• Registrarse
  • Iniciar sesión


  • Página 1 de 2 12 ÚltimoÚltimo
    Resultados 1 al 10 de 13

    Virus que bloquea teclado en el boot, y desactiva msconfig y todos las herramientas

    Tengo una computadora AMD A-10 7700K Radeon Cores 4c + 6g, aún uso Windows 7 como Sistema Operativo. Mi problema es que el explorador de windows está dañado, al parecer por un virus, cabe resaltar ...

    1. #1
      Usuario Avatar de luis1717
      Registrado
      nov 2017
      Ubicación
      Perú
      Mensajes
      8

      Virus que bloquea teclado en el boot, y desactiva msconfig y todos las herramientas

      Tengo una computadora AMD A-10 7700K Radeon Cores 4c + 6g, aún uso Windows 7 como Sistema Operativo.
      Mi problema es que el explorador de windows está dañado, al parecer por un virus, cabe resaltar que yo solo uso Microsoft Essentials como Antivirus.
      Cuando prendo la computadora se tarda mas de lo debido en iniciar Windows incluso tengo un SSD como Disco C para el booteo (con lo cual debería de ir mas rápido).
      Una vez que se inicia windows solo se vé una pantalla negra(sin fondo de escritorio), entonces tengo que abrir el Administrador de Tareas de Windows para cerrar el proceso explorer.exe, y ejecutarlo nuevamente, y ahí ya se puede ver el explorador de windows la barra de tareas y los íconos todo ok.
      El problema viene cuando quiero abrir alguna aplicación como administrador, el virus al parecer me ha bloqueado la ejecucion de aplicaciones como administrador, tampoco puedo abrir msconfig.msc, services.msc, cmd en modo administrador ni ninguna otra herramienta para solucionar problemas de Windows, ni siquiera me deja instalar un antivirus(se queda cargando el cursor) Para colmo de males, ese virus me desactiva el teclado al iniciar el booteo, cosa que no puedo apretar F8 para iniciar Windows en Modo Seguro porque no funciona el teclado(y ya probé con 2 teclados más), tampoco puedo bootear por CD porque cuando sale el aviso "Presione cualquier tecla para iniciar por CD", yo presiono la tecla y no funciona, el virus me ha bloqueado el teclado al iniciar el booteo, y cuando ya inició Windows ahí si funciona el teclado.

      Me encuentro encerrado por todos lados no se como arreglar el problema sin necesidad de formatear, que otro metodo podría usar para entrar a modo seguro o entrar por booteo de CD. para pasarle antivirus; no se que hacer.

      Ayudenme Pls.

      Saludos.

    2. #2
      Moderador
      Avatar de @Maxfernandez
      Registrado
      dic 2007
      Ubicación
      Venezuela
      Mensajes
      16.191

      Re: Virus que bloquea teclado en el boot, y desactiva msconfig y todos las herramient

      Hola luis1717, bienvenido a Forospyware.

      Realiza lo siguiente:

      Herramientas necesarias.

      • Un ordenador limpio con conexión a Internet.
      • Un USB.


      Desde el ordenador limpio:.

      • Descargue Frst.exe a su escritorio.
      • Copie Frst.exe a su unidad USB.



      Desde el equipo Infectado:

      Ingresa en las opciones de reparación del sistema.

      Para acceder a las Opciones de Recuperación del Sistema de las opciones de inicio avanzadas:

      • Reinicie el equipo.
      • Tan pronto como se carga el BIOS comienze a apretar la tecla F8 hasta que aparezcan las opciones avanzadas de arranque.
      • Selecciona Reparar el Equipo y presione enter.
      • Espere a que cargue, seleccione el idioma y configuración de teclado, clic en siguiente.
      • Seleccione el sistema operativo que desee reparar y haga clic en siguiente.
      • Seleccione su cuenta de usuario haga clic en siguiente.



      En el menú de Opciones de Recuperación del Sistema vera las siguientes opciones:

      • Reparación de inicio.
      • Restaurar sistema.
      • Restauración de imagen del sistema.
      • Diagnóstico de memoria de Windows.
      • Símbolo del sistema.



      • Seleccione el Símbolo del Sistema.
      • En la ventana de Comandos, escriba notepad.exe.
      • En la parte superior vaya a Archivo>>> Abrir.
      • Seleccione "Equipo" para encontrar la letra de su Unidad USB, cierre el Bloc de Notas.



      • Una vez dentro de la Ventana de Comandos escribe tal cual x:frst.exe donde x debe ser reemplazada por la letra de Su unidad Usb.
      • Presionas Enter.


      Deberá ver algo similar a lo que muestra la imagen:


      • La herramienta comenzará a correr.
      • Cuando la herramienta se abra le mostrara la ventana Disclaimer, haga clic en Sí.


      Luego abrirá la ventana del programa:



      • Pulse el botón Scan.

      Al finalizar el escaneo se creara un reporte Frst.txt en el USB. Conecte de nuevo el USB en el ordenador limpio, abra el archivo (Frst.txt) copie y pegue su contenido en su próxima respuesta.

      Cualquier duda nos consultas.

      Para tu seguridad imprime los pasos.

      Un saludo
      [email protected]


      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    3. #3
      Usuario Avatar de luis1717
      Registrado
      nov 2017
      Ubicación
      Perú
      Mensajes
      8

      Re: Virus que bloquea teclado en el boot, y desactiva msconfig y todos las herramient

      Hola,
      Como le dije en mi post anterior, el teclado no me responde durante el booteo, por eso es en vano presiono F8, y no le hace caso. A veces sale la pantalla negrita de Opciones:
      Modo Seguro
      Modo Seguro con Funciones de Red
      etc etc
      Iniciar Windows normalmente(se marca como opción predeterminada); entonces yo uso los direccionales para subir y elegir la opción de "Modo seguro" pero el teclado no me responde(probé con varios teclados) y al pasar los 30 segundos automaticamente se inicia en modo Normal con todos los problemas explicados en el post anterior.

      Para mi buena suerte, de la nada después de una reinicio de windows; me salió el Sistema Operativo totalmente estable, y ahora si puedo ejecutar como administrador cualquier ejecutable, pero es aleatorio, reinicié la maquina nuevamente y devuelta se malogra y asi sucesivamente.

      Entonces en estos momentos estoy con el S.O. estable y ya no quiero apagar el PC, porque si lo hago se va a malograr denuevo.

      El punto es que me descargué el Frst.exe de 64 bits en esta misma maquina y la ejecuté como administrador e hice todos lo pasos siguientes que me puso arriba.

      Este es el reporte que me arrojó el FRST:

      [QUOTE]
      Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 23-11-2017
      Ran by Luis (administrator) on LUIS-PC (23-11-2017 2032)
      Running from C:\Users\Luis\Downloads
      Loaded Profiles: Luis & MSSQLFDLauncher & MsDtsServer120 & MSSQLSERVER (Available Profiles: Luis & postgres & MSSQLServerOLAPService & ReportServer & MSSQLFDLauncher & MsDtsServer120 & MSSQLSERVER & DefaultAppPool)
      Platform: Windows 7 Enterprise Service Pack 1 (X64) Language: Español (España, internacional)
      Internet Explorer Version 11 (Default browser: Chrome)
      Boot Mode: Normal
      Tutorial for Farbar Recovery Scan Tool: ***********************************************************************************************************

      ==================== Processes (Whitelisted) =================

      (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

      (AMD) C:\Windows\System32\atiesrxx.exe
      (AMD) C:\Windows\System32\atieclxx.exe
      (DigitalPersona, Inc.) C:\Program Files (x86)\DigitalPersona\Bin\DpHostW.exe
      () C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
      (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
      () C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
      (Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
      (Advanced Micro Devices) C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe
      (CA) C:\Program Files (x86)\CA\SharedComponents\CA_LIC\LogWatNT.exe
      (CA) C:\Program Files (x86)\CA\SharedComponents\CA_LIC\lic98Service.exe
      (Microsoft Corporation) C:\Program Files\Microsoft SQL Server\120\DTS\Binn\MsDtsSrvr.exe
      (Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL12.LUISPC\MSSQL\Binn\sqlservr.exe
      (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
      (PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.4\bin\pg_ctl.exe
      (Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
      (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
      (PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.4\bin\postgres.exe
      (McAfee, Inc.) C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe
      (PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.4\bin\postgres.exe
      (McAfee, Inc.) C:\Program Files\TrueKey\McTkSchedulerService.exe
      (VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
      (Apache Software Foundation) C:\wamp64\bin\apache\apache2.4.23\bin\httpd.exe
      () C:\wamp64\bin\mysql\mysql5.7.14\bin\mysqld.exe
      (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
      (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
      (VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
      (PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.4\bin\postgres.exe
      (PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.4\bin\postgres.exe
      (PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.4\bin\postgres.exe
      (PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.4\bin\postgres.exe
      (PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.4\bin\postgres.exe
      (Apache Software Foundation) C:\wamp64\bin\apache\apache2.4.23\bin\httpd.exe
      (PcWinTech.com) C:\Program Files (x86)\CleanMem\mini_monitor.exe
      (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler.exe
      (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler64.exe
      (Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL12.LUISPC\MSSQL\Binn\fdlauncher.exe
      (Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL12.LUISPC\MSSQL\Binn\fdhost.exe
      (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
      () C:\Program Files (x86)\GIGABYTE\ET6\GUI.exe
      (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
      (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      () C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Microsoft Corporation) C:\Windows\System32\dllhost.exe

      ==================== Registry (Whitelisted) ===========================

      (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

      "Path" (C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\Common Files\Intel\Shared Libraries\redist\ia32\mpirt;C:\Program Files (x86)\Common Files\Intel\Shared Libraries\redist\ia32\compiler;C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Intel\Shared Files\cpp\bin\Intel64;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Common Files\Acronis\VirtualFile\;C:\Program Files (x86)\Common Files\Acronis\VirtualFile64\;C:\Program Files (x86)\Common Files\Acronis\SnapAPI\;C:\Program Files (x86)\Skype\Phone\;C:\Users\Luis\.dnx\bin;C:\Program Files\Microsoft DNX\Dnvm\;C:\Program Files\Microsoft SQL Server\120\Tools\Binn\;C:\Program Files\Git\cmd;C:\Program Files\Microsoft SQL Server\130\Tools\Binn\;C:\Program Files\Microsoft SQL Server\120\DTS\Binn\;C:\Program Files\Microsoft SQL Server\Client SDK\ODBC\110\Tools\Binn\;C:\Program Fil -> %SystemRoot%\System32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SystemRoot%\System32\WindowsPowerShell\v1.0;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\Common Files\Intel\Shared Libraries\redist\ia32\mpirt;C:\Program Files (x86)\Common Files\Intel\Shared Libraries\redist\ia32\compiler;C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Intel\Shared Files\cpp\bin\Intel64;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;%SystemRoot%\System32\WindowsPowerShell\v1.0;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Common Files\Acronis\VirtualFile\;C:\Program Files (x86)\Common Files\Acronis\VirtualFile64\;C:\Program Files (x86)\Common Files\Acronis\SnapAPI\;C:\Program Files (x86)\Skype\Phone\;C:\Users\Luis\.dnx\bin;C:\Program Files\Microsoft DNX\Dnvm\;C:\Program Files\Microsoft SQL Server\120\Tools\Binn\;C:\Program Files\Git\cmd;C:\Program Files\Microsoft SQL Server\130\Tools\Binn\;C:\Program Files\Microsoft SQL Server\120\DTS\Binn\;C:\Program Files\Microsoft SQL Server\Client SDK\ODBC\110\Tools\Binn\;C:\Program Fil) <==== Repaired successfully
      HKLM\...\Run: [] => [X]
      HKLM-x32\...\Run: [EfficientPasswordManager] => [X]
      HKLM-x32\...\Run: [] => [X]
      HKLM-x32\...\RunOnce: [EasyTuneVI] => C:\Program Files (x86)\GIGABYTE\ET6\ETCall.exe [40960 2012-07-09] ()
      HKU\S-1-5-21-156791221-2462684622-3037075302-1000\...\RunOnce: [Application Restart #0] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2407008 2017-07-13] (Adobe Systems Incorporated)
      HKU\S-1-5-21-156791221-2462684622-3037075302-1000\...\RunOnce: [Application Restart #1] => C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe [2382432 2017-07-13] (Adobe Systems Incorporated)
      HKU\S-1-5-21-156791221-2462684622-3037075302-1000\...\MountPoints2: E - E:\HiSuiteDownLoader.exe
      HKU\S-1-5-21-156791221-2462684622-3037075302-1000\...\MountPoints2: {2dd32f76-bebd-11e7-8f78-74d43552e08a} - E:\HiSuiteDownLoader.exe
      HKU\S-1-5-21-156791221-2462684622-3037075302-1000\...\MountPoints2: {f57fce4a-41b3-11e6-84ba-806e6f6e6963} - D:\Run.exe
      HKU\S-1-5-21-156791221-2462684622-3037075302-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Bubbles.scr [899584 2010-11-20] (Microsoft Corporation)
      HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2016-07-10] (Microsoft Corporation)
      Lsa: [Notification Packages] scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter "C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter"
      GroupPolicy: Restriction <==== ATTENTION

      ==================== Internet (Whitelisted) ====================

      (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

      Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
      Tcpip\Parameters: [DhcpNameServer] 200.48.225.130 200.48.225.146
      Tcpip\..\Interfaces\{EB832A91-FF57-4DEE-921B-FCE73A8B3DC3}: [DhcpNameServer] 200.48.225.130 200.48.225.146

      Internet Explorer:
      ==================
      BHO: True Key Helper -> {0F4B8786-5502-4803-8EBC-F652A1153BB6} -> C:\Program Files\Intel Security\True Key\MSIE\truekey_ie64.dll [2017-06-26] (Intel Security)
      BHO: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll [2012-02-14] (Advanced Micro Devices)
      BHO: No Name -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> No File
      BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
      BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2014-01-23] (Microsoft Corporation)
      BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2016-11-15] (Microsoft Corporation)
      BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre-9.0.1\bin\jp2ssv.dll [2017-11-11] (Oracle Corporation)
      BHO-x32: True Key Helper -> {0F4B8786-5502-4803-8EBC-F652A1153BB6} -> C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2017-06-26] (Intel Security)
      BHO-x32: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll [2012-02-14] (Advanced Micro Devices)
      BHO-x32: Aplicación auxiliar de inicio de sesión en la cuenta Microsoft -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
      BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2014-01-21] (Microsoft Corporation)
      BHO-x32: Microsoft Web Test Recorder 14.0 Helper -> {b924f0b4-0b3c-49c0-bab2-213fb9ebd1d3} -> C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll [2015-07-07] (Microsoft Corporation)
      BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2016-11-15] (Microsoft Corporation)
      BHO-x32: Aimersoft Video Converter Ultimate 6.1.0 -> {D879895E-2124-4ED0-BDDF-F8F8BBC98A6F} -> C:\ProgramData\Aimersoft\Video Converter Ultimate\WSBrowserAppMgr.dll [2014-07-17] (Wondershare)
      Toolbar: HKLM - True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie64.dll [2017-06-26] (Intel Security)
      Toolbar: HKLM-x32 - True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2017-06-26] (Intel Security)
      Toolbar: HKU\S-1-5-21-156791221-2462684622-3037075302-1000 -> True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie64.dll [2017-06-26] (Intel Security)
      DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab
      Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2016-05-17] (Microsoft Corporation)
      Handler: WSAMVCUchrome - {086BD280-4613-43B5 - No File
      Filter-x32: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2017-02-15] (Citrix Systems, Inc.)
      Filter-x32: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2017-02-15] (Citrix Systems, Inc.)
      Filter-x32: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2017-02-15] (Citrix Systems, Inc.)
      Filter-x32: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2017-02-15] (Citrix Systems, Inc.)
      Filter-x32: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2017-02-15] (Citrix Systems, Inc.)
      Filter-x32: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2017-02-15] (Citrix Systems, Inc.)
      Filter-x32: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2017-02-15] (Citrix Systems, Inc.)
      Filter-x32: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2017-02-15] (Citrix Systems, Inc.)
      Filter-x32: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2017-02-15] (Citrix Systems, Inc.)
      Filter-x32: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2017-02-15] (Citrix Systems, Inc.)
      Filter-x32: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2017-02-15] (Citrix Systems, Inc.)
      Filter-x32: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2017-02-15] (Citrix Systems, Inc.)
      Filter-x32: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2017-02-15] (Citrix Systems, Inc.)
      Filter-x32: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2017-02-15] (Citrix Systems, Inc.)
      Filter-x32: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2017-02-15] (Citrix Systems, Inc.)
      Filter-x32: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2017-02-15] (Citrix Systems, Inc.)
      Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
      Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
      Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
      Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)

      FireFox:
      ========
      FF DefaultProfile: qvngazrl.default
      FF ProfilePath: C:\Users\Luis\AppData\Roaming\Mozilla\Firefox\Profiles\qvngazrl.default [2017-11-23]
      FF Homepage: Mozilla\Firefox\Profiles\qvngazrl.default -> about:home
      FF Extension: (Firebug) - C:\Users\Luis\AppData\Roaming\Mozilla\Firefox\Profiles\qvngazrl.default\Extensions\[email protected] [2017-03-05] [Lagacy]
      FF Extension: (LiveReload) - C:\Users\Luis\AppData\Roaming\Mozilla\Firefox\Profiles\qvngazrl.default\Extensions\[email protected]eload.com.xpi [2016-07-05] [Lagacy]
      FF Extension: (Flash and Video Download) - C:\Users\Luis\AppData\Roaming\Mozilla\Firefox\Profiles\qvngazrl.default\Extensions\{bee6eb20-01e0-ebd1-da83-080329fb9a3a}.xpi [2017-11-23]
      FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\ProgramData\Aimersoft\Video Converter Ultimate\[email protected]
      FF Extension: (Aimersoft Video Converter Ultimate) - C:\ProgramData\Aimersoft\Video Converter Ultimate\[email protected] [2017-04-16] [Lagacy] [not signed]
      FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_27_0_0_187.dll [2017-11-18] ()
      FF Plugin: @java.com/DTPlugin,version=12.0.1.0 -> C:\Program Files\Java\jre-9.0.1\bin\dtplugin\npDeployJava1.dll [2017-11-11] (Oracle Corporation)
      FF Plugin: @java.com/JavaPlugin,version=12.0.1.0 -> C:\Program Files\Java\jre-9.0.1\bin\plugin2\npjp2.dll [2017-11-11] (Oracle Corporation)
      FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
      FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
      FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
      FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2017-07-13] (Adobe Systems)
      FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_27_0_0_187.dll [2017-11-18] ()
      FF Plugin-x32: @Citrix.com/npican -> C:\Program Files (x86)\Citrix\ICA Client\npicaN.dll [2017-02-15] (Citrix Systems, Inc.)
      FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
      FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
      FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-21] (Microsoft Corporation)
      FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
      FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [No File]
      FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [No File]
      FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
      FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2017-07-13] (Adobe Systems)

      Chrome:
      =======
      CHR StartupUrls: Default -> "hxxp://search.gboxapp.com/","hxxp://start.iminent.com/?appId=79D3E187-464A-40C0-BAE0-6518C519DD06","hxxp://websearch.fastsearchings.info/?pid=725&r=2014/07/11&hid=10679995626832974870&lg=EN&cc=PE&unqvl=56","hxxp://start.iminent.com/?appId=2D821C97-8711-4AF7-BAF1-6110FE8D4E51","hxxp://www.oursurfing.com/?type=hp&ts=1446911264&z=3af538f802a1b8b9fc63087g0z4zcq8t5gbg0o2qez&from=amt&uid=samsungxhd753lj_s13uj90sb00471"
      CHR Session Restore: Default -> is enabled.
      CHR Profile: C:\Users\Luis\AppData\Local\Google\Chrome\User Data\Default [2017-11-23]
      CHR Extension: (Presentaciones) - C:\Users\Luis\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-31]
      CHR Extension: (Documentos) - C:\Users\Luis\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-31]
      CHR Extension: (Google Drive) - C:\Users\Luis\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-11-11]
      CHR Extension: (YouTube) - C:\Users\Luis\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-07-05]
      CHR Extension: (Hojas de cálculo) - C:\Users\Luis\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-31]
      CHR Extension: (Postman) - C:\Users\Luis\AppData\Local\Google\Chrome\User Data\Default\Extensions\fhbjgbiflinjbdggehcddcbncdddomop [2017-10-29]
      CHR Extension: (Documentos de Google sin conexión) - C:\Users\Luis\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-07-06]
      CHR Extension: (AngularJS Batarang) - C:\Users\Luis\AppData\Local\Google\Chrome\User Data\Default\Extensions\ighdmehidhipcmcojjgiloacoafjmpfk [2017-04-05]
      CHR Extension: (Kano Games) - C:\Users\Luis\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiebfciakollpbcoifjgmadkljljdlka [2017-02-04]
      CHR Extension: (RT Noticias) - C:\Users\Luis\AppData\Local\Google\Chrome\User Data\Default\Extensions\lijlfaiiebjpimbaljnneohojnkedjjm [2017-02-04]
      CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Luis\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2016-07-05]
      CHR Extension: (Highlight Keywords for Google Search) - C:\Users\Luis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhahncknpppipmgjchbbhehkfglelepf [2017-11-11]
      CHR Extension: (Awesome Screenshot: Grabadora de video de pantalla) - C:\Users\Luis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlipoenfbbikpbjkfpfillcgkoblgpmj [2017-11-11]
      CHR Extension: (Aimersoft Video Converter Ultimate) - C:\Users\Luis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmapfhedmiiikmeicmclonepdhjgmlcn [2017-04-23]
      CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Luis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-23]
      CHR Extension: (Gmail) - C:\Users\Luis\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-07-05]
      CHR Extension: (Chrome Media Router) - C:\Users\Luis\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-11-20]
      CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx <not found>
      CHR HKU\S-1-5-21-156791221-2462684622-3037075302-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\Luis\AppData\Local\Google\Drive\user_default\apdfllckaahabafndbhieahigkjlhalf_live.crx [2016-07-05]
      CHR HKU\S-1-5-21-156791221-2462684622-3037075302-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
      CHR HKLM-x32\...\Chrome\Extension: [nmapfhedmiiikmeicmclonepdhjgmlcn] - C:\ProgramData\Aimersoft\Video Converter Ultimate\[email protected] [2017-04-16]

      ==================== Services (Whitelisted) ====================

      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

      R2 AcrSch2Svc; C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe [1195840 2016-04-26] ()
      R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [814688 2017-07-13] (Adobe Systems Incorporated)
      R2 afcdpsrv; C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [4463592 2016-07-10] ()
      R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2257016 2017-08-23] (Adobe Systems, Incorporated)
      R2 amdacpusrsvc; C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe [121856 2016-07-18] (Advanced Micro Devices) [File not signed]
      S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] ()
      S3 ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [160256 2011-08-30] (Intel Corporation) [File not signed]
      S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
      R2 LogWatch; C:\Program Files (x86)\CA\SharedComponents\CA_LIC\LogWatNT.exe [75016 2007-12-15] (CA)
      S4 mmsminisrv; C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe [4884064 2015-08-11] (Acronis)
      R2 MsDtsServer120; C:\Program Files\Microsoft SQL Server\120\DTS\Binn\MsDtsSrvr.exe [216768 2015-06-10] (Microsoft Corporation)
      R3 MSSQLFDLauncher; C:\Program Files\Microsoft SQL Server\MSSQL12.LUISPC\MSSQL\Binn\fdlauncher.exe [50880 2014-02-21] (Microsoft Corporation)
      R2 MSSQLSERVER; C:\Program Files\Microsoft SQL Server\MSSQL12.LUISPC\MSSQL\Binn\sqlservr.exe [370368 2015-06-10] (Microsoft Corporation)
      S4 MSSQLServerOLAPService; C:\Program Files\Microsoft SQL Server\MSAS12.LUISPC\OLAP\bin\msmdsrv.exe [51090624 2014-02-21] (Microsoft Corporation)
      S2 pgAgent; C:\Program Files (x86)\pgAgent\bin\pgagent.exe [83456 2015-02-25] () [File not signed]
      R2 postgresql-x64-9.4; C:\Program Files\PostgreSQL\9.4\bin\pg_ctl.exe [93696 2016-10-25] (PostgreSQL Global Development Group) [File not signed]
      S4 ReportServer; C:\Program Files\Microsoft SQL Server\MSRS12.LUISPC\Reporting Services\ReportServer\bin\ReportingServicesService.exe [2450112 2014-02-21] (Microsoft Corporation)
      S3 SQL Server Distributed Replay Client; C:\Program Files (x86)\Microsoft SQL Server\120\Tools\DReplayClient\DReplayClient.exe [139968 2014-02-21] (Microsoft Corporation)
      S3 SQL Server Distributed Replay Controller; C:\Program Files (x86)\Microsoft SQL Server\120\Tools\DReplayController\DReplayController.exe [345280 2014-02-21] (Microsoft Corporation)
      S3 SQLSERVERAGENT; C:\Program Files\Microsoft SQL Server\MSSQL12.LUISPC\MSSQL\Binn\SQLAGENT.EXE [613056 2015-06-10] (Microsoft Corporation)
      R2 syncagentsrv; C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe [9698296 2016-04-16] ()
      R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10803952 2017-11-09] (TeamViewer GmbH)
      R2 TrueKey; C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe [1001920 2017-06-26] (McAfee, Inc.)
      R2 TrueKeyScheduler; C:\Program Files\TrueKey\McTkSchedulerService.exe [16928 2017-06-26] (McAfee, Inc.)
      S3 TrueKeyServiceHelper; C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe [87760 2017-06-26] (McAfee, Inc.)
      S4 VMwareHostd; C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe [12462784 2015-11-25] ()
      S3 VSStandardCollectorService140; C:\Program Files (x86)\Microsoft Visual Studio 14.0\Team Tools\DiagnosticsHub\Collector\StandardCollector.Service.exe [108768 2016-07-08] (Microsoft Corporation)
      R2 wampapache64; c:\wamp64\bin\apache\apache2.4.23\bin\httpd.exe [29696 2016-07-01] (Apache Software Foundation) [File not signed]
      R2 wampmysqld64; c:\wamp64\bin\mysql\mysql5.7.14\bin\mysqld.exe [39885824 2016-07-12] () [File not signed]
      R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

      ===================== Drivers (Whitelisted) ======================

      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

      R2 amdacpksd; C:\Windows\system32\drivers\amdacpksd.sys [305032 2016-07-18] (Advanced Micro Devices)
      R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [22240 2013-10-28] ()
      R2 APXACC; C:\Windows\System32\DRIVERS\appexDrv.sys [229056 2015-04-03] (AppEx Networks Corporation)
      R0 file_tracker; C:\Windows\System32\DRIVERS\file_tracker.sys [339800 2016-07-10] (Acronis International GmbH)
      R3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2017-11-23] ()
      U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2011-10-23] (Huawei Technologies Co., Ltd.)
      R0 pwdrvio; C:\Windows\System32\pwdrvio.sys [19152 2013-09-30] ()
      S3 pwdspio; C:\Windows\system32\pwdspio.sys [12504 2013-09-30] ()
      S4 RsFx0300; C:\Windows\System32\DRIVERS\RsFx0300.sys [247488 2014-02-21] (Microsoft Corporation)
      S4 secdrv; C:\Windows\SysWow64\Drivers\secdrv.sys [11968 2000-07-29] () [File not signed]
      R0 tib; C:\Windows\System32\DRIVERS\tib.sys [1267552 2016-07-10] (Acronis International GmbH)
      R2 tib_mounter; C:\Windows\System32\DRIVERS\tib_mounter.sys [193376 2016-07-10] (Acronis International GmbH)
      S3 tnd; C:\Windows\System32\DRIVERS\tnd.sys [601432 2016-07-10] (Acronis International GmbH)
      S1 UsbCharger; C:\Windows\System32\DRIVERS\UsbCharger.sys [22240 2013-10-24] ()
      R2 virtual_file; C:\Windows\System32\DRIVERS\virtual_file.sys [279392 2016-07-10] (Acronis International GmbH)
      R2 VMparport; C:\Windows\system32\drivers\VMparport.sys [31936 2015-11-25] (VMware, Inc.)
      R0 vsock; C:\Windows\System32\drivers\vsock.sys [75512 2015-11-05] (VMware, Inc.)
      R2 vstor2-mntapi20-shared; C:\Windows\SysWow64\drivers\vstor2-mntapi20-shared.sys [34520 2015-07-09] (VMware, Inc.)
      R3 WsAudio_Device; C:\Windows\System32\drivers\VirtualAudio.sys [31080 2013-03-25] (Wondershare)
      R3 XtuAcpiDriver; C:\Windows\System32\DRIVERS\XtuAcpiDriver.sys [54168 2017-04-18] (Intel Corporation)
      S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
      S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
      S3 VGPU; System32\drivers\rdvgkmd.sys [X]
      S3 X6va063; \??\C:\Windows\SysWOW64\Drivers\X6va063 [X]
      S3 X6va064; \??\C:\Windows\SysWOW64\Drivers\X6va064 [X]

      ==================== NetSvcs (Whitelisted) ===================

      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


      ==================== One Month Created files and folders ========

      (If an entry is included in the fixlist, the file/folder will be moved.)

      2017-11-23 20:10 - 2017-11-23 20:10 - 000031162 _____ C:\Users\Luis\Downloads\FRST.txt
      2017-11-23 20:10 - 2017-11-23 20:10 - 000000000 ____D C:\FRST
      2017-11-23 20:08 - 2017-11-23 20:08 - 002393088 _____ (Farbar) C:\Users\Luis\Downloads\FRST64.exe
      2017-11-23 19:49 - 2017-11-23 19:49 - 000000000 ____D C:\Windows\pss
      2017-11-23 19:43 - 2017-11-23 19:43 - 000000000 ___HD C:\Users\Public\Documents\AdobeGC
      2017-11-23 19:23 - 2017-11-23 19:25 - 001789440 _____ (Farbar) C:\Users\Luis\Downloads\FRST.exe
      2017-11-23 19:02 - 2017-11-23 19:03 - 007202272 _____ (Tonec Inc.) C:\Users\Luis\Downloads\idman629build2.exe
      2017-11-23 17:54 - 2017-11-23 17:54 - 000713624 _____ C:\Users\Luis\Downloads\DNI.pdf
      2017-11-23 17:54 - 2017-11-23 17:54 - 000711848 _____ C:\Users\Luis\Downloads\DNI atras.pdf
      2017-11-21 15:37 - 2017-11-23 20:05 - 000000004 _____ C:\Windows\SysWOW64\GVTunner.ref
      2017-11-20 21:09 - 2017-11-20 21:09 - 000000281 _____ C:\Users\Luis\.gitconfig
      2017-11-20 21:09 - 2017-11-05 12:50 - 000000000 ____D C:\Users\Luis\Desktop\AplicacionMovil
      2017-11-19 18:28 - 2017-11-19 18:28 - 000017627 _____ C:\Users\Luis\Downloads\Constancia de Solicitud.pdf
      2017-11-19 13:38 - 2017-11-19 13:38 - 000304279 _____ C:\Users\Luis\Downloads\OS 1283 - LUNA SOTO LUIS.pdf
      2017-11-19 12:51 - 2017-11-19 12:51 - 000103759 _____ C:\Users\Luis\Desktop\Sin título (8).wma
      2017-11-19 11:44 - 2017-11-19 11:44 - 000000043 _____ C:\Users\Luis\Downloads\hbpix (1)
      2017-11-19 11:28 - 2017-11-19 11:28 - 000855835 _____ C:\Users\Luis\Desktop\escoger_mejor_candidato.pdf
      2017-11-17 00:38 - 2017-11-17 00:48 - 423886616 _____ (AMD Inc.) C:\Users\Luis\Downloads\whql-win10-64bit-radeon-software-crimson-relive-17.11.1-nov10.exe
      2017-11-17 00:31 - 2017-11-17 00:32 - 041034432 _____ (AMD Inc.) C:\Users\Luis\Downloads\radeon-crimson-relive-17.11.2-minimalsetup-171116_web.exe
      2017-11-16 19:32 - 2017-11-16 19:32 - 007176464 _____ (AVAST Software) C:\Users\Luis\Downloads\avast_free_antivirus_setup_online.exe
      2017-11-16 16:05 - 2017-11-16 16:05 - 000006332 _____ C:\Users\Luis\Downloads\RHE10478664864E00123.pdf
      2017-11-16 16:04 - 2017-11-16 16:04 - 000006297 _____ C:\Users\Luis\Downloads\RHE10478664864E00122.pdf
      2017-11-16 16:03 - 2017-11-16 16:03 - 000006321 _____ C:\Users\Luis\Downloads\RHE10478664864E00121.pdf
      2017-11-16 15:59 - 2017-11-16 15:59 - 000006324 _____ C:\Users\Luis\Downloads\RHE10478664864E00120.pdf
      2017-11-15 02:37 - 2017-11-15 02:37 - 000456944 _____ C:\Windows\Minidump\111517-10233-01.dmp
      2017-11-12 23:02 - 2017-11-12 23:02 - 000105229 _____ C:\Users\Luis\Downloads\sys_fact_11_11_2017.sql
      2017-11-12 23:02 - 2017-11-12 23:02 - 000105229 _____ C:\Users\Luis\Desktop\sys_fact_11_11_2017.sql
      2017-11-12 16:24 - 2017-11-12 16:24 - 000000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_WinUsb_01007.Wdf
      2017-11-12 16:23 - 2011-11-25 00:25 - 000015360 _____ (June Fabrics Technology Inc.) C:\Windows\system32\Drivers\pneteth.sys
      2017-11-12 16:23 - 2009-11-08 01:41 - 000708168 _____ (Microsoft Corporation) C:\Windows\system32\WinUSBCoInstaller.dll
      2017-11-12 16:03 - 2017-11-12 16:03 - 000000000 ____D C:\Program Files\DIFX
      2017-11-12 16:02 - 2017-11-12 16:02 - 000000000 ____D C:\adb
      2017-11-12 15:20 - 2017-11-12 15:20 - 000060788 _____ C:\Users\Luis\Documents\cc_20171112_151959.reg
      2017-11-12 15:19 - 2017-11-12 15:19 - 000261186 _____ C:\Users\Luis\Documents\cc_20171112_151937.reg
      2017-11-12 15:14 - 2017-11-12 15:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\ClockworkMod
      2017-11-12 15:14 - 2017-11-12 15:14 - 000000000 ____D C:\Program Files (x86)\ClockworkMod
      2017-11-12 14:11 - 2017-11-12 16:27 - 000000000 ____D C:\Program Files (x86)\PdaNet for Android
      2017-11-12 13:08 - 2017-11-12 13:10 - 000000000 ____D C:\Users\Luis\Downloads\isos
      2017-11-11 21:30 - 2017-11-11 21:30 - 000000066 _____ C:\Users\Luis\inittk.ini
      2017-11-11 21:29 - 2017-11-12 16:57 - 000000000 ____D C:\Users\Luis\AppData\Local\Nox
      2017-11-11 21:29 - 2017-11-12 16:57 - 000000000 ____D C:\Program Files (x86)\Nox
      2017-11-11 21:29 - 2017-11-11 22:38 - 000000000 ____D C:\Users\Luis\vmlogs
      2017-11-11 21:29 - 2017-11-11 21:29 - 000000045 _____ C:\Users\Luis\nuuid.ini
      2017-11-11 21:29 - 2017-11-11 21:29 - 000000041 _____ C:\Users\Luis\inst.ini
      2017-11-11 21:29 - 2017-11-11 21:29 - 000000000 ____D C:\Users\Luis\Nox_share
      2017-11-11 21:20 - 2017-11-11 21:28 - 318331296 _____ (Duodian Technology Co. Ltd.) C:\Users\Luis\Downloads\nox_setup_v5.2.1.0_full_intl.exe
      2017-11-11 19:41 - 2017-11-11 19:41 - 000144448 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
      2017-11-11 19:41 - 2017-11-11 19:41 - 000000000 ____D C:\Users\Luis\AppData\Roaming\Sun
      2017-11-11 19:41 - 2017-11-11 19:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
      2017-11-11 19:40 - 2017-11-11 19:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
      2017-11-11 19:40 - 2017-11-11 19:40 - 000000000 ____D C:\Program Files\Java
      2017-11-11 19:39 - 2017-11-11 19:41 - 000000000 ____D C:\ProgramData\Oracle
      2017-11-11 19:39 - 2017-11-11 19:39 - 000000000 ____D C:\Users\Luis\AppData\LocalLow\Sun
      2017-11-11 19:39 - 2017-11-11 19:39 - 000000000 ____D C:\Users\Luis\AppData\LocalLow\Oracle
      2017-11-11 19:34 - 2017-11-11 19:34 - 126925120 ____C (Microsoft Corporation) C:\Windows\system32\MRT-KB890830.exe
      2017-11-11 19:29 - 2017-11-11 19:29 - 000000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_XtuAcpiDriver_01011.Wdf
      2017-11-11 19:17 - 2017-11-11 19:17 - 000000000 __SHD C:\found.000
      2017-11-11 18:33 - 2017-09-13 10:33 - 000631176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
      2017-11-11 18:33 - 2017-09-13 10:32 - 005547752 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
      2017-11-11 18:33 - 2017-09-13 10:32 - 000706792 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
      2017-11-11 18:33 - 2017-09-13 10:32 - 000154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
      2017-11-11 18:33 - 2017-09-13 10:32 - 000095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
      2017-11-11 18:33 - 2017-09-13 10:31 - 001732864 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
      2017-11-11 18:33 - 2017-09-13 10:28 - 001212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
      2017-11-11 18:33 - 2017-09-13 10:28 - 001068544 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
      2017-11-11 18:33 - 2017-09-13 10:28 - 000886272 _____ (Microsoft Corporation) C:\Windows\system32\wlansvc.dll
      2017-11-11 18:33 - 2017-09-13 10:28 - 000503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
      2017-11-11 18:33 - 2017-09-13 10:28 - 000448512 _____ (Microsoft Corporation) C:\Windows\system32\wlansec.dll
      2017-11-11 18:33 - 2017-09-13 10:28 - 000414208 _____ (Microsoft Corporation) C:\Windows\system32\wlanmsm.dll
      2017-11-11 18:33 - 2017-09-13 10:28 - 000362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
      2017-11-11 18:33 - 2017-09-13 10:28 - 000345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
      2017-11-11 18:33 - 2017-09-13 10:28 - 000316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
      2017-11-11 18:33 - 2017-09-13 10:28 - 000312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
      2017-11-11 18:33 - 2017-09-13 10:28 - 000243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
      2017-11-11 18:33 - 2017-09-13 10:28 - 000215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
      2017-11-11 18:33 - 2017-09-13 10:28 - 000210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
      2017-11-11 18:33 - 2017-09-13 10:28 - 000190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
      2017-11-11 18:33 - 2017-09-13 10:28 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
      2017-11-11 18:33 - 2017-09-13 10:28 - 000135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
      2017-11-11 18:33 - 2017-09-13 10:28 - 000118784 _____ (Microsoft Corporation) C:\Windows\system32\wlanhlp.dll
      2017-11-11 18:33 - 2017-09-13 10:28 - 000113664 _____ (Microsoft Corporation) C:\Windows\system32\wlanapi.dll
      2017-11-11 18:33 - 2017-09-13 10:28 - 000086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
      2017-11-11 18:33 - 2017-09-13 10:28 - 000063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
      2017-11-11 18:33 - 2017-09-13 10:28 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
      2017-11-11 18:33 - 2017-09-13 10:28 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
      2017-11-11 18:33 - 2017-09-13 10:28 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
      2017-11-11 18:33 - 2017-09-13 10:28 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
      2017-11-11 18:33 - 2017-09-13 10:28 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
      2017-11-11 18:33 - 2017-09-13 10:28 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
      2017-11-11 18:33 - 2017-09-13 10:27 - 001460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
      2017-11-11 18:33 - 2017-09-13 10:27 - 001163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
      2017-11-11 18:33 - 2017-09-13 10:27 - 000880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
      2017-11-11 18:33 - 2017-09-13 10:27 - 000731648 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
      2017-11-11 18:33 - 2017-09-13 10:27 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
      2017-11-11 18:33 - 2017-09-13 10:27 - 000463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
      2017-11-11 18:33 - 2017-09-13 10:27 - 000419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
      2017-11-11 18:33 - 2017-09-13 10:27 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
      2017-11-11 18:33 - 2017-09-13 10:27 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
      2017-11-11 18:33 - 2017-09-13 10:27 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
      2017-11-11 18:33 - 2017-09-13 10:27 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
      2017-11-11 18:33 - 2017-09-13 10:27 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
      2017-11-11 18:33 - 2017-09-13 10:27 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
      2017-11-11 18:33 - 2017-09-13 10:27 - 000006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
      2017-11-11 18:33 - 2017-09-13 10:27 - 000006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
      2017-11-11 18:33 - 2017-09-13 10:27 - 000005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
      2017-11-11 18:33 - 2017-09-13 10:27 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
      2017-11-11 18:33 - 2017-09-13 10:27 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
      2017-11-11 18:33 - 2017-09-13 10:27 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
      2017-11-11 18:33 - 2017-09-13 10:27 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
      2017-11-11 18:33 - 2017-09-13 10:27 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
      2017-11-11 18:33 - 2017-09-13 10:27 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
      2017-11-11 18:33 - 2017-09-13 10:27 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
      2017-11-11 18:33 - 2017-09-13 10:27 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
      2017-11-11 18:33 - 2017-09-13 10:27 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
      2017-11-11 18:33 - 2017-09-13 10:27 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
      2017-11-11 18:33 - 2017-09-13 10:27 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
      2017-11-11 18:33 - 2017-09-13 10:27 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
      2017-11-11 18:33 - 2017-09-13 10:27 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
      2017-11-11 18:33 - 2017-09-13 10:27 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
      2017-11-11 18:33 - 2017-09-13 10:27 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
      2017-11-11 18:33 - 2017-09-13 10:27 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
      2017-11-11 18:33 - 2017-09-13 10:27 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
      2017-11-11 18:33 - 2017-09-13 10:27 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
      2017-11-11 18:33 - 2017-09-13 10:27 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
      2017-11-11 18:33 - 2017-09-13 10:27 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
      2017-11-11 18:33 - 2017-09-13 10:27 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
      2017-11-11 18:33 - 2017-09-13 10:27 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
      2017-11-11 18:33 - 2017-09-13 10:27 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
      2017-11-11 18:33 - 2017-09-13 10:27 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
      2017-11-11 18:33 - 2017-09-13 10:27 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
      2017-11-11 18:33 - 2017-09-13 10:27 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
      2017-11-11 18:33 - 2017-09-13 10:13 - 004001512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
      2017-11-11 18:33 - 2017-09-13 10:13 - 003945704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
      2017-11-11 18:33 - 2017-09-13 10:10 - 001314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
      2017-11-11 18:33 - 2017-09-13 10:09 - 001114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
      2017-11-11 18:33 - 2017-09-13 10:09 - 000830464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
      2017-11-11 18:33 - 2017-09-13 10:09 - 000666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
      2017-11-11 18:33 - 2017-09-13 10:09 - 000428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanmsm.dll
      2017-11-11 18:33 - 2017-09-13 10:09 - 000392704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlansec.dll
      2017-11-11 18:33 - 2017-09-13 10:09 - 000275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
      2017-11-11 18:33 - 2017-09-13 10:09 - 000261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
      2017-11-11 18:33 - 2017-09-13 10:09 - 000254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
      2017-11-11 18:33 - 2017-09-13 10:09 - 000223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
      2017-11-11 18:33 - 2017-09-13 10:09 - 000172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
      2017-11-11 18:33 - 2017-09-13 10:09 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
      2017-11-11 18:33 - 2017-09-13 10:09 - 000141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
      2017-11-11 18:33 - 2017-09-13 10:09 - 000096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
      2017-11-11 18:33 - 2017-09-13 10:09 - 000083968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanhlp.dll
      2017-11-11 18:33 - 2017-09-13 10:09 - 000082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
      2017-11-11 18:33 - 2017-09-13 10:09 - 000080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanapi.dll
      2017-11-11 18:33 - 2017-09-13 10:09 - 000065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
      2017-11-11 18:33 - 2017-09-13 10:09 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
      2017-11-11 18:33 - 2017-09-13 10:09 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
      2017-11-11 18:33 - 2017-09-13 10:09 - 000022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
      2017-11-11 18:33 - 2017-09-13 10:09 - 000005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
      2017-11-11 18:33 - 2017-09-13 10:08 - 000690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
      2017-11-11 18:33 - 2017-09-13 10:08 - 000644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
      2017-11-11 18:33 - 2017-09-13 10:08 - 000554496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
      2017-11-11 18:33 - 2017-09-13 10:08 - 000342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
      2017-11-11 18:33 - 2017-09-13 10:08 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
      2017-11-11 18:33 - 2017-09-13 10:08 - 000017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
      2017-11-11 18:33 - 2017-09-13 10:08 - 000006656 _____ (Microsoft Corporation)


      Continua...

    4. #4
      Usuario Avatar de luis1717
      Registrado
      nov 2017
      Ubicación
      Perú
      Mensajes
      8

      Re: Virus que bloquea teclado en el boot, y desactiva msconfig y todos las herramient

      C:\Windows\SysWOW64\apisetschema.dll
      2017-11-11 18:33 - 2017-09-13 10:08 - 000005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
      2017-11-11 18:33 - 2017-09-13 10:08 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
      2017-11-11 18:33 - 2017-09-13 10:08 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
      2017-11-11 18:33 - 2017-09-13 10:08 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
      2017-11-11 18:33 - 2017-09-13 10:08 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
      2017-11-11 18:33 - 2017-09-13 10:08 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
      2017-11-11 18:33 - 2017-09-13 10:08 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
      2017-11-11 18:33 - 2017-09-13 10:08 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
      2017-11-11 18:33 - 2017-09-13 10:08 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
      2017-11-11 18:33 - 2017-09-13 10:08 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
      2017-11-11 18:33 - 2017-09-13 10:08 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
      2017-11-11 18:33 - 2017-09-13 10:08 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
      2017-11-11 18:33 - 2017-09-13 10:08 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
      2017-11-11 18:33 - 2017-09-13 10:08 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
      2017-11-11 18:33 - 2017-09-13 10:08 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
      2017-11-11 18:33 - 2017-09-13 10:08 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
      2017-11-11 18:33 - 2017-09-13 10:08 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
      2017-11-11 18:33 - 2017-09-13 10:08 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
      2017-11-11 18:33 - 2017-09-13 10:08 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
      2017-11-11 18:33 - 2017-09-13 10:08 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
      2017-11-11 18:33 - 2017-09-13 10:08 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
      2017-11-11 18:33 - 2017-09-13 10:08 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
      2017-11-11 18:33 - 2017-09-13 10:08 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
      2017-11-11 18:33 - 2017-09-13 10:08 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
      2017-11-11 18:33 - 2017-09-13 10:05 - 000324608 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nwifi.sys
      2017-11-11 18:33 - 2017-09-13 10:00 - 000148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
      2017-11-11 18:33 - 2017-09-13 10:00 - 000064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
      2017-11-11 18:33 - 2017-09-13 10:00 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
      2017-11-11 18:33 - 2017-09-13 10:00 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
      2017-11-11 18:33 - 2017-09-13 09:57 - 000338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
      2017-11-11 18:33 - 2017-09-13 09:56 - 000296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
      2017-11-11 18:33 - 2017-09-13 09:53 - 000291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
      2017-11-11 18:33 - 2017-09-13 09:53 - 000159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
      2017-11-11 18:33 - 2017-09-13 09:53 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
      2017-11-11 18:33 - 2017-09-13 09:52 - 000112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
      2017-11-11 18:33 - 2017-09-13 09:52 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
      2017-11-11 18:33 - 2017-09-13 09:50 - 000050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
      2017-11-11 18:33 - 2017-09-13 09:47 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
      2017-11-11 18:33 - 2017-09-13 09:46 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
      2017-11-11 18:33 - 2017-09-13 09:46 - 000014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
      2017-11-11 18:33 - 2017-09-13 09:46 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
      2017-11-11 18:33 - 2017-09-13 09:46 - 000006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
      2017-11-11 18:33 - 2017-09-13 09:46 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
      2017-11-11 18:33 - 2017-09-13 09:46 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
      2017-11-11 18:33 - 2017-09-13 09:46 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
      2017-11-11 18:33 - 2017-09-13 09:46 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
      2017-11-11 18:33 - 2017-09-08 19:45 - 000395984 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
      2017-11-11 18:33 - 2017-09-08 18:47 - 000347344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
      2017-11-11 18:33 - 2017-09-08 10:34 - 001680616 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
      2017-11-11 18:33 - 2017-09-08 10:30 - 002319872 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
      2017-11-11 18:33 - 2017-09-08 10:30 - 002222080 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
      2017-11-11 18:33 - 2017-09-08 10:30 - 002058240 _____ (Microsoft Corporation) C:\Windows\system32\Query.dll
      2017-11-11 18:33 - 2017-09-08 10:30 - 000778240 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
      2017-11-11 18:33 - 2017-09-08 10:30 - 000491520 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
      2017-11-11 18:33 - 2017-09-08 10:30 - 000405504 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
      2017-11-11 18:33 - 2017-09-08 10:30 - 000288256 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll
      2017-11-11 18:33 - 2017-09-08 10:30 - 000149504 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll
      2017-11-11 18:33 - 2017-09-08 10:30 - 000115200 _____ (Microsoft Corporation) C:\Windows\system32\mssitlb.dll
      2017-11-11 18:33 - 2017-09-08 10:30 - 000099840 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll
      2017-11-11 18:33 - 2017-09-08 10:30 - 000075264 _____ (Microsoft Corporation) C:\Windows\system32\msscntrs.dll
      2017-11-11 18:33 - 2017-09-08 10:30 - 000014336 _____ (Microsoft Corporation) C:\Windows\system32\msshooks.dll
      2017-11-11 18:33 - 2017-09-08 10:14 - 000591872 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
      2017-11-11 18:33 - 2017-09-08 10:13 - 000249856 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
      2017-11-11 18:33 - 2017-09-08 10:13 - 000113664 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe
      2017-11-11 18:33 - 2017-09-08 10:10 - 001549824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
      2017-11-11 18:33 - 2017-09-08 10:10 - 001363968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Query.dll
      2017-11-11 18:33 - 2017-09-08 10:10 - 000312832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
      2017-11-11 18:33 - 2017-09-08 10:10 - 000109568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\t2embed.dll
      2017-11-11 18:33 - 2017-09-08 10:09 - 001400320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
      2017-11-11 18:33 - 2017-09-08 10:09 - 000666624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
      2017-11-11 18:33 - 2017-09-08 10:09 - 000337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
      2017-11-11 18:33 - 2017-09-08 10:09 - 000197120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssphtb.dll
      2017-11-11 18:33 - 2017-09-08 10:09 - 000104448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssitlb.dll
      2017-11-11 18:33 - 2017-09-08 10:09 - 000059392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscntrs.dll
      2017-11-11 18:33 - 2017-09-08 10:09 - 000034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssprxy.dll
      2017-11-11 18:33 - 2017-09-08 10:00 - 003222016 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
      2017-11-11 18:33 - 2017-09-08 10:00 - 000427520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
      2017-11-11 18:33 - 2017-09-08 10:00 - 000164352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
      2017-11-11 18:33 - 2017-09-08 09:59 - 000086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFilterHost.exe
      2017-11-11 18:33 - 2017-09-08 09:59 - 000009728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msshooks.dll
      2017-11-11 18:33 - 2017-09-08 09:20 - 000640512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswstr10.dll
      2017-11-11 18:33 - 2017-09-08 09:20 - 000345088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msexcl40.dll
      2017-11-11 18:33 - 2017-09-08 09:20 - 000008704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjint40.dll
      2017-11-11 18:33 - 2017-09-07 16:38 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
      2017-11-11 18:33 - 2017-09-07 16:37 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
      2017-11-11 18:33 - 2017-09-07 16:19 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
      2017-11-11 18:33 - 2017-09-07 16:18 - 000417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
      2017-11-11 18:33 - 2017-09-07 16:18 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
      2017-11-11 18:33 - 2017-09-07 16:17 - 000576512 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
      2017-11-11 18:33 - 2017-09-07 16:17 - 000088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
      2017-11-11 18:33 - 2017-09-07 16:15 - 002902528 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
      2017-11-11 18:33 - 2017-09-07 16:08 - 025729536 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
      2017-11-11 18:33 - 2017-09-07 16:08 - 000054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
      2017-11-11 18:33 - 2017-09-07 16:07 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
      2017-11-11 18:33 - 2017-09-07 16:02 - 000615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
      2017-11-11 18:33 - 2017-09-07 16:01 - 000814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
      2017-11-11 18:33 - 2017-09-07 16:01 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
      2017-11-11 18:33 - 2017-09-07 16:01 - 000116224 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
      2017-11-11 18:33 - 2017-09-07 16:00 - 000817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
      2017-11-11 18:33 - 2017-09-07 15:52 - 000968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
      2017-11-11 18:33 - 2017-09-07 15:48 - 000489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
      2017-11-11 18:33 - 2017-09-07 15:40 - 005982208 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
      2017-11-11 18:33 - 2017-09-07 15:39 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
      2017-11-11 18:33 - 2017-09-07 15:38 - 000087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
      2017-11-11 18:33 - 2017-09-07 15:37 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
      2017-11-11 18:33 - 2017-09-07 15:33 - 000199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
      2017-11-11 18:33 - 2017-09-07 15:32 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
      2017-11-11 18:33 - 2017-09-07 15:29 - 000315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
      2017-11-11 18:33 - 2017-09-07 15:27 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
      2017-11-11 18:33 - 2017-09-07 15:13 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
      2017-11-11 18:33 - 2017-09-07 15:10 - 000807936 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
      2017-11-11 18:33 - 2017-09-07 15:10 - 000726528 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
      2017-11-11 18:33 - 2017-09-07 15:08 - 002134528 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
      2017-11-11 18:33 - 2017-09-07 15:08 - 001359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
      2017-11-11 18:33 - 2017-09-07 14:44 - 015262720 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
      2017-11-11 18:33 - 2017-09-07 14:40 - 003240960 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
      2017-11-11 18:33 - 2017-09-07 14:27 - 002724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
      2017-11-11 18:33 - 2017-09-07 14:27 - 001548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
      2017-11-11 18:33 - 2017-09-07 14:17 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
      2017-11-11 18:33 - 2017-09-07 14:11 - 000062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
      2017-11-11 18:33 - 2017-09-07 14:10 - 000499200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
      2017-11-11 18:33 - 2017-09-07 14:10 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
      2017-11-11 18:33 - 2017-09-07 14:10 - 000047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
      2017-11-11 18:33 - 2017-09-07 14:09 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
      2017-11-11 18:33 - 2017-09-07 14:04 - 020267008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
      2017-11-11 18:33 - 2017-09-07 14:03 - 002292736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
      2017-11-11 18:33 - 2017-09-07 14:03 - 000047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
      2017-11-11 18:33 - 2017-09-07 14:02 - 000030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
      2017-11-11 18:33 - 2017-09-07 13:59 - 000476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
      2017-11-11 18:33 - 2017-09-07 13:58 - 000663040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
      2017-11-11 18:33 - 2017-09-07 13:58 - 000620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
      2017-11-11 18:33 - 2017-09-07 13:58 - 000115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
      2017-11-11 18:33 - 2017-09-07 13:49 - 000416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
      2017-11-11 18:33 - 2017-09-07 13:44 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
      2017-11-11 18:33 - 2017-09-07 13:44 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
      2017-11-11 18:33 - 2017-09-07 13:43 - 000091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
      2017-11-11 18:33 - 2017-09-07 13:40 - 000168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
      2017-11-11 18:33 - 2017-09-07 13:39 - 000076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
      2017-11-11 18:33 - 2017-09-07 13:37 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
      2017-11-11 18:33 - 2017-09-07 13:36 - 000130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
      2017-11-11 18:33 - 2017-09-07 13:29 - 004547072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
      2017-11-11 18:33 - 2017-09-07 13:29 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
      2017-11-11 18:33 - 2017-09-07 13:26 - 000694784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
      2017-11-11 18:33 - 2017-09-07 13:25 - 002058752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
      2017-11-11 18:33 - 2017-09-07 13:25 - 001155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
      2017-11-11 18:33 - 2017-09-07 13:17 - 013677568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
      2017-11-11 18:33 - 2017-09-07 13:01 - 002767872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
      2017-11-11 18:33 - 2017-09-07 12:57 - 001316864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
      2017-11-11 18:33 - 2017-09-07 12:57 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
      2017-11-11 18:33 - 2017-09-07 10:31 - 002851328 _____ (Microsoft Corporation) C:\Windows\system32\themeui.dll
      2017-11-11 18:33 - 2017-09-07 10:12 - 002755072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\themeui.dll
      2017-11-11 18:33 - 2017-09-07 09:55 - 000461312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
      2017-11-11 18:33 - 2017-09-07 09:55 - 000405504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
      2017-11-11 18:33 - 2017-09-07 09:55 - 000168448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
      2017-11-11 18:33 - 2017-08-19 10:28 - 004121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
      2017-11-11 18:33 - 2017-08-19 10:28 - 000206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
      2017-11-11 18:33 - 2017-08-19 10:28 - 000197120 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
      2017-11-11 18:33 - 2017-08-19 10:28 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
      2017-11-11 18:33 - 2017-08-19 10:10 - 003209216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
      2017-11-11 18:33 - 2017-08-19 10:10 - 000180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
      2017-11-11 18:33 - 2017-08-19 10:10 - 000103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
      2017-11-11 18:33 - 2017-08-19 10:10 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
      2017-11-11 18:33 - 2017-08-19 10:08 - 000055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
      2017-11-11 18:33 - 2017-08-19 10:08 - 000024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
      2017-11-11 18:33 - 2017-08-19 09:57 - 000050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
      2017-11-11 18:33 - 2017-08-19 09:57 - 000023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
      2017-11-11 18:33 - 2017-08-16 10:29 - 000806912 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
      2017-11-11 18:33 - 2017-08-16 10:10 - 000629760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
      2017-11-11 18:33 - 2017-08-15 10:29 - 014182400 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
      2017-11-11 18:33 - 2017-08-15 10:29 - 001867264 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
      2017-11-11 18:33 - 2017-08-15 10:10 - 012880896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
      2017-11-11 18:33 - 2017-08-15 10:10 - 001499648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
      2017-11-11 18:33 - 2017-08-14 12:35 - 003203584 _____ (Microsoft Corporation) C:\Windows\system32\mmcndmgr.dll
      2017-11-11 18:33 - 2017-08-14 12:35 - 002150912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mmcndmgr.dll
      2017-11-11 18:33 - 2017-08-14 12:35 - 001032192 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll
      2017-11-11 18:33 - 2017-08-14 12:35 - 000827904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll
      2017-11-11 18:33 - 2017-08-14 12:35 - 000355328 _____ (Microsoft Corporation) C:\Windows\system32\mmcbase.dll
      2017-11-11 18:33 - 2017-08-14 12:35 - 000303104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mmcbase.dll
      2017-11-11 18:33 - 2017-08-14 12:35 - 000172544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cic.dll
      2017-11-11 18:33 - 2017-08-14 12:35 - 000131072 _____ (Microsoft Corporation) C:\Windows\system32\mmcshext.dll
      2017-11-11 18:33 - 2017-08-14 12:35 - 000128512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mmcshext.dll
      2017-11-11 18:33 - 2017-08-14 12:35 - 000022528 _____ (Microsoft Corporation) C:\Windows\system32\icaapi.dll
      2017-11-11 18:33 - 2017-08-14 12:34 - 000211968 _____ (Microsoft Corporation) C:\Windows\system32\cic.dll
      2017-11-11 18:33 - 2017-08-13 16:45 - 000040448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
      2017-11-11 18:33 - 2017-08-13 16:37 - 002144256 _____ (Microsoft Corporation) C:\Windows\system32\mmc.exe
      2017-11-11 18:33 - 2017-08-13 16:30 - 001401344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mmc.exe
      2017-11-11 18:33 - 2017-08-11 01:35 - 002065408 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
      2017-11-11 18:33 - 2017-08-11 01:35 - 000757248 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
      2017-11-11 18:33 - 2017-08-11 01:35 - 000512000 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
      2017-11-11 18:33 - 2017-08-11 01:35 - 000346112 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.dll
      2017-11-11 18:33 - 2017-08-11 01:35 - 000313856 _____ (Microsoft Corporation) C:\Windows\system32\Wldap32.dll
      2017-11-11 18:33 - 2017-08-11 01:35 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\oleres.dll
      2017-11-11 18:33 - 2017-08-11 01:35 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\nsisvc.dll
      2017-11-11 18:33 - 2017-08-11 01:35 - 000025600 _____ (Microsoft Corporation) C:\Windows\system32\winnsi.dll
      2017-11-11 18:33 - 2017-08-11 01:35 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\nsi.dll
      2017-11-11 18:33 - 2017-08-11 01:34 - 000971776 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
      2017-11-11 18:33 - 2017-08-11 01:34 - 000166400 _____ (Microsoft Corporation) C:\Windows\system32\inetpp.dll
      2017-11-11 18:33 - 2017-08-11 01:34 - 000022528 _____ (Microsoft Corporation) C:\Windows\system32\inetppui.dll
      2017-11-11 18:33 - 2017-08-11 01:34 - 000008704 _____ (Microsoft Corporation) C:\Windows\system32\comcat.dll
      2017-11-11 18:33 - 2017-08-11 01:20 - 000071680 _____ C:\Windows\system32\PrintBrmUi.exe
      2017-11-11 18:33 - 2017-08-11 01:20 - 000061952 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.exe
      2017-11-11 18:33 - 2017-08-11 01:20 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\wpnpinst.exe
      2017-11-11 18:33 - 2017-08-11 01:19 - 001417728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
      2017-11-11 18:33 - 2017-08-11 01:19 - 000497664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
      2017-11-11 18:33 - 2017-08-11 01:19 - 000299008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntprint.dll
      2017-11-11 18:33 - 2017-08-11 01:19 - 000271360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wldap32.dll
      2017-11-11 18:33 - 2017-08-11 01:19 - 000026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleres.dll
      2017-11-11 18:33 - 2017-08-11 01:19 - 000016384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winnsi.dll
      2017-11-11 18:33 - 2017-08-11 01:19 - 000008704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nsi.dll
      2017-11-11 18:33 - 2017-08-11 01:12 - 000025088 _____ (Microsoft Corporation) C:\Windows\system32\netbtugc.exe
      2017-11-11 18:33 - 2017-08-11 01:09 - 000061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntprint.exe
      2017-11-11 18:33 - 2017-08-11 01:03 - 000026624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netbtugc.exe
      2017-11-11 18:33 - 2017-08-11 01:01 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comcat.dll
      2017-11-11 18:33 - 2017-08-11 01:00 - 000262656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbt.sys
      2017-11-11 18:33 - 2017-08-11 00:58 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nsiproxy.sys
      2017-11-11 18:33 - 2017-07-29 09:56 - 000117248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
      2017-11-11 18:33 - 2017-07-21 09:26 - 000518144 _____ C:\Windows\SysWOW64\msjetoledb40.dll
      2017-11-11 18:33 - 2017-07-21 09:26 - 000409600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msexch40.dll
      2017-11-11 18:33 - 2017-07-21 09:26 - 000290816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjtes40.dll
      2017-11-11 18:33 - 2017-07-21 09:26 - 000282624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstext40.dll
      2017-11-11 18:33 - 2017-07-14 10:29 - 000486400 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
      2017-11-11 18:33 - 2017-07-14 10:29 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\werdiagcontroller.dll
      2017-11-11 18:33 - 2017-07-14 10:10 - 000382976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
      2017-11-11 18:33 - 2017-07-14 09:57 - 000050688 _____ (Microsoft Corporation) C:\Windows\system32\wermgr.exe
      2017-11-11 18:33 - 2017-07-14 09:50 - 000054272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wermgr.exe
      2017-11-11 18:33 - 2017-07-14 09:50 - 000028672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\werdiagcontroller.dll
      2017-11-11 18:33 - 2017-07-08 10:34 - 000370920 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
      2017-11-11 18:33 - 2017-07-07 10:33 - 000363752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volmgrx.sys
      2017-11-11 18:33 - 2017-07-07 10:29 - 001143296 _____ (Microsoft Corporation) C:\Windows\system32\DXPTaskRingtone.dll
      2017-11-11 18:33 - 2017-07-07 10:10 - 000973312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DXPTaskRingtone.dll
      2017-11-11 18:33 - 2017-07-01 08:05 - 001311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjet40.dll
      2017-11-11 18:33 - 2017-07-01 08:05 - 000866816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswdat10.dll
      2017-11-11 18:33 - 2017-07-01 08:05 - 000616448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrepl40.dll
      2017-11-11 18:33 - 2017-07-01 08:05 - 000475648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxbde40.dll
      2017-11-11 18:33 - 2017-07-01 08:05 - 000375808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mspbde40.dll
      2017-11-11 18:33 - 2017-07-01 08:05 - 000343552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrd3x40.dll
      2017-11-11 18:33 - 2017-07-01 08:05 - 000310272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrd2x40.dll
      2017-11-11 18:33 - 2017-07-01 08:05 - 000240640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msltus40.dll
      2017-11-11 18:33 - 2017-07-01 08:05 - 000083968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjter40.dll
      2017-11-11 18:33 - 2017-06-15 15:23 - 000753664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
      2017-11-11 18:33 - 2017-06-12 17:49 - 001363456 _____ (Microsoft Corporation) C:\Windows\system32\wdc.dll
      2017-11-11 18:33 - 2017-06-12 17:49 - 000594432 _____ (Microsoft Corporation) C:\Windows\system32\wvc.dll
      2017-11-11 18:33 - 2017-06-12 17:49 - 000475136 _____ (Microsoft Corporation) C:\Windows\system32\sysmon.ocx
      2017-11-11 18:33 - 2017-06-12 17:49 - 000058880 _____ (Microsoft Corporation) C:\Windows\system32\pdhui.dll
      2017-11-11 18:33 - 2017-06-12 17:29 - 001227264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdc.dll
      2017-11-11 18:33 - 2017-06-12 17:29 - 000444928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wvc.dll
      2017-11-11 18:33 - 2017-06-12 17:29 - 000390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sysmon.ocx
      2017-11-11 18:33 - 2017-06-12 17:28 - 000047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pdhui.dll
      2017-11-11 18:33 - 2017-06-12 17:14 - 000379392 _____ (Microsoft Corporation) C:\Windows\system32\msinfo32.exe
      2017-11-11 18:33 - 2017-06-12 17:14 - 000172544 _____ (Microsoft Corporation) C:\Windows\system32\perfmon.exe
      2017-11-11 18:33 - 2017-06-12 17:14 - 000103936 _____ (Microsoft Corporation) C:\Windows\system32\resmon.exe
      2017-11-11 18:33 - 2017-06-12 17:06 - 000303616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msinfo32.exe
      2017-11-11 18:33 - 2017-06-12 17:06 - 000157184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\perfmon.exe
      2017-11-11 18:33 - 2017-06-12 17:06 - 000103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\resmon.exe
      2017-11-11 18:33 - 2017-06-02 03:10 - 000733696 _____ (Microsoft Corporation) C:\Windows\HelpPane.exe
      2017-11-11 18:33 - 2017-05-29 23:56 - 001895656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
      2017-11-11 18:33 - 2017-05-29 23:56 - 000377576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
      2017-11-11 18:33 - 2017-05-29 23:56 - 000287976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
      2017-11-11 18:33 - 2017-05-20 23:24 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
      2017-11-11 18:33 - 2017-05-20 23:06 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
      2017-11-11 18:33 - 2017-05-16 10:35 - 000986856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
      2017-11-11 18:33 - 2017-05-16 10:35 - 000265448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
      2017-11-11 18:33 - 2017-05-16 10:30 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
      2017-11-11 18:33 - 2017-05-12 13:26 - 000382696 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
      2017-11-11 18:33 - 2017-05-12 13:22 - 000100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
      2017-11-11 18:33 - 2017-05-12 13:22 - 000046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
      2017-11-11 18:33 - 2017-05-12 13:22 - 000041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
      2017-11-11 18:33 - 2017-05-12 13:22 - 000014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
      2017-11-11 18:33 - 2017-05-12 13:07 - 000308456 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
      2017-11-11 18:33 - 2017-05-12 13:03 - 000070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
      2017-11-11 18:33 - 2017-05-12 13:03 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
      2017-11-11 18:33 - 2017-05-12 13:03 - 000010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
      2017-11-11 18:33 - 2017-05-12 12:43 - 000034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
      2017-11-11 18:33 - 2017-05-12 11:25 - 001251328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
      2017-11-11 18:33 - 2017-05-12 10:58 - 001648128 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
      2017-11-11 18:33 - 2017-05-12 10:58 - 001180160 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
      2017-11-11 18:33 - 2017-05-10 10:33 - 000091368 _____ (Microsoft Corporation) C:\Windows\system32\MigAutoPlay.exe
      2017-11-11 18:33 - 2017-05-10 10:29 - 003165184 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
      2017-11-11 18:33 - 2017-05-10 10:29 - 000192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
      2017-11-11 18:33 - 2017-05-10 10:29 - 000098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
      2017-11-11 18:33 - 2017-05-10 10:28 - 000091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
      2017-11-11 18:33 - 2017-05-10 10:16 - 000091368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MigAutoPlay.exe
      2017-11-11 18:33 - 2017-05-10 10:14 - 002651136 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
      2017-11-11 18:33 - 2017-05-10 10:13 - 000709120 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
      2017-11-11 18:33 - 2017-05-10 10:13 - 000140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
      2017-11-11 18:33 - 2017-05-10 10:13 - 000037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
      2017-11-11 18:33 - 2017-05-10 10:13 - 000037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
      2017-11-11 18:33 - 2017-05-10 10:13 - 000036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
      2017-11-11 18:33 - 2017-05-10 10:13 - 000012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
      2017-11-11 18:33 - 2017-05-10 10:12 - 000174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
      2017-11-11 18:33 - 2017-05-10 10:00 - 000573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
      2017-11-11 18:33 - 2017-05-10 10:00 - 000093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
      2017-11-11 18:33 - 2017-05-10 10:00 - 000035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
      2017-11-11 18:33 - 2017-05-10 10:00 - 000030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
      2017-11-11 18:33 - 2017-05-07 10:33 - 000094440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
      2017-11-11 18:33 - 2017-05-07 10:29 - 000011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
      2017-11-11 18:33 - 2017-04-27 17:50 - 003550208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_47.dll
      2017-11-11 18:33 - 2017-04-21 10:34 - 001133568 _____ (Microsoft Corporation) C:\Windows\system32\cdosys.dll
      2017-11-11 18:33 - 2017-04-21 10:15 - 000805376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cdosys.dll
      2017-11-11 18:33 - 2017-04-17 10:37 - 000876544 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
      2017-11-11 18:33 - 2017-04-17 10:12 - 000581632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
      2017-11-11 18:33 - 2017-04-12 10:32 - 001483776 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
      2017-11-11 18:33 - 2017-04-12 10:32 - 000229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
      2017-11-11 18:33 - 2017-04-12 10:32 - 000190976 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
      2017-11-11 18:33 - 2017-04-12 10:32 - 000141824 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
      2017-11-11 18:33 - 2017-04-12 10:26 - 000179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
      2017-11-11 18:33 - 2017-04-12 10:25 - 001176064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
      2017-11-11 18:33 - 2017-04-12 10:25 - 000145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
      2017-11-11 18:33 - 2017-04-12 10:25 - 000106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
      2017-11-11 18:33 - 2017-04-12 08:05 - 004296704 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_47.dll
      2017-11-11 18:33 - 2017-04-04 09:53 - 000496128 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
      2017-11-11 18:33 - 2017-03-30 10:03 - 000046080 _____ (Microsoft Corporation) C:\Windows\system32\rundll32.exe
      2017-11-11 18:33 - 2017-03-30 09:58 - 000045056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
      2017-11-11 18:33 - 2017-03-10 11:32 - 001389056 _____ (Microsoft Corporation) C:\Windows\system32\pla.dll
      2017-11-11 18:33 - 2017-03-10 11:32 - 000300544 _____ (Microsoft Corporation) C:\Windows\system32\pdh.dll
      2017-11-11 18:33 - 2017-03-10 11:20 - 001508352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pla.dll
      2017-11-11 18:33 - 2017-03-10 11:20 - 000237056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pdh.dll
      2017-11-11 18:33 - 2017-03-10 10:57 - 000009216 _____ (Microsoft Corporation) C:\Windows\system32\plasrv.exe
      2017-11-11 18:33 - 2017-03-10 10:55 - 000205312 _____ (Microsoft Corporation)

      Continua...

    5. #5
      Usuario Avatar de luis1717
      Registrado
      nov 2017
      Ubicación
      Perú
      Mensajes
      8

      Re: Virus que bloquea teclado en el boot, y desactiva msconfig y todos las herramient

      C:\Windows\system32\Drivers\fastfat.sys
      2017-11-11 18:33 - 2017-03-10 10:55 - 000195584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\exfat.sys
      2017-11-11 18:33 - 2017-03-07 11:30 - 000085504 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll
      2017-11-11 18:33 - 2017-03-07 11:17 - 000067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\asycfilt.dll
      2017-11-11 18:33 - 2017-03-07 09:05 - 000243200 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
      2017-11-11 18:33 - 2017-03-03 20:27 - 001574912 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
      2017-11-11 18:33 - 2017-03-03 20:27 - 000093696 _____ (Microsoft Corporation) C:\Windows\system32\mfmjpegdec.dll
      2017-11-11 18:33 - 2017-03-03 20:14 - 001329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
      2017-11-11 18:33 - 2017-03-03 20:14 - 000077312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmjpegdec.dll
      2017-11-11 18:33 - 2017-02-09 11:32 - 000769536 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll
      2017-11-11 18:33 - 2017-02-09 11:32 - 000106496 _____ (Microsoft Corporation) C:\Windows\system32\samlib.dll
      2017-11-11 18:33 - 2017-02-09 11:32 - 000040960 _____ (Microsoft Corporation) C:\Windows\system32\WcsPlugInService.dll
      2017-11-11 18:33 - 2017-02-09 11:31 - 000625664 _____ (Microsoft Corporation) C:\Windows\system32\mscms.dll
      2017-11-11 18:33 - 2017-02-09 11:31 - 000250880 _____ (Microsoft Corporation) C:\Windows\system32\icm32.dll
      2017-11-11 18:33 - 2017-02-09 11:14 - 000481792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscms.dll
      2017-11-11 18:33 - 2017-02-09 11:14 - 000215040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icm32.dll
      2017-11-11 18:33 - 2017-02-09 11:14 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\samlib.dll
      2017-11-11 18:33 - 2017-02-09 10:51 - 000032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WcsPlugInService.dll
      2017-11-11 18:33 - 2017-01-18 10:36 - 000994760 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
      2017-11-11 18:33 - 2017-01-18 10:36 - 000063840 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
      2017-11-11 18:33 - 2017-01-18 10:36 - 000020832 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
      2017-11-11 18:33 - 2017-01-18 10:36 - 000019808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
      2017-11-11 18:33 - 2017-01-18 10:36 - 000017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
      2017-11-11 18:33 - 2017-01-18 10:36 - 000017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
      2017-11-11 18:33 - 2017-01-18 10:36 - 000016224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
      2017-11-11 18:33 - 2017-01-18 10:36 - 000015712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
      2017-11-11 18:33 - 2017-01-18 10:36 - 000014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
      2017-11-11 18:33 - 2017-01-18 10:36 - 000014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
      2017-11-11 18:33 - 2017-01-18 10:36 - 000013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
      2017-11-11 18:33 - 2017-01-18 10:36 - 000012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
      2017-11-11 18:33 - 2017-01-18 10:36 - 000012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
      2017-11-11 18:33 - 2017-01-18 10:36 - 000012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
      2017-11-11 18:33 - 2017-01-18 10:36 - 000012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
      2017-11-11 18:33 - 2017-01-18 10:36 - 000012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
      2017-11-11 18:33 - 2017-01-18 10:36 - 000012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
      2017-11-11 18:33 - 2017-01-18 10:36 - 000012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
      2017-11-11 18:33 - 2017-01-18 10:36 - 000012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
      2017-11-11 18:33 - 2017-01-18 10:36 - 000011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
      2017-11-11 18:33 - 2017-01-18 10:36 - 000011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
      2017-11-11 18:33 - 2017-01-18 10:36 - 000011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
      2017-11-11 18:33 - 2017-01-18 10:36 - 000011608 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
      2017-11-11 18:33 - 2017-01-18 10:35 - 000922432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
      2017-11-11 18:33 - 2017-01-18 10:35 - 000066400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
      2017-11-11 18:33 - 2017-01-18 10:35 - 000022368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
      2017-11-11 18:33 - 2017-01-18 10:35 - 000019808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
      2017-11-11 18:33 - 2017-01-18 10:35 - 000017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
      2017-11-11 18:33 - 2017-01-18 10:35 - 000017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
      2017-11-11 18:33 - 2017-01-18 10:35 - 000016224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
      2017-11-11 18:33 - 2017-01-18 10:35 - 000015712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
      2017-11-11 18:33 - 2017-01-18 10:35 - 000014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
      2017-11-11 18:33 - 2017-01-18 10:35 - 000014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-2-0.dll
      2017-11-11 18:33 - 2017-01-18 10:35 - 000013664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
      2017-11-11 18:33 - 2017-01-18 10:35 - 000012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
      2017-11-11 18:33 - 2017-01-18 10:35 - 000012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
      2017-11-11 18:33 - 2017-01-18 10:35 - 000012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
      2017-11-11 18:33 - 2017-01-18 10:35 - 000012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
      2017-11-11 18:33 - 2017-01-18 10:35 - 000012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
      2017-11-11 18:33 - 2017-01-18 10:35 - 000012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
      2017-11-11 18:33 - 2017-01-18 10:35 - 000012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-2-0.dll
      2017-11-11 18:33 - 2017-01-18 10:35 - 000012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-1.dll
      2017-11-11 18:33 - 2017-01-18 10:35 - 000011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll
      2017-11-11 18:33 - 2017-01-18 10:35 - 000011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-timezone-l1-1-0.dll
      2017-11-11 18:33 - 2017-01-18 10:35 - 000011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l2-1-0.dll
      2017-11-11 18:33 - 2017-01-18 10:35 - 000011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-2-0.dll
      2017-11-11 18:33 - 2017-01-13 13:00 - 000976896 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
      2017-11-11 18:33 - 2017-01-13 13:00 - 000084480 _____ (Microsoft Corporation) C:\Windows\system32\INETRES.dll
      2017-11-11 18:33 - 2017-01-13 12:45 - 000741888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
      2017-11-11 18:33 - 2017-01-13 12:45 - 000084480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\INETRES.dll
      2017-11-11 18:33 - 2017-01-11 13:01 - 001887744 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
      2017-11-11 18:33 - 2017-01-11 13:01 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
      2017-11-11 18:33 - 2017-01-11 12:43 - 001241088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
      2017-11-11 18:33 - 2017-01-11 12:43 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
      2017-11-11 18:33 - 2016-03-23 17:40 - 003181568 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
      2017-11-11 18:33 - 2016-03-23 17:40 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
      2017-11-11 18:05 - 2017-05-03 10:34 - 000094952 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
      2017-11-11 18:05 - 2017-05-03 10:29 - 001206272 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
      2017-11-11 18:05 - 2017-05-03 08:05 - 001555968 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
      2017-11-11 18:05 - 2017-05-03 08:05 - 000620544 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
      2017-11-11 18:05 - 2017-05-03 08:05 - 000535552 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
      2017-11-11 18:05 - 2017-05-03 08:05 - 000325632 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
      2017-11-11 18:05 - 2017-05-03 08:05 - 000311296 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
      2017-11-11 18:05 - 2017-05-03 08:05 - 000217088 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
      2017-11-11 18:05 - 2017-05-03 08:05 - 000127488 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
      2017-11-11 18:05 - 2017-03-22 21:06 - 001691136 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
      2017-11-11 02:06 - 2017-11-11 02:06 - 000000000 ____D C:\Users\Luis\AppData\Roaming\JetBrains
      2017-11-11 01:53 - 2017-11-12 13:11 - 000000000 ____D C:\Users\Luis\AppData\Local\HiSuite
      2017-11-11 01:53 - 2017-11-11 01:53 - 000000000 ____D C:\Users\Luis\Documents\HiSuite
      2017-11-11 01:51 - 2011-10-23 23:04 - 000223232 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\hw_quusbmdm.sys
      2017-11-11 01:51 - 2011-10-23 22:51 - 000116864 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\hw_usbdev.sys
      2017-11-11 01:51 - 2010-02-18 18:00 - 001533512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFUpdate_01007.dll
      2017-11-11 01:51 - 2010-02-18 18:00 - 001490656 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01007.dll
      2017-11-11 01:51 - 2010-02-18 18:00 - 001490656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfCoInstaller01007.dll
      2017-11-11 01:51 - 2010-02-18 18:00 - 000708168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WinUSBCoInstaller.dll
      2017-11-11 01:48 - 2017-11-11 17:48 - 000000000 ____D C:\Program Files (x86)\DriverToolkit
      2017-11-11 01:48 - 2017-11-11 01:48 - 000000000 ____D C:\Users\Luis\AppData\Local\DriverToolkit
      2017-11-11 01:21 - 2017-11-11 01:24 - 000000000 ____D C:\Users\Luis\.gradle
      2017-11-11 00:56 - 2017-11-11 00:57 - 018261367 _____ C:\Users\Luis\Downloads\AplicacionMovil.rar
      2017-11-11 00:51 - 2017-11-11 00:51 - 000000000 ____D C:\Users\Luis\AppData\Local\Android
      2017-11-11 00:47 - 2017-11-12 21:20 - 000000000 ____D C:\Users\Luis\.android
      2017-11-11 00:47 - 2017-11-11 18:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Android Studio
      2017-11-11 00:47 - 2017-11-11 00:47 - 000001132 _____ C:\Users\Luis\Desktop\Android Studio.lnk
      2017-11-11 00:47 - 2017-11-11 00:47 - 000000000 ____D C:\Users\Luis\.AndroidStudio3.0
      2017-11-11 00:46 - 2017-11-11 00:46 - 000000000 ____D C:\Program Files\Android
      2017-11-06 13:31 - 2017-11-06 13:31 - 000000000 _____ C:\Users\Luis\Downloads\descarga (1)
      2017-11-06 13:31 - 2017-11-06 13:31 - 000000000 _____ C:\Users\Luis\Downloads\descarga
      2017-11-03 00:16 - 2017-11-03 00:13 - 000062220 _____ C:\Users\Luis\Documents\sys_fact_03_11.sql
      2017-11-02 23:46 - 2017-11-02 23:46 - 001823083 _____ C:\Users\Luis\Downloads\LOGO_VITACLOUD.ai
      2017-11-02 23:44 - 2017-11-02 23:44 - 000000315 _____ C:\Users\Luis\Desktop\pendientes_02_11.txt
      2017-10-31 01:59 - 2017-10-31 02:14 - 624951296 _____ C:\Users\Luis\Desktop\drweb-livedisk-900-cd.iso
      2017-10-31 01:56 - 2017-10-31 01:56 - 004833792 _____ (Geza Kovacs) C:\Users\Luis\Downloads\unetbootin-windows-657.exe
      2017-10-29 18:22 - 2015-06-18 19:27 - 000000000 ____D C:\Users\Luis\Desktop\Apowersoft reconrder + Crack
      2017-10-29 17:36 - 2017-10-29 17:36 - 000117229 _____ C:\Users\Luis\Documents\Sin título (7).wma
      2017-10-29 17:35 - 2017-10-29 17:35 - 000090289 _____ C:\Users\Luis\Documents\Sin título (6).wma
      2017-10-29 17:33 - 2017-10-29 17:33 - 000063349 _____ C:\Users\Luis\Documents\Sin título (5).wma
      2017-10-29 16:54 - 2017-10-29 16:54 - 000256419 _____ C:\Users\Luis\Documents\Sin título (4).wma
      2017-10-29 11:39 - 2017-10-29 11:39 - 000148659 _____ C:\Users\Luis\Documents\Sin título (3).wma
      2017-10-29 11:31 - 2017-10-29 11:31 - 000144169 _____ C:\Users\Luis\Documents\Sin título (2).wma
      2017-10-29 10:44 - 2017-10-29 10:44 - 000229479 _____ C:\Users\Luis\Documents\Sin título.wma
      2017-10-29 09:22 - 2017-10-29 09:22 - 000001440 _____ C:\Users\Public\Desktop\Grabador de Pantalla Pro de Apowersoft.lnk
      2017-10-29 09:22 - 2017-10-29 09:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apowersoft
      2017-10-29 09:22 - 2017-10-29 09:22 - 000000000 ____D C:\Program Files (x86)\Apowersoft
      2017-10-29 09:21 - 2017-10-29 09:21 - 017111976 _____ (APOWERSOFT LIMITED ) C:\Users\Luis\Downloads\screen-recorder-pro.exe
      2017-10-27 23:59 - 2017-10-27 23:59 - 000000000 ____D C:\ProgramData\Apowersoft
      2017-10-27 23:52 - 2017-10-29 09:22 - 000000000 ____D C:\Users\Luis\Documents\Apowersoft
      2017-10-27 23:49 - 2017-10-29 09:22 - 000000000 ____D C:\Users\Luis\AppData\Roaming\Apowersoft
      2017-10-27 23:49 - 2017-10-27 23:52 - 000000000 ____D C:\Users\Luis\AppData\Local\Apowersoft
      2017-10-27 23:46 - 2017-10-27 23:48 - 001721368 _____ (Apowersoft Ltd. ) C:\Users\Luis\Downloads\apowersoft-online-launcher.exe
      2017-10-27 23:36 - 2017-10-28 00:10 - 714340664 _____ (Google Inc.) C:\Users\Luis\Downloads\android-studio-ide-171.4408382-windows.exe
      2017-10-27 22:47 - 2017-10-27 22:48 - 023186844 _____ C:\Users\Luis\Downloads\ANDROID DEVELOPER BASICO Alumno.rar
      2017-10-27 22:47 - 2017-10-27 22:47 - 000151905 _____ C:\Users\Luis\Downloads\Sílabo Android Application Developer – Nivel Básico.pdf
      2017-10-24 22:17 - 2017-10-24 22:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OBS Studio

      ==================== One Month Modified files and folders ========

      (If an entry is included in the fixlist, the file/folder will be moved.)

      2017-11-23 20:05 - 2016-07-04 02:14 - 000030528 _____ C:\Windows\GVTDrv64.sys
      2017-11-23 20:05 - 2016-07-04 02:14 - 000025640 _____ (Windows (R) Server 2003 DDK provider) C:\Windows\etdrv.sys
      2017-11-23 20:04 - 2016-07-10 11:52 - 000025640 _____ (Windows (R) Server 2003 DDK provider) C:\Windows\gdrv.sys
      2017-11-23 20:04 - 2016-07-10 03:16 - 000000000 ____D C:\ProgramData\VMware
      2017-11-23 20:04 - 2009-07-14 00:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
      2017-11-23 19:57 - 2009-07-14 05:30 - 001338696 _____ C:\Windows\system32\perfh00A.dat
      2017-11-23 19:57 - 2009-07-14 05:30 - 000379048 _____ C:\Windows\system32\perfc00A.dat
      2017-11-23 19:57 - 2009-07-14 00:13 - 000009700 _____ C:\Windows\system32\PerfStringBackup.INI
      2017-11-23 19:51 - 2016-07-06 22:58 - 000065536 _____ C:\Windows\system32\spu_storage.bin
      2017-11-23 19:49 - 2009-07-13 23:45 - 000012400 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
      2017-11-23 19:49 - 2009-07-13 23:45 - 000012400 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
      2017-11-23 19:43 - 2016-07-10 03:16 - 000000000 ____D C:\Users\Luis\AppData\Local\CrashDumps
      2017-11-23 19:43 - 2016-07-06 23:58 - 000000000 ____D C:\Users\Luis\AppData\Local\Spotify
      2017-11-23 19:43 - 2016-07-06 23:56 - 000000000 ____D C:\Users\Luis\AppData\Roaming\Spotify
      2017-11-23 19:43 - 2016-07-06 22:39 - 000000000 ____D C:\Users\Luis\AppData\Roaming\Raptr
      2017-11-23 19:43 - 2016-07-05 00:24 - 000000000 ___RD C:\Users\Luis\Google Drive
      2017-11-23 19:43 - 2016-07-05 00:18 - 000000000 ____D C:\Users\Luis\AppData\Roaming\Ditto
      2017-11-23 19:36 - 2016-07-24 01:28 - 001982464 _____ C:\Users\Luis\Documents\MyPwd.epmx
      2017-11-23 19:36 - 2016-07-24 01:26 - 000000000 ____D C:\Users\Luis\Documents\Efficient Organizer AutoBackup
      2017-11-23 19:17 - 2016-07-23 11:28 - 000000000 ____D C:\Users\MSSQLFDLauncher
      2017-11-23 19:13 - 2016-11-20 20:10 - 000000000 ____D C:\Users\Luis\AppData\LocalLow\Mozilla
      2017-11-23 19:05 - 2016-07-06 22:18 - 000000000 ____D C:\Program Files (x86)\Internet Download Manager
      2017-11-23 19:03 - 2016-07-06 22:19 - 000000000 ____D C:\Users\Luis\AppData\Roaming\DMCache
      2017-11-23 14:21 - 2016-07-19 00:11 - 000000000 ____D C:\Users\Luis\AppData\Local\Adobe
      2017-11-22 21:00 - 2017-03-30 20:16 - 000000971 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 12.lnk
      2017-11-22 21:00 - 2017-03-30 20:16 - 000000959 _____ C:\Users\Public\Desktop\TeamViewer 12.lnk
      2017-11-22 21:00 - 2016-07-16 10:22 - 000000000 ____D C:\Program Files (x86)\TeamViewer
      2017-11-21 15:36 - 2017-10-11 22:37 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
      2017-11-21 15:36 - 2016-07-23 11:28 - 000000000 ____D C:\Users\MSSQLSERVER
      2017-11-21 15:36 - 2016-07-23 11:28 - 000000000 ____D C:\Users\MsDtsServer120
      2017-11-21 15:36 - 2016-07-05 00:15 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
      2017-11-21 12:25 - 2016-07-14 23:22 - 000000000 ____D C:\Users\Luis\AppData\Local\Deployment
      2017-11-20 21:09 - 2016-07-17 02:06 - 000000600 _____ C:\Users\Luis\AppData\Local\PUTTY.RND
      2017-11-20 21:09 - 2016-07-04 01:57 - 000000000 ____D C:\Users\Luis
      2017-11-20 01:44 - 2016-07-18 00:36 - 000006261 _____ C:\Users\Luis\.bash_history
      2017-11-19 13:51 - 2016-07-14 23:25 - 000000000 ____D C:\Users\Luis\AppData\Roaming\GitHub
      2017-11-19 13:51 - 2016-07-14 23:25 - 000000000 ____D C:\Users\Luis\AppData\Local\GitHub
      2017-11-19 12:07 - 2016-07-05 00:15 - 000000000 ____D C:\Users\Luis\AppData\Roaming\Mozilla
      2017-11-18 21:09 - 2016-07-09 23:10 - 000000000 ____D C:\ProgramData\KMSAutoS
      2017-11-18 00:17 - 2017-02-08 23:29 - 000803328 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
      2017-11-18 00:17 - 2017-02-08 23:29 - 000144896 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
      2017-11-18 00:17 - 2017-02-08 23:29 - 000004320 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
      2017-11-18 00:17 - 2017-02-08 23:29 - 000000000 ____D C:\Windows\system32\Macromed
      2017-11-18 00:17 - 2017-02-08 23:28 - 000000000 ____D C:\Windows\SysWOW64\Macromed
      2017-11-17 23:37 - 2016-07-04 02:04 - 000002193 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
      2017-11-17 23:37 - 2016-07-04 02:04 - 000002181 _____ C:\Users\Public\Desktop\Google Chrome.lnk
      2017-11-15 02:40 - 2016-07-04 02:04 - 000003468 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
      2017-11-15 02:40 - 2016-07-04 02:04 - 000003340 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
      2017-11-15 02:37 - 2017-02-19 13:44 - 000000000 ____D C:\Windows\Minidump
      2017-11-13 23:34 - 2009-07-14 00:08 - 000032630 _____ C:\Windows\Tasks\SCHEDLGU.TXT
      2017-11-12 20:32 - 2009-07-13 22:20 - 000000000 ____D C:\Windows\rescache
      2017-11-12 16:57 - 2009-07-13 22:20 - 000000000 ____D C:\Windows\inf
      2017-11-12 16:11 - 2016-07-06 21:43 - 000000000 ____D C:\Program Files (x86)\Driver Magician
      2017-11-12 15:19 - 2016-07-10 03:16 - 000000000 ____D C:\Users\Luis\AppData\Roaming\VMware
      2017-11-12 15:19 - 2016-07-10 03:16 - 000000000 ____D C:\Users\Luis\AppData\Local\VMware
      2017-11-12 14:07 - 2017-09-05 01:30 - 000000000 ____D C:\Users\Luis\AppData\Roaming\inkscape
      2017-11-12 14:07 - 2017-04-16 22:51 - 000000000 ____D C:\ProgramData\Aimersoft Video Converter Ultimate
      2017-11-12 14:07 - 2016-07-16 10:22 - 000000000 ____D C:\Users\Luis\AppData\Roaming\TeamViewer
      2017-11-12 14:07 - 2016-07-06 22:19 - 000000000 ____D C:\Users\Luis\AppData\Roaming\IDM
      2017-11-12 14:06 - 2016-07-03 19:52 - 000000000 ____D C:\Windows\Panther
      2017-11-12 00:02 - 2009-07-13 23:45 - 000518584 _____ C:\Windows\system32\FNTCACHE.DAT
      2017-11-12 00:01 - 2009-07-14 00:32 - 000000000 ____D C:\Program Files\DVD Maker
      2017-11-12 00:01 - 2009-07-13 22:20 - 000000000 ____D C:\Windows\SysWOW64\migwiz
      2017-11-12 00:01 - 2009-07-13 22:20 - 000000000 ____D C:\Windows\system32\migwiz
      2017-11-12 00:01 - 2009-07-13 22:20 - 000000000 ____D C:\Windows\PolicyDefinitions
      2017-11-11 23:59 - 2017-01-30 00:10 - 000000600 _____ C:\Users\Luis\AppData\Roaming\winscp.rnd
      2017-11-11 21:29 - 2009-07-13 22:20 - 000000000 ____D C:\Windows\Registration
      2017-11-11 19:42 - 2016-07-17 01:33 - 000000000 ____D C:\Users\Luis\Documents\Archivos de Outlook
      2017-11-11 19:39 - 2016-07-04 02:32 - 000000000 ____D C:\Windows\system32\MRT
      2017-11-11 19:34 - 2016-07-04 02:32 - 126925120 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
      2017-11-11 19:30 - 2016-07-16 10:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
      2017-11-11 19:29 - 2016-07-16 10:36 - 000000000 ____D C:\Program Files\Microsoft Silverlight
      2017-11-11 19:29 - 2016-07-16 10:36 - 000000000 ____D C:\Program Files (x86)\Microsoft Silverlight
      2017-11-11 19:24 - 2017-06-03 12:45 - 000000000 ____D C:\Program Files\SQLyog Trial
      2017-11-11 19:20 - 2016-07-16 10:41 - 000000000 ____D C:\Users\Luis\AppData\Roaming\Skype
      2017-11-11 19:14 - 2016-07-16 03:14 - 000000000 ___SD C:\Windows\system32\CompatTel
      2017-11-11 19:14 - 2016-07-16 03:14 - 000000000 ____D C:\Windows\system32\appraiser
      2017-11-11 18:52 - 2009-07-13 22:20 - 000000000 ____D C:\Program Files\Common Files\Microsoft Shared
      2017-11-03 15:00 - 2017-09-23 21:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Backup and Sync from Google
      2017-11-01 20:25 - 2016-07-10 00:04 - 000000000 ____D C:\Users\Luis\AppData\Roaming\FileZilla
      2017-10-31 02:15 - 2016-07-16 10:19 - 000000424 _____ C:\Users\Luis\AppData\Roaming\burnaware.ini
      2017-10-29 19:20 - 2016-12-11 11:04 - 000000000 ____D C:\Program Files (x86)\Voobly
      2017-10-29 18:26 - 2009-07-13 22:20 - 000000000 ____D C:\Windows\system32\NDF

      ==================== Files in the root of some directories =======

      2017-01-15 14:03 - 2017-01-15 14:06 - 051130088 _____ (EnterpriseDB) C:\Users\Luis\edb_languagepack_94.exe
      2017-01-15 14:06 - 2017-01-15 14:06 - 007148576 _____ (EnterpriseDB) C:\Users\Luis\edb_npgsql.exe
      2017-01-15 14:06 - 2017-01-15 14:07 - 014679376 _____ (EnterpriseDB) C:\Users\Luis\edb_pgagent.exe
      2017-01-15 14:07 - 2017-01-15 14:08 - 016554976 _____ (EnterpriseDB) C:\Users\Luis\edb_pgbouncer.exe
      2017-01-15 14:08 - 2017-01-15 14:08 - 008683184 _____ (EnterpriseDB) C:\Users\Luis\edb_pgjdbc.exe
      2017-01-15 14:08 - 2017-01-15 14:09 - 015756328 _____ (EnterpriseDB) C:\Users\Luis\edb_psqlodbc.exe
      2017-01-14 23:53 - 2017-09-05 23:21 - 000000033 _____ () C:\Users\Luis\AppData\Roaming\AdobeWLCMCache.dat
      2016-07-16 10:19 - 2017-10-31 02:15 - 000000424 _____ () C:\Users\Luis\AppData\Roaming\burnaware.ini
      2017-01-30 00:10 - 2017-11-11 23:59 - 000000600 _____ () C:\Users\Luis\AppData\Roaming\winscp.rnd
      2016-07-17 02:06 - 2017-11-20 21:09 - 000000600 _____ () C:\Users\Luis\AppData\Local\PUTTY.RND
      2017-03-26 18:47 - 2017-03-26 18:47 - 000064118 _____ () C:\Users\Luis\AppData\Local\rational_state.log
      2017-09-05 01:32 - 2017-09-05 01:32 - 000000760 _____ () C:\Users\Luis\AppData\Local\recently-used.xbel

      Some files in TEMP:
      ====================
      2017-11-12 21:20 - 2017-11-12 21:20 - 000737280 ____N () C:\Users\Luis\AppData\Local\Temp\sqlite-3.8.11.2-ad799822-14bd-4812-b65a-742acc470ffe-sqlitejdbc.dll

      ==================== Bamital & volsnap ======================

      (There is no automatic fix for files that do not pass verification.)

      C:\Windows\system32\winlogon.exe => File is digitally signed
      C:\Windows\system32\wininit.exe => File is digitally signed
      C:\Windows\SysWOW64\wininit.exe => File is digitally signed
      C:\Windows\explorer.exe => File is digitally signed
      C:\Windows\SysWOW64\explorer.exe => File is digitally signed
      C:\Windows\system32\svchost.exe => File is digitally signed
      C:\Windows\SysWOW64\svchost.exe => File is digitally signed
      C:\Windows\system32\services.exe => File is digitally signed
      C:\Windows\system32\User32.dll => File is digitally signed
      C:\Windows\SysWOW64\User32.dll => File is digitally signed
      C:\Windows\system32\userinit.exe => File is digitally signed
      C:\Windows\SysWOW64\userinit.exe => File is digitally signed
      C:\Windows\system32\rpcss.dll => File is digitally signed
      C:\Windows\system32\dnsapi.dll => File is digitally signed
      C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
      C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

      LastRegBack: 2017-11-09 00:11

      ==================== End of FRST.txt ============================
      [/QUOTE]


      También me salió un reporte de Addition.txt. No se si sea necesario pegarlo tambien. Lo guardaré en mi PC por si acaso.

    6. #6
      Moderador
      Avatar de @Maxfernandez
      Registrado
      dic 2007
      Ubicación
      Venezuela
      Mensajes
      16.191

      Re: Virus que bloquea teclado en el boot, y desactiva msconfig y todos las herramient

      Hola.

      No hace falta el otro log.

      Realiza lo siguiente:
      1. Copia el contenido del siguiente recuadro en el portapapeles (Clic derecho > Copiar)
        Código:
        HKLM\...\Run: [] => [X]
        HKLM-x32\...\Run: [EfficientPasswordManager] => [X]
        HKLM-x32\...\Run: [] => [X]
        HKU\S-1-5-21-156791221-2462684622-3037075302-1000\...\MountPoints2: E - E:\HiSuiteDownLoader.exe
        HKU\S-1-5-21-156791221-2462684622-3037075302-1000\...\MountPoints2: {2dd32f76-bebd-11e7-8f78-74d43552e08a} - E:\HiSuiteDownLoader.exe
        HKU\S-1-5-21-156791221-2462684622-3037075302-1000\...\MountPoints2: {f57fce4a-41b3-11e6-84ba-806e6f6e6963} - D:\Run.exe
        GroupPolicy: Restriction <==== ATTENTION
        BHO: No Name -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> No File
        CHR StartupUrls: Default -> "hxxp://search.gboxapp.com/","hxxp://start.iminent.com/?appId=79D3E187-464A-40C0-BAE0-6518C519DD06","hxxp://websearch.fastsearchings.info/?pid=725&r=2014/07/11&hid=10679995626832974870&lg=EN&cc=PE&unqvl=56","hxxp://start.iminent.com/?appId=2D821C97-8711-4AF7-BAF1-6110FE8D4E51","hxxp://www.oursurfing.com/?type=hp&ts=1446911264&z=3af538f802a1b8b9fc63087g0z4zcq8t5gbg0o2qez&from=amt&uid=samsungxhd753lj_s13uj90sb00471"
        CHR Session Restore: Default -> is enabled.
        CHR HKU\S-1-5-21-156791221-2462684622-3037075302-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
        2017-11-12 21:20 - 2017-11-12 21:20 - 000737280 ____N () C:\Users\Luis\AppData\Local\Temp\sqlite-3.8.11.2-ad799822-14bd-4812-b65a-742acc470ffe-sqlitejdbc.dll
      2. Abre el block de notas (Inicio >Todos los programas>Accesorios>Block de Notas)
      3. Pega el contenido del recuadro en el notepad y guárdalo en el escritorio con el nombre de: fixlist.txt
      4. Ejecuta FRST.exe (o FRST64.exe) y presiona el botón Fix
      5. Al finalizar la exploración será creado un reporte llamado Fixlog.txt
      6. Pega el contenido de ese log en un nuevo mensaje.


      .- Descarga UsbFix a tu escritorio y lo ejecutas de este modo:
      1. Conecte todos sus dispositivos extraibles, Pendrive\Micro SD, etc.
      2. Haga doble Click sobre USBFix
      3. Pulse sobre la opción Supresión
      4. Aparecerá una advertencia para que conecte sus USB, pulse en Aceptar y proceso de desinfección/vacunación se iniciará.
      5. Durante el análisis el escritorio puede desaparecer, esto es normal, si USBFix le pide reiniciar el sistema acepte y reinicie su equipo.
      6. Al finalizar, USBFix genera un reporte, el cual se encuentra generalmente en C:\USBFix.txt debe pegar su contenido en el próximo mensaje.

      Nota UsbFix creará una carpeta oculta llamada "autorun.inf" en cada partición y cada unidad USB que se encuentre conectado al momento de ejecutar este. No elimine esta carpeta ... eso le ayudará a proteger sus dispositivos USB de futuras infecciones.
      Recuerda dejarnos el reporte y comentar como evoluciona el problema para poder seguir con el tema...

      Un saludo.
      [email protected]


      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    7. #7
      Usuario Avatar de luis1717
      Registrado
      nov 2017
      Ubicación
      Perú
      Mensajes
      8

      Re: Virus que bloquea teclado en el boot, y desactiva msconfig y todos las herramient

      Ahora, haré lo que me indica.

      Una consulta, cual es la finalidad del paso Numero 3:

      "Pega el contenido del recuadro en el notepad y guárdalo en el escritorio con el nombre de: fixlist.txt".

      Pregunto debido a que en los pasos posteriores no lo estamos usando.

    8. #8
      Moderador
      Avatar de @Maxfernandez
      Registrado
      dic 2007
      Ubicación
      Venezuela
      Mensajes
      16.191

      Re: Virus que bloquea teclado en el boot, y desactiva msconfig y todos las herramient

      Cuando presiones el botón fix la herramienta "FRST" va a ejecutar las instrucciones que están dentro del archivo fixlist.txt

      Recuerda que FRST.exe y fixlist.txt deben estar en la misma ubicación, así que debes cortar frst.exe de la carpeta de descargas y pegarlo en el escritorio de windows.

      Un saludo.
      [email protected]


      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    9. #9
      Usuario Avatar de luis1717
      Registrado
      nov 2017
      Ubicación
      Perú
      Mensajes
      8

      Re: Virus que bloquea teclado en el boot, y desactiva msconfig y todos las herramient

      Aquí está el log de FRST:

      Fix result of Farbar Recovery Scan Tool (x64) Version: 23-11-2017
      Ran by Luis (23-11-2017 22:43:11) Run:1
      Running from C:\Users\Luis\Downloads
      Loaded Profiles: Luis & MSSQLFDLauncher & MsDtsServer120 & MSSQLSERVER (Available Profiles: Luis & postgres & MSSQLServerOLAPService & ReportServer & MSSQLFDLauncher & MsDtsServer120 & MSSQLSERVER & DefaultAppPool)
      Boot Mode: Normal
      ==============================================

      fixlist content:
      *****************
      HKLM\...\Run: [] => [X]
      HKLM-x32\...\Run: [EfficientPasswordManager] => [X]
      HKLM-x32\...\Run: [] => [X]
      HKU\S-1-5-21-156791221-2462684622-3037075302-1000\...\MountPoints2: E - E:\HiSuiteDownLoader.exe
      HKU\S-1-5-21-156791221-2462684622-3037075302-1000\...\MountPoints2: {2dd32f76-bebd-11e7-8f78-74d43552e08a} - E:\HiSuiteDownLoader.exe
      HKU\S-1-5-21-156791221-2462684622-3037075302-1000\...\MountPoints2: {f57fce4a-41b3-11e6-84ba-806e6f6e6963} - D:\Run.exe
      GroupPolicy: Restriction <==== ATTENTION
      BHO: No Name -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> No File
      CHR StartupUrls: Default -> "hxxp://search.gboxapp.com/","hxxp://start.iminent.com/?appId=79D3E187-464A-40C0-BAE0-6518C519DD06","hxxp://websearch.fastsearchings.info/?pid=725&r=2014/07/11&hid=10679995626832974870&lg=EN&cc=PE&unqvl=56","hxxp://start.iminent.com/?appId=2D821C97-8711-4AF7-BAF1-6110FE8D4E51","hxxp://www.oursurfing.com/?type=hp&ts=1446911264&z=3af538f802a1b8b9fc63087g0z4zcq8t5gbg0o2qez&from=amt&uid=samsungxhd753lj_s13uj90sb00471"
      CHR Session Restore: Default -> is enabled.
      CHR HKU\S-1-5-21-156791221-2462684622-3037075302-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
      2017-11-12 21:20 - 2017-11-12 21:20 - 000737280 ____N () C:\Users\Luis\AppData\Local\Temp\sqlite-3.8.11.2-ad799822-14bd-4812-b65a-742acc470ffe-sqlitejdbc.dll
      *****************

      HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\ => value removed successfully
      HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\EfficientPasswordManager => value removed successfully
      HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value removed successfully
      HKU\S-1-5-21-156791221-2462684622-3037075302-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\E => key removed successfully
      HKU\S-1-5-21-156791221-2462684622-3037075302-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2dd32f76-bebd-11e7-8f78-74d43552e08a} => key removed successfully
      HKLM\Software\Classes\CLSID\{2dd32f76-bebd-11e7-8f78-74d43552e08a} => key not found.
      HKU\S-1-5-21-156791221-2462684622-3037075302-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f57fce4a-41b3-11e6-84ba-806e6f6e6963} => key removed successfully
      HKLM\Software\Classes\CLSID\{f57fce4a-41b3-11e6-84ba-806e6f6e6963} => key not found.
      C:\Windows\system32\GroupPolicy\Machine => moved successfully
      C:\Windows\system32\GroupPolicy\GPT.ini => moved successfully
      C:\Windows\SysWOW64\GroupPolicy\GPT.ini => moved successfully
      HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} => key removed successfully
      HKLM\Software\Classes\CLSID\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} => key not found.
      Chrome StartupUrls => removed successfully
      Chrome Session Restore: => not found.
      HKU\S-1-5-21-156791221-2462684622-3037075302-1000\SOFTWARE\Google\Chrome\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh => key removed successfully
      C:\Users\Luis\AppData\Local\Temp\sqlite-3.8.11.2-ad799822-14bd-4812-b65a-742acc470ffe-sqlitejdbc.dll => moved successfully


      The system needed a reboot.

      ==== End of Fixlog 22:43:22 ====

    10. #10
      Usuario Avatar de luis1717
      Registrado
      nov 2017
      Ubicación
      Perú
      Mensajes
      8

      Re: Virus que bloquea teclado en el boot, y desactiva msconfig y todos las herramient

      El reporte de USBFIX pesa 8mb, y no me deja subirlo aquí. :/

    Página 1 de 2 12 ÚltimoÚltimo