-10 16:40 - 000299520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
2020-09-10 16:40 - 2020-09-10 16:40 - 000294728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\thumbcache.dll
2020-09-10 16:40 - 2020-09-10 16:40 - 000292864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Lights.dll
2020-09-10 16:40 - 2020-09-10 16:40 - 000291840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ahcache.sys
2020-09-10 16:40 - 2020-09-10 16:40 - 000285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2020-09-10 16:40 - 2020-09-10 16:40 - 000283136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2020-09-10 16:40 - 2020-09-10 16:40 - 000278016 _____ (Microsoft Corporation) C:\Windows\system32\pdh.dll
2020-09-10 16:40 - 2020-09-10 16:40 - 000277504 _____ (Microsoft Corporation) C:\Windows\system32\scecli.dll
2020-09-10 16:40 - 2020-09-10 16:40 - 000272384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppLockerCSP.dll
2020-09-10 16:40 - 2020-09-10 16:40 - 000268800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credprovs.dll
2020-09-10 16:40 - 2020-09-10 16:40 - 000256000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore6.dll
2020-09-10 16:40 - 2020-09-10 16:40 - 000253952 _____ (Microsoft Corporation) C:\Windows\system32\BitLockerCsp.dll
2020-09-10 16:40 - 2020-09-10 16:40 - 000251904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msIso.dll
2020-09-10 16:40 - 2020-09-10 16:40 - 000245248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pdh.dll
2020-09-10 16:40 - 2020-09-10 16:40 - 000244736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndproxy.sys
2020-09-10 16:40 - 2020-09-10 16:40 - 000232960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2020-09-10 16:40 - 2020-09-10 16:40 - 000224064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\offlinesam.dll
2020-09-10 16:40 - 2020-09-10 16:40 - 000211968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFilterHost.exe
2020-09-10 16:40 - 2020-09-10 16:40 - 000179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InstallServiceTasks.dll
2020-09-10 16:40 - 2020-09-10 16:40 - 000170496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.StateRepositoryUpgrade.dll
2020-09-10 16:40 - 2020-09-10 16:40 - 000165184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.StateRepositoryClient.dll
2020-09-10 16:40 - 2020-09-10 16:40 - 000163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\updatepolicy.dll
2020-09-10 16:40 - 2020-09-10 16:40 - 000163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BitLockerCsp.dll
2020-09-10 16:40 - 2020-09-10 16:40 - 000160768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2020-09-10 16:40 - 2020-09-10 16:40 - 000146640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2020-09-10 16:40 - 2020-09-10 16:40 - 000136192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srpapi.dll
2020-09-10 16:40 - 2020-09-10 16:40 - 000123392 _____ (Microsoft Corporation) C:\Windows\system32\cryptcatsvc.dll
2020-09-10 16:40 - 2020-09-10 16:40 - 000120832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mapistub.dll
2020-09-10 16:40 - 2020-09-10 16:40 - 000120832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mapi32.dll
2020-09-10 16:40 - 2020-09-10 16:40 - 000113152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssitlb.dll
2020-09-10 16:40 - 2020-09-10 16:40 - 000099328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2020-09-10 16:40 - 2020-09-10 16:40 - 000096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserDataTimeUtil.dll
2020-09-10 16:40 - 2020-09-10 16:40 - 000092672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wanarp.sys
2020-09-10 16:40 - 2020-09-10 16:40 - 000090944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.StateRepositoryBroker.dll
2020-09-10 16:40 - 2020-09-10 16:40 - 000089344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32u.dll
2020-09-10 16:40 - 2020-09-10 16:40 - 000084992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\samlib.dll
2020-09-10 16:40 - 2020-09-10 16:40 - 000081408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dtdump.exe
2020-09-10 16:40 - 2020-09-10 16:40 - 000076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2020-09-10 16:40 - 2020-09-10 16:40 - 000070144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcsvc.dll
2020-09-10 16:40 - 2020-09-10 16:40 - 000065024 _____ (Microsoft Corporation) C:\Windows\system32\rtutils.dll
2020-09-10 16:40 - 2020-09-10 16:40 - 000061952 _____ (Microsoft Corporation) C:\Windows\system32\edpnotify.exe
2020-09-10 16:40 - 2020-09-10 16:40 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssprxy.dll
2020-09-10 16:40 - 2020-09-10 16:40 - 000058368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcsvc6.dll
2020-09-10 16:40 - 2020-09-10 16:40 - 000052736 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2020-09-10 16:40 - 2020-09-10 16:40 - 000049152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tbauth.dll
2020-09-10 16:40 - 2020-09-10 16:40 - 000048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edpnotify.exe
2020-09-10 16:40 - 2020-09-10 16:40 - 000047104 _____ (Microsoft Corporation) C:\Windows\system32\perfctrs.dll
2020-09-10 16:40 - 2020-09-10 16:40 - 000046592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf3216.dll
2020-09-10 16:40 - 2020-09-10 16:40 - 000046080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscntrs.dll
2020-09-10 16:40 - 2020-09-10 16:40 - 000045056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2020-09-10 16:40 - 2020-09-10 16:40 - 000045056 _____ (Microsoft Corporation) C:\Windows\system32\perfproc.dll
2020-09-10 16:40 - 2020-09-10 16:40 - 000041472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\perfctrs.dll
2020-09-10 16:40 - 2020-09-10 16:40 - 000041472 _____ (Microsoft Corporation) C:\Windows\system32\perfdisk.dll
2020-09-10 16:40 - 2020-09-10 16:40 - 000040960 _____ (Microsoft Corporation) C:\Windows\system32\perfos.dll
2020-09-10 16:40 - 2020-09-10 16:40 - 000039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\perfproc.dll
2020-09-10 16:40 - 2020-09-10 16:40 - 000037888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\perfdisk.dll
2020-09-10 16:40 - 2020-09-10 16:40 - 000036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\perfos.dll
2020-09-10 16:40 - 2020-09-10 16:40 - 000032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.StateRepositoryCore.dll
2020-09-10 16:40 - 2020-09-10 16:40 - 000029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cmintegrator.dll
2020-09-10 16:40 - 2020-09-10 16:40 - 000029184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TokenBrokerCookies.exe
2020-09-10 16:40 - 2020-09-10 16:40 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndistapi.sys
2020-09-10 16:40 - 2020-09-10 16:40 - 000026624 _____ (Microsoft Corporation) C:\Windows\system32\perfnet.dll
2020-09-10 16:40 - 2020-09-10 16:40 - 000023552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\perfnet.dll
2020-09-10 16:40 - 2020-09-10 16:40 - 000020992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidtel.exe
2020-09-10 16:40 - 2020-09-10 16:40 - 000016384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fixmapi.exe
2020-09-10 16:40 - 2020-09-10 16:40 - 000015872 _____ (Microsoft Corporation) C:\Windows\system32\KBDJPN.DLL
2020-09-10 16:40 - 2020-09-10 16:40 - 000013824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDJPN.DLL
2020-09-10 16:40 - 2020-09-10 16:40 - 000013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDKOR.DLL
2020-09-10 16:40 - 2020-09-10 16:40 - 000011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2020-09-10 16:40 - 2020-09-10 16:40 - 000008704 _____ (Microsoft Corporation) C:\Windows\system32\kbd106.dll
2020-09-10 16:40 - 2020-09-10 16:40 - 000008192 _____ (Microsoft Corporation) C:\Windows\system32\kbd106n.dll
2020-09-10 16:40 - 2020-09-10 16:40 - 000008192 _____ (Microsoft Corporation) C:\Windows\system32\kbd101.dll
2020-09-10 16:40 - 2020-09-10 16:40 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kbd106n.dll
2020-09-10 16:40 - 2020-09-10 16:40 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kbd106.dll
2020-09-10 16:40 - 2020-09-10 16:40 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kbd101.DLL
2020-09-10 16:40 - 2020-09-10 16:40 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimg32.dll
2020-09-10 16:40 - 2020-09-10 16:40 - 000002560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2020-09-10 16:40 - 2020-09-10 16:40 - 000002560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2020-09-10 16:40 - 2020-09-10 16:40 - 000002560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2020-09-10 16:40 - 2020-09-10 16:40 - 000002560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2020-09-10 16:40 - 2020-09-10 16:40 - 000002560 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2020-09-10 16:39 - 2020-09-10 16:39 - 009926456 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2020-09-10 16:39 - 2020-09-10 16:39 - 007910152 _____ (Microsoft Corporation) C:\Windows\system32\windows.storage.dll
2020-09-10 16:39 - 2020-09-10 16:39 - 007604584 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Protection.PlayReady.dll
2020-09-10 16:39 - 2020-09-10 16:39 - 007582768 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2020-09-10 16:39 - 2020-09-10 16:39 - 007271232 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2020-09-10 16:39 - 2020-09-10 16:39 - 006170624 _____ (Microsoft Corporation) C:\Windows\system32\twinui.pcshell.dll
2020-09-10 16:39 - 2020-09-10 16:39 - 005284328 _____ (Microsoft Corporation) C:\Windows\system32\Windows.StateRepository.dll
2020-09-10 16:39 - 2020-09-10 16:39 - 004565248 _____ (Microsoft Corporation) C:\Windows\system32\sppsvc.exe
2020-09-10 16:39 - 2020-09-10 16:39 - 004048384 _____ (Microsoft Corporation) C:\Windows\system32\SRH.dll
2020-09-10 16:39 - 2020-09-10 16:39 - 004005888 _____ (Microsoft Corporation) C:\Windows\system32\EdgeContent.dll
2020-09-10 16:39 - 2020-09-10 16:39 - 003805696 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2020-09-10 16:39 - 2020-09-10 16:39 - 003727872 _____ (Microsoft Corporation) C:\Windows\system32\win32kfull.sys
2020-09-10 16:39 - 2020-09-10 16:39 - 003547136 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2020-09-10 16:39 - 2020-09-10 16:39 - 003371176 _____ (Microsoft Corporation) C:\Windows\system32\combase.dll
2020-09-10 16:39 - 2020-09-10 16:39 - 003265024 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2020-09-10 16:39 - 2020-09-10 16:39 - 003084800 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2020-09-10 16:39 - 2020-09-10 16:39 - 002986808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2020-09-10 16:39 - 2020-09-10 16:39 - 002870784 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2020-09-10 16:39 - 2020-09-10 16:39 - 002772616 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2020-09-10 16:39 - 2020-09-10 16:39 - 002697536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2020-09-10 16:39 - 2020-09-10 16:39 - 002483712 _____ (Microsoft Corporation) C:\Windows\system32\InstallService.dll
2020-09-10 16:39 - 2020-09-10 16:39 - 002454904 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2020-09-10 16:39 - 2020-09-10 16:39 - 002260824 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.dll
2020-09-10 16:39 - 2020-09-10 16:39 - 002090280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2020-09-10 16:39 - 2020-09-10 16:39 - 002073600 _____ (Microsoft Corporation) C:\Windows\system32\ISM.dll
2020-09-10 16:39 - 2020-09-10 16:39 - 001999968 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2020-09-10 16:39 - 2020-09-10 16:39 - 001930752 _____ (Microsoft Corporation) C:\Windows\system32\dbghelp.dll
2020-09-10 16:39 - 2020-09-10 16:39 - 001918464 _____ (Microsoft Corporation) C:\Windows\system32\wevtsvc.dll
2020-09-10 16:39 - 2020-09-10 16:39 - 001885184 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2020-09-10 16:39 - 2020-09-10 16:39 - 001743680 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll
2020-09-10 16:39 - 2020-09-10 16:39 - 001726264 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2020-09-10 16:39 - 2020-09-10 16:39 - 001670144 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2020-09-10 16:39 - 2020-09-10 16:39 - 001522176 _____ (Microsoft Corporation) C:\Windows\system32\WindowManagement.dll
2020-09-10 16:39 - 2020-09-10 16:39 - 001486848 _____ (Microsoft Corporation) C:\Windows\system32\usocoreworker.exe
2020-09-10 16:39 - 2020-09-10 16:39 - 001485824 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.Vpn.dll
2020-09-10 16:39 - 2020-09-10 16:39 - 001480520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2020-09-10 16:39 - 2020-09-10 16:39 - 001399216 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2020-09-10 16:39 - 2020-09-10 16:39 - 001393960 _____ (Microsoft Corporation) C:\Windows\system32\WinTypes.dll
2020-09-10 16:39 - 2020-09-10 16:39 - 001274128 _____ (Microsoft Corporation) C:\Windows\system32\Windows.StateRepositoryPS.dll
2020-09-10 16:39 - 2020-09-10 16:39 - 001260752 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2020-09-10 16:39 - 2020-09-10 16:39 - 001170960 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2020-09-10 16:39 - 2020-09-10 16:39 - 001092096 _____ (Microsoft Corporation) C:\Windows\system32\MusUpdateHandlers.dll
2020-09-10 16:39 - 2020-09-10 16:39 - 000944680 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2020-09-10 16:39 - 2020-09-10 16:39 - 000932352 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll
2020-09-10 16:39 - 2020-09-10 16:39 - 000932256 _____ (Microsoft Corporation) C:\Windows\system32\SecurityHealthService.exe
2020-09-10 16:39 - 2020-09-10 16:39 - 000893104 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2020-09-10 16:39 - 2020-09-10 16:39 - 000858928 _____ (Microsoft Corporation) C:\Windows\system32\CoreMessaging.dll
2020-09-10 16:39 - 2020-09-10 16:39 - 000851968 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2020-09-10 16:39 - 2020-09-10 16:39 - 000842240 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_Language.dll
2020-09-10 16:39 - 2020-09-10 16:39 - 000823752 _____ (Microsoft Corporation) C:\Windows\system32\fontdrvhost.exe
2020-09-10 16:39 - 2020-09-10 16:39 - 000822784 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll
2020-09-10 16:39 - 2020-09-10 16:39 - 000716304 _____ (Microsoft Corporation) C:\Windows\system32\StateRepository.Core.dll
2020-09-10 16:39 - 2020-09-10 16:39 - 000675840 _____ (Microsoft Corporation) C:\Windows\system32\daxexec.dll
2020-09-10 16:39 - 2020-09-10 16:39 - 000661832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2020-09-10 16:39 - 2020-09-10 16:39 - 000621568 _____ (Microsoft Corporation) C:\Windows\system32\MusNotification.exe
2020-09-10 16:39 - 2020-09-10 16:39 - 000602112 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Payments.dll
2020-09-10 16:39 - 2020-09-10 16:39 - 000578560 _____ (Microsoft Corporation) C:\Windows\system32\SppExtComObj.Exe
2020-09-10 16:39 - 2020-09-10 16:39 - 000561464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2020-09-10 16:39 - 2020-09-10 16:39 - 000550400 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2020-09-10 16:39 - 2020-09-10 16:39 - 000544256 _____ (Microsoft Corporation) C:\Windows\system32\usosvc.dll
2020-09-10 16:39 - 2020-09-10 16:39 - 000533504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2020-09-10 16:39 - 2020-09-10 16:39 - 000530432 _____ (Microsoft Corporation) C:\Windows\system32\MusNotificationUx.exe
2020-09-10 16:39 - 2020-09-10 16:39 - 000525824 _____ (Microsoft Corporation) C:\Windows\system32\sppcext.dll
2020-09-10 16:39 - 2020-09-10 16:39 - 000516608 _____ (Microsoft Corporation) C:\Windows\system32\wuuhext.dll
2020-09-10 16:39 - 2020-09-10 16:39 - 000510792 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2020-09-10 16:39 - 2020-09-10 16:39 - 000506880 _____ (Microsoft Corporation) C:\Windows\system32\InputSwitch.dll
2020-09-10 16:39 - 2020-09-10 16:39 - 000492032 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2020-09-10 16:39 - 2020-09-10 16:39 - 000477496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2020-09-10 16:39 - 2020-09-10 16:39 - 000460192 _____ (Microsoft Corporation) C:\Windows\system32\MusNotifyIcon.exe
2020-09-10 16:39 - 2020-09-10 16:39 - 000457016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdbss.sys
2020-09-10 16:39 - 2020-09-10 16:39 - 000435200 _____ (Microsoft Corporation) C:\Windows\system32\wincorlib.dll
2020-09-10 16:39 - 2020-09-10 16:39 - 000419328 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Lights.dll
2020-09-10 16:39 - 2020-09-10 16:39 - 000401408 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2020-09-10 16:39 - 2020-09-10 16:39 - 000400696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\clfs.sys
2020-09-10 16:39 - 2020-09-10 16:39 - 000392704 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore.dll
2020-09-10 16:39 - 2020-09-10 16:39 - 000392192 _____ (Microsoft Corporation) C:\Windows\system32\Search.ProtocolHandler.MAPI2.dll
2020-09-10 16:39 - 2020-09-10 16:39 - 000382464 _____ (Microsoft Corporation) C:\Windows\system32\AppLockerCSP.dll
2020-09-10 16:39 - 2020-09-10 16:39 - 000372536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msrpc.sys
2020-09-10 16:39 - 2020-09-10 16:39 - 000368128 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
2020-09-10 16:39 - 2020-09-10 16:39 - 000363128 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2020-09-10 16:39 - 2020-09-10 16:39 - 000356160 _____ (Microsoft Corporation) C:\Windows\system32\SecurityHealthAgent.dll
2020-09-10 16:39 - 2020-09-10 16:39 - 000353792 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll
2020-09-10 16:39 - 2020-09-10 16:39 - 000324408 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2020-09-10 16:39 - 2020-09-10 16:39 - 000312832 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2020-09-10 16:39 - 2020-09-10 16:39 - 000293376 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore6.dll
2020-09-10 16:39 - 2020-09-10 16:39 - 000279552 _____ (Microsoft Corporation) C:\Windows\system32\storewuauth.dll
2020-09-10 16:39 - 2020-09-10 16:39 - 000260408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2020-09-10 16:39 - 2020-09-10 16:39 - 000259072 _____ (Microsoft Corporation) C:\Windows\system32\VPNv2CSP.dll
2020-09-10 16:39 - 2020-09-10 16:39 - 000256000 _____ (Microsoft Corporation) C:\Windows\system32\UpdateDeploymentProvider.dll
2020-09-10 16:39 - 2020-09-10 16:39 - 000255488 _____ (Microsoft Corporation) C:\Windows\system32\wpnservice.dll
2020-09-10 16:39 - 2020-09-10 16:39 - 000254776 _____ (Microsoft Corporation) C:\Windows\system32\offlinesam.dll
2020-09-10 16:39 - 2020-09-10 16:39 - 000240640 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe
2020-09-10 16:39 - 2020-09-10 16:39 - 000231936 _____ (Microsoft Corporation) C:\Windows\system32\InstallServiceTasks.dll
2020-09-10 16:39 - 2020-09-10 16:39 - 000224768 _____ (Microsoft Corporation) C:\Windows\system32\TabSvc.dll
2020-09-10 16:39 - 2020-09-10 16:39 - 000213824 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2020-09-10 16:39 - 2020-09-10 16:39 - 000209920 _____ (Microsoft Corporation) C:\Windows\system32\wuuhosdeployment.dll
2020-09-10 16:39 - 2020-09-10 16:39 - 000209216 _____ (Microsoft Corporation) C:\Windows\system32\Windows.StateRepositoryClient.dll
2020-09-10 16:39 - 2020-09-10 16:39 - 000208384 _____ (Microsoft Corporation) C:\Windows\system32\Windows.StateRepositoryUpgrade.dll
2020-09-10 16:39 - 2020-09-10 16:39 - 000205640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2020-09-10 16:39 - 2020-09-10 16:39 - 000204800 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
2020-09-10 16:39 - 2020-09-10 16:39 - 000200704 _____ (Microsoft Corporation) C:\Windows\system32\updatepolicy.dll
2020-09-10 16:39 - 2020-09-10 16:39 - 000197632 _____ (Microsoft Corporation) C:\Windows\system32\Win32CompatibilityAppraiserCSP.dll
2020-09-10 16:39 - 2020-09-10 16:39 - 000179512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2020-09-10 16:39 - 2020-09-10 16:39 - 000159232 _____ (Microsoft Corporation) C:\Windows\system32\srpapi.dll
2020-09-10 16:39 - 2020-09-10 16:39 - 000158720 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2020-09-10 16:39 - 2020-09-10 16:39 - 000147456 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll
2020-09-10 16:39 - 2020-09-10 16:39 - 000146248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2020-09-10 16:39 - 2020-09-10 16:39 - 000132408 _____ (Microsoft Corporation) C:\Windows\system32\offlinelsa.dll
2020-09-10 16:39 - 2020-09-10 16:39 - 000131896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mup.sys
2020-09-10 16:39 - 2020-09-10 16:39 - 000128512 _____ (Microsoft Corporation) C:\Windows\system32\mssitlb.dll
2020-09-10 16:39 - 2020-09-10 16:39 - 000127064 _____ (Microsoft Corporation) C:\Windows\system32\win32u.dll
2020-09-10 16:39 - 2020-09-10 16:39 - 000125952 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2020-09-10 16:39 - 2020-09-10 16:39 - 000122368 _____ (Microsoft Corporation) C:\Windows\system32\samlib.dll
2020-09-10 16:39 - 2020-09-10 16:39 - 000121856 _____ (Microsoft Corporation) C:\Windows\system32\UserDataTimeUtil.dll
2020-09-10 16:39 - 2020-09-10 16:39 - 000121856 _____ (Microsoft Corporation) C:\Windows\system32\updatecsp.dll
2020-09-10 16:39 - 2020-09-10 16:39 - 000108856 _____ (Microsoft Corporation) C:\Windows\system32\SecurityHealthProxyStub.dll
2020-09-10 16:39 - 2020-09-10 16:39 - 000105984 _____ (Microsoft Corporation) C:\Windows\system32\utcutil.dll
2020-09-10 16:39 - 2020-09-10 16:39 - 000104248 _____ (Microsoft Corporation) C:\Windows\system32\Windows.StateRepositoryBroker.dll
2020-09-10 16:39 - 2020-09-10 16:39 - 000102912 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2020-09-10 16:39 - 2020-09-10 16:39 - 000092672 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcsvc.dll
2020-09-10 16:39 - 2020-09-10 16:39 - 000089088 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2020-09-10 16:39 - 2020-09-10 16:39 - 000079576 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2020-09-10 16:39 - 2020-09-10 16:39 - 000068096 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcsvc6.dll
2020-09-10 16:39 - 2020-09-10 16:39 - 000066872 _____ (Microsoft Corporation) C:\Windows\system32\CloudExperienceHostBroker.exe
2020-09-10 16:39 - 2020-09-10 16:39 - 000063296 _____ (Microsoft Corporation) C:\Windows\system32\SecurityHealthHost.exe
2020-09-10 16:39 - 2020-09-10 16:39 - 000061952 _____ (Microsoft Corporation) C:\Windows\system32\mf3216.dll
2020-09-10 16:39 - 2020-09-10 16:39 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msscntrs.dll
2020-09-10 16:39 - 2020-09-10 16:39 - 000059392 _____ C:\Windows\system32\runexehelper.exe
2020-09-10 16:39 - 2020-09-10 16:39 - 000057888 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2020-09-10 16:39 - 2020-09-10 16:39 - 000057856 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2020-09-10 16:39 - 2020-09-10 16:39 - 000047008 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2020-09-10 16:39 - 2020-09-10 16:39 - 000045568 _____ (Microsoft Corporation) C:\Windows\system32\Windows.StateRepositoryCore.dll
2020-09-10 16:39 - 2020-09-10 16:39 - 000045568 _____ (Microsoft Corporation) C:\Windows\system32\cmintegrator.dll
2020-09-10 16:39 - 2020-09-10 16:39 - 000029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2020-09-10 16:39 - 2020-09-10 16:39 - 000025600 _____ (Microsoft Corporation) C:\Windows\system32\appidtel.exe
2020-09-10 16:39 - 2020-09-10 16:39 - 000019456 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2020-09-10 16:39 - 2020-09-10 16:39 - 000018432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\applockerfltr.sys
2020-09-10 16:39 - 2020-09-10 16:39 - 000014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2020-09-10 16:39 - 2020-09-10 16:39 - 000008192 _____ (Microsoft Corporation) C:\Windows\system32\msimg32.dll
2020-09-10 16:39 - 2020-09-10 16:39 - 000003072 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2020-09-10 16:39 - 2020-09-10 16:39 - 000002560 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2020-09-10 16:39 - 2020-09-10 16:39 - 000002560 _____ (Microsoft Corporation) C:\Windows\system32\tier2punctuations.dll
2020-09-10 16:39 - 2020-09-10 16:39 - 000002560 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2020-09-10 16:38 - 2020-09-10 16:39 - 003136000 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2020-09-10 16:38 - 2020-09-10 16:38 - 007845080 _____ (Microsoft Corporation) C:\Windows\system32\OneCoreUAPCommonProxyStub.dll
2020-09-10 16:38 - 2020-09-10 16:38 - 006233080 _____ (Microsoft Corporation) C:\Windows\system32\StartTileData.dll
2020-09-10 16:38 - 2020-09-10 16:38 - 003985920 _____ (Microsoft Corporation) C:\Windows\system32\tellib.dll
2020-09-10 16:38 - 2020-09-10 16:38 - 003714048 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll
2020-09-10 16:38 - 2020-09-10 16:38 - 003581240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2020-09-10 16:38 - 2020-09-10 16:38 - 002711552 _____ (Microsoft Corporation) C:\Windows\system32\win32kbase.sys
2020-09-10 16:38 - 2020-09-10 16:38 - 002291712 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.onecore.dll
2020-09-10 16:38 - 2020-09-10 16:38 - 002060288 _____ (Microsoft Corporation) C:\Windows\system32\cdprt.dll
2020-09-10 16:38 - 2020-09-10 16:38 - 001942016 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2020-09-10 16:38 - 2020-09-10 16:38 - 001784832 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Input.Inking.dll
2020-09-10 16:38 - 2020-09-10 16:38 - 001767424 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2020-09-10 16:38 - 2020-09-10 16:38 - 001751040 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.desktop.dll
2020-09-10 16:38 - 2020-09-10 16:38 - 001746232 _____ (Microsoft Corporation) C:\Windows\system32\ContentDeliveryManager.Utilities.dll
2020-09-10 16:38 - 2020-09-10 16:38 - 001499136 _____ (Microsoft Corporation) C:\Windows\system32\TokenBroker.dll
2020-09-10 16:38 - 2020-09-10 16:38 - 001182720 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2020-09-10 16:38 - 2020-09-10 16:38 - 001182208 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Security.Authentication.Web.Core.dll
2020-09-10 16:38 - 2020-09-10 16:38 - 001149712 _____ (Microsoft Corporation) C:\Windows\system32\ApplyTrustOffline.exe
2020-09-10 16:38 - 2020-09-10 16:38 - 001008952 _____ (Microsoft Corporation) C:\Windows\system32\CloudExperienceHostCommon.dll
2020-09-10 16:38 - 2020-09-10 16:38 - 000981320 _____ (Microsoft Corporation) C:\Windows\system32\WWAHost.exe
2020-09-10 16:38 - 2020-09-10 16:38 - 000978232 _____ (Microsoft Corporation) C:\Windows\system32\PCPKsp.dll
2020-09-10 16:38 - 2020-09-10 16:38 - 000874296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms2.sys
2020-09-10 16:38 - 2020-09-10 16:38 - 000841216 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2020-09-10 16:38 - 2020-09-10 16:38 - 000817152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2020-09-10 16:38 - 2020-09-10 16:38 - 000750080 _____ (Microsoft Corporation) C:\Windows\system32\ActivationManager.dll
2020-09-10 16:38 - 2020-09-10 16:38 - 000722072 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2020-09-10 16:38 - 2020-09-10 16:38 - 000648192 _____ (Microsoft Corporation) C:\Windows\system32\cdpsvc.dll
2020-09-10 16:38 - 2020-09-10 16:38 - 000555320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Vid.sys
2020-09-10 16:38 - 2020-09-10 16:38 - 000521728 _____ (Microsoft Corporation) C:\Windows\system32\cdpusersvc.dll
2020-09-10 16:38 - 2020-09-10 16:38 - 000441152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2020-09-10 16:38 - 2020-09-10 16:38 - 000434176 _____ (Microsoft Corporation) C:\Windows\system32\MicrosoftAccountExtension.dll
2020-09-10 16:38 - 2020-09-10 16:38 - 000379904 _____ (Microsoft Corporation) C:\Windows\system32\provengine.dll
2020-09-10 16:38 - 2020-09-10 16:38 - 000375096 _____ (Microsoft Corporation) C:\Windows\system32\thumbcache.dll
2020-09-10 16:38 - 2020-09-10 16:38 - 000294400 _____ (Microsoft Corporation) C:\Windows\system32\provops.dll
2020-09-10 16:38 - 2020-09-10 16:38 - 000279552 _____ (Microsoft Corporation) C:\Windows\system32\smbwmiv2.dll
2020-09-10 16:38 - 2020-09-10 16:38 - 000273208 _____ (Microsoft Corporation) C:\Windows\system32\CloudExperienceHostUser.dll
2020-09-10 16:38 - 2020-09-10 16:38 - 000271872 _____ (Microsoft Corporation) C:\Windows\system32\provhandlers.dll
2020-09-10 16:38 - 2020-09-10 16:38 - 000265216 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2020-09-10 16:38 - 2020-09-10 16:38 - 000250680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tpm.sys
2020-09-10 16:38 - 2020-09-10 16:38 - 000233472 _____ (Microsoft Corporation) C:\Windows\system32\KnobsCore.dll
2020-09-10 16:38 - 2020-09-10 16:38 - 000232960 _____ (Microsoft Corporation) C:\Windows\system32\provisioningcsp.dll
2020-09-10 16:38 - 2020-09-10 16:38 - 000224072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelppm.sys
2020-09-10 16:38 - 2020-09-10 16:38 - 000208712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\processr.sys
2020-09-10 16:38 - 2020-09-10 16:38 - 000201728 _____ (Microsoft Corporation) C:\Windows\system32\AppXApplicabilityBlob.dll
2020-09-10 16:38 - 2020-09-10 16:38 - 000201544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdppm.sys
2020-09-10 16:38 - 2020-09-10 16:38 - 000200008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdk8.sys
2020-09-10 16:38 - 2020-09-10 16:38 - 000160256 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2020-09-10 16:38 - 2020-09-10 16:38 - 000150528 _____ (Microsoft Corporation) C:\Windows\system32\mapistub.dll
2020-09-10 16:38 - 2020-09-10 16:38 - 000150528 _____ (Microsoft Corporation) C:\Windows\system32\mapi32.dll
2020-09-10 16:38 - 2020-09-10 16:38 - 000142152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\stornvme.sys
2020-09-10 16:38 - 2020-09-10 16:38 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\UtcDecoderHost.exe
2020-09-10 16:38 - 2020-09-10 16:38 - 000120320 _____ (Microsoft Corporation) C:\Windows\system32\KnobsCsp.dll
2020-09-10 16:38 - 2020-09-10 16:38 - 000108032 _____ (Microsoft Corporation) C:\Windows\system32\wwanprotdim.dll
2020-09-10 16:38 - 2020-09-10 16:38 - 000102912 _____ (Microsoft Corporation) C:\Windows\system32\NFCProvisioningPlugin.dll
2020-09-10 16:38 - 2020-09-10 16:38 - 000097792 _____ (Microsoft Corporation) C:\Windows\system32\provdatastore.dll
2020-09-10 16:38 - 2020-09-10 16:38 - 000091136 _____ (Microsoft Corporation) C:\Windows\system32\ProvPluginEng.dll
2020-09-10 16:38 - 2020-09-10 16:38 - 000089088 _____ (Microsoft Corporation) C:\Windows\system32\BarcodeProvisioningPlugin.dll
2020-09-10 16:38 - 2020-09-10 16:38 - 000084480 _____ (Microsoft Corporation) C:\Windows\system32\provtool.exe
2020-09-10 16:38 - 2020-09-10 16:38 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\CustomInstallExec.exe
2020-09-10 16:38 - 2020-09-10 16:38 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\RemovableMediaProvisioningPlugin.dll
2020-09-10 16:38 - 2020-09-10 16:38 - 000064000 _____ (Microsoft Corporation) C:\Windows\system32\tbauth.dll
2020-09-10 16:38 - 2020-09-10 16:38 - 000059192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storufs.sys
2020-09-10 16:38 - 2020-09-10 16:38 - 000036864 _____ (Microsoft Corporation) C:\Windows\system32\TokenBrokerCookies.exe
2020-09-10 16:38 - 2020-09-10 16:38 - 000036352 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BtaMPM.sys
2020-09-10 16:38 - 2020-09-10 16:38 - 000033792 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Management.Provisioning.ProxyStub.dll
2020-09-10 16:38 - 2020-09-10 16:38 - 000031232 _____ (Microsoft Corporation) C:\Windows\system32\FaxPrinterInstaller.dll
2020-09-10 16:38 - 2020-09-10 16:38 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\KNetPwrDepBroker.sys
2020-09-10 16:38 - 2020-09-10 16:38 - 000021504 _____ (Microsoft Corporation) C:\Windows\system32\provdiagnostics.dll
2020-09-10 16:38 - 2020-09-10 16:38 - 000021504 _____ (Microsoft Corporation) C:\Windows\system32\fixmapi.exe
2020-09-10 00:28 - 2020-09-10 00:31 - 000000000 ____D C:\AdwCleaner
2020-09-10 00:12 - 2020-08-15 07:25 - 000492544 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2020-09-10 00:12 - 2020-08-15 07:15 - 000390656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2020-08-23 04:53 - 2020-09-11 16:57 - 000002440 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2020-08-23 04:53 - 2020-08-24 16:01 - 000003652 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2020-08-23 04:53 - 2020-08-24 16:01 - 000003528 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore

==================== Un mes (modificado) ==================

(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)

2020-09-19 16:17 - 2020-04-05 02:14 - 000000000 ____D C:\Windows\system32\SleepStudy
2020-09-19 16:16 - 2019-03-19 06:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-09-19 16:03 - 2020-04-06 01:22 - 000000000 ____D C:\Program Files (x86)\Steam
2020-09-19 16:00 - 2020-04-05 02:56 - 000000000 __SHD C:\Users\dcd_9\IntelGraphicsProfiles
2020-09-19 03:37 - 2019-03-19 06:50 - 000000000 ____D C:\Windows\INF
2020-09-19 03:25 - 2020-04-06 01:11 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2020-09-19 03:25 - 2020-04-05 02:56 - 000000000 ____D C:\Intel
2020-09-19 03:25 - 2020-04-05 02:14 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2020-09-19 03:24 - 2019-03-19 06:37 - 000786432 _____ C:\Windows\system32\config\BBI
2020-09-19 02:00 - 2020-04-06 01:11 - 000000000 ____D C:\Users\dcd_9\AppData\Roaming\TeamViewer
2020-09-19 01:55 - 2020-04-05 03:13 - 000000000 ____D C:\Windows\Panther
2020-09-19 01:54 - 2020-04-05 22:42 - 000000000 ____D C:\Users\dcd_9\AppData\Local\CrashDumps
2020-09-19 01:52 - 2019-03-19 06:52 - 000000000 ___HD C:\Windows\ELAMBKUP
2020-09-19 01:42 - 2020-04-05 21:31 - 000000000 ____D C:\Users\dcd_9\AppData\Roaming\WhatsApp
2020-09-18 23:02 - 2019-03-19 06:52 - 000000000 ____D C:\Windows\AppReadiness
2020-09-18 20:58 - 2020-04-15 11:20 - 000000000 ____D C:\Users\dcd_9\AppData\Roaming\vlc
2020-09-17 23:38 - 2019-03-19 06:52 - 000000000 ___HD C:\Program Files\WindowsApps
2020-09-16 17:03 - 2020-04-05 22:35 - 000002451 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2020-09-16 17:03 - 2020-04-05 22:35 - 000002450 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2020-09-16 17:03 - 2020-04-05 22:35 - 000002414 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2020-09-16 17:03 - 2020-04-05 22:35 - 000002413 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2020-09-16 17:03 - 2020-04-05 22:35 - 000002407 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2020-09-16 17:03 - 2020-04-05 22:35 - 000002401 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
2020-09-16 17:03 - 2020-04-05 22:35 - 000002393 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote.lnk
2020-09-16 17:03 - 2020-04-05 22:18 - 000000000 ____D C:\Program Files\Microsoft Office
2020-09-15 16:50 - 2020-04-05 16:49 - 000000000 ____D C:\Users\dcd_9\AppData\LocalLow\Mozilla
2020-09-15 16:39 - 2020-04-10 05:22 - 000000000 ____D C:\Program Files\Mozilla Firefox
2020-09-15 16:33 - 2020-04-05 02:46 - 000000000 ____D C:\Users\dcd_9
2020-09-14 23:43 - 2020-04-05 02:48 - 000000000 ____D C:\Users\dcd_9\AppData\Local\Packages
2020-09-14 21:29 - 2020-04-05 02:32 - 001684180 _____ C:\Windows\system32\PerfStringBackup.INI
2020-09-14 21:29 - 2019-03-19 13:59 - 000753744 _____ C:\Windows\system32\perfh00A.dat
2020-09-14 21:29 - 2019-03-19 13:59 - 000148288 _____ C:\Windows\system32\perfc00A.dat
2020-09-14 21:28 - 2020-04-05 23:46 - 000000000 ____D C:\Users\dcd_9\AppData\Roaming\Telegram Desktop
2020-09-14 21:20 - 2020-04-05 22:34 - 000000000 ____D C:\Users\dcd_9\AppData\Roaming\qBittorrent
2020-09-14 20:36 - 2020-04-09 18:10 - 000000000 ____D C:\Users\dcd_9\AppData\Roaming\TeraCopy
2020-09-12 02:15 - 2020-05-07 21:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2020-09-12 02:15 - 2020-05-07 21:03 - 000000000 ____D C:\Program Files (x86)\HP
2020-09-11 20:54 - 2020-04-06 01:06 - 000000000 ___RD C:\Users\dcd_9\Creative Cloud Files
2020-09-11 00:01 - 2020-04-05 02:48 - 000000000 __RHD C:\Users\Public\AccountPictures
2020-09-11 00:01 - 2020-04-05 02:48 - 000000000 ___RD C:\Users\dcd_9\3D Objects
2020-09-10 23:58 - 2020-04-05 02:14 - 000472480 _____ C:\Windows\system32\FNTCACHE.DAT
2020-09-10 23:50 - 2019-03-19 14:01 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2020-09-10 23:50 - 2019-03-19 06:52 - 000000000 ___SD C:\Windows\system32\DiagSvcs
2020-09-10 23:50 - 2019-03-19 06:52 - 000000000 ___RD C:\Windows\PrintDialog
2020-09-10 23:50 - 2019-03-19 06:52 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2020-09-10 23:50 - 2019-03-19 06:52 - 000000000 ____D C:\Windows\SystemResources
2020-09-10 23:50 - 2019-03-19 06:52 - 000000000 ____D C:\Windows\system32\oobe
2020-09-10 23:50 - 2019-03-19 06:52 - 000000000 ____D C:\Windows\system32\migwiz
2020-09-10 23:50 - 2019-03-19 06:52 - 000000000 ____D C:\Windows\ShellExperiences
2020-09-10 23:50 - 2019-03-19 06:52 - 000000000 ____D C:\Windows\Provisioning
2020-09-10 23:50 - 2019-03-19 06:52 - 000000000 ____D C:\Windows\PolicyDefinitions
2020-09-10 23:50 - 2019-03-19 06:52 - 000000000 ____D C:\Windows\bcastdvr
2020-09-10 23:41 - 2020-04-09 16:47 - 000002299 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-09-10 23:41 - 2020-04-09 16:47 - 000002258 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-09-10 23:37 - 2020-04-05 02:55 - 000003378 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2889404154-267517090-4050638038-1001
2020-09-10 23:37 - 2020-04-05 02:55 - 000000000 ___RD C:\Users\dcd_9\OneDrive
2020-09-10 23:37 - 2020-04-05 02:46 - 000002397 _____ C:\Users\dcd_9\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-09-10 16:57 - 2019-03-19 06:37 - 000000000 ____D C:\Windows\CbsTemp
2020-09-10 16:38 - 2020-04-05 02:17 - 002876416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2020-09-10 01:32 - 2020-04-08 00:12 - 000000000 ____D C:\Windows\system32\MRT
2020-09-10 00:54 - 2020-04-08 00:11 - 129170736 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2020-09-08 16:40 - 2020-07-14 19:40 - 004687416 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2020-09-08 16:40 - 2020-06-12 00:10 - 000842296 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerApp.exe
2020-09-08 16:40 - 2020-06-12 00:10 - 000175160 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2020-09-08 16:40 - 2020-04-09 20:18 - 000004584 _____ C:\Windows\system32\Tasks\Adobe Flash Player PPAPI Notifier
2020-09-08 16:40 - 2019-03-19 06:52 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2020-09-08 16:40 - 2019-03-19 06:52 - 000000000 ____D C:\Windows\system32\Macromed
2020-09-04 01:50 - 2020-04-06 00:57 - 000000000 ____D C:\Program Files\Adobe
2020-08-29 16:11 - 2020-04-05 02:15 - 000000000 ____D C:\Windows\system32\Drivers\wd

==================== Archivos en la raíz de algunos directorios ========

2020-04-27 03:46 - 2020-04-27 03:46 - 000000703 _____ () C:\Users\dcd_9\AppData\Roaming\codec.dll
2020-04-05 23:05 - 2020-04-05 23:05 - 000000000 _____ () C:\Users\dcd_9\AppData\Local\oobelibMkey.log

==================== SigCheck ============================

(No existe una corrección automática para los archivos que no pasan la verificación.)

==================== Final de FRST.txt ========================
Resultados del Análisis Adicional de Farbar Recovery Scan Tool (x64) Versión: 19-09-2020
Ejecutado por dcd_9 (19-09-2020 16:21:18)
Ejecutado desde C:\Users\dcd_9\OneDrive\Desktop
Windows 10 Pro Versión 1909 18363.1082 (X64) (2020-04-05 00:31:22)
Modo de Inicio: Normal
==========================================================


==================== Cuentas: =============================

Administrador (S-1-5-21-2889404154-267517090-4050638038-500 - Administrator - Disabled)
dcd_9 (S-1-5-21-2889404154-267517090-4050638038-1001 - Administrator - Enabled) => C:\Users\dcd_9
DefaultAccount (S-1-5-21-2889404154-267517090-4050638038-503 - Limited - Disabled)
Invitado (S-1-5-21-2889404154-267517090-4050638038-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-2889404154-267517090-4050638038-504 - Limited - Disabled)

==================== Centro de Seguridad ========================

(Si una entrada es incluida en el fixlist, será eliminada.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}

==================== Programas instalados ======================

(Solo los programas de adware con indicador "Oculto", pueden ser añadidos al fixlist para hacerlos visibles. Los programas adware deben ser desinstalados manualmente.)

64 Bit HP CIO Components Installer (HKLM\...\{FF21C3E6-97FD-474F-9518-8DCBE94C2854}) (Version: 7.2.8 - Hewlett-Packard) Hidden
Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 20.006.20034 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 5.2.1.441 - Adobe Systems Incorporated)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.433 - Adobe)
Adobe Photoshop 2020 (HKLM-x32\...\PHSP_21_1_1) (Version: 21.1.1 - Adobe Inc.)
Air Explorer Pro (HKLM-x32\...\Air Explorer Pro) (Version: 2.8.1 - airexplorer.net)
Aplicaciones de Microsoft 365 para empresas - es-es (HKLM\...\O365ProPlusRetail - es-es) (Version: 16.0.13127.20408 - Microsoft Corporation)
BufferChm (HKLM-x32\...\{FA0FF682-CC70-4C57-93CD-E276F3E7537E}) (Version: 140.0.298.000 - Hewlett-Packard) Hidden
Camtasia 9 (HKLM\...\{33E08945-3D7B-40BB-B34F-1A3C8B9650DE}) (Version: 9.1.2.3011 - TechSmith Corporation) Hidden
Camtasia 9 (HKLM-x32\...\{34ab05ac-3089-417f-828e-c2da3d5b4e09}) (Version: 9.1.2.3011 - TechSmith Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 5.68 - Piriform)
Configurador FNMT (HKLM-x32\...\ConfiguradorFnmt) (Version: 1.0.2 - FNMT-RCM)
Copy (HKLM-x32\...\{9BE466FF-70B7-4DA8-807C-DB4C3610FDAA}) (Version: 140.0.298.000 - Hewlett-Packard) Hidden
Destinations (HKLM-x32\...\{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}) (Version: 140.0.253.000 - Hewlett-Packard) Hidden
DeviceDiscovery (HKLM-x32\...\{1458BB78-1DC5-4BC0-B9A3-2B644F5A8105}) (Version: 140.0.298.000 - Hewlett-Packard) Hidden
DJ_AIO_06_F2400_SW_Min (HKLM-x32\...\{D1E8CEBA-EC2B-4B37-97B8-C87AF6302601}) (Version: 140.0.851.000 - Hewlett-Packard) Hidden
F2400 (HKLM-x32\...\{60F0F139-0C04-4D9C-9C6C-DEF35766BAB3}) (Version: 140.0.851.000 - Hewlett-Packard) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 85.0.4183.102 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
GPBaseService2 (HKLM-x32\...\{BB3447F6-9553-4AA9-960E-0DB5310C5779}) (Version: 140.0.297.000 - Hewlett-Packard) Hidden
Greenshot 1.2.10.6 (HKLM\...\Greenshot_is1) (Version: 1.2.10.6 - Greenshot)
HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)
HP Deskjet F2400 All-in-One Driver Software 14.0 Rel. 6 (HKLM\...\{BCDD692B-172D-440A-9A1B-501C71D72CC8}) (Version: 14.0 - HP)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPPhotoGadget (HKLM-x32\...\{CAE4213F-F797-439D-BD9E-79B71D115BE3}) (Version: 140.0.524.000 - Hewlett-Packard) Hidden
HPProductAssistant (HKLM-x32\...\{150B6201-E9E6-4DFB-960E-CCBD53FBDDED}) (Version: 140.0.298.000 - Hewlett-Packard) Hidden
IBM SPSS Statistics 25 (HKLM\...\{C2D1E17D-CB8A-4742-84FA-1DB5C6A1ABDD}) (Version: 25.0.0.0 - IBM Corp)
Java 8 Update 261 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180261F0}) (Version: 8.0.2610.12 - Oracle Corporation)
Malwarebytes version 4.2.1.89 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.2.1.89 - Malwarebytes)
MarketResearch (HKLM-x32\...\{D360FA88-17C8-4F14-B67F-13AAF9607B12}) (Version: 140.0.212.000 - Hewlett-Packard) Hidden
MediaInfo 20.03 (HKLM\...\MediaInfo) (Version: 20.03 - MediaArea.net)
MEGAsync (HKLM-x32\...\MEGAsync) (Version:  - Mega Limited)
Mendeley Desktop 1.19.4 (HKLM-x32\...\Mendeley Desktop) (Version: 1.19.4 - Mendeley Ltd.)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 85.0.564.51 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.135.29 - )
Microsoft OneDrive (HKU\S-1-5-21-2889404154-267517090-4050638038-1001\...\OneDriveSetup.exe) (Version: 20.143.0716.0003 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-2889404154-267517090-4050638038-1001\...\Teams) (Version: 1.3.00.362 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.23.27820 (HKLM-x32\...\{852adda4-4c78-4a38-b583-c0b360a329d6}) (Version: 14.23.27820.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.23.27820 (HKLM-x32\...\{45231ab4-69fd-486a-859d-7a59fcd11013}) (Version: 14.23.27820.0 - Microsoft Corporation)
Mozilla Firefox 75.0 (x64 es-ES) (HKLM\...\Mozilla Firefox 75.0 (x64 es-ES)) (Version: 75.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 74.0.1 - Mozilla)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.13127.20164 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.13127.20378 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0C0A-1000-0000000FF1CE}) (Version: 16.0.13127.20164 - Microsoft Corporation) Hidden
qBittorrent 4.2.5 (HKLM-x32\...\qBittorrent) (Version: 4.2.5 - The qBittorrent project)
QuickTransfer (HKLM-x32\...\{E517094C-06B6-419F-8FFD-EF4F57972130}) (Version: 140.0.98.000 - Hewlett-Packard) Hidden
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10586.31225 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.8924.1 - Realtek Semiconductor Corp.)
Scan (HKLM-x32\...\{06A1D88C-E102-4527-AF70-29FFD7AF215A}) (Version: 140.0.253.000 - Hewlett-Packard) Hidden
SolutionCenter (HKLM-x32\...\{BC5DD87B-0143-4D14-AAE6-97109614DC6B}) (Version: 140.0.299.000 - Hewlett-Packard) Hidden
Status (HKLM-x32\...\{5B025634-7D5B-4B8D-BE2A-7943C1CF2D5D}) (Version: 140.0.342.000 - Hewlett-Packard) Hidden
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.4.3.191 - Synaptics Incorporated)
Teams Machine-Wide Installer (HKLM-x32\...\{731F6BAA-A986-45A4-8936-7C3AAAAA760B}) (Version: 1.3.0.362 - Microsoft Corporation)
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.7.6 - TeamViewer)
Telegram Desktop version 2.3.1 (HKU\S-1-5-21-2889404154-267517090-4050638038-1001\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 2.3.1 - Telegram FZ-LLC)
TeraCopy version 3.26 (HKLM\...\TeraCopy_is1) (Version: 3.26 - Code Sector)
Toolbox (HKLM-x32\...\{292F0F52-B62D-4E71-921B-89A682402201}) (Version: 140.0.596.000 - Hewlett-Packard) Hidden
TrayApp (HKLM-x32\...\{CD31E63D-47FD-491C-8117-CF201D0AFAB5}) (Version: 140.0.297.000 - Hewlett-Packard) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.11 - VideoLAN)
WebReg (HKLM-x32\...\{8EE94FD8-5F52-4463-A340-185D16328158}) (Version: 140.0.297.017 - Hewlett-Packard) Hidden
WhatsApp (HKU\S-1-5-21-2889404154-267517090-4050638038-1001\...\WhatsApp) (Version: 2.2037.6 - WhatsApp)
WinRAR 5.90 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.90.0 - win.rar GmbH)
Zoom (HKU\S-1-5-21-2889404154-267517090-4050638038-1001\...\ZoomUMX) (Version: 4.6 - Zoom Video Communications, Inc.)

Packages:
=========
Acrobat Notification Client -> C:\Program Files\WindowsApps\AcrobatNotificationClient_1.0.4.0_x86__e1rzdqpraam7r [2020-04-17] (Adobe Systems Incorporated)
Adobe Notification Client -> C:\Program Files\WindowsApps\AdobeNotificationClient_2.0.1.8_x86__enpm4xejd91yc [2020-08-17] (Adobe Systems Incorporated)
Centro de comando de gráficos Intel® -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.2765.0_x64__8j3eq9eme6ctt [2020-08-27] (INTEL CORP) [Startup Task]
Farming Simulator 16 -> C:\Program Files\WindowsApps\GIANTSSoftware.FarmingSimulator16_1.1.2.8_x86__fa8jxm5fj0esw [2020-06-22] (GIANTS Software)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_115.1.152.0_x64__v10z8vjag6ke6 [2020-05-29] (HP Inc.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2020-04-07] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2020-04-07] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.7.8101.0_x64__8wekyb3d8bbwe [2020-08-20] (Microsoft Studios) [MS Ad]

==================== Personalizado CLSID (Lista blanca): ==============

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

CustomCLSID: HKU\S-1-5-21-2889404154-267517090-4050638038-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-F1127A27E882} -> [Creative Cloud Files] => C:\Users\dcd_9\Creative Cloud Files [2020-04-06 01:06]
CustomCLSID: HKU\S-1-5-21-2889404154-267517090-4050638038-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\dcd_9\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.19317.2\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2889404154-267517090-4050638038-1001_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> C:\Users\dcd_9\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.19317.2\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2889404154-267517090-4050638038-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Inc. -> Adobe Systems)
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\dcd_9\AppData\Local\MEGAsync\ShellExtX64.dll [2020-06-10] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\dcd_9\AppData\Local\MEGAsync\ShellExtX64.dll [2020-06-10] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\dcd_9\AppData\Local\MEGAsync\ShellExtX64.dll [2020-06-10] (Mega Limited -> )
ShellIconOverlayIdentifiers: [   AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2020-08-20] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [   AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2020-08-20] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [   AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2020-08-20] (Adobe Inc. -> )
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2020-08-20] (Adobe Inc. -> )
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2020-02-05] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\dcd_9\AppData\Local\MEGAsync\ShellExtX64.dll [2020-06-10] (Mega Limited -> )
ContextMenuHandlers1: [TeraCopy] -> {A8005AF0-D6E8-48AF-8DFA-023B1CF660A7} => C:\Program Files\TeraCopy\TeraCopyExt.dll [2016-12-07] (Code Sector -> )
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-03-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-03-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\dcd_9\AppData\Local\MEGAsync\ShellExtX64.dll [2020-06-10] (Mega Limited -> )
ContextMenuHandlers2: [TeraCopy] -> {A8005AF0-D6E8-48AF-8DFA-023B1CF660A7} => C:\Program Files\TeraCopy\TeraCopyExt.dll [2016-12-07] (Code Sector -> )
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-09-19] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\dcd_9\AppData\Local\MEGAsync\ShellExtX64.dll [2020-06-10] (Mega Limited -> )
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\dcd_9\AppData\Local\MEGAsync\ShellExtX64.dll [2020-06-10] (Mega Limited -> )
ContextMenuHandlers4: [TeraCopy] -> {A8005AF0-D6E8-48AF-8DFA-023B1CF660A7} => C:\Program Files\TeraCopy\TeraCopyExt.dll [2016-12-07] (Code Sector -> )
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2020-08-20] (Adobe Inc. -> )
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2020-02-05] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-09-19] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [TeraCopy] -> {A8005AF0-D6E8-48AF-8DFA-023B1CF660A7} => C:\Program Files\TeraCopy\TeraCopyExt.dll [2016-12-07] (Code Sector -> )
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-03-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-03-26] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Lista blanca) ====================

==================== Accesos directos & WMI ========================

==================== Módulos cargados (Lista blanca) =============

2020-02-05 00:21 - 2020-02-05 00:21 - 000010240 _____ () [Archivo no firmado] C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\locale\es_es\acrotray.esp
2020-02-05 00:21 - 2020-02-05 00:21 - 000021504 _____ (Adobe Systems Inc.) [Archivo no firmado] C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\locale\es_es\Acrobat Elements\ContextMenuShim64.esp
2020-04-28 05:05 - 2020-04-28 05:05 - 006164600 _____ (The Qt Company Oy -> The Qt Company Ltd.) [Archivo no firmado] C:\Users\dcd_9\AppData\Local\MEGAsync\Qt5Core.dll

==================== Alternate Data Streams (Lista blanca) ========

==================== Modo Seguro (Lista blanca) ==================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El "AlternateShell" será restaurado.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Asociación (Lista blanca) =================

==================== Internet Explorer (Lista blanca) ==========

HKU\S-1-5-21-2889404154-267517090-4050638038-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://go.microsoft.com/fwlink/p/?LinkId=620947&OCID=AVRES000&pc=UE00
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2020-09-16] (Microsoft Corporation -> Microsoft Corporation)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2020-02-05] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2020-02-05] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2020-09-16] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_261\bin\ssv.dll [2020-08-15] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2020-02-05] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_261\bin\jp2ssv.dll [2020-08-15] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2020-02-05] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2020-02-05] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2020-02-05] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-09-16] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-09-16] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-09-16] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-09-16] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-09-16] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-09-16] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-09-16] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-09-16] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts contenido: =========================

(Si es necesario, la directiva Hosts: puede ser incluida en el fixlist para restablecer Hosts.)

2019-03-19 06:49 - 2020-06-08 06:40 - 000000853 _____ C:\Windows\system32\drivers\etc\hosts
0.0.0.0 www.airexplorer.net

==================== Otras Áreas ===========================

(Actualmente no existe una corrección automática para esta sección.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\IBM\SPSS\Statistics\25\JRE\bin
HKU\S-1-5-21-2889404154-267517090-4050638038-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\dcd_9\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\nier automata 2.jpg
DNS Servers: 80.58.61.254 - 80.58.61.250
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Firewall de Windows está habilitado.

==================== MSCONFIG/TASK MANAGER elementos deshabilitados ==

(Si una entrada es incluida en el fixlist, será eliminada.)

HKLM\...\StartupApproved\StartupFolder: => "HP Digital Imaging Monitor.lnk"
HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKLM\...\StartupApproved\Run32: => "HP Software Update"
HKU\S-1-5-21-2889404154-267517090-4050638038-1001\...\StartupApproved\StartupFolder: => "Enviar a OneNote.lnk"
HKU\S-1-5-21-2889404154-267517090-4050638038-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2889404154-267517090-4050638038-1001\...\StartupApproved\Run: => "com.squirrel.Teams.Teams"
HKU\S-1-5-21-2889404154-267517090-4050638038-1001\...\StartupApproved\Run: => "CCXProcess"

==================== Reglas de firewall (Lista blanca) ================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

FirewallRules: [{55F39F84-4540-4366-A64C-18546BAD7D5C}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{FCE85657-86D2-4BA0-B612-6AF6022E7DA6}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{79E83819-D479-4348-AFBB-12E11CC9DB2C}] => (Allow) LPort=8318
FirewallRules: [{27C87623-A975-4F62-9A39-BD0546505366}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{08C6AAB3-A819-41A5-AD20-3642BA52DD53}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{5A5C2B50-2DDD-4352-8D73-039E0DF7932C}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{0F019902-DF2C-4D2D-87AD-5A2CE0D4D055}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{A6571A01-7F61-4C24-BF06-E6961C028071}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{E3BD07A7-48C8-40FE-997A-863B688EF3C3}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{9559F727-5AFC-4A9B-B78A-94EA4A9A15AE}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => Ningún archivo
FirewallRules: [{6D718965-AF39-42DA-9D73-4C15BBC8869E}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => Ningún archivo
FirewallRules: [{8A25BDFB-0DC7-433B-B684-DED4D464B411}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{DB021BAB-4744-4AEE-8335-0298DA381183}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{75323ECD-DC03-4FA5-A59C-C4D3AE92E1E4}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\25\stats.exe (IBM -> IBM Corp.) [Archivo no firmado]
FirewallRules: [{95A51C12-946F-458A-A205-5A36E7266DE9}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\25\stats.com (IBM -> IBM Corp.) [Archivo no firmado]
FirewallRules: [{4C562BB0-2BEE-438B-9A24-FE33A594AD1F}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\25\WinWrapIDE.exe (IBM -> IBM Corp.) [Archivo no firmado]
FirewallRules: [{07451F04-3C55-421A-9379-33DD5C0244AD}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\25\stats.exe (IBM -> IBM Corp.) [Archivo no firmado]
FirewallRules: [{923EC441-833C-4262-B31C-E0FC44F1717F}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\25\stats.com (IBM -> IBM Corp.) [Archivo no firmado]
FirewallRules: [{374F4C8B-04CD-4803-B364-D16F60BCFC38}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\25\WinWrapIDE.exe (IBM -> IBM Corp.) [Archivo no firmado]
FirewallRules: [{E2ABE012-2ADA-4006-89E4-92457AE1B501}] => (Block) C:\Program Files\IBM\SPSS\Statistics\25\licenseactivator.exe (IBM Corp.) [Archivo no firmado]
FirewallRules: [{56C3B53B-0A40-49A5-827E-B63F83F4E54E}] => (Block) C:\Program Files\IBM\SPSS\Statistics\25\licenseactivator.exe (IBM Corp.) [Archivo no firmado]
FirewallRules: [TCP Query User{B7111461-684E-41DF-B2A1-7B2C606862F4}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{A90248B4-491D-43D0-939D-16C29686E022}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{5D15746E-631D-403E-AE2E-37DD4535D561}] => (Allow) C:\Users\dcd_9\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{CDA417FF-6285-49B2-9A6E-902D5E320286}] => (Allow) C:\Users\dcd_9\AppData\Roaming\Zoom\bin\airhost.exe => Ningún archivo
FirewallRules: [{529D8833-994C-4F26-97AE-9B55FD068D22}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe () [Archivo no firmado]
FirewallRules: [{8F247AAB-2F2B-47F4-B27E-8C55BE6E67D6}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe () [Archivo no firmado]
FirewallRules: [{DB0D51B6-611A-4944-9809-06604D43ED23}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{4498D12B-DBE6-4F64-8D25-239B1966B0E7}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{BEF30C21-8D07-4285-964A-FD6004E93992}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{897132E6-5916-48DA-845C-B937ACCE3316}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{F41937EC-687C-48AC-B387-202FD194A96B}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{EA87E815-1E67-43E3-A3ED-22BAC23BB8B8}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{139D5CE8-DD8B-4A35-BC1A-26B734E44BB4}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{60D30D5A-0A42-4315-BCEA-86606B1706FD}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{996CCAD4-80F3-47B6-A9F2-0D4ABB5035CE}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{DC88A36C-DFA0-4BE2-A1A8-7B686EE7FA31}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)

==================== Puntos de Restauración =========================

14-09-2020 21:06:24 ZHPcleaner
19-09-2020 02:24:51 ZHPcleaner

==================== Dispositivos defectuosos en el Administrador de dispositivos ============


==================== Errores del registro de eventos: ========================

Errores de aplicación:
==================
Error: (09/19/2020 03:27:11 AM) (Source: CertEnroll) (EventID: 87) (User: NT AUTHORITY)
Description: Error en la inscripción de certificados de SCEP para WORKGROUP\DESKTOP-12LII22$ a través de https://IFX-KeyId-5c2920742179bc704db1d8c54c34ca94405617ca.microsoftaik.azure.net/templates/Aik/scep:

SubmitDone
Submit(Request): Bad Request
{"Message":"Attestation statement cannot be verified, rejecting request. TPM firmware needs update."}
HTTP/1.1 400 Bad Request
Date: Sat, 19 Sep 2020 01:27:12 GMT
Content-Length: 101
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: ec32aef2-7fbf-4c39-b304-fb57d0fac40f

Método: POST(9094ms)
Fase: SubmitDone
Solicitud incorrecta (400). 0x80190190 (-2145844848 HTTP_E_STATUS_BAD_REQUEST)

Error: (09/19/2020 03:24:42 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Error del Servicio de instantáneas de volumen: error inesperado al llamar a la rutina CoCreateInstance. HR = 0x8007045b, Se está cerrando el sistema.
.

Error: (09/19/2020 03:24:42 AM) (Source: VSS) (EventID: 13) (User: )
Description: Información del Servicio de instantáneas de volumen: el servidor COM con CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} y el nombre CEventSystem no puede iniciarse. [0x8007045b, Se está cerrando el sistema.
]

Error: (09/19/2020 02:11:28 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: El programa AcrobatNotificationClient.exe (versión 0.0.0.0) dejó de interactuar con Windows y se cerró. Para ver si hay más información disponible sobre el problema, comprueba el historial de problemas en el panel de control de seguridad y mantenimiento.

Id. de proceso: 2794

Hora de Inicio: 01d68e1940643e2b

Hora de finalización: 4294967295

Ruta de la aplicación: C:\Program Files\WindowsApps\AcrobatNotificationClient_1.0.4.0_x86__e1rzdqpraam7r\AcrobatNotificationClient.exe

Id. de informe: 385d20db-fe41-4c49-be68-d31ee78de277

Nombre completo del paquete con errores: AcrobatNotificationClient_1.0.4.0_x86__e1rzdqpraam7r

Id. de la aplicación relativa al paquete con errores: App

Tipo de bloqueo: Quiesce

Error: (09/19/2020 02:06:33 AM) (Source: CertEnroll) (EventID: 87) (User: NT AUTHORITY)
Description: Error en la inscripción de certificados de SCEP para WORKGROUP\DESKTOP-12LII22$ a través de https://IFX-KeyId-5c2920742179bc704db1d8c54c34ca94405617ca.microsoftaik.azure.net/templates/Aik/scep:

SubmitDone
Submit(Request): Bad Request
{"Message":"Attestation statement cannot be verified, rejecting request. TPM firmware needs update."}
HTTP/1.1 400 Bad Request
Date: Sat, 19 Sep 2020 00:06:32 GMT
Content-Length: 101
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: e19ac9dc-0092-4984-904e-330e30c01755

Método: POST(5890ms)
Fase: SubmitDone
Solicitud incorrecta (400). 0x80190190 (-2145844848 HTTP_E_STATUS_BAD_REQUEST)

Error: (09/19/2020 02:04:09 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Error del Servicio de instantáneas de volumen: error inesperado al llamar a la rutina CoCreateInstance. HR = 0x8007045b, Se está cerrando el sistema.
.

Error: (09/19/2020 02:04:09 AM) (Source: VSS) (EventID: 13) (User: )
Description: Información del Servicio de instantáneas de volumen: el servidor COM con CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} y el nombre CEventSystem no puede iniciarse. [0x8007045b, Se está cerrando el sistema.
]

Error: (09/19/2020 02:04:09 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Error del Servicio de instantáneas de volumen: error inesperado al llamar a la rutina CoCreateInstance. HR = 0x8007045b, Se está cerrando el sistema.
.


Errores del sistema:
=============
Error: (09/19/2020 04:04:59 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-12LII22)
Description: El servidor Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca no se registró con DCOM dentro del tiempo de espera requerido.

Error: (09/19/2020 04:00:59 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-12LII22)
Description: El servidor Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca no se registró con DCOM dentro del tiempo de espera requerido.

Error: (09/19/2020 03:31:10 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-12LII22)
Description: El servidor Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca no se registró con DCOM dentro del tiempo de espera requerido.

Error: (09/19/2020 03:28:15 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-12LII22)
Description: El servidor Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca no se registró con DCOM dentro del tiempo de espera requerido.

Error: (09/19/2020 02:36:06 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-12LII22)
Description: El servidor Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca no se registró con DCOM dentro del tiempo de espera requerido.

Error: (09/19/2020 02:10:59 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-12LII22)
Description: El servidor Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca no se registró con DCOM dentro del tiempo de espera requerido.

Error: (09/19/2020 02:09:44 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: El servicio Administrador de mapas descargados no respondió después de iniciar.

Error: (09/19/2020 02:08:04 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-12LII22)
Description: El servidor Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca no se registró con DCOM dentro del tiempo de espera requerido.


Windows Defender:
===================================
Date: 2020-09-19 03:28:21.348
Description: 
El acceso controlado a carpetas impidió que C:\Program Files\CCleaner\CCleaner64.exe realizara cambios en la memoria.
Tiempo de detección: 2020-09-19T01:28:21.320Z
Usuario: DESKTOP-12LII22\dcd_9
Ruta de acceso: \Device\Harddisk0\DR0
Nombre del proceso: C:\Program Files\CCleaner\CCleaner64.exe
Versión de inteligencia de seguridad: 1.323.1442.0
Versión del motor: 1.1.17400.5
Versión del producto: 4.18.2008.9

Date: 2020-09-19 02:08:21.563
Description: 
El acceso controlado a carpetas impidió que C:\Program Files\CCleaner\CCleaner64.exe realizara cambios en la memoria.
Tiempo de detección: 2020-09-19T00:08:21.558Z
Usuario: DESKTOP-12LII22\dcd_9
Ruta de acceso: \Device\Harddisk0\DR0
Nombre del proceso: C:\Program Files\CCleaner\CCleaner64.exe
Versión de inteligencia de seguridad: 1.323.1442.0
Versión del motor: 1.1.17400.5
Versión del producto: 4.18.2008.9

Date: 2020-09-19 01:33:01.485
Description: 
El acceso controlado a carpetas impidió que C:\Program Files\CCleaner\CCUpdate.exe realizara cambios en la memoria.
Tiempo de detección: 2020-09-18T23:33:01.484Z
Usuario: DESKTOP-12LII22\dcd_9
Ruta de acceso: \Device\Harddisk0\DR0
Nombre del proceso: C:\Program Files\CCleaner\CCUpdate.exe
Versión de inteligencia de seguridad: 1.323.1437.0
Versión del motor: 1.1.17400.5
Versión del producto: 4.18.2008.9

Date: 2020-09-19 01:31:12.762
Description: 
El acceso controlado a carpetas impidió que D:\Descargas\ccsetup568.exe realizara cambios en la memoria.
Tiempo de detección: 2020-09-18T23:31:12.746Z
Usuario: DESKTOP-12LII22\dcd_9
Ruta de acceso: \Device\Harddisk0\DR0
Nombre del proceso: D:\Descargas\ccsetup568.exe
Versión de inteligencia de seguridad: 1.323.1437.0
Versión del motor: 1.1.17400.5
Versión del producto: 4.18.2008.9

Date: 2020-09-18 00:07:23.149
Description: 
El examen de Antivirus de Windows Defender se detuvo antes de completarse.
Id. de examen: {4E05AA46-AA45-4A78-966C-9C2A3F9507CD}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM

Date: 2020-09-10 16:22:09.292
Description: 
Antivirus de Windows Defender detectó un error al intentar actualizar la inteligencia de seguridad.
Nueva versión de inteligencia de seguridad: 
Versión anterior de inteligencia de seguridad: 1.323.822.0
Origen de actualización: Servidor de Microsoft Update
Tipo de inteligencia de seguridad: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\SYSTEM
Versión actual del motor: 
Versión anterior del motor: 1.1.17400.5
Código de error: 0x80240016
Descripción del error: Se produjo un problema inesperado mientras se buscaban actualizaciones. Para obtener más información sobre cómo instalar o solucionar problemas en las actualizaciones, consulte Ayuda y soporte técnico. 

CodeIntegrity:
===================================

Date: 2020-09-19 03:25:55.727
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\spoolsv.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\AdobePDF.dll that did not meet the Unchecked signing level requirements.

Date: 2020-09-19 02:05:25.508
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\spoolsv.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\AdobePDF.dll that did not meet the Unchecked signing level requirements.

Date: 2020-09-19 01:45:16.784
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\spoolsv.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\AdobePDF.dll that did not meet the Unchecked signing level requirements.

Date: 2020-09-14 21:22:57.798
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\spoolsv.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\AdobePDF.dll that did not meet the Unchecked signing level requirements.

Date: 2020-09-10 23:58:06.143
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\spoolsv.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\AdobePDF.dll that did not meet the Unchecked signing level requirements.

Date: 2020-09-10 02:00:59.058
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\spoolsv.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\AdobePDF.dll that did not meet the Unchecked signing level requirements.

Date: 2020-09-10 00:36:04.273
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\spoolsv.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\AdobePDF.dll that did not meet the Unchecked signing level requirements.

Date: 2020-08-25 16:39:34.733
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\spoolsv.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\AdobePDF.dll that did not meet the Unchecked signing level requirements.

==================== Información de la memoria =========================== 

BIOS: TOSHIBA Version 7.60 11/02/2016
Placa base: TOSHIBA SATELLITE PRO R50-C
Procesador: Intel(R) Core(TM) i3-6006U CPU @ 2.00GHz
Porcentaje de memoria en uso: 50%
RAM física total: 8123.81 MB
RAM física disponible: 4019.37 MB
Virtual total: 14523.81 MB
Virtual disponible: 10123.27 MB

==================== Unidades ================================

Drive c: () (Fixed) (Total:324.44 GB) (Free:257.58 GB) NTFS
Drive d: (Datos) (Fixed) (Total:606.44 GB) (Free:571.62 GB) NTFS

\\?\Volume{8e3f1096-cba4-4317-a840-39b1247fade4}\ (Recuperación) (Fixed) (Total:0.52 GB) (Free:0.07 GB) NTFS
\\?\Volume{b2576818-bbe6-411f-8f34-83acda794be9}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Tabla de particiones ====================

==========================================================
Disk: 0 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)

Partition: GPT.

==================== Final de Addition.txt =======================

No he podido responder antes por la limitación de 11 mensajes por día.

Esta tarde me ha salido una nueva dirección de redireccionamiento: “https ://www2.central-1-adsrvtrk.io/redirect?target=”

Del Malwarebytes copié el informe antes de iniciar las acciones, lo que hice fue poner todo en cuarentena y luego eliminar todo (menos los hacks de Adobe, que como los quite, no puedo usar el Adobe Acrobat y me fastidia la existencia. Y los problemas los tengo de antes de instalarlo, así que no creo que sea culpa de ellos). Este es el informe correcto:

Malwarebytes
www.malwarebytes.com

-Detalles del registro-
Fecha del análisis: 19/9/20
Hora del análisis: 2:30
Archivo de registro: 583a6134-fa0f-11ea-b7dd-ec21e562d222.json

-Información del software-
Versión: 4.2.1.89
Versión de los componentes: 1.0.1045
Versión del paquete de actualización: 1.0.30055
Licencia: Prueba

-Información del sistema-
SO: Windows 10 (Build 18362.1082)
CPU: x64
Sistema de archivos: NTFS
Usuario: DESKTOP-12LII22\dcd_9

-Resumen del análisis-
Tipo de análisis: Análisis personalizado
Análisis iniciado por:: Manual
Resultado: Completado
Objetos analizados: 479506
Amenazas detectadas: 6
Amenazas en cuarentena: 4
Tiempo transcurrido: 47 min, 41 seg

-Opciones de análisis-
Memoria: Activado
Inicio: Activado
Sistema de archivos: Activado
Archivo: Activado
Rootkits: Desactivado
Heurística: Activado
PUP: Detectar
PUM: Detectar

-Detalles del análisis-
Proceso: 0
(No hay elementos maliciosos detectados)

Módulo: 0
(No hay elementos maliciosos detectados)

Clave del registro: 0
(No hay elementos maliciosos detectados)

Valor del registro: 0
(No hay elementos maliciosos detectados)

Datos del registro: 0
(No hay elementos maliciosos detectados)

Secuencia de datos: 0
(No hay elementos maliciosos detectados)

Carpeta: 0
(No hay elementos maliciosos detectados)

Archivo: 6
HackTool.FilePatch, C:\PROGRAM FILES (X86)\ADOBE\ACROBAT DC\ACROBAT\ADOBE.ACROBAT.PRO.DC.2019.XXX-PATCH 13.11.2019.EXE, Sin acciones por parte del usuario, 7504, 281135, 1.0.30055, , ame, , FB219D4675AD48DEB65020AFF42E3995, D8D330D717C1C90C1CB2FA05049BD402EDB816DA304EAFBE2C85A7C723F7DF2E
HackTool.Patcher, C:\PROGRAM FILES (X86)\ADOBE\ACROBAT DC\ACROBAT\ADOBE.SNR.PATCH.V2.0-PAINTER.EXE, Sin acciones por parte del usuario, 7526, 473286, 1.0.30055, 7FC2D1E630CEDB42FC9A7ED2, dds, 00902831, B31679DB7DB878992B4553290A9E6C7C, 256C2A409C97448D168F3EB1BFB89AF3D259DFC05A510A3F464D8E4B348116D4
HackTool.Patcher, C:\USERS\DCD_9\APPDATA\LOCAL\PACKAGES\MICROSOFT.WINDOWSCOMMUNICATIONSAPPS_8WEKYB3D8BBWE\LOCALSTATE\FILES\S0\8\ATTACHMENTS\ADOBE.SNR.PATCH.V2.0-PAINTER[1288].ZIP, En cuarentena, 7526, 473286, 1.0.30055, 7FC2D1E630CEDB42FC9A7ED2, dds, 00902831, 0CF0907EA199909CA9C86DE3097FFD21, 7B0BDEDD52B08BBED1DF72F13F333A556286AA6B0E9804422477994A245A4FE6
Generic.Malware/Suspicious, C:\USERS\DCD_9\APPDATA\LOCAL\PACKAGES\MICROSOFT.WINDOWSCOMMUNICATIONSAPPS_8WEKYB3D8BBWE\LOCALSTATE\FILES\S0\8\ATTACHMENTS\KM1.4.9[1336].RAR, En cuarentena, 0, 392686, 1.0.30055, , shuriken, , 1B6A6F66A68FBCA69384B15BD0785964, C19F25BDA2427057A489BFD0000956F05741937A8D1102B1D05FF4E63670F9A3
Generic.Malware/Suspicious, C:\USERS\DCD_9\APPDATA\LOCAL\PACKAGES\MICROSOFT.WINDOWSCOMMUNICATIONSAPPS_8WEKYB3D8BBWE\LOCALSTATE\FILES\S0\8\ATTACHMENTS\KM1.4.9[1337].RAR, En cuarentena, 0, 392686, 1.0.30055, , shuriken, , 1B6A6F66A68FBCA69384B15BD0785964, C19F25BDA2427057A489BFD0000956F05741937A8D1102B1D05FF4E63670F9A3
PUP.Optional.OpenCandy, C:\USERS\DCD_9\APPDATA\LOCAL\PACKAGES\MICROSOFT.WINDOWSCOMMUNICATIONSAPPS_8WEKYB3D8BBWE\LOCALSTATE\FILES\S0\8\ATTACHMENTS\PARTICIONAR HDD[1364].RAR, En cuarentena, 1259, 63152, 1.0.30055, , ame, , D79B3867DAD48ADB515643CCABAFD5D4, CB45B3C2D3B5B8195873A541D8F8B1468BBB129CBCAF2AEE06CEBBEBDA5B7453

Sector físico: 0
(No hay elementos maliciosos detectados)

WMI: 0
(No hay elementos maliciosos detectados)


(end)

Hola

Realizas lo siguiente:

Análisis del PC con Eset Online Scaner : Manual de Uso lee las instrucciones para salvar el reporte.

Análisis del PC con Kasperky Virus Removal Tool: Manual de Uso

  • Este no da reporte cuando te encuentres al finalizar, si es que lo hace con alguna infección, tomas una imagen y la subes.

Como subir imágenes al Foro ?

Comenta como sigue el problema.

Un saludo

1 me gusta

@Daniela

Hola de nuevo,

Esto es lo que me sale en ESET:

20/09/2020 23:35:06
Archivos analizados: 364700
Archivos detectados: 6
Archivos desinfectados: 6
Tiempo total de análisis 03:24:14
Estado del análisis: Finalizado


C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\adobe.snr.patch.v2.0-painter.exe	una variante de Win32/HackTool.Patcher.CH aplicación potencialmente peligrosa	no se ha podido desinfectar - archivo eliminado
C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\painter.ini	Win32/HackTool.Crack.EM aplicación potencialmente peligrosa	no se ha podido desinfectar - archivo eliminado
C:\Users\dcd_9\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Files\S0\8\Attachments\1click[807].rar	BAT/RiskWare.HackTool.WinActivator.A aplicación	eliminado
C:\Users\dcd_9\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Files\S0\8\Attachments\1click[824].rar	BAT/RiskWare.HackTool.WinActivator.A aplicación	eliminado
C:\Users\dcd_9\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Files\S0\8\Attachments\ADOBE.SNR.PATCH.V2.0-PAINTER[1288].ZIP	una variante de Win32/HackTool.Patcher.CH aplicación potencialmente peligrosa	contiene archivos infectados
C:\Users\dcd_9\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Files\S0\8\Attachments\KMSpico.v10.2.0.FINAL-heldigard[1326].rar	una variante de MSIL/HackTool.IdleKMS.E aplicación potencialmente peligrosa,MSIL/HackTool.IdleKMS.I aplicación potencialmente peligrosa	eliminado (después del próximo reinicio)

Y del Kaspersky esto:

Hola

Cómo sigue el problema.

Un saludo

1 me gusta

Hola de nuevo.

El problema persiste :pensive:

Hola

Ejecuta de nueve FRST y pon los dos reportes.

Un saludo

1 me gusta